Search Results

Search found 4647 results on 186 pages for 'customers'.

Page 170/186 | < Previous Page | 166 167 168 169 170 171 172 173 174 175 176 177  | Next Page >

• Can I attach data gathered by a form to a file that is being uploaded?

  - by Jacob

  I need customers to upload files to my website and I want to gather their name or company name and attach it to the file name or create a folder on the server with that as the name so we can keep the files organized. Using PHP to upload file PHP: if(isset($_POST['submit'])){ $target = "upload/"; $file_name = $_FILES['file']['name']; $tmp_dir = $_FILES ['file']['tmp_name']; try{ if(!preg_match('/(jpe?g|psd|ai|eps|zip|rar|tif?f|pdf)$/i', $file_name)) { throw new Exception("Wrong File Type"); exit; } move_uploaded_file($tmp_dir, $target . $file_name); $status = true; } catch (Exception $e) { $fail = true; } } Other PHPw/form: <form enctype="multipart/form-data" action="" method="post"> input type="hidden" name="MAX_FILE_SIZE" value="1073741824" /> label for="file">Choose File to Upload </label> <br />input name="file" type="file" id="file" size="50" maxlength="50" /><br /> input type="submit" name="submit" value="Upload" /> php if(isset($status)) { $yay = "alert-success"; echo "<div class=\"$yay\"> <br/> <h2>Thank You!</h2> <p>File Upload Successful!</p></div>"; } if(isset($fail)) { $boo = "alert-error"; echo "<div class=\"$boo\"> <br/> <h2>Sorry...</h2> <p>There was a problem uploading the file.</p><br/><p>Please make sure that you are trying to upload a file that is less than 50mb and an acceptable file type.</p></div>"; }

  Read the article

• Why is short project lifetime and other situation-specific reasons used to excuse crappy code? [clos

  - by sharptooth

  Every now and then (including on SO) people say things implying that "if the project is short lived you can leave obvious defects there" or "that memory leak only accounts for 100 bytes per whole program lifetime and could be left". Now in my practice I always reuse company-owned code to the greatest extent I can. Like if I need something and I can find it in the company codebase I take it from there and reuse or adapt. This means that any crappy code will be reused as well and I might notice or not notice defects therein. So the defect in some "test we only need for a month" can slip into a proram we ship to customers. And a leak that "only accounted for 100 bytes per lifetime" now could account for 100 bytes 10 times per second in a server application intended to run for months. That's why I don't understand why excuses like that are offered. Is our compamy the only one having a source control? Or are we the only company that requires writing human-readable code? Could anyone shed a light on why people seriously offer such excuses?

  Read the article

• How to Develop Dynamic Plug-In Based Functionality in C#

  - by Matthew

  Hello: I've been looking around for different methods of providing plug-in support for my application. Ideally, I will be creating a core functionality and based on different customers developing different plug-ins/addons such as importing, exporting data etc... What are the some methods available for making a C# application extensible via a plug-in architecture? Lets make up an example. If we have a program that consists of a main menu ( File, Edit, View, et al. ) along with a TreeView that displays different brands of cars grouped by manufacturer ( Ford, GM, for now). Right clicking on a car displays a context menu with the only option being 'delete car'. How could you develop the application so that plug-ins could be deployed so that you could allow one customer to see a new brand in the TreeView, let's say Honda, and also extent the car context menu so that they may now 'paint a car'? In Eclipse/RCP development this is easily handled by extension points and plug-ins. How does C# handle it? I've been looking into developing my own plug-in architecture and reading up on MEF.

  Read the article

• What's the correct way to pass parameters from VBScript to COM interface implemented in C#?

