Search Results

Search found 6343 results on 254 pages for 'dll injection'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 175/254 | < Previous Page | 171 172 173 174 175 176 177 178 179 180 181 182  | Next Page >

  • Collection of dependencies in castle windsor

    - by jonnii
    I have the following scenario: public class FirstChildService : IChildService { } public class SecondChildService : IChildService { } public class MyService : IService { public MyService(IEnumerable<IChildService> childServices){ ... } } I'm currently registering all the child services and explicitly depending on them in the constructor of MyService, but what I'd like to do is have them all injected as part of a collection. I can think of a few ways to do this: Using a facility Using a component property Registering the collection as a service But all of them feel a bit... icky. What's the best way to manage this? Also, ideally I'd like to do this using the fluent API and constructor injection. I know it's possible to do something similar using properties: http://www.castleproject.org/container/documentation/trunk/usersguide/arrayslistsanddicts.html

    Read the article

  • Html encoding in MVC input

    - by fearofawhackplanet
    I'm working through NerdDinner and I'm a bit confused about the following section... First they've added a form for creating a new dinner, with a bunch of textboxes delcared like: <%= Html.TextArea("Description") %> They then show two ways of binding form input to the model: [AcceptVerbs(HttpVerbs.Post)] public ActionResult Create() { Dinner dinner = new Dinner(); UpdateModel(dinner); ... } or: [AcceptVerbs(HttpVerbs.Post)] public ActionResult Create(Dinner dinner) { ... } Ok, great, that all looks really easy so far. Then a bit later on they say: It is important to always be paranoid about security when accepting any user input, and this is also true when binding objects to form input. You should be careful to always HTML encode any user-entered values to avoid HTML and JavaScript injection attacks Huh? MVC is managing the data binding for us. Where/how are you supposed to do the HTML encoding?

    Read the article

  • <jaxrs:client> not getting autowired

    - by himangshu
    I am trying to build a restful client using jaxrs:client as defined in http://svn.apache.org/repos/asf/cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_soap_rest/WEB-INF/beans.xml In my test class I am getting org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'com.abc.service.ExportServiceTest': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: private com.bankbazaar.service.ExportService com.abc.service.ExportServiceTest.exportClient; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No matching bean of type [com.abc.service.ExportService] found for dependency: expected at least 1 bean which qualifies as autowire candidate for this dependency. Dependency annotations: {@org.springframework.beans.factory.annotation.Autowired(required=true), @org.springframework.beans.factory.annotation.Qualifier(value=exportClient)} this is my spring config However exportClient=(ExportService)applicationContext.getBean("exportClient"); this works. Thanks Himangshu

    Read the article

  • sp_executesql with 'IN' statement

    - by user300992
    I am trying to use sp_executesql to prevent SQL injection in SQL 2005, I have a simple query like this: SELECT * from table WHERE RegionCode in ('X101', 'B202') However, when I use sp_executesql to execute the following, it doesn't return anything. Set @Cmd = N'SELECT * FROM table WHERE RegionCode in (@P1)' SET @ParamDefinition = N'@P1 varchar(100)'; DECLARE @Code as nvarchar(100); SET @Code = 'X101,B202' EXECUTE sp_executesql @Cmd, @ParamDefinition, @P1 = @Code The is what I have tested: SET @Code = 'X101' <-- This works, it returns a single region SET @Code = 'X101,B202' <--- Returns nothing SET @Code = '''X101'',''B202''' <-- Returns nothing Please help.... what did I do wrong?

    Read the article

  • How to escape/strip special characters in the LaTeX document?

    - by Igor
    We implemented the online service where it is possible to generate PDF with predefined structure. User can choose a LaTeX template and then compile it with an appropriate inputs. The question we worry about is the security, that the malicious user was not able to gain shell access through the injection of special instruction into latex document. We need some workaround for this or at least a list of special characters that we should strip from the input data. Preferred language would be PHP, but any suggestions, constructions and links are very welcomed. PS. in few word we're looking form mysql_real_escape_string for LaTeX

    Read the article

  • How to get result size from an SQL query and check size

    - by Jimmy
    Hi I'm trying to write a piece of code for a simple verification method as part of a MVC. At present the SQL is not written as a prepared statement so obviously it is at risk to a SQL injection so any help in regards to writing the SQL as a prepared statement would be really helpful. The method which is in the User model. public boolean getLoginInfo() { try { DBAccess dbAccess = new DBAccess(); String sql = "SELECT username, password FROM owner WHERE username = '" + this.username + "'AND password = '" + this.password + "';"; dbAccess.close();dbAccess.executeQuery(sql); dbAccess.close(); return true; } catch (Exception e) { return false; } } I want to get the size of the result set which is generated by the SQL query and if the size of it is 1 return true else it's false. If you need more info on the rest of the MVC just post and I'll get it up here.

    Read the article

  • How to handle injecting dependencies into rich domain models?

    - by Arne
    In a web server project with a rich domain model (application logic is in the model, not in the services) how do you handle injecting the dependencies into the model objects? What are your experiences? Do you use some form of AOP? Like Springs @Configurable annotation? Load time or build time weawing? Problems you encountered? Do you use manual injection? Then how do you handle different instantiation scenarios (creating of the objects through an library [like Hibernate], creating objects with "new" ...)? Or do you use some other way of injecting the dependencies?

    Read the article

  • What are the common patterns in web programming?

    - by lankerisms
    I have been trying to write my first big web app (more than one cgi file) and as I kept moving forward with the rough prototype, paralelly trying to predict more tasks, this is the todo that got accumulated (In no particular order). * Validations and input sanitizations * Object versioning (to avoid edit conflicts. I dont want hard locks) * Exception handling * memcache * xss and injection protections * javascript * html * ACLs * phonetics in search, match and find duplicates (for form validation) * Ajaxify!!! (I have snipped off the project specific items.) I know that each todo will be quite tied up to its project and technologies used. What I am wondering though, is if there is a pattern in your todo items as well as the sequence in which you experienced guys have come across them.

    Read the article

  • Regular Expression: Allow letters, numbers, and spaces (with at least one letter or number)

    - by makeee
    I'm currently using this regex ^[A-Z0-9 _]*$ to accept letters, numbers, spaces and underscores. I need to modify it to require at least one number or letter somewhere in the string. Any help would be appreciated! This would be for validating usernames for my website. I'd actually like to support as many characters as I can, but just want to ensure that I prevent code injection and that characters will display fine for all users. So I'm definately open to regex validation suggestions that would support a wider set of characters.

    Read the article

  • MySQL User AutoIncrement Permissions Restriction

    - by psayre23
    I have two databases that need to have their auto increment ids on various tables synced. Right now, I have a PHP function that checks the current auto increment id for both tables and then sets the lowest to the highest. If there is a better way to do this, I'm all ears. I really don't want to give the web user alter permissions, as a SQL injection could clear all passwords (or something else silly). Is there any way to restrict a MySQL user to changing auto increment without opening it up to alter statements?

    Read the article

  • The risk of granting to IUSR* NTFS permissions on a folder on the server

    - by vtortola
    I have two web applications that must share a file in the server file system. Both apps are inside of "Inetpub\wwwroot". The file cannot be accessed freely from outside, so it is in a folder out of "Inetpub". I have granted full NTFS permissions to the user "IUSR_whatever" (is the user that runs IIS in anonymous requests) in that folder. The folder has only that file, and has no other use. It works so far :) But, what is the risk? what should I be afraid of? As I see it, as long the folder is out of the "InetPub" cannot be accessed, and as long the apps don't have any security flaw like "path traversal" or server side code injection, it should be safe enough.... But I'm always keen to be wrong :) What do you think? May the file or even the server itself get compromised because of this? Thanks.

    Read the article

  • Doing a lot of input validation in VB.NET

    - by Andy
    I have a form set up where users can enter their booking for a room at my college. I want to validate the user input to avoid SQL injection (my program uses a MS Access database) and also stop numbers and synbols in their name, etc. I can do the validation fine, but there is to be a lot of validation and then methods executed only if all validation tests come back as true. I did have something like this: If txtName.Text = "" Then frmBookErr.SetError(txtName, "Name field cannot be left blank.") fail = 1 Else frmBookErr.SetError(txtName, "") fail = 0 End If And then check the fail variable, but it obviously gets overridden later in the form if one of the validation tests come back as true. Can anyone provide some input into this? Thanks.

    Read the article

  • Is it safe to unset PHP super-globals if this behavior is documented?

    - by Stephen
    I'm building a PHP framework, and in it I have a request object that parses the url as well as the $_GET, $_POST and $_FILE superglobals. I want to encourage safe web habits, so I'm protecting the data against SQL injection, etc. In order to ensure users of this framework are accessing the safe, clean data through the request object, I plan to use unset($_GET, $_POST, $_REQUEST); after parsing those variables. I will document this in the method comments, and explain in the framework documentation that this is happening. My question is: Would this be desirable behavior? What are the potential pitfalls that I have not foreseen?

    Read the article

  • Third Party Libraries and Technologies very Java Programmer must be aware of?

    - by kunjaan
    I agree that this is a very subjective question but as a student of Java , I get suggested good libraries and technologies for Java by my mentors at work. For example, I was not aware of Google Guice for Dependency Injection, awesomeness of Java Reflection APIs, ORMs like Hibernate or stuffs you could do with libraries like Hadoop. I want to collect and share some of the libraries that exemplifies good java programming (so that beginners like me could code walk and emulate the coding practice), teach unique concepts to Java (for example Dependency Injections or ORM) and/or are really interesting libraries that a student like me would get to do interesting projects on (eg. Hadoop). I redited this question 3 times to make it more specific : ). I am sorry if I am really not clear in my intentions. But some kind of a list of good concepts and third party libraries for Java could really help some of my intern friends here at work. Thank you.

    Read the article

  • compromised site

    - by pinniger
    So, I have a web site that has been compromised twice in two weeks. every index.php and .js file gets a script injecting into the source code of the file. The problem is that I have no idea how they're doing it. I've seen this done via sql injection before, but I don't know how they are actually writing to the file. I've dug through the Apache logs but didn't find anything interesting. The site is built using the cakephp framework on a godaddy shared server. Anybody know what secturity settings or log files to check to see how they are doing this?

    Read the article

  • Creating immutable objects from javabean

    - by redzedi
    Hi All, I am involved in this project where we are building on good bit of legacy code. I have a particular situation about one big java bean object which has to be transferred over wire. So my first thought was to make it immutable and serializable to do the trick .At this point I am faced with a few difficult choices :- 1 Ideally I want some way to automatically generate an immutable, serializable version of this class. I dont have the scope to refactor or alter this class in any way and i would really really hate to have to copy paste the class with a different name ?? 2 Assuming that i gave up on 1 i.e i actually chose to duplicate code of the HUGE javabean class , i still will be in the unsavoury situation of having to write a constructor with some 20-25 parameters to make this class immutable. what is a better way to make a class immutable other than constructor injection ?? Thanks and Regards,

    Read the article

  • A PHP Function that verify code language

    - by tymc
    Hi, I have a form with 2 textareas; the first one allows user to send HTML Code, the second allows to send CSS Code. I have to verify with a PHP function, if the language is correct. If the language is correct, for security, i have to check that there is not PHP code or SQL Injection or whatever. What do you think ? Is there a way to do that ? Where can I find this kind of function ? Is "HTML Purifier" http://htmlpurifier.org/ a good solution ?

    Read the article

  • Web Development In Java Using Netbeans

    - by GigaPr
    Hi I am trying to implement a web application(university project) in java using the following Frameworks Spring Dependency Injection Spring AOP (Logging and Transaction Management) Spring DAO JDBC or HIBERNATE Spring MVC Log4J I create a new Web Application in Netbeans and it gives me a bunch of Files and folders by default. Could anyone explain me what are the files ? Where shall i put the code for the data access layer and business Logic? Or where can i found a basic tutorial to get started(with data access layer, business layer and possibly code example)? Thanks

    Read the article

  • How to use prepared statements (named parameters) on a php Class

    - by Mohamed Adib Errifai
    This is my first post here. I've searched in the site, but inforutunaly no matchs. Anyway, i want to know how to use named parameters on a class. so the pdo basic form is something like. $query = $bdd->prepare('SELECT * FROM table WHERE login = :login AND pww = :pww'); $query->execute(array('login' => $login, 'pww' => $pww)); and i want to integrate this on a class regardless of the number of parameters. Currently, i have this code http://pastebin.com/kKgSkaKt and for parameters, i use somethings like ( which is wrong and vulnerable to injection ) require_once 'classes/Mysql.class.php'; $mysql = new Mysql(); $sql = 'SELECT * FROM articles WHERE id = '.$_GET['id'].' LIMIT 1'; $data = $mysql->select($sql); And Thanks.

    Read the article

  • Allow alphanumeric, punctuation, and spaces

    - by bccarlso
    I'm pretty new to regular expressions, and MAN do they give me a headache. They are so intimidating! For an email campaign I'm doing, a user will click a link out of the email with a few URL parameters filled in for them, to make filling out a form easier. I want to prevent any injection hacks or whatever it's called, but need to allow the $_GET parameters to be alphanumeric, have punctuation, and have spaces. If someone has a good method for this, I'd appreciate it, but right now I have: foreach($_GET as $m=>$n) { $get[$m] = preg_replace('(^[a-z0-9 \-\_\.]+)i',' ',$n); } I would like to be able to replace all characters NOT found with this regular expression, which I believe I use ?!, but I can't get that to work either. Any help in getting this to work would be appreciated!

    Read the article

  • Does SELECT COUNT(*) work with MySQLi prepared statements?

    - by wordman
    I'm working on a test page and am using MySQLi prepared statements in my queries after reading they make my code safe from SQL injection. I have been successful with prepared statements so far with retrieving data from my DB, that all works great. What I want to do now is count the number of galleries within a project using SELECT COUNT(*). That's it. Without using a prepared statement, my old query looked like this: // count number of galleries per project $conn = dbConnect('query'); $galNumb = "SELECT COUNT(*) FROM pj_galleries WHERE project = {$pjInfo['pj_id']}"; $gNumb = $conn->query($galNumb); $row = $gNumb->fetch_row(); $galTotal = $row[0]; But for all my reading and searching the internet, I can not find out the proper way to write this as a prepared statement. I'm no PHP whiz here, and not coding daily isn't helping my skills. If I've missed anything please ask. Many thanks!

    Read the article

  • Third Party Libraries and Technologies every Java Programmer must be aware of?

    - by kunjaan
    I agree that this is a very subjective question but as a student of Java , I get suggested good libraries and technologies for Java by my mentors at work. For example, I was not aware of Google Guice for Dependency Injection, awesomeness of Java Reflection APIs, ORMs like Hibernate or stuffs you could do with libraries like Hadoop. I want to collect and share some of the libraries that exemplifies good java programming (so that beginners like me could code walk and emulate the coding practice), teach unique concepts to Java (for example Dependency Injections or ORM) and/or are really interesting libraries that a student like me would get to do interesting projects on (eg. Hadoop). I redited this question 3 times to make it more specific : ). I am sorry if I am really not clear in my intentions. But some kind of a list of good concepts and third party libraries for Java could really help some of my intern friends here at work. Thank you.

    Read the article

  • design-pattern libraries ready-to-use?

    - by fayer
    symfony has released some of their components free to use outside the framework. i have used the event dispatcher and dependency injection...they are awesome! i wonder if there are other components/libraries (from other frameworks etc) that in the same way help you manage various design patterns? eg. decorator, facade, singleton, chain of commands etc. i think symfony is on the right path, abstracting away the design patterns. are there any other components out there doing the same? thanks

    Read the article

  • Stopping users posting more than once

    - by user342391
    Before posting my form I am checking the database to see if there are any previous posts from the user. If there are previous posts then the script will kick back a message saying you have already posted. The problem is that what I am trying to achieve isn't working it all goes wrong after my else statement. It is also probable that there is an sql injection vulnerability too. Can you help??4 <?php include '../login/dbc.php'; page_protect(); $customerid = $_SESSION['user_id']; $checkid = "SELECT customerid FROM content WHERE customerid = $customerid"; if ($checkid = $customerid) {echo 'You cannot post any more entries, you have already created one';} else $sql="INSERT INTO content (customerid, weburl, title, description) VALUES ('$_POST[customerid]','$_POST[webaddress]','$_POST[pagetitle]','$_POST[pagedescription]')"; if (!mysql_query($sql)) { die('Error: ' . mysql_error()); } echo "1 record added"; ?>

    Read the article

  • How long people take to learn a new programming language?

    - by Cawas
    In general aspects, this might be a good reference for everyone. Having an idea of how long people take in average for properly learning how to code can give a very good idea on how dense or long is the path. Someone who never programmed should take weeks or months, even years maybe while someone who's already experienced in the area and know at least 2 different languages might take days, hours or even minutes to start coding. But other than being able to write code that runs, there are ways to write the same program, and it's much harder to get deep knowledge on that than actually being able to program. And sometimes languages differ a lot from one to another on that aspect as well. For instance, we should never have to worry with code-injection in JavaScript like we do in C. So, is there any place we can see some good numbers for how long it takes to learn a language, maybe divided into level of knowledge categories, languages and paradigms, etc?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 171 172 173 174 175 176 177 178 179 180 181 182  | Next Page >