Search Results

Search found 13867 results on 555 pages for 'avoid learning'.

Page 388/555 | < Previous Page | 384 385 386 387 388 389 390 391 392 393 394 395 | Next Page >

Secure password transmission over unencrypted tcp/ip

- by academicRobot

I'm in the designing stages of a custom tcp/ip protocol for mobile client-server communication. When not required (data is not sensitive), I'd like to avoid using SSL for overhead reasons (both in handshake latency and conserving cycles). My question is, what is the best practices way of transmitting authentication information over an unencrypted connection? Currently, I'm liking SRP or J-PAKE (they generate secure session tokens, are hash/salt friendly, and allow kicking into TLS when necessary), which I believe are both implemented in OpenSSL. However, I am a bit wary since I don't see many people using these algorithms for this purpose. Would also appreciate pointers to any materials discussing this topic in general, since I had trouble finding any.

Read the article
What are the common patterns in web programming?

- by lankerisms

I have been trying to write my first big web app (more than one cgi file) and as I kept moving forward with the rough prototype, paralelly trying to predict more tasks, this is the todo that got accumulated (In no particular order). * Validations and input sanitizations * Object versioning (to avoid edit conflicts. I dont want hard locks) * Exception handling * memcache * xss and injection protections * javascript * html * ACLs * phonetics in search, match and find duplicates (for form validation) * Ajaxify!!! (I have snipped off the project specific items.) I know that each todo will be quite tied up to its project and technologies used. What I am wondering though, is if there is a pattern in your todo items as well as the sequence in which you experienced guys have come across them.

Read the article
CoreData and many NSArrayController

- by unixo

In my CoreData Application, I've an outline view on left of main window, acting as source list (like iTunes); on the right I display a proper view, based on outline selection. Each view has its components, such as table view, connected to array controller, owned by the specific view. Very often different views display same data, for example, a table view of the same entity. From a performance point of view, is better to have a single array controller per entity and share it between all views or does CoreData cache avoid memory waste?

Read the article
Client / Server application for Video BroadCasting on LAN

- by jbl

I m much of a newbie to client/server applications and networking.I am currently starting up a project in which we are planning to create an application or something like a website accessible only to clients in that LAN network.We want the server to upload videos so that the clients can view them whenever they want.Also the clients can upload videos.Also we want some kind of registration to provide authentication to avoid bogus videos.Also additional features that can be added on later like comment section,ratings,Groups etc. Basically what we want is to build mini-youtube but with one major difference , we want the application to be LAN based. This is the idea behind the project.But we dont know where to start from as we are new to this stuff and also we have like 1 year to work on the project.Please guide me as to what all softwares i'll be needing to get this working !

Read the article
Android / Java rare and seemingly impossible exception causing force close

- by Guzba

Hello all, I have an interesting problem being reported to me from an android application I have published. I have a two-dimensional array that I am iterating through using two for loops like so: for (int i = 0; i < arr.length; ++i) { for (int j = 0; j < arr[i].length; ++j) { if (arr[i][j] != 0) // does stuff } } The problem is, somehow arr[i][j] != 0 is throwing an ArrayIndexOutOfBoundsException. But very rarely. I have thousands of people use the app on a daily basis and get maybe twenty force close reports. Is this something I can't avoid, maybe a problem with the phones memory, etc. or is there something I can do that I haven't thought of yet? Thanks.

Read the article
Remove .php extension (explicitly written) for friendly URL

- by miquel

htaccess to remove the .php extension of my site's files. RewriteEngine on RewriteBase / RewriteCond %{SCRIPT_FILENAME} !-d RewriteCond %{SCRIPT_FILENAME} !-f RewriteRule ^(.*)$ $1.php [L,QSA] Now, if I go to my site www.mysite.com/home works fine, it redirects to home.php but the URL is still friendly. But if I write this URL: www.mysite.com/home.php The home.php is served, and the URL is not friendly. How can I avoid this behavior? I want that if the user writes www.mysite.com/home.php, the URL displayed in the URL bar be www.mysite.com/home

Read the article
Example where Up-Front Design (Would have) Saved You Time

- by Winston Ewert

In various places I've seen the claim that by designing a system up-front, you can significantly reduce development time. I.e. by spending an hour designing you can save a week coding. My problem is that I have never seen a situation where I found this to be true. So I want to know of any examples out there that people have where this would be true: So: What sort of problem arose during coding? (or was avoided?) How could you have avoided (or did avoid) the problem by spending more time doing design? Why was it (or would it have been) hard to fix the problem in the code?

Read the article
Cookie is setting twice (dublicated)

- by Erik Larsson

I'm new to cookies, and im trying to set a cookie where to store the referer (the org ref). But when i try this function: function do_it_cookie() { // Check if cookie exists if (isset($_COOKIE['ref'])) { // It dose exist, do nothing or anything... } else { setcookie ('ref', $_SERVER['HTTP_REFERER'], time() + 60, '/'); header ("Location: http://www.nyttforetag.com/mind-your-own-business/"); } } I want to store the cookie on the user computer for 30 days, if the return i want to know the initial refereeing url. But when i use this and lets say i go to another page in my site and then go back to the homepage its sets a new cookie with the exact same name and with the ref of the previous page. Is there away to avoid this?

Read the article
Cookie is setting twice (duplicated)

- by Erik Larsson

I'm new to cookies, and im trying to set a cookie where to store the referrer (the org ref). But when i try this function: function do_it_cookie() { // Check if cookie exists if (isset($_COOKIE['ref'])) { // It dose exist, do nothing or anything... } else { setcookie ('ref', $_SERVER['HTTP_REFERER'], time() + 60, '/'); header ("Location: http://www.nyttforetag.com/mind-your-own-business/"); } } I want to store the cookie on the user computer for 30 days, if the return i want to know the initial refereeing url. But when i use this and lets say i go to another page in my site and then go back to the homepage its sets a new cookie with the exact same name and with the ref of the previous page. Is there away to avoid this?

Read the article
Rails + simple role system through associative table

- by user202411

So I have the Ninja model which has many Hovercrafts through ninja_hovercrafts (which stores the ninja_id and the hovercraft_id). It is of my understanding that this kind of arrangement should be set in a way that the associative table stores only enough information to bind two different classes. But I'd like to use the associative table to work as a very streamlined authorization hub on my application. So i'd also like this table to inform my system if this binding makes the ninja the pilot or co-pilot of a given hovercraft, through a "role" field in the table. My questions are: Is this ugly? Is this normal? Are there methods built into rails that would help me to automagically create Ninjas and Hovercrafts associations WITH the role? For exemple, could I have a nested form to create both ninjas and hcs in a way that the role field in ninjas_hovercrafts would be also filled? If managing my application roles this way isn't a good idea, whats the non-resource heavy alternative (my app is being designed trying to avoid scalability problems such as excessive joins, includes, etc) thank you

Read the article
Produce a script to hit Google once a day and log our position in the results?

- by hawbsl

The need has arisen within our organisation to monitor (on a daily basis) where our site appears (both organic and PPC) on the page 1 of Google. Also where a key competitor appears. For certain key words. In the immediate short term a colleague is doing this by hitting Google manually and jotting down the results. Yep. It occurs to us we can write a script (e.g. using C#) to do this. I know Analytics will tell us an awful lot but it doesn't note the competitor's position, plus I don't think it has other data we want. Question is, is there an existing basic tool which does this (for free, I guess)? And if we write it ourselves, where to start and are there obvious pitfalls to avoid (for example can Google detect and block automated requests?)

Read the article
Copy and pasting code into the Python interpreter

- by wpeters

There is a snippet of code that I would like to copy and paste into my Python interpreter. Unfortunately due to Python's sensitivity to whitespace it is not straightforward to copy and paste it a way that makes sense. (I think the whitespace gets mangled) Is there a better way? Maybe I can load the snippet from a file. This is just an small example but if there is a lot of code I would like to avoid typing everything from the definition of the function or copy and pasting line by line. class bcolors: HEADER = '\033[95m' OKBLUE = '\033[94m' OKGREEN = '\033[92m' WARNING = '\033[93m' FAIL = '\033[91m' ENDC = '\033[0m' def disable(self): self.HEADER = '' # I think stuff gets mangled because of the extra level of indentation self.OKBLUE = '' self.OKGREEN = '' self.WARNING = '' self.FAIL = '' self.ENDC = ''

Read the article
What is the ISO C++ way to directly define a conversion function to reference to array?

- by ben

According to the standard, a conversion function has a function-id operator conversion-type-id, which would look like, say, operator char(&)[4] I believe. But I cannot figure out where to put the function parameter list. gcc does not accept either of operator char(&())[4] or operator char(&)[4]() or anything I can think of. Now, gcc seems to accept (&operator char ())[4] but clang does not, and I am inclined to not either, since it does not seem to fit the grammar as I understand it. I do not want to use a typedef because I want to avoid polluting the namespace with it.

Read the article
Problem with foreach loop and $_GET

- by phpExe

I have a very simple foreach loop foreach($tv as $id => $channel) { $ID = $_GET['ID']; if($ID == $id){$class = "currentt";} echo '<a href="http://www.mysite.com/tst.php?ID='.$id.'" class="'.$class.'">'.$channel.'</a><br>'; } With url query, with every click the current class repeated. How can avoid this? Thanks alot.

Read the article
Exposing a "dumbed-down", read-only instance of a Model in GAE

- by Blixt

Does anyone know a clever way, in Google App Engine, to return a wrapped Model instance that only exposes a few of the original properties, and does not allow saving the instance back to the datastore? I'm not looking for ways of actually enforcing these rules, obviously it'll still be possible to change the instance by digging through its __dict__ etc. I just want a way to avoid accidental exposure/changing of data. My initial thought was to do this (I want to do this for a public version of a User model): class ReadOnlyUser(db.Model): display_name = db.StringProperty() @classmethod def kind(cls): return 'User' def put(self): raise SomeError() Unfortunately, GAE maps the kind to a class early on, so if I do ReadOnlyUser.get_by_id(1) I will actually get a User instance back, not a ReadOnlyUser instance.

Read the article
Are PDO prepared statements sufficient to prevent SQL injection?

- by Mark Biek

Let's say I have code like this: $dbh = new PDO("blahblah"); $stmt = $dbh->prepare('SELECT * FROM users where username = :username'); $stmt->execute( array(':username' => $_REQUEST['username']) ); The PDO documentation says The parameters to prepared statements don't need to be quoted; the driver handles it for you. Is that truly all I need to do to avoid SQL injections? Is it really that easy? You can assume MySQL if it makes a difference. Also, I'm really only curious about the use of prepared statements against SQL injection. In this context, I don't care about XSS or other possible vulnerabilities.

Read the article
Figuring out what makes a C++ class abstract in VS2008

- by suszterpatt

I'm using VS2008 to build a plain old C++ program (not C++/CLI). I have an abstract base class and a non-abstract derived class, and building this: Base* obj; obj = new Derived(); fails with the error "'Derived': cannot instantiate abstract class". (It may be worth noting, however, that if I hover over Base with the cursor, VS will pop up a tooltip saying "class Base abstract", but hovering over Derived will only say "class Derived" (no "abstract")). The definitions of these classes are fairly large and I'd like to avoid manually checking if each method has been overridden. Can VS do this for me somehow? Any general tips on pinpointing the exact parts of the class' definition that make it abstract?

Read the article
Creating a virtual, data-driven section of a Wordpress-powered site

- by lgomez

Hello all, I want to create a plugin for wordpress to automatically serve pages containing data pulled from a provider's API. The API returns one or more records containing data for that record and I simply want to have the plugin intercept the request, call the API with parameters pulled from the request URI and display the data using a template that I can either let them upload to the server or let them copy and paste into the plugins admin settings. For example, I may want one of my wordpress installations to show products pulled from such an API under the url "example.com/products". The plugin would catch that request, extract the variables from the URL, call the API and render the template with the returned results. I'd like to avoid requiring editing the .htaccess file like some caching plugins do. Some of the admins of these pages won't know how to do that or simply won't have access to the .htaccess file. Thanks!

Read the article
How to use switch statement with Enumerations C#

- by Maximus Decimus

I want to use a switch statement in order to avoid many if's. So I did this: public enum Protocol { Http, Ftp } string strProtocolType = GetProtocolTypeFromDB(); switch (strProtocolType) { case Protocol.Http: { break; } case Protocol.Ftp: { break; } } but I have a problem of comparing an Enum and a String. So if I added Protocol.Http.ToString() there is another error because it allows only CONSTANT evaluation. If I change it to this switch (Enum.Parse(typeof(Protocol), strProtocolType)) It's not possible also. So, it's possible to use in my case a switch statement or not?

Read the article
Is SHA sufficient for checking file duplication? (sha1_file in PHP)

- by wag2639

Suppose you wanted to make a file hosting site for people to upload their files and send a link to their friends to retrieve it later and you want to insure files are duplicated where we store them, is PHP's sha1_file good enough for the task? Is there any reason to not use md5_file instead? For the frontend, it'll be obscured using the original file name store in a database but some additional concerns would be if this would reveal anything about the original poster. Does a file inherit any meta information with it like last modified or who posted it or is this stuff based in the file system? Also, is using a salt frivolous since security in regards of rainbow table attack mean nothing to this and the hash could later be used as a checksum? One last thing, scalability? initially, it's only going to be used for small files a couple of megs big but eventually... Edit 1: The point of the hash is primarily to avoid file duplication, not to create obscurity.

Read the article
Aren't passwords written in inputbox vulnerable through a stack trace ?

- by loursonwinny

Hello, I am not a guru of the stack tracing, at all. I even don't know how to get some. Anyway, I am wondering if entering a password entered in an inputbox is safe. Can't it be retrieved by getting a stack trace ? A password entered that way will be found in many places : Caption property of the TEdit Result of the function which creates the inputbox probably, a variable that stores the Result of the InputBox Command etc... If the answer is "yes, it is a vulnerability", then my world collapses :p. What can be done to avoid that vulnerability hole ? NOTE : The InputBox is an example but it can be with a "homebrewed" login prompt. InputBox is a Delphi command but I haven't tagged the question with the Delphi tag because I suppose that the question concerns any language. Thanks for reading

Read the article
SQL Server db_owner

- by andrew007

Hi, in my SQL2008 I have a user which is in the "db_datareader", "db_datawriter" and "db_ddladmin" DB roles, however when he tries to modify a table with SSMS he receives a message saying: You are not logged in as the database owner or system administrator. You might not be able to save changes to tables that you do not own. Of course, I would like to avoid such message, but until now I did find the way... Therefore, I try to modify the user by adding him to the "db_owner" role, and of course I do not have the message above. My question is: Is it possible to keep the user in the "db_owner" role, but deny some actions like alter user or ? I try "alter any user" securable on DB level, but it does not work... THANKS!

Read the article
Is it possible to come over the time out issue for a function call in C#?

- by infant programmer

In my program I call a method xslTransform.Load(strXmlQueryTransformPath, xslSettings, new XmlUrlResolver()); The problem I am facing is: sometimes this function doesn't execute well within the time. Sometimes compiler raises the time out issue after a long time of trial.. which inturn causes this part of application to shut. That is what I want to avoid. So if it exceeds certain time say 10 seconds I need to recall the method. Is it possible to add some code lines adjacent to this, which can meet the requirement?

Read the article
scala jrebel superclass change

- by coubeatczech

hi, I'm using JRebel with Scala and I'm quite frequently experiencing the need for restart of server due to the fact that JRebel is unable to load a class if the superclass was changed. This is done mainly when I change anonymous functions as I can deduce from the JRebel error desription: Class 'mypackage.NewBook$$anonfun$2' superclass was changed from 'scala.runtime.AbstractFunction1' to 'scala.runtime.AbstractFunction2' and could not be reloaded. Is there any way, how can I design my code to avoid this? Does scala compiler take the functions, numbers them from one as they appear in source code?

Read the article
JavaScript's Associative Array / Object can't be read in functions

- by Matrym

At the very beginning of the javascript file, I have: var lbp = {}; lbp.defaults = { minLength: 40 }; I can successfully alert it afterwards, with: alert(lbp.defaults.minLength); But as soon as I put it inside a function, when I alert, I get "Undefined". What gives, and how do I avoid this? Is it absolutely necessary to pass this variable into each function, for example, by doing: function(lbp) { alert(lbp.defaults.minLength); } I would have thought that defining it first, it would attain global scope and not be required to be passed in? Thanks in advance for enlightening me :)

Read the article

< Previous Page | 384 385 386 387 388 389 390 391 392 393 394 395 | Next Page >