Search Results

Search found 19179 results on 768 pages for 'ms security essentials'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 28/768 | < Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >

  • SBS 2011 Essentials and too many new Mac users

    - by Harry Muscle
    We currently have about 15 users on a Windows SBS 2011 Essentials Server. I've just been informed that we plan to bring aboard about 15 more users that will be using Macs. We'll be using a Mac Server to manage the 15 new Macs, however, I'm looking for advice on how to best set this all up. Ideally I would just add the 15 new Mac users to Active Directory and setup the Mac Server to authenticate against AD, unfortunately the SBS 2011 Essentials Server has a limit of 25 users, so adding these new users to AD won't work unless we upgrade the Windows server (which I'd rather avoid since it's a lot of work and a lot of money). That leaves the option of creating user accounts for these 15 Mac users on the Mac Server only. The problem that this creates though is how do I share files been Mac users and Windows users since they are now using different systems for network authentication. Any advice (short of upgrade to SBS Standard) is highly appreciated. Thanks, Harry P.S. We don't run Exchange or anything else on our server ... it's mainly used for file sharing and enforcing security via group policies.

    Read the article

  • Forefront TMG 2010: Can you monitor realtime TCP connections and bandwidth on a per-user basis?

    - by user65235
    I'm just starting a trial of ForeFront TMG to use as a proxy server. I know I can get a real time activity monitor and filter on a per user basis, but would like to be able to get a real time activity monitor of all users that I can then sort by bandwidth consumed (enabling me to get a view on who the bandwidth hogs are). Does anyone know if this is possible in Forefront TMG or if a third party product is required? Thanks. JR

    Read the article

  • Steps to take when technical staff leave

    - by Tom O'Connor
    How do you handle the departure process when privileged or technical staff resign / get fired? Do you have a checklist of things to do to ensure the continuing operation / security of the company's infrastructure? I'm trying to come up with a nice canonical list of things that my colleagues should do when I leave (I resigned a week ago, so I've got a month to tidy up and GTFO). So far I've got: Escort them off the premises Delete their email Inbox (set all mail to forward to a catch-all) Delete their SSH keys on server(s) Delete their mysql user account(s) ... So, what's next. What have I forgotten to mention, or might be similarly useful? (endnote: Why is this off-topic? I'm a systems administrator, and this concerns continuing business security, this is definitely on-topic.)

    Read the article

  • Parallel installation of Office 2003 and Outlook 2010

    - by Marcel Janus
    we have a customer who is not willing to move from Office 2003 to Office 2010 but he now wants to use Office 365. As you know is Office 365 not compatible with Outlook 2003. Now he asked me if it's possible to buy and install Outlook 2010 and keep the rest as it is. I only found some guides for parallel installation of Office 2007 and Office 2010. So my question is if this solution will work. Or are there any issues known?

    Read the article

  • Can't select text with mouse in Word / Office 2007

    - by asc99c
    I'm having a very weird problem here for the last few months. In Word, and in fact all programs from the Office 2007 suite, I can't drag the mouse pointer to select text. I can click at a point in the text and the cursor moves correctly to that point. If I double click, the word under the cursor is selected, and triple clicking selects the whole line. However if I hold the mouse button down and drag the mouse, no text is selected. Occasionally the problem disappears and everything works fine, but it then reappears a few minutes later. Text selection with the mouse works everywhere else (Firefox, PuTTY, OpenOffice), just not in Office. The only addins are Google Desktop Office Addin, and Person Name (). For info it is Office 2007 SP3, running on Windows 7 64-bit.

    Read the article

  • new ActiveXObject('Word.Application') creates new winword.exe process when IE security does not allo