  - by nopopem

  I'm trying to expose a fairly simple C# class to COM which should be usable from VBScript (among others). Some objects need to be created via COM calls and will be used in furter calls later on. The definition of the exposed classes and interfaces looks like this: namespace Test { [InterfaceType(ComInterfaceType.InterfaceIsIDispatch)] public interface IComInterface { IFoo CreateFoo(); void UseFoo(int x, IFoo f); } [ClassInterface(ClassInterfaceType.None)] public sealed class CComInterface : IComInterface { public CComInterface() {} public IFoo CreateFoo() { return new Foo(); } public void UseFoo(int x, IFoo f) { f.Bar(); } } [InterfaceType(ComInterfaceType.InterfaceIsIDispatch)] public interface IFoo { void Bar(); } [ClassInterface(ClassInterfaceType.None)] public class Foo : IFoo { internal Foo() {} public void Bar() {} } } The simplest thinkable COM client in VBScript does this: Dim ci Set ci = WScript.CreateObject("Test.CComInterface") Dim foo Set foo = ci.CreateFoo foo.Bar ci.UseFoo 0, foo While the call to Bar succeeds, calling UseFoo fails with "Error 5: invalid procedure call or invalid argument" The generated IDL seems ok to me: dispinterface IComInterface { properties: methods: [id(0x60020003)] IFoo* CreateFoo(); [id(0x60020004)] void UseFoo( [in] long x, [in] IFoo* f); }; The vbs call succeeds when I wrap the second parameter in parentheses like this: ci.UseFoo 0, (foo) As far as I understand (I'm no VBScript expert however) this forces the reference to foo to be passed by value, i.e. a copy of the reference is being made. How can I change the interface so that it can be called with the foo reference directly? Since this will be a public interface used by customers I don't like the idea of having to explain why all the objects created need to be passed back in an extra pair of parentheses...

  Read the article

• a way to use log4j pass values like java -DmyEnvVar=A_VALUE to my code

  - by raticulin

  I need to pass some value to enable certain code in may app (in this case is to optionally enable writing some stats to a file in certain conditions, but it might be anything generally). My java app is installed as a service. So every way I have thought of has some drawbacks: Add another param to main(): cumbersome as customers already have the tool installed, and the command line would need to be changed every time. Adding java -DmyEnvVar=A_VALUE to my command line: same as above. Set an environment variable: service should at least be restarted, and even then you must take care of what user is the service running under etc. Adding the property in the config file: I prefer not to have this visible on the config file so the user does not see it, it is something for debugging etc. So I thought maybe there is some way (or hack) to use log4j loggers to pass that value to my code. I have thought of one way already, although is very limited: Add a dummy class to my codebase com.dummy.DevOptions public class DevOptions { public static final Logger logger = Logger.getLogger(DevOptions.class); In my code, use it like this: if (DevOptions.logger.isInfoEnabled()){ //do my optional stuff } //... if (DevOptions.logger.isDebugEnabled()){ //do other stuff } This allows me to use discriminate among various values, and I could increase the number by adding more loggers to DevOptions. But I wonder whether there is a cleaner way, possibly by configuring the loggers only in log4j.xml??

  Read the article

• The "correct" way of using multilingual support

  - by Felipe Athayde

  I just began working with ASP.NET and I'm trying to bring with me some coding standards I find healthy. Among such standards there is the multilingual support and the use of resources for easily handling future changes. Back when I used to code desktop applications, every text had to be translated, so it was a common practice to have the language files for every languages I would want to offer to the customers. In those files I would map every single text, from button labels to error messages. In ASP.NET, with the help of Visual Studio, I have the resort of using the IDE to generate such Resource Files (from Tools - Generate Local Resource), but then I would have to fill my webpages with labels - at least that is what I've learned from articles and tutorials. However, such approach looks a bit odd and I'm tempted to guess it doesn't smell that good as well. Now to the question: 1) Should I keep every single text in my website as labels and manage its contents in the resource files? It looks/feels odd specially when considering a text with several paragraphs. 2) Whenever I add/remove something, e.g.: a button, to an aspx file I would have to add it to the resource file as well, because generating the resource file again would simply override all my previous changes to it. That doesn't feel like a reusable code at all for me. Any comment suggestion on this one? Perhaps I got it all wrong from tutorials as it doesn't seem like a standardized matter - specially if it required recompiling the entire application whenever some change has to be done.

  Read the article

• SQL Server 2008 - Full Text Query

  - by user208662

  Hello, I have two tables in a SQL Server 2008 database in my company. The first table represents the products that my company sells. The second table contains the product manufacturer’s details. These tables are defined as follows: Product ------- ID Name ManufacturerID Description Manufacturer ------------ ID Name As you can imagine, I want to make this as easy as possible for our customers to query this data. However, I’m having problems writing a forgiving, yet powerful search query. For instance, I’m anticipating people to search based on phonetical spellings. Because of this, the data may not match the exact data in my database. In addition, I think some individuals will search by manufacturer’s name first, but I want the matching product names to appear first. Based on these requirements, I’m currently working on the following query: select p.Name as 'ProductName', m.Name as 'Manufacturer', r.Rank as 'Rank' from Product p inner join Manufacturer m on p.ManufacturerID=m.ID inner join CONTAINSTABLE(Product, Name, @searchQuery) as r Oddly, this query is throwing an error. However, I have no idea why. Squiggles appear to the right of the last parenthesis in management studio. The tool tip says "An expression of non-boolean type specified in a context where a condition is expected". I understand what this statement means. However, I guess I do not know how COntainsTable works. What am I doing wrong? Thank you

  Read the article

• Error handling approach on PHP

  - by Industrial

  Hi everybody, We have a web server that we're about to launch a number of applications onto. They will all share database and memcached servers, but each application has it's own mySQL database and all memcached keys per application, is prefixed. Possible scenario: If a memcached server in our cluster goes boom, we want someone (operative system admin) to be automatically contacted by email/iphone push notification or in any other appropriate way. If we we're about to install 150 identical applications for our customers on our servers, and a memcached server dies - all 150 applications will individually find this out and contact our system admin, which most certainly is going to think about getting a new job where he or she isn't about to be woken up by getting 150 messages sent 4:15 in the morning. Possible solution: One idea is to set up an external server for error handling that gets a $_POST or cURL request sent, and handles storage of the error message depending on the seriousness of the actual error message. It would of course check upon receiving the error call, that if the same memcached server have already been reported as offline, there would be no need to spam the system admin with additional reminders... The questions: What's a good approach on how to handle errors? How does the big guys in the industry handle this? Thanks!

  Read the article

• Looking for an email template engine for end-users ...

  - by RizwanK

  We have a number of customers that we have to send monthly invoices too. Right now, I'm managing a codebase that does SQL queries against our customer database and billing database and places that data into emails - and sends it. I grow weary of maintaining this every time we want to include a new promotion or change our customer service phone numbers. So, I'm looking for a replacement to move more of this into the hands of those requesting the changes. In my ideal world, I need : A WYSIWYG (man, does anyone even say that anymore?) email editor that generates templates based upon the output from a Database Query. The ability to drag and drop various fields from the database query into the email template. Display of sample email results with the database query. Web application, preferably not requiring IIS. Involve as little code as possible for the end-user, but allow basic functionality (i.e. arrays/for loops) Either comes with it's own email delivery engine, or writes output in a way that I can easily write a Python script to deliver the email. Support for generic Database Connectors. (I need MSSQL and MySQL) F/OSS So ... can anyone suggest a project like this, or some tools that'd be useful for rolling my own? (My current alternative idea is using something like ERB or Tenjin, having them write the code, but not having live-preview for the editor would suck...)

  Read the article

• Qt/C++ Error handling

  - by ShiGon

  I've been doing a lot of research about handling errors with Qt/C++ and I'm still as lost as when I started. Maybe I'm looking for an easy way out (like other languages provide). One, in particular, provides for an unhandled exception which I use religiously. When the program encounters a problem, it throws the unhandled exception so that I can create my own error report. That report gets sent from my customers machine to a server online which I then read later. The problem that I'm having with C++ is that any error handling that's done has to be thought of BEFORE hand (think try/catch or massive conditionals). In my experience, problems in code are not thought of before hand else there wouldn't be a problem to begin with. Writing a cross-platform application without a cross-platform error handling/reporting/trace mechanism is a little scary to me. My question is: Is there any kind of Qt or C++ Specific "catch-all" error trapping mechanism that I can use in my application so that, if something does go wrong I can, at least, write a report before it crashes?

  Read the article

• Why are we getting a WCF "Framing error" on some machines but not others

  - by Ian Ringrose

  We have just found we are getting “framing errors” (as reported by the WCF logs) when running our system on some customer test machine. It all works ok on our development machines. We have an abstract base class, with KnownType attributes for all its sub classes. One of it’s subclass is missing it’s DataContract attribute. However it all worked on our test machine! On the customers test machine, we got “framing error” showing up the WCF logs, this is not the error message I have seen in the past when missing a DataContract attribute, or a KnownType attribute. I wish to get to the bottom of this, as we can no longer have confidence in our ability to test the system before giving it to the customer until we can make our machines behave the some as the customer’s machines. Code that try to show what I am talking about, (not the real code) [DataContract()] [KnownType(typeof(SubClass1))] [KnownType(typeof(SubClass2))] // other subclasses with data members public abstract class Base { [DataMember] public int LotsMoreItemsThenThisInRealLife; } /// <summary> /// This works on some machines (not not others) when passed to Contract::DoIt, /// note the missing [DataContract()] /// </summary> public class SubClass1 : Base { // has no data members } /// <summary> /// This works in all cases when passed to Contract::DoIt /// </summary> [DataContract()] public class SubClass2 : Base { // has no data members } public interface IContract { void DoIt(Base[] items); } public static class MyProgram { public static IContract ConntectToServerOverWCF() { // lots of code ... return null; } public static void Startup() { IContract server = ConntectToServerOverWCF(); // this works all of the time server.DoIt(new Base[]{new SubClass2(){LotsMoreItemsThenThisInRealLife=2}}); // this works "in develperment" e.g. on our machines, but not on the customer's test machines! server.DoIt(new Base[] { new SubClass1() { LotsMoreItemsThenThisInRealLife = 2 } }); } }

  Read the article

• Error monitoring/handling on webservers

  - by Industrial

  Hi everybody, We have a web server that we're about to launch a number of applications onto. They will all share database and memcached servers, but each application has it's own mySQL database and all memcached keys per application, is prefixed. Possible scenario: If a memcached server in our cluster goes boom, we want someone (operative system admin) to be automatically contacted by email/iphone push notification or in any other appropriate way. If we we're about to install 150 identical applications for our customers on our servers, and a memcached server dies - all 150 applications will individually find this out and contact our system admin, which most certainly is going to think about getting a new job where he or she isn't about to be woken up by getting 150 messages sent 4:15 in the morning. Possible solution: One idea is to set up an external server for error handling that gets a $_POST or cURL request sent, and handles storage of the error message depending on the seriousness of the actual error message. It would of course check upon receiving the error call, that if the same memcached server have already been reported as offline, there would be no need to spam the system admin with additional reminders... The questions: What's a good approach on how to handle errors? How does the big guys in the industry handle this? Thanks!

  Read the article

• data filter using dataloadoptions

  - by Tassadaque

  Using dataloadoptions i have tried the following example Northwnd db = new Northwnd(@"northwnd.mdf"); // Preload Orders for Customer. // One directive per relationship to be preloaded. DataLoadOptions ds = new DataLoadOptions(); ds.LoadWith<Customer>(c => c.Orders); ds.AssociateWith<Customer> (c => c.Orders.Where(p => p.ShippedDate != DateTime.Today)); db.LoadOptions = ds; var custQuery = from cust in db.Customers where cust.City == "London" select cust; foreach (Customer custObj in custQuery) { Console.WriteLine("Customer ID: {0}", custObj.CustomerID); foreach (Order ord in custObj.Orders) { Console.WriteLine("\tOrder ID: {0}", ord.OrderID); foreach (OrderDetail detail in ord.OrderDetails) { Console.WriteLine("\t\tProduct ID: {0}", detail.ProductID); } } } Now i need to ask how can i display Category ID and Category Name of the productID (i am supposing that One product can be in at most one category) by extending the above example Regards

  Read the article

• Use of where in multiple joins to remove rows - linq

  - by bergin

  hi, I have a table of orders. the status is on the soilorders which is joined to the orders. I only want to return orders where the joined soilorder does not have status "Removed". I had thought that join sso in db.SoilSamplingOrders on ord.order_id equals sso.order_id where sso.status.Equals("Removed")!=true but then no records are returned! thanks for any help (query below) var query = from ord in db.Orders join sso in db.SoilSamplingOrders on ord.order_id equals sso.order_id where sso.status.Equals("Removed")!=true join cust in db.Customers on ord.customer_id equals cust.customer_id select new Listing { assigned_to = sso.assigned_to, company = cust.company, order_id = ord.order_id, order_created = ord.order_created, customer_id = ord.customer_id, order_created_by_employ_id = ord.order_created_by_employ_id, first_farm_on_order = (from f in db.SoilSamplingSubJobs where f.order_id == ord.order_id select new ListingSubJob { first_farm_on_order = f.farm }). AsEnumerable().First().first_farm_on_order, total_fields = (from f in db.SoilSamplingSubJobs where f.order_id == ord.order_id select new { f.sssj_id }).AsEnumerable().Count(), total_area = (float?) (from f in db.SoilSamplingSubJobs where f.order_id == ord.order_id && f.area_ha != null select f.area_ha ).Sum() ?? 0 , total_area_ph_density = (float?)(from f in db.SoilSamplingSubJobs where f.order_id == ord.order_id && f.ph != null select f.ph).Sum() ?? 0, };

  Read the article

• How can I introduce a regex action to match the first element in a Catalyst URI ?

  - by RET

  Background: I'm using a CRUD framework in Catalyst that auto-generates forms and lists for all tables in a given database. For example: /admin/list/person or /admin/add/person or /admin/edit/person/3 all dynamically generate pages or forms as appropriate for the table 'person'. (In other words, Admin.pm has actions edit, list, add, delete and so on that expect a table argument and possibly a row-identifying argument.) Question: In the particular application I'm building, the database will be used by multiple customers, so I want to introduce a URI scheme where the first element is the customer's identifier, followed by the administrative action/table etc: /cust1/admin/list/person /cust2/admin/add/person /cust2/admin/edit/person/3 This is for "branding" purposes, and also to ensure that bookmarks or URLs passed from one user to another do the expected thing. But I'm having a lot of trouble getting this to work. I would prefer not to have to modify the subs in the existing framework, so I've been trying variations on the following: sub customer : Regex('^(\w+)/(admin)$') { my ($self, $c, @args) = @_; #validation of captured arg snipped.. my $path = join('/', 'admin', @args); $c->request->path($path); $c->dispatcher->prepare_action($c); $c->forward($c->action, $c->req->args); } But it just will not behave. I've used regex matching actions many times, but putting one in the very first 'barrel' of a URI seems unusually traumatic. Any suggestions gratefully received.

  Read the article

• Benefits of "Don't Fragment" on TCP Packets?

  - by taspeotis

  One of our customers is having trouble submitting data from our application (on their PC) to a server (different geographical location). When sending packets under 1100 bytes everything works fine, but above this we see TCP retransmitting the packet every few seconds and getting no response. The packets we are using for testing are about 1400 bytes (but less than 1472). I can send an ICMP ping to www.google.com that is 1472 bytes and get a response (so it's not their router/first few hops). I found that our application sets the DF flag for these packets, and I believe a router along the way to the server has an MTU less than/equal to 1100 and dropping the packet. This affects 1 client in 5000, but since everybody's routes will be different this is expected. The data is a SOAP envelope and we expect a SOAP response back. I can't justify WHY we do it, the code to do this was written by a previous developer. So... Are there are benefits OR justification to setting the DF flag on TCP packets for application data? I can think of reasons it is needed for network diagnostics applications but not in our situation (we want the data to get to the endpoint, fragmented or not). One of our sysadmins said that it might have something to do with us using SSL, but as far as I know SSL is like a stream and regardless of fragmentation, as long as the stream is rebuilt at the end, there's no problem. If there's no good justification I will be changing the behaviour of our application. Thanks in advance.

  Read the article

• How to query an .NET assembly's required framework (not CLR) version?

  - by Bonfire Burns

  Hi, we are using some kind of plug-in architecture in one of our products (based on .NET). We have to consider our customers or even 3rd party devs writing plug-ins for the product. The plug-ins will be .NET assemblies that are loaded by our product at run-time. We have no control about the quality or capabilities of the external plug-ins (apart from checking whether they implement the correct interfaces). So we need to implement some kind of safety check while loading the plug-ins to make sure that our product (and the hosting environment) can actually host the plug-in or deliver a meaningful error message ("The plug-in your are loading needs .NET version 42.42 - the hosting system is only on version 33.33."). Ideally the plug-ins would do this check internally, but our experience regarding their competence is so-so and in any case our product will get the blame, so we want to make sure that this "just works". Requiring the plug-in developers to provide the info in the metadata or to explicitly provide the information in the interface is considered "too complicated". I know about the Assembly.ImageRuntimeVersion property. But to my knowledge this tells me only the needed CLR version, not the framework version. And I don't want to check all of the assembly's dependencies and match them against a table of "framework version vs. available assemblies". Do you have any ideas how to solve this in a simple and maintainable fashion? Thanks & regards, Bon

  Read the article

• Pulling $_GET data and creating multidimensional array using loop

  - by Chris J

  I'm creating a checkout for customers and the data about what's in their cart is being sent to a page (for just now) via $_GET. I want to extract that data and then populate a multidimensional array with it using a loop. Here's how I'm naming the data: $itemCount = $_GET['itemCount']; $i = 1; while ($i <= $itemCount) { ${'item_name_'.$i} = $_GET["item_name_{$i}"]; ${'item_quantity_'.$i} = $_GET["item_quantity_{$i}"]; ${'item_price_'.$i} = $_GET["item_price_{$i}"]; //echo "<br />Name: " .${'item_name_'.$i}. " - Quantity: " .${'item_quantity_'.$i}. " - Price: ".${'item_price_'.$i}; $i++; } From here I'd like to create a multidimensional array like such: Array ( [Item_1] => Array ( [item_name] => Shoe [item_quantity] => 2 [item_price] => 40.00 ) [Item_2] => Array ( [item_name] => Bag [item_quantity] => 1 [item_price] => 60.00 ) [Item_3] => Array ( [item_name] => Parrot [item_quantity] => 4 [item_price] => 90.00 ) . . . ) What I'd like to know is if there is a way I can create this array in the existing while loop? I'm aware of being able to add data to an array like $data = [] after delacring an empty array but the actual syntax eludes me. Maybe I'm completely off the right track and there is a better way of doing it? Thanks

  Read the article

• Understanding Security Certificates (and thier pricing)

  - by John Robertson

  I work at a very small company so certificate costs need to be absolutely minimal. However for some applications we do Need to have our customers get that warm fuzzy not-using-a-self-signed certificate feeling. Since creating a "certificate authority" with makecert really just means creating a public/private key pair, it seems pretty clear that creating a public/private key pair FROM such a "certificate authority" really just means generating a second public/private key pair and signing both with the private key that belongs to the "certificate authority". Since the keys are signed anyone can verify they came from the certificate authority I created, or if verisign gave me the pair they sign it with one of their own private keys, and anyone can use verisigns corresponding public key to confirm verisign as the source of the keys. Given this I don't understand when I go to verisign or godaddy why they have rates only for yearly plans, when all I really want from them is a single public/private key pair signed with one of their private keys (so that anyone else can use their public keys to confirm that, yes, they gave me that public/private key pair and they confirmed I was who I said I was so you can trust my public/private key pair as belonging to a legitimate third party). Clearly I am misunderstanding something, what is it? Does verisign retire their public/private key pairs periodically so that my verisign signed key pair "expires" and I need new ones?

  Read the article

• How can I avoid encoding mixups of strings in a C/C++ API?

  - by Frerich Raabe

  I'm working on implementing different APIs in C and C++ and wondered what techniques are available for avoiding that clients get the encoding wrong when receiving strings from the framework or passing them back. For instance, imagine a simple plugin API in C++ which customers can implement to influence translations. It might feature a function like this: const char *getTranslatedWord( const char *englishWord ); Now, let's say that I'd like to enforce that all strings are passed as UTF-8. Of course I'd document this requirement, but I'd like the compiler to enforce the right encoding, maybe by using dedicated types. For instance, something like this: class Word { public: static Word fromUtf8( const char *data ) { return Word( data ); } const char *toUtf8() { return m_data; } private: Word( const char *data ) : m_data( data ) { } const char *m_data; }; I could now use this specialized type in the API: Word getTranslatedWord( const Word &englishWord ); Unfortunately, it's easy to make this very inefficient. The Word class lacks proper copy constructors, assignment operators etc.. and I'd like to avoid unnecessary copying of data as much as possible. Also, I see the danger that Word gets extended with more and more utility functions (like length or fromLatin1 or substr etc.) and I'd rather not write Yet Another String Class. I just want a little container which avoids accidental encoding mixups. I wonder whether anybody else has some experience with this and can share some useful techniques. EDIT: In my particular case, the API is used on Windows and Linux using MSVC 6 - MSVC 10 on Windows and gcc 3 & 4 on Linux.

  Read the article

• j_security_check to SSO in different module under Oracle App Server?

  - by thebearinboulder

  I have an existing j2ee application running on Oracle App Server. It is targeted towards paying customers so the content is secured and a SSO module properly intercepts all requests for secured content. Now the company is adding a unbranded public-facing module with a number of unsecured pages. At one point the user is expected to register for a free account and log in to proceed further. Think doctors adding a public-facing site with information for potential patients, or lawyers adding a public-facing site with information for potential clients. There's some information on the session and the usual approach would be to authenticate the user, persist the session information using the now-known user id, invalidate the existing session (to prevent certain types of attacks), the reload the session information before returning to the user. I can't just persist it under the session id since that's about to change. The glitch is that the existing application already has an SSO module and I get a 404 error every time I try to direct to j_security_check. I've tried that, /sso/j_security_check, even http://localhost/sso/j_security_check, all without success. I noticed that an earlier question said that tomcat requires access to a secured page before j_security_check is even visible. I don't know if that's the case with Oracle AS. Ideas? Or is the best approach to continue arguing that we have a different user base so it would be better to handle authentication in our own module anyway?

  Read the article

• Best Practices For Secure APIs?

  - by Ferrett Steinmetz

  Let's say I have a website that has a lot of information on our products. I'd like some of our customers (including us!) to be able to look up our products for various methods, including: 1) Pulling data from AJAX calls that return data in cool, JavaScripty-ways 2) Creating iPhone applications that use that data; 3) Having other web applications use that data for their own end. Normally, I'd just create an API and be done with it. However, this data is in fact mildly confidential - which is to say that we don't want our competitors to be able to look up all our products every morning and then automatically set their prices to undercut us. And we also want to be able to look at who might be abusing the system, so if someone's making ten million complex calls to our API a day and bogging down our server, we can cut them off. My next logical step would be then to create a developers' key to restrict access - which would work fine for web apps, but not so much for any AJAX calls. (As I see it, they'd need to provide the key in the JavaScript, which is in plaintext and easily seen, and hence there's actually no security at all. Particularly if we'd be using our own developers' keys on our site to make these AJAX calls.) So my question: after looking around at Oauth and OpenID for some time, I'm not sure there is a solution that would handle all three of the above. Is there some sort of canonical "best practices" for developers' keys, or can Oauth and OpenID handle AJAX calls easily in some fashion I have yet to grok, or am I missing something entirely?

  Read the article

• Paging using Linq-To-Sql based on two parameters in asp.net mvc...

  - by Pandiya Chendur

  As two parameters i say currentPage and pagesize .....I thus far used sql server stored procedures and implemented paging like this, GO ALTER PROCEDURE [dbo].[GetMaterialsInView] -- Add the parameters for the stored procedure here @CurrentPage INT, @PageSize INT AS BEGIN -- SET NOCOUNT ON added to prevent extra result sets from -- interfering with SELECT statements. SET NOCOUNT ON; SELECT *,ROW_NUMBER() OVER (ORDER BY Id) AS Row FROM ( SELECT *,ROW_NUMBER() OVER (ORDER BY Id) AS Row FROM InTimePagingView ) AS InTimePages WHERE Row >= (@CurrentPage - 1) * @PageSize + 1 AND Row <= @CurrentPage*@PageSize SELECT COUNT(*) as TotalCount FROM InTimePagingView SELECT CEILING(COUNT(*) / CAST(@PageSize AS FLOAT)) NumberOfPages FROM InTimePagingView END Now i am using Linq-to-sql and i use this, public IQueryable<MaterialsObj> FindAllMaterials() { var materials = from m in db.Materials join Mt in db.MeasurementTypes on m.MeasurementTypeId equals Mt.Id where m.Is_Deleted == 0 select new MaterialsObj() { Id = Convert.ToInt64(m.Mat_id), Mat_Name = m.Mat_Name, Mes_Name = Mt.Name, }; return materials; } Now i want to return the records,TotalCount where i use Total count to generate pagenumbers..... Is this possible... Any suggestion... EDIT: Just found this... NorthWindDataContext db = new NorthWindDataContext(); var query = from c in db.Customers select c.CompanyName; //Assuming Page Number = 2, Page Size = 10 int iPageNum = 2; int iPageSize = 10; var PagedData = query.Skip((iPageNum - 1) * iPageSize).Take(iPageSize); ObjectDumper.Write(PagedData);

  Read the article

• database design - empty fields

  - by imanc

  Hey, I am currently debating an issue with a guy on my dev team. He believes that empty fields are bad news. For instance, if we have a customer details table that stores data for customers from different countries, and each country has a slightly different address configuration - plus 1-2 extra fields, e.g. French customer details may also store details for entry code, and floor/level plus title fields (madamme, etc.). South Africa would have a security number. And so on. Given that we're talking about minor variances my idea is to put all of the fields into the table and use what is needed on each form. My colleague believes we should have a separate table with extra data. E.g. customer_info_fr. But this seams to totally defeat the purpose of a combined table in the first place. His argument is that empty fields / columns is bad - but I'm struggling to find justification in terms of database design principles for or against this argument and preferred solutions. Another option is a separate mini EAV table that stores extra data with parent_id, key, val fields. Or to serialise extra data into an extra_data column in the main customer_data table. I think I am confused because what I'm discussing is not covered by 3NF which is what I would typically use as a reference for how to structure data. So my question specifically: - if you have slight variances in data for each record (1-2 different fields for instance) what is the best way to proceed?

  Read the article

• WCF operationcontract with List type unavailable in (Silverlight) client

  - by Dave

  This is the first time I have tried returning a List of data to a Silverlight client, so I'm having trouble getting the client to recognize this operationcontract. All others are fine. I have a method on the server called ReadOwFileData that needs to return a List. ReadOwFileDataCompletedEventArgs shows up in the Object Browser in the client, but not ReadOwFileDataAsync. What I want is similar to the tutorial here. The Dictionary collection type on the client is set to System.Collections.Generic.List. I tried deleting and recreating the service reference. Web.Config on the server is using basicHttpBinding. Here is the operationcontract on the server: [OperationContract] public List<OwFileData> ReadOwFileData(string OrderID) { DataClasses1DataContext db = new DataClasses1DataContext(); var dFileData = (from p in db.OwFileDatas where p.OrderID == OrderID select p).ToList(); List<OwFileData> x = new List<OwFileData>(dFileData); return x; } Incidently, this works fine: [OperationContract] public Customer GetShippingAndContactInfo(string login, string ordernum) { DataClasses1DataContext db = new DataClasses1DataContext(); Customer dInfo = (from p in db.Customers where p.Login == login select p).Single(); return dInfo; } I would like to read this data in the client and place it into an object I created called ObservableCollection. But that obviously can't happen until the client can see the method on the server. I do not know if this is an acceptable start, but this is what is on the client so far. The ReadOwFileDataAsync object is null: void populatefilesReceivedDataSource(string OrderID) { ArtUpload.ServiceReference1.UploadServiceClient client = new ArtUpload.ServiceReference1.UploadServiceClient(); var myList = client.ReadOwFileDataAsync(OrderID); // can I just itterate thru the list instead of 'binding' }

  Read the article

< Previous Page | 166 167 168 169 170 171 172 173 174 175 176 177  | Next Page >