Search Results

Search found 1426 results on 58 pages for 'risk'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 22/58 | < Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >

  • Rails 2.3.5, Ruby 1.9, SQLite 3 incompatible character encodings: UTF-8 and ASCII-8BIT

    - by Daniil Harik
    Hello, I know that question with same title has been asked almost 6 month ago. I have Googled for this problem and I have not found any working solution. Has there been any fixes for this very critical problem? I need to get my website running ASAP. Just to get the site up and running I'm even ready to add utf8 conversion methods to all my variables or risk to upgrade to Rails 3 beta Thank You in advance!

    Read the article

  • URLScan and percent signs

    - by Hobbes
    So I just ran into a stupid problem in which users could not download files that had a percent sign in it. It wound up being URLScan. I had to un-set two things in urlscan.ini: 1) Set VerifyNormalization to 0 (disabled) 2) Remove the percent sign from the "DenyUrlSequences" section Do an iisreset, and it problem solved. But the big question is: How much of a security risk is this?

    Read the article

  • Open Source Alternative to ASP.NET membership

    - by Tony Lenzi
    I'm currently supporting a Python web app with increasingly complicated user/role/permission management requirements. Currently, we are rolling our own user, groups, permissions, etc. code and supporting database. I'd like to find something like ASP.NET membership that can help manage user authentication and authorization, rather than risk security issues in continuing to create an increasingly complicated custom solution. Are there any similar projects out there worth taking a look at?

    Read the article

  • SQL Server stored procedures - update column based on variable name..?

    - by ClarkeyBoy
    Hi, I have a data driven site with many stored procedures. What I want to eventually be able to do is to say something like: For Each @variable in sproc inputs UPDATE @TableName SET @variable.toString = @variable Next I would like it to be able to accept any number of arguments. It will basically loop through all of the inputs and update the column with the name of the variable with the value of the variable - for example column "Name" would be updated with the value of @Name. I would like to basically have one stored procedure for updating and one for creating. However to do this I will need to be able to convert the actual name of a variable, not the value, to a string. Question 1: Is it possible to do this in T-SQL, and if so how? Question 2: Are there any major drawbacks to using something like this (like performance or CPU usage)? I know if a value is not valid then it will only prevent the update involving that variable and any subsequent ones, but all the data is validated in the vb.net code anyway so will always be valid on submitting to the database, and I will ensure that only variables where the column exists are able to be submitted. Many thanks in advance, Regards, Richard Clarke Edit: I know about using SQL strings and the risk of SQL injection attacks - I studied this a bit in my dissertation a few weeks ago. Basically the website uses an object oriented architecture. There are many classes - for example Product - which have many "Attributes" (I created my own class called Attribute, which has properties such as DataField, Name and Value where DataField is used to get or update data, Name is displayed on the administration frontend when creating or updating a Product and the Value, which may be displayed on the customer frontend, is set by the administrator. DataField is the field I will be using in the "UPDATE Blah SET @Field = @Value". I know this is probably confusing but its really complicated to explain - I have a really good understanding of the entire system in my head but I cant put it into words easily. Basically the structure is set up such that no user will be able to change the value of DataField or Name, but they can change Value. I think if I were to use dynamic parameterised SQL strings there will therefore be no risk of SQL injection attacks. I mean basically loop through all the attributes so that it ends up like: UPDATE Products SET [Name] = '@Name', Description = '@Description', Display = @Display Then loop through all the attributes again and add the parameter values - this will have the same effect as using stored procedures, right?? I dont mind adding to the page load time since this is mainly going to affect the administration frontend, and will marginly affect the customer frontend.

    Read the article

  • Oracle Coding Standards Feature Implementation

    - by Mike Hofer
    Okay, I have reached a sort of an impasse. In my open source project, a .NET-based Oracle database browser, I've implemented a bunch of refactoring tools. So far, so good. The one feature I was really hoping to implement was a big "Global Reformat" that would make the code (scripts, functions, procedures, packages, views, etc.) standards compliant. (I've always been saddened by the lack of decent SQL refactoring tools, and wanted to do something about it.) Unfortunatey, I am discovering, much to my chagrin, that there doesn't seem to be any one widely-used or even "generally accepted" standard for PL-SQL. That kind of puts a crimp on my implementation plans. My search has been fairly exhaustive. I've found lots of conflicting documents, threads and articles and the opinions are fairly diverse. (Comma placement, of all things, seems to generate quite a bit of debate.) So I'm faced with a couple of options: Add a feature that lets the user customize the standard and then reformat the code according to that standard. —OR— Add a feature that lets the user customize the standard and simply generate a violations list like StyleCop does, leaving the SQL untouched. In my mind, the first option saves the end-users a lot of work, but runs the risk of modifying SQL in potentially unwanted ways. The second option runs the risk of generating lots of warnings and doing no work whatsoever. (It'd just be generally annoying.) In either scenario, I still have no standard to go by. What I'd need to know from you guys is kind of poll-ish, but kind of not. If you were going to use a tool of this nature, what parts of your SQL code would you want it to warn you about or fix? Again, I'm just at a loss due to a lack of a cohesive standard. And given that there isn't anything out there that's officially published by Oracle, I think this is something the community could weigh in on. Also, given the way that voting works on SO, the votes would help to establish the popularity of a given "refactoring." P.S. The engine parses SQL into an expression tree so it can robustly analyze the SQL and reformat it. There should be quite a bit that we can do to correct the format of the SQL. But I am thinking that for the first release of the thing, layout is the primary concern. Though it is worth noting that the thing already has refactorings for converting keywords to upper case, and identifiers to lower case.

    Read the article

  • Legacy code - when to move on

    - by Mmarquee
    My team and support a large number of legacy applications all of which are currently functional but problematic to support and maintain. They all depend on code that the compiler manufacture has officially no support for. So the question is should we leave the code as is, and risk a new compiler breaking our code, or should we bite the bullet and update all the code?

    Read the article

  • MFS Agile Process Template Work Items

    - by devdept
    Where can I find a practical example on how to use Bug, Risk, Scenario, Task and Quality of Service Requirement work items? On MSDN documentation I found this topic: http://msdn.microsoft.com/en-us/library/bb668962.aspx but it is not enough for me to deeply understand when to use one or the other. Thanks!

    Read the article

  • Uploading PDF or .doc and security

    - by Kamo
    I have a script that lets the user upload text files (PDF or doc) to the server, then the plan is to convert them to raw text. But until the file is converted, it's in its raw format, which makes me worried about viruses and all kinds of nasty things. Any ideas what I need to do to minimize the risk of these unknown files. How to check if it's clean, or if it's even the format it claims to be and that it does not crash the server.

    Read the article

  • website design - graphics files

    - by mb08
    Hi Friends, I have a website to be designed and have most of the material ready with me. I have shortlisted a designer who is ready to start. The question I have is, should I hand over the original .psd graphics files of logo etc to the designer. Is it ok to hand over the .psds or is there any risk in doing so that I should be aware of and cover with an agreement... thanks in advance.. mb

    Read the article

  • Are there any programming related diseases?

    - by Ranhiru
    When you play Tennis, you have the risk of getting tennis elbow... In the sea, you can get sea-sick... Are there any programmer/programming related sicknesses out there? Apart from carpal tunnel syndrome which happens from excessive typing, back pains and eye strains from sitting in one place and never moving your body/eyes. are there any phobias, disorders etc??

    Read the article

  • MSQL upgrade on Ubuntu - any heads ups?

    - by Rob Sedge
    I am needing to upgrade MYSQL on Ubuntu, it is a production server and naturally cautious. My many googles look to be essentially saying that I need to : 1) Backup my current mysql database and tables/data 2) Uninstall current mysql 3) Install new MYSQL 5+ 4) Restore Databases/ tables and data 5) Hope and Pray I got it right ?? Something doesn't seem right, sounds like a lot of down time and risk Am I missing something / or any simple solutions? Upgrading from mSQL 4 to 5 on Ubuntu 10 Many Thanks, Rob

    Read the article

  • mysqli_stmt_bind_param SQL Injection

    - by profitphp
    Is there still an injection risk when using prepared statements and mysqli_stmt_bind_param? For example: $malicious_input = 'bob"; drop table users'; mysqli_stmt_bind_param($stmt, 's', $malicious_input); Behind the scenes does mysqli_stmt_bind_param pass this query string to mysql: SET @username = "bob"; drop table users"; Or does it perform the SET command through the API, or use some type of protection to keep this from happening?

    Read the article

  • Disposing the members that implement IDisposable.

    - by Amby
    In my Dispose methods (like the one below), everytime i want to call someObj.Dispose() i also have a check for someObj!=null. Is that because of bad design on my part? Is their a cleaner way to ascertain that Dispose of all the members (implementing IDisposable) being used in an object is called without having a risk of NullReference exception ? protected void Dispose(bool disposing) { if (disposing) { if (_splitTradePopupManager != null) { _splitTradePopupManager.Dispose(); } } } Thanks for your interest.

    Read the article

  • How to RESTful delete record Asp.Net Mvc 2

    - by Picflight
    I have delete links in my Asp.Net Mvc2 application. /{controller}/Delete/{id} It seems using link to delete has a security risk. Don’t use Delete Links because they create Security Holes I found this Implementing RESTful Routes & Controllers in ASP.NET MVC 2.0 but I am not sure how to implement a simple delete functionality using the new HttpDeleteAttribute class. Are there any examples on deleting, the RESTful approach?

    Read the article

  • What production-ready SaaS (recurring billing) solutions are available for Rails?

    - by Benjamin Manns
    I am working on a software-as-a-service (SaaS) application and I am looking for a billing plugin of some sort that will manage my subscriptions, customers, and recurring billing. There is the RailsKits SaaS kit ($249.00), but I prefer to use open source software. I have also found maccman's saasy, but the phrase "At the moment this is alpha code - use at your own risk" makes me a tad bit nervous.

    Read the article

  • When using SQL Compact on Windows Mobile, do you store the sdf file on a storage card?

    - by Michal Drozdowicz
    Having had some Sql Compact db corruption issues in the past and gone through the article on these, I got the idea that storing the database sdf file on a storage card significantly increases the risk of data loss due to db corruption. Do you store the sdf file on a storage card? Have you had any issues caused by it? What should I pay attention to when recommending a particular brand or model of an SD card wrt the stability and security for use with SQL Compact?

    Read the article

  • Generate a JasperReport for a specific user

    - by user530846
    I'm looking at using the JasperReport Web Services to create user specific reports. As opposed to getting a user to supply the name of the user to use for the query (and therefore expose a risk of users viewing each others data), I'd like within JasperReport to pull out their identity from their (Basic) authentication details from the web service run report call and then use their user name as a query parameter when running the report. Is there any documentation or examples on how this can be achieved?

    Read the article

  • best approah (security) to do some admin work through web page in Linux?

    - by Data-Base
    Hello, I want to build a web based admin tools that allow the system admin to run pre-configured commands and scripts through a web page (simple and limited webmin), what is the best approach? I already started with Ubuntu installing LAMP and give the user www-data root's privileges !!! as I learned (please check the link) this is a really bad move !!!, so how to build such web-based system without the security risk? cheers

    Read the article

  • As a programmer, what are some telltale signs that you're about to get fired or laid off?

    - by plaureano
    If you have ever been fired from a job, did you notice anything different about the behavior of your peers or upper management just before your termination? What are some common signs to look for among your coworkers and project manager(s) that would indicate your position is severely at risk? EDIT: My instincts were right, and I opted to resign rather than face termination. I guess when you have that "gut feeling" that something is about to happen, it's a strong sign that you should be heading for the exit...

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >