Recent Posts

    Authors

    Published

    Tag Cloud

    301 302 404 accessibility accounts ACLs advertising aggregation Agile Analytics android APP Article attachments awards backup BCM beta browser business continuity Calendar case-study categories Chrome citigroup cms codes coding standards Complaints contact management software control panel crm CSS customer management software customer relationship system customize database DataModel DDoS demo design designer device compatibility difference distribute a published article via email DND DNS documents drag & drop Editor email EOL erp event Excel featured feeds file manager file sharing file volume Firefox Firewall HA hack Handlebar how-to HTML HTML5 HTTP HTTPS iCal IE Instructions intranet iOS iPad Java JavaScript JDBC JDK Jenkins Job Track Journal JSON JVM landing-page launcher layered database layout logging login mac marketing menu meta Microsoft Outlook mobile module modules mustache navigation NTLM offline page painter password passwords PCI policy poll pricing privacy PROXY publish publisher publsher PWA redirect Redundancy release release-notes Report Tool Reports Responsive ReST RESTFul Rich text RSS Safari sandbox sanity schedule scrum search security SEO sessions setup shipping site builder source spell SQL Injection SSL SSO standards store stSoftware support survey Swagger Task template testimonial Threads timezone tinyMCE Transaction Search trigger twitter twitter bootstrap Ubuntu unit tests unsubscribe URL validation WC3 AAA web folders web services webdav windows 8 wizard workflow WYSIWYG XLS XLST XML XPath XSS
    How are SQL Injection attacks prevented?

    SQL injection is a code injection technique, used to attack data driven applications like stSoftware.

    stSoftware systems support a number of web accessible protocols including:-

    • ReST
    • SOAP
    • Web Forms
    • GWT RPC 

    All protocols access the underlying data through the DAL ( data access layer). There is NO direct access to the underlying data store no matter which protocol is used. Each protocol accepts the request to read or write data and then perform the protocols validations and then passes the request on to the DAL to execute the request which in turn validates the request, checks the user's access and perform any validations before returning the result.

    SQL & XSS attacks are automatically tested for each of the supported protocols. Listed below are the standard SQL injection strings attempted.

    SQL Injection String
    "&amp;%00<!--\'';你好
    \'; DROP

    by:Nigel Leck - 14 Mar 2014
    How can stSoftware's CMS be used to manage events and resources?

    Events and Resources are managed through multiple Modules.

    They are briefly outlined here;

    Events

    • Details, site, time and date, duration


    • Invite attendees – select attendees then click send invitation button to send template email to all attendees & record status and attendance


    Scheduler

    • scheduling events - resources according to availability, skill set, location


    Admin

    • manage staff resources – availability rules, specialisations and rates


    Timeline

    • Easy graphical interface for tasks, events, jobs (projects

    by:Angus Leck - 13 Mar 2014
    Exporting Reports to PDF and Excel

    Click on the Export button and then choose the file format of your choice: CSV, PDF or Spreadsheet (EXCEL)

    Export

     

     

    Marking the records by clicking on the left hand checkbox, will export only the selected records.


    by:Liam Itzhaki - 11 Mar 2014
    New template "Munter"

    A new template "Munter" has been added to our Content Management System (CMS). Munter is a very handsome Bootstrap 3 theme. Comes with beautiful features like a fixed arrows navigation, a nice portfolio showcase and a smooth scroll.

    Home page - mobile

    Munter iPhone

     


    by:Lei Gao - 7 Mar 2014
    What is the recommended upgrade schedule for self hosted systems?

    We recommend at least quarterly maintenance release are installed to your test environment, tested then promoted to your production system as part of the normal software maintenance cycle.

    Regular and timely updates reduce the risks of running a live system that is out of sync with stSoftware's current version and enables your users to benefit from our R&D program, which is our investment and commitment to continually improve our systems for our customers (in recent years we have typically invested over


    by:Nigel Leck - 4 Mar 2014
    Windows Active Directory Single Sign-on for stSoftware servers

    Overview

    Single sign using Microsoft LAN Manager (NTLM) allows users within a intranet enviroment to use the system without the need to re-enter their password once they have logged into the Windows network.

    Note the NTLM protocol can only be used within a internet environment.  


    by:Nigel Leck - 2 Mar 2014
    New template "Grayscale"

    A new template "grayscale" has been added to our Content Management System (CMS). This template is a fully functional, premium quality Bootstrap theme. It includes the following features:

    • Easing scroll function for smooth navigation
    • Fully Functional, home + 3 pages Website
    • Google Map of your office location
    • All site details can be updated via the site wizard

    by:Lei Gao - 28 Feb 2014
    New template "Business Casual"

    The Content Management System (CMS) contains a new template "Business Casual"


    by:Lei Gao - 26 Feb 2014
    Site Wizard can create a professional site in minutes.

    Our site wizard is a simple way to get a professional website

    Simply click on the wizard, enter your company details into the form provided and your information will automatically populate the pre-designed website template of your choice, giving you a quality website in minutes. You can choose to use this website, change the template, or tweak it to your hearts content, our system is accommodating and easy to use. 

    There are a number of pre-designed site templates included in the base system.


    by:Nigel Leck - 26 Feb 2014
    What is the new Calendar?

    The new Calendar is a full-sized, drag & drop calendar. It uses AJAX to fetch events on-the-fly for each month/week/day.

    Select from the filters to change the date range and items displayed according to type, category, status and assign to. Items are tasks, events, sales opportunities or jobs which have been entered and scheduled to a day and time. You'll see items in the calendar. Click on the item to see the details of the item. You can switch between the calendar and timeline view any time.

    We've listed some handy Calendar Tips at the


    by:Lei Gao - 18 Feb 2014
    How to dynamically resize images on the server side?

    Overview

    The download of large images to the client browser which will be later resized to be a smaller image is very wasteful and slow.

    Let the server dynamically resize and cache your images with NO overhead to subsequent calls. To use in your HTML just add the desired behaviour to the URL e.g "?max-width=100"


    by:Nigel Leck - 31 Jan 2014
    What is the recommended configuration for a Linux server?

    Overview

    All Linux servers are locked down to the highest security standards possible. All services are off by default and all ports shut. Only the required services started. 

    To lock down a server:-


    by:Nigel Leck - 26 Jan 2014
    What is the new Timeline module?

    Timeline is more than a graphical representation of your JobTrack data, it is interactive allowing you to link back to the item with a click to see the full details, edit and add details.

    Select from the filters to change the date range and items displayed according to type, category and status. Items are tasks, events or sales opportunities which have been entered and scheduled to a day and time. You'll see items in timeline bands with a colour line representing their scheduled time and duration. The items you can view on


    by:Tina Odling - 23 Jan 2014
    How do I send out event invitations?

    Create a new event.

    Event

    Invite your contacts by selecting the tab 'Invite Others'

    Invite Others

     

    Send the invitation via email 

    Press the button "Send Invitation" to create an email populated with your contacts.

    The email opens up with a pre defined template that can be changed.

    email screen

     


    by:Liam Itzhaki - 16 Jan 2014
    Page Keywords Meta Tag

    The "keywords" meta tags is no longer used by any of the major search engines. Under some circumstances they can actually be scored negatively against the page rank, when a high count of irrelevant or duplicated key words are added. 

    The system will automatically de-duplicate keywords if entered. For example if "SEO, meta, Seo,tags,,," is entered as the list of keywords, the list will be converted to "SEO, meta, tags"

    Later releases will deprecate the entry of key words completely. Currently Google completely


    by:Nigel Leck - 8 Jan 2014
    Assigning a domain (host) name to your stSoftware hosted website or web system

    After you have registered a new domain name with a domain name (DNS) provider such goDaddy, or you have an exisiting domain name, you need to change the associated IP address so that your domain name points to stSoftware's servers.

    Or contact us to add "Assigning your domain name" service to your website or websystem package and we'll manage it for you.

     

    Assign your domain (host) name to the IP addresses of our servers

    Have your DNS pointed to either of the two groupings of IP addresses below;

    101


    by:Nigel Leck - 1 Jan 2014
    What is Web Forms?

    stSoftware's Forms is a web based designer

    stSoftware's Forms is a web based designer that enables web forms to be created quickly and easily. Forms can then be consumed on most common mobile devices from the internet, anywhere and anytime. stSoftware's Forms are integrated with stSoftware's Workflow to automate business processes and deliver rich cloud applications.

    Form Painter
     

    Quick and Easy Forms Design

    Empower business users and enhance developer productivity:

    • Auto-generate forms to support your business applications 
    • Customize forms quickly with

    by:Lei Gao - 20 Dec 2013
    HTML component accessibility validation

    When a HTML component is changed validations for the validity and for accessibility will be performed. 


    by:Lei Gao - 18 Dec 2013
    Check your articles,email & pages Accessibility
    • HTML code in the rich text editor to be checked

     

    • click the Check Accessibility button to check

     

    • Check results in another browser window

     


    by:Lei Gao - 18 Dec 2013
    How to configure DNS round robin for web server failover?

    Server Cluster

    A cluster of servers (two or more ) can be setup and the DNS entry for your site can be defined with the IP addresses for each of the servers, this is known as Round-robin DNS


    by:Nigel Leck - 18 Dec 2013
    Page: 1..456..13