Search Results

Search found 24214 results on 969 pages for 'login screen'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 197/969 | < Previous Page | 193 194 195 196 197 198 199 200 201 202 203 204  | Next Page >

  • OMG. Is Webmin safe? I can see file codes in Chrome browser without login

    - by Arwana
    When Im in File Manager of Webmin, I can double click and see the codes of the files in new tab in Firefox with its specific URL. But when I remove ?rand=xxxx... after the file.php and paste the URL in Chrome browser, I still can see the codes. This is the URL I just pasted in the Chrome browser http://xxx.xxx.xxx.xxx:10000/file/show.cgi/var/www/html/mysite.com/files/file.php And then, I logout of webmin, and I change the file.php with other file, I can see the codes. OMG. Is Webmin safe? and how to secure this?

    Read the article

  • ssh initial prompt hangs for 10 minutes but console login and initial prompt is very responsive - why?

    - by rfreytag
    I have been running an ESXi 4.0 server for months with a couple of WinServer2003 and several Ubuntu Server 10.4 VMs. The performance has been impressive on 6GB i7 Asus P6T hardware. Suddenly, a week ago, ssh logins to the Ubuntu VMs take 10 minutes when connecting over the LAN (over a WAN the connection (pipe) is broken long before that). When logging in to these VMs the password prompt arrives immediately, and failed passwords are responded to immediately. But the moment I log in then the shell prompt appears and I hang for many minutes. Sometimes the connection hangs before the shell prompt appears and sometimes I can type in a command but the moment I hit return the machine hangs. 10 full minute later control returns and the VM is responsive. NOTE: there are several Ubuntu VMs on the same host machine that are identical in all ways that I can tell. However, only one of the VMs displays this behavior. That is why I mention the ESXi host in passing - I don't think it has anything to do with the problem. This behavior is never seen when I connect with the troubled-VM's console (through vSphere Client). From the console the Ubuntu VMs all respond beautifully. I have seen: http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=1003496&sliceId=1&docTypeID=DT_KB_1_1&dialogID=229586372&stateId=1%200%20229588522 ...and since that relates to delays in seeing the password prompt that does not appear to be the solution here. Any other suggestions very welcome - thank you.

    Read the article

  • Is running multiple databases on login going to make my Mac really slow?

    - by Walrus the Cat
    Sometime ago, I installed Postgres, and the Launch agent that causes it to run when I log in. Just now, I did the same thing for Mongo. I was just about to do it for Couch. I don't remember if I ever did it for MySQL, but I probably did. Mongo and Couch are just 'when I have time to look into it' sort of things, but I don't want to have to remember to start them when I do. I have a 2.4 Ghz processor and 8 GB ram. Is this sort of behavior going to significantly impact my computer's performance? Should I be scrambling to uninstall all but the database I'm currently using, or can I install all the things and run them all the time? Thanks

    Read the article

  • How can I get the current OU with a PowerShell login script?

    - by Frans
    I am setting up a Terminal Server 2008 which will be used by different client organisations, each with multiple individual user accounts. I would like each client organisation to have a drive mapped to \server\clients\ Their OU name is also their client name, so I would like to be able to find their current OU and then use it for the mapping command. The OUs are hierarchicals, so it is the bottom-most OU name I need. Example OU: Dedicated Clients\AjaxCorp Should get a drive mapped to \\server1\shares\AjaxCorp Any suggestions on how I can get the OU? I am sure it must be easy, I just haven't figured it out... I did find information about how to do this with VB script, but as it is a whole new environment I thought it would be nice to use PowerShell instead.

    Read the article

  • SQL 2008. I have user in a db which has no login on the server. How is it possible?

