Search Results

Search found 17953 results on 719 pages for 'someone like you'.

Page 43/719 | < Previous Page | 39 40 41 42 43 44 45 46 47 48 49 50  | Next Page >

  • Important Security Issue: Is it possible to put binary image data into html markup code and then get

    - by Joern Akkermann
    Hi, it's an important security issue and I'm sure this should be possible. A simple example: You run a community portal. Users are registered and upload their pictures. Your application gives security rules wenever a picture is allowed to be displayed. For example users must be friends on each sides by the system, in order that you can view someone elses uploaded pictures. Here comes the problem: it is possible that someone crawls the image directories of your server. But you want to protect your users from such attacks. If it's possible to put the binary data of an image directly into the html markup, you can restrict the user access of your image dirs the user and group your web application runs of and pass the image data to your apache user and group directly in the html. The only possible weakness then is the password of the user that your web app runs as. Is there already a possibility? Yours, Joern.

    Read the article

  • JS Url GET vars - problem with encoding

    - by Martin
    Hey there! I'm having a bit of trouble here and I was hoping someone throws me a hint :) I'm getting some GET VARS with JS but I have trouble with non-latin charsets: cyrillic for example. The cyrillic var appears correct in the url but when I retrieve it with JS I get some dummy string. I was wondering of a function similar to "unescape" for such a case. Alternatively, if someone knows a way I could convert a cyrillic string to the same dummy string I get from the URL, it will still do me the trick, since all I need is compare. :) Thanks! Martin

    Read the article

  • need more complex index !

    - by silversky
    I'm sorry if it's not an appropriate question for this site, and if it's necesary I'll close this question. But maybe someone could give me an ideea: I'm trying to find a more complex index to make an hierarchy. For example: 5 votes from 6 = 83% AND 500 votes from 600 = 83%; 10 votes from 600 = 1.66% If I make a hierarchy with the %, first two will be on the same place, but I think that 83% from 600 it's more valuable than the first one. I could compare 5, 10, 500, but again it's not fair because the third case (10 votes) will be in front of the first case (5 votes), wich it's not fair beacuse the third case has only 1.66% Maybe someone could give me an ideea how to give more weight for the second case but in the same time let the let the new entries have a fair chance.

    Read the article

  • Encoding non-English characters

    - by Martin
    Hey there! I'm having a bit of trouble here and I was hoping someone throws me a hint :) I'm getting some GET VARS with JS but I have trouble with non-latin charsets: cyrillic for example. The cyrillic var appears correct in the url but when I retrieve it with JS I get some dummy string. I was wondering of a function similar to "unescape" for such a case. Alternatively, if someone knows a way I could convert a cyrillic string to the same dummy string I get from the URL, it will still do me the trick, since all I need is compare. :) Thanks! Martin

    Read the article

  • Is it possible to put binary image data into html markup and then get the image displayed as usual i

    - by Joern Akkermann
    It's an important security issue and I'm sure this should be possible. A simple example: You run a community portal. Users are registered and upload their pictures. Your application gives security rules whenever a picture is allowed to be displayed. For example users must be friends on each sides by the system, in order that you can view someone else's uploaded pictures. Here comes the problem: it is possible that someone crawls the image directories of your server. But you want to protect your users from such attacks. If it's possible to put the binary data of an image directly into the HTML markup, you can restrict the user access of your image dirs the user and group your web application runs of and pass the image data to your Apache user and group directly in the HTML. The only possible weakness then is the password of the user that your web app runs as. Is there already a possibility?

    Read the article

  • When a professional should plan to leave a job ?

    - by Indigo Praveen
    Hi All, I don't know whether this should be asked or not but I think it happens with every programmer in his/her career. The question is when should someone start for looking another job. Some guys remain in one company for 10-15-20 years, mostlay in Europe. But if we see the trend in India guys are changing their jobs only in 1-2 years. If it's happening in India then there must be something behind it. So, I want to know the impacts on someone's career of changing jobs frequently. Please share your experiences.

    Read the article

  • Generating short license keys with OpenSSL

    - by Marc Charbonneau
    I'm working on a new licensing scheme for my software, based on OpenSSL public / private key encryption. My past approach, based on this article, was to use a large private key size and encrypt an SHA1 hashed string, which I sent to the customer as a license file (the base64 encoded hash is about a paragraph in length). I know someone could still easily crack my application, but it prevented someone from making a key generator, which I think would hurt more in the long run. For various reasons I want to move away from license files and simply email a 16 character base32 string the customer can type into the application. Even using small private keys (which I understand are trivial to crack), it's hard to get the encrypted hash this small. Would there be any benefit to using the same strategy to generated an encrypted hash, but simply using the first 16 characters as a license key? If not, is there a better alternative that will create keys in the format I want?

    Read the article

  • How do I distinguish a SharePoint file update as being from a file upload?

    - by ccomet
    In SharePoint, when an item is first added to a document library, it fires the ItemAdded and ItemAdding events as expected. And if you upload the same filename to update the existing file, it will fire off ItemUpdated and ItemUpdating events, likewise as expected. However, I have been unsuccessful at determining whether this kind of action has actually occurred or not. Or, more specifically, I am entirely unable to differentiate between the following: An item is updated because someone uploaded a new file but did nothing to any of the form fields. An item is updated because someone hit "OK" but did nothing to any of the form fields. Is there actually a way to distinguish these kinds of updates? There appears to be nothing in event properties that contains this information, nor in the version history for both the list item and the file itself. I have even tried comparing the files themselves via OpenBinary(), but in both mentioned cases I still get the same result. Thank you in advance for any help!

    Read the article

  • VS2010 Publish Profiles -- Where are they stored?

    - by Jeff S
    We have set up a few Publish Profiles that are used to deploy web apps to various servers, and it all works great with 1-click deployment. However, w find that even though the entire solution is under source control (svn), the profiles do not seem to be carried over, so we need to re-create the profiles on each developer's machine manually. It seems, since the profiles only exist for the solution currently loaded, that they must be stored in the solution files somewhere, but they do not carry over when someone else does an update to pull down the code. I'm guessing whatever file they're in is one we aren' covering in the source control project, but I haven't been able to figure out which one. Someone must know where the Publish Profiles are stored -- is there any way to copy them from machine to machine so we don't have to retype them for each developer?

    Read the article

  • Prevent sqlite INJECTION ATTACKS on your own iPhone?

    - by Bonnie
    I always take precautions regarding SQL INJECTION ATTACKS when data is saved between someone's iPhone and a remote database on the cloud. But is it also necessary to do the same... when just saving data (using sqlite) from someone's cell phone, to a database that's just on their own phone? What's the worse they can do? Delete their own data (or tables) on their own phone? (If they really try hard enough.) Thanks.

    Read the article

  • Painting to Form then to Printer

    - by jp2code
    I often find myself needing to create custom reports that do NOT work with Crystal Reports or Report Viewer. Often, I hack a DataTable together and dumping that into a DataGridView control. It is never pretty, and printing is difficult. What I need is a class that I can call using the OnPaint event, but I've never sat down and written all of the Pen and Brush commands until now. Painting to the screen and painting to a printer both use the Graphics object, so I want to build a class that I'd pass in the Graphics object, my window bounds (a Rectangle), and some data (in the form of an instance of my class) that I'd use to paint a form or a sheet of paper. That sounds like a great concept! Surely, someone has done something like this before. Does anyone know of a book, a website tutorial, or video that goes into this? If someone wants to write all that out for me here, more power to you - but I'd think that would be too much work.

    Read the article

  • Validating an integer or String without try-catch

    - by Phil
    Ok, I'm lost. I am required to figure out how to validate an integer and String, but for some stupid reason, I can't use the Try-Catch method. I know this is the easiest way and so all the solutions on the internet are using it. I'm writing in Java. The deal is this, I need someone to put in an numerical ID and String name. If either one of the two inputs are invalid I must tell them they made a mistake. Can someone help me?

    Read the article

  • git: having 2 push/pull repos in sync (or 1 push/pull and 1 pull in sync)

    - by xavjuan
    Hello, We work on multiple geographically seperate sites. Today I have our git clones all live on one site A. Then users from site B have to ssh over to do a git clone or to push in changes. These are bare repos where the update is through pushes. Ideally, for git clone/push performance, I'd like to limit having to go over ssh. I'd like to have a copy of git repo X live on site A and site B... and have some syncing mechanism between them. OR to have X live on both sites, but only allow pushing to A (and have that setup correctly at clone time on B) I'm worried about the case where someone on site A pushes changes to the repo at site A at the same time that someone on site B pushes a truely conflicting change to the repo at site B. Is there some 'sync'ing solution built into git for distributed open repos like this? Or a way to have a clone from X set the origin/parent to the X from the other site? thanks, -John

    Read the article

  • How to order the images in a mysql database?

    - by user305270
    Hy! Here is my problem: i have a profile and this profile has for example 100 images. When someone visit this profile the first image will be the first result of my query that sorts by updated_at. But if the user would want to put the image with the (id = 8) to be the first, then (id = 22) then (id = 88) and so on? I need to put another field or is really necessary a new table to make a custom sort on images? and maybe someone explain this to me how to do? thanks, i appreciate your help ;)

    Read the article

  • Choosing a Wiki for a institute

    - by abhishekgupta92
    I need to choose a Wiki. Please someone help. Following are my requirements: 1) Need good control to the access variables 2) LDAP integration support 3) User Group Support 4) Good Themes and Templates Mediawiki has the problem that it does not support Users Groups that intutively. Twiki and Foswiki have a problem that any authenticated user that has write permissions for a topic also have the write to change the particualar permissions for the topic. Else, can someone suggest me where to look for the answer. I know about the WikiMatrix.

    Read the article

  • How should I protect against hard link attacks?

    - by Thomas
    I want to append data to a file in /tmp. If the file doesn't exist I want to create it I don't care if someone else owns the file. The data is not secret. I do not want someone to be able to race-condition this into writing somewhere else, or to another file. What is the best way to do this? Here's my thought: fd = open("/tmp/some-benchmark-data.txt", O_APPEND | O_CREAT | O_NOFOLLOW | O_WRONLY, 0644); fstat(fd, &st); if (st.st_nlink != 1) { HARD LINK ATTACK! } What's the right way? Besides not using a world-writable directory.

    Read the article

  • How do I politely tell a colleague to RTFM?

    - by Jason Baker
    I think by now, I've transitioned from a junior developer to an "intermediate" developer. Previously, whenever someone would ask me a question, I'd gleefully answer them simply because I was happy to be of use to someone and wanted to prove my worth as a developer. Now it's gotten to the point where I can't get work done because I'm constantly answering questions that can be answered just by spending a few seconds looking at documentation or searching google (sometimes from developers more senior than I). On one hand, I genuinely want to help them out and enjoy teaching other people. However, I just don't have enough bandwidth to keep answering these kinds of questions. How do I handle this kind of thing politely?

    Read the article

  • Creating a variable-speed slideshow based on USB input on OSX.

    - by Dave A
    I have a friend who is trying to put together a geeky little contraption for a wedding, where people can view a slideshow. Neither of us use Macs, nor have programmed for one, but for various reasons it has to run on a Mac. There will be a USB ammeter hooked up to a bike dynamo. What we want is for a slideshow to be run, and advance at a speed relative to how fast someone is pedaling on a stationary bike. After much googling, it seems like we could load an iPhoto slideshow up via applescript. Is it possible to pause the slideshow and advance it with keypress commands? The applescript commands would be run via a bash script or similar that would monitor the value returned by the USB ammeter's command-line app and issue the keypress events accordingly. Is there some other app that could be likewise scripted to display photos?Hoping someone has some hints to get us started in the right direction! Thanks!

    Read the article

  • Problem with Classes in Python..

    - by Gui
    Ok guys, I'm really new at python (and programming itself) so sorry for my ignorance, but I really needed to ask this. So im doing a wxPython project where I added several tabs for a notebook (each tab of the notebook = a class) and there is one tab where I added a checkbox (in a tab, lets call it for example Tab1), and what I want is that when someone checks it, a button that exists in other tab (class called for example tab2) gets hidden where previously it was being shown. Well I see that it isn't hard to accomplish this, but my problem is the classes (tab1 and tab2, in this example). I've been trying to figure it out by searching but I guess im not searching hard enough because I just can't get it right. If they were in the same class I wouldn't have a problem, but as they are in different classes, im having a huge struggle with this. Hope someone can help me, and sorry for my ignorance once again.

    Read the article

  • Full text search for irregular rapper names with Solr

    - by Horace Loeb
    I'm implementing full text search functionality on my rap website, and I'm running into some issues with rapper and song names. For example, someone might want to search for the rapper "Cam'ron" using the query "camron" (leaving out the mid-word apostrophe). Likewise, someone might search for the song "3 Peat" using the query "3peat". "The Notorious B.I.G." is a bit of a weird case: both "The Notorious BIG" and "The Notorious B.I.G." both work (I guess because the solr.StandardFilterFactory removes dots from acronyms?), but "The Notorious B.I.G" (i.e., minus the trailing dot) doesn't. Ideally all reasonable variations of these names should work. I'm guessing the answer has something to do with the solr.WordDelimiterFilterFactory, but I'm not sure. Also, I'm using Sunspot with Rails if that's relevant.

    Read the article

< Previous Page | 39 40 41 42 43 44 45 46 47 48 49 50  | Next Page >