I think eating lettuce that came from my garden last night really drove it home. Summer is really truly here.

More evidence is that the lupine in field in front of my house is about at it's peak. It's pretty hard to share the real view but here is a composite picture and a few others...

click on the composite to see a larger size...

Recently, the VTdotNET website has been getting hit by some robot entering hyperlinks into the password text box of the login form.

ASP.NET catches this on the server side and pushes out this error:

System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (ctl00$ContentPlaceHolder1$LoginView1$Login1$Password="<A href=http://...").

Since I have errors emailed to me, I'm getting a LOT of these emails every day which was annoying.

So, I wanted to trap this on the client side using a validator.

While they may appear to be, login controls are not totally locked up. One of the smart tag options is to "Convert to Template". Once you do this, you can edit the control all you want.

So I added a RegularExpressionValidator control and entered the following regex for the ValidationExpression:

^((?!href|http).)+$

which won't allow strings that href or http. Then tied it to the password control and to the ValidationGroup for the whole login control. That way I get the validation during data entry AND when the user hits the login button.

I did the same for the User Name control.

This solved part of the problem. If you went to the actual login page, it was no longer possible to enter hyperlinks and postback. But the spam kept coming. I changed the name of the controls and put some more details in the error handler and saw that the name of the control reported in the error didn't change and that it wasn't even coming from the login page. But it was the ONLY login control in the entire website.

Then I got a little education from some who are less naive than I about the evil ways of spammers. Ryan Trudelle-Shwarz, Adam Sills and Dave Wanta filled out the picture for me. It's a nasty type of comment spam where a robot collects the postback info from your site and no longer needs to return there to do the actual entry and postback. There is still some mystery here for me since there never was a login control on the home page, but as Ryan suggested, the simplest thing to do is just filter out those errors so that I don't have to get them in my email box and forget about them.

ASP.NET Forum user keanxsoul has done some detective work along these lines and offers an interesting explanation about how the spammers are actually doing this.

After an afternoon of tangling with a locked up computer, when it was running again, a Windows Defender oddity led me to the WMI repository. Not sure if the two problems were related, but I sure learned more than I thought I needed to know about system management... read more...

[A New DevLife Post]

No, this isn't "I used a Mac and survived", but a great story about my neighbor'sMac powerbook that went through hell and survived.  I should qualify "neighbor". He lives nearby, though I don't think we've ever met. But he is a blacksmith who's beautiful work you can see here on his site) 

He left it on top of his truck when he left his house last week and didn't realize it until he arrived at his destination about 50 miles away. It had fallen off the car while he was driving down the road and yes, got run over. He posted a message on the local FrontPorchForum in case anyone saw it. I even called my husband to ask him to keep an eye on it on the way home.

Amazingly, some very nice person found it and brought it to Small Dog Electronics in Burlington who was able to track Jim down. More amazingly, it still works!

Jim blogged about this on Small Dog's website. You can read a Jim's story here and check out the bent up but still functioning powerbook.

It took me a while but I finally am having fun using Expression Blend after some initial trepidation. But suffering through a bunch of XAML hand coding actually helped! Read more here...

[A New DevLife Post]

.NET  Job Description: 

CONTACT:

Paul Mewis BSc (Hons)
Senior Recruiter, S.Com
Suite 2525, One Post Street
San Francisco
CA 94104
Tel: 415 627 1892
Fax: 415 989 0450
globalpeoplesolutions
Email: Paul.Mewis@scomusa.com
www: www.scom.com

Okay, I lied. I thought I was staying home all summer, but it turns out that the Greater Lansing User Group had a request in to INETA and it just so happens that their July meeting date falls the same week as the famous Ann Arbor Art Fair that I have always wanted to go to. So, I will be doing an INETA event on Thursday, July 19th in Lansing and as long as I'm going there, I will speak on the previous night at the GANG (Detroit) User Group.

Thanks especially to Bill Wagner and Darrell Hawley for their help in coordinating. Darrell runs the user group in Ann Arbor but their meeting date is weeks before.

I'll be doing a session on the ADO.NET Entity Framework at both groups.

(note - If you do not see the drawing surface it's because this doesn't seem to work when the blog post is viewed individually. View my entire Silverlight category and it will be rendered properly. I guess I need to keep working on this one...)

This is the Silverlight setup that I used for my tests on this particular page.

I put the javascript and xaml files in the relative folders in my dasblog application:

thedatafarm.com/blog/xaml

thedatafarm.com/blog/js

Then I added the javascript references that are in the header tags of my html page into the header tags of the homeTemplate.blogtemplate file in my blog/themes/myfavetheme folder.

And it just works!

So far this is just letting you draw on the blog page. My persistence code in the later pages of the above mentioned tests use asp.net ajax and I'd have to do some major customization to my dasblog app to incorporate that right now. I pretty much use dasBlog out of the box, so I'm not ready to go down that road. I have lots of other stuff to learn, but this was a fun little exercise!

Inspired by the Scribbler app (part of the Silverlight 1.1 Gallery), written by Daniel Cook  & Pete Blois (with some inspiration from Laurence Moroney)  I decided to spiff up my own drawing application.

Why is it that a black background seems to be the way to make apps look cool?

I even finally opened up Microsoft Expression Blend to help me since I was getting sick of working in raw XAML and having to test each visual change by debugging the app. Last time I looked at this product, it frightened me and I closed it quickly. But now that I have done enough of the hand-coded XAML, it was not a huge leap to comprehend how to use Expression Blend and what I could do with it.

One thing that I discovered is that the Background property of the InkPresenter element, while necessary, is not recognized by the designer. So to do the design in Expression, I had to remove that property, then replace it when I wanted to test out the app.

Since my app is still using the v1.0 of Silverlight (and javascript, not .NET), I can't pull off the slick color picker that is in the Scribbler app. But when it's time to move to v1.1, I'll know where to find the code!

Although I'm pretty jaded about any achievement of Amanda Murphy (hey, I just expect great things of her!) I was happy to see her on the list of paneliests for this year's Women in Technology Lunchon at TechEd. It's a big honor.

Here's more on the luncheon (pasted from the TechEd site):

Women in Technology Luncheon

Every year, the Women in Technology luncheon provides a fantastic opportunity to network with other professional women in the computer industry. This year's luncheon takes place Wednesday, June 6, from noon – 1:30 P.M. and will feature Eileen Brown who will explore the challenges of being a woman and a technical professional in today's ever-changing world.

Eileen Brown, manager for the IT Pro Evangelist team in the Developer & Platform Group, will join us from Microsoft UK to share insights from a study done by Microsoft about women in technology. She will then introduce the panel of 4-5 phenomenal women, and moderate a discussion about attracting women into the technology field and retaining those who are already a part of the field.

Panelists include:

• Amanda Murphy, Senior Technology Specialist and Director of Operations for Infotech Canada and president-elect of INETA
• Lisa Coleman, Marketing Manger for Microsoft partner Intermedia.NET
• Mary Jo Foley, Currently the "unblinking eye on Microsoft" behind the "All About Microsoft" blog, and frequent radio, TV and newspaper commentator on Microsoft products, people and strategies.
• Ani Babaian, Senior Product Manager with Microsoft and author of a book to be released in October on women in technology.
• Mythreyee Ganapathy, Senior Program Manager, Microsoft Education Strategies, and the mother of "a challenging 2.5 year old, who almost behaves like a Microsoft employee already."

The battery on my 3 month old Lenovo X60 is dead and I am getting the dreaded notice in the power manager "Irreparable damage to the battery has been detected. Replace the battery with the new one."

In addition to the message in the Power manager, I have the following symptoms:

• Battery Indicator light is blinking orange
• Power status says "Plugged in, not charging"
• Computer shuts down immediately when unplugged (since the battery is dead).

This is not atypical of old batteries that need replacement, but this battery is fairly new and has not been abused in any way.

I attempted a recommended BIOS update but this requires a fully charged battery.

I checked the March 27th battery recall, but my battery was not on the list.

Luckily, I found a comment thread in the LenovoBlogs under a post that is a few months old called "Power Manager." There is a new string of comments that began a few days ago with other people having this problem. An IBM technician from Vancouver has joined the thread, identifed the problem and is currently seeking a solution.

So if you have found my blog post via searching for a solution to this problem... keep an eye on the comments on the tail end of this post's comments: http://www.lenovoblogs.com/insidethebox/?p=52.

I like having found the www.LenovoBlogs.com site. It's a mini "blogs.msdn.com" and a good stab at corporate transparency and accessibility. The product manager's direct phone number is even published there!

There are a few silverlight demos that use the InkPresenter, though two of them don't refer to Ink at all...:

The page turning demo has it. You can annotate the pages and that gets remembered during your session. As you flip the pages back and forth, the annotations are incorporated into the effects.

The scribbler demo has it. This is straight drawing. What I love here is the cool pallette.

The Ink Tattoo Studio demo has it. This a fun demo.  On a tabletpc, the pressure of the stylus can be registered by the digitizer.I saw a version of this app that said "Ouch!" if the pressure got too high. Otherwise, the tattoo tool buzzes.

Dan Wahlin and Matt Gibbs have a book just coming out about ASP.NET AJAX (Prof. Asp.NET 2.0 AJAX) from WROX. So Dan has now spent a LOT of time with AJAX and is very knowledgable. Then Silverlight comes out and boom - he's got a Silverlight ASP.NET AJAX app that is VERY cool. I'm supposed to be writing an article on Entity Framework right now, but boy do I want to continue playing with Silverlight.

Since I won't be at TechEd, I want to make sure Eric Sink is well-entertained! Of course, he's a pretty entertaining guy, so do yourself a favor and go visit him, get a cool t-shirt, get a chance to win a Wii and see some awesome developer tools like my favorite source control program.

[The fine print: I was not asked, paid, cajoled, bribed or otherwise to make this post, but I admit that I was definitely flattered!]

It's always entertaining to laugh at the unrealistic things people do with computers in television shows - most often shows like CSI. I remember seeing one of the early demo apps for WPF that Carter Maslan created in early 2004 and thinking that it looked like the fantasy computing scenarios from t.v. coming to life.

Now another of the Microsoft Research projects that looks like life emulating art is coming unveiled... Microsoft Surface. Considering that I recently publically declared my love of using a touch screen computer, this looks like the best of that combined with the best of WPF and then blown up to a huge surface. It's very cool and promising and apparently coming at the end of this year. There will be a unit in a NYC Sheraton starting next week and then another will be at a tech show in San Diego later this summer. Check the FIND IT page for more details. I highly recommend watching some of the demonstration videos on the site and exploring the history as well. COOOOOOOOOL....

After my first series of exploring the InkPresenter in Silverlight, I have done some playing with having video interact with ink in Silverlight. You can read more about that here...

[A New DevLife Post]

The ADO.NET team is conducting a focus group about Linq to Entities during TEchEd. Unfortunately, they posted this today and the deadline to sign up is today.

Here's the info to sign up.

I won't be at TEchEd this year and neither will Roger Jennings, but Roger has already created a great list of points he would bring up if he was there. I basically second all of his suggestions. Many of them point to clarity on Microsoft's messaging around Entity Framework (though I personally feel comfortable with this at this point) and then technical details such as being able to deal with perfectly normal relationships between data...you can read what I mean by this if you check out this forum thread.

A recent column in the New Yorker magazine has some interesting insights into feature creep and users who want more features but are then overwhelmed by them. Read more ...

[A New DevLife Post]

I found a simple way to highlight information on a master/details form. More here...

[A New DevLife Post]

While I have been revelling in the thought of not travelling all summer, today I learned two things that translate to my not having any travel plans until November.

I had hoped to speak at the SDN conference in the Netherlands in September but none of my session topics were selected. After that I had planned to attend PDC in October, but that's not looking so good anymore.

Well, I'm definitely going to be in Las Vegas for DevConnections in the fall. We have a whole track just for Data Access talks in November, starting with 4 talks on Microsoft Day and then 9 more on the next two days. I am following up with a postcon 1/2 day also (more Entity Framework).

Then DevTeach is having a conference in Vancouver at the end of November. Of course, I can't assume I'll get to go there as a speaker, but I am crossing my fingers!

As for INETA user group engagements, I am currently waiting for the folks who do the scheduling to get caught up on their backlog of requests, but at the moment I have absolutely no INETA talks scheduled, which is weird after having done 15 in the current fiscal year. That is probably why I have nothing scheduled! Most speakers do 2 or 3 talks in a year. I just got a little carried away, but boy was it fun!

So my hope is that I am going to have a life this summer; ride my bike etc. Maybe when I reappear in the fall I'll have shed a few of those nasty .NET pounds I have put on since 2002. Or maybe not, but a girl can dream