Search Results

Search found 1491 results on 60 pages for 'tea with cookies'.

Page 54/60 | < Previous Page | 50 51 52 53 54 55 56 57 58 59 60  | Next Page >

• What can be a cookie? How to set with OUTPUT? RETURNVALUE?

  - by Ronnie Chester Lynwood

  hello. i think i got some problems with setting a cookie data. for this code: Set cmdDB = Server.CreateObject("ADODB.Command") With cmdDB .ActiveConnection = ADOConM .CommandText = "usp_jaljava_member_select" .CommandType = adCmdStoredProc .Parameters.Append .CreateParameter("RETURN_VALUE", adInteger, adParamReturnValue, 0) .Parameters.Append .CreateParameter("@TLoginName", adVarChar, adParamInput, 15,lcase(TLoginName)) .Parameters.Append .CreateParameter("@TPassword", adVarChar, adParamInput, 20,TPassword) .Parameters.Append .CreateParameter("@retval", adVarChar, adParamOutput, 50) ' .Parameters.Append .CreateParameter("@TPinCode", adVarChar, adParamInput, 15,TPinCode) .Execute,,adExecuteNoRecords RetVal = .Parameters("@retval") Ret = Trim(.Parameters("RETURN_VALUE")) 'Set .ActiveConnection = Nothing End With Set cmdDB = Nothing UTid = RetVal if Ret = 100 then deleteInvalidLogin(TLoginName) SetDomainCookie "UTid",UTid SetDomainCookie "Uid", TLoginName if redirect_domain <> "" then Response.Write "<form name=frm action=" & urlserver & " method=post><input type=hidden name=loginname value='" & TLoginName & "'><input type=hidden name=id value=""" & Request.Cookies("UTID") & """></form><script>frm.submit();</script>" Response.End else%> <% Response.Redirect ("kologin.asp?id=OK") Response.End end if RETURN_VALUE is returns as 100. But I don't know.. UTID! What is UTID have to be? If I set UTID same as UID will it work? thanks..

  Read the article

• Problem with ASP.NET Authentication

  - by Niels Bosma

  I'm having problem with our login procedure. Some customers complain that they can't login. I can see in our logs that their login is successful and that they are redirected from the login page to the member area. But there somehow the login isn't detected and they are bounced back to the login page. I've asked customers to check if cookies are supported (http://www.html-kit.com/tools/cookietester/) but problem remains even if this test returns true. This is how I've implemented the login procedure (simplyfied): protected void Login(string email, string password) { FormsAuthentication.SignOut(); Guid clientId = /* Validate login by checking email and password, if fails display error otherwise get client id */ FormsAuthentication.SetAuthCookie(clientId.ToString(), true); HttpContext.Current.Response.Redirect("~/Members.aspx"); } On the member page I check for authentication by in Page_Load function: public static void IsAuthenticated() { if (!HttpContext.Current.User.Identity.IsAuthenticated) { HttpContext.Current.Response.Redirect("~/Login.aspx", true); } } Maybe I'm using FormsAuthentication completely wrong? I've asked this before but still haven't been able to figure this out, I'd appreciate any help.

  Read the article

• What should a developer know before building a public web site?

  - by Joel Coehoorn

  What things should a programmer implementing the technical details of a web site address before making the site public? If Jeff Atwood can forget about HttpOnly cookies, sitemaps, and cross-site request forgeries all in the same site, what important thing could I be forgetting as well? I'm thinking about this from a web developer's perspective, such that someone else is creating the actual design and content for the site. So while usability and content may be more important than the platform, you the programmer have little say in that. What you do need to worry about is that your implementation of the platform is stable, performs well, is secure, and meets any other business goals (like not cost too much, take too long to build, and rank as well with Google as the content supports). Think of this from the perspective of a developer who's done some work for intranet-type applications in a fairly trusted environment, and is about to have his first shot and putting out a potentially popular site for the entire big bad world wide web. Also: I'm looking for something more specific than just a vague "web standards" response. I mean, HTML, JavaScript, and CSS over HTTP are pretty much a given, especially when I've already specified that you're a professional web developer. So going beyond that, Which standards? In what circumstances, and why? Provide a link to the standard's specification. This question is community wiki, so please feel free to edit that answer to add links to good articles that will help explain or teach each particular point.

  Read the article

• How should I implement lazy session creation in PHP?

  - by Adam Franco

  By default, PHP's session handling mechanisms set a session cookie header and store a session even if there is no data in the session. If no data is set in the session then I don't want a Set-Cookie header sent to the client in the response and I don't want an empty session record stored on the server. If data is added to $_SESSION, then the normal behavior should continue. My goal is to implement lazy session creation behavior of the sort that Drupal 7 and Pressflow where no session is stored (or session cookie header sent) unless data is added to the $_SESSION array during application execution. The point of this behavior is to allow reverse proxies such as Varnish to cache and serve anonymous traffic while letting authenticated requests pass through to Apache/PHP. Varnish (or another proxy-server) is configured to pass through any requests without cookies, assuming correctly that if a cookie exists then the request is for a particular client. I have ported the session handling code from Pressflow that uses session_set_save_handler() and overrides the implementation of session_write() to check for data in the $_SESSION array before saving and will write this up as library and add an answer here if this is the best/only route to take. My Question: While I can implement a fully custom session_set_save_handler() system, is there an easier way to get this lazy session creation behavior in a relatively generic way that would be transparent to most applications?

  Read the article

• How does browser know when to prompt user to save password?

