Search Results

Search found 3646 results on 146 pages for 'escape sequence'.

Page 116/146 | < Previous Page | 112 113 114 115 116 117 118 119 120 121 122 123  | Next Page >

  • Send Special Keys to Gtk.VteTerminal

    - by Ubersoldat
    Hi I have this OSS Project called Monocaffe connections manager which uses the Gtk.VteTerminal widget from PyGTK. A nice feature is that it allows the users to send commands to different servers' consoles (cluster mode) using a Gtk.TextView for the input. The way I send key strokes to each Gtk.VteTerminal is by using the feed_child method. For common keys there's no problem: I simply feed what the TextView receives to all the terminals, but when doing so with special keys I get into a little trouble. For "Return" I catch the event and feed the terminal a '\n'. For back-space is the same, catch the event and feed a '\b'. def cluster_backspace(self, widget): return self.cluster_send_key('\b') The problem comes with other keys like Tab, Arrows, Esc which I don't know how to feed as str to the terminal to recognize them. In the case of Esc is a real pain, because the users can edit the same file on different servers using vi, but cannot escape insert mode. Anyway, I'm not looking for a complete solution, just ideas since I've ran out of them. Thanks.

    Read the article

  • gevent urllib is slow

    - by djay
    I've created a set of demos of a TCP server however my gevent examples are noticely slower. I'm sure must be how I compiled gevent but can't work out the problem. I'm using OSX leopard using fink compiled python 2.6 and 2.7. I've tried both the stable gevent and gevent 1.0b1 and it acts the same. The echo takes 5 seconds to respond, where the other examples take <1sec. If I remove the urllib call then the problem goes away. I put all the code in https://github.com/djay/geventechodemo To run the examples I'm using zc.buildout so to build $ python2.7 bootstrap.py $ bin/buildout To run the gevent example: $ bin/py geventecho3.py & [1] 80790 waiting for connection... $ telnet localhost 8080 Trying 127.0.0.1... ...connected from: ('127.0.0.1', 56588) Connected to localhost. Escape character is '^]'. hello echo: avast This will take 3-4 seconds to respond on my system. However the twisted example $ bin/py threadecho2.py or the twisted example $ bin/py twistedecho2.py Is less than 1s. Any idea what I'm doing wrong?

    Read the article

  • How do I alias the scala setter method 'myvar_$(myval)' to something more pleasing when in java?

    - by feydr
    I've been converting some code from java to scala lately trying to tech myself the language. Suppose we have this scala class: class Person() { var name:String = "joebob" } Now I want to access it from java so I can't use dot-notation like I would if I was in scala. So I can get my var's contents by issuing: person = Person.new(); System.out.println(person.name()); and set it via: person = Person.new(); person.name_$eq("sallysue"); System.out.println(person.name()); This holds true cause our Person Class looks like this in javap: Compiled from "Person.scala" public class Person extends java.lang.Object implements scala.ScalaObject{ public Person(); public void name_$eq(java.lang.String); public java.lang.String name(); public int $tag() throws java.rmi.RemoteException; } Yes, I could write my own getters/setters but I hate filling classes up with that and it doesn't make a ton of sense considering I already have them -- I just want to alias the _$eq method better. (This actually gets worse when you are dealing with stuff like antlr because then you have to escape it and it ends up looking like person.name_\$eq("newname"); Note: I'd much rather have to put up with this rather than fill my classes with more setter methods. So what would you do in this situation?

    Read the article

  • php cURL. preg_match , extract text from xhtml

    - by Michael
    I'm trying to extract the price from the bellow html page/link using php cURL and preg_match . Basically I'm expecting for this code to output 4,550 but for some reasons I get Notice: Undefined offset: 1 in C:\wamp\www\test.php on line 22 I think that the pattern is correct because if I put the html itself in a variable and escape the "" it works ! . Also if I output (echo $result;) it displays the html properly grabbed from foxtons website so I just can't figure it out why the whole thing doesn't work . I need to make this work and also I would appreciate if you would tell me why is that notice generated and why my current script doesn't work. $url = "http://www.foxtons.co.uk/search?bedrooms_from=0&property_id=727717"; $ch = curl_init($url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1); $result = curl_exec($ch); curl_exec($ch); curl_close($ch); $result2 = str_replace('"', '\"', $result); $tagname1= ");<\/script "; $tagname2= "<\/noscript per month<\/a"; $pattern = "/$tagname1(.*?)$tagname2/"; preg_match($pattern, $result, $matches); $prices = $matches[1]; print_r($prices); ?

    Read the article

  • Anyone NOT using a Web Framework? Why?

    - by tom
    I'm well aware of the many reasons to use a web framework. I'm just wondering whether anyone out there is using absolutely no web framework whatsoever to develop their web projects. I would really love to know the reason(s) why you're not using a web framework. For the sake of this discussion, your programming language of choice does not matter. Some possibilities for discussion: You don't hide behind an ORM. You don't rely on any sort of templating system. You think MVC is a really nice TLA but lacks an essential vowel or two. No need for any additional javascript framework tomfoolery. You just write as much code as possible in your native programming language(s). Summary of reasons thus far: Language learning opportunities. Specific performance reasons (write-intensive transaction processing). Seeking more nuanced control over your data and applications (less abstraction). You're building your own framework! Prove to yourself that you can succeed (or fail) just like the big framework-building gurus. Integration issues with unpopular/legacy technologies (exotic databases or protocols come to mind). Big company, lots of code, no talent nor buy-in present to move to a web framework. Some frameworks really lock you in and cannot perpetually grow along with your needs. These few black sheep don't make it easy to jump outside of the framework, write some custom code, and easily jump back in. When you finally escape the asylum, you'll never look back.

    Read the article

  • Spawning vim from a node git hook

    - by Lawrence Jones
    I've got a project purely in coffeescript, with git hooks for deployment also written in cs. I don't really want to break away from the language just to use bash for a quick commit message formatter, but I've got a problem spawning vim from the commit-msg hook. I've seen here that when piping to vim, the stdio is not necessarily set correctly to the tty streams. I get how that could cause a problem, but I don't exactly know how to get vim to load correctly using nodes spawn command. At the moment I have... vim = (require 'child_process').spawn('vim', [file], stdio: 'inherit') vim.on 'exit', (err) -> console.log "Exited! [#{err}]" cb?() ...which works fine to spawn a vim process that can r/w from the parents stdio, but when I use this in the hook things go wrong. Vim states that the stdio is not from terminal, and then once opened typing causes escape characters to pop up all over the place. Backspace for example, will produce ^?. Any help would be appreciated!

    Read the article

  • How do I alias the scala setter method 'myvar_$eq(myval)' to something more pleasing when in java?

    - by feydr
    I've been converting some code from java to scala lately trying to teach myself the language. Suppose we have this scala class: class Person() { var name:String = "joebob" } Now I want to access it from java so I can't use dot-notation like I would if I was in scala. So I can get my var's contents by issuing: person = Person.new(); System.out.println(person.name()); and set it via: person = Person.new(); person.name_$eq("sallysue"); System.out.println(person.name()); This holds true cause our Person Class looks like this in javap: Compiled from "Person.scala" public class Person extends java.lang.Object implements scala.ScalaObject{ public Person(); public void name_$eq(java.lang.String); public java.lang.String name(); public int $tag() throws java.rmi.RemoteException; } Yes, I could write my own getters/setters but I hate filling classes up with that and it doesn't make a ton of sense considering I already have them -- I just want to alias the _$eq method better. (This actually gets worse when you are dealing with stuff like antlr because then you have to escape it and it ends up looking like person.name_\$eq("newname"); Note: I'd much rather have to put up with this rather than fill my classes with more setter methods. So what would you do in this situation?

    Read the article

  • What is Wordpress doing for content encoding in it's mysql database?

    - by qbxk
    For some convoluted reasons best left behind us, I require direct access the contents of a wordpress database. I'm using mysql 5.0.70-r1 on gentoo with wordpress 2.6, and perl 5.8.8 ftr. So, sometimes we get high-order characters in the blog, we have quite a few authors contributing too, for the most part these characters end up in wp's database in wp_posts.post_content or wp_postmeta.meta_value, Wordpress is displaying these correctly on it's site, but the database stores it using single byte encoding that I can't figure out how to convert to the correct string. Today's example: the blog shows this, and doesn't even seem to escape any chars in the html, Hãhãhães but the database, when viewed via the mysql prompt, has, Hãhãhães So clearly this is some kind of double-byte encoding issue, but I don't know how I can correct it. I need to be able to pull that second string from the database (b/c that's what it gives me) and convert it to the first one, and i need to do so using perl. also, just to help unmuddy any waters, I took these strings and printed out the ascii codes for each character using perl's ord() function. Here is the output of the "wrong" string H = 72 à = 195 £ = 163 h = 104 à = 195 £ = 163 h = 104 à = 195 £ = 163 e = 101 s = 115 This is the correct string, that I need to produce in my script H = 72 ã = 227 h = 104 ã = 227 h = 104 ã = 227 e = 101 s = 115

    Read the article

  • Do you ever make a code change and just test rather than trying to fully understand the change you'v

    - by Clay Nichols
    I'm working in a 12 year old code base which I have been the only developer on. There are times that I'll make a a very small change based on an intuition (or quantum leap in logic ;-). Usually I try to deconstruct that change and make sure I read thoroughly the code. However sometimes, (more and more these days) I just test and make sure it had the effect I wanted. (I'm a pretty thorough tester and would test even if I read the code). This works for me and we have surprisingly (compared to most software I see) few bugs escape into the wild. But what I'm wondering is whether this is just the "art" side of coding. Yes, in an ideal world you would exhaustively read every bit of code that your change modified, but I in practice, if you're confident that it only affects a small section of code, is this a common practice? I can obviously see where this would be a disastrous approach in the hands of a poor programmer. But then, I've seen programmers who ostensibly are reading the code and break stuff left and right (in their own code based which only they have been working on).

    Read the article

  • Cakephp 1.3, Weird behavior on firefox when using $this->Html->link ...

    - by ion
    Greetings, I am getting a very weird and unpredictable result in firefox when using the following syntax: $this->Html->link($this->Html->div('p-cpt',$project['Project']['name']) . $this->Html->div('p-img',$this->Html->image('/img/projects/'.$project['Project']['slug'].'/project.thumb.jpg', array('alt'=>$project['Project']['name'],'width'=>100,'height'=>380))),array('controller' => 'projects', 'action' => 'view', $project['Project']['slug']),array('title' => $project['Project']['name'], 'escape' => false),false); OK I know it is big but bear with me. The point is to get the following output: <a href="x" title="x"> <div class="p-ctp">Name</div> <div class="p-img"><img src="z width="y" height="a" alt="d" /></div> </a> I'm not sure if this validates correctly both on cakephp and html but it works everywhere else apart from firefox. You can actually see the result here: http://www.gnomonconstructions.com/projects/browser To reproduce the result use the form with different categories and press search. At some point it will happen!! Although most of the time it renders the way it should, sometimes it produces an invalid output like that: <a href="x" title="x"></a> <div class="p-cpt"> <a href="x" title="x">name</a> </div> <div class="p-img"> <a href="x" title="x"><img src="x" width="x" height="x" alt="x" /></a> </div> Looks like it repeats the link inside each element. To be honest the only reason I used this syntax was because cakephp encourages it. Any help will be much appreciated :)

    Read the article

  • Sphinx - delimiters

    - by yoda
    Hi, I would like to know if the Sphinx engine works with any delimiters (like commas and periods in normal MySQL). My question comes from the urge, not to use them at all, but to escape them or at least thay they don't enter in conflict when performing MATCH operations with FULLTEXT searches, since I have problems dealing with them in MySQL by default and I would prefer not to be forced to replace those delimiters by any other characters to provide a good set of results. Sorry if I'm saying something stupid, but I don't have experience with Sphinx or other complementary (?) search engines. To give you an example, if I perform a search with "Passat 2.0 TDI" MySQL by default would identify the period in this case as a delimiter and since the "2" and "0" are too short to be considered words by default, the results would be a bit messed up. Is it easy to handle with Sphinx (or other search engine)? I'm open to suggestions. This is for a large project, with probably more than 500.000 possible records (not trivial at all). Cheers!

    Read the article

  • What's the best way to send user-inputted text via AJAX to Google App Engine?

    - by Cuga
    I'm developing in Google App Engine (python sdk) and I want to use jQuery to send an Ajax request to store an answer to a question. What is the best way to send this data to the server? Currently I have: function storeItem(question_id) { var answerInputControl = ".input_answer_"+question_id; var answer_text = $(answerInputControl).text(); $.ajax({ type: "POST", url: "store_answer.html", data: "question="+question_id, success: function(responseText){ alert("Retrieved: " + responseText); } }); } This takes a question Id and provides it to the server via the query string. But on the server-side, I'm unable to access the content of the answer control which I want to store. Without Ajax, I'm able to perform this operation with the following: class StoreAnswers(webapp.RequestHandler): def post(self): question_id = self.request.get("question_id") answer_text = self.request.get("input_answer" + question_id) But when doing this call through Ajax, my answer_text is empty. Do I need to send the contents of this control as part of the data with the Ajax request? Do I add the control itself to the query string? Its contents? Does it matter that the content might be a few hundred characters long? Is this the most-recommended practice? If sending it as a query string, what's the best way to escape the content so that a malicious user doesn't harm the system?

    Read the article

  • How can accomplish an if else statement from the underscore template to mustache

    - by user2942566
    I have an underscore template and I have to use Mustache to render it. Below is my underscore template: <div id="sub-account"> <p>something</p> <table> <tr><td>Name</td> </tr> <tbody> <% _.each(accountList, function(account) { %> <tr> <td><%= account.get('name') %></td> </tr> <% }) %> </tbody> </table> </div> Im using a mustache as my main view to render a list. I also added _.templateSettings = { evaluate : /\{\[([\s\S]+?)\]\}/g, interpolate : /\{\{([\s\S]+?)\}\}/g, escape : /<%-([\s\S]+?)%>/g, }; to my undersocre.js settings. How can i loop through the code to render as a mustache template. Any ideas???

    Read the article

  • How to include and evaluate xhtml content represented as a String into a page using JSF?

    - by happycoder
    Hi! Im using JSF 1.2 and need to include xhtml content represented as a String in a bean. So, how can I get the content from a bean in xhtml but represented as a String and render it on the page? Here is an example: myPage.xhml ... xmlns:ui="http://java.sun.com/jsf/facelets" xmlns:h="http://java.sun.com/jsf/html" xmlns:a4j="http://richfaces.org/a4j" ... <h:panelGrid> <a4j:outputPanel ajaxRendered="true"> <ui:include src="#{myBean.someContent}" /> <!-- this doesnt work! --> </a4j:outputPanel> </h:panelGrid> ... MyBean.java ... class MyBean ... { private String someContent = "<h:panelGrid><h:outputText value=\"Name:\"/><h:inputText value=\"#{anotherBean.name}\" /></h:panelGrid>"; public String getSomeContent() { return someContent; } public void setSomeContent(String someContent) { this.someContent = someContent; } } i.e. in myPage.xhtml I want to read the someContent variable and include the content before page evaluation. The ui:include-tag nor the h:outputText escape="false" seems to work. /happycoder

    Read the article

  • IIS7.5 and MVC 2 : Implementing HTTP(S) security

    - by Program.X
    This is my first ASP.NET MVC application, and my first on an IIS 7.x installation whereby I have to do anything over and above the standard. I need to enforce Windows authentication on the /Index and /feeds/xxx.svc pages/services. In ASP.NET Web Forms, I would apply the Windows permissions on the files and remove Anonymous authentication in IIS 6. This needs to work over HTTP/S, but don't worry about that, that's in hand. What happens in MVC/IIS 7? I have tried modifying the permissions on the /Index.aspx view, which seems to block access. It asks me for a username/password, but does not grant access when I enter a valid username/password. Pressing Escape gives me an exception "*Access to the path 'E:\dev\xxx\xxx.ConsultantRegistration.Web.Admin\Views\ConsultantRegistration\index.aspx' is denied. *", which does get sent as a 401. So although the username/password does exist on the Index.aspx view, I can't use those credentials to access said view. I have in my web.config: What am I missing?

    Read the article

  • Porting Perl to C++ `print "\x{2501}" x 12;`

    - by jippie
    I am porting a program from Perl to C++ as a learning objective. I arrived at a routine that draws a table with commands like the following: Perl: print "\x{2501}" x 12; And it draws 12 times a '?' ("box drawings heavy horizontal"). Now I figured out part of the problem already: Perl: \x{}, \x00 Hexadecimal escape sequence; C++: \unnnn To print a single Unicode character: C++: printf( "\u250f\n" ); But does C++ have a smart equivalent for the 'x' operator or would it come down to a for loop? UPDATE Let me include the full source code I am trying to compile with the proposed solution. The compiler does throw an errors: g++ -Wall -Werror project.cpp -o project project.cpp: In function ‘int main(int, char**)’: project.cpp:38:3: error: ‘string’ is not a member of ‘std’ project.cpp:38:15: error: expected ‘;’ before ‘s’ project.cpp:39:3: error: ‘cout’ is not a member of ‘std’ project.cpp:39:16: error: ‘s’ was not declared in this scope #include <stdlib.h> #include <stdint.h> #include <stdio.h> #include <string.h> int main ( int argc, char *argv[] ) { if ( argc != 2 ) { fprintf( stderr , "usage: %s matrix\n", argv[0] ); exit( 2 ); } else { //std::string s(12, "\u250f" ); std::string s(12, "u" ); std::cout << s; } }

    Read the article

  • Evenly distribute data into columns with JavaScript

    - by marius.cdm
    I'm looking for a way to evenly distribute my JSON data into HTML columns. Using javascript to pull the data $.ajax({ url: "url", dataType: 'json', data: "e="+escape(divID), cache: true, success: function(data) { var items = data; // ??? $('.result').html(list); } }); Input data: ["A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K"] Expected result: <ul> <li>A</li> <li>B</li> <li>C</li> <li>D</li> </ul> <ul> <li>E</li> <li>F</li> <li>G</li> <li>H</li> </ul> <ul> <li>I</li> <li>J</li> <li>K</li> </ul> I found a partial result here, but the output data is in console. Any help would be appreciated.

    Read the article

  • Exploiting Path Traversal Vulnerability

    - by Maputo
    I have a Java Web App running on Tomcat on which I'm supposed to exploit Path traversal vulnerability. There is a section (in the App) at which I can upload a .zip file, which gets extracted in the server's /tmp directory. The content of the .zip file is not being checked, so basically I could put anything in it. I tried putting a .jsp file in it and it extracts perfectly. My problem is that I don't know how to reach this file as a "normal" user from browser. I tried entering ../../../tmp/somepage.jsp in the address bar, but Tomcat just strips the ../ and gives me http://localhost:8080/tmp/ resource not available. Ideal would be if I could somehow rename the somepage.jsp so that it gets extracted in the web directory of the Web App. But then, the Linux filesystem disallows slashes in filenames (e.g. ../../home/webapp/somepage.jsp). Are there maybe any escape sequences that would translate to / after extracting? Any ideas would be highly appreciated. Note: This is a school project in a Security course where I'm supposed to locate vulnerabilities and correct them. Not trying to harm anyone...

    Read the article

  • segmentation fault while using format string to scan input

    - by Aman Deep Gautam
    consider the code and its result: while ((row = mysql_fetch_row (table_info)) != NULL) { answer='\0'; printf ( "%s: ", row[0] ); scanf ( "%c", &answer ); getchar(); if ( answer == 'y') { printf ( "*****\n" ); table_name[index] = malloc ( strlen(row[0]) + 1 ); printf ( "*****\n" ); memcpy ( &table_name[index], &row[0], strlen(row[0]) + 1 ); } printf ( "finally inserted: %s \n", table_name[index]); } The result on execution: 1_time_access: y ***** ***** finally inserted: 1_time_access 2_time_access: y ***** ***** finally inserted: 2_time_access 39_time_access: y ***** ***** finally inserted: 39_time_access Explanation of result: row[0] has value 1_time_access, 2_time_access, 39_time_access. Now Consider a better way of doing it which is using a format string to escape the \n. I run the following code but it gives segentation fault, I cannot understand why. Code: while ((row = mysql_fetch_row (table_info)) != NULL) { answer='\0'; printf ( "%s: ", row[0] ); scanf ( "%[^\n]%*c", &answer ); if ( answer == 'y') { printf ( "*****\n" ); fflush(stdout); table_name[index] = malloc ( strlen(row[0]) + 1 ); printf ( "*****\n" ); fflush(stdout); memcpy ( &table_name[index], &row[0], strlen(row[0]) + 1 ); } printf ( "finally inserted: %s \n", table_name[index]); fflush(stdout); } Result: 1_time_access: y ***** ./set-env.sh: line 17: 15263 Segmentation fault (core dumped) ./exec dataset_one (do not worry about set-env.sh, it is the script running th program.) I canot understand why this is happening.

    Read the article

  • SINGLE SIGN ON SECURITY THREAT! FACEBOOK access_token broadcast in the open/clear

    - by MOKANA
    Subsequent to my posting there was a remark made that this was not really a question but I thought I did indeed postulate one. So that there is no ambiquity here is the question with a lead in: Since there is no data sent from Facebook during the Canvas Load process that is not at some point divulged, including the access_token, session and other data that could uniquely identify a user, does any one see any other way other than adding one more layer, i.e., a password, sent over the wire via HTTPS along with the access_toekn, that will insure unique untampered with security by the user? Using Wireshark I captured the local broadcast while loading my Canvas Application page. I was hugely surprised to see the access_token broadcast in the open, viewable for any one to see. This access_token is appended to any https call to the Facebook OpenGraph API. Using facebook as a single click log on has now raised huge concerns for me. It is stored in a session object in memory and the cookie is cleared upon app termination and after reviewing the FB.Init calls I saw a lot of HTTPS calls so I assumed the access_token was always encrypted. But last night I saw in the status bar a call from what was simply an http call that included the App ID so I felt I should sniff the Application Canvas load sequence. Today I did sniff the broadcast and in the attached image you can see that there are http calls with the access_token being broadcast in the open and clear for anyone to gain access to. Am I missing something, is what I am seeing and my interpretation really correct. If any one can sniff and get the access_token they can theorically make calls to the Graph API via https, even though the call back would still need to be the site established in Facebook's application set up. But what is truly a security threat is anyone using the access_token for access to their own site. I do not see the value of a single sign on via Facebook if the only thing that was established as secure was the access_token - becuase for what I can see it clearly is not secure. Access tokens that never have an expire date do not change. Access_tokens are different for every user, to access to another site could be held tight to just a single user, but compromising even a single user's data is unacceptable. http://www.creatingstory.com/images/InTheOpen.png Went back and did more research on this: FINDINGS: Went back an re ran the canvas application to verify that it was not any of my code that was not broadcasting. In this call: HTTP GET /connect.php/en_US/js/CacheData HTTP/1.1 The USER ID is clearly visible in the cookie. So USER_ID's are fully visible, but they are already. Anyone can go to pretty much any ones page and hover over the image and see the USER ID. So no big threat. APP_ID are also easily obtainable - but . . . http://www.creatingstory.com/images/InTheOpen2.png The above file clearly shows the FULL ACCESS TOKEN clearly in the OPEN via a Facebook initiated call. Am I wrong. TELL ME I AM WRONG because I want to be wrong about this. I have since reset my app secret so I am showing the real sniff of the Canvas Page being loaded. Additional data 02/20/2011: @ifaour - I appreciate the time you took to compile your response. I am pretty familiar with the OAuth process and have a pretty solid understanding of the signed_request unpacking and utilization of the access_token. I perform a substantial amount of my processing on the server and my Facebook server side flows are all complete and function without any flaw that I know of. The application secret is secure and never passed to the front end application and is also changed regularly. I am being as fanatical about security as I can be, knowing there is so much I don’t know that could come back and bite me. Two huge access_token issues: The issues concern the possible utilization of the access_token from the USER AGENT (browser). During the FB.INIT() process of the Facebook JavaScript SDK, a cookie is created as well as an object in memory called a session object. This object, along with the cookie contain the access_token, session, a secret, and uid and status of the connection. The session object is structured such that is supports both the new OAuth and the legacy flows. With OAuth, the access_token and status are pretty much al that is used in the session object. The first issue is that the access_token is used to make HTTPS calls to the GRAPH API. If you had the access_token, you could do this from any browser: https://graph.facebook.com/220439?access_token=... and it will return a ton of information about the user. So any one with the access token can gain access to a Facebook account. You can also make additional calls to any info the user has granted access to the application tied to the access_token. At first I thought that a call into the GRAPH had to have a Callback to the URL established in the App Setup, but I tested it as mentioned below and it will return info back right into the browser. Adding that callback feature would be a good idea I think, tightens things up a bit. The second issue is utilization of some unique private secured data that identifies the user to the third party data base, i.e., like in my case, I would use a single sign on to populate user information into my database using this unique secured data item (i.e., access_token which contains the APP ID, the USER ID, and a hashed with secret sequence). None of this is a problem on the server side. You get a signed_request, you unpack it with secret, make HTTPS calls, get HTTPS responses back. When a user has information entered via the USER AGENT(browser) that must be stored via a POST, this unique secured data element would be sent via HTTPS such that they are validated prior to data base insertion. However, If there is NO secured piece of unique data that is supplied via the single sign on process, then there is no way to guarantee unauthorized access. The access_token is the one piece of data that is utilized by Facebook to make the HTTPS calls into the GRAPH API. it is considered unique in regards to BOTH the USER and the APPLICATION and is initially secure via the signed_request packaging. If however, it is subsequently transmitted in the clear and if I can sniff the wire and obtain the access_token, then I can pretend to be the application and gain the information they have authorized the application to see. I tried the above example from a Safari and IE browser and it returned all of my information to me in the browser. In conclusion, the access_token is part of the signed_request and that is how the application initially obtains it. After OAuth authentication and authorization, i.e., the USER has logged into Facebook and then runs your app, the access_token is stored as mentioned above and I have sniffed it such that I see it stored in a Cookie that is transmitted over the wire, resulting in there being NO UNIQUE SECURED IDENTIFIABLE piece of information that can be used to support interaction with the database, or in other words, unless there were one more piece of secure data sent along with the access_token to my database, i.e., a password, I would not be able to discern if it is a legitimate call. Luckily I utilized secure AJAX via POST and the call has to come from the same domain, but I am sure there is a way to hijack that. I am totally open to any ideas on this topic on how to uniquely identify my USERS other than adding another layer (password) via this single sign on process or if someone would just share with me that I read and analyzed my data incorrectly and that the access_token is always secure over the wire. Mahalo nui loa in advance.

    Read the article

  • How can I serialize functions using JSON or some other serialization library?

    - by Oragamster
    I am trying to create a program that uses javascript to write a simple textadventure that I can then post on my blog and run on my iphone. I have run into a problem though. I was trying to make it so that my program would save it's state into cookies using JSON to convert it into strings and then post it into a cookie but then I realised that I couldn't serialize the functions that are on my item object. I was trying to make it so that my item would have an associative array that would contain the name of the use as the key and the function as the value. This worked well untill I tried to serialize it. I learned that I could create a JSON like serialization for functions by storing the body into a string and using escape charectors for the double quotes but for some reason I was unable to make my cookie with the function as the string stored. When I posted the cookie and then tried to get it back the string wasn't there. My code and the over all project are on my site if you want to look at that, though my full code including the item actions are not posted yet.

    Read the article

  • Unexpected output using subprocess in Python

    - by Vic
    I am trying to run a shell command from within my Python (version 2.6.5) code, but it is generating different output than the same command run within the shell (bash): bash: ~> ifconfig eth0 | sed -rn 's/inet addr:(([0-9]{1,3}\.){3}[0-9]{1,3}).*/\1/p' | sed 's/^[ \t]*//;s/[ \t]*$//' 192.168.1.10 Python: >>> def get_ip(): ... cmd_string = "ifconfig eth0 | sed -rn \'s/inet addr:(([0-9]{1,3}\.){3}[0-9]{1,3}).*/\1/p' | sed 's/^[ \t]*//;s/[ \t]*$//\'" ... process = subprocess.Popen(cmd_string, shell=True, stdout=subprocess.PIPE) ... out, err = process.communicate() ... return out ... >>> get_ip() '\x01\n' My guess is that I need to escape the quotes somehow when running in python, but I am not sure how to go about this. NOTE: I cannot install additional modules or update python on the machine that this code needs to be run on. It needs to work as-is with Python 2.6.5 and the standard library.

    Read the article

  • How to manipulate string to delete quotes?

    - by user1751581
    I am trying to manipulate a string so that any quotes (") within <a href> and <\a> get taken out... Sorry if its been asked before but I just can't get it to work! By the way, I am POSTing the data from a form and then manipulating the string. This is basically html but its in the form of a string, and I want to take out quotes on things like images and links... Another thing is, I do not want to escape the quotes because that would break the link... And the whole point is that the html can be used and work fine... But now, something is automatically creating a second set of quotes inside the normal quotes, like this: <a href="\"http://www.example.com/\""></a> Example input would be: <p><a href="http://www.example.com">example</a></p> Heres how it appears when I echo it however: <p><a href=\"http://www.example.com\">example</a></p> Heres how I want it to look: <p><a href="http://www.example.com">example</a></p> So I would actually be trying to get rid of the (/) my bad...

    Read the article

  • Where to turn upon realizing I can't program my way out of a paper bag?

    - by luminarious
    I have no job and just enough money to get by until April or so. While looking for work, I figured I might as well go through with a pet project, a browser based card game. Make it nice and free, collect donations and maybe earn enough for a movie ticket to escape reality for a while. I have dabbled in web development a bit. I can make simple stuff happen with JS/PHP if I follow tutorials. I designed my own art blog's template - http://luminarious.tumblr.com. I can visualise the game working in my head, flowcharts and everything. But then I tried to go deeper with Javascript and almost had an aneurysm before understanding what a closure is. Wether I suck at learning, have ADD or fail epically at productivity, I have not got much done. Coming up with ideas, screen mock-ups and so forth was very enjoyable, but actual implementation.. not so much. In fact, I cry a bit every time I think about the time someone competent could have finished this in. I'd like to excuse myself with my ENTP personality type, but that hardly solves anything. Rather, I'd like to know to get from A (bunch of ideas with little semblance to a web app) to B (something to proudly show others) while being unable to pay anyone? Are there any secret techniques for learning? Is there any way to get mentoring or code review? Is there anyone with too much free time willing to code for me? How to trust someone to not steal my code when I ask for assistance? Is there anything I should have asked instead of any of those?

    Read the article

  • Getting the error "Missing $ inserted" in LaTeX

    - by Espenhh
    Hey, I try to write the following in latex: \begin{itemize} \item \textbf{insert(element|text)} inserts the element or text passed at the start of the selection. \item \textbf{insert_after(element|text)} inserts the element or text passed at the end of the selection. \item \textbf{replace(element|text)} replaces the selection with the passed text/element. \item \textbf{delete()} deletes the selected text. \item \textbf{annotate(name,value)} annotates the selected text with the passed name and value-pair. This can either be a hidden meta-data about the selection, or can alter the visible appearance. \item \textbf{clear_annotation()} removes any annotation for this specific selection. \item \textbf{update_element(value)} performs an update of the element at the selection with the passed value. \end{itemize} For some reason, I get a bunch of errors. I think there is something with the use of the word "insert". I get errors like "Missing $ inserted", so it seems like the parses tries to fix some "errors" on my parts. Do I need to escape words like "insert", how do I do that?

    Read the article

< Previous Page | 112 113 114 115 116 117 118 119 120 121 122 123  | Next Page >