Search Results

Search found 19716 results on 789 pages for 'zend form'.

Page 110/789 | < Previous Page | 106 107 108 109 110 111 112 113 114 115 116 117  | Next Page >

  • Using Google's Contacts API's, how can I get the user's name and gmail address?

    - by chris
    I know how to get the entire contacts list using Google Contacts API (I get a session token and use Google's Zend package for PHP). But how can I get the person's name and email address? Currently, the Contacts API just seems to give all of the contacts. I'm not sure how to distinguish which email and name out of that list corresponds to the user's account. Is there an easy way to get the user's full name and email address? Any help would be useful. Thanks!

    Read the article

  • Zend_Auth_Adapter_DbTable identity not unique

    - by volf
    For authentication on a website i use Zend_Auth_Adapter_DbTable. Everything work's fine, but Zend Framework only allow unique Identitys in the table. As an identity i use the mail-address from my users. The problem is, that there are more items in the table with this mail-adress. User can delete there account and so i don't delete the whole row, i only change the status to -2 or something else. active user has the status 1. i try to use it like so: $authAdapter = new Zend_Auth_Adapter_DbTable($db, 'user', 'email', 'password', "? AND `status`='1'"); $authAdapter->setIdentity($email); $authAdapter->setCredential($password); But it doesn't work. If i delete the inactive user with the same mail-address, everything work's. Why is that?

    Read the article

  • new controller in oo php

    - by pradeep
    Hi , I have a practical doubt , I am using OO php , and i am new to it. I am using zend framework to be clear. I am writing controllers(class) and actions(methods) with in it say PatientMapper.php which has all single mysql table related actions and Patient.php which has all setter and getter functions. I get a doubt that when should i write a new controller. Should i write a controller for all the actions on a single mysql table . or a single controller for all actions related to a module.

    Read the article

  • How do I escape a new line character in a .ini file so that Zend_Config_Ini reads it literally?

    - by Nick
    I am trying to store a multiple line e-mail in an ini file using PHP/Zend Framework. My string has new lines characters in it, and when I use Zend_Config_Ini to parse the ini file, the new line characters come back escaped, so they are printed out on screen, instead of a line feed. Example: // ini file message = Hi {0},\n\nThis is a test message.\nGoodbye! is parsed by Zend_Config_Ini as: Hi {0},\\n\\nThis is a test message.\\nGoodbye! which then is printed out in the email as: Hi John,\n\nThis is a test message.\nGoodbye! Instead I want the e-mail to look like this: Hi John, This is a test message. Goodbye! Does anybody know how to achieve this? Thanks!

    Read the article

  • Security Issues with Single Page Apps

    - by Stephen.Walther
    Last week, I was asked to do a code review of a Single Page App built using the ASP.NET Web API, Durandal, and Knockout (good stuff!). In particular, I was asked to investigate whether there any special security issues associated with building a Single Page App which are not present in the case of a traditional server-side ASP.NET application. In this blog entry, I discuss two areas in which you need to exercise extra caution when building a Single Page App. I discuss how Single Page Apps are extra vulnerable to both Cross-Site Scripting (XSS) attacks and Cross-Site Request Forgery (CSRF) attacks. This goal of this blog post is NOT to persuade you to avoid writing Single Page Apps. I’m a big fan of Single Page Apps. Instead, the goal is to ensure that you are fully aware of some of the security issues related to Single Page Apps and ensure that you know how to guard against them. Cross-Site Scripting (XSS) Attacks According to WhiteHat Security, over 65% of public websites are open to XSS attacks. That’s bad. By taking advantage of XSS holes in a website, a hacker can steal your credit cards, passwords, or bank account information. Any website that redisplays untrusted information is open to XSS attacks. Let me give you a simple example. Imagine that you want to display the name of the current user on a page. To do this, you create the following server-side ASP.NET page located at http://MajorBank.com/SomePage.aspx: <%@Page Language="C#" %> <html> <head> <title>Some Page</title> </head> <body> Welcome <%= Request["username"] %> </body> </html> Nothing fancy here. Notice that the page displays the current username by using Request[“username”]. Using Request[“username”] displays the username regardless of whether the username is present in a cookie, a form field, or a query string variable. Unfortunately, by using Request[“username”] to redisplay untrusted information, you have now opened your website to XSS attacks. Here’s how. Imagine that an evil hacker creates the following link on another website (hackers.com): <a href="/SomePage.aspx?username=<script src=Evil.js></script>">Visit MajorBank</a> Notice that the link includes a query string variable named username and the value of the username variable is an HTML <SCRIPT> tag which points to a JavaScript file named Evil.js. When anyone clicks on the link, the <SCRIPT> tag will be injected into SomePage.aspx and the Evil.js script will be loaded and executed. What can a hacker do in the Evil.js script? Anything the hacker wants. For example, the hacker could display a popup dialog on the MajorBank.com site which asks the user to enter their password. The script could then post the password back to hackers.com and now the evil hacker has your secret password. ASP.NET Web Forms and ASP.NET MVC have two automatic safeguards against this type of attack: Request Validation and Automatic HTML Encoding. Protecting Coming In (Request Validation) In a server-side ASP.NET app, you are protected against the XSS attack described above by a feature named Request Validation. If you attempt to submit “potentially dangerous” content — such as a JavaScript <SCRIPT> tag — in a form field or query string variable then you get an exception. Unfortunately, Request Validation only applies to server-side apps. Request Validation does not help in the case of a Single Page App. In particular, the ASP.NET Web API does not pay attention to Request Validation. You can post any content you want – including <SCRIPT> tags – to an ASP.NET Web API action. For example, the following HTML page contains a form. When you submit the form, the form data is submitted to an ASP.NET Web API controller on the server using an Ajax request: <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> </head> <body> <form data-bind="submit:submit"> <div> <label> User Name: <input data-bind="value:user.userName" /> </label> </div> <div> <label> Email: <input data-bind="value:user.email" /> </label> </div> <div> <input type="submit" value="Submit" /> </div> </form> <script src="Scripts/jquery-1.7.1.js"></script> <script src="Scripts/knockout-2.1.0.js"></script> <script> var viewModel = { user: { userName: ko.observable(), email: ko.observable() }, submit: function () { $.post("/api/users", ko.toJS(this.user)); } }; ko.applyBindings(viewModel); </script> </body> </html> The form above is using Knockout to bind the form fields to a view model. When you submit the form, the view model is submitted to an ASP.NET Web API action on the server. Here’s the server-side ASP.NET Web API controller and model class: public class UsersController : ApiController { public HttpResponseMessage Post(UserViewModel user) { var userName = user.UserName; return Request.CreateResponse(HttpStatusCode.OK); } } public class UserViewModel { public string UserName { get; set; } public string Email { get; set; } } If you submit the HTML form, you don’t get an error. The “potentially dangerous” content is passed to the server without any exception being thrown. In the screenshot below, you can see that I was able to post a username form field with the value “<script>alert(‘boo’)</script”. So what this means is that you do not get automatic Request Validation in the case of a Single Page App. You need to be extra careful in a Single Page App about ensuring that you do not display untrusted content because you don’t have the Request Validation safety net which you have in a traditional server-side ASP.NET app. Protecting Going Out (Automatic HTML Encoding) Server-side ASP.NET also protects you from XSS attacks when you render content. By default, all content rendered by the razor view engine is HTML encoded. For example, the following razor view displays the text “<b>Hello!</b>” instead of the text “Hello!” in bold: @{ var message = "<b>Hello!</b>"; } @message   If you don’t want to render content as HTML encoded in razor then you need to take the extra step of using the @Html.Raw() helper. In a Web Form page, if you use <%: %> instead of <%= %> then you get automatic HTML Encoding: <%@ Page Language="C#" %> <% var message = "<b>Hello!</b>"; %> <%: message %> This automatic HTML Encoding will prevent many types of XSS attacks. It prevents <script> tags from being rendered and only allows &lt;script&gt; tags to be rendered which are useless for executing JavaScript. (This automatic HTML encoding does not protect you from all forms of XSS attacks. For example, you can assign the value “javascript:alert(‘evil’)” to the Hyperlink control’s NavigateUrl property and execute the JavaScript). The situation with Knockout is more complicated. If you use the Knockout TEXT binding then you get HTML encoded content. On the other hand, if you use the HTML binding then you do not: <!-- This JavaScript DOES NOT execute --> <div data-bind="text:someProp"></div> <!-- This Javacript DOES execute --> <div data-bind="html:someProp"></div> <script src="Scripts/jquery-1.7.1.js"></script> <script src="Scripts/knockout-2.1.0.js"></script> <script> var viewModel = { someProp : "<script>alert('Evil!')<" + "/script>" }; ko.applyBindings(viewModel); </script>   So, in the page above, the DIV element which uses the TEXT binding is safe from XSS attacks. According to the Knockout documentation: “Since this binding sets your text value using a text node, it’s safe to set any string value without risking HTML or script injection.” Just like server-side HTML encoding, Knockout does not protect you from all types of XSS attacks. For example, there is nothing in Knockout which prevents you from binding JavaScript to a hyperlink like this: <a data-bind="attr:{href:homePageUrl}">Go</a> <script src="Scripts/jquery-1.7.1.min.js"></script> <script src="Scripts/knockout-2.1.0.js"></script> <script> var viewModel = { homePageUrl: "javascript:alert('evil!')" }; ko.applyBindings(viewModel); </script> In the page above, the value “javascript:alert(‘evil’)” is bound to the HREF attribute using Knockout. When you click the link, the JavaScript executes. Cross-Site Request Forgery (CSRF) Attacks Cross-Site Request Forgery (CSRF) attacks rely on the fact that a session cookie does not expire until you close your browser. In particular, if you visit and login to MajorBank.com and then you navigate to Hackers.com then you will still be authenticated against MajorBank.com even after you navigate to Hackers.com. Because MajorBank.com cannot tell whether a request is coming from MajorBank.com or Hackers.com, Hackers.com can submit requests to MajorBank.com pretending to be you. For example, Hackers.com can post an HTML form from Hackers.com to MajorBank.com and change your email address at MajorBank.com. Hackers.com can post a form to MajorBank.com using your authentication cookie. After your email address has been changed, by using a password reset page at MajorBank.com, a hacker can access your bank account. To prevent CSRF attacks, you need some mechanism for detecting whether a request is coming from a page loaded from your website or whether the request is coming from some other website. The recommended way of preventing Cross-Site Request Forgery attacks is to use the “Synchronizer Token Pattern” as described here: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet When using the Synchronizer Token Pattern, you include a hidden input field which contains a random token whenever you display an HTML form. When the user opens the form, you add a cookie to the user’s browser with the same random token. When the user posts the form, you verify that the hidden form token and the cookie token match. Preventing Cross-Site Request Forgery Attacks with ASP.NET MVC ASP.NET gives you a helper and an action filter which you can use to thwart Cross-Site Request Forgery attacks. For example, the following razor form for creating a product shows how you use the @Html.AntiForgeryToken() helper: @model MvcApplication2.Models.Product <h2>Create Product</h2> @using (Html.BeginForm()) { @Html.AntiForgeryToken(); <div> @Html.LabelFor( p => p.Name, "Product Name:") @Html.TextBoxFor( p => p.Name) </div> <div> @Html.LabelFor( p => p.Price, "Product Price:") @Html.TextBoxFor( p => p.Price) </div> <input type="submit" /> } The @Html.AntiForgeryToken() helper generates a random token and assigns a serialized version of the same random token to both a cookie and a hidden form field. (Actually, if you dive into the source code, the AntiForgeryToken() does something a little more complex because it takes advantage of a user’s identity when generating the token). Here’s what the hidden form field looks like: <input name=”__RequestVerificationToken” type=”hidden” value=”NqqZGAmlDHh6fPTNR_mti3nYGUDgpIkCiJHnEEL59S7FNToyyeSo7v4AfzF2i67Cv0qTB1TgmZcqiVtgdkW2NnXgEcBc-iBts0x6WAIShtM1″ /> And here’s what the cookie looks like using the Google Chrome developer toolbar: You use the [ValidateAntiForgeryToken] action filter on the controller action which is the recipient of the form post to validate that the token in the hidden form field matches the token in the cookie. If the tokens don’t match then validation fails and you can’t post the form: public ActionResult Create() { return View(); } [ValidateAntiForgeryToken] [HttpPost] public ActionResult Create(Product productToCreate) { if (ModelState.IsValid) { // save product to db return RedirectToAction("Index"); } return View(); } How does this all work? Let’s imagine that a hacker has copied the Create Product page from MajorBank.com to Hackers.com – the hacker grabs the HTML source and places it at Hackers.com. Now, imagine that the hacker trick you into submitting the Create Product form from Hackers.com to MajorBank.com. You’ll get the following exception: The Cross-Site Request Forgery attack is blocked because the anti-forgery token included in the Create Product form at Hackers.com won’t match the anti-forgery token stored in the cookie in your browser. The tokens were generated at different times for different users so the attack fails. Preventing Cross-Site Request Forgery Attacks with a Single Page App In a Single Page App, you can’t prevent Cross-Site Request Forgery attacks using the same method as a server-side ASP.NET MVC app. In a Single Page App, HTML forms are not generated on the server. Instead, in a Single Page App, forms are loaded dynamically in the browser. Phil Haack has a blog post on this topic where he discusses passing the anti-forgery token in an Ajax header instead of a hidden form field. He also describes how you can create a custom anti-forgery token attribute to compare the token in the Ajax header and the token in the cookie. See: http://haacked.com/archive/2011/10/10/preventing-csrf-with-ajax.aspx Also, take a look at Johan’s update to Phil Haack’s original post: http://johan.driessen.se/posts/Updated-Anti-XSRF-Validation-for-ASP.NET-MVC-4-RC (Other server frameworks such as Rails and Django do something similar. For example, Rails uses an X-CSRF-Token to prevent CSRF attacks which you generate on the server – see http://excid3.com/blog/rails-tip-2-include-csrf-token-with-every-ajax-request/#.UTFtgDDkvL8 ). For example, if you are creating a Durandal app, then you can use the following razor view for your one and only server-side page: @{ Layout = null; } <!DOCTYPE html> <html> <head> <title>Index</title> </head> <body> @Html.AntiForgeryToken() <div id="applicationHost"> Loading app.... </div> @Scripts.Render("~/scripts/vendor") <script type="text/javascript" src="~/App/durandal/amd/require.js" data-main="/App/main"></script> </body> </html> Notice that this page includes a call to @Html.AntiForgeryToken() to generate the anti-forgery token. Then, whenever you make an Ajax request in the Durandal app, you can retrieve the anti-forgery token from the razor view and pass the token as a header: var csrfToken = $("input[name='__RequestVerificationToken']").val(); $.ajax({ headers: { __RequestVerificationToken: csrfToken }, type: "POST", dataType: "json", contentType: 'application/json; charset=utf-8', url: "/api/products", data: JSON.stringify({ name: "Milk", price: 2.33 }), statusCode: { 200: function () { alert("Success!"); } } }); Use the following code to create an action filter which you can use to match the header and cookie tokens: using System.Linq; using System.Net.Http; using System.Web.Helpers; using System.Web.Http.Controllers; namespace MvcApplication2.Infrastructure { public class ValidateAjaxAntiForgeryToken : System.Web.Http.AuthorizeAttribute { protected override bool IsAuthorized(HttpActionContext actionContext) { var headerToken = actionContext .Request .Headers .GetValues("__RequestVerificationToken") .FirstOrDefault(); ; var cookieToken = actionContext .Request .Headers .GetCookies() .Select(c => c[AntiForgeryConfig.CookieName]) .FirstOrDefault(); // check for missing cookie or header if (cookieToken == null || headerToken == null) { return false; } // ensure that the cookie matches the header try { AntiForgery.Validate(cookieToken.Value, headerToken); } catch { return false; } return base.IsAuthorized(actionContext); } } } Notice that the action filter derives from the base AuthorizeAttribute. The ValidateAjaxAntiForgeryToken only works when the user is authenticated and it will not work for anonymous requests. Add the action filter to your ASP.NET Web API controller actions like this: [ValidateAjaxAntiForgeryToken] public HttpResponseMessage PostProduct(Product productToCreate) { // add product to db return Request.CreateResponse(HttpStatusCode.OK); } After you complete these steps, it won’t be possible for a hacker to pretend to be you at Hackers.com and submit a form to MajorBank.com. The header token used in the Ajax request won’t travel to Hackers.com. This approach works, but I am not entirely happy with it. The one thing that I don’t like about this approach is that it creates a hard dependency on using razor. Your single page in your Single Page App must be generated from a server-side razor view. A better solution would be to generate the anti-forgery token in JavaScript. Unfortunately, until all browsers support a way to generate cryptographically strong random numbers – for example, by supporting the window.crypto.getRandomValues() method — there is no good way to generate anti-forgery tokens in JavaScript. So, at least right now, the best solution for generating the tokens is the server-side solution with the (regrettable) dependency on razor. Conclusion The goal of this blog entry was to explore some ways in which you need to handle security differently in the case of a Single Page App than in the case of a traditional server app. In particular, I focused on how to prevent Cross-Site Scripting and Cross-Site Request Forgery attacks in the case of a Single Page App. I want to emphasize that I am not suggesting that Single Page Apps are inherently less secure than server-side apps. Whatever type of web application you build – regardless of whether it is a Single Page App, an ASP.NET MVC app, an ASP.NET Web Forms app, or a Rails app – you must constantly guard against security vulnerabilities.

    Read the article

  • Magento Community - Hosting :: Need Advice which sharing hosting will run magento fast

    - by user43353
    Hi, Need Advice which sharing hosting will run Magento Community fast or some other not expensive solution. This website will not have a lot of users, I only need that it will run fast for 100-20 users in same time. The problem with magento is database design that make this system very slow , also other staff not the best. I had hostmonster.com and justhost.com for previous website but it wasn't fast enough for single user that not located in USA (my customer areas: Asia, Africa). each action that involve database takes a lot of time. Thanks

    Read the article

  • Magento Community - Hosting :: Need Advice which sharing hosting will run magento fast

    - by user43353
    Hi, Need Advice which sharing hosting will run Magento Community fast or some other not expensive solution. This website will not have a lot of users, I only need that it will run fast for 100-20 users in same time. The problem with magento is database design that make this system very slow , also other staff not the best. I had hostmonster.com and justhost.com for previous website but it wasn't fast enough for single user that not located in USA (my customer areas: Asia, Africa). each action that involve database takes a lot of time. Thanks

    Read the article

  • Cannot install xdebug

    - by Nathan Mann
    I'm getting a large number of undefined references when using $ld xdebug.so I have added the "zend_extension="/bla/xdebug.so"" to the conf for apache and it is giving me a config test failed because it cannot find the file. The file has been chown'd to www-data, so I do not believe it is a permissions error. I have run the wizard at xdebug.org/wizard.php to make sure the version would be correct, I updated to the version it recommended with an install from source and still receive the same error with apache and same output from $ld. I originally installed xdebug with: $apt-get install php5-xdebug And have also tried with: $pecl install xdebug

    Read the article

  • Installing ZendServer on IIS6

    - by Wayne M
    I need to run ASP and PHP applications side by side, so I installed ZendServer Community Edition on our existing Server 2003 platform. I specified it to use the existing IIS instance so I don't have to deal with multiple ports (we use ZoneEdit to manage our DNS and they don't seem to allow anything other than port 80 without forwarding). The install went smooth but when I try to configure and manage the install by going to http://localhost/ZendServer (or even just localhost) I get a Bad Request (Invalid Hostname) error. I haven't done anything except install the server, and this is my first time working with ZendServer. How do I fix this so I can get things set up?

    Read the article

  • procmail don't execute php script

    - by Phliplip
    Hi, I have setup a kannel SMS gateway on my FreeBSD 7.2 - the service works great. I'm now trying to setup a email2sms feature. For this i have created a system user called kannel and all mails are forwarded to this user. In the home dir of kannel i have the following files. -rw-r--r-- 1 kannel kannel 81B 17 jan 09:50 .procmailrc lrwxr-x--- 1 root kannel 58B 14 jan 13:24 email2sms.php @ -> some-what-some-where -rw-rw-rw- 1 root kannel 5,8K 17 jan 09:52 log.email2sms -rw------- 1 kannel kannel 1,3K 17 jan 09:50 procmail.log -rw-r----- 1 root kannel 606B 14 jan 13:28 rawmail.txt The file email2sms.php is a symlink to the a php script (ZendFramework Application) that takes the email from STDIN, and uses ZendFramework to parse that mail into an object. It then do a http request to the SMS gateway. The php-script works. Content of .procmailrc LOGFILE=$HOME/procmail.log VERBOSE=yes :0 | php email2sms.php >> log.email2sms From last sent email i have this in procmail.log procmail: [97744] Mon Jan 17 09:50:40 2011 procmail: [97744] Mon Jan 17 09:50:40 2011 procmail: Assigning "LASTFOLDER= php email2sms.php >> log.email2sms" procmail: Executing " php email2sms.php >> log.email2sms" procmail: Notified comsat: "kannel@:/home/user/kannel/ php email2sms.php >> log.email2sms" From [email protected] Mon Jan 17 09:50:40 2011 Subject: asdf as Folder: php email2sms.php >> log.email2sms 2600 But there is no new output to log.email2sms, and the script should output the subject of the email. If i sudo as the kannel user and pipe a file with raw email to the script, it executes just fine. [root@webserver /home/user/kannel]# /home/user/kannel/ sudo -u kannel cat rawmail.txt | php email2sms.php >> log.email2sms And the command outputs to log.email2sms as desired. Any ideas guys?

    Read the article

  • Recovering corrupted VB.NET Form file?

    - by Omega
    Good day. This question is directly related to this one I made here: http://stackoverflow.com/questions/4911099/there-is-no-editor-available-for-form1-vb-error There, I was working on my VB.NET 2010 Express application, I saved, then a blackout came and now, apparently, I can't view the designer nor code of my Form file (Form1.vb). On StackOverflow, I was recommended to check for the From1.vb file, and try to open it on Notepad. If nothing appeared, it would mean that my file was corrupted. I open it on Notepad, and I get a blank file. It is 27kb, but it only has blank spaces. So I assume it is corrupted. I was told this place was better for dealing with corrupted files, about techniques to recover them. I use Windows7, VB.NET 2010 Express. I run Windows7 on Parallels Desktop, Mac OS X. However, I do not believe that is the problem, most likely it was that damned blackout... this is the first time that happens to me. VB.NET worked just fine for me all time (about a month and half). Thank you.

    Read the article

  • javascript doesn't seem to be able to post form data (nginx server w/ php-fpm)

    - by Jones
    So the situation is like so: I have a nginx server with php-fpm installed. All is well and the site scripts and all work perfectly. I am able to use html to POST form data and it works just fine. However, There seems to be be some correlation between javascript, the POST protocol and nothing happening. I cant seem to determine the issue. Example: I have a user login widget that uses javascript on submit the fields and POST the data to a backend auth script which returns a server message that then populates the login box saying something like "Login Successful" followed by reloading the page to properly enable content. Problem is, nothing happens when you hit submit. I do know the setup works because i had it working on apache before migrating. Also if it makes any difference, the server is a Amazon EC2 instance using the Amazon AMI. I really dont know where to start looking on this one, but below is my default.conf for the server: upstream backend_get { server 127.0.0.1:80 weight=1; } upstream backend_post { server 127.0.0.1:80 weight=1; } #Main website url server { listen 80; server_name server.com; #charset koi8-r; access_log logs/host.access.log main; error_log logs/host.error.log; location / { root /usr/share/nginx/html; index index.php index.html index.htm; if ($request_method = POST) { proxy_pass http://backend_post; break; } } location ~ \.php$ { #fastcgi_pass 127.0.0.1:9000; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } }

    Read the article

  • Mavericks: Safari does not login in into web services

    - by Roberto
    Since when I upgraded ML to Mavericks Safari is no longer able to log me into Facebook. When I go to the login page it suggests me the correct credentials, I hit the Login button, the page refreshes but nothing happens, like if the credentials where empty. Firefox works perfectly, I even logged out and back in to make sure the credentials are the same that Safari suggests, and so they are. Needless to say for a different user on the same Mavericks Safari logs in correctly. The same happens with most web pages that need a login, web mails for instances, I have tow accounts on different webmail providers and none of them works. Of course using the same mail services with POP3 works fine. Even on this very site I cannot post a thing with Safari, I'm going to switch to Firefox to be able to post this question. Again, Firefox or a different user are OK. Do you have any idea/suggestion?

    Read the article

  • New AD user request form and workflow

    - by user66390
    I'm wondering if anyone is providing a solid solution for creating New Network User Account Request forms, and attaching workflows to them to automate account creation? I'm currently investigating a number of options, but am surprised that such a ubiquitous task hasn't been solved a dozen times over and thoroughly documented. Or at least isn't integrated into current off-the-shelf change management and ticketing systems. Ideally, I'd like for our current ticketing system, ServiceDesk+ to present a standard 'New User' form to department heads, which they can fill in with the required new user details. This triggers a workflow that submits the request as a ticket that can be reviewed and actioned. Actioning the ticket triggers a workflow that creates a user in AD with the details provided, and notifies the department head upon completion. All told, a pretty standard requirement that I'm sure most organizations have. What are other people doing to accomplish this? Edit: I should add, I'm more looking for "supported" methods. As is, I've submitted a number of scripted solutions, none of which have met with manager approval.

    Read the article

  • Is there anyway i can create an intranet request form and have it be stored in a database? [on hold]

    - by eternalearth888
    I am trying to create a form for my companies intraNet site. The idea is as follows: An employee wants to make a purchase, so they will go to the appropriate page in the intraNet They will fill out the form on the intraNet page They click the email button The data in the form is saved in a database, and an email is sent to me stating that there is purchase order request form filled out I am not exactly sure how to go about this. Part of me wants to create it in a Data Access Page but I am not sure that's correct. If there is no one here who can help, is there anyone who can direct me to someone/something that can help me?

    Read the article

  • jQuery Validate - require at least one field in a group to be filled

    - by Nathan Long
    I'm using the excellent jQuery Validate Plugin to validate some forms. On one form, I need to ensure that the user fills in at least one of a group of fields. I think I've got a pretty good solution, and wanted to share it. Please suggest any improvements you can think of. Finding no built-in way to do this, I searched and found Rebecca Murphey's custom validation method, which was very helpful. I improved this in three ways: To let you pass in a selector for the group of fields To let you specify how many of that group must be filled for validation to pass To show all inputs in the group as passing validation as soon as one of them passes validation. So you can say "at least X inputs that match selector Y must be filled." The end result is a rule like this: partnumber: { require_from_group: [2,".productinfo"] } //The partnumber input will validate if //at least 2 `.productinfo` inputs are filled For best results, put this rule AFTER any formatting rules for that field (like "must contain only numbers", etc). This way, if the user gets an error from this rule and starts filling out one of the fields, they will get immediate feedback about the formatting required without having to fill another field first. Item #3 assumes that you're adding a class of .checked to your error messages upon successful validation. You can do this as follows, as demonstrated here. success: function(label) { label.html(" ").addClass("checked"); } As in the demo linked above, I use CSS to give each span.error an X image as its background, unless it has the class .checked, in which case it gets a check mark image. Here's my code so far: jQuery.validator.addMethod("require_from_group", function(value, element, options) { // From the options array, find out what selector matches // our group of inputs and how many of them should be filled. numberRequired = options[0]; selector = options[1]; var commonParent = $(element).parents('form'); var numberFilled = 0; commonParent.find(selector).each(function(){ // Look through fields matching our selector and total up // how many of them have been filled if ($(this).val()) { numberFilled++; } }); if (numberFilled >= numberRequired) { // This part is a bit of a hack - we make these // fields look like they've passed validation by // hiding their error messages, etc. Strictly speaking, // they haven't been re-validated, though, so it's possible // that we're hiding another validation problem. But there's // no way (that I know of) to trigger actual re-validation, // and in any case, any other errors will pop back up when // the user tries to submit the form. // If anyone knows a way to re-validate, please comment. // // For imputs matching our selector, remove error class // from their text. commonParent.find(selector).removeClass('error'); // Also look for inserted error messages and mark them // with class 'checked' var remainingErrors = commonParent.find(selector) .next('label.error').not('.checked'); remainingErrors.text("").addClass('checked'); // Tell the Validate plugin that this test passed return true; } // The {0} in the next line is the 0th item in the options array }, jQuery.format("Please fill out at least {0} of these fields.")); Questions? Comments?

    Read the article

  • Problem with From field in contact form and mail() function

    - by Matthew
    I've got a contact form with 3 fields and a textarea... I use jQuery to validate it and then php to send emails. This contact form works fine but, when I receive an email, From field isn't correct. I'd like to want that From field shows text typed in the Name field of the contact form. Now I get a From field like this: <[email protected]> For example, if an user types "Matthew" in the name field, I'd like to want that this word "Matthew" appears in the From field. This is my code (XHTML, jQuery, PHP): <div id="contact"> <h3 id="formHeader">Send Us a Message!</h3> <form id="contactForm" method="post" action=""> <div id="risposta"></div> <!-- End Risposta Div --> <span>Name:</span> <input type="text" id="formName" value="" /><br /> <span>E-mail:</span> <input type="text" id="formEmail" value="" /><br /> <span>Subject:</span> <input type="text" id="formSubject" value="" /><br /> <span>Message:</span> <textarea id="formMessage" rows="9" cols="20"></textarea><br /> <input type="submit" id="formSend" value="Send" /> </form> </div> <script type="text/javascript"> $(document).ready(function(){ $("#formSend").click(function(){ var valid = ''; var nome = $("#formName").val(); var mail = $("#formEmail").val(); var oggetto = $("#formSubject").val(); var messaggio = $("#formMessage").val(); if (nome.length<1) { valid += '<span>Name field empty.</span><br />'; } if (!mail.match(/^([a-z0-9._-]+@[a-z0-9._-]+\.[a-z]{2,4}$)/i)) { valid += '<span>Email not valid or empty field.</span><br />'; } if (oggetto.length<1) { valid += '<span>Subject field empty.</span><br />'; } if (valid!='') { $("#risposta").fadeIn("slow"); $("#risposta").html("<span><b>Error:</b></span><br />"+valid); $("#risposta").css("background-color","#ffc0c0"); } else { var datastr ='nome=' + nome + '&mail=' + mail + '&oggetto=' + oggetto + '&messaggio=' + encodeURIComponent(messaggio); $("#risposta").css("display", "block"); $("#risposta").css("background-color","#FFFFA0"); $("#risposta").html("<span>Sending message...</span>"); $("#risposta").fadeIn("slow"); setTimeout("send('"+datastr+"')",2000); } return false; }); }); function send(datastr){ $.ajax({ type: "POST", url: "contactForm.php", data: datastr, cache: false, success: function(html) { $("#risposta").fadeIn("slow"); $("#risposta").html('<span>Message successfully sent.</span>'); $("#risposta").css("background-color","#e1ffc0"); setTimeout('$("#risposta").fadeOut("slow")',2000); } }); } </script> <?php $mail = $_POST['mail']; $nome = $_POST['nome']; $oggetto = $_POST['oggetto']; $text = $_POST['messaggio']; $ip = $_SERVER['REMOTE_ADDR']; $to = "[email protected]"; $message = $text."<br /><br />IP: ".$ip."<br />"; $headers = "From: $nome \n"; $headers .= "Reply-To: $mail \n"; $headers .= "MIME-Version: 1.0 \n"; $headers .= "Content-Type: text/html; charset=UTF-8 \n"; mail($to, $oggetto, $message, $headers); ?>

    Read the article

  • PROBLEM: PHP strip_tags & multi-dimensional array form parameter

    - by Tunji Gbadamosi
    I'm having problems stripping the tags from the textual inputs retrieved from my form so as to do something with them in checkout.php. The input is stored in a multi-dimensional array. Here's my form: echo '<form name="choose" action="checkout.php" method="post" onsubmit="return validate_second_form(this);">'; echo '<input type="hidden" name="hidden_value" value="'.$no_guests.'" />'; if($no_guests >= 1){ echo '<div class="volunteer">'; echo '<fieldset>'; echo '<legend>Volunteer:</legend>'; echo '<label>Table:</label>'; echo '<select name="volunteer_table">'; foreach($tables as $t){ echo '<option>'.$t.'</option>'; } echo '</select><br><br>'; echo '<label>Seat number:</label>'; echo '<select name="volunteer_seat">'; foreach($seats as $seat){ echo '<option>'.$seat.'</option>'; } echo '</select><br><br>'; //echo '<br>'; echo '</fieldset>'; echo '</div>'; for($i=0;$i<$no_guests;$i++){ $guest = "guest_".$i; echo '<div class="'.$guest.'">'; echo '<fieldset>'; echo '<legend>Guest '.$i.':</legend>'; echo '<label>First Name:</label>'; echo '<input type="text" name="guest['.$i.']['.$first_name.']" id="fn'.$i.'">'; echo '<label>Surname:</label>'; echo '<input type="text" name="guest['.$i.']['.$surname.']" id="surname'.$i.'"><br><br>'; echo '<label>Date of Birth:</label> <br>'; echo '<label>Day:</label>'; echo '<select name="guest['.$i.'][dob_day]">'; for($j=1;$j<32;$j++){ echo"<option value='$j'>$j</option>"; } echo '</select>'; echo '<label>Month:</label>'; echo '<select name="guest['.$i.'][dob_month]">'; for($j=0;$j<sizeof($month);$j++){ $value = ($j + 1); echo"<option value='$value'>$month[$j]</option>"; } echo '</select>'; echo '<label>Year:</label>'; echo '<select name="guest['.$i.'][dob_year]">'; for($j=1900;$j<$year_limit;$j++){ echo"<option value='$j'>$j</option>"; } echo '</select> <br><br>'; echo '<label>Sex:</label>'; echo '<select name="guest['.$i.']['.$sex.']">'; echo '<option>Female</option>'; echo '<option>Male</option>'; echo '</select><br><br>'; echo '<label>Table:</label>'; echo '<select name="guest['.$i.']['.$table.']">'; foreach($tables as $t){ echo '<option>'.$t.'</option>'; } echo '</select><br><br>'; echo '<label>Seat number:</label>'; echo '<select name="guest['.$i.']['.$seat_no.']">'; foreach($seats as $seat){ echo '<option>'.$seat.'</option>'; } echo '</select><br><br>'; //echo '<br>'; echo '</fieldset>'; echo '</div>'; } } else{ echo '<div id="volunteer">'; echo '<fieldset>'; echo '<legend>Volunteer:</legend>'; echo '<label>Table:</label>'; echo '<select name="volunteer['.$table.']">'; foreach($tables as $t){ echo '<option>'.$t.'</option>'; } echo '</select><br><br>'; echo '<label>Seat number:</label>'; echo '<select name="volunteer['.$seat_no.']">'; foreach($seats as $seat){ echo '<option>'.$seat.'</option>'; } echo '</select><br><br>'; //echo '<br>'; echo '</fieldset>'; echo '</div>'; } echo '<input type="submit" value="Submit form">'; echo '</form>'; here's checkout.php: if(isset($_POST['guest'])){ foreach($_POST['guest'] as $guest){ $guest['first_name'] = strip_tags($guest['first_name']); $guest['surname'] = strip_tags($guest['surname']); } //$_SESSION['guest'] = $guests; }

    Read the article

  • Why is ValidateInput(False) not working?

    - by xenosyde
    I am converting an application I created using webforms to the asp.net mvc framework using vb.net. I have a problem with one of my views. I get the yellow screen of death saying "A potentially dangerous Request.Form value was detected from the client" when I submit my form. I am using tinymce as my RTE. I have set on the view itself ValidateRequest="false" I know that in MVC it doesn't respect it on the view from what I've read so far. So I put it on the controller action as well. I have tried different setups: <ValidateInput(False), AcceptVerbs(HttpVerbs.Post)> _ ...and... <AcceptVerbs(HttpVerbs.Post), ValidateInput(False)> _ ...and like this as well... <ValidateInput(False)> _ <AcceptVerbs(HttpVerbs.Post)> _ Just to see if it made a difference, yet I still get the yellow screen of death. I only want to set it for this view and the specific action in my controller that my post pertains to. Am I missing something?

    Read the article

  • Django Form for date range

    - by gramware
    I am trying to come up with a form that lets the user select a date range to generate a web query in Django. I am having errors getting the date to filter with in my view, I am unable to strip the date. Here is my forms.py class ReportFiltersForm(forms.Form): start_date = forms.DateField(input_formats='%Y,%m,%d',widget=SelectDateWidget()) end_date = forms.DateField(input_formats='%Y,%m,%d',widget=SelectDateWidget()) And my view if request.method == 'POST': form = ReportFiltersForm(request.POST) sdy = request.POST['start_date_year'] sdm = request.POST['start_date_month'] sdd = request.POST['start_date_day'] edy = request.POST['end_date_year'] edm = request.POST['end_date_month'] edd = request.POST['end_date_day'] start_date= datetime.date(sdy, sdm, sdd) end_date= datetime.date(edy, edm,edd) Traceback Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/django/core/servers/basehttp.py", line 651, in __call__ return self.application(environ, start_response) File "/usr/lib/python2.6/site-packages/django/core/handlers/wsgi.py", line 241, in __call__ response = self.get_response(request) File "/usr/lib/python2.6/site-packages/django/core/handlers/base.py", line 134, in get_response return self.handle_uncaught_exception(request, resolver, exc_info) File "/usr/lib/python2.6/site-packages/django/core/handlers/base.py", line 154, in handle_uncaught_exception return debug.technical_500_response(request, *exc_info) File "/usr/lib/python2.6/site-packages/django/core/handlers/base.py", line 92, in get_response response = callback(request, *callback_args, **callback_kwargs) File "/home/projects/acms/cms/views.py", line 470, in eventreports start_date= datetime.date(sdy, sdm, sdd) TypeError: an integer is required

    Read the article

  • jquery validate: focusCleanup: true and focusInvalid: false don't work as expected

    - by laramichaels
    I am using Joern's jquery validation plugin 1.6. My goal is to have the following behavior: remove the error message for an element once the user focuses it. From what I understand setting 'focusCleanup: true' should take care of this. However (at least on my browser (Firefox 3.5.7 on Linux)), I only get the desired behavior (ie, error message for a field disappearing once you focus it) if I click into the field; it doesn't handle tabbing into the field correctly. Sample code: HTML: <form id='abc' name='abc'> <input type="text" id="t1" name="t1"/> <input type="text" id="t2" name="t2"/> <input type="submit" id="submit" value='submit'/> </form> JS: $("#abc").validate({ focusCleanup: true, focusInvalid: false, rules: {t1: {required: true, email:true}, t2: {required: true,email:true}} }); I am setting 'focusInvalid: false' because the docs say one should avoid combining focusCleanup and focusInvalid; in my experience commenting out that line makes no difference. Am I doing something wrong?

    Read the article

  • jQuery Validation Plugin: Validating Checkboxes with Different Names

    - by Michael
    I have a set of 4 checkboxes, all with different names, and require that at least 1 is checked. I know there are a few posts on here already trying to answer this question. The solution that seems to be most logical to me is the answer posted on Question 1734840, but I can't seem to get it working! What's wrong with my code? Or any other new coding ideas to get this working? I have set the class on all of them to 'require-one'. My jQuery code is $(document).ready(function(){ $("#itemForm").validate({ highlight: function(element, errorClass, validClass) { $(element).addClass(errorClass).removeClass(validClass); $(element.form).find("label[for=" + element.name + "]") .addClass("radioerror"); }, unhighlight: function(element, errorClass, validClass) { $(element).removeClass(errorClass).addClass(validClass); $(element.form).find("label[for=" + element.name + "]") .removeClass("radioerror"); }, rules: { 'require-one': { required : { depends: function(element) { var allBoxes = $('.require-one'); if (allBoxes.filter(':checked').length == 0) { if (allBoxes.eq(element).length != 0) { return true; } } return false; } } } , }, errorPlacement: function(error, element) { if ( element.is("#other_descrip") ) error.appendTo("#othererror" ); if ( element.is("#itemlist") ) error.appendTo("#itemerror" ); } }); });

    Read the article

  • Make fancybox jQuery plugin with results from submitting a form on same page

    - by Chase
    I am trying to take form results that are generated from a PHP call and populate them into a div that will then appear in a light box upon click of the submit button. So far I have successfully setup the form and am populating the results on the same page into a hidden div. I can make this div appear no problem in a light box by setting up a href link but cannot make it show up by simply by clicking the submit button. I know my fancybox and jQuery calls are good but not sure where I'm going wrong on the submit button. Here is what I have so far to make it work with a link: <script type="text/javascript"> $(document).ready(function(){ $("#various1").fancybox({ 'transitionIn' : 'none', 'transitionOut' : 'none', 'scrolling' : 'auto', 'overlayOpacity' : '0' }); }); </script> <a id="various1" href="#inline1" >Inline</a> <div style="display: none;"> <div id="inline1" style="width:500px;height:550px;"> Works great here when you click inline after I have submitted the form. Here is what I tried to make it work with the submit button: $(document).ready(function(){ $("#submit").click(function(){ alert('jQTest'); $("#various1").fancybox(); }); }); <input type="submit" name="submit" id="submit" value="--> Find" /> I think it has to be some way I'm calling the jQuery for the fancybox or some identifier for the submit button & div because the submit button click is registering fine. Suggestions?

    Read the article

< Previous Page | 106 107 108 109 110 111 112 113 114 115 116 117  | Next Page >