Search Results

Search found 28693 results on 1148 pages for 'oracle advanced security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 223/1148 | < Previous Page | 219 220 221 222 223 224 225 226 227 228 229 230  | Next Page >

  • Using JavaScript eval to parse JSON

    - by Quandary
    Question: I'm using eval to parse a JSON return value from one of my WebMethods. I prefer not to add jquery-json because the transfer volume is already quite large. So I parse the JSON return value with eval. Now rumors go that this is insecure. Why ? Nobody can modify the JSOn return value unless they hack my server, in which case I would have a much larger problem anyway. And if they do it locally, JavaScript only executes in their browser. So I fail to see where the problem is. Can anybody shed some light on this, using this concrete example? function OnWebMethodSucceeded(JSONstrWebMethodReturnValue) { var result=eval('(' + JSONstrWebMethodReturnValue + ')') ... // Adding result.xy to a table }

    Read the article

  • Oracle Database introduction and literature

    - by Marco Nätlitz
    Hi folks, got an new assignment covering Oracle databases. My problem now is that I am completely new to the Oracle system and never worked with it before. I need to develop a concept covering the installation and configuration of the server. Afterwards I need to migrate the old server to the new while ensuring date consistence. I just wanted to ask if you guys have some useful links for introduction and of course good literature / books on this topic? Thanks and cheers from Cologne Marco

    Read the article

  • What are best practices for securing the admin section of a website?

    - by UpTheCreek
    I'd like to know what people consider best practice for securing the Admin sections of websites, specifically from an authentication/access point of view. Of course there are obvious things, such as using SSL and logging all access, but I'm wondering just where above these basic steps people consider the bar to be set. For example: Are you just relying on the same authentication mechanism that you use for normal users? If not, what? Are you running the Admin section in the same 'application domain'? What steps do you take to make the admin section undiscovered? (or do you reject the while 'obscurity' thing)

    Read the article

  • How secure is a PostgreSQL database if my server is stolen?

    - by orokusaki
    If I have a server with a database if top secret data in PostgreSQL and my password is practically impossible to crack (128 character string of all sorts of weird chars, generated by hand). The server password is also uncrackable in theory (basically, ignore the possibility of a password crack on the DB). Aside from a password crack, how easy is it to get the data out of this database? Assumptions: Only the DB exists on the server. There is no password in a PHP script or anything like that The person who has the server is a computer / DB / hard-drive recovery expert I'm not using any hard-drive encryption or anything out of the norm for protection I'm trying to understand the risks involved with somebody gaining physical access to my server's hard-drives.

    Read the article

  • Web Application Scanner

    - by rajesh
    I want to develop a Web applications to collect or exchange sensitive or personal data, this system would give user a detailed automated report on : • How secure user's website is? • How easily it can be hacked? • Where exactly is the problem and • What are the remedies? Any suggestions????

    Read the article

  • Sequential (comb) GUIDs for Oracle

    - by Eyvind
    We are in the process of switching from the C# Guid.NewGuid() random-ish guid generator to the sequential guid algorithm suggested in this post. While this seems to work well for MS SQL Server, I am unsure about the implications for Oracle databases, in which we store guids in a raw(16) field. Does anyone have any insight as to whether this algorithm would be good for creating sequential guids for Oracle as well as for MS SQL Server, or if a different variant should be used. Thanks!

    Read the article

  • When deinstalling Oracle fals PHP

    - by Adomas
    Hi, I have a web on php5, iis6, and Oracle on windows server 2003. I had Oracle 10.2.0.1.0 and deinstalled it. After that I installed earlier version (10.1.0) for cloning DB purposes, php doesn't work. As I understand it failes because of oci8.dll, but can't find the real problem. Please, help.

    Read the article

  • Ensure Oracle row represents a unique timespan

    - by Dan F.
    I have to make a process in Oracle/PLSQL. I have to verify that the interval of time between start_date and end_date from a new row that I create must not intersect other start_dates and end_dates from other rows. Now I need to check each row for that condition and if it doesn't correspond the repetitive instruction should stop and after that to display a message such as "The interval of time given is not correct". I don't know how to make repetitive instructions in Oracle/PLSQL and I would appreciate if you would help me.

    Read the article

  • Oracle Query for getting CURRENT CTC (Salary) of Each Employee

    - by reply2viveksshah
    i want current CTC of each employee following is the design of my table Ecode Implemented Date Salary 7654323 2010-05-20 350000 7654322 2010-05-17 250000 7654321 2003-04-01 350000 7654321 2004-04-01 450000 7654321 2005-04-01 750000 7654321 2007-04-01 650000 i want oracle query for following output Ecode Salary 7654321 650000 7654322 250000 7654323 350000 thanks in advance See also Oracle Query for getting MAximum CTC (Salary) of Each Employee

    Read the article

  • Oracle Connection exception via JDBC

    - by sachin
    I have installed Oracle 11gR2 on my machine, now when i try to connect to it using IP address as 'localhost' or '127.0.0.1' there is no issue, but when I use ip address of machine '192.168.1.6' it throws exception: Io exception: Then Network Adapter could not establish the connection. I have installed ms loopback adapter prior to installation and my machine get IP from DHCP. do i need to configure any setting oracle config or what i might be missing here?

    Read the article

  • What's the best technique to protect my framework from visitors who are not logged in?

    - by Hermet
    First of all, I would like to say that I have used the search box looking for a similar question and was unsuccessful, maybe because of my poor english skills. I have a a 'homemade' framework. I have certain PHP files that must only be visible for the admin. The way I currently do this is check within every single page to see if a session has been opened. If not, the user gets redirected to a 404 page, to seem like the file which has been requested doesn't exist. I really don't know if this is guaranteed to work or if there's a better and more safe way because I'm currently working with kind of confidential data that should never become public. Could you give me some tips? Or leave a link where I could find some? Thank you very much, and again excuse me for kicking the dictionary. EDIT What I usually write in the top of each file is something like this <?php include("sesion.php"); $rs=comprueba(); //'check' if ($rs==1) { ?> And then, at the end <?php } ?> Is it such a butched job, isn't it? EDIT Let's say I have a customers list in a file named customers.php That file may be currently on http://www.mydomain.com/admin/customers.php and it must only be visible for the admin user. Once the admin user has been logged in, I create a session variable. That variable is what I check on the top of each page, and if it exists, the customers list is shown. If not, the user gets redirected to the 404 page. Thank you for your patience. I really appreciate.

    Read the article

  • Which are the best techniques to protect a 'homemade' framework from unlogged visitors?

    - by Hermet
    First of all, I would like to say that I have used the search box looking for a similar question unsuccessfully, maybe because of my poor english skills. The way I currently do this is checking in every single page that a session has been opened. If not, the user gets redirected to a 404 page, to seem like the file which has been requested doesn't exist. I really don't know if this is sure or there's a better and more safety way and I'm currently working with kind of confidential data that should never become public. Could you give me some tips? Or leave a link where I could find some? Thank you very much, and again excuse me for kicking the dictionary.

    Read the article

  • Copy image to BLOB from client pc aka Java function in Oracle

    - by mumich
    Hi guys, I've been stuck with this for past two days. I've go java function stored in Oracle system which is supposed to copy image from local drive do remote database and store it in BLOB - it's called CopyBLOB and looks like this: import java.sql.*; import oracle.sql.*; import java.io.*; public class CopyBLOB { static int id; static String fileName = null; static Connection conn = null; public CopyBLOB(int idz, String f) { id = idz; fileName = f; } public static void copy(int ident, String path) throws SQLException, FileNotFoundException { CopyBLOB cpB = new CopyBLOB(ident, path); cpB.getConnection(); cpB.callUpdate(id, fileName); } public void getConnection() throws SQLException { DriverManager.registerDriver (new oracle.jdbc.OracleDriver()); try { conn = DriverManager.getConnection("jdbc:oracle:thin:@oraserv.ms.mff.cuni.cz:1521:db", "xxx", "xxx"); } catch (SQLException sqlex) { System.out.println("SQLException while getting db connection: "+sqlex); if (conn != null) conn.close(); } catch (Exception ex) { System.out.println("Exception while getting db connection: "+ex); if (conn != null) conn.close(); } } public void callUpdate(int id, String file ) throws SQLException, FileNotFoundException { CallableStatement cs = null; try { conn.setAutoCommit(false); File f = new File(file); FileInputStream fin = new FileInputStream(f); cs = (CallableStatement) conn.prepareCall( "begin add_image(?,?); end;" ); cs.setInt(1, id ); cs.setBinaryStream(2, fin, (int) f.length()); cs.execute(); conn.setAutoCommit(true); } catch ( SQLException sqlex ) { System.out.println("SQLException in callUpdateUsingStream method of given status : " + sqlex.getMessage() ); } catch ( FileNotFoundException fnex ) { System.out.println("FileNotFoundException in callUpdateUsingStream method of given status : " + fnex.getMessage() ); } finally { try { if (cs != null) cs.close(); if (conn != null) conn.close(); } catch ( Exception ex ) { System.out.println("Some exception in callUpdateUsingStream method of given status : " + ex.getMessage( ) ); } } } } The wrapper function is defined in package "MyPackage" as folows: procedure image_adder( id varchar2, path varchar2 ) AS language java name 'CopyBLOB.copy(java.lang.String, java.lang.String)'; And the inserting function called image_add is as simple as this: procedure add_image( id numeric(10), pic blob) AS BEGIN insert into pictures values (seq_pic.nextval, id, pic); END add_image; Now the problem: When I type call MyPackage.image_adder(1, 'd:\samples\img.jpg'); I get the ORA-29531 Error: No method copy in class CopyBLOB. Can you help me, please?

    Read the article

  • HMAC URLs instead of login?

    - by Tres
    In implementing my site (a Rails site if it makes any difference), one of my design priorities is to relieve the user of the need to create yet another username and password while still providing useful per-user functionality. The way I am planning to do this is: User enters information on the site. Information is associated with the user via server-side session. User completes entering information, server sends an access URL via e-mail to the user roughly in the form of: http://siteurl/<user identifier>/<signature: HMAC(secret + salt + user identifier)> User clicks URL, site looks up user ID and salt and computes the HMAC with the server-stored secret and authenticates if the computed HMAC and signature match. My question is: is this a reasonably secure way to accomplish what I'm looking to do? Are there common attacks that would render it useless? Is there a compelling reason to abandon my desire to avoid a username/password? Is there a must-read book or article on the subject? Note that I'm not dealing with credit card numbers or anything exceedingly private, but I would still like to keep the information reasonably secure.

    Read the article

  • Extract time part from TimeStamp column in ORACLE

    - by RRUZ
    Actually i' am using MyTimeStampField-TRUNC(MyTimeStampField) to extract the time part from an timestamp column in Oracle. SELECT CURRENT_TIMESTAMP-TRUNC(CURRENT_TIMESTAMP) FROM DUAL this return +00 13:12:07.100729 this work ok for me, to extract the time part from an timestamp field, but i' m wondering if exist a better way (may be using an built-in function of ORACLE) to do this? Thanks.

    Read the article

  • Determining an Oracle SQL MERGE statement result

    - by petejamd
    Follow up to this question This (similar version from old link) works in SQL Server 2008, however, Oracle is giving me trouble: MERGE INTO wdm_test USING ( select '10000000000000000000000000000000' Guid from DUAL ) val ON ( wdm_test.Guid = val.Guid ) WHEN MATCHED THEN UPDATE SET test_column = null WHEN NOT MATCHED THEN INSERT (Guid, test_column) VALUES ('10000000000000000000000000000000', null) OUTPUT $action; SQL Error: ORA-00933: SQL command not properly ended Does Oracle not support OUTPUT $action;? If not, is there an alternative?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 219 220 221 222 223 224 225 226 227 228 229 230  | Next Page >