Random thoughts of wisdom - the personal blog of Michael Holm Andersen

SQL Injection Attack - once again...

As you might have read in the news, Denmark is currently the target of Injection Attacks which mostly is a problem with pourly programmed websites - if you're worried about wether your website is up to the task of rejecting these attacks .. take a look at this article which explains the problem and also shows some solutions:

Using a shared PC ...

If you're worried about viruses, adware and are using e.g. a slow/old notebook (which you share with other people) simply for surfin' the web .. then Windows SteadyState might be something for you - it's free and is in many aspects very similar to deepfreeze (which costs $).

A history of the Amiga

Earlier today, Lars (formerly known as Terraman) told me about an very interesting article about the history of the amazing Amiga and how this wonderful computer we once loved and honoured came to life.

As many of you probably know, Lars and I have done our share of programming on both the C64 and the Amiga, developing a number of games and demos as members of the mighty Danish Game Smashers

If you're old enought to remember and - like us - have a history within the "demo scene", I highly recommend the "A history of the Amiga" article .. so grap your notebook, your favorite coffee and begin a trip down memory lane. Enjoy!

/ Michael aka Mr. Zork

Hanne joined the GS500 club!!

Yesterday we bought another GS500E for Hanne, her bike is - of course - red :-)

Managing multiple web sites on WinXP/2000

The IIS integrated into Windows XP/2000 is only capable of running ONE (the so-called 'default') website :(

Luckily for all of us who is running Vista, Microsoft - finally - decided to remove this limitation in IIS 7.0 - However if you're stuck with Windows XP (as I am @ work), you probably be really happy to know that a small utility called XP Pro IIS Admin can fix the limitation of IIS 6.0 on Windows XP. The programs makes it possible to have a list of your websites and create any number of "real" websites (not just Virtual dirs). Of course - due to the IIS 6.0 limitation - only one of these websites can be running, but that's a limitation which one can live with. The below is a screenshot of the program:

If you're "stuck" on Windows XP you'll probably want to get this tool installed ASAP - So head over to and download away...

Don't use the Label control unless you need AssociatedControlID

The ASP.NET Label control is way overused. In most situations the Literal control is a much better choice. Actually the main reason Microsoft included the Label control is to use it as a label together with input type="text" (aka a TextBox control).

The main difference between the two controls is that the Label control render any text inside a span control which in most cases is unnecessary and complicates any CSS styling you may be trying to use. In most cases, you can replace the Label with a Literal and achieve the same results.

However a nice feature that seems to be ignored by most .NET programmers is the Label controls AssociatedControlID property. This property is used to "link" the text of the Label control to a specific TextBox. Check out the following code:

Which gives this result in a browser:

The above Label control has AssociatedControlID="TextBox1" - This associates the label "Click me to give focus to textbox" with the textbox control, so when you click on label, the textbox gets focus. Really nice and overlooked feature of the Label control.

ViewState trimming with automatic state restore

A quick follow up on the last article about trimming ViewState. I was looking at the code I posted a couple of days ago and came to think about the life cycle of a ASP.NET page .. more precisly when in the page flow the ViewState data is actually restored. I checked MSDN and found out that this occurs right after the PreLoad event and just before the Load event.

With this information (and the knowledge that controls such as dropdownlist and textbox restore their posted state (the selected item of a dropdown is 'posted') even when ViewState is disabled), if I simply moved my databind of the control to an event BEFORE the .NET framework restores the view state - the control (in this case a DropDownList) would remain it selected value on Page_Load - in other words: Now the dropdown will behave just like it normally would, only my rather large list of data will NOT be persisted into the ViewState hidden field! Awesome!!

So .. in short - why does this works: I'm populating the dropdown list with data BEFORE it attempts to load it's posted value.

Pretty nice, ehh :)  .. and yes, of course - to sum it all up. The code: 

Trimming View State

I had a website where I needed to fill a drop-down list with hundreds of entries, which caused the page to contain a lot of viewstate data. In my case, the list was pretty inexpensive to create (populate) as I was retrieving it directly from the cache. So I decided to disable view state for the list control and rebuild the list at the beginning of each postback. However, this as you probably know means the selection information is lost.

However, the user's choice is actually still maintained in the Request.Forms collection (a collection of posted values that's present for backward compatibility with ASP pages). You can look up the selected value using the runtime control name (stored in the UniqueID property), and you can use code such as the below to reset the proper selected index and retrieve the selected value:

Compact Virtual PC virtual hard disks (.VHDs)

If you use Virtual PC 2007 you know that the virtual hard drive files (.VHDs) can grow quite large. This is due to the fact that .VHD files dynamically expand when software is installed inside the Virtual PC.

After the installation, the original setup files are deleted and no longer take up space in the .VHD, however the .VHD does not dynamically shrink. Once a .VHD file expands - it doesn't shrink. 

I'm using a 16GB USB stick to hold my virtual hard drive files, so to me - size does matter! :-)

So here's a HOWTO to shrink the size of a .VHD file:

1) Clean the machine for any temp files etc. - If you're lazy, you can use a program like CCLEANER (, which deletes all temporary files from the Windows installation, Internet Explorer cache, the Recycle Bin, etc.

2) Disable hibernation
If you have hiberation turned on, there's a colossal sized file called hiberfil.sys in the root of the .VHD.  Go into Power options in Control Panel and disable hiberation to get rid of this.

3) Capture the Virtual Disk Precompactor .ISO file
In the menu of Virtual PC, capture the Virtual Disk Precompactor .ISO file which is located at: "c:\program files\microsoft virtual pc\virtual machine additions\virtual disk precompactor.iso". The Precompactor should run automatic.

4) Run the VPC2007 Virtual Disk Wizard
Shutdown the Virtual PC and from the Virtual PC console, click File-> Virtual Disk Wizard and "Edit an existing virtual disk". Browse to the .VHD file and select it. Select the "Compact" option and "Replacing the original file".  This will take a few minutes depending on the size of your .VHD file.

That's it .. now your .VHD file should (hopefully!) be a lot smaller :)