Search Results

Search found 9066 results on 363 pages for 'product'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 137/363 | < Previous Page | 133 134 135 136 137 138 139 140 141 142 143 144  | Next Page >

  • ASP.NET Membership Password Hash -- .NET 3.5 to .NET 4 Upgrade Surprise!

    - by David Hoerster
    I'm in the process of evaluating how my team will upgrade our product from .NET 3.5 SP1 to .NET 4. I expected the upgrade to be pretty smooth with very few, if any, upgrade issues. To my delight, the upgrade wizard said that everything upgraded without a problem. I thought I was home free, until I decided to build and run the application. A big problem was staring me in the face -- I couldn't log on. Our product is using a custom ASP.NET Membership Provider, but essentially it's a modified SqlMembershipProvider with some additional properties. And my login was failing during the OnAuthenticate event handler of my ASP.NET Login control, right where it was calling my provider's ValidateUser method. After a little digging, it turns out that the password hash that the membership provider was using to compare against the stored password hash in the membership database tables was different. I compared the password hash from the .NET 4 code line, and it was a different generated hash than my .NET 3.5 code line. (Tip -- when upgrading, always keep a valid debug copy of your app handy in case you have to step through a lot of code.) So it was a strange situation, but at least I knew what the problem was. Now the question was, "Why was it happening?" Turns out that a breaking change in .NET 4 is that the default hash algorithm changed to SHA256. Hey, that's great -- stronger hashing algorithm. But what do I do with all the hashed passwords in my database that were created using SHA1? Well, you can make two quick changes to your app's web.config and everything will be OK. Basically, you need to override the default HashAlgorithmTypeproperty of your membership provider. Here are the two places to do that: 1. At the beginning of your element, add the following element: <system.web> <machineKey validation="SHA1" /> ... </system.web> 2. On your element under , add the following hashAlgorithmType attribute: <system.web> <membership defaultProvider="myMembership" hashAlgorithmType="SHA1"> ... </system.web> After that, you should be good to go! Hope this helps.

    Read the article

  • Sun Blade 6000 Interactive 3D Demo

    - by ferhat
    Three dimensional  fly-by demos of Sun systems are available from your everyday Java-enabled browsers. Oracle's flexible, eco-efficient Sun Blade 6000 chassis integrates Oracle's x86 and SPARC server blade modules with high-capacity networking and storage blades to support a wide range of application environments.  Click on the static picture below to enter the interactive 3D demo mode: Visit Oracle Technology Network pages and product pages for more information on Oracle's Sun Blades Servers.   

    Read the article

  • Google I/O 2010 - Sell your app on the Google Apps Marketplace

    Google I/O 2010 - Sell your app on the Google Apps Marketplace Google I/O 2010 - Reach new customers fast: Learn how to sell your cloud app on the Google Apps Marketplace Enterprise 201 Scott McMullan, Jay Simmons (Atlassian), Chuck Dietrich (Sliderocket), Amit Kulkarni (Manymoon) In this introductory session we'll provide an overview of the Google Apps Marketplace and learn product and marketing best practices directly from 3 Marketplace ISVs. For all I/O 2010 sessions, please go to code.google.com From: GoogleDevelopers Views: 12 0 ratings Time: 56:42 More in Science & Technology

    Read the article

  • New OBI 11G Online Sales & Pre-Sales Partner Assessment Tests

    - by Cinzia Mascanzoni
    OBI partners can now update their specialization certification to the latest product version 11g for OBI: until recently, the accreditation had examined skills for OBI 10g. New OPN on-line Sales & Pre-sales Assessment Tests Available Oracle Business Intelligence Foundation Suite 11g Sales Specialist Oracle Business Intelligence Foundation Suite 11g PreSales Specialist Oracle Business Intelligence Foundation Suite 11g Support Specialist Read more on Specialization

    Read the article

  • Oracle's ZFS Storage Appliance Simulator

    - by Steen Schmidt
    To those of you who has not played with the Oracle's ZFS Storage Appliance, but would like to. You should go an take a look at the Oracle's ZFS Storage Appliance Simulator. You can download this Oracle's ZFS Storage Appliance Simulator here, It will give you a pretty good idear what this unik product is capable of provide for you business.  You can also go and see a demo on how to set the appliance up in Oracle VirtualBox Demo Here. You find Oracle Virtualbox here

    Read the article

  • StreamInsight 1.0 Released

    - by Roman Schindlauer
    One piece in the set of products offered in SQL Server 2008 R2 that has generated a lot of buzz and interest during its CTP phase is StreamInsight, Microsoft’s platform for Complex Event Processing. Microsoft’s information platform vision provides enterprises with a “complete approach” to managing information assets, enabling all businesses to gain strategic value from information from the desktop to the datacenter to the cloud. And StreamInsight V1 is one essential piece in this spectrum. After more than a year of blood, sweat, tears, and insane amounts of coffee we are proud to release the first version of our Complex Event Processing Framework.   Those of you who have been following our Community Technology Previews (CTPs) throughout last year have already had the possibility to familiarize themselves with the product. Early feedback was not only incredibly positive, but also very constructive and strongly influenced the final feature set. Four notable increments over our last public CTP are: Count windows Non-occurrence detection (Anti-Join) Dynamic query composition at runtime Synchronize time across input streams Additionally, many smaller issues and bugs were addressed. A few APIs slightly changed with respect to the November CTP, but porting your application to RTM should not require a lot of effort.   Here are the (english) bits - choosing the evaluation license during setup lets you already play with this version. Before you install, make sure to uninstall any previous CTP version:   StreamInsight X86StreamInsight X64   Within a few days, we will update our product page and add download links and instructions there as well.   The StreamInsight documentation is provided through a help file as part of the installation as well as through Books Online on MSDN. We also invite you to visit the StreamInsight Blog and the StreamInsight Forum, which is a great place to discuss questions and issues with the community and the development team.   Regards,Roman Share this post: email it! | bookmark it! | digg it! | reddit! | kick it! | live it!

    Read the article

  • Agile and different facet of software development

    - by arjun
    It is said that the Kanban methodology is suited for software maintenance and support areas, whereas Scrum is more suited for new product development. No process or methods are complete. Using the right one will help you succeed, but they will not guarantee success. Which agile approach is best suited for a project which is basically a re-platforming from one technology to another (say from Java to .NET).

    Read the article

  • How do I get wireless working on a Dell Inspiron 510m?

    - by user17449
    Why WiFi don't work in my Dell Inspiron 510m with Ubuntu 10.04? Is that usefull? inspiron@Inspiron:~$ rfkill list all inspiron@Inspiron:~$ sudo lshw -C network [sudo] password for inspiron: *-network:0 DISABLED description: Wireless interface product: PRO/Wireless LAN 2100 3B Mini PCI Adapter vendor: Intel Corporation physical id: 3 bus info: pci@0000:01:03.0 logical name: eth1 version: 04 serial: 00:0c:f1:5b:5d:40 width: 32 bits clock: 33MHz capabilities: pm bus_master cap_list ethernet physical wireless configuration: broadcast=yes driver=ipw2100 driverversion=git-1.2.2 firmware=712.0.3:3:00000001 latency=32 link=no maxlatency=34 mingnt=2 multicast=yes wireless=unassociated resources: irq:5 memory:fcffe000-fcffefff *-network:1 description: Ethernet interface product: 82801DB PRO/100 VE (MOB) Ethernet Controller vendor: Intel Corporation physical id: 8 bus info: pci@0000:01:08.0 logical name: eth0 version: 81 serial: 00:11:43:41:d8:b8 size: 10MB/s capacity: 100MB/s width: 32 bits clock: 33MHz capabilities: pm bus_master cap_list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd autonegotiation configuration: autonegotiation=on broadcast=yes driver=e100 driverversion=3.5.24-k2-NAPI duplex=half firmware=N/A ip=192.168.0.2 latency=32 link=no maxlatency=56 mingnt=8 multicast=yes port=MII speed=10MB/s resources: irq:11 memory:fcffd000-fcffdfff ioport:ecc0(size=64) inspiron@Inspiron:~$ iwconfig wlan0 wlan0 No such device inspiron@Inspiron:~$ ifconfig -a eth0 Link encap:Ethernet Endereço de HW 00:11:43:41:d8:b8 inet end.: 192.168.0.2 Bcast:192.168.0.255 Masc:255.255.255.0 UP BROADCAST MULTICAST MTU:1500 Métrica:1 pacotes RX:0 erros:0 descartados:0 excesso:0 quadro:0 Pacotes TX:0 erros:0 descartados:0 excesso:0 portadora:0 colisões:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) eth1 Link encap:Ethernet Endereço de HW 00:0c:f1:5b:5d:40 BROADCAST MULTICAST MTU:1500 Métrica:1 pacotes RX:0 erros:0 descartados:0 excesso:0 quadro:0 Pacotes TX:0 erros:0 descartados:0 excesso:0 portadora:0 colisões:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) IRQ:5 Endereço de E/S:0xe000 Memória:fcffe000-fcffefff lo Link encap:Loopback Local inet end.: 127.0.0.1 Masc:255.0.0.0 endereço inet6: ::1/128 Escopo:Máquina UP LOOPBACK RUNNING MTU:16436 Métrica:1 pacotes RX:628 erros:0 descartados:0 excesso:0 quadro:0 Pacotes TX:628 erros:0 descartados:0 excesso:0 portadora:0 colisões:0 txqueuelen:0 RX bytes:50104 (50.1 KB) TX bytes:50104 (50.1 KB) inspiron@Inspiron:~$ nm-tool NetworkManager Tool State: connected - Device: eth1 ----------------------------------------------------------------- Type: 802.11 WiFi Driver: ipw2100 State: unavailable Default: no HW Address: 00:0C:F1:5B:5D:40 Capabilities: Wireless Properties WEP Encryption: yes WPA Encryption: yes WPA2 Encryption: yes Wireless Access Points - Device: eth0 ----------------------------------------------------------------- Type: Wired Driver: e100 State: unmanaged Default: no HW Address: 00:11:43:41:D8:B8 Capabilities: Carrier Detect: yes Speed: 10 Mb/s Wired Properties Carrier: off inspiron@Inspiron:~$

    Read the article

  • After 10 Years, MySQL Still the Right Choice for ScienceLogic's "Best Network Monitoring System on the Planet"

    - by Rebecca Hansen
    ScienceLogic has a pretty fantastic network monitoring appliance.  So good in fact that InfoWorld gave it their "2013 Best Network Monitoring System on the Planet" award.  Inside their "ultraflexible, ultrascalable, carrier-grade" enterprise appliance, ScienceLogic relies on MySQL and has since their start in 2003.  Check out some of the things they've been able to do with MySQL and their reasons for continuing to use MySQL in these highlights from our new MySQL ScienceLogic case study. Science Logic's larger customers use their appliance to monitor and manage  20,000+ devices, each of which generates a steady stream of data and a workload that is 85% write. On a large system, the MySQL database: Averages 8,000 queries every second or about 1 billion queries a day Can reach 175,000 tables and up to 20 million rows in a single table Is 2 terabytes on average and up to 6 terabytes "We told our customers they could add more and more devices. With MySQL, we haven't had any problems. When our customers have problems, we get calls. Not getting calls is a huge benefit." Matt Luebke, ScienceLogic Chief Software Architect.? ScienceLogic was approached by a number of Big Data / NoSQL vendors, but decided against using a NoSQL-only solution. Said Matt, "There are times when you really need SQL. NoSQL can't show me the top 10 users of CPU, or show me the bottom ten consumer of hard disk. That's why we weren't interested in changing and why we are very interested in MySQL 5.6. It's great that it can do relational and key-value using memcached." The ScienceLogic team is very cautious about putting only very stable technology into their product, and according to Matt, MySQL has been very stable: "We've been using MySQL for 10 years and we have never had any reliability problems. Ever." ScienceLogic now uses SSDs for their write-intensive appliance and that change alone has helped them achieve a 5x performance increase. Learn more>> ScienceLogic MySQL Case Study MySQL 5.6 InnoDB Compression options for better SSD performance Tuning MySQL 5.6 for Great Product Performance - on demand webinar Developer and DBA Guide to MySQL 5.6 white paper Guide to MySQL and NoSQL: The Best of Both Worlds white paper

    Read the article

  • Search Engine Placement Optimization and Link Popularity

    The increased visibility of your website due to high link popularity and search engine placement optimization can mean so much, especially if you are promoting a product or service through your website. If you are new to the business of link building, you might be wondering how to get started with it and how search engine placement optimization can help you. Knowledge of link popularity basics is essential even if you are planning on hiring someone to do link building tasks for you.

    Read the article

  • CVE-2006-4514 Buffer overflow vulnerability in Gnome Structured File library (libgsf)

    - by RitwikGhoshal
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2006-4514 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 7.5 Gnome Structured File library (libgsf) Solaris 10 SPARC: 149108-01 X86: 149109-01 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • Wifi disabled for Intel Centrino Wireless-N 1000 Intel in 12.04

    - by new_bie
    Laptop model - HP- dm4 - 2070. I had faced the same problem for wireless being disabled in case of 11.10. It had to do with the new kernel. I thought with 12.04 this problem will be handled but the problem persists. Is there no way to get the wireless working except for the way mentioned in the following link ?? Wifi for Centrino Wireless-N 1000 Intel Corporation (HP pavillion dm4 - 2070us) is not working Output for sudo lshw -class network *-network UNCLAIMED description: Network controller product: Centrino Wireless-N 1000 vendor: Intel Corporation physical id: 0 bus info: pci@0000:01:00.0 version: 00 width: 64 bits clock: 33MHz capabilities: pm msi pciexpress cap_list configuration: latency=0 resources: memory:c2500000-c2501fff *-network description: Ethernet interface product: AR8151 v2.0 Gigabit Ethernet vendor: Atheros Communications Inc. physical id: 0 bus info: pci@0000:08:00.0 logical name: eth0 version: c0 serial: 2c:41:38:07:f3:e3 size: 100Mbit/s capacity: 1Gbit/s width: 64 bits clock: 33MHz capabilities: pm msi pciexpress vpd bus_master cap_list ethernet physical tp 10bt 10bt-fd 100bt 100bt-fd 1000bt-fd autonegotiation configuration: autonegotiation=on broadcast=yes driver=atl1c driverversion=1.0.1.0-NAPI duplex=full firmware=N/A ip=192.168.1.116 latency=0 link=yes multicast=yes port=twisted pair speed=100Mbit/s resources: irq:43 memory:c1400000-c143ffff ioport:2000(size=128) Output for dmesg | grep iwl [ 14.742886] iwlwifi 0000:01:00.0: PCI INT A -> GSI 16 (level, low) -> IRQ 16 [ 14.742897] iwlwifi 0000:01:00.0: setting latency timer to 64 [ 14.743013] iwlwifi 0000:01:00.0: pci_resource_len = 0x00002000 [ 14.743016] iwlwifi 0000:01:00.0: pci_resource_base = ffffc90000c78000 [ 14.743018] iwlwifi 0000:01:00.0: HW Revision ID = 0x0 [ 14.743119] iwlwifi 0000:01:00.0: irq 42 for MSI/MSI-X [ 14.743161] iwlwifi 0000:01:00.0: Detected Intel(R) Centrino(R) Wireless-N 1000 BGN, REV=0x6C [ 14.743229] iwlwifi 0000:01:00.0: L1 Enabled; Disabling L0S [ 14.765147] iwlwifi 0000:01:00.0: device EEPROM VER=0x15d, CALIB=0x6 [ 14.765151] iwlwifi 0000:01:00.0: Device SKU: 0X50 [ 14.765154] iwlwifi 0000:01:00.0: Valid Tx ant: 0X1, Valid Rx ant: 0X3 [ 14.765907] iwlwifi 0000:01:00.0: Tunable channels: 13 802.11bg, 0 802.11a channels [ 14.912840] iwlwifi 0000:01:00.0: request for firmware file 'iwlwifi-1000-5.ucode' failed. [ 14.914254] iwlwifi 0000:01:00.0: request for firmware file 'iwlwifi-1000-4.ucode' failed. [ 14.915718] iwlwifi 0000:01:00.0: request for firmware file 'iwlwifi-1000-3.ucode' failed. [ 14.916986] iwlwifi 0000:01:00.0: request for firmware file 'iwlwifi-1000-2.ucode' failed. [ 14.919391] iwlwifi 0000:01:00.0: request for firmware file 'iwlwifi-1000-1.ucode' failed. [ 14.919445] iwlwifi 0000:01:00.0: no suitable firmware found! [ 14.919783] iwlwifi 0000:01:00.0: PCI INT A disabled [ 2868.960807] Modules linked in: snd_hda_codec_hdmi snd_hda_codec_idt rfcomm bnep bluetooth parport_pc ppdev binfmt_misc hid_logitech_dj usbhid hid joydev snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq hp_wmi sparse_keymap hp_accel lis3lv02d input_polldev snd_timer snd_seq_device wmi iwlwifi snd mac80211 i915 cfg80211 rts_pstor(C) drm_kms_helper drm uvcvideo videodev psmouse soundcore mei(C) v4l2_compat_ioctl32 mac_hid serio_raw snd_page_alloc i2c_algo_bit video lp parport atl1c

    Read the article

  • Book Review: Microsoft SQL Server 2008 Analysis Services Unleashed

    - by Greg Low
    Yet another book that I started re-reading last week (but haven't finished again yet as it's so large) is Microsoft SQL Server 2008 Analysis Services Unleashed by Irina Gorbach, Alexander Berger and Edward Melomed. This book has always left me with mixed feelings. The authors clearly offer expert level knowledge on the topics (as they were part of the development team for the product) but I struggle with the "readability" of this book. As an example, each time a concept is introduced, it is done...(read more)

    Read the article

  • Oracle Fusion Applications Data Sheets Are Now Available

    - by David Hope-Ross
    For customers chomping at the bit for more information on Oracle Fusion applications, there is good news. We’ve just published  a complete library of data sheets for Oracle Fusion Applications. Included are SCM applications like Fusion Distributed Order Orchestration, Fusion Inventory Management, and Fusion Product Hub. And customers interested in sourcing and procurement should review documents that address Oracle Fusion Sourcing ,Oracle Fusion Procurement Contracts, Oracle Fusion Purchasing, Oracle Fusion Self Service Procurement, and Oracle Fusion Supplier Portal.

    Read the article

  • DOAG 2012 and Educause 2012

    - by Chris Kawalek
    Oracle understands the value of desktop virtualization and how customers have really embraced it as a top tier method to deliver access to applications and data. Just as supporting operating systems other than Windows in the enterprise desktop space started to become necessary perhaps 5-7 years ago, supporting desktop virtualization with VDI, application virtualization, thin clients, and tablet access is becoming necessary today in 2012. Any application strategy needs to have a secure mobile component, and a solution that gives you a holistic strategy across both mobile and fixed-asset (i.e., desktop PCs) devices is crucial to success. This means it's probably useful to learn about desktop virtualization, even if it's not in your typical area of responsibility. A good way to do that is at one of the many trade shows where we exhibit. Here are two examples:  DOAG 2012 Conference + Exhibition The DOAG Conference is fast approaching, starting November 20th in Nuremberg, Germany. If you've been reading this blog for a while, you might remember that we attended last year as well. This conference is fantastic for us because we get to speak directly to users of Oracle products. In many cases, those DBAs, IT managers, and other infrastructure folks are looking for ways to deal with the burgeoning BYOD model, as well as ways of streamlining their standard desktop and access technologies. We have a couple of sessions where you can learn a great deal about how Oracle can help with these points. Session Schedule (look under "Infrastruktur & Hardware") The two sessions focused on desktop virtualization are: Oracle VDI Best Practice unter Linux (Oracle VDI Best Practice Under Linux) Virtual Desktop Infrastructure Implementierungen und Praxiserfahrungen (Virtual Desktop Infrastructures Implementations and Best Practices) We will also have experts on hand at the booth to answer your questions on using desktop virtualization. If you're at the show, please stop by and say hello to our team there! Educause 2012  Another good example is Educause. We've gone the last few years to show off a slough of education oriented applications and capabilities in the Oracle product portfolio. And every year, we display those applications through Oracle desktop virtualization. This means the demonstration can easily be setup ahead of time and replicated out to however many "demo pods" that we have available. There's no need for our product teams to setup individual laptops for demos -- we can display a standardized Windows desktop virtual machine with their apps all ready to go on a whole bunch of devices like your standard trade show laptop, our Sun Ray Clients, and iPad. Educause 2012 just wrapped, so we're sorry we missed you this year. But there is always next year! Until then, here are a few pictures from this year's show: You can also watch this video to see how Catholic Education Australia uses Oracle Secure Global Desktop to help cope with the ever changing ways that people access their applications.  -Chris 

    Read the article

  • Oracle Spatial renamed Oracle Spatial and Graph

    - by Cinzia Mascanzoni
    As of the July 19th, 2012 Global Price List, we have renamed "Oracle Spatial" to "Oracle Spatial and Graph". We have made this change to highlight the existing network and semantic graph capabilities in Oracle Spatial and in recognition of the increasing market demand for graph database capabilities. Oracle Spatial and Graph has the same pricing and features as the current Oracle Spatial. This is a product name change only.

    Read the article

  • CVE-2011-4862 Buffer Overflow vulnerability in Telnet

    - by chandan
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4862 Buffer Overflow vulnerability 7.5 Telnet Solaris 10 SPARC: 148657-01 X86: 148658-01 Solaris 11 11/11 SRU 04 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • How do you manage frequent software releases to multiple clients?

    - by meeech
    hi we have a cross-platform middleware product which we typically end up customizing/bug fixing on a per client basis. In some cases, providing updates as often as once/twice per week. We have a lot of trouble efficiently managing and releasing the updates to our clients. I've done some digging, but I can't find anything to specifically address this problem. Can anyone share their experiences - how do you deal with this scenario, or do you know of a good software delivery cms? thanks

    Read the article

  • Learn more about SPARC by listening to our newly recorded podcasts

    - by Cinzia Mascanzoni
    Please listen to our newly recorded series of four podcasts focused on SPARC. The topics are: How SPARC T4 Servers Open New Opportunities SPARC Roadmap and SPARC T4 Architecture Highlights SPARC T4 For Installed Base Refresh and Consolidation SPARC T4 – How Does it Stack up Against the Competition? Rob Ludeman, from SPARC Product Management, and Thomas Ressler, WWA&C Alliances Consultant, are your hosts. The intent is to continue to help you understand how to position and sell SPARC/T4 into your customer architecture.Details on how to access these podcasts can be found here.

    Read the article

  • Are SQL Injection vulnerabilities in a PHP application acceptable if mod_security is enabled?

    - by Austin Smith
    I've been asked to audit a PHP application. No framework, no router, no model. Pure PHP. Few shared functions. HTML, CSS, and JS all mixed together. I've discovered numerous places where SQL injection would be easily possible. There are other problems with the application (XSS vulnerabilities, rampant inline CSS, code copy-pasted everywhere) but this is the biggest. Sometimes they escape inputs, not using a prepared query or even mysql_real_escape_string(), mind you, but using addslashes(). Often, though, their queries look exactly like this (pasted from their code but with columns and variable names changed): $user = mysql_query("select * from profile where profile_id='".$_REQUEST["profile_id"]."'"); The developers in question claimed that they were unable to hack their application. I tried, and found mod_security to be enabled, resulting in HTTP 406 for some obvious SQL injection attacks. I believe there to be sophisticated workarounds for mod_security, but I don't have time to chase them down. They claim that this is a "conceptual" matter and not a "practical" one since the application can't easily be hacked. Their internal auditor agreed that there were problems, but emphasized the conceptual nature of the issues. They also use this conceptual/practical argument to defend against inline CSS and JS, absence of code organization, XSS vulnerabilities, and massive amounts of repetition. My client (rightly so, perhaps) just wants this to go away so they can launch their product. The site works. You can log in, do what you need to do, and things are visibly functional, if slow. SQL Injection would indeed be hard to do, given mod_security. Further, their talk of "conceptual vs. practical" is rhetorically brilliant, considering that my client doesn't understand web application security. I worry that they've succeeded in making me sound like an angry puritan. In many ways, this is a problem of politics, not technology, but I am at a loss. As a developer, I want to tell them to toss the whole project and start over with a new team, but I face a strong defense from the team that built it and a client who really needs to ship their product. Is my position here too harsh? Even if they fix the SQL Injection and XSS problems can I ever endorse the release of an unmaintainable tangle of spaghetti code?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 133 134 135 136 137 138 139 140 141 142 143 144  | Next Page >