Noutați

5 Tips For Building Tabs In Javascript

Ext JS is a JavaScript framework that enables developers to build web apps for any modern device. It includes 140+ fully supported components that easily integrate with React and Angular. It features a customizable tab control to easily allow you to add powerful tabs within your Javascript application. There are a number of advanced features it supports including overflow scroller tabs, icons on tabs, and bottom tabs. Take a look at the below tips for building tabs in a Javascript application. #1. How do I implement basic tabs in Ext JS? Tabs on a component enable handy user engaging means of displaying multiple related content, one iteration of a view at a time. #2. How do I implement advanced features in tabs? There are options for anchoring the collection of tabs along any position on the perimeter of the component container, and likewise within the collection of tabs, the option of rotating the tab itself within its container. Check out this video tip on our YouTube channel: https://www.youtube.com/watch?v=SCCn3FqdMwY #3. How do I implement the overflow scroller tabs? The Tab Panel component provides the means for managing tabs in such a way where “back” and “next” buttons can allow access to tabs not readily visible within the current display, called the overflow. #4. How do I implement icons on tabs in Ext JS? Text is the most common way to signal information in a tab header, but other options, called icons, exist as well, which can be just as engaging if not more so in initiating action in an application. #5. How do I implement positioning bottom tabs in Ext JS? Tabs on a component can be configured to be docked along any position on the component’s perimeter. ExtJS has Everything you need to Create Stunning Web Applications Ext JS includes amazing UI components, such as HTML5 calendar, grids, pivot grid, D3 adapter, trees, lists, forms, menus, toolbars, panels, windows, and much more. Hundreds of user extensions are also available from the Sencha community. Find out more about Ext JS and all of the amazing HTML5 components it offers.

Read More

What’s cooking in the TMS Labs: moving Delphi and FNC forward (and backward)!

Our ever growing FNC framework now already brings a whole portfolio of components to a myriad of devices and operating systems: Windows, Android, iOS, macOS, Linux, Raspbian, Web …. So, it is clear that our R&D team is always looking out for new technology and trying to be ahead of the curve. For this reason, our team was excited to be involved in a very forward looking project for a customer that brings Delphi and our FNC framework again on the bleeding edge of technology.  For this project, we researched how we could bring the FNC framework to a new M1 CPU + NVidia Titan V based device that features an AI driven holographic display. We tweaked the Delphi OSX64 compiler to produce M1 CPU code as well as NVidia SIMD GPU instructions to render FNC on the holographic display. When we received the test device here, the results are without a doubt stunning! You can see a glimpse here: While playing with this cutting-edge technology, our team mesmerized how predictions of technology in movies of the seventies and eighties already got real and we wondered therefore, if we could bring Delphi and FNC at the same time to this for us nostalgic area. A first attempt was to port FNC to the Sharp LR35902 processor and after this was successful, it permitted us to run FNC on the Nintendo Game Boy. It is surprising how crisp the FNC graphics are rendered on the small Game Boy LCD screen as you can witness here: And this achievement inspired us to go back in time even further. Surprisingly this was somewhat easier as making Delphi compile on a Intel 8080 CP/M machine. We tweaked the original Turbo Pascal 8086 compiler to use only 8080 instructions and got it working. It was however a lot more effort to downscale the FNC graphics abstraction layer to a 80×25 character CRT screen. But as you know by now, we are not scared to make our hands dirty in such challenging task. It is with pride that we can share the first FNC components now also running on a CP/M driven Intel 8080 machine from 1974 connected to a Sperry Univac Uniscope 200 terminal.  Are you still using devices for which you like to use Delphi and FNC? Let us know, it could become the next challenge of our team! We look forward to hear what nostalgic or futuristic device you would which to bring alive with your beloved development tools.

Read More

Multi component, multi data source binding in FNC

Intro We have been working on multi component, multi data source binding for quite some time now, providing a foundation for future improvements and new features and today we can proudly announce that TMS FNC Core 2.5 makes the first version available via the TTMSFNCDataBinder component. The TTMSFNCDataBinder component is a non-visual component that acts as a bridge between components and datasources and uses RTTI to detect bindable properties. Read-only Important to know is that this initial release of the TTMSNCDataBinder component supports read-only data binding. It listens to dataset changes, and automatically updates values in the component. In future updates, writing data to the dataset is planned as well as updating the active record based on the selection. Supported modes The TTMSFNCDataBinder component supports 4 modes: single value list column/list grid (via interface) To point out how a binding is done, below is a sample of binding a single value and a list component. (Based on TTMSFNCHTMLText and TTMSFNCListBox) single value procedure TFormDataBinding.UpdateLinks; var it: TTMSFNCDataBinderItem; begin TMSFNCDataBinder1.BeginUpdate; it := TMSFNCDataBinder1.Items.Add; it.&Object := TMSFNCHTMLText1; it.BindType := dbbtSingleValue; it.DataSource := DataSource1; it.FieldName := ‘Common_Name’; it.PropertyName := ‘Text’; TMSFNCDataBinder1.EndUpdate; TMSFNCDataBinder1.Active := True; end; The below code actually sets up the same binding as the code above with a convenience method ConnectSingle. procedure TFormDataBinding.UpdateLinks; begin TMSFNCDataBinder1.ConnectSingle(TMSFNCHTMLText1, DataSource1, ‘Text’, ‘Common_Name’); TMSFNCDataBinder1.Active := True; end; list procedure TFormDataBinding.UpdateLinks; var it: TTMSFNCDataBinderItem; begin TMSFNCDataBinder1.BeginUpdate; it := TMSFNCDataBinder1.Items.Add; it.&Object := ListBox1; it.BindType := dbbtList; it.DataSource := DataSource1; it.FieldName := ‘Common_Name’; it.PropertyName := ‘Items’; TMSFNCDataBinder1.EndUpdate; TMSFNCDataBinder1.Active := True; end; Again as with the single value binding, the below code uses a convenience method to add an item and set all the properties in one go. procedure TFormDataBinding.UpdateLinks; begin TMSFNCDataBinder1.ConnectList(ListBox1, DataSource1, ‘Items’, ‘Common_Name’); TMSFNCDataBinder1.Active := True; end; HTML template For the single value and list bindings, there is support to add a HTML template instead of binding to a specific field name. The HTML template supports multiple fields as long as they follow a specific kind of format. The HTML itself is based on the mini HTML reference (https://www.tmssoftware.com/site/minihtml.asp) The format for adding fields is: . So when applying this to the single value binding for example we can add an item using the TMSFNCDataBinder1.ConnectSingleHTMLTemplate(TMSFNCHTMLText1, DataSource1, ‘Text’, ‘Name: ‘); or procedure TFormDataBinding.UpdateLinks; var it: TTMSFNCDataBinderItem; begin TMSFNCDataBinder1.BeginUpdate; it := TMSFNCDataBinder1.Items.Add; it.&Object := TMSFNCHTMLText1; it.BindType := dbbtSingleValue; it.DataSource := DataSource1; it.PropertyName := ‘Text’; it.HTMLTemplate := ‘Name: ‘; TMSFNCDataBinder1.EndUpdate; TMSFNCDataBinder1.Active := True; end; Editor The databinder component installs an editor that is available at designtime and at runtime. The editor allows to visually edit the bindings that you have set up. You can also create, update and delete new or existing bindings. To start it at runtime, call TMSFNCDataBinder1.ShowEditor; At designtime, you can right-click the TTMSFNCDataBinder component and select “Edit…” to start the editor. Want to know more? Active registered users of FNC (TMS FNC Core) can download the update and get started right away! A demo (“Databinding”), is included in the distribution and there is separate documentation that gives more details on what the TTMSFNCDataBinder component can do and can mean for your application.

Read More

Top Tips For Building Javascript Accordion And Step Swipers

Sencha Ext JS allows you to accelerate web application development with an enterprise-ready framework, components and tools built to work together seamlessly. You can build Ext JS applications using drag-and-drop features and spend less time on manual coding. The IDE and Code Editor Plugins integrate Sencha frameworks into your enterprise workflow, enabling code completion, inspection, generation, navigation, refactoring and more. How do I Implement Basic Accordion Swiper in Ext JS? The Basic Accordion Swiper component provides a container used by the listswiper plugin to display information and controls when an item is swiped. How do I implement the Undoable Step Swiper? The Undoable Step Swiper allows for a hierarchy of options in a list that provide a successive series of options that can support or nullify the previous actions. How do I implement the Undoable Accordion Swiper? The Undoable Accordion Swiper provides actions that are presented as a sub-menu of options, each of which can be acted on by a subsequent cancel, delete or more general revert action. How do I implement the Basic Step Swiper? The Basic Step Swiper demonstrates different actionable options to choose from as swiping takes place. Ext JS includes a flexible layout manager to help organize the display of data and content across multiple browsers, devices, and screen sizes. It helps you to control the display of components, even for the most complex user interfaces. Ext JS also provides a responsive config system that allows application components to adapt to specific device orientation (landscape or portrait) or available browser window size. You can use all of these features with the accordion and step swipers. Ready to get started with Sencha Ext JS? It’s as easy as 1 2 3! Sencha Ext JS is the most Comprehensive JavaScript Framework and UI Component Library. Try it now!

Read More

Beyond SolarWinds: Guarding Against the Rising Threat of Supply Chain Attacks

Published March 25, 2021 WRITTEN BY MICHAEL SOLOMON Michael G. Solomon, PhD, CISSP, PMP, CISM, PenTest+, is a security, privacy, blockchain, and data science author, consultant, educator and speaker who specializes in leading organizations toward achieving and maintaining compliant and secure IT environments. The successful attack in 2020 on the SolarWinds Orion network management software showed that indirect, or third-party, attacks on organizations of all sizes are feasible. Where direct attacks used to be the most common attack vector, especially when attempting to target large organizations, attacking smaller suppliers is becoming a more attractive approach. Any attack that attempts to compromise an organization by directly attacking one of its suppliers of hardware or software is called a supply chain attack. The SolarWinds attack was not the first attack on the IT supply chain, and it looks like the number of similar attacks is increasing. As more organizations become more secure, attackers are looking for creative ways to sneak their attacks in under the radar. Let’s look at the risk of IT supply chain attacks and what you can do to mitigate them. Understanding supply chain attacks Supply chain attacks were up 430% in 2020 over the previous year. The dramatic increase in supply chain attacks means that organizations must mobilize immediately to counter this emerging threat. Cybersecurity specialists are getting better all the time. Cybersecurity education and training is becoming more commonplace and in-depth, along with the development of increasingly sophisticated tools and techniques. Unfortunately, cybercriminals are getting better as well. Over the last decade, the increased level of security awareness and control sophistication has driven cybercriminals to search for softer targets. Security defense maturity is often consistent with size. Larger organizations generally have larger security budgets and can end up maintaining more secure IT environments. Saying that larger means more secure isn’t always accurate; there are lots of insecure large organizations and many very secure smaller ones. On average, though, cybercriminals know that smaller organizations are more likely to lack sophisticated security controls. Simply put, smaller organizations often do not have the budget for the best security. Consequently, many cybercriminals are recognizing a unique opportunity to indirectly attack large organizations by focusing their efforts on the smaller — hopefully softer — suppliers that those large organizations use. The basic approach in a supply chain attack is for the cybercriminals to add malicious code to software products during the development or release process. The malicious code becomes part of a software product that then gets sold to — and installed in — numerous unsuspecting customers’ environments. While the direct target of the attack is the supplier’s code, the eventual target is the customer’s environment into which the tainted code gets installed. The main reason an attack like this works is due to its novelty and the presence of general trust between supplies and customers. Few customers of SolarWinds products probably worried about the quality of the SolarWinds product line before the news of the Orion attack. The general perception is that a trusted supplier takes the necessary precautions to ensure their software is clean. Very few existing security tools or procedures validate the security of purchased products. That’s the problem, and the opportunity for cybercriminals. It has long been known that tampering with a product during delivery is possible, and controls […]

Read More

TMS Aurelius 5 is here! Come see it Live!

TMS Aurelius 5 has been released with lots of new features! Photo by Tony Hand on Unsplash As we have antecipated in a previous blog post, lots of new features were expected for the next major release of TMS Aurelius, our state-of-art ORM framework for Delphi. And indeed, Aurelius 5 was released last week! The what’s new section in the documentation provides you can see the full list of new features, improvements and bug fixes. Here are the major new features, and at the end of this article we have a special invitation for you! Data Validation You can now add data validation via attributes directly to your entity classes. [Entity, Automapping] [Filter(‘Multitenant’)] TTrack = class strict private FId: Integer; [Required] FName: string; FGenre: TGenre; FComposer: Nullable; [Range(0, 3600000)] FMilliseconds: Nullable; FTenantId: Nullable; function GetDuration: string; public All fields will be proper validated according to the validation attributes applied. With a few lines you will guarantee that the entity will be persisted with a valid state. The above class is part of the Music Library demo provided with TMS Aurelius (trial and registered versions). Note how the track name is required, and the duration must not be greater than one hour (3600000 milliseconds). If you try to save something with wrong data, Aurelius will automatically prevent the user from doing so and raise an exception: Global filters and multitenancy Aurelius now includes global filter mechanism. Users will be able to define filters globally, including parameters, and choose which entities will have it applied. The Music Library demo was made multitenant with a few lines of code. The entities were marked with a new global filter definition: [Entity, Automapping] [FilterDef(‘Multitenant’, ‘{TenantId} = :TenantId’)] [FilterDefParam(‘Multitenant’, ‘TenantId’, TypeInfo(string))] [Filter(‘Multitenant’)] TGenre = class strict private FId: Integer; [Required] FName: string; FTenantId: Nullable; And, from that, Aurelius allows you to enforce values in filter (to prevent a wrong tenant id to be saved) and also enable filters to retrieve data: Manager.EnableFilter(‘Multitenant’) .SetParam(‘tenantId’, CurrentTenant); That was it! Music Library demo is now multitenant, with a few UI changes to allow the end-user to choose which tenant to use, data is now fully separated between tenants. Attribute-based event handlers Events are an important feature of any framework, and with Aurelius is not different. It provides several events you can use to add custom business logic. You can add specific code just before an entity is being saved, after an entity is deleted, when an SQL is being executed, among others. But now you can add event handlers directly in your classes, using attributes. You can use it for logging for example, or even to add custom, more complex data validation. The Music Library demo also shows how to do it: TGenre = class {…} public [OnValidate] function Validate: IValidationResult; {…} function TGenre.Validate: IValidationResult; begin if SameText(Name, ‘Experimental’) then Result := TValidationResult.Failed(‘Experimental music is not allowed’) else Result := TValidationResult.Success; end; Such validation will be applied, and Experimental genres will not be allowed in our Music Library app! Come See it Live! There are more new features, actually: TObjectManager.AddOwnership method, Aurelius Dataset can now refresh fields directly from objects and automatically destroy the source list, etc. But, what about if you come and see the new features live, in action, with a more deep explanation? The free webinar […]

Read More

Webinar: TMS WEB Core with HTML/Bootstrap templates (Portuguese)

Register for the free webinar “TMS WEB Core with HTML/Bootstrap templates”. The webinar is scheduled on March 25, 2021 16h00 UTC  17h00 UTC (17h CET – 18h CET) at the TMS Web Academy! “TMS WEB Core with HTML/Bootstrap templates” Ivan de Souza, former senior consultant at Embarcadero Brazil will demonstrate how to create web applications with Delphi and TMS WEB Core and use HTML with Bootstrap to create modern, responsive and good looking web user interfaces.  You will learn techniques to bind Object Pascal user interface control logic to existing HTML & CSS. NOTE: The webinar will be presented in Portuguese! “TMS Web Core com templates HTML/Bootstrap” 25 de Março de 2021 / 13h (Horário de Brasília) Ivan de Souza, ex-consultor sênior da Embarcadero Brasil, irá demonstrar como criar aplicações web usando Delphi e TMS Web Core, com HTML e Bootstrap, para criar aplicações web com visual moderno e responsivo. Você irá aprender técnicas para ligar a lógica de interface escrita em Object Pascal em templates HTML e CSS existentes. O webinar será realizado em sua maior parte em português, tendo algumas interações em inglês com o CEO da TMS, Bruno Fierens. 

Read More

Healthcare Sector Application Security: Preventing Threats from Becoming Attacks

Published March 17, 2021 WRITTEN BY MICHAEL SOLOMON Michael G. Solomon, PhD, CISSP, PMP, CISM, PenTest+, is a security, privacy, blockchain, and data science author, consultant, educator and speaker who specializes in leading organizations toward achieving and maintaining compliant and secure IT environments. Software security isn’t a state of being, or even a single action; it is a process, and one that requires more than just hardening your software. The year 2020 saw a dramatic rise in cyberattacks, with many attacks specifically targeting IT infrastructure. Any attack that compromises an IT environment interrupts normal operations, which can effectively interrupt critical software operations. Regardless of how secure your software is, if you can’t access critical data or services, your application won’t be available to authorized users. And since availability is one of the “big three” tenets of security, unavailable effectively means insecure. Ensuring software security is an organic and community-driven effort. For the most effective result, focus on actions that provide benefits for your software and its surrounding environment.  The last thing you want to do is constantly put out fires. A better approach is to get ahead of the fires. Learn to anticipate attacks and take proactive measures. Here are some ways to create a balanced threat-handling environment to make your software more secure. Responding to attacks The first step to handling any attack is to recognize that there is an attack being carried out. That may sound simple, but in many cases it isn’t. Non-disruptive attacks like data exfiltration may go unnoticed for months. Security is challenging even under normal circumstances, and the problem of handling attacks is even worse given the pressures of today’s realities.  Organizations of all types were put under more pressure when the new realities of covid-19 changed the way people work and interact. But few sectors were impacted more than healthcare. In addition to changes in the workforce and patient interaction protocols, covid-19 stretched every aspect of delivering quality healthcare. IT service and security concerns were just one part of the bigger problem. And in the midst of all the additional pressure, ransomware attackers sensed an opportunity and launched an unprecedented number of attacks against the healthcare sector. For example, in October 2020, the University of Vermont (UVM) Medical Center suffered a successful ransomware attack that ended up disabling all online systems for several weeks. At first it wasn’t evident that the interruption was an attack, but once the nature of the attack did become clear, UVM personnel searched for nearly two hours before they found a file that contained a note from the attackers. CNN picked up on the alarming statistics and published a story about the UVM Medical Center attack, and the Cybersecurity and Infrastructure Security Agency (CISA) published an advisory warning of the increasing number of ransomware attacks on healthcare organizations. UVM had taken some precautions to harden their systems, but the attackers were still able to succeed. While there is no guaranteed approach that leads to an impenetrable defense, there are ways to make your organization far less vulnerable. There is a constant need to iterate over updated threat information to stay ahead of the attackers. The goal is to approach the problems of security in parallel. If all you do is respond when you receive a new attack alert, you’re […]

Read More

VCL Grid goodies #3

Today, we have a look at another often overlooked but yet convenient feature of TAdvStringGrid (and also TDBAdvGrid) from the TMS VCL UI Pack: HoverButtons! Activating HoverButtons With the HoverButtons, you can quickly setup actions to be performed on rows in the grid where the mouse is hovering. It is enabled by just setting grid.HoverButtons.Enabled = true. This means, that when the mouse hovers over a row, a small panel hosting buttons will appear at a column of choice in the grid. This column is set with grid.HoverButtons.Column. WIth the property grid.HoverButtons.Position, you can specify in what relative position with respect to this column the panel should appear.  Configuring the buttons  To add any number of buttons on the panel, the collection grid.HoverButtons.Buttons can be used. This is a collection of the type THoverButtonsCollectionItem and allows to set the caption of such button, an imagelist ImageIndex, a picture, the hint, enabled state of the button … Just add any number of buttons needed for different actions to be performed on the row. Reacting to HoverButtons clicks When a button on the HoverButtons panel is clicked, this triggers the event OnHoverButtonClick returning the index of the button clicked. Performing the different actions for the different button clicks as such is simple: procedure TForm1.AdvStringGrid1HoverButtonClick(Sender: TObject; ARow: Integer; AButton: THoverButtonsCollectionItem); begin case AButton.Index of 0: begin // select the entire row and copy it to the clipboard AdvStringGrid1.SelectRows(ARow,1); AdvStringGrid1.CopySelectionToClipboard; end; 1: begin // invoke the inplace editor for the 2nd column cell AdvStringGrid1.Col := 2; AdvStringGrid1.ShowInplaceEdit; end; 2: AdvStringGrid1.RemoveRows(ARow,1); end; end; Hovering & hints Now we are discussing hovering, we can as well highlight another small but neat feature of the grid and that is to show the content of cells via a hint when the mouse hovers the cell. This is activated by setting grid.ShowHint = true as well as grid.HintShowLargeText = true. Whenever the text does not fit in the size of the cell, the grid will automatically display it as hint text for the cell. As a standard Delphi hint is just a single line of text hint, we add the TMS THTMLHint component on the form. This will replace the standard Delphi VCL hint and this hint can display multiple lines of text. The THTMLHint component also offers a MaxWidth property with which we can set the maximum width of hints to be displayed. And of course, if the text exceeds this MaxWidth, it will be rendered wordwrapped (and even formatted) in the HTMLHint. No code needs to be written for this. Drop a THTMLHint on the form, set HTMLHint.MaxWidth property and set the grid properties grid.ShowHint = true and grid.HintShowLargeText = true. The effect can be seen in this recording. Want more goodies? Looking for more interesting features in the VCL TAdvStringGrid or in other components uncovered? Let us know what you want to see demonstrated in a next episode!

Read More

7 Database Security Principles and Practices

Published February 24, 2021 WRITTEN BY ED TITTEL. Ed Tittel is a long-time IT industry writer and consultant who specializes in matters of networking, security, and Web technologies. For a copy of his resume, a list of publications, his personal blog, and more, please visit www.edtittel.com or follow @EdTittel Few, if any, other repositories for data and meta-data within an organization exceed the importance and value of its databases (DBs). In fact, databases often provide a home for an organization’s personnel information, financial data of all kinds (pay, taxes, purchases, income, and other monetary transactions), and data describing its physical inventory and assets. Thus, it’s not unfair to observe that most of the data that defines “who, what, where, when, and why” for an organization is likely to reside in a database. All of this goes to explain why DB security is vitally important to an organization’s health and its ability to conduct business. Principles that drive DB security are well-understood In the realm of database security, informed professionals understand that while basic security principles definitely apply, they can (and often do) take a database-specific slant. Thus, any enumeration of such principles will often play to the special circumstances involved in defining database metadata (often called a “database schema” to emphasize its scope and coverage for some specific and related collection of data) and in setting up and managing a database engine of some kind (which may be on-premises, in one or more clouds, and various permutations on those themes). That said, here are how some of these basic principles play into the world of database security. 1. Principle of least privilege (aka PLP) In general, PLP means providing the minimum of access rights and user privileges necessary to perform some specific task, run an application, or work with database contents, software or infrastructure elements. As with other PLP situations, periodic review to avoid “privilege creep” (gradual accumulation of more rights and privileges than are really needed) is essential. But in general database designers and database administrators (DBAs) should grant only rights and privileges that users, applications, and services need, and no more than that. 2. Platform hardening Across the board, platform hardening requires a deep understanding of a platforms vulnerabilities and its attack surfaces, so that organizations can take pre-emptive measure to address known potential weaknesses. Among other things this means uninstalling or disabling features or services that you don’t need or use. It also means resolutely enforcing password discipline, especially when it comes to changing well-known passwords and their associated accounts (best to delete them if you don’t use them). Make sure all security controls that the database engine offers are enabled, and set to maximum tolerable levels. Checks on hardening success are covered further in the upcoming “monitoring and auditing” item. 3. Data protection Data and metadata for the database should be encrypted both in motion and at rest (and this applies to backups and snapshots, too). Data and meta-data should include security tags or classifications to permit full-blow security policies and protections to apply. Data protection also includes monitoring its access and use, export and exfiltration, especially wholesale copying activity not readily explained or understood. 4. Monitoring and auditing The old saying goes “If you don’t monitor it, you can’t measure it.” This applies equally to […]

Read More