Search Results

Search found 9715 results on 389 pages for 'bad passwords'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 133/389 | < Previous Page | 129 130 131 132 133 134 135 136 137 138 139 140  | Next Page >

  • How do encrypt a long or int using the Bouncy Castle crypto routines for BlackBerry?

    - by DanG
    How do encrypt/decrypt a long or int using the Bouncy Castle crypto routines for BlackBerry? I know how to encrypt/decrypt a String. I can encrypt a long but can't get a long to decrypt properly. Some of this is poorly done, but I'm just trying stuff out at the moment. I've included my entire crypto engine here: import org.bouncycastle.crypto.BufferedBlockCipher; import org.bouncycastle.crypto.DataLengthException; import org.bouncycastle.crypto.InvalidCipherTextException; import org.bouncycastle.crypto.engines.AESFastEngine; import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher; import org.bouncycastle.crypto.params.KeyParameter; public class CryptoEngine { // Global Variables // Global Objects private static AESFastEngine engine; private static BufferedBlockCipher cipher; private static KeyParameter key; public static boolean setEncryptionKey(String keyText) { // adding in spaces to force a proper key keyText += " "; // cutting off at 128 bits (16 characters) keyText = keyText.substring(0, 16); keyText = HelperMethods.cleanUpNullString(keyText); byte[] keyBytes = keyText.getBytes(); key = new KeyParameter(keyBytes); engine = new AESFastEngine(); cipher = new PaddedBufferedBlockCipher(engine); // just for now return true; } public static String encryptString(String plainText) { try { byte[] plainArray = plainText.getBytes(); cipher.init(true, key); byte[] cipherBytes = new byte[cipher.getOutputSize(plainArray.length)]; int cipherLength = cipher.processBytes(plainArray, 0, plainArray.length, cipherBytes, 0); cipher.doFinal(cipherBytes, cipherLength); String cipherString = new String(cipherBytes); return cipherString; } catch (DataLengthException e) { Logger.logToConsole(e); } catch (IllegalArgumentException e) { Logger.logToConsole(e); } catch (IllegalStateException e) { Logger.logToConsole(e); } catch (InvalidCipherTextException e) { Logger.logToConsole(e); } catch (Exception ex) { Logger.logToConsole(ex); } // else return "";// default bad value } public static String decryptString(String encryptedText) { try { byte[] cipherBytes = encryptedText.getBytes(); cipher.init(false, key); byte[] decryptedBytes = new byte[cipher.getOutputSize(cipherBytes.length)]; int decryptedLength = cipher.processBytes(cipherBytes, 0, cipherBytes.length, decryptedBytes, 0); cipher.doFinal(decryptedBytes, decryptedLength); String decryptedString = new String(decryptedBytes); // crop accordingly int index = decryptedString.indexOf("\u0000"); if (index >= 0) { decryptedString = decryptedString.substring(0, index); } return decryptedString; } catch (DataLengthException e) { Logger.logToConsole(e); } catch (IllegalArgumentException e) { Logger.logToConsole(e); } catch (IllegalStateException e) { Logger.logToConsole(e); } catch (InvalidCipherTextException e) { Logger.logToConsole(e); } catch (Exception ex) { Logger.logToConsole(ex); } // else return "";// default bad value } private static byte[] convertLongToByteArray(long longToConvert) { return new byte[] { (byte) (longToConvert >>> 56), (byte) (longToConvert >>> 48), (byte) (longToConvert >>> 40), (byte) (longToConvert >>> 32), (byte) (longToConvert >>> 24), (byte) (longToConvert >>> 16), (byte) (longToConvert >>> 8), (byte) (longToConvert) }; } private static long convertByteArrayToLong(byte[] byteArrayToConvert) { long returnable = 0; for (int counter = 0; counter < byteArrayToConvert.length; counter++) { returnable += ((byteArrayToConvert[byteArrayToConvert.length - counter - 1] & 0xFF) << counter * 8); } if (returnable < 0) { returnable++; } return returnable; } public static long encryptLong(long plainLong) { try { String plainString = String.valueOf(plainLong); String cipherString = encryptString(plainString); byte[] cipherBytes = cipherString.getBytes(); long returnable = convertByteArrayToLong(cipherBytes); return returnable; } catch (Exception e) { Logger.logToConsole(e); } // else return Integer.MIN_VALUE;// default bad value } public static long decryptLong(long encryptedLong) { byte[] cipherBytes = convertLongToByteArray(encryptedLong); cipher.init(false, key); byte[] decryptedBytes = new byte[cipher.getOutputSize(cipherBytes.length)]; int decryptedLength = cipherBytes.length; try { cipher.doFinal(decryptedBytes, decryptedLength); } catch (DataLengthException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IllegalStateException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (InvalidCipherTextException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } long plainLong = convertByteArrayToLong(decryptedBytes); return plainLong; } public static boolean encryptBoolean(int plainBoolean) { return false; } public static boolean decryptBoolean(int encryptedBoolean) { return false; } public static boolean testLongToByteArrayConversion() { boolean returnable = true; // fails out of the bounds of an integer, the conversion to long from byte // array does not hold, need to figure out a better solution for (long counter = -1000000; counter < 1000000; counter++) { long test = counter; byte[] bytes = convertLongToByteArray(test); long result = convertByteArrayToLong(bytes); if (result != test) { returnable = false; Logger.logToConsole("long conversion failed"); Logger.logToConsole("test = " + test + "\n result = " + result); } // regardless } // the end Logger.logToConsole("final returnable result = " + returnable); return returnable; } }

    Read the article

  • mysql: encrypting and decrypting data

    - by cbrulak
    Does mysql provide a mechanism for storing and retrieving encrypted data? I don't mean passwords, I mean real strings. I'd like to encrypt a string, store in mysql and then retrieve the decrypted string at a later date. So, I know there is the AES_Encrypt and decrypt functions. But they ask for a key. (which is fine) but I wondering if you call those functions and use your user password as the key. Or something else that is super-simple. Also, is there a simple wrapper for the AES_Encrypt & decrypt functions in Rails? Or do you need to build the query manually?

    Read the article

  • Python - Converting CSV to Objects - Code Design

    - by victorhooi
    Hi, I have a small script we're using to read in a CSV file containing employees, and perform some basic manipulations on that data. We read in the data (import_gd_dump), and create an Employees object, containing a list of Employee objects (maybe I should think of a better naming convention...lol). We then call clean_all_phone_numbers() on Employees, which calls clean_phone_number() on each Employee, as well as lookup_all_supervisors(), on Employees. import csv import re import sys #class CSVLoader: # """Virtual class to assist with loading in CSV files.""" # def import_gd_dump(self, input_file='Gp Directory 20100331 original.csv'): # gd_extract = csv.DictReader(open(input_file), dialect='excel') # employees = [] # for row in gd_extract: # curr_employee = Employee(row) # employees.append(curr_employee) # return employees # #self.employees = {row['dbdirid']:row for row in gd_extract} # Previously, this was inside a (virtual) class called "CSVLoader". # However, according to here (http://tomayko.com/writings/the-static-method-thing) - the idiomatic way of doing this in Python is not with a class-fucntion but with a module-level function def import_gd_dump(input_file='Gp Directory 20100331 original.csv'): """Return a list ('employee') of dict objects, taken from a Group Directory CSV file.""" gd_extract = csv.DictReader(open(input_file), dialect='excel') employees = [] for row in gd_extract: employees.append(row) return employees def write_gd_formatted(employees_dict, output_file="gd_formatted.csv"): """Read in an Employees() object, and write out each Employee() inside this to a CSV file""" gd_output_fieldnames = ('hrid', 'mail', 'givenName', 'sn', 'dbcostcenter', 'dbdirid', 'hrreportsto', 'PHFull', 'PHFull_message', 'SupervisorEmail', 'SupervisorFirstName', 'SupervisorSurname') try: gd_formatted = csv.DictWriter(open(output_file, 'w', newline=''), fieldnames=gd_output_fieldnames, extrasaction='ignore', dialect='excel') except IOError: print('Unable to open file, IO error (Is it locked?)') sys.exit(1) headers = {n:n for n in gd_output_fieldnames} gd_formatted.writerow(headers) for employee in employees_dict.employee_list: # We're using the employee object's inbuilt __dict__ attribute - hmm, is this good practice? gd_formatted.writerow(employee.__dict__) class Employee: """An Employee in the system, with employee attributes (name, email, cost-centre etc.)""" def __init__(self, employee_attributes): """We use the Employee constructor to convert a dictionary into instance attributes.""" for k, v in employee_attributes.items(): setattr(self, k, v) def clean_phone_number(self): """Perform some rudimentary checks and corrections, to make sure numbers are in the right format. Numbers should be in the form 0XYYYYYYYY, where X is the area code, and Y is the local number.""" if self.telephoneNumber is None or self.telephoneNumber == '': return '', 'Missing phone number.' else: standard_format = re.compile(r'^\+(?P<intl_prefix>\d{2})\((?P<area_code>\d)\)(?P<local_first_half>\d{4})-(?P<local_second_half>\d{4})') extra_zero = re.compile(r'^\+(?P<intl_prefix>\d{2})\(0(?P<area_code>\d)\)(?P<local_first_half>\d{4})-(?P<local_second_half>\d{4})') missing_hyphen = re.compile(r'^\+(?P<intl_prefix>\d{2})\(0(?P<area_code>\d)\)(?P<local_first_half>\d{4})(?P<local_second_half>\d{4})') if standard_format.search(self.telephoneNumber): result = standard_format.search(self.telephoneNumber) return '0' + result.group('area_code') + result.group('local_first_half') + result.group('local_second_half'), '' elif extra_zero.search(self.telephoneNumber): result = extra_zero.search(self.telephoneNumber) return '0' + result.group('area_code') + result.group('local_first_half') + result.group('local_second_half'), 'Extra zero in area code - ask user to remediate. ' elif missing_hyphen.search(self.telephoneNumber): result = missing_hyphen.search(self.telephoneNumber) return '0' + result.group('area_code') + result.group('local_first_half') + result.group('local_second_half'), 'Missing hyphen in local component - ask user to remediate. ' else: return '', "Number didn't match recognised format. Original text is: " + self.telephoneNumber class Employees: def __init__(self, import_list): self.employee_list = [] for employee in import_list: self.employee_list.append(Employee(employee)) def clean_all_phone_numbers(self): for employee in self.employee_list: #Should we just set this directly in Employee.clean_phone_number() instead? employee.PHFull, employee.PHFull_message = employee.clean_phone_number() # Hmm, the search is O(n^2) - there's probably a better way of doing this search? def lookup_all_supervisors(self): for employee in self.employee_list: if employee.hrreportsto is not None and employee.hrreportsto != '': for supervisor in self.employee_list: if supervisor.hrid == employee.hrreportsto: (employee.SupervisorEmail, employee.SupervisorFirstName, employee.SupervisorSurname) = supervisor.mail, supervisor.givenName, supervisor.sn break else: (employee.SupervisorEmail, employee.SupervisorFirstName, employee.SupervisorSurname) = ('Supervisor not found.', 'Supervisor not found.', 'Supervisor not found.') else: (employee.SupervisorEmail, employee.SupervisorFirstName, employee.SupervisorSurname) = ('Supervisor not set.', 'Supervisor not set.', 'Supervisor not set.') #Is thre a more pythonic way of doing this? def print_employees(self): for employee in self.employee_list: print(employee.__dict__) if __name__ == '__main__': db_employees = Employees(import_gd_dump()) db_employees.clean_all_phone_numbers() db_employees.lookup_all_supervisors() #db_employees.print_employees() write_gd_formatted(db_employees) Firstly, my preamble question is, can you see anything inherently wrong with the above, from either a class design or Python point-of-view? Is the logic/design sound? Anyhow, to the specifics: The Employees object has a method, clean_all_phone_numbers(), which calls clean_phone_number() on each Employee object inside it. Is this bad design? If so, why? Also, is the way I'm calling lookup_all_supervisors() bad? Originally, I wrapped the clean_phone_number() and lookup_supervisor() method in a single function, with a single for-loop inside it. clean_phone_number is O(n), I believe, lookup_supervisor is O(n^2) - is it ok splitting it into two loops like this? In clean_all_phone_numbers(), I'm looping on the Employee objects, and settings their values using return/assignment - should I be setting this inside clean_phone_number() itself? There's also a few things that I'm sorted of hacked out, not sure if they're bad practice - e.g. print_employee() and gd_formatted() both use __dict__, and the constructor for Employee uses setattr() to convert a dictionary into instance attributes. I'd value any thoughts at all. If you think the questions are too broad, let me know and I can repost as several split up (I just didn't want to pollute the boards with multiple similar questions, and the three questions are more or less fairly tightly related). Cheers, Victor

    Read the article

  • How to avoid having very large objects with Domain Driven Design

    - by Pablojim
    We are following Domain Driven Design for the implementation of a large website. However by putting the behaviour on the domain objects we are ending up with some very large classes. For example on our WebsiteUser object, we have many many methods - e.g. dealing with passwords, order history, refunds, customer segmentation. All of these methods are directly related to the user. Many of these methods delegate internally to other child object but this still results in some very large classes. I'm keen to avoid exposing lots of child objects e.g. user.getOrderHistory().getLatestOrder(). What other strategies can be used to avoid this problems?

    Read the article

  • Using Api to submit userdata to external party

    - by Younes
    I have to submit subscription data to another website. I have got documentation on how to use this API however i'm not 100% sure of how to set this up. I do have all the information needed, like username / passwords etc. This is the API documentation: https://www.apiemail.net/api/documentation/?SID=4 How would my request / post / whatever look like in C# .net (vs 2008) when i'm trying to acces this API? This is what i have now, I think i'm not on the right track: public static string GArequestResponseHelper(string url, string token, string username, string password) { HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(url); myRequest.Headers.Add("Username: " + username); myRequest.Headers.Add("Password: " + password); HttpWebResponse myResponse = (HttpWebResponse)myRequest.GetResponse(); Stream responseBody = myResponse.GetResponseStream(); Encoding encode = System.Text.Encoding.GetEncoding("utf-8"); StreamReader readStream = new StreamReader(responseBody, encode); //return string itself (easier to work with) return readStream.ReadToEnd();

    Read the article

  • ASP.NET plug-in architecture, settings problem

    - by Xaqron
    I want to divide business layer (BLL) of an asp.net application into multiple components. Each component is a .NET class library which is compiled as a standalone DLL. These components should have their own configuration files. For example "MyNameSpace.Users.dll" contains classes about users of the website and there's a password policy to check if password length is at least x characters. When webmaster edits the config file of this DLL and set x to y then component (DLL) should use new value (y) in the future and enforce passwords to be at least y characters. I want each component as a single project and compile them separaely (and not to put all projects in a solution in Visual Studio), and put the DLLs of these libraries into the "Bin" folder of my ASP.NET application. Is it possible ? Where should I put these config files ?

    Read the article

  • [Sql-Server]what data type to use for password salt and hash values and what length?

    - by Pandiya Chendur
    I am generating salt and hash values from my passwords by using, string salt = CreateSalt(TxtPassword.Text.Length); string hash = CreatePasswordHash(TxtPassword.Text, salt); private static string CreateSalt(int size) { //Generate a cryptographic random number. RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); byte[] buff = new byte[size]; rng.GetBytes(buff); // Return a Base64 string representation of the random number. return Convert.ToBase64String(buff); } private static string CreatePasswordHash(string pwd, string salt) { string saltAndPwd = String.Concat(pwd, salt); string hashedPwd = FormsAuthentication.HashPasswordForStoringInConfigFile( saltAndPwd, "sha1"); return hashedPwd; } What datatype you would suggest for storing these values in sql server? Any suggestion... Salt:9GsPWpFD Hash:E778AF0DC5F2953A00B35B35D80F6262CDBB8567

    Read the article

  • Can you figure out the password hashing scheme?

    - by Adal
    I have two passwords and two resulting hashes. I can't figure out how the hash is derived from the password. I don't know if salting is used. I don't know if the password is hashed as a integer value or as a string (possibly Unicode). Password: 6770 Hash: c12114b91a3841c143bbeb121693e80b Password: 9591 Hash: 25238d578b6a61c2c54bfe55742984c1 The hash length seems to suggest MD5. Anybody has any ideas what I could try? Note: This is not for hacking purposes. I'm trying to access a service through an API instead of it's desktop client, and I can't figure out how to compute the password hash. Currently instead of using my real password I'm sending directly the hash.

    Read the article

  • Convert ASP.NET membership system to secure password storage

    - by wrburgess
    I have a potential client that set up their website and membership system in ASP.NET 3.5. When their developer set up the system, it seems he turned off the security/hashing aspect of password storage and everything is stored in the clear. Is there a process to reinstall/change the secure password storage of ASP.NET membership without changing all of the passwords in the database? The client is worried that they'll lose their customers if they all have to go through a massive password change. I've always installed with security on by default, thus I don't know the effect of a switchover. Is there a way to convert the entire system to a secure password system without major effects on the users?

    Read the article

  • How can a hacker put a file on my server root (apache, php, 1and1)

    - by mike-sav
    Hi there, I have a site hosted on 1and1 and a couple of weeks ago I noticed a hacker had put a .php file on the server that when viewed in a browser exposed my DB schema, DB connection strings, FTP account (for file uploads using a form), etc, etc. Naturally I panicked and I wiped the server and reuploaded my files. Fortunatley I encrypt passwords using MD5 and I don't store things like credit card details, etc, etc. Now I checked my files and with all user input I use a clean function (htmlentities, sql_real_escape_string, etc, etc) that strips the input of any XSS or SQL injection. I have also made sure that the session key gets re-engineered when a user status changes (like they log into their account) to prevent session hijacking, my folder permissions are set to 755 and file permission are 644. Has anyone got any idea how this could have happened? Or if I'm missing something

    Read the article

  • creating a color coded time chart using colorbar and colormaps in python

    - by Rusty
    I'm trying to make a time tracking chart based on a daily time tracking file that I used. I wrote code that crawls through my files and generates a few lists. endTimes is a list of times that a particular activity ends in minutes going from 0 at midnight the first day of the month to however many minutes are in a month. labels is a list of labels for the times listed in endTimes. It is one shorter than endtimes since the trackers don't have any data about before 0 minute. Most labels are repeats. categories contains every unique value of labels in order of how well I regard that time. I want to create a colorbar or a stack of colorbars (1 for eachday) that will depict how I spend my time for a month and put a color associated with each label. Each value in categories will have a color associated. More blue for more good. More red for more bad. It is already in order for the jet colormap to be right, but I need to get desecrate color values evenly spaced out for each value in categories. Then I figure the next step would be to convert that to a listed colormap to use for the colorbar based on how the labels associated with the categories. I think this is the right way to do it, but I am not sure. I am not sure how to associate the labels with color values. Here is the last part of my code so far. I found one function to make a discrete colormaps. It does, but it isn't what I am looking for and I am not sure what is happening. Thanks for the help! # now I need to develop the graph import numpy as np from matplotlib import pyplot,mpl import matplotlib from scipy import interpolate from scipy import * def contains(thelist,name): # checks if the current list of categories contains the one just read for val in thelist: if val == name: return True return False def getCategories(lastFile): ''' must determine the colors to use I would like to make a gradient so that the better the task, the closer to blue bad labels will recieve colors closer to blue read the last file given for the information on how I feel the order should be then just keep them in the order of how good they are in the tracker use a color range and develop discrete values for each category by evenly spacing them out any time not found should assume to be sleep sleep should be white ''' tracker = open(lastFile+'.txt') # open the last file # find all the categories categories = [] for line in tracker: pos = line.find(':') # does it have a : or a ? if pos==-1: pos=line.find('?') if pos != -1: # ignore if no : or ? name = line[0:pos].strip() # split at the : or ? if contains(categories,name)==False: # if the category is new categories.append(name) # make a new one return categories # find good values in order of last day newlabels=[] for val in getCategories(lastDay): if contains(labels,val): newlabels.append(val) categories=newlabels # convert discrete colormap to listed colormap python for ii,val in enumerate(labels): if contains(categories,val)==False: labels[ii]='sleep' # create a figure fig = pyplot.figure() axes = [] for x in range(endTimes[-1]%(24*60)): ax = fig.add_axes([0.05, 0.65, 0.9, 0.15]) axes.append(ax) # figure out the colors to use # stole this function to make a discrete colormap # http://www.scipy.org/Cookbook/Matplotlib/ColormapTransformations def cmap_discretize(cmap, N): """Return a discrete colormap from the continuous colormap cmap. cmap: colormap instance, eg. cm.jet. N: Number of colors. Example x = resize(arange(100), (5,100)) djet = cmap_discretize(cm.jet, 5) imshow(x, cmap=djet) """ cdict = cmap._segmentdata.copy() # N colors colors_i = np.linspace(0,1.,N) # N+1 indices indices = np.linspace(0,1.,N+1) for key in ('red','green','blue'): # Find the N colors D = np.array(cdict[key]) I = interpolate.interp1d(D[:,0], D[:,1]) colors = I(colors_i) # Place these colors at the correct indices. A = zeros((N+1,3), float) A[:,0] = indices A[1:,1] = colors A[:-1,2] = colors # Create a tuple for the dictionary. L = [] for l in A: L.append(tuple(l)) cdict[key] = tuple(L) # Return colormap object. return matplotlib.colors.LinearSegmentedColormap('colormap',cdict,1024) # jet colormap goes from blue to red (good to bad) cmap = cmap_discretize(mpl.cm.jet, len(categories)) cmap.set_over('0.25') cmap.set_under('0.75') #norm = mpl.colors.Normalize(endTimes,cmap.N) print endTimes print labels # make a color list by matching labels to a picture #norm = mpl.colors.ListedColormap(colorList) cb1 = mpl.colorbar.ColorbarBase(axes[0],cmap=cmap ,orientation='horizontal' ,boundaries=endTimes ,ticks=endTimes ,spacing='proportional') pyplot.show()

    Read the article

  • simple authorisation in web api

    - by monthon1
    I want to make nice and clean api; I'm making site and I want to offer the ability to mobile apps use web API of my site. I don't want to use oAuth, becouse the mobile and embedded applications that are facing the biggest hurdle, as they may not be able to bring up and/or control the web browser. Also its a little complicate. I know, that HTTP basic authorisation is not safe, but it's so simple... I want to use it in my api. I have somee users logins and their passwords (md5-encoded) in mysql base, but how to use those data in this HTTP basic authorisation?

    Read the article

  • Perform manual test, automate after - or never?

    - by dotnetdev
    In my current company, we have one tester. Having spoken to this tester, she says that in testing, before implementing any automation systems, the scripts (steps to take) are manually written and performed (performed at least once). Is this the way things work in testing? To make me laugh, this has been done in this case, yet no automation. It makes me laugh to see the lead tester perform loads of different combinations of usernames and passwords for a login form (which she is not overly keen on having automated) when I could easily automate that (but politics in the company won't allow that). This doesn't seem like the environment where a junior tester (not me, I'm a SDET) cannot learn anything. Thanks

    Read the article

  • Secure database connection. DAL .net architecture best practice

    - by Andrew Florko
    We have several applications that are installed in several departments that interact with database via Intranet. Users tend to use weak passwords or store login/password written on a shits of paper where everybody can see them. I'm worried about login/password leakage & want to minimize consequences. Minimizing database-server attack surface by hiding database-server from Intranet access would be a great idea also. I'm thinking about intermediary data access service method-based security. It seems more flexible than table-based or connection-based database-server one. This approach also allows to hide database-server from public Intranet. What kind of .net technologies and best practices would you suggest? Thank in you in advance!

    Read the article

  • Password checking in dojo

    - by Richard
    I want to check that two passwords are the same using Dojo. Here is the HTML I have: <form id="form" action="." dojoType="dijit.form.Form" / <pPassword: <input type="password" name="password1" id="password1" dojoType="dijit.form.ValidationTextBox" required="true" invalidMessage="Please type a password" /</p <pConfirm: <input type="password" name="password2" id="password2" dojoType="dijit.form.ValidationTextBox" required="true" invalidMessage="This password doesn't match your first password" /</p <div dojoType="dijit.form.Button" onClick="onSave"Save</div </form Here is the JavaScript I have so far: var onSave = function() { if(dijit.byId('form').validate()) { alert('Good form'); } else { alert('Bad form'); } } Thanks for your help. I could do this in pure JavaScript, but I'm trying to find the Dojo way of doing it.

    Read the article

  • How to accomplish "AuthType None" in Apache 2.2

    - by Technorati
    http://httpd.apache.org/docs/trunk/mod/mod_authn_core.html#authtype talks about "AuthType None", and has an awesome example of exactly what I need to do - unfortunately, it appears to be new to 2.3/2.4. Is there any equivalent feature in 2.2? The authentication type None disables authentication. When authentication is enabled, it is normally inherited by each subsequent configuration section, unless a different authentication type is specified. If no authentication is desired for a subsection of an authenticated section, the authentication type None may be used; in the following example, clients may access the /www/docs/public directory without authenticating: <Directory /www/docs> AuthType Basic AuthName Documents AuthBasicProvider file AuthUserFile /usr/local/apache/passwd/passwords Require valid-user </Directory> <Directory /www/docs/public> AuthType None Require all granted </Directory>

    Read the article

  • HTML stops at a PHP script made to connect to a mysql database. No errors printed.

    - by DavidR
    I'm trying to set up a login script for PHP using the tutorial on this site. The problem is that the site stops when it hits these lines, no error, no text: <?php $conn = mysql_connect('localhost', 'root', 'password') or die('error line7' . mysql_error()); mysql_select_db('mydb', $conn) or die('error line8' . mysql_error()); ?> If I take out these lines, the rest of the html runs perfectly. I've double checked my passwords and everything, nothing is working. I know very little about php and mysql other than what I've learned trying to set this up.

    Read the article

  • Convert VB6 Randomize to C#

    - by Thomas G. Mayfield
    I'm writing a C# frontend to a legacy database that uses VB6 Rnd() and Randomize() methods for user password encryption. The encryption function is very simplistic and really not all that secure, but it's what all current passwords are stored with. What I'd like to be able to do is authenticate legacy users from a C# application. I can write new encryption (or preferably hashing) code for VB6 so that all future users have a more secure password, and that can be duplicated in C#. But I don't want to require current users to have had their password reset before they can use the new frontend. Is there any way I can reimplement that algorithm in C# so that it produces identical results to the legacy VB6 code?

    Read the article

  • Combining DROP USER and DROP DATABASE with SELECT .. WHERE query?

    - by zsero
    I'd like to make a very simple thing, replicate the functionality of mysql's interactive mysql_secure_installation script. My question is that is there a simple, built-in way in MySQL to combine the output of a SELECT query with the input of a DROP user or DROP database script? For example, if I'd like to drop all users with empty passwords. How could I do that with DROP USER statement? I know an obvious solution would be to run everything for example from a Python script, run a query with mysql -Bse "select..." parse the output with some program construct the drop query run it. Is there an easy way to do it in a simple SQL query? I've seen some example here, but I wouldn't call it simple: http://stackoverflow.com/a/12097567/518169 Would you recommend making a combined query, or just to parse the output using for example Python or bash scripts/sed?

    Read the article

  • creating multiple users for a c#.net winform application using sql server express

    - by sqlchild
    i have a single sql database in sql server express. i have a login MAINLOGIN, for this database. i want insertion of data in this database through multiple users, U1,U2,U3, each having different userids & passwords. These users would be created by MAINLOGIN , manually or via the winform application. So while creating MAINLOGIN , i would give him permission to further create logins. For this what should i do? i cannot create MULTIPLE users, because for one database, only one user can be created under one login. so should i create multiple logins, L1,L2,L3, then map, U1, U2, U3 to them. Or, is there a better way to do this? like application roles etc. i dont want to use windows authentication. because if i know the system password, then i could simply connect sql via the application and insert wrong data.

    Read the article

  • Error on Access database: Permission denied: 'CreateObject'

    - by elixireu
    Hi, I am migrating a website over to a new server, its in ASP and uses several Access databases, the site and CMS can read, display the data, and even edit and update existing data entries, but when I want to add a new entry, I get an error... Microsoft VBScript runtime error '800a0046' Permission denied: 'CreateObject' /padp2010d/ads_tradetracker.asp, line 11 There seems to be no passwords on the databases, I have set up and tested the ODBC Data Sources and they are working fine. The code or line that is causing the problem is... <% Dim Mail, strPath, strHost, Upload Set Upload = CreateObject("Persits.Upload") Upload.IgnoreNoPost = True ' Generate unique names Upload.OverwriteFiles = False ' Limit file size to 500000 bytes Upload.SetMaxSize 500000, True ' capture an upload and save uploaded files (if any) in temp directory Upload.SaveVirtual "\pa\images\advertenties" Upload.Save ' Use session ID as the new file name NewName = Session.SessionID The line 11 is Set Upload = CreateObject("Persits.Upload") If anyone could help that would be great. Could it be a Permission setting? Im a complete novice with ASP and Access! Thanks

    Read the article

  • Login fails after upgrade to ASP.net 4.0 from 3.5

    - by lomac
    I cannot log in using any of the membership accounts using .net 4.0 version of the app. It fails like it's the wrong password, and FailedPasswordAttemptCount is incremented in my_aspnet_membership table. (I am using membership with mysql membership provider.) I can create new users. They appear in the database. But I cannot log in using the new user credentials (yes, IsApproved is 1). One clue is that the hashed passwords in the database is longer for the users created using the asp.net 4.0 version, e.g 3lwRden4e4Cm+cWVY/spa8oC3XGiKyQ2UWs5fxQ5l7g=, and the old .net 3.5 ones are all like +JQf1EcttK+3fZiFpbBANKVa92c=. I can still log in when connecting to the same db with the .net 3.5 version, but only to the old accounts, not the new ones created with the .net 4.0 version. The 4.0 version cannot log in to any accounts. I tried dropping the whole database on my test system, the membership tables are then auto created on first run, but it's still the same, can create users, but can't log in.

    Read the article

  • Kentico - Using punctuation with AuthenticateUser

    - by Big Friendly Giant
    We are currently using version 7.0 of the kentico API to authenticate users into our system. The following code is used to gain user details from the database and authenticate users. UserInfo objUserInfo = AuthenticationHelper.AuthenticateUser(username.ToLower(), password.ToLower(), CMSContext.CurrentSiteName); This has primarily been working correctly, but we are having issues with usernames and passwords that contain any of the following characters. " ! @ ' / \ < * - Is there any settings that I need to be aware of (web.config or otherwise) that would stop the API from accessing an account where a username or password contained special characters?

    Read the article

  • Encrypting password in compiled C or C++ code

    - by Daniel
    Hello!, I know how to compile C and C++ Source files using GCC and CC in the terminal, however i would like to know if its safe to include passwords in these files, once compiled. For example.. i check user input for a certain password e.g 123, but it appears compiled C/C++ programs is possible to be decompiled. Is there anyway to compile a C/C++ source file, while keeping the source completely hidden.. If not, could anyone provide a small example of encrypting the input, then checking against the password e.g: (SHA1, MD5)

    Read the article

  • MD5 password twice

    - by NoviceCoding
    I know MD5's safety is under question lately and this is the reason a lot of people are using salt (I dont understand this at all btw) but I was wondering if you wanted to easily implement a safe system in php can you just md5 something twice? like test 098f6bcd4621d373cade4e832627b4f6 fb469d7ef430b0baf0cab6c436e70375 So basically: $val = 'test'; $val = md5($val); $val = md5($val); Would that solve the whole rainbow security stuff? Is there an easy/noob proof way of making secure database passwords in php?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 129 130 131 132 133 134 135 136 137 138 139 140  | Next Page >