Search Results

Search found 3942 results on 158 pages for 'logged'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 136/158 | < Previous Page | 132 133 134 135 136 137 138 139 140 141 142 143  | Next Page >

  • Problem logging in and changing permissions in Facebook

    - by kujawk
    Hi everybody, I've got a piece of code that logs into Facebook, gets a session, sets status_update and offline_access permission if they are not set, and gets a new session with the newly set permissions. This code used to work fine but now I'm getting error 100 "One of the parameters specified was missing or invalid" as a response to the second call to get session and I can't figure out why. Here's the sequence in detail: CREATE TOKEN restserver.php?method=auth.createToken&api_key=[our key]&v=1.0&format=JSON&sig=[sig created with our secret] response: new token LOGIN m.facebook.com/login.php?api_key=[our key]&v=1.0&auth_token=[token created above] login screen loads and user successfully logs in with their username/password. GET SESSION restserver.php?method=auth.getSession&api_key=[our key]&v=1.0&format=JSON&auth_token=token created above&sig=[sig created with our secret] response: session key with expiration date and a secret CHECK/AUTHORIZE PERMISSIONS restserver.php?method=users.hasAppPermission&api_key=[our key]&v=1.0&format=JSON&ext_perm=status_update&call_id=[proper id]&session_key=[key returned above]&sig=[sig created with secret returned for get session] response: 0 m.facebook.com/authorize.php?api_key=[our key]&v=1.0&ext_perm=status_update authorization screen loads and user authorizes Same steps for status_update CREATE NEW TOKEN Same steps as done to create the first token LOGIN m.facebook.com/login.php?api_key=[our key]&v=1.0&auth_token=[new token] user is already logged in, redirected to their homepage GET NEW SESSION restserver.php?method=auth.getSession&api_key=[our key]&format=JSON&auth_token=[new token]&sig=[sig created with our secret] response: error 100 - missing or invalid parameter. Of course it doesn't tell me which one. Anybody have any ideas what I'm doing wrong here? I tried skipping the second login and going right to creating the new session and that didn't work. The only thing that seems to work is logging out the user after they've authorized the permissions and having them log back in again. I'd like to avoid this if possible. Can you have two outstanding sessions at one time? This code used to work but I'm thinking maybe something changed on Facebook's end that I'm not aware of. Thanks, kris

    Read the article

  • adding a token onto a webservice or wcf call

    - by duncanUK
    I have an httphandler which I am using to log the http soap request and response for each webservice that is called from my application as a comms log. i would like to inject a token ont he 1st call (possibly the 1st call to invoke the service that is being logged) and then be able to track all subsequent webservice calls run in the same context with this token so i can tie the subsequent calls back up to the original call. so for example. main webservice -> 2nd web service -> another web service [token] [token] [token] -> nth web service [token] I would like to inject the token on the first call to the main webservice (http handler checks if no token, add it), I would like to use the same http handler to intercept each call to the subsequent webservices and pass on the token if it exists already (the job of the httphandler is to log the in/out soap with the token to reference with. I have managed to inject the first token, but my problem is how do I add the token on the subsequent calls.. can I make it stick on the same context or session? My worry is that when we call a new webservice, we create a whole new proxy/http request which will not inhrit the token... or will it?! Ideally I would like it to persist on the http header as I am setting the token as a header at the moment? has anyone got any ideas or a better way of doing this? I would be most greatful for you comments!

    Read the article

  • iPhone - Problem with in-app purchases

    - by Satyam svv
    I've created iPhone app with in-app purchase. Now, I'm in testing phase. I created provisioning profile com.satyam.testapp In iTunes connected I created the application and uploaded the images, screen shots, desscription etc. I also created two id's for in-app purchase. One is com.satyam.testapp.book1 and the other one is com.satyam.testapp.book5 I created test account also for verifying my in-app purchases. Using com.stayam.testapp i created developer test profile and using the same in my developed application. I logged out the itunes app store account in my iphone. Now i started running my application on my iphone. Its saying that no items are there to purchase. But its not even asking me for credentials where i've to enter test account username and password..... how to debug it? Here's my delegate: - (void)productsRequest:(SKProductsRequest *)request didReceiveResponse:(SKProductsResponse *)response { NSArray *myProduct = [[NSArray alloc] initWithArray:response.products]; for(int i=0;i<[myProduct count];i++) { SKProduct *product = [myProduct objectAtIndex:i]; NSLog(@"Name: %@ - Price: %f",[product localizedTitle],[[product price] doubleValue]); NSLog(@"Product identifier: %@", [product productIdentifier]); } for(NSString *invalidProduct in response.invalidProductIdentifiers) NSLog(@"Problem in iTunes connect configuration for product: %@", invalidProduct); [request autorelease]; [myProduct release]; }

    Read the article

  • PHP -- automatic SQL injection protection?

    - by ashgromnies
    I took over maintenance of a PHP app recently and I'm not super familiar with PHP but some of the things I've been seeing on the site are making me nervous that it could be vulnerable to a SQL injection attack. For example, see how this code for logging into the administrative section works: $password = md5(HASH_SALT . $_POST['loginPass']); $query = "SELECT * FROM `administrators` WHERE `active`='1' AND `email`='{$_POST['loginEmail']}' AND `password`='{$password}'"; $userInfo = db_fetch_array(db_query($query)); if($userInfo['id']) { $_SESSION['adminLoggedIn'] = true; // user is logged in, other junk happens here, not important The creators of the site made a special db_query method and db_fetch_array method, shown here: function db_query($qstring,$print=0) { return @mysql(DB_NAME,$qstring); } function db_fetch_array($qhandle) { return @mysql_fetch_array($qhandle); } Now, this makes me think I should be able to do some sort of SQL injection attack with an email address like: ' OR 'x'='x' LIMIT 1; and some random password. When I use that on the command line, I get an administrative user back, but when I try it in the application, I get an invalid username/password error, like I should. Could there be some sort of global PHP configuration they have enabled to block these attacks? Where would that be configured? Here is the PHP --version information: # php --version PHP 5.2.12 (cli) (built: Feb 28 2010 15:59:21) Copyright (c) 1997-2009 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies with the ionCube PHP Loader v3.3.14, Copyright (c) 2002-2010, by ionCube Ltd., and with Zend Optimizer v3.3.9, Copyright (c) 1998-2009, by Zend Technologies

    Read the article

  • Threading calls to web service in a web service - (.net 2.0)

    - by Ryan Ternier
    Got a question regarding best practices for doing parallel web service calls, in a web service. Our portal will get a message, split that message into 2 messages, and then do 2 calls to our broker. These need to be on separate threads to lower the timeout. One solution is to do something similar to (pseudo code): XmlNode DNode = GetaGetDemoNodeSomehow(); XmlNode ENode = GetAGetElNodeSomehow(); XmlNode elResponse; XmlNode demResponse; Thread dThread = new Thread(delegate { //Web Service Call GetDemographics d = new GetDemographics(); demResponse = d.HIALRequest(DNode); }); Thread eThread = new Thread(delegate { //Web Service Call GetEligibility ge = new GetEligibility(); elResponse = ge.HIALRequest(ENode); }); dThread.Start(); eThread.Start(); dThread.Join(); eThread.Join(); //combine the resulting XML and return it. //Maybe throw a bit of logging in to make architecture happy Another option we thought of is to create a worker class, and pass it the service information and have it execute. This would allow us to have a bit more control over what is going on, but could add additional overhead. Another option brought up would be 2 asynchronous calls and manage the returns through a loop. When the calls are completed (success or error) the loop picks it up and ends. The portal service will be called about 50,000 times a day. I don't want to gold plate this sucker. I'm looking for something light weight. The services that are being called on the broker do have time out limits set, and are already heavily logged and audited, so I'm not worried on that part. This is .NET 2.0 , and as much as I would love to upgrade I can't right now. So please leave all the goodies of 2.0 out please.

    Read the article

  • How do you program a windows service in C# to start an application for a user?

    - by Swoop
    Is it possible to start a program so that it is available to a user with a windows service? I have been working with the Process.Start() in C#. I can get the service to kickoff some sort of process that appears in the Task Manager list under processes. However, the program nevers appears on the screen. By default, it runs under the user name "SYSTEM". I have adjusted the "Log On" option in the service manager to match the person logged into the computer, but this does not cause a window to appear either. I feel like I am either missing a simple setting, or need to take a different direction for this. Below is the code I have been working with to start up Firefox as a test app. private void startRunDap() { ProcessStartInfo startInfo = new ProcessStartInfo(); startInfo.FileName = "Firefox"; startInfo.WindowStyle = ProcessWindowStyle.Normal; startInfo.UseShellExecute = true; Process.Start(startInfo); //Process.Start("Firefox"); }

    Read the article

  • Accept All Cookies via HttpClient

    - by Vinay
    So this is currently how my app is set up: 1.) Login Activity. 2.) Once logged in, other activities may be fired up that use PHP scripts that require the cookies sent from logging in. I am using one HttpClient across my app to ensure that the same cookies are used, but my problem is that I am getting 2 of the 3 cookies rejected. I do not care about the validity of the cookies, but I do need them to be accepted. I tried setting the CookiePolicy, but that hasn't worked either. This is what logcat is saying: 11-26 10:33:57.613: WARN/ResponseProcessCookies(271): Cookie rejected: "[version: 0] [name: cookie_user_id][value: 1][domain: www.trackallthethings.com][path: trackallthethings][expiry: Sun Nov 25 11:33:00 CST 2012]". Illegal path attribute "trackallthethings". Path of origin: "/mobile-api/login.php" 11-26 10:33:57.593: WARN/ResponseProcessCookies(271): Cookie rejected: "[version: 0][name: cookie_session_id][value: 1985208971][domain: www.trackallthethings.com][path: trackallthethings][expiry: Sun Nov 25 11:33:00 CST 2012]". Illegal path attribute "trackallthethings". Path of origin: "/mobile-api/login.php" I am sure that my actual code is correct (my app still logs in correctly, just doesn't accept the aforementioned cookies), but here it is anyway: HttpGet httpget = new HttpGet(//MY URL); HttpResponse response; response = Main.httpclient.execute(httpget); HttpEntity entity = response.getEntity(); InputStream in = entity.getContent(); BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuilder sb = new StringBuilder(); From here I use the StringBuilder to simply get the String of the response. Nothing fancy. I understand that the reason my cookies are being rejected is because of an "Illegal path attribute" (I am running a script at /mobile-api/login.php whereas the cookie will return with a path of just "/" for trackallthethings), but I would like to accept the cookies anyhow. Is there a way to do this?

    Read the article

  • DWR and Spring Security - User is deauthenticated in few seconds

    - by Vojtech
    I am trying to implement user authentication via DWR as follows: public class PublicRemote { @Autowired @Qualifier("authenticationManager") private AuthenticationManager authenticationManager; public Map<String, Object> userLogin(String username, String password, boolean stay) { Map<String, Object> map = new HashMap<>(); UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password); try { Authentication authentication = authenticationManager.authenticate(authRequest); SecurityContextHolder.getContext().setAuthentication(authentication); map.put("success", "true"); } catch (Exception e) { map.put("success", "false"); } return map; } public Map<String, Object> getUserState() { Map<String, Object> map = new HashMap<>(); Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); boolean authenticated = authentication != null && authentication.isAuthenticated(); map.put("authenticated", authenticated); if (authenticated) { map.put("authorities", authentication.getAuthorities()); } return map; } } The authentication works correctly and by calling getUserState() I can see that the user is successfully logged in. The problem is that this state will stay only for few seconds. In probably 5 seconds, the getAuthentication() starts returning null. Is there some problem with session in DWR or is it some misconfiguration of Spring Security?

    Read the article

  • PHP question about global variables and form requests

    - by user220201
    Hi, This is probably a stupid question but will ask anyway sine I have no idea. I have written basic php code which serve forms. Say I have a login page and I serve it using the login.php page and it will be called in the login.html page like this - <form action="login.php" method="post"> By this it is also implied that every POST needs its own php file, doesn't it? This kind of feels weird. Is there a way to have a single file, say code.php, and just have each of the forms as functions instead? EDIT: Specifically, say I have 5 forms that are used one after the other in my application. Say after login the user does A, B, C and D tasks each of which are sent to the server as a POST request. So instead of having A.php, B.php, C.php and D.php I would like to have a single code.php and have A(), B(), C() and D() as functions. Is there a way to do this? Also on the same note, how do I deal with say a global array (e.g. an array of currently logged in users) across multiple forms? I want to do this without writing to a DB. I know its probably better to write to a DB and query but is it even possible to do it with a global array? The reason I was thinking about having all the form functions in one file is to use a global array. Thanks, - Pav

    Read the article

  • facebook graph api does not return all feed items on facebook page

    - by Nick Franceschina
    at the time of this question, if you go here: http://www.facebook.com/realplayer you'll see six posts down, I have posted a photo with a message of "#highfive Cincinnati, OH" but if you to either of these: http://graph.facebook.com/realplayer/feed http://graph.facebook.com/realplayer/tagged the JSON that is returned seemingly includes everything on the wall, except for MY post. there is another photo post from someone else down below mine, and it is showing up (and both my photo and his photo are in the "Fan photos" section) obviously, since I can see everything with these links already, it appears that access_token is not a part of the equation... BUT, some more info: if I use an access_token from a session that isn't me, I can't see the post in the JSON if I use an access_token from MY logged in session, then I DO see the post in the JSON so I'm very confused. if everyone in the world can see those posts on the wall without even authenticating, then I expect all of them to come back in the graph api as well. anyone have thoughts on this? I am aware of the "manage_page" permission... which I can use to get a list of accounts and special offline access tokens for those pages... and that's something I can explore... but it seems like alot of work when my post seemingly SHOULD be there in the graph

    Read the article

  • How to add Remember me function at custom login box ?

    - by morningglory
    In my theme, there's custom page for the login. Login function at functions.php is like this function log_in($username, $password) { $user = parse_user($username); $username = $username; $password = $password; if(isEmptyString($username)) return new WP_Error('username', 'required'); if(isEmptyString($password)) return new WP_Error('password', "required"); if(!wp_check_password( $password, $user->user_pass ) ) return new WP_Error('wrong_password', "wrong"); wp_set_auth_cookie($user->ID, $remember); wp_login($username, $password); redirect_profile(); } function parse_user($info = null, $return = 'object') { if ( is_null( $info ) ) { global $current_user; if ( empty( $current_user->ID ) ) return null; $info = get_userdata( $current_user->ID ); } elseif ( empty( $info ) ) { return null; } if( $return == 'ID' ) { if ( is_object( $info ) ) return $info->ID; if ( is_numeric( $info ) ) return $info; } elseif( $return == 'object' ) { if ( is_object( $info ) && $info->ID) return $info; if ( is_object( $info )) return get_userdata( $info->ID ); if ( is_numeric( $info ) ) return get_userdata( $info ); if ( is_string( $info ) ) return get_userdatabylogin( $info ); } else { return null; } } I want to add remember me checkbox for user to logged in all the time until they logout. How can i add this ? Please kindly help me out. Thank you.

    Read the article

  • How can I spec out an authlogic sessions controller using using a stub?

    - by Dave
    I want to test my User Session Controller testing that a user session is first built then saved. My UserSession class looks like this: class UserSession < Authlogic::Session::Base end The create method of my UserSessionsController looks like this: def create @user_session = UserSession.new(params[:user_session]) if @user_session.save flash[:notice] = "Successfully logged in." redirect_back_or_default administer_home_page_url else render :new end end and my controller spec looks like this: describe UserSessionsController do it "should build a new user session" do UserSession.stub!(:new).with(:email, :password) UserSession.should_receive(:new).with(:email => "[email protected]", :password => "foobar") post :create, :user_session => { :email => "[email protected]", :password => "foobar" } end end I stub out the new method but I still get the following error when I run the test: Spec::Mocks::MockExpectationError in 'UserSessionsController should build a new user session' <UserSession (class)> received :new with unexpected arguments expected: ({:password=>"foobar", :email=>"[email protected]"}) got: ({:priority_record=>nil}, nil) It's although the new method is being called on UserSession before my controller code is getting called. Calling activate_authlogic makes no difference.

    Read the article

  • setting write permissions on theme subdirectory?

    - by Scott B
    I've a theme which supports multiple templates, each with a header background image whose color can be set by the site owner via a colorpicker widget in my theme's options panel. This has the effect of opening the background image, recoloring it and resaving it back to the server. I've had zero issues with this routine until recently when a customer installed the theme on a web host whose default read/write permissions are apparently much more restrictive than the norm. In this case, the user was unable to alter the colors of the template images because of the permissions settings. I'm looking for a bit of understanding on what the permissions would need to be (assuming I purposefully set them via script) to allow the logged in wordpress user to write to files under my theme's styles directory. The code I'm using to write to the image file is below... $img = imagecreatefromgif("../wp-content/themes/mytheme/styles/".get_option('my_theme')."/image.gif"); $color = imagecolorallocate($img, $info["red"], $info["green"], $info["blue"]); imagecolorset($img, 0, $info["red"], $info["green"], $info["blue"]); imagegif($img, $path);

    Read the article

  • Driver denied access to PCI card

    - by Corin
    We wrote a Windows device driver to access our custom PCI card. The driver uses CreateFile to get a handle to the card. We recently had trouble at one installation were the card appeared to stop working. We tried replacing the card (the replacement appeared not work either). The computer vendor replaced the motherboard and both cards still failed to work. We put the cards in a different computer and both worked fine. We now have the computer at our office for examination. The Windows Device Manager lists our card in Other Devices as usual and says it's working fine. However, our driver initialization fails when it attempts to connect to the card. We created a test version of our driver with some extra debugging and determined that CreateFile is failing. It returns INVALID_HANDLE_VALUE as it is supposed to on failure. GetLastError indicates the error is Access is Denied. Since we're logged into the system as a local administrator, what can deny access to the device?

    Read the article

  • iframe created dynamically with javascript not reloading parent URL

    - by Lauren
    I can't seem to reload the parent page from within an iframe even though the domain for my iframe and the parent page appear to be the same. The IFRAME was created dynamically, rather than in the HTML page source, so could that be the problem? The iframe I'm working with is here http://www.avaline.com/ R3000_3 once you log in. You may use user:[email protected] pass: test03 Once logged in, hit the "order sample" button, and then hit "here" where it says "Your Third Party Shipper Numbers (To enter one, click here.)". I tried using javascript statements window.top.location.reload(),window.parent.location.reload(),window.parent.location.href=window.parent.location.href but none of those worked in FF 3.6 so I didn't move on to the other browsers although I am shooting for a cross-browser solution. I put the one-line javascript statements inside setTimeout("statement",2000) so people could read the content of the iframe before the redirect happens, but that shouldn't affect the execution of the statements... I wish I could test and debug the statements with the Firebug console from within the Iframe.

    Read the article

  • Application runs fine when executed directly, fails as scheduled task (security issues)

    - by Carl
    I have an application that loads some files from a network share (the input folder), extracts certain data from them and saves new files (zips them with SharpZLib) on a different network share (output folder). This application runs fine when you open it directly, but when it is set to a scheduled task, it fails in numerous places. This application is scheduled on a Win 2003 server. Let me say right off the bat, the scheduled task is set to use the same login account that I am currently logged in with, so it's not because it's using the LocalSystem account. Something else is going on here. Originally, the application was assigning a drive letter to the input folder using WNetGetConnectionA(). I don't remember why this was done, someone else on our team did that and she's gone now. I think there was some issue with using the WinZip command line with a UNC path. I switched from the WinZip command line utility to using SharpZLib because there were other issues with using the WinZip command line. Anyway, the application failed when trying to assign a drive letter with the error "connection already established." That wasn't true and even after trying WNetCancelConnection(), it still didn't work. Then I decided to just map the drive manually on the server. Then when the app calls Directory.Exists(inputFolderPath) it returns false, even though it does exist. So, for whatever reason, I cannot read this directory from within the application. I can manually navigate to this folder in Windows Explorer and open files. The app log file shows that the user executing it on the schedule is the user I expect, not LocalSystem. Any ideas?

    Read the article

  • How to use observer_field in RoR?

    - by Sindri Guðmundsson
    Hi, I have a single select_tag with categories gathered from array in controller. When the user selects a category I want the application to redirect to the selected category. I have the following code in my view which. (I've tried both using :method = :get and :post, only change is in development.log) <%=select_tag "cat_selected", options_for_select(@cats_for_mt)%><br> <%=observe_field 'cat_selected', :url => {:action => :viewflokkur}, :with => 'cat', :method => :get %> When I select one of the options the following gets logged to development.log. Processing CategoriesController#viewflokkur (for 127.0.0.1 at 2010-06-12 12:33:26) [GET] Parameters: {"cat"=>"Taugasjúkraþjálfun", "authenticity_token"=> "B2u5ULNr7IJ/ta0+hiAMBjmjEtTtc/yMAQQvSxFn2d0="} Rendering template within layouts/main Rendering categories/viewflokkur Completed in 20ms (View: 18, DB: 0) | 200 OK [http://localhost/categories/viewflokkur?cat=Taugasj%C3%BAkra%C3%BEj%C3%A1lfun&authenticity_token=B2u5ULNr7IJ%2Fta0%2BhiAMBjmjEtTtc%2FyMAQQvSxFn2d0%3D] According to this I should now be in "viewflokkur", but nothing changes in the browser window. Is there anything else I need to do, maybe in the controller? BR, Sindri

    Read the article

  • problem with joomla, php and json

    - by sebastian
    hi, i have a problem with a joomla component. i'm, unsing php and json for some dynamic drop down boxes. here is the code:` jQuery( function () { //jQuery.ajaxSetup({error : function (a,b) {console.dir(a); console.dir(b);}}); jQuery("#util, #loc").change( function() { var locatie = jQuery("#loc").val(); var utilitate = jQuery("#util").val(); if ( (locatie!= '---') && (utilitate!='---') ) jQuery.getJSON( "index.php?option=com_calculator&opt=json_contor&format=raw", { locatie: locatie, utilitate: utilitate }, function (data) { var html = ""; if ( data.success == 'ok' ) for (var i in data.val) html += "<option name=den_contor value ='"+ i+"' >" + data.val[i]+ " </option>"; jQuery("#den_contor").html( html ) } ) }) }); the query works, but only on one PC. we have exactly the same xampp server, exactly the same files. on one pc it works, and on a online server and on my pc it doesn't. EDIT: i have three drop down boxes, the first is populated directly from the database, the second has 4 predefined values. and the third is populated depending on combination of the first two. i have a test site online. http://contor.redxart.com must be logged in to use Calculator in the menu. you can make an new account :) "Adaugare Index" is the part that isn't working any ideas? thanks, sebastian

    Read the article

  • Table index design

    - by Swoosh
    I would like to add index(s) to my table. I am looking for general ideas how to add more indexes to a table. Other than the PK clustered. I would like to know what to look for when I am doing this. So, my example: This table (let's call it TASK table) is going to be the biggest table of the whole application. Expecting millions records. IMPORTANT: massive bulk-insert is adding data in this table table has 27 columns: (so far, and counting :D ) int x 9 columns = id-s varchar x 10 columns bit x 2 columns datetime x 5 columns INT COLUMNS all of these are INT ID-s but from tables that are usually smaller than Task table (10-50 records max), example: Status table (with values like "open", "closed") or Priority table (with values like "important", "not so important", "normal") there is also a column like "parent-ID" (self - ID) join: all the "small" tables have PK, the usual way ... clustered STRING COLUMNS there is a (Company) column (string!) that is something like "5 characters long all the time" and every user will be restricted using this one. If in Task there are 15 different "Companies" the logged in user would only see one. So there's always a filter on this one. Might be a good idea to add an index to this column? DATE COLUMNS I think they don't index these ... right? Or can / should be?

    Read the article

  • Create Session Variable from different datasources?

    - by Szafranamn
    Currently I am developing a dynamic website using Dreamweaver cs5 with ColdFusion 9 and using Access to create my databases along with QuickBooks and QODBC to create database. I have established a login session variable stemming from the login page. This session variable is being drawn from one Datasource "Access" Table "Logininfo" Field "FullName" but I wanted to create another session variable either at this point or further into the member's page to use in a query sequence. This session variable would stem from another Datasoucre "QBs" Table "Invoice" Field "CustomerRefFullName" which is generated through Quickbooks and QODBC. I am not sure if this is possible but if it is how do I do it. I want to do this so I can query the Invoice database to upload the customer's Invoices unique to them onto their page. So it would have to be related to their login credentials. If there is another better route to take I would greatly appreciate the advice. Below is the login code if there is additional information needed let me know. This is my current thinking/plan to do what I wish to intend hence the need to create the session variable: I have another Datasource "QBs" with a Table "Invoice" when I create another webpage for the customer to see their invoice I need to create a recordset that accesses that Table. In order to do so I think the best way would some home convert the session.FullName (which came from Access Datasource, Logininfor Table) into a session.CustomerRefFullName (which would have to come from (Datasource: QBs Table: Invoice Field: CustomerRefFullName) that way I could set the query WHERE CustomerRefFullName and have each logged in user see their specific Invoices. So is there a way to turn the session variable off one datasource/table into a different sessionvariable off a new datasource/table even if it is unique just to that page??? <cfif IsDefined("FORM.username")> SELECT FullName, Username,Password,AccessLevels FROM Logininfo WHERE Username= AND Password=

    Read the article

  • Client-Side Dynamic Removal of <script> Tags in <head>

    - by merv
    Is it possible to remove script tags in the <head> of an HTML document client-side and prior to execution of those tags? On the server-side I am able to insert a <script> above all other <script> tags in the <head>, except one, and I would like to be able to remove all subsequent scripts. I do not have the ability to remove <script> tags from the server side. What I've tried: (function (c,h) { var i, s = h.getElementsByTagName('script'); c.log("Num scripts: " + s.length); i = s.length - 1; while(i > 1) { h.removeChild(s[i]); i -= 1; } })(console, document.head); However, the logged number of scripts comes out to only 1, since (as @ryan pointed out) the code is being executed prior to the DOM being ready. Although wrapping the code above in a document.ready event callback does enable proper calculation of the number of <script> tags in the <head>, waiting until the DOM is ready fails to prevent the scripts from loading. Is there a reliable means of manipulating the HTML prior to the DOM being ready? Background If you want more context, this is part of an attempt to consolidate scripts where no option for server-side aggregation is available. Many of the JS libraries being loaded are from a CMS with limited configuration options. The content is mostly static, so there is very little concern about manually aggregating the JavaScript and serving it from a different location. Any suggestions for alternative applicable aggregation techniques would also be welcome.

    Read the article

  • Should frontend and backend be handled by different controllers?

    - by DR
    In my previous learning projects I always used a single controller, but now I wonder if that is good practice or even always possible. In all RESTful Rails tutorials the controllers have a show, an edit and an index view. If an authorized user is logged on, the edit view becomes available and the index view shows additional data manipulation controls, like a delete button or a link to the edit view. Now I have a Rails application which falls exactly into this pattern, but the index view is not reusable: The normal user sees a flashy index page with lots of pictures, complex layout, no Javascript requirement, ... The Admin user index has a completly different minimalistic design, jQuery table and lots of additional data, ... Now I'm not sure how to handle this case. I can think of the following: Single controller, single view: The view is split into two large blocks/partials using an if statement. Single controller, two views: index and index_admin. Two different controllers: BookController and BookAdminController None of these solutions seems perfect, but for now I'm inclined to use the 3rd option. What's the preferred way to do this?

    Read the article

  • How to add a gwt widget to a gwt Composite already visible at runtime using MVP?

    - by mary4pfc
    Hi! I'm building an application whose menus depend on user roles. Once user is logged in and, therefore, her roles are known, I want to create the Hyperlinks related to the user and add them to the menu. I'm using MVP. Here's my code for the presenter: public class AdminMenuAreaPresenter extends WidgetPresenter<AdminMenuAreaPresenter.Display> { public interface Display extends WidgetDisplay{ public void addLink(String link); } private DispatchAsync dispatcher; private SessionManager sessionManager; @Inject public AdminMenuAreaPresenter(AdminMenuAreaPresenter.Display display, EventBus bus, DispatchAsync dispatcher, SessionManager sessionManager){ super(display, bus); this.dispatcher = dispatcher; this.sessionManager = sessionManager; this.bind(); } @Override protected void onBind() { super.onBind(); registerHandler(eventBus.addHandler(LoginEvent.TYPE, new LoginEventHandler() { @Override public void onLogin(LoginEvent event) { display.addLink("register user"); } })); } @Override protected void onUnbind() { // TODO Auto-generated method stub } @Override protected void onRevealDisplay() { // TODO Auto-generated method stub } } And here's the View: public class AdminMenuAreaView extends Composite implements AdminMenuAreaPresenter.Display{ private VerticalPanel vPanel; private Hyperlink registerUserLink; public AdminMenuAreaView(){ vPanel = new VerticalPanel(); initWidget(vPanel); } @Override public Widget asWidget() { return this; } public void addLink(String s){ registerUserLink = new Hyperlink(s, "this is new target"); this.vPanel.add(registerUserLink); registerUserLink.setVisible(true); } public HasClickHandlers getRegisterUserLink(){ return registerUserLink; } What am I doing wrong? Flow program goes throgh the addLink() method, but nothing is added to the view either dom document. Thank you.

    Read the article

  • Images in IFRAME no longer showing after I log out of Flickr?

    - by contact-kram
    I have a iframe window which displays user's flickr images. I use the flickr.photos.search api to download the user's image from flickr. This works great when the user is logged into flickr. But when I explicitly log off the user from flickr and the yahoo network and then attempt to download the flickr images, I get redirected to www.yahoo.com in a full browser window (not in my iframe). If I remember correctly, I did not have this issue when I was not using iframes and I was being redirected to the yahoo login screen. Any suggestions? To elaborate, this URI - http://www.flickr.com/services/api/auth.howto.web.html, lists the below step - Create an auth handler When users follow your login url, they are directed to a page on flickr.com which asks them if they want to authorize your application. This page displays your application title and description along with the logo, if you uploaded one. When the user accepts the request, they are sent back to the Callback URL you defined in step 2. The URL will have a frob parameter added to it. For example, if your Callback URL was http://test.com/auth.php then the user might be redirected to http://test.com/auth.php?frob=185-837403740 (The frob value in this example is '185-837403740'). This does not happen when I am in my iframe window but it does happen in my full browser window.

    Read the article

  • protect form hijacking hack

    - by Karem
    Yes hello today I discovered a hack for my site. When you write a msg on a users wall (in my communitysite) it runs a ajax call, to insert the msg to the db and will then on success slide down and show it. Works fine with no problem. So I was rethinking alittle, I am using POST methods for this and if it was GET method you could easily do ?msg=haxmsg&usr=12345679. But what could you do to come around the POST method? I made a new html document, made a form and on action i set "site.com/insertwall.php" (the file that normally are being used in ajax), i made some input fields with names exactly like i am doing with the ajaxcall (msg, uID (userid), BuID (by userid) ) and made a submit button. I know I have a page_protect() function on which requires you to login and if you arent you will be header to index.php. So i logged in (started session on my site.com) and then I pressed on this submit button. And then wops I saw on my site that it has made a new message. I was like wow, was it so easy to hijack POST method i thought maybe it was little more secure or something. I would like to know what could I do to prevent this hijacking? As i wouldnt even want to know what real hackers could do with this "hole". The page_protect secures that the sessions are from the same http user agent and so, and this works fine (tried to run the form without logging in, and it just headers me to startpage) but yea wouldnt take long time to figure out to log in first and then run it. Any advices are appreciated alot. I would like to keep my ajax calls most secure as possible and all of them are running on the POST method. What could I do to the insertwall.php, to check that it comes from the server or something.. Thank you

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 132 133 134 135 136 137 138 139 140 141 142 143  | Next Page >