Search Results

Search found 24978 results on 1000 pages for 'publishing site'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 417/1000 | < Previous Page | 413 414 415 416 417 418 419 420 421 422 423 424  | Next Page >

  • Troubleshooting ASP .NET Application on Shared Hosting

    - by James
    Hi, My company has a CRM site hosted externally on a shared server and recently it has been very problematic. Users are being logged out randomly, sometimes only seconds after logging in. We are also getting viewstate validation errors at times. Both problems seem to occur more often when there are two or more people logged in at the same time, but I can't really see any particular pattern. I am using log4net to track the application state and from what I can tell it seems that the application is frequently restarting, causing all sorts of issues. I can see log messages from the Application_Start event handler but there is not always a corresponding message from the Application_End event handler. There is also logging code in the Application_Error event handler but it is not catching anything at the time of the restart. These errors started to occur soon after we moved our site to this shared server, although I don't remember it being this bad at first. Any advice on how to track down these problems would be appreciated. The server is running Windows Server 2003 and IIS 6.0. Sadly I don't have access to the server other than through Parallels Plesk and it doesn't seem to have any useful diagnostic information.

    Read the article

  • Forms/AD Authentication with Sharepoint

    - by David Lively
    All, I'm configuring Sharepoint to use forms authentication with LDAP/Active Directory. I'm new to Sharepoint, so if this is obvious, please point me in the right direction. Whenever I attempt to log in with a bad account or password, I get the very friendly (and correct) error message, The server could not sign you in. Make sure your user name and password are correct, and then try again. ... which implies that Sharepoint is able to communicate with AD. If I log in with a valid account, I get a page that says: (I added the grey bar to cover up the login name) Any suggestions? The account I'm logging in with is an administrator and has been granted full control in central administration. Also, interesting note: If I click the "sign in as a different user" link, and attempt to sign in using with the same credentials I just used, the site just redirects back to the login page, with no error or status message. If I then manually enter the site url, it again shows the "Error: Access Denied" page. Argh.

    Read the article

  • New to web development - backend questions

    - by James
    I'm new to web development although I'm confident in the roadmap for the front-end. I need direction on two things: Basic architecture Back-end technologies For architecture, what do I need to get started? From what I know, its: Get a domain name registered (godaddy?) Find a web host ??? anything else? or start developing the site? I don't think its that easy, there must be something I'm missing, right? For the back-end technologies, I have application development experience with Java and Python, but how likely is it to find a back-end hosting site that supports these languages over PHP? Is PHP a better choice? If I stick with what I know for the back-end, am I sabotaging myself later on? If I need help, how is the market for a python/java developer vs. a php developer? What do I need to know about databases? I have some basic SQL experience. Do hosting sites have limitations on the type of databases or bandwidth I need to worry about? I'm working through some of the common sites: StackOverflow, Sitepoint forums, Google, etc...are there other resources I should use?

    Read the article

  • Creating a content management system for dedicated use

    - by whitstone86
    I've been trying to create a specialised CMS, as none of the current open-source ones fit my needs for this project. I did my research on Google, tried multiple times but haven't got very far with this project. I'm trying to create a CMS for a TV/episode guide which is similar to this: (for some that don't have the :// just copy-and-paste and add it after http in the URL) http library.digiguide.com/lib/programmenextshowing/Police%2C+Camera%2C+Action!-12578 (one such example) - where records expire and delete from the database after expiration. This is the design I'm trying to emulate: http library.digiguide.com/lib/programme/24-84241/Drama/ - the programme http://library.digiguide.com/lib/episode/Under+Surveillance-714873 - a typical episode, could use .htaccess to remove php from name http library.digiguide.com/lib/programmenextshowing/24-84241 - paginated episode display (using script that I found in search here possibly) I don't have access to cron job as it's on Windows/Apache, so that's out the question for this one. I'm not sure how to go about this successfully, anyone got any advice? (Note:Although the linked site runs in ASP.NET, it's the design and feel of it I'm trying to emulate, except in PHP. I've managed to emulate that site's design, but with my own tweaks to it.)

    Read the article

  • gevent install on x86_64 fails: "undefined symbol: evhttp_accept_socket"

    - by digitala
    I'm trying to install gevent on a fresh EC2 CentOS 5.3 64-bit system. Since the libevent version available in yum was too old for another package (beanstalkd) I compiled/installed libevent-1.4.13-stable manually using the following command: ./configure --prefix=/usr && make && make install This is the output from installing gevent: [gevent-0.12.2]# python setup.py build --libevent /usr/lib Using libevent 1.4.13-stable: libevent.so running build running build_py running build_ext Linking /usr/src/gevent-0.12.2/build/lib.linux-x86_64-2.6/gevent/core.so to /usr/src/gevent-0.12.2/gevent/core.so [gevent-0.12.2]# cd /path/to/my/project [project]# python myscript.py Traceback (most recent call last): File "myscript.py", line 9, in <module> from gevent.wsgi import WSGIServer as GeventServer File "/usr/lib/python2.6/site-packages/gevent/__init__.py", line 32, in <module> from gevent.core import reinit ImportError: /usr/lib/python2.6/site-packages/gevent/core.so: undefined symbol: evhttp_accept_socket I've followed exactly the same steps on a local VirtualBox instance (32-bit) and I'm not seeing any errors. How would I fix this?

    Read the article

  • ASP.NET MVC on GoDaddy Not Working (Not Primary Domain Deployment)

    - by JPrescottSanders
    I am trying to get ASP.NET MVC working on GoDaddy and I'm not having much luck. I have read the post on SO that covers the subject, but I must have a slightly different configuration or must be missing somehting along the way because the main MVC page comes up, but all links seem to fail and no amount of tweaking the URLs seems to get it to work. A little back ground. I have a single hosting plan with many domains pointed to sub folders of the main domain. Basic ASP.NET web forms pages work just fine, but of course I wanted to try and host a sample MVC site in one of these non-primary domains. You can go to the URL here. As you can see this first page comes up, but if you click on Home or About it doesn't work. Clicking on Home creates this link "http://www.jprescottsanders.com/jps/" and clicking on about creates this link "http://www.jprescottsanders.com/jps/Home/About". As you can see JPS sneaks in there, this of course is the sub folder that i place my web app files in. I would like to know if this is a MVC related issue or a GoDaddy issue. I suspect that MVC may want to sit in the root directory of the site, and when it puts the "jps" into the URLs it breaks the routing mechanisms (but this is conjecture). I know Dan said this was possible so I'm hoping he sees this and helps me get to the bottom of this deployment strategy for MVC.

    Read the article

  • Cannot connect to FTP sites anymore

    - by Wayne M
    I have the FTP service running on Server 2003, and I am hosting websites through Apache. I have users configured to point to certain directories on the server. I am using FileZilla to remote FTP, but it never seems to connect to the directory. The command window says: Command: USER wayne Response: 331 Password required for wayne Command: PASS: ***** Response: 230 User wayne logged in Status: Connected Status: Retrieving directory isting... Command: PWD Response: 257 "/wayne" is current directory Command: TYPE I Response: 200 Type set to I. Command: PASV And that's it. It doesn't display any directories at all, and the pane says "Not connected to any server". Sometimes it will display the folder, but nothing happens when I click on it to expand it. It was working fine, and I have another FTP server set up the same way that does work. How can I fix this? EDIT: I've tried changing it to Active FTP, and it says: Command: LIST Command: 150 Opening BINARY mode data connection for /bin/ls Response: 425 Can't open data connection. Error: Failed to retrieve directory listing. I also noticed that I'm not able to browse the site in IIS's management console anymore, it just shows a blank screen when I click on one of the names and says There are no items to show in this view, although the name has permissions to view the folder and everything. Could it be because I have the Web Publishing service disabled (as I'm not using IIS to host websites)? That shouldn't cause anything should it?

    Read the article

  • Are there any ASP.NET MVC subscription-based starter kits or examples?

    - by Wayne M
    Basically something that handles the low-level "plumbing" code for a subscription-based service. I see a lot of things dealing with basic membership, but nothing that handles the subscription aspect (recurring billing, automated jobs for setting up billing, notification for billing, etc). This might be the one thing that keeps me from using ASP.NET MVC for my SaaS idea, since it would take a fair amount of development time to write my own; if I go with my other option, Ruby on Rails, I can buy a kit that does all of this for $250. I haven't found anything even remotely close to this for .NET - all of the SaaS sample apps I've seen are more like StackOverflow et all where you have one site that multiple people log on to, not the web application model where you have subscribers who are billed monthly, each of whom has users and other entities (e.g. Customers, Tasks, etc) for their own site. Is there anything similar for ASP.NET, or some kind of guidelines for writing my own if I have to, so I don't waste too much time? As a startup that means that I'm doing all the coding myself. I've found this, but it seems to only be for billing and didn't seem to have much (any?) documentation on exactly how to set it up.

    Read the article

  • Debugging Django project problem.

    - by Wasim
    Hi all, I asked this question before, but had no replies, maybe I wasn't so clear. I'm trying to debug a django project using MySQL database. If I run the admin or trying to use the shell to communicate to the data base every thing is well and I can do every thing. I installed MySQLdb for Python 2.6. I installed PyDev on my Apatana studio. Configured the Debugging with runserver 8001 --noreload. When I start debugging , When I arrive to the following code in C:\Python26\Lib\site-packages\django\db\backends\mysql\base.py try: import MySQLdb as Database except ImportError, e: from django.core.exceptions import ImproperlyConfigured raise ImproperlyConfigured("Error loading MySQLdb module: %s" % e) I get an import error : django.core.exceptions.ImproperlyConfigured: Error loading MySQLdb module: DLL load failed: The specified module could not be found. I trying to ge more deeply with the import MySQLdb as Database line , it goes to the C:\Python26\Lib\site-packages\MySQLdb__init__.py and fail in the line import _mysql. I can't understand the problem. When running the Django admin every thing is ok, but with debugging it fails to work. Any help please. Thanks in advance.

    Read the article

  • How to efficiently serve massive sitemaps in django

    - by mlissner
    I have a site with about 150K pages in its sitemap. I'm using the sitemap index generator to make the sitemaps, but really, I need a way of caching it, because building the 150 sitemaps of 1,000 links each is brutal on my server.[1] I COULD cache each of these sitemap pages with memcached, which is what I'm using elsewhere on the site...however, this is so many sitemaps that it would completely fill memcached....so that doesn't work. What I think I need is a way to use the database as the cache for these, and to only generate them when there are changes to them (which as a result of the sitemap index means only changing the latest couple of sitemap pages, since the rest are always the same.)[2] But, as near as I can tell, I can only use one cache backend with django. How can I have these sitemaps ready for when Google comes-a-crawlin' without killing my database or memcached? Any thoughts? [1] I've limited it to 1,000 links per sitemap page because generating the max, 50,000 links, just wasn't happening. [2] for example, if I have sitemap.xml?page=1, page=2...sitemap.xml?page=50, I only really need to change sitemap.xml?page=50 until it is full with 1,000 links, then I can it pretty much forever, and focus on page 51 until it's full, cache it forever, etc.

    Read the article

  • SharePoint Designer Workflow: Unruly 'Collect User Data' Action

    - by Jeremy
    I'm a student in a SharePoint class online. This problem has riddled everyone I've discussed it with, including the teacher. There seems to be some sort of problem when I create a workflow with the collect data action. I can create workflows that send e-mails and use the other actions just fine. What could be causing this problem? My reproduction steps are simple: Create a new Site Collection with the Blank Site template. Create a new Custom List. In SharePoint Designer, start a new workflow on the Custom List. Add the collect data action to the workflow. Set the user to the one that created the task. Set the data to anything. A single check box, a string, Choice, doesn't matter. Leave the output variable as default. Mystery error appears! When the Check Workflow button is pressed, nothing happens. No message box appears at all. The warning icon in the Steps panel merely points out that there are some errors, it isn't specific as to what they are. Additionally, when I click on the data object again after it's been created, it doesn't populate the form with the old values. It goes back to the default name with no fields. So there's definitely something going wrong here. I've narrowed the problem down to the data object, but I don't know what to do about it. The workflow acts like normal for other activities. For example, delete the Collect Data action and add a Send Email one instead and it compiles and runs successfully.

    Read the article

  • How would you protect a database of links from being scraped?

    - by Yegor
    I have a large database of links, which are all sorted in specific ways and are attached to other information, which is valuable (to some people). Currently my setup (which seems to work) simply calls a php file like link.php?id=123, it logs the request with a timestamp into the DB. Before it spits out the link, it checks how many requests were made from that IP in the last 5 minutes. If its greater than x, it redirects you to a captcha page. That all works fine and dandy, but the site has been getting really popular (as well as been getting DDOsed for about 6 weeks), so php has been getting floored, so Im trying to minimize the times I have to hit up php to do something. I wanted to show links in plain text instead of thru link.php?id= and have an onclick function to simply add 1 to the view count. Im still hitting up php, but at least if it lags, it does so in the background, and the user can see the link they requested right away. Problem is, that makes the site REALLY scrapable. Is there anything I can do to prevent this, but still not rely on php to do the check before spitting out the link?

    Read the article

  • Copy whole SQL Server database into JSON from Python

    - by Oli
    I facing an atypical conversion problem. About a decade ago I coded up a large site in ASP. Over the years this turned into ASP.NET but kept the same database. I've just re-done the site in Django and I've copied all the core data but before I cancel my account with the host, I need to make sure I've got a long-term backup of the data so if it turns out I'm missing something, I can copy it from a local copy. To complicate matters, I no longer have Windows. I moved to Ubuntu on all my machines some time back. I could ask the host to send me a backup but having no access to a machine with MSSQL, I wouldn't be able to use that if I needed to. So I'm looking for something that does: db = {} for table in database: db[table.name] = [row for row in table] And then I could serialize db off somewhere for later consumption... But how do I do the table iteration? Is there an easier way to do all of this? Can MSSQL do a cross-platform SQLDump (inc data)? For previous MSSQL I've used pymssql but I don't know how to iterate the tables and copy rows (ideally with column headers so I can tell what the data is). I'm not looking for much code but I need a poke in the right direction.

    Read the article

  • GoDaddy Subdomain Hosting Issue/Question with Disk Access (C#/ASP.NET 3.5)

    - by Vogel
    This isn't a very complicated scenario really, but as I start to type out the problem I'm realizing how convoluted it can become textually. Let me try and be very clear: First, the set up... I have a C#/ASP.NET web application that is publicly facing on my main domain (www), let's call it www.mysite.com. Nothing fancy, just a front-end that connects to SQL to display records. Then, I have a second C#/ASP.NET web application that is secured using forms authentication running on a subdomain, let's call it admin.mysite.com. This is a very light-weight CMS system to administer the public site. Now, the problem... Both of these sites run fine for basic tasks, however, my problem arises when I try to gain access to the file system for uploading. GoDaddy requires subdomains to run as a virtual directories under the main application in IIS (so the subdomains actually resolve/re-direct to www.mysite.com/admin when you type in admin.mysite.com), but because of this I am unable to write to my website root from the subfolder. Let me explain a little more... The CMS system (running as a virtual directory) gives the admin the ability to upload photos for display on the main site, the target folder of which is www.mysite.com/images - when attempting disk access from the root app, I am able to write to the virtual directory, but cannot do the opposite -- that is, write to the root from the virtual directory, getting security violations. If I can only upload to the /admin/ virtual directory, the entire point is moot because it's a secured folder that the public can't see! The only solution I can think of is to upload the files to the /admin/ virtual directory, then call a URL in the root that moves files from /admin/ back to the root, but that is entirely ghetto. I hope this post makes sense. Anyone else experience anything like this? The bottom line is that it seems virtual directories ONLY have access to themselves, and not their parent directories, no matter what credentials are used. Thanks!

    Read the article

  • EF + UnitOfWork + SharePoint RunWithElevatedPrivileges

    - by Lorenzo
    In our SharePoint application we have used the UnitOfWork + Repository patterns together with Entity Framework. To avoid the usage of the passthrough authentication we have developed a piece of code that impersonate a single user before creating the ObjectContext instance in a similar way that is described in "Impersonating user with Entity Framework" on this site. The only difference between our code and the referred question is that, to do the impersonation, we are using RunWithElevatedPrivileges to impersonate the Application Pool identity as in the following sample. SPSecurity.RunWithElevatedPrivileges(delegate() { using (SPSite site = new SPSite(url)) { _context = new MyDataContext(ConfigSingleton.GetInstance().ConnectionString); } }); We have done this way because we expected that creating the ObjectContext after impersonation and, due to the fact that Repositories are receiving the impersonated ObjectContext would solve our requirement. Unfortunately it's not so easy. In fact we experienced that, even if the ObjectContext is created before and under impersonation circumstances, the real connection is made just before executing the query, and so does not use impersonation, which break our requirement. I have checked the ObjectContext class to see if there was any event through which we can inject the impersonation but unfortunately found nothing. Any help?

    Read the article

  • how to tile 3D mesh with image brush in XAML

    - by MC9000
    I have a 2D square in a ViewPort3D that I want to do a tiling of an image (like a checkerboard or flooring with "tiles" effect). I've created an image brush (the image is 50x50 pixels, the surface 250x550 pixels) and a viewport (trying to follow MS's site - though their example is for 2D), but only 1 of the colors in the "tile" image shows up and no tiling is seen. I can't find a single example on the Internet and MS's site has no info (that I can find) on 3D XAML anywhere, so I'm stumped as how to actually do this. <Viewport3D> <Viewport3D.Camera> <PerspectiveCamera Position="125,790,120" LookDirection="0,-.7,-0.25" UpDirection="0,0,1" /> </Viewport3D.Camera> <ModelVisual3D> <ModelVisual3D.Content> <Model3DGroup> <AmbientLight Color="white" /> <GeometryModel3D> <GeometryModel3D.Geometry> <MeshGeometry3D Positions="0,0,0 250,0,0 250,550,0 0,550,0 " TriangleIndices="0 1 3 1 2 3 "/> </GeometryModel3D.Geometry> <GeometryModel3D.Material> <DiffuseMaterial> <DiffuseMaterial.Brush> <ImageBrush ViewportUnits="Absolute" TileMode="Tile" ImageSource="testsquare.gif" Viewport="0,0,50,50" Stretch="None" ViewboxUnits="Absolute" /> </DiffuseMaterial.Brush> </DiffuseMaterial> </GeometryModel3D.Material> </GeometryModel3D> </Model3DGroup> </ModelVisual3D.Content> </ModelVisual3D> </Viewport3D>

    Read the article

  • Windows Azure ASP.NET MVC Role behaves strangely when redirecting from HTTP to HTTPS

    - by Rinat Abdullin
    Subj. I've got an ASP.NET 2 MVC Worker Role Application, that does not differ much from the default template. When attempting redirect from HTTP to HTTPS (this happens when we access constroller secured by the usual RequireSSL attribute implementation) we get blank page with "Bad Request" message. IntelliTrace shows this: Thrown: "The file '/Views/Home/LogOnUserControl.aspx' does not exist." (System.Web.HttpException) Call stack is really short: [External Code] App_Web_vfahw7gz.dll!ASP.views_shared_site_master.__Render__control1(System.Web.UI.HtmlTextWriter __w = {unknown}, System.Web.UI.Control parameterContainer = {unknown}) [External Code] App_Web_bsbqxr44.dll!ASP.views_home_index_aspx.ProcessRequest(System.Web.HttpContext context = {unknown}) [External Code] User control reference is the usual one in /Views/Shared/Site.Master: <div id="logindisplay"> <% Html.RenderPartial("LogOnUserControl"); %> </div> And partial view LogOnUserControl.ashx is located in Views/Shared (and it is ASHX, not ASPX). Problem shows up, when we try to access site pages, that require auth and redirect. These pages are secured by RequireSSL attribute (Redirect == true): [AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, Inherited = true, AllowMultiple = false)] public sealed class RequireSslAttribute : FilterAttribute, IAuthorizationFilter { public bool Redirect { get; set; } // Methods public void OnAuthorization(AuthorizationContext filterContext) { // this get's messy, when we are running custom ports // within the local dev fabric. // hence we disable code in the debug #if !DEBUG if (filterContext == null) { throw new ArgumentNullException("filterContext"); } if (filterContext.HttpContext.Request.IsSecureConnection) return; var canRedirect = string.Equals(filterContext.HttpContext.Request.HttpMethod, "GET", StringComparison.OrdinalIgnoreCase); if (canRedirect && Redirect) { var builder = new UriBuilder { Scheme = "https", Host = filterContext.HttpContext.Request.Url.Host, Path = filterContext.HttpContext.Request.RawUrl }; filterContext.Result = new RedirectResult(builder.ToString()); } else { throw new HttpException(0x193, "Access forbidden. The requested resource requires an SSL connection."); } #endif } } Obviously we compile in RELEASE for this case. Does anybody have any idea, what could cause this strange exception and how to get rid of it?

    Read the article

  • Verifying existence of name and password in NSUserDefaults to Skip a login/Screen

    - by Michael Robinson
    I have a Tabbar/Tableview App that modally loads a Login/Signup view when the app loads, I have set up a Root.plist in a settings bundle for the name and password and have successfully retrieved the items. I want to be able to do two things: 1) Do a test to see if the NSUserDefault Strings are empty and if so load the Login/Signup view. 2) If the strings are available then use the string contents to login to my Webservice. Thanks in advance. Here is my LoginViewController .m : @synthesize usernameField; @synthesize passwordField; @synthesize loginButton; @synthesize loginIndicator; @synthesize usernameLabel; @synthesize passwordLabel; -(void)refreshFields { NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults]; usernameLabel.text = [defaults objectForKey:kUsernameKey]; passwordLabel.text = [defaults objectForKey:kPasswordKey]; } - (void)viewDidAppear:(BOOL)animated { [self refreshFields]; [super viewDidAppear:animated]; } - (void)viewDidLoad { [super viewDidLoad]; [self refreshFields]; [self.navigationController setNavigationBarHidden:YES animated:NO]; } - (IBAction) login: (id) sender { { NSString *post =[NSString stringWithFormat:@"username=%@&password=%@",usernameField.text, passwordField.text]; NSString *hostStr = @"http:~iphone_login.php?"; hostStr = [hostStr stringByAppendingString:post]; NSData *dataURL = [NSData dataWithContentsOfURL: [ NSURL URLWithString: hostStr ]]; NSString *serverOutput = [[NSString alloc] initWithData:dataURL encoding: NSASCIIStringEncoding]; NSLog(@"Site: %@",hostStr); NSLog(@"Site: %@",serverOutput); if([serverOutput isEqualToString:@"Yes"]){ UIAlertView *alertsuccess = [[UIAlertView alloc] initWithTitle:@"Congrats" message:@"You are authorized " delegate:self cancelButtonTitle:@"OK" otherButtonTitles:nil, nil]; [alertsuccess show]; [alertsuccess release];

    Read the article

  • Absolute positioning in IE6, using left: 0; and right: 0; simultaneously

    - by Zane
    Here is my website: http://dagwaging.110mb.com/ View it in any good browser, then in IE6. It dies in IE6. It seems that in IE6, one can't do this: div { position: absolute; left: 0px; right: 0px; } or this: div { position: absolute; top: 0px; bottom: 0px; } Absolute positions cannot be set for left and right or top and bottom at the same time. This is terrible, because that is pretty much the basis of my site design. The HTML can be viewed on the site, and the CSS is in /style.css. I'd like to fix this without invalidating my CSS or HTML. Can this be done? Another problem is that my content uses min-width and max-width to avoid over-stretching or compressing the content within. IE6 can't do min-width, so how can I replicate this behavior?

    Read the article

  • PHP $_SERVER['HTTP_HOST'] vs. $_SERVER['SERVER_NAME'], am I understanding the man pages correctly?

    - by Jeff
    I did a lot of searching and also read the PHP $_SERVER man page. Do I have this right regarding which to use for my PHP scripts for simple link definitions used throughout my site? $_SERVER['SERVER_NAME'] is based on your web servers' config file (Apache2 in my case), and varies depending on a few directives: (1) VirtualHost, (2) ServerName, (3) UseCanonicalName, etc. $_SERVER['HTTP_HOST'] is based on the request from the client. Therefore, it would seem to me that the proper one to use in order to make my scripts as compatible as possible would be $_SERVER['HTTP_HOST']. Is this assumption correct? Followup comments: I guess I got a little paranoid after reading this article and noting that someone said "they wouldn't trust any of the $_SERVER vars": http://markjaquith.wordpress.com/2009/09/21/php-server-vars-not-safe-in-forms-or-links/ and also: http://www.php.net/manual/en/reserved.variables.server.php (comment: Vladimir Kornea 14-Mar-2009 01:06) Apparently the discussion is mainly about $_SERVER['PHP_SELF'] and why you shouldn't use it in the form action attribute without proper escaping to prevent XSS attacks. My conclusion about my original question above is that it is "safe" to use $_SERVER['HTTP_HOST'] for all links on a site without having to worry about XSS attacks, even when used in forms. Please correct me if I'm wrong.

    Read the article

  • How does browser know when to prompt user to save password?

    - by Eric
    This is related to the question I asked here: http://stackoverflow.com/questions/2382329/how-can-i-get-browser-to-prompt-to-save-password This is the problem: I CAN'T get my browser to prompt me to save the password for the site I'm developing. (I'm talking about the bar that appears sometimes when you submit a form on Firefox, that says "Remember the password for yoursite.com? Yes / Not now / Never") This is super frustrating because this feature of Firefox (and most other modern browsers, which I hope work in a similar fashion) seems to be a mystery. It's like a magic trick the browser does, where it looks at your code, or what you submit, or something, and if it "looks" like a login form with a username (or email address) field and a password field, it offers to save. Except in this case, where it's not offering my users that option after they use my login form, and it's making me nuts. :-) (I checked my Firefox settings-- I have NOT told the browser "never" for this site. It should be prompting.) My question: exactly what the heuristics are that Firefox (or any other modern browser) uses to know when it should prompt the user to save? This shouldn't be too difficult to answer, since it's right there in the Mozilla source (I don't know where to look or else I'd try to dig it out myself). You'd think there would be a blog post or some other similar developer note from the Mozilla developers about this but I can't find that either. (* Note that if your answer to me has anything to do with cookies, encryption or anything else that is about how I'm storing the user's passwords in the database, you've probably misread my question. :-)

    Read the article

  • Syncing data between devel/live databases in Django

    - by T. Stone
    With Django's new multi-db functionality in the development version, I've been trying to work on creating a management command that let's me synchronize the data from the live site down to a developer machine for extended testing. (Having actual data, particularly user-entered data, allows me to test a broader range of inputs.) Right now I've got a "mostly" working command. It can sync "simple" model data but the problem I'm having is that it ignores ManyToMany fields which I don't see any reason for it do so. Anyone have any ideas of either how to fix that or a better want to handle this? Should I be exporting that first query to a fixture first and then re-importing it? from django.core.management.base import LabelCommand from django.db.utils import IntegrityError from django.db import models from django.conf import settings LIVE_DATABASE_KEY = 'live' class Command(LabelCommand): help = ("Synchronizes the data between the local machine and the live server") args = "APP_NAME" label = 'application name' requires_model_validation = False can_import_settings = True def handle_label(self, label, **options): # Make sure we're running the command on a developer machine and that we've got the right settings db_settings = getattr(settings, 'DATABASES', {}) if not LIVE_DATABASE_KEY in db_settings: print 'Could not find "%s" in database settings.' % LIVE_DATABASE_KEY return if db_settings.get('default') == db_settings.get(LIVE_DATABASE_KEY): print 'Data cannot synchronize with self. This command must be run on a non-production server.' return # Fetch all models for the given app try: app = models.get_app(label) app_models = models.get_models(app) except: print "The app '%s' could not be found or models could not be loaded for it." % label for model in app_models: print 'Syncing %s.%s ...' % (model._meta.app_label, model._meta.object_name) # Query each model from the live site qs = model.objects.all().using(LIVE_DATABASE_KEY) # ...and save it to the local database for record in qs: try: record.save(using='default') except IntegrityError: # Skip as the record probably already exists pass

    Read the article

  • Why not use tables for layout in HTML?

    - by Bno
    It seems to be the general opinion that tables should not be used for layout in HTML. Why? I have never (or rarely to be honest) seen good arguments for this. The usual answers are: It's good to separate content from layoutBut this is a fallacious argument; Cliche Thinking. I guess it's true that using the table element for layout has little to do with tabular data. So what? Does my boss care? Do my users care?Perhaps me or my fellow developers who have to maintain a web page care... Is a table less maintainable? I think using a table is easier than using divs and CSS.By the way... why is using a div or a span good separation of content from layout and a table not? Getting a good layout with only divs often requires a lot of nested divs. Readability of the codeI think it's the other way around. Most people understand html, few understand CSS. It's better for SEO not to use tablesWhy? Can anybody show some evidence that it is? Or a statement from Google that tables are discouraged from an SEO perspective? Tables are slower.An extra tbody element has to be inserted. This is peanuts for modern web browsers. Show me some benchmarks where the use of a table significantly slows down a page. A layout overhaul is easier without tables, see css Zen Garden.Most web sites that need an upgrade need new content (html) as well. Scenarios where a new version of a web site only needs a new CSS file are not very likely. Zen Garden is a nice web site, but a bit theoretical. Not to mention its misuse of CSS. I am really interested in good arguments to use divs + CSS instead of tables.

    Read the article

  • chrome extension login security with iframe

    - by Weaver
    I should note, I'm not a chrome extension expert. However, I'm looking for some advice or high level solution to a security concern I have with my chrome extension. I've searched quite a bit but can't seem to find a concrete answer. The situation I have a chrome extension that needs to have the user login to our backend server. However, it was decided for design reasons that the default chrome popup balloon was undesirable. Thus I've used a modal dialog and jquery to make a styled popup that is injected with content scripts. Hence, the popup is injected into the DOM o the page you are visiting. The Problem Everything works, however now that I need to implement login functionality I've noticed a vulnerability: If the site we've injected our popup into knows the password fields ID they could run a script to continuously monitor the password and username field and store that data. Call me paranoid, but I see it as a risk. In fact,I wrote a mockup attack site that can correctly pull the user and password when entered into the given fields. My devised solution I took a look at some other chrome extensions, like Buffer, and noticed what they do is load their popup from their website and, instead, embed an iFrame which contains the popup in it. The popup would interact with the server inside the iframe. My understanding is iframes are subject to same-origin scripting policies as other websites, but I may be mistaken. As such, would doing the same thing be secure? TLDR To simplify, if I embedded an https login form from our server into a given DOM, via a chrome extension, are there security concerns to password sniffing? If this is not the best way to deal with chrome extension logins, do you have suggestions with what is? Perhaps there is a way to declare text fields that javascript can simply not interact with? Not too sure! Thank you so much for your time! I will happily clarify anything required.

    Read the article

  • Call WCF Service Through Javascript, AJAX, or JQuery

    - by obautista
    I created a number of standard WCF Services (Service Contract and Host (svc) are in separate assemblies). I fired up a Web Site in IIS to host the Services (i.e., address is http://services:1000/wcfservices.svc). Then in my Web Site project I added the reference. I am able to call the services normally. I am needed to call some of the services client side. Not sure if I should be looking at articles calling WCF services through AJAX, JQuery, or JSON enabled WCF Services. Can anyone provide any thoughts or experience with configuring as such? Some of the changes I made was adding the following to the Operation Contract: [OperationContract] [WebInvoke(Method = "POST", UriTemplate = "SetFoo")] void SetFoo(string Id); Then this above the implementation of the interface: [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)] Then in the service webconfig I have this (parens are angle brackets): <serviceHostingEnvironment aspNetCompatibilityEnabled="true"> <baseAddressPrefixFilters> <add prefix="http://services:1000/wcfservices.svc/"/>> </baseAddressPrefixFilters> </serviceHostingEnvironment> <serviceHostingEnvironment multipleSiteBindingsEnabled="false" /> Then in the client side I attempted this: <asp:ScriptManagerProxy ID="ScriptManagerProxy1" runat="server"> <compositeScript> <Scripts> <asp:ScriptReference Path="http://Flixsit:1000/FlixsitWebServices.svc" /> </Scripts> </CompositeScript> </asp:ScriptManagerProxy> I am attempting to call the service like this in javascript: wcfservices.SetFoo(string Id); Nothing is working. If it is idea or a better solution to call JSON enable, JQuery, etc....I am willing to make any changes. Thanks for any suggestions/tips provided....

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 413 414 415 416 417 418 419 420 421 422 423 424  | Next Page >