Search Results

Search found 12397 results on 496 pages for 'maybe'.

Page 416/496 | < Previous Page | 412 413 414 415 416 417 418 419 420 421 422 423  | Next Page >

• What's the best technique to protect my framework from visitors who are not logged in?

  - by Hermet

  First of all, I would like to say that I have used the search box looking for a similar question and was unsuccessful, maybe because of my poor english skills. I have a a 'homemade' framework. I have certain PHP files that must only be visible for the admin. The way I currently do this is check within every single page to see if a session has been opened. If not, the user gets redirected to a 404 page, to seem like the file which has been requested doesn't exist. I really don't know if this is guaranteed to work or if there's a better and more safe way because I'm currently working with kind of confidential data that should never become public. Could you give me some tips? Or leave a link where I could find some? Thank you very much, and again excuse me for kicking the dictionary. EDIT What I usually write in the top of each file is something like this <?php include("sesion.php"); $rs=comprueba(); //'check' if ($rs==1) { ?> And then, at the end <?php } ?> Is it such a butched job, isn't it? EDIT Let's say I have a customers list in a file named customers.php That file may be currently on http://www.mydomain.com/admin/customers.php and it must only be visible for the admin user. Once the admin user has been logged in, I create a session variable. That variable is what I check on the top of each page, and if it exists, the customers list is shown. If not, the user gets redirected to the 404 page. Thank you for your patience. I really appreciate.

  Read the article

• Is there a Scala version of .irbrc or another way to define some default libraries for REPL use?

  - by Tom Morris

  I've written a little library that uses implicits to add functionality that one only needs when using the REPL in Scala. Ruby has libraries like this - for things like pretty printing, firing up text editors (like the interactive_editor gem which invokes Vim from irb - see this post), debuggers and the like. The library I am trying to write adds some methods to java.lang.Class and java.lang.reflect classes using the 'pimp my library' implicit conversion process to help you go and find documentation (initially, with Google, then later possibly with a JavaDoc/ScalaDoc viewer, and maybe the StackOverflow API eventually!). It's an itch-scratching library: I spend so much time copying and pasting classnames into Google that I figured I may as well automate the process. It is the sort of functionality that developers will want to add to their system for use only in the REPL - they shouldn't really be adding it to projects (partly because it may not be something that their fellow developers want, but also because if you are doing some exploratory development, it may be with just a Scala REPL that's not being invoked by an IDE or build tool). In my case, I want to include a few classes and set up some implicits - include a .jar on the CLASSPATH and import it, basically. In Ruby, this is the sort of thing that you'd add to your .irbrc file. Other REPLs have similar ways of setting options and importing libraries. Is there a similar file or way of doing this for the Scala REPL?

  Read the article

• How to test if a user has SELECTED a file to upload ?

  - by Tristan

  Hello, on a page, i have : if (!empty($_FILES['logo']['name'])) { $dossier = 'upload/'; $fichier = basename($_FILES['logo']['name']); $taille_maxi = 100000; $taille = filesize($_FILES['logo']['tmp_name']); $extensions = array('.png', '.jpg', '.jpeg'); $extension = strrchr($_FILES['logo']['name'], '.'); if(!in_array($extension, $extensions)) { $erreur = 'ERROR you must upload the right type'; } if($taille>$taille_maxi) { $erreur = 'too heavy'; } if(!empty($erreur)) { ....................... } The problem is, if the users wants to edit information WITHOUT uploading a LOGO, it raises an error : 'error you must upload the right type' So, if a user didn't put anything in the inputbox in order to upload it, i don't want to enter in these conditions test. i tested : if (!empty($_FILES['logo']['name']) and if (isset($_FILES['logo']['name']) but both doesn't seems to work. Any ideas? edit : maybe i wasn't so clear, i don't want to test if he uploaded a logo, i want to test IF he selected a file to upload, because right now, if he doesn't select a file to upload, php raises an error telling he must upload with the right format. thanks.

  Read the article

• Understanding the singleton class when aliasing a instance method

  - by Backo

  I am using Ruby 1.9.2 and the Ruby on Rails v3.2.2 gem. I am trying to learn Metaprogramming "the right way" and at this time I am aliasing an instance method in the included do ... end block provided by the RoR ActiveSupport::Concern module: module MyModule extend ActiveSupport::Concern included do # Builds the instance method name. my_method_name = build_method_name.to_sym # => :my_method # Defines the :my_method instance method in the including class of MyModule. define_singleton_method(my_method_name) do |*args| # ... end # Aliases the :my_method instance method in the including class of MyModule. singleton_class = class << self; self end singleton_class.send(:alias_method, :my_new_method, my_method_name) end end "Newbiely" speaking, with a search on the Web I came up with the singleton_class = class << self; self end statement and I used that (instead of the class << self ... end block) in order to scope the my_method_name variable, making the aliasing generated dynamically. I would like to understand exactly why and how the singleton_class works in the above code and if there is a better way (maybe, a more maintainable and performant one) to implement the same (aliasing, defining the singleton method and so on), but "the right way" since I think it isn't so.

  Read the article

• Using custom detectors with FindBugs Maven plugin

  - by Lóránt Pintér

  I have a nice JAR of some custom FindBugs detectors I'd like to use with the FindBugs Maven plugin. There is a way to do this with the plugin via the <pluginList> configuration parameter, but that only accepts local files, URLs, or resources. The only way I found for doing so is to somehow copy my JAR to a local file (maybe via the Dependency plugin) and then configure the FindBugs plugin something like this: <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>findbugs-maven-plugin</artifactId> <version>2.3.1</version> <configuration> <pluginList>${project.build.directory}/my-detectors.jar</pluginList> </configuration> </plugin> But this is not very flexible. Is there a way to use Maven's dependency management features together with FindBugs' plugins? I'd like to use something like this: <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>findbugs-maven-plugin</artifactId> <dependencies> <dependency> <groupId>com.lptr.findbugs</groupId> <artifactId>my-detectors</artifactId> <version>1.0</version> </dependency> </dependencies> </plugin> ...but this simply overrides the core FindBugs detectors.

  Read the article

• how does MySQL implement the "group by"?

  - by user188916

  I read from the MySQL Reference Manual and find that when it can take use of index,it just do index scan,other it will create tmp tables and do things like filesort. And I also read from other article that the "Group By" result will sort by group by columns by default,if "order by null" clause added,it won't don filesort. The difference can be found from the "explain ..." clause. so my problem is:what is the difference between "group by" clause that with "order by null" and which doesn't have? I try to use profiling to see what mysql do on the background,and only see result like: result for group clause without order by null: |preparing | 0.000016 | | Creating tmp table | 0.000048 | | executing | 0.000009 | | Copying to tmp table | 0.000109 | **| Sorting result | 0.000023 |** | Sending data | 0.000027 | result for clause with "order by null": preparing | 0.000016 | | Creating tmp table | 0.000052 | | executing | 0.000009 | | Copying to tmp table | 0.000114 | | Sending data | 0.000028 | So I guess what MySQL do when the "order by null" added,it does not use filesort algorithm,maybe when it creates the tmp table,it uses index as well,and then use the index to do group by operation,when completed,it just read result from the table rows and does not sort the result. But my original opinion is that MySQL can use quicksort to sort the items and then do group by,so the result will be sorted as well. Any opinion appreciated,thanks.

  Read the article

• Learning Java, how to type text on canvas?

  - by Voley

  I'm reading a book by Eric Roberts - Art and science of java and it got an excersise that I can't figure out - You have to make calendar, with GRect's, 7 by 6, that goes ok, the code part is easy, but also you have to type the numbers of the date on those rectangles, and it's kinda hard for me, there is nothing about it in the book. I tried using GLabel thing, but here arises the problem that I need to work on those numbers, and it says "can't convert from int to string and vice versa". GLabel (string, posX, posY) - it is not accepting int as a parameter, only string, I even tried typecasting, still not working. For example I want to make a loop int currentDate = 1; while (currentDate < 31) { add(new Glabel(currentDate, 100, 100); currentDate++; This code is saying that no man, can't convert int to string. If i try changing currentDate to string, it works, but I got a problem with calculation, as I can't manipulate with number in string, it doesn't even allow to typecast it into int. How can I fix it? Maybe there is another class or method to type the text over those rectangles? I know about println but it doen't have any x or y coordinates, so I can't work with it. And I think it's only for console programs.

  Read the article

• sqlalchemy dynamic mapping

  - by adancu

  Hi, I have the following problem: I have the class: class Word(object): def __init__(self): self.id = None self.columns = {} def __str__(self): return "(%s, %s)" % (str(self.id), str(self.columns)) self.columns is a dict which will hold (columnName:columnValue) values. The name of the columns are known at runtime and they are loaded in a wordColumns list, for example wordColumns = ['english', 'korean', 'romanian'] wordTable = Table('word', metadata, Column('id', Integer, primary_key = True) ) for columnName in wordColumns: wordTable.append_column(Column(columnName, String(255), nullable = False)) I even created a explicit mapper properties to "force" the table columns to be mapped on word.columns[columnName], instead of word.columnName, I don't get any error on mapping, but it seems that doesn't work. mapperProperties = {} for column in wordColumns: mapperProperties['columns[\'%']' % column] = wordTable.columns[column] mapper(Word, wordTable, mapperProperties) When I load a word object, SQLAlchemy creates an object which has the word.columns['english'], word.columns['korean'] etc. properties instead of loading them into word.columns dict. So for each column, it creates a new property. Moreover word.columns dictionary doesn't even exists. The same way, when I try to persist a word, SQLAlchemy expects to find the column values in properties named like word.columns['english'] (string type) instead of the dictionary word.columns. I have to say that my experience with Python and SQLAlchemy is quite limited, maybe it isn't possible to do what I'm trying to do. Any help appreciated, Thanks in advance.

  Read the article

• Abstracting the interpretation of MVC checkboxes values received by the FormsCollection object

  - by Simon_Weaver

  In ASP.NET MVC a checkbox is generated by the HtmlHelper code here: <%= Html.CheckBox("List_" + mailingList.Key, true) %> as this HTML: <input id="List_NEW_PRODUCTS" name="List_NEW_PRODUCTS" type="checkbox" value="true" /> <input name="List_NEW_PRODUCTS" type="hidden" value="false" /> In case you're wondering why is there an extra hidden field? - then read this. Its definitely a solution that makes you first think 'hmmmmm' but then you realize its a pretty elegant one. The problem I have is when I'm trying to parse the data on the backend. Well its not so much of a problem as a concern if anything in future were to change in the framework. If I'm using the built in binding everything is great - its all done for me. But in my case I'm dynamically generating checkboxes with unknown names and no corresponding properties in my model. So i end up having to write code like this : if (forms["List_RETAIL_NOTIFICATION"] == "true,false") { } or this: if (forms.GetValues("List_RETAIL_NOTIFICATION")[0] == "true") { } Both of which i still look at and cringe - especially since theres no guarantee this will always be the return value. I'm wondering if theres a way to access the layer of abstraction used by the model binders - or if I'm stuck with my controller 'knowing' this much about HTTP POST hacks. Yes I'm maybe being a little picky - but perhaps theres a better clever way using the model binders that I can employ to read dynamically created checkbox parameters. In addition i was hoping this this post might help others searcheing for : "true,false". Even though I knew why it does this I just forgot and it took me a little while to realize 'duh'. FYI: I tried another few things, and this is what I found : forms["List_RETAIL_NOTIFICATION"] evaluates to "true,false" forms.GetValues("List_RETAIL_NOTIFICATION")[0] evaluates to "true" (forms.GetValue("List_RETAIL_NOTIFICATION").RawValue as string[])[0] evaluates to "true" forms.GetValues("List_RETAIL_NOTIFICATION").FirstOrDefault() evaluates to "true"

  Read the article

• ecommerce platform or from scratch? customer specific catalogs and purchase orders

  - by rafi

  I have a possible freelance job in front of me for a distributor who wants product ordering set up but the orders are all P.O.s basically - no actual credit card or paypal transaction. The customer is simply billed and the order archived. Customers will need to login to this site and each customer will have their own custom catalog of a few dozen products which have been setup via a control panel this distributor uses. So there will be a master catalog of over 1,000 products (perhaps browsable but not to be ordered from on the site) but each customer will only be able to order from the products specified for their accounts. I know I can build this from scratch but I figured it's worth looking into what ecommerce platforms would get me a nice head start. Obviously shopping cart, order history, catalog management are concepts that I can reuse but are any of the ecommerce systems out there also capable of handling custom catalogs (maybe as multi-stores?) or transactions billed to accounts without credit card? The more I could reuse the better. I've messed with OSCommerce (way back) and a little Zen Cart more recently. I've also worked on a number of totally custom e-commerce sites. But my knowledge of the open source e-commerce tools is pretty limited and I'm trying to keep the effort as simple as I possibly can on this. I'm pretty flexible on the language of the platform by the way. Thanks in advance.

  Read the article

• Detect and handle, or override, clicks on a navigation bar

  - by Henrik Erlandsson

  I have an app where I've pushed two items onto the navigation bar. The top item, which ends up as a 'back' button, should have the function to jump all the way back to the start page, which is a list of web news. The other one simply displays a logo. The boss wants a navigation bar look and feel but with a simple function, so the user can click around the news site, but always be able to jump to the news list page with just the one click. Is the only option to create a fixed navbar with two items in IB, so that I can connect an outlet to the clickable item - or is there some way to intercept clicks to the navbar to make a requestURL? touchesBegan or touchUpInside would be fine, but I've found no way of implementing that so far. It's okay if the whole navbar is clickable, I just need some hint how to make it happen. Add a transparent UIlabel on top and detect clicks for that, maybe? A bonus would be to hide the item in the 'back' position without popping it from the stack.

  Read the article

• What is the complexity of this specialized sort

  - by ADB

  I would like to know the complexity (as in O(...) ) of the following sorting algorithm: there are B barrels that contains a total of N elements, spread unevenly across the barrels. the elements in each barrel are already sorted The sort takes combines all the elements from each barrel in a single sorted list: using an array of size B to store the last sorted element of each barrel (starting at 0) check each barrel (at the last stored index) and find the smallest element copy the element in the final sorted array, increment array counter increment the last sorted element for the barrel we picked from perform those steps N times or in pseudo: for i from 0 to N smallest = MAX_ELEMENT foreach b in B if bIndex[b] < b.length && b[bIndex[b]] < smallest smallest_barrel = b smallest = b[bIndex[b]] result[i] = smallest bIndex[smallest_barrel] += 1 I thought that the complexity would be O(n), but the problem I have with finding the complexity is that if B grows, it has a larger impact than if N grows because it adds another round in the B loop. But maybe that has no effect on the complexity?

  Read the article

• testng multiple suites

  - by Eli

  Hi people. my problem is as follows: i am testing a web-ui using selenium and testng. i have a test suite with many test classes in it. i have a method with the @BeforeSuite witch also has a @Parameters annotation, this method recieves as a parameter the browser in witch the selenium will test by run,executing the lines: selenium = new DefaultSelenium("localhost", 4444, **browser**, "http://localhost:8099"); selenium.start(); the xml im using to run the test suite is: <suite name="suite"> <parameter name = "browser" value = "*firefox"/> <test name="allTests"> <classes> <class name="test.webui.MemcachedDeploymentTest" /> </classes> </test> </suite> this works fine and the test runs in firefox. my problem is that i would like to somehow run this suite again, immediatly after the first run finishes, but this time with chrome as the browser. i now have 2 xml suites, one with chrome and one with firefox, is there any way to run these test suites one after the other automatically? maybe using a third xml? Thanks in advance

  Read the article

• Synchronous Android activities

  - by rayman

  Ive made mis-leading topic in my last question, so i open this new question to clear what I realy want. sorry for the inconvenience. I wanna run two system(Android) activities one after another in specific order from my main activity. now as we know, startActivity is an asynchronous operation, so i cant keep on a specific order. so i thought maybe I should try to do it with dialogBox in the middle but also running a dialogBox is an asynchronous. now as i said the activities which i try to run are Android activities, so i cant even start them with startActivityForResult (or mybe i can, but i dont get any result back to my main(calling) activity) Any tricks how could i manage with this issue? Some code: first activity: Intent intent = new Intent(); intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK); intent.setAction(Settings.ACTION_APPLICATION_SETTINGS); startActivity(intent); second activity: Intent intent = new Intent(Intent.ACTION_VIEW); intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK); intent.setDataAndType(Uri.fromFile(tmpPackageFile .getAbsoluteFile()), "application/vnd.android.package-archive"); startActivity(intent); as you can see, i dont have any access to those activites, i can just run thire intents from my main activity.

  Read the article

• Problem logging in and changing permissions in Facebook

  - by kujawk

  Hi everybody, I've got a piece of code that logs into Facebook, gets a session, sets status_update and offline_access permission if they are not set, and gets a new session with the newly set permissions. This code used to work fine but now I'm getting error 100 "One of the parameters specified was missing or invalid" as a response to the second call to get session and I can't figure out why. Here's the sequence in detail: CREATE TOKEN restserver.php?method=auth.createToken&api_key=[our key]&v=1.0&format=JSON&sig=[sig created with our secret] response: new token LOGIN m.facebook.com/login.php?api_key=[our key]&v=1.0&auth_token=[token created above] login screen loads and user successfully logs in with their username/password. GET SESSION restserver.php?method=auth.getSession&api_key=[our key]&v=1.0&format=JSON&auth_token=token created above&sig=[sig created with our secret] response: session key with expiration date and a secret CHECK/AUTHORIZE PERMISSIONS restserver.php?method=users.hasAppPermission&api_key=[our key]&v=1.0&format=JSON&ext_perm=status_update&call_id=[proper id]&session_key=[key returned above]&sig=[sig created with secret returned for get session] response: 0 m.facebook.com/authorize.php?api_key=[our key]&v=1.0&ext_perm=status_update authorization screen loads and user authorizes Same steps for status_update CREATE NEW TOKEN Same steps as done to create the first token LOGIN m.facebook.com/login.php?api_key=[our key]&v=1.0&auth_token=[new token] user is already logged in, redirected to their homepage GET NEW SESSION restserver.php?method=auth.getSession&api_key=[our key]&format=JSON&auth_token=[new token]&sig=[sig created with our secret] response: error 100 - missing or invalid parameter. Of course it doesn't tell me which one. Anybody have any ideas what I'm doing wrong here? I tried skipping the second login and going right to creating the new session and that didn't work. The only thing that seems to work is logging out the user after they've authorized the permissions and having them log back in again. I'd like to avoid this if possible. Can you have two outstanding sessions at one time? This code used to work but I'm thinking maybe something changed on Facebook's end that I'm not aware of. Thanks, kris

  Read the article

• How to encapsulate a WinAPI application into a C++ class

  - by Semen Semenych

  There is a simple WinAPI application. All it does currently is this: register a window class register a tray icon with a menu create a value in the registry in order to autostart and finally, it checks if it's unique using a mutex As I'm used to writing code mainly in C++, and no MFC is allowed, I'm forced to encapsulate this into C++ classes somehow. So far I've come up with such a design: there is a class that represents the application it keeps all the wndclass, hinstance, etc variables, where the hinstance is passed as a constructor parameter as well as the icmdshow and others (see WinMain prototype) it has functions for registering the window class, tray icon, reigstry information it encapsulates the message loop in a function In WinMain, the following is done: Application app(hInstance, szCmdLIne, iCmdShow); return app.exec(); and the constructor does the following: registerClass(); registerTray(); registerAutostart(); So far so good. Now the question is : how do I create the window procedure (must be static, as it's a c-style pointer to a function) AND keep track of what the application object is, that is, keep a pointer to an Application around. The main question is : is this how it's usually done? Am I complicating things too much? Is it fine to pass hInstance as a parameter to the Application constructor? And where's the WndProc? Maybe WndProc should be outside of class and the Application pointer be global? Then WndProc invokes Application methods in response to various events.

  Read the article

• Implementing client callback functionality in WCF

  - by PoweredByOrange

  The project I'm working on is a client-server application with all services written in WCF and the client in WPF. There are cases where the server needs to push information to the client. I initially though about using WCF Duplex Services, but after doing some research online, I figured a lot of people are avoiding it for many reasons. The next thing I thought about was having the client create a host connection, so that the server could use that to make a service call to the client. The problem however, is that the application is deployed over the internet, so that approach requires configuring the firewall to allow incoming traffic and since most of the users are regular users, that might also require configuring the router to allow port forwarding, which again is a hassle for the user. My third option is that in the client, spawns a background thread which makes a call to the GetNotifications() method on server. This method on the server side then, blocks until an actual notification is created, then the thread is notified (using an AutoResetEvent object maybe?) and the information gets sent to the client. The idea is something like this: Client private void InitializeListener() { Task.Factory.StartNew(() => { while (true) { var notification = server.GetNotifications(); // Display the notification. } }, CancellationToken.None, TaskCreationOptions.LongRunning, TaskScheduler.Default); } Server public NotificationObject GetNotifications() { while (true) { notificationEvent.WaitOne(); return someNotificationObject; } } private void NotificationCreated() { // Inform the client of this event. notificationEvent.Set(); } In this case, NotificationCreated() is a callback method called when the server needs to send information to the client. What do you think about this approach? Is this scalable at all?

  Read the article

• How can I define an empty array in a Perl construtor?

  - by Laimoncijus

  I am just beginner with Perl, so if it sounds stupid - sorry for that :) My problem is - I am trying to write a class, which has an empty array, defined in constructor of a class. So I am doing this like this: package MyClass; use strict; sub new { my ($C) = @_; my $self = { items => () }; bless $self, ref $C || $C; } sub get { return $_[0]->{items}; } 1; Later I am testing my class with simple script: use strict; use Data::Dumper; use MyClass; my $o = MyClass->new(); my @items = $o->get(); print "length = ", scalar(@items), "\n", Dumper(@items); And while running the script I get following: $ perl my_test.pl length = 1 $VAR1 = undef; Why am I doing wrong what causes that I get my items array filled with undef? Maybe someone could show me example how the class would need to be defined so I would not get any default values in my array?

  Read the article

• Access values of a group of select boxes in php from post

  - by 2Real

  Hi, I'm new to PHP, and I can't figure this out. I'm trying to figure out how to access the data of a group of select boxes I have defined in my HTML code. I tried grouping them as a class, but that doesn't seem to work... maybe I was doing it wrong. This is the following HTML code. <form action="" method="post"> <select class="foo"> <option> 1.....100</option> </select> <select class="foo"> <option> 1.... 500></option> </select> <input type="submit" value="Submit" name="submit"/> </form> I essentially want to group all my select boxes and access all the values in my PHP code. Thanks

  Read the article

• Idiomatic PHP web page creation

  - by GreenMatt

  My PHP experience is rather limited. I've just inherited some stuff that looks odd to me, and I'd like to know if this is a standard way to do things. The page which shows up in the browser location (e.g. www.example.com/example_page) has something like: <? $title = "Page Title"; $meta = "Some metadata"; require("pageheader.inc"); ?> <!-- Content --> Then pageheader.inc has stuff like: <? @$title = ($title) ? $title : ""; @$meta = ($meta) ? $meta : ""; ?> <html> <head> <title><?=$title?></title </head> <!-- and so forth --> Maybe others find this style useful, but it confuses me. I suppose this could be a step toward a rudimentary content management system, but the way it works here I'd think it adds to the processing the server has to do without reducing the load on the web developer enough to make it worth the effort. So, is this a normal way to create pages with PHP? Or should I pull all this in favor of a better approach? Also, I know that "<?" (vs. "<?php" ) is undesirable; I'm just reproducing what is in the code.

  Read the article

• PHP5 getrusage() returning incorrect information?

  - by Andrew

  I'm trying to determine CPU usage of my PHP scripts. I just found this article which details how to find system and user CPU usage time (Section 4). However, when I tried out the examples, I received completely different results. The first example: sleep(3); $data = getrusage(); echo "User time: ". ($data['ru_utime.tv_sec'] + $data['ru_utime.tv_usec'] / 1000000); echo "System time: ". ($data['ru_stime.tv_sec'] + $data['ru_stime.tv_usec'] / 1000000); Results in: User time: 29.53 System time: 2.71 Example 2: for($i=0;$i<10000000;$i++) { } // Same echo statements Results: User time: 16.69 System time: 2.1 Example 3: $start = microtime(true); while(microtime(true) - $start < 3) { } // Same echo statements Results: User time: 34.94 System time: 3.14 Obviously, none of the information is correct except maybe the system time in the third example. So what am I doing wrong? I'd really like to be able to use this information, but it needs to be reliable. I'm using Ubuntu Server 8.04 LTS (32-bit) and this is the output of php -v: PHP 5.2.4-2ubuntu5.10 with Suhosin-Patch 0.9.6.2 (cli) (built: Jan 6 2010 22:01:14) Copyright (c) 1997-2007 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies

  Read the article

• How do you lock down & secure files stored on server in ASP.NET?

  - by Jon

  How do I go about securing files that are stored on the server? We have an ASP.NET app which generates PDFs. These are not stored in the wwwroot folder but in another folder i.e. C:\inetpub\data. This provides more security but maybe not enough. The ASP.NET/IIS process will need write access to this folder so it generate the PDFs there. Once the pdf is generated, it can be viewed using an ASP.NET form called viewpdf.aspx with the file to be viewed add to the query string like so viewpdf.aspx?FILE=mynewfile.pdf. This is loaded from a gridview. The full path to C:\inetpub\data is resolved and loaded in the Page_load event of the viewer page. Now I'm wondering how to secure this. Anybody could just view the file. Not by entering in the URL, as it won't been seen by IIS (its not in wwwroot), but could change the querystring in the viewpdf page. How do I stop anybody hacking this?

  Read the article

• nhibernate mapping: delete collection, insert new collection with old IDs

  - by npeBeg

  my issue lokks similar to this one: (link) but i have one-to-many association: <set name="Fields" cascade="all-delete-orphan" lazy="false" inverse="true"> <key column="[TEMPLATE_ID]"></key> <one-to-many class="MyNamespace.Field, MyLibrary"/> </set> (i also tried to use ) this mapping is for Template object. this one and the Field object has their ID generators set to identity. so when i call session.Update for the Template object it works fine, well, almost: if the Field object has an Id number, UPDATE sql request is called, if the Id is 0, the INSERT is performed. But if i delete a Field object from the collection it has no effect for the Database. I found that if i also call session.Delete for this Field object, everything will be ok, but due to client-server architecture i don't know what to delete. so i decided to delete all the collection elements from the DB and call session.Update with a new collection. and i've got an issue: nhibernate performs the UPDATE operation for the Field objects that has non-zero Id, but they are removed from DB! maybe i should use some other Id generator or smth.. what is the best way to make nhibernate perform "delete all"/"insert all" routine for the collection?

  Read the article

• protect form hijacking hack

  - by Karem

  Yes hello today I discovered a hack for my site. When you write a msg on a users wall (in my communitysite) it runs a ajax call, to insert the msg to the db and will then on success slide down and show it. Works fine with no problem. So I was rethinking alittle, I am using POST methods for this and if it was GET method you could easily do ?msg=haxmsg&usr=12345679. But what could you do to come around the POST method? I made a new html document, made a form and on action i set "site.com/insertwall.php" (the file that normally are being used in ajax), i made some input fields with names exactly like i am doing with the ajaxcall (msg, uID (userid), BuID (by userid) ) and made a submit button. I know I have a page_protect() function on which requires you to login and if you arent you will be header to index.php. So i logged in (started session on my site.com) and then I pressed on this submit button. And then wops I saw on my site that it has made a new message. I was like wow, was it so easy to hijack POST method i thought maybe it was little more secure or something. I would like to know what could I do to prevent this hijacking? As i wouldnt even want to know what real hackers could do with this "hole". The page_protect secures that the sessions are from the same http user agent and so, and this works fine (tried to run the form without logging in, and it just headers me to startpage) but yea wouldnt take long time to figure out to log in first and then run it. Any advices are appreciated alot. I would like to keep my ajax calls most secure as possible and all of them are running on the POST method. What could I do to the insertwall.php, to check that it comes from the server or something.. Thank you

  Read the article

• iphone nsarray problem?

  - by Brodie4598

  Okay maybe i just need another set of eyes on this, but I have the following lines of code in one of my view controllers. It takes some data from a file, and populates it into an array using "\n" as a separator. I then use that array to make an NSDictionary, which is used to populate a tableview. It's very simple. However it isnt working. Here's the code: NSString *dataString = [NSString stringWithContentsOfFile:checklistPath encoding: NSUTF8StringEncoding error:NULL]; if ([dataString hasPrefix:@"\n"]) { dataString = [dataString substringFromIndex:1]; } NSArray *tempArray = [dataString componentsSeparatedByString:@"\n"]; NSLog(@"datastring:%@",dataString); NSLog(@"temp array:",tempArray); NSLog(@"%i",[tempArray count]); NSDictionary *temporaryDictionary = [NSDictionary dictionaryWithObject: tempArray forKey:@"User Generated Checklist"]; self.names = temporaryDictionary; NSLog(@"names:%@",names); so in the log, datastring is correct, so it's correctly pulling the data from a file. however for tempArray, i get: 2010-05-17 19:15:55.825 MyApp[7309:207] temp array: for the tempArray count i get: 2010-05-17 19:15:55.826 myApp[7309:207] 5 which is the correct number of strings in the array So i'm stumped. I have the EXACT same few lines of code in a different view controller and it works perfectly. Whats crazier is the last NSLog, that shows the final NSDictionary (names) displays this, which looks correct: 2010-05-17 19:15:55.827 FS Companion[7309:207] names:{ "User Generated Checklist" = ( "System|||ACTION", "System|||ACTION", "System|||ACTION", "System|||ACTION", "System|||ACTION" ); \ am i missing something really obvious??

  Read the article

< Previous Page | 412 413 414 415 416 417 418 419 420 421 422 423  | Next Page >