Rob Spoor

+ Follow
since Oct 27, 2005
Rob likes ...
Chrome Eclipse IDE Java Windows
Forum Moderator
Rob Spoor currently moderates these forums:
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Rancher Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Rob Spoor

Side note: since $ matches the end of the string, $[.]+ will never match anything.
21 hours ago
Why did you exclude the embedded Tomcat dependencies? Without those or a replacement, there is no internal web server. Just include them. You should also remove the servlet-api and jsp-api dependencies, Spring Boot provides them (through Tomcat). I'm not sure about jstl though.
1 day ago
It's not just these PHP functions that work like this, BCrypt and a lot of other libraries work in exactly the same way. The trick is that if you hash the password again, you will not get the same result, which is more secure (harder to brute-force). That makes database look-ups based on the hash impossible.

Ives, why do you use htmlentities(addslashes(...)) for your username and password? You already use PDO binding to prevent SQL injection, and you don't render them in the browser either. I'm even inclined to say that this is the reason why it doesn't work - the password you fill in will not be the password that's used in the verify step if this transformation changes the password.
3 days ago
FYI, you can use this to even return something completely different. An example is EnumSet. This has two implementations depending on the number of constants in the enum (RegularEnumSet for <= 64 elements, JumboEnumSet for > 64 elements). The serialization proxy simply stores the elements in the set. Upon deserializing, the proxy uses the EnumSet constructs to make sure the correct type is picked. That means that you can serialize an EnumSet when the enum has <= 64 constants (so it's a RegularEnumSet), and deserialize it when the enum has > 64 constants (because you added some). It then automatically becomes a JumboEnumSet.
4 days ago
You can probably still serialize it, but you need to use some more advanced techniques like a serialization proxy. In short, instead of serializing instances of your Sequencer sub class, you serialize a replacement (writeReplace). In turn, this replacement will return a newly created instance of your sub class when it's deserialized (readResolve). This way you can call any constructor you want, as long as you have its values.
4 days ago
Unlike in JavaScript objects, in JSON properties must be enclosed in "" as well. {name: "Maria"} is not valid JSON; {"name": "Maria"} is.
You can get an enum constant's name by calling its (surprise) name() method. You can then call toLowerCase() on that. You don't need a separate method inside the enum for that.
1 week ago
A lot of APIs return long lists in pages, and you will need to call separate pages yourself.

Assuming you're talking about this call, you can:
  • Send in a higher maxResults parameter. The default is 20, but it can go up to 100. Disallowing higher values is probably meant to keep responses small (so no 10MB responses if there are many replies).
  • Use the pageToken to call a next page. The value is returned in the previous response's nextPageToken field. That means that, to get all replies, you will need to loop until there is no more nextPageToken.
  • You can use the response's pageInfo.totalResults and pageInfo.resultsPerPage to determine how many pages are needed.
  • Summarizing: /etc/bashrc contains system defaults for all users, and ~/.bashrc contains user-specific additions. The latter is optional, if it does not exist then only the defaults are used.
    2 weeks ago
    If you don't need to use such classes in unit tests: javaee-web-api or javaee-api, depending on whether or not you only need the web part or all of it.

    If you do need to use these classes in unit tests, these two dependencies suck are mostly useless because (most of) the classes in them do not contain class bodies. You'll get some quite nasty errors when running your tests. In these cases you're better off using the official specs, e.g. javax.ejb-api or javax.servlet-api. You will then often also need a reference implementation with test scope.
    2 weeks ago
    The first question would be "when does a file already exist?". Is it when the file name matches, the content, or something else? Depending on the answer there are different solutions.
    2 weeks ago
    Both of you should upgrade ASAP, Jackson has quite some vulnerabilities until at least version 2.9.2. The current version is 2.9.5.
    2 weeks ago
    JPA already has support for this, as long as all your base classes are proper mapped super classes (@MappedSuperClass). Check out the following annotations:
  • DiscriminatorColumn
  • DiscriminatorValue
  • Inheritance

  • The most important one here is @Inheritance, because it's linked to how your data is actually stored. All inheritance types have their pros and cons. For instance:
  • JOINED allows you to make columns for your sub types properly non-nullable, but querying requires joining all sub class specific tables.
  • SINGLE_TABLE is the fastest, but any column that is not shared with all sub types must be nullable.
  • TABLE_PER_CLASS should probably only be used if the mapped super class is only used to define common properties, but your selects will always be limited to only one type.

  • @DiscriminatorColumn and @DiscriminatorValue should be used to let JPA determine what the actual type of a record is.
    It's better to use try-with-resources:

    This way the statement will be correctly closed after it's no longer needed.
    2 weeks ago
    You first create the response, then start validation using the reference you have:

    You can also keep the chain, but then you can't assign the result to a Response variable because as soon as you call then() you get a ValidatableResponse which is not the same as a Response.
    3 weeks ago