Search Results

Search found 11778 results on 472 pages for 'mark ms smith'.

Page 212/472 | < Previous Page | 208 209 210 211 212 213 214 215 216 217 218 219  | Next Page >

  • Java website protection solutions (especially XSS)

    - by Mark
    I'm developing a web application, and facing some security problems. In my app users can send messages and see other's (a bulletin board like app). I'm validating all the form fields that users can send to my app. There are some very easy fields, like "nick name", that can be 6-10 alpabetical characters, or message sending time, which is sended to the users as a string, and then (when users ask for messages, that are "younger" or "older" than a date) I parse this with SimpleDateFormat (I'm developing in java, but my question is not related to only java). The big problem is the message field. I can't restrict it to only alphabetical characters (upper or lowercase), because I have to deal with some often use characters like ",',/,{,} etc... (users would not be satisfied if the system didn't allow them to use these stuff) According to this http://ha.ckers.org/xss.html, there are a lot of ways people can "hack" my site. But I'm wondering, is there any way I can do to prevent that? Not all, because there is no 100% protection, but I'd like a solution that can protect my site. I'm using servlets on the server side, and jQuery, on the client side. My app is "full" AJAX, so users open 1 JSP, then all the data is downloaded and rendered by jQuery using JSON. (yeah, I know it's not "users-without-javascript" friendly, but it's 2010, right? :-) ) I know front end validation is not enough. I'd like to use 3 layer validation: - 1. front end, javascript validate the data, then send to the server - 2. server side, the same validation, if there is anything, that shouldn't be there (because of client side javascript), I BAN the user - 3. if there is anything that I wasn't able to catch earlier, the rendering process handle and render appropriately Is there any "out of the box" solution, especially for java? Or other solution that I can use?

    Read the article

  • Custom Web Control - ParseChildren & Resource Objects

    - by Raybiez
    I hope someone can help me. I have the following custom server control: [ParseChildren(true)] public class MyControl : WebControl, INamingContainer { [PersistenceMode(PersistenceMode.InnerProperty)] public string MyProperty { get;set; } } It works perfectly with the following mark-up: <acme:MyControl runat="sever"> <MyProperty>Test String</MyProperty> </acme:MyControl> But if I try to localise the property string, I get a parse error: <acme:MyControl runat="sever"> <MyProperty><%=(string)GetLocalResourceObject("MyResourceKey") %></MyProperty> </acme:MyControl> Even if I cast the type, ASP.NET indicates that the property cannot accept controls as children. How should the expression look like if I want to localise it? I can make the property accessible as an attribute of the control's tag, but I prefer the mark-up above, it looks more elegant and clean. Thanks

    Read the article

  • WCF Async callback setup for polled device

    - by Mark Pim
    I have a WCF service setup to control a USB fingerprint reader from our .Net applications. This works fine and I can ask it to enroll users and so on. The reader allows identification (it tells you that a particular user has presented their finger, as opposed to asking it to verify that a particular user's finger is present), but the device must be constantly polled while in identification mode for its status - when a user is detected the status changes. What I want is for an interested application to notify the service that it wants to know when a user is identified, and provide a callback that gets triggered when this happens. The WCF service will return immediately and spawn a thread in the background to continuously poll the device. This polling could go on for hours at a time if no one tries to log in. What's the best way to acheive this? My service contract is currently defined as follows: [ServiceContract (CallbackContract=typeof(IBiometricCallback))] public interface IBiometricWcfService { ... [OperationContract (IsOneWay = true)] void BeginIdentification(); ... } public interface IBiometricCallback { ... [OperationContract(IsOneWay = true)] void IdentificationFinished(int aUserId, string aMessage, bool aSuccess); ... } In my BeginIdentification() method can I easily spawn a worker thread to poll the device, or is it easier to make the WCF service asynchronous?

    Read the article

  • Servlet doPost() Method setup?