    - by Boppity Bop
    I am talking about windows authentication. I dont have access to the server adming rights but a dbadmin sent me screenshot where my user is not in the logins of the server. and also there is only one windows group called admin - databases which I am 100% sure my guy cannot be part of it. BUT... his username is in users of my db... How come user can appear in a db not having login on the server? P.S. in the logs it prints: Login failed for user 'xxxx'. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors

    Read the article

  • Need an FTP Client to run on a server and allow scheduling and not need a login to run

    - by William Todd Salzman
    I am looking at FTP clients to transfer from an external FTP Server. I need to place this FTP client on a server in the DMZ that will not be routinely logged in, so the client needs to run as a service or something like that? I need the client to be able to retrieve files from the server on a schedule (Tuesday Mornings) and drop them in a local directory for pickup by another process. I would also like the solution to be capable of performing sftp transfers. Most marketing material is geared towards the person who will be running this on their desktop, not on a server, so several of my points are never in the product specs. update DMZ can run either Windows versions or Linux versions * end update *

    Read the article

  • Ok, i know i messed things up pretty bad..... virtualmin sub domain user taken over root login

    - by Collins Areba
    ok, here is the scenario, i was playing around the import wizard and imported a subdomain i had created on a linode and now im having trouble cause the user i assigned to the subdomain is root. Now when i log into webmin / usermin / virtualmin with my root credentials, i end up administering a sub domain instead of working on the webmin root console. Is there a way of a) deleting the virtualhost completely from usermin using ssh? b) rectifying this ..

    Read the article

  • Is disabling password login for SSH the same as deleting the password for all users?

    - by Arsham Skrenes
    I have a cloud server with only a root user. I SSH to it using RSA keys only. To make it more secure, I wanted to disable the password feature. I know that this can be done by editing the /etc/ssh/sshd_config file and changing PermitRootLogin yes to PermitRootLogin without-password. I was wondering if simply deleting the root password via passwd -d root would be the equivalent (assuming I do not create more users or new users have their passwords deleted too). Are there any security issues with one approach verses the other?

    Read the article

  • IIS asks for login/pass when accessed using hostname but not when ‘localhost’ is used. Why?

    - by sb
    Hi All, I have setup IIS on my xp machine and have setup a default homepage (that comes with the IIS installed). It is a help page I think. when I access the page with http : // localhost it works fine (IE/Chrome or FF) but when I access it using http://hostname it prompts for a loging/password and works when I enter my domain id and password on the intranet. I have ensured that "anonymous access" is enabled in the properties window of the default site and "websites" node. I searched stack overflow for similar queries but some indicate I need to change the IE/FF settings to allow "integrated security" etc and some suggest to look at the "log file". I don't want to change the IE setting and there is nothing unusual in the log file of the IIS Server. Can anybody help me figure out why this is happening? thank you sb

    Read the article

  • Possible? OpenVPN server requiring both certificate- AND password-based login (via Tomato router firmware)

    - by Eric
    I've been using Shibby's build of Tomato (64k NVRAM version) on my Asus N66U router in order to run an OpenVPN server. I'm curious whether it's possible to setup this OpenVPN server to require both a certificate AND a username/password before a user is allowed access. I noticed there's a "challenge password" entry when filling out the certificate details, but everyone says to leave it blank "or else"; I have no idea why, and I can't find an explanation. In addition, I've Google'd this issue a bunch and have noticed people talking about a PAM module for OpenVPN in order to authenticate via username/password, but that appeared to be an either/or option; in other words, I can force authentication via username/password OR certificate. I want to require both. Is this possible? If so, how?

    Read the article

  • Securing ASP.Net Pages - Forms Authentication - C# and .Net 4

    - by SAMIR BHOGAYTA
    ASP.Net has a built-in feature named Forms Authentication that allows a developer to easily secure certain areas of a web site. In this post I'm going to build a simple authentication sample using C# and ASP.Net 4.0 (still in beta as of the posting date). Security settings with ASP.Net is configured from within the web.config file. This is a standard ASCII file, with an XML format, that is located in the root of your web application. Here is a sample web.config file: configuration system.web authenticationmode="Forms" formsname="TestAuthCookie"loginUrl="login.aspx"timeout="30" credentialspasswordFormat="Clear" username="user1"password="pass1"/ username="user2"password="pass2"/ authorization denyusers="?"/ compilationtargetFramework="4.0"/ pagescontrolRenderingCompatibilityVersion="3.5"clientIDMode="AutoID"/ Here is the complete source of the sample login.aspx page: div Username: asp:TextBox ID="txtUsername" runat="server":TextBox Password: asp:TextBox ID="txtPassword" runat="server":TextBox asp:Button ID="Button1" runat="server" onclick="Button1_Click" Text="Login" / asp:Label ID="lblStatus" runat="server" Text="Please login":Label /div And here is the complete source of the login.aspx.cs file: using System; using System.Web.UI.WebControls; using System.Web.Security; public partial class Default3 : System.Web.UI.Page { protected void Button1_Click(object sender, EventArgs e) { if (FormsAuthentication.Authenticate(txtUsername.Text, txtPassword.Text)) { lblStatus.Text = ("Welcome " + txtUsername.Text); FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, true); } else { lblStatus.Text = "Invalid login!"; } } }

    Read the article

  • Restrict SSL access for some paths on a apache2 server

    - by valmar
    I wanted to allow access to www.mydomain.com/login through ssl only. E.g.: Whenever someone accessed http://www.mydomain.com/login, I wanted him to be redirect to https://www.mydomain.com/login so it's impossible for him/her to access that site without SSL. I accomplished this by adding the following lines to the virtual host for www.mydomain.com on port 80 in /etc/apache2/sites-available/default: RewriteEngine on RewriteCond %{SERVER_PORT} ^80$ RewriteRule ^/login(.*)$ https://%{SERVER_NAME}/login$1 [L,R] RewriteLog "/var/log/apache2/rewrite.log" Now, I want to restrict using SSL for www.mydomain.com. That means, whenever someone accessed https://www.mydomain.com, I want him to be redirected to http://www.mydomain.com (for performance reasons). I tried this by adding the following lines to the virtual host of www.mydomain.com on port 443 in /etc/apache2/sites-available/default-ssl: RewriteEngine on RewriteCond %{SERVER_PORT} ^443$ RewriteRule ^/(.*)$ http://%{SERVER_NAME}/$1 [L,R] RewriteLog "/var/log/apache2/rewrite.log" But when I now try to access www.mydomain.com/login, I get an error message that the server has caused to many redirects. That does make sense. Obviously, the two RewriteRules are playing ping-pong against each other. How could I work around this?

    Read the article

  • DENY select on sys.dm_db_index_physical_stats

    - by steveh99999
    Technorati Tags: security,DMV,permission,sys.dm_db_index_physical_stats I recently saw an interesting blog article by Paul Randal about the performance overhead of querying the sys.dm_db_index_physical_stats. So I was thinking, would it be possible to let non-sysadmin users query DMVs on a SQL server but stop them querying this I/O intensive DMV ? Yes it is, here’s how… 1. Create a new login for test purposes, with permissions to access AdventureWorks database only … CREATE LOGIN [test] WITH PASSWORD='xxxx', DEFAULT_DATABASE=[AdventureWorks] GO USE [AdventureWorks] GO CREATE USER [test] FOR LOGIN [test] WITH DEFAULT_SCHEMA=[dbo] GO 2.login as user test and issue command SELECT  * FROM sys.dm_db_index_physical_stats(DB_ID('AdventureWorks'),NULL,NULL,NULL,'DETAILED') gets error :-  Msg 297, Level 16, State 12, Line 1 The user does not have permission to perform this action. 3.As a sysadmin, issue command :- USE AdventureWorks GRANT VIEW DATABASE STATE TO [test] or GRANT VIEW SERVER STATE TO [test] if all databases can be queried via DMV. 4. Try again as user test to issue command SELECT * FROM sys.dm_db_index_physical_stats(DB_ID('AdventureWorks '),NULL,NULL,NULL,'DETAILED') -- now produces valid results from the DMV.. 5 now create the test user in master database, public role only USE master CREATE USER [test] FOR LOGIN [test] 6 issue command :- USE master DENY SELECT ON sys.dm_db_index_physical_stats TO [test] 7 Now go back to AdventureWorks using test login and try SELECT * FROM sys.dm_db_index_physical_stats(DB_ID('AdventureWorks’),NULL,NULL,NULL,’DETAILED') Now gets error... Msg 229, Level 14, State 5, Line 1 The SELECT permission was denied on the object 'dm_db_index_physical_stats', database 'mssqlsystemresource', schema 'sys'. but the user is still able to query all other non-IO-intensive DMVs. If the user attempts to view the index physical stats via a builtin management studio report  – see recent blog post by Pinal Dave they get an error also

