Search Results

Search found 298 results on 12 pages for 'the salt'.

Page 10/12 | < Previous Page | 6 7 8 9 10 11 12  | Next Page >

  • Android and PHP - Do I need to use sessions?

    - by jtnire
    I have created an Android App that communicates with a PHP web server. They both send JSON to each other. My App is almost finished, however there is one thing left to do: authentication. Since the user's username and password will be stored in Android SharedPreferences, is there any need to use PHP sessions, given that the user won't need to enter the username/password at every request? Since I can just send the username and password in the HTTP POST header for every request, and that I will be using SSL, is this sufficient? I guess I could add an extra field in the header called 'random' that just adds a random value, just to use as a salt so that the encrypted SSL payload will be different everytime. The reason why I don't want to use sessions is that my Android App would either have to handle cookies, or managed the storage of the session ID. If there are some serious cons to using my method above, then I'm more than happy to use sessions, however all advice is appreciated. Thanks

    Read the article

  • PHP Security checklist (injection, sessions etc)

    - by NoviceCoding
    So what kind of things should a person using PHP and MySql be focused on to maximize security. Things I have done: -mysql_real_escape_string all inputs -validate all inputs after escaping em -Placed random alpha numerics before my table names -50character salt + Ripemd passwords Heres where I think I am slacking: -I know know nothing about sessions and securing them. How unsafe/safe is it if all you are doing is: session_start(); $_SESSION['login']= $login; and checking it with: session_start(); if(isset($_SESSION['login'])){ -I heard something about other forms of injection like cross site injection and what not... -And probably many other things I dont know about. Is there a "checklist"/Quicktut on making php secure? I dont even know what I should be worried about.I kinda regret now not building off cakephp since I am not a pro.

    Read the article

  • rails db migration, undefined method `to_sym', cant figure out syntax

    - by oelbrenner
    the original migration looks like this: class CreateUsers true do |t| t.string :login, :limit = 40 t.string :name, :limit = 100, :default = '', :null = true t.string :email, :limit = 100 t.string :crypted_password, :limit = 40 t.string :salt, :limit = 40 t.string :remember_token, :limit = 40 t.datetime :remember_token_expires_at t.string :activation_code, :limit = 40 t.datetime :activated_at, :datetime t.string :state, :null = :no, :default = 'passive' t.datetime :deleted_at t.integer :occupation_id, :null = :yes t.datetime :paid_up_to_date, :date t.timestamps end and I am trying to change the default of "state" to be "active" instead of passive so my attempt at a migration looks like this: ( still learning.. be gentle ) class ChangeUserStateDefault < ActiveRecord::Migration def self.up change_column :users, :state, :null = :no, :default = 'active' end def self.down end end

    Read the article

  • Is SHA sufficient for checking file duplication? (sha1_file in PHP)

    - by wag2639
    Suppose you wanted to make a file hosting site for people to upload their files and send a link to their friends to retrieve it later and you want to insure files are duplicated where we store them, is PHP's sha1_file good enough for the task? Is there any reason to not use md5_file instead? For the frontend, it'll be obscured using the original file name store in a database but some additional concerns would be if this would reveal anything about the original poster. Does a file inherit any meta information with it like last modified or who posted it or is this stuff based in the file system? Also, is using a salt frivolous since security in regards of rainbow table attack mean nothing to this and the hash could later be used as a checksum? One last thing, scalability? initially, it's only going to be used for small files a couple of megs big but eventually... Edit 1: The point of the hash is primarily to avoid file duplication, not to create obscurity.

    Read the article

  • Strange DataMapper (0.10.2) error. Please help!

    - by Joel M.
    See the full error here: http://notesapp.heroku.com/ I'm using DataMapper and dm-validations 0.10.2. No matter how much I tweak my models, I get the same error, or another one. Here's how my model looks like: class User include DataMapper::Resource attr_accessor :password, :password_confirmation property :id, Serial, :required => true property :email, String, :required => true, :format => :email_address, :unique => true property :hashed_password, String property :salt, String, :required => true property :created_at, DateTime, :default => Time.now property :permission_level, Integer, :default => 1 validates_present :password_confirmation, :unless => Proc.new { |t| t.hashed_password } validates_present :password, :unless => Proc.new { |t| t.hashed_password } validates_is_confirmed :password

    Read the article

  • inheritance from the django user model results in error when changing password

    - by Jerome
    I inherited form the django user model like so: from django.db import models from django.contrib.auth.models import User, UserManager from django.utils.translation import ugettext_lazy as _ class NewUserModel(User): custom_field_1 = models.CharField(_('custom field 1'), max_length=250, null=True, blank=True) custom_field_2 = models.CharField(_('custom field 2'), max_length=250, null=True, blank=True) objects = UserManager() When i go to the admin and add an entry into this model, it saves fine, but below the "Password" field where it has this text "Use '[algo]$[salt]$[hexdigest]' or use the change password form.", if i click on the "change password form' link, it produces this error Truncated incorrect DOUBLE value: '7/password' What can i do to fix this?

    Read the article

  • SQL CREATE TABLE Error

    - by Adam M-W
    Hi, I've been stuck on this one simple(ish) thing for the last 1/2 hour so I thought I might try to get a quick answer here. What exactly is incorrect about my SQL syntax, assuming I'm using mysql 5.1 CREATE TABLE 'users' ( 'id' MEDIUMINT(8) UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY, 'username' VARCHAR(20) NOT NULL, 'password' VARCHAR(40) NOT NULL, 'salt' VARCHAR(40) DEFAULT NULL, 'email' VARCHAR(80) NOT NULL, 'created_on' INT(11) UNSIGNED NOT NULL, 'last_login' INT(11) UNSIGNED DEFAULT NULL, 'active' TINYINT(1) UNSIGNED DEFAULT NULL, ) ENGINE InnoDB; Also, does anyone have any good tutorials about how to use Zend_Auth for complete noobs? Thanks.

    Read the article

  • Username correct, password incorrect?

    - by jonnnnnnnnnie
    In a login system, how can you tell if the user has entered the password incorrectly? Do you perform two SQL queries, one to find the username, and then one to find the username and matching (salted+hashed etc) password? I'm asking this because If the user entered the password incorrectly, I want to update the failed_login_attempts column I have. If you perform two queries wouldn't that increase overhead? If you did a query like this, how would you tell if the password entered was correct or not, or whether the username doesn't exist: SELECT * FROM author WHERE username = '$username' AND password = '$password' LIMIT 1 ( ^ NB: I'm keeping it simple, will use hash and salt, and will sanitize input in real one.) Something like this: $user = perform_Query() // get username and password? if ($user['username'] == $username && $user['password'] == $password) { return $user; } elseif($user['username'] == $username && $user['password'] !== $password) { // here the password doesn't match // update failed_login_attemps += 1 }

    Read the article

  • Error comparing hash to hashed mysql password (output values are equal)

    - by Charlie
    Im trying to compare a hashed password value in a mysql database with the hashed value of an inputted password from a login form. However, when I compare the two values it says they aren't equal. I removed the salt to simply, and then tested what the outputs were and got the same values $password1 = $_POST['password']; $hash = hash('sha256', $password1); ...connect to database, etc... $query = "SELECT * FROM users WHERE username = '$username1'"; $result = mysql_query($query); $userData = mysql_fetch_array($result); if($hash != $userData['password']) //incorrect password { echo $hash."|".$userData['password']; die(); } ...other code... Sample output: 7816ee6a140526f02289471d87a7c4f9602d55c38303a0ba62dcd747a1f50361| 7816ee6a140526f02289471d87a7c4f9602d55c38303a0ba62dcd747a1f50361 Any thoughts?

    Read the article

  • Facebook Sponsored Results: Is It Getting Results?

    - by Mike Stiles
    Social marketers who like to focus on the paid aspect of the paid/earned hybrid Facebook represents may want to keep themselves aware of how the network’s new Sponsored Results ad product is performing. The ads, which appear when a user conducts a search from the Facebook search bar, have only been around a week or so. But the first statistics coming out of them are not bad. Marketer Nanigans says click-through rates on the Sponsored Results have been nearly 23 times better than regular Facebook ads. Some click-through rates have even gone over 3%. Just to give you some perspective, a TechCrunch article points out that’s the same kind of click-through rates that were being enjoyed during the go-go dot com boom of the 90’s. The average across the Internet in its entirety is now somewhere around .3% on a good day, so a 3% number should be enough to raise an eyebrow. Plus the cost-per-click price is turning up 78% lower than regular Facebook ads, so that should raise the other eyebrow. Marketers have gotten pretty used to being able to buy ads against certain keywords. Most any digital property worth its salt that sells ads offers this, and so does Facebook with its Sponsored Results product. But the unique prize Facebook brings to the table is the ability to also buy based on demographic and interest information gleaned from Facebook user profiles. With almost 950 million logging in, this is exactly the kind of leveraging of those users conventional wisdom says is necessary for Facebook to deliver on its amazing potential. So how does the Facebook user fit into this? Notorious for finding out exactly where sponsored marketing messages are appearing and training their eyeballs to avoid those areas, will the Facebook user reject these Sponsored Results? Well, Facebook may have found an area in addition to the News Feed where paid elements can’t be avoided and will be tolerated. If users want to read their News Feed, and they do, they’re going to see sponsored posts. Likewise, if they want to search for friends or Pages, and they do, they’re going to see Sponsored Results. The paid results are clearly marked as such. As long as their organic search results are not tainted or compromised, they will continue using search. But something more is going on. The early click-through rate numbers say not only do users not mind seeing these Sponsored Results, they’re finding them relevant enough to click on. And once they click, they seem to be liking what they find, with a reported 14% higher install rate than Marketplace Ads. It’s early, and obviously the jury is still out. But this is a new social paid marketing opportunity that’s well worth keeping an eye on, and that may wind up hitting the trifecta of being effective for the platform, the consumer, and the marketer.

    Read the article

  • Why it may be good to be confused: Mary Lo Verde’s Motivational Discussion at Oracle

    - by user769227
    Why it may be good to be confused: Mary Lo Verde’s Motivational Discussion at Oracle by Olivia O'Connell Last week, we were treated to a call with Mary LoVerde, a renowned Life-Balance and Motivational Speaker. This was one of many events organized by Oracle Women’s Leadership (OWL). Mary made some major changes to her life when she decided to free herself of material positions and take each day as it came. Her life balance strategies have led her from working with NASA to appearing on Oprah. Mary’s MO is “cold turkey is better than dead duck!”, in other words, knowing when to quit. It is a surprising concept that flies in the face of the “winners don’t quit” notion and focuses on how we limit our capabilities and satisfaction levels by doing something that we don’t feel passionately about. Her arguments about quitting were based on the conception that ‘“it” is in the way of you getting what you really want’ and that ‘quitting makes things easier in the long run’. Of course, it is often difficult to quit, and though we know that things would be better if we did quit certain negative things in our lives, we are often ashamed to do so. A second topic centred on the perception of Confusion Endurance. Confusion Endurance is based around the idea that it is often good to not know exactly what you are doing and that it is okay to admit you don’t know something when others ask you; essentially, that humility can be a good thing. This concept was supposed to have to Leonardo Da Vinci, because he apparently found liberation in not knowing. Mary says, this allows us to “thrive in the tension of not knowing to unleash our creative potential” An anecdote about an interviewee at NASA was used to portray how admitting you don’t know can be a positive thing. When NASA asked the candidate a question with no obvious answer and he replied “I don’t know”, the candidate thought he had failed the interview; actually, the interviewers were impressed with his ability to admit he did not know. If the interviewee had guessed the answer in a real-life situation, it could have cost the lives of fellow astronauts. The highlight of the webinar for me? Mary told how she had a conversation with Capt. Chesley B. "Sully" Sullenberger who recalled the US Airways Flight 1549 / Miracle on the Hudson incident. After making its descent and finally coming to rest in the Hudson after falling 3,060 feet in 90 seconds, Sully and his co-pilot both turned to each other and said “well...that wasn’t as bad as we thought”. Confusion Endurance at its finest! Her discussion certainly gave food for thought, although personally, I was inclined to take some of it with a pinch of salt. Mary Lo Verde is the author of The Invitation, and you can visit her website and view her other publications at www.maryloverde.com. For details on the Professional Business Women of California visit: http://www.pbwc.org/

    Read the article

  • TSAM 11gR1

    - by todd.little
    The Tuxedo System and Application Monitor (TSAM) 11gR1 release provides powerful new application monitoring capabilities, as well as significant improvements in ease of use. The first thing users will notice is the completely redesigned user interface in the TSAM console. Based on Oracle ADF, the console is much easier to navigate, provides a Web 2.0 style interface with dynamically updating panels, and a look and feel familiar to those that have used Oracle Enterprise Manager. Monitoring data can be viewed in both tabular and graphical form and exported to Excel for further analysis. A number of new metrics are collected and displayed in this release. Call path monitoring now displays CPU time, message size, total transport time, and client address giving even more end-to-end information about a specific Tuxedo request. As well the call path display has been completely revamped to make it much easier to see the branches of the call path. The call pattern display now provides statistics on successful vs failed calls, system and application failures, and end-to-end average elapsed time. Service monitoring now displays minimum and maximum message size, CPU usage, and client address. System server monitoring now includes monitoring the SALT gateway servers to provide detailed performance metrics about those servers. Perhaps the most significant new feature is the consolidation of alert definitions and policy management. In previous versions of TSAM, some alerts were defined and checked on the monitored systems while others were defined and checked in the console. Policy management could be performed on both the monitored node via environment variable or command, as well as from the console. Now all alert definitions and policy definitions are only made using the console. For alerts this means that regardless of where the alert is evaluated it is defined in one and only one place. Thus the plug-in alert mechanism of previous releases can now be managed using the TSAM console, making SLA alert definition much easier and cleaner. Finally there is support in TSAM for monitoring rehosted mainframe applications. The newly announced Oracle Tuxedo Application Runtime for CICS and Batch can be monitored in the TSAM console using traditional mainframe views of the application such as regions. Look for a future blog entry with more details on this as well as some entries providing a glimpse of the console. TSAM gives users a single point for monitoring the performance of all of their Tuxedo applications.

    Read the article

  • Get to Know a Candidate (11 of 25): Roseanne Barr&ndash;Peace &amp; Freedom Party

    - by Brian Lanham
    DISCLAIMER: This is not a post about “Romney” or “Obama”. This is not a post for whom I am voting. Information sourced for Wikipedia. Barr is an American actress, comedienne, writer, television producer, and director.  Barr began her career in stand-up comedy at clubs before gaining fame for her role in the sitcom Roseanne. The show was a hit and lasted nine seasons, from 1988 to 1997. She won both an Emmy Award and a Golden Globe Award for Best Actress for her work on the show. Barr had crafted a "fierce working-class domestic goddess" persona in the eight years preceding her sitcom and wanted to do a realistic show about a strong mother who was not a victim of patriarchal consumerism. The granddaughter of immigrants from Europe and Russia, Barr was the oldest of four children in a working-class Jewish Salt Lake City family; she was also active in the LDS Church. In 1974 she married Bill Pentland, with whom she had three children, before divorcing in 1990 and marrying comedian Tom Arnold for four years. Controversy arose when she sang "The Star-Spangled Banner" off-key at a 1990 nationally aired baseball game, followed by grabbing her crotch and spitting. After her sitcom ended, she launched her own talk show, The Roseanne Show, which aired from 1998 to 2000. In 2005, she returned to stand-up comedy with a world tour. In 2011, she starred in an unscripted TV show, Roseanne's Nuts that lasted from July to September of that year, about her life on a Hawaiian farm. The Peace and Freedom Party (PFP) is a nationally-organized political party with affiliates in more than a dozen states, including California, Florida, Colorado and Hawaii. Its first candidates appeared on the ballot in 1966, but the Peace and Freedom Party of California was founded on June 23, 1967, after the LAPD riot in the wealthy Century City section of Los Angeles, and qualified for the ballot in January 1968.  The Peace and Freedom Party went national in 1968 as a left-wing organization opposed to the Vietnam War. From its inception, Peace and Freedom Party has been a left-wing political organization. It is a strong advocate of protecting the environment from pollution and nuclear waste. It advocates personal liberties and universal, high quality and free access to education and health care. Its understanding of socialism includes a socialist economy, where industries, financial institutions, and natural resources are owned by the people as a whole and democratically managed by the people who work in them and use them. Barr is on the Ballot in: CA, CO, FL Learn more about Roseanne Barr and Peace and Freedom Party on Wikipedia.

    Read the article

  • Creating a Yes/No MessageBox in a NuGet install/uninstall script

    - by ParadigmShift
    Sometimes getting a little feedback during the install/uninstall process of a NuGet package could be really useful. Instead of accounting for all possible ways to install your NuGet package for every user, you can simplify the installation by clarifying with the user what they want. This example shows how to generate a windows yes/no message box to get input from the user in the PowerShell install or uninstall script. We’ll use the prompt on the uninstall to confirm if the user wants to delete a custom setting that the initial install placed in their configuration.  Obviously you could use the prompt in any way you want. The objects of the message box are generated similar to the controls in the code behind of a WinForm. At the beginning of your script enter this: param($installPath, $toolsPath, $package, $project)   # Set up path variables $solutionDir = Get-SolutionDir $projectName = (Get-Project).ProjectName $projectPath = Join-Path $solutionDir $projectName   ################################################################################################ # WinForm generation for prompt ################################################################################################ function Ask-Delete-Custom-Settings { [void][reflection.assembly]::loadwithpartialname("System.Windows.Forms") [Void][reflection.assembly]::loadwithpartialname("System.Drawing")   $title = "Package Uninstall" $message = "Delete the customized settings?" #Create form and controls $form1 = New-Object System.Windows.Forms.Form $label1 = New-Object System.Windows.Forms.Label $btnYes = New-Object System.Windows.Forms.Button $btnNo = New-Object System.Windows.Forms.Button   #Set properties of controls and form ############ # label1 # ############ $label1.Location = New-Object System.Drawing.Point(12,9) $label1.Name = "label1" $label1.Size = New-Object System.Drawing.Size(254,17) $label1.TabIndex = 0 $label1.Text = $message   ############# # btnYes # ############# $btnYes.Location = New-Object System.Drawing.Point(156,45) $btnYes.Name = "btnYes" $btnYes.Size = New-Object System.Drawing.Size(48,25) $btnYes.TabIndex = 1 $btnYes.Text = "Yes"   ########### # btnNo # ########### $btnNo.Location = New-Object System.Drawing.Point(210,45) $btnNo.Name = "btnNo" $btnNo.Size = New-Object System.Drawing.Size(48,25) $btnNo.TabIndex = 2 $btnNo.Text = "No"   ########### # form1 # ########### $form1.ClientSize = New-Object System.Drawing.Size(281,86) $form1.Controls.Add($label1) $form1.Controls.Add($btnYes) $form1.Controls.Add($btnNo) $form1.Name = "Form1" $form1.Text = $title #Event Handler $btnYes.add_Click({btnYes_Click}) $btnNo.add_Click({btnNo_Click}) return $form1.ShowDialog() } function btnYes_Click { #6 = Yes $form1.DialogResult = 6 } function btnNo_Click { #7 = No $form1.DialogResult = 7 } ################################################################################################ This has also wired up the click events to the form.  This is all it takes to create the message box. Now we have to actually use the message box and get the user’s response or this is all pointless.  We’ll then delete the section of the application/web configuration called <Custom.Settings> [xml] $configXmlContent = Get-Content $configFile   Write-Host "Please respond to the question in the Dialog Box." $dialogResult = Ask-Delete-Custom-Settings #6 = Yes #7 = No Write-Host "dialogResult = $dialogResult" if ($dialogResult.ToString() -eq "Yes") { Write-Host "Deleting customized settings" $customSettingsNode = $configXmlContent.configuration.Item("Custom.Settings") $configXmlContent.configuration.RemoveChild($customSettingsNode) $configXmlContent.Save($configFile) } if ($dialogResult.ToString() -eq "No") { Write-Host "Do not delete customized settings" } The part where I check if ($dialog.Result.ToString() –eq “Yes”) could just as easily check the value for either 6 or 7 (Yes or No).  I just personally decided I liked this way better.   Shahzad Qureshi is a Software Engineer and Consultant in Salt Lake City, Utah, USA His certifications include: Microsoft Certified System Engineer 3CX Certified Partner Global Information Assurance Certification – Secure Software Programmer – .NET He is the owner of Utah VoIP Store at http://www.utahvoipstore.com/ and SWS Development at http://www.swsdev.com/ and publishes windows apps under the name Blue Voice.

    Read the article

  • Problems Installing slapd On Ubuntu Server 11.10

    - by Zach Dziura
    I know that there's a Ubuntu-specific StackExchange website, but I thought that I'd ask here because it's a server-specific question. If I'm wrong in my logic... Well, you people are better at this than I am! O=) On with the show! I'm in the process of installing Oracle Database 11g R2 Standard Edition onto Ubuntu Server 11.10. I found a guide on the Oracle Support Forums that walks you through the process fairly easily. Unfortunately, I'm running into issues installing one particular dependency: slapd. When I go to install it, I get this error message: (Reading database ... 64726 files and directories currently installed.) Unpacking slapd (from .../slapd_2.4.25-1.1ubuntu4.1_amd64.deb) ... Processing triggers for man-db ... Processing triggers for ufw ... Processing triggers for ureadahead ... Setting up slapd (2.4.25-1.1ubuntu4.1) ... Usage: slappasswd [options] -c format crypt(3) salt format -g generate random password -h hash password scheme -n omit trailing newline -s secret new password -u generate RFC2307 values (default) -v increase verbosity -T file read file for new password Creating initial configuration... Loading the initial configuration from the ldif file () failed with the following error while running slapadd: str2entry: invalid value for attributeType olcRootPW #0 (syntax 1.3.6.1.4.1.1466.115.121.1.15) slapadd: could not parse entry (line=1051) dpkg: error processing slapd (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: slapd E: Sub-process /usr/bin/dpkg returned an error code (1) After much Google searches and forum trolling, I have yet to find a definitive answer as to what's going wrong. The error messages seem straight forward enough, but I have no idea how to debug this. Can anyone offer some assistance? Again, if I'm asking in the wrong place, I apologize. If I'm indeed asking properly, then thank you for any and all help!

    Read the article

  • Pigs in Socks?

    - by MightyZot
    My wonderful wife Annie surprised me with a cruise to Cozumel for my fortieth birthday. I love to travel. Every trip is ripe with adventure, crazy things to see and experience. For example, on the way to Mobile Alabama to catch our boat, some dude hauling a mobile home lost a window and we drove through a cloud of busting glass going 80 miles per hour! The night before the cruise, we stayed in the Malaga Inn and I crawled UNDER the hotel to look at an old civil war bunker. WOAH! Then, on the way to and from Cozumel, the boat plowed through two beautiful and slightly violent storms. But, the adventures you have while travelling often pale in comparison to the cult of personalities you meet along the way.  :) We met many cool people during our travels and we made some new friends. Todd and Andrea are in the publishing business (www.myneworleans.com) and teaching, respectively. Erika is a teacher too and Matt has a pig on his foot. This story is about the pig. Without that pig on Matt’s foot, we probably would have hit a buoy and drowned. Alright, so…this pig on Matt’s foot…this is no henna tatt, this is a man’s tattoo. Apparently, getting tattoos on your feet is very painful because there is very little muscle and fat and lots of nifty nerves to tell you that you might be doing something stupid. Pig and rooster tattoos carry special meaning for sailors of old. According to some sources, having a tattoo of a pig or rooster on one foot or the other will keep you from drowning. There are many great musings as to why a pig and a rooster might save your life. The most plausible in my opinion is that pigs and roosters were common livestock tagging along with the crew. Since they were shipped in wooden crates, pigs and roosters were often counted amongst the survivors when ships succumbed to Davy Jones’ Locker. I didn’t spend a whole lot of time researching the pig and the rooster, so consider these musings as you would a grain of salt. And, I was not able to find a lot of what you might consider credible history regarding the tradition. What I did find was a comfort, or solace, in the maritime tradition. Seems like raw traditions like the pig and the rooster are in danger of getting lost in a sea of non-permanence. I mean, what traditions are us old programmers and techies leaving behind for future generations? Makes me wonder what Ward Christensen has tattooed on his left foot.  I guess my choice would have to be a Commodore 64.   (I met Ward, by the way, in an elevator after he received his Dvorak awards in 1992. He was a very non-assuming individual sporting business casual and was very much a “sailor” of an old-school programmer. I can’t remember his exact words, but I think they were essentially that he felt it odd that he was getting an award for just doing his work. I’m sure that Ward doesn’t know this…he couldn’t have set a more positive example for a young 22 year old programmer. Thanks Ward!)

    Read the article

  • Grouping data in LINQ with the help of group keyword

    - by vik20000in
    While working with any kind of advanced query grouping is a very important factor. Grouping helps in executing special function like sum, max average etc to be performed on certain groups of data inside the date result set. Grouping is done with the help of the Group method. Below is an example of the basic group functionality.     int[] numbers = { 5, 4, 1, 3, 9, 8, 6, 7, 2, 0 };         var numberGroups =         from num in numbers         group num by num % 5 into numGroup         select new { Remainder = numGroup.Key, Numbers = numGroup };  In the above example we have grouped the values based on the reminder left over when divided by 5. First we are grouping the values based on the reminder when divided by 5 into the numgroup variable.  numGroup.Key gives the value of the key on which the grouping has been applied. And the numGroup itself contains all the records that are contained in that group. Below is another example to explain the same. string[] words = { "blueberry", "abacus", "banana", "apple", "cheese" };         var wordGroups =         from num in words         group num by num[0] into grp         select new { FirstLetter = grp.Key, Words = grp }; In the above example we are grouping the value with the first character of the string (num[0]). Just like the order operator the group by clause also allows us to write our own logic for the Equal comparison (That means we can group Item by ignoring case also by writing out own implementation). For this we need to pass an object that implements the IEqualityComparer<string> interface. Below is an example. public class AnagramEqualityComparer : IEqualityComparer<string> {     public bool Equals(string x, string y) {         return getCanonicalString(x) == getCanonicalString(y);     }      public int GetHashCode(string obj) {         return getCanonicalString(obj).GetHashCode();     }         private string getCanonicalString(string word) {         char[] wordChars = word.ToCharArray();         Array.Sort<char>(wordChars);         return new string(wordChars);     } }  string[] anagrams = {"from   ", " salt", " earn", "  last   ", " near "}; var orderGroups = anagrams.GroupBy(w => w.Trim(), new AnagramEqualityComparer()); Vikram  

    Read the article

  • Isis Finally Rolls Out

    - by David Dorf
    Google has rolled their wallet out for several chains; I see the NFC readers in Walgreen's when I'm sent their for milk.  But Isis has been relatively quiet until now.  As of last week they have finally launched in their two test cities: Austin, and Salt Lake City.  Below are the supported carriers and phones as of now, but more phones will be added later. Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} AT&T supports: HTC One™ X, LG Escape™, Samsung Galaxy Exhilarate™, Samsung Galaxy S® III, Samsung Galaxy Rugby Pro™ T-Mobile supports: Samsung Galaxy S® II, Samsung Galaxy S® III, Samsung Galaxy S® Relay 4G Verizon supports: Droid Incredible 4G LTE. Of course iPhone owners have no wallet since Apple didn't included an NFC chip. To start using Isis, you have to take your NFC-capable phone to your carrier's store to get the SIM replaced with a more sophisticated one that has a secure element configured for Isis.  The "secure element" is the cryptographic logic that secures mobile payments.  Carriers like the secure element in the SIM while non-carriers (like Google) prefer the secure element in the phone's electronics. (I'm not entirely sure if you could support both Isis and Google Wallet on the same phone.  Anybody know?) Then you can download the Isis app from Google Play and load your cards.  Most credit cards are supported, and there's a process to verify the credit cards are valid.  Then you can select from the list of participating retailers to "follow."  Selecting a retailer allows that retailer to give you offers via the app. The app is well done and easy to use.  You can select a default payment type and also switch between them easily.  When the phone is tapped on the reader, there are two exchanges of information.  The payment information is transferred, and then the Isis "SmartTap" information which includes optional loyalty number and digital coupons.  Of course the value of mobile wallets comes from the ease of handling all three data types (i.e. payment, loyalty, offers). There are several advertisements for Isis running now, and my favorite is below.

    Read the article

  • Comparing Isis, Google, and Paypal

    - by David Dorf
    Back in 2010 I was sure NFC would make great strides, but here we are two years later and NFC doesn't seem to be sticking. The obvious reason being the chicken-and-egg problem.  Retailers don't want to install the terminals until the phones support NFC, and vice-versa. So consumers continue to sit on the sidelines waiting for either side to blink and make the necessary investment.  In the meantime, EMV is looking for a way to sneak into the US with the help of the card brands. There are currently three major solutions that are battling in the marketplace.  All three know that replacing mag-stripe alone is not sufficient to move consumers.  Long-term it's the offers and loyalty programs combined with tendering that make NFC attractive. NFC solutions cross lots of barriers, so a strong partner system is required.  The solutions need to include the carriers, card brands, banks, handset manufacturers, POS terminals, and most of all lots of merchants.  Lots of coordination is necessary to make the solution seamless to the consumer. Google Wallet Google's problem has always been that only the Nexus phone has an NFC chip that supports their wallet.  There are a couple of additional phones out there now, but adoption is still slow.  They acquired Zavers a while back to incorporate digital coupons, but the the bulk of their users continue to be non-NFC.  They have taken an open approach by not specifying particular payment brands.  Google is piloting in San Francisco and New York, supporting both MasterCard PayPass and stored value. I suppose the other card brands may eventually follow.  There's no cost for consumers or merchants -- Google will make money via targeted ads. Isis Not long after Google announced its wallet, AT&T, Verizon, and T-Mobile announced a joint venture called Isis.  They are in the unique position of owning the SIM in the phones they issue.  At first it seemed Isis was a vehicle for the carriers to compete with the existing card brands, but Isis later switched to a generic wallet that supports the major card brands.  Isis reportedly charges issuers a $5 fee per customer per year.  Isis will pilot this summer in Salt Lake City and Austin. PayPal PayPal, the clear winner in the online payment space beyond traditional credit cards, is trying to move into physical stores.  After negotiations with Google to provide a wallet broke off, PayPal decided to avoid NFC altogether, at least for now, and focus on payments without any physical card or phone.  By avoiding NFC, consumers don't need an NFC-enabled phone and merchants don't need a new reader.  Consumers must enter their phone number and PIN in the merchant's existing device, or they can enter their PIN in the PayPal inStore app running on their phone, then show the merchant a unique barcode which authorizes payment. Paypal is free for consumers and charges a fee for merchants.  Its not clear, at least to me, how PayPal handles fraudulent transactions and whether the consumer is protected. The wildcard is, of course, Apple.  Their mobile technologies set the standard, so incorporating NFC chips would certainly accelerate adoption of many payment solutions.  Their announcement today of the iOS Passbook is a step in the right direction, but stops short of handling payments. For those retailers that have invested in modern terminals, it seems the best strategy is to support all the emerging solutions and let the consumers choose the winner.

    Read the article

  • Using Crypt function Python 3.3.2

    - by adampski
    In Windows and Python version 3.3.2, I try and call the python module like so: hash2 = crypt(word, salt) I import it at the top of my program like so: from crypt import * The result I get is the following: Traceback (most recent call last): File "C:\none\of\your\business\adams.py", line 10, in <module> from crypt import * File "C:\Python33\lib\crypt.py", line 3, in <module> import _crypt ImportError: No module named '_crypt' However, when I execute the same file adams.py in Ubuntu, with Python 2.7.3, it executes perfectly - no errors. I tried the following to resolve the issue for my Windows & Python 3.3.2 (though I'm sure the OS isn't the issue, the Python version or my use of syntax is the issue): Rename the directory in the Python33 directory from Lib to lib Rename the crypt.py in lib to _crypt.py. However, it turns out the entire crypt.py module depends on an external module called _crypt.py too. Browsed internet to download anything remotely appropriate to resemble _crypt.py It's not Python, right? It's me...(?) I'm using syntaxes to import and use external modules that are acceptable in 2.7.3, but not in 3.3.2. Or have I found a bug in 3.3.2?

    Read the article

  • Silverlight and Encryption, how to store/generate they key/iv pair?

    - by cmaduro
    I have a Silverlight app that connects to a php webservice. I want to encrypt the communication between the webservice and the Silverlight client. I'm not relying on SSL. I'm encrypting/decrypting the POST string myself using AES 256bit Key and IV. The big questions then are: How do I generate a random unique key/iv pair in PHP. How do I share this key/iv pair between the web service and silverlight client in a secure way. It seems impossible without having some kind of hard coded key or iv on the client. Which would compromise security. This is a public website, there are no logins. Just the requirement of secure communication. I can hard code the seed for the key/iv (which is hashed with SHA256 with a time stamp salt and then assigned as the key or iv) in PHP source code, that's on the server so that is pretty safe. However on the client the seed for the key/iv pair would be visible, if it is hard coded. Further more using a time stamp as the basis for uniqueness/randomness is definitely not ok, since timestamps are predictable. It does however provide a common factor between the C# code and the PHP code. The only other option that I can think of would be to have a 3rd service involved that provides the key/iv to the Silverlight client, as well as the php webservice. This of course start the cycle anew, with the question of how to store the credentials for accessing the key/iv distribution service on the Silverlight client. Sounds like the solution is then asymmetric encryption, since sensitive data will be viewed only on the administrative back end of the website. Unfortunately Silverlight has no asymmetric encryption classes. The solution? Roll my own Diffie-Hellman key exchange! Plug that key into AES256!

    Read the article

  • A Question about .net Rfc2898DeriveBytes class?

    - by IbrarMumtaz
    What is the difference in this class? as posed to just using Encoding.ASCII.GetBytes(string object); I have had relative success with either approach, the former is a more long winded approach where as the latter is simple and to the point. Both seem to allow you to do the same thing eventually but I am struggling to the see the point in using the former over the latter. The basic concept I have been able to grasp is that you can convert string passwords into byte arrays to be used for e.g a symmetric encryption class, AesManaged. Via the RFC class but you get to use SaltValues and password when creating your rfc object. I assume its more secure but still thats an uneducated guess at best ! Also that it allows you to return byte arrays of a certain size, well something like that. heres a few examples to show you where I am coming from? byte[] myPassinBytes = Encoding.ASCII.GetBytes("some password"); or string password = "P@%5w0r]>"; byte[] saltArray = Encoding.ASCII.GetBytes("this is my salt"); Rfc2898DeriveBytes rfcKey = new Rfc2898DeriveBytes(password, saltArray); The 'rfcKey' object can now be used towards setting up the the .Key or .IV properties on a Symmetric Encryption Algorithm class. ie. RijndaelManaged rj = new RijndaelManaged (); rj.Key = rfcKey.Getbytes(rj.KeySize / 8); rj.IV = rfcKey.Getbytes(rj.Blocksize / 8); 'rj' should be ready to go ! The confusing part ... so rather than using the 'rfcKey' object can I not just use my 'myPassInBytes' array to help set-up my 'rj' object???? I have tried doing this in VS2008 and the immediate answer is NO ! but have you guys got a better educated answer as to why the RFC class is used over the other alternative I have mentioned above and why????

    Read the article

  • Using JSON with jRails

    - by Zachary
    I am currently trying to use AJAX in my application via jRails. I am trying to return a JSON object from my controller, and then parse it in my Javascript. I am using json2.js to do the parsing. Here is the code I currently have: function getSomething() { $.ajax({ type: "GET", url: "map/testjson", success: function(data) { var myData = JSON.parse(data[0]); window.alert(myData.login); } }); } and in the controller: class Map::MapController < ApplicationController def index end def testjson @message = User.find(:all) ActiveRecord::Base.include_root_in_json = false respond_to do |w| w.json { render :json => @message.to_json } end end end The window.alert simply says 'undefined' (without tics). However, if I change the javascript to window.alert(data) (the raw object returned by the controller) I get: [{"salt":"aSalt","name":"", "created_at":"2010-03-15T02:34:25Z","remember_token_expires_at": null,"crypted_password":"aPassword", "updated_at":"2010-03-15T02:34:25Z","id":1,"remember_token":null, "login":"zgwrig2","email":"[email protected]"}] This looks like an array of size 1, if I'm looking at it correctly, but I have tried just about every combination of JSON.parse on the data object that I can think of, and nothing seems to work. Any ideas on what I'm doing wrong here?

    Read the article

  • Encryption in Java & Flex

    - by Jef
    I want tp encrypt and decrypt string, with defined salt. But the result must be same if the code run in java and adobe flex. The main goal is: the app in adobe flex will be generate a string that can be decrypt in server using java. I use this flex library http://crypto.hurlant.com/demo/ Try to 'Secret Key' Tab. I want to use AES Encryption, 'CBC' or 'PKCS5'. var k:String = "1234567890123456"; var kdata:ByteArray = Hex.toArray(k); var txt:String = "hello"; var data:ByteArray = Hex.toArray(Hex.fromString(txt));; var name:String = "simple-aes-cbc"; var pad:IPad =new PKCS5(); var mode:ICipher = Crypto.getCipher(name, kdata, pad); pad.setBlockSize(mode.getBlockSize()); mode.encrypt(data); encrypted.text=Hex.fromArray(data); trace(Hex.fromArray(data)); And here is the code in java String plaintext = "hello"; String key = "1234567890123456"; SecretKey keyspec = new SecretKeySpec(key.getBytes(), "AES"); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE,keyspec); byte[] encrypted = cipher.doFinal(plaintext.getBytes()); BASE64Encoder base64 = new BASE64Encoder(); String encodedString = base64.encode(encrypted); System.out.println(encodedString); Why the result is not same? Can you guys provide the sample with the same result both of java and flex (encrypt and decrypt)? And if I want to change the paramater, for example, from cbc to ebc, which line that need to be changed? Thanks!

    Read the article

  • Invalidating Memcached Keys on save() in Django

    - by Zack
    I've got a view in Django that uses memcached to cache data for the more highly trafficked views that rely on a relatively static set of data. The key word is relatively: I need invalidate the memcached key for that particular URL's data when it's changed in the database. To be as clear as possible, here's the meat an' potatoes of the view (Person is a model, cache is django.core.cache.cache): def person_detail(request, slug): if request.is_ajax(): cache_key = "%s_ABOUT_%s" % settings.SITE_PREFIX, slug # Check the cache to see if we've already got this result made. json_dict = cache.get(cache_key) # Was it a cache hit? if json_dict is None: # That's a negative Ghost Rider person = get_object_or_404(Person, display = True, slug = slug) json_dict = { 'name' : person.name, 'bio' : person.bio_html, 'image' : person.image.extra_thumbnails['large'].absolute_url, } cache.set(cache_key) # json_dict will now exist, whether it's from the cache or not response = HttpResponse() response['Content-Type'] = 'text/javascript' response.write(simpljson.dumps(json_dict)) # Make sure it's all properly formatted for JS by using simplejson return response else: # This is where the fully templated response is generated What I want to do is get at that cache_key variable in it's "unformatted" form, but I'm not sure how to do this--if it can be done at all. Just in case there's already something to do this, here's what I want to do with it (this is from the Person model's hypothetical save method) def save(self): # If this is an update, the key will be cached, otherwise it won't, let's see if we can't find me try: old_self = Person.objects.get(pk=self.id) cache_key = # Voodoo magic to get that variable old_key = cache_key.format(settings.SITE_PREFIX, old_self.slug) # Generate the key currently cached cache.delete(old_key) # Hit it with both barrels of rock salt # Turns out this doesn't already exist, let's make that first request even faster by making this cache right now except DoesNotExist: # I haven't gotten to this yet. super(Person, self).save() I'm thinking about making a view class for this sorta stuff, and having functions in it like remove_cache or generate_cache since I do this sorta stuff a lot. Would that be a better idea? If so, how would I call the views in the URLconf if they're in a class?

    Read the article

< Previous Page | 6 7 8 9 10 11 12  | Next Page >