Pizentios

I would test for you, once i read the code, however since your app is windows based, i will not be able to run it.

__________________
Profanity is the one language that all programmers understand.

Check out my Blog <---updated Nov 30 2007!

john Wesley

I have sent quite a bit of the code to IR via email, so firstly thanks for your time IR.

Hopefully his word's can assure you all, if he is assured himself. though I heard it mentioned that maybe more than one person will need to vouch for this so, Pizentios maybe I could send you what I sent IR.

NOTE : I must explain that anyone willing to test from now on may have to wait until tomorow, as while testing it myself on another computer to the one that created it I have an error for certain files not being found. This is due to the graphical styles I am using in this program and unfortunatley the files didnt copy themselves to my proj dir. I can only fix this tonight.

In this time it is possible that some people may change there minds and decide to test.

__________________
Mona Lisa must of had the highway blues you can tell by the way she smiles..

Infinite Recursion

I took a look at the code that was sent to me. I did not see anything that could pose a threat.

I am currently at work, but managed to glance over the code. A few recommendations:

- Avoid having hardcoded paths to your files. What happens when you have to change a filename? You have to change it in several places as opposed to just one.

- The encryption/decryption needs overhauled. What you have currently, would be pretty easy to break. I suggest a TripleDES or AES implementation, if the product / client warrants it.

- Don't assume that the user has their windows installation at c:\windows. This could be completely different. As a matter of fact, some view it as bad practice to install things at their default locations. Some admins change the directory to have a another method of blocking a potential attack.

- It seems to me you could reduce the time and effort when checking file existence by implementing a for loop. A lot of this portion of the code seems overly repetitive.

- Are there any constraints on who executes this program and who views the encrypted password files, etc? What happens when the password list is wiped out, on accident?

__________________
http://jasonpowers.net

"There are a thousand hacking at the branches of evil to one who is striking at the root."

john Wesley

IR :

- Hardcoded filepath's were an issue I did overlook at first, its really quite irresponsable and useless of me that I left them in there. I will fix this before it goes anywhere.

- the encryption/decrytion within the code now is there temporarily and as you say, will be replaced with a more sophisticated method.

- About assuming c:\windows as install dir: As above with filenames, this will be changed.

- Reducing the time of coding using a for loop would of been great but at the time I didnt think of/know how to code this within one, I did think it over briefly but to no avail.

- The constraints of executing the program will be that a password should be entered correctly to do so. The encrypted password files should never be viewed, they shall be hidden and also when found be password protected.
If the password data is wiped out then on next startup it will warn you of the missing/corrupt file/s then further telling you it is writing default data and for you to refer to the manual that you were instructed to keep on a seperate source.
This feature is still being added for when the application Is Running.

__________________
Mona Lisa must of had the highway blues you can tell by the way she smiles..

Booooze

I'd be happy to test it, since I know how long you have been working on it . If you could send me the code, with or without the exe, ill take a look at it. I agree with IR when it comes to running exe's. Plus, looking at the code is where we can find bugs and offer improvements. Feel free to email it to me. my address is my username here at PFO, followed by @Gmail.com :p Don't need any more spiders sending me sh*t.

DaWei

You might consider this: if you plan to write software professionally, the first step is to acquire a requirements document. Either get this from your client, or write it. Negotiate the contents, if necessary, as many clients don't really know what they need and what the relative costs of unnecessary bells and whistles are. THEN you design a test plan AND the software. After that, you finally sit down and write the code. If you do it bassackards you will produce shitty code and go broke, both. I'm guessing, from your post, that you did it backasserds in this case.

__________________
Abstraction doesn't make it impossible to write bad code; it makes it possible to write superior code.
Contributor's Corner: Grumpy on C++ Exceptions DaWei on Pointers

hervens48

Ill be happy to test your software. My email address is uprise01@hotmail.com

DaWei

I might suggest, further, that people testing your code, without guidelines to what is acceptable and what is not, will produce results that are less than maximally effective. One must distinguish between the desirability of 'feel good' results and truly effective tests. I realize that all this sounds very pedantic, not to say negative, but I operate under the presumption that a fair percentage of the members here are aiming at a professional career, as opposed to a weekend-and-evenings hobby.

__________________
Abstraction doesn't make it impossible to write bad code; it makes it possible to write superior code.
Contributor's Corner: Grumpy on C++ Exceptions DaWei on Pointers

Booooze

Nice post Dawei. I've come to see lately that when I write requirement docs, everything in my whole project runs smoother.

@ John, you should probably do that, or at least come up with something that we can follow as a guideline or something.

john Wesley

Planning, planning, planning. That's all college go on about too and it's a headache, But it's fact that like you make out DaWei it is needed. Not just by us as programmers but the client also. I have however slipped into the regime of neglegting this practice and it can really beat you up. I need to fix up my mind, I need a holiday.

__________________
Mona Lisa must of had the highway blues you can tell by the way she smiles..