Search Results

Search found 4415 results on 177 pages for 'discussion forums'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 142/177 | < Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >

  • PHP $_SERVER['HTTP_HOST'] vs. $_SERVER['SERVER_NAME'], am I understanding the man pages correctly?

    - by Jeff
    I did a lot of searching and also read the PHP $_SERVER man page. Do I have this right regarding which to use for my PHP scripts for simple link definitions used throughout my site? $_SERVER['SERVER_NAME'] is based on your web servers' config file (Apache2 in my case), and varies depending on a few directives: (1) VirtualHost, (2) ServerName, (3) UseCanonicalName, etc. $_SERVER['HTTP_HOST'] is based on the request from the client. Therefore, it would seem to me that the proper one to use in order to make my scripts as compatible as possible would be $_SERVER['HTTP_HOST']. Is this assumption correct? Followup comments: I guess I got a little paranoid after reading this article and noting that someone said "they wouldn't trust any of the $_SERVER vars": http://markjaquith.wordpress.com/2009/09/21/php-server-vars-not-safe-in-forms-or-links/ and also: http://www.php.net/manual/en/reserved.variables.server.php (comment: Vladimir Kornea 14-Mar-2009 01:06) Apparently the discussion is mainly about $_SERVER['PHP_SELF'] and why you shouldn't use it in the form action attribute without proper escaping to prevent XSS attacks. My conclusion about my original question above is that it is "safe" to use $_SERVER['HTTP_HOST'] for all links on a site without having to worry about XSS attacks, even when used in forms. Please correct me if I'm wrong.

    Read the article

  • WPD on XP, Vista, and 7 (need to transfer photo and video files)

    - by Bradley Dean
    I need to transfer files (still photos and videos) from any portable device that a user may connect (still camera, video camera, mobile phone, etc.) I don't need to worry about plain storage devices as these have drive letters. And I only care about existing files, I don't care about live video, preview video, taking new pictures, etc. I originally tried WIA, which works great except it can not transfer video files. So then I tried WPD, following along with dimeby8's tutorial: http://blogs.msdn.com/b/dimeby8/archive/2006/09/27/774259.aspx I haven't gotten the transfer working yet (I'm converting it over to C#), but I can at least see the device and enumerate the files in Win7. In XP I get nothing. It's pointed out in this thread that WPD won't enumerate devices on XP (see Lisa O [MSFT]'s post): http://social.msdn.microsoft.com/Forums/en/windowssdk/thread/56459945-b757-45df-8c9f-4ebdbbb18a2c So WIA is out because it won't do video. And WPD is out because it won't do XP. Has anyone gotten this to work? Am I missing something simple here? Thanks.

    Read the article

  • Rendering LaTeX on third-party websites?

    - by A. Rex
    There are some sites on the web that render LaTeX into some more readable form, such as Wikipedia, some Wordpress blogs, and MathOverflow. They may use images, MathML, jsMath, or something like that. There are other sites on the web where LaTeX appears inline and is not rendered, such as the arXiv, various math forums, or my email. In fact, it is quite common to see an arXiv paper's abstract with raw LaTeX in it, e.g. this paper. Is there a plugin available for Firefox, or would it be possible to write one, that renders LaTeX within pages that do not provide a rendering mechanism themselves? (The LaTeX would be enclosed within dollar signs, e.g. $\pi$. See the arXiv link above.) Some notes: It may be impossible to render some of the code, because authors often copy-paste code directly from their source TeX files, which may contain things like "\cite{foo}" or undefined commands. These should be left alone. This question is a repost of a question from MathOverflow that was closed for not being related to math. There is one answer there, which is helpful, but perhaps Stack Overflow can provide better answers. I program a lot, but Javascript is not my specialty, so comments along the lines of "look at this library" are not particularly helpful to me (but may be to others).

    Read the article

  • Is a confirmation screen necessary for an order form?

    - by abeger
    In a discussion about how to streamline an order form on our site, the idea of eliminating the confirmation screen. So, instead of filling out the form, clicking "Submit", seeing a summary on a confirmation screen and clicking "Confirm", the user would simply fill out the form, hit "Submit", and the order's done. The theory is that fewer clicks and fewer screens means less time to order and therefore the ordering experience is easier. The opposing opinion says that without the confirmation screen, user error increases and people just end up canceling/changing orders after the fact. I'm looking for more input from the SO community. Have you ever done this? How has it worked out, compared to a traditional confirmation screen setup? Are there examples of a true "one click and done" setup on the web (does Amazon's 1-click have a confirmation screen? I've never been courageous enough to try it)? EDIT: Just to clarify, when I say "confirmation screen", I mean a second step where the customer reviews the order before placing it. Even if we did do away with it, the user would still receive a message saying "your order has been placed".

    Read the article

  • What's your most controversial programming opinion?

    - by Jon Skeet
    This is definitely subjective, but I'd like to try to avoid it becoming argumentative. I think it could be an interesting question if people treat it appropriately. The idea for this question came from the comment thread from my answer to the "What are five things you hate about your favorite language?" question. I contended that classes in C# should be sealed by default - I won't put my reasoning in the question, but I might write a fuller explanation as an answer to this question. I was surprised at the heat of the discussion in the comments (25 comments currently). So, what contentious opinions do you hold? I'd rather avoid the kind of thing which ends up being pretty religious with relatively little basis (e.g. brace placing) but examples might include things like "unit testing isn't actually terribly helpful" or "public fields are okay really". The important thing (to me, anyway) is that you've got reasons behind your opinions. Please present your opinion and reasoning - I would encourage people to vote for opinions which are well-argued and interesting, whether or not you happen to agree with them.

    Read the article

  • How do I import and call unmanaged C dll with ansi string "char *" pointer string from VB.net?

    - by Warren P
    I have written my own function, which in C would be declared like this, using standard Win32 calling conventions: int Thing( char * command, char * buffer, int * BufSize); I have the following amount of VB figured out, which should import the dll and call this function, wrapping it up to make it easy to call Thing("CommandHere",GetDataBackHere): Imports Microsoft.VisualBasic Imports System.Runtime.InteropServices Imports System Imports System.Text Namespace dllInvocationSpace Public Class dllInvoker ' tried attributes but could not make it build: ' <DllImport("Thing1.dll", False, CallingConvention.Cdecl, CharSet.Ansi, "Baton", True, True, False, True)> Declare Ansi Function Thing Lib "Thing1.dll" (ByVal Command As String, ByRef Buffer As String, ByRef BufferLength As Integer) Shared Function dllCall(ByVal Command As String, ByRef Results As String) As Integer Dim Buffer As StringBuilder = New StringBuilder(65536) Dim retCode As Integer Dim bufsz As Integer bufsz = 65536 retCode = Thing(Command, Buffer, bufsz) Results = Buffer Return retCode End Function End Class End Namespace The current code doesn't build, because although I think I should be able to create a "buffer" that the C Dll can write data back into using a string builder, I haven't got it quite right. (Value of type System.Text.STringBuilder cannot be converted to 'String'). I have looked all over the newsgroups and forums and can not find an example where the C dll needs to pass between 1 and 64kbytes of data back (char *buffer, int bufferlen) to visual basic.net.

    Read the article

  • Use of var keyword in C#

    - by kronoz
    After discussion with colleagues regarding the use of the 'var' keyword in C# 3 I wondered what people's opinions were on the appropriate uses of type inference via var? For example I rather lazily used var in questionable circumstances, e.g.:- foreach(var item in someList) { // ... } // Type of 'item' not clear. var something = someObject.SomeProperty; // Type of 'something' not clear. var something = someMethod(); // Type of 'something' not clear. More legitimate uses of var are as follows:- var l = new List<string>(); // Obvious what l will be. var s = new SomeClass(); // Obvious what s will be. Interestingly LINQ seems to be a bit of a grey area, e.g.:- var results = from r in dataContext.SomeTable select r; // Not *entirely clear* what results will be here. It's clear what results will be in that it will be a type which implements IEnumerable, however it isn't entirely obvious in the same way a var declaring a new object is. It's even worse when it comes to LINQ to objects, e.g.:- var results = from item in someList where item != 3 select item; This is no better than the equivilent foreach(var item in someList) { // ... } equivilent. There is a real concern about type safety here - for example if we were to place the results of that query into an overloaded method that accepted IEnumerable<int> and IEnumerable<double> the caller might inadvertently pass in the wrong type. Edit - var does maintain strong typing but the question is really whether it's dangerous for the type to not be immediately apparent on definition, something which is magnified when overloads mean compiler errors might not be issued when you unintentionally pass the wrong type to a method. Related Question: http://stackoverflow.com/questions/633474/c-do-you-use-var

    Read the article

  • Java: Is clone() really ever used? What about defensive copying in getters/setters?

    - by GreenieMeanie
    Do people practically ever use defensive getters/setters? To me, 99% of the time you intend for the object you set in another object to be a copy of the same object reference, and you intend for changes you make to it to also be made in the object it was set in. If you setDate(Date dt) and modify dt later, who cares? Unless I want some basic immutable data bean that just has primitives and maybe something simple like a Date, I never use it. As far as clone, there are issues as to how deep or shallow the copy is, so it seems kind of "dangerous" to know what is going to come out when you clone an Object. I think I have only used clone() once or twice, and that was to copy the current state of the object because another thread (ie another HTTP request accessing the same object in Session) could be modifying it. Edit - A comment I made below is more the question: But then again, you DID change the Date, so it's kind of your own fault, hence whole discussion of term "defensive". If it is all application code under your own control among a small to medium group of developers, will just documenting your classes suffice as an alternative to making object copies? Or is this not necessary, since you should always assume something ISN'T copied when calling a setter/getter?

    Read the article

  • Email as a view.

    - by Hal
    I've been in some discussion recently about where email (notifications, etc...) should be sent in an ASP.NET MVC application. My nemesis grin argues that it only makes sense that the email should be sent from the controller. I argue that an email is simply an alternate or augmented view through a different channel. Much like I would download a file as the payload of an ActionResult, the email is simply delivered through a different protocol. I've worked an extension method that allows me to do the following: <% Html.RenderEmail(model.FromAddress, model.ToAddress, model.Subject); %> which I actually include within my the view that is displayed on the screen. The beauty is that, based on convention, if I call RenderEmail from a parent view named MyView.ascx, I attempt to render the contents of a view named MyViewEmail.ascx, unless it is not found, in which case I simply email a copy of parent view. It certainly does make it testable (I still have an ISMTPService injected for testing), I wondered if anyone had any thoughts on whether or not this breaks from good practice. In use it has been extremely handy when we needed to easily send an email or modify the contents of the emailed results vs the browser rendered results. Thanks, Hal

    Read the article

  • Which Project Management Software is adequate for Software & Non-Software Projects?

    - by cusack
    PMS = (Project Management Software) I used trac for software development some time ago. Right now I'm searching for a new more powerful (scheduling, gantt charts, ...) free solution (as in free beer ;-) and free to install on my server) for my current software project. Besides the current software project, abstract project management features like issue-tracking & scheduling would be great for coordinating a group of volunteers for real-life projects as well. I would want one solution for both purposes, so that I have the hassle of installation, getting used to the system and administration only once. So I tried redmine but the problem is it seems to be designed for software projects only. I can't suggest such a solution for the volunteer-group if tickets/issues would have to be of type bug, feature, ... I shortlisted the following six PMS from the wikipedia comparison http://en.wikipedia.org/wiki/List_of_project_management_software Project.net Project-Open Redmine Trac Endeavour Software Project Management eGroupWare I guess they are all more or less fine for software development but would you consider any of these to be good for the non-software project as well? Cliff Notes: I would want a start page situation like in trac. The start-page is a wiki presenting the project and not the PMS. But you can log into the PMS from there. Feature-wish list: wiki, Issue tracking, revision control, scheduling & gantt charts, forums (least important) (Btw: I'm very aware that I can't expect everything to be perfect ;-) 1.)Do you know a suitable solution for software and real-life projects or a highly customizable PMS where I can easily remove sth. like "browse source"(trac) and rename things like ticket/issue-types "bug", "feature"? 2.)Any experience good/bad with the above mentioned six PMS? I would personally guess that "Redmine" and "Endeavour Software Project Management" are too focused on software projects.

    Read the article

  • Entity Framework 4 / POCO - Where to start?

    - by Basiclife
    Hi, I've been programming for a while and have used LINQ-To-SQL and LINQ-To-Entities before (although when using entities it has been on a Entity/Table 1-1 relationship - ie not much different than L2SQL) I've been doing a lot of reading about Inversion of Control, Unit of Work, POCO and repository patterns and would like to use this methodology in my new applications. Where I'm struggling is finding a clear, concise beginners guide for EF4 which doesn't assume knowledge of EF1. The specific questions I need answered are: Code first / model first? Pros/cons in regards to EF4 (ie what happens if I do code first, change the code at a later date and need to regenerate my DB model - Does the data get preserved and transformed or dropped?) Assuming I'm going code-first (I'd like to see how EF4 converts that to a DB schema) how do I actually get started? Quite often I've seen articles with entity diagrams stating "So this is my entity model, now I'm going to ..." - Unfortunately, I'm unclear if they're created the model in the designer, saved it to generate code then stopped any further auto-code generation -or- They've coded (POCO)? classes and the somehow imported them into the deisgner view? I suppose what I really need is an understanding of where the "magic" comes from and how to add it myself if I'm not just generating an EF model directly from a DB. I'm aware the question is a little vague but I don't know what I don't know - So any input / correction / clarification appreciated. Needless to say, I don't expect anyone to sit here and teach me EF - I'd just like some good tutorials/forums/blogs/etc. for complete entity newbies Many thanks in advance

    Read the article

  • Dymanic if statement evaluation problem with string comparison

    - by Mani
    I tried the example given in http://forums.sun.com/thread.jspa?threadID=780576&tstart=67605 to create if statement dynamically. But it is not working fine. Instead of using "age" variable as integer, i have used string in the below example. I am getting "fail" as answer instead of "success". Can anyone help me? / To change this template, choose Tools | Templates and open the template in the editor. / import java.lang.reflect.*; import bsh.Interpreter; public class Main { public static String d; public static void main(String args[]) { try { String age = "30"; String cond = "age==30"; Interpreter i = new Interpreter(); i.set("age", age); System.out.println(" sss" + i.get("age")); if((Boolean)i.eval(cond)) { System.out.println("success"); } else { System.out.println("fail"); } } catch (Throwable e) { System.err.println(e); } } } Thanks, Mani

    Read the article

  • Facebook XFBML Like Button incompatible with FeatureLoader script?

    - by retailevolved
    Facebook gurus, I have been implementing the Facebook Like button for a number of clients lately. To enable the Like Button, the following script has to be run: <div id="fb-root"></div> <script> window.fbAsyncInit = function() { FB.init({appId: '<?php echo Mage::helper("evlike")->getLikeConfig("ev_facebook_app_id") ?>', xfbml: true}); }; (function() { var e = document.createElement('script'); e.async = true; e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js'; document.getElementById('fb-root').appendChild(e); }()); </script> It seems that this is incompatible with the following include: <script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US" type="text/javascript"></script> It would make sense as I believe that the FeatureLoader performs an initialization. Is this official now? I would ask in official Facebook forums but I get an error every time I attempt to do so...

    Read the article

  • What are the security implications of making a clientaccesspolicy proxy workaround?

    - by Edward Tanguay
    I wanted to use a published GoogleDocs document as the datasource of a Silverlight application but ran into clientaccesspolicy issues. I read many articles like this and this about how difficult it is to get around the clientaccesspolicy issue. So I wrote this 15-line CURL script and put it on my PHP site and now I can get the text of any GoogleDocs document and any text from any URL into my Silverlight application: <?php $url = filter_input(INPUT_GET, 'url',FILTER_SANITIZE_STRING); $user_agent = 'Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)'; $ch = curl_init(); curl_setopt($ch, CURLOPT_COOKIEJAR, "/tmp/cookie"); curl_setopt($ch, CURLOPT_COOKIEFILE, "/tmp/cookie"); curl_setopt($ch, CURLOPT_URL, $url ); // set url to post to curl_setopt($ch, CURLOPT_FAILONERROR, 1); // Fail on errors curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0); // allow redirects curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); // return into a variable curl_setopt($ch, CURLOPT_TIMEOUT, 15); curl_setopt($ch, CURLOPT_USERAGENT, $user_agent); curl_setopt($ch, CURLOPT_VERBOSE, 0); echo curl_exec($ch); ?> So it makes me wonder: Why is there so much discussion about whether or not URLs support clientaccesspolicy or not, since you just have to write a simple proxy script and get the information through it? Why aren't there services, e.g. like the URL shortening services, which supply this functionality? What are the security implications of having a script like this?

    Read the article

  • Reasons for & against a Database

    - by dbemerlin
    Hi, i had a discussion with a coworker about the architecture of a program i'm writing and i'd like some more opinions. The Situation: The Program should update at near-realtime (+/- 1 Minute). It involves the movement of objects on a coordinate system. There are some events that occur at regular intervals (i.e. creation of the objects). Movements can change at any time through user input. My solution was: Build a server that runs continously and stores the data internally. The server dumps a state-of-the-program at regular intervals to protect against powerfailures and/or crashes. He argued that the program requires a Database and i should use cronjobs to update the data. I can store movement information by storing startpoint, endpoint and speed and update the position in the cronjob (and calculate collisions with other objects there) by calculating direction and speed. His reasons: Requires more CPU & Memory because it runs constantly. Powerfailures/Crashes might destroy data. Databases are faster. My reasons against this are mostly: Not very precise as events can only occur at full minutes (wouldn't be that bad though). Requires (possibly costly) transformation of data on every run from relational data to objects. RDBMS are a general solution for a specialized problem so a specialized solution should be more efficient. Powerfailures (or other crashes) can leave the Data in an undefined state with only partially updated data unless (possibly costly) precautions (like transactions) are taken. What are your opinions about that? Which arguments can you add for any side?

    Read the article

  • What's the compelling reason to upgrade to Visual Studio 2010 from VS2008?

    - by Cheeso
    Are there new features in Visual Studio 2010 that are must-haves? If so, which ones? For me, the big draws for VS2008 as compared to VS2005 were LINQ, .NET Framework multitargeting, WCF (REST + Syndication), and general devenv.exe reliability. Granted, some of these features are framework things, and not tool things. For the purposes of this discussion, I'm willing to combine them into one bucket. What is the list of must-have features for VS2010 versus VS2008? Are there any? I am particularly interested in C#. Update: I know how to google, so I can get the official list from Microsoft. I guess what I really wanted was, the assessment from people using it, as to which things are really notable. Microsoft went on for 3 pages about 2008/3.5 features, and many people sort of boiled it down to LINQ, and a few other things. What is that short list for VS2010? Summary so far, what people think is cool or compelling: Visual Studio engine multi-monitor support new extensibility model based on WPF, prettier and more usable new TFS stuff, incl automated test tools parallel debugging .NET Framework parallel extensions for .NET C# 4.0 generic variance optional and named params easier interop with non-managed environments, like COM or Javascript VB 10.0 collection and array literals / initializers automatic properties anonymous methods / statement lambdas I read up on these at Zander's blog. He described these and other features. Nobody on this list said anything about: Visual Studio engine F# support Javascript code-completion JQuery is now included UML better Sharepoint capabilities C++ moves to msbuild project files

    Read the article

  • Create xml document in java applet.

    - by zproxy
    If I try to create a new xml document in a java applet by this code: http://java.sun.com/j2se/1.4.2/docs/api/javax/xml/parsers/DocumentBuilderFactory.html#newInstance() DocumentBuilderFactory.newInstance(); I will get this error: Java Plug-in 1.6.0_19 Using JRE version 1.6.0_19-b04 Java HotSpot(TM) Client VM javax.xml.parsers.FactoryConfigurationError: Provider <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> not found at javax.xml.parsers.DocumentBuilderFactory.newInstance(Unknown Source) I do not care about DTD's. Why is it looking for it? How am I supposed to create a xml document in java applets? How can I make it work? The enclosing html document looks like this: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <title>Loading...</title> </head> Can some comment this thread? The problem was with the entity resolver, which points to the w3c.org web site. The access to the reference DTDs on this site has been restricted for application use. The solution was to implement my own entity resolver. Related: http://forums.sun.com/thread.jspa?threadID=515055 http://stackoverflow.com/questions/1016286/org-apache-xerces-jaxp-saxparserfactoryimpl-not-found-when-importing-gears-api-in http://java.itags.org/java-desktop/4839/

    Read the article

  • Appropriate wx.Sizer(s) for the job?

    - by MetaHyperBolic
    I have a space in which I would like certain elements (represented here by A, B, D, and G) to each be in its own "corner" of the design. The corners ought to line up as if each of the four elements was repelling the other; a rectangle. This is to be contained within an unresizable panel. I will have several similar panels and want to keep the location of the elements as identical as possible. (I needed something a little more complex than a wx.Wizard, but with the same general idea.) AAAAAAAAAA BB CCCCCCCCCCCCCCCCCC CCCCCCCCCCCCCCCCCC CCCCCCCCCCCCCCCC CCCCCCCCCCCCCC CCCCCCCCCCCCCCCCCC CCCCCCCCCCCCCCCC CCCCCCCCCCCCCCCCCC DDD EEE FFF GGG A represents a text in a large font. B represents a numeric progress meter (e.g. "1 of 7") in a small font. C represents a large block of text. D, E, F, and G are buttons. The G button is separated from others for functionality. I have attempted nested wx.BoxSizers (horizontal boxes inside of one vertical box) without luck. My first problem with wx.BoxSizer is that the .SetMinSize on my last row has not been honored. The second problem is that I have no idea how to make the G button "take up space" without growing comically large, or how I can jam it up against the right edge and bottom edge. I have tried to use a wx.GridBagSizer, but ran into entirely different issues. After plowing through the various online tutorials and wxPython in Action, I'm a little frustrated. The relevant forums appear to see activity once every two weeks. "Playing around with it" has gotten me nowhere; I feel as if I am trying to smooth out a hump in ill-laid carpet.

    Read the article

  • Google App Engine - Uploading blobs and authentication

    - by Keyur
    (I tried asking this on the GAE forums but didn't get an answer so am trying it here.) Currently to upload blobs, the app engine's blob store service creates a unique one- time URL that a user can post blobs to. My requirement is that I only want authenticated / authorized users to post blobs in my application. I can achieve this currently if the page that includes the multipart form to upload blobs is in my application. However, I am looking to providing a "REST API" for my users to upload their blobs. While it is true that the one-time nature of the upload URL mitigates the chances of rogue use but it's still possible. I was wondering if there is anyone on the app engine team here that can consider a feature where developers can register an upload listener. (Or if there is already a way, I'll be all ears). A standard servlet filter could also potentially do the job. This will give us an opportunity to authenticate / validate / decorate requests before the request gets forwarded to the blob store service. Thanks, Keyur

    Read the article

  • Read a variable from a variable cookie jquerycookie.

    - by Ozaki
    TLDR How could I tell "page.html" which one of 3 or so cookies to look at when the cookie is set on the previous page? Currently: When a link is clicked save text of link to cookie When "page.html" is loaded get the value of the cookie Loads the getjson call as per value of the cookie. E.g: <a href="page.html">link1</a> -c1 <a href="page.html">link2</a> -c2 <a href="page.html">link3</a> -c3 See previous discussion here Now that is all good and well apart from the fact if I were to say open them in multiple tabs. It changes the cookie and correctly loads the right data. But if I were to refresh one of these tabs it will load the most recently open data rather than what it should be. So if I were to save a cookie as c1 with a value of link1 c2 with a value of link2 c3 with a value of link3 How could I tell "page.html" which cookie it should be looking at, therefore not breaking the back/forward/refresh buttons on the browser when multiple tabs are open?

    Read the article

  • Help needed in grokking password hashes and salts

    - by javafueled
    I've read a number of SO questions on this topic, but grokking the applied practice of storing a salted hash of a password eludes me. Let's start with some ground rules: a password, "foobar12" (we are not discussing the strength of the password). a language, Java 1.6 for this discussion a database, postgreSQL, MySQL, SQL Server, Oracle Several options are available to storing the password, but I want to think about one (1): Store the password hashed with random salt in the DB, one column Found on SO and elsewhere is the automatic fail of plaintext, MD5/SHA1, and dual-columns. The latter have pros and cons MD5/SHA1 is simple. MessageDigest in Java provides MD5, SHA1 (through SHA512 in modern implementations, certainly 1.6). Additionally, most RDBMSs listed provide methods for MD5 encryption functions on inserts, updates, etc. The problems become evident once one groks "rainbow tables" and MD5 collisions (and I've grokked these concepts). Dual-column solutions rest on the idea that the salt does not need to be secret (grok it). However, a second column introduces a complexity that might not be a luxury if you have a legacy system with one (1) column for the password and the cost of updating the table and the code could be too high. But it is storing the password hashed with a random salt in single DB column that I need to understand better, with practical application. I like this solution for a couple of reasons: a salt is expected and considers legacy boundaries. Here's where I get lost: if the salt is random and hashed with the password, how can the system ever match the password? I have theory on this, and as I type I might be grokking the concept: Given a random salt of 128 bytes and a password of 8 bytes ('foobar12'), it could be programmatically possible to remove the part of the hash that was the salt, by hashing a random 128 byte salt and getting the substring of the original hash that is the hashed password. Then re hashing to match using the hash algorithm...??? So... any takers on helping. :) Am I close?

    Read the article

  • 2 Mutually exclusive RadioButton "Lists"

    - by user72603
    I think this has to be THE most frustrating thing I've ever done in web forms. Yet one would think it would be the easiest of all things in the world to do. That is this: I need 2 separate lists of radiobuttons on my .aspx page. One set allows a customer to select an option. The other set does also but for a different purpose. But only one set can have a selected radiobutton. Ok I've tried this using 2 asp.net Radiobuttonlists controls on the same page. Got around the nasty bug with GroupName (asp.net assigns the control's uniqueID which prevents the groupname from ever working because now, 2 radiobuttonlists can't have the same groupname for all their radiobuttons because each radiobuttonlist has a different uniqueID thus the bug assigns the unique ID as the name attribute when the buttons are rendered. since the name sets are different, they are not mutually exclusive). Anyway, so I created that custom RadioButtonListcontrol and fixed that groupname problem. But when ended up happening is when I went to put 2 instances of my new custom radiobuttonlist control on my .aspx page, all was swell until I noticed that every time I checked for radiobuttonlist1.SelectedValue or radiobuttonlist2.SelectedValue (did not matter which I was checking) the value always spit back string.empty and i was not able to figure out why (see http://forums.asp.net/t/1401117.aspx). Ok onto the third try tonight and into the break of dawn (no sleep). I tried to instead just scrap trying to use 2 custom radiobuttonlists altogether because of that string.empty issue and try to spit out 2 sets of radiobuttonlists via using 2 asp.net repeaters and a standard input HTML tag inside. Got that working. Ok but the 2 lists still are not mutually exclusive. I can select a value in the first set of radiobuttons from repeater1 and same goes for repeater2. I cannot for the life of me get the "sets" to be mutually exclusive sets of radiobuttons.

    Read the article

  • Jquery UI Dialog - when opened IE7 Browser moves instantly to the bottom of the page

    - by Truegilly
    Hello, i have been working on a new .net MVC site and have integrated some of the awesome jquery UI components. ive been testing it in IE8, FF, opera and Chrome and all looks well. Once I test in IE7, surprisingly its the dialogs that are causing a problem. basically what’s happening is that one you user clicks to open a dialog the page will scroll immediately to the bottom of the page. This is especially bad if the page is quite long. this only happens in IE7 (and probably 6 but im not even going there!). I have spend a few hours reading forums and it seems im not the only one. I have created a dirty hack which im not keen on but it does work. onclick="SignIn(); <% if(ModelHelperClass.CheckForOldIEVersion() == true) Response.Write("window.scrollTo(0, 0);"); %> return false;"> has anyone else had this issue and resolved it without resorting to dirty hacks ? im using jquery-ui-1.8.custom.min.js and jquery-1.4.2.min.js any help is most appreciated Truegilly

    Read the article

  • how do I make a portable isnan/isinf function.

    - by monkeyking
    I've been using isinf,isnan functions on linux platforms which worked perfectly. But this didn't work on osx, so I decided to use std::isinf std::isnan which works on both linux and osx. But the intel compiler doesn't recognize it, and I guess its a bug in the intel compiler according to http://software.intel.com/en-us/forums/showthread.php?t=64188 So now I just want to avoid the hassle and define my own isinf,isnan implementation. Does anyone know how this could be done Thanks edit: I ended up doing this in my sourcecode for making isinf/isnan working #include <iostream> #include <cmath> #ifdef __INTEL_COMPILER #include <mathimf.h> #endif int isnan_local(double x) { #ifdef __INTEL_COMPILER return isnan(x); #else return std::isnan(x); #endif } int isinf_local(double x) { #ifdef __INTEL_COMPILER return isinf(x); #else return std::isinf(x); #endif } int myChk(double a){ std::cerr<<"val is: "<<a <<"\t"; if(isnan_local(a)) std::cerr<<"program says isnan"; if(isinf_local(a)) std::cerr<<"program says isinf"; std::cerr<<"\n"; return 0; } int main(){ double a = 0; myChk(a); myChk(log(a)); myChk(-log(a)); myChk(0/log(a)); myChk(log(a)/log(a)); return 0; }

    Read the article

  • With regards to urllib AttributeError: 'module' object has no attribute 'urlopen'

    - by Matt
    import re import string import shutil import os import os.path import time import datetime import math import urllib from array import array import random filehandle = urllib.urlopen('http://www.google.com/') #open webpage s = filehandle.read() #read print s #display #what i plan to do with it once i get the first part working #results = re.findall('[<td style="font-weight:bold;" nowrap>$][0-9][0-9][0-9][.][0-9][0-9][</td></tr></tfoot></table>]',s) #earnings = '$ ' #for money in results: #earnings = earnings + money[1]+money[2]+money[3]+'.'+money[5]+money[6] #print earnings #raw_input() this is the code that i have so far. now i have looked at all the other forums that give solutions such as the name of the script, which is parse_Money.py, and i have tried doing it with urllib.request.urlopen AND i have tried running it on python 2.5, 2.6, and 2.7. If anybody has any suggestions it would be really welcome, thanks everyone!! --Matt ---EDIT--- I also tried this code and it worked, so im thinking its some kind of syntax error, so if anybody with a sharp eye can point it out, i would be very appreciative. import shutil import os import os.path import time import datetime import math import urllib from array import array import random b = 3 #find URL URL = raw_input('Type the URL you would like to read from[Example: http://www.google.com/] :') while b == 3: #get file name file1 = raw_input('Enter a file name for the downloaded code:') filepath = file1 + '.txt' if os.path.isfile(filepath): print 'File already exists' b = 3 else: print 'Filename accepted' b = 4 file_path = filepath #open file FileWrite = open(file_path, 'a') #acces URL filehandle = urllib.urlopen(URL) #display souce code for lines in filehandle.readlines(): FileWrite.write(lines) print lines print 'The above has been saved in both a text and html file' #close files filehandle.close() FileWrite.close()

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >