Thu, 20 Sep 2007 01:43:00 GMTMatrix Reloadhttp://blog.csdn.net/goldcattle/http://blog.csdn.net/goldcattle/archive/2007/09/20/1792175.aspxhttp://blog.csdn.net/goldcattle/comments/1792175.aspx0http://blog.csdn.net/goldcattle/comments/commentRss/1792175.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=1792175Pattern & practice 上出的新文章（书）从事Web Application performance testing的可以看看 <img src ="http://blog.csdn.net/goldcattle/aggbug/1792175.aspx" width = "1" height = "1" />Thu, 20 Sep 2007 09:43:00 +0800goldcattlehttp://blog.csdn.net/goldcattle/archive/2007/09/20/1792175.aspx#Feedbackhttp://blog.csdn.net/goldcattle/archive/2007/09/20/1792175.aspxgoldcattlehttp://blog.csdn.net/goldcattle/archive/2007/08/02/1721893.aspxhttp://blog.csdn.net/goldcattle/comments/1721893.aspx0http://blog.csdn.net/goldcattle/comments/commentRss/1721893.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=1721893SQL injection 最近自己折腾一个数据库的东西，自己研究了一下SQL injection. SQL injection 看起来还是挺有意思。可以看看youtube 上的一个SQL injection的实例还是比较简单的。http://www.youtube.com/watch?v=MJNJjh4jORY 当然这是最基本的SQL injection了。这种最基本的问题一般都出在query的字段连接上。 SqlCommand cmd = new SqlCommand( "SELECT ID, FullName FROM User WHERE Login='" + Login.Text + "' AND Password='" + Password.Text + "'"); 这种类型的错误相当常见，在一般情况下这个SQL语句执行没有任何问题，但是如果往用户的密码框里填上 ' OR ''=' 那么这个验证就被跳过去了。 当然高级的injecition 需要不停的试最终找到你的se<img src ="http://blog.csdn.net/goldcattle/aggbug/1721893.aspx" width = "1" height = "1" />Thu, 02 Aug 2007 09:34:00 +0800goldcattlehttp://blog.csdn.net/goldcattle/archive/2007/08/02/1721893.aspx#Feedbackhttp://blog.csdn.net/goldcattle/archive/2007/08/02/1721893.aspxgoldcattlehttp://blog.csdn.net/goldcattle/archive/2007/07/12/1685962.aspxhttp://blog.csdn.net/goldcattle/comments/1685962.aspx0http://blog.csdn.net/goldcattle/comments/commentRss/1685962.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=1685962Fuzz Testing<img src ="http://blog.csdn.net/goldcattle/aggbug/1685962.aspx" width = "1" height = "1" />Thu, 12 Jul 2007 10:31:00 +0800goldcattlehttp://blog.csdn.net/goldcattle/archive/2007/07/12/1685962.aspx#Feedbackhttp://blog.csdn.net/goldcattle/archive/2007/07/12/1685962.aspxgoldcattlehttp://blog.csdn.net/goldcattle/archive/2007/05/25/1624905.aspxhttp://blog.csdn.net/goldcattle/comments/1624905.aspx1http://blog.csdn.net/goldcattle/comments/commentRss/1624905.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=1624905自动化测试－提高测试效率的途径 <img src ="http://blog.csdn.net/goldcattle/aggbug/1624905.aspx" width = "1" height = "1" />Fri, 25 May 2007 10:04:00 +0800goldcattlehttp://blog.csdn.net/goldcattle/archive/2007/05/25/1624905.aspx#Feedbackhttp://blog.csdn.net/goldcattle/archive/2007/05/25/1624905.aspxgoldcattlehttp://blog.csdn.net/goldcattle/archive/2007/04/27/1586514.aspxhttp://blog.csdn.net/goldcattle/comments/1586514.aspx2http://blog.csdn.net/goldcattle/comments/commentRss/1586514.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=1586514XML库的解析效率 XML库的解析效率主要包括解析、存储、导出、遍历、修改、XPath定位 等等。 XML的访问模型主要有三种，DOM， SAX，PULL。 DOM即Document Object Model，是最常用的XML解析库。DOM 适用的范围是频繁的不定向随机性访问，以及进行 xslt 之类的转换。 例如如果你需要用xpath 查询或者你要遍历, DOM.还是不错的 只读不只读基本上对规模/性能没什么太大影响. BTW XSLT的功能还是相当强大的。 如果格式基本上固定的单向读取，即不用遍历, 或者一次性遍历, SAX 就是了. 如果格式比较灵活且对效率要求高 pull 模型适用， XmlLite是基于 pull 模型的。在第四期的MSDN magazine上有关于XML lite的讨论。 因为 sax 是由 reader 将所有内容推给你，pull 则是在需要的时候将信息从 reader 拉回来，如果一个节点忽略不处理时，sax 引擎后台还是解析pull 则只需要做最简单的 tag 匹配就可跳过。 DOM在进行解析时基本上也<img src ="http://blog.csdn.net/goldcattle/aggbug/1586514.aspx" width = "1" height = "1" />Fri, 27 Apr 2007 08:11:00 +0800goldcattlehttp://blog.csdn.net/goldcattle/archive/2007/04/27/1586514.aspx#Feedbackhttp://blog.csdn.net/goldcattle/archive/2007/04/27/1586514.aspxgoldcattlehttp://blog.csdn.net/goldcattle/archive/2007/04/26/1586486.aspxhttp://blog.csdn.net/goldcattle/comments/1586486.aspx0http://blog.csdn.net/goldcattle/comments/commentRss/1586486.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=1586486重新开张<img src ="http://blog.csdn.net/goldcattle/aggbug/1586486.aspx" width = "1" height = "1" />Fri, 27 Apr 2007 07:30:00 +0800goldcattlehttp://blog.csdn.net/goldcattle/archive/2007/04/26/1586486.aspx#Feedbackhttp://blog.csdn.net/goldcattle/archive/2007/04/26/1586486.aspxgoldcattlehttp://blog.csdn.net/goldcattle/archive/2005/07/29/439438.aspxhttp://blog.csdn.net/goldcattle/comments/439438.aspx0http://blog.csdn.net/goldcattle/comments/commentRss/439438.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=439438使用iterator 的注意点<img src ="http://blog.csdn.net/goldcattle/aggbug/439438.aspx" width = "1" height = "1" />Sat, 30 Jul 2005 01:23:00 +0800goldcattlehttp://blog.csdn.net/goldcattle/archive/2005/07/29/439438.aspx#Feedbackhttp://blog.csdn.net/goldcattle/archive/2005/07/29/439438.aspxgoldcattlehttp://blog.csdn.net/goldcattle/archive/2005/02/26/303176.aspxhttp://blog.csdn.net/goldcattle/comments/303176.aspx0http://blog.csdn.net/goldcattle/comments/commentRss/303176.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=303176一道面试题的递归思路的解法。<img src ="http://blog.csdn.net/goldcattle/aggbug/303176.aspx" width = "1" height = "1" />Sun, 27 Feb 2005 01:48:00 +0800goldcattlehttp://blog.csdn.net/goldcattle/archive/2005/02/26/303176.aspx#Feedbackhttp://blog.csdn.net/goldcattle/archive/2005/02/26/303176.aspxgoldcattlehttp://blog.csdn.net/goldcattle/archive/2005/02/15/287966.aspxhttp://blog.csdn.net/goldcattle/comments/287966.aspx0http://blog.csdn.net/goldcattle/comments/commentRss/287966.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=287966mp3player link<img src ="http://blog.csdn.net/goldcattle/aggbug/287966.aspx" width = "1" height = "1" />Tue, 15 Feb 2005 08:35:00 +0800goldcattlehttp://blog.csdn.net/goldcattle/archive/2005/02/15/287966.aspx#Feedbackhttp://blog.csdn.net/goldcattle/archive/2005/02/15/287966.aspxgoldcattlehttp://blog.csdn.net/goldcattle/archive/2004/12/19/222247.aspxhttp://blog.csdn.net/goldcattle/comments/222247.aspx0http://blog.csdn.net/goldcattle/comments/commentRss/222247.aspxhttp://tb.blog.csdn.net/TrackBack.aspx?PostId=222247STL源代码分析的第一章基本的东西<img src ="http://blog.csdn.net/goldcattle/aggbug/222247.aspx" width = "1" height = "1" />Mon, 20 Dec 2004 07:40:00 +0800goldcattlehttp://blog.csdn.net/goldcattle/archive/2004/12/19/222247.aspx#Feedbackhttp://blog.csdn.net/goldcattle/archive/2004/12/19/222247.aspxgoldcattle