Search Results

Search found 41147 results on 1646 pages for 'database security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 371/1646 | < Previous Page | 367 368 369 370 371 372 373 374 375 376 377 378  | Next Page >

  • Adding to database. No repeat on refresh

    - by kevstarlive
    I have this code: Episode.php <?$feedback = new feedback; $articles = $feedback->fetch_all(); if (isset($_POST['name'], $_POST['post'])) { $cast = $_GET['id']; $name = $_POST['name']; $email = $_POST['email']; $post = nl2br ($_POST['post']); $ipaddress = $_SERVER['REMOTE_ADDR']; if (empty($name) or empty($post)) { $error = 'All Fields Are Required!'; }else{ $query = $pdo->prepare('INSERT INTO comments (cast, name, email, post, ipaddress) VALUES(?, ?, ?, ?, ?)'); $query->bindValue(1, $cast); $query->bindValue(2, $name); $query->bindValue(3, $email); $query->bindValue(4, $post); $query->bindValue(5, $ipaddress); $query->execute(); } }?> <div align="center"> <strong>Give us your feedback?</strong><br /><br /> <?php if (isset($error)) { ?> <small style="color:#aa0000;"><?php echo $error; ?></small><br /><br /> <?php } ?> <form action="episode.php?id=<?php echo $data['cast_id']; ?>" method="post" autocomplete="off" enctype="multipart/form-data"> <input type="text" name="name" placeholder="Name" /> / <input type="text" name="email" placeholder="Email" /><small style="color:#aa0000;">*</small><br /><br /> <textarea rows="10" cols="50" name="post" placeholder="Comment"></textarea><br /><br /> <input type="submit" onclick="myFunction()" value="Add Comment" /> <br /><br /> <small style="color:#aa0000;">* <b>Email will not be displayed publicly</b></small><br /> </form> </div> Include.php class feedback { public function fetch_all(){ global $pdo; $query = $pdo->prepare("SELECT * FROM comments"); $query->bindValue(1, $cast); $query->execute(); return $query->fetchAll(); } } This code updates to the database as it is suppose to. But after submission it reloads the current page as mentioned in the form action. But when I refresh the page to see the comment being added it asks to re submit. If I hit submit then the comment adds again. How can I stop this from happening? Maybe I could hide the comment box and display a thank you message but that would not stop a repeat entry. Please help. Thank you. Kev

    Read the article

  • Zend models and database relathionships

    - by user608341
    Hi people, i'm starting with Zend Framework and I'm a little bit confused with models and relathionships (one-to-many, many-to-many etc). The "Zend Framework Quick Start" says to create a Zend_Db_Table, a Data Mapper and finally our model class Suppose we have a database like this: table A ( id integer primary key, name varchar(50) ); table B ( id integer primary key, a_id integer references A ); then, i'll create: Application_Model_DbTable_A extends Zend_Db_Table_Abstract, Application_Model_AMapper, Application_Model_A, Application_Model_DbTable_B extends Zend_Db_Table_Abstract, Application_Model_BMapper, Application_Model_B, if I understood, i've to store the references informations in Application_Model_DbTable_A: protected $_dependentTables = array('B'); and Application_Model_DbTable_B: protected $_referenceMap = array( 'A' => array( 'columns' => array('a_id'), 'refTableClass' => 'A', 'refColums' => array('id') ) ); and my models class: class Application_Model_A { protected $_id; protected $_name; public function __construct(array $options = null) { if(is_array($options)) { $this->setOptions($options); } } public function __set($name, $value) { $method = 'set' . $name; if (('mapper' == $name) || !method_exists($this, $method)) { throw new Exception('Invalid property'); } $this->$method($value); } public function __get($name) { $method = 'get' . $name; if (('mapper' == $name) || !method_exists($this, $method)) { throw new Exception('Invalid property'); } return $this->$method(); } public function setOptions(array $options) { $methods = get_class_methods($this); foreach ($options as $key => $value) { $method = 'set' . ucfirst($key); if (in_array($method, $methods)) { $this->$method($value); } } return $this; } public function setName($name) { $this->_name = (string) $name; return $this; } public function getName() { return $this->_name; } public function setId($id) { $this->_id = (int) $id; return $this; } public function getId() { return $this->_id; } class Application_Model_B { protected $_id; protected $_a_id; public function __construct(array $options = null) { if(is_array($options)) { $this->setOptions($options); } } public function __set($name, $value) { $method = 'set' . $name; if (('mapper' == $name) || !method_exists($this, $method)) { throw new Exception('Invalid property'); } $this->$method($value); } public function __get($name) { $method = 'get' . $name; if (('mapper' == $name) || !method_exists($this, $method)) { throw new Exception('Invalid property'); } return $this->$method(); } public function setOptions(array $options) { $methods = get_class_methods($this); foreach ($options as $key => $value) { $method = 'set' . ucfirst($key); if (in_array($method, $methods)) { $this->$method($value); } } return $this; } public function setA_id($a_id) { $this->_a_id = (int) $a_id; return $this; } public function getA_id() { return $this->_a_id; } public function setId($id) { $this->_id = (int) $id; return $this; } public function getId() { return $this->_id; } it's that right?

    Read the article

  • A Big Data korszakban, túl az 1000. eladott Oracle Exadata Database Machine adatbázisgépen

    - by user645740
    Mint azt már egy ideje a szél is fújja, beköszöntött a BIG DATA korszak, azaz egyre több adat gyulik, egyre több adattal gazdálkodunk. A hatalmas mennyiségu adat jó részét Oracle adatbázisokban tárolják. Mi is futtathatná jobban, gyorsabban és hetékonyabban ezeket az Oracle adatbázisokat, mint az Oracle stratégiai high-end megoldása az Oracle Exadata Database Machine? Rengeteg forrása van a sok adatnak, néhány példa, ahol a növekedés óriási: kommunikációs adatok, CDR-ek banki és kormányzati tranzakciók hely információk spatial, location, GPS,..., mint ahogyan a közelmúltban az egyes telefonokkal ésoperációs rendszerekkel kapcsolatos "ügyekben" is olvashattuk, e-mail-ek, közösségi site-ok, intelligens méromuszerek, háztartási berendezések, .... Milyen ütemben no az Exadata értékesítés? Nos az Exadata 2008 oszén lett bejelentve. Az Oracle pénzügyi év végén a jelentésben azt olvashatjuk, hogy az Exadata páratlanul sikeres megoldás, már több mint 1000 Exadatát vásároltak meg az Oracle ügyfelek, mondta Mark Hurd, az Oracle alelnöke:   “In addition to record setting software sales, our Exadata and Exalogic systems also made a strong contribution to our growth in Q4,” said Oracle President, Mark Hurd. “Today there are more than 1,000 Exadata machines installed worldwide. Our goal is to triple that number in FY12.” Larry Ellison, az Oracle elso embere, azt nyilatkozta, hogy mind a felho - cloud computing, mind a memória-adatbázisok területén egyre gyorsabban növekszik az Oracle:   “In FY11 Oracle’s database business experienced its fastest growth in a decade,” said Oracle CEO, Larry Ellison. “Over the past few years we added features to the Oracle database for both cloud computing and in-memory databases that led to increased database sales this past year. Lately we’ve been focused on the big business opportunity presented by Big Data.” A Big Data korszakban  megtakarításokat érhetünk el az Exadatával, tekintse meg a következo videót, de óvatosan, mert gondolkodásra késztet:    -   Oracle Exadata: Are You Ready?.

    Read the article

  • webhost4life, please give me, my data back. My website will not work without the database.

    - by Shervin Shakibi
    I have about 4 or 5 accounts with WebHost4life.com, these are all my customers that based on my recommendation have been hosting with webhost4life.com. A few days ago for some reason they decided to migrate one of these accounts to a new server. They moved everything created a new database on the new server but the new database is empty. after spending hours with Tech support they acknowledged the problem and assured me it will take up to an hour or two and my database will be populated with the data. this was about 7 hours ago. Oh by the way I pay extra for the backup plan and yes you guessed it, none of my backups are there. Needless to say I’m very scared and disappointed. No one is responding to my emails  or phone calls. After searching the web, I found out, this has happened before, in some cases it took them days to fix the problem and many never got it resolved and switched hosting companies, I would love to do that but I need my 2 GB database before I start shopping around for a new hosting company. Stay away from Webhost4life.

    Read the article

  • Is it possible to keep only one Database for both web and desktop applications?

    - by B4NZ41
    I'm experiencing a trouble with my business model, let me explain better. I'm developing a software for 1 year and few months, it's for the food industry, more exactly a software to: Delivery, Take Way, Table Reservation, POS, Accounts Payable and Receivable, Prints(receipt), Kitchen Monitors Orders, Customers Orders Control and Fiscal Area. Well, I had separated the software mainly in two areas, one is web area and the other is desktop area (Used by Admins only) and local installed. 1 - Web Area (Basically do the follow:) Show Catalog with the products Customers Make Orders Customers Pay for the Orders etc ... as mentioned above 2 - Desktop Area Manage Orders Manage Customers Manage Suppliers Manage Accounts Payable and Receivable etc ... as mentioned above The web area is hosted in an online web server (scripts and database are online). The Desktop area is hosted locally in a Linux machine with a local database and local scripts files. My question is: Is it possible to keep only one Database for both applications? If YES, please what is the best approach? Follow my technical specification environment Database: Actually I have two databases working and I would love to keep only one. Operating System: Linux (Kernel 2.6.X and above) or Windows (XP and above) For the Web Area Apache, PHP, Python, Java Script, Shell Script and MySQL. For the Desktop Area: PHP-GTK2, Apache, PHP, MySQL and Shell Script.

    Read the article

  • Play Framework: Error getting sequence nextval using H2 in-memory database

    - by alexhanschke
    As the title suggests, I get an error running Play 2.0.1 Tests using a FakeApplication w/ H2 in memory. I set up a basic unit test: public class ModelTest { @Test public void checkThatIndustriesExist() { running(fakeApplication(inMemoryDatabase()), new Runnable() { public void run() { Industry industry = new Industry(); industry.name = "Some name"; industry.shortname = "some-name"; industry.save(); assertThat(Industry.find.all()).hasSize(1); } }); } Which yields the following exception: [info] test.ModelTest [error] Test test.ModelTest.checkThatIndustriesExist failed: Error getting sequence nextval [error] at com.avaje.ebean.config.dbplatform.SequenceIdGenerator.getMoreIds(SequenceIdGenerator.java:213) [error] at com.avaje.ebean.config.dbplatform.SequenceIdGenerator.loadMoreIds(SequenceIdGenerator.java:163) [error] at com.avaje.ebean.config.dbplatform.SequenceIdGenerator.nextId(SequenceIdGenerator.java:118) [error] at com.avaje.ebeaninternal.server.deploy.BeanDescriptor.nextId(BeanDescriptor.java:1218) [error] at com.avaje.ebeaninternal.server.persist.DefaultPersister.setIdGenValue(DefaultPersister.java:1304) [error] at com.avaje.ebeaninternal.server.persist.DefaultPersister.insert(DefaultPersister.java:403) [error] at com.avaje.ebeaninternal.server.persist.DefaultPersister.saveEnhanced(DefaultPersister.java:345) [error] at com.avaje.ebeaninternal.server.persist.DefaultPersister.saveRecurse(DefaultPersister.java:315) [error] at com.avaje.ebeaninternal.server.persist.DefaultPersister.save(DefaultPersister.java:282) [error] at com.avaje.ebeaninternal.server.core.DefaultServer.save(DefaultServer.java:1577) [error] at com.avaje.ebeaninternal.server.core.DefaultServer.save(DefaultServer.java:1567) [error] at com.avaje.ebean.Ebean.save(Ebean.java:538) [error] at play.db.ebean.Model.save(Model.java:76) [error] at test.ModelTest$1.run(ModelTest.java:24) [error] at play.test.Helpers.running(Helpers.java:277) [error] at test.ModelTest.checkThatIndustriesExist(ModelTest.java:21) [error] ... [error] Caused by: org.h2.jdbc.JdbcSQLException: Syntax Fehler in SQL Befehl "SELECT INDUSTRY_SEQ.NEXTVAL UNION[*] SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL "; erwartet "identifier" [error] Syntax error in SQL statement "SELECT INDUSTRY_SEQ.NEXTVAL UNION[*] SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL UNION SELECT INDUSTRY_SEQ.NEXTVAL "; expected "identifier"; SQL statement: [error] select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval union select industry_seq.nextval [42001-158] [error] at org.h2.message.DbException.getJdbcSQLException(DbException.java:329) [error] at org.h2.message.DbException.get(DbException.java:169) [error] at org.h2.message.DbException.getSyntaxError(DbException.java:194) [error] at org.h2.command.Parser.readColumnIdentifier(Parser.java:2777) [error] at org.h2.command.Parser.readTermObjectDot(Parser.java:2336) [error] at org.h2.command.Parser.readTerm(Parser.java:2453) [error] at org.h2.command.Parser.readFactor(Parser.java:2035) [error] at org.h2.command.Parser.readSum(Parser.java:2022) [error] at org.h2.command.Parser.readConcat(Parser.java:1995) [error] at org.h2.command.Parser.readCondition(Parser.java:1860) [error] at org.h2.command.Parser.readAnd(Parser.java:1841) [error] at org.h2.command.Parser.readExpression(Parser.java:1833) [error] at org.h2.command.Parser.parseSelectSimpleSelectPart(Parser.java:1746) [error] at org.h2.command.Parser.parseSelectSimple(Parser.java:1778) [error] at org.h2.command.Parser.parseSelectSub(Parser.java:1673) [error] at org.h2.command.Parser.parseSelectUnion(Parser.java:1518) [error] at org.h2.command.Parser.parseSelect(Parser.java:1506) [error] at org.h2.command.Parser.parsePrepared(Parser.java:405) [error] at org.h2.command.Parser.parse(Parser.java:279) [error] at org.h2.command.Parser.parse(Parser.java:251) [error] at org.h2.command.Parser.prepareCommand(Parser.java:217) [error] at org.h2.engine.Session.prepareLocal(Session.java:415) [error] at org.h2.engine.Session.prepareCommand(Session.java:364) [error] at org.h2.jdbc.JdbcConnection.prepareCommand(JdbcConnection.java:1119) [error] at org.h2.jdbc.JdbcPreparedStatement.<init>(JdbcPreparedStatement.java:71) [error] at org.h2.jdbc.JdbcConnection.prepareStatement(JdbcConnection.java:267) [error] at com.jolbox.bonecp.ConnectionHandle.prepareStatement(ConnectionHandle.java:820) [error] at com.avaje.ebean.config.dbplatform.SequenceIdGenerator.getMoreIds(SequenceIdGenerator.java:193) [error] ... 80 more My model looks like this: @Entity @Table(name = "industry") public class Industry extends Model { @Id public Long id; public String name; public String shortname; // called in the view to trigger lazy-loading public String getName() { return name; } public static Finder<Long, Industry> find = new Finder<Long, Industry>(Long.class, Industry.class); } ... and finally the relevant part from my initial evolution: create table industry ( id bigint not null, name varchar(255), shortname varchar(255), constraint pk_industry primary key (id) } create sequence industry_seq start with 1000; Everything works fine running on my PostgreSQL DB, and from my point of view the code is not any different from the Play2.0 Computer Database Sample. I am happy for any help - thanks! Regards, Alex

    Read the article

  • Ruby on Rail using MYSQL database

    - by Joseph Misiti
    Hey guys, New to rails, trying to figure out something simple. Seems as though I cannot migrate a very simple mysql database using "rake db:migrate" command. Here is the issue: I know rails defaults to sqllite right now, but I need to use mysql for a series of reasons. Use the following commands rails -d mysql MyMoviesSQL cd MyMoviesSQL script/generate scaffold Movies title:string rating:integer rake db:migrate never get past here because i see the following error: in /Users/user/websites/MyMovieSQL) rake aborted! NoMethodError: undefined method `ord' for 0:Fixnum: SET NAMES 'utf8' (See full trace by running task with --trace) using trace XXXXX-macbook-pro:MyMovieSQL user$ rake db:migrate --trace (in /Users/user/websites/MyMovieSQL) ** Invoke db:migrate (first_time) ** Invoke environment (first_time) ** Execute environment ** Execute db:migrate rake aborted! NoMethodError: undefined method ord' for 0:Fixnum: SET NAMES 'utf8' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract_adapter.rb:219:inlog' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/mysql_adapter.rb:323:in execute' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/mysql_adapter.rb:599:inconfigure_connection' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/mysql_adapter.rb:594:in connect' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/mysql_adapter.rb:203:ininitialize' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/mysql_adapter.rb:75:in new' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/mysql_adapter.rb:75:inmysql_connection' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract/connection_pool.rb:223:in send' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract/connection_pool.rb:223:innew_connection' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract/connection_pool.rb:245:in checkout_new_connection' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract/connection_pool.rb:188:incheckout' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract/connection_pool.rb:184:in loop' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract/connection_pool.rb:184:incheckout' /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/monitor.rb:242:in synchronize' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract/connection_pool.rb:183:incheckout' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract/connection_pool.rb:98:in connection' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract/connection_pool.rb:326:inretrieve_connection' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract/connection_specification.rb:123:in retrieve_connection' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/connection_adapters/abstract/connection_specification.rb:115:inconnection' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/migration.rb:435:in initialize' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/migration.rb:400:innew' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/migration.rb:400:in up' /Library/Ruby/Gems/1.8/gems/activerecord-2.3.5/lib/active_record/migration.rb:383:inmigrate' /Library/Ruby/Gems/1.8/gems/rails-2.3.5/lib/tasks/databases.rake:116 /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:636:in call' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:636:inexecute' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:631:in each' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:631:inexecute' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:597:in invoke_with_call_chain' /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/monitor.rb:242:insynchronize' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:590:in invoke_with_call_chain' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:583:ininvoke' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:2051:in invoke_task' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:2029:intop_level' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:2029:in each' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:2029:intop_level' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:2068:in standard_exception_handling' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:2023:intop_level' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:2001:in run' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:2068:instandard_exception_handling' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/lib/rake.rb:1998:in run' /Library/Ruby/Gems/1.8/gems/rake-0.8.7/bin/rake:31 /usr/bin/rake:19:inload' /usr/bin/rake:19 no clue what is going on, if they want me to add a patch because the methods does not exist, please tell me which file to add it to, and also, how in the future do i figure out which file I need to patch (I see it looks like its a method in FixNum class) here is a patch to a problem that looks similar, but its a different version of ruby http://www.mail-archive.com/[email protected]/msg00250.html versions rails 2.3.5 ruby 1.8.6 gem list yeilds: * LOCAL GEMS * actionmailer (2.3.5, 1.3.6) actionpack (2.3.5, 1.13.6) actionwebservice (1.2.6) activerecord (2.3.5, 1.15.6) activeresource (2.3.5) activesupport (2.3.5, 1.4.4) acts_as_ferret (0.4.1) capistrano (2.0.0) cgi_multipart_eof_fix (2.5.0) daemons (1.0.9) dbi (0.4.3) deprecated (2.0.1) dnssd (0.6.0) fastthread (1.0.1) fcgi (0.8.7) ferret (0.11.4) gem_plugin (0.2.3) highline (1.2.9) hpricot (0.6) libxml-ruby (0.9.5, 0.3.8.4) mongrel (1.1.4) needle (1.3.0) net-sftp (1.1.0) net-ssh (1.1.2) rack (1.0.1) rails (2.3.5) rake (0.8.7, 0.7.3) RedCloth (3.0.4) ruby-openid (1.1.4) ruby-yadis (0.3.4) rubygems-update (1.3.6) rubynode (0.1.3) sqlite3-ruby (1.2.1) termios (0.9.4) thanks in advanced

    Read the article

  • InteropServices COMException when executing a .net app from a web CGI script on Windows Server 2003

    - by Kurt W. Leucht
    Disclaimer: I'm completely clueless about .net and COM. I have a vendor's application that appears to be written in .net and I'm trying to wrap it with a web form (a cgi-bin Perl script) so I can eventually launch this vendor's app from a separate computer. I'm on a Windows Server 2003 R2 SE SP1 system and I'm using Apache 2.2 for the web server and ActivePerl 5.10.0.1004 for the cgi script. My cgi script calls the vendor's app that resides on the same machine using the Perl backtick operator. ... $result = "Result: " . `$vendorsPath/$vendorsExecutable $arg1 $arg2`; ... Right now I'm just running IE web browser locally on the server machine and accessing "http://localhost/cgi-bin/myPerlScript.pl". The vendor's app fails and logs a debug message that includes the following stack trace (I changed a couple names so as to not give away the vendor's identity): ... System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Runtime.InteropServices.COMException (0x80043A1D): 0x80040154 - Class not registered --- End of inner exception stack trace --- at System.RuntimeType.InvokeDispMethod(String name, BindingFlags invokeAttr, Object target, Object[] args, Boolean[] byrefModifiers, Int32 culture, String[] namedParameters) at System.RuntimeType.InvokeMember(String name, BindingFlags invokeAttr, Binder binder, Object target, Object[] args, ParameterModifier[] modifiers, CultureInfo culture, String[] namedParameters) at VendorsTool.Engine.Core.VendorsEngine.LoadVendorsServices(String fileName, String& projectCommPath) ... When I run the vendors app from the Windows command line on the server machine with the exact same arguments that the cgi script is passing it runs just fine, so there's something about invoking their app via the web script that is causing a problem. This problem is likely security related because the whole thing runs just fine on a Windows XP Pro machine (both command line and web invocation). I actually developed my web script there and got it completely working there before I tried moving it to the Windows Server 2003 machine. So what's different about the Windows Server 2003 machine that would keep the vendor's .net app from being executed successfully by a web cgi script? Can I fix this problem somehow to make it work on my server or will the vendor have to make a change to their .net app and ship out a new version? I'm probably the only person in the world who is trying to execute this vendor's app from a separate program, so I hate to bother the vendor with the issue if there's a workaround that I can implement myself here on my server machine. Plus, I'm in kind of a hurry and I don't want to wait 4 or 6 months for the vendor to put in a fix and deploy a new version. Thanks for any advise you can give.

    Read the article

  • Which functions in the C standard library commonly encourage bad practice?

    - by Ninefingers
    Hello all, This is inspired by this question and the comments on one particular answer in that I learnt that strncpy is not a very safe string handling function in C and that it pads zeros, until it reaches n, something I was unaware of. Specifically, to quote R.. strncpy does not null-terminate, and does null-pad the whole remainder of the destination buffer, which is a huge waste of time. You can work around the former by adding your own null padding, but not the latter. It was never intended for use as a "safe string handling" function, but for working with fixed-size fields in Unix directory tables and database files. snprintf(dest, n, "%s", src) is the only correct "safe strcpy" in standard C, but it's likely to be a lot slower. By the way, truncation in itself can be a major bug and in some cases might lead to privilege elevation or DoS, so throwing "safe" string functions that truncate their output at a problem is not a way to make it "safe" or "secure". Instead, you should ensure that the destination buffer is the right size and simply use strcpy (or better yet, memcpy if you already know the source string length). And from Jonathan Leffler Note that strncat() is even more confusing in its interface than strncpy() - what exactly is that length argument, again? It isn't what you'd expect based on what you supply strncpy() etc - so it is more error prone even than strncpy(). For copying strings around, I'm increasingly of the opinion that there is a strong argument that you only need memmove() because you always know all the sizes ahead of time and make sure there's enough space ahead of time. Use memmove() in preference to any of strcpy(), strcat(), strncpy(), strncat(), memcpy(). So, I'm clearly a little rusty on the C standard library. Therefore, I'd like to pose the question: What C standard library functions are used inappropriately/in ways that may cause/lead to security problems/code defects/inefficiencies? In the interests of objectivity, I have a number of criteria for an answer: Please, if you can, cite design reasons behind the function in question i.e. its intended purpose. Please highlight the misuse to which the code is currently put. Please state why that misuse may lead towards a problem. I know that should be obvious but it prevents soft answers. Please avoid: Debates over naming conventions of functions (except where this unequivocably causes confusion). "I prefer x over y" - preference is ok, we all have them but I'm interested in actual unexpected side effects and how to guard against them. As this is likely to be considered subjective and has no definite answer I'm flagging for community wiki straight away. I am also working as per C99.

    Read the article

  • Magic quotes in PHP

    - by VirtuosiMedia
    According to the PHP manual, in order to make code more portable, they recommend using something like the following for escaping data: if (!get_magic_quotes_gpc()) { $lastname = addslashes($_POST['lastname']); } else { $lastname = $_POST['lastname']; } I have other validation checks that I will be performing, but how secure is the above strictly in terms of escaping data? I also saw that magic quotes will be deprecated in PHP 6. How will that affect the above code? I would prefer not to have to rely on a database-specific escaping function like mysql_real_escape_string().

    Read the article

  • log in as a proxy for a certain user

    - by Samuel
    We have a requirement, wherein the administrative user needs to proxy in as a certain user in an environment where several users (Role: User) are managed by an administrator (Role: Admin). e.g If we have the following users in the database (admin, user1, user2, user3), we would want the admin to proxy as 'user2' and use the system in certain scenarios. Authentication in our web application is based username / password credentials, what mechanisms are available for the admin to proxy as 'user2' when he doesn't have the password for 'user2'. How can the application track such access for audit purposes to mention that 'admin' had proxied for 'user2' and performed certain actions. I am looking for suggestions on supporting this in our j2ee (jboss seam) web application.

    Read the article

  • How to secure connection between PHP and Android

    - by Elad Cohen
    I am developing an application for the Android that requires a connection with PHP pages in order to add sensitive data to a database that will affect the application. Since it's very easy to reverse engineer an android app, one can simply find the url where the data is sent to and manipulate it. I thought about creating a registration based on IMEI, but one can still able to manipulate it for his malicious purposes. I have also checked OAuth but I didn't really understand how it works and if it can help in my condition. What can I do to fully secure my application? Thanks in advance! EDIT: By the way, what I am mostly trying to achieve here is to make sure the requests are being sent from an Android and not from any other device.

    Read the article

  • Help choosing authentication method

    - by Dima
    I need to choose an authentication method for an application installed and integrated in customers environment. There are two types of environments - windows and linux/unix. Application is user based, no web stuff, pure Java. The requirement is to authenticate users which will use my application against customer provided user base. Meaning, customer installs my app, but uses his own users to grant or deny access to my app. Typical, right? I have three options to consider and I need to pick up the one which would be a) the most flexible to cover most common modern environments and b) would take least effort while stay robust and standard. Option (1) - Authenticate locally managing user credentials in some local storage, e.g. file. Customer would then add his users to my application and it will then check the passwords. Simple, clumsy but would work. Customers would have to punch every user they want to grant access to my app using some UI we will have to provide. Lots of work for me, headache to the customer. Option (2) - Use LDAP authentication. Customers would tell my app where to look for users and I will walk their directory resolving names into user names and trying to bind with found password. This is better approach IMO, but more fragile because I will have to walk an unknown directory structure and who knows if this will be permitted everywhere. Would be harder to test since there are many LDAP implementation out there, last thing I want is drowning in this voodoo. Option(3) - Use plain Kerberos authentication. Customers would tell my app what realm (domain) and which KDC (key distribution center) to use. In ideal world these two parameters would be all I need to set while customers could use their own administration tools to configure domain and kdc. My application would simply delegate user credentials to this third party (using JAAS or Spring security) and consider success when third party is happy with them. I personally prefer #3, but not sure what surprises I might face. Would this cover windows and *nix systems entirely? Is there another option to consider?

    Read the article

  • What's the best way to detect web applications attacks ?

    - by paulgreg
    What is the best way to survey and detect bad users behavior or attacks like deny of services or exploits on my web app ? I know server's statistics (like Awstats) are very useful for that kind of purpose, specially to see 3XX, 4XX and 5XX errors (here's an Awstats example page) which are often bots or bad intentioned users that try well-known bad or malformed URLs. Is there others (and betters) ways to analyze and detect that kind of attack tentative ? Note : I'm speaking about URL based attacks, not attacks on server's component (like database or TCP/IP).

    Read the article

  • Kohana v3, automatically escape illegal characters?

    - by Dom
    Quick question, does Kohana (version 3) automatically escape data that is passed into ORM::factory..... (and everywhere else that has to do with the database)? For example: $thread = ORM::factory('thread', $this->request->param('id')); Would the data passed in the second argument be auto-escaped before it goes in the SQL query or do I have to manually do it? Probably a stupid question and it's better to be safe than sorry, but yeah... I usually do manually escape the data, but I want to know if Kohana does this for me? Thanks

    Read the article

  • How to restrict access to my web service?

    - by Hank
    I have http://example.com/index.html, which from within the HTML uses JavaScript to call a web services at http://example.com/json/?a=...&b=... The web service returns to index.html a JSON array of information to then be displayed on index.html. Since anyone can view the source code for index.html and see how I'm calling the JSON web services (http://example.com/json/), how do I prevent people from calling my JSON web service directly? Since the web service is essentially an open read into my database, I don't want people to abuse the web service and start DoS my server, fetching more information than they should, etc..

    Read the article

  • (php) how to properly 'save' info in forms completed thus far

    - by hatorade
    So i have a form that on paper is 40 pages long. I was going to take the natural sections of this form, and make separate html forms for each section, with the idea that on the first page there would be a first form, then you hit 'Continue to next section' which essentially is the 'submit' button, which moves the user to section two, etc, until they hit the last section. i am not actually storing the results of the form in a database, but rather sending an email. the idea then is to store the separate form answers (one html form per section in the real form) as arrays or objects in the session, so that if they go back to a section in the form, it repopulates the values they entered since they are stored in the session. the result would be an array in the session storing the results for each of my forms, and i have one form for each section. my question is: is it secure to temporarily store things like SSNs or driver's license numbers as session variables? why or why not?

    Read the article

  • Integrating 3rd-party forum software to member-based website

    - by john
    When using some existing forum software in a larger web-site, how easy is it to: 1)Make your site's login functionality log the user into the forum 2)Make your site's registration functionality create forum login data I suppose in a way it might be easier to ONLY use the forum's database for maintaining users, but that means trusting it with sensitive data. I'm planning an integration between an existing bespoke desktop app and a new bespoke web-site which should include forums. I don't know which forums will be used but I know the new web functionality won't be PHP-based. I figure that's not a big deal but I'm wondering if forums typically allow configuration of where they look for login data, to avoid duplicating this data into my DB and the forum DB.

    Read the article

  • How do API Keys and Secret Keys work?

    - by viatropos
    I am just starting to think about how api keys and secret keys work. Just 2 days ago I signed up for Amazon S3 and installed the S3Fox Plugin. They asked me for both my Access Key and Secret Access Key, both of which require me to login to access. So I'm wondering, if they're asking me for my secret key, they must be storing it somewhere right? Isn't that basically the same thing as asking me for my credit card numbers or password and storing that in their own database? How are secret keys and api keys supposed to work? How secret do they need to be? Are these applications that use the secret keys storing it somehow? Thanks for the insight.

    Read the article

  • Is it dangerous to store user-enterable text into a hidden form via javascript?

    - by KallDrexx
    In my asp.net MVC application I am using in place editors to allow users to edit fields without having a standard form view. Unfortunately, since I am using Linq to Sql combined with my data mapping layer I cannot just update one field at a time and instead need to send all fields over at once. So the solution I came up with was to store all my model fields into hidden fields, and provide span tags that contain the visible data (these span tags become editable due to my jquery plugin). When a user triggers a save of their edits of a field, jquery then takes their value and places it in the hidden form, and sends the whole form to the server to commit via ajax. When the data goes into the hidden field originally (page load) and into the span tags the data is properly encoded, but upon the user changing the data in the contenteditable span field, I just run $("#hiddenfield").val($("#spanfield").html(); Am I opening any holes this method? Obviously the server also properly encodes stuff prior to database entry.

    Read the article

  • Prevent strings stored in memory from being read by other programs

    - by Roy
    Some programs like ProcessExplorer are able to read strings in memory (for example, my error message written in the code could be displayed easily, even though it is compiled already). Imagine if I have a password string "123456" allocated sequentially in memory. What if hackers are able to get hold of the password typed by the user? Is there anyway to prevent strings from being seen so clearly? Oh yes, also, if I hash the password and sent it from client to server to compare the stored database hash value, won't the hacker be able to store the same hash and replay it to gain access to the user account? Is there anyway to prevent replaying? Thank You!

    Read the article

  • Is it safe to display user input as input values without sanitation?

    - by Svish
    Say we have a form where the user types in various info. We validate the info, and find that something is wrong. A field is missing, invalid email, et cetera. When displaying the form to the user again I of course don't want him to have to type in everything again so I want to populate the input fields. Is it safe to do this without sanitation? If not, what is the minimum sanitation that should be done first? And to clearify: It would of course be sanitized before being for example added to a database or displayed elsewhere on the site.

    Read the article

  • Help Writing Input Data to Database With Wordpress Plugin

    - by HollerTrain
    Hi I am making a wordpress plugin where I need the Admin to enter data into a database table. I am able to install the db table when the Plugin is activated, however I can't figure out how to save the user input. I've asked on the WP forums but they're dead... Any experienced guru who can lend some guidance would be greatly appreciated. <?php /******************************************************************* * INSTALL DB TABLE - ONLY AT RUN TIME * *******************************************************************/ function ed_xml_install() { global $wpdb; $ed_xml_data = $wpdb->prefix . "ed_xml_data"; if($wpdb->get_var("SHOW TABLES LIKE '$ed_xml_data'") != $ed_xml_data) { $sql = "CREATE TABLE " . ed_xml_data . " ( id mediumint(9) NOT NULL AUTO_INCREMENT, name tinytext NOT NULL, address text NOT NULL, url VARCHAR(55) NOT NULL, phone bigint(11) DEFAULT '0' NOT NULL, UNIQUE KEY id (id) );"; require_once(ABSPATH . 'wp-admin/includes/upgrade.php'); dbDelta($sql); $name = "Example Business Name"; $address = "1234 Example Street"; $url = "http://www.google.com"; $phone = "523-3232-323232"; $insert = "INSERT INTO " . ed_xml_data . " (phone, name, address, url) " . "VALUES ('" . phone() . "','" . $wpdb->escape($name) . "','" . $wpdb->escape($address) . "', '" . $wpdb->escape($url) . "')"; $results = $wpdb->query( $insert ); } } //call the install hook register_activation_hook(__FILE__,'ed_xml_install'); /******************************************************************* * CREATE MENU, CREATE MENU CONTENT * *******************************************************************/ if ( is_admin() ){ /* place it under the ED menu */ //TODO $allowed_group = ''; /* Call the html code */ add_action('admin_menu', 'ed_xmlcreator_admin_menu'); function ed_xmlcreator_admin_menu() { add_options_page('ED XML Creator', 'ED XML Creator', 'administrator', 'ed_xml_creator', 'ed_xmlcreator_html_page'); } } /******************************************************************* * CONTENT OF MENU CONTENT * *******************************************************************/ function ed_xmlcreator_html_page() { <div> <h2>Editors Deal XML Options</h2> <p>Fill in the below information which will get passed to the .XML file.</p> <p>[<a href="" title="view XML file">view XML file</a>]</p> <form method="post" action="options.php"> <?php wp_nonce_field('update-options'); ?> <table width="510"> <!-- title --> <tr valign="top"> <th width="92" scope="row">Deal URL</th> <td width="406"> <input name="url" type="text" id="url" value="<?php echo get_option('url'); ?>" /> </td> </tr> <!-- description --> <tr valign="top"> <th width="92" scope="row">Deal Address</th> <td width="406"> <input name="address" type="text" id="address" value="<?php echo get_option('address'); ?>" /> </td> </tr> <!-- business name --> <tr valign="top"> <th width="92" scope="row">Business Phone</th> <td width="406"> <input name="phone" type="text" id="phone" value="<?php echo get_option('phone'); ?>" /> </td> </tr> <!-- address --> <tr valign="top"> <th width="92" scope="row">Business Name</th> <td width="406"> <input name="name" type="text" id="name" value="<?php echo get_option('name'); ?>" /> </td> </tr> </table> <input type="hidden" name="action" value="update" /> <input type="hidden" name="page_options" value="hello_world_data" /> <p> <input type="submit" value="<?php _e('Save Changes') ?>" /> </p> </form> </div> ?>

    Read the article

  • Can spliting an access database cause printer and reporting issues?

    - by leeand00
    We have a setup in which our users log into an access database using MS Access 2003 over an RDP connection. The user's login to their own machines first using a roaming profile. They then click an rdp connection file on the desktop and login to the remote server, via RDP, where they use MS Access as the shell; they don't have any access to any of explorer.exe features such as the start menu. The database they are logging into is more of an application, and provides functionality for entering data, querying data, and running reports via form based menus. It all worked pretty well until we split the database as it was nearing 2GBs in size. We moved out the payroll data into a separate partition, a database with the same name in a different folder, both of them on the server. Only two tables were moved into this new database partition, and they were re-linked as external tables in the new partition. Now while everything appears to be working fine data-wise after the split, there's a new issue when our users login via RDP and attempt to run reports: often the report will not display and instead the user sees an error about the click event of the form. At first I didn't even know it was printer-related, as we didn't really change anything related to the printers as far as I knew. Confused about the error, I talked to the guy who previously worked here and who was in charge of splitting the database, and he told me to tell the users to set their default printers (on their local machines, not on the server) to the "printer" Microsoft XPS Document Writer which isn't a physical printer at all. This allowed the user's to display their reports, but if they want to print out reports, they are required to go to the File menu and select Print, clicking the print icon on the toolbar takes them to a Save As... dialog as would be expected when using the Microsoft XPS Document Writer as your default printer. It's easy to tell if the user is having a problem because a quick mouseover of the printer icon will yield a tooltip of (none) when they cannot access their reports, and a tooltip of Microsoft XPS Document Writer when they can view the reports. If the user's printer is set to anything other than Microsoft XPS Document Writer as the default on their local machine, then (none) is always displayed when they rdp to the database. The RDP settings are setup to transfer the local printer to the server. Telling the users to do this to print has been more of a band-aid on the whole situation until we find a better solution and an explanation as to why splitting a database would prevent users from printing or even viewing access database reports. Which is why I'm here asking this question. Also of note all the printers on the network now show up on the server so that when the users do click File->Print to print their reports on a physical printer, they have to look through a huge list of printers to find theirs in the dropdown. So the little band-aid fix we have is not ideal. Previously, only the printers on the user's local machine displayed here, and not all the printers on the network. My co-worker seems to think this has something to do with permissions, I personally think it has to do with roaming profiles, and Group Policies which is what I've been reading up on. I really don't know how to fix this or how it is related to splitting the database.

    Read the article

  • PHP: Safe way to store decryptable passwords

    - by Jammer
    I'm making an application in PHP and there is a requirement that it must be possible to decrypt the passwords in order to avoid problems in the future with switching user database to different system. What encryption/decryption algorithm would you suggest? Is it good idea to just store the encrypted value and then compare the future authentication attempts to that value? Are the passwords still as safe as MD5/SHA1 when the private key is not available to the attacker (Hidden in USB drive for example)? I should still use salting, right? What encryption libraries should I use for PHP?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 367 368 369 370 371 372 373 374 375 376 377 378  | Next Page >