    - by Mark Ott
    We are using MS Word as a spell checker for a few fields on a private company web site, and when IE security settings are correct it works well. (Zone for the site set to Trusted, and trusted zone modified to allow control to run without prompting.) The script we are using creates a word object and closes it afterward. While the object exists, a winword.exe process runs, but it is destroyed when the word object is closed. If our site is not set in the trusted zone (Internet zone with default security level) the call that creates the word object fails as expected, but the winword.exe process is still created. I do not have any way to interact with this process in the script, so the process stays around until the user logs off (users have no way to manually destroy the process, and it wouldn't be a good solution even if they did.) The call that attempts to create the object is... try { oWordApplication = new ActiveXObject('Word.Application'); } catch(error) { // irrelevant code removed, described in comments.. // notify user spell check cannot be used // disable spell check option } So every time the page is loaded this code may be run again, creating yet another orphan winword.exe process. oWordApplication is, of course, undefined in the catch block. I would like to be able to detect the browser security settings beforehand, but I have done some searching on this and do not think that it is possible. Management here is happy with it as it is. As long as IE security is set correctly it works, and it works well for our purposes. (We may eventually look at other options for spell check functionality, but this was quick, inexpensive, and does everything we need it to do.) This last problem bugs me and I'd like to do something about it, but I'm out of ideas and I have other things that are more in need of my attention. Before I put it aside, I thought I'd ask for suggestions here...

    Read the article

  • Understanding LinkDemand Security on a webserver

    - by robertpnl
    Hi, After deployment an ASP.Net application on a webserver, I get this error message by using code from a external assembly: "LinkDemand The type of the first permission that failed was: System.Security.PermissionSet The Zone of the assembly that failed was: MyComputer the error ". The assembly is include in the \bin folder and not in the GAC. I try to know what linkdemand exactly is and why this message will raised. But looking for more information, I don't get exactly the problem. I try also to add the PermissionSetAttribute on the class where the exception message happens: [System.Security.Permissions.PermissionSetAttribute(System.Security.Permissions.SecurityAction.LinkDemand, Name = "FullTrust")] Then the exception will be raised on another class of the assembly. And so on.. My questions ares: - what exactly is going wrong here? Is it true that I understand that .Net cannot check the code during Jit? - Is there maybe a security policy that block this (machine.config)? - Can I set the PermissionAttribute for all classes between a assembly? Thanks.

    Read the article

  • Spring HandlerInterceptor or Spring Security to protect resource

    - by richever
    I've got a basic Spring Security 3 set up using my own login page. My configuration is below. I have the login and sign up page accessible to all as well as most everything else. I'm new to Spring Security and understand that if a user is trying to access a protected resource they will be taken to the defined login page. And upon successful login they are taken to some other page, home in my case. I want to keep the latter behavior; however, I'd like specify that if a user tries to access certain resources they are taken to the sign up page, not the login page. Currently, in my annotated controllers I check the security context to see if the user is logged in and if not I redirect them to the sign up page. I only do this currently with two urls and no others. This seemed redundant so I tried creating a HandlerInterceptor to redirect for these requests but realized that with annotations, you can't specify specific requests to be handled - they all are. So I'm wondering if there is some way to implement this type of specific url handling in Spring Security, or is going the HandlerInterceptor route my only option? Thanks! <http auto-config="true" use-expressions="true"> <intercept-url pattern="/login*" access="permitAll"/> <intercept-url pattern="/signup*" access="permitAll"/> <intercept-url pattern="/static/**" filters="none" /> <intercept-url pattern="/" access="permitAll"/> <form-login login-page="/login" default-target-url="/home"/> <logout logout-success-url="/home"/> <anonymous/> <remember-me/> </http>

    Read the article

  • Spring Security 3.0 - Intercept-URL - All pages require authentication but one

    - by gav
    Hi All, I want any user to be able to submit their name to a volunteer form but only administrators to be able to view any other URL. Unfortunately I don't seem to be able to get this correct. My resources.xml are as follows; <?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> <http realm = "BumBumTrain Personnel list requires you to login" auto-config="true" use-expressions="true"> <http-basic/> <intercept-url pattern="/person/volunteer*" access=""/> <intercept-url pattern="/**" access="isAuthenticated()" /> </http> <authentication-manager alias="authenticationManager"> <authentication-provider> <user-service> <user name="admin" password="admin" authorities="ROLE_ADMIN"/> </user-service> </authentication-provider> </authentication-manager> </beans:beans> Specifically I am trying to achieve the access settings I described via; <intercept-url pattern="/person/volunteer*" access=""/> <intercept-url pattern="/**" access="isAuthenticated()" /> Could someone please describe how to use intercept-url to achieve the outcome I've described? Thanks Gav

    Read the article

  • CakePHP 1.26: Bug in 'Security' component?

    - by Steve
    Okay, for those of you who may have read this earlier, I've done a little research and completely revamped my question. I've been having a problem where my form requests get blackholed by the Security component, although everything works fine when the Security component is disabled. I've traced it down to a single line in a form: <?php echo $form->create('Audition');?> <fieldset> <legend><?php __('Edit Audition');?></legend> <?php echo $form->input('ensemble'); echo $form->input('position'); echo $form->input('aud_date'); // The following line works fine... echo $form->input('owner'); // ...but the following line blackholes when Security included // and the form is submitted: // echo $form->input('owner', array('disabled'=>'disabled'); ?> </fieldset> <?php echo $form->end('Submit');?> (I've commented out the offending line for clarity) I think I'm following the rules by using the form helper; as far as I can tell, this is a bug in the Security component, but I'm too much of a CakePHP n00b to know for sure. I'd love to get some feedback, and if it's a real bug, I'll submit it to the CakePHP team. I'd also love to know if I'm just being dumb and missing something obvious here.

    Read the article

  • SOAP security in Salesforce

    - by Dean Barnes
    I am trying to change the wsdl2apex code for a web service call header that currently looks like this: <env:Header> <Security xmlns="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"> <UsernameToken Id="UsernameToken-4"> <Username>test</Username> <Password>test</Password> </UsernameToken> </Security> </env:Header> to look like this: <soapenv:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <wsse:UsernameToken wsu:Id="UsernameToken-4" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <wsse:Username>Test</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Test</wsse:Password> </wsse:UsernameToken> </wsse:Security> </soapenv:Header> One problem is that I can't work out how to change the namespaces for elements (or even if it matters what name they have). A secondary problem is putting the Type attribute onto the Password element. Can any provide any information that might help? Thanks

    Read the article

  • PowerShell: How to find and uninstall a MS Office Update

    - by Hank
    I've been hunting for a clean way to uninstall an MSOffice security update on a large number of workstations. I've found some awkward solutions, but nothing as clean or general like using PowerShell and get-wmiobject with Win32_QuickFixEngineering and the .Uninstall method on the resulting object. [Apparently, Win32_QuickFixEngineering only refers to Windows patches. See: http://social.technet.microsoft.com/Forums/en/winserverpowershell/thread/93cc0731-5a99-4698-b1d4-8476b3140aa3 ] Question 1: Is there no way to use get-wmiobject to find MSOffice updates? There are so many classes and namespaces, I have to wonder. This particualar Office update (KB978382) can be found in the registry here (for Office Ultimate): HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6DE3DABF-0203-426B-B330-7287D1003E86} which kindly shows the uninstall command of: msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86} and the last GUID seems constant between different versions of Office. I've also found the update like this: $wu = new-object -com "Microsoft.Update.Searcher" $wu.QueryHistory(0,$wu.GetTotalHistoryCount()) | where {$_.Title -match "KB978382"} I like this search because it doesn't require any poking around in the registry, but: Question 2: If I've found it like this, what can I do with the found information to facilitate the Uninstall? Thanks

    Read the article

  • Automatically check for Security Updates on CentOS or Scientific Linux?

    - by Stefan Lasiewski
    We have machines running RedHat-based distros such as CentOS or Scientific Linux. We want the systems to automatically notify us if there are any known vulnerabilities to the installed packages. FreeBSD does this with the ports-mgmt/portaudit port. RedHat provides yum-plugin-security, which can check for vulnerabilities by their Bugzilla ID, CVE ID or advisory ID. In addition, Fedora recently started to support yum-plugin-security. I believe this was added in Fedora 16. Scientific Linux 6 did not support yum-plugin-security as of late 2011. It does ship with /etc/cron.daily/yum-autoupdate, which updates RPMs daily. I don't think this handles Security Updates only, however. CentOS does not support yum-plugin-security. I monitor the CentOS and Scientific Linux mailinglists for updates, but this is tedious and I want something which can be automated. For those of us who maintain CentOS and SL systems, are there any tools which can: Automatically (Progamatically, via cron) inform us if there are known vulnerabilities with my current RPMs. Optionally, automatically install the minimum upgrade required to address a security vulnerability, which would probably be yum update-minimal --security on the commandline? I have considered using yum-plugin-changelog to print out the changelog for each package, and then parse the output for certain strings. Are there any tools which do this already?

