AJAX(112) Apple(1) Application Builder(244) Application Factory(207) ASP.NET(95) ASP.NET 3.5(45) ASP.NET Code Generator(72) ASP.NET Membership(28) Azure(18) Barcode(2) Barcodes(3) BLOB(18) Business Rules(1) Business Rules/Logic(140) BYOD(13) Caching(2) Calendar(5) Charts(29) Cloud(14) Cloud On Time(2) Cloud On Time for Windows 7(2) Code Generator(54) Collaboration(11) command line(1) Conflict Detection(1) Content Management System(11) COT Tools for Excel(26) CRUD(1) Custom Actions(1) Data Aquarium Framework(122) Data Sheet(9) Data Sources(22) Database Lookups(50) Deployment(22) Designer(177) Device(1) DotNetNuke(12) EASE(20) Email(6) Features(99) Firebird(1) Form Builder(14) Globalization and Localization(6) How To(1) Hypermedia(2) Inline Editing(1) Installation(4) JavaScript(20) Kiosk(1) Low Code(3) Mac(1) Many-To-Many(4) Maps(6) Master/Detail(36) Microservices(4) Mobile(63) Mode Builder(3) Model Builder(3) MySQL(10) Native Apps(5) News(17) OAuth(7) OAuth Scopes(1) OAuth2(10) Offline(19) Offline Apps(4) Offline Sync(5) Oracle(10) PKCE(2) PostgreSQL(2) PWA(2) QR codes(2) Rapid Application Development(5) Reading Pane(2) Release Notes(168) Reports(48) REST(28) RESTful(26) RESTful Workshop(15) RFID tags(1) SaaS(7) Security(77) SharePoint(12) SPA(6) SQL Anywhere(3) SQL Server(26) Stored Procedure(4) Teamwork(15) Tips and Tricks(84) Tools for Excel(2) Touch UI(93) Transactions(5) Tutorials(183) Universal Windows Platform(3) User Interface(335) Video Tutorial(37) Web 2.0(100) Web App Generator(101) Web Application Generator(607) Web Form Builder(40) Web.Config(9) Workflow(28)
Saturday, December 29, 2018PrintSubscribe
Access Control List and “Local” Dates

Code On Time release introduces the permission-based application configuration based on Access Control List. This feature is unique to applications created with Unlimited Edition. Next release of the app generator will introduce permission matrix  and permission builder to allow runtime configuration of live applications with ACL.

Release also enabled local time zone presentation of date values stored in UTC format.

The following features and bug fixes are also introduces in this release:

  • (App Gen) Files with ProjectName\Services\ApplicationServices.* and ProjectName\Services\EnterpriseApplicationServices.* patterns are not deleted in projects with the framework in the class library when the project is re-generated.
  • (Touch UI) My Account option is displayed in *.aspx projects.
  • (Framework) ASPX projects turn-off combined/compressed scripts when the app running in debug mode from Visual Studio.
  • (Framework) Blob file name is stored in the database at the time of BLOB value submission if the matching "FileName" field is not automatically detected on the client.
  • (Framework) Blob handler validates read-access for blob fields by confirmation that the user can “see” the table row corresponding to the specified primary key. It also ensures that the particular BLOB field is also "visible" to the user and was not removed through virtualization of the controller.
  • (Framework) Prevented XPath injection attack errors reported by BURPSUITE Professional. Please note that testing methods would not have allowed to exploit the app framework.
  • (Framework) Absolute URIs are being used in script reference to appservices, __baseUrl, and __serviceUrl,
  • (Touch UI) Pages without content display a site map relative to the page.
  • (Project Designer) Dragging of field on a category will remove the corresponding data field from other categories of the same view.
  • (Touch UI) Bootstrap is correctly linked to pages in Premium edition.
  • (Touch UI)  Fixed. Tap on “more” button in child data view will select the row when multiple selection is enabled.
  • (Touch UI) Conditional Action Bar actions correctly respond to the changes in the values of the selected row with and without multiple selection.
  • (Client Library) Added caching of compiled functions to speed-up dynamic expressions.
  • (Touch UI) Only forms cache the current command row as "edit row".
  • (Touch UI) Switching of active tab performs full page resize.
  • (Client Framework) Added support for second-generation Grid/Cards/List.
  • (Framework) Fixed incorrect NullValue label in Classic UI.
  • (Model Builder) Single quotes in the name of the table will not cause exceptions displayed when models are rendered.
  • (Model Builder) Calculated fields created in Model Builder are not marked as "hidden" in the views of a data controller.
  • (Framework) Method AlterControllerWith handles parameters of methods wrapped in single quotes.
  • (Wizard) Tabs adjust their height when the window size is changed.
  • (Wizard) Models and Entities without Models take up the entire height of the page.
  • (Framework) Fixed "Key not found" in one-to-one entity processing causes by unmapped changed fields up the hierarchy of the relationships.
  • Fixed the "font" and "image" references in combined stylesheet that were not compatible with modern firewalls.
  • (Touch UI) Woff fonts are now returned with a static mime type "application/font-woff".
  • (Framework) Fixed incorrect parsing of "end-of-text" terminator in controller customization rules.
  • (App Gen) Option autoEventWireup is now set to "true" in ~/Config/CodeOnTime.CodeDom.xml.
  • (Designer) Assigned Data Text Field to Field lookup on Data Fields to fix issue where field is shown as empty
  • Removed allow nulls=false from Flat Rendering on Action Groups to ensure that user can save the action group if the field is hidden
  • (Touch UI) Event '' is triggered just before the transition to the active page. This allows the Grid 2.0 to render itself.
  • (Framework) Method ApplicationServices.ValidateToken will not fail when decrypted invalid token and will return "false" when this happens.
  • (Framework) Optimization o f "left join" to "inner join" is performed when access control rules are engaged.
  • (Framework) A dedicated connection is created for every Batch Edit or Delete to ensure that optional transactions do not include the entire set of selected records.
  • (Framework) The processing loop of custom actions can be interrupted by calling PreventDefault(true).
  • (Framework) Fixed transactional processing of 1-to-1 entities and many-to-many fields.
  • Exception during the loading faze of Azure publishing wizard.
  • (Touch UI) If the data view field has the parent form whose parent is not configured to have the same controller the parent form is chosen as the parent data view.
Monday, November 26, 2018PrintSubscribe
Limit Access For Particular User Name

Let’s say you want to prevent a user with a certain name from being able to access your app pages.

Application framework provides a centralized method of content retrieval, which makes possible creative ways of content production at runtime. You can produce a custom output for the user with the name mark no matter what page he is trying to access.

If the user with the name mark is logged in then he will be presented with the following message on any application page.

Data Aquarium application framework allows dynamic manipulation and substituion of the content returned by the app to the end user.

Create a code file in ~/custom folder of your app.

Custom code file in the app created with Code On Time.

Enter the following definition of partial class ApplicationServices.

using System.Collections.Generic;
using System.Web;

namespace MyCompany.Services
    public partial class ApplicationServices 
        public override void LoadContent(HttpRequest request, HttpResponse response, 
            SortedDictionary<string, string> content)
            // Let the framework to load the file from the file system.
            // Typically the content will be retrieved from ~/app/pages folder.
            base.LoadContent(request, response, content);
            if (content.ContainsKey("File"))
                // The framework has located a physical file, let's check the user identity.
                var identity = HttpContext.Current.User.Identity;
                if (identity.IsAuthenticated && identity.Name == "mark")
                    // remove the original file to prevent any default parsing of its contents
                    // simulate the result of parsing by providing Title and Content of the page.
                    content["PageTitle"] = "Mark, go away";
                    content["PageContent"] =
                        "<div data-app-role=\"page\">" +
                        "<h1>Mark has no access!</h1>" +
                        "<p>Please log out or close the browser!</p>" +

An authenticated user with a name other than mark will see the application pages as defined at design time.

A data page in the app created with Code On Time app builder.

Saturday, November 24, 2018PrintSubscribe
Blank Pages in VB + ASPX Projects

It appears that something has changed in ASP.NET configuration in the latest versions of Microsoft.NET.

Visual Basic compiler used to perform automatic binding of *.aspx.vb methods to events of the lifecycle of the *.aspx page.

It does not happen anymore. The custom code of the pages is not generated and only HTML markup is served to the clients.

The code generator uses a setting in configuration file [Documents]\Code On Time\Library\_Config\CodeOnTime.CodeDom.xml to set up AutoEventWireup attribute in aspx pages.

If you do experience a blank page issue in VB+ASPX projects, then open the file and change attribute autoEventWireup for VB provider as follows:


Save the file and re-generate your project. This will restore its normal operation.

We are still investigating this issue.

Labels: Tips and Tricks