Search Results

Search found 5760 results on 231 pages for 'itunes alternative'.

Page 195/231 | < Previous Page | 191 192 193 194 195 196 197 198 199 200 201 202  | Next Page >

  • Understanding CSRF - Simple Question

    - by byronh
    I know this might make me seem like an idiot, I've read everything there is to read about CSRF and I still don't understand how using a 'challenge token' would add any sort of prevention. Please help me clarify the basic concept, none of the articles and posts here on SO I read seemed to really explicitly state what value you're comparing with what. From OWASP: In general, developers need only generate this token once for the current session. After initial generation of this token, the value is stored in the session and is utilized for each subsequent request until the session expires. If I understand the process correctly, this is what happens. I log in at http://example.com and a session/cookie is created containing this random token. Then, every form includes a hidden input also containing this random value from the session which is compared with the session/cookie upon form submission. But what does that accomplish? Aren't you just taking session data, putting it in the page, and then comparing it with the exact same session data? Seems like circular reasoning. These articles keep talking about following the "same-origin policy" but that makes no sense, because all CSRF attacks ARE of the same origin as the user, just tricking the user into doing actions he/she didn't intend. Is there any alternative other than appending the token to every single URL as a query string? Seems very ugly and impractical, and makes bookmarking harder for the user.

    Read the article

  • SIGABRT Issues with UIApplication_TVOut and MPVideoView - is there another way??

    - by user365920
    Hi there, I am due to do a demo in a week of an app which i have been working on for a company - until now, i have been using code taken from this useful tutorial here The problem is that this no longer seems to be working - causing a SIGABRT inside of the following (see initWithVideoView): - (void) startTVOut; { // you need to have a main window already open when you call start if (!tvoutWindow) { deviceWindow = [self keyWindow]; MPVideoView *vidView = [[MPVideoView alloc] initWithFrame: CGRectZero]; **tvoutWindow = [[MPTVOutWindow alloc] initWithVideoView:vidView];** [tvoutWindow makeKeyAndVisible]; tvoutWindow.userInteractionEnabled = NO; mirrorView = [[UIImageView alloc] initWithFrame: [[UIScreen mainScreen] bounds]]; [self reformatTVOutOrientation]; mirrorView.center = vidView.center; [vidView addSubview: mirrorView]; [deviceWindow makeKeyAndVisible]; [NSThread detachNewThreadSelector:@selector(updateLoop) toTarget:self withObject:nil]; } } Can anyone help at all??? This was all working fine, but seems to have stopped working recently - none of my code has changed, so assuming Apple have removed that API (yes, i know it was a private API in the first place, so im not moaning!) Just need to know if there is an alternative way of displaying the contents of my iPhone screen in my app... Many thanks in advance!

    Read the article

  • Working for free

    - by truncate
    Finances are making me take an extended period off of my college education. In my current state, I don't feel fully qualified to be employed by an iPhone software company. While I work on getting things back together, I'd like to try an work for a software company for free in my local area (I'm going to college out of state and have to move back as well). The economy has forced employers to be very picky about who they hire, if any at all. Since I'd like to continue refining my abilities, I was wondering on what the consensus is on working for free. It can't be considered an internship, as I would no longer be in school..., I guess an apprenticeship is more appropriate. Like I said, I don't think I'm qualified to be paid for my services, and I don't want to be. I just don't know how to ask, or if it's even appropriate to ask them to show me how to develop software in the real world. My thinking is that they would be willing to get some work done for free and if I prove myself, they could hire me. If not, there was no major loss. They get some free development, and lose a bit of time helping show me the ropes. I get either a job, or valuable experience that I need. The other alternative is that I try to work out things by myself on the iPhone platform, but that sounds terrifying. I appreciate any input the community has to offer.

    Read the article

  • How can I choose different hints for different joins for a single table in a query hint?

    - by RenderIn
    Suppose I have the following query: select * from A, B, C, D where A.x = B.x and B.y = C.y and A.z = D.z I have indexes on A.x and B.x and B.y and C.y and D.z There is no index on A.z. How can I give a hint to this query to use an INDEX hint on A.x but a USE_HASH hint on A.z? It seems like hints only take the table name, not the specific join, so when using a single table with multiple joins I can only specify a single strategy for all of them. Alternative, suppose I'm using a LEADING or ORDERED hint on the above query. Both of these hints only take a table name as well, so how can I ensure that the A.x = B.x join takes place before the A.z = D.z one? I realize in this case I could list D first, but imagine D subsequently joins to E and that the D-E join is the last one I want in the entire query. A third configuration -- Suppose I want the A.x join to be the first of the entire query, and I want the A.z join to be the last one. How can I use a hint to have a single join from A to take place, followed by the B-C join, and the A-D join last?

    Read the article

  • Does HttpListener work well on Mono?

    - by billpg
    Hi everyone. I'm looking to write a small web service to run on a small Linux box. I prefer to code in C#, so I'm looking to use Mono. I don't want the overhead of running a full web server or Mono's version of ASP.NET. I'm thinking of having a single process with a thread dealing with each client connection. Shared memory between threads instead of a database. I've read a little on Microsoft's version of HttpListener and how it works with the Http.sys driver. Alas, Mono's documentation on this class is just the automated class interface with no discussion of how it works under the hood. (Linux doesn't have Http.sys, so I imagine it's implemented substantially differently.) Could anyone point me towards some resources discussing this module please? Many thanks, Bill, billpg.com (A little background to my question for the interested.) Some time ago, I asked this question, interested in keeping a long conversation open with lots of back-and-forth. I had settled on designing my own ad-hoc protocol, but people I spoke to really wanted a REST interface, even at the cost of the "Okay, send your command now" signal. So, I wondered about running ASP.NET on a Linux/Mono server, but stumbled upon HttpListener. This seemed ideal, as each "conversation" could run in a separate thread. The thread that calls HttpListener in a loop can look for which thread each incomming connection is for and pass the reference to that thread. The alternative for an ASP.NET driven service, would be to have the ASPX code pick up the state from a database, and write back the new state when it finishes. Yes, it would work, but that's a lot of overhead.

    Read the article

  • How to recalculate all-pairs shorthest paths on-line if nodes are getting removed?

    - by Pavel Shved
    Latest news about underground bombing made me curious about the following problem. Assume we have a weighted undirected graph, nodes of which are sometimes removed. The problem is to re-calculate shortest paths between all pairs of nodes fast after such removals. With a simple modification of Floyd-Warshall algorithm we can calculate shortest paths between all pairs. These paths may be stored in a table, where shortest[i][j] contains the index of the next node on the shortest path between i and j (or NULL value if there's no path). The algorithm requires O(n³) time to build the table, and eacho query shortest(i,j) takes O(1). Unfortunately, we should re-run this algorithm after each removal. The other alternative is to run graph search on each query. This way each removal takes zero time to update an auxiliary structure (because there's none), but each query takes O(E) time. What algorithm can be used to "balance" the query and update time for all-pairs shortest-paths problem when nodes of the graph are being removed?

    Read the article

  • SQL Server Multi-statement UDF - way to store data temporarily required

    - by Kharlos Dominguez
    Hello, I have a relatively complex query, with several self joins, which works on a rather large table. For that query to perform faster, I thus need to only work with a subset of the data. Said subset of data can range between 12 000 and 120 000 rows depending on the parameters passed. More details can be found here: http://stackoverflow.com/questions/3054843/sql-server-cte-referred-in-self-joins-slow As you can see, I was using a CTE to return the data subset before, which caused some performance problems as SQL Server was re-running the Select statement in the CTE for every join instead of simply being run once and reusing its data set. The alternative, using temporary tables worked much faster (while testing the query in a separate window outside the UDF body). However, when I tried to implement this in a multi-statement UDF, I was harshly reminded by SQL Server that multi-statement UDFs do not support temporary tables for some reason... UDFs do allow table variables however, so I tried that, but the performance is absolutely horrible as it takes 1m40 for my query to complete whereas the the CTE version only took 40minutes. I believe the table variables is slow for reasons listed in this thread: http://stackoverflow.com/questions/1643687/table-variable-poor-performance-on-insert-in-sql-server-stored-procedure Temporary table version takes around 1 seconds, but I can't make it into a function due to the SQL Server restrictions, and I have to return a table back to the caller. Considering that CTE and table variables are both too slow, and that temporary tables are rejected in UDFs, What are my options in order for my UDF to perform quickly? Thanks a lot in advance.

    Read the article

  • Obtaining touch location for a uiscrollview touch

    - by LOSnively
    I have a uiscrollview as an element of a uiscrollviewcontroller, along with other view objects. The image scrolls and zooms as expected, when the scrollView is the top subview. However, I also need to get the screen location of the touch, in particular when there is no scroll action. (I understand the location may change during a scroll, but that's not important.) I haven't found a way to do that. In the scrollviewcontroller implementation I have customized all of the standard methods that should do this: "touchesShouldBegin...", "touchesBegan:...", "touchesEnded:...", and so on. As far as I can tell, none of these are being called during a touch event when the scrollView is the top subview. I've tried setting the delayContentTouches property to both YES and NO, and that doesn't seem to make a difference. As an alternative, I've tried putting a UIView as the top subview and then tried passing the touches to the now underlying scrollView. In this configuration, the standard methods are called and I can get the touch location, but I haven't found a mechanism for the touches to be passed to the scrollView so scrolling occurs. Doing something like sending the touch messages to the specific scrollView, or to "super" or just sending them to nextResponder doesn't do it. It seems I can make the scroll work or find the location of the touch but not both, depending on what the "top" subview is. I suspect this is trivial, but after two weeks of struggling, it's time to eat my embarrassment for not being able to do this seemingly simplest of things. I've read all of the related questions here on stackoverflow, tried most if not all of the suggestions, and so far, nothing has worked. I've looked through the various links and references suggested by the answers, including Apple's documentation, but none have pointed out the gap in my understanding. Any ideas would be appreciated.

    Read the article

  • Can Haskell's Parsec library be used to implement a recursive descent parser with backup?

    - by Thor Thurn
    I've been considering using Haskell's Parsec parsing library to parse a subset of Java as a recursive descent parser as an alternative to more traditional parser-generator solutions like Happy. Parsec seems very easy to use, and parse speed is definitely not a factor for me. I'm wondering, though, if it's possible to implement "backup" with Parsec, a technique which finds the correct production to use by trying each one in turn. For a simple example, consider the very start of the JLS Java grammar: Literal: IntegerLiteral FloatingPointLiteral I'd like a way to not have to figure out how I should order these two rules to get the parse to succeed. As it stands, a naive implementation like this: literal = do { x <- try (do { v <- integer; return (IntLiteral v)}) <|> (do { v <- float; return (FPLiteral v)}); return(Literal x) } Will not work... inputs like "15.2" will cause the integer parser to succeed first, and then the whole thing will choke on the "." symbol. In this case, of course, it's obvious that you can solve the problem by re-ordering the two productions. In the general case, though, finding things like this is going to be a nightmare, and it's very likely that I'll miss some cases. Ideally, I'd like a way to have Parsec figure out stuff like this for me. Is this possible, or am I simply trying to do too much with the library? The Parsec documentation claims that it can "parse context-sensitive, infinite look-ahead grammars", so it seems like something like I should be able to do something here.

    Read the article

  • Storing Arbitrary Contact Information in Ruby on Rails

    - by Anthony Chivetta
    Hi, I am currently working on a Ruby on Rails app which will function in some ways like a site-specific social networking site. As part of this, each user on the site will have a profile where they can fill in their contact information (phone numbers, addresses, email addresses, employer, etc.). A simple solution to modeling this would be to have a database column per piece of information I allow users to enter. However, this seems arbitrary and limited. Further, to support allowing users to enter as many phone numbers as they would like requires the addition of another database table and joins. It seems to me that a better solution would be to serialize all the contact information entered by a user into a single field in their row. Since I will never be conditioning a SQL query on this information, such a solution wouldn't be any less efficient. Ideally, I would like to use a vCard as my serialization format. vCards are the standard solution to storing contact information across the web, and reusing tested solutions is a Good Thing. Alternative serialization formats would include simply marshaling a ruby hash, or YAML. Regardless of serialization format, supporting the reading and updating of this information in a rails-like way seems to be a major implementation challenge. So, here's the question: Has anyone seen this approach used in a rails application? Are there any rails plugins or gems that make such a system easy to implement? Ideally what I would like is an acts_as_vcard to add to my model object that would handle editing the vcard for me and saving it back to the database.

    Read the article

  • IE performance issues with offsetHeight and offsetWidth

    - by Paul
    I have a site that grabs the response text from an AJAX call and does 'innerHTML' on a div that is going to contain it. After I do the 'innerHTML' I process the DIV by traversing the whole hierarchy of nodes and grabbing their [offsetWidth/offsetHeight] to do some operations with it. Why not css style width/height? because sometimes those values are not available since I don't control what is coming from the AJAX response, plus I want the real box dimensions including borders/scrolls/padding. On large injections (let's say 7,000 new DOM elements) IE takes way longer time than FF/Safari just to get this [offsetWidth/offsetHeight], actually if I wasn't doing injection but just render the contents of the HTML in the browser and processing it, it would be much faster. But that is not an option since I have to inject it on a div that will contain it. Anybody has deal with this kind of issue before? is there an alternative to innerHTML, I have try using documentFragment to inject and process and the move it to the div and still I don't see much gain. How can I get the values that are available with [offsetWidth/offsetHeight]? Thanks a bunch for any suggestions. Paul

    Read the article

  • What is the 'page lifecycle' of an ASP.NET MVC page, compared to ASP.NET WebForms?

    - by Simon
    What is the 'page lifecycle' of an ASP.NET MVC page, compared to ASP.NET WebForms? I'm tryin to better understand this 'simple' question in order to determine whether or not existing pages I have in a (very) simple site can be easily converted from ASP.NET WebForms. Either a 'conversion' of the process below, or an alternative lifecycle would be what I'm looking for. What I'm currently doing: (yes i know that anyone capable of answering my question already knows all this -- i'm just tryin to get a comparison of the 'lifecycle' so i thought i'd start by filling in what we already all know) Rendering the page: I have a master page which contains my basic template I have content pages that give me named regions from the master page into which I put content. In an event handler for each content page I load data from the database (mostly read-only). I bind this data to ASP.NET controls representing grids, dropdowns or repeaters. This data all 'lives' inside the HTML generated. Some of it gets into ViewState (but I wont go into that too much!) I set properties or bind data to certain items like Image or TextBox controls on the page. The page gets sent to the client rendered as non-reusable HTML. I try to avoid using ViewState other than what the page needs as a minimum. Client side (not using ASP.NET AJAX): I may use JQuery and some nasty tricks to find controls on the page and perform operations on them. If the user selects from a dropdown -- a postback is generated which triggers a C# event in my codebehind. This event may go to the database, but whatever it does a completely newly generated HTML page ends up getting sent back to the client. I may use Page.Session to store key value pairs I need to reuse later So with MVC how does this 'lifecycle' change?

    Read the article

  • what dataprovider in flex (aside from ArrayCollection) will work for single, non-repeating XML nodes

    - by Rees
    hello, i asked this question before but haven't been able to get an answer.. i get the following error when i retrieve an XML that only has 1 node (no repeating nodes) from a PHP page and i try to store in an ArrayCollection. -When I have MORE than 1 "name" nodes...i do NOT get an error. TypeError: Error #1034: Type Coercion failed: cannot convert "XXXXXX" to mx.collections.ArrayCollection. this error occurs as the line of code: myList= e.result.list.name; I'm using this ArrayCollection as a dataprovider for a Component -is there an alternative I can use that will take BOTH single and repeating nodes as well as work as a dataprovider? Thanks in advance! code: [Bindable] private var myList:ArrayCollection= new ArrayCollection(); private function getList(e:Event):void{ var getStudyLoungesService:HTTPService = new HTTPService(); getStuffService.url = "website.com/asdf.php"; getStuffService.addEventListener(ResultEvent.RESULT, onGetList); getStuffService.send(); } private function onGetList(e:ResultEvent):void{ myList= e.result.list.name; }

    Read the article

  • How can a program be detected as running?

    - by ryeguy
    I have written a program that is sort of an unofficial, standalone plugin for an application. It allows customers to get a service that is a lower priced alternative then the vendor-owned one. My program is not illegal, against any kind of TOS, and is certainly not a virus, adware, or anything like that. That being said, the vendor of course is not happy about me taking his competition, and is trying to block my application from running. He has already tried some tactics to stop people from running my app alongside his. He makes it so if it is detected, his app throws a fake error. First, he checked to see if my program was running by looking for an open window with the right title. I countered this by randomizing the program title at startup. Next, he looked for the running process name. I countered this by making the app copy itself when it is started as [random string].exe and then running that. Anyways, my question is this: what else can he do to detect if my program running? I know that you can read window text (ie status bar, labels). I'm prepared to counter this by replacing the labels with images (ugh, any other way?). But what else is there? Can you detect what .dlls a program has loaded? If so, could this be solved by randomizing the dll names before loading them? I know that it's possible to get a program's signature in memory and track it that way (like a virus scanner), but the chances of him doing that probably aren't good because that sounds pretty advanced. Even though this is kinda crappy of him to be doing, its kind of fun. It's like a nerdy fist fight. EDIT: When I said it's a plugin, that is just the (incorrect) term I used. It's a standalone EXE. The "API" between my program and the other is mine is simply entering data into the controls (like textboxes, etc).

    Read the article

  • Java: Is clone() really ever used? What about defensive copying in getters/setters?

    - by GreenieMeanie
    Do people practically ever use defensive getters/setters? To me, 99% of the time you intend for the object you set in another object to be a copy of the same object reference, and you intend for changes you make to it to also be made in the object it was set in. If you setDate(Date dt) and modify dt later, who cares? Unless I want some basic immutable data bean that just has primitives and maybe something simple like a Date, I never use it. As far as clone, there are issues as to how deep or shallow the copy is, so it seems kind of "dangerous" to know what is going to come out when you clone an Object. I think I have only used clone() once or twice, and that was to copy the current state of the object because another thread (ie another HTTP request accessing the same object in Session) could be modifying it. Edit - A comment I made below is more the question: But then again, you DID change the Date, so it's kind of your own fault, hence whole discussion of term "defensive". If it is all application code under your own control among a small to medium group of developers, will just documenting your classes suffice as an alternative to making object copies? Or is this not necessary, since you should always assume something ISN'T copied when calling a setter/getter?

    Read the article

  • Usability for content editors: Drupal or PHP framework?

    - by Jim
    Greetings: I am going to develop a basic Web site that supports some custom content types, is multilingual, and has content moderation workflow for a restricted group of content editors. This seems like an obvious choice for Drupal, except... the content editors will have little computer experience. In my opinion, that is a show-stopper for Drupal. For example, placing arbitrary inline images in content is a task that WordPress does well. I find Drupal's alternatives (IMCE, img_assist, etc.) clunky and not well integrated, and that will be a problem for this group of content editors. Also, none of the Drupal content workflow modules I tried seemed well-integrated; they all had a "tacked on" feel to them. As an admin I can understand why an "Accessible content" menu item (via Module Grants module) is necessary to view draft content (fixed in D7 but I can't wait for all the modules to be ported), but I'm pretty sure it'll confuse the content editors. An alternative is to use a PHP framework. I've read a few threads suggesting that it will take roughly the same amount of time using a good framework as it will to bend Drupal to my willing... maybe wishful thinking? I'm looking at Symfony, which gives me a basic auto-generated back-end, but which I believe I can customize to my heart's content. How do you make Drupal accessible to non-savvy content editors? If you recommend a PHP framework, which one? TIA!

    Read the article

  • Hybrid EAV/CR model via WCF (and statically-typed language)?

    - by Pat
    Background I'm working on the architecture for a cloud-based LOB application, using Silverlight for the client, WCF, ASP.NET/C# for server and SQL Server for storage. The data model requires some flexibility per user (ability to add custom properties and define validation rules for them, for example), and a hybrid EAV/CR persistence model on the server side will suit nicely. Problem I need an efficient and maintainable technology and approach to handle the transformation from the persisted EAV model to/from WCF (and similarly allow the client to bind to the resulting data - DataGrid is a key UI element)? Admission: I don't yet know enough about WCF to understand if it supports ExpandoObject directly, but I suspect it will. Options I started off looking at WCF RIA services, but quickly discovered they're heavily dependent upon both static type data and compile-time code generation. Neither of these appeal. The options I'm considering include: Using WCF RIA services and pass the data over the network directly in EAV form (i.e. Dictionary), and handle the binding issue purely on the client side (like this) Using a dynamic language (probably IronPython) to handle both ends of the communication, with plumbing to generate the necessary CLR type data on the client to allow binding, and transform to/from EAV form on the server (spam preventer stopped me from posting a URL here, I'll try it in a comment). Dynamic LINQ (CreateClass() and friends), although I'm way out of my depth there and don't know what the limitations on that approach might be yet. I'm interested in comments on these approaches as well as alternative approaches that might solve the problem. Other Notes The Silverlight client will not be the only consumer of the service, making me slightly uncomfortable with option #1 above. While the data model is flexible, it's not expected to be modified heavily. For argument's sake, we could assume that we might have 25 distinct data models active at a given time, with something like 10-20 unique data fields/rules each. Modifications to the data model will happen infrequently (typically when a new user is initially configured).

    Read the article

  • buttonField clicking problem in blackberry

    - by Master
    hi when i am setting the BackGround image through VerticalField Manager. only one buttonField is gettin clicked ,other button field is not working. can i have the solution for it. please if not i want alternative which will position the buttonfield ,set by user. and i want a image as a background help me out. its urgent.. public GreetingsMainScreen() { homeBackgroundImage=Bitmap.getBitmapResource("com/greetings/Images/HomeBackgroundImage.jpg"); exitField=new ButtonField("Exit",ButtonField.CONSUME_CLICK); exitField.setChangeListener(this); greetField=new ButtonField("GREET",ButtonField.CONSUME_CLICK); greetField.setChangeListener(this); VerticalFieldManager manager = new VerticalFieldManager() { protected void sublayout(int width, int height) { width=fwidth; height=fHeight; super.sublayout(width,height); setPositionChild(greetField, width-232, height-150); setPositionChild(exitField, width-205, height-110); setExtent(width, height); } }; manager.setBackground(BackgroundFactory.createBitmapBackground(homeBackgroundImage)); manager.add(exitField); manager.add(greetField); add(manager); } public void fieldChanged(Field field, int context) { if(field == exitField) { Dialog.alert("Hi"); System.exit(0); } if(field == greetField) { System.exit(0); } } } Thanks alot

    Read the article

  • WPF DockPanel doesn't respect the "Filled" control's desired size

    - by Dan Puzey
    I have the following Xaml (simplified for brevity, but will repro the problem in Xamlpad or Kaxaml): <DockPanel Width="400"> <TextBlock DockPanel.Dock="Left" TextWrapping="Wrap"> Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum massa metus, ornare in fringilla nec, fringilla at orci. Nunc pharetra enim sit amet sapien aliquet eu euismod turpis vehicula. Aenean gravida tempus lectus ut ornare. Nullam massa augue, suscipit vel consectetur fringilla, pretium vitae neque. </TextBlock> <Button MinWidth="100" VerticalAlignment="Center" HorizontalAlignment="Left">Hello world</Button> </DockPanel> My problem is that I want the Button to take its minimum 100px of space, and for the text to wrap suitably to leave that space. However, what happens is that the text wraps as close to 400px as possible, and then the Button is clipped. If I Snoop the output I can see that the button is rendering at the desired 100px, but it's being clipped off the side of the DockPanel. If I reverse the Dock (so the button is docked "Right" and the TextBlock fills) then I get the layout I want, but unfortunately that's not an option due to the surrounding layout. Is there something I can do that will make the DockPanel a) not clip and b) layout in a way that respects the MinWidth? Or am I stuck finding an alternative layout mechanism? Thanks in advance!

    Read the article

  • Visual Studio: How to attach a debugger dynamically to a specific process

    - by Jeff Cyr
    I am building an internal dev tool to manage different processes commonly used in our development environment. The tool show the list the monitored processes, indicate their running state and allow to start or stop each process. I'd like to add the functionality of attaching a debugger to a monitored process from my tool instead of going in 'Debug-Attach to process' in visual studio and finding the process. My goal is to have something like Debugger.Launch() that would show a list of the available visual studio. I can't use Debugger.Launch() because it lauches the debugger on the process that make the call. I would need something like Debugger.Launch(processId). Does anyone know how to acheive this functionality? A solution could be to implement a command in each monitored process to call Debugger.Launch() when the command is received from the monitoring tool, but I would prefer something that does not require to modify the code of the monitored processes. Side question: When using Debugger.Launch(), instances of Visual Studio that already have a debugger attached are not listed. Visual Studio is not limited to one attached debugger, you can attach on multiple process when using 'Debug - Attach to process'. Anyone know how to bypass this limitation when using Debugger.Launch() or an alternative?

    Read the article

  • If attacker has original data and encrypted data, can they determine the passphrase?

    - by Brad Cupit
    If an attacker has several distinct items (for example: e-mail addresses) and knows the encrypted value of each item, can the attacker more easily determine the secret passphrase used to encrypt those items? Meaning, can they determine the passphrase without resorting to brute force? This question may sound strange, so let me provide a use-case: User signs up to a site with their e-mail address Server sends that e-mail address a confirmation URL (for example: https://my.app.com/confirmEmailAddress/bill%40yahoo.com) Attacker can guess the confirmation URL and therefore can sign up with someone else's e-mail address, and 'confirm' it without ever having to sign in to that person's e-mail account and see the confirmation URL. This is a problem. Instead of sending the e-mail address plain text in the URL, we'll send it encrypted by a secret passphrase. (I know the attacker could still intercept the e-mail sent by the server, since e-mail are plain text, but bear with me here.) If an attacker then signs up with multiple free e-mail accounts and sees multiple URLs, each with the corresponding encrypted e-mail address, could the attacker more easily determine the passphrase used for encryption? Alternative Solution I could instead send a random number or one-way hash of their e-mail address (plus random salt). This eliminates storing the secret passphrase, but it means I need to store that random number/hash in the database. The original approach above does not require storage in the database. I'm leaning towards the the one-way-hash-stored-in-the-db, but I still would like to know the answer: does having multiple unencrypted e-mail addresses and their encrypted counterparts make it easier to determine the passphrase used?

    Read the article

  • How should I unit test a code-generator?

    - by jkp
    This is a difficult and open-ended question I know, but I thought I'd throw it to the floor and see if anyone had any interesting suggestions. I have developed a code-generator that takes our python interface to our C++ code (generated via SWIG) and generates code needed to expose this as WebServices. When I developed this code I did it using TDD, but I've found my tests to be brittle as hell. Because each test essentially wanted to verify that for a given bit of input code (which happens to be a C++ header) I'd get a given bit of outputted code I wrote a small engine that reads test definitions from XML input files and generates test cases from these expectations. The problem is I dread going in to modify the code at all. That and the fact that the unit tests themselves are a: complex, and b: brittle. So I'm trying to think of alternative approaches to this problem, and it strikes me I'm perhaps tackling it the wrong way. Maybe I need to focus more on the outcome, IE: does the code I generate actually run and do what I want it to, rather than, does the code look the way I want it to. Has anyone got any experiences of something similar to this they would care to share?

    Read the article

  • Good mobile oriented GWT widget library alternatives

    - by Michael Donohue
    I've been developing a travel planning site - tripgrep.com - which is built on appengine, GWT and smartgwt, among other technologies. It is still early days, and the site is now working well on my development environment, which is either a windows or mac computer. However, I am frequently talking up the website to my friends when we are at a bar or other venue, so I am standing there while they try to access the site via an iPhone, Android or Blackberry - I've witnessed all three. It has been painfully obvious that the browser based frontend takes a long time to download on a mobile device. I am pretty sure this is because of the javascript download for SmartGWT. So, I would like to look at alternatives to SmartGWT. What I like about SmartGWT is that it has a reasonable look and feel out of the box - I don't need to learn any design or css and it has an office application look. This is considerably better than the GWT built-in widgets, which just get a blue border. The better look-and-feel is why I went with SmartGWT early on. However, the slow load times are killing me on these mobile demos. So now I want a fast loading widget alternative that has good look-and-feel out of the box. The features I care about are: tabs, good form layout, Google maps API integration, grid data viewing. If those are all available in a library that loads quickly on a mobile device, then that's the library I want.

    Read the article

  • Getting "" at the beginning of my XML File after save()

    - by Remy
    I'm opening an existing XML file with c# and I replace some nodes in there. All works fine. Just after I save it, I get the following characters at the beginning of the file:  (EF BB BF in HEX) The whole first line: <?xml version="1.0" encoding="UTF-8" standalone="yes"?> The rest of the file looks like a normal XML file. The simplified code is here: XmlDocument doc = new XmlDocument(); doc.Load(xmlSourceFile); XmlNode translation = doc.SelectSingleNode("//trans-unit[@id='127']"); translation.InnerText = "testing"; doc.Save(xmlTranslatedFile); I'm using a C# WinForm Application. With .NET 4.0. Any ideas? Why would it do that? Can we disable that somehow? It's for Adobe InCopy and it does not open it like this. UPDATE: Alternative Solution: Saving it with the XmlTextWriter works too: XmlTextWriter writer = new XmlTextWriter(inCopyFilename, null); doc.Save(writer);

    Read the article

  • Run a PHP script every second using CLI

    - by Saif Bechan
    Hello, I have a dedicated server running Cent OS with a Parallel PLESK panel. I need to run a php script every second, that updates my database. These is no alternative way timewise, i have checked every method, it needs to be updated every second. I can find my script using the url: http://www.mysite.com/phpfile.php?key=123, and this has to be executed every second. Does anyone have any knowledge at all on doing this, i can not seem to find the answer. I heard about doing it with CLI and putty, but i have no knowledge of this at all. Or can this be done using the PLESK Panel? And can the file be executed locally every second. Like \phpfile.php If someone helps me on answering these question i would really appreciate it. Regards EDIT It has been a few months since i added this question. I ended up using the following code: #!/user/bin/php $start = microtime(true); set_time_limit(60); for (i = 0; i < 59; ++$i) { doMyThings(); time_sleep_until($start + $i + 1); } Thank you for this code guys! My cronjob is set to every minute. I have been running this for some time now in a test environment, and this works out great. It works really supperfast, and i see no increase in CPU nor Memory usage.

    Read the article

< Previous Page | 191 192 193 194 195 196 197 198 199 200 201 202  | Next Page >