Blue-Cheese-Crusted Steaks with Red Wine Sauce

Blue cheese can really add flavor to a steak. The combination of the steak flavor with the bite of blue cheese really stands out.

Ingredients

4 tablespoons (1/2 stick)  butter

3 garlic cloves, chopped

1 large shallot, chopped

1 tablespoon chopped fresh thyme

3/4 cup beef broth

1/2 cup dry red wine

1/2 cup coarsely crumbled blue cheese (about 2 ounces)

1/4 cup  breadcrumbs

1 tablespoon chopped fresh parsley

4 filet steaks (each 6 to 8 ounces)

Instructions

Red Wine sauce.

• Melt 1 tablespoon butter in heavy medium skillet over medium-high heat. Add garlic, shallot, and thyme. Sauté until shallot is tender, about 5 minutes. Add broth and wine. Boil until sauce is reduced to 1/2 cup, about 12 minutes. Set sauce aside.

Blue Cheese and bread crumbs

• Blend cheese, bread crumbs and parsley in small bowl.

Fillet steaks

Melt 2 tablespoons butter in heavy large skillet over medium-high heat. Sprinkle steaks with salt and pepper. Add steaks to skillet and cook. About 5 minutes per side for medium-rare. 

Transfer steaks to grilling tray. Press cheese mixture onto top of steaks, dividing equally. Grill until cheese browns, about 2 minutes. Transfer steaks to plates.

Pour sauce into skillet. Bring to boil, scraping up browned bits. Boil 2 minutes. Whisk in remaining 1 tablespoon butter. Season with salt and pepper. Spoon sauce around steaks and serve

Blue Cheese sauce

Ingredients
200g blue cheese, eg, Stilton, roquefort, gorgonzola 4tbsp crème fraîche or sour cream
1tbsp Dijon mustard
1tsp Worcestershire sauce
1tbsp tomato purée
½tsp paprika
Good pinch of ground cayenne
Freshly ground pepper


METHOD

Combine 150g of blue cheese with the crème fraîche, mustard, Worcestershire sauce, tomato purée, paprika, cayenne and pepper in a saucepan and heat gently, stirring with a wooden spoon until the cheese has melted, and keep warm. 

Prevent SQL Injection in Asp.Net (C#)

How to prevent SQL Injection in Asp.Net (C#)?

An SQL Injection attack takes place when someone inserts SQL code into a field on a web page that is then passed on to the database. For example if I had a grudge against some company and their site wasn't secure, I could insert an SQL Injection attack on their unsecured website and delete all the data in their database, or possible steal all their credit card numbers.

Preventing an SQL Injection attack is as simple as using proper coding standards when accessing your backend database. Using these methods doesn't add significantly to your development time and in many cases actually reduces it, because it reduces many opportunities for errors, and allows for better error handling.

      Sample Bad Query:
      -----------------------------

      strSQL = “SELECT * FROM CUSTOMERS WHERE EMAILADDRESS = " +
      txtEmailAddress.Text +";


In the above C# code, basically we are taking input directly from the web field containing the user entered email address and passing it straight into our query without any checks. If for example I had typed in ” 1'; DELETE FROM CUSTOMERS; “, it would have selected the customers where the email address equals “1? and then deleted all records from CUSTOMERS.

This vunerability is amazingly common even on today’s modern websitesand most of them don’t even realize it.

The Solution
------------------
Solving this little problem is as simple as changing the way you make your query. Instead of contactenating your strings to build a query, simply use an SQL Command object and parameters. Not only are you gaining the added security and protecting your business, you will actually make your site more efficient because queries using parameters are compiled for future use by SqlServer and therefore have better repeat performance.


Sample Proper Code:
-------------------------------

      cmdTemp.CommandText = “SELECT * FROM CUSTOMERS WHERE EMAILADDRESS =
      @EMAILADDRESS”;
      cmdTemp.Parameters.Add(“@EMAILADDRESS”, SqlDbType.Varchar, 50).Value
      = txtEmailAddress.Text;


Yes you have one extra line of code, but that line of code actually helps you out. For example if this was an INSERT instead of a SELECT then it would automatically prevent me from sending a string that was to long for the field to the SQL Server, allowing me to catch the error on the business logic side. The same would hold true if for example I was trying to pass a string into an int field.

Take this simple step, it’s not only a better way to code, it could potentially save your company millions in lawsuits and hundreds or thousands of people the pain and suffering of having their credit card numbers stolen.

How To: Build and Host a Remote Object in a Windows Service

Remote objects (that is, .NET objects accessed remotely using .NET Remoting technology) can be hosted in Windows services, custom executables, or ASP.NET. Clients communicate with remote objects hosted in custom executables or Windows services by using the TCP channel. Clients communicate with remote objects hosted in ASP.NET by using the HTTP channel.

This example shows how to write a simple "Hello World" remote application. The client passes a String to the remote object that appends the words "Hi There" to the string and returns the result back to the client. This code can be easily modified to execute a command or open an application on the remote server. In order to modify this sample to use HTTP rather than TCP, simply replace TCP with HTTP in the source files.

This example was compiled using C# in the 2.0 .Net Framework.

Overview

The “Hello World" client class interacts directly with the remote object class. The remote object class is installed on the remote server using the Windows Service Hosting Application.

Steps to create a remote object

1.       Create a Remote Client Class.

2.       Create the Remote Object Class.

3.       Create a Microsoft Windows Service Host Application.

4.       Install and start the Windows Service.

Step1: Create a Remote Client Class

using System;

using System.Data;

using System.Configuration;

using System.Runtime.Remoting;

using System.Runtime.Remoting.Channels;

using System.Runtime.Remoting.Channels.Tcp;

namespace RemotingSamples

{

public class Client

{

public string Execute_Remote_Job()

{

//Create new client channel

foreach (IChannel channel in ChannelServices.RegisteredChannels)

{

   ChannelServices.UnregisterChannel(channel);

}

TcpChannel Chnl = new TcpChannel();

              

//Register Channel

ChannelServices.RegisterChannel(Chnl, false);

//Instansiate remote object

//Please replace localhost:8090 with the name and port number of your //remote server

HelloServer obj = (HelloServer)Activator.GetObject(typeof(RemotingSamples.HelloServer) , "tcp://localhost:8090/RemotingSamples.HelloServer");

//Call Remote object Method

String strRet = obj.RunMain_Job(“Hello World.”);

//**********Return the new string**************************

return strRet;

//*********************************************************

}

}

}

Step 2: Create a Remote Object

*Note: Derive the HelloServer class from MarshalByRefObject to make the class remotable.

using System;

using System.Collections.Generic;

using System.Text;

using System.ComponentModel;

using System.Diagnostics;

namespace RemotingSamples

{

public class HelloServer:MarshalByRefObject

{

//When you design a singleton object, override //InitializeLifetimeService and return a null object as the new lease, //indicating that this lease never expires

public override object InitializeLifetimeService()

{

return null;

}

//Create Remote object method here. This code can be easily modified to //execute a command or open an application on the remote server

public string RunMain_Job(string strHello)

{

            string strRet = "";

            strRet = strHello;

//************Append string and return it**************

           

strRet+= " Hi there";          

            return (strRet);

}

}

}

Step 3: Create a Microsoft Windows Service Host Application.

This procedure creates a Windows service application, which will be used to host the remote object. When the service is started it will configure the TCP remoting channel to listen for client requests.

Note   This procedure uses an Installer class and the Installutil.exe command line utility to install the Windows service. To uninstall the service, run Installutil.exe with the /u switch.

To create a Windows Service host application

1.           Add a new Visual C# Windows Service project called RemotingHost

2.           Use Solution Explorer to rename Service1.cs as RemotingHost.cs.

3.           Add the following code to RemotingHost.cs.

using System.Collections.Generic;

using System.ServiceProcess;

using System.Text;

using System.Runtime.Remoting;

namespace RemotingHost

{

    static class RemotingHost

    {

        ///

        /// The main entry point for the application.

        ///

        static void Main()

        {

            ServiceBase[] ServicesToRun;

            // More than one user Service may run within the same process. To add

            // another service to this process, change the following line to

            // create a second service object. For example,

            //

            //   ServicesToRun = new ServiceBase[] {new Service1(), new MySecondUserService()};

            //

            ServicesToRun = new ServiceBase[] { new HostService() };

            ServiceBase.Run(ServicesToRun);

        }

    }

}

4.           In RemotingHost.cs, rename the Service1 class as HostService and add the following code.

using System;

using System.Collections.Generic;

using System.ComponentModel;

using System.Data;

using System.Diagnostics;

using System.ServiceProcess;

using System.Text;

using System.Runtime.Remoting;

namespace RemotingHost

{

    public partial class HostService : ServiceBase

    {

        public HostService()

        {

            InitializeComponent();          

        }

        protected override void OnStart(string[] args)

        {

            // TODO: Add code here to start your service.      

            System.Diagnostics.EventLog.WriteEntry(ServiceName, ServiceName + "::OnStart()");

            RemotingConfiguration.Configure(AppDomain.CurrentDomain.BaseDirectory.ToString() + "RemotingHost.exe.config",false);      

        }

        protected override void OnStop()

        {

            // TODO: Add code here to perform any tear-down necessary to stop your service.

            base.OnStop();          

        }

    }

}

5.           Add a new C# class file to the project and name it HostServiceInstaller.

6.           Add an assembly reference to the System.Configuration.Install.dll assembly and add the following code.

using System;

using System.Collections.Generic;

using System.Text;

using System.ComponentModel;

using System.ServiceProcess;

using System.Configuration.Install;

namespace RemotingHost

{

    [RunInstaller(true)]

    public class HostServiceInstaller : Installer

    {

        private ServiceInstaller HostInstaller;

        private ServiceProcessInstaller HostProcessInstaller;

        public HostServiceInstaller()

        {

            HostInstaller = new ServiceInstaller();

            HostInstaller.StartType = System.ServiceProcess.ServiceStartMode.Manual;

            HostInstaller.ServiceName = "RemotingHost";

            HostInstaller.DisplayName = "Remoting Host Service";

            Installers.Add(HostInstaller);

            HostProcessInstaller = new ServiceProcessInstaller();

            HostProcessInstaller.Account = ServiceAccount.User;

            Installers.Add(HostProcessInstaller);

        }

    }

}

7.           Within Solution Explorer, right-click RemotingHost, point to Add, and then click Add New Item.

8.           In the Templates list, click Text File and name the file app.config.

Configuration files with the name app.config are automatically copied by Visual Studio .NET as part of the build process to the output folder (for example, <projectdir>\bin\debug) and renamed as <applicationname>.config.

9.           Click OK to add the new configuration file.

10.       Add the following configuration elements to the new configuration file.

*Note make sure port number used is the same as in the client class

<configuration>

  <system.runtime.remoting>

    <application name="RemotingHost">

      <channels>

        <channel ref="tcp" port="8090">

          <serverProviders>

            <formatter ref="binary" />

          serverProviders>

        channel>

      channels>

      <service>

        <wellknown type=" RemotingSamples.HelloServer, RemotingSamples"

                        objectUri="RemotingSamples.HelloServer"

                        mode="Singleton" />

      service>

    application>

  system.runtime.remoting>

configuration>

Step 4: Install and start the Windows Service.

This procedure installs a Windows service using the installutil.exe utility and then starts the service.
Steps To install the Windows service

1.    Open a DOS command window and change directory to the folder which contains the executable file of your remote service.

D:\cd..

2.     If a pervious version has been installed please un-install this version first by running the installutil.exe\u utility to un-install the service.

Use the following in the command line to un-install.

installutil.exe/u RemotingHost.exe

3.    Run the installutil.exe utility to install the service.

Use the following line in the command line.

installutil.exe RemotingHost.exe

In the Set Service Login dialog box, enter user name and password

4.    View the output from the installutil.exe utility and confirm that the service is installed correctly.

5.     Close the DOS command window.

 Steps To Start the Windows service

1.       From the Administrative Tools program group in the control panel, start the Services MMC snap-in.

2.       In the Services list, find and right-click on RemotingHost, and then click Properties.

3.       Enter the full path to the service's configuration file into the Start parameters field.

Note:   A quick way to find the correct path is to select and copy the Path to executable field and paste it into the Start parameters field. Then add .config to the end of the string inside the quotation marks.

4.        Click Start to start the service.

5.        Click OK to close the Properties dialog box.

6.       Confirm that the service status changes to Started in the services list.