Search Results

Search found 91084 results on 3644 pages for 'user forums'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 248/3644 | < Previous Page | 244 245 246 247 248 249 250 251 252 253 254 255  | Next Page >

  • Use ini/appconfig file or sql server file to store user config?

    - by h2g2java
    I know that the preference for INI or appconfig XML is their human readability. Let's say user preferences stored for my app are hierarchical and numbers about a thousand items and it would be really confusing for a user to edit an INI to change things anyway. I have always been using a combination of INI with appconfig. I am leaning towards using sql server db file, now. Every time the user changes a preference while using the app, it would be stored into the db file - that's my line of thought. I am also thinking that such a config db file could move around with the app too, just like an INI. Before I do that, any advice 1. If there are any disadvantages against using a db file over INI or appconfig. 2. If a shop uses mysql or oracle, do you think your colleagues would lift up their pro-mysql or pro-oracle eyebrow questioning why you would use sql server technology in a mysql or oracle shop? I mean, I am just using it like an INI file or app.config anyway, right?

    Read the article

  • what is the best way to analyze user raw query and detect what who want to search

    - by Sadegh
    hi, i am developing a very basic prototype of web search engine and now i want to know what is the best way to analyze user raw query and detect what who want to search. like Google, Bing, Yahoo etc... an example user query is something like this: Google+Maps+"South+Africa"+Brasil+OR+Italy+OR+Spain+-Argentina+Netherland and i want to splite this to a generic list of each term(single) like this: IEnumerable<KeyValuePair<TermType, string>> <TermType.All, "Google"> <TermType.All, "Maps"> <TermType.Exact, "South"> <TermType.Exact, "Africa"> <TermType.Any, "Brazil"> <TermType.Any, "Italy"> <TermType.Any, "Spain"> <TermType.None, "Argentina"> <TermType.None, "Netherland"> i don't want complete code, i want guidance, solution, tips or anything that's help me to write best for anylize user raw query. thanks in advance

    Read the article

  • .NET MissingMethodException occuring on one of thousands of end-user machines -- any insight?

    - by Yoooder
    This issue has me baffled, it's affecting a single user (to my knowledge) and hasn't been reproduced by us... The user is receiving a MissingMethodException, our trace file indicates it's occuring after we create a new instance of a component, when we're calling an Initialize/Setup method in preparation to have it do work (InitializeWorkerByArgument in the example) The Method specified by the error is an interface method, which a base class implements and classes derived from the base class can override as-needed The user has the latest release of our application All the provided code is shipped within a single assembly Here's a very distilled version of the component: class Widget : UserControl { public void DoSomething(string argument) { InitializeWorkerByArgument(argument); this.Worker.DoWork(); } private void InitializeWorkerByArgument(string argument) { switch (argument) { case "SomeArgument": this.Worker = new SomeWidgetWorker(); break; } // The issue I'm tracking down would have occured during "new SomeWidgetWorker()" // and would have resulted in a missing method exception stating that // method "DoWork" could not be found. this.Worker.DoWorkComplete += new EventHandler(Worker_DoWorkComplete); } private IWidgetWorker Worker { get; set; } void Worker_DoWorkComplete(object sender, EventArgs e) { MessageBox.Show("All done"); } } interface IWidgetWorker { void DoWork(); event EventHandler DoWorkComplete; } abstract class BaseWorker : IWidgetWorker { virtual public void DoWork() { System.Threading.Thread.Sleep(1000); RaiseDoWorkComplete(this, null); } internal void RaiseDoWorkComplete(object sender, EventArgs e) { if (DoWorkComplete != null) { DoWorkComplete(this, null); } } public event EventHandler DoWorkComplete; } class SomeWidgetWorker : BaseWorker { public override void DoWork() { System.Threading.Thread.Sleep(2000); RaiseDoWorkComplete(this, null); } }

    Read the article

  • How do I send an email with HTML with an address the user inputs?

    - by MeganSime
    I have an app i am designing and there is a page for emails. The user inputs their name, email address and message and then clicks 'submit'. this works, but i don't know how to make the user's input be on the email. this is the code so far; <form id="contacts-form" action="mailto:[email protected]"> <ul class = "rounded"> <li style = "color: #FFFFFF">Full Name:<input type="text" placeholder = "J. Doe" name = "signature" id = 'signature' /></li> <li style = "color: #FFFFFF">E-mail:<input type="text" placeholder = "[email protected]" name = "address" id = 'address' /></li> <li style = "color: #FFFFFF">Message:<input type = "text" placeholder = "Message" name = "message" id = 'message' /></li> <a href="mailto:address?subject=subject&body=message" class="button">Submit</a> </ul> </form> does anyone know how to change the code to allow the user input to go onto the email? Thanks a lot in advance x

    Read the article

  • Algorithm for assigning a unique series of bits for each user?

    - by Mark
    The problem seems simple at first: just assign an id and represent that in binary. The issue arises because the user is capable of changing as many 0 bits to a 1 bit. To clarify, the hash could go from 0011 to 0111 or 1111 but never 1010. Each bit has an equal chance of being changed and is independent of other changes. What would you have to store in order to go from hash - user assuming a low percentage of bit tampering by the user? I also assume failure in some cases so the correct solution should have an acceptable error rate. I would an estimate the maximum number of bits tampered with would be about 30% of the total set. I guess the acceptable error rate would depend on the number of hashes needed and the number of bits being set per hash. I'm worried with enough manipulation the id can not be reconstructed from the hash. The question I am asking I guess is what safe guards or unique positioning systems can I use to ensure this happens.

    Read the article

  • How do I deliver mail for wildcard addresses to a particular user/alias/program?

    - by David M
    I need to configure sendmail so that mail delivered for wildcard addresses is accepted for delivery and then delivered to a user, alias, or directly to a script. I can rewrite the envelope/headers any number of ways, but I don't know how to accept the wildcard address when it's provided in RCPT TO: Everything I've tried so far winds up with a 550 user unknown error. So here's a specific example: I want to be able to handle any address that consists of a series of digits followed by a dot followed by a word, then pipe that to a script. If the headers get rewritten, that's OK, but I need the envelope to contain the actual Delivered-To address. Here's the sort of SMTP session I need: 220 blah.foo.com ESMTP server ready; Thu, 22 Apr 2010 20:41:08 -0700 (PDT) HELO blort.foo.com 250 blah.foo.com Hello blort.foo.com [10.1.2.3], pleased to meet you MAIL FROM: <[email protected]> 250 2.1.0 <[email protected]>... Sender ok RCPT TO: <[email protected]> 250 2.1.5 <[email protected]>... Recipient ok I tried some stuff with regex maps, but I never got past 550 user unknown.

    Read the article

  • Forcing user to new page in php. (PHP newbie)

    - by JohnC
    Hello I'm a newbie web programmer. My background is writing Windows applications with sql. I'm putting together my 1st data entry screens in Php. I have a search form that links to a form that displays records in a grid. On each row of the grid I have a delete url to allow the user to remove a record. This links to a form delete.php (which calls the sql to remove the record). Ideally I would like to automatically take the user back to the search form rather than forcing the user to click on a link to do so. I have used ob_start with the header to do this elsewhere but cannot get it to work on this page. Is there another way to do it? (Using php 5 as part of LAMP) file delete.php <?php $id = $_GET['recordID']; //ob_start(); require_once('connections/local.php'); mysql_select_db($database_local, $local); mysql_query("DELETE FROM user_access WHERE id = {$id}") or die(mysql_error()); echo("Record ".$id." deleted"); echo("<br>"); //header("location:http://localhost/search7.htm); //ob_flush(); echo("<a href=\"http://localhost/search7.htm\">Search for Members</a>"); ?>

    Read the article

  • How can I send rich emails using the user's mail client ?

    - by Brann
    I need my .net program to send rich emails (usually containing table data, around 20 columns x 10 rows) using the user's mail infrastructure, allowing him to review/edit the mail before sending it, and storing the mail in his 'sent items' folder. mailto: seems the obvious choice, but unfortunately, it doesn't support neither attachments nor html bodies. It seems some clients support some extra features (e.g. Outlook 97 used to support a &Attach tag, but this is not the case for more recent versions). I could use mailto and try to format the text body to look nice (using tabs, etc), but this isn't really elegant and wouldn't support huge data. using automation seems a very huge task, as I would need to automate dozens of clients (4 or 5 versions of outlook, lotusnotes, thunderbid, etc.) ... This would be a huge task and it's not really my core business ... I could send emails through code and write my own mail form to let the user edit the mail, but this would have a lot of drawbacks : the user would need to manually configure the mail server settings he wouldn't have access to his contact directory the mail wouldn't be sent in his sent items folder This seems a quite common issue, but I haven't found any satisfying solution yet ; does someone knows of a library supporting this (ie containing automation logic for most mainstream email clients?). Or an alternative to mailto ?

    Read the article

  • How to make NSIS create a file in an %APPDATA% of another user?

    - by SCO
    I wrote an NSIS installer script for postgresql 9.1. The installer works properly, but after the reboot, the service is not started (right after the install, the database started properly though) I guess this is because the postgres service user has no pgpass.conf file in its %APPDATA%. As far as I understand my install script, the pgpass.conf file is added to the %APPDATA% of the user running the installer (an administrator account in my case). This will not help. I tried the following, to add the pgpass.conf to all users, bt I guess this adds it to a kind of wildcard, not to the %APPDATA% of each user : SetShellVarContext "all" SetOutPath "$APPDATA\postgresql" File config\pgpass.conf SetShellVarContext "current" SetOutPath "$APPDATA\postgresql" File config\pgpass.conf I couldn't find the macro name for c:/Users/postgres in the documentation. This could be a way to achieve it. But with WindowsXP, 7, I wish I need a portable way to address the /Users directory. I wish I could use something like SetShellVarContext "postgres", and then have NSIS write the pgpass.conf file in c:\Users\postgres\AppData\postgresql. Is there a way to do this ? Thnk you !

    Read the article

  • Getting the number of posts a user has by the number of rows returned?

    - by transparent
    So I have a question. I have chatting/IM website that I am working on and I was making a user profile page. I wanted to show how many posts that user had. Another issue I had earlier was that when I called a certain value it would return a 'Resource #1' type string. But I got that working by using $totalposts=mysql_query("SELECT * FROM `posts` WHERE Username='" . $username . "'"); $totalposts = mysql_fetch_row($totalposts); $totalposts = $totalposts[0]; But that just returns the last postID of the most recent post. I thought that mysql_num_rows would work. But this code returns an error (example with numbers): 29: $totalposts=mysql_query("SELECT * FROM `posts` WHERE Username='" . $username . "'"); 30: $totalposts = mysql_num_rows($totalposts); 31: $totalposts =mysql_fetch_row($totalposts); 32: $totalposts = $totalposts[0]; That returns this error: Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in /home/a9091503/public_html/im/user.php on line 31 Thanks guys. :) I hope you can figure this out. :D

    Read the article

  • What prevents a user from adding controls to an ASP.NET page client side?

    - by Curtis White
    This goes back to my other question which I thought was sufficiently answers but upon reflect am not sure that it was (sorry). Backgrounder: I am generating a form dynamically. I am pulling from the database the controls. I must associate each control with a database ID which is not the user's session id. I do this currently by storing my ID in the ID for the web control with some other stuff to make it unique/clear what I am doing. On the post back, I iterate through all the controls on my web page checking for my special identifier, ie, MyGeneratedTextBox_ID_Unique. This process enables for 2 important steps, identifying the control was one I generated and also getting the ID for this input field. And, all of this works but I'm still concerned about the security of it. I do not see a security issue with showing the actual database ID's in this case, although agree it is not desirable. However, I am concerned of the following possibilities: If a user could add a nefarious control to my collection and use that for a SQL injection attack. More academic, but if a user could somehow store data for fields they do not have access too by changing the id's. I agree this is a "hack" of a way to do it. But my question is, is it a security risk and is there an 'easy' way to do it in a less hack way? I assume that only the controls that are created/instantiated on the page are added to the controls list.. thus all controls must be created server side and thus the security issue is address but just wanted to validate. Thanks again. PS: I could see adding a property for each control and encrypting the viewstate would be a little more secure.

    Read the article

  • how do you authenticate a user between two services, if they are both using a common third-party oauth service?

    - by urandom
    I'm currently experimenting with oauth logins on a website, using google oauth2. While I set that up without too many problems, I saw that there isn't some kind of permanent token, which only google and the authorized service know about a user. Also, from what I gathered, if I were to create a companion app on android, the preferred way is to go with AccountManager, which seems to handle giving oauth2 access tokens for google accounts. But if I authenticate myself from the anroid app using a google account, how do I now link that user to the same one in the web app? One way I think this can be done if the user also logs into the web app as well, so that the server receives a fresh access token, and the android and web one are compared. But that seems like a huge hassle, and I haven't seen many other apps do that. Another is to use a refresh token on the server, but that would require extra permissions which might put off any potential visitors. So what is the general workflow for achieving this? Or am I thinking the wrong way?

    Read the article

  • Can I create a Google calendar for a user in a hosted domain using the admin credentials

    - by user351013
    I use the admin credentials for all of my interactions with the google api and I can retrieve\create\update\delete events from and for all of my hosted domain users. However, when I go to create a calendar for a hosted domain user, the calendar is created in the admins space. In the example below the GoogleUserName does NOT match the GoogleAccount. The postUri would look similar to : http://www.google.com/calendar/feeds/[email protected]/owncalendars/full and the GoogleUserName is [email protected]. The api creates a calendar but it is in the admins space. CalendarService service = new CalendarService("Test"); service.setUserCredentials(GoogleUserName, GooglePassword); CalendarEntry calendar = new CalendarEntry(); calendar.TimeZone = "America/Chicago"; calendar.Title.Text = Title; calendar.Summary.Text = Description; calendar.Color = Color; calendar.Selected = true; calendar.Hidden = false; Uri postUri = new Uri(String.Format("http://www.google.com/calendar/feeds/{0}/owncalendars/full", GoogleAccount)); CalendarEntry createdCalendar = (CalendarEntry)service.Insert(postUri, calendar); The documentation does specify to use the users credentials however the documentation is not specific to hosted domains a great deal of the time and as such I am always attempting trial and error when trying interactions. That I can use all of the CRUD on the user's events themselves using the admin credentials leaves me to believe that it might be possible.

    Read the article

  • How to color or highlight line when user click the checkbox in jQuery?

    - by Rohit
    I am implementing the highlight procedure of line . If the user click the checkbox it will highlight whole line by yellow. User can make as this any number of line. So it is possible to highlight the whole line when user click the checkbox? Please check my picture I select all text when I click the checkbox (because you will understand my problem) I am trying here in this fiddle <div> <button id="next">next </button> <button id ="previous">previous </button> </div> Checked rows: <span id="checkedRows"></span> <div id="content"> <div id="left"> <div class='cb'> <input type="checkbox" /> </div> </div> <div id="realTimeContents" class="left realtimeContend_h"></div> </div>

    Read the article

  • NHibernate - I have many, but I only want one!

    - by MartinF
    Hello, I have a User which can have many Emails. This is mapped through a List collection (exposed by IEnumerable Emails on the User). For each User one of the Emails will be the Primary one ("Boolean IsPrimary" property on Email). How can I get the primary Email from User without NHibernate loads every email for the User ? I have the following two entities, with a corresponding table for each public class User { public virtual int Id { get; set; } public virtual IEnumerable<Email> Emails { get; set; } // public virtual Email PrimaryEmail { get; set; } - Possible somehow ? } public class Email { public virtual int Id { get; set; } public virtual String Address { get; set; } public virtual Boolean IsPrimary { get; set; } public virtual User User { get; set; } } Can I map a "Email PrimaryEmail" property etc. on the User to the Email which have "IsPrimary=1" set somehow ? Maybe using a Sql Formula ? a View ? a One-To-One relationship ? or another way ? It should be possible to change the primary email to be one of the other emails, so i would like to keep them all in 1 table and just change the IsPrimary property. Using a Sql Formula, is it be possible to keep the "PrimaryEmail" property on the User up-to-date, if I set the IsPrimary property on the current primary email to false, and then afterwards set the PrimaryEmail property to the email which should be the new primary email and set IsPrimary to true ? Will NHibernate track changes on the "old/current" primary Email loaded by the Sql Formula ? What about the 1 level cache and the 2 level cache when using SqlFormula ? I dont know if it could work by using a View ? Then i guess the Email could be mapped like a Component ? Will it work when updating the Email data when loaded from the View ? Is there a better way ? As I have a bi-directional relationship between User and Email I could in many cases of course query the primary Email and then use the "User" property on the Email to get the User (instead of the other way around - going from User to the primary Email) Hope someone can help ?

    Read the article

  • AD - DirectoryServices: VBNET2.0 - Speaking architecture...

    - by Will Marcouiller
    I've been mandated to write an application to migrate the Active Directory access models to another environment. Here's the context: I'm stuck with VB.NET 2005 and .NET Framework 2.0; The application must use the Windows authenticated user to manage AD; The objects I have to handle are Groups, Users and OrganizationalUnits; I intend to use the Façade design pattern to provider ease of use and a fully reusable code; I plan to write a factory for each of the objects managed (group, ou, user); The use of Attributes should be useful here, I guess; As everything is about the DirectoryEntry class when accessing the AD, it seems a good candidate for generic types. Obligatory features: User creates new OUs manually; User creates new group manually; User creates new user (these users are services accounts) manually; Application reads an XML file which contains the OUs, groups and users to create; Application informs the user about the OUs, groups and users that shall be created; User specifies the domain environment where to migrate the XML input file designated objects; User makes changes if needed, and launches the task operations; Application performs required by the XML input file operations against the underlying AD as specified by the user; Application informs the user upon completion. Linear features: User fetches OUs, groups, users; User changes OUs, groups, users; User deletes OUs, groups, users; The application logs AD entries and operations performed, plus errors and exceptions; Nice-to-have features: Application rollbacks operations on error or exception. I've been working for weeks now to get acquainted with the AD and the System.DirectoryServices assembly. But I don't seem to find a way to be fully satisfied with what I'm doing and always looking for better. I have studied Bret de Smet's Linq to AD on CodePlex, but then again, I can't use it as I'm stuck with .NET 2.0, so no Linq! But I've learned about Attributes, and seen that he's working with generic types as he codes a DirectorySource class to perform the operations for OUs, groups and users. Any suggestions? Thanks for any help, code sample, ideas, architural solution, everything!

    Read the article

  • How do I save an object that contains and EntitySet?

    - by Pete
    Say I have an User (mapped to a User table) and the Edit view (in MVC) displays a multiselectlist of Modules (mapped to a Modules table) that user can access, with the Modules pre-selected based on the User's EntitySet of Modules. I have tried saving the User then deleting all User_Modules manually and adding them back based on what's selected on submit, but the User has a null EntitySet for User.User_Modules. I cannot find the correct way to handle this scenario anywhere online. Can anyone help?

    Read the article

  • Spring transactions not committing

    - by Clinton Bosch
    I am struggling to get my spring managed transactions to commit, could someone please spot what I have done wrong. All my tables are mysql InnonDB tables. My RemoteServiceServlet (GWT) is as follows: public class TrainTrackServiceImpl extends RemoteServiceServlet implements TrainTrackService { @Autowired private DAO dao; @Override public void init(ServletConfig config) throws ServletException { super.init(config); WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(config.getServletContext()); AutowireCapableBeanFactory beanFactory = ctx.getAutowireCapableBeanFactory(); beanFactory.autowireBean(this); } @Transactional(propagation= Propagation.REQUIRED, rollbackFor=Exception.class) public UserDTO createUser(String firstName, String lastName, String idNumber, String cellPhone, String email, int merchantId) { User user = new User(); user.setFirstName(firstName); user.setLastName(lastName); user.setIdNumber(idNumber); user.setCellphone(cellPhone); user.setEmail(email); user.setDateCreated(new Date()); Merchant merchant = (Merchant) dao.find(Merchant.class, merchantId); if (merchant != null) { user.setMerchant(merchant); } // Save the user. dao.saveOrUpdate(user); UserDTO dto = new UserDTO(); dto.id = user.getId(); dto.firstName = user.getFirstName(); dto.lastName = user.getLastName(); return dto; } The DAO is as follows: public class DAO extends HibernateDaoSupport { private String adminUsername; private String adminPassword; private String godUsername; private String godPassword; public String getAdminUsername() { return adminUsername; } public void setAdminUsername(String adminUsername) { this.adminUsername = adminUsername; } public String getAdminPassword() { return adminPassword; } public void setAdminPassword(String adminPassword) { this.adminPassword = adminPassword; } public String getGodUsername() { return godUsername; } public void setGodUsername(String godUsername) { this.godUsername = godUsername; } public String getGodPassword() { return godPassword; } public void setGodPassword(String godPassword) { this.godPassword = godPassword; } public void saveOrUpdate(ModelObject obj) { getHibernateTemplate().saveOrUpdate(obj); } And my applicationContext.xml is as follows: <context:annotation-config/> <context:component-scan base-package="za.co.xxx.traintrack.server"/> <!-- Application properties --> <bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"> <property name="locations"> <list> <value>file:${user.dir}/@propertiesFile@</value> </list> </property> </bean> <bean id="sessionFactory" class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean"> <property name="hibernateProperties"> <props> <prop key="hibernate.dialect">${connection.dialect}</prop> <prop key="hibernate.connection.username">${connection.username}</prop> <prop key="hibernate.connection.password">${connection.password}</prop> <prop key="hibernate.connection.url">${connection.url}</prop> <prop key="hibernate.connection.driver_class">${connection.driver.class}</prop> <prop key="hibernate.show_sql">${show.sql}</prop> <prop key="hibernate.hbm2ddl.auto">update</prop> <prop key="hibernate.c3p0.min_size">5</prop> <prop key="hibernate.c3p0.max_size">20</prop> <prop key="hibernate.c3p0.timeout">300</prop> <prop key="hibernate.c3p0.max_statements">50</prop> <prop key="hibernate.c3p0.idle_test_period">60</prop> </props> </property> <property name="annotatedClasses"> <list> <value>za.co.xxx.traintrack.server.model.Answer</value> <value>za.co.xxx.traintrack.server.model.Company</value> <value>za.co.xxx.traintrack.server.model.CompanyRegion</value> <value>za.co.xxx.traintrack.server.model.Merchant</value> <value>za.co.xxx.traintrack.server.model.Module</value> <value>za.co.xxx.traintrack.server.model.Question</value> <value>za.co.xxx.traintrack.server.model.User</value> <value>za.co.xxx.traintrack.server.model.CompletedModule</value> </list> </property> </bean> <bean id="dao" class="za.co.xxx.traintrack.server.DAO"> <property name="sessionFactory" ref="sessionFactory"/> <property name="adminUsername" value="${admin.user.name}"/> <property name="adminPassword" value="${admin.user.password}"/> <property name="godUsername" value="${god.user.name}"/> <property name="godPassword" value="${god.user.password}"/> </bean> <bean id="transactionManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager"> <property name="sessionFactory"> <ref local="sessionFactory"/> </property> </bean> <!-- enable the configuration of transactional behavior based on annotations --> <tx:annotation-driven transaction-manager="transactionManager"/> If I change the sessionFactory property to be autoCommit=true then my object does get persisited. <prop key="hibernate.connection.autocommit">true</prop>

    Read the article

  • When to throw exceptions?

    - by FRKT
    Exceptions are wonderful things, but I sometimes worry that I throw too many. Consider this example: Class User { public function User(user){ // Query database for user data if(!user) throw new ExistenceException('User not found'); } } I'd argue that it makes as much sense to simply return false (or set all user data to false in this case), rather than throwing an exception. Which do you prefer?

    Read the article

  • Is this a legitimate implementation of a 'remember me' function for my web app?

    - by user246114
    Hi, I'm trying to add a "remember me" feature to my web app to let a user stay logged in between browser restarts. I think I got the bulk of it. I'm using google app engine for the backend which lets me use java servlets. Here is some pseudo-code to demo: public class MyServlet { public void handleRequest() { if (getThreadLocalRequest().getSession().getAttribute("user") != null) { // User already has session running for them. } else { // No session, but check if they chose 'remember me' during // their initial login, if so we can have them 'auto log in' // now. Cookie[] cookies = getThreadLocalRequest().getCookies(); if (cookies.find("rememberMePlz").exists()) { // The value of this cookie is the cookie id, which is a // unique string that is in no way based upon the user's // name/email/id, and is hard to randomly generate. String cookieid = cookies.find("rememberMePlz").value(); // Get the user object associated with this cookie id from // the data store, would probably be a two-step process like: // // select * from cookies where cookieid = 'cookieid'; // select * from users where userid = 'userid fetched from above select'; User user = DataStore.getUserByCookieId(cookieid); if (user != null) { // Start session for them. getThreadLocalRequest().getSession() .setAttribute("user", user); } else { // Either couldn't find a matching cookie with the // supplied id, or maybe we expired the cookie on // our side or blocked it. } } } } } // On first login, if user wanted us to remember them, we'd generate // an instance of this object for them in the data store. We send the // cookieid value down to the client and they persist it on their side // in the "rememberMePlz" cookie. public class CookieLong { private String mCookieId; private String mUserId; private long mExpirationDate; } Alright, this all makes sense. The only frightening thing is what happens if someone finds out the value of the cookie? A malicious individual could set that cookie in their browser and access my site, and essentially be logged in as the user associated with it! On the same note, I guess this is why the cookie ids must be difficult to randomly generate, because a malicious user doesn't have to steal someone's cookie - they could just randomly assign cookie values and start logging in as whichever user happens to be associated with that cookie, if any, right? Scary stuff, I feel like I should at least include the username in the client cookie such that when it presents itself to the server, I won't auto-login unless the username+cookieid match in the DataStore. Any comments would be great, I'm new to this and trying to figure out a best practice. I'm not writing a site which contains any sensitive personal information, but I'd like to minimize any potential for abuse all the same, Thanks

    Read the article

  • Combined sign in and registration page?

    - by Ryan
    This is somewhat against rails convention but I am trying to have one controller that manages both user session authentication and user registration. I am having troubles figuring out how to go about this. So far I am merging the User Controller and the Sessions Controller and having the 'new' method deliver both a new usersession and a new user instance. With the new routes in rails 3 though, I am having trouble figuring out how to generate forms for these items. Below is the code: user_controller.rb class UserController < ApplicationController def new @user_session = UserSession.new @user = User.new end def create_user @user = User.new(params[:user]) if @user.save flash[:notice] = "Account Successfully Registered" redirect_back_or_default signup_path else render :action => new end end def create_session @user_session = UserSession.new(params[:user_session]) if @user_session.save flash[:notice] = "Login successful!" redirect_back_or_default login_path else render :action => new end end end views/user/new.html.erb <div id="login_section"> <% form_for @user_session do |f| -%> <%= f.label :email_address, "Email Address" %> <%= f.text_field :email %> <%= f.label :password, "Password" %> <%= f.text_field :password %> <%= f.submit "Login", :disable_with => 'Logining...' %> <% end -%> </div> <div id="registration_section"> <% form_for @user do |f| -%> <%= f.label :email_address, "Email Address" %> <%= f.text_field :email %> <%= f.label :password, "Password" %> <%= f.text_field :password %> <%= f.label :password_confirmation, "Password Confirmation" %> <%= f.text_field :password_confirmation %> <%= f.submit "Register", :disable_with => 'Logining...' %> <% end -%> </div> I imagine I will need to use :url = something for those forms, but I am unsure how to specify. Within routes.rb I have yet to specify either Usersor UserSessions as resources (not convinced that this is the best way to do it... but I could be). I would like, however, the registration and login on the same page and have implemented this by doing the following: routes.rb match 'signup' => 'user#new' match 'login' => 'user#new' What's the best way to go about solving this?

    Read the article

  • show tweets inside div from an asynchronous loop

    - by ak_47
    Am trying to laod tweets into a div after looping them from yahoo placemaker. They are loading on the div but the information shown by them is placemaker's last result. This is the code.. function getLocation(user, date, profile_img, text,url) { var templates = []; templates[0] = '<div><div></div><h2 class="firstHeading">'+user+'</h2><div>'+text+'</div><div><p><a href="' + url + '"target="_blank">'+url+'</a></p></div><p>Date Posted- '+date+'</p></div>'; templates[1] = '<table width="320" border="0"><tr><td class="user" colspan="2" rowspan="1">'+user+'</td></tr><tr><td width="45"><a href="'+profile_img+'"><img src="'+profile_img+'" width="55" height="50"/></a></td><td width="186">'+text+'<p><a href="' + url + '"target="_blank">'+url+'</a></p></td></tr></table><hr>'; templates[2] = '<div><div></div><h2 class="firstHeading">'+user+'</h2><div>'+text+'</div><div><p><a href="' + url + '"target="_blank">'+url+'</a></p></div><p>Date Posted- '+date+'</p></div>'; templates[3] = '<table width="320" border="0"><tr><td class="user" colspan="2" rowspan="1">'+user+'</td></tr><tr><td width="45"><a href="'+profile_img+'"><img src="'+profile_img+'" width="55" height="50"/></a></td><td width="186">'+text+'<p><a href="' + url + '"target="_blank">'+url+'</a></p></td></tr></table><hr>'; var geocoder = new google.maps.Geocoder(); Placemaker.getPlaces(text, function (o) { console.log(o); if (!$.isArray(o.match)) { var latitude = o.match.place.centroid.latitude; var longitude = o.match.place.centroid.longitude; var myLatLng = new google.maps.LatLng(latitude, longitude); var marker = new google.maps.Marker({ icon: profile_img, title: user, map: map, position: myLatLng }); var infowindow = new google.maps.InfoWindow({ content: templates[0].replace('user',user).replace('text',text).replace('url',url).replace('date',date) }); var $tweet = $(templates[1].replace('%user',user).replace(/%profile_img/g,profile_img).replace('%text',text).replace('%url',url)); $('#user-banner').css("visibility","visible");$('#news-banner').css("visibility","visible"); $('#news-tweets').css("overflow","scroll").append($tweet); function openInfoWindow() { infowindow.open(map, marker); } google.maps.event.addListener(marker, 'click', openInfoWindow); $tweet.find(".user").on('click', openInfoWindow); bounds.extend(myLatLng); } }); }

    Read the article

  • How do can I have a dropdown list(select HTML) where i want to have one of the options where i allow

    - by Mo
    Hi I want to have a drop down menu where a user can select from several predefined options but i also want to give him the option of inserting a user specific value, i was thinking having one of the options as "user specific" which will in turn allow the user to insert a user specif entry in a text box that appears or is editable when user selects the "user specific" option. any one have any ideas how i can implement this is HTML and Javascript? thank you

    Read the article

  • Keeping track of the action before a login?

    - by soybie
    I'm trying to do the following: User can vote for an item (controller: item, action: vote) 2a. If the user is logged in, then vote action goes through. 2b. If user is not logged in, then user needs to log in/creates an account (handled by user controller), then vote action goes through. How do I do 2b such that once the user logs in/creates account, the vote action automatically goes through without having the user vote for the item again?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 244 245 246 247 248 249 250 251 252 253 254 255  | Next Page >