    - by Mark R
    I am interested in creating a web app that uses JSP, Servlets and XML. At the moment I have the following: JSP - Form input. Servlet - Retrieving Form data and sending that data to a java object. Java object (1) - Converts data into XML file....instantiates java object (2). Java object (2) - Sends that file to a database. On the returning side the database will send back another XML file that I will then process using XSLT to display back to the user. Can I place that XSLT code in the orignial Servlets doPost() method? So my doPost()` method would: Retrieve user inputted data from the form on my JSP page. Instantiate a java object to convert that data to XML, in-turn that object will instantiates another object to send the XML file to a database. Converts the resulting XML file sent from the database and displays it for the user. Can one servlet doPost() method handle all of this? If not, how would I set up my application and classes to handle this work flow? Thank you in advance

    Read the article

  • What coding standards do you follow?

    - by Mark Szymanski
    I was just curious what coding standards people followed. I for one use the following: Brackets ALWAYS go on the next line. For instance: int main() { //Blah... } I never use code folding. (Yes my IDE's do support it (Xcode and Eclipse). Put related functions/methods single-spaced, otherwise double space. Here is an example: int foo = 0; printf("%d",foo); those are related while these are not: printf("Hello, World!"); return(0); I don't put else statements on the same line as the closing bracket for the preceding if statement. Most of the time in Java if a program needs multiple try catch statements I will just put the whole thing in one try catch.

    Read the article

  • Using the MongoDB Ruby driver in Rails? (without an object mapper)

    - by Mark L
    I have recently been getting my feet wet in MongoDB using Mongoid w/ Rails 3, but I'm now interested in learning the low level MongoDB features using only the Ruby driver, and trying some map/reduce that would not be possible through Mongoid (afaik) I'm not entirely sure where in Rails I should be setting up the db connections etc, and any pointers would be much appreciated!

    Read the article

  • EllipseGeometry is not rendering in Silverlight

    - by Mark Nelson
    I'm trying to draw a circle in WP7 Silverlight using EllipseGeometry instead of Ellipse. The sample XAML in MSDN does not display anything on the canvas in Visual Studio. If I run the app, it does display in the emulator. <Canvas> <Path Fill="Gold" Stroke="Black" StrokeThickness="1"> <Path.Data> <EllipseGeometry Center="50,50" RadiusX="50" RadiusY="50" /> </Path.Data> </Path> </Canvas> Any ideas what is happening?

    Read the article

  • SaaS Multi-tenancy Applications: How is data import/export/backup being implemented?

    - by Mark Redman
    How are applications providing import / export (or backups) of data in SaaS based multi-tenancy applications, particularly single database designs? Imports: Keeping things simple I think basic imports are useful, ie CSV to a spec (or a way of providing a mapping between CSV columns and fields in the database. Exports: In single database designs I have seen XML exports and HTML (basic sitse generated) exports of data? I would assume that XML is a better option? How does one cater for relational data? Would you reference various things within XML and provide documentation of the relationships or let users figurethis out? Are vendors providing an export/backup that can be imported back in/restored? Your comments appreciated.

    Read the article

  • Jquery .load and subdomains

    - by mark
    I am trying to load a file (http://domain.com/v2/inc/review.php) from a subdomain (http://resort.domain.com) using jquery. Although I use the full location it refuses to load. Does anyone know how to get it to work? $("#resort").load("http://domain.com/v2/inc/review.php");

    Read the article

  • Can DataObjects.NET support SQL identity columns?

    - by Mark
    While there's lots to like about DataObjects.NET, I've found help resources to be a lean, and can't find a solit example of using DataObjects.NET with RDBMS generated primary keys. It would seem as though D4O won't do inserts against SQL Server unless it's in controll of the key. Has anyone solved this in the wild?

    Read the article

  • Rows and Column of Excel File

    - by Mark
    It is possible to write a code that specifying the rows and column of spread sheet in terms of NUMBERS and NOT LIKE (B2:D6) Example: excelSheet.Range("B2:D6").Interior.Color = RGB(100, 100, 255) instead of B2 and D6 I want to write 5 rows and 3 column.. It is posible to write in vb.net 2003 code?

    Read the article

  • How do you override ProgramFilesFolder in an msi?

    - by Mark
    I have an msi file that I am trying to install in a place other than C:\Program Files. The directory table shows that ProgramFilesFolder is used as the default install directory. From reading this blog post I understand that ProgramFilesFolder is a standard directory so passing TARGETDIR as a property to the installer will not change the install location even through the directory table has it as the parent of ProgramFilesFolder. How can I override the install location? I am a total novice in this area.

    Read the article

  • Is it possible to create a service like Feed My Inbox on my own server?

    - by Mark Bowen
    I was just wondering if it's at all possible to create a service like Feed My Inbox on my own server using PHP? Basically I have a site which has RSS feeds which are dynamic in nature and can search from thousands of posts based on many different criteria. I have the RSS feed working fine and bringing back data dynamically for whatever criteria I want so that bits fine. I am using the ExpressionEngine CMS to handle the site and there will be thousands of users on the site (currently there are around 2,0000) but that number is exponentially growing every single day. What I want to be able to do is allow the users to choose from certain criteria which will then build a dynamic RSS URL which will then be stored in a database table (one row for each user). This bit I will be able to do myself but then I want to be able to send out new RSS feed items via e-mail to each user. This is the part I'm a little stuck on. I'm guessing I would somehow need to run a cron job to hit a page which would check each users RSS feed and then if there are new items to send them to the user via e-mail. That's where I am totally stuck though and I'm just wondering what the best way to go about it would be? That or any software in PHP that already does this sort of thing would be great. I tried out phpList but it has severe problems working with RSS and I only ever got it to work once and now never again and I've read that lots of people have had this same problem so unfortunately it's not just me :-( I know there are services such as Feed My Inbox which I could easily set up so that users click a link and their RSS feed URL is added to go and use that service but I want to keep users from seeing the dynamic nature of the feed or they will easily be able to modify it to get at other items in the feed. I need this so that I can charge for access to the feeds but if people can see the URL of the feed then I will be totally unstuck as they will be able to get at whatever they want very easily. Therefore I'd like to be able to send the items out to them. Would really love to hear if anyone knows if this kind of thing is possible at all and what would be involved?

    Read the article

  • LInq to SQL - Partial Class - C#

    - by Mark Comix
    Hi, I have a system with 2 different projects, one is called LINQ_Extensions and the other is ORM_Linq. On ORM_Linq i have the LINQ diagram with the SQL tables "converted" in clases. One of the Class is called "Tipos_Pago" In the other project i have another class (partial class) "Tipos_Pago". I want to use the method OnValidate to validate the properties include in the class "Tipos_Pago", so i create this partial class. In the 2 projects i put the same NameSpace "ORM_Linq"(I changed the NameSpace of the project "LINQ_Extensions" to have the same of the project "ORM_Linq") After those chages, Visual Studio give me this error: Error 1 No defining declaration found for implementing declaration of partial method 'ORM_Linq.Tipos_Pago.OnValidate(System.Data.Linq.ChangeAction)' C..\Tipos_Pago.cs 13 22 Extensiones_Linq I don't have any Idea of what happend, can someone help me? Thanks, sorry for my poor english This is the code in the partial class: namespace ORM_Linq { public partial class Tipos_Pago { partial void OnValidate(System.Data.Linq.ChangeAction action) { //Valid code } } }

    Read the article

  • Why is Grails Searchable Plugin causing errors on Hibernate AutoFlush?

    - by Mark Rogers
    In the Grails 1.2.5 project that I am trying to troubleshoot, we use the Grails Searchable plugin .5.5.1. The problem is that whenever we attempt to index large sets domain classes, Grails keeps throwing: ERROR hibernate.AssertionFailure - an assertion failure occured (this may indicate a bug in Hibernate, but is more likely due to unsafe use of the session) org.hibernate.AssertionFailure: collection [domain-class] was not processed by flush() But the domain classes involved have been mapped and used by hibernate without issues outside of the calls to searchable plugin. The use of the searchable plugin goes as follows: Create a compass session with compass.openSession() Begin compass transaction: compassSession.beginTransaction() Then compassSession.create(result.get(0)) is called on an important unindexed domain class Finally compassTransaction.commit() is called to commit the transaction. Goto 2 and process next domain class Between the 3 and 4th Domain class, an autoflush is triggered that throws the error. Can anyone give me any hints about how to solve this problem? Has anyone encountered this problem before? I know that they had a systemic issue with this back in pre .5 versions of the searchable-plugin. Is it possible those issues weren't totally fixed?

    Read the article

  • Does it matter where you get your CS degree

    - by Mark Lubin
    Does going to a less famous University that might not be terribly selective necessarily preclude someone from being considered from the elite software companies, i.e. Google or Microsoft regardless of my actual abilities? Furthermore how often do you find your alumni places a factor when looking for a job? Thanks again for the responses.

    Read the article

  • Can I use PayPal to charge a Credit Card automatically?

    - by Mark
    If I have a Visa card number saved in my database, is there a way I can charge that Visa automatically through the PayPal API without the user having to enter anything? We want to keep this site as easy and hassle-free to use as possible. It would be a variable amount, based on how they use the site. (Don't worry, proper disclaimers will be in place, and the user will be notified) What about these "recurring payments"? That way I don't have to store the CC info on my website, but do they allow variable amounts that I could periodically send to PayPal?

    Read the article

  • ASP.NET MVC: How does one add authentication to RSS Feeds?

    - by Mark Redman
    I have seen a few examples of how to create RSS feeds using ASP.NET MVC, either by creating an Action or through an HttpHandler. I need to authenticate feeds and am wondering how this is to be done (and supported by RSS readers rather than just browsing to the page/xml through a browser) and how would authentications differ between an MVC Action or HttpHandler?

    Read the article

  • change/part doesn't work as expected with parse

    - by Rebol Tutorial
    According to http://www.rebol.com/docs/core23/rebolcore-15.html You can use change/part to parse and replace but that doesn't work well with this where I just try to replace the block <mytag > ... </mytag> by "MyString" content: {<mytag id="a" 111111111111111> </mytag> aaaaaaaaaaaaaaa aaaaaaaaaaaaaaa <mytag id="b" 22222222222222222> </mytag> <mytag id="c" 3333333333333> </mytag> aaaaaaaaaaaaaaa aaaaaaaaaaaaaaa <mytag id="d" 444444444444444> </mytag> } mytag: [ to {<mytag} start: ( ) thru {<mytag} to {id="} thru {id="} copy ID to {"} thru {"} to {</mytag>} thru {</mytag>} ending: (change/part start "mystring" ending) mark: ( write clipboard:// mark input) ] rule: [any mytag to end] parse content rule

    Read the article

  • iPhone Tab Bar application crash

    - by Mark Szymanski
    I have an application that uses a tab bar and whenever it launches it crashes and gives me the following error and stack trace: 2010-04-22 16:15:03.390 iCrushCans[59858:207] *** Terminating app due to uncaught exception 'NSUnknownKeyException', reason: '[<UIWindow 0x3e051a0> setValue:forUndefinedKey:]: this class is not key value coding-compliant for the key rootViewController.' 2010-04-22 16:15:03.392 iCrushCans[59858:207] Stack: ( 29680731, 2425423113, 29839809, 305768, 304309, 2957847, 4641908, 29583663, 4636459, 4644727, 2805842, 2844630, 2833204, 2815615, 2842721, 37776729, 29465472, 29461576, 2809365, 2846639 ) Thanks in advance!

    Read the article

< Previous Page | 208 209 210 211 212 213 214 215 216 217 218 219  | Next Page >