Search Results

Search found 29495 results on 1180 pages for 'cross site scripting'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 1099/1180 | < Previous Page | 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106  | Next Page >

  • Why does PDO print my password when the connection fails?

    - by Joe Hopfgartner
    I have a simple website where I establish a connection to a Mysql server using PDO. $dbh = new PDO('mysql:host=localhost;dbname=DB;port=3306', 'USER', 'SECRET',array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8")); I had some traffic on my site and the servers connection limit was reached, and the website throw this error, with my PLAIN password in it! Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[08004] [1040] Too many connections' in /home/premiumize-me/html/index.php:64 Stack trace: #0 /home/premiumize-me/html/index.php(64): PDO-__construct('mysql:host=loca...', 'USER', 'SECRET', Array) #1 {main} thrown in /home/premiumize-me/html/index.php on line 64 Ironically I switched to PDO for security reasons, this really shocked me. Because this exact error is something you can provoke very easily on most sites using simple http flooding. I now wrapped my conenction into a try/catch clause, but still. I think this is catastrophic! So I am new to PDO and my questino is: What do I have to consider to be safe! How to I establish a connection in a secure way? Are there other known security holes like this one that I have to be aware of?

    Read the article

  • Expose webservice directly to webclients or keep a thin server-side script layer in between?

    - by max
    Hi, I'm developing a REST webservice (Java, Jersey). The people I'm doing this for want to directly access the webservice via Javascript. Some instinct tells me this is not a good idea, but I cannot really explain that instinct. My natural approach would have been to have the webservice do the real logic and database access, but also have some (relatively thin) server-side script layer (e.g. in PHP). Clients would talk to the PHP layer which in turn would talk to the webservice. (The webservice would be pretty local to the apache/PHP server and implicitly trust calls from the script layer. The script layer would take care of session management.) (Btw, I am not talking about just hiding the webservice behind an Apache which simply redirects calls.) But as I find myself at a lack of words/arguments to explain my instinct, I wonder whether my instinct is right - note that while I have been developing all kinds of software in all kinds of languages and frameworks for like 17 years, this is the first time I develop a webservice. So my question is basically: what are your opinions? Are there any standard setups? Is my instinct totally wrong? Or partially? ;P Many thanks, Max PS: I might add a few bits of information about the planned usage of the whole application: will be accessed by different kinds of users, partly general public, partly privileged thus, all major OS/browser combinations can be expected as clients however, writing the client is not my responsibility will potentially have very high load/traffic logic of webservice will later be massively expanded for another product which is basically a superset of the functionality of the current project there is a significant likelihood that at some point an API should be exposed which can be used by 3rd party developers - obviously, with some restrictions at some point, the public view of the product should become accessible via smartphones, too (in other words, maybe a customized version of the site to adapt to the smaller display and different input methods)

    Read the article

  • Drupal: How to Render Results of Form on Same Page as Form

    - by Aaron
    How would I print the results of a form submission on the same page as the form itself? Relevant hook_menu: $items['admin/content/ncbi_subsites/paths'] = array( 'title' => 'Paths', 'description' => 'Paths for a particular subsite', 'page callback' => 'ncbi_subsites_show_path_page', 'access arguments' => array( 'administer site configuration' ), 'type' => MENU_LOCAL_TASK, ); page callback: function ncbi_subsites_show_path_page() { $f = drupal_get_form('_ncbi_subsites_show_paths_form'); return $f; } Form building function: function _ncbi_subsites_show_paths_form() { // bunch of code here $form['subsite'] = array( '#title' => t('Subsites'), '#type' => 'select', '#description' => 'Choose a subsite to get its paths', '#default_value' => 'Choose a subsite', '#options'=> $tmp, ); $form['showthem'] = array( '#type' => 'submit', '#value' => 'Show paths', '#submit' => array( 'ncbi_subsites_show_paths_submit'), ); return $form; } Submit function (skipped validate function for brevity) function ncbi_subsites_show_paths_submit( &$form, &$form_state ) { //dpm ( $form_state ); $subsite_name = $form_state['values']['subsite']; $subsite = new Subsite( $subsite_name ); //y own class that I use internally in this module $paths = $subsite->normalized_paths; // build list $list = theme_item_list( $paths ); } If I print that $list variable, it is exactly what I want, but I am not sure how to get it into the page with the original form page built from 'ncbi_subsites_show_path_page'. Any help is much appreciated!

    Read the article

  • Automatically update php loop with data pulled from database

    - by John Svensson
    SQL STRUCTURE CREATE TABLE IF NOT EXISTS `map` ( `id` int(11) NOT NULL AUTO_INCREMENT, `x` int(11) NOT NULL, `y` int(11) NOT NULL, `type` varchar(50) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=3 ; http://localhost/map.php?x=0&y=0 When I update the x and y via POST or GET, I would like to pull the new data from the database without refreshing the site, how would I manage that? Could someone give me some examples, because I am really stuck here. <?php mysql_connect('localhost', 'root', ''); mysql_select_db('hol'); $startX = $_GET['x']; $startY = $_GET['y']; $fieldHeight = 6; $fieldWidth = 6; $sql = "SELECT id, x, y, type FROM map WHERE x BETWEEN ".$startX." AND ".($startX+$fieldWidth). " AND y BETWEEN ".$startY." AND ".($startY+$fieldHeight); $result = mysql_query($sql); $positions = array(); while ($row = mysql_fetch_assoc($result)) { $positions[$row['x']][$row['y']] = $row; } echo "<table>"; for($y=$startY; $y<$startY+$fieldHeight; $y++) { echo "<tr>"; for($x=$startX; $x<$startX+$fieldWidth; $x++) { echo "<td>"; if(isset($positions[$x][$y])) { echo $positions[$x][$y]['type']; } else { echo "(".$x.",".$y.")"; } echo "</td>"; } echo "</tr>"; } echo "</table>"; ?>

    Read the article

  • php search database for row

    - by Brenden Morley
    Okay I got code the code to pull data based on a users account number well here is what im using (And yes I know it isnt safe now that is the reason for my post) <?php include('config.php'); $user_info = fetch_user_info($_GET['AccountNumber']); ?> <html> <body> <div> <?php if ($user_info === false){ $Output = 'http://www.MyDomain.Com/'; echo '<META HTTP-EQUIV=Refresh CONTENT="0; URL='.$Output.'">'; }else{ ?> <center> <title><?php echo $user_info['FirstName'], ' ', $user_info['LastName'], ' - ', $user_info['City'], ', ', $user_info['State']; ?> - Name of site</title> So basically what this code is allowing me to do is have a file called Profile.php And when a user visits this this page it will return the data Like this http://MyDomain.com/Profile.php?AccountNumber=50b9c965b7c3b How can I do this securely cause right now its using a get method really unsafe to retive the account number from the url bar.

    Read the article

  • ASP.NET DynamicData: Whats happening during an update?

    - by Jens A.
    I am using ASP.NET DynamicData (based on LINQ to SQL) on my site for basic scaffolding. On one table I have added additional properties, that are not stored in the table, but are retrieved from somewhere else. (Profile information for a user account, in this case). They are displayed just fine, but when editing these values and pressing "Update", they are not changed. Here's what the properties look like, the table is the standard aspnet_Users table: public String Address { get { UserProfile profile = UserProfile.GetUserProfile(UserName); return profile.Address; } set { UserProfile profile = UserProfile.GetUserProfile(UserName); profile.Address = value; profile.Save(); } } When I fired up the debugger, I've noticed that for each update the set accessor is called three times. Once with the new value, but on a newly created instance of user, then once with the old value, again on an new instance, and finally with the old value on the existing instance. Wondering a bit, I checked with the properties created by the designer, and they, too, are called three times in (almost) the same fashion. The only difference is, that the last call contains the new value for the property. I am a bit stumped here. Why three times, and why are my new properties behaving differently? I'd be grateful for any help on that matter! =)

    Read the article

  • Retrieving my own data via FaceBook API

    - by goggin13
    I am building a website for a comedy group which uses Facebook as one of their marketing platforms; one of the requirements for the new site is to display all of their Facebook events on a calendar. Currently, I am just trying to put together a Python script which can pull some data from my own Facebook account, like a list of all my friends. I presume once I can accomplish this I can move to pulling more complicated data out of my clients account (since they have given me access to their account). I have looked at many of the posts here, and also went through the Facebook API documentation, including Facebook Connect, but am really beating my head against the wall. Everything I have read seems like overkill, as it involves setting up a good deal of infrastructure to allow my app to set up connections to any arbitrary user's account (who authorizes me). Shouldn't it be much simpler, given I only ever need to access 1 account? I cannot find a way to retrieve data without having to display the Facebook login window. I have a script which will retrieve all my friends, but it includes a redirect where I have to physically log myself in to Facebook. Would appreciate any advice or links, I just feel like I must be missing something simple. Thank you!

    Read the article

  • How do I migrate from a basic plaintext password authentication to an OAuth based system?

    - by different
    Hello, Found out today that Twitter will be discontinuing its basic authentication for its API; the push is now towards OAuth but I don’t have a clue as to how to use it or whether it’s the right path for me. All I want to be able to do is post a tweet linking to the most recently published post when I hit publish. Currently I’m sending the login credentials for my Twitter account as plaintext, which I realise isn’t that secure but as my site is fairly small it isn’t an issue at least for now. I’m using this basic PHP code: $status = urlencode(stripslashes(urldecode("Test tweet"))); $tweetUrl = 'http://www.twitter.com/statuses/update.xml'; $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, "$tweetUrl"); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 2); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_POST, 1); curl_setopt($curl, CURLOPT_POSTFIELDS, "status=$status"); curl_setopt($curl, CURLOPT_USERPWD, "$username:$password"); $result = curl_exec($curl); $resultArray = curl_getinfo($curl); if ($resultArray['http_code'] == 200) { curl_close($curl); $this->redirect(""); } else { curl_close($curl); echo 'Could not post to Twitter. Please go back and try again.'; } How do I move from this to an OAuth system? Do I need to?

    Read the article

  • How can I parse_url in PHP when there is a URL in a string variable?

    - by Eric O
    I am admittedly a PHP newbie, so I need some help. I am creating a self-designed affiliate program for my site and have the option for an affiliate to add a SubID to their link for tracking. Without having control over what is entered, I have been testing different scenarios and found a bug when a full URL is entered (i.e. "http://example.com"). In my PHP I can grab the variable from the string no problem. My problem comes from when I get the referring URL and parse it (since I need to parse the referring URL to get the host mane for other uses). Code below: $refURL = getenv("HTTP_REFERER"); $parseRefURL = parse_url($refURL); WORKS when incoming link is (for example): http://example.com/?ref=REFERRER'S-ID&sid=www.test.com ERROR when incoming link is (notice the addition of "http://" after "sid="): http://example.com/?ref=REFERRER'S-ID&sid=http://www.test.com Here is the warning message: Warning: parse_url(/?ref=REFERRER'S-ID&sid=http://www.test.com) [function.parse-url]: Unable to parse url in /home4/'directory'/public_html/hosterdoodle/header.php on line 28 Any ideas on how to keep the parse-url function from being thrown off when someone may decide to place a URL in a variable? (I actually tested this problem down to the point that it will throw the error with as little as ":/" in the variable)

    Read the article

  • Use CSS3 nth-child to alternate the float of images within DIV tags...

    - by Aaron Rodgers
    Basically, what I'm trying to create is a page of div tags, each has an image inside them and I'm trying to use CSS3's nth-child to alternate the float of that specific image. But for the life of me, I can't get the nth-child to locate those images. Here is my code so far... CSS .featureBlock img:nth-of-type(even) { float: left; } .featureBlock img:nth-of-type(odd) { float: right; } This is the HTML of one of those div tags.... <div class="featureBlock"> <h1>Multisize Players</h1> <div class="featureHelpBlock"><a href="#">More help with this</a></div> <img src="http://office2.vzaar.com/images/features/ft_multisize_players.png"> <span class="featureContent"><p>A variety of player sizes is important as we recognise the fact that no two videos or websites are ever the same and you will want something that suits your site&#8217;s look. So if you record your video in 4x3 (not widescreen) or 16x9 (widescreen) we have the range of player sizes to suit your exact needs.</p> <p>We encode the video at the time of uploading in the size that you choose so that the picture and sound quality is retained throughout. Users can choose from the following sizes:</p></span> <br style="clear:both"> </div> Hope this makes sense...

    Read the article

  • Confused about Android API's and compatability

    - by Keith
    I have purchased an HTC Incredible and have dived into the world of android! Only to find myself totally confused about the API levels and backward compatibility. My device runs the 2.1 OS, but I know that most of the devices out there run 1.5 or 1.6; and soon the 2.2 OS will be running on new devices. The SDK has gone through such enormous changes, that even constants have been renamed (from VIEW_ACTION to ACTION_VIEW for example). Methods have been added and removed (onPause replacing the earlier call, etc al). So, If I want to write an application that will work from 1.6+, does that mean I have to install and write my code using the 1.6 API; then test on later versions? Or can I write using the 2.1 SDK and just set the minSDK level and not use "new" features? I have never worked with an SDK that changes SO drastically from release to release! So I am not sure what to do.... I read through an article on the Android Development site(and this posting on stack overflow that references it: http://stackoverflow.com/questions/2076150/should-a-legacy-android-application-be-rebuilt-using-sdk-2-1), but it was still not very clear to me. Any help would be appreciated

    Read the article

  • How can I serialize functions using JSON or some other serialization library?

    - by Oragamster
    I am trying to create a program that uses javascript to write a simple textadventure that I can then post on my blog and run on my iphone. I have run into a problem though. I was trying to make it so that my program would save it's state into cookies using JSON to convert it into strings and then post it into a cookie but then I realised that I couldn't serialize the functions that are on my item object. I was trying to make it so that my item would have an associative array that would contain the name of the use as the key and the function as the value. This worked well untill I tried to serialize it. I learned that I could create a JSON like serialization for functions by storing the body into a string and using escape charectors for the double quotes but for some reason I was unable to make my cookie with the function as the string stored. When I posted the cookie and then tried to get it back the string wasn't there. My code and the over all project are on my site if you want to look at that, though my full code including the item actions are not posted yet.

    Read the article

  • jQuery script works in Firefox but not in IE. Why am I not surprised?

    - by Ben Tew
    I'm working with the context of a CMS system and trying to turn seperate div's into tabs. You can see it at http://www.wtvynews4.com/test I've kludged together some code from a tutorial site. <script charset="utf-8" type="text/javascript"> jQuery(function() { //When page loads... $("div[ondblclick$='87119417']").attr("id", "87119417"); $("div[ondblclick$='87119482']").attr("id", "87119482"); $("div[ondblclick$='87119672']").attr("id", "87119672"); $("div[ondblclick$='87119727']").attr("id", "87119727"); $("div[ondblclick$='87119812']").attr("id", "87119812"); $("div[ondblclick$='87119417']").addClass("tab_content"); $("div[ondblclick$='87119482']").addClass("tab_content"); $("div[ondblclick$='87119672']").addClass("tab_content"); $("div[ondblclick$='87119727']").addClass("tab_content"); $("div[ondblclick$='87119812']").addClass("tab_content"); $(".tab_content").hide(); //Hide all content $("ul.morenewstabs li:first").addClass("active").show(); //Activate first tab $(".tab_content:first").show(); //Show first tab content //On Click Event $("ul.morenewstabs li").click(function() { $("ul.morenewstabs li").removeClass("active"); //Remove any "active" class $(this).addClass("active"); //Add "active" class to selected tab $(".tab_content").hide(); //Hide all tab content var activeTab = $(this).find("a").attr("href"); //Find the href attribute value to identify the active tab + content $(activeTab).show(); //Fade in the active ID content return false; }); }); </script> Everything works fine in Firefox but not IE. can you provide any assistance? When the page loads the attribute ID's and classes aren't assigned. I tried changing jQuery(function() { to $(document).ready(function() still no luck.

    Read the article

  • File URI link to local folder in IE7 not working

    - by Kakmonstret
    No matter what I do I cannot get either of these local File URIs: <a href="file://C:/Folder/">...</a> <a href="file://C|/Folder/">...</a> <a href="C:\">...</a> ... ...to work in IE7 (on Vista). I've tried putting the site in different zones (Local Intranet, Trusted Sites), turning on/off Protected Mode and fiddling with the security settings for the active zone. I've also tried many variations of the URI. But when I click the links, nothing happens. No errors either. Well-formed file URIs to the local file system work in all other browsers I've tried, including IE6 and IE8. I've also gathered from what I've read on the web that this should work. Also, the following JavaScript results in an access-denied error, regardless of zone/settings: <a href="#" onclick="return window.open('C:\\Folder\\');">#</a> Did this stop working in the latest IE7 and/or the latest Vista, or something? And if so, why is it working again in IE8 on Windows 7? Is there a workaround of some kind? (I don't know how to test with IE7 on anything other than Vista.)

    Read the article

  • Getting the Item Count of a large sharepoint list in fastest way

    - by sooraj
    I am trying to get the count of the items in a sharepoint document library programatically. The scale I am working with is 30-70000 items. We have usercontrol in a smartpart to display the count . Ours is a TEAM site. This is the code to get the total count SPList VoulnterrList = web.Lists[ListTitle]; SPQuery query = new SPQuery(); query.ViewAttributes = "Scope=\"Recursive\""; string queries = "<Where><Eq><FieldRef Name='ApprovalStatus' /><Value Type='Choice'>Pending</Value></Eq></Where>"; query.Query = queries; SPListItemCollection lstitemcollAssoID = VoulnterrList.GetItems(query); lblCount.Text = "Total Proofs: " + VoulnterrList.Items.Count.ToString() + " Pending Proofs: " + lstitemcollAssoID.Count.ToString(); The problem is this has serious performance issue it takes 75 to 80 sec to load the page. if we comment this page load will decrees to 4 sec. Any better approch for this problem Ours is sharepoint 2007

    Read the article

  • Checking if user owns file before deleting it

    - by Martin Hoe
    I'm building an API for my site that allows users to delete the files they upload. Obviously, I want to check if the user owns that file before they delete it through the API. I have a files table and a users table, here's the schema: f_id, s_id, u_id, name, size, uploaded u_id, username, password, email, activated, activation_code u_id is a foreign key. The u_id field in the files table points to the u_id in the users table. Given the users username, I want to find the users u_id, and then check if they own the file through the file ID (f_id). I wrote this SQL: $sql = 'SELECT u.username FROM `users` u JOIN `files` f ON u.u_id = f.u_id WHERE f_id = ? AND u.u_id = ? LIMIT 1'; I'm assuming that'd work if I was given the users u_id in the API request, but alas I'm given only their username. How can I modify that SQL to find their user ID and use that? Thanks. Edit: Alright I've got this query but it's always returning an empty result set even though both the file ID and username exist. SELECT u.username FROM `users` u JOIN `files` f ON u.u_id = f.u_id WHERE f.f_id = ? AND u.username = ? LIMIT 1

    Read the article

  • Nginx - Treats PHP as binary

    - by Think Floyd
    We are running Nginx+FastCgi as the backend for our Drupal site. Everything seems to work like fine, except for this one url. http:///sites/all/modules/tinymce/tinymce/jscripts/tiny_mce/plugins/smimage/index.php (We use TinyMCE module in Drupal, and the url above is invoked when user tries to upload an image) When we were using Apache, everything was working fine. However, nginx treats that above url Binary and tries to Download it. (We've verified that the file pointed out by the url is a valid PHP file) Any idea what could be wrong here? I think it's something to do with the NGINX configuration, but not entirely sure what that is. Any help is greatly appreciated. Config: Here's the snippet from the nginx configuration file: root /var/www/; index index.php; if (!-e $request_filename) { rewrite ^/(.*)$ /index.php?q=$1 last; } error_page 404 index.php; location ~* \.(engine|inc|info|install|module|profile|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(code-style\.pl|Entries.*|Repository|Root|Tag|Template)$ { deny all; } location ~* ^.+\.(jpg|jpeg|gif|png|ico)$ { access_log off; expires 7d; } location ~* ^.+\.(css|js)$ { access_log off; expires 7d; } location ~ .php$ { include /etc/nginx/fcgi.conf; fastcgi_pass 127.0.0.1:8888; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; } location ~ /\.ht { deny all; }

    Read the article

  • Best Practices For Secure APIs?

    - by Ferrett Steinmetz
    Let's say I have a website that has a lot of information on our products. I'd like some of our customers (including us!) to be able to look up our products for various methods, including: 1) Pulling data from AJAX calls that return data in cool, JavaScripty-ways 2) Creating iPhone applications that use that data; 3) Having other web applications use that data for their own end. Normally, I'd just create an API and be done with it. However, this data is in fact mildly confidential - which is to say that we don't want our competitors to be able to look up all our products every morning and then automatically set their prices to undercut us. And we also want to be able to look at who might be abusing the system, so if someone's making ten million complex calls to our API a day and bogging down our server, we can cut them off. My next logical step would be then to create a developers' key to restrict access - which would work fine for web apps, but not so much for any AJAX calls. (As I see it, they'd need to provide the key in the JavaScript, which is in plaintext and easily seen, and hence there's actually no security at all. Particularly if we'd be using our own developers' keys on our site to make these AJAX calls.) So my question: after looking around at Oauth and OpenID for some time, I'm not sure there is a solution that would handle all three of the above. Is there some sort of canonical "best practices" for developers' keys, or can Oauth and OpenID handle AJAX calls easily in some fashion I have yet to grok, or am I missing something entirely?

    Read the article

  • Authentication and Security in my website - need advice please.

    - by Ichirichi
    Hi, I am using database with a list of username/passwords, and a simple web form that allows for users to enter their username/password. When they submit the page, I simply do a stored procedure check to authenticate. If they are authorised, then their user details (e.g. username, dob, address, company address, other important info) are stored in a custom User object and then in a session. This custom User object that I created is used throughout the web application, and also in a sub-site (session sharing). My question/problems are: Is my method of authentication the correct way to do things? I find users complaining that their session have expired although they "were not idle", possibly due the app pool recycling? They type large amounts of text and find that their session had expired and thus lose all the text typed in. I am uncertain whether the session does really reset sporadically but will Forms Authentication using cookies/cookiless resolve the issue? Alternatively should I build and store the User Object in a session, cookie or something else instead in order to be more "correct" and avoid cases like in point #2. If I go down the Forms Authentication route, I believe I cannot store my custom User object in a Forms Authentication cookie so does it mean I would store the UserID and then recreate the user object on every page? Would this not be a huge increase on the server load? Advice and answers much appreciated. L

    Read the article

  • Running an application from an USB device...

    - by Workshop Alex
    I'm working on a proof-of-concept application, containing a WCF service with console host and client, both on a single USB device. On the same device I will also have the client application which will connect to this service. The service uses the entity framework to connect to the database, which in this POC will just return a list of names. If it works, it will be used for a larger project. Creating the client and service was easy and this works well from USB. But getting the service to connect to the database isn't. I've found this site, suggesting that I should modify machine.config but that stops the XCopy deployment. This project cannot change any setting of the PC, so this suggestion is bad. I cannot create a deployment setup either. The whole thing just needs to run from USB disk. So, how do I get it to run? (The service just selects a list of names from the database, which it returns to the client. If this POC works, it will do far more complex things!)

    Read the article

  • Windows "forms" authentication - <deny users="?"> redirecting to foreign page!

    - by Erik5388
    Like the title states - I have a web.config file that looks like, <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.web> <compilation debug="true" targetFramework="4.0" /> <authentication mode="Forms"> <forms name="login" protection="All" timeout="30" loginUrl="login" defaultUrl="~/"> <credentials passwordFormat="Clear"> <user name="admin" password="password" /> </credentials> </forms> </authentication> <authorization> <deny users="?" /> </authorization> </system.web> </configuration> I want to do exactly what it says it should do... I want to deny all users who try to enter the site. It works however, it redirects to a "Account/Login?ReturnUrl=%2flogin" url I have never heard of... Is there a place I can change this?

    Read the article

  • Joomla ImageBrowser Lightbox not working

    - by jmorhardt
    I've been using an image browser for Joomla called ImageBrowser. It's great - easy uploads, easy for clients to use, even handles zip file uploads. I have Joomla v. 1.5.15 installed and the newest version of this plugin as well on 3 or 4 of our sites with no fuss or issues. Recently, the ImageBrowser on one of our sites started acting strangely. It was as if the Lightbox effect that we should have disappeared completely. I compared the settings for the site to another and found they were identical. I couldn't find a solution in the documentation or forums. Here's the URL to look at: http://neda.us/photos?view=gallery&folder=BSU+12-5-09. You can compare that to another of our sites with the same plugin and settings at South Oak Floors dot COM. You should be able to click on a thumbnail and get a full size view of the image in a Lightbox. Any help much needed and much appreciated.

    Read the article

  • Writing own Unix shell in C - Problems with PATH and execv

    - by user1287523
    I'm writing my own shell in C. It needs to be able to display the users current directory, execute commands based on the full path (must use execv), and allow the user to change the directory with cd. This IS homework. The teacher only gave us a basic primer on C and a very brief skeleton on how the program should work. Since I'm not one to give up easily I've been researching how to do this for three days, but now I'm stumped. This is what I have so far: Displays the user's username, computername, and current directory (defaults to home directory). Prompts the user for input, and gets the input Splits the user's input by " " into an array of arguments Splits the environment variable PATH by ":" into an array of tokens I'm not sure how to proceed from here. I know I've got to use the execv command but in my research on google I haven't really found an example I understand. For instance, if the command is bin/ls, how does execv know the display all files/folders from the home directory? How do I tell the system I changed the directory? I've been using this site a lot which has been helpful: http://linuxgazette.net/111/ramankutty.html but again, I'm stumped. Thanks for your help. Let me know if I should post some of my existing code, I'm wasn't sure if it was necessary though.

    Read the article

  • Exclude category from main RSS feed, but not all feeds

    - by jamEs
    I've got a blog that supplies content to multiple MailChimp newsletters via RSS. The first newsletter works fine, but the second I'm having issues with. The issue I have is that the second newsletter has "hidden" content. This content isn't meant for wide consumption, so it doesn't appear on the frontpage, but is accessible elsewhere on the site. The snafu with this is that not all of this content is hidden, just some of it, while other pieces of content for this newsletter could overlap with the first newsletter. This obviously makes excluding everything problematic, as they could be assigned multiple categories, some of which I wouldn't want hidden. The issue I'm running into is that I have a way to exclude this content from the frontpage, but not from the main RSS feed. I'm using WP Hide Post for this, which allows me to exclude from feed, which in turn removes it from all feeds, including the ones that feed the newsletter. I'm currently using /feed?cat=XXX to reference these feeds. Is there a way to make it so category feeds still work, just the main /feed RSS would exclude it?

    Read the article

  • Automatically use inclusion tags (?) in a template, depending on installed apps

    - by Ludwik Trammer
    The title may be a little confusing, but I don't know how else to call it. I would like to create a Django project with a large set of applications you could arbitrary turn on or off using INSTALLED_APPS option in settings.py (you would obviously also need to edit urls.py and run syncdb). After being turned on an app should be able to automatically: Register it's content in site-wide search. Luckily django-haystack has this built-in, so it's not a problem. Register cron jobs. django-cron does exactly that. Not a problem. Register a widget that should be displayed on the homepage. The homepage should include a list of boxes with widgets form different applications. I thought about inclusion tags, because you can put them anywhere on a page and they control both content and presentation. The problem is I don't know how to automatically get a list of inclusion tags provided by my applications, and display them one by one on a homepage. I need a way to register them somehow, and then display all registered tags.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106  | Next Page >