June 15, 2011
New Version of QC Native Available
I have just completed an update to QC Native for those of you who are doing native Android and/or iOS development. Download it from here: http://goo.gl/P7s6D
If you are using QC Hybrid to write your app in JavaScript you can safely ignore this update. There will soon be a new version of QC Hybrid for you to use with several updates that I’m dying to get out to you.
As with the previous version of QC Native all threading is done for you. ValCO’s and BCO’s will run in a background thread and VCO’s will run in the UI thread on Android, JavaSE, and iOS. No threads will be used when you use the qc.jar file in an Enterprise Java environment since they are not needed there.
The Control Objects in QC Native now use HashMap/NSMutableDictionary instead of ArrayList/NSArray. This allows you to have more control over the data used in your Control Objects. Another change is that you now add the results of your calculations in your BCO’s, ValCO’s, and VCO’s to the parameters HashMap/NSMutableDictionary instead of returning them from your handleIt methods. Now you return null to terminate a control stack and any value to continue.
This change will give us a strong base to build on for the foreseeable future for both the native and hybrid libraries.
May 28, 2010
Server Side PHP for Image Upload Feature
I have received a request for sample PHP source code that could receive and save the uploaded file. You MUST understand that this is NOT code I would put into production. I always use QuickConnectPHP on the server side since it allows me to apply Validation Control Functions, Business Control Functions, View Control Functions, and Error Control Functions in PHP. This dramatically increases the security of my applications.
This being understood, the code you see below should be viewed as an example of how to get the POST key/value pairs associated with an upload of an image from the QCiPhone implementation. Additionally it shows you how to store the uploaded image file in a directory on the PHP server machine called upload.
The file name length check is one security feature. Some machines are unable to handle file names longer than 254 characters. If a hacker sent you a file name that was longer than that it can cause you not to be able to delete the file. If the file they uploaded had PHP in it they could call it and execute it. You would not be able to delete the file because of the overly long file name.
Another security issue is that you should store the files in a directory located such that the PHP engine can not interpret any file uploaded as PHP. This example does NOT follow this advice since there is no way for me to know the structure of your PHP server.
<?php
//echo ‘post values’;
if($_POST["uname"] != “someUser” || $_POST["pword"] != “somePass”){
echo “invalid user name or password”;
}
else if (($_FILES["fileContents"]["type"] == “image/png”)
|| ($_FILES["fileContents"]["type"] == “video/mp4″)){
if ($_FILES["fileContents"]["error"] > 0)
{
echo “Return Code: “ . $_FILES["fileContents"]["error"] . “<br />”;
}
else
{
if (file_exists(“upload/” . $_FILES["fileContents"]["name"])){
echo $_FILES["fileContents"]["name"] . ” already exists. “;
}
else if(strlen($_FILES["fileContents"]["name"]) >= 255){
echo “The file name you have chosen is too long.”;
}
else{
move_uploaded_file($_FILES["fileContents"]["tmp_name"],
“upload/” . $_FILES["fileContents"]["name"]);
echo “File stored in: “ . “upload/” . $_FILES["fileContents"]["name"];
}
}
}
else{
echo “Invalid file<br/>”;
}
?>
