Search Results

Search found 916 results on 37 pages for 'md5'.

Page 30/37 | < Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >

  • How would you go about parsing markdown?

    - by John Leidegren
    You can find the syntax here. The thing is, the source that follows with the download is written in perl. Which I have no intentions of honoring. It is riddled with regex and it relies on MD5 hashes to escape certain characters. Something is just wrong about that! I'm about to hard code a parser for markdown and I'm wonder if someone had some experience with this? Edit: If you don't have anything meaningful to say about the actual parsing of markdown, spare me the time. (This might sound harsh, but yes, I'm looking for insight, not a solution i.e. third-party library). To help a bit with the answers, regex are meant to identify patterns! NOT to parse an entire grammar. That people consider doing so is foobar. If you think about markdown, it's fundamentally based around the concept of paragraphs. As such, a reasonable approach might be to split the input into paragraphs. There are many kinds of paragraphs e.g. heading, text, list, blockquote, code. The challenge is thus to identify these paragraphs and in what context they occur. I'll be back with a solution, once I find it's worthy to be shared.

    Read the article

  • Use AJAX to reload captcha

    - by arik-so
    Hello! This question may have been asked already - but unfortunately, I could not find any satisfactory answers. I will just ask it for my concrete case and ask the admins not to delete the question for at least a few days so I can try it out... I have a page. It uses a captcha. Like so: <?php session_start(); // the captcha saves the md5 into the session ?> <img src="captcha.php" onclick="this.src = this.src" /> That was my first code. It did not work, because the browser condsidered it useless to reload an image if the source is the same. My current solution is to pass a get parameter: onclick="this.src = 'captcha.php?randomNumber='+ranNum" The JavaScript variable var ranNum is generated randomly every time the onclick event fires. It works fine, still, I don't like the possibility, if the - though improbable - case of two numbers being the same twice in a row. Although the random number varies between -50,000 and 50,000 - I still do not like it. And I don't think the method is right. I would like to know the 'righter' method, by means of AJAX. I know it's possible. I hope you know how it's possible ^^ In that case, please show me. Thanks in advance! By the way - if I spell cap(t)cha differently, never mind, the reference to the PHP file is right in my code: I use randomImage.php

    Read the article

  • Trouble making login page?

    - by Ken
    Okay, so I want to make a simple login page. I've created a register page successfully, but i can't get the login thing down. login.php: <?php session_start(); include("mainmenu.php"); $usrname = mysql_real_escape_string($_POST['usrname']); $password = md5($_POST['password']); $con = mysql_connect("localhost", "root", "g00dfor@boy"); if(!$con){ die(mysql_error()); } mysql_select_db("users", $con) or die(mysql_error()); $login = "SELECT * FROM `users` WHERE (usrname = '$usrname' AND password = '$password')"; $result = mysql_query($login); if(mysql_num_rows($result) == 1 { $_SESSION = true; header('Location: indexlogin.php'); } else { echo = "Wrong username or password." ; } ?> indexlogin.php just echoes "Login successful." What am I doing wrong? Oh, and just FYI- my database is "users" and my table is "data".

    Read the article

  • Using a php://memory wrapper causes errors...

    - by HorusKol
    I'm trying to extend the PHP mailer class from Worx by adding a method which allows me to add attachments using string data rather than path to the file. I came up with something like this: public function addAttachmentString($string, $name='', $encoding = 'base64', $type = 'application/octet-stream') { $path = 'php://memory/' . md5(microtime()); $file = fopen($path, 'w'); fwrite($file, $string); fclose($file); $this->AddAttachment($path, $name, $encoding, $type); } However, all I get is a PHP warning: PHP Warning: fopen() [<a href='function.fopen'>function.fopen</a>]: Invalid php:// URL specified There aren't any decent examples with the original documentation, but I've found a couple around the internet (including one here on SO), and my usage appears correct according to them. Has anyone had any success with using this? My alternative is to create a temporary file and clean up - but that will mean having to write to disc, and this function will be used as part of a large batch process and I want to avoid slow disc operations (old server) where possible. This is only a short file but has different information for each person the script emails.

    Read the article

  • Password hashing, salt and storage of hashed values

    - by Jonathan Leffler
    Suppose you were at liberty to decide how hashed passwords were to be stored in a DBMS. Are there obvious weaknesses in a scheme like this one? To create the hash value stored in the DBMS, take: A value that is unique to the DBMS server instance as part of the salt, And the username as a second part of the salt, And create the concatenation of the salt with the actual password, And hash the whole string using the SHA-256 algorithm, And store the result in the DBMS. This would mean that anyone wanting to come up with a collision should have to do the work separately for each user name and each DBMS server instance separately. I'd plan to keep the actual hash mechanism somewhat flexible to allow for the use of the new NIST standard hash algorithm (SHA-3) that is still being worked on. The 'value that is unique to the DBMS server instance' need not be secret - though it wouldn't be divulged casually. The intention is to ensure that if someone uses the same password in different DBMS server instances, the recorded hashes would be different. Likewise, the user name would not be secret - just the password proper. Would there be any advantage to having the password first and the user name and 'unique value' second, or any other permutation of the three sources of data? Or what about interleaving the strings? Do I need to add (and record) a random salt value (per password) as well as the information above? (Advantage: the user can re-use a password and still, probably, get a different hash recorded in the database. Disadvantage: the salt has to be recorded. I suspect the advantage considerably outweighs the disadvantage.) There are quite a lot of related SO questions - this list is unlikely to be comprehensive: Encrypting/Hashing plain text passwords in database Secure hash and salt for PHP passwords The necessity of hiding the salt for a hash Clients-side MD5 hash with time salt Simple password encryption Salt generation and Open Source software I think that the answers to these questions support my algorithm (though if you simply use a random salt, then the 'unique value per server' and username components are less important).

    Read the article

  • Injecting Dependencies into Domain Model classes with Nhibernate (ASP.NET MVC + IOC)

    - by Sunday Ironfoot
    I'm building an ASP.NET MVC application that uses a DDD (Domain Driven Design) approach with database access handled by NHibernate. I have domain model class (Administrator) that I want to inject a dependency into via an IOC Container such as Castle Windsor, something like this: public class Administrator { public virtual int Id { get; set; } //.. snip ..// public virtual string HashedPassword { get; protected set; } public void SetPassword(string plainTextPassword) { IHashingService hasher = IocContainer.Resolve<IHashingService>(); this.HashedPassword = hasher.Hash(plainTextPassword); } } I basically want to inject IHashingService for the SetPassword method without calling the IOC Container directly (because this is suppose to be an IOC Anti-pattern). But I'm not sure how to go about doing it. My Administrator object either gets instantiated via new Administrator(); or it gets loaded via NHibernate, so how would I inject the IHashingService into the Administrator class? On second thoughts, am I going about this the right way? I was hoping to avoid having my codebase littered with... currentAdmin.Password = HashUtils.Hash(password, Algorithm.Sha512); ...and instead get the domain model itself to take care of hashing and neatly encapsulate it away. I can envisage another developer accidently choosing the wrong algorithm and having some passwords as Sha512, and some as MD5, some with one salt, and some with a different salt etc. etc. Instead if developers are writing... currentAdmin.SetPassword(password); ...then that would hide those details away and take care of those problems listed above would it not?

    Read the article

  • How to create custom omniauth provider (how to return data)

    - by user2803917
    I searched all around the net, how to create a custom provider for omniauth.. and i succedded partly.. I created a gem, and it worked perfectly, except the part, that i cant understand how to return the gathered data to sessions controller, like other providers do.. here is the code in auth gem: require 'multi_json' require 'digest/md5' require 'rest-client' module OmniAuth module Strategies class Providername < OmniAuth::Strategies::OAuth attr_accessor :app_id, :api_key, :auth def initialize(app, app_id = nil, api_key = nil, options = {}) super(app, :providername) @app_id = app_id @api_key = api_key end protected def request_phase redirect "http://valid_url" end def callback_phase if request.params['code'] && request.params['status'] == 'ok' response = RestClient.get("http://valid_url2/?code=#{request.params['auth_code']}") auth = MultiJson.decode(response.to_s) unless auth['error'] @auth_data = auth if @auth_data @return_data = OmniAuth::Utils.deep_merge(super, { 'uid' => @auth_data['uid'], 'nickname' => @auth_data['nick'], 'user_info' => { 'first_name' => @auth_data['name'], 'last_name' => @auth_data['surname'], 'location' => @auth_data['place'], }, 'credentials' => { 'apikey' => @auth_data['apikey'] }, 'extra' => {'user_hash' => @auth_data} }) end end else fail!(:invalid_request) end rescue Exception => e fail!(:invalid_response, e) end end end end and here i call it in my initializers: Rails.application.config.middleware.use OmniAuth::Builder do provider "providername", Settings.providers.providername.app_id, Settings.providers.providername.app_secret end in this code, everything works fine so far, the provider gets called, i get the info from provider, i create a hash (@auth_data) with info, but how do i return it

    Read the article

  • Using a randomly generated token for flood control.

    - by James P
    Basic setup of my site is: user enters a message on the homepage, hits enter and the message is sent though a AJAX request to a file called like.php where it echo's a link that gets sent back to the user. I have made the input disable when the user presses enter, but there's nothing stopping the user from just constantly flooding like.php with POST request and filling up my database. Someone here on SO told me to use a token system but didn't mention how. I've seen this being done before and from what I know it is effective. The only problem I have is how will like.php know it's a valid token? My code is this at the moment: $token = md5(rand(0, 9999) * 1000000); and the markup: <input type="hidden" name="token" value="<?php echo $token ?>" /> Which will send the token to like.php through POST. But how will like.php know that this is a valid token? Should I instead token something that's linked to the user? Like their IP address? Or perhaps token the current minute and check that it's the same minute in like.php... Any help on this amtter would be greatly appreciated, thanks. :)

    Read the article

  • How to "reduce" a hash?

    - by Julien Lebosquain
    Suppose I have any "long" hash, like a 16 bytes MD5 or a 20 bytes SHA1. I want to reduce this hash to fit on 4 bytes, for GetHashCode() purposes. First, I'm perfectly aware that I'll get more collisions. That's totally fine in my case, but I'd still prefer to get the less possible collisions. There are several solutions to my problem: I could take the 4 first bytes of the hash. I could take the 4 last bytes of the hash. I could take 4 random bytes of the hash. I could generate a hash of the hash, involving classic prime numbers multiplications. Are there other solutons I didn't think about? And more importantly, what method will give me the most unique hash code? I'm currently supposing they're almost equivalent. Microsoft choose that the public key token of an assembly is the last 8 bytes of the SHA1 hash of its public key, so I'll probably go for this solution but I'd like to know why.

    Read the article

  • Why does iOS 5 fail to connect to a server running JDK 1.6, but not JDK 1.5

    - by KC Baltz
    We have a Java Socket Server listening on an SSLSocket (port 443) and an iOS application that connects with it. When running on iOS 5.1, the application stopped working when we upgraded the Java version of the server from JDK 1.5 to 1.6 (or 1.7). The app connects just fine to JDK 5 and 6 when running on iOS 6. The iOS app is reporting an error: -9809 = errSSLCrypto. On the Java side, we get javax.net.ssl.SSLException: Received fatal alert: close_notify. On the Java server side, we have enabled all the available cipher suites. On the client side we have tested enabling several different suites, although we have yet to complete a test involving each one individually enabled. Right now, it is failing when we use TLS_DH_anon_WITH_AES_128_CBC_SHA although it has failed with others and we are starting to think it's not the suite. Here is the debug output. It makes it all the way to ServerHelloDone and then fails shortly thereafter: Is secure renegotiation: false [Raw read]: length = 5 0000: 16 03 03 00 41 ....A [Raw read]: length = 65 0000: 01 00 00 3D 03 03 50 83 1E 0B 56 19 25 65 C8 F2 ...=..P...V.%e.. 0010: AF 02 AD 48 FE E2 92 CF B8 D7 A6 A3 EA C5 FF 5D ...H...........] 0020: 74 0F 1B C1 99 18 00 00 08 00 FF 00 34 00 1B 00 t...........4... 0030: 18 01 00 00 0C 00 0D 00 08 00 06 05 01 04 01 02 ................ 0040: 01 . URT-, READ: Unknown-3.3 Handshake, length = 65 *** ClientHello, Unknown-3.3 RandomCookie: GMT: 1333992971 bytes = { 86, 25, 37, 101, 200, 242, 175, 2, 173, 72, 254, 226, 146, 207, 184, 215, 166, 163, 234, 197, 255, 93, 116, 15, 27, 193, 153, 24 } Session ID: {} Cipher Suites: [TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_RC4_128_MD5] Compression Methods: { 0 } Unsupported extension signature_algorithms, data: 00:06:05:01:04:01:02:01 *** [read] MD5 and SHA1 hashes: len = 65 0000: 01 00 00 3D 03 03 50 83 1E 0B 56 19 25 65 C8 F2 ...=..P...V.%e.. 0010: AF 02 AD 48 FE E2 92 CF B8 D7 A6 A3 EA C5 FF 5D ...H...........] 0020: 74 0F 1B C1 99 18 00 00 08 00 FF 00 34 00 1B 00 t...........4... 0030: 18 01 00 00 0C 00 0D 00 08 00 06 05 01 04 01 02 ................ 0040: 01 . %% Created: [Session-1, TLS_DH_anon_WITH_AES_128_CBC_SHA] *** ServerHello, TLSv1 RandomCookie: GMT: 1333992972 bytes = { 100, 3, 56, 153, 7, 2, 251, 64, 41, 32, 66, 240, 227, 181, 55, 190, 2, 237, 146, 0, 73, 119, 70, 0, 160, 9, 28, 207 } Session ID: {80, 131, 30, 12, 241, 73, 52, 38, 46, 41, 237, 226, 199, 246, 156, 45, 3, 247, 182, 43, 223, 8, 49, 169, 188, 63, 160, 41, 102, 199, 50, 190} Cipher Suite: TLS_DH_anon_WITH_AES_128_CBC_SHA Compression Method: 0 Extension renegotiation_info, renegotiated_connection: <empty> *** Cipher suite: TLS_DH_anon_WITH_AES_128_CBC_SHA *** Diffie-Hellman ServerKeyExchange DH Modulus: { 233, 230, 66, 89, 157, 53, 95, 55, 201, 127, 253, 53, 103, 18, 11, 142, 37, 201, 205, 67, 233, 39, 179, 169, 103, 15, 190, 197, 216, 144, 20, 25, 34, 210, 195, 179, 173, 36, 128, 9, 55, 153, 134, 157, 30, 132, 106, 171, 73, 250, 176, 173, 38, 210, 206, 106, 34, 33, 157, 71, 11, 206, 125, 119, 125, 74, 33, 251, 233, 194, 112, 181, 127, 96, 112, 2, 243, 206, 248, 57, 54, 148, 207, 69, 238, 54, 136, 193, 26, 140, 86, 171, 18, 122, 61, 175 } DH Base: { 48, 71, 10, 213, 160, 5, 251, 20, 206, 45, 157, 205, 135, 227, 139, 199, 209, 177, 197, 250, 203, 174, 203, 233, 95, 25, 10, 167, 163, 29, 35, 196, 219, 188, 190, 6, 23, 69, 68, 64, 26, 91, 44, 2, 9, 101, 216, 194, 189, 33, 113, 211, 102, 132, 69, 119, 31, 116, 186, 8, 77, 32, 41, 216, 60, 28, 21, 133, 71, 243, 169, 241, 162, 113, 91, 226, 61, 81, 174, 77, 62, 90, 31, 106, 112, 100, 243, 22, 147, 58, 52, 109, 63, 82, 146, 82 } Server DH Public Key: { 8, 60, 59, 13, 224, 110, 32, 168, 116, 139, 246, 146, 15, 12, 216, 107, 82, 182, 140, 80, 193, 237, 159, 189, 87, 34, 18, 197, 181, 252, 26, 27, 94, 160, 188, 162, 30, 29, 165, 165, 68, 152, 11, 204, 251, 187, 14, 233, 239, 103, 134, 168, 181, 173, 206, 151, 197, 128, 65, 239, 233, 191, 29, 196, 93, 80, 217, 55, 81, 240, 101, 31, 119, 98, 188, 211, 52, 146, 168, 127, 127, 66, 63, 111, 198, 134, 70, 213, 31, 162, 146, 25, 178, 79, 56, 116 } Anonymous *** ServerHelloDone [write] MD5 and SHA1 hashes: len = 383 0000: 02 00 00 4D 03 01 50 83 1E 0C 64 03 38 99 07 02 ...M..P...d.8... 0010: FB 40 29 20 42 F0 E3 B5 37 BE 02 ED 92 00 49 77 .@) B...7.....Iw 0020: 46 00 A0 09 1C CF 20 50 83 1E 0C F1 49 34 26 2E F..... P....I4&. 0030: 29 ED E2 C7 F6 9C 2D 03 F7 B6 2B DF 08 31 A9 BC ).....-...+..1.. 0040: 3F A0 29 66 C7 32 BE 00 34 00 00 05 FF 01 00 01 ?.)f.2..4....... 0050: 00 0C 00 01 26 00 60 E9 E6 42 59 9D 35 5F 37 C9 ....&.`..BY.5_7. 0060: 7F FD 35 67 12 0B 8E 25 C9 CD 43 E9 27 B3 A9 67 ..5g...%..C.'..g 0070: 0F BE C5 D8 90 14 19 22 D2 C3 B3 AD 24 80 09 37 ......."....$..7 0080: 99 86 9D 1E 84 6A AB 49 FA B0 AD 26 D2 CE 6A 22 .....j.I...&..j" 0090: 21 9D 47 0B CE 7D 77 7D 4A 21 FB E9 C2 70 B5 7F !.G...w.J!...p.. 00A0: 60 70 02 F3 CE F8 39 36 94 CF 45 EE 36 88 C1 1A `p....96..E.6... 00B0: 8C 56 AB 12 7A 3D AF 00 60 30 47 0A D5 A0 05 FB .V..z=..`0G..... 00C0: 14 CE 2D 9D CD 87 E3 8B C7 D1 B1 C5 FA CB AE CB ..-............. 00D0: E9 5F 19 0A A7 A3 1D 23 C4 DB BC BE 06 17 45 44 ._.....#......ED 00E0: 40 1A 5B 2C 02 09 65 D8 C2 BD 21 71 D3 66 84 45 @.[,..e...!q.f.E 00F0: 77 1F 74 BA 08 4D 20 29 D8 3C 1C 15 85 47 F3 A9 w.t..M ).<...G.. 0100: F1 A2 71 5B E2 3D 51 AE 4D 3E 5A 1F 6A 70 64 F3 ..q[.=Q.M>Z.jpd. 0110: 16 93 3A 34 6D 3F 52 92 52 00 60 08 3C 3B 0D E0 ..:4m?R.R.`.<;.. 0120: 6E 20 A8 74 8B F6 92 0F 0C D8 6B 52 B6 8C 50 C1 n .t......kR..P. 0130: ED 9F BD 57 22 12 C5 B5 FC 1A 1B 5E A0 BC A2 1E ...W"......^.... 0140: 1D A5 A5 44 98 0B CC FB BB 0E E9 EF 67 86 A8 B5 ...D........g... 0150: AD CE 97 C5 80 41 EF E9 BF 1D C4 5D 50 D9 37 51 .....A.....]P.7Q 0160: F0 65 1F 77 62 BC D3 34 92 A8 7F 7F 42 3F 6F C6 .e.wb..4....B?o. 0170: 86 46 D5 1F A2 92 19 B2 4F 38 74 0E 00 00 00 .F......O8t.... URT-, WRITE: TLSv1 Handshake, length = 383 [Raw write]: length = 388 0000: 16 03 01 01 7F 02 00 00 4D 03 01 50 83 1E 0C 64 ........M..P...d 0010: 03 38 99 07 02 FB 40 29 20 42 F0 E3 B5 37 BE 02 .8....@) B...7.. 0020: ED 92 00 49 77 46 00 A0 09 1C CF 20 50 83 1E 0C ...IwF..... P... 0030: F1 49 34 26 2E 29 ED E2 C7 F6 9C 2D 03 F7 B6 2B .I4&.).....-...+ 0040: DF 08 31 A9 BC 3F A0 29 66 C7 32 BE 00 34 00 00 ..1..?.)f.2..4.. 0050: 05 FF 01 00 01 00 0C 00 01 26 00 60 E9 E6 42 59 .........&.`..BY 0060: 9D 35 5F 37 C9 7F FD 35 67 12 0B 8E 25 C9 CD 43 .5_7...5g...%..C 0070: E9 27 B3 A9 67 0F BE C5 D8 90 14 19 22 D2 C3 B3 .'..g......."... 0080: AD 24 80 09 37 99 86 9D 1E 84 6A AB 49 FA B0 AD .$..7.....j.I... 0090: 26 D2 CE 6A 22 21 9D 47 0B CE 7D 77 7D 4A 21 FB &..j"!.G...w.J!. 00A0: E9 C2 70 B5 7F 60 70 02 F3 CE F8 39 36 94 CF 45 ..p..`p....96..E 00B0: EE 36 88 C1 1A 8C 56 AB 12 7A 3D AF 00 60 30 47 .6....V..z=..`0G 00C0: 0A D5 A0 05 FB 14 CE 2D 9D CD 87 E3 8B C7 D1 B1 .......-........ 00D0: C5 FA CB AE CB E9 5F 19 0A A7 A3 1D 23 C4 DB BC ......_.....#... 00E0: BE 06 17 45 44 40 1A 5B 2C 02 09 65 D8 C2 BD 21 ...ED@.[,..e...! 00F0: 71 D3 66 84 45 77 1F 74 BA 08 4D 20 29 D8 3C 1C q.f.Ew.t..M ).<. 0100: 15 85 47 F3 A9 F1 A2 71 5B E2 3D 51 AE 4D 3E 5A ..G....q[.=Q.M>Z 0110: 1F 6A 70 64 F3 16 93 3A 34 6D 3F 52 92 52 00 60 .jpd...:4m?R.R.` 0120: 08 3C 3B 0D E0 6E 20 A8 74 8B F6 92 0F 0C D8 6B .<;..n .t......k 0130: 52 B6 8C 50 C1 ED 9F BD 57 22 12 C5 B5 FC 1A 1B R..P....W"...... 0140: 5E A0 BC A2 1E 1D A5 A5 44 98 0B CC FB BB 0E E9 ^.......D....... 0150: EF 67 86 A8 B5 AD CE 97 C5 80 41 EF E9 BF 1D C4 .g........A..... 0160: 5D 50 D9 37 51 F0 65 1F 77 62 BC D3 34 92 A8 7F ]P.7Q.e.wb..4... 0170: 7F 42 3F 6F C6 86 46 D5 1F A2 92 19 B2 4F 38 74 .B?o..F......O8t 0180: 0E 00 00 00 .... [Raw read]: length = 5 0000: 15 03 01 00 02 ..... [Raw read]: length = 2 0000: 02 00 .. URT-, READ: TLSv1 Alert, length = 2 URT-, RECV TLSv1 ALERT: fatal, close_notify URT-, called closeSocket() URT-, handling exception: javax.net.ssl.SSLException: Received fatal alert: close_notify FYI, this works in iOS 6.0

    Read the article

  • How to not cache a php file where a cachemanifest is beeing called?

    - by Volmar
    Hi, i'm building a iphone app with jqtouch and i use a cachemanifest to cache all the static files (images, css, javascript) to make it load faster. However the page uses php for the dynamic content and i don't want to cache that. So i'm generating the cachemanifest with this php-script(manifest.php): <?php header('Content-Type: text/cache-manifest'); echo "CACHE MANIFEST\n"; $hashes = ""; $lastFileWasDynamic = FALSE; $dir = new RecursiveDirectoryIterator("."); foreach(new RecursiveIteratorIterator($dir) as $file) { if ($file->IsFile() && $file != "./manifest.php" && substr($file->getFilename(), 0, 1) != ".") { if(preg_match('/.php$/', $file)) { if(!$lastFileWasDynamic) { echo "\n\nNETWORK:\n"; } $lastFileWasDynamic = TRUE; } else { if($lastFileWasDynamic) { echo "\n\nCACHE:\n"; $lastFileWasDynamic = FALSE; } } echo $file . "\n"; $hashes .= md5_file($file); } } echo "\nNETWORK:\nhttp://chart.apis.google.com/\n\n# Hash: " . md5($hashes) . "\n"; ?> This actually works really good except for one irritating thing: From what i read somewhere the file that calls the cachemanifest is automaticly included in the manifest and is beeing cached. Wich means that my start-page index.php, where i call the cachemanifest is beeing cached. This leads to very irritating problems. is there any way to deal with this or any smart workaround? The page is in the cachemanifest listed as NETWORK, but it looks like this is beeing overruled by the fact that the cachemanifest is called from the file.

    Read the article

  • Do you have health checks in your web app or web site?

    - by Pekka
    I have built PHP based "health check" scripts for several projects, but they were always custom-made for the occasion and not written for abstraction as an independent product. I would like to know whether such a solution exists. What I meam by "health check" is a protected web page that functions much like a suite of unit tests, but on a more operational level, showing red/yellow/green statuses for things like Are the cache directories writable? Is the PHP version correct, are required extensions installed? Is the configuration file protected from writing? Is the database server reachable? Do the key tables exist in the database? Is there enough disk space available? Is the site's front page reachable and renders fully ( = no PHP errors)? Do the project's libraries' MD5 checksums match the original ones? Do you do this - or parts of it - in your applications and web sites? Are there any standardized tools for this that bring along all the functionality to perform the tests (ideally as plugins), and just need to be configured accordingly? Is there a way to set this up using one of the Unit Testing frameworks available for PHP (preferably PHPUnit)? If so, do you know any resources / tutorials outlining how?

    Read the article

  • What is the proper way to code a read-while loop in Scala?

    - by ARKBAN
    What is the "proper" of writing the standard read-while loop in Scala? By proper I mean written in a Scala-like way as opposed to a Java-like way. Here is the code I have in Java: MessageDigest md = MessageDigest.getInstance( "MD5" ); InputStream input = new FileInputStream( "file" ); byte[] buffer = new byte[1024]; int readLen; while( ( readLen = input.read( buffer ) ) != -1 ) md.update( buffer, 0, readLen ); return md.digest(); Here is the code I have in Scala: val md = MessageDigest.getInstance( hashInfo.algorithm ) val input = new FileInputStream( "file" ) val buffer = new Array[ Byte ]( 1024 ) var readLen = 0 while( readLen != -1 ) { readLen = input.read( buffer ) if( readLen != -1 ) md.update( buffer, 0, readLen ) } md.digest The Scala code is correct and works, but feels very un-Scala-ish. For one it is a literal translation of the Java code, taking advantage of none of the advantages of Scala. Further it is actually longer than the Java code! I really feel like I'm missing something, but I can't figure out what. I'm fairly new to Scala, and so I'm asking the question to avoid falling into the pitfall of writing Java-style code in Scala. I'm more interested in the Scala way to solve this kind of problem than in any specific helper method that might be provided by the Scala API to hash a file. (I apologize in advance for my ad hoc Scala adjectives throughout this question.)

    Read the article

  • Creating a tar file with checksums included

    - by wazoox
    Here's my problem : I need to archive to tar files a lot ( up to 60 TB) of big files (usually 30 to 40 GB each). I would like to make checksums ( md5, sha1, whatever) of these files before archiving; however not reading every file twice (once for checksumming, twice for tar'ing) is more or less a necessity to achieve a very high archiving performance (LTO-4 wants 120 MB/s sustained, and the backup window is limited). So I'd need some way to read a file, feeding a checksumming tool on one side, and building a tar to tape on the other side, something along : tar cf - files | tee tarfile.tar | md5sum - Except that I don't want the checksum of the whole archive (this sample shell code does just this) but a checksum for each individual file in the archive. I've studied GNU tar, Pax, Star options. I've looked at the source from Archive::Tar. I see no obvious way to achieve this. It looks like I'll have to hand-build something in C or similar to achieve what I need. Perl/Python/etc simply won't cut it performance-wise, and the various tar programs miss the necessary "plugin architecture". Does anyone know of any existing solution to this before I start code-churning ?

    Read the article

  • ajax login problem

    - by rdanee
    $(document).ready(function() { $("form#login_form").submit(function() { var login_username = $('#login_username').attr('value'); var login_password = $('#login_password').attr('value'); type: "POST", $.ajax({ url: "login.php", data: "username="+ login_username +"& password="+ login_password, success: function(data){ alert(data); if (data == "ok"){ $('form#login_form').hide(function(){$('div.success').fadeIn();}); } } }); return false; }); Login.php: <?php include("settings.php"); $query = "select * from users where username = '{$_POST['login_username']}' and password = md5('{$_POST['login_password']}')"; $query = mysql_query($query, $connection); if ( mysql_num_rows($query) == 1 ) { print "ok"; $array = mysql_fetch_array($query); if ( $_POST['stay'] ) { $time = time()+2592000; } else { $time = 0; } } else { print "no"; } mysql_close($connection); ?> My problem: In the alert the message always "no" whether username/password is correct, however on the site "ok" appears when username/pw is correct. I have read the other questions in connection with this problem, but I couldn't solve the response problem from login.php with Json. Could you help me how should I response to the ajax calling? ( with a code if it is possible) Thank you very much, and sorry for questioning again.

    Read the article

  • Fix a 404: missing parameters error from a GET request to CherryPy

    - by norabora
    I'm making a webpage using CherryPy for the server-side, HTML, CSS and jQuery on the client-side. I'm also using a mySQL database. I have a working form for users to sign up to the site - create a username and password. I use jQuery to send an AJAX POST request to the CherryPy which queries the database to see if that username exists. If the username exists, alert the user, if it doesn't, add it to the database and alert success. $.post('submit', postdata, function(data) { alert(data); }); Successful jQuery POST. I want to change the form so that instead of checking that the username exists on submit, a GET request is made as on the blur event from the username input. The function gets called, and it goes to the CherryPy, but then I get an error that says: HTTPError: (404, 'Missing parameters: username'). $.get('checkUsername', getdata, function(data) { alert(data); }); Unsuccessful jQuery GET. The CherryPy: @cherrypy.expose def submit(self, **params): cherrypy.response.headers['Content-Type'] = 'application/json' e = sqlalchemy.create_engine('mysql://mysql:pw@localhost/6470') c = e.connect() com1 = "SELECT * FROM `users` WHERE `username` = '" + params["username"] + "'" b = c.execute(com1).fetchall() if not len(b) > 0: com2 = "INSERT INTO `6470`.`users` (`username` ,`password` ,`website` ,`key`) VALUES ('" com2 += params["username"] + "', MD5( '" + params["password"] + "'), '', NULL);" a = c.execute(com2) c.close() return simplejson.dumps("Success!") #login user and send them to home page c.close() return simplejson.dumps("This username is not available.") @cherrypy.expose def checkUsername(self, username): cherrypy.response.headers['Content-Type'] = 'application/json' e = sqlalchemy.create_engine('mysql://mysql:pw@localhost/6470') c = e.connect() command = "SELECT * FROM `users` WHERE `username` = '" + username + "'" a = c.execute(command).fetchall(); c.close() sys.stdout.write(str(a)) return simplejson.dumps("") I can't see any differences between the two so I don't know why the GET request is giving me a problem. Any insight into what I might be doing wrong would be helpful. If you have ideas about the jQuery, CherryPy, config files, anything, I'd really appreciate it.

    Read the article

  • why is a minus sign prepended to my biginteger?

    - by kyrogue
    package ewa; import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.logging.Level; import java.util.logging.Logger; import java.math.BigInteger; /** * * @author Lotus */ public class md5Hash { public static void main(String[] args) throws NoSuchAlgorithmException { String test = "abc"; MessageDigest md = MessageDigest.getInstance("MD5"); try { md.update(test.getBytes("UTF-8")); byte[] result = md.digest(); BigInteger bi = new BigInteger(result); String hex = bi.toString(16); System.out.println("Pringting result"); System.out.println(hex); } catch (UnsupportedEncodingException ex) { Logger.getLogger(md5Hash.class.getName()).log(Level.SEVERE, null, ex); } } } i am testing conversion of byte to hex and when done, the end result has a minus sign on the beginning of the string, why does this happen? i have read the docs and it says it will add a minus sign, however i do not understand it. And will the minus sign affect the hash result? because i am going to implement it to hash password stored on my database

    Read the article

  • SugarmCRM REST API always returns "null"

    - by TuomasR
    I'm trying to test out the SugarCRM REST API, running latest version of CE (6.0.1). It seems that whenever I do a query, the API returns "null", nothing else. If I omit the parameters, then the API returns the API description (which the documentation says it should). I'm trying to perform a login, passing as parameter the method (login), input_type and response_type (json) and rest_data (JSON encoded parameters). The following code does the query: $api_target = "http://example.com/sugarcrm/service/v2/rest.php"; $parameters = json_encode(array( "user_auth" => array( "user_name" => "admin", "password" => md5("adminpassword"), ), "application_name" => "Test", "name_value_list" => array(), )); $postData = http_build_query(array( "method" => "login", "input_type" => "json", "response_type" => "json", "rest_data" => $parameters )); echo $parameters . "\n"; echo $postData . "\n"; echo file_get_contents($api_target, false, stream_context_create(array( "http" => array( "method" => "POST", "header" => "Content-Type: application/x-www-form-urlencoded\r\n", "content" => $postData ) ))) . "\n"; I've tried different variations of parameters and using username instead of user_name, and all provide the same result, just a response "null" and that's it.

    Read the article

  • PHP -- automatic SQL injection protection?

    - by ashgromnies
    I took over maintenance of a PHP app recently and I'm not super familiar with PHP but some of the things I've been seeing on the site are making me nervous that it could be vulnerable to a SQL injection attack. For example, see how this code for logging into the administrative section works: $password = md5(HASH_SALT . $_POST['loginPass']); $query = "SELECT * FROM `administrators` WHERE `active`='1' AND `email`='{$_POST['loginEmail']}' AND `password`='{$password}'"; $userInfo = db_fetch_array(db_query($query)); if($userInfo['id']) { $_SESSION['adminLoggedIn'] = true; // user is logged in, other junk happens here, not important The creators of the site made a special db_query method and db_fetch_array method, shown here: function db_query($qstring,$print=0) { return @mysql(DB_NAME,$qstring); } function db_fetch_array($qhandle) { return @mysql_fetch_array($qhandle); } Now, this makes me think I should be able to do some sort of SQL injection attack with an email address like: ' OR 'x'='x' LIMIT 1; and some random password. When I use that on the command line, I get an administrative user back, but when I try it in the application, I get an invalid username/password error, like I should. Could there be some sort of global PHP configuration they have enabled to block these attacks? Where would that be configured? Here is the PHP --version information: # php --version PHP 5.2.12 (cli) (built: Feb 28 2010 15:59:21) Copyright (c) 1997-2009 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies with the ionCube PHP Loader v3.3.14, Copyright (c) 2002-2010, by ionCube Ltd., and with Zend Optimizer v3.3.9, Copyright (c) 1998-2009, by Zend Technologies

    Read the article

  • SharePoint webpart with button to auto-login to 3rd party website

    - by JCdowney
    I have been tasked with creating a SharePoint 2007 webpart that logs the user directly into our website (which uses forms authentication). Most likely the username and password will be same in the SharePoint account as in our website. Ideally we would like it to be fully integrated in that the webpart looks up the SP login & password, somehow encodes that using SHA1, MD5 or similar encryption, then passes that along to our login page on the query string. However given we have little experience with SharePoint, and that it's probably impossible to programmatically access the SP username/password from a webpart we realize this isn't very likely to be possible and if so would probably require a lot of development time. Another option would be to load a login form from the website within an iframe in the webpart, which would show the login & password first but store a "remember me" cookie after the first login, and on each subsequent load display just a button that logs them in directly using the cookie. Has anyone done something similar before? I'm in over my head, any guidance would be much appreciated! :)

    Read the article

  • Haskell lazy I/O and closing files

    - by Jesse
    I've written a small Haskell program to print the MD5 checksums of all files in the current directory (searched recursively). Basically a Haskell version of md5deep. All is fine and dandy except if the current directory has a very large number of files, in which case I get an error like: <program>: <currentFile>: openBinaryFile: resource exhausted (Too many open files) It seems Haskell's laziness is causing it not to close files, even after its corresponding line of output has been completed. The relevant code is below. The function of interest is getList. import qualified Data.ByteString.Lazy as BS main :: IO () main = putStr . unlines =<< getList "." getList :: FilePath -> IO [String] getList p = let getFileLine path = liftM (\c -> (hex $ hash $ BS.unpack c) ++ " " ++ path) (BS.readFile path) in mapM getFileLine =<< getRecursiveContents p hex :: [Word8] -> String hex = concatMap (\x -> printf "%0.2x" (toInteger x)) getRecursiveContents :: FilePath -> IO [FilePath] -- ^ Just gets the paths to all the files in the given directory. Are there any ideas on how I could solve this problem? The entire program is available here: http://haskell.pastebin.com/PAZm0Dcb

    Read the article

  • Connect.registerUsers - Need helping creating array for accounts param

    - by mw_javaguy
    I keep getting the following error when I try to invoke the Facebook REST API Call: Connect.registerUsers Error Code: 100 - param accounts must be an array JSON based response (from Facebook): {"error_code":100,"error_msg":"param accounts must be an array.","request_args": [{"key":"accounts","value":"{email_hash:5232156322_55ddgvc3db5ddcf218049dd564da2x06}"}, {"key":"api_key","value":"23b2c4c6a23445fbffssf8aab96a5e5"}, {"key":"format","value":"JSON"},{"key":"method","value":"Connect.registerUsers"},{"key":"sig","value":"3sd54153a31382fa6e72eecf3c57d7c9"},{"key":"v","value":"1.0"}],"message":"Unknown exception","code":0} I set up the Java code to invoke the REST end point using HttpClient like this: String API_KEY = "23b2c4c6a23445fbffssf8aab96a5e5"; String toConnectRegisterUsersSignature = "accounts=" + "{email_hash:" + emailHash + "}" + "api_key=" + API_KEY + "format=JSON" + "method=Connect.registerUsers" + "v=1.0" + "0c786155bd3cxe8228d924542da5gf2"; String connectRegisterUsersSignature = SimpleMd5.MD5(toConnectRegisterUsersSignature); NameValuePair[] connectRegisterUsersParameters = { new NameValuePair("accounts", "{email_hash:" + emailHash + "}"), new NameValuePair("api_key", API_KEY), new NameValuePair("format", "JSON"), new NameValuePair("method", "Connect.registerUsers"), new NameValuePair("sig", connectRegisterUsersSignature), new NameValuePair("v", "1.0") }; Tried the following combinations and I still get the same error! Signature: "accounts=" + "[email_hash=" + emailHash + "]" new NameValuePair("accounts", "[email_hash=" + emailHash + "]") Signature: "accounts=" + "email_hash[" + emailHash + "]" new NameValuePair("accounts", "email_hash[" + emailHash + "]") Signature: "accounts=" + "email_hash(" + emailHash + ")" new NameValuePair("accounts", "email_hash(" + emailHash + ")") Signature: "accounts=" + "[email_hash=" + emailHash + "]" new NameValuePair("accounts", "[email_hash=" + emailHash + "]") Signature: "accounts=" + "email_hash=" + emailHash new NameValuePair("accounts", "email_hash=" + emailHash) Signature: "accounts=" + "[{email_hash:" + emailHash + "}]" new NameValuePair("accounts", "[{email_hash:" + emailHash + "}]"), Does anyone know how to construct this array that the response is requesting? Happy programming and thank you for taking the time to read this.

    Read the article

  • Basic security, PHP mySQl

    - by yuudachi
    So I am making a basic log-in page. I have a good idea of what to do, but I'm still unsure of some things. I have a database full of students and a password column of course. I know I'm going to use md5 encryption in that column. The student enters their e-mail and student ID, and they get e-mailed a password if correct. But, where do I create the password? Do I have to manually add the password (which is just a randomly generated string) in mySQL to all the students? And I am suppose to send the password to the student; how will I know what to send the student if the password is encrypted? I was thinking about generating the password when the student first enters their e-mail and student ID. They get an e-mail of the random string, and at the same time, I add the same random string to the database, encrypted. Is that how it's suppose to work though? And it feels unsafe doing that all on the same page. Sorry for the long-winded, newbish question. I find this all facisnating at the same time as well (AES and RSA encryption :O)

    Read the article

  • Passing a variable from beggining to end - Paypal

    - by Phil Jackson
    Hi all, I'be been at this for days and i cant seem to figure it out. All i want to do is when subscribe button is pushed, a variable is send ( post get i dont care ) payment is completed and landed on the success page, with my variable! From what i can gather this should be able to do it: <form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post"> <input type="hidden" name="cmd" value="_s-xclick"> <input type="hidden" name="hosted_button_id" value="0000000"> <Input type="hidden" name="custom" value="<?php md5($code.microtime()); ?>"/> <input type="image" src="https://www.sandbox.paypal.com/en_US/i/btn/btn_subscribeCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!"> <img alt="" border="0" src="https://www.sandbox.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1"> </form> Any help much appreciated ( and yes I've read paypal and sandbox documentation, just not that good at reading. )

    Read the article

  • Encrypt correctly caracters in a PHP mail form ("I'm" turns to be "I\'m")

    - by Peanuts
    Hello guys, I'm testing a PHP mail form, a very barebones one, found here: <?php if(isset($_POST['submit'])) { //The form has been submitted, prep a nice thank you message $output = '<h3>Thanks for your message</h3>'; //Deal with the email $to = '[email protected]'; $subject = 'you have a mail'; $contactname = strip_tags($_POST['contactname']); $adress = strip_tags($_POST['adress']); $contactemail = strip_tags($_POST['contactemail']); $textmessage = strip_tags($_POST['textmessage']); $boundary =md5(date('r', time())); $headers = "From: My Site\r\nReply-To: [email protected]"; $message = "Name: ".$contactname."\n"; $message .= "Adress: ".$adress."\n"; $message .= "E-mail: ".$contactemail."\n"; $message .= "Message: ".$textmessage."\n"; mail($to, $subject, $message, $headers); } ?> The problem is I'm receiving an unwanted slash "\" everytime I write a single or a double quote in my message, so "I'm" appear as "I\'m" in my mailbox. I know it have to do with the way PHP distinguishes code quotes from only lecture quotes, but I wouldn't know what to add in my form to get it properly running. Any help is appreciated,

    Read the article

< Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >