Search Results

Search found 1399 results on 56 pages for 'separation of concerns'.

Page 35/56 | < Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >

  • Aren't passwords written in inputbox vulnerable through a stack trace ?

    - by loursonwinny
    Hello, I am not a guru of the stack tracing, at all. I even don't know how to get some. Anyway, I am wondering if entering a password entered in an inputbox is safe. Can't it be retrieved by getting a stack trace ? A password entered that way will be found in many places : Caption property of the TEdit Result of the function which creates the inputbox probably, a variable that stores the Result of the InputBox Command etc... If the answer is "yes, it is a vulnerability", then my world collapses :p. What can be done to avoid that vulnerability hole ? NOTE : The InputBox is an example but it can be with a "homebrewed" login prompt. InputBox is a Delphi command but I haven't tagged the question with the Delphi tag because I suppose that the question concerns any language. Thanks for reading

    Read the article

  • What are the main reasons against the Windows Registry?

    - by dbemerlin
    If i want to develop a registry-like System for Linux, which Windows Registry design failures should i avoid? Which features would be absolutely necessary? What are the main concerns (security, ease-of-configuration, ...)? I think the Windows Registry was not a bad idea, just the implementation didn't fullfill the promises. A common place for configurations including for example apache config, database config or mail server config wouldn't be a bad idea and might improve maintainability, especially if it has options for (protected) remote access. I once worked on a kernel based solution but stopped because others said that registries are useless (because the windows registry is)... what do you think?

    Read the article

  • Processing XML file with Huge data

    - by Manish Dhanotiya
    Hi,be m I am working on an application which has below requiements - 1. Download a ZIP file from a server. 2. Uncompress the ZIP file, get the content (which is in XML format) from this file into a String. 3. Pass this content into another method for parsing and further processing. Now, my concerns here is the XML file may be of Huge size say like '100MB', and my JVM has memory of only 512 MB, so how can I get this content into Chunks and pass for Parsing and then insert the data into PL/SQL tables. Since there can be multiple requests running at the same time and considering 512MB of memory what will be the best possible to process this. How I can get the data into Chunks and pass it as Stream for XML parsing. I googled on this, but didnt find any implementation. :( Thanks,

    Read the article

  • Where should I define Enums?

    - by Ciel
    Hi: I'm setting up a new app, with a Repository layer/assembly, a Services layer/assembly, and a UI assembly. So I end up with namespaces such as: App.UI App.Biz.Services App.Data.Repositories And then I have enums for the args that are used by all 3 layers. Only place that makes sense is to put them in the Cross cutting assembly. (define them in Data layer too low, as UI should have no direct ref to them, defined in Services, too high for Repository layer, which shouldn't be referencing upwards). But...which namespace in Common? Namespaces should mostly be used to define concerns, rather than Type... I've always used something like: namespace App.Common.Enums {...} but it's always felt a bit of a hack that works for me, but not well in a large org where everybody is generating Enums, and if we put them all in Enums folder it's going to make the code folder harder to understand later. Any suggestions?

    Read the article

  • PyGTK "assertion GTK_IS_WINDOW failed

    - by iAndr0idOs
    I'm trying to build a web browser using PyGTK and PyWebKit However, I'm pretty sure my question only concerns PyGTK I have a custom gtk.Notebook class, with an "add tab" button as the last tab. When I click it, it gives me the error /home/ruiqimao/workspace/PyBrowser/src/browser/__init__.py:161: GtkWarning: IA__gdk_window_get_cursor: assertion `GDK_IS_WINDOW (window)' failed gtk.main() twice. And then, my new tab won't show up. I have no idea what is going on, so here is my whole code If any of you could help me, that would be great! Thanks! [EDIT]: Just found out that the problem lies in the w.show_all() line What could this mean?

    Read the article

  • Alternates to C++ Reference/Pointer Syntax

    - by Jon Purdy
    What languages other than C and C++ have explicit reference and pointer type qualifiers? People seem to be easily confused by the right-to-left reading order of types, where char*& is "a reference to a pointer to a character", or a "character-pointer reference"; do any languages with explicit references make use of a left-to-right reading order, such as &*char/ref ptr char? I'm working on a little language project, and legibility is one of my key concerns. It seems to me that this is one of those questions to which it's easy for a person but hard for a search engine to provide an answer. Thanks in advance!

    Read the article

  • Alternatives to C++ Reference/Pointer Syntax

    - by Jon Purdy
    What languages other than C and C++ have explicit reference and pointer type qualifiers? People seem to be easily confused by the right-to-left reading order of types, where char*& is "a reference to a pointer to a character", or a "character-pointer reference"; do any languages with explicit references make use of a left-to-right reading order, such as &*char/ref ptr char? I'm working on a little language project, and legibility is one of my key concerns. It seems to me that this is one of those questions to which it's easy for a person but hard for a search engine to provide an answer. Thanks in advance!

    Read the article

  • SharePoint SLK and T-SQL xp_cmdshell safety

    - by Mitchell Skurnik
    I am looking into a TSQL command called "xp_cmdshell" to use to monitor a change to a the SLK (SharePoint Learning Kit) database and then execute a batch or PowerShell script that will trigger some events that I need. (It is bad practice to modify SharePoint's database directly, so I will be using its API) I have been reading on various blogs and MSDN that there are some security concerns with this approach. The sites suggest that you limit security so the command can be executed by only a specific user role. What other tips/suggestions would you recommend with using "xp_cmdshell"? Or should I go about this another way and create a script or console application that constantly checks if a change has been made? I am running Server 2008 with SQL 2008.

    Read the article

  • How do I automatically delete an Excel file after creating it on a server and returning it to the us

    - by David A Gibson
    Hello, I am creating an Excel file on a web server, using OleDb to connect the the physical (well as physical as it can be) file and appending records. I am then returning a FilePathResult to the user via MVC, and would like to delete the physical file afterwards due to data protection concerns over the appended records. I have tried using a File.Delete in a Finally clause but I get a File Not Found error which must mean the file has gone when MVC is trying to send the file to the user. I thought about creating the File as a MemoryStream but I think OleDb needs a physical file to connect to so this isn't an option. Any suggestions on how to delete the file after returning it in one operation? Thanks

    Read the article

  • Apache Axis web service clients vs plain SOAP requests.

    - by Andy Pryor
    I'm looking for the best way to consume a Java web service that returns rather large and complex objects. I am currently using Apache Axis clients generated from the wsdl, (using eclipse "generate web service client" tool). We have concerns about performance of this. The service proxy objects are not thread safe, and they are rather heavy to instantiate, 2-3 MB on the JVM. The other alternative is making HTTP connections and building a String SOAP requests. I would have to interpret the response, and build objects from the XML. Would this be a better alternative to the heavy axis objects? I searched for good reading on this, if any one had any links I would greatly appreciate it.

    Read the article

  • hibernate distributed 2nd level cache options

    - by ishmeister
    Not really a question but I'm looking for comments/suggestions from anyone who has experiences using one or more of the following: EhCache with RMI EhCache with JGroups EhCache with Terracotta Gigaspaces Data Grid A bit of background: our applications is read only for the most part but there is some user data that is read-write and some that is only written (and can also be reasonably inaccurate). In addition, it would be nice to have tools that enable us to flush and fill the cache at intervals or by admin intervention. Regarding the first option - are there any concerns about the overhead of RMI and performance of Java serialization?

    Read the article

  • DRY vs Security and Maintainability with MVC and View Models

    - by Mystere Man
    I like to strive for DRY, and obviously it's not always possible. However, I have to scratch my head over a concept that seems pretty common in MVC, that of the "View Model". The View Model is designed to only pass the minimum amount of information to the view, for both security, maintainability, and testing concerns. I get that. It makes sense. However, from a DRY perspective, a View Model is simply duplicating data you already have. The View Model may be temporary, and used only as a DTO, but you're basically maintaing two different versions of the same model which seems to violate the DRY principal. Do View Models violate DRY? Are they a necessary evil? Do they do more good than bad?

    Read the article

  • Is SHA sufficient for checking file duplication? (sha1_file in PHP)

    - by wag2639
    Suppose you wanted to make a file hosting site for people to upload their files and send a link to their friends to retrieve it later and you want to insure files are duplicated where we store them, is PHP's sha1_file good enough for the task? Is there any reason to not use md5_file instead? For the frontend, it'll be obscured using the original file name store in a database but some additional concerns would be if this would reveal anything about the original poster. Does a file inherit any meta information with it like last modified or who posted it or is this stuff based in the file system? Also, is using a salt frivolous since security in regards of rainbow table attack mean nothing to this and the hash could later be used as a checksum? One last thing, scalability? initially, it's only going to be used for small files a couple of megs big but eventually... Edit 1: The point of the hash is primarily to avoid file duplication, not to create obscurity.

    Read the article

  • effective counter for unique number of visits in PHP & MySQL

    - by Adnan
    Hello, I am creating a counter for unique number of visits on a post, so what I have until now is a table for storing data like this; cvp_post_id | cvp_ip | cvp_user_id In cases a registered user visits a post, for the first time a record is inserted with cpv_post_id and cvp_user_id, so for his next visit I query the table and if the record is available I do not count him as a new visitor. In cases of an anonymous user the same happens but now the cvp_ip and cpv_post_id are used. My concerns is that I do a query every time anyone visits a post for checking if there has been a visit, what would be a more effective way for doing this?

    Read the article

  • Refactoring thick client legacy application

    - by Paul
    I am working on a fat client legacy C++ application which has a lot of business logic mixed in with the presentation side of things. I want to clean things out and refactor the code out completely, so there is a clear seperation of concerns. I am looking at MVC or some other suitable design pattern in order to achieve this. I would like to get recommendations from people who have walked this road before - Do I use MVP or MVC (or another pattern)? What is/are the best practices for undertaking something like this (i.e. useful steps/checks) ?

    Read the article

  • how do you get the response back into the instance of the object?

    - by randomdev
    If you've written a class in JavaScript that calls a remote service's API, and that remote API offers a callback, how do you get the response back into the instance of the object that made the request? I'll try to give you a very basic example FOO for making cross domain calls to BAR service which offers a callback. Please ignore the usual security concerns, (I own both servers). function FOO() { this.response = null; this.execute = function(url) { var script = document.createElement('script'); script.src = url; document.getElementsByTagName('head')[0].appendChild(script); } this.catch = function(response) { this.response = response; } } var sample = new FOO(); sample.execute('http://barservices.com/sample/?callback={ plshelphere: this.catch}'); I have a way to make this work, but I'm curious if there is an "accepted approach" here. Anyone have thoughts for me?

    Read the article

  • How to create GUI as inner class with WindowBuilder

    - by Tim Kemp
    I would like to use WindowBuilder in Eclipse to construct Swing GUIs. The JPanels I need to build will be inner classes in a non-GUI wrapper, like so: public class MyWrapper extends MyBaseClass { ... class MyPanel extends JPanel { ... } } So my question is this: can I construct MyPanel using WindowBuilder? If so, how should I set it up? If anyone is interested, the wrapper is an abstract base class which the plug-ins I am developing for my app must extend; deployment concerns mean that it's not really practical to put the GUIs in a separate JAR either so I pretty much have to do it this way. My current workflow, which is awful, is to build the GUI in NetBeans and paste the entire generated class into Eclipse where I connect it up to the methods in my wrapper. I am very hopeful that WindowBuilder will let me work more reliably and efficiently if I can trick it into generating code in MyPanel, not MyWrapper. Thanks

    Read the article

  • Is it safe to use a subversion feature branch after reintegrate-merged to trunk?

    - by ripper234
    Must a feature branch be deleted after it's merged (reintegrated) back to trunk? I prefer to constantly merge changes back and forth from my feature branch - I believe this keeps the conflicts to a minimum. Yet I understand that once you use the reintegrate merge to trunk, a feature branch should be deleted. Is it so? Why? What can I do to circumvent this? Update I'm asking about technical problems that come from the tool, not "methodology concerns". I intend to keep working on the feature branch after the merge. Update the top answer indeed specifies a rather complex procedure (merge, delete & rebranch). Is there an easy way to accomplish this in TortoiseSVN? Shouldn't there be?

    Read the article

  • ORM Against a Service-Wrapped Data Source

    - by blaster
    We are tasked with migrating an existing set of entities (currently POCOs persisted with NHibernate against an MSSQL database) to now persist to some kind of web service (yet to be built, either RESTful or SOAP-based, and that we control). I like how NHibernate encapsulates the persistence concerns and lets us maintain a logic-rich, persistence-agnostic domain model. Is there any way to make NHibernate talk to a web service at the back end instead of a SQL database directly? In other words, can "service instead of SQL database" be treated as a persistence implementation detail and allow us to continue to use NHibernate? Am I asking the right question? :)

    Read the article

  • Application wide messaging... without singletons?

    - by StormianRootSolver
    So, I want to go for a more Singleton - less design in the future. However, there seem to be a lot of tasks in an application that can't be done in meaningful way without singletons. I call them "application wide services", but they also fall into the same category as the cross cutting concerns, which I usually fix via AOP. Lets take an example: I want an application wide message queue that dispatches messages to components, every component can subscribe and publish there, it's a very nice multicast thing. The message queue and dispatching system are usually a (rather short) singleton class, which is very easy to implement in, say, C#. You can even use double dispatching and utilize message type metadata and the like, it's all so easy to do, it's almost trivial. However, having singletons is not really "object oriented design" (it introduces global variables) and it makes testing harder. Do you have any ideas? I'm asking this question because I'm willing to learn more about this topic, a LOT more. :-)

    Read the article

  • How to store a 250mb database in an Offline Web App

    - by Couto
    Ok, maybe i'm not seeing the whole picture or something, but i kinda need a brainstorm. So the purpose is to make a webapp (HTML5, CSS, Javascript) that has to search on a 250mb database without any internet connection, so.. yes the database has to be on the client side. The hard part here is, this App has to work on an iPod or iPhone without internet connection. (An initial connection to download the App is ok), LocalStorage has a 5mb limit, couchDB would be great since they have an webapp easily accessed by Javascript (privacy concerns don't matter at this point), so i'm pretty much out of ideas.... Does anyone see an alternative, or solution for the purpose?

    Read the article

  • Should i use TabContainer for multiple pages?

    - by Tim
    I'm considering if it is a good idea to use an ASP.Net TabContainer-Control in the way that every TabPanel contains content of a different page. For example: Next i want to implement in my application is the masterdata management. Normally i would create one aspx page for every masterdata-table (f.e. Customer - MD_Customer.aspx). Then i would add a link into my Menu to this page. Now i'm thinking of creating one aspx page for all(Masterdata.aspx) with a Tabcontainer and an UpdatePanel for every type of Masterdata. The link it the menu could have an additional MDType as URL-Parameter. My main concerns are related to performance(one "page" for every TabPanel currently means 7 "pages" in one) and maintainability because of increasing complexity. Is it a good approach or a bad idea? Thanks

    Read the article

  • Do AOP violate layered architecture for enterprise apps?

    - by redzedi
    The question(as stated in the title) comes to me as recently i was looking at Spring MVC 3.1 with annotation support and also considering DDD for an upcoming project. In the new Spring any POJO with its business methods can be annotated to act as controller, all the concerns that i would have addressed within a Controller class can be expressed exclusively through the annotations. So, technically i can take any class and wire it to act as controller , the java code is free from any controller specific code, hence the java code could deal with things like checking security , starting txn etc. So will such a class belong to Presentation or Application layer ?? Taking that argument even further , we can pull out things like security, txn mgmt and express them through annotations , thus the java code is now that of the domain object. Will that mean we have fused together the 2 layers? Please clarify

    Read the article

  • Is it better to store user text (such as a blog entry or private messages) in the database or as flat files?

    - by Fredashay
    I'm building a social networking type site that will be storing large chunks of text that's entered by users, such as blog entries and private messages. As such, these will be entered once, with minimal revisions, but many reads by multiple users over time. I'm using MySQL, by the way. My concerns are: Storing large blocks of text on the database will fill the database to capacity eventually. I read somewhere that storing user text in flat files is a security risk? (The filenames will be generated dynamically by the PHP, not by the user.) Storing them as text files may cause them to become out of sync if I ever have to reinitialize the database and restore it from backups. What are all your thoughts and advice, pros and cons?

    Read the article

  • Authorization/Licensing of Webservice

    - by Burhan
    I have developed a web service which accepts the login credentials from the XML message passed to it. I have concerns over this method as the developer who consumes the service can easily share the login credentials and my service can be called from some other application that uses the same credentials. Is there any way that I can issue a 'license' to some specific applications? So that, even if credentials are shared among the consuming apps, only authorized ones can successfully consume the service. P.S: I thought about implementing IP restrictions but that doesn't serve the purpose as we may have different applications installed on a same server (we do have such a scenario implemented).

    Read the article

< Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >