Search Results

Search found 1449 results on 58 pages for 'rice flour cookies'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 30/58 | < Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >

  • How ad retargeting works?

    - by Bojan Babic
    Recently, I read that Facebook ads are moving towards retargeting and got interested deeper into subject. Essentially, retargeting is technique advertisers use that tracks purchase intent by putting cookies into your browser and when you visit another website within ad network you will see ad for item you "wanted to buy". In order this to for, both publisher and advertiser need to work together. Publisher needs add couple of lines of javascript and publisher need to be able to read this info across sites. In most cases, javascript inserts iframe from adnetwork domain. Iframe script sets cookies for both host domain and remote adnetwork domain. However, Same Origin policy do not let iframes read/set content from parent domain. Is there something I'm missing here? Can someone explain how this technique actually works?

    Read the article

  • session persisting problem after system restart

    - by user100124
    Is there a way to prevent session id restore on startup/restart of user's system? We are using a asp.net app and I am able to login and access the site. For the first time session id is created and stored in cookies. Problem: But if I restart my system without signing out, the session is still alive. How can I prevent this? from server side. I can try to delete cookies but it is not practical, as each user will have different preferences.

    Read the article

  • Nested Object Forms not working as expected

    - by Craig Walker
    I'm trying to get a nested model forms view working. As far as I can tell I'm doing everything right, but it still does not work. I'm on Rails 3 beta 3. My models are as expected: class Recipe < ActiveRecord::Base has_many :ingredients, :dependent => :destroy accepts_nested_attributes_for :ingredients attr_accessible :name end class Ingredient < ActiveRecord::Base attr_accessible :name, :sort_order, :amount belongs_to :recipe end I can use Recipe.ingredients_attributes= as expected: recipe = Recipe.new recipe.ingredients_attributes = [ {:name=>"flour", :amount=>"1 cup"}, {:name=>"sugar", :amount=>"2 cups"}] recipe.ingredients.size # -> 2; ingredients contains expected instances However, I cannot create new object graphs using a hash of parameters as shown in the documentation: params = { :name => "test", :ingredients_attributes => [ {:name=>"flour", :amount=>"1 cup"}, {:name=>"sugar", :amount=>"2 cups"}] } recipe = Recipe.new(params) recipe.name # -> "test" recipe.ingredients # -> []; no ingredient instances in the collection Is there something I'm doing wrong here? Or is there a problem in the Rails 3 beta?

    Read the article

  • Google Chrome Browser

    - by Harish
    Hi friends. Am using Google Chrome as my default web browser. I don't have any problem with it. The only problem rise is when I enter gmail.com and login into my account. I need to go to Histories in Google chrome (ctrl + shft + del) and select "Del Cokies and Other datas" for entering into gmail again. My gmail page is workin just once. I nedd to log in. Check my mail and I have to clear the cookies in order to log in again If i fail, This is d info I get The webpage at https://mail.google.com/mail/?shva=1&ui=html&zy=l&pli=1&auth=DQAAALgAAABhdI_K9uptgb6yQfGVmnl74VZEUH7U2M7WGJn3kJnCiY0CNI5QBU3X-g6UjPENGoHKSHE9nRna_Ygu_d59mN-HG1SUzNpI_UEMJ9CwDqZAYxYLEJl8r_JA2qJNGF8H0fdKfn99Gb2YeI-lprGxCrWRT7LicyADxQvNLQ6l9xBvOccEBSJfdIrna8dOXeX06N41L0zpnLQrVG1qdulR7LxId9XwtVb6QtfhwnambqLoNiY402Y5pjGG1_gFL4dNpJA&gausr=hariss89%40gmail.com has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer. Here are some suggestions: Reload this web page later. Learn more about this problem. Wat can I do ...

    Read the article

  • Is Google tracking our web history even when we do not visit Google or if affiliate websites?

    - by Anoyon-12
    I have recently updated to Google Chrome 29.0.1547.76. And when I click a the new tab button there is a new homepage now. Ok. My current settings forbid from third party cookies being set. And I clear all of my browsing data every time I close or well if its been too long browsing. Ok so there is this help dialog that appears first time you open the new tab page. What I did was Cleared all my browsing settings (From Beginning of time) and then again I went to the new tab, the Help dialog appears. And for the third time I did the same and the Same thing Happened. So For the fourth time I cleared all my Browsing data. Clicked open new tab and then. navigate myself to chrome://settings/cookies. and there were So does this mean google is tracking our web History just for using Chrome. I know Its not Illegal because these cookies only appear when you click the new tab Google Chrome 29.0.1547.76. maybe that was the reason google redesigned the entire New:tab page. From this Google is forcing us to allow them track us. I don't want to set another page as my new:tab page. I just want the old one. Google has a long History of invading Privacy without users consent. There was that Safari incident. I am sure you people remember. So can anyone tell me about this issue? I maybe wrong. So please explain.

    Read the article

  • Serialize cookie collection

    - by user313421
    Hello guys My scenario is to store all client cookies as XML file and make the exact "cookie collection" later from this file. So, How to serialize/Deserialize a "cookie collection" in asp.net ? Does "multivalued" cookies need extra considerations rather than standard collection serialization ? Thanks for your time

    Read the article

  • Session Id in url and/or cookie? [closed]

    - by Jacco
    Most people advice against rewriting every (internal) url to include the sessionId (both GET and POST). The standard argument against it seems to be:   If an attacker gets hold of the sessionId, they can hijack the session.   With the sessionId in the url, it easily leaks to the attacker (by referer etc.) But what if you put the sessionId in both an (encrypted) cookie and the url. if the sessionId in either the cookie or the url is missing or if they do not match, decline the request. Let's pretend the website in question is free of xss holes, the cookie encryption is strong enough, etc. etc. Then what is the increased risk of rewriting every url to include the sessionId? UPDATE: @Casper That is a very good point. so up to now there are 2 reasons: bad for search engines / SEO if used in public part of the website can cause trouble when users post an url with a session Id on a forum, send it trough email or bookmark the page apart from the:   It increases the security risk, but it is not clear what the increased risk is. some background info: I've a website that offers blog-like service to travellers. I cannot be sure cookies work nor can I require cookies to work. Most computers in internet cafes are old and not (even close to) up-to-date. The user has no control over them and the connection can be very unreliable for some more 'off the beaten path' locations. Binding the session to an IP-address is not possible, some places use load-balancing proxies with multiple IP addresses. (and from China there is The Great Firewall). Upon receiving the first cookie back, I flag cookies as mandatory. However, if the cookie was flagged as mandatory but not there, I ask for their password once more, knowing their session from the url. (Also cookies have a 1 time token in them, but that's not the point of this question). UPDATE 2: The conclusion seems to be that there are no extra *security* issues when you expose you session id trough the URL while also keeping a copy of the session id in an encrypted cookie. Do not hesitate to add additional information about any possible security implications

    Read the article

  • jQuery unbinding click event when maximum number of children are displayed

    - by RyanP13
    I have a personal details form that alows you to enter a certain number of dependants which is determined by the JSP application. The first dependant is visible and the user has the option to add dependants up to the maximum number. All other dependants are hidden by default and are displayed when a user clicks the 'Add another dependant button'. When the maximum number of dependants has been reached the button is greyed out and a message is generated via jQuery and displayed to tell the user exactly this. The issue i am having is when the maximum number of dependants has been reached the message is displayed but then the user can click the button to add more dependants and the message keeps on generating. I thought unbinding the click event would sort this but it seems to still be able to generate a second message. Here is the function i wrote to generate the message: // Dependant message function function maxDependMsg(msgElement) { // number of children can change per product, needs to be dynamic // count number of dependants in HTML var $dependLength = $("div.dependant").length; // add class maxAdd to grey out Button // create maximum dependants message and display, will not be created if JS turned off $(msgElement) .addClass("maxAdd") .after($('<p>') .addClass("maxMsg") .append("The selected web policy does not offer cover for more than " + $dependLength + " children, please contact our customer advisers if you wish discuss alternative policies available.")); } There is a hyperlink with a click event attached like so: $("a.add").click(function(){ // Show the next hidden table on clicking add child button $(this).closest('form').find('div.dependant:hidden:first').show(); // Get the number of hidden tables var $hiddenChildren = $('div.dependant:hidden').length; if ($hiddenChildren == 0) { // save visible state of system message $.cookies.set('cpqbMaxDependantMsg', 'visible'); // show system message that you can't add anymore dependants than what is on page maxDependMsg("a.add"); $(this).unbind("click"); } // set a cookie for the visible state of all child tables $('div.dependant').each(function(){ var $childCount = $(this).index('div.dependant'); if ($(this).is(':visible')) { $.cookies.set('cpqbTableStatus' + $childCount, 'visible'); } else { $.cookies.set('cpqbTableStatus' + $childCount, 'hidden'); } }); return false; }); All of the cookies code is for state saving when users are going back and forward through the process.

    Read the article

  • Python requests - saving cookie for later url usage

    - by PythonRocks
    I been trying to get a cookie and post it to a url in later use in the program, but I cant seem to get the cookie parameters to work. Right now I have response = requests.get("url") But how exactly do I retrive cookies from this url and post them to a new url (the same cookies). The tutorial in requests is somewhat vague on the topic and gives examples I cannot test. Hope someone can help with further examples. This is python 2.7 btw.

    Read the article

  • jQuery RadioButton index

    - by Tomas
    Hello How to get checked RadioButton Index using jQuery? I need to read it and save to cookies to load status later using code $('input[name="compression"]')[{Reading from cookies code}].checked = true; 1<input name="compression" type="radio" value="1" checked="checked" /> 2<input name="compression" type="radio" value="2" /> 3<input name="compression" type="radio" value="3" /> Regards Tomas

    Read the article

  • getting vbulletin captcha image with curl

    - by ermac2014
    hi I need to download Vbulletin captcha images on my HDD "from vbulletin register page" using curl and PHP. I really need to get samples of captcha images from several VBulletin boards. I'm collecting these samples for research purposes. anyway, here is what I done with curl till now. 1- download register.php page. 2- parse the downloaded page to get captcha image url. 3- download that image. now I have done step 1 and 2 correctly. but in step 3 when I try to download the captcha image I don't get the captcha. I just get either a very tiny blank gif picture. or I get a png picture with vbulletin word on it. I really don't know what i'm doing wrong. I tried to output the html and push it to the browser the image shows correctly. but thats not what I want. I want to download the image and save it on my HDD. here are some codes I've been working on: //get contents with curl function get_content($url) { $theString = parse_url($url); $cookieName = $theString['host']; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url."register.php"); curl_setopt($ch, CURLOPT_REFERER, $url."register.php"); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)'); curl_setopt($ch, CURLOPT_COOKIEJAR, "cookies/cookie.txt"); //saved cookies curl_setopt($ch, CURLOPT_COOKIEFILE, "cookies/cookie.txt"); //saved cookies curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); $string = curl_exec ($ch); //print_r(curl_getinfo($ch)); curl_close ($ch); return $string; } //vbulletin main page $url = 'http://blavbulletin.com/'; //get the page $results = get_content($url); if (preg_match_all('/<img[^>]*id\=\"imagereg\"[^>]*src\=\"([^\"]*)\"[^>]*>/s', $results , $captchaimages)) { $captcha = $captchaimages[1][0]; echo "<img src='$url"."$captcha'>"; //when echoed the pic shows correctly //now get the pic $file = get_content("$url"."$captcha"); //save the pic on HDD file_put_contents("captcha.jpg", $file); } any help would be appreciated.. regards,

    Read the article

  • Way to get logged in user in Expression Engine?

    - by Andrew G. Johnson
    Hi all, I am using Expression Engine in part of a site I am developing and other parts are just using my own PHP. My question is how can I tell who the user is logged in as on a non-EE page? I have access to the EE cookies and the EE database but couldn't find a way to use these values to figure out who the user is. I have a list of all the cookie keys/values at: http://andrewgjohnson.com/cookies.html

    Read the article

  • What are the weaknesses of this user authentication method?

    - by byronh
    I'm developing my own PHP framework. It seems all the security articles I have read use vastly different methods for user authentication than I do so I could use some help in finding security holes. Some information that might be useful before I start. I use mod_rewrite for my MVC url's. Passwords are sha1 and md5 encrypted with 24 character salt unique to each user. mysql_real_escape_string and/or variable typecasting on everything going in, and htmlspecialchars on everything coming out. Step-by step process: Top of every page: session_start(); session_regenerate_id(); If user logs in via login form, generate new random token to put in user's MySQL row. Hash is generated based on user's salt (from when they first registered) and the new token. Store the hash and plaintext username in session variables, and duplicate in cookies if 'Remember me' is checked. On every page, check for cookies. If cookies set, copy their values into session variables. Then compare $_SESSION['name'] and $_SESSION['hash'] against MySQL database. Destroy all cookies and session variables if they don't match so they have to log in again. If login is valid, some of the user's information from the MySQL database is stored in an array for easy access. So far, I've assumed that this array is clean so when limiting user access I refer to user.rank and deny access if it's below what's required for that page. I've tried to test all the common attacks like XSS and CSRF, but maybe I'm just not good enough at hacking my own site! My system seems way too simple for it to actually be secure (the security code is only 100 lines long). What am I missing? I've also spent alot of time searching for the vulnerabilities with mysql_real_escape string but I haven't found any information that is up-to-date (everything is from several years ago at least and has apparently been fixed). All I know is that the problem was something to do with encoding. If that problem still exists today, how can I avoid it? Any help will be much appreciated.

    Read the article

  • Is this a legitimate implementation of a 'remember me' function for my web app?

    - by user246114
    Hi, I'm trying to add a "remember me" feature to my web app to let a user stay logged in between browser restarts. I think I got the bulk of it. I'm using google app engine for the backend which lets me use java servlets. Here is some pseudo-code to demo: public class MyServlet { public void handleRequest() { if (getThreadLocalRequest().getSession().getAttribute("user") != null) { // User already has session running for them. } else { // No session, but check if they chose 'remember me' during // their initial login, if so we can have them 'auto log in' // now. Cookie[] cookies = getThreadLocalRequest().getCookies(); if (cookies.find("rememberMePlz").exists()) { // The value of this cookie is the cookie id, which is a // unique string that is in no way based upon the user's // name/email/id, and is hard to randomly generate. String cookieid = cookies.find("rememberMePlz").value(); // Get the user object associated with this cookie id from // the data store, would probably be a two-step process like: // // select * from cookies where cookieid = 'cookieid'; // select * from users where userid = 'userid fetched from above select'; User user = DataStore.getUserByCookieId(cookieid); if (user != null) { // Start session for them. getThreadLocalRequest().getSession() .setAttribute("user", user); } else { // Either couldn't find a matching cookie with the // supplied id, or maybe we expired the cookie on // our side or blocked it. } } } } } // On first login, if user wanted us to remember them, we'd generate // an instance of this object for them in the data store. We send the // cookieid value down to the client and they persist it on their side // in the "rememberMePlz" cookie. public class CookieLong { private String mCookieId; private String mUserId; private long mExpirationDate; } Alright, this all makes sense. The only frightening thing is what happens if someone finds out the value of the cookie? A malicious individual could set that cookie in their browser and access my site, and essentially be logged in as the user associated with it! On the same note, I guess this is why the cookie ids must be difficult to randomly generate, because a malicious user doesn't have to steal someone's cookie - they could just randomly assign cookie values and start logging in as whichever user happens to be associated with that cookie, if any, right? Scary stuff, I feel like I should at least include the username in the client cookie such that when it presents itself to the server, I won't auto-login unless the username+cookieid match in the DataStore. Any comments would be great, I'm new to this and trying to figure out a best practice. I'm not writing a site which contains any sensitive personal information, but I'd like to minimize any potential for abuse all the same, Thanks

    Read the article

  • How to create profiles for guests?

    - by Anant
    I'm making a site, and will be allowing guests to vote/comment. How should I go about storing the user info? I wouldn't like the info to be cleared if someone deletes the cookie (SO handles guest users via cookies I guess). If someone clears cookies and changes the ip at once, then only should the guest user info should be lost. Should I use sessions in php for this?

    Read the article

  • Javascript reference external script file - security implications

    - by rkrauter
    Hi, If I have a reference to an external third party JavaScript file on my website, what are the security implications? Can the JavaScript file be used to steal cookies? One example of this is the Google Analytics JavaScript reference file. Could the third party technically steal cookies or any other sensitive information from my logged on users (XSS)? The whole cross domain scripting has me confused sometimes. Thanks!

    Read the article

  • ASP.NET MVC 4/Web API Single Page App for Mobile Devices ... Needs Authentication

    - by lmttag
    We have developed an ASP.NET MVC 4/Web API single page, mobile website (also using jQuery Mobile) that is intended to be accessed only from mobile devices (e.g., iPads, iPhones, Android tables and phones, etc.), not desktop browsers. This mobile website will be hosted internally, like an intranet site. However, since we’re accessing it from mobile devices, we can’t use Windows authentication. We still need to know which user (and their role) is logging in to the mobile website app. We tried simply using ASP.NET’s forms authentication and membership provider, but couldn’t get it working exactly the way we wanted. What we need is for the user to be prompted for a user name and password only on the first time they access the site on their mobile device. After they enter a correct user name and password and have been authenticated once, each subsequent time they access the site they should just go right in. They shouldn’t have to re-enter their credentials (i.e., something needs to be saved locally to each device to identify the user after the first time). This is where we had troubles. Everything worked as expected the first time. That is, the user was prompted to enter a user name and password, and, after doing that, was authenticated and allowed into the site. The problem is every time after the browser was closed on the mobile device, the device and user were not know and the user had to re-enter user name and password. We tried lots of things too. We tried setting persistent cookies in JavaScript. No good. The cookies weren’t there to be read the second time. We tried manually setting persistent cookies from ASP.NET. No good. We, of course, used FormsAuthentication.SetAuthCookie(model.UserName, true); as part of the form authentication framework. No good. We tried using HTML5 local storage. No good. No matter what we tried, if the user was on a mobile device, they would have to log in every single time. (Note: we’ve tried on an iPad and iPhone running both iOS 5.1 and 6.0, with Safari configure to allow cookies, and we’ve tried on Android 2.3.4.) Is there some trick to getting a scenario like this working? Or, do we have to write some sort of custom authentication mechanism? If so, how? And, what? Or, should we use something like claims-based authentication and WIF? Or??? Any help is appreciated. Thanks!

    Read the article

  • what is the best way to track unique visitors?

    - by dnkira
    hello what i want is to make user counter as true as possible. exluding bots, and clever users as much as possible. as 4 what i know, it can be done in several ways: ip (trouble with dinamic ones and proxy's) cookies (with session id maybe, but can be deleted or browser can be changed) flash cookies (not all users have it) any other ways? and what is the best?

    Read the article

  • Oracle Cloud Applications: The Right Ingredients Baked In

    - by yaldahhakim
    v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} Normal 0 false false false false EN-US X-NONE X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin;} Oracle Cloud Applications: The Right Ingredients Baked In Eggs, flour, milk, and sugar. The magic happens when you mix these ingredients together. The same goes for the hottest technologies fast changing how IT impacts our organizations today: cloud, social, mobile, and big data. By themselves they’re pretty good; combining them with a great recipe is what unlocks real transformation power. Choosing the right cloud can be very similar to choosing the right cake. First consider comparing the core ingredients that go into baking a cake and the core design principles in building a cloud-based application. For instance, if flour is the base ingredient of a cake, then rich functionality that spans complete business processes is the base of an enterprise-grade cloud. Cloud computing is more than just consuming an "application as service", and having someone else manage it for you. Rather, the value of cloud is about making your business more agile in the marketplace, and shortening the time it takes to deliver and adopt new innovation. It’s also about improving not only the efficiency at which we communicate but the actual quality of the information shared as well. Data from different systems, like ingredients in a cake, must also be blended together effectively and evaluated through a consolidated lens. When this doesn’t happen, for instance when data in your sales cloud doesn't seamlessly connect with your order management and other “back office” applications, the speed and quality of information can decrease drastically. It’s like mixing ingredients in a strainer with a straw – you just can’t bring it all together without losing something. Mixing ingredients is similar to bringing clouds together, and co-existing cloud applications with traditional on premise applications. This is where a shared services  platform built on open standards and Service Oriented Architecture (SOA) is critical. It’s essentially a cloud recipe that calls for not only great ingredients, but also ingredients you can get locally or most likely already have in your kitchen (or IT shop.) Open standards is the best way to deliver a cost effective, durable application integration strategy – regardless of where your apps are deployed. It’s also the best way to build your own cloud applications, or extend the ones you consume from a third party. Just like using standard ingredients and tools you already have in your kitchen, a standards based cloud enables your IT resources to ensure a cloud works easily with other systems. Your IT staff can also make changes using tools they are already familiar with. Or even more ideal, enable business users to actually tailor their experience without having to call upon IT for help at all. This frees IT resources to focus more on developing new innovative services for the organization vs. run and maintain. Carrying the cake analogy forward, you need to add all the ingredients in before you bake it. The same is true with a modern cloud. To harness the full power of cloud, you can’t leave out some of the most important ingredients and just layer them on top later. This is what a lot of our niche competitors have done when it comes to social, mobile, big data and analytics, and other key technologies impacting the way we do business. The transformational power of these technology trends comes from having a strategy from the get-go that combines them into a winning recipe, and delivers them in a unified way. In looking at ways Oracle’s cloud is different from other clouds – not only is breadth of functionality rich across functional pillars like CRM, HCM, ERP, etc. but it embeds social, mobile, and rich intelligence capabilities where they make the most sense across business processes. This strategy enables the Oracle Cloud to uniquely deliver on all three of these dimensions to help our customers unlock the full power of these transformational technologies.

    Read the article

  • Are there any security vulnerabilities in this PHP code?

    - by skorned
    Hi. I just got a site to manage, but am not too sure about the code the previous guy wrote. I'm pasting the login procedure below, could you have a look and tell me if there are any security vulnerabilities? At first glance, it seems like one could get in through SQL injection or manipulating cookies and the ?m= parameter. define ( 'CURRENT_TIME', time ()); / / Current time. define ( 'ONLINE_TIME_MIN', (CURRENT_TIME - BOTNET_TIMEOUT)); / / Minimum time for the status of "Online". define ( 'DEFAULT_LANGUAGE', 'en'); / / Default language. define ( 'THEME_PATH', 'theme'); / / folder for the theme. / / HTTP requests. define ( 'QUERY_SCRIPT', basename ($ _SERVER [ 'PHP_SELF'])); define ( 'QUERY_SCRIPT_HTML', QUERY_SCRIPT); define ( 'QUERY_VAR_MODULE', 'm'); / / variable contains the current module. define ( 'QUERY_STRING_BLANK', QUERY_SCRIPT. '? m ='); / / An empty query string. define ( 'QUERY_STRING_BLANK_HTML', QUERY_SCRIPT_HTML. '? m ='); / / Empty query string in HTML. define ( 'CP_HTTP_ROOT', str_replace ( '\ \', '/', (! empty ($ _SERVER [ 'SCRIPT_NAME'])? dirname ($ _SERVER [ 'SCRIPT_NAME']):'/'))); / / root of CP. / / The session cookie. define ( 'COOKIE_USER', 'p'); / / Username in the cookies. define ( 'COOKIE_PASS', 'u'); / / user password in the cookies. define ( 'COOKIE_LIVETIME', CURRENT_TIME + 2592000) / / Lifetime cookies. define ( 'COOKIE_SESSION', 'ref'); / / variable to store the session. define ( 'SESSION_LIVETIME', CURRENT_TIME + 1300) / / Lifetime of the session. ////////////////////////////////////////////////// ///////////////////////////// / / Initialize. ////////////////////////////////////////////////// ///////////////////////////// / / Connect to the database. if (! ConnectToDB ()) die (mysql_error_ex ()); / / Connecting topic. require_once (THEME_PATH. '/ index.php'); / / Manage login. if (! empty ($ _GET [QUERY_VAR_MODULE])) ( / / Login form. if (strcmp ($ _GET [QUERY_VAR_MODULE], 'login') === 0) ( UnlockSessionAndDestroyAllCokies (); if (isset ($ _POST [ 'user']) & & isset ($ _POST [ 'pass'])) ( $ user = $ _POST [ 'user']; $ pass = md5 ($ _POST [ 'pass']); / / Check login. if (@ mysql_query ( "SELECT id FROM cp_users WHERE name = '". addslashes ($ user). "' AND pass = '". addslashes ($ pass). "' AND flag_enabled = '1 'LIMIT 1") & & @ mysql_affected_rows () == 1) ( if (isset ($ _POST [ 'remember']) & & $ _POST [ 'remember'] == 1) ( setcookie (COOKIE_USER, md5 ($ user), COOKIE_LIVETIME, CP_HTTP_ROOT); setcookie (COOKIE_PASS, $ pass, COOKIE_LIVETIME, CP_HTTP_ROOT); ) LockSession (); $ _SESSION [ 'Name'] = $ user; $ _SESSION [ 'Pass'] = $ pass; / / UnlockSession (); header ( 'Location:'. QUERY_STRING_BLANK. 'home'); ) else ShowLoginForm (true); die (); ) ShowLoginForm (false); die (); ) / / Output if (strcmp ($ _GET [ 'm'], 'logout') === 0) ( UnlockSessionAndDestroyAllCokies (); header ( 'Location:'. QUERY_STRING_BLANK. 'login'); die (); ) ) ////////////////////////////////////////////////// ///////////////////////////// / / Check the login data. ////////////////////////////////////////////////// ///////////////////////////// $ logined = 0, / / flag means, we zalogininy. / / Log in session. LockSession (); if (! empty ($ _SESSION [ 'name']) & &! empty ($ _SESSION [ 'pass'])) ( if (($ r = @ mysql_query ( "SELECT * FROM cp_users WHERE name = '". addslashes ($ _SESSION [' name'])."' AND pass = ' ". addslashes ($ _SESSION [' pass']). " 'AND flag_enabled = '1' LIMIT 1 ")))$ logined = @ mysql_affected_rows (); ) / / Login through cookies. if ($ logined! == 1 & &! empty ($ _COOKIE [COOKIE_USER]) & &! empty ($ _COOKIE [COOKIE_PASS])) ( if (($ r = @ mysql_query ( "SELECT * FROM cp_users WHERE MD5 (name )='". addslashes ($ _COOKIE [COOKIE_USER ])."' AND pass = '". addslashes ($ _COOKIE [COOKIE_PASS]). " 'AND flag_enabled = '1' LIMIT 1 ")))$ logined = @ mysql_affected_rows (); ) / / Unable to login. if ($ logined! == 1) ( UnlockSessionAndDestroyAllCokies (); header ( 'Location:'. QUERY_STRING_BLANK. 'login'); die (); ) / / Get the user data. $ _USER_DATA = @ Mysql_fetch_assoc ($ r); if ($ _USER_DATA === false) die (mysql_error_ex ()); $ _SESSION [ 'Name'] = $ _USER_DATA [ 'name']; $ _SESSION [ 'Pass'] = $ _USER_DATA [ 'pass']; / / Connecting language. if (@ strlen ($ _USER_DATA [ 'language'])! = 2 | |! SafePath ($ _USER_DATA [ 'language']) | |! file_exists ( 'system / lng .'.$_ USER_DATA [' language '].' . php'))$_ USER_DATA [ 'language'] = DEFAULT_LANGUAGE; require_once ( 'system / lng .'.$_ USER_DATA [' language'].'. php '); UnlockSession ();

    Read the article

  • How would I instruct extconf.rb to use additional g++ optimization flags, and which are advisable?

    - by mohawkjohn
    I'm using Rice to write a C++ extension for a Ruby gem. The extension is in the form of a shared object (.so) file. This requires 'mkmf-rice' instead of 'mkmf', but the two (AFAIK) are pretty similar. By default, the compiler uses the flags -g -O2. Personally, I find this kind of silly, since it's hard to debug with any optimization enabled. I've resorted to editing the Makefile to take out the flags I don't like (e.g., removing -fPIC -shared when I need to debug using main() instead of Ruby's hooks). But I figure there's got to be a better way. I know I can just do $CPPFLAGS += " -DRICE" to add additional flags. But how do I remove things without editing the Makefile directly? A secondary question: what optimizations are safe for shared objects loaded by Ruby? Can I do things like -funroll-loops? What do you all recommend? It's a scientific computing project, so the faster the better. Memory is not much of an issue. Many thanks!

    Read the article

  • Replacing ASP.NET Forms Authentication with WIF Session Authentication (for the better)

    - by Your DisplayName here!
    ASP.NET Forms Authentication and WIF Session Authentication (which has *nothing* to do with ASP.NET sessions) are very similar. Both inspect incoming requests for a special cookie that contains identity information, if that cookie is present it gets validated and if that is successful, the identity information is made available to the application via HttpContext.User/Thread.CurrentPrincipal. The main difference between the two is the identity to cookie serialization engine that sits below. Whereas ForsmAuth can only store the name of the user and an additional UserData string. It is limited to a single cookie and hardcoded to protection via the machine key. WIF session authentication in turn has these additional features: Can serialize a complete ClaimsPrincipal (including claims) to the cookie(s). Has a cookie overflow mechanism when data gets too big. In total it can create up to 8 cookies (á 4 KB) per domain (not that I would recommend round tripping that much data). Supports server side caching (which is an extensible mechanism). Has an extensible mechanism for protection (DPAPI by default, RSA as an option for web farms, and machine key based protection is coming in .NET 4.5) So in other words – session authentication is the superior technology, and if done cleverly enough you can replace FormsAuth without any changes to your application code. The only features missing is the redirect mechanism to a login page and an easy to use API to set authentication cookies. But that’s easy to add ;) FormsSessionAuthenticationModule This module is a sub class of the standard WIF session module, adding the following features: Handling EndRequest to do the redirect on 401s to the login page configured for FormsAuth. Reads the FormsAuth cookie name, cookie domain, timeout and require SSL settings to configure the module accordingly. Implements sliding expiration if configured for FormsAuth. It also uses the same algorithm as FormsAuth to calculate when the cookie needs renewal. Implements caching of the principal on the server side (aka session mode) if configured in an AppSetting. Supports claims transformation via a ClaimsAuthenticationManager. As you can see, the whole module is designed to easily replace the FormsAuth mechanism. Simply set the authentication mode to None and register the module. In the spirit of the FormsAuthentication class, there is also now a SessionAuthentication class with the same methods and signatures (e.g. SetAuthCookie and SignOut). The rest of your application code should not be affected. In addition the session module looks for a HttpContext item called “NoRedirect”. If that exists, the redirect to the login page will *not* happen, instead the 401 is passed back to the client. Very useful if you are implementing services or web APIs where you want the actual status code to be preserved. A corresponding UnauthorizedResult is provided that gives you easy access to the context item. The download contains a sample app, the module and an inspector for session cookies and tokens. Let’s hope that in .NET 4.5 such a module comes out of the box. HTH

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >