That Coder Guy

Web, Mobile, Database and all things fun 
Written By: Davie Elliott

Projects

My GitHub page with some of my projects can be found here: github.com/thatcoderguy

I have listed some of my most recent projects below, that have been particularly interesting:

Catalogue App Creator.co.uk

Access to the beta system is available upon request.

What is it?

Catalogue App Creator is a website which allows companies to create their own Catalogue app, there by having more exposure to their customers, and also reducing the need to print paper based catalogues. The mobile app also sends analytics data to the server, so that the customer can get a better idea of what products their customers are looking for.

What does it do/how is it used?

  • Customers register an account.
  • The customer then creates product categories, and add products into the categories (this can be done via a data import).
  • The customer then uploads the images for their products.
  • Once they are happy with the categories, products and images, they then enter the details which are required to list the app in the App Store & Google Play.
  • The customer then “publishes” the app, they are then required to setup a monthly subscript via Google Wallet/Pay Pal.
  • The app is then published to App Store & Google Play.
  • The App then uses AJAX to push analytics data, and also to pull the latest product data – so it is always up-to-date without needing to download a new version of the app.

Design notes

  • The “front end” communicates with the “back end” almost entirely with AJAX, allowing for abstraction from the “back end”.
  • Using AJAX also means a smoother usage experience for the customer, no waiting for annoying page loads.
  • The software calls stored procedures on the database, rather than in-line queries. This means better data security as direct access to the tables can be denied to the service account.
  • Every method in the web service, and every stored procedure require a session code. This also means better security, as the stored procedure will only modify/return data if a valid session code is used.
  • When the app requests the latest product data, the server creates an SQL file, the app then downloads and runs this on it’s own internal database.

 

Central Password Repository

Available on GitHub GitHub Link

This is one of my current projects – I shall add screenshots and a description when there is a Beta version available

 

Faux Bank

Available on GitHub GitHub Link

This is one of my current project intended to serve as a Proof Of Concept for oWASP.org’s top 10 web security vulnerabilities and as an educational tool for web developers.

You can read about the security flaws and security fixes that have been implemented in my blog.

 

Basic Backup V1.0

Available on GitHub GitHub link

What is it/what does it do?

Basic Backup is simple backup solution, which is only intended to backup the core elements of a web server, which are required when restoring a website after a disaster. The software has the following features%3A

  • Backup SQL Server databases
  • Optionally Re-Index and Shrink databases
  • Backup files in selected folders.
  • Explicitly include and exclude file types from backup.
  • Backup the IIS metabase.
  • Backup to a number of locations; Remote Network Storage, FTP Server or even Email (backup files are attachments).
  • Run custom stored procedures or inline queries on specific databases.
  • Set email details to email a backup report.
  • Optionally set threshold alerts on database space usage (ideal for SQL Server Express) and drive space usage.
  • Allows multiple configurations one for each website or even different run times.

How is it used?

The software needs to be configured from a CLI. Scheduled tasks then can then be setup to run one of more configurations.

Design notes

  • The software has been written as a console application so that it can be configured from a CLI and run from scheduled tasks.
  • Rather than writing a timing system in the software, instead the idea is to run the it from a scheduled task, as Microsoft have already done the hard work of making a customisable timer-based system.
  • The configurations are held in an XML file.
  • Maintenance tasks can either be run as inline queries or stored procedures; depending on how the websites running on the server have been written.

 

Recall Hosting Service V1.0

Available on GitHub GitHub Link

What is it?

Recall Hosting Service was intended to be a full blown windows service, which would allow anyone with the time and resources to setup a hosting company. Eventually the software will eventually be able to manage; email addresses, IIS entries, domain entries and database setups.

What does it do/how is it used?

  • The “workhorse” and “interface” databases must first be setup.
  • After the databases have been setup, the service then requires installing with the Microsoft Installer package.
  • Lastly the interface requires setting up under the hosting company’s domain – this is what the customers will use.
  • Currently the software can; create and delete email addresses/accounts & forwarders and setup/change email account passwords.

Design notes

The software was designed on the system architecture that FastHosts.co.uk was.

  • The service software is multi-threaded, so that under different amounts of usage the number of active threads increases/decreases as needed.
  • The email service has been written to interface with the Mail Enable email service, as the basic software is free to use and the API is easily implemented.
  • Rather than have the interface access the windows APIs directly, which can be costly in resources, instead the interface creates “commands” in the “workhorse” database.
  • The service software then reads these commands (e.g. create email, delete email, create domain etc…) from the “workhorse” database.
  • As the software is multithreaded, the stored procedure which reads the command uses “SET TRANSACTION ISOLATION LEVEL SERIALIZABLE” so that other threads cannot read the same “command”
  • Again, rather than use the windows APIs directly, the interface database stores configuration details (e.g. domains, emails, IIS entries etc…).