Search Results

Search found 41147 results on 1646 pages for 'database security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 300/1646 | < Previous Page | 296 297 298 299 300 301 302 303 304 305 306 307  | Next Page >

  • Interrogating Java source code

    - by VibeofBoston
    I have a Java source code that I need to interrogate and apply security policies [for e.g. applying CWE] I have couple of ideas, for starters using AST and then travel thru the tree. Others include using regular expression. Are there any options other than AST or regex that I could use for such process.

    Read the article

  • Update database in asp.net not working

    - by Badescu Alexandru
    Hello ! i have in asp.net a few textboxes and i wish to update my database with the values that they encapsulate . The problem is that it doesn't work and although it doesn't work, the syntax seems correct and there are no errors present . Here is my linkbutton : <asp:linkbutton id="clickOnSave" runat="server" onclick="Save_Click" Text="Save Profile" /> and my update function protected void Save_Click(object sender, EventArgs e) { SqlConnection con = new System.Data.SqlClient.SqlConnection(); con.ConnectionString = "DataSource=.\\SQLEXPRESS;AttachDbFilename=C:\\Users\\alex\\Documents\\seeubook_db.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True"; con.Open(); String commandString = "UPDATE users SET last_name='" + Text4.Text.Trim() + "' , first_name='" + Textbox1.Text.Trim() + "' , about_me='" + Textbox5.Text.Trim() + "' , where_i_live='" + Textbox2.Text.Trim() + "' , where_i_was_born='" + Textbox3.Text.Trim() + "' , work_place='" + Textbox4.Text.Trim() + "' WHERE email='" + Session["user"] + "'"; SqlCommand sqlCmd = new SqlCommand(commandString, con); sqlCmd.ExecuteNonQuery(); con.Close(); }

    Read the article

  • Unsure how to modify userDetailsService to allow for custom userDetails but keep datasource

    - by adam2510
    what i am trying to do is i'm following this http://www.theserverside.com/tip/-Spring-Security-Customizing-Your-User-and-Authorization-in website to attempt to customise the UserDetails so i can retrieve more fields regarding to the user... as far as implementing the UserDetails, where i am confused is the UserDetailsService at the moment i only have the code for the userDetailsService that is in the website linked above i'm just not sure on how to go about doing it

    Read the article

  • Database with 5 Tables with Insert and Select

    - by kirbby
    hi guys, my problem is that i have 5 tables and need inserts and selects. what i did is for every table a class and there i wrote the SQL Statements like this public class Contact private static String IDCont = "id_contact"; private static String NameCont = "name_contact"; private static String StreetCont = "street_contact"; private static String Street2Cont = "street2_contact"; private static String Street3Cont = "street3_contact"; private static String ZipCont = "zip_contact"; private static String CityCont = "city_contact"; private static String CountryCont = "country_contact"; private static String Iso2Cont = "iso2_contact"; private static String PhoneCont = "phone_contact"; private static String Phone2Cont = "phone2_contact"; private static String FaxCont = "fax_contact"; private static String MailCont = "mail_contact"; private static String Mail2Cont = "mail2_contact"; private static String InternetCont = "internet_contact"; private static String DrivemapCont = "drivemap_contact"; private static String PictureCont = "picture_contact"; private static String LatitudeCont = "latitude_contact"; private static String LongitudeCont = "longitude_contact"; public static final String TABLE_NAME = "contact"; public static final String SQL_CREATE = "CREATE TABLE IF NOT EXISTS " + TABLE_NAME + "(" + IDCont + "INTEGER not NULL," + NameCont + " TEXT not NULL," + StreetCont + " TEXT," + Street2Cont + " TEXT," + Street3Cont + " TEXT," + ZipCont + " TEXT," + CityCont + " TEXT," + CountryCont + " TEXT," + Iso2Cont + " TEXT," + PhoneCont + " TEXT," + Phone2Cont + " TEXT," + FaxCont + " TEXT," + MailCont + " TEXT," + Mail2Cont + " TEXT," + InternetCont + " TEXT," + //website of the contact DrivemapCont + " TEXT," + //a link to a drivemap to the contact PictureCont + " TEXT," + //a photo of the contact building (contact is not a person) LatitudeCont + " TEXT," + LongitudeCont + " TEXT," + "primary key(id_contact)" + "foreign key(iso2)"; and my insert looks like this public boolean SQL_INSERT_CONTACT(int IDContIns, String NameContIns, String StreetContIns, String Street2ContIns, String Street3ContIns, String ZipContIns, String CityContIns, String CountryContIns, String Iso2ContIns, String PhoneContIns, String Phone2ContIns, String FaxContIns, String MailContIns, String Mail2ContIns, String InternetContIns, String DrivemapContIns, String PictureContIns, String LatitudeContIns, String LongitudeContIns) { try{ db.execSQL("INSERT INTO " + "contact" + "(" + IDCont + ", " + NameCont + ", " + StreetCont + ", " + Street2Cont + ", " + Street3Cont + ", " + ZipCont + ", " + CityCont + ", " + CountryCont + ", " + Iso2Cont + ", " + PhoneCont + ", " + Phone2Cont + ", " + FaxCont + ", " + MailCont + ", " + Mail2Cont + ", " + InternetCont + ", " + DrivemapCont + ", " + PictureCont + ", " + LatitudeCont + ", " + LongitudeCont + ") " + "VALUES (" + IDContIns + ", " + NameContIns +", " + StreetContIns + ", " + Street2ContIns + ", " + Street3ContIns + ", " + ZipContIns + ", " + CityContIns + ", " + CountryContIns + ", " + Iso2ContIns + ", " + PhoneContIns + ", " + Phone2ContIns + ", " + FaxContIns + ", " + MailContIns + ", " + Mail2ContIns + ", " + InternetContIns + ", " + DrivemapContIns + ", " + PictureContIns + ", " + LatitudeContIns + ", " + LongitudeContIns +")"); return true; } catch (SQLException e) { return false; } } i have a DBAdapter class there i created the database public class DBAdapter { public static final String DB_NAME = "mol.db"; private static final int DB_VERSION = 1; private static final String TAG = "DBAdapter"; //to log private final Context context; private SQLiteDatabase db; public DBAdapter(Context context) { this.context = context; OpenHelper openHelper = new OpenHelper(this.context); this.db = openHelper.getWritableDatabase(); } public static class OpenHelper extends SQLiteOpenHelper { public OpenHelper(Context context) { super(context, DB_NAME, null, DB_VERSION); } @Override public void onCreate(SQLiteDatabase db) { // TODO Auto-generated method stub db.execSQL(Contact.SQL_CREATE); db.execSQL(Country.SQL_CREATE); db.execSQL(Picture.SQL_CREATE); db.execSQL(Product.SQL_CREATE); db.execSQL(Project.SQL_CREATE); } @Override public void onUpgrade(SQLiteDatabase db, int oldVersion, int newVersion) { // TODO Auto-generated method stub Log.w(TAG, "Upgrading database from version " + oldVersion + " to " + newVersion + ", which will destroy all old data"); db.execSQL(Contact.SQL_DROP); db.execSQL(Country.SQL_DROP); db.execSQL(Picture.SQL_DROP); db.execSQL(Product.SQL_DROP); db.execSQL(Project.SQL_DROP); onCreate(db); } i found so many different things and tried them but i didn't get anything to work... i need to know how can i access the database in my activity and how i can get the insert to work and is there sth wrong in my code? thanks for your help thats how i tried to get it into my activity public class MainTabActivity extends TabActivity { private Context context; @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.maintabactivity); TabHost mTabHost = getTabHost(); Intent intent1 = new Intent().setClass(this,MapOfLight.class); //Intent intent2 = new Intent().setClass(this,Test.class); //Testactivity //Intent intent2 = new Intent().setClass(this,DetailView.class); //DetailView Intent intent2 = new Intent().setClass(this,ObjectList.class); //ObjectList //Intent intent2 = new Intent().setClass(this,Gallery.class); //Gallery Intent intent3 = new Intent().setClass(this,ContactDetail.class); mTabHost.addTab(mTabHost.newTabSpec("tab_mol").setIndicator(this.getText(R.string.mol), getResources().getDrawable(R.drawable.ic_tab_mol)).setContent(intent1)); mTabHost.addTab(mTabHost.newTabSpec("tab_highlights").setIndicator(this.getText(R.string.highlights),getResources().getDrawable(R.drawable.ic_tab_highlights)).setContent(intent2)); mTabHost.addTab(mTabHost.newTabSpec("tab_contacts").setIndicator(this.getText(R.string.contact),getResources().getDrawable(R.drawable.ic_tab_contact)).setContent(intent3)); mTabHost.setCurrentTab(1); SQLiteDatabase db; DBAdapter dh = null; OpenHelper openHelper = new OpenHelper(this.context); dh = new DBAdapter(this); db = openHelper.getWritableDatabase(); dh.SQL_INSERT_COUNTRY("AT", "Austria", "AUT"); } } i tried it with my country table because it has only 3 columns public class Country { private static String Iso2Count = "iso2_country"; private static String NameCount = "name_country"; private static String FlagCount = "flag_image_url_country"; public static final String TABLE_NAME = "country"; public static final String SQL_CREATE = "CREATE TABLE IF NOT EXISTS " + TABLE_NAME + "(" + Iso2Count + " TEXT not NULL," + NameCount + " TEXT not NULL," + FlagCount + " TEXT not NULL," + "primary key(iso2_country)"; public boolean SQL_INSERT_COUNTRY(String Iso2CountIns, String NameCountIns, String FlagCountIns) { try{ db.execSQL("INSERT INTO " + "country" + "(" + Iso2Count + ", " + NameCount + ", " + FlagCount + ") " + "VALUES ( " + Iso2CountIns + ", " + NameCountIns +", " + FlagCountIns + " )"); return true; } catch (SQLException e) { return false; } } another question is it better to put the insert and select from each table into a separate class, so i have 1 class for each table or put them all into the DBAdapter class?

    Read the article

  • Are WCF Services encrypted automatically if they go over SSL?

    - by michael
    Basically, if I have a plain WCF Service over HTTPS is it automatically secure? [ServiceContract] public interface ICalc { [OperationContract] int add(int a, int b); } public class Calculator : ICalc { public int add(int a, int b) { return a + b; } } I figure the actual SOAP message isn't encrypted here, but is it still secure if I use https? Basically, if I use a basichttpbinding with no security settings in my config over https://www.myserver.com/services/Calc.svc is that secure?

    Read the article

  • What method of MySQL mirroring should I use for this?

    - by user45745
    I'm running an web application hosting service (basically hosting forums for free), and I have two remote servers at my disposal. The code for the application is stored on both servers and isn't a problem, but I'm wondering how to deal with the databases. When someone goes onto a site *.example-host.com, they are sent to one of the two servers and both must be capable of loading the forums from a database. The database must also have write access, for when new members register or post topics etc. The main requirement is speed, but uptime is also important (if a server goes out, the site should still work). I have a few options, but I'm inexperienced and not sure which to go with: 1) [PHP] Split the forum records 50:50 between the two servers. If a server does not have the record for a forum requested, it can request it from the other by remote MySQL and load it. This idea sounded okay, until I realised that 50% of the time, users would be waiting significantly longer for pages to load. I also realised that if one of the servers went down, half the forums would be inaccessible and registrations would have to be disabled. 2) [MySQL] Dual master replication. This would attempt to mirror the two databases and sounds perfect, but I've heard that it can be very problematic. I don't know how fast this is. 3) [MySQL] Use a standard replication, distribute read only queries on both nodes and read/write queries to the master. This sounds like a good option, but again, I'm not sure on speed. I also don't know what would happen if the master server went down. If you have any other suggestions, please post them :)

    Read the article

  • Using Forms authentication with remote auth system?

    - by chobo
    I am working on a website that uses a remote websites database to check for authentication (they are both share some database tables, but are separate website...) Right now I check the username and password against the remote websites account / member table, if there is a match I create a session. Questions: Is this secure? On authenticated pages I just check if a session of a specific type exists.Is it possible for someone to create an empty session or something that could bypass this? Is it possible to use Forms authentication with this setup? Right now if a user is authenticated I just get an object back with the username, email and id.

    Read the article

  • password/login system in php

    - by Jonathan
    For a login system in php would this be a suitable outline of how it would work: users types in username and password, clicks login button. Checks if user exists in database, if it does, then retrieve the salt for that user hash the password and salt (would this be done on the client or server side? I think client side would be better, but php is server side so how would you do this?) check value against value in database, if the values match then user has typed in correct password and they are logged in.

    Read the article

  • How to disallow a windows service stop

    - by Saar
    I have some security related service running on my machine (start type = automatic) In the service control manager, the stop/restart commands are grayed out. I was wondering how can I develop such service for which the stop operation is disallowed. Note that I am logged in as an administrator

    Read the article

  • [php + mysql] Save IP in database

    - by Knarf
    When a user logs inn I want to save their IP in the database. How would I do that? What type is best to use for the MySQL field? How would the PHP code to get IP look like? I'm thinking of using it as an extra security feature for the login/session stuff. I'm thinking of checking the IP the user logged in with from the DB with the IP the user have now as addition to checking the session. So that it first check the session, and then check if you have a valid IP. Is that an allright extra feature? And what other things can I do to make it more secure?

    Read the article

  • I want search a item frome database

    - by vishal
    I want search a item frome database bye date and id but if I want to search only by date or id tahn data are display but if I want to search by both date and id than not both are display but combine both and than display. my code: SqlConnection con = new SqlConnection("Data Source=NODE5-PC;Initial Catalog=hans;Persist Security Info=True;User ID=sa;Password=123"); cmd = new SqlCommand("SELECT UserId, Date, Report FROM Daily_Report WHERE (Date='" + txtdate.Text + "' or UserId='" + txtempid.Text + "') OR (UserId='" + txtempid.Text + "' and UserId='" + txtempid.Text + "')", con); con.Open(); SqlDataReader rdr = cmd.ExecuteReader(); GridView2.DataSource = rdr; GridView2.DataBind(); con.Close();

    Read the article

  • CPU emulator on C for assembler

    - by krlzx00
    Hi, there. I have a problem. I´m working on a little aplication of security, but i recived an array that means a bytes, and that bytes can be interpreted as a assembler code, so my cuestion is.... some one knows a library that a i can use on my aplication that can execute this bytes and show what it do, or something like that?

    Read the article

  • Should the function or the caller be resonsible for input validation?

    - by haudenschilt
    I'm doing a security audit on a fairly large php application and was wondering where I should include my user-input validation. Should I validate the data, then send the clean data off to the back-end functions or should I rely on each function to do it's own validation? Or even both? Is there any standard or best-practice for this sort of thing? Currently the app does both inconsistently and I'll like to make things more consistent.

    Read the article

  • What information about a user is available via PHP?

    - by Camran
    This is about a classifieds website, where anyone may post classifieds. I have a security database which I intend to fill with information about the user who posts the classifieds. I intend to record information such as IP, name, tel, email, classified_text, classified_title etc etc. The reason for all this is that sometimes people become victims of fraud (fake classifieds etc). So I wonder, what information is possible to get from the poster which may help in tracking him/her down? IP is a given, but what else could be useful? And I would much like examples of how it would be useful also, as well as the code for it please, like $_SERVER['REMOTE_ADDR']. And btw, I use PHP and have Sql as a database. Thanks

    Read the article

  • Expanded securityadmin

    - by user80652
    I'm aware that sysadmin is documented as the server role necessary for creating logins (SQL/Windows-integrated); nevertheless, I'm tasked to find out if there's any other server role (built-in or otherwise) that can be used. To be specific, I'm looking to setup one or two logins with access to create logins, create [database] users, assign users to [database] roles. Potentially reset passwords, but most of the logins are Windows-integrated and it's not necessary. Cannot have access to data at all, nor can these logins have rights to update tables nor create/update roles. Seems my only options so far are to set these 2 logins with securityadmin server role and for the specific databases, configure with db_securityadmin and db_accessadmin... but this configuration doesn't allow for creating logins.

    Read the article

  • SQL Server Transaction Marks: Restoring multiple databases to a common relative point

    - by Mladen Prajdic
    We’re all familiar with the ability to restore a database to point in time using the RESTORE WITH STOPAT statement. But what if we have multiple databases that are accessed from one application or are modifying each other? And over multiple instances? And all databases have different workloads? And we want to restore all of the databases to some known common relative point? The catch here is that this common relative point isn’t the same point in time for all databases. This common relative point in time might be now in DB1, now-1 hour in DB2 and yesterday in DB3. And we don’t know the exact times. Let me introduce you to Transaction Marks. When we run a marked transaction using the WITH MARK option a flag is set in the transaction log and a row is added to msdb..logmarkhistory table. When restoring a transaction log backup we can restore to either before or after that marked transaction. The best thing is that we don’t even need to have one database modifying another database. All we have to do is use a marked transaction with the same name in different database. Let’s see how this works with an example. The code comments say what’s going on. USE master GOCREATE DATABASE TestTxMark1GOUSE TestTxMark1GOCREATE TABLE TestTable1( ID INT, VALUE UNIQUEIDENTIFIER) -- insert some data into the table so we can have a starting pointINSERT INTO TestTable1SELECT ROW_NUMBER() OVER(ORDER BY number) AS RN, NULLFROM master..spt_valuesORDER BY RNSELECT *FROM TestTable1GO-- TAKE A FULL BACKUP of the databseBACKUP DATABASE TestTxMark1 TO DISK = 'c:\TestTxMark1.bak'GO USE master GOCREATE DATABASE TestTxMark2GOUSE TestTxMark2GOCREATE TABLE TestTable2( ID INT, VALUE UNIQUEIDENTIFIER)-- insert some data into the table so we can have a starting pointINSERT INTO TestTable2SELECT ROW_NUMBER() OVER(ORDER BY number) AS RN, NEWID()FROM master..spt_valuesORDER BY RNSELECT *FROM TestTable2GO-- TAKE A FULL BACKUP of our databseBACKUP DATABASE TestTxMark2 TO DISK = 'c:\TestTxMark2.bak'GO -- start a marked transaction that modifies both databasesBEGIN TRAN TxDb WITH MARK -- update values from NULL to random value UPDATE TestTable1 SET VALUE = NEWID(); -- update first 100 values from random value -- to NULL in different DB UPDATE TestTxMark2.dbo.TestTable2 SET VALUE = NULL WHERE ID <= 100;COMMITGO     -- some time goes by here -- with various database activity... -- We see two entries for marks in each database. -- This is just informational and has no bearing on the restore itself.SELECT * FROM msdb..logmarkhistory USE masterGO-- create a log backup to restore to mark pointBACKUP LOG TestTxMark1 TO DISK = 'c:\TestTxMark1.trn'GO-- drop the database so we can restore it backDROP DATABASE TestTxMark1GO USE masterGO-- create a log backup to restore to mark pointBACKUP LOG TestTxMark2 TO DISK = 'c:\TestTxMark2.trn'GO-- drop the database so we can restore it backDROP DATABASE TestTxMark2GO -- RESTORE THE DATABASE BACK BEFORE OUR TRANSACTION-- restore the full backup RESTORE DATABASE TestTxMark1 FROM DISK = 'c:\TestTxMark1.bak' WITH NORECOVERY;-- restore the log backup to the transaction markRESTORE LOG TestTxMark1 FROM DISK = 'c:\TestTxMark1.trn' WITH RECOVERY, -- recover to state before the transaction STOPBEFOREMARK = 'TxDb'; -- recover to state after the transaction -- STOPATMARK = 'TxDb';GO -- RESTORE THE DATABASE BACK BEFORE OUR TRANSACTION-- restore the full backup RESTORE DATABASE TestTxMark2 FROM DISK = 'c:\TestTxMark2.bak' WITH NORECOVERY;-- restore the log backup to the transaction markRESTORE LOG TestTxMark2 FROM DISK = 'c:\TestTxMark2.trn' WITH RECOVERY, -- recover to state before the transaction STOPBEFOREMARK = 'TxDb'; -- recover to state after the transaction -- STOPATMARK = 'TxDb';GO USE TestTxMark1-- we restored to time before the transaction -- so we have NULL values in our tableSELECT * FROM TestTable1 USE TestTxMark2-- we restored to time before the transaction -- so we DON'T have NULL values in our tableSELECT * FROM TestTable2   Transaction marks can be used like a crude sync mechanism for cross database operations. With them we can mark our databases with a common “restore to” point so we know we have a valid state between all databases to restore to.

    Read the article

  • MailEnable - Configuring TLS for secure SMTP (Gmail)

    - by Buckers
    I have the latest version of MailEnable Pro installed on a new server that I'm setting up. Sending & receiving works fine with a new email account that I have set up, however I am now trying to configure GMail to use the mailserver for outgoing SMTP. I've done the following so far: Creating a self-cert SSL certficiate Ticked "Enable TLS" on the General tab of the SMTP connector properties Ticked "Send using TLS if remote server supports it" on the Outbound tab of the SMTP connector properties Selected the new self-cert SSL certificate on the SSL tab of the localhost server properties. Given permissions to IME_System on the new certificate However, Gmail is still giving me the following error: Authentication failed. Please check your username/password. [Server response: 454 TLS not available due to temporary reason code(454) ] I'm trying to connect on port 25, (someone told me you can still do this and you dont have to connect on 465). Is this right? Or do I need to tell MailEnable to use port 465? Am I missing something? Thanks, Chris.

    Read the article

  • 'Certificate types are not available' When creating computer certificate?

    - by Anicho
    Environment Windows Server 2008 sp1 Xeon CPU E5430 @ 2.66 GHz 16.0 GB Ram 64-bit Operating System 1TB Disk Space Server Role: SQL Server Other Information: Joint to domain, Logged in user domain administrator Issue Steps that cause issue: Create a computer certificate using mmc snap-in 'certificates' by right clicking on 'Certificates' folder Under 'root\Personal' tree, and clicking All Tasks - Request New Certificate. Certificate Enrollment window appears, you verify you are connected to your network and you are logged onto the domain. Then Click Next, which leads to a window stating the issue: "Certificate types are not available" "You cannot request a certificate this time because no certificate types are available. If you need a certificate contact your administrator." Wanted Solution Create a certificate on this server, to implement SSL connection to MSSQL servers.

    Read the article

  • How long do DDoS attacks last?

    - by Susan
    I realize the answer to this question will vary, which is why I'm asking it. If you've suffered a DDoS attack before - how long did it last? Just trying to get an idea of how long we'll have to continue to wage this battle (going on a couple weeks now).

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 296 297 298 299 300 301 302 303 304 305 306 307  | Next Page >