Search Results

Search found 1625 results on 65 pages for 'ansi escape'.

Page 26/65 | < Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33  | Next Page >

  • What's so bad about building XML with string concatenation?

    - by wsanville
    In the thread What’s your favorite “programmer ignorance” pet peeve?, the following answer appears, with a large amount of upvotes: Programmers who build XML using string concatenation. My question is, why is building XML via string concatenation (such as a StringBuilder in C#) bad? I've done this several times in the past, as it's sometimes the quickest way for me to get from point A to point B when to comes to the data structures/objects I'm working with. So far, I have come up with a few reasons why this isn't the greatest approach, but is there something I'm overlooking? Why should this be avoided? Probably the biggest reason I can think of is you need to escape your strings manually, and most programmers will forget this. It will work great for them when they test it, but then "randomly" their apps will fail when someone throws an & symbol in their input somewhere. Ok, I'll buy this, but it's really easy to prevent the problem (SecurityElement.Escape to name one). When I do this, I usually omit the XML declaration (i.e. <?xml version="1.0"?>). Is this harmful? Performance penalties? If you stick with proper string concatenation (i.e. StringBuilder), is this anything to be concerned about? Presumably, a class like XmlWriter will also need to do a bit of string manipulation... There are more elegant ways of generating XML, such as using XmlSerializer to automatically serialize/deserialize your classes. Ok sure, I agree. C# has a ton of useful classes for this, but sometimes I don't want to make a class for something really quick, like writing out a log file or something. Is this just me being lazy? If I am doing something "real" this is my preferred approach for dealing w/ XML.

    Read the article

  • Catch/Intercept all mouse clicks

    - by Hallik
    I have this simple script that catches all mouse clicks, unless you click on something that actually works. Links, flash videos, etc. How can I adjust this so no matter what a user clicks on, before the video loads, new page loads, etc. It sends the simple GET request I built? (function($) { $.fn.saveClicks = function() { $(this).bind('mousedown.clickmap', function(evt) { var clickDocument = (document.documentElement != undefined && document.documentElement.clientHeight != 0) ? document.documentElement : document.body; var width = clickHeatDocument.clientWidth != undefined ? clickDocument.clientWidth : window.innerWidth; var height = clickHeatDocument.clientHeight != undefined ? clickDocument.clientHeight : window.innerHeight; var scrollx = window.pageXOffset == undefined ? clickDocument.scrollLeft : window.pageXOffset; var scrolly = window.pageYOffset == undefined ? clickDocument.scrollTop : window.pageYOffset; var x = evt.clientX + scrollx; var y = evt.clientY + scrolly; $.get('/click-save.php', { "x":evt.pageX, "y":evt.pageY, "click":"true", "w":width, "h":height, "l":escape(document.location.pathname), "d":escape(document.domain) }); }); }; })(jQuery); $(function() { $(document).saveClicks(); });

    Read the article

  • Codeigniter xss_clean dilemma

    - by Henson
    I know this question has been asked over and over again, but I still haven't found the perfect answer for my liking, so here it goes again... I've been reading lots and lots polarizing comments about CI's xss_filter. Basically majority says that it's bad. Can someone elaborate how it's bad, or at least give 1 most probable scenario where it can be exploited? I've looked at the security class in CI 2.1 and I think it's pretty good as it doesn't allow malicious strings like document.cookie, document.write, etc. If the site has basically non-html presentation, is it safe to use global xss_filter (or if it's REALLY affecting performance that much, use it on per form post basis) before inserting to database ? I've been reading about pros and cons about whether to escape on input/output with majority says that we should escape on output only. But then again, why allow strings like <a href="javascript:stealCookie()">Click Me</a> to be saved in the database at all? The one thing I don't like is javascript: and such will be converted to [removed]. Can I extend the CI's security core $_never_allowed_str arrays so that the never allowed strings return empty rather than [removed]. The best reasonable wrongdoing example of this I've read is if a user has password of javascript:123 it will be cleaned into [removed]123 which means string like this document.write123 will also pass as the user's password. Then again, what is the odds of that to happen and even if it happens, I can't think of any real harm that can do to the site. Thanks

    Read the article

  • How to delay program for a certain number of milliseconds, or until a key is pressed?

    - by Jack
    I need to delay my program's execution for a specified number of milliseconds, but also want the user to be able to escape the wait when a key is pressed. If no key is pressed the program should wait for the specified number of milliseconds. I have been using Thread.Sleep to halt the program (which in the context of my program I think is ok as the UI is set to minimise during the execution of the main method). I have thought about doing something like this: while(GetAsyncKeyState(System.Windows.Forms.Keys.Escape) == 0 || waitTime > totalWait) { Thread.Sleep(100); waitTime += 100; } As Thread.Sleep will wait until at least the time specified before waking the thread up, there will obviously be a large unwanted extra delay as it is scaled up in the while loop. Is there some sort of method that will sleep for a specified amount of time but only while a condition holds true? Or is the above example above the "correct" way to do it but to use a more accurate Sleep method? If so what method can I use? Thanks in advance for your help.

    Read the article

  • Unix/Linux find and sort by date modified

    - by Richard Easton
    How can I do a simple find which would order the results by most recently modified? Here is the current find I am using (I am doing a shell escape in PHP, so that is the reasoning for the variables): find '$dir' -name '$str'\* -print | head -10 How could I have this order the search by most recently modified? (Note I do not want it to sort 'after' the search, but rather find the results based on what was most recently modified.)

    Read the article

  • ssh tunnel error "ssh_exchange_identification: Connection closed by remote host"

    - by Jacob Ewing
    I'm trying to use an ssh tunnel from my office machine to my home machine, and get an error when I try to use it. What I'm doing is starting one shell like so: ssh -gL 12345:my.home.domain:22 my.home.domain This is giving me a proper shell, no problem. What I normally do then is ssh to my home machine through this office machine, like so: ssh -p 12345 127.0.0.1 This has always worked for me, until last week, when I set up a new system on my home machine (switching from Ubuntu to Debian). Now I get an error. I can still open up my initial ssh connection, but when I try to use that tunnel, I get (on the office machine) this error: ssh_exchange_identification: Connection closed by remote host Also, when that happens, the open shell that I have the tunnelling set up through gets this line spat out at it: channel 3: open failed: connect failed: Connection timed out At which point, I'm at a loss. If any more info is needed, I'll be happy to post it. ============= further to that ============== After fiddling around further, I've found that I'm getting a different response from the server (my home machine that is) when I try to telnet in on the various ports. If I try: telnet my.home.domain 22 I get this back: Trying <my ip address>... Connected to <my domain>. Escape character is '^]'. SSH-2.0-OpenSSH_5.5p1 Debian-6+squeeze2 Which is what I would expect. After setting up the tunnel though, and then telnetting to that, I see this response: Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. ============== and further still ================== As per kbulgrien's suggestion, here is the output from the client machine with the -v option: ssh -vp 24600 127.0.0.1 OpenSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to 127.0.0.1 [127.0.0.1] port 24600. debug1: Connection established. debug1: identity file /home/jacob/.ssh/id_rsa type -1 debug1: identity file /home/jacob/.ssh/id_rsa-cert type -1 debug1: identity file /home/jacob/.ssh/id_dsa type -1 debug1: identity file /home/jacob/.ssh/id_dsa-cert type -1 debug1: identity file /home/jacob/.ssh/id_ecdsa type -1 debug1: identity file /home/jacob/.ssh/id_ecdsa-cert type -1 ssh_exchange_identification: Connection closed by remote host

    Read the article

  • Searching for literal "> \" using ack-grep

    - by Stephen Gornick
    I am looking for lines that literally have a greater than character (a "") followed by a space followed by a backslash character (a "\") i.e., a line with this: \ I thought escaping would allow this, and for the greater-than it does: $ ack-grep " " returns lines that have " " in them. But when I try to escape the backslash as well I get: $ ack-grep " \" ack-grep: Invalid regex ' \': Trailing \ in regex m/ \/

    Read the article

  • Virtual terminal with at least 16bit color?

    - by trusktr
    It's 2013 and there should be terminals with more than 256 colors by now (you'd think). Are there any terminals with more than 8bit colors (usually from 8 bit we jump to 16bit) to use with linux? Ideally, I'd like to have a linux terminal with 32bit colors for the foreground and background of each character. So, the functionality would be the same, with escape sequences, but just more of them (or something like that?).

    Read the article

  • Bash Completion Script Help

    - by inxilpro
    So I'm just starting to learn about bash completion scripts, and I started to work on one for a tool I use all the time. First I built the script using a set list of options: _zf_comp() { local cur prev actions COMPREPLY=() cur="${COMP_WORDS[COMP_CWORD]}" prev="${COMP_WORDS[COMP_CWORD-1]}" actions="change configure create disable enable show" COMPREPLY=($(compgen -W "${actions}" -- ${cur})) return 0 } complete -F _zf_comp zf This works fine. Next, I decided to dynamically create the list of available actions. I put together the following command: zf | grep "Providers and their actions:" -A 100 | grep -P "^\s*\033\[36m\s*zf" | awk '{gsub(/[[:space:]]*/, "", $3); print $3}' | sort | uniq | awk '{sub("\-", "\\-", $1); print $1}' | tr \\n " " | sed 's/^ *\(.*\) *$/\1/' Which basically does the following: Grabs all the text in the "zf" command after "Providers and their actions:" Grabs all the lines that start with "zf" (I had to do some fancy work here 'cause the ZF command prints in color) Grab the second piece of the command and remove any spaces from it (the spaces part is probably not needed any more) Sort the list Get rid of any duplicates Escape dashes (I added this when trying to debug the problem—probably not needed) Trim all new lines Trim all leading and ending spaces The above command produces: $ zf | grep "Providers and their actions:" -A 100 | grep -P "^\s*\033\[36m\s*zf" | awk '{gsub(/[[:space:]]*/, "", $3); print $3}' | sort | uniq | awk '{sub("\-", "\\-", $1); print $1}' | tr \\n " " | sed 's/^ *\(.*\) *$/\1/' change configure create disable enable show $ So it looks to me like it's producing the exact same string as I had in my original script. But when I do: _zf_comp() { local cur prev actions COMPREPLY=() cur="${COMP_WORDS[COMP_CWORD]}" prev="${COMP_WORDS[COMP_CWORD-1]}" actions=`zf | grep "Providers and their actions:" -A 100 | grep -P "^\s*\033\[36m\s*zf" | awk '{gsub(/[[:space:]]*/, "", $3); print $3}' | sort | uniq | awk '{sub("\-", "\\-", $1); print $1}' | tr \\n " " | sed 's/^ *\(.*\) *$/\1/'` COMPREPLY=($(compgen -W "${actions}" -- ${cur})) return 0 } complete -F _zf_comp zf My autocompletion starts acting up. First, it won't autocomplete anything with an "n" in it, and second, when it does autocomplete ("zf create" for example) it won't let me backspace over my completed command. The first issue I'm completely stumped on. The second I'm thinking might have to do with escape characters from the colored text. Any ideas? It's driving me crazy!

    Read the article

  • URL rewriting with TomCat

    - by Tudor Olariu
    I am looking to rewrite an incoming url request on TomCat with the Tuckey rewriter: <rule> <from>/OutputFile?sourceArticleId=([0-9]+)</from> <to>/app/clipping/get/$1</to> </rule> the "?" question mark fails the regexp pattern matching. How can I properly escape it or what is the correct solution for this?

    Read the article

  • Postfix smtp test occured "Relay access denied"

    - by liuxingruo
    I was following the tutorial http://wiki.centos.org/zh/HowTos/postfix_restrictions but, when I tried to send a mail with smtp, it returns: Connected to XXX.XXX.33.22 (XXX.XXX.33.22). Escape character is '^]'. 220 mail.xxxx.com ESMTP Postfix HELO mail.xxxx.com 250 mail.xxxx.com MAIL FROM:<[email protected]> 250 2.1.0 Ok RCPT TO:<[email protected]> 554 5.7.1 <[email protected]>: Relay access denied And, the postfix main.cf setting is relay_domains =

    Read the article

  • Nagios not accepting regex in command

    - by Creshal
    I have this command defined: define command{ command_name check_http_sane command_line $USER1$/check_http -H $HOSTNAME$ -r "HTTP/1.1 (200|301|302|303|304|307|401|418|426)" } When I run it manually on command line, it works fine, but nagios (2.6) reports a "pattern not found" error. Do I need to escape something? Edit: As stated below, I solved it by replacing check_http with my own script which works (good enough for our use case, anyway). Script: http://pastebin.com/hNmz6Wa1

    Read the article

  • How to include space in drive label using command-line MS format?

    - by Leif Carlsen
    The obvious-to-me approaches fail. # format h: /fs:ntfs /q /y /V:512MB Disk Invalid parameter - Disk # format h: /fs:ntfs /q /y /V:"512MB Disk" Invalid parameter - Disk" # format h: /fs:ntfs /q /y /V:"512MB\ Disk" Invalid parameter - Disk" # format h: /fs:ntfs /q /y /V:512MB\ Disk Invalid parameter - Disk Okay, so label works after-the fact. # label h: 512MB Disk # But how to do it using format? Am I missing some kind of escape sequence?

    Read the article

  • Mount CIFS Credentials File has Special Character

    - by David George
    I'm having trouble mounting a share on my XenServer (5.6 FP1). From the command line I try: mount.cifs //server/share /mnt/share -o credentials=credfile The contents of credfile is: username=Administrator password=What@zR\!p3s When I run the above mount command I get "Access Denied". However if I run the following command it works: mount.cifs //server/share /mnt/share -o username=Administrator,password=What@zR\!p3s Please note the "\" is to escape the bang and I've tried this with and without it in the credentials file. Any suggestions?

    Read the article

  • Spaces in SETX PATH command

    - by Jeremy Stein
    Suppose my PATH is C:\WINDOWS\system32\;C:\Program Files\Important\ SET NEW_PATH=C:\My\Dir\ SETX PATH "%PATH%;%NEW_PATH%" Results in a path of: C:\WINDOWS\system32\;C:\Program Files\Important\;C:\My\Dir" Notice the quotation mark at the end of the path. It's as though the backslash at the end of %NEW_PATH% escaped the final quote mark. I need the quotation marks because I have spaces in my path, but I don't want backslashes to be interpreted as escape characters. What's the right way to include my PATH in the call to SETX?

    Read the article

  • Turn off Mac , Finder App Problem !

    - by Taimur Hamza
    Hi everyone, Whenever i try to turn off my mac. This finder toolbar apears on top. And it doesnt remove even i try to Force Quit this application using Command+Options+Escape. Can anybody please suggest me wats wrong with it ? http://rapidshare.com/files/394092080/Picture_1.png Taimur

    Read the article

  • How do I change colors on-the-fly in mintty?

    - by Thomas L Holaday
    How do I change the colors in a Cygwin mintty session which is already open? Is it possible? Use case: Under environment-imposed time constraints, multiple terminal windows have been opened without forethought. In order to reduce the risk of typing the commands for system A into the terminal for system B, it would be nice if they were different colors. Is there some escape sequence or whatnot that can change the color scheme for a running session?

    Read the article

  • PuTTY: Forcibly terminate an SSH session without closing the window

    - by jjlin
    Is there a way to forcibly terminate an SSH session in PuTTY, short of closing the PuTTY window? For example, in OpenSSH, I can use the ~. escape sequence to kill the connection. This is useful when the SSH session stops responding for some reason, but I don't want to lose any of my current session-specific settings. In that case, I'd like to kill the session and then use Restart Session to reconnect.

    Read the article

< Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33  | Next Page >