Querying SharePoint


SharePoint, being a content management system, of course, offers a couple of ways to query its contents programmatically. Here we will explore some of these options.

Web Parts

First, of course, there are the web parts. These allow us to configure queries visually on a page. The most important web parts are:

ContentByQueryWebPart: use this for simple queries that do not return much contents, on a single site collection. Can be used in SharePoint Online. Can only be customized through XSLT.

ContentBySearchWebPart (introduced in SharePoint 2013): more powerful, but does not exist in SharePoint Online. Can handle more complex queries that can span multiple site collections and multiple levels of sorting. Can only be customized through HTML and JavaScript templates. Results can be refined.

XsltListViewWebPart/DataFormWebPart: can be used to view of a specific list. The display can be totally configured. XsltListViewWebPart is a bit more powerful.

ListViewByQuery: requires that you pass an SPList and a SPQuery instance. Can only display pre-defined views.


There are several APIs for querying, either directly or using the search index.

SPQuery: can only be applied to a single list:

var query = new SPQuery();

query.Query = "<Where><Eq><FieldRef Name='Title'/><Value Type='Text'>Bla Bla</Value></Eq></Where>";


var list = site.RootWeb.Lists["Some List"];


var table = list.GetItems(query).GetDataTable();

SPSiteDataQuery: can be applied to several lists across a site collection. Has some issues, for example, won’t return values for multi-value fields:

var query = new SPSiteDataQuery();

query.Lists = "<List Name='Tasks'/>";

query.Query = "<Where><Eq><FieldRef Name='Title'/><Value Type='Text'>Bla Bla</Value></Eq></Where>";

query.Webs = "<Web Scope='SiteCollection'/>";


var table = site.RootWeb.GetSiteData(query);

KeywordQuery: uses the search index to search for keywords, so it requires that contents are indexed beforehand, and the search service is functioning:

using (var query = new KeywordQuery(site))


    query.QueryText = "Bla Bla";

    query.ResultsProvider = SearchProvider.Default;


    var searchExecutor = new SearchExecutor();


    var resultTableCollection = searchExecutor.ExecuteQuery(query);


    var searchResult = resultTableCollection.Filter("TableType", KnownTableTypes.RelevantResults).Single();


    var table = new DataTable();

    table.TableName = "Result";

    table.Load(searchResult, LoadOption.OverwriteChanges);


FullTextSqlQuery: uses SharePoint Search SQL to execute queries, which makes it generally more powerful than KeywordQuery:

using (var query = new FullTextSqlQuery(site))


    query.QueryText = "SELECT * FROM scope() WHERE Title = 'Teste'";

    query.ResultsProvider = SearchProvider.Default;


    var searchExecutor = new SearchExecutor();


    var resultTableCollection = searchExecutor.ExecuteQuery(query);


    var searchResult = resultTableCollection.Filter("TableType", KnownTableTypes.RelevantResults).Single();


    var table = new DataTable();

    table.TableName = "Result";

    table.Load(searchResult, LoadOption.OverwriteChanges);


CrossListQueryInfo and CrossListQueryCache: performs queries in a single site collection but multiple sites, with optional audience targeting. CrossListQueryCache caches the results for a period of time:

var crossListQueryInfo = new CrossListQueryInfo();

crossListQueryInfo.Query = "<Where><Eq><FieldRef Name='Title'/><Value Type='Text'>Bla Bla</Value></Eq></Where>";

crossListQueryInfo.Lists = "<List Name='Some List'/>";

crossListQueryInfo.Webs = "<Webs Scope='SiteCollection' />";

crossListQueryInfo.UseCache = true;


var crossListQueryCache = new CrossListQueryCache(crossListQueryInfo);


var table = crossListQueryCache.GetSiteData(site.RootWeb);

Client KeywordQuery: this is the client counterpart to KeywordQuery. It uses the SharePoint Client Components, or Client Side Object Model (CSOM), which means, it accesses SharePoint through its web services. It is basically similar to the server KeywordQuery, but can be used from a remote machine:

var keywordQuery = new Microsoft.SharePoint.Client.Search.Query.KeywordQuery(ctx);

keywordQuery.QueryText = "SharePoint";


var searchExecutor = new Microsoft.SharePoint.Client.Search.Query.SearchExecutor(ctx);


var results = searchExecutor.ExecuteQuery(keywordQuery);




var searchResult = results.Value.Where(x => x.TableType == KnownTableTypes.RelevantResults.ToString()).Single();

Web Services

Search.asmx: SOAP web service that takes a SharePoint SQL query. Part of the SharePoint Foundation 2010 Web Services, now somewhat obsolete.

Lists.asmx: Another SOAP web service that can return and update items in a list.

ListData.svc: WCF Data Service REST/OData that can be used for querying (including OData queries) or modifying contents of lists.

SharePoint 2013 REST Services: new REST/OData web services introduced in SharePoint 2013. Includes _api/web, _api/search, _api/web/lists, for searches, web or list operations.

SharePoint Foundation RPC Protocol

The SharePoint Foundation RPC Protocol, now obsolete, this allowed querying, exporting contents and performing a number of other operations through the OWSSVR.DLL handler. Although almost unused nowadays, still offers the only out of the box way to, for example, export a list in XML format.


In SharePoint 2010 the JavaScript Side Object Model (JSOM) was introduced and in version 2013 it was enhanced. It is now possible to do anything that the SharePoint Client API allows.


You see, lots of ways to get contents from SharePoint, as usual. Make sure you chose the one that best suits your needs.


SharePoint 2013 .NET Server, CSOM, JSOM, and REST API index

When to use the Content Query Web Part or the Content Search Web Part in SharePoint

Choose the right API set in SharePoint 2013

Use OData query operations in SharePoint REST requests

SharePoint Server 2013 Client Components SDK

SharePoint Search SQL Syntax Reference

SpywareBlaster Database Update – March 30, 2015

12 Internet Explorer
0 Restricted Sites
0 Firefox

17175 items in database


Windows 10: Installer la build 10041 et l’apprécier…

Bonsoir Ă  tous,

L’installation de cette build peut se faire par Windows Update ou par tĂ©lĂ©chargement d’un fichier ISO français depuis ce site si vous ĂȘtes inscrit :

- ISO 64 bits http://go.microsoft.com/fwlink/p/?LinkId=522154
- ISO 32 bits http://go.microsoft.com/fwlink/p/?LinkId=522155

Pour obtenir cette derniÚre mise à jour par Windows Update, vous devez avoir installé Windows 10 à partir des derniers téléchargements disponibles ici : http://windows.microsoft.com/fr-fr/windows/preview-iso-update-1503

Dites-vous bien qu’il s’agit d’une version prĂ©liminaire et non d’une version commerciale et donc, une version que vous ne devriez pas installer sur votre machine ayant une utilisation quotidienne.
Vous pouvez utiliser une machine dédiée, une machine virtuelle Hyper-V ou VirtualBox avec Windows 8.1 ou bien une machine virtuelle hyper-V avec Windows Server.

Attention: Une fois Windows 10 Technical Preview installé, vous ne pourrez plus utiliser la partition de récupération de votre PC pour revenir à la version précédente de Windows.

Configuration requise

Globalement, si votre PC peut exĂ©cuter Windows 8.1, vous ĂȘtes prĂȘt. Si vous n’en ĂȘtes pas certain, Windows vĂ©rifiera votre systĂšme pour s’assurer qu’il peut installer la version d’évaluation.

  • Processeur : 1 gigahertz (GHz) ou plus rapide
  • MĂ©moire RAM : 1 gigaoctet (Go) (32 bits) ou 2 Go (64 bits)
  • Espace disque disponible : 16 Go
  • Carte graphique : pĂ©riphĂ©rique graphique Microsoft DirectX 9 avec pilote WDDM
  • Un compte Microsoft et un accĂšs Internet

Pour mettre à jour votre build 9926 avec la 10041, pensez à modifier la façon dont vous recevez les mises à jour, de cette maniÚre :





Choisissez comment les builds doivent ĂȘtre installĂ©es. Si vous dĂ©sirez les installer dĂšs leur disponibilitĂ©, sĂ©lectionnez “Fast”.

Une fois le paramétrage effectué, les mises à jour se rendent disponibles



Bonne soirée.

Mystartsearch.com Browser Hijacker Removal Guide

The Mystartsearch.com adware is a browser hijacker that is bundled with free programs you download off of the Internet. Many free programs are wrapped in an adware installer that installs programs like this hijacker in order to generate revenue for the freeware developer. Unfortunately, many of these programs are just as bad as normal computer malware and can have a harmful effect on your computer. The mystartsearch.com adware is a browser hijacker that changes browser shortcuts, your browser search provider, and browser start pages to mystartsearch.com without your permission. Furthermore, this adware will append the argument http://www.mystartsearch.com/?type=hp&ts=<timestamp>&from=<affiliate_id>&uid=<hard drive id> to various web browser shortcuts and sometimes shortcuts that are for non-Internet related program. This causes the mystartsearch.com web page to open when you launch one of these hijacked shortcuts. Unfortunately, the method they use to change the shortcuts does not allow you to easily fix them by just going into their properties and you have to instead use special tools to clean them.


How to Change your Lock Screen Background in Windows 10

The lock screen is the screen you see when you lock your PC (or when it locks automatically after you haven’t been using it for a while). The lock screen will also show at startup, and when you are signed out and idle for one minute. You will need to dismiss the lock screen to be able to see the sign in screen and sign in to Windows.

Your lock screen will display detailed and quick status of apps you choose.

You can use Windows spotlight, a single picture, or a slideshow of images from added folders as your lock screen background.

This tutorial will show you how to change your lock screen background to use Windows spotlight, a picture, or slide show of pictures for your user account in Windows 10.

Read more…

Windows 10 : Configurations matérielles requises

Bonsoir Ă  tous,

Me revoilà Clignement d'Ɠil

Microsoft a publié les configurations matérielles minimum requises pour le fonctionnement de Windows 10.

Certes, son arrivĂ©e n’est prĂ©vue que pour l’étĂ© prochain; cependant, d’ore et dĂ©jĂ , vous savez s’il vous faudra remplacer votre ordinateur ou le faire Ă©voluer.

Voici donc les caractĂ©ristiques dont les matĂ©riels devront ĂȘtre dotĂ©s pour supporter Windows 10 :

- Tablettes et Smartphones de 3 Ă  7,99 pouces :

  • Au moins 512 Mo de RAM (en 32 bits)
  • Un espace de stockage d’au moins 4 Go.
  • Si le matĂ©riel ne possĂšde que 512 Mo de RAM la rĂ©solution maximale affichĂ©e ne dĂ©passera pas 800 x 480 en WGA et 854 x 480 en FWGA.
  • Si le matĂ©riel possĂšde 3 Go de RAM ou plus alors, la rĂ©solution pourra ĂȘtre de 2048 x 1152 en QWXGA et 2560 x 1600 en WQXGA voire mĂȘme 2560 x 2048 en QSZGA.

- Postes de travail :

  • 1 Go (32 bits)
  • 2 Go (64 bits)
  • Stockage, 16 Go minimum sont nĂ©cessaires (32 bits)
  • Au moins 20 Go (64bits)
  • DirectX 9 sera en outre requis.

Microsoft a en outre annoncé le support de plusieurs processeurs ARM et x86 :

  • Qualcomm les MSM8909, 8208, 8994, 8992 et 8952,
  • Intel les Cherry Trail,  Skylake et Atom x3
  • AMD, les Carrizo et Carrizo-L.

La derniĂšre build 10041 est disponible avec Cortana en français. De nombreux bugs ont Ă©tĂ© corrigĂ©s mais tout n’est pas terminĂ©, loin s’en faut Clignement d'Ɠil. L’apparence du systĂšme s’amĂ©liore; chaque nouvelle build apporte un design amĂ©liorĂ©.

Cette mise Ă  jour est disponible uniquement par Windows Update. Il faut savoir qu’un fichier ISO sera bientĂŽt disponible au tĂ©lĂ©chargement.

Bon weekend.


Malvertizing at news.com.au

I just saw the following when visiting the news.com.au website using a Windows 8.1 phone and an Australian IP. news.com.au is a very popular website in Australia, but I’m not set up at the moment for mobile site analysis, so feel free to take a look-see and report…

It may be that the full site is affected to.  There’s an election in New South Wales today, so traffic is likely to be higher than normal :(

First I saw…


Followed by:


Removal instructions for MediPlayer2.8

What is MediPlayer2.8?

The Malwarebytes research team has determined that MediPlayer2.8 is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.


TabNav and Appimaker Certificate Removal guide

TabNav is a program that displays advertisements and collects information on the sites that you visit. It does this by installing a Layered Service Provider that is able to examine and manipulate all the network data that you transmit and receive on your computer. Using this ability, TabNav can easily inject ads into the web sites that you visit and collect information about your browsing habits. TabNav also installs a root certificate into Windows called appimaker. This root certificate allows it to see SSL traffic so that it is able to inject ads even into encrypted connections. Unfortunately, this also gives it the ability to see all data you transmit over an encrypted SSL connection including login information. For example, in the picture below you see that the appimaker certificate is being used to encrypt the connection between a computer and the Citibank banking site.


Weekend reading

Not a good look there, Optus

Enforceable Undertaking offer by Optus to the Office of the Australian Information Commissioner:

What did Optus do wrong?…

  • In February 2013, Optus made a change to its website. Due to a coding error that occurred during this change, between February 2013 and April 2014, when Optus customers who had elected not to have their details listed in a telephone directory completed a rate plan change via Optus’s website, Optus’s systems erroneously changed the White Pages listing preferences for those customers from ‘No’ to ‘Yes’. As a result, the names, addresses and mobile phone numbers of approximately 122,000 Optus customers were listed in the White Pages online directory without the consent of those customers. The information of the majority of those customers was also published in various print editions of the White Pages.  The problem came to their attention via a customer complaint.
  • Optus made a change to its network in relation to particular Netgear and Cisco modems, which it began deploying in November 2008 and March 2009 respectively. As part of the change, Optus deliberately left the management ports for these models of modems open, incorrectly assuming they were only accessible for network management purposes. In addition, Optus issued 197,000 of the Netgear modems and 111,000 of the Cisco modems to its customers with factory default settings, including user default names and passwords in place. Optus also did not conduct connectivity testing. These two issues in combination meant that Optus customers using the equipment who did not change the default user name and passwords were left vulnerable, potentially allowing a person to make and charge calls as though they were the Optus customer.  Optus were apparently oblivious to the issue until the media got wind of it.
  • Between September 2013 and 13 May 2014, a flaw in Optus’s security processes led to certain customers not being prompted for their password when attempting to retrieve voicemail information from outside the Optus network. Optus did not identify the issue during testing. Consequently, where customer voicemail accounts were not password protected, some Optus customers were vulnerable to ‘spoofing’ attacks, where an unauthorised party could potentially access and use customer voicemail accounts messages, including being able to listen to recorded messages and change settings and preferences.  The problem was reported to Optus by a third party <sigh>

Removal instructions for browse pulse

What is browse pulse?

The Malwarebytes research team has determined that browse pulse is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.


Microsoft Security Bulletin Minor Revisions Issued: March 26, 2015


The following bulletins have undergone a minor revision increment.

Please see the appropriate bulletin for more details.

* MS15-022 – Critical

Bulletin Information:

MS15-022 – Critical

– Title: Vulnerabilities in Microsoft Office Could Allow Remote
Code Execution
– Reason for Revision: V1.1 (March 26, 2015): Bulletin revised to
correct the update replacement entry for Microsoft Excel 2007
Service Pack 3 in the Affected Software table. This is an
informational change only. There were no changes to the update
files. Customers who have already successfully updated their
systems do not need to take any action.
– Originally posted: March 10, 2015
– Updated: March 26, 2015
– Bulletin Severity Rating: Critical
– Version: 1.1

IRS Fraudulent scams – Warnings for 2015 tax returns

Kim Komando features some protective advice in this security alert.  Users should also not respond to any unexpected calls from IRS, as this US Mail still remains the primary means of communication (and they do not contain by email or phone initially)


In its most basic form, a crook uses your Social Security number to file a bogus tax return in your name, claiming some huge refund. According to the plan, the IRS sends out the refund to the fraudster who gets away scot-free. Or at least that’s the plan. Last summer, a Florida man was sentenced to 10 years in prison for stealing identities and then filing false returns claiming over $13 million in false refunds.

Unfortunately, convictions like this are the exception rather than the rule. Last year, the IRS actually paid out $5.8 billion in refunds that it later realized were actually fraudulent. But those were only the ones it caught. The IRS may never know just how many dollars in fraudulent refunds it has paid and gone undetected. You and other taxpayer victims may not know you’ve been hit until your legitimate return is rejected by the IRS because a crook has already filed using your information.

That’s why I’ve recommended the first step to protecting your tax return is to file as soon as possible. This reduces the window of time a thief has to file on your account. But I understand that’s not always practical for everyone. Perhaps you have a complex tax situation or you are still waiting on paperwork from others. Some people delay filing because they actually owe the government additional tax payments, and they want wait until the last minute to pay up. However, it is perfectly fine to file your return early and still hold off making your payment until the April 15 deadline.

Privacy – RadioShack Bankruptcy and possible sale of Customer Data

While technically bankruptcy courts may see customer data as an asset for sale, this action could be potentially blocked due to privacy concerns.


The phone numbers, e-mail addresses, and shopping habits of more than 100 million customers are part of RadioShack’s bankruptcy auction.  RadioShack’s customers—even those whose most recent purchase came years ago—could also find themselves sold off in the deal. The company included personal data in its bankruptcy auction as its own asset class. A website maintained by Hilco Streambank, which is serving as an intermediary for RadioShack, says that more than 13 million e-mail addresses and 65 million customer names and physical address files are for sale. Hilco Streambank is careful to note that the bankruptcy court might not approve the deals, and there have already been two legal filings in attempts to block the sale of customer data.

The broader challenge, filed last week by Texas Attorney General Ken Paxton, argues that RadioShack made an explicit promise to its customers not to sell their personal data. Paxton claims that 117 million people are included in RadioShack’s customer data sale, which he says offers some details about shopping habits. The filing cites text from a sign displayed in RadioShack stores reading: “We pride ourselves on not selling our private mailing list.” State law in Texas prohibits companies from selling personally identifiable information in a way that violates their own privacy policies. On Monday, Tennessee’s attorney general joined Texas’s objection.

How to Change your Desktop Background in Windows 10

Your desktop background (also called wallpaper) can be a digital picture from your personal collection, a picture that comes with Windows, a solid color, or a picture framed with a color. You can have a picture set for each specific display, a single picture set for all displays, or a slide show playing selected pictures randomly on all displays.

This tutorial will show you different ways to change the desktop background wallpaper or slide show to what you like for your user account in Windows 10.

Read more…

Ads by SpeeditUp Removal Guide

SpeeditUp is a program that claims it checks your Internet connection for speed and performance issues. This in itself is not a bad thing, but SpeeditUp also displays intrusive advertisements on your desktop and on web sites that you visit. When visiting web sites, SpeeditUp will display ads in a way that makes it difficult to navigate or read the site. These ads will be labeled Ads by SpeeditUp and take up a large amount of a site’s visibility and are typically displayed over the the site’s content. Even more concerning, many of the ads that are displayed by SpeeditUp are for further adware installers that would cause even more damage to your computer.


Microsoft Security Advisory Notification Issued: March 26, 2015

Security Advisories Updated or Released Today

* Microsoft Security Advisory (3050995)
– Title: Improperly Issued Digital Certificates Could Allow
– Revision Note: V2.0 (March 26, 2015): Advisory rereleased to
announce that the update for supported editions of Windows
Server 2003 is now available. See Knowledge Base Article 3050995
for more information and download links.

Updated to Swift and iOS8 – Unleash Your Inner App Developer Part 11: The Photo Library


All the best!
Kevin McNeish
Author: iOS App Development for Non-Programmers book series
Twitter: @kjmcneish

Removal instructions for RunningFanatic

What is RunningFanatic?

The Malwarebytes research team has determined that RunningFanatic is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.
RunningFanatic is a Mindspark/Ask toolbar.


Recent Comments