Search Results

Search found 5623 results on 225 pages for 'prevent deletion'.

Page 154/225 | < Previous Page | 150 151 152 153 154 155 156 157 158 159 160 161 | Next Page >

Testing for security vulnerabilities on web applications

- by Moak

A lot of companies use CMS software that updates on the regular, often they are security fixes, implying that the previous version have security vulnerabilities. But most clients never upgrade this, or even the CMS has been modified so that an update would break the site. Are there sites that document these exploits, and instruct how to test for them? Or does this information not even get published? (in order not to have people try to exploit them) Also is there a generic php/js based check list to prevent hack attempts? I know about SQL injections and XSS, but I'm sure that there are more threats out there. Peace

Read the article
button in the form cause it be submitted automatically

- by Spiderman

has the HTML version changed lately (like from ie7 to IE8?) I notice the following change that cause me some troulbe - I am having a code that is similar to this: <form method="POST" action="/admin/modify"> <input type="text"/> <button onclick="dosomething()">Press</button> </form> <script type="text/javascript"> function doSomething(){ // doesn't matter what actually } </script> What is weired to me in this code is that by pressing the button inside the form, all I want is to perform some javascript action but eventaully it causes the form to be submitted too, even when I am not willing to do it. So - is it true? and if so how can I perform some java script actoin inside a from but prevent the form from being submitted automatically?

Read the article
PHP Populating array with $variables

- by Tom

Hi, I'm trying to create a basic shopping cart, having an issue with the product page allowing users to add more items to their cart then are in stock (I have code in place to prevent this on the view cart page, just not the view product page) This is what I have so far; for ($i = 0; $i < $numItem; $i++) { extract($cartContent[$i]); $subTotal += $price * $cartQuantity; $cartLimiter[$itemNo => $cartQuantity]; Using an array so the position number becomes the item number and the cart quantity becomes the assigned value, however it doesn't seem to like it and throws out on the bottom line of code: Parse error: syntax error, unexpected T_DOUBLE_ARROW, expecting ']' Thanks

Read the article
DataBind and Postback

- by Michael La Voie

This is a general how does DataBind work questions... I have a simple page with a GridView that is bound (in the aspx code) to an ObjectDataSource. I can look in the Select() function called by the ObjectDataSource to see that it is called on the initial load and on every post back. I have some logic that happens on post backs that will affect the GridView's data, and I want to call GridView.DataBind() later on in the post back, after I've made some changes. Is there a way to prevent the automatic rebinding that happens on each post back? Does this mean I can't use an ObjectDataSource for this control?

Read the article
Problem calling stored procedure with a fixed length binary parameter using Entity Framework

- by Dave

I have a problem calling stored procedures with a fixed length binary parameter using Entity Framework. The stored procedure ends up being called with 8000 bytes of data no matter what size byte array I use to call the function import. To give some example, this is the code I am using. byte[] cookie = new byte[32]; byte[] data = new byte[2]; entities.Insert("param1", "param2", cookie, data); The parameters are nvarchar(50), nvarchar(50), binary(32), varbinary(2000) When I run the code through SQL profiler, I get this result. exec [dbo].[Insert] @param1=N'param1',@param2=N'param2',@cookie=0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [SNIP because of 16000 zeros] ,@data=0x0000 All parameters went through ok other than the binary(32) cookie. The varbinary(2000) seemed to work fine and the correct length was maintained. Is there a way to prevent the extra data being sent to SQL server? This seems like a big waste of network resource.

Read the article
Configuring Hadoop logging to avoid too many log files

- by Eric Wendelin

I'm having a problem with Hadoop producing too many log files in $HADOOP_LOG_DIR/userlogs (the Ext3 filesystem allows only 32000 subdirectories) which looks like the same problem in this question: http://stackoverflow.com/questions/2091287/error-in-hadoop-mapreduce My question is: does anyone know how to configure Hadoop to roll the log dir or otherwise prevent this? I'm trying to avoid just setting the "mapred.userlog.retain.hours" and/or "mapred.userlog.limit.kb" properties because I want to actually keep the log files. I was also hoping to configure this in log4j.properties, but looking at the Hadoop 0.20.2 source, it writes directly to logfiles instead of actually using log4j. Perhaps I don't understand how it's using log4j fully. Any suggestions or clarifications would be greatly appreciated.

Read the article
Preventing symbols from being stripped in IBM Visual Age C/C++ for AIX

- by smountcastle

I'm building a shared library which I dynamically load (using dlopen) into my AIX application using IBM's VisualAge C/C++ compiler. Unfortunately, it appears to be stripping out necessary symbols: rtld: 0712-002 fatal error: exiting. rtld: 0712-001 Symbol setVersion__Q2_3CIF17VersionReporterFRCQ2_3std12basic_stringXTcTQ2_3std11char_traitsXTc_TQ2_3std9allocatorXTc__ was referenced from module ./object/AIX-6.1-ppc/plugins/plugin.so(), but a runtime definition of the symbol was not found. Both the shared library and the application which loads the shared library compile/link against the static library which contains the VersionReporter mentioned in the error message. To link the shared library I'm using these options: -bM:SRE -bnoentry -bexpall To link the application, I'm using this option: -brtl Is there an option I can use to prevent this symbol from being stripped in the application? I've tried using -nogc as stated in the IBM docs, but that causes the shared library to be in an invalid format or the application to fail to link (depending on which one I use it with).

Read the article
Disable page cache on a specific page

- by David Brunelle

Hi, Not sure if I really am on the right forum, but if not, just tell me. I have a page that is coded in ASP (not .net) which is used to send email. We are currently having a problem in which the page seem to be sent twice sometime. Upon checking, we found out that those who have this problem are coming from big organisation, so it was suggested that their server might cache the file for some reason. I would like to know, is there a way in HTML (or ASP ) to prevent that from happening ? Or is it in IIS that we must set this up ? Thanks,

Read the article
Timeout LinqToSql inserting millions of records

- by Bas

I'm inserting approximently 3 million records in a database using this solution. Eventually when the application has been inserting records for a while (my last run lasted around 4 hours), it gives a timeout with the following SqlException: "SqlExcepetion: Timeout expired. The timeoutperiod elapsed prior to completion of the operation or the server is not responding." What's the best way to handle this exception? Is there a way to prevent this from happening or should I catch the exception? Thanks in advance!

Read the article
Automatic upload of 10KB file to web service?

- by Joseph Turian

I am writing an application, similar to Seti@Home, that allows users to run processing on their home machine, and then upload the result to the central server. However, the final result is maybe a 10K binary file. (Processing to achieve this output is several hours.) What is the simplest reliable automatic method to upload this file to the central server? What do I need to do server-side to prevent blocking? Perhaps having the client send mail is simple and reliable? NB the client program is currently written in Python, if that matters.

Read the article
Valid Email Addresses - XSS and SQL Injection

- by PAAMAYIM_NEKUDOTAYIM

Since there are so many valid characters for email addresses, are there any valid email addresses that can in themselves be XSS attacks or SQL injections? I couldn't find any information on this on the web. The local-part of the e-mail address may use any of these ASCII characters: Uppercase and lowercase English letters (a–z, A–Z) Digits 0 to 9 Characters ! # $ % & ' * + - / = ? ^ _ ` { | } ~ Character . (dot, period, full stop) provided that it is not the last character, and provided also that it does not appear two or more times consecutively (e.g. [email protected]). http://en.wikipedia.org/wiki/E-mail_address#RFC_specification I'm not asking how to prevent these attacks (I'm already using parametrized queries and HTML purifier), this is more a proof-of-concept. The first thing that came to mind was 'OR [email protected], except that spaces are not allowed. Do all SQL injections require spaces?

Read the article
losing leading & trailing space when translated using Google Machine Translation

- by Sourabh

Hi , I am using google ajax based translation API like in the below example. google.load("language", "1"); function initialize() { var text = document.getElementById("text").innerHTML; google.language.detect(text, function(result) { if (!result.error && result.language) { google.language.translate(text, result.language, "en", function(result) { var translated = document.getElementById("translation"); if (result.translation) { translated.innerHTML = result.translation; } }); } }); } google.setOnLoadCallback(initialize); When I send string like " how are you? " The transaltion what I get is like "xxx xxx xxxxxxx" . the spaces in the original string are trimmed.How do I prevent it from happening ?

Read the article
unique constraint (w/o Trigger) on "one-to-many" relation

- by elgcom

To illustrate the problem, I make an example: A tag_bundle consists of one or more than one tags. A unique tag combination can map to a unique tag_bundle, vice versa. tag_bundle tag tag_bundle_relation +---------------+ +--------+ +---------------+--------+ | tag_bundle_id | | tag_id | | tag_bundle_id | tag_id | +---------------+ +--------+ +---------------+--------+ | 1 | | 100 | | 1 | 100 | +---------------+ +--------+ +---------------+--------+ | 101 | | 1 | 101 | +--------+ +---------------+--------+ There can't be another tag_bundle having the combination from tag 100 and tag 101. How can I ensure such unique constraint when executing SQL "concurrently"!! that is, to prevent concurrently adding two bundles with the same tag combination Adding a simple unique constraint on any table does not work, Is there any solution other than Trigger or explicit lock. I come to only this simple way: make tag combination into string, and let it be unique. tag_bundle (unique on tags) tag tag_bundle_relation +---------------+--------+ +--------+ +---------------+--------+ | tag_bundle_id | tags | | tag_id | | tag_bundle_id | tag_id | +---------------+--------+ +--------+ +---------------+--------+ | 1 | 100,101| | 100 | | 1 | 100 | +---------------+--------+ +--------+ +---------------+--------+ | 101 | | 1 | 101 | +--------+ +---------------+--------+ but it seems not a good way :(

Read the article
IWebBrowser2: how to force links to open in new window?

- by Rob McAfee

The MSDN documentation on WebBrowser Customization explains how to prevent new windows from being opened and how to cancel navigation. In my case, my application is hosting an IWebBrowser2 but I don't want the user to navigate to new pages within my app. Instead, I'd like to open all links in a new IE window. The desired behavior is: user clicks a link, and a new window opens with that URL. A similar question was asked and answered here and rather than pollute that answered post, it was suggested I open a new discussion. The members on the related post suggested I should be able to do this by trapping DISPID_BEFORENAVIGATE2, setting the cancel flag, and writing code to open a new window, but I've found out that the browser control gets lots of BeforeNavigate2 events that seem to be initiated by scripts on the main page. For example, amazon.com fires BeforeNavigate2 events like crazy, and they are not a result of link invocation. Replies appreciated!

Read the article
Can jQuery UI's Sortable handle complex selectors for the items option?

- by jverdi

I have list items in an unordered list that when double clicked, can be edited in place via a wysiwyg editor. $('ul.mtm_section').sortable({ disabled: true, distance: 10, items: '> li:not(:has(form))' }); My goal is to prevent the list item from being sorted while it is being edited - aka once a form element has been swapped in place of the contents. Unfortunately my selector for items is not working. Is sortable able to handle complex selectors like these? If not, are there other clever means to disable some items from being sortable, perhaps a callback function? I would prefer to rely on this sortable option, as the wysiwyg plugin is deeply nested with jEditable and as far as I know does not open up any events for me to hook into. Using jQuery 1.4.2 and jQuery UI 1.8.1

Read the article
What mail storage should I choose for our web application; IMAP, key-valud store, rdbms, ...

- by tvrtko

I have to store e-mail messages for use with our application. I have "metadata" for all messages inside a relational database, but I don't feel comfortable keeping message content (gigabytes and terabytes of email data) inside a database. I'm currently using IMAP as a storage, but I have my doubts if I choose correctly. First of all there is a problem of uidvalidity and how to keep a permanent reference to message inside IMAP. Second, I'm not sure if this is the most robust solution in terms of backup/restore strategies, corruption of store, replication ... Positive side is that I can query IMAP using the headers because the data is mostly indexed. I don't know if key-value stores are a better approach (Casandra, Tokyo cabinet, redis). How they handle storing 1KB and 50MB of data. How they prevent corruption and when corruption or device failure happens how can I repair the store.

Read the article
can I prohibit users from loading swf files by AS3 / Flash Loader.load() and only allow loading imag

- by EndangeringSpecies

I want to have an AS3 app load images from url supplied by the user. But I don't want a malicious user to be able to load an SWF file in place of the image, such as with an altered extension "maliciousSwf.png". Well, not sure how big a security threat that is above and beyond the ability of the hacker to decompile swf, but I think that ideally such behavior should not be allowed. So, is there any way to prevent this? When people allow users to load images in their Flash apps, do they somehow guard against loading of SWF? Or is this really absolutely no big deal?

Read the article
slashes in url variables

- by namtax

Hi there I have set up my coldfusion application to have dynamic urls on the page, such as www.musicExplained/index.cfm/artist/:VariableName However my variable names will sometimes contain slashes, such as www.musicExplained/index.cfm/artist/GZA/Genius This is causing a problem, because my application presumes that the slash in the variable name represents a different section of the website, the artists albums. So the URL will fail. I am wondering if there is anyway to prevent this from happening? Do I need to use a function that replaces slashes in the variable names with another character? Thanks

Read the article
Create Access databases programatically through vb.net

- by user87225

Let me preface this by saying that I know this is a stupid way to go about this, but it needs to be handled in this way. I need to make an application that from a master database creates a number of access database files (tables of a larger db), then these are manually given to users who fill in data, the database files are emailed back to a user who, through the application, combines them again. The only part of this that I am unsure about is problematically creating the access db's. I have read that through Microsoft Jet OLE DB Provider and Microsoft ADO Ext I can create them (the tables and data), but I also need forms. I have yet to start writing anything and this is away from my area of work, so any insight/links would be much appreciated. Also, I would hope to be able to write this in the free express version of visual studio. Are there components needed that would prevent me from this? Thanks.

Read the article
C# + Disposing DbConnection and DbCommand and catching error

- by Eatdoku

Hi, I am trying to understand DbConnection and DbCommand, and the proper way to dispose those objects after use. Following is the code snippet I have. By using "using statement" on DbConnection and DbCommand, would it be sufficient? I am trying to prevent possible memory leak. 2nd question, Do I have to Dispose DbCommand object? thanks a lot DbProviderFactory fac = DbProviderFactories.GetFactory(this.DatabaseProviderName); using (DbConnection dbConn = fac.CreateConnection()) { dbConn.ConnectionString = this.ConnectionString; using (DbCommand comm = fac.CreateCommand()) { comm.CommandText = "select * from aTable"; comm.Connection = dbConn; DataTable targetTable = new DataTable(); DbDataAdapter facDA = fac.CreateDataAdapter(); facDA.SelectCommand = comm; facDA.Fill(targetTable); //assuming Adapter would open / close connection (right assumption?) //do something with the datatable } }

Read the article
Question about Content Delivery Networks CDN

- by yummm

I've built a javascript code that my clients will be installing on their website and they will be calling a file from my server. I'm wondering if it would be better to host the javascript file on a CDN, instead of on my server? The benefits would be better response time and a much higher chance that it will always be available. However, In the future, if the CDN was acquired or went out of business I would have a number of clients linking to a file that doesn't exist. Is there any way to prevent this from happening?

Read the article
Proper way to have an endless worker thread?

- by Neil N

I have an object that requires a lot of initialization (1-2 seconds on a beefy machine). Though once it is initialized it only takes about 20 miliseconds to do a typical "job" In order to prevent it from being re-initialized every time an app wants to use it (which could be 50 times a second or not at all for minutes in typical usage), I decided to give it a job que, and have it run on its own thread, checking to see if there is any work for it in the que. However I'm not entirely sure how to make a thread that runs indefinetly with or without work. Here's what I have so far, any critique is welcomed private void DoWork() { while (true) { if (JobQue.Count > 0) { // do work on JobQue.Pop() } else { System.Threading.Thread.Sleep(50); } } } After thought: I was thinking I may need to kill this thread gracefully insead of letting it run forever, so I think I will add a Job type that tells the thread to end. Any thoughts on how to end a thread like this also appreciated.

Read the article
What is the impact/limitation of oracle select with large number of bind variables?

- by Igal Serban

We had our oracle server chocking during processing a select statement with close to 3500(!!) bind variables. This select is, obviously, build dynamically by code that we can't change. During the execution of this select the db server went to 100% cpu usage and our system almost halted. We know how to reproduce this problem. So we can prevent this specific condition. But I am wondering if there is a way to protect the db ( by configuration) from this type of problems.

Read the article
Third party Application's Idle Session expiry

- by Manjoor

We have a third party application running. It shows login dialog when idle for 20 minutes. We need to prevent the application to display login screen. We do not have any idea how idle state is handled internally in that application. We have done the follwoing with no luck. Created an small application in c# which focus it after every 5 minutes (using SetForegroundWindow()) and send a BM_CLICK message to one of its child window. Does not work. focus it after every 5 minutes (using SetForegroundWindow()) and move the cursor few pixels then restore cursor at its previous position. This does not work too! Is there any other way to achieve the goal?

Read the article
Updating a session variable on a page that uses enablesessionstate=readonly attribute doesn't fail f

- by chandmk

Asp.Net allows you you set the session state to readonly at individual page level or in the web.config for all pages. But it doesn't prevent you from creating a brand new session variable on that page or modify an existing session variable. But when you try to use that session variable it is either not available or its value is not modified. Why wouldn't the asp.net framework throw a run time error, if not compile time error, when a write attempt is made to a session on the pages where that is not allowed?

Read the article

< Previous Page | 150 151 152 153 154 155 156 157 158 159 160 161 | Next Page >