Search Results

Search found 13256 results on 531 pages for 'password policy'.

Page 102/531 | < Previous Page | 98 99 100 101 102 103 104 105 106 107 108 109  | Next Page >

• How to use sessions in PDO?

  - by Byakugan

  I am still redoing and getting rid of old mysql_* commands in my code. I tried to transfer my session login form old code and this is what I got so far: public function login($user, $password) { if (!empty($user) && !empty($password)) { $password = $web->doHash($user, $password); // in this function is (return sha1(strtoupper($user).':'.strtoupper($password)) $stmt = $db_login->prepare("SELECT * FROM account WHERE username=:user AND pass_hash=:password"); $stmt->bindValue(':user', $user, PDO::PARAM_STR); $stmt->bindValue(':password', $password, PDO::PARAM_STR); $stmt->execute(); $rows = $stmt->rowCount(); if ($rows > 0) { $results_login = $stmt->fetch(PDO::FETCH_ASSOC); $_SESSION['user_name'] = $results_login['username']; $_SESSION['user_id'] = $results_login['id']; return true; } else { return false; } } else { return false; } } After that I am using checks if user logged on site: public function isLogged() { return (!empty($_SESSION['user_id']) && !empty($_SESSION['user_name'])); } But it seems - this function returns always empty because $_SESSION does not exists in PDO? And of course logout is used in this form on my sites: public function logout() { unset($_SESSION['user_id']); unset($_SESSION['user_name']); } But I think PDO has different way of handling session? I did not find any so what is it can i somehow add $_SESSION in PDO withou changing code much? I am using variables $_SESSION['user_name'] and $_SESSION['user_id'] in all over my web project. Summary: 1) How to use sessions in PDO correctly? 2) What is difference between using $stmt->fetch(PDO::FETCH_ASSOC); and $stmt->fetchAll(); Thank you.

  Read the article

• Login with Kohana auth module - what am I doing wrong?

  - by keithjgrant

  I'm trying to login with the following controller action, but my login attempt keeps failing (I get the 'invalid username and/or password' message). What am I doing wrong? I also tried the other method given in the examples in the auth documentation, Auth::instance()->login($user->username, $form->password);, but I get the same result. Kohana version is 2.3.4. public function login() { $auth = Auth::instance(); if ($auth->logged_in()) { url::redirect('/account/summary'); } $view = new View('login'); $view->username = ''; $view->password = ''; $post = $this->input->post(); $form = new Validation($post); $form->pre_filter('trim', 'username') ->pre_filter('trim', 'password') ->add_rules('username', 'required'); $failed = false; if (!empty($post) && $form->validate()) { $login = array( 'username' => $form->username, 'password' => $form->password, ); if (ORM::factory('user')->login($login)) { url::redirect('/accounts/summary'); } else { $view->username = $form->username; $view->message = in_array('required', $form->errors()) ? 'Username and password are required.' : 'Invalid username and/or password.'; } } $view->render(true); }

  Read the article

• Am I abusing Policies?

  - by pmr

  I find myself using policies a lot in my code and usually I'm very happy with that. But from time to time I find myself confronted with using that pattern in situations where the Policies are selected and runtime and I have developed habbits to work around such situations. Usually I start with something like that: class DrawArrays { protected: void sendDraw() const; }; class DrawElements { protected: void sendDraw() const; }; template<class Policy> class Vertices : public Policy { using Policy::sendDraw(); public: void render() const; }; When the policy is picked at runtime I have different choices of working around the situation. Different code paths: if(drawElements) { Vertices<DrawElements> vertices; } else { Vertices<DrawArrays> vertices; } Inheritance and virtual calls: class PureVertices { public: void render()=0; }; template<class Policy> class Vertices : public PureVertices, public Policy { //.. }; Both solutions feel wrong to me. The first creates an umaintainable mess and the second introduces the overhead of virtual calls that I tried to avoid by using policies in the first place. Am I missing the proper solutions or do I use the wrong pattern to solve the problem?

  Read the article

• Grails , how do I get an object NOT to save

  - by user350325

  Hello I am new to grails and trying to create a form which allows a user to change the email address associated with his/her account for a site I am creating. It asks for the user for their current password and also for the new email address they want to use. If the user enters the wrong password or an invalid email address then it should reject them with an appropriate error message. Now the email validation can be done through constraints in grails, but the password change has to match their current password. I have implemented this check as a method on a service class. See code below: def saveEmail = { def client = ClientUser.get(session.clientUserID) client.email = params.email if(clientUserService.checkPassword(session.clientUserID , params.password) ==false) { flash.message = "Incorrect Password" client.discard() redirect(action:'changeEmail') } else if(!client.validate()) { flash.message = "Invalid Email Address" redirect(action:'changeEmail') } else { client.save(); session.clientUserID = null; flash.message = "Your email address has been changed, please login again" redirect(controller: 'clientLogin' , action:'index') } } Now what I noticed that was odd was that if I entered an invalid email then it would not save the changes (as expected) BUT if I entered the wrong password and a valid email then it would save the changes and even write them back into the database even though it would give the correct "invalid password" error message. I was puzzled so set break points in all the if/else if/else blocks and found that it was hitting the first if statement as expected and not hitting the others , so it would never come accross a call to the save() method, yet it was saved anyway. After a little research I came accross documentation for the discard() method which you can see used in the code above. So I added this but still no avail. I even tried using discard then reloading the client object from the DB again but still no dice. This is very frustrating and I would be grateful for any help, since I think that this should surely not be a complicated requirement!

  Read the article

• log in using fitnesse

  - by user1513027

  This is a basic HTTP encoding and formatting question. I need to log in from a RESTFixture to a PHP web service. I need to pass in the account, username, and password, as POST variables just as a login page does. Wireshark shows that my login page formats it as accountNumber=accounttest&username=usertest&password=passtest When I do that in the test, I get a POST array of $_POST: Array ( [accountNumber] => accounttest [amp;username] => usertest [amp;password] => passtest ) That would work but the "amp;" obviously makes it so that PHP doesn't find the username. Content type is the same for both live and the test. [CONTENT_TYPE] = application/x-www-form-urlencoded Here are a few other formats I've tried with results. In all three cases, it fails to parse so all fields end up in one array entry. input: accountNumber=accounttest%amp;username=usertest%amp;password=passtest Result: $_POST: Array ( [accountNumber] = accounttest%amp;username=usertest%amp;password=passtest ) input: accountNumber=accounttest;username=usertest;password=passtest Result: $_POST: Array ( [accountNumber] => accounttest;username=usertest;password=passtest ) input: accountNumber=accounttest%26username=usertest%26password=passtest Result: $_POST: Array ( [accountNumber] = accounttest&username=usertest&password=passtest ) So the last one correctly converts the %26 to &, but doesn't break the items apart into array elements.

  Read the article

• Using javascript and php together

  - by EmmyS

  I have a PHP form that needs some very simple validation on submit. I'd rather do the validation client-side, as there's quite a bit of server-side validation that happens to deal with writing form values to a database. So I just want to call a javascript function onsubmit to compare values in two password fields. This is what I've got: function validate(form){ var password = form.password.value; var password2 = form.password2.value; alert("password:"+password+" password2:" + password2); if (password != password2) { alert("not equal"); document.getElementByID("passwordError").style.display="inline"; return false; } alert("equal"); return true; } The idea being that a default-hidden div containing an error message would be displayed if the two passwords don't match. The alerts are just to display the values of password and password2, and then again to indicate whether they match or not (will not be used in production code). I'm using an input type=submit button, and calling the function in the form tag: <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" onsubmit="return validate(this);"> Everything is alerting as expected when entering non-matching values. I would have hoped (and assumed, based on past use) that if the function returned false, the actual submit would not occur. And yet, it is. I'm testing by entering non-matching values in the password fields, and the alerts clearly show me the values and the not equal result, but the actual form action is still occurring and it's trying to write to my database. I'm pretty new at PHP; is there something about it that will not let me combine with javascript this way? Would it be better to use an input type=button and include submit() in the function itself if it returns true?

