Search Results

Search found 18347 results on 734 pages for 'generate password'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 142/734 | < Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >

  • Get paperclip to crop the image without validating

    - by Micke
    Hello fellow stackoverflow members. I have been following this guide to enable users to have their own avatar. But i have bumped in to a litle problem. When the user is cropping the image the model tries to validate all my validations. My user model looks like this: class User < ActiveRecord::Base has_attached_file :avatar, :styles => { :small => "100x100>", :large => "500x500>" }, :processors => [:cropper] attr_accessor :password, :crop_x, :crop_y, :crop_w, :crop_h attr_accessible :crop_x, :crop_y, :crop_w, :crop_h validates_confirmation_of :password validates_presence_of :password And when the user runs the crop updating script the user model tries to validate the password. But because i have no password field on the cropping page it can't validate it. Here is the updating of the crop: @user = User.find(current_user.id) if @user.update_attributes(params[:user]) flash[:notice] = "Successfully updated user." end How can i bypass this in a easy and clean way?

    Read the article

  • Salt, passwords and security

    - by Jonathan
    I've read through many of the questions on SO about this, but many answers contradict each other or I don't understand. You should always store a password as a hash, never as plain text. But should you store the salt (unique for each user) next to the hashed password+salt in the database. This doesn't seem very clever to me as couldn't someone gain access to the database, look for says the account called Admin or whatever and then work out the password from that?

    Read the article

  • Problem with a test method in Yii web services

    - by Conrad
    Hi There, Is there anyone here who might be familiar with web services in the yii framework? I declared the following test method: /** * Send a single SMS message * * @param string $username Username * @param string $password Password * @param string $identifier Valid Identifier to use * @param string $mobileNumber Mobile Number to send message to * @param string $message Message to send * @return string 'OK' on success, error message on failure * @soap */ public function singleSms($username, $password, $identifier,$mobileNumber, $message){ return "username=$username, pwd=$password, source=$identifier, mobno=$mobileNumber, msg=$message"; } But when I try to call this method I get the following response: - - WSDL - SOAP-ERROR: Parsing WSDL: Couldn't load from 'http://sms.chillnethosting.co.za/index.php?r=sms/webservice' : Start tag expected, '<' not found The WSDL generates when I call my URL: Web Service URL Any Ideas?

    Read the article

  • How to pass a random User/Pass (for Basic Authentication) with JMeter?

    - by Pure.Krome
    Hi folks, I'm using JMeter to stress test an API. I've got Basic Authentication set up - seems to be working great. Now, i'm trying to randomize the credentials that JMeter passes across the wire. So, there's two ways I know I can do this. Add a custom HTTP Header (via an HTTP Header Manager Element) and set then value to the random fields (ie. something I've read in from a csv file) Use the HTTP Authorization Manager Element and pass in the username and password there. Now, if I try and use method (1) above, I need to create the following header/data :- Authorization: Basic <some Base64 encoded string in the format username:password> eg. Authorization: Basic OnVzZXIxOnBhc3Mx Kewl. simple. BUT that header value is not getting passed across the wire :( I can add any other header type and it's passed across the wire.. hmm .. ok then .. lets try method (2). Now that works .. but I can only hardcode in the username & password. I can't see how I can pass in a username VARIABLE (ie. ${usernmae} ) or a password VARIABLE (ie. ${password} ).... If it's hardcoded, then the server correctly replies with the correct page/data. so .. can someone please help?

    Read the article

  • Preferred place to store username

    - by Rudiger
    I am dealing with a single username and password in an App, I'm storing the password in the keychain for security but where best to store the username? In NSUserDefaults, CFPreferences or is there a way to retrieve it out of the keychain along with the password. Later on there might be two entries in the keychain so I think this might be out of the question. Or does it not matter at all?

    Read the article

  • Cannot login to Activeadmin after gem update

    - by user1883793
    After bundle update I cannot login to my Activeadmin, here is the log. Is it because the unpermitted params? do I need to config strong parameter to make admin login work? I already have this code for devise: def configure_permitted_parameters devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:email, :password, :remember_me) } devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password) } end Started POST "/admin/login" for 127.0.0.1 at 2013-10-30 22:33:25 +1300 Processing by ActiveAdmin::Devise::SessionsController#create as HTML Parameters: {"utf8"=>"?", "authenticity_token"=>"MhoM/R/oVfad/iiov2zpqfoJ5XOSLda6rTl/V2cMIZE=", "admin_user"=>{"email"=>"[email protected]", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Login"} Completed 401 Unauthorized in 0.6ms Processing by ActiveAdmin::Devise::SessionsController#new as HTML Parameters: {"utf8"=>"?", "authenticity_token"=>"MhoM/R/oVfad/iiov2zpqfoJ5XOSLda6rTl/V2cMIZE=", "admin_user"=>{"email"=>"[email protected]", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Login"} Unpermitted parameters: email, password, remember_me Rendered /home/jcui/.rvm/gems/ruby-1.9.3-p194/gems/activeadmin-0.6.2/app/views/active_admin/devise/shared/_links.erb (0.6ms) Rendered /home/jcui/.rvm/gems/ruby-1.9.3-p194/gems/activeadmin-0.6.2/app/views/active_admin/devise/sessions/new.html.erb within layouts/active_admin_logged_out (118.2ms) Completed 200 OK in 130.7ms (Views: 129.9ms | ActiveRecord: 0.0ms | Solr: 0.0ms)

    Read the article

  • Why do I get the error "Only antlib URIs can be located from the URI alone,not the URI" when trying to run hibernate tools in my build.xml

    - by Casbah
    I'm trying to run hibernate tools in an ant build to generate ddl from my JPA annotations. Ant dies on the taskdef tag. I've tried with ant 1.7, 1.6.5, and 1.6 to no avail. I've tried both in eclipse and outside. I've tried including all the hbn jars in the hibernate-tools path and not. Note that I based my build file on this post: http://stackoverflow.com/questions/281890/hibernate-jpa-to-ddl-command-line-tools I'm running eclipse 3.4 with WTP 3.0.1 and MyEclipse 7.1 on Ubuntu 8. Build.xml: <project name="generateddl" default="generate-ddl"> <path id="hibernate-tools"> <pathelement location="../libraries/hibernate-tools/hibernate-tools.jar" /> <pathelement location="../libraries/hibernate-tools/bsh-2.0b1.jar" /> <pathelement location="../libraries/hibernate-tools/freemarker.jar" /> <pathelement location="../libraries/jtds/jtds-1.2.2.jar" /> <pathelement location="../libraries/hibernate-tools/jtidy-r8-20060801.jar" /> </path> <taskdef classname="org.hibernate.tool.ant.HibernateToolTask" classpathref="hibernate-tools"/> <target name="generate-ddl" description="Export schema to DDL file"> <!-- compile model classes before running hibernatetool --> <!-- task definition; project.class.path contains all necessary libs <taskdef name="hibernatetool" classname="org.hibernate.tool.ant.HibernateToolTask" classpathref="project.class.path" /> --> <hibernatetool destdir="sql"> <!-- check that directory exists --> <jpaconfiguration persistenceunit="default" /> <classpath> <dirset dir="WebRoot/WEB-INF/classes"> <include name="**/*"/> </dirset> </classpath> <hbm2ddl outputfilename="schemaexport.sql" format="true" export="false" drop="true" /> </hibernatetool> </target> Error message (ant -v): Apache Ant version 1.7.0 compiled on December 13 2006 Buildfile: /home/joe/workspace/bento/ant-generate-ddl.xml parsing buildfile /home/joe/workspace/bento/ant-generate-ddl.xml with URI = file:/home/joe/workspace/bento/ant-generate-ddl.xml Project base dir set to: /home/joe/workspace/bento [antlib:org.apache.tools.ant] Could not load definitions from resource org/apache/tools/ant/antlib.xml. It could not be found. BUILD FAILED /home/joe/workspace/bento/ant-generate-ddl.xml:12: Only antlib URIs can be located from the URI alone,not the URI at org.apache.tools.ant.taskdefs.Definer.execute(Definer.java:216) at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:288) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:105) at org.apache.tools.ant.Task.perform(Task.java:348) at org.apache.tools.ant.Target.execute(Target.java:357) at org.apache.tools.ant.helper.ProjectHelper2.parse(ProjectHelper2.java:140) at org.eclipse.ant.internal.ui.antsupport.InternalAntRunner.parseBuildFile(InternalAntRunner.java:191) at org.eclipse.ant.internal.ui.antsupport.InternalAntRunner.run(InternalAntRunner.java:400) at org.eclipse.ant.internal.ui.antsupport.InternalAntRunner.main(InternalAntRunner.java:137) Total time: 195 milliseconds

    Read the article

  • Credentials can not be delegated - Alfresco Share

    - by leftcase
    I've hit a brick wall configuring Alfresco 4.0.d on Redhat 6. I'm using Kerberos authentication, it seems to be working normally, and single sign on is working on the main alfresco app itself. I've been through the configuration steps to get the share app working, but try as I may, I keep getting this error in catalina.out each time a browser accesses http://server:8080/share along with a 'Windows Security' password box. WARN [site.servlet.KerberosSessionSetupPrivilegedAction] credentials can not be delegated! Here's what I've done so far: Using AD users and computers, selected the alfrescohttp account, and selected 'trust this user for delegation to any service (Kerberos only). Copied /opt/alfresco-4.0.d/tomcat/shared/classes/alfresco/web-extension/share-config-custom.xml.sample to share-config-custom.xml and edited like this: <config evaluator="string-compare" condition="Kerberos" replace="true"> <kerberos> <password>*****</password> <realm>MYDOMAIN.CO.UK</realm> <endpoint-spn>HTTP/[email protected]</endpoint-spn> <config-entry>ShareHTTP</config-entry> </kerberos> </config> <config evaluator="string-compare" condition="Remote"> <remote> <keystore> <path>alfresco/web-extension/alfresco-system.p12</path> <type>pkcs12</type> <password>alfresco-system</password> </keystore> <connector> <id>alfrescoCookie</id> <name>Alfresco Connector</name> <description>Connects to an Alfresco instance using cookie-based authentication</description> <class>org.springframework.extensions.webscripts.connector.AlfrescoConnector</class> </connector> <endpoint> <id>alfresco</id> <name>Alfresco - user access</name> <description>Access to Alfresco Repository WebScripts that require user authentication</description> <connector-id>alfrescoCookie</connector-id> <endpoint-url>http://localhost:8080/alfresco/wcs</endpoint-url> <identity>user</identity> <external-auth>true</external-auth> </endpoint> </remote> </config> Setup the /etc/krb5.conf file like this: [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = MYDOMAIN.CO.UK default_tkt_enctypes = rc4-hmac default_tgs_enctypes = rc4-hmac forwardable = true proxiable = true [realms] MYDOMAIN.CO.UK = { kdc = mydc.mydomain.co.uk admin_server = mydc.mydomain.co.uk } [domain_realm] .mydc.mydomain.co.uk = MYDOMAIN.CO.UK mydc.mydomain.co.uk = MYDOMAIN.CO.UK /opt/alfresco-4.0.d/java/jre/lib/security/java.login.config is configured like this: Alfresco { com.sun.security.auth.module.Krb5LoginModule sufficient; }; AlfrescoCIFS { com.sun.security.auth.module.Krb5LoginModule required storeKey=true useKeyTab=true keyTab="/etc/alfrescocifs.keytab" principal="cifs/server.mydomain.co.uk"; }; AlfrescoHTTP { com.sun.security.auth.module.Krb5LoginModule required storeKey=true useKeyTab=true keyTab="/etc/alfrescohttp.keytab" principal="HTTP/server.mydomain.co.uk"; }; com.sun.net.ssl.client { com.sun.security.auth.module.Krb5LoginModule sufficient; }; other { com.sun.security.auth.module.Krb5LoginModule sufficient; }; ShareHTTP { com.sun.security.auth.module.Krb5LoginModule required storeKey=true useKeyTab=true keyTab="/etc/alfrescohttp.keytab" principal="HTTP/server.mydomain.co.uk"; }; And finally, the following settings in alfresco-global.conf authentication.chain=kerberos1:kerberos,alfrescoNtlm1:alfrescoNtlm kerberos.authentication.real=MYDOMAIN.CO.UK kerberos.authentication.user.configEntryName=Alfresco kerberos.authentication.cifs.configEntryName=AlfrescoCIFS kerberos.authentication.http.configEntryName=AlfrescoHTTP kerberos.authentication.cifs.password=****** kerberos.authentication.http.password=***** kerberos.authentication.defaultAdministratorUserNames=administrator ntlm.authentication.sso.enabled=true As I say, I've hit a brick wall with this and I'd really appreciate any help you can give me! This question is also posted on the Alfresco forum, but I wondered if any folk here on serverfault have come across similar implementation challenges?

    Read the article

  • storing user info/pass in web.config authentication

    - by Tomaszewski
    Hello, I am trying to write a simple internal app with some simple authentication. I'm also trying to make this quick and learn about the forms authentication via web.config. So i have my authentication working if I hard code my 'user name' and 'password' into C# code and do a simple conditional. However, I'm having a tough time storing the a user/pass to be checked against in the web.config file. The MSDN manual says to put this into the web.config: <authentication mode="Forms"> <forms loginUrl="login.aspx"> <credentials passwordFormat="SHA1"> <user name="user1" password="27CE4CA7FBF00685AF2F617E3F5BBCAFF7B7403C" /> <user name="user2" password="D108F80936F78DFDD333141EBC985B0233A30C7A" /> <user name="user3" password="7BDB09781A3F23885CD43177C0508B375CB1B7E9"/> </credentials> </forms> </authentication> However, the minute I add 'credentials' into the 'authentication' section, I get this error: Server Error in '/' Application. Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: Unrecognized element 'credentials'. Source Error: Line 44: <authentication mode="Forms"> Line 45: <forms loginUrl="login.aspx" /> Line 46: <credentials> Line 47: Line 48: </credentials> Source File: C:\inetpub\wwwroot\asp\projects\passwordCatalog\passwordCatalog\web.config Line: 46 So my question is, how and where would I add the following in the web.config file? <credentials passwordFormat="SHA1"> <user name="johndoe" password="mypass123" /> </credentials>

    Read the article

  • PHP and Regular Expressions question?

    - by php
    I was wondering if the codes below are the correct way to check for a street address, email address, password, city and url using preg_match using regular expressions? And if not how should I fix the preg_match code? preg_match ('/^[A-Z0-9 \'.-]{1,255}$/i', $trimmed['address']) //street address preg_match ('/^[\w.-]+@[\w.-]+\.[A-Za-z]{2,6}$/', $trimmed['email'] //email address preg_match ('/^\w{4,20}$/', $trimmed['password']) //password preg_match ('/^[A-Z \'.-]{1,255}$/i', $trimmed['city']) //city preg_match("/^[a-zA-Z]+[:\/\/]+[A-Za-z0-9\-_]+\\.+[A-Za-z0-9\.\/%&=\?\-_]+$/i", $trimmed['url']) //url

    Read the article

  • [java] Keystore change passwords

    - by user313724
    Hi, I currently have a keystore, with a particular password that only I should know. I now need to give access to that keystore to someone else, so I would like to either: 1) Change the password, so I can share it with others and let them sign 2) Create a different password and allow them to sign with it. Is this possible? and - if yes - how?

    Read the article

  • Windows Authentication for winforms with Windows 2000

    - by The King
    I use the following code to validate users through windows authentication for my winform application. This works fine with windows XP but when the user is using windows 2000, it says that the userid or password is in valid. How do I do this in Windows 2000. Further, How do I detect whether the user is using Windows Xp or windows 2000. [System.Runtime.InteropServices.DllImport("advapi32.dll")] public static extern bool LogonUser(string userName, string domainName, string password, int LogonType, int LogonProvider, ref IntPtr phToken); public bool IsValidateCredentials(string userName, string password, string domain) { IntPtr tokenHandler = IntPtr.Zero; bool isValid = LogonUser(userName, domain, password, 2, 0, ref tokenHandler); return isValid; } Thanks

    Read the article

  • How to call Named Query

    - by sandeep
    I wrote a named query in the entity class Voter NamedQuery(name = "Voter.findvoter", query = "SELECT count(*) FROM Voter v WHERE v.voterID = :voterID" and where v.password= : password), I want to call this named query and I also need to set voterID and password. Can you help me. Thank you

    Read the article

  • Silverlight Dataform validation doesn't work

    - by VexXtreme
    Hi I can't get dataform and it's controls to catch exceptions when validating. Fir instance, I have: <PasswordBox Password="{Binding Password,Mode=TwoWay,NotifyOnValidationError=true,ValidatesOnExceptions=true}" /> All required properties are set to true. In the setter of my Password property I throw a ValidationException upon failed validation, but the data form doesn't catch it, it just causes the application to crash as if it were a normal exception. Am I doing something wrong? Thanks

    Read the article

  • Review my ASP.NET Authentication code.

    - by Niels Bosma
    I have had some problems with authentication in ASP.NET. I'm not used most of the built in authentication in .NET. I gotten some complaints from users using Internet Explorer (any version - may affect other browsers as well) that the login process proceeds but when redirected they aren't authenticated and are bounced back to loginpage (pages that require authentication check if logged in and if not redirect back to loginpage). Can this be a cookie problem? Do I need to check if cookies are enabled by the user? What's the best way to build authentication if you have a custom member table and don't want to use ASP.NET login controls? Here my current code: using System; using System.Linq; using MyCompany; using System.Web; using System.Web.Security; using MyCompany.DAL; using MyCompany.Globalization; using MyCompany.DAL.Logs; using MyCompany.Logging; namespace MyCompany { public class Auth { public class AuthException : Exception { public int StatusCode = 0; public AuthException(string message, int statusCode) : base(message) { StatusCode = statusCode; } } public class EmptyEmailException : AuthException { public EmptyEmailException() : base(Language.RES_ERROR_LOGIN_CLIENT_EMPTY_EMAIL, 6) { } } public class EmptyPasswordException : AuthException { public EmptyPasswordException() : base(Language.RES_ERROR_LOGIN_CLIENT_EMPTY_PASSWORD, 7) { } } public class WrongEmailException : AuthException { public WrongEmailException() : base(Language.RES_ERROR_LOGIN_CLIENT_WRONG_EMAIL, 2) { } } public class WrongPasswordException : AuthException { public WrongPasswordException() : base(Language.RES_ERROR_LOGIN_CLIENT_WRONG_PASSWORD, 3) { } } public class InactiveAccountException : AuthException { public InactiveAccountException() : base(Language.RES_ERROR_LOGIN_CLIENT_INACTIVE_ACCOUNT, 5) { } } public class EmailNotValidatedException : AuthException { public EmailNotValidatedException() : base(Language.RES_ERROR_LOGIN_CLIENT_EMAIL_NOT_VALIDATED, 4) { } } private readonly string CLIENT_KEY = "9A751E0D-816F-4A92-9185-559D38661F77"; private readonly string CLIENT_USER_KEY = "0CE2F700-1375-4B0F-8400-06A01CED2658"; public Client Client { get { if(!IsAuthenticated) return null; if(HttpContext.Current.Items[CLIENT_KEY]==null) { HttpContext.Current.Items[CLIENT_KEY] = ClientMethods.Get<Client>((Guid)ClientId); } return (Client)HttpContext.Current.Items[CLIENT_KEY]; } } public ClientUser ClientUser { get { if (!IsAuthenticated) return null; if (HttpContext.Current.Items[CLIENT_USER_KEY] == null) { HttpContext.Current.Items[CLIENT_USER_KEY] = ClientUserMethods.GetByClientId((Guid)ClientId); } return (ClientUser)HttpContext.Current.Items[CLIENT_USER_KEY]; } } public Boolean IsAuthenticated { get; set; } public Guid? ClientId { get { if (!IsAuthenticated) return null; return (Guid)HttpContext.Current.Session["ClientId"]; } } public Guid? ClientUserId { get { if (!IsAuthenticated) return null; return ClientUser.Id; } } public int ClientTypeId { get { if (!IsAuthenticated) return 0; return Client.ClientTypeId; } } public Auth() { if (HttpContext.Current.User.Identity.IsAuthenticated) { IsAuthenticated = true; } } public void RequireClientOfType(params int[] types) { if (!(IsAuthenticated && types.Contains(ClientTypeId))) { HttpContext.Current.Response.Redirect((new UrlFactory(false)).GetHomeUrl(), true); } } public void Logout() { Logout(true); } public void Logout(Boolean redirect) { FormsAuthentication.SignOut(); IsAuthenticated = false; HttpContext.Current.Session["ClientId"] = null; HttpContext.Current.Items[CLIENT_KEY] = null; HttpContext.Current.Items[CLIENT_USER_KEY] = null; if(redirect) HttpContext.Current.Response.Redirect((new UrlFactory(false)).GetHomeUrl(), true); } public void Login(string email, string password, bool autoLogin) { Logout(false); email = email.Trim().ToLower(); password = password.Trim(); int status = 1; LoginAttemptLog log = new LoginAttemptLog { AutoLogin = autoLogin, Email = email, Password = password }; try { if (string.IsNullOrEmpty(email)) throw new EmptyEmailException(); if (string.IsNullOrEmpty(password)) throw new EmptyPasswordException(); ClientUser clientUser = ClientUserMethods.GetByEmailExcludingProspects(email); if (clientUser == null) throw new WrongEmailException(); if (!clientUser.Password.Equals(password)) throw new WrongPasswordException(); Client client = clientUser.Client; if (!(bool)client.PreRegCheck) throw new EmailNotValidatedException(); if (!(bool)client.Active || client.DeleteFlag.Equals("y")) throw new InactiveAccountException(); FormsAuthentication.SetAuthCookie(client.Id.ToString(), true); HttpContext.Current.Session["ClientId"] = client.Id; log.KeyId = client.Id; log.KeyEntityId = ClientMethods.GetEntityId(client.ClientTypeId); } catch (AuthException ax) { status = ax.StatusCode; log.Success = status == 1; log.Status = status; } finally { LogRecorder.Record(log); } } } }

    Read the article

  • Using MobileMe idisk as a git repository

    - by Ben Guest
    I am trying to use git and MobileMe as a version control system for a personal project I am working across several computers. So far i have done the following. Created and empty bare repository on my local computer $ mkdir myproject.git $ cd myproject.git $ git init --bare $ git update-server-info I then copied the myproject.git directory to the mobile me disk, and sync my computer with mobile me. I then switched to the directory where my project was on my local machine, set the remote origin and try to push the local repository to mobile me $ cd myproject $ git remote add origin https://<username>@idisk.me.com/<username>/myproject.git/ $ git push --all Im am then asked for my password twice. The first time is the mobile me password, any other password gets an error. After entering the second password, and believe me i've tried everything, terminal just hangs. So what am I doing wrong? (Besides trying to use mobileme as a git repository) Thanks, Ben.

    Read the article

  • SHA function issues

    - by Damian James
    I have this php code from my login.php if (isset($_POST['logIn'])) { $errmsg = ""; $logname = mysqli_real_escape_string($dbc, trim($_POST['usernameIn'])); $logpassword = mysqli_real_escape_string($dbc, trim($_POST['passwordIn'])); $query = "SELECT user_id, username FROM members WHERE username = '$logname' AND password = SHA('$logpassword')"; $data = mysqli_query($dbc, $query); if (mysqli_num_rows($data) == 1) { $row = mysqli_fetch_array($data); setcookie('user_id', $row['user_id'], time() + (60 * 60 * 24 * 30)); //expires after 30 days setcookie('username', $row['username'], time() + (60 * 60 * 24 * 30)); $home = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php'; header('Location: ' . $home); } else { $errmsg = '<p class="errormsg">Username or password is incorrect.</p>'; } } And for some reason, it always ends up setting $errmsg in the else statement. I am sure that I'm entering information (username,password) that is correct and exists in the database. I insert my values (from a signup script) using this query: $query = "INSERT INTO members (username, password, email) VALUES ('$username', SHA('$password'), '$email')"; Anyone see the problem with this script? Thanks!

    Read the article

  • Bitbucket API authentication with Python's HTTPBasicAuthHandler

    - by jbochi
    I'm trying to get the list of issues on a private repository using bitbucket's API. I have confirmed that HTTP Basic authentication works with hurl, but I am unable to authenticate in Python. Adapting the code from this tutorial, I have written the following script. import cookielib import urllib2 class API(): api_url = 'http://api.bitbucket.org/1.0/' def __init__(self, username, password): self._opener = self._create_opener(username, password) def _create_opener(self, username, password): cj = cookielib.LWPCookieJar() cookie_handler = urllib2.HTTPCookieProcessor(cj) password_manager = urllib2.HTTPPasswordMgrWithDefaultRealm() password_manager.add_password(None, self.api_url, username, password) auth_handler = urllib2.HTTPBasicAuthHandler(password_manager) opener = urllib2.build_opener(cookie_handler, auth_handler) return opener def get_issues(self, username, repository): query_url = self.api_url + 'repositories/%s/%s/issues/' % (username, repository) try: handler = self._opener.open(query_url) except urllib2.HTTPError, e: print e.headers raise e return handler.read() api = API(username='my_username', password='XXXXXXXX') api.get_issues('my_username', 'my_repository') results in: >>> Server: nginx/0.7.62 Date: Mon, 19 Apr 2010 16:15:06 GMT Content-Type: text/plain Connection: close Vary: Authorization,Cookie Content-Length: 9 Traceback (most recent call last): File "C:/USERS/personal/bitbucket-burndown/bitbucket-api.py", line 29, in <module> print api.get_issues('my_username', 'my_repository') File "C:/USERS/personal/bitbucket-burndown/bitbucket-api.py", line 25, in get_issues raise e HTTPError: HTTP Error 401: UNAUTHORIZED api.get_issues('jespern', 'bitbucket') works like a charm. What's wrong with my code?

    Read the article

  • How to validate smtp credentials before sending mail in C# ?

    - by Manish Gupta
    I need to validate the username and password set in SmtpClient object before sending mail. Here is the code sample: SmtpClient client=new SmtpClient(host); client.Credentials=new NetworkdCredentials(username,password); client.UseDefaultCredentials=false; //Here I need to verify the credentials(i.e. username and password) client.Send(mail); Thanks in advance.....

    Read the article

  • Salt question - using a "random salt"

    - by barfoon
    Hey everyone, Further to my question here, I have another question regarding salts. When someone says "use a random salt" to pre/append to a password, does this mean: Creating a static a 1 time randomly generated string of characters, or Creating a string of characters that changes at random every time a password is created? If the salt is random for every user and stored along with the hashed password, how is the original salt ever retrieved back for verification? Thanks!

    Read the article

  • jQuery dynamic field classes not being assigned as desired.

    - by Simon
    Hello, I'm working on a fancy login page with 4 unique states attributed through classes for each field (normal, focus, active-on, active-off). Normal is the default style. Focus is the focus style when nothing is typed. Active-on is the focus style when something has been typed. Active-off is for field that have user text in them, but are not focused right now. Here's a demo to help you understand what I'm doing: http://www.controlstack.com/login My JS is working almost correctly (thanks to some folks on this site), except in 2 cases: If I enter something in the username field, then tab over to the password field, it does not add the ".focus" class to the password field. If I blur out of the username field, then focus back on it, enter a few characters, then delete them, it does not add the ".focus" field. Here's my code: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" dir="ltr"> <head> <title>Login</title> <style> input.field {height: 39px; width: 194px; background: url(login-fields.png) no-repeat; overflow: hidden; border: none; outline: none; float: left; margin-right: 7px;} input.field#username {padding: 0 12px;} input.field#username.focus {background-position: 0 -39px;} input.field#username.active-on {background-position: 0 -78px;} input.field#username.active-off {background-position: 0 -117px;} input.field#password {background-position: -218px 0; padding: 0 12px;} input.field#password.focus {background-position: -218px -39px;} input.field#password.active-on {background-position: -218px -78px;} input.field#password.active-off {background-position: -218px -117px;} input.field#go {background-position: -436px 0; width: 88px; margin: 0; cursor: pointer;} </style> <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script> <script type="text/javascript"> $(document).ready(function() { loginField = $('.field'); firstField = $('.field.first'); firstField.focus(); loginField.focus(function(){ loginVal1 = loginField.val(); if (!loginVal1){ $(this).removeClass('active-off').addClass('focus'); } else { $(this).removeClass('active-off').addClass('active-on'); } }); loginField.live('keydown', function(){ $(this).addClass('active-on').removeClass('active-off'); }).live('keyup', function(){ $(this).toggleClass('active-on', $(this).val() != ''); }) loginField.blur(function(){ loginVal2 = loginField.val(); if (!loginVal2){ $(this).removeClass('focus').removeClass('active-on'); $(this).val(''); } else { $(this).removeClass('focus').removeClass('active-on').addClass('active-off'); } }); }); </script> </head> <body> <h1>Login to your account</h1> <form method="post" action="/"> <fieldset> <input type="text" class="field first focus" id="username" /> <input type="text" class="field" id="password" /> <input type="submit" value="" class="field" id="go" alt="login" title="login" /> </fieldset> </form> </body> </html> Your help is much appreciated!

    Read the article

  • With sqlalchemy how to dynamically bind to database engine on a per-request basis

    - by Peter Hansen
    I have a Pylons-based web application which connects via Sqlalchemy (v0.5) to a Postgres database. For security, rather than follow the typical pattern of simple web apps (as seen in just about all tutorials), I'm not using a generic Postgres user (e.g. "webapp") but am requiring that users enter their own Postgres userid and password, and am using that to establish the connection. That means we get the full benefit of Postgres security. Complicating things still further, there are two separate databases to connect to. Although they're currently in the same Postgres cluster, they need to be able to move to separate hosts at a later date. We're using sqlalchemy's declarative package, though I can't see that this has any bearing on the matter. Most examples of sqlalchemy show trivial approaches such as setting up the Metadata once, at application startup, with a generic database userid and password, which is used through the web application. This is usually done with Metadata.bind = create_engine(), sometimes even at module-level in the database model files. My question is, how can we defer establishing the connections until the user has logged in, and then (of course) re-use those connections, or re-establish them using the same credentials, for each subsequent request. We have this working -- we think -- but I'm not only not certain of the safety of it, I also think it looks incredibly heavy-weight for the situation. Inside the __call__ method of the BaseController we retrieve the userid and password from the web session, call sqlalchemy create_engine() once for each database, then call a routine which calls Session.bind_mapper() repeatedly, once for each table that may be referenced on each of those connections, even though any given request usually references only one or two tables. It looks something like this: # in lib/base.py on the BaseController class def __call__(self, environ, start_response): # note: web session contains {'username': XXX, 'password': YYY} url1 = 'postgres://%(username)s:%(password)s@server1/finance' % session url2 = 'postgres://%(username)s:%(password)s@server2/staff' % session finance = create_engine(url1) staff = create_engine(url2) db_configure(staff, finance) # see below ... etc # in another file Session = scoped_session(sessionmaker()) def db_configure(staff, finance): s = Session() from db.finance import Employee, Customer, Invoice for c in [ Employee, Customer, Invoice, ]: s.bind_mapper(c, finance) from db.staff import Project, Hour for c in [ Project, Hour, ]: s.bind_mapper(c, staff) s.close() # prevents leaking connections between sessions? So the create_engine() calls occur on every request... I can see that being needed, and the Connection Pool probably caches them and does things sensibly. But calling Session.bind_mapper() once for each table, on every request? Seems like there has to be a better way. Obviously, since a desire for strong security underlies all this, we don't want any chance that a connection established for a high-security user will inadvertently be used in a later request by a low-security user.

    Read the article

  • Django "login() takes exactly 1 argument (2 given)" error

    - by Oleksandr Bolotov
    I'm trying to store the user's ID in the session using django.contrib.auth.login . But it is not working not as expected. I'm getting error login() takes exactly 1 argument (2 given) With login(user) I'm getting AttributeError at /login/ User' object has no attribute 'method' I'm using slightly modifyed example form http://docs.djangoproject.com/en/dev/topics/auth/ : from django.shortcuts import render_to_response from django.contrib.auth import authenticate, login def login(request): msg = [] if request.method == 'POST': username = request.POST['u'] password = request.POST['p'] user = authenticate(username=username, password=password) if user is not None: if user.is_active: login(request, user) msg.append("login successful") else: msg.append("disabled account") else: msg.append("invalid login") return render_to_response('login.html', {'errors': msg}) there's nothing special about login.html: <html> <head> <title></title> </head> <body> <form action="/login/" method="post"> Login:&nbsp; <input type="text" name="u"> <br/> Password:&nbsp; <input type="password" name="p"> <input type="submit" value="Login"> </form> {% if errors %} <ul> {% for error in errors %} <li>{{ error }}</li> {% endfor %} </ul> {% endif %} </body> </html> Does anybody have idea how to make login() work.

    Read the article

  • python coockie,request another page

    - by polovinamozga
    #!/usr/bin/python # -*- coding: utf-8 -*- import urllib2 import urllib import httplib import Cookie import cookielib Login = 'user' Password = 'password' Domain = 'inbox.ru' Auth = 'https://auth.mail.ru/cgi-bin/auth' cj = cookielib.CookieJar() opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj)) login_data = urllib.urlencode({'Login' : Login, 'Domain' :Domain, 'Password' : Password }) opener.open('https://auth.mail.ru/cgi-bin/auth', login_data) resp = opener.open('https://auth.mail.ru/cgi-bin/auth').read() print resp.decode('cp1251') #output page in cp1251 When script sucessfully executed i see in print resp.decode('cp1251') my page with auth. But when a try to request another page for example http://my.mail.ru i see autorization request. How i can use cookie with another page?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >