Search Results

Search found 10421 results on 417 pages for 'twitter username'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 196/417 | < Previous Page | 192 193 194 195 196 197 198 199 200 201 202 203  | Next Page >

  • How to Serialize to XML containing attributes in .NET?

    - by user292815
    I have that code: ... request data = new request(); data.username = formNick; xml = data.Serialize(); ... [System.Serializable] public class request { public string username; public string password; static XmlSerializer serializer = new XmlSerializer(typeof(request)); public string Serialize() { StringBuilder builder = new StringBuilder(); XmlWriterSettings settings = new XmlWriterSettings(); settings.OmitXmlDeclaration = true; settings.Encoding = Encoding.UTF8; serializer.Serialize( System.Xml.XmlWriter.Create(builder, settings ), this); return builder.ToString(); } public static request Deserialize(string serializedData) { return serializer.Deserialize(new StringReader(serializedData)) as request; } } I want to add attributes to some nodes and create some sub-nodes. Also how to parse xml like that: <answer> <player id="2"> <coordinate axis="x"></coordinate> <coordinate axis="y"></coordinate> <coordinate axis="z"></coordinate> <action name="nothing"></action> </player> <player id="3"> <coordinate axis="x"></coordinate> <coordinate axis="y"></coordinate> <coordinate axis="z"></coordinate> <action name="boom"> <1>1</1> <2>2</2> </action> </player> </answer> p.s. it is not a xml file, it's answer from http server.

    Read the article

  • Script to add user to MediaWiki

    - by Marquis Wang
    I'm trying to write a script that will create a user in MediaWiki, so that I can run a batch job to import a series of users. I'm using mediawiki-1.12.0. I got this code from a forum, but it doesn't look like it works with 1.12 (it's for 1.13) $name = 'Username'; #Username (MUST start with a capital letter) $pass = 'password'; #Password (plaintext, will be hashed later down) $email = 'email'; #Email (automatically gets confirmed after the creation process) $path = "/path/to/mediawiki"; putenv( "MW_INSTALL_PATH={$path}" ); require_once( "{$path}/includes/WebStart.php" ); $pass = User::crypt( $pass ); $user = User::createNew( $name, array( 'password' => $pass, 'email' => $email ) ); $user->confirmEmail(); $user->saveSettings(); $ssUpdate = new SiteStatsUpdate( 0, 0, 0, 0, 1 ); $ssUpdate->doUpdate(); Thanks!

    Read the article

  • Network Authentication when running exe from WMI

    - by Andy
    Hi, I have a C# exe that needs to be run using WMI and access a network share. However, when I access the share I get an UnauthorizedAccessException. If I run the exe directly the share is accessible. I am using the same user account in both cases. There are two parts to my application, a GUI client that runs on a local PC and a backend process that runs on a remote PC. When the client needs to connect to the backend it first launches the remote process using WMI (code reproduced below). The remote process does a number of things including accessing a network share using Directory.GetDirectories() and reports back to the client. When the remote process is launched automatically by the client using WMI, it cannot access the network share. However, if I connect to the remote machine using Remote Desktop and manually launch the backend process, access to the network share succeeds. The user specifed in the WMI call and the user logged in for the Remote Desktop session are the same, so the permissions should be the same, shouldn't they? I see in the MSDN entry for Directory.Exists() it states "The Exists method does not perform network authentication. If you query an existing network share without being pre-authenticated, the Exists method will return false." I assume this is related? How can I ensure the user is authenticated correctly in a WMI session? ConnectionOptions opts = new ConnectionOptions(); opts.Username = username; opts.Password = password; ManagementPath path = new ManagementPath(string.Format("\\\\{0}\\root\\cimv2:Win32_Process", remoteHost)); ManagementScope scope = new ManagementScope(path, opts); scope.Connect(); ObjectGetOptions getOpts = new ObjectGetOptions(); using (ManagementClass mngClass = new ManagementClass(scope, path, getOpts)) { ManagementBaseObject inParams = mngClass.GetMethodParameters("Create"); inParams["CommandLine"] = commandLine; ManagementBaseObject outParams = mngClass.InvokeMethod("Create", inParams, null); }

    Read the article

  • How to use function to connect to database and how to work with queries?

