Search Results

Search found 5623 results on 225 pages for 'prevent deletion'.

Page 142/225 | < Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >

• Preventing $.POST hijack

  - by Jamie

  I'm currently building a facebook application. Lets say I have a variable $uid that identifies the user so I can store this in my database along with their submitted data. I pass $uid and $data via json encoded values using $.post. However, this doesn't prevent someone changing $uid to save data as someone else. I have been thinking about how to overcome this, so far I haven't found a solution apart from: create database with $uid $secretkey on first page load. When $.post send $secretkey with the post and then retrieve the $uid from the database. Would this be the correct approach to use?

  Read the article

• Display a "Waiting Message" before the POST form send

  - by DomingoSL

  I have a upload file form, when you hit Submit it send the file to my server, but it takes a while, in the mean time i need to tell the user wait in order to get the file uploaded, because he can press Submit again because there is no menssage to prevent him. So, the user fill a few fields in the form, including a file. When he Send the form it sends the variables via POST to the same page: <form action="<?php echo $_SERVER['PHP_SELF']; ?>" enctype="multipart/form-data" method="post"> A php script detect the page now have POST variables a do something. In the time between the send action and the page reload i need to display a mensage, how can i do that??? Thanks It will be nice if you now how to trigger that with colorbox. I know how to use it from a link but no from this POST action.

  Read the article

• Scrambling URLS for dynamic data

  - by ggonsalv

  What is the best method to obfuscate the urls created in Dynamic Data? eg \Products\List.aspx?ProductId=2 could become \Products\List.aspx?x=UHJvZHVjdElkPTI= where "ProductId=2" is base 64 encoded to prevent casual snooping on \Products\List.aspx?ProductId=3 \Products\List.aspx?ProductId=4 etc...? I will probably have to inherit from an existing object and override some function The question is which object and what function GetActionPath of the Metamodel object seems interesting, but how does the DynamicRoute "{table}/{Action}.aspx" play in into it... Right now on Asp.net 1.1 site I use an custom implementation of the following code. http://www.mvps.org/emorcillo/en/code/aspnet/qse.shtml It is HTTPModule that uses regular expression to rewrite all the querystrings and also with reflection changes the Querystring collection with decoded values. So where is the hook to affect the change.

  Read the article

• Crystal Reports and Report Viewer runtime question

  - by Spooky2010

  Using vs2008 c#. Howdy, Ive got an application where im trying to decide if i should use the Crystal reports or the Report viewer that comes with the visual studio install. My issue is that while it will run fine on my development machine, a lot of the machines the application will be deployed to in remote locations WONT have the runtime for either crystal reports or the report viewer installed. therefore if i build an application using either of these, and prevent user access to the reports only on the machines that do NOT have the runtimes, can the application run ok, or should i expect crazy errors on install and such Any advice appreciated.

  Read the article

• htaccess not called when the url point to an existing folder

  - by Eldad

  Hi, I'm running zend server on windows 7. I'm using the htaccess from jooml: Options +FollowSymLinks RewriteEngine On RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR] RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) RewriteRule ^(.*)$ index.php [F,L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !^/index.php RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC] RewriteRule (.*) index.php RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] when I'm calling this url: http://localhost/ABC/ the data is been redirect to index.php but if I'm creating the folder ABC the server is showing the ABC folder content and not redirecting the data back to index.php. how can I prevent that, I want all the calls data to be directed into index.php? Thanks

  Read the article

• How can I disable Ctrl+A (select all) using jquery in a browser?

  - by Keltex

  I'm trying to prevent information to be copied from a page (for non-technical users of course). I know how to disable selecting text using the mouse. The following jquery code works: $(function(){ $.extend($.fn.disableTextSelect = function() { return this.each(function(){ if($.browser.mozilla){//Firefox $(this).css('MozUserSelect','none'); }else if($.browser.msie){//IE $(this).bind('selectstart',function(){return false;}); }else{//Opera, etc. $(this).mousedown(function(){return false;}); }); }); $('.noSelect').disableTextSelect(); }); But users can still use Ctrl+A to select the entire page. Any workarounds for this?

  Read the article

• Swipe gestures on Android ListView items

  - by Bartek

  I have a ListView populated by a ResourceCursorAdapter. I use the loaders mechanism to query a ContentProvider for list items. I detect swipe gestures on the list items to perform some actions on them. New items get added by a background service, so the list can change dynamically. Everything works fine, except when I start swiping and a database change occurs (as a result of the background service adding a new row). In such case the gesture is not detected properly. I noticed that ACTION_CANCEL is dispatched to the list item view and also that bindView is executed for all visible items. Inside the bindView method I only set some text - I don't change any listeners there. How can I make gestures work even when new items are being added by the background service? Perhaps there's a way to prevent the motion from being cancelled or I can pause database updates so they don't interrupt the gesture.

  Read the article

• Rails request forgery protection settings

  - by Vitaly

  Hey, please help a newbie in Rails :) I have protect_from_forgery call (which is given by default) with no attributes in my ApplicationController class. Basically here's the code: class ApplicationController < ActionController::Base helper :all # include all helpers, all the time protect_from_forgery helper_method :current_user_session, :current_user filter_parameter_logging :password, :password_confirmation What I assume it should do is: it should prevent any POST requests without correct authenticity_token. But when I send post request with jQuery like the one below, it works fine (there's update statement that is executed in the database)! $.post($(this).attr("href"), { _method: "PUT", data: { test: true } }); I see in console that there's no authenticity_token among sent parameters, but request is still considered valid. Why is that?

  Read the article

• PHP - CSRF - How to make it works in all tabs?

  - by Erik Persson

  Hi there, I have readed about how to prevent CSRF-attacks in the last days. I am going to update the token in every pageload, save the token in the session and make a check when submitting a form. But what if the user has, lets say 3 tabs open with my website, and I just store the last token in the session? This will overwrite the token with another token, and some post-action is going to fail. Do I need to store all tokens in the session, or is there a better solution to get this working? Best regards, Erik Persson

  Read the article

• Problem with DWR and Android-Browser

  - by moxn

  Hello everyone, I am experiencing a problem with accessing an application from the Android-browser. The application uses DWR to persist connections to the clients that are connected with it. Everything works fine for me, except that if the application does not send any data to the client on the Android-phone for 2 minutes, the connection seems to be lost and no data arrive at the client. The same scenario works just fine on Firefox, Opera and Chrome. If the pause between two data transfers is less than 2 minutes, it works just fine. So, now my question: Is there some timeout setting for the android browser that I am missing? Or is this some built-in bug/feature/whatever that I cannot circumvent? I know that I could prevent this from happening with some sort of heartbeat, I would just like to why this is happening. Thanks in advance, Max btw: Everything (server, clients) runs on my machine and I am testing this on the android emulator with Windows XP Android emulator version 1.10 (build_id CUPCAKE-150240)

  Read the article

• Why is FxCop warning about an overflow (CA2233) in this C# code?

  - by matt

  I have the following function to get an int from a high-byte and a low-byte: public static int FromBytes(byte high, byte low) { return high * (byte.MaxValue + 1) + low; } When I analyze the assembly with FxCop, I get the following critical warning: CA2233: OperationsShouldNotOverflow Arithmetic operations should not be done without first validating the operands to prevent overflow. I can't see how this could possibly overflow, so I am just assuming FxCop is being overzealous. Am I missing something? And what steps could be taken to correct what I have (or at least make the FxCop warning go away!)?

  Read the article

• WPF Textbox "normal" text input

  - by Ash Rowe

  G'day, I'm not sure if this is a problem relevant to only me or if anyone else has this issue also. None the less, I'll try and describe what is going on here. I have a few textbox's, default style, etc. I set an explicit maxwidth and maxheight to prevent resize when the text exceeds the default width of the textbox. The issue is that the text wraps to the next line, but I only want single line. So I set maxlines to 1 and textwrapping to NoWrap. That's fine. Now the carat and typed text disappears under the edges of the textbox when the width is exceeded and the only way I can get the carat and newly typed text back into view is by pressing the left and right arrows. Coming from MFC and using textboxes all the time with HTML, I would have thought the default behaviour would be to have the textbox content scroll with the carat or am I missing something here? Thank you, Ash

  Read the article

• Preventing referenced assembly PDB and XML files copied to output

  - by Jason Morse

  I have a Visual Studio 2008 C#/.NET 3.5 project with a post build task to ZIP the contents. However I'm finding that I'm also getting the referenced assemblies' .pdb (debug) and .xml (documentation) files in my output directory (and ZIP). For example, if MyProject.csproj references YourAssembly.dll and there are YourAssembly.xml and YourAssembly.pdb files in the same directory as the DLL they will show up in my output directory (and ZIP). I can exclude *.pdb when ZIP'ing but I cannot blanket exclude the *.xml files as I have deployment files with the same extension. Is there a way to prevent the project from copying referenced assembly PDB and XML files?

  Read the article

• How to use Custom AuthorizeAttribute for controller utilizing parameter value?

  - by RSolberg

  I am trying to secure a controller action to prevent a user from accessing an Entity that they do not have access to. I am able to do this with the following code. public ActionResult Entity(string entityCode) { if (CurrentUser.VerifyEntityPermission(entityCode)) { //populate viewModel... return View(viewModel); } return RedirectToAction("NoAccessToEntity", "Error"); } I would like to be able to add an attribute to the controller action itself. In order to validate the access to the entity, I need to see what value has been passed to the controller and what entities the user has access to. Is this possible? [EntityAuthRequired] public ActionResult Entity(string entityCode) { //populate viewModel... return View(viewModel); }

  Read the article

• How can I stop IIS7 from using HttpHandlers?

  - by mcintyre321

  I'm having a bit of a play around with IIS7, just trying to catch events manually in global.asax and skip the ASP pipeline entirely. To this end, I've set <httpHandlers> <clear/> </httpHandlers> <httpModules> <clear/> </httpModules> but when I call the server I get a YSOD [HttpException]: No http handler was found for request type 'GET' at System.Web.HttpApplication.MapHttpHandler(HttpContext context, String requestType, VirtualPath path, String pathTranslated, Boolean useAppConfig) at System.Web.HttpApplication.MapHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) What do I need to do to completely prevent IIS from handling things? What I want is just to do Response.Writes in event handlers and async methods set up in HttpApplication.Init

  Read the article

• Unit test class inherited from ContextBoundObject and decorated with ContextAttribute

  - by Joel Cunningham

  I am trying to retrofit unit tests on to some existing code base. Both the class and method I want to unit test is decorated with custom attributes that are inherited from ContextBoundObject and ContextAttribute. I dont want them to run as part of the unit test. The only solution I have come up with is to compile the attribute out when I want to unit test. I dont really like this solution and would prefer to either replace it with a mocked attribute at runtime or prevent the attribute from running in a more elegant way. How do you unit test code that has class and method attributes that inherit from ContextBoundObject and ContextAttribute that you dont want to run as part of a unit test? Thanks in advance.

  Read the article

• Reading XML using XDocument & Linq - check if element is NULL?

  - by adchased

  I'm using LINQ together with XDocument to read a XML File. This is the code: XDocument xml = XDocument.Load(filename); var q = from b in xml.Descendants("product") select new { name = b.Element("name").Value, price = b.Element("price").Value, extra = b.Element("extra1").Value, deeplink = b.Element("deepLink").Value }; Now the problem is, the extra1 field is not always present. There are items in the XML file without that node. If that happens it's crashing with a NullReferenceException. Is there any possibility to include a "check if null" so I can prevent it from crashing?

  Read the article

• What is a hardware-id?

  - by Rob

  Some forums that I regularly visit sell premium programs, and to prevent them from being leaked they use hardware-id authentication. That is, first they send you a program to run to grab your HWID, you tell them your HWID, they store it in a database, then they send you the actual program. If your HWID isn't in the database, the program won't run. So what is Hardware-ID, and how is it generated? Why is it that my HWID is different depending on the programmer that sends me a HWID-grabber?

  Read the article

• Firing trigger for bulk insert

  - by Deepa

  ALTER TRIGGER [dbo].[TR_O_SALESMAN_INS] ON [dbo].[O_SALESMAN] AFTER INSERT AS BEGIN -- SET NOCOUNT ON added to prevent extra result sets from -- interfering with SELECT statements. SET NOCOUNT ON; -- Insert statements for trigger here DECLARE @SLSMAN_CD NVARCHAR(20) DECLARE @SLSMAN_NAME NVARCHAR(20) SELECT @SLSMAN_CD = SLSMAN_CD,@SLSMAN_NAME=SLSMAN_NAME FROM INSERTED IF NOT EXISTS(SELECT * FROM O_SALESMAN_USER WHERE SLSMAN_CD = @SLSMAN_CD) BEGIN INSERT INTO O_SALESMAN_USER(SLSMAN_CD, PASSWORD, USER_CD) VALUES(@SLSMAN_CD, @SLSMAN_CD,@SLSMAN_NAME ) END END This is the trigger written for a table(O_SALESMAN) to fetch few columns from it and insert it into one another table(O_SALESMAN_USER). Presently bulk data is getting inserted into O_SALESMAN table through a stored procedure, where as the trigger is getting fired only once and O_SALESMAN_USER is having only one record inserted each time whenever the stored procedure is being executed,i want trigger to run after each and every record that gets inserted into O_SALESMAN such that both tables should have same count which is not happening..so please let me know what can be modified in this Trigger to achieve the same....

  Read the article

• Client authentication with RubyLDAP ldap

  - by Marcelo de Moraes Serpa

  Hello all, I'm trying to implement a feature that uses LDAP over SSL (SSL, not TLS), it needs to connect to a SSL-enabled LDAP server (i.e OpenLDAP), bind and then do any additional queries. It also needs to support client-authentication, and this is where things get tricky: The client is a web application written in Ruby, and we are using RubyLDAP (so far we have used it for non-SSL ldap stuff with great success). My question is: Is there a way to load a client certificate and send its data over the wire to the LDAP server when doing a LDAP::SSLConn? I haven't found anything obvious on the API docs (http://ruby-ldap.sourceforge.net/rdoc/) nor while googling around. I know I that I can prevent the server from asking for a certificate by putting the following on slapd.conf (OpenLDAP): TLSVerifyClient never However, this is not an option here. Thanks, Marcelo.

  Read the article

• Hashes vs Numeric id's

  - by Karan Bhangui

  When creating a web application that some how displays the display of a unique identifier for a recurring entity (videos on YouTube, or book section on a site like mine), would it be better to use a uniform length identifier like a hash or the unique key of the item in the database (1, 2, 3, etc). Besides revealing a little, what I think is immaterial, information about the internals of your app, why would using a hash be better than just using the unique id? In short: Which is better to use as a publicly displayed unique identifier - a hash value, or a unique key from the database? Edit: I'm opening up this question again because Dmitriy brought up the good point of not tying down the naming to db specific property. Will this sort of tie down prevent me from optimizing/normalizing the database in the future? The platform uses php/python with ISAM /w MySQL.

  Read the article

• Visual Studio 2008/2010 & SQL Server 2008 on Windows 7 Home Premium

  - by Steve

  Are there any limitations with respect to developing ASP.NET and WPF apps using VS 2008/2010 and SQL Server 2008 on Windows 7 Home Premium? I know you can run IIS 7.5 on Home Premium. I Googled and Binged on Home Premium and VS/SQL Server and couldn't find much. It doesn't look like the features missing from Home Premium, domain joining, xp mode, etc... shouldn't prevent one from running and developing in VS/SQL Server. Update I did discover one limitation w/IIS 7.5 and it applies to all versions of Windows 7 I think. You can't create your own self signed SSL certificate specifying a name other than the machine name. You're stuck with your machine name which isn't that big a deal, but it is a change from previous versions.

  Read the article

• Module autoloader in ZF

  - by ChrisRamakers

  The manual on Zend_Application_Module_Autoloader states the following: When using module bootstraps with Zend_Application, an instance of Zend_Application_Module_Autoloader will be created by default for each discrete module, allowing you to autoload module resources. Source: http://framework.zend.com/manual/zh/zend.loader.autoloader-resource.html#zend.loader.autoloader-resource.module This requires me to create an empty bootstrap class for each of my modules or else resource autoloading per module won't work with the build-in autoloader. Now I have two questions What is a discrete module? Is there a way to have this resource autoloader registered by default for each module without the need to create a bootstrap file for each module? I want it available in each module and creating so many empty bootstrap classes is something i'd rather prevent.

  Read the article

• Silverlight authentication during startup - how to mimic syncronous behavior?

  - by jkohlhepp

  I have a Silverlight app that is using the MVVM pattern. I have a WCF service which will allow me to authenticate users (I don't have direct control over that service - assume it is a black box that just returns me the user info and a list of privileges the user has). So, when the app starts up, I want to pull security data from that service. Right now, when I do this, my views and view models can end up getting initialized before the service returns with the security data. This causes problems because the view models need to disable buttons and make things visible/invisible based on the user having certain privileges. Is there a pattern that allows me to prevent the initialization of the views / view models until the WCF call has returned? How would you go about solving this problem as elegantly as possible?

  Read the article

• Chrome 5 problem with scroll

  - by Parhs

  $(document).keydown(function (event) { if(event.keyCode==38 || event.keyCode==40) { var row; if(event.keyCode==40) row=$(row_selected).next(); if(event.keyCode==38) row=$(row_selected).prev(); if(row.length==0) { row=$(row_selected); } row_select( row ); var row_position_bottom=$(row).height() +$(row).offset().top; var doc_position=$(window).height() + $(window).scrollTop(); if(row_position_bottom >doc_position) $(window).scrollTop(row_position_bottom-$(window).height()); if($(row).offset().top < $(window).scrollTop()) $(window).scrollTop($(row).offset().top); return false; } }); Hello i used this code to select rows of my table...If the selection isnt visible page scrolls... It works great ,FIrefox,Internet Explorer,Safari, but not in chrome..... In Chrome 4 not the last version it worked great!!! The problem is that return false doesnt prevent the page from scrolling...

  Read the article

< Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >