Search Results

Search found 6862 results on 275 pages for 'username'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 242/275 | < Previous Page | 238 239 240 241 242 243 244 245 246 247 248 249  | Next Page >

  • Sorting and Pagination does not work after I build a custom keyword search that is build using relat

    - by Roland
    I recently started to build a custom keyword search using Yii 1.1.x The search works 100%. But as soon as I sort the columns and use pagination in the admin view the search gets lost and all results are shown. So with otherwords it's not filtering so that only the search results show. Somehow it resets it. In my controller my code looks as follows $builder=Messages::model()->getCommandBuilder(); //Table1 Columns $columns1=array('0'=>'id','1'=>'to','2'=>'from','3'=>'message','4'=>'error_code','5'=>'date_send'); //Table 2 Columns $columns2=array('0'=>'username'); //building the Keywords $keywords = explode(' ',$_REQUEST['search']); $count=0; foreach($keywords as $key){ $kw[$count]=$key; ++$count; } $keywords=$kw; $condition1=$builder->createSearchCondition(Messages::model()->tableName(),$columns1,$keywords,$prefix='t.'); $condition2=$builder->createSearchCondition(Users::model()->tableName(),$columns2,$keywords); $condition = substr($condition1,0,-1) . " OR ".substr($condition2,1); $condition = str_replace('AND','OR',$condition); $dataProvider=new CActiveDataProvider('Messages', array( 'pagination'=>array( 'pageSize'=>self::PAGE_SIZE, ), 'criteria'=>array( 'with'=>'users', 'together'=>true, 'joinType'=>'LEFT JOIN', 'condition'=>$condition, ), 'sort'=>$sort, )); $this->render('admin',array( 'dataProvider'=>$dataProvider,'keywords'=>implode(' ',$keywords),'sort'=>$sort )); and my view looks like this $this->widget('zii.widgets.grid.CGridView', array( 'dataProvider'=>$dataProvider, 'columns'=>array( 'id', array( 'name'=>'user_id', 'value'=>'CHtml::encode(Users::model()->getReseller($data->user_id))', 'visible'=>Yii::app()->user->checkAccess('poweradministrator') ), 'to', 'from', 'message', /* 'date_send', */ array( 'name'=>'error_code', 'value'=>'CHtml::encode($data->status($data->error_code))', ), array( 'class'=>'CButtonColumn', 'template'=>'{view} {delete}', ), ), )); I really do not know what do do anymore since I'm terribly lost, any help will be hihsly appreciated

    Read the article

  • JAVA Procedure Error

    - by Sam....
    java.sql.SQLException: [Microsoft][SQLServer 2000 Driver for JDBC][SQLServer]Procedure 'STP_Insert_tblReceipt' expects parameter '@CPVFlag', which was not supplied. I m getting error at This Point when trying to call procedure... Everything is perfect ,,,Count of Question marks are similar to parameter provided cs = conn.prepareCall("{call STP_Insert_tblReceipt(?,?,?, ?,?,?, ?,?,?, ?,?,?, ?,?,?, ?,?,?, ?,?,?, ?,?,?, ?,?,?)}"); // cs = conn.prepareCall("{call STP_Receipt_Form_Insertion_Trial(?,?,?, ?,?,?, ?,?,?, ?,?,?, ?)}"); cs.setLong(1, Long.parseLong(txtMobileNo.getText())); cs.setString(2, String.valueOf(cboDistributor.getSelectedItem())); cs.setLong(3, Long.parseLong(txtBoxNo.getText())); cs.setInt(4, Integer.parseInt(txtFileNo.getText())); cs.setString(5, pickUp_date); cs.setString(6, rec_date); cs.setString(7, String.valueOf(cmbCtrlNo.getSelectedItem())); cs.setString(8, UserName); cs.setString(9, rec_date); cs.setString(10, RegionLocation); cs.setString(11, txtRemark.getText().trim()); cs.setString(12, txtSimNo.getText().trim()); cs.setInt(13, 2); cs.setString(14, String.valueOf(cmbAryanRegion.getSelectedItem())); cs.setString(15, String.valueOf(cboPickUpType.getSelectedItem())); cs.setString(16, String.valueOf(txtCafNo.getText())); cs.setString(17, distributorId); //cs.setString(18, circleName); cs.setString(18, cboCircle.getSelectedItem().toString()); cs.registerOutParameter(19, java.sql.Types.INTEGER); cs.setString(20, auditorName); cs.setString(21, retailerName); cs.setString(22, retailerCode); cs.setInt(23, mappedFlag); //cs.setString(24, distCode); cs.setString(24, cboDistCode.getSelectedItem().toString()); //cs.setString(25, zoneName); cs.setString(25, cboZone.getSelectedItem().toString()); cs.setString(26, comment); **cs.setInt(27, 1);** **this is for CPV Flag** After this cs.execute();

    Read the article

  • Retriving data from ListView control

    - by Josh
    I have a ListView control set up in details mode with 5 columns. It is populated by code using the following subroutine: For j = 0 To 14 cmd = New OleDbCommand("SELECT TeacherName, ClassSubject, BookingDate, BookingPeriod FROM " & SchemaTable.Rows(i)!TABLE_NAME.ToString() & " WHERE (((BookingDate)=" & Chr(34) & Date.Today.AddDays(j) & Chr(34) & ") AND ((UserName)=" & Chr(34) & user & Chr(34) & "));", cn) dr = cmd.ExecuteReader Dim itm As ListViewItem Dim itms(4) As String While dr.Read() itms(0) = dr(0) itms(1) = SchemaTable.Rows(i)!TABLE_NAME.ToString() itms(2) = dr(1) itms(3) = dr(2) itms(4) = dr(3) itm = New ListViewItem(itms) Manage.ManageList.Items.Add(itm) End While Next Note that this is not the full routine, just the bit that populated the grid. Now I need to retrieve data from the ListView control in order to delete a booking in my database. I used the following code to retrieve the content of each column: ManageList.SelectedItems(0).Text But it only seems to work on index 0. If I do: ManageList.SelectedItems(3).Text I get this error: InvalidArgument=Value of '3' is not valid for 'index'. Parameter name: index I'm pretty much stumped, it seems logical to me that index 1 will point to the 2nd column, index 2 to the 3rd etc, as it's 0 based? Any help would be appreciated, thanks.

    Read the article

  • Java applet loading images from external jars

    - by Mathias
    I have a jar on a server, and users should be able to develop extensions for it. Therefore the jars main class should be extended and some resources should be added to a second user created jar which will be loaded from another server or locally. Now I have problems accessing the resources (images) from the user loaded jars. Heres is the structure: My Server: game.jar containing game.class images.class ... image1.png (...) Local: user.jar containing: user.class extends game userimage.png The extension is loaded via Greasemonkey, it modifies the "archive" attribute to "/home/username/user.jar, game.jar" and the "code" attribute to "user.class". The user should be able to overwrite already defined images. If the image does not exist in game.jar, it is loaded correctly from user.jar. But the images loaded early in the game are always loaded from the game.jar, others seem to be overwritten correctly by the user. Is there a way to make sure they are always loaded in the correct order? This might be because of some caching mechanism. Because Greasemonkey removes the game from the page, changes the archive and code and reinsert it, the game is loaded without a mod for a brief second. In that time, images are loaded as expected from game jar, but those are the ones not being overwritable by the user. But how to avoid it? Another thing: If I overwrite the "run" method in user.class, the game is unable to load any image at all. Not from the user.jar and not from the game.jar. Java doesn't find the image, as the URL object "getClass().getResource(imagename)" returns with null. I tried to overwrite the image.class, but that doesn't fix the problem, unless I overwrite every class from game.class involved into calling the image.class

    Read the article

  • PHP code displayed in browser

    - by Drake
    so, I'm working on a databases project, and i'm trying to code incrementally. the problem is, when i go to test the php in browser, it displays the php code after my use of "-". the html printing is displayed properly, which is AFTER the point where the - is. here is the php: <?php function getGraphicNovel(){ include_once("./connect.php"); $db_connection = new mysqli($SERVER, $USERNAME, $PASSWORD, $DATABASE); if (mysqli_connect_errno()) { echo("Can't connect to MySQL Server. Error code: " . mysqli_connect_error()); return null; } $stmt = $db_connection->stmt_init(); $returnValue = "invalid"; if($stmt.prepare("select series from graphic_novel_main natural join graphic_novel_misc")) { $stmt->execute(); $stmt->bind_result($series); while ($stmt->fetch()) { echo "<tr><td>" . $series . "</td></tr>"; } $stmt->close(); } $db_connection->close(); } getGraphicNovel(); ?> here is a link to the page. hopefully it works for people outside the school's network. http://plato.cs.virginia.edu/~paw5k/cainedb/viewall.html if anyone knows why this is happening, your input would be great!

    Read the article

  • Http authentication with apache httpcomponents

    - by matdan
    Hi, I am trying to develop a java http client with apache httpcomponents 4.0.1. This client calls the page "https://myHost/myPage". This page is protected on the server by a JNDIRealm with a login form authentication, so when I try to get https://myHost/myPage I get a login page. I tried to bypass it unsuccessfully with the following code : //I set my proxy HttpHost proxy = new HttpHost("myProxyHost", myProxyPort); //I add supported schemes SchemeRegistry supportedSchemes = new SchemeRegistry(); supportedSchemes.register(new Scheme("http", PlainSocketFactory .getSocketFactory(), 80)); supportedSchemes.register(new Scheme("https", SSLSocketFactory .getSocketFactory(), 443)); // prepare parameters HttpParams params = new BasicHttpParams(); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); HttpProtocolParams.setContentCharset(params, "UTF-8"); HttpProtocolParams.setUseExpectContinue(params, true); ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, supportedSchemes); DefaultHttpClient httpclient = new DefaultHttpClient(ccm, params); httpclient.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, proxy); //I add my authentication information httpclient.getCredentialsProvider().setCredentials( new AuthScope("myHost/myPage", 443), new UsernamePasswordCredentials("username", "password")); HttpHost host = new HttpHost("myHost", 443, "https"); HttpGet req = new HttpGet("/myPage"); //show the page ResponseHandler<String> responseHandler = new BasicResponseHandler(); String rsp = httpClient.execute(host, req, responseHandler); System.out.println(rsp); When I run this code, I always get the login page, not myPage. How can I apply my credential parameters to avoid this login form? Any help would be fantastic

    Read the article

  • SQLDeveloper using over 100MB of PGA+UGA

    - by Leigh Riffel
    Perhaps this is normal, but in my Oracle 11g database I am seeing programmers using Oracle's SQL Developer regularly consume more than 100MB of combined UGA and PGA memory. I'd like to know if this is normal and what can be done about it. Our database is on the 32 bit version of Windows 2008, so memory limitations are becoming an increasing concern. I am using the following query to show the memory usage: SELECT e.SID, e.username, e.status, b.PGA_MEMORY FROM v$session e LEFT JOIN (select y.SID, y.value pga, TO_CHAR(ROUND(y.value/1024/1024),99999999) || ' MB' PGA_MEMORY from v$sesstat y, v$statname z where y.STATISTIC# = z.STATISTIC# and NAME = 'session pga memory') b ON e.sid=b.sid WHERE (PGA)/1024/1024 > 20 ORDER BY 4 DESC; It seems that the resource usage goes up any time a table is opened in SQLDeveloper, but even when it is closed the memory does not go away. The problem is worse if the table is sorted while it was open as that seems to use even more memory. I understand how this would use memory while it is sorting, and perhaps even while it is still open, but to use memory after it is closed seems wrong to me. Can anyone confirm this? Update: I discovered that my numbers were off due to not understanding that the UGA is stored in the PGA under dedicated server mode. This makes the numbers lower than they were, but the problem still remains that SQL Developer seems to use excessive PGA.

    Read the article

  • Problem in Application_Error in Global.asax

    - by mmtemporary
    my problem is User.Identity.Name or Request.Url.AbsoluteUri in exception handling is empty when exception email to me. this is Application_Code: void Application_Error(object sender, EventArgs e) { Server.Transfer("~/errors/default.aspx"); } and this is default.aspx code: protected void Page_Load(object sender, EventArgs e) { if (Server.GetLastError() == null) return; Exception ex = Server.GetLastError().GetBaseException(); if (ex == null) return; string message = string.Format("User: ", User.Identity.Name); message += Environment.NewLine; message += string.Format("AbsoluteUri: ", Request.Url.AbsoluteUri); message += Environment.NewLine; message += string.Format("Form: ", Request.Form.ToString()); message += Environment.NewLine; message += string.Format("QueryString: ", Request.QueryString.ToString()); message += Environment.NewLine; HttpBrowserCapabilities browser = Request.Browser; string s = "Browser Capabilities:\n" + "Type = " + browser.Type + "\n" + "Name = " + browser.Browser + "\n" + "Version = " + browser.Version + "\n" + "Platform = " + browser.Platform + "\n" + "Is Crawler = " + browser.Crawler + "\n" + "Supports Cookies = " + browser.Cookies + "\n" + "Supports JavaScript = " + browser.EcmaScriptVersion.ToString() + "\n" + "\n"; message += s; message += Environment.NewLine; message += ex.ToString(); Exception lastException = (Exception)Application["LastException"]; if (lastException == null || lastException.Message != ex.Message) { Application.Lock(); Application["LastException"] = ex; Application.UnLock(); SiteHelper.SendEmail(SiteHelper.AdministratorEMail, "Error!!!", message, false); } Server.ClearError(); } but i receive email like this (this is header without full exception content): User: AbsoluteUri: Form: QueryString: Browser Capabilities: Type = IE8 Name = IE Version = 8.0 Platform = WinXP Is Crawler = False Supports Cookies = True Supports JavaScript = 1.2 why username and request url is emty? this problem is exist when i replace transfer with redirect or i don't use both. tanx

    Read the article

  • add a number in while loop

    - by Luke
    if ($num_rows > 0) { while($row=mysql_fetch_assoc($res)) { $fromuser=$row['username']; $comment=$row['comment']; $commentdate=$row['date']; $date=strtotime($commentdate); $final_date=date("g:i a", $date); $final_date2=date("F j Y", $date); ?> <table align="center" width="100%"style='border-top: 1px dotted;'bgcolor="#eeeeee" > <tr><td><?echo "<a href=\"userprofile.php?user=$fromuser\"><b>$fromuser</b></a> commented:\n";?></td></tr> <tr><td><?echo "at $final_date on $final_date2\n";?></td></tr> <tr bgcolor="#ffffff"><td><?echo "$comment\n";?></td></tr> </table><br> <? } } else { echo"There are currently no comments on this user"; } ?> I am looking for a way to add a number to each comment. So 1, 2, 3, 4, etc in DESC order. I can't think how I can do this?

    Read the article

  • Open a dialog box in same window on selectOneMenu change

    - by Pravingate
    I have a jsf page where I have a selectOneMenu and , I want to open a dialog box on selectOneMenu changes. As a example if user selects a value ="passive" from jsf selectOneMenu it should open a dialog box or a light box on same page where I want to display a small jsf form like as here done. http://www.primefaces.org/showcase-labs/ui/dialogLogin.jsf and I also want save that submitted data in my backing bean somewhere so I can store it in to database later. I dont know how to open a dialog box or light box from backing bean in same window,as we will identify value change using valueChangeListener event or by using ajax event. I am able to identify which value is selected from selectOneMenu(DropdownMenu), but dont know how to open a dialog box on selecting particular value. <h:outputLabel value="* Country: "/> <h:selectOneMenu id="someSelect" value="#{testController.countryName}" required="true"> <f:selectItem itemLabel="Select Country" itemValue=""/> <f:selectItems value="#{testController.countryNamesSelectItems}"/> </h:selectOneMenu> Supoose we have 2 options in selectItems as India and Austrlia, then If a user choose India a dialog box should open on same page where a user need to fill some information and need to submit if he is from india (like here in example http://www.primefaces.org/showcase-labs/ui/dialogLogin.jsf user will put his username and password and submits data) Hope this helps How can I achieve that by using jsf or javascript or ajax or by any else way?

    Read the article

  • Codeigniter Session Data not available in other pages after login

    - by jswat
    So, I have set up a login page that verifies the user's credentials, and then sets codeigniter session data 'email' and 'is_logged_in' and a few other items. The first page after the login, the data is accessible. After that page, I can no longer access the session data. In fact, if I try reloading that first page, the session data is gone. I have tried storing it in the database, storing it unencrypted (bad idea I know, but it was for troubleshooting), and storing it encrypted. I have autoloaded the session library in config.php. Here's an example of the code I'm using to set the session data: $data = array( 'email' => $this->input->post('username'), 'is_logged_in' => true ); $this->session->set_userdata($data); And to retrieve it, I'm using : $this->session->userdata('email'); Or $this->session->userdata('is_logged_in'); I've done lots of work with PHP and cookies, and sessions before, but this is my first project with Codeigniter and I'm perplexed. Could it have something to do with directory issues? I have the login page and process controlled by a 'login' controller, and then it redirects to a 'site' controller. Thanks for your help, and please let me know if I need to clarify anything.

    Read the article

  • How to avoid hard-coded credentials in Sharepoint webpart?

    - by Bryan
    I am building a Sharepoint web part that will be used by all users, but can only be modified by admins. The web part connects to a web service which needs credentials. I hard coded credentials in the web part's code. query.Credentials = new System.Net.NetworkCredential("username", "password", "domain"); query is an instance of the web service class This may not be a good approach. In regard with security, the source code of the web apart is available to people who are not allowed to see the credentials. In normal ASP.net applications, credentials can be written into web.config and encrypted. A web part doesn't have a .config file associated. There is a application-level .config file for the whole sharepoint site, but I don't want to modify it for a single webpart. I wonder if there is a webpart-specific way to solve the credential problem? Say we provide a WebBrowsable property of that web part so that privileged users can modify credentials. If this is desirable, how should I make the property displayed in a password ("*") rather than in plain text? Thanks.

    Read the article

  • Django: Serving a Download in a Generic View

    - by TheLizardKing
    So I want to serve a couple of mp3s from a folder in /home/username/music. I didn't think this would be such a big deal but I am a bit confused on how to do it using generic views and my own url. urls.py url(r'^song/(?P<song_id>\d+)/download/$', song_download, name='song_download'), The example I am following is found in the generic view section of the Django documentations: http://docs.djangoproject.com/en/dev/topics/generic-views/ (It's all the way at the bottom) I am not 100% sure on how to tailor this to my needs. Here is my views.py def song_download(request, song_id): song = Song.objects.get(id=song_id) response = object_detail( request, object_id = song_id, mimetype = "audio/mpeg", ) response['Content-Disposition'= "attachment; filename=%s - %s.mp3" % (song.artist, song.title) return response I am actually at a loss of how to convey that I want it to spit out my mp3 instead of what it does now which is to output a .mp3 with all of the current pages html contained. Should my template be my mp3? Do I need to setup apache to serve the files or is Django able to retrieve the mp3 from the filesystem(proper permissions of course) and serve that? If it do need to configure Apache how do I tell Django that? Thanks in advanced. These files are all on the HD so I don't need to "generate" anything on the spot and I'd like to prevent revealing the location of these files if at all possible. A simple /song/1234/download would be fantastic.

    Read the article

  • Should i write my own forum? If my site has banning/PM/etc?

    - by acidzombie24
    I built a site from scratch (already done). It has banning, PM, comments, etc. The PMs and comments are done using markdown (like SO system). Should i write my own forum code or should i find one already made? What are reasons for or against writing my own? There are pros and cons for writing my own or using another software. But some cons keeping me from using another forum software is Multiple Logins: One for the site, one for separate forums. Need to Customization code: I'll need to change the toolbar in the forum software so i can access pages on the regular site. Look consistency: It may look drastically different from my site even after applying lots of css changes. Banning and User consistency. Users may be ban on site or on forums but not the other. users may select a different or multiple usernames on the forum instead of being forced to use the same username on both site and forum. What are reasons for or against writing my own and using forum software?

    Read the article

  • Parse error: syntax error, unexpected ';'

    - by sufoid
    Hallo I have this script: <? require("lib2/config.inc.php"); require("lib2/tpl.class.php"); require("lib2/db.class.php"); require("lib2/um.class.php"); $tpl = new template("templates", "tpl"); $db = new db($db['location'], $db['username'], $db['passwort'], $db['database']); $um = new usermanagment(); /** User login **/ $checklogin = $um->check_login(); $userdata = $um->getuserdata(); if(!$checklogin && !$guest) { header("LOCATION: ./index2.php"); } eval("\$header .= \" ".$tpl->get("header")."\";"); eval("\$footer .= \" ".$tpl->get("footer")."\";"); $time = time(); $db->Query("UPDATE userdaten SET lastaction = '$time' WHERE userid = '".$userdata['userid']."'"); ?> And get this error: Parse error: syntax error, unexpected ';' in /home/httpd/html/login/global.php(22) : eval()'d code on line 96 Any ideas?

    Read the article

  • Servlet Security question about j_security_check, j_username and j_password

    - by Nitesh Panchal
    Hello, I used jdbcRealm in my web application and it's working fine. I defined all constraints also in my web.xml. Like all pages of url pattern /Admin/* should be accessed by only admin. I have a login form with uses standard j_security_check, j_username and j_password. Now, when i type Admin/home.jsf it rightly redirects me login.jsf and there when i type the password i am redirected to home.jsf. This works alright but problem comes i directly go to login.jsf and then type password and username. This time it again redirects me to login.jsf. Is there any way through which i can specify which page to go when successful login is there? I need to specify different different pages for different roles. For Admin, it is /Admin/home.jsf for general users it is /General/home.jsf because login form is shared between different type of users. Where do i specify all these things? Secondly, i want to have a remember me checkbox at the end of login form. How do i do this? By default, it is submitted to j_security_check servlet and i have no control over its execution. Please help. This doesn't seem so hard but looks like i am missing something.

    Read the article

  • custom rss feed suddenly does not work anymore

    - by krike
    I just don't understand what's happening, I haven't change anything to the site for a few months but now suddenly the rss feed doesn't work anymore. I create a php file with the following code: header('Content-type: text/xml'); include("config/config.inc.php"); $result = mysqli_query($link, "SELECT * FROM tutorials ORDER BY tutorial_id DESC LIMIT 50"); ?> <rss version="2.0"> <channel> <title>CMS tutorial site</title> <description>Bringing you the best CMS tutorials from the web</description> <link>http://cmstutorials.org</link> <?php while($row = mysqli_fetch_object($result)) { $user = mysqli_fetch_object(mysqli_query($link, "SELECT * FROM user_extra WHERE userid=".$row->user_id."")); ?> <item> <title><?php echo $row->title; ?></title> <author><?php echo $user->username; ?></author> <description><?php echo $row->description; ?></description> <pubDate><?php echo $row->date; ?></pubDate> <link>http://cmstutorials.org/view_tutorial.php?tutorial_id=<?php echo $row->tutorial_id; ?></link> </item> <?php } ?> </channel> </rss> I checked the query by executing it in phpmyadmin and it works, doesn't give any error. When I delete the header content type and the rss tag it will print out each line from the query but the feed won't display anything this is the link of the feed http://cmstutorials.org/rss (or http://cmstutorials.org/rss.php)

    Read the article

  • Problem with impersonating a specific user in WCF service

    - by aJ
    I am having a WCF service hosted in IIS on WindowsServer 2008. This service needs to write to a shared folder present on another machine(Windows XP). The shared folder has write permissions for a particular user say "X" which is present on both the machines .i.e on the server where the service is running as well as the machine where the shared folder is present. The service runs under the NETWORK SERVICE account. For the service to access the shared folder I have added code to impersonate the user "X"in the service so that it gets the permission to write to the shared folder. Since I want to impersonate user "X" only when I run a particular section of code I have used the sample code. Even after the impersonation the service fails to write to the shared folder sometimes. It works sporadically. Whereas if I add tag in the Web.config file it works perfectly fine. <identity impersonate="true" userName="accountname" password="password" /> But the above is not desirable since it impersonates a specific user for all the requests. What I need is to impersonate a specific user only when I run a particular section of code. Also, the impersonation code works absolutely fine when the shared folder is present on another WindowsServer 2008. Could anyone give me ideas on what's going wrong here.

    Read the article

  • PHP -- automatic SQL injection protection?

    - by ashgromnies
    I took over maintenance of a PHP app recently and I'm not super familiar with PHP but some of the things I've been seeing on the site are making me nervous that it could be vulnerable to a SQL injection attack. For example, see how this code for logging into the administrative section works: $password = md5(HASH_SALT . $_POST['loginPass']); $query = "SELECT * FROM `administrators` WHERE `active`='1' AND `email`='{$_POST['loginEmail']}' AND `password`='{$password}'"; $userInfo = db_fetch_array(db_query($query)); if($userInfo['id']) { $_SESSION['adminLoggedIn'] = true; // user is logged in, other junk happens here, not important The creators of the site made a special db_query method and db_fetch_array method, shown here: function db_query($qstring,$print=0) { return @mysql(DB_NAME,$qstring); } function db_fetch_array($qhandle) { return @mysql_fetch_array($qhandle); } Now, this makes me think I should be able to do some sort of SQL injection attack with an email address like: ' OR 'x'='x' LIMIT 1; and some random password. When I use that on the command line, I get an administrative user back, but when I try it in the application, I get an invalid username/password error, like I should. Could there be some sort of global PHP configuration they have enabled to block these attacks? Where would that be configured? Here is the PHP --version information: # php --version PHP 5.2.12 (cli) (built: Feb 28 2010 15:59:21) Copyright (c) 1997-2009 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies with the ionCube PHP Loader v3.3.14, Copyright (c) 2002-2010, by ionCube Ltd., and with Zend Optimizer v3.3.9, Copyright (c) 1998-2009, by Zend Technologies

    Read the article

  • c# Sending emails with authentication. standard approach not working

    - by Ready Cent
    I am trying to send an email using the following very standard code. However, I get the error that follow... MailMessage message = new MailMessage(); message.Sender = new MailAddress("[email protected]"); message.To.Add("[email protected]"); message.Subject = "test subject"; message.Body = "test body"; SmtpClient client = new SmtpClient(); client.Host = "mail.myhost.com"; //client.Port = 587; NetworkCredential cred = new NetworkCredential(); cred.UserName = "[email protected]"; cred.Password = "correct password"; cred.Domain = "mail.myhost.com"; client.Credentials = cred; client.UseDefaultCredentials = false; client.Send(message); Mailbox unavailable. The server response was: No such user here. This recipient email address definitely works. To make this account work I had to do some special steps in outlook. Specifically, I had to do change account settings - more settings - outgoing server - my outgoing server requires authentication & use same settings. I am wondering if there is some other strategy. I think the key here is that my host is Server Intellect and I know that some people on here use them so hopefully someone else has been able to get through this. I did talk to support but they said with coding issues I am on my own :o

    Read the article

  • Is it possible to disable/bypass the login popup caused by mod_auth_ntlm_winbind (Single Sign On) an

    - by cvack
    I have an intranet on a remote Web server. This will be integrated with Active Directory on our local server. The web server is running Apache / Linux and the AD server is running Windows 2003. This is all done with VPN. Login to the intranet is conducted in two ways: 1. Users who are logged in to AD to be logged in automatically with SSO. 2. Users who are NOT logged in to AD to be logged in using a common login form. In order to auto login (SSO) I use mod_auth_ntlm_winbind. The problem here is that the users not logged in to AD will get a popup box where they must enter their DOMAIN/username + AD password. If I disable this popup, there is no way to get $_SERVER['REMOTE_USER'] Then my question: Is it possible to turn off this popup box and still get the REMOTE_USER? Or: If possible, can I use AJAX to check if http://my-intranet/auth returns 401 error (non-AD users). If so, do not go to the /auth folder.

    Read the article

  • Problem logging in and changing permissions in Facebook

    - by kujawk
    Hi everybody, I've got a piece of code that logs into Facebook, gets a session, sets status_update and offline_access permission if they are not set, and gets a new session with the newly set permissions. This code used to work fine but now I'm getting error 100 "One of the parameters specified was missing or invalid" as a response to the second call to get session and I can't figure out why. Here's the sequence in detail: CREATE TOKEN restserver.php?method=auth.createToken&api_key=[our key]&v=1.0&format=JSON&sig=[sig created with our secret] response: new token LOGIN m.facebook.com/login.php?api_key=[our key]&v=1.0&auth_token=[token created above] login screen loads and user successfully logs in with their username/password. GET SESSION restserver.php?method=auth.getSession&api_key=[our key]&v=1.0&format=JSON&auth_token=token created above&sig=[sig created with our secret] response: session key with expiration date and a secret CHECK/AUTHORIZE PERMISSIONS restserver.php?method=users.hasAppPermission&api_key=[our key]&v=1.0&format=JSON&ext_perm=status_update&call_id=[proper id]&session_key=[key returned above]&sig=[sig created with secret returned for get session] response: 0 m.facebook.com/authorize.php?api_key=[our key]&v=1.0&ext_perm=status_update authorization screen loads and user authorizes Same steps for status_update CREATE NEW TOKEN Same steps as done to create the first token LOGIN m.facebook.com/login.php?api_key=[our key]&v=1.0&auth_token=[new token] user is already logged in, redirected to their homepage GET NEW SESSION restserver.php?method=auth.getSession&api_key=[our key]&format=JSON&auth_token=[new token]&sig=[sig created with our secret] response: error 100 - missing or invalid parameter. Of course it doesn't tell me which one. Anybody have any ideas what I'm doing wrong here? I tried skipping the second login and going right to creating the new session and that didn't work. The only thing that seems to work is logging out the user after they've authorized the permissions and having them log back in again. I'd like to avoid this if possible. Can you have two outstanding sessions at one time? This code used to work but I'm thinking maybe something changed on Facebook's end that I'm not aware of. Thanks, kris

    Read the article

  • Why does grails use hsqldb when I ask for mysql?

    - by John
    I'm following the racetrack example from Jason Rudolph's book at InfoQ, using grails-1.2.1. I got up to the part where I was to switch from hsqldb to mysql. I think I've deleted every reference to hsqldb in the DataSource.groovy file, but I get an exception and the stack trace shows it's still using hsqldb. DataSource.groovy dataSource { boolean pooled = true String driverClassName = "com.mysql.jdbc.Driver" String url = "jdbc:mysql://localhost/dfpc2" String dbCreate = "create" String username = "dfpc2" String password = "dfpc2" dialect = org.hibernate.dialect.MySQL5InnoDBDialect } hibernate { cache.use_second_level_cache=true cache.use_query_cache=true cache.provider_class='net.sf.ehcache.hibernate.EhCacheProvider' } // environment specific settings environments { development { } test { } production { } } When I grails run-app it all starts up with no errors. I can navigate to the home page. But when I click on one of the links, I get a stack trace: java.sql.SQLException: Table not found in statement [select this_.id as id0_0_, this_.version as version0_0_, this_.name as name0_0_, this_.variant as variant0_0_ from domainObject this_ limit ?] at org.hsqldb.jdbc.Util.throwError(Unknown Source) at org.hsqldb.jdbc.jdbcPreparedStatement.<init>(Unknown Source) at org.hsqldb.jdbc.jdbcConnection.prepareStatement(Unknown Source) at dfpc2.domainObjectController$_closure2.doCall(script1269434425504953491149.groovy:13) at dfpc2.domainObjectController$_closure2.doCall(script1269434425504953491149.groovy) at java.lang.Thread.run(Thread.java:619) My mysql database shows no tables created. (I don't think groovy's connected to mysql yet.) Things I've checked: mysql-connector-java-5.1.6.jar is in lib directory. I've tried grails clean I tried putting the dataSource info in the development environment (I haven't graduated to test or prod yet), but it seemed to make no difference. The stdout shows I'm using development env. I've googled for solutions, but the only solution I've found is when people don't change the test or production environments.

    Read the article

  • Approaches for cross server content sharing?

    - by Anonymity
    I've currently been tasked with finding a best solution to serving up content on our new site from another one of our other sites. Several approaches suggested to me, that I've looked into include using SharePoint's Lists Web Service to grab the list through javascript - which results in XSS and is not an option. Another suggestion was to build a server side custom web service and use SharePoint Request Forms to get the information - this is something I've only very briefly looked at. It's been suggested that I try permitting the requesting site in the HTTP headers of the serving site since I have access to both. This ultimately resulted in a semi-working solution that had major security holes. (I had to include username/password in the request to appease AD Authentication). This was done by allowing Access-Control-Allow-Origin: * The most direct approach I could think of was to simply build in the webpart in our new environment to have the authors manually update this content the same as they would on the other site. Are any one of the suggestions here more valid than another? Which would be the best approach? Are there other suggestions I may be overlooking? I'm also not sure if WebCrawling or Content Scrapping really holds water here...

    Read the article

  • I have a problem with mysql and php

    - by neo skosana
    Hi I have a problem, this is my code: $db = new mysqli("localhost", "root", "", "blah"); $result1 = $db-query("select * from c_register where email = '$eml' and password = '$pass'"); if($result1-fetch_array()) { $auth->createSession(); $_SESSION['user'] = 'client'; promptUser("You have successfully logged in!!!","index.php"); } $db = new mysqli("localhost", "root", "", "blah"); $result2 = $db-query("select * from b_register where email = '$eml' and password = '$pass'"); if($result2-fetch_array()) { $auth->createSession(); $_SESSION['user'] = 'business'; promptUser("You have successfully logged in!!!","index.php"); } $db = new mysqli("localhost", "root", "", "blah"); $result3 = $db-query("select * from g_register where email = '$eml' and password = '$pass'"); if($result3-fetch_array()) { $auth->createSession(); $_SESSION['user'] = 'employee'; promptUser("You have successfully logged in!!!","index.php"); } $db = new mysqli("localhost", "root", "", "blah"); $result4 = $db-query("select * from k_register where email = '$eml' and password = '$pass'"); if($result4-fetch_array()) { $auth->createSession(); $_SESSION['user'] = 'super'; promptUser("You have successfully logged in!!!","index.php"); } else { promptUser("Username/Password do not match. Please try again!!!",""); } Funny enough this code works, but I no that I went about it the wrong way. I am new with php and mysql, so please help. I also tried e.gresult4->free(); for all the variable that save the data, and I got this error: Fatal error: Call to a member function free() on a non-object in...

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 238 239 240 241 242 243 244 245 246 247 248 249  | Next Page >