    - by Abhilash Shukla
    I am using functions to work with database.. Now the way i have defined the functions are as follows:- /** * Database definations */ define ('db_type', 'MYSQL'); define ('db_host', 'localhost'); define ('db_port', '3306'); define ('db_name', 'database'); define ('db_user', 'root'); define ('db_pass', 'password'); define ('db_table_prefix', ''); /** * Database Connect */ function db_connect($host = db_host, $port = db_port, $username = db_user, $password = db_pass, $database = db_name) { if(!$db = @mysql_connect($host.':'.$port, $username, $password)) { return FALSE; } if((strlen($database) > 0) AND (!@mysql_select_db($database, $db))) { return FALSE; } // set the correct charset encoding mysql_query('SET NAMES \'utf8\''); mysql_query('SET CHARACTER_SET \'utf8\''); return $db; } /** * Database Close */ function db_close($identifier) { return mysql_close($identifier); } /** * Database Query */ function db_query($query, $identifier) { return mysql_query($query, $identifier); } Now i want to know whether it is a good way to do this or not..... Also, while database connect i am using $host = db_host Is it ok? Secondly how i can use these functions, these all code is in my FUNCTIONS.php The Database Definitions and also the Database Connect... will it do the needful for me... Using these functions how will i be able to connect to database and using the query function... how will i able to execute a query? VERY IMPORTANT: How can i make mysql to mysqli, is it can be done by just adding an 'i' to mysql....Like:- @mysql_connect @mysqli_connect

    Read the article

  • how to read an arraylist from a txt file in java?

    - by lox
    how to read an arraylist from a txt file in java? my arraylist is the form of: public class Account { String username; String password; } i managed to put some "Accounts" in the a txt file, but now i don't know how to read them. this is how my arraylist look in the txt file: username1 password1 | username2 password2 | etc this is a part of the code i came up with, but it doesn't work. it looks logic to me though... :) . public static void RdAc(String args[]) { ArrayList<Account> peoplelist = new ArrayList<Account>(50); int i,i2,i3; String[] theword = null; try { FileReader fr = new FileReader("myfile.txt"); BufferedReader br = new BufferedReader(fr); String line = ""; while ((line = br.readLine()) != null) { String[] theline = line.split(" | "); for (i = 0; i < theline.length; i++) { theword = theline[i].split(" "); } for(i3=0;i3<theline.length;i3++) { Account people = new Account(); for (i2 = 0; i2 < theword.length; i2++) { people.username = theword[i2]; people.password = theword[i2+1]; peoplelist.add(people); } } } } catch (IOException ex) { System.out.println("Could not read from file"); } }

    Read the article

  • Java login form with database connection

    - by Muhammed Yoosuf
    I am creating a login form in java by having a database connection, and I need 2 open DIFFERENT forms for each user. However, all of the three forms open except for one. The forms I have are, MAinWindow Nursery Primary Secondary ALL THE FORMS OPEN except for the nursery form, when I enter the correct username it displays the Primary form. ANY HELP SOON char[] DBUserArray; DBUserArray=name.toCharArray(); char [] DBPassArray; DBPassArray=pass.toCharArray(); char AdminArray []=AdminUser.toCharArray(); char NurArray []=NurHead.toCharArray(); char[] PriArray =PriHead.toCharArray(); char[] SecArray=SecHead.toCharArray(); char[] input = txtpassword.getPassword(); String user=txtusername.getText(); char [] userString; userString=user.toCharArray(); if(userString.length!=DBUserArray.length && input.length!=DBPassArray.length) { JOptionPane.showMessageDialog(null, "Username and Password Wrong","User Login",JOptionPane.ERROR_MESSAGE); } else { if(userString.length!=AdminArray.length) { if(userString.length!=PriArray.length) { if(userString.length!=NurArray.length) { if(userString.length!=SecArray.length) { } else { new Secondary().setVisible(true); setVisible(false); } } else { new Nursery().setVisible(true); setVisible(false); } } else { new Primary().setVisible(true); setVisible(false); } } else { new MainWindow().setVisible(true); setVisible(false); } }

    Read the article

  • Proper use of HttpRequestInterceptor and CredentialsProvider in doing preemptive authentication with

    - by Preston
    I'm writing an application in Android that consumes some REST services I've created. These web services aren't issuing a standard Apache Basic challenge / response. Instead in the server-side code I'm wanting to interrogate the username and password from the HTTP(S) request and compare it against a database user to make sure they can run that service. I'm using HttpClient to do this and I have the credentials stored on the client after the initial login (at least that's how I see this working). So here is where I'm stuck. Preemptive authenticate under HttpClient requires you to setup an interceptor as a static member. This is the example Apache Components uses. HttpRequestInterceptor preemptiveAuth = new HttpRequestInterceptor() { @Override public void process( final HttpRequest request, final HttpContext context) throws HttpException, IOException { AuthState authState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE); CredentialsProvider credsProvider = (CredentialsProvider) context.getAttribute( ClientContext.CREDS_PROVIDER); HttpHost targetHost = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST); if (authState.getAuthScheme() == null) { AuthScope authScope = new AuthScope(targetHost.getHostName(), targetHost.getPort()); Credentials creds = credsProvider.getCredentials(authScope); if (creds != null) { authState.setAuthScheme(new BasicScheme()); authState.setCredentials(creds); } } } }; So the question would be this. What would the proper use of this be? Would I spin this up as part of the application when the application starts? Pulling the username and password out of memory and then using them to create this CredentialsProvider which is then utilized by the HttpRequestInterceptor? Or is there a way to do this more dynamically?

    Read the article

  • ASP.NET MVC: Returning a view with querystring intact

    - by ajbeaven
    I'm creating a messaging web app in ASP.NET and are having some problems when displaying an error message to the user if they go to send a message and there is something wrong. A user can look through profiles of people and then click, 'send a message'. The following action is called (url is /message/create?to=username) and shows them a page where they can enter their message and send it: public ActionResult Create(string to) { ViewData["recipientUsername"] = to; return View(); } On the page that is displayed, the username is entered in to a hidden input field. When the user clicks 'send': [AcceptVerbs(HttpVerbs.Post)] public ActionResult Create(FormCollection collection, string message) { try { //do message stuff that errors out } catch { ModelState.AddModelErrors(message.GetRuleViolations()); //adding errors to modelstate } return View(); } So now the error message is displayed to the user fine, however the url is changed in that it no longer has the querystring (/message/create). Again, this would be fine except that when the user clicks the refresh button, the page errors out as the Create action no longer has the 'to' parameter. So I'm guessing that I need to maintain my querystring somehow. Is there any way to do this or do I need to use a different method altogether?

    Read the article

  • Three20 TTSectionedDataSource row height

    - by Ward
    Hey there, I'm using Three20 to create a table with several textfields for user registration. I've found two possible methods using Three20. The first uses the TTSectionedDataSource's tableDidLoadModel method to manually add UI components and the second adds custom items that contains pre formatted UI components. The second option seems way more complex and I'm having a difficult time accessing the individual fields. So if one field is a textfield for the username, I need to access the field to submit the username and it doesn't seem like there's an easy answer. The first option gives me a lot of flexibility, but I can't figure out how to set the individual row heights. One row may have a label above a text field, another may have an image, etc. Is there a method that can be used in TTSectionedDataSource that will allow me to set the height for each row? Thus far, I'm using method one and creating UIViews to hold a label field and a text field. I've tried changing the frame of the uiview before it is added to the items array, but it has no affect. Any ideas?

    Read the article

  • Discussion - Allowing / blocking user access to pages (Client Side Only!) - Javascript / Jquery

    - by Ozaki
    TLDR Using plain HTML / Javascript (Client Side) I want to prevent viewing of certain pages. The user will have to type a username and password and depending on that they get access to different pages. Answers can NOT include server side whatsoever It does not matter if they can break it easily. There is no sensitive information etc. Also the target audience will not have access to internet OR probably know what a cookie is... At some point the user will have to type username / password.(I can define the cookie here) Currently I thought of using cookies to set a cookie for each page to say "true" / "false" but that would get messy with so many cookies. Or setting an array within a cookie for each page? I have div field "#Content" which as it looks encompasses all of my content on the page so blocking out content will be as simple as replacing it with ("sorry you don't have access") etc. For Example: $.cookie("Access","page1, page2, page3"{ expires: 1 }); I am looking for anyway to do this does not have to be with cookies. Would be nice to get a discussion of different ways this can be done. So the question is: What do YOU think would be a good way to go about doing this with client side validation?

    Read the article

  • How to write custom (odd) authentication plugins for Wordpress, Joomla and MediaWiki?

    - by Bart van Heukelom
    On our network (a group of related websites - not a LAN) we have a common authentication system which works like this: On a network site ("consumer") the user clicks on a login link This redirects the user to a login page on our auth system ("RAS"). Upon successful login the user is directed back to the consumer site. Extra data is passed in the query string. This extra data does not include any information about the user yet. The consumer site's backend contacts RAS, with this extra data, to get the information about the logged in user (id, name, email, preferences, etc.). So as you can see, the consumer site knows nothing about the authentication method. It doesn't know if it's by username/password, fingerprint, smartcard, or winning a game of poker. This is the main problem I'm encountering when trying to find out how I could write custom authentication plugins for these packages, acting as consumer sites: Wordpress Joomla MediaWiki For example Joomla offers a pretty simple auth plugin system, but it depends on a username/password entered on the Joomla site. Any hints on where to start?

    Read the article

  • Entity Framework Duplicate type name within an assembly (6.1.0)

    - by CodeMilian
    I am not sure what is going on but I keep getting the following exception when doing a query. "Duplicate type name within an assembly." I have not been able to find a solution on the web. I had resolved the issue by removing entity framework from all the projects in the solutions and re-installing using nugget. Then all of the sudden the exception is back. I have verified my table schema over and over and find nothing wrong with. This is the query causing the exception. var BaseQuery = from Users in db.Users join UserInstalls in db.UserTenantInstalls on Users.ID equals UserInstalls.UserID join Installs in db.TenantInstalls on UserInstalls.TenantInstallID equals Installs.ID where Users.Username == Username && Users.Password == Password && Installs.Name == Install select Users; var Query = BaseQuery.Include("UserTenantInstalls.TenantInstall"); return Query.FirstOrDefault(); As I mentioned previously the same query was working before. The data has not changed and the code has not changed.

    Read the article

  • gried view problem asp.net

    - by kenom
    Why i get this error: The data types text and nvarchar are incompatible in the equal to operator. The field of "username" in database is text type... This is my soruce: <%@ Control Language="C#" AutoEventWireup="true" CodeFile="my_answers.ascx.cs" Inherits="kontrole_login_my_answers" %> <div style=" margin-top:-1280px; float:left;"> <p></p> <div id="question"> Add question </div> </div> <asp:GridView ID="GridView1" runat="server" DataSourceID="SqlDataSource1" > </asp:GridView> <asp:SqlDataSource ID="SqlDataSource1" runat="server" ConnectionString="<%$ ConnectionStrings:estudent_piooConnectionString %>" SelectCommand="SELECT * FROM [question] WHERE ([username] = @fafa)"> <SelectParameters> <asp:QueryStringParameter Name="fafa" QueryStringField="user" Type="String"/> </SelectParameters> </asp:SqlDataSource>

    Read the article

  • Finds in Rails 3 and ActiveRelation

    - by TheDelChop
    Guys, I'm trying to understand the new arel engine in Rails 3 and I've got a question. I've got two models, User and Task class User < ActiveRecord::Base has_many :tasks end class Task < ActiveRecord::Base belongs_to :user end here is my routes to imply the relation: resources :users do resources :tasks end and here is my Tasks controller: class TasksController < ApplicationController before_filter :load_user def new @task = @user.tasks.new end private def load_user @user = User.where(:id => params[:user_id]) end end Problem is, I get the following error when I try to invoke the new action: NoMethodError: undefined method `tasks' for #<ActiveRecord::Relation:0x3dc2488> I am sure my problem is with the new arel engine, does anybody understand what I'm doing wrong? Sorry guys, here is my schema.db file: ActiveRecord::Schema.define(:version => 20100525021007) do create_table "tasks", :force => true do |t| t.string "name" t.integer "estimated_time" t.datetime "created_at" t.datetime "updated_at" t.integer "user_id" end create_table "users", :force => true do |t| t.string "email", :default => "", :null => false t.string "encrypted_password", :limit => 128, :default => "", :null => false t.string "password_salt", :default => "", :null => false t.string "reset_password_token" t.string "remember_token" t.datetime "remember_created_at" t.integer "sign_in_count", :default => 0 t.datetime "current_sign_in_at" t.datetime "last_sign_in_at" t.string "current_sign_in_ip" t.string "last_sign_in_ip" t.datetime "created_at" t.datetime "updated_at" t.string "username" end add_index "users", ["email"], :name => "index_users_on_email", :unique => true add_index "users", ["reset_password_token"], :name => "index_users_on_reset_password_token", :unique => true add_index "users", ["username"], :name => "index_users_on_username", :unique => true end Thank you, Joe

    Read the article

  • Voting on Hacker News stories programmatically?

    - by igorgue
    I decided to write an app like: http://michaelgrinich.com/hackernews/ but for Android devices, my idea will use a web application backend (because I rather code in Python and for the web than completely in Java for Android devices). What I have right now implemented is something like this: $ curl -i http://localhost:8080/stories.json?page=1\&stories=1 HTTP/1.0 200 OK Date: Sun, 25 Apr 2010 07:59:37 GMT Server: WSGIServer/0.1 Python/2.6.5 Content-Length: 296 Content-Type: application/json [{"title": "Don\u2019t talk to aliens, warns Stephen Hawking", "url": "http://www.timesonline.co.uk/tol/news/science/space/article7107207.ece?", "unix_time": 1272175177, "comments": 15, "score": 38, "user": "chaostheory", "position": 1, "human_time": "Sun Apr 25 01:59:37 2010", "id": "1292241"}] The next step (and final I think) is voting, my design is doing something like this: $ curl -i http://localhost:8080/stories/1?vote=up -u username:password Will vote up and: $ curl -i http://localhost:8080/stories/1?vote=down -u username:password Down. I have no idea how to do it though... I was planning to use Twill but the login link is always different, e.g.: http://news.ycombinator.com/x?fnid=7u89ccHKln Later the Android app will consume this API. Any experience with programmatically browsing Hacker News?

    Read the article

  • How to process AJAX requests more securely in PHP?

    - by animuson
    Ok, so I want to send AJAX requests to my website from my Flash games to process data, but I don't want people downloading them, decompiling them, then sending fake requests to be processed, so I'm trying to figure out the most secure way to process in the PHP files. My first idea was to use Apache's built in Authorization module to require a username and password to access the pages on a separate subdomain of my website, but then you'd have to include that username and password in the AJAX request anyway so that seems kind of pointless to even try. My current option looks pretty promising but I want to make sure it will work. Basically it just checks the IP address being sent using REMOTE_ADDR to make sure it's the IP address that my server runs on. <? $allowed = new Array("64.120.211.89", "64.120.211.90"); if (!in_array($_SERVER['REMOTE_ADDR'], $allowed)) header("HTTP/1.1 403 Forbidden"); ?> Both of those IP addresses point to my server. Things I'm worried about: 1) If I send a request from Flash/ActionScript, will that affect the IP address in any way? 2) Is it possible for malicious users to change the IP address that is being sent with REMOTE_ADDR to one of my IP addresses? Any other ways you would suggest that might be more secure?

    Read the article

  • PHP / Zend Framework: Force prepend table name to column name in result array?

    - by Brian Lacy
    I am using Zend_Db_Select currently to retrieve hierarchical data from several joined tables. I need to be able to convert this easily into an array. Short of using a switch statement and listing out all the columns individually in order to sort the data, my thought was that if I could get the table names auto-prepended to the keys in the result array, that would solve my problem. So considering the following (assembled) SQL: SELECT user.*, contact.* FROM user INNER JOIN contact ON contact.user_id = user.user_id I would normally get a result array like this: [username] => 'bob', [contact_id] => 5, [user_id] => 2, [firstname] => 'bob', [lastname] => 'larsen' But instead I want this: [user.user_id] => 2, [user.username] => 'bob', [contact.contact_id] => 5, [contact.firstname] => 'bob', [contact.lastname] => 'larsen' Does anyone have an idea how to achieve this? Thanks!

    Read the article

  • Zend Framework: Zend_DB Error

    - by Sergio E.
    I'm trying to learn ZF, but got strange error after 20 minutes :) Fatal error: Uncaught exception 'Zend_Db_Adapter_Exception' with message 'Configuration array must have a key for 'dbname' that names the database instance' What does this error mean? I got DB information in my config file: resources.db.adapter=pdo_mysql resources.db.host=localhost resources.db.username=name resources.db.password=pass resources.db.dbname=name Any suggestions? EDIT: This is my model file /app/models/DbTable/Bands.php: class Model_DbTable_Bands extends Zend_Db_Table_Abstract { protected $_name = 'zend_bands'; } Index controller action: public function indexAction() { $albums = new Model_DbTable_Bands(); $this->view->albums = $albums->fetchAll(); } EDIT All codes: bootstrap.php protected function _initAutoload() { $autoloader = new Zend_Application_Module_Autoloader(array( 'namespace' => '', 'basePath' => dirname(__FILE__), )); return $autoloader; } protected function _initDoctype() { $this->bootstrap('view'); $view = $this->getResource('view'); $view->doctype('XHTML1_STRICT'); } public static function setupDatabase() { $config = self::$registry->configuration; $db = Zend_Db::factory($config->db); $db->query("SET NAMES 'utf8'"); self::$registry->database = $db; Zend_Db_Table::setDefaultAdapter($db); Zend_Db_Table_Abstract::setDefaultAdapter($db); } IndexController.php class IndexController extends Zend_Controller_Action { public function init() { /* Initialize action controller here */ } public function indexAction() { $albums = new Model_DbTable_Bands(); $this->view->albums = $albums->fetchAll(); } } configs/application.ini, changed database and provided password: [development : production] phpSettings.display_startup_errors = 1 phpSettings.display_errors = 1 db.adapter = PDO_MYSQL db.params.host = localhost db.params.username = root db.params.password = pedro db.params.dbname = test models/DbTable/Bands.php class Model_DbTable_Bands extends Zend_Db_Table_Abstract { protected $_name = 'cakephp_bands'; public function getAlbum($id) { $id = (int)$id; $row = $this->fetchRow('id = ' . $id); if (!$row) { throw new Exception("Count not find row $id"); } return $row->toArray(); } }

    Read the article

  • MVC 2 - Name Attributes on HTML Input Field when using Parent/Child Entities

    - by Click Ahead
    Hi All, I'm pretty new to MVC 2 using the Entity Framework. I have two tables Company {ID int identity PK,Name nvarchar} and User {ID int identity PK,UserName nvarchar,CompanyID int FK}. A Foreign Key exists between User and Company. I generated my ADO.NET Entity Data Model, a Controller and a view to insert a record. My HTML form has the fields Company and UserName and the idea is when I click save a Company and User is inserted into the database. Sounds straight forward right! My question is as follows: I created a strongly-typed view derived from my 'User' entity. I'm using the the html helper Html.TextBoxFor(model = model.Organisation.Name) but the html name attribute for this input field is 'Organisation.Name'. My problem with this is that the dot throws up all sorts of issues in JQuery, which sees this as a property. If I want to change the name I read that I can use DataAnnotations but because I used the Entity Designer this involves using Buddy Classes. Seems like a bit of overkill just to change the html name attribute on this input field. Am I approaching this the right way or am I missing something here? Thanks for the help !

    Read the article

  • Is there a way to get number of connections in Signalr hub group?

    - by pajo
    Here is my problem, I want to track if user is online or offline and notify other clients about it. I'm using hubs and implemented both IConnected and IDisconnect interfaces. My idea was to send notification to all clients when hub detects connect or disconnect. By default when user refreshes page he will get new connection id and eventually previous connection will call disconnect notifying other clients user is offline even though he's actually online. I tired to use my own ConnectionIdFactory returning username for connection id but with multiple tabs opened at some point it will detect user connectionid disconnected and after that client side hub will try to unsuccessfully connect to the hub in endless loop wasting memory and cpu making browser almost unusable. I needed to fix it fast so I removed my factory and now I add every new connection to the group using username, so I can easily notify single user on all connections, but then I have problem of detecting if user is online or offline as I don't know how many active connection user is having. So I'm wondering is there a way to get number of connections in one group? Or if anybody has some better idea how to track when user goes offline? I'm using Signalr 0.4

    Read the article

  • Password hashing, salt and storage of hashed values

    - by Jonathan Leffler
    Suppose you were at liberty to decide how hashed passwords were to be stored in a DBMS. Are there obvious weaknesses in a scheme like this one? To create the hash value stored in the DBMS, take: A value that is unique to the DBMS server instance as part of the salt, And the username as a second part of the salt, And create the concatenation of the salt with the actual password, And hash the whole string using the SHA-256 algorithm, And store the result in the DBMS. This would mean that anyone wanting to come up with a collision should have to do the work separately for each user name and each DBMS server instance separately. I'd plan to keep the actual hash mechanism somewhat flexible to allow for the use of the new NIST standard hash algorithm (SHA-3) that is still being worked on. The 'value that is unique to the DBMS server instance' need not be secret - though it wouldn't be divulged casually. The intention is to ensure that if someone uses the same password in different DBMS server instances, the recorded hashes would be different. Likewise, the user name would not be secret - just the password proper. Would there be any advantage to having the password first and the user name and 'unique value' second, or any other permutation of the three sources of data? Or what about interleaving the strings? Do I need to add (and record) a random salt value (per password) as well as the information above? (Advantage: the user can re-use a password and still, probably, get a different hash recorded in the database. Disadvantage: the salt has to be recorded. I suspect the advantage considerably outweighs the disadvantage.) There are quite a lot of related SO questions - this list is unlikely to be comprehensive: Encrypting/Hashing plain text passwords in database Secure hash and salt for PHP passwords The necessity of hiding the salt for a hash Clients-side MD5 hash with time salt Simple password encryption Salt generation and Open Source software I think that the answers to these questions support my algorithm (though if you simply use a random salt, then the 'unique value per server' and username components are less important).

    Read the article

  • MySQL DDL error creating tables

    - by Alexandstein
    I am attempting to create tables for a MySQL database, but I am having some syntactical issues. It would seem that syntax checking is behaving differently between tables for some reason. While I've gotten all the other tables to go through, the table, 'stock' doesn't seem to be working, despite seeming to use the same syntax patterns. CREATE TABLE users ( user_id SMALLINT UNSIGNED NOT NULL AUTO_INCREMENT, username VARCHAR(30) NOT NULL, password CHAR(41) NOT NULL, date_joined DATETIME NOT NULL, funds DOUBLE UNSIGNED NOT NULL, PRIMARY KEY(user_id), UNIQUE KEY(username) ); CREATE TABLE owned_stocks ( id SMALLINT UNSIGNED NOT NULL AUTO_INCREMENT, user_id SMALLINT UNSIGNED NOT NULL, paid_price DOUBLE UNSIGNED NOT NULL, quantity MEDIUMINT UNSIGNED NOT NULL, purchase_date DATETIME NOT NULL, PRIMARY KEY(id) ); CREATE TABLE tracking_stocks ( ticker VARCHAR(5) NOT NULL, user_id SMALLINT UNSIGNED NOT NULL, PRIMARY KEY(ticker) ); CREATE TABLE stocks ( ticker VARCHAR(5) NOT NULL, last DOUBLE UNSIGNED NOT NULL, high DOUBLE UNSIGNED NOT NULL, low DOUBLE UNSIGNED NOT NULL, company_name VARCHAR(30) NOT NULL, last_updated INT UNSIGNED NOT NULL, change DOUBLE NOT NULL, percent_change DOUBLE NOT NULL, PRIMARY KEY(ticker) ); Am I just missing a really obvious syntactical issue? ERROR: #1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'change DOUBLE NOT NULL, percent_change DOUBLE NOT NULL, last DOUBLE' at line 4

    Read the article

  • Fun with "The remote server returned an error: NotFound" - Silverlight4 Out of Browser

    - by Scott Silvi
    Hey all - I'm running SL4 on VS2010. I've got an app that authenticates via a web service to SPROC in my db. Unfortunately this is not WCF/WCF RIA, as I'm inheriting the DB/services from my client. This works perfectly inside of a browser. I'm attempting to move this OOB, and it's at this point that my authentication fails. Here's the steps I took... 1) SL App Properties Enable running app Out of Browser 2) SL App Properties Out of Browser Settings Require elevated trust when running OOB If i set a breakpoint on my logon button click, I see the service call is being made. However, if I step through it (or set a breakpoint on the actual logon web service), the code never gets that far. Here's the block it fails on: public LogonSVC.LogonResponse EndLogon(System.IAsyncResult result) { object[] _args = new object[0]; LogonSVC.LogonResponse _result = ((LogonSVC.LogonResponse)(base.EndInvoke("Logon", _args, result))); return _result; } I know using Elevated Trust means the crossdomain.xml isn't necessary. I dropped one in that allows everything, just to test, and that still fails. here's the code that calls the service: private void loginButton_Click(object sender, RoutedEventArgs e) { string Username = txtUserName.Text; string Password = txtPassword.Password; Uri iSilverlightServiceUriRelative = new Uri(App.Current.Host.Source, "../Services/Logon.asmx"); EndpointAddress iSilverlightServiceEndpoint = new EndpointAddress(iSilverlightServiceUriRelative); BasicHttpBinding iSilverlightServiceBinding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);// Transport if it's HTTPS:// LogonService = new LogonSVC.LogonSoapClient(iSilverlightServiceBinding, iSilverlightServiceEndpoint); LogonService.LogonCompleted += new EventHandler<LogonSVC.LogonCompletedEventArgs>(LogonService_LogonCompleted); LogonService.LogonAsync(Username, Password); } My LogonService_LogonCompleted doesn't fire either (which makes sense, just a heads up). I don't know how to fiddler this, as this is running OOB with the site served via localhost/IIS. I know this works though in browser, so I'm curious what would break it OOB. Thank you, Scott

    Read the article

  • Import-Pssession is not importing cmdlets when used in a custom module

    - by Douglas Plumley
    I have a PowerShell script/function that works great when I use it in my PowerShell profile or manually copy/paste the function in the PowerShell window. I'm trying to make the function accessible to other members of my team as a module. I want to have the module stored in a central place so we can all add it to our PSModulePath. Here is a copy of the basic function: Function Connect-O365{ $o365cred = Get-Credential [email protected] $session365 = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $o365cred -Authentication Basic -AllowRedirection Import-PSSession $session365 -AllowClobber } If I save this function in my PowerShell profile it works fine. I can dot source a *.ps1 script with this function in it and it works as well. The issue is when I save the function as a *.psm1 PowerShell script module. The function runs fine but none of the exported commands from the Import-PSSession are available. I think this may have something to do with the module scope. I'm looking for suggestions on how to get around this. EDIT When I create the following module and run Connect-O365 the imported cmdlets will not be available. $scriptblock = { Function Connect-O365{ $o365cred = Get-Credential [email protected] $session365 = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "https://ps.outlook.com/powershell/" -Credential $o365cred -Authentication Basic -AllowRedirection Import-PSSession $session365 -AllowClobber } } New-Module -Name "Office 365" -ScriptBlock $scriptblock When I import the next module without the Connect-O365 function the imported cmdlets are available. $scriptblock = { $o365cred = Get-Credential [email protected] $session365 = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "https://ps.outlook.com/powershell/" -Credential $o365cred -Authentication Basic -AllowRedirection Import-PSSession $session365 -AllowClobber } New-Module -Name "Office 365" -ScriptBlock $scriptblock This appears to be a scope issue of some sort, just not sure how to get around it.

    Read the article

  • Is this the right way to organize my database tables?

    - by Moss
    So I'm making a website that allows users to build contact lists. So their are users, the users have lists, and the lists have contacts. It seems to me that I need 3 tables for this but I just want to make sure. There would be a User table of course, and then a "List of Lists" table that has the username, and listname, as primary key along with whatever other info we want to attach to the lists as a whole. Finally, for lack of a better word, the List table which would again have the username/listname p.k., then the contact ID and notes and such that the user attaches to that contact on that specific list. I hope that is a clear explanation. For some reason I feel unsure about this arrangement. For one thing if the website becomes popular the List table could swell to billions of rows. And it also feels a little weird that everybody's list info is all jumbled up in the same table. I suppose I could create separate tables for each user and even for each list but that seems like a bad idea for other reasons. My db explanation assumes I can use foreign keys on my tables which at the moment isn't actually an option. If I can't get InnoDB tables enabled I will probably use ID's for the lists instead of depending on a compound key. Maybe I should do this anyway?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 192 193 194 195 196 197 198 199 200 201 202 203  | Next Page >