    Read the article

  • MS Tech Ed 2011 Coming Soon

    - by sonam
    Microsoft Tech ed 2010 was a great success. Infact  Most of such conferences always provide a great place to meet other  technology enthusiasts and ofcourse,whats in the pipeline for future products of a company or field.. And yet again,MS Tech ed India is coming on 23-25 march  in Banglore,India.Well,the place is  ofcourse right suited for any IT/Computing conference.After all,Its Silicon Valley of India.. From Last year.I remember  a session by Harish about  “Building pure client side apps with  Jquery and Microsoft Ajax .” Here’s the video: http://live.viasilverlight.com/TechEdOnDemand/Breakouts/TheWebSimplified1/Session4/AjaxClientSideApps.wmv At that time only,I got to know that jquery is so easy to use for  ajax or client side templating.Though I prefer jquery over  Microsoft Ajax many folds.UpdatePanel  is Dead for sure in my view. I believe,Web forms will be dead sooner or later with ASP.Net  MVC  gaining share many folds.(TODO:Learn MVC). The new standard is surely:JQUERY . Between,Last years videos and ppt’s  are available to browse and download: http://microsoftteched.in/2010/downloads.aspx After going through Tech Ad 2011 session agendas : http://www.microsoft.com/india/teched2011/agenda.aspx Few of my personal choices to watch would be: Day 1: a) Identity And Access Control in the Cloud        b)Windows 7 at  Home:Digitizing your Home.(Sounds cool.)        c) And ofcourse,Jquery and MS ajax(Lets see if MS can do something that’s not already happening with their version Of Ajax).. Day 2:  a) Lap Around Silverlight 5 and Html 5 as I have heard some hot talks that html5 will kill Silverlight,(I don’t see it in near future though).        b) Html 5 more than “Html 5”…Google will be seeing this one. Day3: a) Cross Browser applications in Azure       b)VS 2010 sessions of automated testing azure apps etc. Windows Phone 7 sessions will surely be of more interest now after MS-Nokia Deal. Though,Personally,I would want atleast some worth of  sessions on MS  future in Robotics,AI.Perhaps  I am looking at wrong place..(When is PDC?) And Since,Bill Gates  consider Robotics as the next big thing, Refer  this one : http://www.cs.virginia.edu/robins/A_Robot_in_Every_Home.pdf  I am sure,they wont loose this new hot spot to competitors,  like how google rules in Online  Search now.Robotics and AI will surely provide a big battlefield  for future.See,What IBM is doing with IBM Watson. OR see this, http://www.sciencedaily.com/releases/2011/02/110218083711.htm this is cool only if you can control your mind.Atleast,I’ll prefer regular driving (I would devote my mind seeing  people,places which we see on road).thats what jouney makes “cool”.:P.

    Read the article

  • MS in Computer Science after BE in electronics

    - by Abhinav
    I am doing my 3rd year Bachelors in Electronics and Electrical Communication but from the first year I have been interested in Computer Science. But at that time it was just my hobby. But in second year when I joined robotics my love for computer science rose. I with my team came in top three in 2 National Competition (Technical fests of different IITs) where we used Image Processing, Hardware interfacing etc. But then I realised that Computer Science is not just about coding. I took many lectures from online free schools like Udacity, Coursera in subjects related to Artificial Intelligence, Building a Search Engine, Design and Analysis of Algorithm, Programming a Robotic Car, Programming Languages, Machine Learning, Software Engineering as a Service, WebApps Engineering, Compilers, Applied Crypotography etc. I also did some courses in Core and Advanced Java in my second year from training institute. I will also be taking course in Statistics, Databases, Discrete Mathematics from 25th June. Now I realized how vast is the field of Computer Science and how efficient you become on deciding algorithms and classifying problems into different subfields which have been thoroughly researched so you don't always do brute force thing or naive programming. Now this field has become kind of passion for me. Adding to the fact I am also doing my 6 months internship in software field in Texas Instruments where I am working on Automation and Algorithms. I also have some 5-6 good college level projects in Softwares and Robotics. I also like Electronics but only some fields like Operating System(this subject was there in Electronics also), Micro Processor, Digital, Computer Architecture, DSPs etc. I really want to pursue MS in some field of Computer Science. I am giving GRE in October/November. Till now I have good CG of around 9.4/10 and my 1 year in college is still left. Do I have any chance that some good University in US will consider me for MS in field related to computer science or Robotics. Also Can you suggest somethings that I can do during this 1 year to increase my chances for MS or should I apply for EECS(Electrical Engineering and Computer Science) and then I can shift more towards Computer Science as my major option. My main aim is to do Phd after Ms in CS if I am able to do that somehow. I know that I have to put much extra effort to understand things in MS than CS undergraduates but I will do that with my full dedication, also when I communicate with my college CS students or during my internship period I didn't feel that I am missing very much stuff that they know and was very comfortable during my internship with software employees.

    Read the article

  • java.security.AccessControlException: access denied using Java Web Start

    - by killiancomputers
    I am having some issues with accessing files using JWS (Java Web Start). The program adds a new label and image. The program runs fine on my local computer but gives me pages of errors when I run the program on my remote server using JWS. Here's a sample of the error: Exception in thread "AWT-EventQueue-0" java.security.AccessControlException: access denied (java.io.FilePermission add2.png read) at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) This occurs even after making sure the images have read access. Ideas?

    Read the article

  • problem with overriding autologin in spring security?

    - by sword101
    greetings everybody iam using spring security 3 remember me service as follows <http> <remember-me/> ....</http> and i want to perform some logic in the autologin so i tried to override the AbstractRememberMeServices as follows: package com.foo; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.RememberMeServices; public abstract class AbstractRememberMeServices implements RememberMeServices{ @Override public Authentication autoLogin(HttpServletRequest arg0, HttpServletResponse arg1) { System.out.println("Auto Login"); return null; } @Override public void loginSuccess(HttpServletRequest arg0, HttpServletResponse arg1, Authentication arg2) { System.out.println("Login Success"); } } but the autologin occurs with no action,the user auto login but the print statement is not printed? what's wrong?

    Read the article

  • .NET Code Access Security: Useful or just overcomplicated?

    - by routeNpingme
    see also Is “Code Access Security” of any real world use? I want to get some other opinions on this... I like the idea of Code Access Security for desktop applications. But in the lifetime of .NET I have to admit I've never actually had a situation where CAS has actually blocked something to my benefit. I have, however, had many times where something as simple as sharing a quick .NET application across a mapped drive becomes an enterprise code access nightmare. Having to break out caspol.exe to create trusted path rules and having no clear way of knowing why something failed makes it seem like CAS adds way more frustration to the development and deployment process than it offers in security. I'd like to hear either some situations where CAS has actually helped more than hurt, or if there are other people out there frustrated with its current implementation and defaults.

    Read the article

  • "java.security.AccessControlException: access denied" executing a signet Java Applet

    - by logoff
    I have a little Java Applet and I have an annoying issue. I have signed my JAR with my own keystore using jarsigner tool (following these instructions). The Java Applet downloads a signed JAR and tries to launch it with an extended class of URLClassLoader. This JAR tries to execute this line of code: ClassLoader.getSystemClassLoader().getResource("aResource"); It fails with a large stack trace finished by: Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getClassLoader") at java.security.AccessControlContext.checkPermission(AccessControlContext.java:366) at java.security.AccessController.checkPermission(AccessController.java:555) at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) at java.lang.Thread.getContextClassLoader(Thread.java:1451) ... 21 more When the Java Applet is launched, the user is prompted to accept the certificate if he/she trusts the publisher: Even if I accept it, the exception occurred. Even if I install the certificate, and the prompt message is automatically accepted, the exception occurred. Any help would be appreciated!

    Read the article

  • Certificate Information from WCF Service using Transport security mode

    - by Langdon
    Is there any way to pull information about which client certificate was used inside of my web service method when using <security mode="Transport>? I sifted through OperationContext.Current but couldn't find anything obvious. My server configuration is as follows: <basicHttpBinding> <binding name="SecuredBasicBindingCert"> <security mode="Transport"> <message clientCredentialType="Certificate" /> </security> </binding> </basicHttpBinding> I'm working with a third party pub/sub system who is unfortunately using DataPower for authentication. It seems like if I'm using WCF with this configuration, then I'm unable to glean any information about the caller (since no credentials are actually sent). I somehow need to be able to figure out whose making calls to my service without changing my configuration or asking them to change their payload.

    Read the article

  • Careers in Computer Security? [closed]

    - by Joey Green
    I have the opportunity to go back for MSCS and the closest college's main research is in computer security and forensics. I've always been interested in computer networks and security but I have no interest whatsoever to run cables or add users to the network( which is what the network people do where I currently work ). I wanted to know how may I find out the types of day to day task a computer security expert does? I don't mean the jobs you find on dice or indeed. I'm talking about the type of careers that start out at the NSA or DIA. Also, I'm wondering what the pay is like for these types of fields? Thanks to all that reply.

    Read the article

  • security roles in grails portlets

    - by srinath
    Hi, How to include security roles in grails portlets for liferay ? After deploying war in tomcat i added manually these lines for roles liferay-portlet.xml : <role-mapper> <role-name>administrator</role-name> <role-link>Administrator</role-link> </role-mapper> portlet.xml : <security-role-ref> <role-name>administrator</role-name> </security-role-ref> But How to add these roles settings in grails app before creating war ?? Please suggest me . thanks in advance sri..

    Read the article

  • Why don't stacks grow upwards (for security)?

    - by AshleysBrain
    This is related to the question 'Why do stacks typically grow downwards?', but more from a security point of view. I'm generally referring to x86. It strikes me as odd that the stack would grow downwards, when buffers are usually written to upwards in memory. For example a typical C++ string has its end at a higher memory address than the beginning. This means that if there's a buffer overflow you're overwriting further up the call stack, which I understand is a security risk, since it opens the possibility of changing return addresses and local variable contents. If the stack grew upwards in memory, wouldn't buffer overflows simply run in to dead memory? Would this improve security? If so, why hasn't it been done? What about x64, do those stacks grow upwards and if not why not?

    Read the article

  • INSERT INTO in MS Access 2010 SOMETIMES GETS ERROR: 3073 Operation must use an updateable query

    - by Gary
    I get the ERROR: 3073 Operation must use an updateable query SOMETIMES, while performing an INSERT statment. I have no problem on my windows 7 PC, but the person I am writing this for sometimes gets the error. She also has MS Access 2010 on Windows 7. As I said I have never got it on my PC, and she only gets it sometimes. The code will insert a number of rows and then through the error, and other times not through the erro at all. The error occurs if I have the code and data in one .mdb file or seperate files. Here a snippet of code: OrderHdrInsertStmnt = " INSERT INTO ORDER_HDR " _ & "(ORDER_ID, SOURCE_CODE, ORDER_DATE, SHIP_FNAME, SHIP_LNAME, SHIP_EMAIL, SHIP_COMP, SHIP_PHONE, SHIP_ADDR, SHIP_CITY, SHIP_STATE, SHIP_ZIP, SHIP_CNTRY, " _ & " BILL_FNAME, BILL_LNAME, BILL_EMAIL, BILL_COMP, BILL_PHONE, BILL_ADDR, BILL_CITY, BILL_STATE, BILL_ZIP, BILL_CNTRY, " _ & " TAX, SHIPPING, TOTAL, MOD_DATE, INSERT_DATE) " _ & " VALUES (" _ & "'" & OrderId & "','" & SourceCode & "','" & Orderdate & "','" & ShipFName & "','" & ShipLName & "','" & ShipEmail & "','" & ShipComp & "','" & ShipPhone & "','" & ShipAddr & "','" & ShipCity & "','" & ShipState & "','" & ShipZip & "','" & ShipCntry _ & "','" & BillFName & "','" & BillLName & "','" & BillEmail & "','" & BillComp & "','" & BillPhone & "','" & BillAddr & "','" & BillCity & "','" & BillState & "','" & BillZip & "','" & BillCntry _ & "','" & OrderTax & "','" & OrderShipping & "','" & OrderTotal & "','" & ImportDate & "','" & ImportDate & "');" then I use dbsCurrent.Execute OrderHdrInsertStmnt, dbFailOnError Any assistance would be great!

    Read the article

  • Historical security flaws of popular PHP CMS's?

    - by VirtuosiMedia
    I'm creating a PHP CMS, one that I hope will be used by the public. Security is a major concern and I'd like to learn from some of the popular PHP CMS's like Wordpress, Joomla, Drupal, etc. What are some security flaws or vulnerabilities that they have they had in the past that I can avoid in my application and what strategies can I use to avoid them? What are other issues that I need to be concerned with that they perhaps didn't face as a vulnerability because they handled it correctly from the start? What additional security features or measures would you include? Please be as specific as possible. I'm generally aware of most of the usual attack vectors, but I want to make sure that all the bases are covered, so don't be afraid to mention the obvious as well. Assume PHP 5.2+.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >