Search Results

Search found 31524 results on 1261 pages for 'request form'.

Page 16/1261 | < Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >

  • Anti-Forgery Request Helpers for ASP.NET MVC and jQuery AJAX

    - by Dixin
    Background To secure websites from cross-site request forgery (CSRF, or XSRF) attack, ASP.NET MVC provides an excellent mechanism: The server prints tokens to cookie and inside the form; When the form is submitted to server, token in cookie and token inside the form are sent in the HTTP request; Server validates the tokens. To print tokens to browser, just invoke HtmlHelper.AntiForgeryToken():<% using (Html.BeginForm()) { %> <%: this.Html.AntiForgeryToken(Constants.AntiForgeryTokenSalt)%> <%-- Other fields. --%> <input type="submit" value="Submit" /> <% } %> This invocation generates a token then writes inside the form:<form action="..." method="post"> <input name="__RequestVerificationToken" type="hidden" value="J56khgCvbE3bVcsCSZkNVuH9Cclm9SSIT/ywruFsXEgmV8CL2eW5C/gGsQUf/YuP" /> <!-- Other fields. --> <input type="submit" value="Submit" /> </form> and also writes into the cookie: __RequestVerificationToken_Lw__= J56khgCvbE3bVcsCSZkNVuH9Cclm9SSIT/ywruFsXEgmV8CL2eW5C/gGsQUf/YuP When the above form is submitted, they are both sent to server. In the server side, [ValidateAntiForgeryToken] attribute is used to specify the controllers or actions to validate them:[HttpPost] [ValidateAntiForgeryToken(Salt = Constants.AntiForgeryTokenSalt)] public ActionResult Action(/* ... */) { // ... } This is very productive for form scenarios. But recently, when resolving security vulnerabilities for Web products, some problems are encountered. Specify validation on controller (not on each action) The server side problem is, It is expected to declare [ValidateAntiForgeryToken] on controller, but actually it has be to declared on each POST actions. Because POST actions are usually much more then controllers, this is a little crazy Problem Usually a controller contains actions for HTTP GET and actions for HTTP POST requests, and usually validations are expected for HTTP POST requests. So, if the [ValidateAntiForgeryToken] is declared on the controller, the HTTP GET requests become invalid:[ValidateAntiForgeryToken(Salt = Constants.AntiForgeryTokenSalt)] public class SomeController : Controller // One [ValidateAntiForgeryToken] attribute. { [HttpGet] public ActionResult Index() // Index() cannot work. { // ... } [HttpPost] public ActionResult PostAction1(/* ... */) { // ... } [HttpPost] public ActionResult PostAction2(/* ... */) { // ... } // ... } If browser sends an HTTP GET request by clicking a link: http://Site/Some/Index, validation definitely fails, because no token is provided. So the result is, [ValidateAntiForgeryToken] attribute must be distributed to each POST action:public class SomeController : Controller // Many [ValidateAntiForgeryToken] attributes. { [HttpGet] public ActionResult Index() // Works. { // ... } [HttpPost] [ValidateAntiForgeryToken(Salt = Constants.AntiForgeryTokenSalt)] public ActionResult PostAction1(/* ... */) { // ... } [HttpPost] [ValidateAntiForgeryToken(Salt = Constants.AntiForgeryTokenSalt)] public ActionResult PostAction2(/* ... */) { // ... } // ... } This is a little bit crazy, because one application can have a lot of POST actions. Solution To avoid a large number of [ValidateAntiForgeryToken] attributes (one for each POST action), the following ValidateAntiForgeryTokenAttribute wrapper class can be helpful, where HTTP verbs can be specified:[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)] public class ValidateAntiForgeryTokenWrapperAttribute : FilterAttribute, IAuthorizationFilter { private readonly ValidateAntiForgeryTokenAttribute _validator; private readonly AcceptVerbsAttribute _verbs; public ValidateAntiForgeryTokenWrapperAttribute(HttpVerbs verbs) : this(verbs, null) { } public ValidateAntiForgeryTokenWrapperAttribute(HttpVerbs verbs, string salt) { this._verbs = new AcceptVerbsAttribute(verbs); this._validator = new ValidateAntiForgeryTokenAttribute() { Salt = salt }; } public void OnAuthorization(AuthorizationContext filterContext) { string httpMethodOverride = filterContext.HttpContext.Request.GetHttpMethodOverride(); if (this._verbs.Verbs.Contains(httpMethodOverride, StringComparer.OrdinalIgnoreCase)) { this._validator.OnAuthorization(filterContext); } } } When this attribute is declared on controller, only HTTP requests with the specified verbs are validated:[ValidateAntiForgeryTokenWrapper(HttpVerbs.Post, Constants.AntiForgeryTokenSalt)] public class SomeController : Controller { // GET actions are not affected. // Only HTTP POST requests are validated. } Now one single attribute on controller turns on validation for all POST actions. Maybe it would be nice if HTTP verbs can be specified on the built-in [ValidateAntiForgeryToken] attribute, which is easy to implemented. Submit token via AJAX The browser side problem is, if server side turns on anti-forgery validation for POST, then AJAX POST requests will fail be default. Problem For AJAX scenarios, when request is sent by jQuery instead of form:$.post(url, { productName: "Tofu", categoryId: 1 // Token is not posted. }, callback); This kind of AJAX POST requests will always be invalid, because server side code cannot see the token in the posted data. Solution The tokens are printed to browser then sent back to server. So first of all, HtmlHelper.AntiForgeryToken() must be called somewhere. Now the browser has token in HTML and cookie. Then jQuery must find the printed token in the HTML, and append token to the data before sending:$.post(url, { productName: "Tofu", categoryId: 1, __RequestVerificationToken: getToken() // Token is posted. }, callback); To be reusable, this can be encapsulated into a tiny jQuery plugin:/// <reference path="jquery-1.4.2.js" /> (function ($) { $.getAntiForgeryToken = function (tokenWindow, appPath) { // HtmlHelper.AntiForgeryToken() must be invoked to print the token. tokenWindow = tokenWindow && typeof tokenWindow === typeof window ? tokenWindow : window; appPath = appPath && typeof appPath === "string" ? "_" + appPath.toString() : ""; // The name attribute is either __RequestVerificationToken, // or __RequestVerificationToken_{appPath}. tokenName = "__RequestVerificationToken" + appPath; // Finds the <input type="hidden" name={tokenName} value="..." /> from the specified. // var inputElements = $("input[type='hidden'][name='__RequestVerificationToken" + appPath + "']"); var inputElements = tokenWindow.document.getElementsByTagName("input"); for (var i = 0; i < inputElements.length; i++) { var inputElement = inputElements[i]; if (inputElement.type === "hidden" && inputElement.name === tokenName) { return { name: tokenName, value: inputElement.value }; } } return null; }; $.appendAntiForgeryToken = function (data, token) { // Converts data if not already a string. if (data && typeof data !== "string") { data = $.param(data); } // Gets token from current window by default. token = token ? token : $.getAntiForgeryToken(); // $.getAntiForgeryToken(window). data = data ? data + "&" : ""; // If token exists, appends {token.name}={token.value} to data. return token ? data + encodeURIComponent(token.name) + "=" + encodeURIComponent(token.value) : data; }; // Wraps $.post(url, data, callback, type). $.postAntiForgery = function (url, data, callback, type) { return $.post(url, $.appendAntiForgeryToken(data), callback, type); }; // Wraps $.ajax(settings). $.ajaxAntiForgery = function (settings) { settings.data = $.appendAntiForgeryToken(settings.data); return $.ajax(settings); }; })(jQuery); In most of the scenarios, it is Ok to just replace $.post() invocation with $.postAntiForgery(), and replace $.ajax() with $.ajaxAntiForgery():$.postAntiForgery(url, { productName: "Tofu", categoryId: 1 }, callback); // Token is posted. There might be some scenarios of custom token. Here $.appendAntiForgeryToken() is provided:data = $.appendAntiForgeryToken(data, token); // Token is already in data. No need to invoke $.postAntiForgery(). $.post(url, data, callback); And there are scenarios that the token is not in the current window. For example, an HTTP POST request can be sent by iframe, while the token is in the parent window. Here window can be specified for $.getAntiForgeryToken():data = $.appendAntiForgeryToken(data, $.getAntiForgeryToken(window.parent)); // Token is already in data. No need to invoke $.postAntiForgery(). $.post(url, data, callback); If you have better solution, please do tell me.

    Read the article

  • Not use CSS definitions for one <FORM>

    - by Svisstack
    I have template from themeforest and i dont want edit css from this template, because i don't have time for it. But i want integrate paypal buttons to my webpage, problem is paypal button use tag for selection payment option. I have overloaded style for tag and this not look like should. How to not use CSS for this element. I dont want use and if i don't must then i dont want edit this CSS;-) This css look wired, i must edit her to solve this problem? What is best solution for this? /*//// - Forms - ////*/ form { margin-bottom:20px; } body.ie7 form, body.ie8 { margin-bottom:40px; } form p { margin-bottom:15px; } form label { float:left; width:140px; margin-top:5px; } form input, form textarea, form select { padding:10px 5px; background:#fff url(../img/bg-input.gif) repeat-x top; border:1px solid #D9D9D9; width:448px; border-radius:3px; -moz-border-radius:3px; -webkit-border-radius:3px; } form input.small { width:35px; } html, body, div, span, object, iframe, h1, h2, h3, h4, h5, h6, p, blockquote, pre, abbr, address, cite, code, del, dfn, em, img, ins, kbd, q, samp, small, strong, sub, sup, var, b, i, dl, dt, dd, ol, ul, li, fieldset, form, label, legend, table, caption, tbody, tfoot, thead, tr, th, td, article, aside, figure, footer, header, hgroup, menu, nav, section, menu, time, mark, audio, video { margin:0; padding:0; border:0; outline:0; font-size:100%; vertical-align:baseline; background:transparent; } Can anyone help me?

    Read the article

  • How to Implement Complex Form Data?

    - by SoulBeaver
    I'm supposed to implement a relatively complex form that looks like follows, but has at least four more pages requiring the user to fill in all necessary information for the tracks: This data will need to be sent to the server, which is implemented using Dropwizard. I'm looking for best practices on how to upload and send such a complex form with potentially dozens of songs to the server. The simplest available solution I have seen is a simple multipart/form-data request with the following form schema (Source): Client <html> <body> <h1>File Upload with Jersey</h1> <form action="rest/file/upload" method="post" enctype="multipart/form-data"> <p> Select a file : <input type="file" name="file" size="45" /> </p> <input type="submit" value="Upload It" /> </form> </body> </html> Server @POST @Path("/upload") @Consumes(MediaType.MULTIPART_FORM_DATA) public Response uploadTrack(final FormDataMultiPart multiPart) { List<FormDataBodyPart> artists = multiPart.getFields("artist"); StringBuffer output = new StringBuffer(); for (FormDataBodyPart artist : artists) output.append(artist.getValueAs(String.class)); List<FormDataBodyPart> tracks = multiPart.getFields("track"); for (FormDataBodyPart track : tracks) writeToFile(track.getValueAs(InputStream.class), "Foo"); return Response.status(200).entity(output.toString()).build(); } Then I have also read about file uploads via Ajax or Formdata (Mozilla HttpRequest) which allows for Posts in the formats application/x-www-form-urlencoded, multipart/form-data, or text/plain. I don't know which approach, if any, is best. An ideal solution would be to utilize Jackson to convert a json string into my data objects, but I don't get the impression that this is possible with binary data.

    Read the article

  • Oracle B2B - Synchronous Request Reply

    - by cdwright
    Introduction So first off, let me say I didn't create this demo (although I did modify it some). I got it from a member of the B2B development technical staff. Since it came with only a simple readme file, I thought I would take some time and write a more detailed explanation about how it works. Beginning with Oracle SOA Suite PS5 (11.1.1.6), B2B supports synchronous request reply over http using the b2b/syncreceiver servlet. I’m attaching the demo to this blog which includes a SOA composite archive that needs to be deployed using JDeveloper, a B2B repository with two agreements that need to be deployed using the B2B console, and a test xml file that gets sent to the b2b/syncreceiver servlet using your favorite SOAP test tool (I'm using Firefox Poster here). You can download the zip file containing the demo here. The demo works by sending the sample xml request file (req.xml) to http://<b2bhost>:8001/b2b/syncreceiver using the SOAP test tool.  The syncreceiver servlet keeps the socket connection open between itself and the test tool so that it can synchronously send the reply message back. When B2B receives the inbound request message, it is passed to the SOA composite through the default B2B Fabric binding. A simple reply is created in BPEL and returned to B2B which then sends the message back to the test tool using that same socket connection. I’ll show you the B2B configuration first, then we’ll look at the soa composite. Configuring B2B No additional configuration necessary in order to use the syncreceiver servlet. It is already running when you start SOA. After importing the GC_SyncReqRep.zip repository file into B2B, you’ll have the typical GlobalChips host trading partner and the Acme remote trading partner. Document Management The repository contains two very simple custom XML document definitions called Orders and OrdersResponse. In order to determine the trading partner agreement needed to process the inbound Orders document, you need to know two things about it; what is it and where it came from. So let’s look at how B2B identifies the appropriate document definition for the message. The XSD’s for these two document definitions themselves are not particularly interesting. Whenever you're dealing with custom XML documents, B2B identifies the appropriate document definition for each XML message using an XPath Identification Expression. The expression is entered for each of these document definitions under the document administration tab in the B2B console. The full XPATH expression for the Orders document is  //*[local-name()='shiporder']/*[local-name()='shipto']/*[local-name()='name']/text(). You can see this path in the XSD diagram below and how it uniquely identifies this message. The OrdersReponse document is identified in the same way. The XPath expression for it is //*[local-name()='Response']/*[local-name()='Status']/text(). You can see how it’s path differs uniquely identifying the reply from the request. Trading Partner Profile The trading partner profiles are very simple too. For GlobalChips, a generic identifier is being used to identify the sender of the response document using the host trading partner name. For Acme, a generic identifier is also being used to identify the sender of the inbound request using the remote trading partner name. The document types are added for the remote trading partner as usual. So the remote trading partner Acme is the sender of the Orders document, and it is the receiver of the OrdersResponse document. For the remote trading partner only, there needs to be a dummy channel which gets used in the outbound response agreement. The channel is not actually used. It is just a necessary place holder that needs to be there when creating the agreement. Trading Partner Agreement The agreements are equally simple. There is no validation and translation is not an option for a custom XML document type. For the InboundAgreement (request) the document definition is set to OrdersDef. In the Agreement Parameters section the generic identifiers have been added for the host and remote trading partners. That’s all that is needed for the inbound transaction. For the OutboundAgreement (response), the document definition is set to OrdersResponseDef and the generic identifiers for the two trading partners are added. The remote trading partner dummy delivery channel is also added to the agreement. SOA Composite Import the SOA composite archive into JDeveloper as an EJB JAR file. Open the composite and you should have a project that looks like this. In the composite, open the b2bInboundSyncSvc exposed service and advance through the setup wizard. Select your Application Server Connection and advance to the Operations window. Notice here that the B2B binding is set to Receive. It is not set for Synchronous Request Reply. Continue advancing through the wizard as you normally would and select finish at the end. Now open BPELProcess1 in the composite. The BPEL process is set as a Synchronous Request Reply as you can see below. The while loop is there just to give the process something to do. The actual reply message is prepared in the assignResponseValues assignment followed by an Invoke of the B2B binding. Open the replyResponse Invoke and go to the properties tab. You’ll see that the fromTradingPartnerId, toTradingPartner, documentTypeName, and documentProtocolRevision properties have been set. Testing the Configuration To test the configuration, I used Firefox Poster. Enter the URL for the b2b/syncreceiver servlet and browse for the req.xml file that contains the test request message. In the Headers tab, add the property ‘from’ and give it the value ‘Acme’. This is how B2B will know where the message is coming from and it will use that information along with the document type name to find the right trading partner agreement. Now post the message. You should get back a response with a status of ‘200 OK’. That’s all there is to it.

    Read the article

  • Summary of our Recent Pull Request Enhancements on CodePlex

    Over the past several weeks, we’ve been incrementally rolling out a bunch of enhancements around our pull request workflow for Git and Mercurial projects. Our goal is to make contributing to open source projects a simple and rewarding experience, and we’ll continue to invest in this area. Here’s a summary of the changes so far, in case you’ve missed them. As always, if you have any feedback, please let us know, whether on our ideas page or via Twitter. Support for branches You can now pick the source and destination branches for your pull request, whether you’re sending one from your fork, or using it within a project to collaborate with your other trusted contributors. A redesigned creation experience Our old pull request creation form was rather lacking. It asked for a title and comment in a small modal dialog, but that was about it. We knew we could do better, so we rethought the experience. Now, when you create a pull request, you’re taken to a new page that let’s you select the source and destination, and gives you information on the diffs and commits that you’re sending, so you can confirm that you’re sending the right set of changes. Inline code snippets in discussion If users comment on code in your pull request, we now display a preview of the snippet of relevant code inline with their comment on the discussion. Subsequent replies on that line are combined in a single thread to preserve your context. No more clicking and hunting to find where the comments are. And you can add another inline comment right from the discussion area. Comment notifications You can now elect receive an e-mail notification if a user comments on your pull request. If it’s on a line of code, we’ll display the relevant code snippet in the e-mail. Redesigned diff viewer Our old diff viewer hadn’t been touched in a while, and was in need of an update. We started with a visual facelift to use standard red/green colors for additions/deletions and remove the noisy “dots” that represented spaces and that littered the diff viewer. Based on feedback that the viewable region for diffs was too small, especially for smaller screen resolutions, we revamped the way the viewport for the code is sized, and now expand it to fill the majority of the browser height when scrolling down. The set of improvements we implemented here also apply anywhere diffs are viewed, not just for pull requests.

    Read the article

  • jquery, changing form action

    - by Jason
    i cannot seem to find the answer to this. i uploaded code to pastebin (so wouldnt clutter up the post): http://pastebin.com/BhnNTnJM but the action only changes for the delete form (id=form-horse-delete) and not the other 2 forms located on the page. i am at my wits end trying to figure out why it doesn't work for the 2 forms, yet will work for the 1 form. in IE, if i try and change the action of the 2 forms, it gives a javascript error. but if i take out the change, it works fine with no javascript error.

    Read the article

  • jQuery fadeIn fails with jqQuery form-plugin

    - by VoodooBurger
    I have a message that I want to fadeIn when a form is successfully send. I'm using the jQuery form plugin and the code: $(document).ready(function() { var options = { target: '#output', beforeSubmit: validate, resetForm: true }; $('#holdform').ajaxForm(options); }); The validate function works perfectly so i added this code before it returns true: (...) $('#output').fadeIn('slow'); return true; } This should fadeIn the div I have underneath the form, styled as display: none;. But what happens is that the div fades in and then disappears. Does anyone have an explanation and possibly a solution to fix it? Thank you in advance! The code can be seen in it error-action here: http://gadebold.dk/events/tilmeld/

    Read the article

  • Secure ajax form POST

    - by user194630
    I was wondering how to develop a secure form post through AJAX. For example, i have: My HTML form. My JavaScript handling the submit. The submit url is "post_data.php" The posted data is: id=8&name=Denis The PHP verifies if variables id and name are POSTED and their data type. If this is ok it proceed to do some stuff on a database. My question is, how can i prevent someone from creating his own html form, outside my web site, or whatever, and posting false data to my PHP script? Imagine that data realy exists on my database, this could be bad. Thanks

    Read the article

  • Non modal "status" form

    - by David Jenings
    At the beginning of a section of C# code that could take several seconds to complete, I'd like to display a non modal form with a label that just says, "Please wait..." WaitForm myWaitForm = null; try { // if conditions suggest process will take awhile myWaitForm = new WaitForm(); myWaitForm.Show(); // do stuff } finally { if (myWaitForm != null) { myWaitForm.Hide(); myWaitForm.Dispose(); myWaitForm = null; } } The problem: the WaitForm doesn't completely display before the rest of the code ties up the thread. So I only see the frame of the form. In Delphi (my old stomping ground) I would call Application.ProcessMessages after the Show() Is there an equivalent in C#? Is there a canned "status" form that I can use in situations like this? Is there a better way to approach this? Thanks in advance. David Jennings

    Read the article

  • Advice needed- aweber form submission using curl?

    - by i need help
    Advice needed for backend form submission to aweber and get response. Scenario When customer signup at my form, I will 1. insert the customer details into my own database, 2. send them a welcome email from my system, 3. at the same time I want the email to be added into aweber (this should run in the background, so that customer no need to fill in details for second time) If I use the php curl call alone, is it a good solution? I want to submit form value to aweber, so that aweber add the new email into their system, and then response to my backend script? I have seen many versions outside, which may include: http://scripts.incutio.com/httpclient/ http://freshmeat.net/projects/curl_http_client/ http://snoopy.sourceforge.net/ Are they having any special benefit over the normal php curl call to pass in data?

    Read the article

  • Delphi - How to register a custom form...

    - by durumdara
    Hi! D6 Prof. Because of Z-Order problem I created a new form. I want to register this custom form in Delphi, to I can use it as normal form, and to I can replace my forms with this - to avoid Z-Order problems. But I don't know, how to do it. I created the class, but how to register? How to force Delphi to show it under "New..." menu? Thanks for your help: dd

    Read the article

  • Intergration of checkout badges into an order form

    - by Reno
    Hi Does anyone know how to integrate several checkout badges into an order form? It might sound obvious to all (or most) but within the html wouldn't the form tag have an action to just one of the online merchants and not all? For example? I would like to have a basic order form which collects a users name, email, uploaded files, project details, and a few packages to choose from. Once they have selected the package most appropriate to them? They would be given a total cost and asked to pay via Paypal, Google Checkout OR Moneybookers. Can anyone help me out on this? Or point me in the direction where I can obtain further knowledge? Thanks in advance. Reno

    Read the article

  • [Java] Form data transition into entity beans to persist them by the server side ORM

    - by cscsaba242
    Hello guys, Is there any good explanation or tutorial which describes the common way how can we create entity beans from the received data of the form ? The main reason of my question the treating the received ids (e.g id of country,city and so forth) which is the way from the id to entity ? Example: ................Client side form username:String countryid:Integer (could be a drop down) ................Server side entities public class UserBean { String username; CountryBean Country; } public class CountryBean { String cityname; Integer id; } ............................................ Maybe the question is dependent of the used technology, but I guess there is a very common way. I would like to comprehend the conventional approach of this problem. (For the sake of the completeness I would like to save the form data (received by Stripes) by JPA) Thanks advance. cscsaba242

    Read the article

  • JQuery - Form Submission

    - by user70192
    Hello, I have a web page that has a DIV and an IFRAME. When a user clicks a button in my DIV, I need to submit the web form that is hosted in my IFRAME. Both pages are hosted on the same server in the same directory. My code that attempts to submit the web form looks like this: $("#myIFrame").contents().find("form").submit(); When this code is called, I receive an error in IE that says: "Internet Explorer cannot display the webpage" In FireFox when I execute the code, I receive an error that says: "The connection was reset" In FireFox when I look at the error console I see: "Error: Permission denied for http://localhost:2995 to get property HTMLDocument.nodeType from ." What am I doing wrong?

    Read the article

  • ASP.NET MVC 2 form submit route issue

    - by Tomaszewski
    Hi, i'm having this issue, in ASP.NET MVC 2 where I'm adding a drop down list on the master page and filling it with data from an abstract master controller. When an option is selected an submit button clicked, it reroutes you to a new page. so lets say the page lives on http://domain.com/landingPage i'm on: http://domain.com/landingPage i select option and submit takes me to http://domain.com/landingPage/Projects/FramedPage i select again and now the post tries to go to: http://domain.com/landingPage/Projects/landingPage/Projects/FramedPage because of the action="" i have set on the form tag. Any ideas on how to go about this? MasterPage: <form method="get" action="landingPage/Projects/FramedPage"> <%= Html.DropDownList("navigationList")%> <input id="navSubmitBtn" class="btnBlue" type="submit" value="Take Me There" /> </form> Projects Controller public ActionResult FramedPage(string navigationList) { ViewData["navLink"] = navigationList; return View(); } The problem i am having is that if I am ON that page

    Read the article

  • python appengine form-posted utf8 file issue

    - by khany
    hi, i am trying to form-post a sql file that consists on many INSERTS, eg. INSERT INTO `TABLE` VALUES ('abcdé', 2759); then i use re.search to parse it and extract the fields to put into my own datastore. The problem is that, although the file contains accented characters (see the e is a é), once uploaded it loses it and either errors or stores a bytestring representation of it. Heres what i am currently using (and I have tried loads of alternatives): form = cgi.FieldStorage() uFile = form['sql'] uSql = uFile.file.read() lineX = uSql.split("\n") # to get each line and so on. has anyone got a robust way of making this work? remember i am on appengine so access to some libraries is restricted/forbidden

    Read the article

  • html-login form not working

    - by codymanix
    I have a child page LoginContent.aspx which contains a login form. If the user logs in he should be redirected to my Welcome.aspx page. But if I press the login button the page just reloads itself, nothing happens. The codebehind on this page is empty. Both LoginContent.aspx and Welcome.aspx are child forms of the same master page. <form method="post" action="~/Welcome.aspx"> Username: <input type="text" name="username" size="15" /><br /> Password: <input type="password" name="passwort" size="15" /><br /> <input type="submit" value="Login"/></p> </form> I know I could use the asp.net login control but I want more control over things.

    Read the article

  • Infopath form publishing and root content type ?

    - by Steve B
    Hi, I have several infopath 2010 form template that I want to publish to a form library in SharePoint 2010 Server with enterprise CaL. All of this forms have a common part (a template part actually). Is it possible to define a common "parent" content type of this forms ? In fact, I want : Form content type (SP OOB) My root form content type, with standard columns "requester", "process name", etc. Form 1 Form 2 etc. other unrelated form 1 other unrelated form 2 Instead of the standard behavior : Form content type (SP OOB) Form 1 Form 2 other unrelated form 1 other unrelated form 2 etc. Behind this question I want to be able to create a dashboard of all form request using a content query web, by simply specifying the content type ... One last word: the idea is to allow a customer (assuming its knowledge is limited to IP 2010 basic form design). So I can't accept answers like "extract files, use a text editor and hack the xsf file"... thx in advance

    Read the article

  • How to direct people to fill out a form

    - by Solmead
    What is the best way to get people to fill out a form correctly? For instance I originally had a "Name" field on a form and I want 1 person per form. People filled it out like this: "Mark & Becky Newsman". So I broke it into 2 fields, "First Name" and "Last Name", And people are still filling it out wrong, like "First Name" = "Mark & Becky", "Last Name" = "Newsman". Are there any recommendations on how better to get people to understand that only one person's name should go there? I currently have it on two lines, would it work better to put both fields on one line? If this is on the wrong site go ahead and move it to the correct site.

    Read the article

  • need some tips on Drupal $form value

    - by bert
    I got dpm($form) working. Nice! This is much better way to view data. I am still trying to figure out where stuff is coming from eg: location longitude & latitude. The word 'longitude' is referenced in 20 different places. I thought this was a likely place to isolate text box for this input field. dpm($form['#field_info']['field_store_latitude']['location_settings']['form']['fields']); Any tips on how to track down individual input elements?

    Read the article

  • Problem in form submit through javascript

    - by Durga Dutt
    I am submitting form via javascript by using 'document.FormName.submit()' . But this is giving me error of 'submit is not a function'. I m using IE8 <script typr="text/javascript"> function submitForm() { document.theForm.submit() } </script> <body> <form name="theForm" method="post"> <input type="text" name= "name"> <input type="button" name="submit" value="submit" onclick="submitForm()"> </form> </body> Please help me ?

    Read the article

  • Form Security (discussion)

    - by Eray Alakese
    I'm asking for brain storming and sharing experience. Which method you are using for form submiting security ? For example , for block automatically sended POST or GET datas, i'm using this method : // Generating random string <?php $hidden = substr(md5(microtime()) ,"-5"); ?> <form action="post.php" .... // assing this random string to a hidden input <input type="hidden" value="<?php echo $hidden;" name="secCode> // and then put this random string to a session variable $_SESSION["secCode"] = $hidden; **post.php** if ($_POST["secCode"] != $_SESSION["secCode"]) { die("You have to send this form, on our web site"); }

    Read the article

  • jquery get form id by input id

    - by Mikk
    Hi, I have really basic question. How can I get form id by input element id. <form id="my_form"> <fieldset> <!--some <div>'s--> <input id="my_input"></div> <!--some <div>'s end--> </fieldset> </form> Now if I have var form_input = $('#my_input'); How can I get id "my_form"? Thank you.

    Read the article

  • How to open form action in Jquery Dialog

    - by user342391
    I have a form: <form style="display: inline;" action="/player.php" method="post"> <input type="hidden" name="recname" value="'.$row['name'].'"> <input type="hidden" name="recordingdesc" value="'.$row['description'].'"> <input type="hidden" name="reclink" value="$_SESSION['customerid'].'-'.$row['timestamp'].'.wav"> <button type="submit" class="tooltip table-button ui-state-default ui-corner-all" title=" rec"><span class="ui-icon ui-icon-volume-on"></span></button> </form> and i want player.php to open in a modal dialog and be able to display the post information how can this be done.

    Read the article

  • Set form action dynamically in https-area

    - by Beerweasle
    Hi, heres the problem explanation: Im on the domain https://www.example.com - theres an Order-Form with the Action https://www.example-otherdomain.com with an other SSL Certificate. On some conditions i set the form action to https://www.example.com so that it will be posted on our domain, but if the user uses a CreditCart it should get posted to https://www.example-otherdomain.com. So far so good. But in some rare conditions, users with CreditCards still posts their form to https://www.example.com. So my idea is: Is there some Same-Domain-Policy for Javascript/HTTPS to protect the user from phishing? It seems that to set the FormAction to the same domain works, but not to reset it to the external one (with JS). I cant reproduce this error, so im asking here if someone knows if theres such a problem. It doesnt matter which UserAgent the user has (there are post datas from FF, Chrome, Webkit, IE7/8) Thx!

    Read the article

< Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >