stay logged in - Page 239

Problem with Spring security's logout

- by uther-lightbringer

Hello, I've got a problem logging out in Spring framework. First when I want j_spring_security_logout to handle it for me i get 404 j_spring_security_logout not found: sample-security.xml: <http> <intercept-url pattern="/messageList.htm*" access="ROLE_USER,ROLE_GUEST" /> <intercept-url pattern="/messagePost.htm*" access="ROLE_USER" /> <intercept-url pattern="/messageDelete.htm*" access="ROLE_ADMIN" /> <form-login login-page="/login.jsp" default-target-url="/messageList.htm" authentication-failure-url="/login.jsp?error=true" /> <logout/> </http> Sample url link to logout in JSP page: <a href="<c:url value="/j_spring_security_logout" />">Logout</a> When i try to use a custom JSP page i.e. I use login form for this purpose then I get better result at least it gets to login page, but another problem is that you dont't get logged off as you can diretcly type url that should be guarded buy you get past it anyway. Slightly modified from previous listings: <http> <intercept-url pattern="/messageList.htm*" access="ROLE_USER,ROLE_GUEST" /> <intercept-url pattern="/messagePost.htm*" access="ROLE_USER" /> <intercept-url pattern="/messageDelete.htm*" access="ROLE_ADMIN" /> <form-login login-page="/login.jsp" default-target-url="/messageList.htm" authentication-failure-url="/login.jsp?error=true" /> <logout logout-success-url="/login.jsp" /> </http> <a href="<c:url value="/login.jsp" />">Logout</a> Thank you for help

Read the article

Sending basic authentication information via form

- by VolatileStorm

I am working on a site that currently uses a basic authentication dialog box login system, that is the type of dialog that you get if you go here: http://www.dur.ac.uk/vm.boatclub/password/index.php I did not set this system up and am not in a position to easily/quickly work around it, but it DOES work. The issue however is that the dialog box is not very helpful in telling you what login information you have to use (that is which username and password combination), and so I would like to replace it with a form. I had been thinking that this wasn't possible but I wanted to ask in order to find out. Is it possible to set up an HTML form that sends the data to the server such that it accepts it in the same way that it would using this dialog box? Alternatively is it possible to set up a PHP script that would take normal form data and process it somehow passing it to the server such that it logs in? Edit: After being told that this is basic authentication I went around and have managed to find a way that works and keeps the user persistently logged in. However, this does not work in internet explorer. The solution was simply to redirect the user to: http://username:[email protected]/vm.boatclub/password/index.php But Internet Explorer removed it due to phishing uses about 3 years ago. Is there a way to use javascript to get the browser to access the site in this way? Or will I have to simply change my UI?

Read the article

SQL Server 2000 intermittent connection exceptions on production server - specific environment probl

- by StickyMcGinty

We've been having intermittent problems causing users to be forcibly logged out of out application. Our set-up is ASP.Net/C# web application on Windows Server 2003 Standard Edition with SQL Server 2000 on the back end. We've recently performed a major product upgrade on our client's VMWare server (we have a guest instance dedicated to us) and whereas we had none of these issues with the previous release the added complexity that the new upgrade brings to the product has caused a lot of issues. We are also running SQL Server 2000 (build 8.00.2039, or SP4) and the IIS/ASP.NET (.Net v2.0.50727) application on the same box and connecting to each other via a TCP/IP connection. Primarily, the exceptions being thrown are: System.IndexOutOfRangeException: Cannot find table 0. System.ArgumentException: Column 'password' does not belong to table Table. [This exception occurs in the log in script, even though there is clearly a password column available] System.InvalidOperationException: There is already an open DataReader associated with this Command which must be closed first. [This one is occurring very regularly] System.InvalidOperationException: This SqlTransaction has completed; it is no longer usable. System.ApplicationException: ExecuteReader requires an open and available Connection. The connection's current state is connecting. System.Data.SqlClient.SqlException: Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding. And just today, for the first time: System.Web.UI.ViewStateException: Invalid viewstate. We have load tested the app using the same number of concurrent users as the production server and cannot reproduce these errors. They are very intermittent and occur even when there are only 8/9/10 user connections. My gut is telling me its ASP.NET - SQL Server 2000 connection issues.. We've pretty much ruled out code-level Data Access Layer errors at this stage (we've a development team of 15 experienced developers working on this) so we think its a specific production server environment issue.

Read the article

How to suppress error message details to general DNN Users

- by thames

I have a DNN site (05.02.03) in test and nearing release into production and I would like to suppress the details of error messages (i.e. Null Reference Exception, and others) to general users (admins can still see the details). Debug is off in the web.config. By suppressing, I mean the only error message I want to display to the general user (all users) is something like "An Exception has occured". I don't want the details of that exception to be displayed to the general user. I still want it logged in greater detail in the Event Viewer. How would I go about doing this? Update: I have "Use Custom Error Messages" checked. Which shows a error message like: A critical error has occurred.[vbCrLf] Object reference not set to an instance of an object. I want just the "A critical error has occured." error message to be displayed to general users. I don't want the "Object referece not set to an instance of an object." to be displayed to general users

Read the article

How to set permissions or alter a git commit process when using local repositories

- by Tony

I have a server that contains a central git repository and one of my co-worker's development environment. My co-worker's repository's origin is the central git repository and he pushes there when he has some code to share. Likewise, I develop locally and push to the central git repository when I have some code to share, so my repository's origin is also the central git repository. The issue is that I have the central git repository under a "git" user's home directory. So when I push I am actually SSH'ing into the the server as the "git" user. To be even more clear, my config has these lines: $ more .git/config [remote "origin"] fetch = +refs/heads/*:refs/remotes/origin/* url = [email protected]:fsg [branch "master"] remote = origin merge = refs/heads/master When I push, git handles this SSH + push seamlessly with I am guessing some sort of git shell. The issue is that when my coworker pushes, he is logged in as himself for a user and gets a bunch of crazy permission errors. Is there a typical way to solve this problem without opening up git's directories to a group? I think this will be problematic when I push and therefore overwrite the the repository and those permissions are reset. Thanks!

Read the article

Conditional macro expansion

- by Dave DeLong

Heads up: This is a weird question. I've got some really useful macros that I like to use to simplify some logging. For example I can do Log(@"My message with arguments: %@, %@, %@", @"arg1", @"arg2", @"arg3"), and that will get expanded into a more complex method invocation that includes things like self, _cmd, __FILE__, __LINE__, etc, so that I can easily track where things are getting logged. This works great. Now I'd like to expand my macros to not only work with Objective-C methods, but general C functions. The problem is the self and _cmd portions that are in the macro expansion. These two parameters don't exist in C functions. Ideally, I'd like to be able to use this same set of macros within C functions, but I'm running into problems. When I use (for example) my Log() macro, I get compiler warnings about self and _cmd being undeclared (which makes total sense). My first thought was to do something like the following (in my macro): if (thisFunctionIsACFunction) { DoLogging(nil, nil, format, ##__VA_ARGS__); } else { DoLogging(self, _cmd, format, ##__VA_ARGS__); } This still produces compiler warnings, since the entire if() statement is substituted in place of the macro, resulting in errors with the self and _cmd keywords (even though they will never be executed during function execution). My next thought was to do something like this (in my macro): if (thisFunctionIsACFunction) { #define SELF nil #define CMD nil } else { #define SELF self #define CMD _cmd } DoLogging(SELF, CMD, format, ##__VA_ARGS__); That doesn't work, unfortunately. I get "error: '#' is not followed by a macro parameter" on my first #define. My other thought was to create a second set of macros, specifically for use in C functions. This reeks of a bad code smell, and I really don't want to do this. Is there some way I can use the same set of macros from within both Objective-C methods and C functions, and only reference self and _cmd if the macro is in an Objective-C method?

Read the article

.NET 4.0 Forms Authentication change?

- by James Koch

I'm seeing some new behavior in Forms Authentication after upgrading to .NET 4.0. This occurs only on IIS 6, not on 7. Background - In web.config, we configure Forms Authentication, and then use <authorization tags to globally deny anonymous/unauthenticated users access. Then we explicitly allow access to a login.aspx page using a <location tag. Generally, this works fine, as it did when we were on .NET 2.0 (3.5). The issue only occurs when we visit the root path of the site, ie "http://myserver/". Our default document is configured in IIS to be login.aspx. Under .NET 4.0, upon visiting that URL, we're redirected to "http://myserver/login.aspx?ReturnUrl=/". If you log in from here, you're logged in and returned back at the log in page (yuck). Just wanted to post this here to see if anyone else is experiencing this. It's not listed on any "breaking changes" documentation I've been able to find. Either I'm missing something, or the UrlAuthorization module has changed and is no longer "smart" about IIS default documents.

Read the article

Cookie add in the Global.asax warning in application log

- by Ioxp

In my Global.ASAX file i have the following: System.Web.HttpCookie isAccess = new System.Web.HttpCookie("IsAccess"); isAccess.Expires = DateTime.Now.AddDays(-1); isAccess.Value = ""; System.Web.HttpContext.Current.Response.Cookies.Add(isAccess); So every time this method this is logged in the application events as a warning: Event code: 3005 Event message: An unhandled exception has occurred. Event time: 5/25/2010 12:23:20 PM Event time (UTC): 5/25/2010 4:23:20 PM Event ID: c515e27a28474eab8d99720c3f5a8e90 Event sequence: 4148 Event occurrence: 332 Event detail code: 0 Application information: Application domain: /LM/W3SVC/2100509645/Root-1-129192259222289896 Trust level: Full Application Virtual Path: / Application Path: <PathRemoved>\www\ Machine name: TIPPER Process information: Process ID: 6936 Process name: w3wp.exe Account name: NT AUTHORITY\NETWORK SERVICE Exception information: Exception type: NullReferenceException Exception message: Object reference not set to an instance of an object. Request information: Request URL: Request path: User host address: User: Is authenticated: False Authentication Type: Thread account name: NT AUTHORITY\NETWORK SERVICE Thread information: Thread ID: 7 Thread account name: NT AUTHORITY\NETWORK SERVICE Is impersonating: False Stack trace: at ASP.global_asax.Session_End(Object sender, EventArgs e) in <PathRemoved>\Global.asax:line 113 Any idea why this code would cause this error?

Read the article

Should frontend and backend handled by different controllers?

- by DR

In my previous learning projects I always used a single controller, but know I wonder if that is good practice or even always possible. In all RESTful Rails tutorials the controllers have a show, an edit and an index view. If an authorized user is logged on, the edit view becomes available and the index view shows additional data manipulation controls, like a delete button or a link to the edit view. Now I have a Rails application which falls exactly into this pattern, but the index view is not reusable: The normal user sees a flashy index page with lots of pictures, complex layout, no Javascript requirement, ... The Admin user index has a completly different minimalistic design, jQuery table and lots of additional data, ... Now I'm not sure how to handle this case. I can think of the following: Single controller, single view: The view is split into two large blocks/partials using an if statement. Single controller, two views: index and index_admin. Two different controllers: BookController and BookAdminController None of this solutions seems perfect, but for now I'm inclined to use the 3rd option. What's the preferred way to do this?

Read the article

[Zend YouTubeAPP] failed to upgrade a token

- by kwokwai

Hi all, I was testing Zend Gdata 1.10.1 in my localhost. I downloaded Zend Gdate from this link: http://framework.zend.com/download/webservices Inside the Zend Gdata zip file, there was a folder called demos. I extracted it and used the YouTudeVideoApp to upload a sample video to Youtube. But every time after I logged into Youtube, before it redirected me to my localhost, I received a warning message like this warning message: localhost: This website is registered with Google to make authorization requests, but has not been configured to send requests securely. We recommend that you continue the process only if you trust the following destination: localhost:8080/youtube/operations.php So I googled on how to resolve the problem of getting this warning message when I saw some people suggesed changing the value of $secure to True in operation.php. Here is the script mentioned: function generateAuthSubRequestLink($nextUrl = null) { $scope = 'http://gdata.youtube.com'; $secure = true; $session = true; if (!$nextUrl) { generateUrlInformation(); $nextUrl = $_SESSION['operationsUrl']; } $url = Zend_Gdata_AuthSub::getAuthSubTokenUri($nextUrl, $scope, $secure, $session); echo '<a href="' . $url . '"><strong>Click here to authenticate with YouTube</strong></a>'; } After I altered the value of $secure to True, I found that the warning message changed to this: localhost: Registered, secure. This website is registered with Google to make authorization requests The new warning message is somehow shorter and looks better than the previous warning message. But once I pressed the Allow Access button, it turned out to be this: ERROR - Token upgrade for CI3M6_Q3EOGkxoL-___wEYjffToQQ failed : Token upgrade failed. Reason: Invalid AuthSub header. Error 401 ERROR - Unknown search type - '' I don't know why this happened. Could you help me solve the problem please?

Read the article

Change flash src with jquery?

- by Elliott

Hi I have a flash menu showing a few links, but when the user is logged in I want to change the menu from menu1 to menu2 ... so that it will display "My Account" rather than "Signup" The code below is for my flash: <div id="menu"> <object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="825" height="69" id="menu1" align="middle"> <param name="allowScriptAccess" value="sameDomain" /> <param name="allowFullScreen" value="false" /> <param name="movie" value="menu1.swf" /><param name="quality" value="high" /><param name="wmode" value="transparent" /><param name="bgcolor" value="#ffffff" /> <embed src="menu1.swf" quality="high" wmode="transparent" bgcolor="#ffffff" width="825" height="69" name="menu1" align="middle" allowScriptAccess="sameDomain" allowFullScreen="false" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" /> </object> </div> Php: if (loggedin()) { echo '<script type="text/javascript"> CHANGE FLASH LINK HERE </script>'; } Could this be done without having to write all the above code out again? Thanks :)

Read the article

How to make images hosted on Amazon S3 less public but not completely private?

- by Jay Godse

I fired up a sample application that uses Amazon S3 for image hosting. I managed to coax it into working. The application is hosted at github.com. The application lets you create users with a profile photo. When you upload the photo, the web application stores it on Amazon S3 instead of your local file system. (Very important if you host at heroku.com) However, when I did a "view source" in the browser of the page I noticed that the URL of the picture was an Amazon S3 URL in the S3 bucket that I assigned to the app. I cut & pasted the URL and was able to view the picture in the same browser, and in in another browser in which I had no open sessions to my web app or to Amazon S3. Is there any way that I could restrict access to that URL (and image) so that it is accessible only to browsers that are logged into my applications? Most of the information I found about Amazon ACLs only talk about access for only the owner or to groups of users authenticated with Amazon or AmazonS3, or to everybody anonymously.

Read the article

SAML Identity Provider based on Active Directory

- by Jarret

I have a 3rd party program that supports web SSO using SAML 1.1 (it is ready to serve as the Service Provider, in other words). We would like to implement this SSO for our intranet users based on their Active Directory credentials. In other words, they've already logged on to their system, so let's simply use those credentials to facilitate an SSO. I am a little overwhelmed at where to begin, though. My initial thought is that IIS / Active Directory could easily serve as the Identity Provider since IIS gives us "Integrated Windows Authentication" abilities. I would think we could just create a .NET web app that requires Integrated Authentication which simply extracts the current user ID, builds the SAML response, and re-directs the user back to the Service Provider with this SAML response to complete the SSO. But then, my problem is that I simply have no real idea of how to go about creating this SAML response, the X.509 certs involved, etc... I am wondering if I am in over my head on this, or if creating this SAML response should be relatively easy. Note this SSO is to be used by intranet users only, so no need to worry about federating with other companies / domains.

Read the article

How to use sessions in PDO?

- by Byakugan

I am still redoing and getting rid of old mysql_* commands in my code. I tried to transfer my session login form old code and this is what I got so far: public function login($user, $password) { if (!empty($user) && !empty($password)) { $password = $web->doHash($user, $password); // in this function is (return sha1(strtoupper($user).':'.strtoupper($password)) $stmt = $db_login->prepare("SELECT * FROM account WHERE username=:user AND pass_hash=:password"); $stmt->bindValue(':user', $user, PDO::PARAM_STR); $stmt->bindValue(':password', $password, PDO::PARAM_STR); $stmt->execute(); $rows = $stmt->rowCount(); if ($rows > 0) { $results_login = $stmt->fetch(PDO::FETCH_ASSOC); $_SESSION['user_name'] = $results_login['username']; $_SESSION['user_id'] = $results_login['id']; return true; } else { return false; } } else { return false; } } After that I am using checks if user logged on site: public function isLogged() { return (!empty($_SESSION['user_id']) && !empty($_SESSION['user_name'])); } But it seems - this function returns always empty because $_SESSION does not exists in PDO? And of course logout is used in this form on my sites: public function logout() { unset($_SESSION['user_id']); unset($_SESSION['user_name']); } But I think PDO has different way of handling session? I did not find any so what is it can i somehow add $_SESSION in PDO withou changing code much? I am using variables $_SESSION['user_name'] and $_SESSION['user_id'] in all over my web project. Summary: 1) How to use sessions in PDO correctly? 2) What is difference between using $stmt->fetch(PDO::FETCH_ASSOC); and $stmt->fetchAll(); Thank you.

Read the article

Output reformatted text within a file included in a JSP

- by javanix

I have a few HTML files that I'd like to include via tags in my webapp. Within some of the files, I have pseudo-dynamic code - specially formatted bits of text that, at runtime, I'd like to be resolved to their respective bits of data in a MySQL table. For instance, the HTML file might include a line that says: Welcome, [username]. I want this resolved to (via a logged-in user's data): Welcome, [email protected]. This would be simple to do in a JSP file, but requirements dictate that the files will be created by people who know basic HTML, but not JSP. Simple text-tags like this should be easy enough for me to explain to them, however. I have the code set up to do resolutions like that for strings, but can anyone think of a way to do it across files? I don't actually need to modify the file on disk - just load the content, modify it, and output it w/in the containing JSP file. I've been playing around with trying to load the files into strings via the apache readFileToString, but I can't figure out how to load files from a specific folder within the webapp's content directory without hardcoding it in and having to worry about it breaking if I deploy to a different system in the future.

Read the article

Is there stl and utf8 friendly C++ Wrapper for ICU, or other powerful unicode library

- by artyom

Hello, I need a good Unicode library for C++. I need Transformations in Unicode sensitive way. For example sort all strings in case insensitive way and get their first characters for index. Convert to upper and to lower various Unicode strings. Split text in reasonable position -- words that would work for Chinese and Japanese as well. Formatting numbers, dates in locale sensitive way (should be thread safe). Transparent support of utf8 (primary internal representation). As far as I know the best library is ICU. However, I can't find normal developer friendly API documentation with examples. Also as far as I see, it is not too friendly with modern C++ design, work with STL and so on. Like this std::string msg; unistring umsg.from_utf8(msg); unistring::word_iterator wi; for(wi=umsg.words().begin(),n=0;wi!=usmg.words().wi_end(),n<10;++wi,++n) ; msg=umsg.substr(umsg.words().begin(),wi).to_utf8(); cout<<_("Five 10 words are ")<<msg; Does anybody know good STL friendly ICU wrapper released under Open Source license preferred permissive like MIT or Boost, but others LGPLv2 compatible are ok as well. Is there another high quality library similar to ICU? Platform: UNIX/POSIX, Windows support is not required. Thanks, Artyom Edit: Unfortunatly I wasn't logged in so I can't make asnver accepted... I had attached the ansver by myself.

Read the article

Using the Search API with Sharepoint Foundation 2010 - 0 results

- by MB

I am a sharepoint newbee and am having trouble getting any search results to return using the search API in Sharepoint 2010 Foundation. Here are the steps I have taken so far. The Service Sharepoint Foundation Search v4 is running and logged in as Local Service Under Team Site - Site Settings - Search and Offline Availability, Indexing Site Content is enabled. Running the PowerShell script Get-SPSearchServiceInstance returns TypeName : SharePoint Foundation Search Description : Search index file on the search server Id : 91e01ce1-016e-44e0-a938-035d37613b70 Server : SPServer Name=V-SP2010 Service : SPSearchService Name=SPSearch4 IndexLocation : C:\Program Files\Common Files\Microsoft Shared\Web Server Exten sions\14\Data\Applications ProxyType : Default Status : Online When I do a search using the search textbox on the team site I get a results as I would expect. Now, when I try to duplicate the search results using the Search API I either receive an error or 0 results. Here is some sample code: using Microsoft.SharePoint.Search.Query; using (var site = new SPSite(_sharepointUrl, token)) { // FullTextSqlQuery fullTextSqlQuery = new FullTextSqlQuery(site) { QueryText = String.Format("SELECT Title, SiteName, Path FROM Scope() WHERE \"scope\"='All Sites' AND CONTAINS('\"{0}\"')", searchPhrase), //QueryText = String.Format("SELECT Title, SiteName, Path FROM Scope()", searchPhrase), TrimDuplicates = true, StartRow = 0, RowLimit = 200, ResultTypes = ResultType.RelevantResults //IgnoreAllNoiseQuery = false }; ResultTableCollection resultTableCollection = fullTextSqlQuery.Execute(); ResultTable result = resultTableCollection[ResultType.RelevantResults]; DataTable tbl = new DataTable(); tbl.Load(result, LoadOption.OverwriteChanges); } When the scope is set to All Sites I retrieve an error about the search scope not being available. Other search just return 0 results. Any ideas about what I am doing wrong?

Read the article

Network Authentication when running exe from WMI

- by Andy

Hi, I have a C# exe that needs to be run using WMI and access a network share. However, when I access the share I get an UnauthorizedAccessException. If I run the exe directly the share is accessible. I am using the same user account in both cases. There are two parts to my application, a GUI client that runs on a local PC and a backend process that runs on a remote PC. When the client needs to connect to the backend it first launches the remote process using WMI (code reproduced below). The remote process does a number of things including accessing a network share using Directory.GetDirectories() and reports back to the client. When the remote process is launched automatically by the client using WMI, it cannot access the network share. However, if I connect to the remote machine using Remote Desktop and manually launch the backend process, access to the network share succeeds. The user specifed in the WMI call and the user logged in for the Remote Desktop session are the same, so the permissions should be the same, shouldn't they? I see in the MSDN entry for Directory.Exists() it states "The Exists method does not perform network authentication. If you query an existing network share without being pre-authenticated, the Exists method will return false." I assume this is related? How can I ensure the user is authenticated correctly in a WMI session? ConnectionOptions opts = new ConnectionOptions(); opts.Username = username; opts.Password = password; ManagementPath path = new ManagementPath(string.Format("\\\\{0}\\root\\cimv2:Win32_Process", remoteHost)); ManagementScope scope = new ManagementScope(path, opts); scope.Connect(); ObjectGetOptions getOpts = new ObjectGetOptions(); using (ManagementClass mngClass = new ManagementClass(scope, path, getOpts)) { ManagementBaseObject inParams = mngClass.GetMethodParameters("Create"); inParams["CommandLine"] = commandLine; ManagementBaseObject outParams = mngClass.InvokeMethod("Create", inParams, null); }

Read the article

Can't install do_mysql gem?

- by maccy1

I'm trying to install the do_mysql on my Snow Leopord system Macbook Pro 13", but I keep getting this error: n216-160:~ myself$ sudo gem1.9 install do_mysql Password: Building native extensions. This could take a while... ERROR: Error installing do_mysql: ERROR: Failed to build gem native extension. /opt/local/bin/ruby1.9 extconf.rb checking for mysql_query() in -lmysqlclient... no *** extconf.rb failed *** Could not create Makefile due to some reason, probably lack of necessary libraries and/or headers. Check the mkmf.log file for more details. You may need configuration options. Provided configuration options: --with-opt-dir --without-opt-dir --with-opt-include --without-opt-include=${opt-dir}/include --with-opt-lib --without-opt-lib=${opt-dir}/lib --with-make-prog --without-make-prog --srcdir=. --curdir --ruby=/opt/local/bin/ruby1.9 --with-mysql-config --without-mysql-config --with-mysql-dir --without-mysql-dir --with-mysql-include --without-mysql-include=${mysql-dir}/include --with-mysql-lib --without-mysql-lib=${mysql-dir}/lib --with-mysqlclientlib --without-mysqlclientlib Gem files will remain installed in /opt/local/lib/ruby1.9/gems/1.9.1/gems/do_mysql-0.10.0 for inspection. Results logged to /opt/local/lib/ruby1.9/gems/1.9.1/gems/do_mysql-0.10.0/ext/do_mysql_ext/gem_make.out n216-160:~ myself$ I have no idea why. I also reinstalled my verison of MySQL with the MySQL 5.4.3 beta, 64-bit as others suggested but no dice. Does anyone have any idea what is wrong?

Read the article

User Control not loading based on location

- by mwright

I have an ASP.net MVC solution that uses nested master pages to load content. On the first Master page I load a header, then have the Content Placeholder, and then load a footer. This master page is referenced by another master page which adds some additional information based on the user being logged in or not. When I load a page that references these master pages, the header loads, but the footer does not. If I move the footer up above the Content Place Holder it loads into the page. Any ideas why this might be the case? The code for the master page that contains the footer is as follows: <%@ Master Language="C#" Inherits="System.Web.Mvc.ViewMasterPage" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title> <asp:ContentPlaceHolder ID="TitleContent" runat="server" /> </title> </head> <body> <div class="header"> <% Html.RenderPartial("Header"); %> </div> <div> <asp:ContentPlaceHolder ID="MainContent" runat="server"> </asp:ContentPlaceHolder> </div> <div class="footer"> <% Html.RenderPartial("Footer"); %> </div> </body> </html>

Read the article

E-Commerce Security: Only Credit Card Fields Encrypted?!

- by bizarreunprofessionalanddangerous

I'd like your opinions on how a major bricks-and-mortar company is running the security for its shopping Web site. After a recent update, when you are logged into your shopping account, the session is now not secured. No 'https', no browser 'lock'. All the personal contact info, shopping history -- and if I'm not mistaken submit and change password -- are being sent unencrypted. There is a small frame around the credit card fields that is https. There's a little notice: "Our website is secure. Our website uses frames and because of this the secure icon will not appear in your browser" On top of this the most prominent login fields for the site are broken, and haven't gotten fixed for a week or longer (giving the distinct impression they have no clue what's going on and can't be trusted with anything). Now is it just me -- or is this simply incomprehensible for a billion dollar company, significant shopping site, in the year 2010. No lock. "We use frames" (maybe they forget "Best viewed in IE4"). Customers complaining, as you can see from their FAQ "explaining" why you aren't seeing https. I'm getting nowhere trying to convince customer service that they REALLY need to do something about this, and am about to head for the CEO. But I just want to make sure this is as BIZARRE and unprofessional and dangerous a situation as I think it is. (I'm trying to visualize what their Web technical team consists of. I'm getting A) some customer service reps who were given a 3 hour training course on Web site maintenance, B) a 14 year old boy in his bedroom masquerading as a major technical services company, C) a guy in a hut in a jungle with an e-commerce book from 1996.)

Read the article

PDO prepare silently fails

- by Wabbitseason

I'm experimenting with PHP's session_set_save_handler and I'd like to use a PDO connection to store session data. I have this function as a callback for write actions: function _write($id, $data) { logger('_WRITE ' . $id . ' ' . $data); try { $access = time(); $sql = 'REPLACE INTO sessions SET id=:id, access=:access, data=:data'; logger('This is the last line in this function that appears in the log.'); $stmt = $GLOBALS['db']->prepare($sql); logger('This never gets logged! :('); $stmt->bindParam(':id', $id, PDO::PARAM_STR); $stmt->bindParam(':access', $access, PDO::PARAM_INT); $stmt->bindParam(':data', $data, PDO::PARAM_STR); $stmt->execute(); $stmt->closeCursor(); return true; } catch (PDOException $e) { logger('This is never executed.'); logger($e->getTraceAsString()); } } The first two log messages always show up, but the third one right after $stmt = $GLOBALS['db']->prepare($sql) never makes it to the log file and there's no trace of an exception either. The sessions db table remains empty. The log message from the _close callback is always present. Here's how I connect to the database: $db = new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); I have PHP 5.2.10. I tried to simply run $GLOBALS['db']->exec($sql) with a "manually prepared" $sql content, but it still failed silently. The query itself is all right I was able to execute it via the db console.

Read the article

A way to enable a LaunchDaemon to output sound?

- by Varun Mehta

I have a small Foundation application that checks a website and plays a sound if it sees a certain value. This application successfully plays a sound when I run it as my user from the Terminal. I've configured this app to run as a LaunchDaemon, with the following plist: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>org.myorg.appidentifier</string> <key>ProgramArguments</key> <array> <string>/Users/varunm/path/to/cli/application</string> </array> <key>KeepAlive</key> <true/> <key>RunAtLoad</key> <true/> </dict> </plist> When I have this service launched I can see it successfully read in and log values from the website, but it never generates any sound. The sound files are located in the same directory as the binary, and I use the following code: NSSound *soundToPlay = [[NSSound alloc] initWithContentsOfFile:@"sound.wav" byReference:NO]; [soundToPlay setDelegate:stopper]; [soundToPlay play]; while (g_keepRunning) { [[NSRunLoop currentRunLoop] runUntilDate:[NSDate dateWithTimeIntervalSinceNow:1.0]]; } [soundToPlay setCurrentTime:0.0]; Is there any way to get my LaunchDaemon application to play sound? This machine gets run by different people, and sometimes has no one logged in, which is why I have to configure it as a LaunchDaemon.

Read the article

How can I test a CRON job with PHP?

- by alex

This is the first time I've ever used a CRON. I'm using it to parse external data that is automatically FTP'd to a subdirectory on our site. I have created a controller and model which handles the data. I can access the URL fine in my browser and it works (however I will be restricting this soon). My problem is, how can I test if it's working? I've added this to my controller for a quick and dirty log $file = 'test.txt'; $contents = ''; if (file_exists($file)) { $contents = file_get_contents($file); } $contents .= date('m-d-Y') . ' --- ' . PHP_SAPI . "\n\n"; file_put_contents($file, $contents); But so far only got requests logged from myself from the browser, despite having my CRON running ever minute. 03-18-2010 --- cgi-fcgi 03-18-2010 --- cgi-fcgi I've set it up using cPanel with the command index.php properties/update/ the 2nd portion is what I use to access the page in my browser. So how can I test this is working properly, and have I stuffed anything up? Note: I'm using Kohana 3. Many thanks

Read the article

Deleting a resource in a Cucumber (Capybara) step doesn't work

- by Josiah Kiehl

Search Results

Search found 6912 results on 277 pages for 'stay logged in'.

Page 239/277 | < Previous Page | 235 236 237 238 239 240 241 242 243 244 245 246 | Next Page >

- by uther-lightbringer

- by VolatileStorm

- by StickyMcGinty

- by thames

- by Tony

- by Dave DeLong

- by James Koch

- by Ioxp

- by DR

- by kwokwai

- by Elliott

- by Jay Godse

- by Jarret

- by Byakugan

- by javanix

- by artyom

- by MB

- by Andy

- by maccy1

- by mwright

- by bizarreunprofessionalanddangerous

- by Wabbitseason

- by Varun Mehta

- by alex

- by Josiah Kiehl

< Previous Page | 235 236 237 238 239 240 241 242 243 244 245 246 | Next Page >