Search Results

Search found 3985 results on 160 pages for 'contexts and dependency injection'.

Page 104/160 | < Previous Page | 100 101 102 103 104 105 106 107 108 109 110 111  | Next Page >

  • How Can I Learn when to build my own Interfaces

    - by BDotA
    I am using C# and I know what are the interfaces and how syntatically use them,etc. but what I have not learned yet is that when I am tasked to write a project, create a component,... How should I learn better about interfaces so when I want to do something I be able to Think about using them in my design...or for example I want to learn about dependency injection or even using mocking objects for testing, these are all related to good understanding of interfaces and know when and how to use them ... Can you plase provide me some good advice, reading,... then can help me with that?

    Read the article

  • Top techniques to avoid 'data scraping' from a website database

    - by Addsy
    I am setting up a site using PHP and MySQL that is essentially just a web front-end to an existing database. Understandably my client is very keen to prevent anyone from being able to make a copy of the data in the database yet at the same time wants everything publicly available and even a "view all" link to display every record in the db. Whilst I have put everything in place to prevent attacks such as SQL injection attacks, there is nothing to prevent anyone from viewing all the records as html and running some sort of script to parse this data back into another database. Even if I was to remove the "view all" link, someone could still, in theory, use an automated process to go through each record one by one and compile these into a new database, essentially pinching all the information. Does anyone have any good tactics for preventing or even just dettering this that they could share. Thanks

    Read the article

  • How might maven's buildNumber metadata become inconsistent across multiple build agents?

    - by Brian Laframboise
    We recently added a second build machine to our build environment and began experiencing very odd occasional build failures. I have two separate Maven build machines, A and B, each running Maven 2.2.1 and communicating to a shared Nexus 1.5.0 repository manager. My problem is that builds on B will occasionally fail because it refuses to download a newer version of a common dependency 'acme-1.0.0-SNAPSHOT' previously built by A and uploaded to Nexus. Looking inside the local repositories on both machines I noticed some oddities in the repository metadata. Machine A's acme\1.0.0-SNAPSHOT\maven-metadata-nexus.xml: <metadata> <groupId>acme</groupId> <artifactId>acme</artifactId> <version>1.0.0-SNAPSHOT</version> <versioning> <snapshot> <buildNumber>1</buildNumber> </snapshot> <lastUpdated>20100525173546</lastUpdated> </versioning> </metadata> Machine B's acme\1.0.0-SNAPSHOT\maven-metadata-nexus.xml: <metadata> <groupId>acme</groupId> <artifactId>acme</artifactId> <version>1.0.0-SNAPSHOT</version> <versioning> <snapshot> <buildNumber>2</buildNumber> </snapshot> <lastUpdated>20100519232317</lastUpdated> </versioning> </metadata> In Nexus's acme/1.0.0-SNAPSHOT/maven-metadata.xml: <metadata> <groupId>acme</groupId> <artifactId>acme</artifactId> <version>1.0.0-SNAPSHOT</version> <versioning /> </metadata> If I'm interpreting the metadata files correctly (documentation online is scant), it appears machine B believes it has a newer version of the acme dependency (based on buildNumber) despite the fact that machine A last built it 6 days after machine B did (based on timestamp). Nexus also appears to be unaware of a universally correct buildNumber. How could this situation possibly arise? What could I do to prevent my builds from failing due to inconsistent metadata? Have you experienced anything similar? Important notes: Both build machines have settings.xml files where the updatePolicy is "always". Nexus does indeed have the newer version of acme that was built by A. B simply refuses to download it. A and B are the only machines uploading to Nexus. Both servers share the same system time. All processes involved have write privileges to the metadata files so that they can be updated as necessary. I was unable to find any open Maven or Nexus issues describing this behaviour. Our CI server (Atlassian Bamboo) prevents builds of the same artifact from happening concurrently, so some race condition while uploading to Nexus is rather unlikely.

    Read the article

  • Ninject: Abstract Class

    - by Pickels
    Hello, Do I need to do something different in an abstract class to get dependency injection working with Ninject? I have a base controller with the following code: public abstract class BaseController : Controller { public IAccountRepository AccountRepository { get; set; } } My module looks like this: public class WebDependencyModule : NinjectModule { public override void Load() { Bind<IAccountRepository>().To<AccountRepository>(); } } And this is my Global.asax: protected override void OnApplicationStarted() { Kernel.Load(new WebDependencyModule()); } protected override IKernel CreateKernel() { return new StandardKernel(); } It works when I decorate the IAccountRepository property with the [Inject] attribute. Thanks in advance.

    Read the article

  • What risks are there in using extracted PHP superglobals?

    - by Zephiro
    Hola usando estas funciones, que riesgo corro en tener problemas de seguridad, es necesesario usar extract() o hay alguna manera mejor de convertir las variables superglobales (array) en trozos de variables. Good, there is some risk in using the function extract in the superglobal variables as $_POS and $_GET, I work of the following way. There is risk of SQL INJECTION or there is an alternative to extract if ( get_magic_quotes_gpc() ) { $_GET = stripslashes( $_GET ); $_POST =stripslashes( $_POST ); } function vars_globals($value = '') { if (is_array ( $value )) $r = &$value; else parse_str ( $value, $r ); return $r; } $r = vars_globals( $_GET ); extract($r, EXTR_SKIP);

    Read the article

  • Stored Procedure with ALTER TABLE

    - by psayre23
    I have a need to sync auto_increment fields between two tables in different databases on the same MySQL server. The hope was to create a stored procedure where the permissions of the admin would let the web user run ALTER TABLE [db1].[table] AUTO_INCREMENT = [num]; without giving it permissions (That just smells of SQL injection). My problem is I'm receiving errors when creating the store procedure. Is this something that is not allowed by MySQL? DROP PROCEDURE IF EXISTS sync_auto_increment; CREATE PROCEDURE set_auto_increment (tableName VARCHAR(64), inc INT) BEGIN ALTER TABLE tableName AUTO_INCREMENT = inc; END;

    Read the article

  • Learning SQL White hat Hacking

    - by user301751
    Well here goes a sligtly arwkward question, I have changed job roles from Network Admin to SQL Server DBA thus having to learn SQL server 2005. I am quite self motivated and have learned the basics of Transac and a little about Reporting services. The only thing is I need to set senarios as theres not much coming in at work in the way of SQL tasks. I have always kept my interest in networking by setting little "Hacking tasks", I have has a look at some crackme's but can find nothing to play with. I understand the SQL injection is some sort of SQL hack but found not much on the subject. I know my way of learning might be a bit different from others but it is all White Hat and keeps my interest. Thanks

    Read the article

  • How can a hacker put a file on my server root (apache, php, 1and1)

    - by mike-sav
    Hi there, I have a site hosted on 1and1 and a couple of weeks ago I noticed a hacker had put a .php file on the server that when viewed in a browser exposed my DB schema, DB connection strings, FTP account (for file uploads using a form), etc, etc. Naturally I panicked and I wiped the server and reuploaded my files. Fortunatley I encrypt passwords using MD5 and I don't store things like credit card details, etc, etc. Now I checked my files and with all user input I use a clean function (htmlentities, sql_real_escape_string, etc, etc) that strips the input of any XSS or SQL injection. I have also made sure that the session key gets re-engineered when a user status changes (like they log into their account) to prevent session hijacking, my folder permissions are set to 755 and file permission are 644. Has anyone got any idea how this could have happened? Or if I'm missing something

    Read the article

  • What is the sense of permiting the user to use no passwords longer than xx chars?

    - by reox
    Its more like a usability question or maybe database, or even maybe security (consider injection attacks) but what is the sense of permiting the user's password to a be not longer than xx chars? It does not make any sense to me, because longer passwords are mostly considered better and even harder to crack, and some users use password safes, so the password length should not matter. I understand that passwords with more than 20 chars are hardly to remember, but if you use diceware or password safe you dont have any problem with that. I really cant understand why there are sites that say "your password need to be between 5 and 8 chars"... also should the password saved as hash, so the length of the field in the database is fixed, so where is the problem? i think that most of the sites where the password is has to be a fixed length are not even using any hashing method...

    Read the article

  • .Net 4.0 Is There a Business Layer "Technology" ?

    - by Ronny
    Hi, I have a theoretical question about the .net framework. As I see it Microsoft gave us bunch of technologies for different layers. We have the ADO.NET and with the more improved Entity Framework for Data Access. And ASP.NET for WEB UI. And even WCF for Facade and SOA. But what in the middle, what do we have for the Business Layer? Is it just Referenced DLLs? How do we deal with the Application Pulling this days? I remember using COM+ 10 yeas ago because the IIS couldn't handle the pressure. Is Spring.Net is the best option available for injection? Thanks, Ronny

    Read the article

  • Java Spring 3.0 MVC Annotation vs COC. Whats the preferred method in the Java community?

    - by Athens
    I am using Spring's MVC framework for an application I'm hosting on Google's App Engine. So far, my controllers are registered via the @Controller annotation; however, prior to getting into Spring, I evaluated ASP.net MVC 2 which requires no configuration and is based on convention. Is convention over configuration (COC) the current and preferred method in the Java community to implement MVC with Spring. Also, this may be a result of my limited knowledge so far but i noticed that i could only instantiate my Controllers the required constuctor injection if i use the COC method via the ControllerClassNameHandlerMapping. For instance the following controller bean config will fail if i use the defaultannotationhandlermapping. <bean id="c" class="com.domain.TestController"> <constructor-arg ref="service" /> </bean> <bean id="service" class="com.domain.Service" /> My com.domain.TestController controller works fine if i use ControllerClassNameHandlerMapping/COC but it results in an error when i use defaultannotationhandlermapping/Annotations.

    Read the article

  • Sticky Footers that move down when dynamic content gets loaded

    - by Dominic Rodger
    I've been using this snippet of jQuery to get a sticky footer: if($(document.body).height() < $(window).height()){ $("#footer").css({position: "absolute",top:($(window).scrollTop()+$(window).height()-$("#footer").height())+"px", width: "100%"}); } $(window).scroll(positionFooter).resize(positionFooter); However, that breaks when I've got expandable/collapsible divs lying around where the original content was less high than the window, since it is then stuck to the bottom of the window, rather than the bottom of the document. Is there a way of fixing this, or a better way of doing it? Please bear in mind that I don't have much control over the HTML, since I need to do this in Django's admin interface, which doesn't allow much injection of HTML in the places you might want to to accomplish this sort of thing (i.e. this answer and this answer don't work for me).

    Read the article

  • Is php fileinfo sufficient to prevent upload of malicious files?

    - by Scarface
    Hey guys, I have searched around a bit, and have not really found a professional type response to how to have secure fileupload capability so I wanted to get the opinion of some of the experts on this site. I am currently allowing upload of mp3s and images, and while I am pretty confident in preventing xss and injection attacks on my site, I am not really familiar with fileupload security. I basically just use php fileinfo and check an array of accepted filetypes against the filetype. For images, there is the getimagesize function and some additional checks. As far as storing them, I just have a folder within my directory, because I want the users to be able to use the files. If anyone could give me some tips I would really appreciate it.

    Read the article

  • PDO::ATTR_EMULATE_PREPARES => false

    - by user264058
    I'm new to php and PDO ,so i read this response to a similar post- Does PDO really not use prepared statements with mysql? Yes, by default (at least with version I tested) but native mode can be turned on manually. If not, can it be forced to do so By employing PDO::ATTR_EMULATE_PREPARES setting, the name is pretty self-explanatory. $dbh-setAttribute( PDO::ATTR_EMULATE_PREPARES, false ); should you do that? That's hardest question of them all. Well, I'd say - yes, you should. If you choose PDO as your db driver, there is no point in using it in the emulation mode. by YOUR COMMON SENSE Aren't prepared statements secure from SQL injection, why change if from 'true'-false?? what is native mode??

    Read the article

  • performance of parameterized queries for different db's

    - by tuinstoel
    A lot of people know that it is important to use parameterized queries to prevent sql injection attacks. Parameterized queries are also much faster in sqlite and oracle when doing online transaction processing because the query optimizer doesn't have to reparse every parameterized sql statement before executing. I've seen sqlite becoming 3 times faster when you use parameterized queries, oracle can become 10 times faster when you use parameterized queries in some extreme cases with a lot of concurrency. How about other db's like mysql, ms sql, db2 and postgresql? Is there an equal difference in performance between parameterized queries and literal queries?

    Read the article

  • Why is the EntityManager in my GAE + Spring (+graniteds) project reset to null?

    - by prefabSOFT
    Hi all, I'm having a problem with autowiring my EntityManager. Actually at server startup I can see that the injection works ok, though when trying to use my EntityManager it appears to be null again. @Component public class DataDaoImpl { protected EntityManager entityManager; @Autowired public void setEntityManager(EntityManager entityManager) { System.out.println("Injecting "+entityManager); //works! this.entityManager = entityManager; } public void createData(String key, String value) { System.out.println("In createData entityManager is "+entityManager); //entityManager null!? ... Output: Injecting org.datanucleus.store.appengine.jpa.DatastoreEntityManager@a60d19 The server is running at http://localhost:8888/ In createData entityManager is null So somehow the autowired entityManager is reset to null when trying to use it. It's a graniteds powered project though I don't think this is graniteds related. Any ideas? Thanks a lot in advance, Jochen

    Read the article

  • maven test cannot load cross-module resources/properties ?

    - by smallufo
    I have a maven mantained project with some modules . One module contains one XML file and one parsing class. Second module depends on the first module. There is a class that calls the parsing class in the first module , but maven seems cannot test the class in the second module. Maven test reports : java.lang.NullPointerException at java.util.Properties.loadFromXML(Properties.java:851) at foo.firstModule.Parser.<init>(Parser.java:92) at foo.secondModule.Program.<init>(Program.java:84) In "Parser.java" (in the first module) , it uses Properties and InputStream to read/parse an XML file : InputStream xmlStream = getClass().getResourceAsStream("Data.xml"); Properties properties = new Properties(); properties.loadFromXML(xmlStream); The "data.xml" is located in first module's resources/foo/firstModule directory , and it tests OK in the first module. It seems when testing the second module , maven cannot correctly load the Data.xml in the first module . I thought I can solve the problem by using maven-dependency-plugin:unpack to solve it . In the second module's POM file , I add these snippets : <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-dependency-plugin</artifactId> <version>2.1</version> <executions> <execution> <id>data-copying</id> <phase>test-compile</phase> <goals> <goal>unpack</goal> </goals> <configuration> <artifactItems> <artifactItem> <groupId>foo</groupId> <artifactId>firstModule</artifactId> <type>jar</type> <includes>foo/firstModule/Data.xml</includes> <outputDirectory>${project.build.directory}/classes</outputDirectory> </artifactItem> </artifactItems> </configuration> </execution> </executions> </plugin> In this POM file , I try to unpack the first module , and copy the Data.xml to classes/foo/firstModule/ directory , and then run tests. And indeed , it is copied to the right directory , I can find the "Data.xml" file in "target/classes/foo/firstModule" directory. But maven test still complains it cannot read the File (Properties.loadFromXML() throws NPE). I don't know how to solve this problem. I tried other output directory , such as ${project.build.directory}/resources , and ${project.build.directory}/test-classes , but all in vain... Any advices now ? Thanks in advanced. Environments : Maven 2.2.1 , eclipse , m2eclipse

    Read the article

  • Ideas for building vulnerabilities into your site?

    - by Jaco Pretorius
    I'm trying to create a programming challenge that would require developers to hack into the MVC site I create. The idea is obviously to teach them about preventing these types of attacks. The current idea I have is to build multiple vulnerabilities into the site - but the second vulnerability would require the first to be completed, etc. So I was thinking the first could be a sql injection attack, the second would require a modified GET request, etc. Exploiting the final vulnerability would reveal a specific piece of information which is proof that you have completed the entire challenge. This will not be deployed on a public site - it's simply a learning tool for developers at my company. I'm not looking for MVC-specific vulnerabilities - I'm simply using MVC because it allows me to work with the 'raw' HTML. Any ideas on the different vulnerabilities I can use?

    Read the article

  • How Do I Search Between a Date Rang Using the ActiveRecord Model?

    - by Russ Bradberry
    I am new to both Ruby and ActiveRecord. I currently have a need to modify and existing piece of code to add a date range in the select. The current piece goes like this: ReportsThirdparty.find(:all, :conditions => {:site_id=>site_id, :campaign_id=>campaign_id, :size_id=>size_id}) Now, I need to add a range, but I am not sure how to do the BETWEEN or >= or <= operators. I guess what I need is something similar to: ReportsThirdparty.find(:all, :conditions => {:site_id=>site_id, :campaign_id=>campaign_id, :size_id=>size_id, :row_date=>"BETWEEN #{start_date} AND #{end_date}") Even if this did work, I know that using interpolation here would leave me subject to SQL injection attacks.

    Read the article

  • Why doesn't Microsoft release a 'proper' AJAX grid for ASP.Net

    - by Maxim Gershkovich
    Why doesn't Microsoft release a 'proper' AJAX grid for ASP.Net either as part of Visual Studio or the AJAX control toolkit? Has there been any discussion that anyone is aware of regarding this issue? Also does anyone have any open source suggestions for 'proper' AJAX gridviews? So far I have found one.... http://dotnetslackers.com/projects/AjaxDataControls/Default.aspx PS: By proper I mean a grid that actually uses XML responses rather than the nasty html javascript based injection that is the current nastyness of the gridview (EVEN IN VS 2010).

    Read the article

  • Scaling Java applications - existing cluster-aware IoC frameworks?

    - by Zoltan
    Most people use some kind of an IoC framework - Guice, Spring, you name it. Many of us need to scale their applications too, so they complicate their lifes with Terracotta, Glassfish/JBoss/insertyourfavouritehere clusters. But is it really the way to go? Are you using any of the above? Here's some ideas we currently have implemented in a yet-to-be-opensourced framework, and I'd like to see what you think of it, or maybe "it's a complete ripoff of XY!". cluster-wide object replication - give it a name, and whenever you do something (in any node) on such an object, it will get replicated - with different guarantees do transparent soft-loadbalancing - simplest scenario: restful webservice method call proxied to an other node view-only node injection: inject a proxy to a "named" object, and get your calls automatically proxied to a node Would you use something like that? Is there a current, stable, enterprise-ready implementation out there?

    Read the article

  • Passing parameters into ViewModels (Prism)

    - by vXtreme
    Hi I can't figure out how to pass parameters to my viewmodels from other views or viewmodels. For instance, I have a View called Customers. There is a grid inside, and if you double-click the grid, a new view is supposed to come up and allow you to edit that customer's data. But how will the View(Model) responsible for editing data know which customer it's supposed to open if I can't pass any parameters inside? EventAggregator is out of the question because I obviously can't create hundreds of eventargs, each for one view. And besides, it's a lousy solution. So far I was able to come up with: CustomerDataView custView = new CustomerDataView(customerId, currentContext); manager.Regions[RegionNames.Sidebar].AddAndActivate(custView); What do you think about this particular solution? Is this the way it's normally done? What I don't like about this is the fact that I lose out on automatic dependency injection by Unity.

    Read the article

  • Java Spring 3.0 MVC Annotation vs COC. Whats the prefered method in the Java community?

    - by Athens
    I am using Spring's MVC framework for an application I'm hosting on Google's App Engine. So far, my controllers are registered via the @Controller annotation; however, prior to getting into Spring, I evaluated ASP.net MVC 2 which requires no configuration and is based on convention. Is convention over configuration (COC) the current and preferred method in the Java community to implement MVC with Spring. Also, this may be a result of my limited knowledge so far but i noticed that i could only instantiate my Controllers the required constuctor injection if i use the COC method via the ControllerClassNameHandlerMapping. For instance the following controller bean config will fail if i use the defaultannotationhandlermapping. My com.domain.TestController controller works fine if i use ControllerClassNameHandlerMapping/COC but it results in an error when i use defaultannotationhandlermapping/Annotations.

    Read the article

  • Should I use Spring or Guice for a Tomcat/Wicket/Hibernate project?

    - by Trevor Allred
    I'm building a new web application that uses Linux, Apache, Tomcat, Wicket, JPA/Hibernate, and MySQL. My primary need is Dependency Injection, which both Spring and Guice can do well. I think I need transaction support that would come with Spring and JTA but I'm not sure. The site will probably have about 20 pages and I'm not expect huge traffic. Should I use Spring or Guice? Feel free to ask and followup questions and I'll do my best to update this.

    Read the article

  • Spring & Hibernate EJB Events

    - by Miguel Ping
    Is it possible to define a spring-managed EJB3 hibernate listener? I have this definition in my persistence.xml: <properties> <property name="hibernate.ejb.interceptor" value="my.class.HibernateAuditInterceptor" /> <property name="hibernate.ejb.event.post-update" value="my.class.HibernateAuditTrailEventListener" /> </properties> But I would like to manage HibernateAuditInterceptor and HibernateAuditTrailEventListener with spring, so I can do some bean injection (ex: session-scoped bean) within these classes. Is this possible?

    Read the article

< Previous Page | 100 101 102 103 104 105 106 107 108 109 110 111  | Next Page >