Search Results

Search found 29495 results on 1180 pages for 'cross site scripting'.

Page 192/1180 | < Previous Page | 188 189 190 191 192 193 194 195 196 197 198 199  | Next Page >

  • The best way to separate admin functionality from a public site?

    - by AndrewO
    I'm working on a site that's grown both in terms of user-base and functionality to the point where it's becoming evident that some of the admin tasks should be separate from the public website. I was wondering what the best way to do this would be. For example, the site has a large social component to it, and a public sales interface. But at the same time, there's back office tasks, bulk upload processing, dashboards (with long running queries), and customer relations tools in the admin section that I would like to not be effected by spikes in public traffic (or effect the public-facing response time). The site is running on a fairly standard Rails/MySQL/Linux stack, but I think this is more of an architecture problem than an implementation one: mainly, how does one keep the data and business logic in sync between these different applications? Some strategies that I'm evaluating: 1) Create a slave database of the public facing database on another machine. Extract out all of the model and library code so that it can be shared between the applications. Create new controllers and views for the admin interfaces. I have limited experience with replication and am not even sure that it's supposed to be used this way (most of the time I've seen it, it's been for scaling out the read capabilities of the same application, rather than having multiple different ones). I'm also worried about the potential for latency issues if the slave is not on the same network. 2) Create new more task/department-specific applications and use a message oriented middleware to integrate them. I read Enterprise Integration Patterns awhile back and they seemed to advocate this for distributed systems. (Alternatively, in some cases the basic Rails-style RESTful API functionality might suffice.) But, I have nightmares about data synchronization issues and the massive re-architecting that this would entail. 3) Some mixture of the two. For example, the only public information necessary for some of the back office tasks is a read-only completion time or status. Would it make sense to have that on a completely separate system and send the data to public? Meanwhile, the user/group admin functionality would be run on a separate system sharing the database? The downside is, this seems to keep many of the concerns I have with the first two, especially the re-architecting. I'm sure the answers are going to be highly dependent on a site's specific needs, but I'd love to hear success (or failure) stories.

    Read the article

  • Help. WebResource.axd is leading to a exploit site

    - by John Prado
    I've a site hosted in a shared enviroment. Every time I do a and add some validation controls the ASP.Net generate a script call to a WebResource.axd who leads to a exploit site: www2.shopezlive.com/main.php?..... How the hacker could compromise the assemblies of .Net and how can I get rid of this mess?

    Read the article

  • Form value field is visable in localhost but not on live site-how to hide?

    - by Joel
    Hi guys, I'm almost completed moving my first live site to my new xampp setup on localhost. I have a form that uses jquery in the header of the site. It's a bit verbose, but here it is: <div class="outeremailcontainer"> <div id="emailcontainer"> <?php include('verify.php'); ?> <form action="index_success.php" method="post" id="sendEmail" class="email"> <h3 class="register2">Newsletter Signup:</h3> <ul class="forms email"> <li class="name"><label for="yourName">Name: </label> <input type="text" name="yourName" class="info" id="yourName" value="<?= $_POST['yourName']; ?>" /><br /> </li> <li class="city"><label for="yourCity">City: </label> <input type="text" name="yourCity" class="info" id="yourCity" value="<?= $_POST['yourCity']; ?>" /><br /> </li> <li class="email"><label for="emailFrom">Email: </label> <input type="text" name="emailFrom" class="info" id="emailFrom" value="<?= $_POST['emailFrom']; ?>" /> <?php if(isset($emailFromError)) echo '<span class="error">'.$emailFromError.'</span>'; ?> </li> <li class="buttons email"> <button type="submit" id="submit">Send</button> <input type="hidden" name="submitted" id="submitted" value="true" /> </li> </ul> </form> <div class="clearing"> </div> </div> </div> So I am using jQuery (I can include the function if need-be) and it hides fields, etc. The problem is that on the localhost site, the values of the fields are populating the fields. IE: first field has this in the box, etc <?= $_POST['yourName']; ?> It works great in the live site though. Any idea how to fix this? Thanks!

    Read the article

< Previous Page | 188 189 190 191 192 193 194 195 196 197 198 199  | Next Page >