Monday, June 27, 2016

Southwest Fox 2016 Super-Saver Deadline Approaches

The countdown clock is ticking! The Super-Saver deadline for Southwest Fox and Southwest Xbase++ 2016 is June 30th, just a few days away. We still need people to register to make the conferences happen.

The conferences take place September 22-25 in Gilbert, Arizona and we really hope you can be there. We would hate to see you miss out on the $125 discount, the FREE pre-conference session, and an opportunity to win a scholarship or a license of Stonefield Query SDK (a $6,000 value).

After checking out our list of amazing speakers and digging into our session tracks for VFP and Xbase++, head over to the registration Web site today: http://geekgatherings.com/Registration.

Wednesday, June 01, 2016

Registration for Southwest Fox 2016 now available

Registration for Southwest Fox and Southwest Xbase++ (http://www.swfox.net/register.aspx) is now available. See http://www.swfox.net/speakers.aspx for a list of speakers and http://www.swfox.net/sessionsswfox.aspx for a list of sessions. Super-Saver Registration, which saves you $125, is available only through June 30th, so don't wait.

Putting on a conference is a risky endeavor. Conference centers require a guaranteed minimum income to block the dates of a conference; for a conference like Southwest Fox, that minimum is in the tens of thousands of dollars. We have to commit to the conference center by July 2nd and need your support by July 1st to make that commitment. We will not send out any "We need your help" appeals so please do not wait; register by June 30th! We know most of you like to wait until the last minute to avoid the credit card bill arriving too soon. We will not charge any attendee credit cards or cash any checks until we have committed to going forward (sometime after July 2), so this is not is a reason to wait.

Rick, Tamar, and I look forward to seeing you in September!

Friday, May 06, 2016

Southwest Fox and Southwest Xbase++ 2016 Speakers and Sessions Announced

Speakers and sessions for both conferences have been announced. We have three new speakers this year: Alec Gagne, Andreas Gehrs-Pahl, and Chris McGuinness. I’ve known Alec and Chris for a while and am looking forward to meeting Andreas. We also have three speakers who spoken before but not in a few years: Venelina Jordanova, Jody Meyer, and Eric Selje.

I think I’m more excited about the session lineup this year than ever before. Some sessions I’m personally looking forward to seeing are:

I’m also really pumped about my two sessions: Creating Beautiful Web Sites Easily Using Bootstrap and Lessons Learned in Version Control. In fact, I’m so stoked, I’ve already started working on the white papers, which is a couple of months earlier than usual for me.

Registration opens soon; send an email to info@geekgatherings.com if you want us to email you when it’s ready. See you in September!

Monday, February 29, 2016

Southwest Fox 2016 Session Proposals Due Friday

This is just a reminder that session proposals for Southwest Fox 2016 and Southwest Xbase++ 2016 are due by 8 AM EST this Friday, March 4. If you are interested in presenting at either conference, please read the Call for Speakers and submit your proposals via the Geek Gatherings Submission Web site.

Thursday, February 25, 2016

Subscribe to ssUltimate

Jun Tangunan, the 2012 Ceil Silver Ambassador to Southwest Fox, is an incredible resource to the FoxPro community. His blog has great tips and sample code, with particular emphasis on interesting user interfaces such as colorful buttons and containers, date/time pickers, popup calculators, and much more.

Although almost everything Jun provides is free, he does ask for a $35 US fee for his ssUltimate library. That small fee is well-worth it: you get a ton of really cool classes (some of which I showed at Southwest Fox last year) that help modernize and polish your application’s UI. However, the best part is that Jun doesn’t keep any of the money for himself: it goes to helping out flood victims in the Philippines.

This is a no-brainer, folks. You get a great library of classes from a very talented and really nice guy and help out flood victims at the same time. Payment can be made via PayPal to ss.classes.jun@gmail.com. Subscribe today!

Friday, February 19, 2016

Executable Signing Using SHA-256 Certificates

A few weeks ago, a customer complained that when they downloaded the installer for Stonefield Query, they got a warning that the download was corrupted. I tried it myself and couldn’t reproduce it, so I assumed their anti-virus software was the culprit. Then a second customer had the same problem, and then a third. Googling the error message led me to this article describing the real problem: executables signed with SHA-1 certificates (which ours are) are blocked after January 1, 2016 (although it appears to be an issue on some operating systems and not others because, as I said, the downloads worked for me). Although my certificate provider had been sending me emails about upgrading to a SHA-256 certificate, for some reason, I thought it only applied to web servers.

Several years ago, I discussed signing executables with Inno Setup (which incidentally is my most popular blog post ever). There are a few changes necessary to using a SHA-256 certificate with Inno Setup, so I thought I’d document the entire process here, even those things that aren’t specific to the new certificates.

Once you’ve purchased a certificate from your chosen provider, you’ll likely get an email with a link to download the certificate into the certificate store on your machine. Normally, you’ll want the certificate in file form to make signing easier, so you need to get it out of the certificate store after you’ve downloaded it. To do so, do the following:

  • Start the Certificate Manager snap-in by running CertMgr.msc.
  • The downloaded certificate is in the Personal\Certificates section. Right-click the certificate and select All Tasks, Export to bring up the Certificate Export Wizard.
  • In the Export Private Key step, choose Yes, export the private key.
  • In the Export File Format step, Personal Information Exchange (.PFX) is already selected. Make sure Include all certificates in the certification path is turned on (it should be by default). Turn on Export all extended properties.
  • In the Security step, turn on Password and enter a password.
  • In the File to Export step, enter the name of the PFX file to create.

You can then use SignTool to sign EXEs using the PFX file. SignTool comes with Microsoft Visual Studio and the Microsoft Windows SDK. If you don’t have Visual Studio, you can download the SDK from Microsoft’s web site; search Microsoft.com for “download Windows SDK” to find the appropriate download page. You can typically find SignTool.EXE in C:\Program Files (x86)\Microsoft SDKs\Windows\v7.1a\Bin (the version number may be different depending on what version of the SDK you download and it may be in C:\Program Files instead). Here’s an example of a command to sign an EXE (the section highlighted in yellow is new for SHA-256 certificates):

"C:\Program Files (x86)\Microsoft SDKs\Windows\v7.1a\Bin\signtool.exe" sign /fd SHA256 /tr timestampServer /td SHA256 /f certificatePath /p password /d "description" fileToSign

where timestampServer is the URL to your certificate provider’s timestamp server so the certificate can be timestamped (see your provider’s documentation), certificatePath is the path to the PFX file, password is the password for the PFX, description is the description for the digital signature, and fileToSign is the path to the EXE to sign. Remember to add quotes around any path containing spaces.

It’s actually even easier than that to sign the installer generated by Inno Setup. You can do it one of two ways:

  • In the Inno Setup Compiler, choose Configure Sign Tools from the Tools menu, click Add, specify a name (I use “Standard”), and enter something like the following for the command:

C:\Program Files (x86)\Microsoft SDKs\Windows\v7.1A\Bin\signtool.exe sign /fd SHA256 /tr timestampServer /td SHA256 /f certificatePath /p password $p

Note there are no quotes in the path and that $p is a placeholder for the SignTool parameters specified in the [Setup] section. Then add the following to the [Setup] section of your ISS file:

SignedUninstaller=yes
SignTool=Standard /d $q{#MyAppName}$q $f

$q is a special symbol meaning insert a quote (you can’t use actual quotes here) and $f is a placeholder for the name of the file to be signed. This assumes you have a constant defined for MyAppName. If not, use whatever you wish for the description.

  • If you compile your ISS file using the Inno command line compiler, pass the following parameter to the compiler:

"/sStandard=C:\Program Files (x86)\Microsoft SDKs\Windows\v7.1A\Bin\ signtool.exe sign /fd SHA256 /tr timestampServer /td SHA256 /f certificatePath /p password"

Be sure to put the certificate in a path with no spaces in any of the folder names or you’ll get unhelpful error messages when you build the setup.

Tuesday, February 16, 2016

New VFPX Gauge Project

The new VFPX Gauge project allows you to quickly and easily draw attractive gauges and dashboards in your VFP applications. It uses an open source .NET component to do the actual drawing along with a small VFP wrapper class. A couple of sample forms show how to use the gauge control. Check it out!

gaugedashboard