  Read the article

• How to encrypt/decrypt a file in Java?

  - by Petike

  Hello, I am writing a Java application which can "encrypt" and consequently "decrypt" whatever binary file. I am just a beginner in the "cryptography" area so I would like to write a very simple application for the beginning. For reading the original file, I would probably use the java.io.FileInputStream class to get the "array of bytes" byte originalBytes[] of the file. Then I would probably use some very simple cipher, for example "shift up every byte by 1" and then I would get the "encrypted" bytes byte encryptedBytes[] and let's say that I would also set a "password" for it, for example "123456789". Next, when somebody wants to "decrypt" that file, he has to enter the password ("123456789") first and after that the file could be decrypted (thus "shift down every byte by 1") and consequently saved to the output file via java.io.FileOutputStream I am just wondering how to "store" the password information to the encrypted file so that the decrypting application knows if the entered password and the "real" password equals? Probably it would be silly to add the password (for example the ASCII ordinal numbers of the password letters) to the beginning of the file (before the encrypted data). So my main question is how to store the password information to the encrypted file?

  Read the article

• how to put header authentication into a form using php?

  - by SkyWookie

  Hey guys, for the page I am doing needs a login authentication using Twitter (using tweetphp API). For test purposes I used this code below to do a successful login: if (!isset($_SERVER['PHP_AUTH_USER'])){ header('WWW-Authenticate: Basic realm="Enter your Twitter username and password:"'); header('HTTP/1.0 401 Unauthorized'); echo 'Please enter your Twitter username and password to view your followers.'; exit(); } $username = $_SERVER['PHP_AUTH_USER']; $password = $_SERVER['PHP_AUTH_PW']; The problem now is, I want to integrate it into a form, so far I have the following: <form action="logincheck.php" method="post" class="niceform" > <fieldset> <legend>Twitter Login:</legend> <dl> <dt><label for="email">Twitter Username:</label></dt> <dd><input type="text" name="username" id="username" size="32" maxlength="128" /></dd> </dl> <dl> <dt><label for="password">Password:</label></dt> <dd><input type="password" name="password" id="password" size="32" maxlength="32" /></dd> </dl> </fieldset> <fieldset class="action"> <input type="submit" name="submit" id="submit" value="Submit" /> I am sending it to logincheck.php, this is where I think I get stuck. I am not sure how to compare the form data with Twitter's login data. I was trying a similar if statement as I used in the first code (box that pops up before page loads), but I couldn't wrap my head around it. Thanks again guys!

  Read the article

• S.redirectTo leads always to a blank screen

  - by Jaime Ocampo

  I am now playing a little bit with lift (2.8.0), and all the features in LiftRules work as intended. But I haven't been able to use S.redirectTo at all. I always ends with a blank screen, no matter what. No error messages at all! As an example, I have the following form: ... <lift:logIn.logInForm form="post"> <p><login:name /></p> <p><login:password /></p> <p><login:submit /></p> </lift:logIn.logInForm> ... And the code is: object LogIn extends helper.LogHelper { ... def logInForm(in: NodeSeq): NodeSeq = { var name = "" var password = "" def login() = { logger.info("name: " + name) logger.info("password: " + password) if (name == "test1") S.redirectTo("/example") if (name == "test2") S.redirectTo("/example.html") if (name == "test3") S.redirectTo("example.html") S.redirectTo("/") } bind("login", in, "name" -> SHtml.text(name, name = _), "password" -> SHtml.password(password, password = _), "submit" -> SHtml.submit("Login", login)) } } The method 'login' is invoked, I can check that in the log information. But as I said, no matter which name I enter, I always end with a blank screen, although 'examples.html' is available when being accessed directly in the browser. How should I invoke S.redirectoTo in order to navigate to 'examples.html'? Also, why don't I receive an error message (I am logging at a debug level)? I think all the configuration in Boot is correct, since all LitRules examples (statelessRewrite, dispatch, viewDispatch, snippets) work fine.

  Read the article

• if statement inside array : codeigniter

  - by ahmad

  Hello , I have this function to edit all fields that come from the form and its works fine .. function editRow($tableName,$id) { $fieldsData = $this->db->field_data($tableName); $data = array(); foreach ($fieldsData as $key => $field) { $data[ $field->name ] = $this->input->post($field->name); } $this->db->where('id', $id); $this->db->update($tableName, $data); } now I want to add a condition for Password field , if the field is empty keep the old password , I did some thing like that : function editRow($tableName,$id) { $fieldsData = $this->db->field_data($tableName); $data = array(); foreach ($fieldsData as $key => $field) { if ($data[ $field->name ] == 'password' && $this->input->post('password') == '' ) { $data[ 'password' ] => $this->input->post('hide_password'), //'password' => $this->input->post('hide_password'), } else { $data[ $field->name ] => $this->input->post($field->name) } } $this->db->where('id', $id); $this->db->update($tableName, $data); } but I get error ( Parse error: syntax error, unexpected T_DOUBLE_ARROW in ... ) Html , some thing like this : <input type="text" name="password" value=""> <input type="hidden" name="hide_password" value="$row->$password" /> umm , any help ? thanks ..

  Read the article

• Spring MessageSource not being used during validation

  - by Jeremy

  I can't get my messages in messages.properties to be used during Spring validation of my form backing objects. app-config.xml: <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource"> <property name="basename" value="messages" /> </bean> WEB-INF/classes/messages.properties: NotEmpty=This field should not be empty. Form Backing Object: ... @NotEmpty @Size(min=6, max=25) private String password; ... When I loop through all errors in the BindingResult and output the ObjectError's toString I get this: Field error in object 'settingsForm' on field 'password': rejected value []; codes [NotEmpty.settingsForm.password,NotEmpty.password,NotEmpty.java.lang.String,NotEmpty]; arguments [org.springframework.context.support.DefaultMessageSourceResolvable: codes [settingsForm.password,password]; arguments []; default message [password]]; default message [may not be empty] As you can see the default message is "may not be empty" instead of my message "This field should not be empty". I do get my correct message if I inject the messageSource into a controller and output this: messageSource.getMessage("NotEmpty", new Object [] {"password"}, "default empty message", null); So why isn't the validation using my messages.properties? I'm running Spring 3.1.1. Thanks!

  Read the article

• Insert not working

  - by user1642318

  I've searched evreywhere and tried all suggestions but still no luck when running the following code. Note that some code is commented out. Thats just me trying different things. SqlConnection connection = new SqlConnection("Data Source=URB900-PC\SQLEXPRESS;Initial Catalog=usersSQL;Integrated Security=True"); string password = PasswordTextBox.Text; string email = EmailTextBox.Text; string firstname = FirstNameTextBox.Text; string lastname = SurnameTextBox.Text; //command.Parameters.AddWithValue("@UserName", username); //command.Parameters.AddWithValue("@Password", password); //command.Parameters.AddWithValue("@Email", email); //command.Parameters.AddWithValue("@FirstName", firstname); //command.Parameters.AddWithValue("@LastName", lastname); command.Parameters.Add("@UserName", SqlDbType.VarChar); command.Parameters["@UserName"].Value = username; command.Parameters.Add("@Password", SqlDbType.VarChar); command.Parameters["@Password"].Value = password; command.Parameters.Add("@Email", SqlDbType.VarChar); command.Parameters["@Email"].Value = email; command.Parameters.Add("@FirstName", SqlDbType.VarChar); command.Parameters["@FirstName"].Value = firstname; command.Parameters.Add("@LasttName", SqlDbType.VarChar); command.Parameters["@LasttName"].Value = lastname; SqlCommand command2 = new SqlCommand("INSERT INTO users (UserName, Password, UserEmail, FirstName, LastName)" + "values (@UserName, @Password, @Email, @FirstName, @LastName)", connection); connection.Open(); command2.ExecuteNonQuery(); //command2.ExecuteScalar(); connection.Close(); When I run this, fill in the textboxes and hit the button I get...... Must declare the scalar variable "@UserName". Any help would be greatly appreciated. Thanks.

  Read the article

• Objective-C Result from a Static Method saved to class instance variable giving "EXC_BAD_ACCESS" when used.

  - by KinGBin

  I am trying to store the md5 string as a class instance variable instead of the actual password. I have a static function that will return a md5 string which I'm trying to store in an instance variable instead of the actual password. I have the following setter for my class instance variable: -(void)setPassword:(NSString *)newpass{ if(newpass != password){ password = [utils md5HexDigest:newpass]; } } This will pass back the correct md5 string and save it to the password variable in my init function: [self setPassword:pword];. If I call another instance method and try to access self.password" I will get "EXC_BAD_ACCESS". I understand that the memory is getting released, but I have no clue to make sure it stays. I have tried alloc init with autorelease with no luck. This is the md5HexDigest function getting called during the init (graciously found in another stackoverflow question): + (NSString*)md5HexDigest:(NSString*)input { const char* str = [input UTF8String]; unsigned char result[CC_MD5_DIGEST_LENGTH]; CC_MD5(str, strlen(str), result); NSMutableString *ret = [NSMutableString stringWithCapacity:CC_MD5_DIGEST_LENGTH*2]; for(int i = 0; i<CC_MD5_DIGEST_LENGTH; i++) { [ret appendFormat:@"%02x",result[i]]; } return ret; } Any help/pointers would be greatly appreciated. I would rather have the md5 string saved in memory than the actual password calling the md5 every time I needed to use the password. Thanks in advance.

  Read the article

• Why is my rspec test failing?

  - by Justin Meltzer

  Here's the test: describe "admin attribute" do before(:each) do @user = User.create!(@attr) end it "should respond to admin" do @user.should respond_to(:admin) end it "should not be an admin by default" do @user.should_not be_admin end it "should be convertible to an admin" do @user.toggle!(:admin) @user.should be_admin end end Here's the error: 1) User password encryption admin attribute should respond to admin Failure/Error: @user = User.create!(@attr) ActiveRecord::RecordInvalid: Validation failed: Email has already been taken # ./spec/models/user_spec.rb:128 I'm thinking the error might be somewhere in my data populator code: require 'faker' namespace :db do desc "Fill database with sample data" task :populate => :environment do Rake::Task['db:reset'].invoke admin = User.create!(:name => "Example User", :email => "[email protected]", :password => "foobar", :password_confirmation => "foobar") admin.toggle!(:admin) 99.times do |n| name = Faker::Name.name email = "example-#{n+1}@railstutorial.org" password = "password" User.create!(:name => name, :email => email, :password => password, :password_confirmation => password) end end end Please let me know if I should reproduce any more of my code. UPDATE: Here's where @attr is defined, at the top of the user_spec.rb file: require 'spec_helper' describe User do before(:each) do @attr = { :name => "Example User", :email => "[email protected]", :password => "foobar", :password_confirmation => "foobar" } end

  Read the article

• Two forms but only 1 jsp file

  - by joshft91

  Here's what I've got going on. I have one .jsp file. However, I have two forms with multiple inputs inside those forms. What is the best way to detect that one form was submitted but not the other? Here's an example: I have this form: <form name = "login" action="index.jsp" method="get"> Username: <input id="username" name="username" type="text"/><br/> Password: <input id="password" name="password" type="password"/> <input type="submit" Value="Login" ></input> </form> If that button is clicked, I'd like to run this code: String username = request.getParameter("username"); String password = request.getParameter("password"); if((username!= null && !username.trim().equals("")) && (password != null && !username.trim().equals(""))) { DBentry DBentry=new DBentry(); boolean flag = DBentry.isTaken(username); if(flag) {%><script type="text/javascript">alert("Login Successful!");</script><% } else { %><script type="text/javascript">alert("Unrecognized username. Please register!");</script><% } } else { %><script type="text/javascript">alert("Please enter both a username and password!");</script><% } Further down I would have something exactly like it but submitting a different form. Thanks!

  Read the article

• Error using maven profiles

  - by user3127896

  I've added two profiles to my application and that how it looks: <profiles> <profile> <id>dev</id> <properties> <db.username>root</db.username> <db.password>root</db.password> <db.connectionURL>localhost:3306</db.connectionURL> <db.driverClass>com.mysql.jdbc.Driver</db.driverClass> </properties> </profile> <profile> <id>prod</id> <properties> <db.username>prodroot</db.username> <db.password>prodpass</db.password> <db.connectionURL>localhost:3306</db.connectionURL> <db.driverClass>com.mysql.jdbc.Driver</db.driverClass> </properties> </profile> </profiles> In my jdbc.properties file i changed values like this: jdbc.driverClassName=${db.driverClass} jdbc.dialect=org.hibernate.dialect.MySQLDialect jdbc.databaseurl=jdbc:mysql://${db.connectionURL}/dbname jdbc.username=${db.username} jdbc.password=${db.password} And here's bean from spring-container.xml <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close" p:driverClassName="${jdbc.driverClassName}" p:url="${jdbc.databaseurl}" p:username="${jdbc.username}" p:password="${jdbc.password}" /> When i try to deploy my application i got following error: SEVERE: Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener org.springframework.beans.factory.BeanDefinitionStoreException: Invalid bean definition with name 'dataSource' defined in ServletContext resource [/WEB-INF/spring-servlet.xml]: Could not resolve placeholder 'db.driverClass' Structure of project: Any ideas what i'm doing wrong? Thanks in advance!

  Read the article

• Error Expected Loop VBScript

  - by Yoko21

  I have a script that opens up an excel file if the password provided is correct. If its wrong, it prompts a message. It works perfectly when I add a loop at the end. However, the problem is whenever the password is wrong the script won't stop asking for the password because of the loop. What I want is the script to quit/close if the password is wrong. I tried to remove the loop and replaced it with "wscript.quit" but it always prompts the message "expected loop". Here is the code I made. password = "pass" do ask=inputbox ("Please enter password:","DProject") select case ask case password answer=true Set xl = CreateObject("Excel.application") xl.Application.Workbooks.Open "C:\Users\test1\Desktop\test.xlsx" xl.Application.Visible = True Set xl = Nothing wscript.quit end select answer=false x=msgbox("Password incorrect... Aborting") loop until answer=true Is it possible to put a message like that counts when aborting. like "Aborting in 3.... 2... 1".

  Read the article

• Establishing WebLogic Server HTTPS Trust of IIS Using a Microsoft Local Certificate Authority

  - by user647124

  Everyone agrees that self-signed and demo certificates for SSL and HTTPS should never be used in production and preferred not to be used elsewhere. Most self-signed and demo certificates are provided by vendors with the intention that they are used only to integrate within the same environment. In a vendor’s perfect world all application servers in a given enterprise are from the same vendor, which makes this lack of interoperability in a non-production environment an advantage. For us working in the real world, where not only do we not use a single vendor everywhere but have to make do with self-signed certificates for all but production, testing HTTPS between an IIS ASP.NET service provider and a WebLogic J2EE consumer application can be very frustrating to set up. It was for me, especially having found many blogs and discussion threads where various solutions were described but did not quite work and were all mostly similar but just a little bit different. To save both you and my future (who always seems to forget the hardest-won lessons) all of the pain and suffering, I am recording the steps that finally worked here for reference and sanity. How You Know You Need This The first cold clutches of dread that tells you it is going to be a long day is when you attempt to a WSDL published by IIS in WebLogic over HTTPS and you see the following: <Jul 30, 2012 2:51:31 PM EDT> <Warning> <Security> <BEA-090477> <Certificate chain received from myserver.mydomain.com - 10.555.55.123 was not trusted causing SSL handshake failure.> weblogic.wsee.wsdl.WsdlException: Failed to read wsdl file from url due to -- javax.net.ssl.SSLKeyException: [Security:090477]Certificate chain received from myserver02.mydomain.com - 10.555.55.123 was not trusted causing SSL handshake failure. The above is what started a three day sojourn into searching for a solution. Even people who had solved it before would tell me how they did, and then shrug when I demonstrated that the steps did not end in the success they claimed I would experience. Rather than torture you with the details of everything I did that did not work, here is what finally did work. Export the Certificates from IE First, take the offending WSDL URL and paste it into IE (if you have an internal Microsoft CA, you have IE, even if you don’t use it in favor of some other browser). To state the semi-obvious, if you received the error above there is a certificate configured for the IIS host of the service and the SSL port has been configured properly. Otherwise there would be a different error, usually about the site not found or connection failed. Once the WSDL loads, to the right of the address bar there will be a lock icon. Click the lock and then click View Certificates in the resulting dialog (if you do not have a lock icon but do have a Certificate Error message, see http://support.microsoft.com/kb/931850 for steps to install the certificate then you can continue from the point of finding the lock icon). Figure 1: View Certificates in IE Next, select the Details tab in the resulting dialog Figure 2: Use Certificate Details to Export Certificate Click Copy to File, then Next, then select the Base-64 encoded option for the format Figure 3: Select the Base-64 encoded option for the format For the sake of simplicity, I choose to save this to the root of the WebLogic domain. It will work from anywhere, but later you will need to type in the full path rather than just the certificate name if you save it elsewhere. Figure 4: Browse to Save Location Figure 5: Save the Certificate to the Domain Root for Convenience This is the point where I ran into some confusion. Some articles mentioned exporting the entire chain of certificates. This supposedly works for some types of certificates, or if you have a few other tools and the time to learn them. For the SSL experts out there, they already have these tools, know how to use them well, and should not be wasting their time reading this article meant for folks who just want to get things wired up and back to unit testing and development. For the rest of us, the easiest way to make sure things will work is to just export all the links in the chain individually and let WebLogic Server worry about re-assembling them into a chain (which it does quite nicely). While perhaps not the most elegant solution, the multi-step process is easy to repeat and uses only tools that are immediately available and require no learning curve. So… Next, go to Tools then Internet Options then the Content tab and click Certificates. Go to the Trust Root Certificate Authorities tab and find the certificate root for your Microsoft CA cert (look for the Issuer of the certificate you exported earlier). Figure 6: Trusted Root Certification Authorities Tab Export this one the same way as before, with a different name Figure 7: Use a Unique Name for Each Certificate Repeat this once more for the Intermediate Certificate tab. Import the Certificates to the WebLogic Domain Now, open an command prompt, navigate to [WEBLOGIC_DOMAIN_ROOT]\bin and execute setDomainEnv. You should then be in the root of the domain. If not, CD to the domain root. Assuming you saved the certificate in the domain root, execute the following: keytool -importcert -alias [ALIAS-1] -trustcacerts -file [FULL PATH TO .CER 1] -keystore truststore.jks -storepass [PASSWORD] An example with the variables filled in is: keytool -importcert -alias IIS-1 -trustcacerts -file microsftcert.cer -keystore truststore.jks -storepass password After several lines out output you will be prompted with: Trust this certificate? [no]: The correct answer is ‘yes’ (minus the quotes, of course). You’ll you know you were successful if the response is: Certificate was added to keystore If not, check your typing, as that is generally the source of an error at this point. Repeat this for all three of the certificates you exported, changing the [ALIAS-1] and [FULL PATH TO .CER 1] value each time. For example: keytool -importcert -alias IIS-1 -trustcacerts -file microsftcert.cer -keystore truststore.jks -storepass password keytool -importcert -alias IIS-2 -trustcacerts -file microsftcertRoot.cer -keystore truststore.jks -storepass password keytool -importcert -alias IIS-3 -trustcacerts -file microsftcertIntermediate.cer -keystore truststore.jks -storepass password In the above we created a new JKS key store. You can re-use an existing one by changing the name of the JKS file to one you already have and change the password to the one that matches that JKS file. For the DemoTrust.jks  that is included with WebLogic the password is DemoTrustKeyStorePassPhrase. An example here would be: keytool -importcert -alias IIS-1 -trustcacerts -file microsoft.cer -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase keytool -importcert -alias IIS-2 -trustcacerts -file microsoftRoot.cer -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase keytool -importcert -alias IIS-2 -trustcacerts -file microsoftInter.cer -keystore DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase Whichever keystore you use, you can check your work with: keytool -list -keystore truststore.jks -storepass password Where “truststore.jks” and “password” can be replaced appropriately if necessary. The output will look something like this: Figure 8: Output from keytool -list -keystore Update the WebLogic Keystore Configuration If you used an existing keystore rather than creating a new one, you can restart your WebLogic Server and skip the rest of this section. For those of us who created a new one because that is the instructions we found online… Next, we need to tell WebLogic to use the JKS file (truststore.jks) we just created. Log in to the WebLogic Server Administration Console and navigate to Servers > AdminServer > Configuration > Keystores. Scroll down to “Custom Trust Keystore:” and change the value to “truststore.jks” and the value of “Custom Trust Keystore Passphrase:” and “Confirm Custom Trust Keystore Passphrase:” to the password you used when earlier, then save your changes. You will get a nice message similar to the following: Figure 9: To Be Safe, Restart Anyways The “No restarts are necessary” is somewhat of an exaggeration. If you want to be able to use the keystore you may need restart the server(s). To save myself aggravation, I always do. Your mileage may vary. Conclusion That should get you there. If there are some erroneous steps included for your situation in particular, I will offer up a semi-apology as the process described above does not take long at all and if there is one step that could be dropped from it, is still much faster than trying to figure this out from other sources.

  Read the article

• Content Based Routing with BRE and ESB

  - by Christopher House

  I've been working with BizTalk 2009 and the ESB toolkit for the past couple of days.  This is actually my first exposure to ESB and so far I'm pleased with how easy it is to work with. Initially we had planned to use UDDI for storing endpoint information.  However after discussing this with my client, we opted to look at BRE instead of UDDI since we're already storing transforms in BRE.  Fortunately making the change to BRE from UDDI was quite simple.  This solution of course has the added advantage of not needing to go through the convoluted process of registering our endpoints in UDDI. The first thing to remember if you want to do content based routing with BRE and ESB is that the pipleines included in the ESB toolkit don't include disassembler components.  This means that you'll need to first create a custom recieve pipeline with the necessary disassembler for your message type as well as the ESB components, itinerary selector and dispather. Next you need to create a BRE policy.  The ESB.ContextInfo vocabulary contains vocabulary links for the various items in the ESB context dictionary.  In this vocabulary, you'll find an item called Context Message Type, use this as the left hand side of your condition.  Set the right hand side to your message type, something like http://your.message.namespace/#yourrootelement.  Now find the ESB.EndPointInfo vocabulary.  This contains links to all the properties related to endpoint information.  Use the various set operators in your rule's action to configure your endpoint. In the example above, I'm using the WCF-SQL adapter. Now that the hard work is out of the way, you just need to configure the resolver in your itinerary. Nothing complicated here.  Just select BRE as your resolver implementation and select your policy from the drop-down list.  Note that when you select a policy, the Version field will be automatically filled in with the version of your policy.  If you leave this as-is, the resolver will always use that policy version.  Alternatively, you can clear the version number and the resolver will use the highest deployed version.

  Read the article

• Windows Phone 7 Development Updates &ndash; March 8th 2011

  - by Nikita Polyakov

  Here are the latest update from the Windows Phone 7 Developer Worlds that went live this month. Here are some of the latest numbers: Windows Phone Marketplace currently offers more than 9,000 quality apps and games and enjoys a base of over 32,000 registered developers, delivering an average of 100 new apps every day. There have been over 1 million downloads of the developers tools for Windows Phone 7. Trial version help you sell more Trials result in higher sales by the numbers: Users like trials  - paid apps with trial functionality are downloaded 70 times more than paid apps that don’t Nearly 1 out of 10 trial apps downloaded convert to a purchase and generate 10 times more revenue on average than paid apps that don’t include trial functionality. Trial downloads convert to paid downloads quickly. More than half of trial downloads that convert to a sale do so within the 1st 24 hours of trial download, and mostly within 2 hours of trial download. Microsoft Ad Control is gaining traction By the numbers - ad supported Windows Phone 7 apps are: Roughly ¼ of all registered U.S. WP7 developers have downloaded the free Ad SDK for Silverlight and XNA Of ad funded apps, over 95 percent use the free Microsoft Advertising Ad Control Monthly impressions from our Ad Exchange has continued to grow by double digits – impressions increased by 376 percent since January Ad Control, the first wave of “How Do I” videos are now available on MSDN: Create an Ad in a Windows Phone 7 XNA Game App Register Ad-Enabled Windows Phone 7 Apps Measure Ad Performance of Windows Phone 7 Apps Boarder International App submission for Free Apps through Yalla Apps As of today you can start submitting your free applications in developer markets that are currently not covered by Microsoft. To submit your Free application if you DO NOT belong to one of the Marketplace supported countries, go to: Yalla Apps Marketplace Policy Updates: Free App Marketplace Submission upped to 100 and other news Microsoft has been revisiting a few of our Marketplace policies based on feedback from developers to reduce friction and cost, word for word: 1. We have raised the limit on the number of certifications that can be performed for FREE apps at no cost to the registered developer from five to 100. This was a common request from developers which we are glad to implement after building alternate methods to ensure that users can find and download high quality apps. 2. We have converted policy 5.6 - related to the inclusion of contact information for support - from a mandatory to an optional policy. This is still a strongly recommended best practice, but we recognized and responded to developer feedback that this policy was creating excessive drag on the certification process for developers without commensurate user benefit for all apps. 3. We also understand the desire for clarification with regard to our policy on applications distributed under open source licenses.  The Marketplace Application Provider Agreement (APA) already permits applications under the BSD, MIT, Apache Software License 2.0 and Microsoft Public License.  We plan to update the APA shortly to clarify that we also permit applications under the Eclipse Public License, the Mozilla Public License and other, similar licenses and we continue to explore the possibility of accommodating additional OSS licenses. Enjoy and happy coding! Official Blog Post for reference.

  Read the article

• ubuntu ssh does not connect

  - by bocca

  SSH won't be able to establish a connection to our server Here's the output of ssh -vvv: ssh -v -v -v 11.11.11.11 OpenSSH_5.1p1 Debian-6ubuntu2, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 11.11.11.11 [11.11.11.11] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5ubuntu1 debug1: match: OpenSSH_5.1p1 Debian-5ubuntu1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-6ubuntu2 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 133/256 debug2: bits set: 486/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug1: Host '11.11.11.11' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:1 debug2: bits set: 497/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /root/.ssh/identity ((nil)) debug2: key: /root/.ssh/id_rsa ((nil)) debug2: key: /root/.ssh/id_dsa ((nil)) debug1: Authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /root/.ssh/identity debug3: no such identity: /root/.ssh/identity debug1: Trying private key: /root/.ssh/id_rsa debug3: no such identity: /root/.ssh/id_rsa debug1: Trying private key: /root/.ssh/id_dsa debug3: no such identity: /root/.ssh/id_dsa debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password [email protected]'s password: debug3: packet_send2: adding 64 (len 57 padlen 7 extra_pad 64) debug2: we sent a password packet, wait for reply debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Requesting [email protected] debug1: Entering interactive session. debug2: callback start debug2: client_session2_setup: id 0 debug2: channel 0: request pty-req confirm 1 debug3: tty_make_modes: ospeed 38400 debug3: tty_make_modes: ispeed 38400 debug1: Sending environment. debug3: Ignored env ORBIT_SOCKETDIR debug3: Ignored env SSH_AGENT_PID debug3: Ignored env SHELL debug3: Ignored env TERM debug3: Ignored env XDG_SESSION_COOKIE debug3: Ignored env GTK_RC_FILES debug3: Ignored env WINDOWID debug3: Ignored env USER debug3: Ignored env LS_COLORS debug3: Ignored env GNOME_KEYRING_SOCKET debug3: Ignored env SSH_AUTH_SOCK debug3: Ignored env USERNAME debug3: Ignored env SESSION_MANAGER debug3: Ignored env MAIL debug3: Ignored env PATH debug3: Ignored env DESKTOP_SESSION debug3: Ignored env PWD debug3: Ignored env GDM_KEYBOARD_LAYOUT debug3: Ignored env GNOME_KEYRING_PID debug1: Sending env LANG = en_CA.UTF-8 debug2: channel 0: request env confirm 0 debug3: Ignored env GDM_LANG debug3: Ignored env GDMSESSION debug3: Ignored env HISTCONTROL debug3: Ignored env SPEECHD_PORT debug3: Ignored env HOME debug3: Ignored env SHLVL debug3: Ignored env GNOME_DESKTOP_SESSION_ID debug3: Ignored env LOGNAME debug3: Ignored env XDG_DATA_DIRS debug3: Ignored env DBUS_SESSION_BUS_ADDRESS debug3: Ignored env LESSOPEN debug3: Ignored env DISPLAY debug3: Ignored env LESSCLOSE debug3: Ignored env XAUTHORITY debug3: Ignored env COLORTERM debug3: Ignored env _ debug2: channel 0: request shell confirm 1 debug2: fd 3 setting TCP_NODELAY debug2: callback done debug2: channel 0: open confirm rwindow 0 rmax 32768 debug2: channel_input_confirm: type 99 id 0 debug2: PTY allocation request accepted on channel 0 debug2: channel 0: rcvd adjust 2097152 debug2: channel_input_confirm: type 99 id 0 debug2: shell request accepted on channel 0

  Read the article

• how can I exit from a php script and continue right after the script?

  - by Samir Ghobril

  Hey guys, I have this piece of code, and when I add return after echo(if there is an error and I need to continue right after the script) I can't see the footer, do you know what the problem is? <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html lang="en" > <head> <title>Login | JM Today </title> <link href="Mainstyles.css" type="text/css" rel="stylesheet" /> </head> <body> <div class="container"> <?php include("header.php"); ?> <?php include("navbar.php"); ?> <?php include("cleanquery.php") ?> <div id="wrap"> <?php ini_set('display_errors', 'On'); error_reporting(E_ALL | E_STRICT); $conn=mysql_connect("localhost", "***", "***") or die(mysql_error()); mysql_select_db('jmtdy', $conn) or die(mysql_error()); if(isset($_POST['sublogin'])){ if(( strlen($_POST['user']) >0) && (strlen($_POST['pass']) >0)) { checklogin($_POST['user'], $_POST['pass']); } elseif((isset($_POST['user']) && empty($_POST['user'])) || (isset($_POST['pass']) && empty($_POST['pass']))){ echo '<p class="statusmsg">You didn\'t fill in the required fields.</p><br/><input type="button" value="Retry" onClick="location.href='."'login.php'\">"; return; } } else{ echo '<p class="statusmsg">You came here by mistake, didn\'t you?</p><br/><input type="button" value="Retry" onClick="location.href='."'login.php'\">"; return; } function checklogin($username, $password){ $username=mysql_real_escape_string($username); $password=mysql_real_escape_string($password); $result=mysql_query("select * from users where username = '$username'"); if($result != false){ $dbArray=mysql_fetch_array($result); $dbArray['password']=mysql_real_escape_string($dbArray['password']); $dbArray['username']=mysql_real_escape_string($dbArray['username']); if(($dbArray['password'] != $password ) || ($dbArray['username'] != $username)){ echo '<p class="statusmsg">The username or password you entered is incorrect. Please try again.</p><br/><input type="button" value="Retry" onClick="location.href='."'login.php'\">"; return; } $_SESSION['username']=$username; $_SESSION['password']=$password; if(isset($_POST['remember'])){ setcookie("jmuser",$_SESSION['username'],time()+60*60*24*356); setcookie("jmpass",$_SESSION['username'],time()+60*60*24*356); } } else{ echo'<p class="statusmsg"> The username or password you entered is incorrect. Please try again.</p><br/>input type="button" value="Retry" onClick="location.href='."'login.php'\">"; return; } } ?> </div> <br/> <br/> <?php include("footer.php") ?> </div> </body> </html>

  Read the article

• With a jquery modular dialog how do I stop the form values from persisting?

  - by stormist

  (Citing source at: http://jqueryui.com/demos/dialog/#modal-form) As an example, this works great but each time the form is subsequently opened the user entered values remain. How can I stop this behavior? (the form will be used multiple times on the same page. <style type="text/css"> body { font-size: 62.5%; } label, input { display:block; } input.text { margin-bottom:12px; width:95%; padding: .4em; } fieldset { padding:0; border:0; margin-top:25px; } h1 { font-size: 1.2em; margin: .6em 0; } div#users-contain { width: 350px; margin: 20px 0; } div#users-contain table { margin: 1em 0; border-collapse: collapse; width: 100%; } div#users-contain table td, div#users-contain table th { border: 1px solid #eee; padding: .6em 10px; text-align: left; } .ui-dialog .ui-state-error { padding: .3em; } .validateTips { border: 1px solid transparent; padding: 0.3em; } </style> <script type="text/javascript"> $(function() { // a workaround for a flaw in the demo system (http://dev.jqueryui.com/ticket/4375), ignore! $("#dialog").dialog("destroy"); var name = $("#name"), email = $("#email"), password = $("#password"), allFields = $([]).add(name).add(email).add(password), tips = $(".validateTips"); function updateTips(t) { tips .text(t) .addClass('ui-state-highlight'); setTimeout(function() { tips.removeClass('ui-state-highlight', 1500); }, 500); } function checkLength(o,n,min,max) { if ( o.val().length > max || o.val().length < min ) { o.addClass('ui-state-error'); updateTips("Length of " + n + " must be between "+min+" and "+max+"."); return false; } else { return true; } } function checkRegexp(o,regexp,n) { if ( !( regexp.test( o.val() ) ) ) { o.addClass('ui-state-error'); updateTips(n); return false; } else { return true; } } $("#dialog-form").dialog({ autoOpen: false, height: 300, width: 350, modal: true, buttons: { 'Create an account': function() { var bValid = true; allFields.removeClass('ui-state-error'); bValid = bValid && checkLength(name,"username",3,16); bValid = bValid && checkLength(email,"email",6,80); bValid = bValid && checkLength(password,"password",5,16); bValid = bValid && checkRegexp(name,/^[a-z]([0-9a-z_])+$/i,"Username may consist of a-z, 0-9, underscores, begin with a letter."); // From jquery.validate.js (by joern), contributed by Scott Gonzalez: http://projects.scottsplayground.com/email_address_validation/ bValid = bValid && checkRegexp(email,/^((([a-z]|\d|[!#\$%&'\*\+\-\/=\?\^_`{\|}~]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+(\.([a-z]|\d|[!#\$%&'\*\+\-\/=\?\^_`{\|}~]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+)*)|((\x22)((((\x20|\x09)*(\x0d\x0a))?(\x20|\x09)+)?(([\x01-\x08\x0b\x0c\x0e-\x1f\x7f]|\x21|[\x23-\x5b]|[\x5d-\x7e]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(\\([\x01-\x09\x0b\x0c\x0d-\x7f]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]))))*(((\x20|\x09)*(\x0d\x0a))?(\x20|\x09)+)?(\x22)))@((([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.)+(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.?$/i,"eg. [email protected]"); bValid = bValid && checkRegexp(password,/^([0-9a-zA-Z])+$/,"Password field only allow : a-z 0-9"); if (bValid) { $('#users tbody').append('<tr>' + '<td>' + name.val() + '</td>' + '<td>' + email.val() + '</td>' + '<td>' + password.val() + '</td>' + '</tr>'); $(this).dialog('close'); } }, Cancel: function() { $(this).dialog('close'); } }, close: function() { allFields.val('').removeClass('ui-state-error'); } }); $('#create-user') .button() .click(function() { $('#dialog-form').dialog('open'); }); }); </script> <div class="demo"> <div id="dialog-form" title="Create new user"> <p class="validateTips">All form fields are required.</p> <form> <fieldset> <label for="name">Name</label> <input type="text" name="name" id="name" class="text ui-widget-content ui-corner-all" /> <label for="email">Email</label> <input type="text" name="email" id="email" value="" class="text ui-widget-content ui-corner-all" /> <label for="password">Password</label> <input type="password" name="password" id="password" value="" class="text ui-widget-content ui-corner-all" /> </fieldset> </form> </div> <div id="users-contain" class="ui-widget"> <h1>Existing Users:</h1> <table id="users" class="ui-widget ui-widget-content"> <thead> <tr class="ui-widget-header "> <th>Name</th> <th>Email</th> <th>Password</th> </tr> </thead> <tbody> <tr> <td>John Doe</td> <td>[email protected]</td> <td>johndoe1</td> </tr> </tbody> </table> </div> <button id="create-user">Create new user</button> </div><!-- End demo --> <div class="demo-description"> <p>Use a modal dialog to require that the user enter data during a multi-step process. Embed form markup in the content area, set the <code>modal</code> option to true, and specify primary and secondary user actions with the <code>buttons</code> option.</p> </div><!-- End demo-description -->

  Read the article

• How to use data of one table in 'where' clause of another table?

  - by sahar

  hello, i need ur help guys..i m making website for 'home docor ideas'..i have a log in form(login-form.php) in which when 'log in' and 'password' is inserted,after verification through login-execute.php, redirected to viewOrder.php where user can view all of the orders ordered by clients.. all is fine up till here.. but what i want is,when user get logged in ,he view only that order which is ordered by him not all customer's orders.. two tables are there in database: members and order_insert.. in 'members' table, login and password is stored and in 'order_insert',orders of customers is stored.. codes of these three pages is as follows.. ......................... login-form.php ......................... <form id="loginForm" name="loginForm" method="post" action="login-exec.php"> <table width="300" border="0" align="center" cellpadding="2" cellspacing="0"> <tr> <td width="112"><b>Login</b></td> <td width="188"><input name="login" type="text" class="textfield" id="login" /></td> </tr> <tr> <td><b>Password</b></td> <td><input name="password" type="password" class="textfield" id="password" /></td> </tr> <tr> <td>&nbsp;</td> <td><input type="submit" name="Submit" value="Login" /></td> </tr> </table> </form> ......................... login-execute.php ......................... <?php //Start session session_start(); //Include database connection details require_once('config.php'); //Array to store validation errors $errmsg_arr = array(); //Validation error flag $errflag = false; //Connect to mysql server $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } //Function to sanitize values received from the form. Prevents SQL injection function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } //Sanitize the POST values $login = clean($_POST['login']); $password = clean($_POST['password']); //Input Validations if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } //If there are input validations, redirect back to the login form if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: login-form.php"); exit(); } //Create query $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); //Check whether the query was successful or not if($result) { if(mysql_num_rows($result) == 1) { //Login Successful session_regenerate_id(); $member = mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID'] = $member['member_id']; $_SESSION['SESS_FIRST_NAME'] = $member['firstname']; $_SESSION['SESS_LAST_NAME'] = $member['lastname']; session_write_close(); header("location: viewOrder.php"); exit(); }else { //Login failed header("location: login-failed.php"); exit(); } }else { die("Query failed"); } ?> ............................. viewOrder.php .............................. <html> <body bgcolor="#FFFFFF" > <? $host="localhost"; // Host name $username="root"; // Mysql username $password=""; // Mysql password $db_name="mydatabase"; // Database name $tbl_name="order_insert"; // Table name $tbl_name2="members"; // connect to server and databases mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $result = mysql_query("SELECT * FROM $tbl_name "); print "<center>"; $output .= "<table width=1100 border=1 bordercolor=black>"; $output .= "<tr align=center><td>ID</td><td>First Name</td><td>Last Name</td><td>E Mail</td><td> City </td><td> Country </td><td> Phone</td><td>Decoration Type</td><td>Service Description</td><td>Budget</td><td>Update</td><td>Delete</td></tr>"; $output .= "<th></th><th></th>"; $output .= "</tr>\n\n"; while ($row = mysql_fetch_assoc($result)){ $output .= "<tr>\n"; foreach ($row as $col=>$val){ $output .= " <td>$val</td>\n"; } // end foreach $keyVal = $row["id"]; $output .= "<td><a href='update.php?ID=$row[orderId]' >Update </a></td>"; $output .= "<td><a href='delete.php?ID=$row[orderId]' >Delete </a></td>"; $output .= "</tr>\n\n"; }// end while $output .= "</table></center>"; print "$output"; ?>&nbsp;&nbsp;&nbsp;<br> <br> <center><table > <tr><td> <form action="home.php"><font color="#FF0000"><input type="submit" name="btn" style="color:#CC0000" value="<--Back" ></font></form></td></tr></table></center> </body> </html> ..... your help and suggestions will be appreciated

  Read the article

• Quick guide to Oracle IRM 11g: Configuring SSL

  - by Simon Thorpe

  Quick guide to Oracle IRM 11g index So far in this guide we have an IRM Server up and running, however I skipped over SSL configuration in the previous article because I wanted to focus in more detail now. You can, if you wish, not bother with setting up SSL, but considering this is a security technology it is worthwhile doing. Contents Setting up a one way, self signed SSL certificate in WebLogic Setting up an official SSL certificate in Apache 2.x Configuring Apache to proxy traffic to the IRM server There are two common scenarios in which an Oracle IRM server is configured. For a development or evaluation system, people usually communicate directly to the WebLogic Server running the IRM service. However in a production environment and for some proof of concept evaluations that require a setup reflecting a production system, the traffic to the IRM server travels via a web server proxy, commonly Apache. In this guide we are building an Oracle Enterprise Linux based IRM service and this article will go over the configuration of SSL in WebLogic and also in Apache. Like in the past articles, we are going to use two host names in the configuration below,irm.company.com will refer to the public Apache server irm.company.internal will refer to the internal WebLogic IRM server Setting up a one way, self signed SSL certificate in WebLogic First lets look at creating just a simple self signed SSL certificate to be used in WebLogic. This is a quick and easy way to get SSL working in your environment, however the downside is that no browsers are going to trust this certificate you create and you'll need to manually install the certificate onto any machine's communicating with the server. This is fine for development or when you have only a few users evaluating the system, but for any significant use it's usually better to have a fully trusted certificate in use and I explain that in the next section. But for now lets go through creating, installing and testing a self signed certificate. We use a library in Java to create the certificates, open a console and running the following commands. Note you should choose your own secure passwords whenever you see password below. [oracle@irm /] source /oracle/middleware/wlserver_10.3/server/bin/setWLSEnv.sh [oracle@irm /] cd /oracle/middleware/user_projects/domains/irm_domain/config/fmwconfig/ [oracle@irm /] java utils.CertGen -selfsigned -certfile MyOwnSelfCA.cer -keyfile MyOwnSelfKey.key -keyfilepass password -cn "irm.oracle.demo" [oracle@irm /] java utils.ImportPrivateKey -keystore MyOwnIdentityStore.jks -storepass password -keypass password -alias trustself -certfile MyOwnSelfCA.cer.pem -keyfile MyOwnSelfKey.key.pem -keyfilepass password [oracle@irm /] keytool -import -trustcacerts -alias trustself -keystore TrustMyOwnSelf.jks -file MyOwnSelfCA.cer.der -keyalg RSA We now have two Java Key Stores, MyOwnIdentityStore.jks and TrustMyOwnSelf.jks. These contain keys and certificates which we will use in WebLogic Server. Now we need to tell the IRM server to use these stores when setting up SSL connections for incoming requests. Make sure the Admin server is running and login into the WebLogic Console at http://irm.company.intranet:7001/console and do the following; In the menu on the left, select the + next to Environment to expose the submenu, then click on Servers. You will see two servers in the list, AdminServer(admin) and IRM_server1. If the IRM server is running, shut it down either by hitting CONTROL + C in the console window it was started from, or you can switch to the CONTROL tab, select IRM_server1 and then select the Shutdown menu and then Force Shutdown Now. In the Configuration tab select IRM_server1 and switch to the Keystores tab. By default WebLogic Server uses it's own demo identity and trust. We are now going to switch to the self signed one's we've just created. So select the Change button and switch to Custom Identity and Custom Trust and hit save. Now we have to complete the resulting fields, the setting's i've used in my evaluation server are below. IdentityCustom Identity Keystore: /oracle/middleware/user_projects/domains/irm_domain/config/fmwconfig/MyOwnIdentityStore.jks Custom Identity Keystore Type: JKS Custom Identity Keystore Passphrase: password Confirm Custom Identity Keystore Passphrase: password TrustCustom Trust Keystore: /oracle/middleware/user_projects/domains/irm_domain/config/fmwconfig/TrustMyOwnSelf.jks Custom Trust Keystore Type: JKS Custom Trust Keystore Passphrase: password Confirm Custom Trust Keystore Passphrase: password Now click on the SSL tab for the IRM_server1 and enter in the alias and passphrase, in my demo here the details are; IdentityPrivate Key Alias: trustself Private Key Passphrase: password Confirm Private Key Passphrase: password And hit save. Now lets test a connection to the IRM server over HTTPS using SSL. Go back to a console window and start the IRM server, a quick reminder on how to do this is... [oracle@irm /] cd /oracle/middleware/user_projects/domains/irm_domain/bin [oracle@irm /] ./startManagedWeblogic IRM_server1 Once running, open a browser and head to the SSL port of the server. By default the IRM server will be listening on the URL https://irm.company.intranet:16101/irm_rights. Note in the example image on the right the port is 7002 because it's a system that has the IRM services installed on the Admin server, this isn't typical (or advisable). Your system is going to have a separate managed server which will be listening on port 16101. Once you open this address you will notice that your browser is going to complain that the server certificate is untrusted. The images on the right show how Firefox displays this error. You are going to be prompted every time you create a new SSL session with the server, both from the browser and more annoyingly from the IRM Desktop. If you plan on always using a self signed certificate, it is worth adding it to the Windows certificate store so that when you are accessing sealed content you do not keep being informed this certificate is not trusted. Follow these instructions (which are for Internet Explorer 8, they may vary for your version of IE.) Start Internet Explorer and open the URL to your IRM server over SSL, e.g. https://irm.company.intranet:16101/irm_rights. IE will complain that about the certificate, click on Continue to this website (not recommended). From the IE Tools menu select Internet Options and from the resulting dialog select Security and then click on Trusted Sites and then the Sites button. Add to the list of trusted sites a URL which mates the server you are accessing, e.g. https://irm.company.intranet/ and select OK. Now refresh the page you were accessing and next to the URL you should see a red cross and the words Certificate Error. Click on this button and select View Certificates. You will now see a dialog with the details of the self signed certificate and the Install Certificate... button should be enabled. Click on this to start the wizard. Click next and you'll be asked where you should install the certificate. Change the option to Place all certificates in the following store. Select browse and choose the Trusted Root Certification Authorities location and hit OK. You'll then be prompted to install the certificate and answer yes. You also need to import the root signed certificate into the same location, so once again select the red Certificate Error option and this time when viewing the certificate, switch to the Certification Path tab and you should see a CertGenCAB certificate. Select this and then click on View Certificate and go through the same process as above to import the certificate into the store. Finally close all instances of the IE browser and re-access the IRM server URL again, this time you should not receive any errors. Setting up an official SSL certificate in Apache 2.x At this point we now have an IRM server that you can communicate with over SSL. However this certificate isn't trusted by any browser because it's path of trust doesn't end in a recognized certificate authority (CA). Also you are communicating directly to the WebLogic Server over a non standard SSL port, 16101. In a production environment it is common to have another device handle the initial public internet traffic and then proxy this to the WebLogic server. The diagram below shows a very simplified view of this type of deployment. What i'm going to walk through next is configuring Apache to proxy traffic to a WebLogic server and also to use a real SSL certificate from an official CA. First step is to configure Apache to handle incoming requests over SSL. In this guide I am configuring the IRM service in Oracle Enterprise Linux 5 update 3 and Apache 2.2.3 which came with OpenSSL and mod_ssl components. Before I purchase an SSL certificate, I need to generate a certificate request from the server. Oracle.com uses Verisign and for my own personal needs I use cheaper certificates from GoDaddy. The following instructions are specific to Apache, but there are many references out there for other web servers. For Apache I have OpenSSL and the commands are; [oracle@irm /] cd /usr/bin [oracle@irm bin] openssl genrsa -des3 -out irm-apache-server.key 2048 Generating RSA private key, 2048 bit long modulus ............................+++ .........+++ e is 65537 (0x10001) Enter pass phrase for irm-apache-server.key: Verifying - Enter pass phrase for irm-apache-server.key: [oracle@irm bin] openssl req -new -key irm-apache-server.key -out irm-apache-server.csr Enter pass phrase for irm-apache-server.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [GB]:US State or Province Name (full name) [Berkshire]:CA Locality Name (eg, city) [Newbury]:San Francisco Organization Name (eg, company) [My Company Ltd]:Oracle Organizational Unit Name (eg, section) []:Security Common Name (eg, your name or your server's hostname) []:irm.company.com Email Address []:[email protected] Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:testing An optional company name []: You must make sure to remember the pass phrase you used in the initial key generation, you will need this when later configuring Apache. In the /usr/bin directory there are now two new files. The irm-apache-server.csr contains our certificate request and is what you cut and paste, or upload, to your certificate authority when you purchase and validate your SSL certificate. In response you will typically get two files. Your server certificate and another certificate file that will likely contain a set of certificates from your CA which validate your certificate's trust. Next we need to configure Apache to use these files. Typically there is an ssl.conf file which is where all the SSL configuration is done. On my Oracle Enterprise Linux server this file is located in /etc/httpd/conf.d/ssl.conf and i've added the following lines. <VirtualHost irm.company.com> # Setup SSL for irm.company.com ServerName irm.company.com SSLEngine On SSLCertificateFile /oracle/secure/irm.company.com.crt SSLCertificateKeyFile /oracle/secure/irm.company.com.key SSLCertificateChainFile /oracle/secure/gd_bundle.crt </VirtualHost> Restarting Apache (apachectl restart) and I can now attempt to connect to the Apache server in a web browser, https://irm.company.com/. If all is configured correctly I should now see an Apache test page delivered to me over HTTPS. Configuring Apache to proxy traffic to the IRM server Final piece in setting up SSL is to have Apache proxy requests for the IRM server but do so securely. So the requests to Apache will be over HTTPS using a legitimate certificate, but we can also configure Apache to proxy these requests internally across to the IRM server using SSL with the self signed certificate we generated at the start of this article. To do this proxying we use the WebLogic Web Server plugin for Apache which you can download here from Oracle. Download the zip file and extract onto the server. The file extraction reveals a set of zip files, each one specific to a supported web server. In my instance I am using Apache 2.2 32bit on an Oracle Enterprise Linux, 64 bit server. If you are not sure what version your Apache server is, run the command /usr/sbin/httpd -V and you'll see version and it its 32 or 64 bit. Mine is a 32bit server so I need to extract the file WLSPlugin1.1-Apache2.2-linux32-x86.zip. The from the resulting lib folder copy the file mod_wl.so into /usr/lib/httpd/modules/. First we want to test that the plug in will work for regular HTTP traffic. Edit the httpd.conf for Apache and add the following section at the bottom. LoadModule weblogic_module modules/mod_wl.so <IfModule mod_weblogic.c>    WebLogicHost irm.company.internal    WebLogicPort 16100    WLLogFile /tmp/wl-proxy.log </IfModule> <Location /irm_rights>    SetHandler weblogic-handler </Location> <Location /irm_desktop>    SetHandler weblogic-handler </Location> <Location /irm_sealing>    SetHandler weblogic-handler </Location> <Location /irm_services>    SetHandler weblogic-handler </Location> Now restart Apache again (apachectl restart) and now open a browser to http://irm.company.com/irm_rights. Apache will proxy the HTTP traffic from the port 80 of your Apache server to the IRM service listening on port 16100 of the WebLogic Managed server. Note above I have included all four of the Locations you might wish to proxy. http://irm.company.internalirm_rights is the URL to the management website, /irm_desktop is the URL used for the IRM Desktop to communicate. irm_sealing is for web services based document sealing and irm_services is for IRM server web services. The last two are typically only used when you have the IRM server integrated with another application and it is unlikely you'd be accessing these resources from the public facing Apache server. However, just in case, i've mentioned them above. Now let's enable SSL communication from Apache to WebLogic. In the ZIP file we extracted were some more modules we need to copy into the Apache folder. Looking back in the lib that we extracted, there are some more files. Copy the following into the /usr/lib/httpd/modules/ folder. libwlssl.so libnnz11.so libclntsh.so.11.1 Now the documentation states that should only need to do this, but I found that I also needed to create an environment variable called LD_LIBRARY_PATH and point this to the folder /usr/lib/httpd/modules/. If I didn't do this, starting Apache with the WebLogic module configured to SSL would throw the error. [crit] (20014)Internal error: WL SSL Init failed for server: (null) on 0 So I had to edit the file /etc/profile and add the following lines at the bottom. You may already have the LD_LIBRARY_PATH variable defined, therefore simply add this path to it. LD_LIBRARY_PATH=/usr/lib/httpd/modules/ export LD_LIBRARY_PATH Now the WebLogic plug in uses an Oracle Wallet to store the required certificates.You'll need to copy the self signed certificate from the IRM server over to the Apache server. Copy over the MyOwnSelfCA.cer.der into the same folder where you are storing your public certificates, in my example this is /oracle/secure. It's worth mentioning these files should ONLY be readable by root (the user Apache runs as). Now lets create an Oracle Wallet and import the self signed certificate from the IRM server. The file orapki was included in the bin folder of the Apache 1.1 plugin zip you extracted. orapki wallet create -wallet /oracle/secure/my-wallet -auto_login_only orapki wallet add -wallet /oracle/secure/my-wallet -trusted_cert -cert MyOwnSelfCA.cer.der -auto_login_only Finally change the httpd.conf to reflect that we want the WebLogic Apache plug-in to use HTTPS/SSL and not just plain HTTP. <IfModule mod_weblogic.c>    WebLogicHost irm.company.internal    WebLogicPort 16101    SecureProxy ON    WLSSLWallet /oracle/secure/my-wallet    WLLogFile /tmp/wl-proxy.log </IfModule> Then restart Apache once more and you can go back to the browser to test the communication. Opening the URL https://irm.company.com/irm_rights will proxy your request to the WebLogic server at https://irm.company.internal:16101/irm_rights. At this point you have a fully functional Oracle IRM service, the next step is to create a sealed document and test the entire system.

  Read the article

< Previous Page | 98 99 100 101 102 103 104 105 106 107 108 109  | Next Page >