Microsoft Development





Most development for the Microsoft platform is done utilizing the technologies supported by the.NET framework. Other development is done using Visual Basic for Applications (VBA) for programs like Access, Excel, Word and Outlook, with PowerShell for scripting, or with SQL for large databases.

Share tech news, updates, or what's on your mind.

Sign up to Post

I need your help . I think there is possible to use something in Visual Studio Net (2017, C#) to calculate FFT, FIR and IIR filters.  I remember I read it somewhere but
I don't remember what was it.
Do you know what can I use for very fast process?
Looking forward for your suggestions.
Cloud Class® Course: Microsoft Azure 2017
LVL 12
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

I created a custom ContextMenuStrip at runtime on an overrided RichTextBox control (to enable Cancel, Cut, Copy and Paste basic functions on my overrided RichTextBox) - since the RichTextBox doesn't implement this out-of-the-box.
At runtime, I do get my ContextMenuStrip popping up when I right click on my overrided RichTextBox and the menus work well, BUT when I move the mouse over the ContextMenuStrip, I don't see the selection tracker over the menus. Why so? And how can I fix this?

        private void CreateContextMenuStrip()
            _cms = new ContextMenuStrip();
            _cms.Items.Add(new ToolStripLabel("Annuler", null, false, cms_Clicked, "mnuCancel"));
            _cms.Items.Add(new ToolStripSeparator());
            _cms.Items.Add(new ToolStripLabel("Couper", null, false, cms_Clicked, "mnuCut"));
            _cms.Items.Add(new ToolStripLabel("Copier", null, false, cms_Clicked, "mnuCopy"));
            _cms.Items.Add(new ToolStripLabel("Coller", null, false, cms_Clicked, "mnuPaste"));
            _cms.Items.Add(new ToolStripSeparator());
            _cms.Items.Add(new ToolStripLabel("Tout sélectionner", null, false, cms_Clicked, "mnuSelectAll"));
            _cms.Items["mnuSelectAll"].Width = 150;
            _cms.Opening += new CancelEventHandler(cms_Opening);
            this.ContextMenuStrip = _cms;

        private void cms_Opening(object sender, CancelEventArgs e)
            // check to see if we can 

Open in new window

I have developed a form in Fastfield forms. I am trying to use Zapier to send the Fastfield form as a text message after the form is filled out.  The text message is being sent, but the form with the information is not in the form. the question that I have is: Does Zapier interface with Fastfield?
Help is greatly appreciated.
My company run Exchange server 2016 and Outlook 2016
Some users have have many (hunderds) of folder in their inbox keeped updated manually. I want to automatically create rules to keep their structure updated.

Let me expain with an exemple:

- Folder Clients
> Sub folder A
>> mail from
>> mail from
>> mail from
> Sub folder B
>> mail from
> Sub foldder C
- Folder suppliers

Selecting a folder I want to automatically create rules for all subfolders. In this exemple selecting the root I want to create those rules:
1) move mail from or to folder clients/A
2) move mail from to folder clients/B
I have many (hunderds) of folder in my inbox. I divide clients in 1 folder for any region and then 1 folder for any client. I keep this structure updated manually over ther years.

I want to automatically create rules to keep this structure updated. Something like: for any unique sender address in a folder create a rule to move the the actual folder.

> Exchange server 2016
> Outlook 2016

How can I do so?
Need exercises on the Big O Notation

I have engineering optimization on various software projects in the past, but need to pass a test which will evaluate my skills solving the Big O Notation.

I will need to code in C# with arrays, data sets and the like as a way to show I can optimize code.

Any exercises I could play around with?

We are teaching programming to kids and having problems with the Atom IDE as we need to add a new user account for each new student on the PC. So we are looking for an IDE that can be installed from within our administrative account (teacher) and configured properly with some extensions, and then we would like to be able to add a new user account on the same Windows 10 laptop and would like the user to use the VS Code WITH installed extensions without having to re-install those extensions every time a new user is added to the same computer. Is that possible? So the procedure we would like to have is:
1. From an Administrator account on a Windows 10 PC we would like to install VS Code for All Users.
2. From the same account, we would like to add some extensions to VS Code that will fit our needs.
3. Then we would like to add a standard user account on the same PC from which the user can open and work with VS Code and hopefully with all the extensions we installed from within the Administrator account previously.

If that is not possible, meaning the extensions will not be available from this new user account, would it then be possible in some way with the help of a macro program like AutoHotkey to place or add the relevant extensions somewhere so that the new user can add them first thing when he opens VS Code? or do they have to be downloaded every time when we add a new user account?
Hello everyone,

could any one can help me to find out the difference between "Text from file" option and paste (ctrl+v) in ms word
The client gave me a WSDL file and from that I'm using svcutil.exe to generate the proxy class.   I did the following steps:

1) Opened up Developer Command Prompt for VS2015
2) Ran the following command > svcutil.exe CORETransactionService.wsdl CORETransactionService_schema1.xsd

I get the following error:
The attached file (outputfromSVCUTIL.png)

If I removed this from the wsdl file
 <wsp:Policy wsu:Id="wsp-d022643e-c1aa-467f-8471-f28e404d63fb"><ns2:AsymmetricBinding xmlns:ns2=""><wsp:Policy><ns2:InitiatorToken><wsp:Policy><ns2:X509Token ns2:IncludeToken=""><wsp:Policy><ns2:WssX509V3Token10/></wsp:Policy></ns2:X509Token></wsp:Policy></ns2:InitiatorToken><ns2:AlgorithmSuite><wsp:Policy><ns2:STRTransform10/><ns2:Basic128/></wsp:Policy></ns2:AlgorithmSuite><ns2:RecipientToken><wsp:Policy><ns2:X509Token ns2:IncludeToken=""><wsp:Policy><ns2:WssX509V3Token10/></wsp:Policy></ns2:X509Token></wsp:Policy></ns2:RecipientToken><ns2:Layout><wsp:Policy><ns2:Strict/></wsp:Policy></ns2:Layout></wsp:Policy></ns2:AsymmetricBinding><ns2:Wss11 xmlns:ns2=""><wsp:Policy><ns2:RequireSignatureConfirmation/></wsp:Policy></ns2:Wss11></wsp:Policy>
    <wsp:Policy …
I just download Microsoft visual studio 2017 but the window is not the same as 2010. Can you please tell me how to create a new mvc project in it with c sharp coding? I am using windows 7
Free Tool: IP Lookup
LVL 12
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

environment sp 2010 workflows on 2013 - no farm admin support, full control only 2013 workflows not available. JS within a page is ok.

I have a workflow which emails out certain list record information.
In this email, I need to put a link which will start another workflow (set to manual) without displaying the initiation screen. This second one can't be set to new/modified triggers. On a private LAN - assume user who reads the email is also authenticated to the list and have permissions to the list. Mobile access etc not needed.  The link can include whatever information needs to be passed (ID, list guid, ... )

I've seen several posts about this but none seem to skip the initiation screen. I don't mind them linking to a page with parameters which tend runs JS and then afterwards directs to the home page of site if necessary. I know how to do the JS to update the record appropriately but was hoping for a workflow based solution entirely. After the JS finishes I don't want to leave the user in the editform - they should never see the editform - just click on the link in outlook and it does the rest without users being involved.

I do not want to put links in the view of the list - only in Outlook
Why can I not update the URL in the browser?

I update QueryString and remove a malicious parameter. But, after executing the following code:


Still see that bad domain.

I may be fighting development automation inside my own project;

I paste the following into the browser...

My code captures the goto parameter and removes it from the QueryString. I call the RewritePath() function above, and see the following in the browser

I have no problem with the introduction of
but I do have a problem that the sub-domain re-appears.


I even created a copy of QueryString, made the deletions on the sanitized version. But that also fails.

Need to Redirect after removing one or more query string params.

I am using a whitelist to remove dangerous query string params, and when done, need to redirect to whatever is left in the  query string.

I understand things may break, but am okay letting our website's existing default behavior handle it.

What is the exact command to redirect?

ActionExecutingContext filterContext is the input param of the ActionFilterAttribute

        public override void OnActionExecuting(ActionExecutingContext filterContext)

and after removing the faulty query string params from:


I am ready to redirect.


Please complete the the above parameter for Redirect()

I need to remove a dangerous domain from the URL, but the QueryString Collection is Read Only.
I created a whitelist of safe URL's and scan the URL inside a custom ActionFilterAttribute to assert that every domain is whitelisted:

But rather than upsetting existing program flow by redirecting to an error page, we have decided to simply remove that dangerous domain. If the goto or returnURL is errant, I need to completely remove it. But, the QueryString Collection is Read Only.

I use the following code to remove the "goto" key and notice the NameValueCollection array drops from a size of 1 to 0.

        private void RemoveParameter(NameValueCollection nameCollection, string keyToRemove)
            // reflect to readonly property
            PropertyInfo isreadonly = typeof(System.Collections.Specialized.NameValueCollection).GetProperty("IsReadOnly", BindingFlags.Instance | BindingFlags.NonPublic);

            if (isreadonly != null)
                // make collection editable
                isreadonly.SetValue(nameCollection, false, null);

                // remove

                // make collection readonly again
                isreadonly.SetValue(nameCollection, true, null);

Open in new window

but even after a final call to:


the browser still has the bad domain in the goto. In fact, I was expecting "goto" to no longer display.

What am I missing?

RedirectResult from ActionFilterAttribute

I made a custom ActionFilterAttribute which checks a URL to see if the domains are contained in a whitelist of domains. It's working, but I need to redirect to a failure page on failure.

Can I use the following call?

filterContext.Result = new RedirectResult("/error/Unauthorized");

and what about the path?

I see

ErrorController : Controller
with the following action method

public ActionResult Unauthorized

and it returns the following view:

            return View("UserNoPermissions");

and I see the Shared View


yet, I get the error:

HTTP Error 404.0 - Not Found
The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.

I am hoping to use the Uri object to reject the following XSS exposure.

for example, a return URL which includes the following puts your website at risk:

So, I hope I can use the  System.Uri object to throw an exception. This means I do not get into modifying my RegEx.

I would be surprised to learn that  the following is not a reg flag:

When can HttpUtility.HtmlEncode() reduce risk of XSS attack?

I was under the impression that it was best practice to encode the URL before I call Redirect().

For example:
                    return Redirect(HttpUtility.HtmlEncode(returnUrl));

But then was told it makes no difference, since encoding it just means the browser needs to decode it. And, all that matters is how you protect yourself from incoming malicious URL's. Obviously, a hacker can reformat any outputted URL.

Where and when does it make sense to use HttpUtility.HtmlEncode(returnUrl) ?

How comprehensive is this malicious URL test?

        public static bool IsUrlDomainValid(this Uri uri, List<string> whitelist)
            return whitelist.Any(w => uri.Host.EndsWith(w));

Open in new window

I create a while list that contains various good domains:

and want this function to fail if there is a single domain that is not whitelisted.

Is that was this code does? I get worried with the use of "endswith"

What if the last domain is a good one, but there is a bad one in the middle?

Currently we have TMG as web proxy and websense as web filtering
We are going to replace TMG with Bluecoat SG Appliance.

Hence I need to know which design is considered as best in terms of secure and efficiency.

We have 1500 users.

Any help would be appreciated.
Cloud Class® Course: SQL Server Core 2016
LVL 12
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

Does this C# block return URL hacking?

            if (Url.IsLocalUrl(redirectToAfterLoggingIn) && redirectToAfterLoggingIn.Length > 1 &&
                (redirectToAfterLoggingIn.StartsWith("/") && !redirectToAfterLoggingIn.StartsWith("//")) &&
                return Redirect(redirectToAfterLoggingIn);

Open in new window

I find it confusing, at best.

How can it be a local URL if it starts with a "/"?

C#: Can AuthorizeAttribute.GetRedirectResult() be hacked?

I see the following over-ride of GetRedirectResult()

        private ActionResult GetRedirectResult(AuthorizationContext context, string controller, string action, string clientId = null,
            List<KeyValuePair<string, object>> additionalParameters = null)
            var returnUrl = context.HttpContext.Request.RawUrl;


Open in new window

but notice the value for Request.RawUrl is a simple path, generated by our code:


So, I wonder if I need to do any URL sanitizing on this, given it seems based on C# and not user generated.

Is this something that can be ignored?

Search folder are a very cool tool but difficult to use. We have exchange on-premises 2016 and outlook 2016 professional.

I would like to write a VBA to: add in mail context menu the option: "create search folder #senderdomain". This should Create a search folder called #domain including all the email sent from and to that domain.

I found that code:
Sub Application_ItemContextMenuDisplay(ByVal CommandBar As Office.CommandBar, ByVal Selection As Selection)
    Dim objCommandBarButton As Office.CommandBarButton
    'Add "New Search Folder" to the ContactItem's Context Menu
    If (Selection.Count = 1) And (Selection.Item(1).Class = olContact) Then
       Set objCommandBarButton = CommandBar.Controls.Add(msoControlButton)
       With objCommandBarButton
           .Style = msoButtonIconAndCaption
           .Caption = "New Search Folder"
           .FaceId = 1744
           .OnAction = "Project1.ThisOutlookSession.CreateRelatedSearchFolder"
       End With
    End If
End Sub

Sub CreateRelatedSearchFolder()
    Dim objContact As Outlook.ContactItem
    Dim strEmailAddress As String
    Dim strDisplayName As String
    Dim strFilter As String
    Dim strFrom1, strFrom2, strTo1, strTo2 As String
    Dim strScope As String
    Dim objSearch As Outlook.Search
    'Get the selected contact
    Set objContact = Application.ActiveExplorer.Selection.Item(1)
    'Get the contact's main email address and display name
    strEmailAddress = objContact.Email1Address

Open in new window


How to get rid of the warning :
 _WIN32_WINNT not defined. Defaulting to _WIN32_WINNT_MAXVER (see WinSDKVer.h)

project c++ visual studio v15 entreprise
In an MVC App, can Session[] be hacked?

How confident should a Controller Action be that the Session data is legit?

Something tells me, zero percent confident.

Is the data stored in Session[] under the same restriction as query string params? That it must be encrypted? Or does the .NET Framework take care of that?

Does Microsoft's Anti-XSS Library block:

HTTP Splitting and Cache Poisoning?

These are new concepts to me, so surely I need to spend more time reading this article:

If you have the time... :)

Which vulnerability is NOT blocked by Microsoft's Anti-XSS Library?


Microsoft Development





Most development for the Microsoft platform is done utilizing the technologies supported by the.NET framework. Other development is done using Visual Basic for Applications (VBA) for programs like Access, Excel, Word and Outlook, with PowerShell for scripting, or with SQL for large databases.