Search Results

Search found 94172 results on 3767 pages for 'user password'.

Page 30/3767 | < Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >

• What's better in terms of user experience - providing an email address or a link to my projects github account?

  - by Oliver Weiler

  What's better in terms of user experience? Provide the user an email account where he can report bugs, or a link to the projects github issues page (which requires a github account but may be easier to submit bugs to)? EDIT The application is a Bash script hosted on github. The GNU Coding Standards suggests using an email address, which may or may not an appropriate solution. Target audience is the CLI power user.

  Read the article

• Accessing two sides of a user-user relationship in rails

  - by Lowgain

  Basically, I have a users model in my rails app, and a fanship model, to facilitate the ability for users to become 'fans' of each other. In my user model, I have: has_many :fanships has_many :fanofs, :through => :fanships In my fanship model, I have: belongs_to :user belongs_to :fanof, :class_name => "User", :foreign_key => "fanof_id" My fanship table basically consists of :id, :user_id and :fanof_id. This all works fine, and I can see what users a specific user is a fan of like: <% @user.fanofs.each do |fan| %> #things <% end %> My question is, how can I get a list of the users that are a fan of this specific user? I'd like it if I could just have something like @user.fans, but if that isn't possible what is the most efficient way of going about this? Thanks!

  Read the article

• 1) PasswordResets emails user when requesting password reset

  - by Surge Pedroza

  I've been trying to add a password reset for users that forget their password. The users clicks on forgot password? on sign up page. Then the user types their email and clicks reset password, which creates a token and sends an email with a link to reset their password. For the most part, it was working well, and then it suddenly stopped working. When a user clicks password reset, it brings up the error message: Password cant be blank, password is too short(6 min) Ran into this error in video 275 How I Test. on 11:20 Failure/Error: click_button "Reset Password" ActiveRecord::RecordInvalid: Validation failed: Password can't be blank, Password is too short (minimum is 6 characters), Password confirmation can't be blank # ./app/models/user.rb:30:in send_password_reset' # ./app/controllers/password_resets_controller.rb:7:increate' # (eval):2:in click_button' # ./spec/requests/password_resets_spec.rb:9:inblock (2 levels) in ' Finished in 13.66 seconds 95 examples, 1 failure This is some of the code being used. user.rb # == Schema Information # # Table name: users # # id :integer not null, primary key # name :string(255) # email :string(255) # created_at :datetime not null # updated_at :datetime not null # class User < ActiveRecord::Base attr_accessible :name, :email, :password, :password_confirmation has_secure_password before_save { |user| user.email = email.downcase } before_save :create_remember_token validates :name, presence: true, length: { maximum: 50 } VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: { case_sensitive: false } validates :password, presence: true, length: { minimum: 6 } validates :password_confirmation, presence: true def send_password_reset generate_token(:password_reset_token) self.password_reset_sent_at = Time.zone.now save! UserMailer.password_reset(self).deliver end def generate_token(column) begin self[column] = SecureRandom.urlsafe_base64 end while User.exists?(column => self[column]) end def self.search(search) if search find(:all, :conditions => ['name LIKE ?', "%#{search}%"]) else find(:all) end end private def create_remember_token self.remember_token = SecureRandom.urlsafe_base64 end end password_resets_controller.rb class PasswordResetsController < ApplicationController def new end def create user = User.find_by_email(params[:email]) user.send_password_reset redirect_to root_url, :notice => "Email sent with password reset instructions." end def edit @user = User.find_by_password_reset_token!(params[:id]) end end new.html.erb <h1>Reset Password</h1> <%= form_tag password_resets_path, :method => :post do %> <div class="field"> <%= label_tag :email %> <%= text_field_tag :email, params[:email] %> </div> <div class="actions"><%= submit_tag "Reset Password" %></div> <% end %>

  Read the article

• Giving a normal user and Mysql access to a common directory

  - by James R

  We need a common directory where Mysql can do a SELECT INTO OUTFILE and then the file can be picked up by a virtual server user in /home/theuser and worked on. I can perform the SELECT INTO OUTFILE into the /tmp/ dir but theuser does not have access here. Would it be ok to grant the user access to tmp or is that bad practice? The other option I looked at was creating a group 'theusermysql' containing the mysql user and theuser. I set the group on the tree /home/theuser/thedumpfolder and gave write permissions on thedumpfolder, but for some reason mysql still complains that it cannot write here. I'm completely stumped! What would be the best practice way to have a common folder for these two users?

  Read the article

• Enterprise user management

  - by Eduardo

  I am looking for an enterprise user management system that meets these requirements: Delegated user administration: The group manager should be able to grant access to his supervised employees (without having to contact any administrator either to grant access or maybe create users). A group manager should be able to create other groups and restrict any permission he already has where he can add supervised employees. If a manager removes access to a supervised group, then all the subgroups will also lose access. Web based User Interface. LDAP interface to query users and groups (or may not exist at all if it is integrated in a single application). Do you know if there are any system that meet these requirements?

  Read the article

• Nginx access log shows authenticated user "admin"

  - by bearcat

  I came across a line in my Nginx access log: 218.201.121.99 - admin [12/Dec/2012:18:33:18 +0800] "GET /manager/html HTTP/1.1" 444 0 "-" "-" Let me stress that there is only 1 record with this IP. Notice the authenticated user admin. After some googling, I was able to find out only that this is authenticated user (http://wiki.nginx.org/HttpCoreModule#.24remote_user), which was authenticated by the Auth Basic Module (http://wiki.nginx.org/HttpAuthBasicModule). However, nowhere in my site (configuration) do I use HTTP basic authentication. What is going on? How did it get there? Was the user authenticated?

  Read the article

• Make a socket as a user but make it readable and writable by another

  - by user1598585

  I have a software that is run under user A, this software creates a socket in /sockets and the socket should be readable and writable by user B. I have tried setting the directory to have ownership A:A or A:B but when user A creates the socket, it ends up with uid A and gid A. Using ACLs has not helped so far, the default mask is preventing the rights to be effective. rw permisions for B will always turn into jusr r. If what I make is not a socket it will work fine. How can I best accomplish this task? (It is for a web-server where the web-application makes the socket and the web-server software forwards requests to it)

  Read the article

• WinXP password messed up after reset

  - by Mark Flint

  I changed my winXP logon password - but could not get in. Obviously I made the some mistake twice... caps lock or something but couldn't get the password. So I booted into safe mode, when into Users and changed the password. Now I when I restart I can get in at logon with my new password, but the standard screensaver - which used to be the same as my user logon - now is something different. I think it's still the previous one which I couldn't get right. Now when I go into Users (not in safe mode) and try and change the password I can't. It won't accept my new user logon which works fine when logging on. I think this too is still the previous one which I couldn't get right. How can I definitely reset the password so it works at logon, in the control panel/users, and the screensaver?

  Read the article

• Issue changing mysql password on Debian

  - by Sean

  I installed mysql on my Debian server. I couldn't get into the database because it kept saying I put in the wrong password so I looked on the internet and found that I could log onto mysql using the command sudo mysql --defaults-file=/etc/mysql/debian.cnf From there I went typed use mysql;then mysql> UPDATE user SET password=PASSWORD('password') WHERE user='root'; Which I know switched the password because I typed the command select Host, User, Password from user; And it showed the encrypted characters had changed for all three of the root user categories. But I am still not able to login to mysql using mysql -u root -p

  Read the article

• Make a socket as an user but make it readable and writable by another

  - by user1598585

  I have a software that is run under user A, this software creates a socket in /sockets and the socket should be readable and writable by user B. I have tried setting the directory to have ownership A:A or A:B but when user A creates the socket, it ends up with uid A and gid A. Using ACLs has not helped so far, the default mask is preventing the rights to be effective. rw permisions for B will always turn into jusr r. If what I make is not a socket it will work fine. How can I best accomplish this task? (It is for a web-server where the web-application makes the socket and the web-server software forwards requests to it)

  Read the article

• Logging on to server creates duplicate user profiles in Documents & Setting

  - by Tech

  Windows Server 2003. I am having a problem with the creation of new user profiles when logging in remotely to a terminal server. The new user profile gets added under Documents & Settings as username.domainname. Deleting the new profile does not allow the original profile to be reverted to. Went logging on to the server again, it creates another new user profile. Nothing was changed in the Active Directory or security settings. How do I get the original profile to be used?

  Read the article

• How can I restore the stored password in firefox 15.0.1 when deleted by error?

  - by Bob Legringe

  I, by error, deleted my stored passwords, using the "Wise disc cleaner 7" program. As I saw on another thread, the passwords are stored in 2 files signons.sqlite and the encryption key file key3.db When opening the file signons.sqlite with the text editor, I can see that the web adresses of the sites belonging to the passwords are still there. They have not been deleted by the "Wise disc cleaner 7" program, and adding a stored password on Firefox just modifies the file. However, Firefox will not display my old stored passwords and neither their respective sites. Is there any way to "undelete" the passwords?

  Read the article

• Windows domain login to temporary user

  - by amyassin

  We have a Windows domain with about 60 user accounts. Sometimes when a user logs in to his computer (already his account is created and has files there) windows logs him to a temporary user, displaying his name and everything, but without his files and data. This problem is rare and is solved simply by logging out and logging in. I noticed that it occurs at a close timings; they all happen at the same day if they did. My question is why does that happen? I want to trace the problem because it is so annoying when it happens, and I can't find a relative event that may be causing it: no server is down when it happens, no system maintenance or anything. We're running Windows Server 2003 R2 Standard, SP2 in the Domain Controller (and the same for the additional DC). The machines where this problem happened before are running Windows XP and Windows 7.

  Read the article

• How to run sudo command with no password?

  - by aychedee

  tl;dr: How does the ubuntu user on the AWS images for Ubuntu Server 12.04 have passwordless sudo for all commands when there is no configuration for it in `/etc/sudoers'? I'm using Ubuntu server 12.04 on Amazon. I want to add a new user that has the same behaviour as the default ubuntu user. Specifically I want passwordless sudo for this new user. So I've added a new user and went to edit /etc/sudoers (using visudo of course). From reading that file it seemed like the default ubuntu user was getting it's passwordless sudo from being a member of the admin group. So I added my new user to that. Which didn't work. Then I tried adding the NOPASSWD directive to sudoers. Which also didn't work. Anyway, now I'm just curious. How does the ubuntu user get passwordless privileges if they aren't defined in /etc/sudoers. What is the mechanism that allows this?

  Read the article

• Password protect user image album

  - by Poland Rocks

  Hi Im making i photo sharint site I want to give the ability for my users to prevent the public to acces their albums with a password. Then they can give the password to the ones they want to be able to see it. To password protect their albums. Im thinking something like this, cant test it on this computer, should work ok. but as im a php/mysql beginner i wanna hear what you experts think if theres a better way/approach Albums id name owner password (if it isnt null the album is considered password protected) The code $id = isset($_GET['albumID']) ? intval($_GET['albumID']) : 0; $result = mysql_query("SELECT * FROM albums WHERE id = $id"); $row = mysql_fetch_object($result); // IS it password protected? if ($row->password != NULL) { echo "This album is password protected."; // User pressed "Enter" if (!empty($_POST['password'])) { $result = mysql_query("SELECT password FROM albums WHERE password = '".mysql_real_escape_string($_POST['password'])."'"); // Was It right password? if (mysql_num_rows($result) == 1) { $authed=1; } echo << <form method="post"> <input type="text" name="password" /> EOT; exit; } else $authed=1; if $authed==1 { // render albumimages etc }

  Read the article

• NIS password mapping question

  - by papoyan

  I have NIS server with user "techsupport", which has uid/gid = 517 I've configured NIS and NFS on that server, as well as NFS/NIS client on the remote web server. Now I need to techsupport user to be able to login to web server using techsupport username, but HAVE root privileges. I need this, so I can easily track, which support agent doing what on the web server. Everything works fine, when from NIS server, I ssh to the web server with tech support user nisserver# ssh [email protected] I can authenticate against the NIS server just fine, and my home directory that is on NIS server, get's mounted on web server just fine. The Only two problems I have are : my GID on web server is webserver# id uid=517(techsupport) gid=517(client_jonny) groups=517(client_jonny) (as you can see, that it picked up gid of a client that exists on the web server, since it's same number) I need to make sure, that my "techsupport" user has ROOT privileges. How can I achieve this? I remember that I've seen identical results elsewhere, but LDAP was used, is there a way to achieve this with NIS/NFS setup? Thank you in advance,

  Read the article

• SQL SERVER – Importance of User Without Login

  - by pinaldave

  Some questions are very open ended and it is very hard to come up with exact requirements. Here is one question I was asked in recent User Group Meeting. Question: “In recent version of SQL Server we can create user without login. What is the use of it?” Great question indeed. Let me first attempt to answer this question but after reading my answer I need your help. I want you to help him as well with adding more value to it. Answer: Let us visualize a scenario. An application has lots of different operations and many of them are very sensitive operations. The common practice was to do give application specific role which has more permissions and access level. When a regular user login (not system admin), he/she might have very restrictive permissions. The application itself had a user name and password which means applications can directly login into the database and perform the operation. Developers were well aware of the username and password as it was embedded in the application. When developer leaves the organization or when the password was changed, the part of the application had to be changed where the same username and passwords were used. Additionally, developers were able to use the same username and password and login directly to the same application. In earlier version of SQL Server there were application roles. The same is later on replaced by “User without Login”. Now let us recreate the above scenario using this new “User without Login”. In this case, User will have to login using their own credentials into SQL Server. This means that the user who is logged in will have his/her own username and password. Once the login is done in SQL Server, the user will be able to use the application. Now the database should have another User without Login which has all the necessary permissions and rights to execute various operations. Now, Application will be able to execute the script by impersonating “user without login – with more permissions”. Here there is assumed that user login does not have enough permissions and another user (without login) there are more rights. If a user knows how the application is using the database and their various operations, he can switch the context to user without login making him enable for doing further modification. Make sure to explicitly DENY view definition permission on the database. This will make things further difficult for user as he will have to know exact details to get additional permissions. If a user is System Admin all the details which I just mentioned in above three paragraphs does not apply as admin always have access to everything. Additionally, the method describes above is just one of the architecture and if someone is attempting to damage the system, they will still be able to figure out a workaround. You will have to put further auditing and policy based management to prevent such incidents and accidents. I guess this is my answer. I read it multiple times but I still feel that I am missing something. There should be more to this concept than what I have just described. I have merely described one scenario but there will be many more scenarios where this situation will be useful. Now is your turn to help – please leave a comment with the additional suggestion where exactly “User without Login” will be useful as well did I miss anything when I described above scenario. Reference: Pinal Dave (http://blog.sqlauthority.com) Filed under: PostADay, SQL, SQL Authority, SQL Query, SQL Security, SQL Server, SQL Tips and Tricks, T SQL, Technology

  Read the article

• "Password Server: Stopped" on Mac OS Lion Server. Stops with error -1 during startup

  - by V1ru8

  Since I've restored the Open Directory from an archive because my Server crashed and the DB was corrupt. The password server does not start anymore. The log looks like this: Feb 14 2012 21:41:20 156746us Mac OS X Password Service version 376.1 (pid = 2438) was started at: Tue Feb 14 21:41:20 2012. Feb 14 2012 21:41:20 156801us RunAppThread Created Feb 14 2012 21:41:20 156852us RunAppThread Started Feb 14 2012 21:41:20 156879us Initializing Server Globals ... Feb 14 2012 21:41:20 163094us Initializing Networking ... Feb 14 2012 21:41:20 163196us Initializing TCP ... Feb 14 2012 21:41:20 191790us SASL is using realm "SERVER.HOME.POST-NET.CH" Feb 14 2012 21:41:20 191847us Starting Central Thread ... Feb 14 2012 21:41:20 191860us Starting other server processes ... Feb 14 2012 21:41:20 191873us StartCentralThreads: 1 threads to stop Feb 14 2012 21:41:20 191905us Initializing TCP ... Feb 14 2012 21:41:20 191954us Starting TCP/IP Listener on ethernet interface, port 106 Feb 14 2012 21:41:20 192012us Starting TCP/IP Listener on ethernet interface, port 3659 Feb 14 2012 21:41:20 192048us Starting TCP/IP Listener on interface lo0, port 106 Feb 14 2012 21:41:20 192082us Starting TCP/IP Listener on interface lo0, port 3659 Feb 14 2012 21:41:20 192117us StartCentralThreads: Created 4 TCP/IP Connection Listeners Feb 14 2012 21:41:20 192132us Starting UNIX domain socket listener /var/run/passwordserver Feb 14 2012 21:41:20 193034us CRunAppThread::StartUp: caught error -1. Feb 14 2012 21:41:20 193056us ** ERROR: The Server received an error during startup. See error log for details. Feb 14 2012 21:41:20 193075us RunAppThread::StartUp() returned: 4294967295 Feb 14 2012 21:41:20 193107us Stopping server processes ... Feb 14 2012 21:41:20 193119us Stopping Network Processes ... Feb 14 2012 21:41:20 193131us Deinitializing networking ... Feb 14 2012 21:41:20 193149us Server Processes Stopped ... Feb 14 2012 21:41:20 193165us RunAppThread Stopped Feb 14 2012 21:41:20 193202us Aborting Password Service. See error log. The error log repeats the following: Feb 14 2012 21:41:50 409022us Server received error -1 during startup. Feb 14 2012 21:41:50 409141us Aborting Password Service. Anyone an idea what's wrong here and how I can fix this?

  Read the article

• Searching for Windows User SID's in C#

  - by Ubiquitous Che

  Context Context first - issues I'm trying to resolve are below. One of our clients has asked as to quote how long it would take for us to improve one of our applications. This application currently provides basic user authentication in the form of username/password combinations. This client would like the ability for their employees to log-in using the details of whatever Windows User account is currently logged in at the time of running the application. It's not a deal-breaker if I tell them know - but the client might be willing to pay the costs of development to add this feature to the application. It's worth looking into. Based on my hunting around, it seems like storing the user login details against Domain\Username will be problematic if those details are changed. But Windows User SID's aren't supposed to change at all. I've got the impression that it would be best to record Windows Users by SID - feel free to relieve me of that if I'm wrong. I've been having a fiddle with some Windows API calls. From within C#, grabbing the current user's SID is easy enough. I can already take any user's SID and process it using LookupAccountSid to get username and domain for display purposes. For the interested, my code for this is at the end of this post. That's just the tip of the iceberg, however. The two issues below are completely outside my experience. Not only do I not know how to implement them - I don't even known how to find out how to implement them, or what the pitfalls are on various systems. Any help getting myself aimed in the right direction would be very much appreciated. Issue 1) Getting hold of the local user at runtime is meaningless if that user hasn't been granted access to the application. We will need to add a new section to our application's 'administrator console' for adding Windows Users (or groups) and assigning within-app permissions against those users. Something like an 'Add Windows User Login' button that will raise a pop-up window that will allow the user to search for available Windows User accounts on the network (not just the local machine) to be added to the list of available application logins. If there's already a component in .NET or Windows that I can shanghai into doing this for me, it would make me a very happy man. Issue 2) I also want to know how to take a given Windows User SID and check it against a given Windows User Group (probably taken from a database). I'm not sure how to get started with this one either, though I expect it to be easier than the issue above. For the Interested [STAThread] static void Main(string[] args) { MessageBox.Show(WindowsUserManager.GetAccountNameFromSID(WindowsIdentity.GetCurrent().User.Value)); MessageBox.Show(WindowsUserManager.GetAccountNameFromSID("S-1-5-21-57989841-842925246-1957994488-1003")); } public static class WindowsUserManager { public static string GetAccountNameFromSID(string SID) { try { StringBuilder name = new StringBuilder(); uint cchName = (uint)name.Capacity; StringBuilder referencedDomainName = new StringBuilder(); uint cchReferencedDomainName = (uint)referencedDomainName.Capacity; WindowsUserManager.SID_NAME_USE sidUse; int err = (int)ESystemError.ERROR_SUCCESS; if (!WindowsUserManager.LookupAccountSid(null, SID, name, ref cchName, referencedDomainName, ref cchReferencedDomainName, out sidUse)) { err = Marshal.GetLastWin32Error(); if (err == (int)ESystemError.ERROR_INSUFFICIENT_BUFFER) { name.EnsureCapacity((int)cchName); referencedDomainName.EnsureCapacity((int)cchReferencedDomainName); err = WindowsUserManager.LookupAccountSid(null, SID, name, ref cchName, referencedDomainName, ref cchReferencedDomainName, out sidUse) ? (int)ESystemError.ERROR_SUCCESS : Marshal.GetLastWin32Error(); } } if (err != (int)ESystemError.ERROR_SUCCESS) throw new ApplicationException(String.Format("Could not retrieve acount name from SID. {0}", SystemExceptionManager.GetDescription(err))); return String.Format(@"{0}\{1}", referencedDomainName.ToString(), name.ToString()); } catch (Exception ex) { if (ex is ApplicationException) throw ex; throw new ApplicationException("Could not retrieve acount name from SID", ex); } } private enum SID_NAME_USE { SidTypeUser = 1, SidTypeGroup, SidTypeDomain, SidTypeAlias, SidTypeWellKnownGroup, SidTypeDeletedAccount, SidTypeInvalid, SidTypeUnknown, SidTypeComputer } [DllImport("advapi32.dll", EntryPoint = "GetLengthSid", CharSet = CharSet.Auto)] private static extern int GetLengthSid(IntPtr pSID); [DllImport("advapi32.dll", SetLastError = true)] private static extern bool ConvertStringSidToSid( string StringSid, out IntPtr ptrSid); [DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)] private static extern bool LookupAccountSid( string lpSystemName, [MarshalAs(UnmanagedType.LPArray)] byte[] Sid, StringBuilder lpName, ref uint cchName, StringBuilder ReferencedDomainName, ref uint cchReferencedDomainName, out SID_NAME_USE peUse); private static bool LookupAccountSid( string lpSystemName, string stringSid, StringBuilder lpName, ref uint cchName, StringBuilder ReferencedDomainName, ref uint cchReferencedDomainName, out SID_NAME_USE peUse) { byte[] SID = null; IntPtr SID_ptr = IntPtr.Zero; try { WindowsUserManager.ConvertStringSidToSid(stringSid, out SID_ptr); int err = SID_ptr == IntPtr.Zero ? Marshal.GetLastWin32Error() : (int)ESystemError.ERROR_SUCCESS; if (SID_ptr == IntPtr.Zero || err != (int)ESystemError.ERROR_SUCCESS) throw new ApplicationException(String.Format("'{0}' could not be converted to a SID byte array. {1}", stringSid, SystemExceptionManager.GetDescription(err))); int size = (int)GetLengthSid(SID_ptr); SID = new byte[size]; Marshal.Copy(SID_ptr, SID, 0, size); } catch (Exception ex) { if (ex is ApplicationException) throw ex; throw new ApplicationException(String.Format("'{0}' could not be converted to a SID byte array. {1}.", stringSid, ex.Message), ex); } finally { // Always want to release the SID_ptr (if it exists) to avoid memory leaks. if (SID_ptr != IntPtr.Zero) Marshal.FreeHGlobal(SID_ptr); } return WindowsUserManager.LookupAccountSid(lpSystemName, SID, lpName, ref cchName, ReferencedDomainName, ref cchReferencedDomainName, out peUse); } }

  Read the article

• Rails User-Profile model challenges

  - by Craig

  I am attempting to create an enrollment process similar to SO's: route to an OpenID provider provider returns the user's information to the UsersController (a guess) UsersController creates user, then routes to the ProfilesController's new or edit action. For now, I'm simply trying to create the user, then route to the ProfilesController's new or edit action (not sure which I should be using). Here's what I have thus far: Models: class User < ActiveRecord::Base has_one :profile end class Profile < ActiveRecord::Base belongs_to :user end Routes: map.resources :users do |user| user.resource :profile end new_user_profile GET /users/:user_id/profile/new(.:format) {:controller=>"profiles", :action=>"new"} edit_user_profile GET /users/:user_id/profile/edit(.:format) {:controller=>"profiles", :action=>"edit"} user_profile GET /users/:user_id/profile(.:format) {:controller=>"profiles", :action=>"show"} PUT /users/:user_id/profile(.:format) {:controller=>"profiles", :action=>"update"} DELETE /users/:user_id/profile(.:format) {:controller=>"profiles", :action=>"destroy"} POST /users/:user_id/profile(.:format) {:controller=>"profiles", :action=>"create"} users GET /users(.:format) {:controller=>"users", :action=>"index"} POST /users(.:format) {:controller=>"users", :action=>"create"} new_user GET /users/new(.:format) {:controller=>"users", :action=>"new"} edit_user GET /users/:id/edit(.:format) {:controller=>"users", :action=>"edit"} user GET /users/:id(.:format) {:controller=>"users", :action=>"show"} PUT /users/:id(.:format) {:controller=>"users", :action=>"update"} DELETE /users/:id(.:format) {:controller=>"users", :action=>"destroy"} Controllers: class UsersController < ApplicationController # generate new-user form def new @user = User.new end # process new-user-form post def create @user = User.new(params[:user]) if @user.save redirect_to new_user_profile_path(@user) ... end end # generate edit-user form def edit @user = User.find(params[:id]) end # process edit-user-form post def update @user = User.find(params[:id]) respond_to do |format| if @user.update_attributes(params[:user]) flash[:notice] = 'User was successfully updated.' format.html { redirect_to(users_path) } format.xml { head :ok } ... end end end class ProfilesController < ApplicationController before_filter :get_user def get_user @user = User.find(params[:user_id]) end # generate new-profile form def new @user.profile = Profile.new @profile = @user.profile end # process new-profile-form post def create @user.profile = Profile.new(params[:profile]) @profile = @user.profile respond_to do |format| if @profile.save flash[:notice] = 'Profile was successfully created.' format.html { redirect_to(@profile) } format.xml { render :xml => @profile, :status => :created, :location => @profile } ... end end end # generate edit-profile form def edit @profile = @user.profile end # generate edit-profile-form post def update @profile = @user.profile respond_to do |format| if @profile.update_attributes(params[:profile]) flash[:notice] = 'Profile was successfully updated.' # format.html { redirect_to(@profile) } format.html { redirect_to(user_profile(@user)) } format.xml { head :ok } else format.html { render :action => "edit" } format.xml { render :xml => @profile.errors, :status => :unprocessable_entity } end end end Edit-User View: ... <% form_for(@user) do |f| %> ... New-Profile View: ... <% form_for([@user,@profile]) do |f| %> .. I'm having two problems: When saving an edit to the User model, the UsersController attempts to route to http://localhost:3000/users/1/profile.%23%3Cprofile:0x10438e3e8%3E, instead of http://localhost:3000/users/1/profile When the new-profile form is being rendered, it throws an error that reads: undefined method `user_profiles_path' for # Is it better to create a blank profile when the user is created (in the UsersController), then edit it OR follow the rest-ful convention of creating the profile in the ProfilesController (as I have done)? What am I missing? I did review Associating Two Models in Rails (user and profile), but it didn't address my needs. Thanks for your time.

  Read the article

• Password Cracking Windows Accounts

  - by Kevin

  At work we have laptops with encrypted harddrives. Most developers here (on occasion I have been guilty of it too) leave their laptops in hibernate mode when they take them home at night. Obviously, Windows (i.e. there is a program running in the background which does it for windows) must have a method to unencrypt the data on the drive, or it wouldn't be able to access it. That being said, I always thought that leaving a windows machine on in hibernate mode in a non-secure place (not at work on a lock) is a security threat, because someone could take the machine, leave it running, hack the windows accounts and use it to encrypt the data and steal the information. When I got to thinking about how I would go about breaking into the windows system without restarting it, I couldn't figure out if it was possible. I know it is possible to write a program to crack windows passwords once you have access to the appropriate file(s). But is it possible to execute a program from a locked Windows system that would do this? I don't know of a way to do it, but I am not a Windows expert. If so, is there a way to prevent it? I don't want to expose security vulnerabilities about how to do it, so I would ask that someone wouldn't post the necessary steps in details, but if someone could say something like "Yes, it's possible the USB drive allows arbitrary execution," that would be great! EDIT: The idea being with the encryption is that you can't reboot the system, because once you do, the disk encryption on the system requires a login before being able to start windows. With the machine being in hibernate, the system owner has already bypassed the encryption for the attacker, leaving windows as the only line of defense to protect the data.

  Read the article

• Interpretation of empty User-agent

  - by Amit Agrawal

  How should I interpret a empty User-agent? I have some custom analytics code and that code has to analyze only human traffic. I have got a working list of User-agents denoting human traffic, and bot traffic, but the empty User-agent is proving to be problematic. And I am getting lots of traffic with empty user agent - 10%. Additionally - I have crafted the human traffic versus bot traffic user agent list by analyzing my current logs. As such I might be missing a lot of entries in there. Is there a well maintained list of user agents denoting bot traffic, OR the inverse a list of user agents denoting human traffic?

  Read the article

• php regex for strong password validation

  - by Jason

  Hello, I've seen around the web the following regex (?=^.{8,}$)((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$ which validates only if the string: * contain at least (1) upper case letter * contain at least (1) lower case letter * contain at least (1) number or special character * contain at least (8) characters in length I'd like to know how to convert this regex so that it checks the string to * contain at least (2) upper case letter * contain at least (2) lower case letter * contain at least (2) digits * contain at least (2) special character * contain at least (8) characters in length well if it contains at least 2 upper,lower,digits and special chars then I wouldn't need the 8 characters length. special characters include: `~!@#$%^&*()_-+=[]\|{};:'".,/<? thanks in advance.

  Read the article

• How can I make an expect script prompt for a password?

  - by MiniQuark

  I have an expect script that connects to a few routers through ssh. All these routers have the same password (I know, it's wrong), and the script needs to know that password in order to be able to connect to the routers. Currently, the password is passed to my script as an argument on the command line, but this means that there's a trace of that password in my .bash_history file as well as in the running processes. So instead I would like the user to be prompted for a password, if possible silently. Do you know whether or not it's possible to prompt the user for a password with expect? Thank you. Edit: if I was connecting to servers instead of routers, I would probably use ssh keys instead of passwords. But the routers I'm using just support passwords.

  Read the article

• Give access to specific services on Windows 7 Professional machines?

  - by Chad Cook

  We have some machines running Windows 7 Professional at our office. The typical user needs to have access to stop and start a service for a local program they run. These machines have a local web server and database installed and we need to restrict access to certain folders and services related to the web server and database for these users. The setup I have tried so far is to add the typical user as a Power User. I have been able to successfully restrict them from accessing certain folders (as far as I can tell) but now they do not have access to the service needed for starting and stopping the local program. My thought was to give them access to the specific service but I have not had any luck yet. In searching the web for solutions the only results I have found relate to Windows Server 2000 and 2003 and involve creating security templates and databases through the Microsoft Management Console. I am hesitant to try an approach like this as these articles are typically older and I worry this method is outdated. Is there a better way to accomplish the end goal of giving the user permission to run the service and restrict their access to certain folders? If any clarification is needed on the setup or what we are trying to achieve, please let me know. Thanks in advance.

  Read the article

< Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >