Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Reelya]

a lambda is just a function which doesn't have a name. other than that they're just a normal function. But because they don't have a name they have to be written out fully where they're used instead of using the function name. Clearly, if a function is used more than once then you might as well just make it a normal function rather than a lambda.

Here's a C++ example:

Code: [Select]

#include <algorithm>
#include <cmath>
void abssort(float* x, unsigned n) {
    std::sort(x, x + n,
        // Lambda expression begins
        [](float a, float b) {
            return (std::abs(a) < std::abs(b));
        } // end of lambda expression
    );
}
Normally, the std::sort function takes a pointer to a function used to define the comparision operation for the data type you created. Here, rather than pass a pointer to that function the coder has defined a "nameless" c++ function (it's actually "named" []) entirely within the parameter list of the std::sort function. Basically the entire body of the nameless lambda function is a parameter inside the other function call.

[DJ]

Why would you ever want to use that?

[Arx]

I think if you want to use a function as an argument for another function, but only once and so you don't want the function cluttering up your code. I can't say I see the need myself, but I'm not a professional.

[DJ]

It looks more cluttering to me to write out a whole function inside an argument list than to use a normal function.

[Levi]

Ruby has great examples of lambda's.  Lets say you want to sort a list of hashes by property 'b'.

Code: [Select]

list = [{'a' => 3,'b' =>3},{'a' => 3,'b' =>1},{'a' => 3,'b' =>8},{'a' => 3,'b' =>2}]


newlist = list.sort() {|elem1,elem2|  elem1['b'] <=> elem2['b']  } #Spaceship operator is a magic amazing comparator used for sorting.



[alway]

Because functional programming. Let's use a classic 'reduce' operation as an example.

Code: [Select]

int reduce( int ListOfStuff[], int AmountOfStuff, foo(int, int) operation )
{
   int Output = ListOfStuff[0];
   for( int i = 1; i < AmountOfStuff; i++ )
   {
      Output = operation( Output, ListOfStuff[i] );
   }
}

Now, say we wanted to do this general pattern, we could make this relatively simple function do an absurdly large number of things

Code: [Select]

// Sum all the values
reduce( ListOfStuff, AmountOfStuff, lambda function(A,B){ return A + B; });

// Multiply all the values
reduce( ListOfStuff, AmountOfStuff, lambda function(A,B){ return A * B; });

Alright, so now I've explained why function pointers are useful. So what's special about lambdas? Well, for one, you don't need to dance around naming conventions or define these tiny functions elsewhere (and thus potentially obscuring what is going on), then wrangle up function pointers for them and so on.

There's also another interesting factoid about them: static variables.

Spoiler (click to show/hide)

Code: [Select]

for( int i = 0; i < NumberOfLists; i++ )
{
  reduce( ListsOfStuff[i], AmountsOfStuff[i], lambda function(A,B)
  {
    static int State = 0;
    if( State % 2 )
    {
       State = 6;
       return State;
    }
    else
    {
       State = B;
       return A + B + 6;
    }
  });
}
So in the above code, we're now processing several arrays of stuff. To do so, we're using an internal function with state. That state is being set by the data fed in; but it could be a counter, or any number of other things the function has access to. Now this state is somewhat special in a few ways.

First, it is completely encapsulated. There is nothing outside of that function which can possibly access or tamper with that state. Without explicitly modifying it within that block of code there, nothing will ever touch it, and so if the lambda is free of bugs, the state is free of bugs.

Secondly, that state persists with the lambda from what I can tell from StackOverflow. So if the state was a counter or a cumulative sum or something of that sort, it could be used to process a bunch of data, no matter how it was broken down into individual ListsOfStuff.
[though keep in mind, at this point we're sort of outside the realm of functional programming, since we got states involved]

In C++, you can also capture scope of things outside itself; which is really the big deal but into which I have not delved.

So it has its uses, though like most stuff in C++, there's multiple other ways of doing it; but it does have its uses.

[alexandertnt]

Most of the use I find is with capturing variables in outer scopes.

Code: [Select]

int[] myArray = GetInts();
int myValue = GetWhatImLookingFor();
int numberOfMyValue = myArray.Count(x => x == myValue); // lambda

So unlike a normal function, I can access myValue and I dont have to define it as a class property/static or any workarounds like that. Plus I can avoid the tired old "foreach thing, if its myValue, add one to some counter variable etc", and using a lambda with Count is more readable and immediately clear what is going on.

[Orange Wizard]

Syntax error.

Also, not a lambda.

Yeah, I didn't know what a lambda is. Also, how does it give a syntax error?

[Angle]

Spoiler (click to show/hide)

Does anyone know how to make text wrap from line to line inside an SVG element? I found the reference for textArea, but that's not being implemented in firefox.

Gah, if I was at work I could help.  I think it was something "flow". 


Edit:  Ah here it is:  http://www.w3.org/TR/2004/WD-SVG12-20041027/flow.html

Code: [Select]

<flowRoot font-size="16">
    <flowRegion>
      <path d="M100,50L50,300L250,300L300,50z"/>
    </flowRegion>
      <flowPara>Tomorrow, and tomorrow, and tomorrow; creeps in this
       petty pace from day to day, until the last syllable of recorded time.
       And all our yesterdays have lighted fools the way to dusty death.
     </flowPara>
  </flow>
You can use a rect instead of a path, that is what I usually do.

I cannot get that to work in firefox, under either window or linux. As far as I can tell, that kind of thing only works in inkscape. I'll post my code below, just in case.

Spoiler (click to show/hide)

<!DOCTYPE html>
<!--
To change this license header, choose License Headers in Project Properties.
To change this template file, choose Tools | Templates
and open the template in the editor.
-->
<html>
    <head>
        <title>TODO supply a title</title>
        <meta charset="UTF-8">
        <meta name="viewport" content="width=device-width, initial-scale=1.0">
    </head>
    <body>
        <svg width="400" height="400">
        <rect style="fill:rgb(0,0,255);" width="300" height="300"></rect>
            <flowRoot>
                <flowRegion>
                  <rect width="300" height="300"></rect>
                </flowRegion>
                <flowPara>Tomorrow, and tomorrow, and tomorrow; creeps in this
                    petty pace from day to day, until the last syllable of recorded time.
                    And all our yesterdays have lighted fools the way to dusty death.
                </flowPara>
            </flowRoot>
        </svg>
    </body>
</html>

[Skyrunner]

How does web security even work x.x

I've been trying to make my webapp-in-progress a modicum of security. My current scheme is encrypting the password client-side and sending it to a server for verification, then if it's correct sending back a random string of letters that serves as a token to be passed with future POST requests. But what is there to say that the hashed password won't be intercepted and then used in future attempts to authenticate falsely?! D: Or some malicious person named Eve could inject javascript into the page somehow and strip off the password. :|

[optimumtact]

How does web security even work x.x

I've been trying to make my webapp-in-progress a modicum of security. My current scheme is encrypting the password client-side and sending it to a server for verification, then if it's correct sending back a random string of letters that serves as a token to be passed with future POST requests. But what is there to say that the hashed password won't be intercepted and then used in future attempts to authenticate falsely?! D: Or some malicious person named Eve could inject javascript into the page somehow and strip off the password. :|

Essentially there is always the risk that someone can sniff the authentication token and steal the session, or figure out some way of causing your client to leak the session and or authentication information

https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project is a good starting point to identify common attacks against web clients that can leak either session or authentication information.

In summary, you can't always protect against token sniffing, To my mind, having and using HTTPS and really safely handling user input (escaping before displaying on page, using parametrized queries) are the key things to get right in order to minimize the risks.

[Skyrunner]

What are the two things you mentioned--escaping before displaying on page and parametrized queries? Those are as good as alien to me.

Is HTTPS gained by simply enabling SSL on one's site/server?

edit: I realized what escaping is.

[optimumtact]

What are the two things you mentioned--escaping before displaying on page and parametrized queries? Those are as good as alien to me.

Is HTTPS gained by simply enabling SSL on one's site/server?

edit: I realized what escaping is.

Parameterized queries is a style of accessing an SQL database. I don't know if you're using one or not but I'll try to explain.

It used to be for the longest time that you would write SQL queries acting on user input by simply adding strings together, i.e SELECT * FROM USER WHERE NAME='+username+';  with the username value provided by a user form input.

The problem was, malicious attackers would simply give their username as ';SELECT * FROM USER, the database engine would then interpret this as two queries, the first would be SELECT * FROM USER WHERE NAME='' and the second would be SELECT * FROM USER as you can see the second one doesn't do what you might expect and just selects all users, instead of one with specific username.

You could also do more active attacking type things, like giving UPDATE USER SET password = 'knownpassword'; as your username and updating all the users to use a password the attacker knows.

At first the response was just to develop methods to escape the user data, but this quickly became error prone and dangerous and often would fail on very unexpected edge cases.
In response to this they developed parameterized queries, they look like this SELECT * FROM USER WHERE NAME = ?
You would then pass the user data in at runtime to the database like this query_db(SELECT * FROM USER WHERE NAME = ?, username) //this changes based on your chosen language and db API

The database would then know to always treat the username value as data and would never execute it as part of the SQL commands, preventing the user from attacking your site in this manner.

HTTPS is indeed gained by enabling SSL, although technically the current standard cryptographic suite used for HTTPS is in fact TLS. There are plenty of guides to enabling SSL/TLS available for most common webservers. You don't even have to purchase a proper SSL cert, if it's just a testing application you can simply use a self signed certificate.

[EnigmaticHat]

So, I've been learning Python over the last few months, and I knew I would do some things badly.  And for the most part I've recognized them and stopped doing them.  But I just realized that one thing has just totally slipped past me.  Which is that, despite knowing the whole time that

Code: [Select]

for i in list:works, I've been writing it as:

Code: [Select]

for i in range(len(list)):Because that's what I've done in the past, I think there was some tutorial that did it that way, and it just... didn't occur to me to ask why if there was a better way.  WTF me.

[optimumtact]

So, I've been learning Python over the last few months, and I knew I would do some things badly.  And for the most part I've recognized them and stopped doing them.  But I just realized that one thing has just totally slipped past me.  Which is that, despite knowing the whole time that

Code: [Select]

for i in list:works, I've been writing it as:

Code: [Select]

for i in range(len(list)):Because that's what I've done in the past, I think there was some tutorial that did it that way, and it just... didn't occur to me to ask why if there was a better way.  WTF me.

These will have different results, assuming I'm recalling my python correctly and it may be that you need one style or the other

Code: [Select]

for i in list:For each iteration this will make i an instance of whatever object is in list for that current step of the iteration

Code: [Select]

for i in range(len(list)):Whereas this will make i an index into the list as range returns a list of number from 0 to len(list), so to get the actual item from the list you'd have to do

Code: [Select]

item = list[i]