    Read the article

  • Restrict SSL access for some paths on a apache2 server

    - by valmar
    I wanted to allow access to www.mydomain.com/login through ssl only. E.g.: Whenever someone accessed http://www.mydomain.com/login, I wanted him to be redirect to https://www.mydomain.com/login so it's impossible for him/her to access that site without SSL. I accomplished this by adding the following lines to the virtual host for www.mydomain.com on port 80 in /etc/apache2/sites-available/default: RewriteEngine on RewriteCond %{SERVER_PORT} ^80$ RewriteRule ^/login(.*)$ https://%{SERVER_NAME}/login$1 [L,R] RewriteLog "/var/log/apache2/rewrite.log" Now, I want to restrict using SSL for www.mydomain.com. That means, whenever someone accessed https://www.mydomain.com, I want him to be redirected to http://www.mydomain.com (for performance reasons). I tried this by adding the following lines to the virtual host of www.mydomain.com on port 443 in /etc/apache2/sites-available/default-ssl: RewriteEngine on RewriteCond %{SERVER_PORT} ^443$ RewriteRule ^/(.*)$ http://%{SERVER_NAME}/$1 [L,R] RewriteLog "/var/log/apache2/rewrite.log" But when I now try to access www.mydomain.com/login, I get an error message that the server has caused to many redirects. That does make sense. Obviously, the two RewriteRules are playing ping-pong against each other. How could I work around this?

    Read the article

  • Screenshot Tour: Ubuntu Touch 14.04 on a Nexus 7

    - by Chris Hoffman
    Ubuntu 14.04 LTS will “form the basis of the first commercially available Ubuntu tablets,” according to Canonical. We installed Ubuntu Touch 14.04 on our own hardware to see what those tablets will be like. We don’t recommend installing this yourself, as it’s still not a polished, complete experience. We’re using “Ubuntu Touch” as shorthand here — apparently this project’s new name is “Ubuntu For Devices.” The Welcome Screen Ubuntu’s touch interface is all about edge swipes and hidden interface elements — it has a lot in common with Windows 8, actually. You’ll see the welcome screen when you boot up or unlock a Ubuntu tablet or phone. If you have new emails, text messages, or other information, it will appear on this screen along with the time and date. If you don’t, you’ll just see a message saying “No data sources available.” The Dash Swipe in from the right edge of the welcome screen to access the Dash, or home screen. This is actually very similar to the Dash on Ubuntu’s Unity desktop. This isn’t a surprise — Canonical wants the desktop and touch versions of Ubuntu to use the same code. In the future, the desktop and touch versions of Ubuntu will use the same version of Unity and Unity will adjust its interface depending on what type of device your’e using. Here you’ll find apps you have installed and apps available to install. Tap an installed app to launch it or tap an available app to view more details and install it. Tap the My apps or Available headings to view a complete list of apps you have installed or apps you can install. Tap the Search box at the top of the screen to start searching — this is how you’d search for new apps to install. As you’d expect, a touch keyboard appears when you tap in the Search field or any other text field. The launcher isn’t just for apps. Tap the Apps heading at the top of the screen and you’ll see hidden text appear — Music, Video, and Scopes. This hidden navigation is used throughout Ubuntu’s different apps and can be easy to miss at first. Swipe to the left or right to move between these screens. These screens are also similar to the different panels in Unity on the desktop. The Scopes section allows you to view different search scopes you have installed. These are used to search different sources when you start a search from the Dash. Search from the Music or Videos scopes to search for local media files on your device or media files online. For example, searching in the Music scope will show you music results from Grooveshark by default. Navigating Ubuntu Touch Swipe in from the left edge anywhere on the system to open the launcher, a bar with shortcuts to apps. This launcher is very similar to the launcher on the left of Ubuntu’s Unity desktop — that’s the whole idea, after all. Once you’ve opened an app, you can leave the app by swiping in from the left. The launcher will appear — keep moving your finger towards the right edge of teh screen. This will swipe the current app off the screen, taking you back to the Dash. Once back on the Dash, you’ll see your open apps represented as thumbnails under Recent. Tap a thumbnail here to go back to a running app. To remove an app from here, long-press it and tap the X button that appears. Swipe in from the right edge in any app to quickly switch between recent apps. Swipe in from the right edge and hold your finger down to reveal an application switcher that shows all your recent apps and lets you choose between them. Swipe down from the top of the screen to access the indicator panel. Here you can connect to Wi-Fi networks, view upcoming events, control GPS and Bluetooth hardware, adjust sound settings, see incoming messages, and more. This panel is for quick access to hardware settings and notifications, just like the indicators on Ubuntu’s Unity desktop. The Apps System settings not included in the pull-down panel are available in the System Settings app. To access it, tap My apps on the Dash and tap System Settings, search for the System Settings app, or open the launcher bar and tap the settings icon. The settings here a bit limited compared to other operating systems, but many of the important options are available here. You can add Evernote, Ubuntu One, Twitter, Facebook, and Google accounts from here. A free Ubuntu One account is mandatory for downloading and updating apps. A Google account can be used to sync contacts and calendar events. Some apps on Ubuntu are native apps, while many are web apps. For example, the Twitter, Gmail, Amazon, Facebook, and eBay apps included by default are all web apps that open each service’s mobile website as an app. Other applications, such as the Weather, Calendar, Dialer, Calculator, and Notes apps are native applications. Theoretically, both types of apps will be able to scale to different screen resolutions. Ubuntu Touch and Ubuntu desktop may one day share the same apps, which will adapt to different display sizes and input methods. Like Windows 8 apps, Ubuntu apps hide interface elements by default, providing you with a full-screen view of the content. Swipe up from the bottom of an app’s screen to view its interface elements. For example, swiping up from the bottom of the Web Browser app reveals Back, Forward, and Refresh buttons, along with an address bar and Activity button so you can view current and recent web pages. Swipe up even more from the bottom and you’ll see a button hovering in the middle of the app. Tap the button and you’ll see many more settings. This is an overflow area for application options and functions that can’t fit on the navigation bar. The Terminal app has a few surprising Easter eggs in this panel, including a “Hack into the NSA” option. Tap it and the following text will appear in the terminal: That’s not very nice, now tracing your location . . . . . . . . . . . .Trace failed You got away this time, but don’t try again. We’d expect to see such Easter eggs disappear before Ubuntu Touch actually ships on real devices. Ubuntu Touch has come a long way, but it’s still not something you want to use today. For example, it doesn’t even have a built-in email client — you’ll have to us your email service’s mobile website. Few apps are available, and many of the ones that are are just mobile websites. It’s not a polished operating system intended for normal users yet — it’s more of a preview for developers and device manufacturers. If you really want to try it yourself, you can install it on a Wi-Fi Nexus 7 (2013), Nexus 10, or Nexus 4 device. Follow Ubuntu’s installation instructions here.

    Read the article

  • Can't open Websphere Portal 7.0 Login Page after its integration with a custom user registry?

    - by jack_sparrow
    I am currently working on a project related to Websphere Portal 7.0 on Windows Server 2008 R2,64 bit. I am trying to integrate websphere portal with my custom user registry.I have completed all the steps required to implement custom user registry in portal as given in IBM documentation.I am adding my custom repository to the default federated repositories of Portal 7.0.I have made the required changes under VMM Federated CUR Properties section in wkplc.properties.I am using configengine.bat file to configure Portal with user registry. But even completing all the steps,when I am trying to open the Portal Login Page through http://ip-address:port_of_portal/wps/portal ,it is throwing an exception on the console: "Error 500: com.ibm.wps.resolver.data.exceptions.URIProcessingIOException: EJCBD0021E: The URI dav:fs-type1/themes/PageBuilder2/theme.html and parameters [['themeURI'=, 'mime-type'= could not be processed: [EJCBD0021E: The URI dav:fs-type1/themes/PageBuilder2/theme.html and parameters [['themeURI'=, 'mime-type'= could not be processed: EJPSG0002E: Requested Member does not exist.uid=portal,o=defaultWIMFileBasedRealm/null] " and in logs Systemout.log "EJPSB0005E: Exception occurred during creation of the principal with Name uid=portal,o=defaultWIMFileBasedRealm and Principal Type USER caused by com.ibm.portal.puma.MemberNotFoundException: EJPSG0002E: Requested Member does not exist.uid=portal,o=defaultWIMFileBasedRealm/null". Here,"portal" is administrative user in my custom user registry.I am able to access WAS using /ibm/console through user "portal".Please suggest some way to handle this issue.

    Read the article

  • How to allow anonymous login in org.apache.ftpserver?

    - by ablmf
    I wrote a little code like this to start an ftp server embedded in my application. It's based on apache ftpserver I found that anonymous user could not login. Client keeps get 530. Do I have add a configure file for ftp? I can not find any API to create a User to add to UserManger. private void start_ftp() throws FtpException { FtpServerFactory serverFactory = new FtpServerFactory(); ListenerFactory factory = new ListenerFactory(); // set the port of the listener factory.setPort(DEF_FTP_PORT); // replace the default listener serverFactory.addListener("default", factory.createListener()); Ftplet fl = new MyFtplet(); Map<String, Ftplet> map_ftplest = new LinkedHashMap<String, Ftplet>(); map_ftplest.put("default", fl); serverFactory.setFtplets(map_ftplest); UserManagerFactory u_factory = new PropertiesUserManagerFactory(); UserManager u_manager = u_factory.createUserManager(); //u_manager. Boolean b = u_manager.doesExist("anonymous"); serverFactory.setUserManager(u_manager); // start the server server = serverFactory.createServer(); server.start(); }

    Read the article

  • How do I get ASP.NET login status controls to display a Log In option?

    - by Greg McNulty
    I have the following log in status controls on the top of my master page. It displays the logged in as, manager log in, and Log out options. However, when a user is not logged in, there is nothing displayed there. When the user is NOT logged in, is there a way to display a "Login" text link that takes you to the log in page and then "disappears" once the user is logged in? Any help is appreciated. Thanks! <asp:LoginName ID="LoginName1" runat="server" FormatString="Logged in as {0}" ForeColor="Aqua" /> <asp:LoginView ID="LoginView1" runat="server"> <RoleGroups> <asp:RoleGroup Roles="Managers"> <ContentTemplate> <asp:HyperLink ID="HyperLink1" runat="server" NavigateUrl="~/Management/management.aspx">Manage Site</asp:HyperLink> or <asp:LoginStatus id="LoginStatus1" runat="server" /> </ContentTemplate> </asp:RoleGroup> </RoleGroups> <LoggedInTemplate> (<asp:LoginStatus id="LoginStatus1" runat="server" />) </LoggedInTemplate> </asp:LoginView> ASP.NET 3.5 VWD 2008 C#

    Read the article

  • LoginControl not working correctly with Firefox, requires double login attempt.

    - by CmdrTallen
    Any idea why LoginControl requires users authenticate twice with FireFox but works correctly (once) with IE? I am using a custom MembershipProvider and RoleProvider, if that matters. Authentication portion of my web.config; <authentication mode="Forms"> <forms timeout="50000000" protection="All" requireSSL="false" slidingExpiration="true" cookieless="AutoDetect" domain="" enableCrossAppRedirects="true"> <credentials passwordFormat="SHA1" /> </forms> </authentication> Membership section; <membership defaultProvider="CustomMembershipProvider"> <providers> <add name="CustomMembershipProvider" type="CustomCrateMembershipProvider" connectionString="" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" applicationName="/" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="5" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/> </providers> </membership> <roleManager defaultProvider="CustomRoleProvider" enabled="true"> <providers> <add name="CustomRoleProvider" type="CustomRoleProvider"/> </providers> </roleManager> Only code behind related to login; protected void OnLoggedIn(object sender, EventArgs e) { } protected void OnLoggingOut(object sender, EventArgs e) { }

    Read the article

  • im unable to validate a login of users ,since if im entering the wrong values my datareader is not getting executed y ?

    - by Salman_Khan
    //code private void glassButton1_Click(object sender, EventArgs e) { if (textBox1.Text == "" || textBox1.Text == "" || comboBox1.SelectedIndex == 0) { Message m = new Message(); m.ShowDialog(); } else { try { con.ConnectionString = "Data source=BLACK-PEARL;Initial Catalog=LIFELINE ;User id =sa; password=143"; con.Open(); SqlCommand cmd = new SqlCommand("Select LoginID,Password,Department from Login where LoginID=@loginID and Password=@Password and Department=@Department", con); cmd.Parameters.Add(new SqlParameter("@loginID", textBox1.Text)); cmd.Parameters.Add(new SqlParameter("@Password", textBox2.Text)); cmd.Parameters.Add(new SqlParameter("@Department", comboBox1.Text)); SqlDataReader dr = cmd.ExecuteReader(); if (dr.Read()) { string Strname = dr[0].ToString(); string StrPass = dr[1].ToString(); string StrDept = dr[2].ToString(); if(dr[2].ToString().Equals(comboBox1.Text)&&dr[0].ToString().Equals(textBox1.Text)&&dr[1].ToString().Equals(textBox2.Text)) { MessageBox.Show("Welcome"); } else { MessageBox.Show("Please Enter correct details"); } } dr.Close(); } catch (Exception ex) { MessageBox.Show("Exception" + ex); } finally { con.Close(); } } }

    Read the article

  • Am I going the right way to make login system secure with this simple password salting?

    - by LoVeSmItH
    I have two fields in login table password salt And I have this little function to generate salt function random_salt($h_algo="sha512"){ $salt1=uniqid(rand(),TRUE); $salt2=date("YmdHis").microtime(true); if(function_exists('dechex')){ $salt2=dechex($salt2); } $salt3=$_SERVER['REMOTE_ADDR']; $salt=$salt1.$salt2.$salt3; if(function_exists('hash')){ $hash=(in_array($h_algo,hash_algos()))?$h_algo:"sha512"; $randomsalt=hash($hash,md5($salt)); //returns 128 character long hash if sha512 algorithm is used. }else{ $randomsalt=sha1(md5($salt)); //returns 40 characters long hash } return $randomsalt; } Now to create user password I have following $userinput=$_POST["password"] //don't bother about escaping, i have done it in my real project. $static_salt="THIS-3434-95456-IS-RANDOM-27883478274-SALT"; //some static hard to predict secret salt. $salt=random_salt(); //generates 128 character long hash. $password =sha1($salt.$userinput.$static_salt); $salt is saved in salt field of database and $password is saved in password field. My problem, In function random_salt(), I m having this FEELING that I'm just making things complicated while this may not generate secure salt as it should. Can someone throw me a light whether I m going in a right direction? P.S. I do have an idea about crypt functions and like such. Just want to know is my code okay? Thanks.

    Read the article

  • Why does fb:fan control disappear after login with requireSession on external page?

    - by Max
    Hi, Reqs: I want to make an external page with a 'Become a Fan'-button. I want users to login to facebook once they open the page (this is because of other features in the site) So I call FB.Connect.requireSession once the page loads, and put a <fb:fan></fb:fan> control on the page. Then when I open the page I see the 'Connect with Facebook to Continue' pop-up and a small 'Become a fan' button. This seems right. When I log in to Facebook using the pop-up the 'Become a fan button' disappears!! Can anyone explain this weird behaviour or does someone know a way to reach my requirements in a different way. Below you can see my code. Thanks in advance! <!-- Head --> <script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/nl_NL" type="text/javascript"></script> <script type="text/javascript"> var fbApiKey = "MY_KEY"; var fbXdReceiver = "xd_receiver.htm"; function fbLoad() { FB.init(fbApiKey, fbXdReceiver); FB.ensureInit(function() { FB.Connect.requireSession(null, null, false); }); } </script> <!-- Body onload="fbLoad();" --> <fb:fan profile_id="24932281961" name="Nutella" id="fanButton" stream="0" connections="0" logobar="0" width="250"></fb:fan>

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 193 194 195 196 197 198 199 200 201 202 203 204  | Next Page >