Search Results

Search found 11785 results on 472 pages for 'password protection'.

Page 109/472 | < Previous Page | 105 106 107 108 109 110 111 112 113 114 115 116  | Next Page >

  • Windows cmd.exe output in PowerShell

    - by noledgeispower
    I have a script for remotely executing commands on other machines, however... when using windows cmd.exe commands It does not write to the file on the remote server. Here is the code. $server = 'serverName' $Username = 'userName' $Password = 'passWord' $cmd = "cmd /c ipconfig" ######################## ######################## $ph = "C:\mPcO.txt" $rph = "\\$server\C$\mPcO.txt" $cmde = "$cmd > $ph" $pass = ConvertTo-SecureString -AsPlainText $Password -Force $mycred = new-object -typename System.Management.Automation.PSCredential -argumentlist "$Username",$pass Invoke-WmiMethod win32_process -name create -ComputerName $server -ArgumentList $cmde Credential $mycred cmd /c net use \\$server\C$ $password /USER:$username Get-Content $rph Remove-Item $rph cmd /c net use \\$server\C$ /delete As you can see we simply write $cmde = "$cmd > $ph" if I use a PowerShell command I use $cmde = "$cmd | Out-File $ph" and it works fine. Any advice Appreciated

    Read the article

  • Setting attributes of a class during construction from **kwargs

    - by Carson Myers
    Python noob here, Currently I'm working with SQLAlchemy, and I have this: from __init__ import Base from sqlalchemy.schema import Column, ForeignKey from sqlalchemy.types import Integer, String from sqlalchemy.orm import relationship class User(Base): __tablename__ = "users" id = Column(Integer, primary_key=True) username = Column(String, unique=True) email = Column(String) password = Column(String) salt = Column(String) openids = relationship("OpenID", backref="users") User.__table__.create(checkfirst=True) #snip definition of OpenID class def create(**kwargs): user = User() if "username" in kwargs.keys(): user.username = kwargs['username'] if "email" in kwargs.keys(): user.username = kwargs['email'] if "password" in kwargs.keys(): user.password = kwargs['password'] return user This is in /db/users.py, so it would be used like: from db import users new_user = users.create(username="Carson", password="1234") new_user.email = "[email protected]" users.add(new_user) #this function obviously not defined yet but the code in create() is a little stupid, and I'm wondering if there's a better way to do it that doesn't require an if ladder, and that will fail if any keys are added that aren't in the User object already. Like: for attribute in kwargs.keys(): if attribute in User: user.__attribute__[attribute] = kwargs[attribute] else: raise Exception("blah") that way I could put this in its own function (unless one hopefully already exists?) So I wouldn't have to do the if ladder again and again, and so I could change the table structure without modifying this code. Any suggestions?

    Read the article

  • Encryption puzzle / How to create a PassStub for a Remote Assistance ticket

    - by Jon Clegg
    I am trying to create a ticket for Remote Assistance. Part of that requires creating a PassStub parameter. As of the documentation: http://msdn.microsoft.com/en-us/library/cc240115(PROT.10).aspx PassStub: The encrypted novice computer's password string. When the Remote Assistance Connection String is sent as a file over e-mail, to provide additional security, a password is used.<16 In part 16 they detail how to create as PassStub. In Windows XP and Windows Server 2003, when a password is used, it is encrypted using PROV_RSA_FULL predefined Cryptographic provider with MD5 hashing and CALG_RC4, the RC4 stream encryption algorithm. As PassStub looks like this in the file: PassStub="LK#6Lh*gCmNDpj" If you want to generate one yourself run msra.exe in Vista or run the Remote Assistance tool in WinXP. The documentation says this stub is the result of the function CryptEncrypt with the key derived from the password and encrypted with the session id (Those are also in the ticket file). The problem is that CryptEncrypt produces a binary output way larger then the 15 byte PassStub. Also the PassStub isn't encoding in any way I've seen before. Some interesting things about the PassStub encoding. After doing statistical analysis the 3rd char is always a one of: !#$&()+-=@^. Only symbols seen everywhere are: *_ . Otherwise the valid characters are 0-9 a-z A-Z. There are a total of 75 valid characters and they are always 15 bytes. Running msra.exe with the same password always generates a different PassStub, indicating that it is not a direct hash but includes the rasessionid as they say. Some other ideas I've had is that it is not the direct result of CryptEncrypt, but a result of the rasessionid in the MD5 hash. In MS-RA (http://msdn.microsoft.com/en-us/library/cc240013(PROT.10).aspx). The "PassStub Novice" is simply hex encoded, and looks to be the right length. The problem is I have no idea how to go from any hash to way the PassStub looks like.

    Read the article

  • Qt - A login dialog

    - by Narek
    I want to create a login dialog by inheriting QDialog. I put in subclass named LoginDialog 2 QLineEdits: for login for password. I want to be able to warn the user with a message if the caps lock is ON while he will start to fill passwordLineEdit. Suppose I have a function that tells the current state of CapsLock button. So I want to do eventFiltering in LoginDialog class in order to understand that user starts to fill the password field (i.e. user just stepped into the password field) So for that purpose I wrote the following in the LoginDialog class constructor: m_passwordLineEdit->installEventFilter(this); So the only thing is to do is to implement a function which can understand that user is going to fill the password. Seems is should be done with the following function(??): bool LoginDialog::eventFilter(QObject *target, QEvent *event) { if (target == m_passwordLineEdit) { } return QDialog::eventFilter(target, event); } How to implement this function???

    Read the article

  • problem with ajax post

    - by zurna
    For some weird reason, the codes below are first working, then website is redirecting to the url. I used this code many times before without any problems, please please advise! Test page: http://www.refinethetaste.com/FLPM/?Section=myaccount&SubSection=signup <script type="text/javascript"> $(document).ready(function() { $("[name='submit']").click(function() { $.ajax({ type: "POST", data: $(".form-signup").serialize(), url: "http://www.refinethetaste.com/FLPM/content/myaccount/signup.cs.asp?Process=Add2Member", success: function(output) { $('.form-signup').html(output) }, error: function(output) { $('.form-signup').html(output); } }); }); }); </script> <form method="post" action="http://www.refinethetaste.com/FLPM/content/myaccount/signup.cs.asp?Process=Add2Member" class="form-signup"> <div class="clearfix"> <label for="MembersFullName">Full Name *:</label> <div class="username form-height"> <input id="modlgn_username" type="text" name="MembersFullName" value="" class="inputbox" size="18" /> </div> <label for="MembersEmailAddress">Email Address *:</label> <div class="username form-height"> <input id="modlgn_username" type="text" name="MembersEmailAddress" value="" class="inputbox" size="18" /> </div> <label for="MembersPassword">Password *:</label> <div class="password form-height"> <input id="modlgn_passwd" type="password" name="MembersPassword" class="inputbox" size="18" /> </div> <label for="MembersPasswordc">Password (confirm) *:</label> <div class="password form-height"> <input id="modlgn_passwd" type="password" name="MembersPasswordc" class="inputbox" size="18" /> </div> <div id="inputs"> <input type="checkbox" name="agree" class="checkbox" value="1" /> <label for="agree" class="agree">I agree to User Agreement and Privacy Policy.</label> </div> <div class="clear"> <input type="submit" name="submit" class="button-login png" value="Sign Up" /> </div> </div> <div id="form-login-remember"> <div class="form-indent-top"> <span class="login-text-1">Already Have Account?</span> <a href="?Section=myaccount&SubSection=signin"> Sign In</a> </div> </div> </form>

    Read the article

  • NetUserGetLocalGroups - how to call it?

    - by SteveL
    Hi, I am using Delphi 2010, latest version (from repository) of JEDI WinAPI and Windows Security Code Library (WSCL). I don't know how to call the NetUserSetGroups function. The way I am doing it, it is throwing an exception: Access violation at address 5B8760BE in module 'netapi32.dll'. Write of address 00000000. Following is my code: unit uFunc; interface uses Windows, SysUtils, JwaWindows, JwsclSid, Classes; function UserExists(const username: PChar): boolean; stdcall; function AddUser(const username, password: PChar; resetpassword: boolean): boolean; stdcall; //function AddLogonAsAService(ID: pchar): boolean; implementation uses Dialogs; // Returns true if the username exists on the local computer function UserExists(const username: PChar): boolean; stdcall; var NetApiStatus: NET_API_STATUS; ui: PUSER_INFO_0; begin NetApiStatus := NetUserGetInfo(nil, PWideChar(username), 0, PByte(ui)); if Assigned(ui) then NetApiBufferFree(ui); if (NetApiStatus <> NERR_Success) and (NetApiStatus <> NERR_UserNotFound) then RaiseLastOSError(NetApiStatus); Result := (NetApiStatus = NERR_Success); end; function AddPrivilegeToAccount(AAccountName, APrivilege: String): DWORD; var lStatus: TNTStatus; lObjectAttributes: TLsaObjectAttributes; lPolicyHandle: TLsaHandle; lPrivilege: TLsaUnicodeString; lSid: PSID; lSidLen: DWORD; lTmpDomain: String; lTmpDomainLen: DWORD; lTmpSidNameUse: TSidNameUse; lPrivilegeWStr: String; begin ZeroMemory(@lObjectAttributes, SizeOf(lObjectAttributes)); lStatus := LsaOpenPolicy(nil, lObjectAttributes, POLICY_LOOKUP_NAMES, lPolicyHandle); if lStatus <> STATUS_SUCCESS then begin Result := LsaNtStatusToWinError(lStatus); Exit; end; try lTmpDomainLen := DNLEN; // In 'clear code' this should be get by LookupAccountName SetLength(lTmpDomain, lTmpDomainLen); lSidLen := SECURITY_MAX_SID_SIZE; GetMem(lSid, lSidLen); try if LookupAccountName(nil, PChar(AAccountName), lSid, lSidLen, PChar(lTmpDomain), lTmpDomainLen, lTmpSidNameUse) then begin lPrivilegeWStr := APrivilege; lPrivilege.Buffer := PWideChar(lPrivilegeWStr); lPrivilege.Length := Length(lPrivilegeWStr) * SizeOf(Char); lPrivilege.MaximumLength := lPrivilege.Length; lStatus := LsaAddAccountRights(lPolicyHandle, lSid, @lPrivilege, 1); Result := LsaNtStatusToWinError(lStatus); end else Result := GetLastError; finally FreeMem(lSid); end; finally LsaClose(lPolicyHandle); end; end; //if user does not exists, create a local username with the supplied password //if resetpassword, then reset password to the supplied parameter //add the user to the local administrators group (note that this must work //on all languages, use the SID of the group) //give the user the "run as a service" privilege. //enable the user if it is disabled. function AddUser(const username, password: PChar; resetpassword: boolean): boolean; stdcall; var NetApiStatus: NET_API_STATUS; UserInfo1003: USER_INFO_1003; // UserInfo1005: USER_INFO_1005; ui: USER_INFO_1; grp: String; sidstring: String; lgmi3: LOCALGROUP_MEMBERS_INFO_3; jwSid: TJwSecurityID; dwEntriesRead, dwEntriesTotal: PDWORD; lgi01: LOCALGROUP_USERS_INFO_0; plgi01 : PLOCALGROUP_USERS_INFO_0; i: Integer; gsl: TStringList; begin if UserExists(username) then begin if resetpassword then begin NetApiStatus := NetUserChangePassword(nil, PChar(username), PChar(''), PChar(password)); // If old password is incorrect then force password change if (NetApiStatus = ERROR_INVALID_PASSWORD) then begin UserInfo1003.usri1003_password := PChar(password); NetApiStatus := NetUserSetInfo(nil, PChar(username), 1003, @UserInfo1003, nil); end; if (NetApiStatus <> NERR_Success) and (NetApiStatus <> NERR_UserNotFound) then RaiseLastOSError(NetApiStatus); // UserInfo1005.usri1005_priv := USER_PRIV_ADMIN; // NetApiStatus := NetApiStatus and NetUserSetInfo(nil, PChar(username), 1005, @UserInfo1005, nil); end; end else begin ui.usri1_name := PChar(username); ui.usri1_password := PChar(Password); ui.usri1_password_age := 0; // ignored in this call ui.usri1_priv := USER_PRIV_USER; // ui.usri1_home_dir := nil; ui.usri1_comment := PChar(''); ui.usri1_flags := UF_SCRIPT or UF_DONT_EXPIRE_PASSWD; ui.usri1_script_path := nil; NetApiStatus := NetUserAdd(nil, 1, @ui, nil); if NetApiStatus <> NERR_Success then RaiseLastOSError(NetApiStatus); end; Result := (NetApiStatus = NERR_Success); //check if user already belongs to Administrators group if Result then begin sidstring := 'S-1-5-32-544'; //Local Administrators group jwSid := TJwSecurityID.Create(sidstring); try grp := jwSid.GetAccountName(''); finally jwSid.Free; end; gsl := TStringList.Create; try // New(plgi01); NetApiStatus := NetUserGetLocalGroups(nil, PChar(username), 0, LG_INCLUDE_INDIRECT, PByte(plgi01), MAX_PREFERRED_LENGTH, dwEntriesRead, dwEntriesTotal); if NetApiStatus = NERR_SUCCESS then showmessage('messg ' + IntTostr(dwEntriesRead^)); for i := 0 to dwEntriesRead^ - 1 do begin gsl.Add(PLOCALGROUP_USERS_INFO_0(plgi01)^.lgrui0_name); Inc(Integer(plgi01), SizeOf(Pointer)); end; Result := (NetApiStatus = NERR_Success); NetAPIBufferFree(plgi01); if Result then Result := gsl.Find(grp, i); finally gsl.Free; end; end; //Add user to administrators group if Result then begin lgmi3.lgrmi3_domainandname := PChar(UserName); NetApiStatus := NetLocalGroupAddMembers(nil, PChar(grp), 3, @lgmi3, 1); if NetApiStatus <> NERR_Success then RaiseLastOSError(NetApiStatus); end; Result := (NetApiStatus = NERR_Success); try AddPrivilegeToAccount(UserName, 'SeServiceLogonRight'); except // showmessage('messg in an Excecpt'); end; end; end. Would appreciate if someone could kindly show me how I can call this function? Thanks in advance.

    Read the article

  • Unable to connect SQL Server instance from Visual Studio 2008 Version 9.0

    - by salvationishere
    I am getting the below error from VS on an 32-bit XP Professional server even though I set Tools-Options-Database Tools-Data Connections to "SIDEKICK", which is the name of my computer. In other words SIDEKICK should default to the full SQLSERVER. In other words, I want VS to use SQLSERVER instead of SQLSERVER EXPRESS. And I can clearly see my database both from VS in the Server Explorer and also in SSMS 2008. Furthermore, I can view the tables of this database in Server Explorer from VS. I do not get any build errors. And it looks like all of the naming is consistent in my web.config file. I am developing my website according to a Microsoft tutorial, so I should not be getting an error. Yet I get the following exception when I run this code below: CreateAccounts.aspx.cs file protected void CreateAccountButton_Click(object sender, EventArgs e) { MembershipCreateStatus createStatus; //This line below is where the exception occurs MembershipUser newUser = Membership.CreateUser(Username.Text, Password.Text, Email.Text, passwordQuestion, SecurityAnswer.Text, true, out createStatus); And here is what the exception looks like: System.Web.HttpException was unhandled by user code Message="Unable to connect to SQL Server database." Source="System.Web" ErrorCode=-2147467259 StackTrace: at System.Web.DataAccess.SqlConnectionHelper.CreateMdfFile(String fullFileName, String dataDir, String connectionString) at System.Web.DataAccess.SqlConnectionHelper.EnsureSqlExpressDBFile(String connectionString) at System.Web.DataAccess.SqlConnectionHelper.GetConnection(String connectionString, Boolean revertImpersonation) at System.Web.Security.SqlMembershipProvider.CreateUser(String username, String password, String email, String passwordQuestion, String passwordAnswer, Boolean isApproved, Object providerUserKey, MembershipCreateStatus& status) at System.Web.Security.Membership.CreateUser(String username, String password, String email, String passwordQuestion, String passwordAnswer, Boolean isApproved, Object providerUserKey, MembershipCreateStatus& status) at System.Web.Security.Membership.CreateUser(String username, String password, String email, String passwordQuestion, String passwordAnswer, Boolean isApproved, MembershipCreateStatus& status) at Membership_CreatingUserAccounts.CreateAccountButton_Click(Object sender, EventArgs e) in c:\Documents and Settings\Admin\My Documents\Visual Studio 2008\WebSites\WebSite2\Membership\CreatingUserAccounts.aspx.cs:line 24 at System.Web.UI.WebControls.Button.OnClick(EventArgs e) at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) InnerException: System.Web.HttpException Message="Unable to connect to SQL Server database." Source="System.Web" ErrorCode=-2147467259 StackTrace: at System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString) at System.Web.Management.SqlServices.SetupApplicationServices(String server, String user, String password, Boolean trusted, String connectionString, String database, String dbFileName, SqlFeatures features, Boolean install) at System.Web.Management.SqlServices.Install(String database, String dbFileName, String connectionString) at System.Web.DataAccess.SqlConnectionHelper.CreateMdfFile(String fullFileName, String dataDir, String connectionString) InnerException: System.Data.SqlClient.SqlException Message="The user instance login flag is not supported on this version of SQL Server. The connection will be closed." Source=".Net SqlClient Data Provider" ErrorCode=-2146232060 Class=14 LineNumber=65536 Number=18493 Procedure="" Server="." State=1 StackTrace: at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) at System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK) at System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, Int64 timerExpire, SqlConnection owningObject) at System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(String host, String newPassword, Boolean redirectedUserInstance, SqlConnection owningObject, SqlConnectionString connectionOptions, Int64 timerStart) at System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(SqlConnection owningObject, SqlConnectionString connectionOptions, String newPassword, Boolean redirectedUserInstance) at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, Object providerInfo, String newPassword, SqlConnection owningObject, Boolean redirectedUserInstance) at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection) at System.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup) at System.Data.ProviderBase.DbConnectionFactory.GetConnection(DbConnection owningConnection) at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory) at System.Data.SqlClient.SqlConnection.Open() at System.Web.Management.SqlServices.GetSqlConnection(String server, String user, String password, Boolean trusted, String connectionString) InnerException: The web.config connection string looks like: <connectionStrings> <add name="SecurityTutorialsConnectionString" connectionString="data source=.;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|SecurityTutorialsDatabase3.mdf;User Instance=true" providerName="System.Data.SqlClient"/> </connectionStrings> <system.web> <membership defaultProvider="SecurityTutorialsSqlMembershipProvider"> <providers> <add name="SecurityTutorialsSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="SecurityTutorialsConnectionString" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" applicationName="SecurityTutorials" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/> </providers> </membership>

    Read the article

  • Form is trying to save the login value of the submit button to my DB.

    - by Sergio Tapia
    Here's my Zend code: <?php require_once ('Zend\Form.php'); class Sergio_Form_registrationform extends Zend_Form { public function init(){ /*********************USERNAME**********************/ $username = new Zend_Form_Element_Text('username'); $alnumValidator = new Zend_Validate_Alnum(); $username ->setRequired(true) ->setLabel('Username:') ->addFilter('StringToLower') ->addValidator('alnum') ->addValidator('regex', false, array('/^[a-z]+/')) ->addValidator('stringLength',false,array(6,20)); $this->addElement($username); /*********************EMAIL**********************/ $email = new Zend_Form_Element_Text('email'); $alnumValidator = new Zend_Validate_Alnum(); $email ->setRequired(true) ->setLabel('EMail:') ->addFilter('StringToLower') ->addValidator('alnum') ->addValidator('regex', false, array('/^[a-z]+/')) ->addValidator('stringLength',false,array(6,20)); $this->addElement($email); /*********************PASSWORD**********************/ $password = new Zend_Form_Element_Password('password'); $alnumValidator = new Zend_Validate_Alnum(); $password ->setRequired(true) ->setLabel('Password:') ->addFilter('StringToLower') ->addValidator('alnum') ->addValidator('regex', false, array('/^[a-z]+/')) ->addValidator('stringLength',false,array(6,20)); $this->addElement($password); /*********************NAME**********************/ $name = new Zend_Form_Element_Text('name'); $alnumValidator = new Zend_Validate_Alnum(); $name ->setRequired(true) ->setLabel('Name:') ->addFilter('StringToLower') ->addValidator('alnum') ->addValidator('regex', false, array('/^[a-z]+/')) ->addValidator('stringLength',false,array(6,20)); $this->addElement($name); /*********************LASTNAME**********************/ $lastname = new Zend_Form_Element_Text('lastname'); $alnumValidator = new Zend_Validate_Alnum(); $lastname ->setRequired(true) ->setLabel('Last Name:') ->addFilter('StringToLower') ->addValidator('alnum') ->addValidator('regex', false, array('/^[a-z]+/')) ->addValidator('stringLength',false,array(6,20)); $this->addElement($lastname); /*********************DATEOFBIRTH**********************/ $dateofbirth = new Zend_Form_Element_Text('dateofbirth'); $alnumValidator = new Zend_Validate_Alnum(); $dateofbirth->setRequired(true) ->setLabel('Date of Birth:') ->addFilter('StringToLower') ->addValidator('alnum') ->addValidator('regex', false, array('/^[a-z]+/')) ->addValidator('stringLength',false,array(6,20)); $this->addElement($dateofbirth); /*********************AVATAR**********************/ $avatar = new Zend_Form_Element_File('avatar'); $alnumValidator = new Zend_Validate_Alnum(); $avatar ->setRequired(true) ->setLabel('Please select a display picture:'); $this->addElement($avatar); /*********************SUBMIT**********************/ $this->addElement('submit', 'login', array('label' => 'Login')); } } ?> Here's the code I use to save the values: public function saveforminformationAction(){ $form = new Sergio_Form_registrationform(); $request = $this->getRequest(); //if($request->isPost() && $form->isValid($_POST)){ $data = $form->getValues(); $db = $this->_getParam('db'); $db->insert('user',$data); //} } When trying to save the values, I recieve a ghastly error: Column 'login' not found.

    Read the article

  • Losing sessions on GlassFish

    - by synti
    I have a web application that logs users in a @SessionScoped managed bean. It's all the basic stuff, pretty much like this: users logs in using regular http form and gets redirect to user area (wich is protected using a filter). But if any resource on that area is accessed, the request somehow uses a new session, wich has no managed bean, no user, and the filter does his job, redirecting him to login page. Here's the login form: <h:form> <h:outputLabel for="email" value="Email "/> <p:inputText id="email" size="30" value="#{loginManager.email}"/> <h:outputLabel for="password" value="Password "/> <p:password id="password" size="12" value="#{loginManager.password}"/> <p:commandButton value="Login" action="#{loginManager.login()}"/> </h:form> The loginManager managed bean: @ManagedBean @SessionScoped public class LoginManager implements Serializable { @EJB private UserService userService; private User user; private String email; private String password; public String login() { user = userService.findBy(email, password); if (user == null) { // FacesMessage stuff } else { return "/user/welcome.xhtml?faces-redirect=true"; } } public String logout() { FacesContext.getCurrentInstance().getExternalContext().invalidateSession(); return "/index.xhtml?faces-redirect=true"; } // Getters, setters (no setter for user) and serialVersionUID And then comes the filter that protects the user area: @WebFilter(urlPatterns="/user/*", displayName="UserFilter") public class UserFilter implements Filter { @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpSession session = ((HttpServletRequest)request).getSession(false); LoginManager loginManager = (LoginManager) session.getAttribute("loginManager"); if (loginManager == null || !loginManager.hasUser()) { HttpServletResponse resp = (HttpServletResponse) response; resp.sendRedirect("index.xhtml"); } final User user = loginManager.getUser(); if (user.isValid()) { chain.doFilter(request, response); } else { HttpServletResponse resp = (HttpServletResponse) response; resp.sendRedirect("index.xhtml"); } } The UserService is just a stateless EJB that handles persistence. Part of the JSF for user area: <h:form> <p:panelMenu> <p:submenu label="Items"> <p:menuitem value="Add item" action="#{userItens.addItems}" ajax="false"/> <p:menuitem value="My items" /> </p:submenu> </p:panelMenu> </h:form> And finally the userItens managed bean. @ManagedBean @RequestScoped public class UserItens { private User user; @PostConstruct private void init() { HttpSession session = (HttpSession) FacesContext.getCurrentInstance() .getExternalContext().getSession(false); LoginManager loginManager = (LoginManager) session.getAttribute("loginManager"); if (loginManager != null) user = loginManager.getUser(); } public String addItems() { // Doesn't get here. Seems like UserFilter comes first, doesn't find // an user and redirects. } I'm using glassfish and session timeout is now on 0.

    Read the article

  • Login code sample which has been hacked via SQL Injection, although mysql_real_escape_string...

    - by artmania
    Hi friends, I use CodeIgniter, and having trouble with hacking :( is it possible to make SQL Injection to the login code below: function process_login() { $username = mysql_real_escape_string($this->input->post('username')); $password = mysql_real_escape_string(MD5($this->input->post('password'))); //Check user table $query = $this->db->getwhere('users', array('username'=>$username, 'password'=>$password)); if ($query->num_rows() > 0) { // success login data Am I using the mysql_real_escape_string wrong? or what? Appreciate helps!

    Read the article

  • MySQL - ERROR 1045 - Access denied

    - by Abs
    In some way I have managed to get this error when I try to access into MySQL via the command line: [root@localhost ~]# mysql -u root -p Enter password: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES) I have tried resetting the password without any luck using this HowTo. I have uninstalled mysql completley and reinstalled but I still get asked for a password. I have no idea why this is the case! Can someone please help me get a default install of MySQL. Environment Fedora Core 10, Full Root Access, Apache and PHP installed Thank you for any help!! EDIT To all those that would like to save themselves a few hours of "blood coughing" - when you uninstall MySQl completely delete everything that is left behind. If you don't do this, it will never be a FRESH install.

    Read the article

  • Converted some PHP functions to c# but getting different results

    - by Tom Beech
    With a bit of help from people on here, i've converted the following PHP functions to C# - But I get very different results between the two and can't work out where i've gone wrong: PHP: function randomKey($amount) { $keyset = "abcdefghijklmABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; $randkey = ""; for ($i=0; $i<$amount; $i++) $randkey .= substr($keyset, rand(0, strlen($keyset)-1), 1); return $randkey; } public static function hashPassword($password) { $salt = self::randomKey(self::SALTLEN); $site = new Sites(); $s = $site->get(); return self::hashSHA1($s->siteseed.$password.$salt.$s->siteseed).$salt; } c# public static string randomKey(int amount) { string keyset = "abcdefghijklmABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; string randkey = string.Empty; Random random = new Random(); for (int i = 0; i < amount; i++) { randkey += keyset.Substring(0, random.Next(2, keyset.Length - 2)); } return randkey; } static string hashPassword(string password) { string salt = randomKey(4); string siteSeed = "6facef08253c4e3a709e17d9ff4ba197"; return CalculateSHA1(siteSeed + password + salt + siteSeed) + siteSeed; } static string CalculateSHA1(string ipString) { SHA1 sha1 = new SHA1CryptoServiceProvider(); byte[] ipBytes = Encoding.Default.GetBytes(ipString.ToCharArray()); byte[] opBytes = sha1.ComputeHash(ipBytes); StringBuilder stringBuilder = new StringBuilder(40); for (int i = 0; i < opBytes.Length; i++) { stringBuilder.Append(opBytes[i].ToString("x2")); } return stringBuilder.ToString(); } EDIT The string 'password' in the PHP function comes out as "d899d91adf31e0b37e7b99c5d2316ed3f6a999443OZl" in the c# it comes out as: "905d25819d950cf73f629fc346c485c819a3094a6facef08253c4e3a709e17d9ff4ba197"

    Read the article

  • Trouble making login page?

    - by Ken
    Okay, so I want to make a simple login page. I've created a register page successfully, but i can't get the login thing down. login.php: <?php session_start(); include("mainmenu.php"); $usrname = mysql_real_escape_string($_POST['usrname']); $password = md5($_POST['password']); $con = mysql_connect("localhost", "root", "g00dfor@boy"); if(!$con){ die(mysql_error()); } mysql_select_db("users", $con) or die(mysql_error()); $login = "SELECT * FROM `users` WHERE (usrname = '$usrname' AND password = '$password')"; $result = mysql_query($login); if(mysql_num_rows($result) == 1 { $_SESSION = true; header('Location: indexlogin.php'); } else { echo = "Wrong username or password." ; } ?> indexlogin.php just echoes "Login successful." What am I doing wrong? Oh, and just FYI- my database is "users" and my table is "data".

    Read the article

  • PAM authentication problem

    - by mdipierro
    I am using this module to authenticate using pam: http://code.google.com/p/web2py/source/browse/gluon/contrib/pam.py I can call authenticate('username','password') and it returns True/ False. It works for any 'username' but 'root'. My guess is that there is a security restriction in PAM that does not allow to check for the root password. I need to be able to check the root password. Is there anything I can change in the pam.conf or somewhere else to remove this restriction?

    Read the article

  • org.apache.http.conn.HttpHostConnectException:Connection to http://172.20.38.143 refused

    - by Passion
    I have developed client server Application .I am accessing mysql with php running on my machine and client running on my cell which is connected to machine.WI-FI is also switched ON. Internet Permission are also added in Manifest file but then also the i encounter error 172.20.38.143 is IP OF MY MACHINE 06-01 13:20:10.391: W/System.err(11157): org.apache.http.conn.HttpHostConnectException: Connection to http://172.20.38.143 refused 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:183) 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164) 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119) 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:360) 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:674) 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:511) 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:489) 06-01 13:20:10.401: W/System.err(11157): at nineandroid.net.example.library.JSONParser.getJSONFromUrl(JSONParser.java:42) 06-01 13:20:10.401: W/System.err(11157): at nineandroid.net.example.library.UserFunctions.registerUser(UserFunctions.java:59) 06-01 13:20:10.401: W/System.err(11157): at nineandroid.net.example.RegisterActivity$1.onClick(RegisterActivity.java:52) 06-01 13:20:10.411: W/System.err(11157): at android.view.View.performClick(View.java:3567) 06-01 13:20:10.411: W/System.err(11157): at android.view.View$PerformClick.run(View.java:14224) 06-01 13:20:10.411: W/System.err(11157): at android.os.Handler.handleCallback(Handler.java:605) 06-01 13:20:10.411: W/System.err(11157): at android.os.Handler.dispatchMessage(Handler.java:92) 06-01 13:20:10.411: W/System.err(11157): at android.os.Looper.loop(Looper.java:137) 06-01 13:20:10.411: W/System.err(11157): at android.app.ActivityThread.main(ActivityThread.java:4517) 06-01 13:20:10.411: W/System.err(11157): at java.lang.reflect.Method.invokeNative(Native Method) 06-01 13:20:10.411: W/System.err(11157): at java.lang.reflect.Method.invoke(Method.java:511) 06-01 13:20:10.411: W/System.err(11157): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:993) 06-01 13:20:10.421: W/System.err(11157): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:760) 06-01 13:20:10.421: W/System.err(11157): at dalvik.system.NativeStart.main(Native Method) 06-01 13:20:10.421: W/System.err(11157): Caused by: java.net.ConnectException: failed to connect to /172.20.38.143 (port 80): connect failed: ENETUNREACH (Network is unreachable) 06-01 13:20:10.431: W/System.err(11157): at libcore.io.IoBridge.connect(IoBridge.java:114) 06-01 13:20:10.431: W/System.err(11157): at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:192) 06-01 13:20:10.431: W/System.err(11157): at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:459) 06-01 13:20:10.431: W/System.err(11157): at java.net.Socket.connect(Socket.java:848) 06-01 13:20:10.431: W/System.err(11157): at org.apache.http.conn.scheme.PlainSocketFactory.connectSocket(PlainSocketFactory.java:119) 06-01 13:20:10.431: W/System.err(11157): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:144) 06-01 13:20:10.431: W/System.err(11157): ... 20 more 06-01 13:20:10.431: W/System.err(11157): Caused by: libcore.io.ErrnoException: connect failed: ENETUNREACH (Network is unreachable) 06-01 13:20:10.441: W/System.err(11157): at libcore.io.Posix.connect(Native Method) 06-01 13:20:10.441: W/System.err(11157): at libcore.io.BlockGuardOs.connect(BlockGuardOs.java:85) 06-01 13:20:10.441: W/System.err(11157): at libcore.io.IoBridge.connectErrno(IoBridge.java:127) 06-01 13:20:10.441: W/System.err(11157): at libcore.io.IoBridge.connect(IoBridge.java:112) 06-01 13:20:10.441: W/System.err(11157): ... 25 more 06-01 13:20:10.441: E/Buffer Error(11157): Error converting result java.lang.NullPointerException 06-01 13:20:10.451: E/JSON Parser(11157): Error parsing data org.json.JSONException: End of input at character 0 of 06-01 13:20:10.451: D/AndroidRuntime(11157): Shutting down VM 06-01 13:20:10.451: W/dalvikvm(11157): threadid=1: thread exiting with uncaught exception (group=0x40c0aa68) 06-01 13:20:10.451: E/AndroidRuntime(11157): FATAL EXCEPTION: main 06-01 13:20:10.451: E/AndroidRuntime(11157): java.lang.NullPointerException 06-01 13:20:10.451: E/AndroidRuntime(11157): at nineandroid.net.example.RegisterActivity$1.onClick(RegisterActivity.java:56) 06-01 13:20:10.451: E/AndroidRuntime(11157): at android.view.View.performClick(View.java:3567) 06-01 13:20:10.451: E/AndroidRuntime(11157): at android.view.View$PerformClick.run(View.java:14224) 06-01 13:20:10.451: E/AndroidRuntime(11157): at android.os.Handler.handleCallback(Handler.java:605) 06-01 13:20:10.451: E/AndroidRuntime(11157): at android.os.Handler.dispatchMessage(Handler.java:92) 06-01 13:20:10.451: E/AndroidRuntime(11157): at android.os.Looper.loop(Looper.java:137) 06-01 13:20:10.451: E/AndroidRuntime(11157): at android.app.ActivityThread.main(ActivityThread.java:4517) 06-01 13:20:10.451: E/AndroidRuntime(11157): at java.lang.reflect.Method.invokeNative(Native Method) 06-01 13:20:10.451: E/AndroidRuntime(11157): at java.lang.reflect.Method.invoke(Method.java:511) 06-01 13:20:10.451: E/AndroidRuntime(11157): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:993) 06-01 13:20:10.451: E/AndroidRuntime(11157): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:760) 06-01 13:20:10.451: E/AndroidRuntime(11157): at dalvik.system.NativeStart.main(Native Method) UserFunctions.java to call jsonParser public class UserFunctions { private JSONParser jsonParser; private static String loginURL = "http://172.20.38.143/ah_login_api/"; private static String registerURL = "http://172.20.38.143/ah_login_api/"; private static String login_tag = "login"; private static String register_tag = "register"; // constructor public UserFunctions(){ jsonParser = new JSONParser(); } /** * function make Login Request * @param email * @param password * */ public JSONObject loginUser(String email, String password){ // Building Parameters List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new BasicNameValuePair("tag", login_tag)); params.add(new BasicNameValuePair("email", email)); params.add(new BasicNameValuePair("password", password)); JSONObject json = jsonParser.getJSONFromUrl(loginURL, params); // return json // Log.e("JSON", json.toString()); return json; } /** * function make Login Request * @param name * @param email * @param password * */ public JSONObject registerUser(String name, String email, String password){ // Building Parameters List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new BasicNameValuePair("tag", register_tag)); params.add(new BasicNameValuePair("name", name)); params.add(new BasicNameValuePair("email", email)); params.add(new BasicNameValuePair("password", password)); // getting JSON Object JSONObject json = jsonParser.getJSONFromUrl(registerURL, params); // return json return json; } /** * Function get Login status * */ public boolean isUserLoggedIn(Context context){ DatabaseHandler db = new DatabaseHandler(context); int count = db.getRowCount(); if(count > 0){ // user logged in return true; } return false; } /** * Function to logout user * Reset Database * */ public boolean logoutUser(Context context){ DatabaseHandler db = new DatabaseHandler(context); db.resetTables(); return true; } } jsonParser.java public class JSONParser { static InputStream is = null; static JSONObject jObj = null; static String json = ""; // constructor public JSONParser() { } public JSONObject getJSONFromUrl(String url, List<NameValuePair> params) { // Making HTTP request try { // defaultHttpClient DefaultHttpClient httpClient = new DefaultHttpClient(); HttpPost httpPost = new HttpPost(url); httpPost.setEntity(new UrlEncodedFormEntity(params)); HttpResponse httpResponse = httpClient.execute(httpPost); HttpEntity httpEntity = httpResponse.getEntity(); is = httpEntity.getContent(); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } catch (ClientProtocolException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } try { BufferedReader reader = new BufferedReader(new InputStreamReader( is, "iso-8859-1"), 8); StringBuilder sb = new StringBuilder(); String line = null; while ((line = reader.readLine()) != null) { sb.append(line + "\n"); } is.close(); json = sb.toString(); Log.e("JSON", json); } catch (Exception e) { Log.e("Buffer Error", "Error converting result " + e.toString()); } // try parse the string to a JSON object try { jObj = new JSONObject(json); } catch (JSONException e) { Log.e("JSON Parser", "Error parsing data " + e.toString()); } // return JSON String return jObj; } } RegisterActivity.java public class RegisterActivity extends Activity { Button btnRegister; Button btnLinkToLogin; EditText inputFullName; EditText inputEmail; EditText inputPassword; TextView registerErrorMsg; // JSON Response node names private static String KEY_SUCCESS = "success"; private static String KEY_UID = "uid"; private static String KEY_NAME = "name"; private static String KEY_EMAIL = "email"; private static String KEY_CREATED_AT = "created_at"; @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.register); // Importing all assets like buttons, text fields inputFullName = (EditText) findViewById(R.id.registerName); inputEmail = (EditText) findViewById(R.id.registerEmail); inputPassword = (EditText) findViewById(R.id.registerPassword); btnRegister = (Button) findViewById(R.id.btnRegister); btnLinkToLogin = (Button) findViewById(R.id.btnLinkToLoginScreen); registerErrorMsg = (TextView) findViewById(R.id.register_error); // Register Button Click event btnRegister.setOnClickListener(new View.OnClickListener() { public void onClick(View view) { String name = inputFullName.getText().toString(); String email = inputEmail.getText().toString(); String password = inputPassword.getText().toString(); UserFunctions userFunction = new UserFunctions(); JSONObject json = userFunction.registerUser(name, email, password); // check for login response try { if (json.getString(KEY_SUCCESS) != null) { registerErrorMsg.setText(""); String res = json.getString(KEY_SUCCESS); if(Integer.parseInt(res) == 1){ // user successfully registred // Store user details in SQLite Database DatabaseHandler db = new DatabaseHandler(getApplicationContext()); JSONObject json_user = json.getJSONObject("user"); // Clear all previous data in database userFunction.logoutUser(getApplicationContext()); db.addUser(json_user.getString(KEY_NAME), json_user.getString(KEY_EMAIL), json.getString(KEY_UID), json_user.getString(KEY_CREATED_AT)); // Launch Dashboard Screen Intent dashboard = new Intent(getApplicationContext(), DashboardActivity.class); // Close all views before launching Dashboard dashboard.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP); startActivity(dashboard); // Close Registration Screen finish(); }else{ // Error in registration registerErrorMsg.setText("Error occured in registration"); } } } catch (JSONException e) { e.printStackTrace(); } } }); // Link to Login Screen btnLinkToLogin.setOnClickListener(new View.OnClickListener() { public void onClick(View view) { Intent i = new Intent(getApplicationContext(), LoginActivity.class); startActivity(i); // Close Registration View finish(); } }); } }

    Read the article

  • Creating a second login page that automatically logs in the user

    - by nsilva
    I have a login page as follows: <form action="?" method="post" id="frm-useracc-login" name="frm-useracc-login" > <div id="login-username-wrap" > <div class="login-input-item left"> <div class="div-search-label left"> <div id="div-leftheader-wrap"> <p class="a-topheader-infotext left"><strong>Username: </strong></p> </div> </div> <div class="login-input-content left div-subrow-style ui-corner-all"> <input type="text" tabindex="1" name="txt-username" id="txt-username" class="input-txt-med required addr-search-input txt-username left"> </div> </div> </div> <div id="login-password-wrap" > <div class="login-input-item left"> <div class="div-search-label left"> <div id="div-leftheader-wrap"> <p class="a-topheader-infotext left"><strong>Password: </strong></p> </div> </div> <div class="login-input-content left div-subrow-style ui-corner-all"> <input type="password" tabindex="1" name="txt-password" id="txt-password" class="input-txt-med required addr-search-input txt-password left"> </div> </div> </div> <div id="login-btn-bottom" class="centre-div"> <div id="login-btn-right"> <button name="btn-login" id="btn-login" class="btn-med ui-button ui-state-default ui-button-text-only ui-corner-all btn-hover-anim btn-row-wrapper left">Login</button> <button name="btn-cancel" id="btn-cancel" class="btn-med ui-button ui-state-default ui-button-text-only ui-corner-all btn-hover-anim btn-row-wrapper left">Cancel</button><br /><br /> </div> </div> </form> And here my session.controller.php file: Click Here Basically, what I want to do is create a second login page that automatically passes the value to the session controller and logs in. For example, if I go to login-guest.php, I would put the default values for username and password and then have a jquery click event that automatically logs them in using $("#btn-login").trigger('click'); The problem is that the session controller automatically goes back to login.php if the session has timed out and I'm not sure how I could go about achieving this. Any help would be much appreciated!

    Read the article

  • Python: How can I use Twisted as the transport for SUDS?

    - by jathanism
    I have a project that is based on Twisted used to communicate with network devices and I am adding support for a new vendor (Citrix NetScaler) whose API is SOAP. Unfortunately the support for SOAP in Twisted still relies on SOAPpy, which is badly out of date. In fact as of this question (I just checked), twisted.web.soap itself hasn't even been updated in 21 months! I would like to ask if anyone has any experience they would be willing to share with utilizing Twisted's superb asynchronous transport functionality with SUDS. It seems like plugging in a custom Twisted transport would be a natural fit in SUDS' Client.options.transport, I'm just having a hard time wrapping my head around it. I did come up with a way to call the SOAP method with SUDS asynchronously by utilizing twisted.internet.threads.deferToThread(), but this feels like a hack to me. Here is an example of what I've done, to give you an idea: # netscaler is a module I wrote using suds to interface with NetScaler SOAP # Source: http://bitbucket.org/jathanism/netscaler-api/src import netscaler import os import sys from twisted.internet import reactor, defer, threads # netscaler.API is the class that sets up the suds.client.Client object host = 'netscaler.local' username = password = 'nsroot' wsdl_url = 'file://' + os.path.join(os.getcwd(), 'NSUserAdmin.wsdl') api = netscaler.API(host, username=username, password=password, wsdl_url=wsdl_url) results = [] errors = [] def handleResult(result): print '\tgot result: %s' % (result,) results.append(result) def handleError(err): sys.stderr.write('\tgot failure: %s' % (err,)) errors.append(err) # this converts the api.login() call to a Twisted thread. # api.login() should return True and is is equivalent to: # api.service.login(username=self.username, password=self.password) deferred = threads.deferToThread(api.login) deferred.addCallbacks(handleResult, handleError) reactor.run() This works as expected and defers return of the api.login() call until it is complete, instead of blocking. But as I said, it doesn't feel right. Thanks in advance for any help, guidance, feedback, criticism, insults, or total solutions.

    Read the article

  • Search and replace

    - by zx
    Hi, I have a really large SQL dump around 400MB. It's in the following format, "INSERT INTO user VALUES('USERID', 'USERNAME', 'PASSWORD', '0', '0', 'EMAIL', 'GENDER', 'BIRTHDAY', '182', '13', '640', 'Married', 'Straight', '', 'Yes', 'Yes', '1146411153', '1216452123', '1149440844', '0', picture', '1', '0', '0', 'zip', '0', '', '0', '', '', '0')" Is there anyway I can just get the email and password out from that, I want to import the users into another table. Anyone know how I can do this and just get email-password stripped out from that content? Thank you in advance

    Read the article

  • protecting my web page and folder from external using .htaccess and .htpassword in php

    - by Testadmin
    Hai I want to protect a folder (protect) and the files inside that folder. I have created a .htaccess file and put the following code. AuthName "Myfolder" AuthType Basic AuthUserFile url/protect/.htpasswd Require valid-user Also created a .htpassword file which contain username:password When I run my URL http://localhost/url/protect, I got a pop up asking username and password, I entered username as username and password as password. After that I got an error page "server error 500" "The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script. If you think this is a server error, please contact the webmaster." Why this happened?. Any thing wrong here? Anything needs to see my pages under the folder. Please give me the answer.

    Read the article

  • Help a Beginner with a PHP based Login System

    - by Brian Lang
    I'm a bit embarrassed to say, but I've run into issue with creating a PHP based login system. I'm using a site template to handle the looks of the the login process, so I will spare you the code. Here is my thought process on how to handle the login: Create a simple login.php file. On there will be a form whose action is set to itself. It will check to see if the submit has been clicked, and if so validate to make sure the user entered a valid password / username. If they do, set a session variable save some login info (username, NOT password), and redirect them to a restricted area. If the login info isn't valid, save an error message in a session variable, display error message giving further instruction, and wait for the user to resubmit. Here is a chunk of what I have - hopefully one of you experts can see where I've gone wrong, and give me some insight: if(isset($_POST['submit'])) { if(!empty($_POST['username']) AND !empty(!$_POST['password'])) { header("Location: http://www.google.com"); } else { $err = 'All the fields must be filled in!'; } } if($err) { $_SESSION['msg']['login-err'] = $err; } ? Now the above is just an example - the intent of the above code is to process user input, with the script validating simply that the user has given input for username and password. If they have, I would like them, in this case, to be redirected to google.com (for the sake of this example). If not, save an error message. Given my current code, the error message will display perfectly, however if the user submits and has something entered for the username and password, the page simply doesn't redirect. I'm sure this is a silly question, but I am a beginner, and well, to be honest, a bit buzzed right now. Thanks so much!

    Read the article

  • Salting example in Zend Framework

    - by Geoffrey
    Hello all, I am pretty new to the Zend framework and looking to build an application with pretty tight password security. I have been trying to follow the user guides in relation to password salting but haven't had any luck so far. I have setup my database and table adapter (As described in the documentation on the Zend Framework site but it didn't seem to finish the example (or I am not following well enough!) I have started with: $authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter, 'users', 'username', 'password', "MD5(CONCAT('".Zend_Registry::get('staticSalt')."', ?, password_salt))" ); But from here, what is done with the password salt? I just need an example and I'll be away! Does anyone have an example or point me in the right direction?? Many thanks!

    Read the article

  • How to prevent PHP variables from being arrays?

    - by MJB
    I think that (the title) is the problem I am having. I set up a MySQL connection, I read an XML file, and then I insert those values into a table by looping through the elements. The problem is, instead of inserting only 1 record, sometimes I insert 2 or 3 or 4. It seems to depend on the previous values I have read. I think I am reinitializing the variables, but I guess I am missing something -- hopefully something simple. Here is my code. I originally had about 20 columns, but I shortened the included version to make it easier to read. $ctr = 0; $sql = "insert into csd (id,type,nickname,hostname,username,password) ". "values (?,?,?,?,?,?)"; $cur = $db->prepare($sql); for ($ctr = 0; $ctr < $expected_count; $ctr++) { list ( $lbl, $type, $nickname, $hostname, $username, $password) = ""; $bind_vars = array(); $lbl = "csd_{$ctr}"; $type = $ref->itm->csds->$lbl->type; $nickname = $ref->itm->csds->$lbl->nickname; $hostname = $ref->itm->csds->$lbl->hostname; $username = $ref->itm->csds->$lbl->username; $password = $ref->itm->csds->$lbl->password; $bind_vars = array($id,$type,$nickname,$hostname,$username,$password); $res = $db->execute($cur, $bind_vars); # this is a separate function which works, but which only # does SELECTS and cannot be the problem. I include it because I # want to count the total rows. printf ("%d CSDs on that ITEM now.\n", CountCSDs($id_to_sync)); } P.S. I also tagged this SimpleXML because that is how I am reading the file, though that code is not included above. It looks like this: $Ref = simplexml_load_file($file);

    Read the article

  • Ajax success function firing before java class responds

    - by user1899281
    I am creating a login function with ajax and am having an issue where the success function (SuccessLogin) fires before getting an ajax response. I am running the code as google web app from eclipse and I can see when debugging the java class file, that the javascript is throwing an alert for the success response from the class being false before the debugger catches the break point in the class file. I have only been writing code for a couple months now so I am sure its a stupid little error on my part. $(document).ready(function() { sessionChecker() // sign in $('#signInForm').click(function () { $().button('loading') var email = $('#user_username').val(); sessionStorage.email = $('#user_username').val(); var password= $('#user_password').val(); var SignInRequest = { type: "UserLoginRequest", email: email, password: password } var data= JSON.stringify(SignInRequest); //disabled all the text fields $('.text').attr('disabled','true'); //start the ajax $.ajax({ url: "/resources/user/login", type: "POST", data: data, cache: false, success: successLogin(data) }); }); //if submit button is clicked $('#Register').click(function () { $().button('loading') var email = $('#email').val(); if ($('#InputPassword').val()== $('#ConfirmPassword').val()) { var password= $('input[id=InputPassword]').val(); } else {alert("Passwords do not match"); return ;} var UserRegistrationRequest = { type: "UserRegistrationRequest", email: email, password: password } var data= JSON.stringify(UserRegistrationRequest); //disabled all the text fields $('.text').attr('disabled','true'); //start the ajax $.ajax({ url: "/resources/user/register", type: "POST", data: data, cache: false, success: function (data) { if (data.success==true) { //hide the form $('form').fadeOut('slow'); //show the success message $('.done').fadeIn('slow'); } else alert('data.errorReason'); } }); return false; }); }); function successLogin (data){ if (data.success) { sessionStorage.userID= data.userID var userID = data.userID sessionChecker(userID); } else alert(data.errorReason); } //session check function sessionChecker(uid) { if (sessionStorage.userID!= null){ var userID = sessionStorage.userID }; if (userID != null){ $('#user').append(userID) $('#fat-menu_1').fadeOut('slow') $('#fat-menu_2').append(sessionStorage.email).fadeIn('slow') }; }

    Read the article

  • Asp.net membership salt?

    - by chobo2
    Hi Does anyone know how Asp.net membership generates their salt key and then how they encode it(ie is it salt + password or password + salt)? I am using sha1 with my membership but I would like to recreate the same salts so the built in membership stuff could hash the stuff the same way as my stuff can. Thanks Edit 2 Never Mind I mis read it and was thinking it said bytes not bit. So I was passing in 128 bytes not 128bits. Edit I been trying to make it so this is what I have public string EncodePassword(string password, string salt) { byte[] bytes = Encoding.Unicode.GetBytes(password); byte[] src = Encoding.Unicode.GetBytes(salt); byte[] dst = new byte[src.Length + bytes.Length]; Buffer.BlockCopy(src, 0, dst, 0, src.Length); Buffer.BlockCopy(bytes, 0, dst, src.Length, bytes.Length); HashAlgorithm algorithm = HashAlgorithm.Create("SHA1"); byte[] inArray = algorithm.ComputeHash(dst); return Convert.ToBase64String(inArray); } private byte[] createSalt(byte[] saltSize) { byte[] saltBytes = saltSize; RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); rng.GetNonZeroBytes(saltBytes); return saltBytes; } So I have not tried to see if the asp.net membership will recognize this yet the hashed password looks close. I just don't know how to convert it to base64 for the salt. I did this byte[] storeSalt = createSalt(new byte[128]); string salt = Encoding.Unicode.GetString(storeSalt); string base64Salt = Convert.ToBase64String(storeSalt); int test = base64Salt.Length; Test length is 172 what is well over the 128bits so what am I doing wrong? This is what their salt looks like vkNj4EvbEPbk1HHW+K8y/A== This is what my salt looks like E9oEtqo0livLke9+csUkf2AOLzFsOvhkB/NocSQm33aySyNOphplx9yH2bgsHoEeR/aw/pMe4SkeDvNVfnemoB4PDNRUB9drFhzXOW5jypF9NQmBZaJDvJ+uK3mPXsWkEcxANn9mdRzYCEYCaVhgAZ5oQRnnT721mbFKpfc4kpI=

    Read the article

  • Making a login Using JavaScript, Will Incorporate PHP Later

    - by TIMOTHY
    not sure why my code wont work, im teaching myself javascript i know php moderatly and i also know the intelligence of using java to hold a password and username, but at the moment i just want the script to work. <html> <head> <title>34webs</title> <link rel="stylesheet" href="css/lightbox.css" type="text/css" media="screen" /> <link rel="stylesheet" type="text/css" media="screen" href="main.css"> <script type="text/javascript" src="js/prototype.js"></script> <script type="text/javascript" src="js/scriptaculous.js?load=effects,builder"></script> <script type="text/javascript" src="js/lightbox.js"></script> <script type="javascript" > function logintry (){ var usern = document.logn.username.value; var passw = document.logn.password.value; if(usern == blue && passw == bluee){ alert('password is correct!'); }else{ alert('password is wrong'); } } </script> </head> <body> <div id="bod"> <div id="nav"> <p id="buttonhead">34 web</p> <a href="#" class="button">HOME</a> <a href="#" class="button">NEWS</a> <a href="#" class="button">DOWNLOADS</a> <a href="#" class="button">ERA</a> <a href="#" class="button">IE BROWSER</a> <a href="#" class="button">DRIVERS</a> <form name="logn"> <table style="margin:0 auto; background:#0174DF; color:white;"> <tr> <td> Username<br> <input type="text" name="username" value=""> </td> </tr> <tr> <td> Password<br> <input type="password" name="password" value=""> </td> </tr> <tr> <td style="text-align:center;"> <input type="button" name="Submit" value="submit" onclick= javascript: logintry()> </td> </tr> </table> </form> </div>

    Read the article

< Previous Page | 105 106 107 108 109 110 111 112 113 114 115 116  | Next Page >