When a RadValidationRule has the "PropertyName" assigned to a non-existent property, the RadVAlidationProvider.ValidateCore throws a NullReference exception because the property cannot be found via reflection and throws no error handling.
From OpenEdge ABL class, this is the code written into the forms InitializeComponent method. The "IsValid" property doesn't actually exist.
radValidationRule3:AddControl(THIS-OBJECT:myTextBox). radValidationRule3:Operator = Telerik.WinControls.Data.FilterOperator:IsNotEqualTo. radValidationRule3:PropertyName = "IsValid". radValidationRule3:ToolTipText = "Test". radValidationRule3:Value = TRUE.
While we don't expect the functionality to actually work because the property isn't actually available to .NET, but the NullReferenceException is poorly handled.
I've attached a screenshot of the bit of code from RadValidationProvider.ValidateCore where this occurs. This is from version 2020.3.1020.20
Here is the thrown stack exception details from visual studio.
System.NullReferenceException
HResult=0x80004003
Message=Object reference not set to an instance of an object.
Source=Telerik.WinControls.UI
StackTrace:
at Telerik.WinControls.UI.RadValidationProvider.ValidateCore(Object sender, EventArgs e)
This
Documentation about High-DPI mechanisms available on the website is very outdated and mostly does not consider the changes and improvements that Microsoft made with .net 7.0 and 8.0.
What's needed is thorough documentation about Telerik's behavior in comparison with the different situations on .net Framework 4.9 and the major .net Versions 6.0, 7.0, and 8.0.
Kind regards
Erwin
Top Level Exception
Type: System.OverflowException
Message: Arithmetic operation resulted in an overflow.
Source: TelerikCommon
Stack Trace: at Telerik.WinControls.NativeMethods.GetMonitorDpi(Screen screen, DpiType dpiType)
at Telerik.WinControls.VisualElement.GetScaledFont(Single scale, Font fontToScale)
at Telerik.WinControls.UI.LightVisualElement.CreateTextParams()
Repro-steps:
- Create a RadGridView
- MultiSelect = true
- SelectionMode = CellSelect
- Fill it with lots of cells (in my case: 7 columns, 8544 rows)
- Press CTRL-A
- Press Delete
Expected behavior:
- All rows are gone
Observed behavior:
- 50/50 change that some rows remain.
I traced the problem back to the method GridViewSleectedCellsCollection.IsSelected / GetHashCodeString.
internal bool IsSelected(GridViewRowInfo row, GridViewColumn column) => row != null && column is GridViewDataColumn && this.hashtable.Contains((object) this.GetHashCodeString(row, column));When a cell is selected with GridViewCellInfo.IsSelected = true, it checks if it has already been selected. It does so by calling GridViewSleectedCellsCollection.IsSelected. which checks if a HasCodeString is already in a hashtable. But, when another selected cell has the same HasCodeString, the result is (incorrectly) true, which will result in not added it to the collection of selected cells.
I guess that is can be easily fixed by changing:
private string GetHashCodeString(GridViewRowInfo row, GridViewColumn column)
{
int hashCode = row.GetHashCode();
string str1 = hashCode.ToString();
hashCode = column.GetHashCode();
string str2 = hashCode.ToString();
return str1 + str2;
}to:
private string GetHashCodeString(GridViewRowInfo row, GridViewColumn column)
{
int hashCode = row.GetHashCode();
string str1 = hashCode.ToString();
hashCode = column.GetHashCode();
string str2 = hashCode.ToString();
return str1 + "_" + str2;
}Since hashcodes 1 + 23 will result in the same string as hashcodes 12 + 3.
Making this change will reduce the problem significantly, but not entirely since hashCodes will never be unique.
Apply the Office2010Silver theme to your application since it has a good border indication for the focus in RadSpinEditor.
Please run the attached project and click in the RadSpinEditor that is not in the RadPopupContainer. You will notice that when you move the mouse away that the border is highlighted in yellow showing that the control has complete focus. Now, click in the RadSpinEditor that is in the RadPopupContainer and move your mouse away. You will notice that the border is not highlighted in yellow indicating that it does not have focus. You can also see that it does not fire the GotFocus event. If you click closer to the border out of the "TextBox" area, the control border will stay yellow showing complete focus and fire off the GotFocus event. However, in this case, the caret is not displayed.
Workaround: handle the GotFocus/LostFocus events for the SpinElement.TextBoxItem and apply the desired border for indicating the focus.
Workaround: manually increase the font of the controls
protected override void OnShown(EventArgs e)
{
base.OnShown(e);
var dpi = NativeMethods.GetSystemDpi();
this.Font = new Font(this.Font.Name, this.Font.Size * dpi.X / 96, this.Font.Style);
this.radMenu1.Font = new Font(this.radMenu1.Font.Name, this.radMenu1.Font.Size * dpi.X / 96, this.radMenu1.Font.Style);
this.radCommandBar1.Font = new Font(this.radCommandBar1.Font.Name, this.radCommandBar1.Font.Size * dpi.X / 96, this.radCommandBar1.Font.Style);
}
UI for WinForms - Latest version.
RadRibbonBarBackstageView - Edit UI Elements
RootRadElement.BackstageViewElement.BackstageItemsPanelElement.BackgroundImage
Click the … button and select your image.
To REMOVE this image you SHOULD be able to do the following:
click on the property BackgroundImage which should highlight the image-string completely.
click delete.
done.
What you HAVE to do is this:
click on the property BackgroundImage.
click delete.
BEFORE YOU LEAVE THIS PROPERTY you have to click the … box
Once the box opens you have to click "Cancel"
Right below this property is BackgroundImageLayout - set to "Center"
There's a dropdown arrow presumably to allow you to change the layout but nothing happens when you click it.
*Missing Property?*
Whatever image you place in this control it gets stretched and there doesn't appear to be any way to avoid this:
place an image.
run the winforms ap.
set the main form in normal mode (not maximized) and resize the height.
Your image will stretch, shrink...this is not a UI property that should be presumed. We should be able to set None, Tile, Center, Stretch or Zoom.
Still *LOVE* your products :)
Kindest regards,
Curtis Smith
## Summary:
During security testing of the email change functionality on the Telerik website, it was discovered that the application can be vulnerable to an account takeover attack. The vulnerability allows an attacker to change the email address associated with an account to their own email address, effectively taking over the victim's account.
## Vulnerability Details:
- **Functionality Description:**
- The Telerik website provides a functionality for users to request a change in their email address.
- This functionality consists of two sections: current email and new email.
- The current email is not accessible from the user interface, while the new email can be inputted by the user.
- After inputting the new email and clicking the "Change Email" button, the user's request is processed.
- **Attack Scenario:**
1. **Attacker Inputs Their Email:** The attacker inputs their own email address in the new email section.
2. **Intercepting the Request:** Using interception tools, the attacker intercepts the request before it is sent to the server.
3. **Modifying the Request:** The attacker modifies the request to replace their own email address with the victim's email address in the current email section.
4. **Consent Form Manipulation:** Additionally, the attacker can manipulate the consent form associated with the email change request to gain access to the victim's account without their consent.
5. **Changing the Email Address:** The modified request is forwarded to the server, resulting in the victim's email address being changed to the attacker's email address.
## Impact:
- **Account Takeover:** The vulnerability allows an attacker to take over the victim's account by changing the email address associated with it.
- **Data Access:** Once the attacker gains access to the victim's account, they may have unauthorized access to sensitive data and functionalities associated with the account.
## Mitigation Recommendations:
- **Input Validation:** Implement strict input validation to ensure that only legitimate email addresses are accepted in the new email section.
- **Consent Verification:** Require additional verification steps, such as email confirmation or user authentication, before processing email change requests.
- **Session Management:** Implement session management mechanisms to detect and prevent unauthorized access to account settings and functionalities.
- **Security Awareness:** Educate users about the risks of phishing attacks and social engineering tactics used by attackers to gain unauthorized access to accounts.
## Affected URL:
- Email Change Functionality: [https://www.telerik.com/account/support-center/email-change](https://www.telerik.com/account/support-center/email-change)
## Conclusion:
The discovered vulnerability poses a significant security risk to Telerik website users by allowing attackers to take over accounts through manipulation of the email change functionality. It is imperative for the development team to address this vulnerability promptly by implementing appropriate security controls and mitigations to safeguard user accounts from unauthorized access.
**Best Regards,**
Sagar Dhoot
Windows Forms on .net 6.0 / 7.0 / 8.0 diverges more and more from .net Framework 4.x.
Please release a version of the Demo Application that is based on the current Microsoft Release.
Hi
It would be cool if the SyntaxEditor automatically changed the default palette if the selected scheme was dark.
Regards
Erwin
Hi,
Please, add a property or method to the RadWebCam control to set video bit rate or quality. Currently is fixed a 4 mbits and it results in very poor image quality at high resolutions.
Please find attached images to see the difference between snapshot and video recording. With fast moving pictures is even worse.
Thanks.
RadVirtualGrid is created to support a million records or more. Still it contains some "heavy" operations like CopySelection/CutSelection/Paste which can take a long time.
I would like to intercept these methods so I can show a "Please wait"-window during the operation. Furthermore I have the need to set a flag to true when such a operation is executing.
PerformClick method of RadButtonElement is sending next error:
System.InvalidCastException: 'Unable to cast object of type 'System.EventArgs' to type 'System.Windows.Forms.MouseEventArgs'.
Find my code below:
private void btnAddField_Click(object sender, EventArgs e)
{
RadDiagramShape sourceShape = new RadDiagramShape()
{
Text = "source",
Shape = new RoundRectShape(5),
BackColor = Color.Red
};
sourceShape.Position = new Telerik.Windows.Diagrams.Core.Point(150, 100);
radDiagram.AddShape(sourceShape);
sourceShape.IsSelected = true;
RadButtonElement additionalContent = Telerik.WinControls.UI.Diagrams.Primitives.ItemInformationAdorner.GetAdditionalContent(
this.radDiagram.DiagramElement.ItemInformationAdorner) as RadButtonElement;
additionalContent.PerformClick();
}
What I want is to display the SettingsPane automatically when adding a RadDiagramShape item in a RadDiagram
Regards
Hi- When I add a Rad context menu to a RadToolbarForm, the toolbar vanishes from the designer after a build. This is new behavior because I have other context menus that I had previously added to the form. If I drag a RadContextMenu from the toolkit, or I copy/paste an existing context menu, the toolbar disappears after a build. I am running the latest release (2024.1.130) and toolkit config (although this also happens when running the previous Telerik release)
I tried closing the designer before the build and the toolbar still disappears. Doing a Clean before build has no effect. This form is inherited from a simple RadToolbar form (no controls except the toolbar). The toolbar is still listed in the list of controls for the form
Ha! Just found out what's happening. It's deleting the toolbar configuration code from the designer code. Everything below is gone. If I add it back in, then do anything with the new context menu, like rename it, it gets removed again
// RadToolbarFormControl1
//
RadToolbarFormControl1.AutoSize = false;
RadToolbarFormControl1.CenterItems.AddRange(new Telerik.WinControls.RadItem[] { RadLabelElement1, RadButtonElement_Task_New, RadButtonElement_Task_Edit, RadButtonElement_Task_Delete, RadCheckBoxElement_ShowCompleted });
RadToolbarFormControl1.CenterItemsVerticalAlignment = Telerik.WinControls.UI.RadVerticalAlignment.Bottom;
RadToolbarFormControl1.FarItems.AddRange(new Telerik.WinControls.RadItem[] { RadLabelElement_WorkHours, RadLabelElement_Work_StartDate, RadLabelElement_Work_EndDate, RadButtonElement_SelectDates, RadButtonElement_Invoices, RadButtonElement_Summary });
RadToolbarFormControl1.NearItems.AddRange(new Telerik.WinControls.RadItem[] { RadLabelElement2, RadLabelElement_Projects, RadButtonElement_New, RadButtonElement_Edit, RadButtonElement_Delete, RadButtonElement_Refresh });
RadToolbarFormControl1.ShowText = false;
RadToolbarFormControl1.Size = new Size(1804, 52);
Here's my dev environment:
Microsoft Visual Studio Community 2022Version 17.8.7
VisualStudio.17.Release/17.8.7+34601.278
Microsoft .NET Framework
Version 4.8.09037
Installed Version: Community
ActiveReports 16 16.3.1.0
The first report writer for Microsoft .NET
ASP.NET and Web Tools 17.8.358.6298
ASP.NET and Web Tools
Azure App Service Tools v3.0.0 17.8.358.6298
Azure App Service Tools v3.0.0
C# Tools 4.8.0-7.23572.1+7b75981cf3bd520b86ec4ed00ec156c8bc48e4eb
C# components used in the IDE. Depending on your project type and settings, a different version of the compiler may be used.
Code Converter 1.0
Code Converter Extension Details
Common Azure Tools 1.10
Provides common services for use by Azure Mobile Services and Microsoft Azure Tools.
Microsoft JVM Debugger 1.0
Provides support for connecting the Visual Studio debugger to JDWP compatible Java Virtual Machines
NuGet Package Manager 6.8.1
NuGet Package Manager in Visual Studio. For more information about NuGet, visit https://docs.nuget.org/
Progress Telerik UI for WinForms Extension 2023.3.1110.93
Progress® Telerik® UI for WinForms Extension
TypeScript Tools 17.0.20920.2001
TypeScript Tools for Microsoft Visual Studio
Visual Basic Tools 4.8.0-7.23572.1+7b75981cf3bd520b86ec4ed00ec156c8bc48e4eb
Visual Basic components used in the IDE. Depending on your project type and settings, a different version of the compiler may be used.
Visual F# Tools 17.8.0-beta.23475.2+10f956e631a1efc0f7f5e49c626c494cd32b1f50
Microsoft Visual F# Tools
Visual Studio IntelliCode 2.2
AI-assisted development for Visual Studio.
I can't provide a project or even code snippets that would make sense out of context because the code base is too complex for an easy replication to be setup.
We are trying various things like calling Refresh, Update.
Hoping this is something you've encountered before and have some suggestions.