Search Results

Search found 1054 results on 43 pages for 'the secret imbecile'.

Page 36/43 | < Previous Page | 32 33 34 35 36 37 38 39 40 41 42 43  | Next Page >

  • Sharing runtime variables between files

    - by nightcracker
    I have a project with a few files that all include the header global.hpp. Those files want to share and update information that is relevant for the whole program during runtime (that data is gathered progressively during the program runs but the fields of data are known at compile-time). Now my idea was to use a struct like this: global.hpp #include <string> #ifndef _GLOBAL_SESSION_STRUCT #define _GLOBAL_SESSION_STRUCT struct session_struct { std::string username; std::string password; std::string hostname; unsigned short port; // more data fields as needed }; #endif extern struct session_struct session; main.cpp #include "global.hpp" struct session_struct session; int main(int argc, char* argv[]) { session.username = "user"; session.password = "secret"; session.hostname = "example.com"; session.port = 80; // other stuff, etc return 0; } Now every file that includes global.hpp can just read & write the fields of the session struct and easily share information. Is this the correct way to do this? NOTE: For this specific project no threading is used. But please (for future projects and other people reading) clarify in your answer how this (or your proposed) solution works when threaded. Also, for this example/project session variables are shared. But this should also apply to any other form of shared variables.

    Read the article

  • Why is "origin/HEAD" shown when running "git branch -r"?

    - by Ben Hamill
    When you run git branch -r why the blazes does it list origin/HEAD? For example, there's a remote repo on GitHub, say, with two branches: master and awesome-feature. If I do git clone to grab it and then go into my new directory and list the branches, I see this: $ git branch -r origin/HEAD origin/master origin/awesome-feature Or whatever order it would be in (alpha? I'm faking this example to keep the identity of an innocent repo secret). So what's the HEAD business? Is it what the last person to push had their HEAD pointed at when they pushed? Won't that always be whatever it was they pushed? HEADs move around... why do I care what someone's HEAD pointed at on another machine? I'm just getting a handle on remote tracking and such, so this is one lingering confusion. Thanks! EDIT: I was under the impression that dedicated remote repos (like GitHub where no one will ssh in and work on that code, but only pull or push, etc) didn't and shouldn't have a HEAD because there was, basically, no working copy. Not so?

    Read the article

  • Omit return type in C++0x

    - by Clinton
    I've recently found myself using the following macro with gcc 4.5 in C++0x mode: #define RETURN(x) -> decltype(x) { return x; } And writing functions like this: template <class T> auto f(T&& x) RETURN (( g(h(std::forward<T>(x))) )) I've been doing this to avoid the inconvenience having to effectively write the function body twice, and having keep changes in the body and the return type in sync (which in my opinion is a disaster waiting to happen). The problem is that this technique only works on one line functions. So when I have something like this (convoluted example): template <class T> auto f(T&& x) -> ... { auto y1 = f(x); auto y2 = h(y1, g1(x)); auto y3 = h(y1, g2(x)); if (y1) { ++y3; } return h2(y2, y3); } Then I have to put something horrible in the return type. Furthermore, whenever I update the function, I'll need to change the return type, and if I don't change it correctly, I'll get a compile error if I'm lucky, or a runtime bug in the worse case. Having to copy and paste changes to two locations and keep them in sync I feel is not good practice. And I can't think of a situation where I'd want an implicit cast on return instead of an explicit cast. Surely there is a way to ask the compiler to deduce this information. What is the point of the compiler keeping it a secret? I thought C++0x was designed so such duplication would not be required.

    Read the article

  • authorise user from mysql database

    - by Jacksta
    I suck at php, and cant find the error here. The script gets 2 variables "username" and "password" from a html from then check them against a MySQL databse. When I run this I get the follow error "Query was empty" <? if ((!$_POST[username]) || (!$_POST[password])) { header("Location: show_login.html"); exit; } $db_name = "testDB"; $table_name = "auth_users"; $connection = @mysql_connect("localhost", "admin", "pass") or die(mysql_error()); $db = @mysql_select_db($db_name, $connection) or die(mysql_error()); $slq = "SELECT * FROM $table_name WHERE username ='$_POST[username]' AND password = password('$_POST[password]')"; $result = @mysql_query($sql, $connection) or die(mysql_error()); $num = mysql_num_rows($result); if ($num != 0) { $msg = "<p>Congratulations, you're authorised!</p>"; } else { header("Location: show_login.html"); exit; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Secret Area</title> </head> <body> <? echo "$msg"; ?> </body> </html>

    Read the article

  • Am I going the right way to make login system secure with this simple password salting?

    - by LoVeSmItH
    I have two fields in login table password salt And I have this little function to generate salt function random_salt($h_algo="sha512"){ $salt1=uniqid(rand(),TRUE); $salt2=date("YmdHis").microtime(true); if(function_exists('dechex')){ $salt2=dechex($salt2); } $salt3=$_SERVER['REMOTE_ADDR']; $salt=$salt1.$salt2.$salt3; if(function_exists('hash')){ $hash=(in_array($h_algo,hash_algos()))?$h_algo:"sha512"; $randomsalt=hash($hash,md5($salt)); //returns 128 character long hash if sha512 algorithm is used. }else{ $randomsalt=sha1(md5($salt)); //returns 40 characters long hash } return $randomsalt; } Now to create user password I have following $userinput=$_POST["password"] //don't bother about escaping, i have done it in my real project. $static_salt="THIS-3434-95456-IS-RANDOM-27883478274-SALT"; //some static hard to predict secret salt. $salt=random_salt(); //generates 128 character long hash. $password =sha1($salt.$userinput.$static_salt); $salt is saved in salt field of database and $password is saved in password field. My problem, In function random_salt(), I m having this FEELING that I'm just making things complicated while this may not generate secure salt as it should. Can someone throw me a light whether I m going in a right direction? P.S. I do have an idea about crypt functions and like such. Just want to know is my code okay? Thanks.

    Read the article

  • android httpurlconnection [closed]

    - by user620451
    hi im new android developer i am trying to login to my asterisk server passing my username and password it works good but when i am trying to request anther url to the server after login i get access denied and i now the problem because the login connection has disconnected so i want a way to request to urls the first one is login to the server and the second is to do something else after login please help and thx anyway this is a part of my code i want to request this 2 url url1="http://192.168.1.7:8088/rawman?action=login&username=admin&secret=admin" url2="http://192.168.1.5:8088/rawman?action=updateconfig&reload=yes&srcfilename=users.conf&dstfilename=users.conf&Action-000000=newcat&Cat-000000=6001&Var-000000=&Value-000000=" public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.main); tv1 = (TextView) this.findViewById(R.id.display); ed1 = (EditText) this.findViewById(R.id.editText); bt1 = (Button) this.findViewById(R.id.submit); bt1.setOnClickListener(new OnClickListener() { public void onClick(View view) { { try{ ServerRequest(url1); ServerRequest(url2); } catch(Exception e) { Log.v("Exception", "Exception:"+e.getMessage()); } } } }); } public String ServerRequest(String serverString) throws MalformedURLException, IOException { String newFeed=serverString; StringBuilder response = new StringBuilder(); Log.v("server","server url:"+newFeed); URL url = new URL(newFeed); HttpURLConnection httpconn = (HttpURLConnection) url.openConnection(); if(httpconn.getResponseCode()==HttpURLConnection.HTTP_OK) { BufferedReader input = new BufferedReader( new InputStreamReader(httpconn.getInputStream()), 8192); String strLine = null; while ((strLine = input.readLine()) != null) { response.append(strLine); } input.close(); } tv1.settext(response); return response.toString(); }

    Read the article

  • How do I get Facebook Application Login to work

    - by Javaaaa
    I just started making an application for Facebook, however I ran into problem early on. The first step I want people to do is to give permission to access their profile. All over the web are examples of how to do this with: $user_id = $facebook->require_login(); However, this is the way it works using the Old PHP API. I have downloaded and installed the new one in my application folder and it is not working anymore. My question is (and i really have been searching for an answer for a long time) what is the code to do this with the new API? (and related question: is it better to use the old API, or learn to work with the new one when I am just starting making apps right now) I have this code now; <?php // Awesome Facebook Application // // Name: - // require_once 'facebook-php-sdk/src/facebook.php'; // Create our Application instance. $facebook = new Facebook(array( 'appId' => $app_id, 'secret' => $app_secret, 'cookie' => true )); $loginUrl = $facebook->getLoginUrl(array( 'req_perms' => 'email,user_birthday,publish_stream,sms,status_update,user_location' )); echo "<p>hello, <fb:name uid=\"$user_id\" useyou=\"false\" />!</p>"; ?>

    Read the article

  • Lightweight HTTP application/server for static content

    - by PartlyCloudy
    Hi, I am in need of a scalable and performant HTTP application/server that will be used for static file serving/uploading. So I only need support for GET and PUT operations. However, there are a few extra features that I need: Custom authentication: I need to check credentials against a database for each request. Thus I must be able to integrate propietary database interaction. Support for signed access keys: The access to resources via PUT should be signed using a key like http://uri/?key=foo The key then contains information about the request like md5(user + path + secret) which allows me to block unwanted requests. The application/server should allow me to check for this. Performance: I'd like to avoid piping content as much as possible. Otherwise the whole application could be implemented in Perl/etc. in a few lines as CGI. Perlbal (in webserver mode) looks nice, however the single-threaded model does not fit with my database lookup and it does also not support query strings. Lighttp/Nginx/… have some modules for these tasks, however it is not feasible putting everything together without ending up writing own extensions/modules. So how would you solve this? Are there other leightweight webservers available for this? Should I implement an application inside of a webserver (i.e. CGI). How can I avoid/speed up piping content between the webserver and my application. Thanks in advance!

    Read the article

  • Facebook Tagging friends to the picture

    - by Rajesh Dante
    Below code tag only first uid then then its shows Fatal error: Uncaught OAuthException: (#100) Invalid parameter and can i use exact location for tagging.. as in below code x and y values are in pixel $facebook = new Facebook ( array ( 'appId' => FBAPPID, 'secret' => FBSECRETID ) ); $facebook->setFileUploadSupport ( true ); if (isset ( $_POST ['image'] ) && isset ( $_POST ['tname'] )) { $path_to_image = encrypt::instance ()->decode ( $_POST ['image'] ); $tags = (array)encrypt::instance ()->decode ( $_POST ['tname'] ); /* * Output $tags = array ( 0 => '[{"tag_uid":"100001083191675","x":100,"y":100},{"tag_uid":"100001713817872","x":100,"y":230},{"tag_uid":"100000949945144","x":100,"y":360},{"tag_uid":"100001427144227","x":230,"y":100},{"tag_uid":"100000643504257","x":230,"y":230},{"tag_uid":"100001155130231","x":230,"y":360}]' ); */ $args = array ( 'message' => 'Von ', 'source' => '@' . $path_to_image, 'access_token' => $this->user->fbtoken ) ; $photo = $facebook->api ( $this->user->data->fbid . '/photos', 'post', $args ); // upload works but not tags if (is_array ( $photo ) && ! empty ( $photo ['id'] )) { echo 'Photo uploaded. Check it on Graph API Explorer. ID: ' . $photo ['id']; foreach ( $tags as $key => $t ) { $tagRe = json_encode ( $t ); $args = array ( 'tags' => $tagRe, 'access_token' => $this->user->fbtoken ); $facebook->api ( '/' . $photo ['id'] . '/tags', 'post', $args ); } } }

    Read the article

  • PHP OAuth Twitter

    - by Sandhurst
    I have created a twitter app which I am using to post tweets. The problem that I am not able to resolve is everytime I have to allow access to my application. so lets say I need to tweet three messages, so all the three times I have to allow access to my app. I just need that once user has allowed access to my app, next time he should only be asked to allow acces is that when he/she relogins. Here's my code that I am using Share content on twitter"; include 'lib/EpiCurl.php'; include 'lib/EpiOAuth.php'; include 'lib/EpiTwitter.php'; include 'lib/secret.php'; $twitterObj = new EpiTwitter($consumer_key, $consumer_secret); $oauth_token = $_GET['oauth_token']; if($oauth_token == '') { $url = $twitterObj-getAuthorizationUrl(); echo ""; echo "Sign In with Twitter"; echo ""; } else { $twitterObj-setToken($_GET['oauth_token']); $token = $twitterObj-getAccessToken(); $twitterObj-setToken($token-oauth_token, $token-oauth_token_secret); $_SESSION['ot'] = $token-oauth_token; $_SESSION['ots'] = $token-oauth_token_secret; $twitterInfo= $twitterObj-get_accountVerify_credentials(); $twitterInfo-response; $username = $twitterInfo-screen_name; $profilepic = $twitterInfo-profile_image_url; include 'update.php'; } if(isset($_POST['submit'])) { $msg = $_REQUEST['tweet']; $twitterObj-setToken($_SESSION['ot'], $_SESSION['ots']); $update_status = $twitterObj-post_statusesUpdate(array('status' = $msg)); $temp = $update_status-response; header("Location: MessageStatus.html"); exit(); } ?

    Read the article

  • How can I test a form that requires the entry of two random characters from a security phrase?

    - by lawm
    I need to test a two-stage login system which first asks for your email address and password and then presents the user with two select lists containing [a-zA-Z0-9]. The labels beside the drop down's are of the form 'Select character X from your security phrase', where X is a random character index from a known security phrase. I'd rather not stub the code for an acceptance test, so is it possible to write a matcher in cucumber which will, given that we know the whole phrase, select the required character in each of the two lists? Here is the scenario I have so far and the steps involved: Scenario: valid login email, password and secret phrase takes me to the dashboard Given I am not logged in When I log in as "[email protected]" Then I should be on the dashboard page And I should see "Your Dashboard" When /^I log in as "([^\"]*)"$/ do |login| visit path_to('Login page') fill_in "Email", :with => login fill_in "Password", :with => "Password123" click_button "Log in" response.should contain("Please verify some characters from your security phrase") select "a", :from => "Select character X of your security phrase" select "b", :from => "Select character Y of your security phrase" click_button "Submit" end For example, if the security phrase is 'Secret123', X = 3 and Y = 8, the above would have to produce the equivalent of: select "c", :from => "Select character 3 of your security phrase" select "2", :from => "Select character 8 of your security phrase" The numbers X and Y in the actual page are inside span#svc_1 and span#svc_2 respectively. Thanks,

    Read the article

  • How to read the birthday_date from the Facebook API

    - by Steve
    I have been chasing my tail on this! And it should be so simple!! I have an app in FaceBook that is working fine. However, I need to get the user's birth date. I have successfully got the request for extended permissions, but cannot get the birthday_date out and into a variable/store in database. <?php require_once('facebook.php'); $facebook = new Facebook(array( 'appId' => 'xxxxx', 'secret' => 'yyyyyyy', 'cookie' => true )); if ($facebook->getSession()) { $uid = $facebook->getUser(); $fbme = $facebook->api('/me'); } else { $params = array( 'fbconnect'=>0, 'canvas'=>1, 'req_perms'=>'publish_stream','email','user_location','user_birthday' ); $loginUrl = $facebook->getLoginUrl($params); print "<script type='text/javascript'>top.location.href = '$loginUrl';</script>"; } $session = $facebook->getSession(); $token = $session['access_token']; I would be very grateful if someone could show me the PHP code that reads the extended permissions and places the results into variables. Thanks Steve

    Read the article

  • I've registered my oath about 5 times now, but... (twitteR package R)

    - by user2985989
    I'm attempting to mine twitter data in R, and am having trouble getting started. I created a twitter account, an app in twitter developers, changed the settings to read, write, and access, created my access token, and followed instructions to the letter in registering it: My code: > library(twitteR) > download.file(url="http://curl.haxx.se/ca/cacert.pem", + destfile="cacert.pem") > requestURL <- "https://api.twitter.com/oauth/request_token" > accessURL <- "https://api.twitter.com/oauth/access_token" > authURL <- "https://api.twitter.com/oauth/authorize" > consumerKey <-"my key" #took this part out for privacy's sake > consumerSecret <- "my secret" #this too > twitCred <- OAuthFactory$new(consumerKey=consumerKey, consumerSecret = consumerSecret, requestURL = requestURL, accessURL = accessURL, authURL = authURL) > twitCred$handshake(cainfo="cacert.pem") To enable the connection, please direct your web browser to: https://api.twitter.com/oauth/authorize?oauth_token=zxgHXJkYAB3wQ2IVAeyJjeyid7WK6EGPfouGmlx1c When complete, record the PIN given to you and provide it here: 0010819 > registerTwitterOAuth(twitCred) [1] TRUE > save(list="twitCred", file="twitteR_credentials") And yet, this: > s <- searchTwitter('#United', cainfo="cacert.pem") [1] "Unauthorized" Error in twInterfaceObj$doAPICall(cmd, params, "GET", ...) : Error: Unauthorized I'm about to have a temper tantrum. I'd be extremely grateful if someone could explain to me what is going wrong, or, better yet, how to fix it. Thank you.

    Read the article

  • Rails 2.3.14 setting expire_after for sessions is ignored

    - by Sergii Shablatovych
    I have next config in my environment.rb: config.action_controller.session_store = :cookie_store config.action_controller.session = { :expire_after => 14.days, :domain => DOMAIN, :session_key => '_session', :secret => 'some_string' } Setting session_store to active_record_store or mem_cache_store didn't help. Also i've tried just setting cookie from controller (with all founded options for expire): cookies[:test] = { :value => 'test' , :expires => 3600.to_i.from_now.utc } In both ways all sessions and cookies are deleted after closing browser window - they are only for browser session. I've tried almost all variants founded in the Internet - no luck( My config is: Ubuntu 10.04 LTS, rails 2.3.14, ruby Enterprise Edition 1.8.7, Phusion Passenger version 3.0.11 and Nginx compiled by Phusion Passenger. I've an options that it's Nginx not allowing setting some headers but also didn't find any solution. Any help appreciated! Thanks UPD. i've tried to put all configs for sessions to config/initializers/session_store.rb - nothing changed. i have a feeling that it's not a rails problem. may it be phusion + nginx error? i don't even know how to check where the problem is.

    Read the article

  • Random syntactical error in my php code that I can't find

    - by user348538
    Ordinarily I hate coming here with newbie code questions but nobody can find the error with this code. Maybe you guys can :-) <?php defined('SYSPATH') or die('No direct script access.'); /** * to interact with photos * * @author Max Padraig Wolfgang Bucknell-Leahy */ class Model_Photos { private $apiKey = '12664498208a1380fe49fb1b5a238ef0'; private $secret = '03d43dee65a34513'; private $perms = 'read'; private $sigString = 'test'; private $apiSig = md5($_sigString); private $authArray = array('api_key' => $apiKey, 'perms' => $perms, 'api_sig' => $apiSig); private $authArrayImploded = implode('&', $authArray); private $authLink = 'http://www.flickr.com/services/auth/?' . $authArrayImploded; public function get_photos($number = 5) { if(file_exists(APPPATH . 'cache/main_cache.xml') { echo $authLink; } else { echo 'not so good'; /** */ } } } $class = new Model_Photos; $class->get_photos; the error is: Parse error: syntax error, unexpected '(', expecting ',' or ';' in /home/p14s9nnd/public_html/testing.php on line 15 Thank you in advance and sorry Regards, Max

    Read the article

  • PHP SDK for Facebook: Uploading an Image for an Event created using the Graph API

    - by wenbert
    Can anyone shed some light on my problem? <?php $config = array(); $config['appId'] = "foo"; $config['secret'] = "bar"; $config['cookie'] = true; $config['fileUpload'] = true; $facebook = new Facebook($config); $eventParams = array( "privacy_type" => $this->request->data['Event']['privacy'], "name" => $this->request->data['Event']['event'], "description" => $this->request->data['Event']['details'], "start_time" => $this->request->data['Event']['when'], "country" => "NZ" ); //around 300x300 pixels //I have set the permissions to Everyone $imgpath = "C:\\Yes\\Windows\\Path\\Photo_for_the_event_app.jpg"; $eventParams["@file.jpg"] = "@".$imgpath; $fbEvent = $facebook->api("me/events", "POST", $eventParams); var_dump($fbEvent); //I get the event id I also have this in my "scope" when the user is asked to Allow the app to post on his behalf: user_about_me,email,publish_stream,create_event,photo_upload This works. It creates the event with all the details I have specified. EXCEPT for the event image. I have been to most of Stackoverflow posts related to my problem but all of them are not working for me. (EG: http://stackoverflow.com/a/4245260/66767) I also do not get any error. Any ideas? THanks!

    Read the article

  • Is it theoretically possible to emulate a human brain on a computer?

    - by JoelK
    Our brain consists of billions of neurons which basically work with all the incoming data from our senses, handle our consciousness, emotions and creativity as well as our hormone system, etc. So I'm completely new to this topic but doesn't each neuron have a fixed function? E.g.: If a signal of strength x enters, if the last signal was x ms ago, redirect it. From what I've learned in biology about our nerves system which includes our brain because both consist of simple neurons, it seems to me as our brain is one big, complicated computer. Maybe so complicated that things such as intelligence and cognition become possible? As the most complicated things about a neuron pretty much are the chemical aspects on generating an electric singal, keeping itself alive, and eventually segmenting itself, it should be pretty easy emulating some on a computer, or? You won't have to worry about keeping your virtual neuron alive, or? If you can emulate a single neuron on a computer, which shouldn't be too hard, could you theoretically emulate more than 1000 billions of them, recreating intelligence, cognition and maybe even creativity? In my question I'm leaving out the following aspects: Speed of our current (super) computers Actually writing a program for emulating neurons I don't know much about this topic, please tell me if I got anything wrong :) (My secret goal: Make a copy of my brain and store it on some 10 million TB HDD and make someone start it up in the future)

    Read the article

  • Is OpenID too complicated?

    - by John Leidegren
    I'm beginning to seriously doubt the OpenID community despite that fact that it works. I'm in the process of currently evaluating OpenID as an authentication service for 'this' site and while the promises are great, I just can't get it to work. And I'm really lost. I ask of the SO community to help me out here. Give me answers and show me examples so I can leverage this in the way it was meant to be. My scenario is very typical. I want to authenticate users through a specific Google Apps domain. If you have access to this Google Apps domain, then you have access to my web application. Where I get lost, is all the prerequisites and dependencies involved. What is XRD? What is Yadis? Why do I need XRD and Yadis? What do I need to do to deploy OpenID authentication on my website? Also, this is really important to me. When I login to SO, I use my Google Account. When I click the login button I'm presented with this confirmation page. Where I'm granting SO the right to use my Google Account credentials. Somehow, Google knows that it's "Stackoverflow.com" that's asking me if it's okay to login. And I wish to know what manner of control I have over this little text. I intend to deploy OpenID on several different domains but I would prefer if they would all work without having to be individually configured with special parameters, such as secret API keys and what not. However, I don't know for sure if this is a prerequisite of OpenID, that or the Federated Login API that Google provides.

    Read the article

  • Where to turn upon realizing I can't program my way out of a paper bag?

    - by luminarious
    I have no job and just enough money to get by until April or so. While looking for work, I figured I might as well go through with a pet project, a browser based card game. Make it nice and free, collect donations and maybe earn enough for a movie ticket to escape reality for a while. I have dabbled in web development a bit. I can make simple stuff happen with JS/PHP if I follow tutorials. I designed my own art blog's template - http://luminarious.tumblr.com. I can visualise the game working in my head, flowcharts and everything. But then I tried to go deeper with Javascript and almost had an aneurysm before understanding what a closure is. Wether I suck at learning, have ADD or fail epically at productivity, I have not got much done. Coming up with ideas, screen mock-ups and so forth was very enjoyable, but actual implementation.. not so much. In fact, I cry a bit every time I think about the time someone competent could have finished this in. I'd like to excuse myself with my ENTP personality type, but that hardly solves anything. Rather, I'd like to know to get from A (bunch of ideas with little semblance to a web app) to B (something to proudly show others) while being unable to pay anyone? Are there any secret techniques for learning? Is there any way to get mentoring or code review? Is there anyone with too much free time willing to code for me? How to trust someone to not steal my code when I ask for assistance? Is there anything I should have asked instead of any of those?

    Read the article

  • How to Check Authenticity of an AJAX Request

    - by Alex Reisner
    I am designing a web site in which users solve puzzles as quickly as they can. JavaScript is used to time each puzzle, and the number of milliseconds is sent to the server via AJAX when the puzzle is completed. How can I ensure that the time received by the server was not forged by the user? I don't think a session-based authenticity token (the kind used for forms in Rails) is sufficient because I need to authenticate the source of a value, not just the legitimacy of the request. Is there a way to cryptographically sign the request? I can't think of anything that couldn't be duplicated by a hacker. Is any JavaScript, by its exposed, client-side nature, subject to tampering? Am I going to have to use something that gets compiled, like Flash? (Yikes.) Or is there some way to hide a secret key? Or something else I haven't thought of? Update: To clarify, I don't want to penalize people with slow network connections (and network speed should be considered inconsistent), so the timing needs to be 100% client-side (the timer starts only when we know the user can see the puzzle). Also, there is money involved so no amount of "trusting the user" is acceptable.

    Read the article

  • User input being limited to the alphabet in python

    - by Danger Cat
    I am SUPER new to programming and have my first assignment coming up in python. I am writing a hangman type game, where users are required to guess the word inputted from the other user. I have written most of the code, but the only problem I am having is when users have to input the word, making sure it is only limited to the alphabet. The code I have so far is : word = str.lower(raw_input("Type in your secret word! Shhhh... ")) answer = True while answer == True: for i in range(len(word)): if word[i] not in ("abcdefghijklmnopqrstuvwxyz"): word = raw_input("Sorry, words only contain letters. Please enter a word ") break else: answer = False This works while I input a few tries, but eventually will either exit the loop or displays an error. Is there any easier way to use this? We've really only covered topics up to loops in class, and break and continue are also very new to me. Thank you! (Pardon if the code is sloppy, but as I said I am very new to this....)

    Read the article

  • Need for J2me source code

    - by tikamchandrakar
    For J2me It strikes me as odd that you need an extra "api key" and so on. But actually, what I really want is NOT create an extra facebook application that needs to be registered on Facebook. I don't want to create any extra configuration effords necessary for the user of my application to undergo. All my user should need is his well-known login data for facebook. Everything else should be completely transparent to him. So, I thought maybe would u can do the login process, creating a request to the REST server via http. I know this would provide me with an XML. I hope that the this API will somehow automatically transform that XML into an intuitive object model that represents the facebook user data of the respective user. So, I would expect something like userData = new FacebookData(new FacebookConnection("user_name", "password")). Done. If you get, what I mean. No api key. No secret key. Just the well-known login data. Practically, the equivalent to thunderbird webmail, which allows you to access your MSN hotmail account via Thunderbird. Thunderbird webmail will automatically converts the htmls obtained from a hotmail browser login into the data structure usually passed on to a mail client. Hope you get what I mean. I was expecting the equilalent for the your API.

    Read the article

  • I can't find the homepage for my ASP.NET MVC site :(

    - by Pure.Krome
    Hi folks, really simple question here. when I remove the default route, I returns an empty page to the browser :- routes.MapRoute( "Default", // Route name "{controller}/{action}/{id}", // URL with parameters new { controller = "Home", action = "Index", id = UrlParameter.Optional } ); Now before everyone starts shouting "that's because that's the default route to access all action methods, etc.." .. i know that. My question is - what code / routes does the default framework try and call .. which makes that Default Route get used/kick in? Why? I don't wish to make that my default route regex (don't ask why - this is some R&D) but I still need the main home page .. ie. Home/Index . If i try and just add that route, it doesn't get called and an empty page is returned. So -- what does the framework try and call when a user doesn't provide any urls? It's like there's some secret default document stuff set up? Cheers :)

    Read the article

  • Forbidden access on Apache in Mac Lion

    - by Luis Berrocal
    I'm trying to configure Apache to work with Symfony in my Macbook Pro. I Have installed Lion OSX. I uncommented the line Include /private/etc/apache2/extra/httpd-vhosts.conf on /etc/apache2/httpd.conf. I configured Apache by editing the /private/etc/apache2/extra/httpd-vhosts.conf. and adding the following: :: NameVirtualHost *:80 <VirtualHost *.80> ServerName localhost DocumentRoot "/Library/WebServer/Documents" </VirtualHost> <VirtualHost *:80> DocumentRoot "/Users/luiscberrocal/Documents/dev/lion_test/web" ServerName lion.localhost <Directory "/Users/luiscberrocal/Documents/dev/lion_test/web"> Options Indexes FollowSymlinks AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost> 3. Added the following to /private/etc/hosts 127.0.0.1 lion.localhost Now when I access http://localhost/test.php I get the following message Forbidden You don't have permission to access /test.php on this server. Apache/2.2.20 (Unix) DAV/2 PHP/5.3.6 with Suhosin-Patch Server at localhost Port 80 I already tried: chmod 777 test.php chmod +x test.php I get the same message if I try to access http://lion.localhost/ I opened the /var/log/apache2/error_log and this is what I found relevant: [Sat Dec 31 09:37:49 2011] [notice] Apache/2.2.20 (Unix) DAV/2 PHP/5.3.6 with Suhosin-Patch configured -- resuming normal operations [Sat Dec 31 09:37:53 2011] [error] [client ::1] (13)Permission denied: access to /test.php denied [Sat Dec 31 09:37:55 2011] [error] [client ::1] (13)Permission denied: access to /test.php denied [Sat Dec 31 09:38:13 2011] [notice] caught SIGTERM, shutting down [Sat Dec 31 09:38:13 2011] [error] (EAI 8)nodename nor servname provided, or not known: Could not resolve host name *.80 -- ignoring! httpd: Could not reliably determine the server's fully qualified domain name, using Luis-Berrocals-MacBook-Pro.local for ServerName [Sat Dec 31 09:38:14 2011] [warn] mod_bonjour: Cannot stat template index file '/System/Library/User Template/English.lproj/Sites/index.html'. [Sat Dec 31 09:38:14 2011] [warn] mod_bonjour: Cannot stat template index file '/System/Library/User Template/English.lproj/Sites/index.html'. [Sat Dec 31 09:38:14 2011] [notice] Digest: generating secret for digest authentication ... [Sat Dec 31 09:38:14 2011] [notice] Digest: done [Sat Dec 31 09:38:14 2011] [notice] Apache/2.2.20 (Unix) DAV/2 PHP/5.3.6 with Suhosin-Patch configured -- resuming normal operations [Sat Dec 31 09:38:18 2011] [error] [client ::1] (13)Permission denied: access to /test.php denied [Sat Dec 31 09:38:19 2011] [error] [client ::1] (13)Permission denied: access to /test.php denied [Sat Dec 31 10:18:09 2011] [error] [client 127.0.0.1] (13)Permission denied: access to /test.php denied [Sat Dec 31 10:18:15 2011] [error] [client 127.0.0.1] (13)Permission denied: access to / denied I can't figure out what I'm doing wrong.

    Read the article

  • Tuning Linux IP routing parameters -- secret_interval and tcp_mem

    - by Jeff Atwood
    We had a little failover problem with one of our HAProxy VMs today. When we dug into it, we found this: Jan 26 07:41:45 haproxy2 kernel: [226818.070059] __ratelimit: 10 callbacks suppressed Jan 26 07:41:45 haproxy2 kernel: [226818.070064] Out of socket memory Jan 26 07:41:47 haproxy2 kernel: [226819.560048] Out of socket memory Jan 26 07:41:49 haproxy2 kernel: [226822.030044] Out of socket memory Which, per this link, apparently has to do with low default settings for net.ipv4.tcp_mem. So we increased them by 4x from their defaults (this is Ubuntu Server, not sure if the Linux flavor matters): current values are: 45984 61312 91968 new values are: 183936 245248 367872 After that, we started seeing a bizarre error message: Jan 26 08:18:49 haproxy1 kernel: [ 2291.579726] Route hash chain too long! Jan 26 08:18:49 haproxy1 kernel: [ 2291.579732] Adjust your secret_interval! Shh.. it's a secret!! This apparently has to do with /proc/sys/net/ipv4/route/secret_interval which defaults to 600 and controls periodic flushing of the route cache The secret_interval instructs the kernel how often to blow away ALL route hash entries regardless of how new/old they are. In our environment this is generally bad. The CPU will be busy rebuilding thousands of entries per second every time the cache is cleared. However we set this to run once a day to keep memory leaks at bay (though we've never had one). While we are happy to reduce this, it seems odd to recommend dropping the entire route cache at regular intervals, rather than simply pushing old values out of the route cache faster. After some investigation, we found /proc/sys/net/ipv4/route/gc_elasticity which seems to be a better option for keeping the route table size in check: gc_elasticity can best be described as the average bucket depth the kernel will accept before it starts expiring route hash entries. This will help maintain the upper limit of active routes. We adjusted elasticity from 8 to 4, in the hopes of the route cache pruning itself more aggressively. The secret_interval does not feel correct to us. But there are a bunch of settings and it's unclear which are really the right way to go here. /proc/sys/net/ipv4/route/gc_elasticity (8) /proc/sys/net/ipv4/route/gc_interval (60) /proc/sys/net/ipv4/route/gc_min_interval (0) /proc/sys/net/ipv4/route/gc_timeout (300) /proc/sys/net/ipv4/route/secret_interval (600) /proc/sys/net/ipv4/route/gc_thresh (?) rhash_entries (kernel parameter, default unknown?) We don't want to make the Linux routing worse, so we're kind of afraid to mess with some of these settings. Can anyone advise which routing parameters are best to tune, for a high traffic HAProxy instance?

    Read the article

< Previous Page | 32 33 34 35 36 37 38 39 40 41 42 43  | Next Page >