Search Results

Search found 9715 results on 389 pages for 'bad passwords'.

Page 120/389 | < Previous Page | 116 117 118 119 120 121 122 123 124 125 126 127 | Next Page >

Blueprint CSS and Separation of Presentation and Content When Designing Forms

- by Merritt

Is it possible to use Blueprint CSS and maintain a a respectable level of separation between presentation and content? I like how easy the framework is to use when designing forms, but am worried that the manner in which I use the css classes for columnizing elements is a bad practice. For instance, say I have a 3 field form designed using blueprint: <div class="container"> <form action="" method="post" class="inline"> <fieldset> <legend>Example</legend> <div class="span-3"> <label for="a">Label A:</label> <input type="text" class="text" id="a" name="a" > </div> <div class="span-2"> <label for="b">Label B:</label> <input type="text" class="text" id="b" name="b" > </div> <div class="span-3"> <label for="o">Label O:</label> <input type="checkbox" id="o" name="o" value="true" checked="checked" class="checkbox">checkbox one </div> <div class="span-2 last"> <input type="submit" value="submit" class="button"> </div> </fieldset> </form> </div> Is using a class attribute with names like "span-2", "inline", and "last" a bad practice? Or am I missing the point?

Read the article
SQL Exception: "Impersonate Session Security Context" cannot be called in this batch because a simul

- by kasey

When opening a connection to SQL Server 2005 from our web app, we occasionally see this error: "Impersonate Session Security Context" cannot be called in this batch because a simultaneous batch has called it. We use MARS and connection pooling. The exception originates from the following piece of code: protected SqlConnection Open() { SqlConnection connection = new SqlConnection(); connection.ConnectionString = m_ConnectionString; if (connection != null) { try { connection.Open(); if (m_ExecuteAsUserName != null) { string sql = Format("EXECUTE AS LOGIN = {0};", m_ExecuteAsUserName); ExecuteCommand(connection, sql); } } catch (Exception exception) { connection.Close(); connection = null; } } return connection; } I found an MS Connect article which suggests that the error is caused when a previous command has not yet terminated before the EXECUTE AS LOGIN command is sent. Yet how can this be if the connection has only just been opened? Could this be something to do with connection pooling interacting strangely with MARS? UPDATE: For the short-term we have implemented a workaround by clearing out the connection pool whenever this happens, to get rid of the bad connection, as it otherwise keeps getting handed back to various users. (Not too bad as this only happens a couple of times a day.) But if anyone has any further ideas, we are still looking out for a real solution...

Read the article
Large number of simultaneous long-running operations in Qt

- by Hostile Fork

I have some long-running operations that number in the hundreds. At the moment they are each on their own thread. My main goal in using threads is not to speed these operations up. The more important thing in this case is that they appear to run simultaneously. I'm aware of cooperative multitasking and fibers. However, I'm trying to avoid anything that would require touching the code in the operations, e.g. peppering them with things like yieldToScheduler(). I also don't want to prescribe that these routines be stylized to be coded to emit queues of bite-sized task items...I want to treat them as black boxes. For the moment I can live with these downsides: Maximum # of threads tend to be O(1000) Cost per thread is O(1MB) To address the bad cache performance due to context-switches, I did have the idea of a timer which would juggle the priorities such that only idealThreadCount() threads were ever at Normal priority, with all the rest set to Idle. This would let me widen the timeslices, which would mean fewer context switches and still be okay for my purposes. Question #1: Is that a good idea at all? One certain downside is it won't work on Linux (docs say no QThread::setPriority() there). Question #2: Any other ideas or approaches? Is QtConcurrent thinking about this scenario? (Some related reading: how-many-threads-does-it-take-to-make-them-a-bad-choice, many-threads-or-as-few-threads-as-possible, maximum-number-of-threads-per-process-in-linux)

Read the article
FindBugs controversial description

- by Tom Brito

Am I understanding it wrong, or is the description wrong? Equals checks for noncompatible operand (EQ_CHECK_FOR_OPERAND_NOT_COMPATIBLE_WITH_THIS) This equals method is checking to see if the argument is some incompatible type (i.e., a class that is neither a supertype nor subtype of the class that defines the equals method). For example, the Foo class might have an equals method that looks like: public boolean equals(Object o) { if (o instanceof Foo) return name.equals(((Foo)o).name); else if (o instanceof String) return name.equals(o); else return false; This is considered bad practice, as it makes it very hard to implement an equals method that is symmetric and transitive. Without those properties, very unexpected behavoirs are possible. From: http://findbugs.sourceforge.net/bugDescriptions.html#EQ_CHECK_FOR_OPERAND_NOT_COMPATIBLE_WITH_THIS The description says that the Foo class might have an equals method like that, and after it says that "This is considered bad practice". I'm not getting the "right way".. How should the following method be to be right? @Override public boolean equals(Object obj) { if (obj instanceof DefaultTableModel) return model.equals((DefaultTableModel)obj); else return false; }

Read the article
Environment variable names with parentheses, like %ProgramFiles(x86)%, in PowerShell?

- by jwfearn

How does one get the value of environment variable whose name contains parentheses in a PowerShell script? To complicate matters, some variables names contains parentheses while others have similar names without parenteses. For example (using cmd.exe): C:\>set | find "ProgramFiles" CommonProgramFiles=C:\Program Files\Common Files CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files ProgramFiles=C:\Program Files ProgramFiles(x86)=C:\Program Files (x86) We see that %ProgramFiles% is not the same as %ProgramFiles(x86)%. My PowerShell code is failing in a weird way because it's ignoring the part of the environment variable name after the parentheses. Since this happens to match the name of a different, but existing, environment variable I don't fail, I just get the right value of the wrong variable. Here's a test function in the PowerShell scripting language to illustrate my problem: function Do-Test { $ok = "C:\Program Files (x86)" # note space between 's' and '( $bad = "$Env:ProgramFiles" + "(x86)" # uses %ProgramFiles% $bin32 = "$Env:ProgramFiles(x86)" # LINE 6, I want to use %ProgramFiles(x86)% if ( $bin32 -eq $ok ) { Write-Output "Pass" } elseif ( $bin32 -eq $bad ) { Write-Output "Fail: %ProgramFiles% used instead of %ProgramFiles(x86)%" } else { Write-Output "Fail: some other reason" } } And here's the output: PS> Do-Test Fail: %ProgramFiles% used instead of %ProgramFiles(x86)% Is there a simple change I can make to line 6 above to get the correct value of %ProgramFiles(x86)%? *NOTE: In the text of this post I am using batch file syntax for environment variables as a convenient shorthand. For example %SOME_VARIABLE% means "the value of the environment variable whose name is SOME_VARIABLE". If I knew the properly escaped syntax in PowerShell, I wouldn't need to ask this question.*

Read the article
C# - WinForms - Exception Handling for Events

- by JustLooking

Hi all, I apologize if this is a simple question (my Google-Fu may be bad today). Imagine this WinForms application, that has this type of design: Main application - shows one dialog - that 1st dialog can show another dialog. Both of the dialogs have OK/Cancel buttons (data entry). I'm trying to figure out some type of global exception handling, along the lines of Application.ThreadException. What I mean is: Each of the dialogs will have a few event handlers. The 2nd dialog may have: private void ComboBox_SelectedIndexChanged(object sender, EventArgs e) { try { AllSelectedIndexChangedCodeInThisFunction(); } catch(Exception ex) { btnOK.enabled = false; // Bad things, let's not let them save // log stuff, and other good things } } Really, all the event handlers in this dialog should be handled in this way. It's an exceptional-case, so I just want to log all the pertinent information, show a message, and disable the okay button for that dialog. But, I want to avoid a try/catch in each event handler (if I could). A draw-back of all these try/catch's is this: private void someFunction() { // If an exception occurs in SelectedIndexChanged, // it doesn't propagate to this function combobox.selectedIndex = 3; } I don't believe that Application.ThreadException is a solution, because I don't want the exception to fall all the way-back to the 1st dialog and then the main app. I don't want to close the app down, I just want to log it, display a message, and let them cancel out of the dialog. They can decide what to do from there (maybe go somewhere else in the app). Basically, a "global handler" in between the 1st dialog and the 2nd (and then, I suppose, another "global handler" in between the main app and the 1st dialog). Thanks.

Read the article
FindBugs controversal description

- by Tom Brito

Am I understanding it wrong, or is the description wrong? Equals checks for noncompatible operand (EQ_CHECK_FOR_OPERAND_NOT_COMPATIBLE_WITH_THIS) This equals method is checking to see if the argument is some incompatible type (i.e., a class that is neither a supertype nor subtype of the class that defines the equals method). For example, the Foo class might have an equals method that looks like: public boolean equals(Object o) { if (o instanceof Foo) return name.equals(((Foo)o).name); else if (o instanceof String) return name.equals(o); else return false; This is considered bad practice, as it makes it very hard to implement an equals method that is symmetric and transitive. Without those properties, very unexpected behavoirs are possible. From: http://findbugs.sourceforge.net/bugDescriptions.html#EQ_CHECK_FOR_OPERAND_NOT_COMPATIBLE_WITH_THIS The description says that the Foo class might have an aquals method like that, and after it says that "This is considered bad practice". I'm not getting the "right way".. How should the following method be to be right? @Override public boolean equals(Object obj) { if (obj instanceof DefaultTableModel) return model.equals((DefaultTableModel)obj); else return false; }

Read the article
Spam proof hit counter in Django

- by Jim Robert

I already looked at the most popular Django hit counter solutions and none of them seem to solve the issue of spamming the refresh button. Do I really have to log the IP of every visitor to keep them from artificially boosting page view counts by spamming the refresh button (or writing a quick and dirty script to do it for them)? More information So right now you can inflate your view count with the following few lines of Python code. Which is so little that you don't even really need to write a script, you could just type it into an interactive session: from urllib import urlopen num_of_times_to_hit_page = 100 url_of_the_page = "http://example.com" for x in range(num_of_times_to_hit_page): urlopen(url_of_the_page) Solution I'll probably use To me, it's a pretty rough situation when you need to do a bunch of writes to the database on EVERY page view, but I guess it can't be helped. I'm going to implement IP logging due to several users artificially inflating their view count. It's not that they're bad people or even bad users. See the answer about solving the problem with caching... I'm going to pursue that route first. Will update with results. For what it's worth, it seems Stack Overflow is using cookies (I can't increment my own view count, but it increased when I visited the site in another browser.) I think that the benefit is just too much, and this sort of 'cheating' is just too easy right now. Thanks for the help everyone!

Read the article
What's wrong with this regex (VBScript/Javascript flavor)

- by OtherMichael

I'm trying to run a regular expression in VBA code that uses Microsoft VBScript Regular Expressions 5.5 (should be the same as JavaScript regex) regex: ^[0-9A-Z]?[0-9A-Z]{3}[A-Z]?([0-9A-Z]{6})-?([0-9])?$ input: X123A1234567 match: 123456 the six characters I'm interested in give a good match of 123456, ignoring the last (check) digit. Perfect. (The check digit is captured, but it's not a major concern to me). But when BOTH the optional portions are gone (they are optional) the match grabs the last digit GOOD input: 123A1234567 match: 123456 Leave in the optional middle alpha, take out the optional leading alpha, and we still get the good match of 123456 GOOD input: X1231234567 match: 123456 Leave in the optional leading alpha, take out the middle optional alpha, and we still get a good match of 123456 BAD input: 1231234567 match: 234567 Take out BOTH optional alphas, and we get a bad match of 234567 Have a looksee @ the regex testers on http://www.regular-expressions.info/javascriptexample.html or http://www.regular-expressions.info/vbscriptexample.html What am I missing, here? How can I get the regex to ignore the last digit when both optional alphas are missing? The regex is used to feed a lookup system, so that no matter what format the input data, we can match to a complete value.

Read the article
What's with the love of dynamic Languages

- by Kibbee

It seems that everybody is jumping on the dynamic, non-compiled bandwagon lately. I've mostly only worked in compiled, static typed languages (C, Java, .Net). The experience I have with dynamic languages is stuff like ASP (Vb Script), JavaScript, and PHP. Using these technologies has left a bad taste in my mouth when thinking about dynamic languages. Things that usually would have been caught by the compiler such as misspelled variable names and assigning an value of the wrong type to a variable don't occur until runtime. And even then, you may not notice an error, as it just creates a new variable, and assigns some default value. I've also never seen intellisense work well in a dynamic language, since, well, variables don't have any explicit type. What I want to know is, what people find so appealing about dynamic languages? What are the main advantages in terms of things that dynamic languages allow you to do that can't be done, or are difficult to do in compiled languages. It seems to me that we decided a long time ago, that things like uncompiled asp pages throwing runtime exceptions was a bad idea. Why is there is a resurgence of this type of code? And why does it seem to me at least, that Ruby on Rails doesn't really look like anything you couldn't have done with ASP 10 years ago?

Read the article
How best to embed multiple Flash Player instances using swfobject via a usercontrol?

- by panamack

I have a ListView on a Page within a MasterPage and some very ugly ugly autogenerated IDs. Such as..."ctl00_workbenchPlaceHolder_ListView1_ctrl1_LibItem2One" Using swfobject.embedSWF(...) requires me to hand over the id of a div on my page that can be replaced with object/embed markup depending on the browser context. My aim is to show the user a collection of video's they have uploaded to their website so they can review them and change some related data if desired. Hence the ListView which is populated via a SQLDataSource which currently provides a number of URLs pointing to .flv files. But it ain't gonna work if I put a <div id="replaceme"></div>' in my user control because I may then have more than one id="replaceme" and poor swfobject won't like it. So my evil solution is to put an <asp:Literal> in my usercontrol and build the script, function name and div tag id as a string. ApplyVideoConfiguration is called if the library object retreived from the database is a video and switches to the relevant View of a MultiView control. protected void ApplyVideoConfiguration() { MultiViewLibItem.ActiveViewIndex = 3; string functionName = "MakeFlashFor_" + this.ClientID; string divId = "fp" + this.ClientID; VideoScriptLiteral.Text = "<script type=\"text/javascript\">" + "Sys.Application.add_load(" + functionName + ");" + "function " + functionName + "(){" + "swfobject.embedSWF('PanamaVideoThumbnail.swf', '" + divId + "', '140', '127', '10');" + "};" + "</script>" + "<div id=\"" + divId + "\" ></div>" ; } I was wondering, just how bad a solution is this, I'm really completely inexperienced when it comes to best practices but my instincts are telling me this is bad, although it does succeed in the aim of embedding some Flash Player instances. Can anyone help me make it beautiful?

Read the article
Sql serve Full Text Search with Containstable is very slow when Used in JOIN!

- by Bob

Hello, I am using sql 2008 full text search and I am having serious issues with performance depending on how I use Contains or ContainsTable. Here are sample: (table one has about 5000 records and there is a covered index on table1 which has all the fields in the where clause. I tried to simplify the statements so forgive me if there is syntax issues.) Scenario 1: select * from table1 as t1 where t1.field1=90 and t1.field2='something' and Exists(select top 1 * from containstable(table1,*, 'something') as t2 where t2.[key]=t1.id) results: 10 second (very slow) Scenario 2: select * from table1 as t1 join containstable(table1,*, 'something') as t2 on t2.[key] = t1.id where t1.field1=90 and t1.field2='something' results: 10 second (very slow) Scenario 3: Declare @tbl Table(id uniqueidentifier primary key) insert into @tbl select {key] from containstable(table1,*, 'something') select * from table1 as t1 where t1.field1=90 and t1.field2='something' and Exists(select id from @tbl as tbl where id=req1.id) results: fraction of a second (super fast) Bottom line, it seems if I use Containstable in any kind of join or where clause condition of a select statement that also has other conditions, the performance is really bad. In addition if you look at profiler, the number of reads from the database goes to the roof. But if I first do the full text search and put results in a table variable and use that variable everything goes super fast. The number of reads are also much lower. It seems in "bad" scenarios, somehow it gets stuck in a loop which causes it to read many times from teh database but of course I don't understant why. Now the question is first of all whyis that happening? and question two is that how scalable table variables are? what if it results to 10s of thousands of records? is it still going to be fast. Any ideas? Thanks

Read the article
Athentication Problem - not recognizing 'else' - Ruby on rails...

- by bgadoci

I can't seem to figure out what I am doing wrong here. I have implemented the Super Simple Authentication from Ryan Bates tutorial and while the login portion is functioning correctly, I can't get an error message and redirect to happen correctly for a bad login. Ryan Bates admits in his comments he left this out but can't seem to implement his recommendation. Basically what is happening is that when someone logs in correctly it works. When a bad password is entered it does the same redirect and flashes 'successfully logged in' thought they are not. The admin links do not show (which is correct and are the links protected by the <% if admin? %) but I need it to say 'failed login' and redirect to login path. Here is my code: SessionsController class SessionsController < ApplicationController def create if session[:password] = params[:password] flash[:notice] = 'Successfully logged in' redirect_to posts_path else flash[:notice] = "whoops" redirect_to login_path end end def destroy reset_session flash[:notice] = 'Successfully logged out' redirect_to posts_path end end ApplicationController class ApplicationController < ActionController::Base helper_method :admin? protected def authorize unless admin? flash[:error] = "unauthorized request" redirect_to posts_path false end end def admin? session[:password] == "string0826" end helper :all # include all helpers, all the time protect_from_forgery # See ActionController::RequestForgeryProtection for details # end

Read the article
Google's Oauth for Installed apps vs. Oauth for Web Apps

- by burgerguy

So I'm having trouble understanding something... If you do Oauth for Web Apps, you register your site with a callback URL and get a unique consumer secret key. But once you've obtained an Oauth for Web Apps token, you don't have to generate Oauth calls to the google server from your registered domain. I regularly use my key and token from scripts running via an apache server at localhost on my laptop and Google never says "you're not sending this request from the registered domain." It just sends me the data. Now, as I understand it, if you do Oauth for Installed Apps, you use "anonymous" instead of a secret key you got from Google. I've been thinking of just using the OAuth for Web Apps auth method, then passing that token to an installed app that has my secret code embedded in its innards. The worry is that the code could be discovered by bad people. But what's more secure... making them work for the secret code or letting them default to anonymous? What really goes bad if the "secret" is discovered when the alternative is using "anonymous" as the secret?

Read the article
Optimize inserts

- by ikerib

Hi! I did an importer in VB .Net witch get data from an SQLServer an inserts this data throught ADSL connection in a remote MySQL server. in the first time, it was like 200 records, but now there are more than 500.000 records and it expends like 11hours exporting all the data and that is bad, veryyy bad. I need to optimize my importer, witch now gets the data into a datatable an them i have a function witch with a loop (row to row) inserts the data with a "insert into" query... like this: For Each dr As DataRow In dt.Rows Console.Write(".") Dim sql As String = "INSERT INTO clientes(id,nombrefis,nombrecom,direccion,codpos,municipio_id,telefono,fax,cif)" & _ "VALUES (@id,@nombrefis,@nombrecom,@direccion,@codpos,@municipio_id,@telefono,@fax,@cif)" cmd = New MySqlCommand(sql, cnn) cmd.Parameters.AddWithValue("id", Int32.Parse(dr("ID EMPRESA").ToString)) cmd.Parameters.AddWithValue("nombrefis", dr("NOMEMP")) cmd.Parameters.AddWithValue("nombrecom", dr("EMPRESA")) cmd.Parameters.AddWithValue("direccion", dr("DIRECC")) cmd.Parameters.AddWithValue("codpos", dr("CODPOS")) cmd.Parameters.AddWithValue("municipio_id", Int32.Parse(dr("CODIGO MUNICIPIO")).ToString) cmd.Parameters.AddWithValue("telefono", dr("TELEF")) cmd.Parameters.AddWithValue("fax", dr("FAX")) cmd.Parameters.AddWithValue("cif", dr("CIF")) cmd.ExecuteNonQuery() Next any ideas or advices? thanks so much

Read the article
Using hg repository as web site

- by Tex

This is somewhat related to my security question here. Is it a bad idea to use an hg / mercurial repository for a live website? If so, why? Furthermore, we have dev, test and production installations of our website, like dev.example.com, test.example.com and www.example.com. If it's a bad idea to use a repository for a live/production website, would it be OK to use an hg repository for the dev and test sites? I'm also concerned about ease of deployment. We have technical and less technical co-workers who will be working with the site. The technical guys (software engineers) won't have any problem working with the command line or TortoiseHG. I'm more concerned about the less technical guys (web designers). They won't be comfortable working on the command line, and may even find TortoiseHG daunting. These guys mostly upload .css files and images to the server. I'd like for these files (at least the .css files) to be under version control, but I want this to be as transparent as possible for the non technical guys. What's the best way to achieve this? Edit: Our 'site' is actually a multi-site CMS setup with a main repository and several subrepositories. Mock-up of the repository structure: /root [main repository containing core files and subrepositories] /modules [modules subrepository] /sites/global [subrepository for global .css and .php files] /sites/site1 [site1 subrepository] ... /sites/siteN [siteN subrepository] Software engineers would work in the root, modules and sites/global repositories. Less technical guys (web designers) would work only in the site1 ... siteN subrepositories.

Read the article
Modeling related objects and their templates

- by Duddle

Hello everybody! I am having trouble correctly modeling related objects that can use templates. This is not homework, but part of a small project in the university. In this application the user can add several elements, which can either be passive or active. Each concrete element has different attributes, these must be set by the user. See diagram 1: Since the user will create many elements, we want there to be templates for each type of element, so some of the attributes are filled in automatically. See diagram 2: In my opinion, this is a bad design. For example, to get all possible templates for a PassiveElementA-object, there has to be a list/set somewhere that only holds PassiveElementATemplate-objects. There has to be a separate list for each subclass of Element. So if you wanted to add a new PassiveElement-child, you also have to edit the class which holds all these separate lists. I cannot figure out a good way to solve this problem. Since the concrete classes (i.e. PassiveElementA, ..., PassiveElementZ) have so many different attributes, many of the design patterns I know do not work. Thanks in advance for any hints, and sorry for my bad English.

Read the article
How to convince someone, that reading programming related books(blogs, so..) is important? [closed]

- by hgulyan

Dear all, please, help me to convince, that no matter what you're doing, you need to read some stuff, try to learn something new. They say, that they don't want to sit in front of computer in the end of a day and they don't have opportunity to read in working hours, or they're too tired for doing something. Have you faced this kind of situation? What did you do? What if you want to help them? What methodology you'd suggest? How to open their eyes? EDIT I'm really concerned about this people. EDIT 2 Just to be clear, I'm not talking about one person or two. Some of them, just do their job good. Company doesn't motivate them to learn something. They're not bad people, not bad developers, they just need something or someone to help, show another view, but you can't just describe this new view or say smth like "You need to learn!" and that's it, you'll start to learn or you're not a good programmer. I started to learn OOP, DB structure 6 years ago and I had someone who had guided me. He told me to learn Java and MySQL, gave me some manuals and API's. That's how I started. What if they don't have that kind person or something else?

Read the article
How to pull one commit at a time from a remote git repository?

- by Norman Ramsey

I'm trying to set up a darcs mirror of a git repository. I have something that works OK, but there's a significant problem: if I push a whole bunch of commits to the git repo, those commits get merged into a single darcs patchset. I really want to make sure each git commit gets set up as a single darcs patchset. I bet this is possible by doing some kind of git fetch followed by interrogation of the local copy of the remote branch, but my git fu is not up to the job. Here's the (ksh) code I'm using now, more or less: git pull -v # pulls all the commits from remote --- bad! # gets information about only the last commit pulled -- bad! author="$(git log HEAD^..HEAD --pretty=format:"%an <%ae>")" logfile=$(mktemp) git log HEAD^..HEAD --pretty=format:"%s%n%b%n" > $logfile # add all new files to darcs and record a patchset. this part is OK darcs add -q --umask=0002 -r . darcs record -a -A "$author" --logfile="$logfile" darcs push -a rm -f $logfile My idea is Try git fetch to get local copy of the remote branch (not sure exactly what arguments are needed) Somehow interrogate the local copy to get a hash for every commit since the last mirroring operation (I have no idea how to do this) Loop through all the hashes, pulling just that commit and recording the associated patchset (I'm pretty sure I know how to do this if I get my hands on the hash) I'd welcome either help fleshing out the scenario above or suggestions about something else I should try. Ideas?

Read the article
Authentication Problem - not recognizing 'else' - Ruby on rails...

- by bgadoci

I can't seem to figure out what I am doing wrong here. I have implemented the Super Simple Authentication from Ryan Bates tutorial and while the login portion is functioning correctly, I can't get an error message and redirect to happen correctly for a bad login. Ryan Bates admits in his comments he left this out but can't seem to implement his recommendation. Basically what is happening is that when someone logs in correctly it works. When a bad password is entered it does the same redirect and flashes 'successfully logged in' thought they are not. The admin links do not show (which is correct and are the links protected by the <% if admin? %) but I need it to say 'failed login' and redirect to login path. Here is my code: SessionsController class SessionsController < ApplicationController def create if session[:password] = params[:password] flash[:notice] = 'Successfully logged in' redirect_to posts_path else flash[:notice] = "whoops" redirect_to login_path end end def destroy reset_session flash[:notice] = 'Successfully logged out' redirect_to posts_path end end ApplicationController class ApplicationController < ActionController::Base helper_method :admin? protected def authorize unless admin? flash[:error] = "unauthorized request" redirect_to posts_path false end end def admin? session[:password] == "123456" end helper :all # include all helpers, all the time protect_from_forgery # See ActionController::RequestForgeryProtection for details # end

Read the article
Android Multiple Handlers Design Question

- by Soumya Simanta

This question is related to an existing question I asked. I though I'll ask a new question instead of replying back to the other question. Cannot "comment" on my previous question because of a word limit. Marc wrote - I've more than one Handlers in an Activity." Why? If you do not want a complicated handleMessage() method, then use post() (on Handler or View) to break the logic up into individual Runnables. Multiple Handlers makes me nervous. I'm new to Android. Is having multiple handlers in a single activity a bad design ? I'm new to Android. My question is - is having multiple handlers in a single activity a bad design ? Here is the sketch of my current implementation. I've a mapActivity that creates a data thread (a UDP socket that listens for data). My first handler is responsible for sending data from the data thread to the activity. On the map I've a bunch of "dynamic" markers that are refreshed frequently. Some of these markers are video markers i.e., if the user clicks a video marker, I add a ViewView that extends a android.opengl.GLSurfaceView to my map activity and display video on this new vide. I use my second handler to send information about the marker that the user tapped on ItemizedOverlay onTap(int index) method. The user can close the video view by tapping on the video view. I use my third handler for this. I would appreciate if people can tell me what's wrong with this approach and suggest better ways to implement this. Thanks.

Read the article
.NET: Allow NULLS in DB fields?

- by mark smith

Hi there, I have the task of re-factoring an SQLServer DB.... A lot of the tables and columns "ALLOW NULLS", Is this good practice... I seem to remember the authour of CSLA.NET saying it was really bad practice to allow nulls in a DB... If this is the case, what are my alternatives? Remove all "ALLOW NULLS" from all columns.... and in numeric columns use a value of -1 for example?? I would really appreciate any input anyone has. I am currently using a Model (from entity framework) from my DB and the db columns that "ALLOW NULLS" are null ... and some of the stored procedures require that i have a default value... i.e. BOOLEAN require FALSE as default ... but it is null.. Well i don't want to stray from my original question, ALLOW NULLS are a bad thing from what i can gather .... so how do i fix this ? Any help really appreciated

Read the article
WPF Grid Column MaxWidth not enforced

- by Trevor Hartman

This problem stems from not being able to get my TextBlock to wrap. Basically as a last-ditch attempt I am setting MaxWidth on my container grid's columns. I was surprised to find that my child label and textbox still do whatever they want (bad children, BAD) and are not limited by my grid column's MaxWidth="200". What I'm really trying to do is let my TextBlock fill available width and wrap if necessary. So far after trying many variations of HorizontalAlignment="Stretch" on every known parent in the universe, nothing works, except setting an explicit MaxWidth="400" or whatever number on the TextBlock. This is not good because I need the TextBlock to fill available width, not be limited by some fixed number. Thanks! <ItemsControl> <ItemsControl.ItemsPanel> <ItemsPanelTemplate> <StackPanel /> </ItemsPanelTemplate> </ItemsControl.ItemsPanel> <ItemsControl.ItemTemplate> <DataTemplate> <Grid> <Grid.ColumnDefinitions> <ColumnDefinition MaxWidth="200" SharedSizeGroup="A" /> <ColumnDefinition MaxWidth="200" SharedSizeGroup="B" /> </Grid.ColumnDefinitions> <Label VerticalAlignment="Top" Margin="0 5 0 0" Grid.Column="0" Style="{StaticResource LabelStyle}" Width="Auto" Content="{Binding Value.Summary}" /> <TextBlock Grid.Column="1" Margin="5,8,5,8" FontWeight="Normal" Background="AliceBlue" Foreground="Black" Text="{Binding Value.Description}" HorizontalAlignment="Stretch" TextWrapping="Wrap" Height="Auto" /> </Grid> </DataTemplate> </ItemsControl.ItemTemplate> </ItemsControl>

Read the article
Security implications of writing files using PHP

- by susmits

I'm currently trying to create a CMS using PHP, purely in the interest of education. I want the administrators to be able to create content, which will be parsed and saved on the server storage in pure HTML form to avoid the overhead that executing PHP script would incur. Unfortunately, I could only think of a few ways of doing so: Setting write permission on every directory where the CMS should want to write a file. This sounds like quite a bad idea. Setting write permissions on a single cached directory. A PHP script could then include or fopen/fread/echo the content from a file in the cached directory at request-time. This could perhaps be carried out in a Mediawiki-esque fashion: something like index.php?page=xyz could read and echo content from cached/xyz.html at runtime. However, I'll need to ensure the sanity of $_GET['page'] to prevent nasty variations like index.php?page=http://www.bad-site.org/malicious-script.js. I'm personally not too thrilled by the second idea, but the first one sounds very insecure. Could someone please suggest a good way of getting this done?

Read the article
Is it immoral to write crappy code even if readability and correctness is not a requirement?

- by mafutrct

There are cases when crappy (i.e. unreadable and buggy) code is not much of a problem. For instance, imagine you need to generate a big text file that mostly follows a simple pattern with a few very complex exceptions. What do you do? You quickly write a simple algorithm and insert the exceptional bits in the output manually to save 4 hours. The code is unreadable, and the output is flawed, but it's still the correct way since it is way faster. But let's get this straight: I hate bad code. I've had to read and work with code that caused my stomach to hurt. I care a lot about good code. And actually, I caught myself thinking that it is immoral to write bad code even though the dirty approach is sometimes superior. I was surprised by myself and found my idea to be very irrational. Did you ever experience this? Should I just get rid of this stupid idea and use the most efficient approach to coding?

Read the article

< Previous Page | 116 117 118 119 120 121 122 123 124 125 126 127 | Next Page >