  - by Eric

  This is related to the question I asked here: http://stackoverflow.com/questions/2382329/how-can-i-get-browser-to-prompt-to-save-password This is the problem: I CAN'T get my browser to prompt me to save the password for the site I'm developing. (I'm talking about the bar that appears sometimes when you submit a form on Firefox, that says "Remember the password for yoursite.com? Yes / Not now / Never") This is super frustrating because this feature of Firefox (and most other modern browsers, which I hope work in a similar fashion) seems to be a mystery. It's like a magic trick the browser does, where it looks at your code, or what you submit, or something, and if it "looks" like a login form with a username (or email address) field and a password field, it offers to save. Except in this case, where it's not offering my users that option after they use my login form, and it's making me nuts. :-) (I checked my Firefox settings-- I have NOT told the browser "never" for this site. It should be prompting.) My question: exactly what the heuristics are that Firefox (or any other modern browser) uses to know when it should prompt the user to save? This shouldn't be too difficult to answer, since it's right there in the Mozilla source (I don't know where to look or else I'd try to dig it out myself). You'd think there would be a blog post or some other similar developer note from the Mozilla developers about this but I can't find that either. (* Note that if your answer to me has anything to do with cookies, encryption or anything else that is about how I'm storing the user's passwords in the database, you've probably misread my question. :-)

  Read the article

• In Java, howd do I iterate through lines in a textfile from back to front

  - by rogue780

  Basically I need to take a text file such as : Fred Bernie Henry and be able to read them from the file in the order of Henry Bernie Fred The actual file I'm reading from is 30MB and it would be a less than perfect solution to read the whole file, split it into an array, reverse the array and then go from there. It takes way too long. My specific goal is to find the first occurrence of a string (in this case it's "InitGame") and then return the position beginning of the beginning of that line. I did something like this in python before. My method was to seek to the end of the file - 1024, then read lines until I get to the end, then seek another 1024 from my previous starting point and, by using tell(), I would stop when I got to the previous starting point. So I would read those blocks backwards from the end of the file until I found the text I was looking for. So far, I'm having a heck of a time doing this in Java. Any help would be greatly appreciated and if you live near Baltimore it may even end up with you getting some fresh baked cookies. Thanks!

  Read the article

• How to share data between SSRS Security and Data Processing extension?

  - by user2904681

  I've spent a lot of time trying to solve the issue pointed in title and have no found a solution yet. I use MS SSRS 2012 with custom Security (based on Form Authentication and ClaimsPrincipal) and Data Processing extensions. In Data extension level I need to apply filter programmatically based on one of the claim which I have access in Security extension level only. Here is the problem: I do know how to pass the claim from Security to Data Processing extension code... What I've tried: IAuthenticationExtension.LogonUser(string userName, string password, string authority) { ... ClaimsPrincipal claimsPrincipal = CreateClaimsPrincipal(...); Thread.CurrentPrincipal = claimsPrincipal; HttpContext.Current.User = claimsPrincipal; ... }; But it doesn't work. It seems SSRS overrides it within either GenericPrincipal or FormsIdentity internally. The possible workaround I'm thinking about (but haven't checked it yet): 1. Create HttpModule which will create HttpContext with all required information (minus: will be invoke getting claims each time - huge operation) 2. Write to custom SQL table to store logged users information which is required for Data extension and then read it 3. try somehow to append to cookies due to LogOn and then read each time on IAuthenticationExtension.GetUserInfo and fill HttpContext None of them seems to be a good solution. I would be grateful for any help/advise/comments.

  Read the article

• Thread Local Memory, Using std::string's internal buffer for c-style Scratch Memory.

  - by Hassan Syed

  I am using Protocol Buffers and OpensSSL to generate, HMACs and then CBC encrypt the two fields to obfuscate the session cookies -- similar Kerberos tokens. Protocol Buffers' API communicates with std::strings and has a buffer caching mechanism; I exploit the caching mechanism, for successive calls in the the same thread, by placing it in thread local memory; additionally the OpenSSL HMAC and EVP CTX's are also placed in the same thread local memory structure ( see this question for some detail on why I use thread local memory and the massive amount of speedup it enables even with a single thread). The generation and deserialization, "my algorithms", of these cookie strings uses intermediary void *s and std::strings and since Protocol Buffers has an internal memory retention mechanism I want these characteristics for "my algorithms". So how do I implement a common scratch memory ? I don't know much about the rdbuf(streambuf - strinbuf ??) of the std::string object. I would presumeably need to grow it to the lowest common size ever encountered during the execution of "my algorithms". Thoughts ? My question I guess would be: " is the internal buffer of a string re-usable, and if so, how ?" Edit: See comments to Vlad's answer please.

  Read the article

• Read a variable from a variable cookie jquerycookie.

  - by Ozaki

  TLDR How could I tell "page.html" which one of 3 or so cookies to look at when the cookie is set on the previous page? Currently: When a link is clicked save text of link to cookie When "page.html" is loaded get the value of the cookie Loads the getjson call as per value of the cookie. E.g: <a href="page.html">link1</a> -c1 <a href="page.html">link2</a> -c2 <a href="page.html">link3</a> -c3 See previous discussion here Now that is all good and well apart from the fact if I were to say open them in multiple tabs. It changes the cookie and correctly loads the right data. But if I were to refresh one of these tabs it will load the most recently open data rather than what it should be. So if I were to save a cookie as c1 with a value of link1 c2 with a value of link2 c3 with a value of link3 How could I tell "page.html" which cookie it should be looking at, therefore not breaking the back/forward/refresh buttons on the browser when multiple tabs are open?

  Read the article

• How do I add ROW_NUMBER to a LINQ query or Entity?

  - by Whozumommy

  I'm stumped by this easy data problem. I'm using the Entity framework and have a database of products. My results page returns a paginated list of these products. Right now my results are ordered by the number of sales of each product, so my code looks like this: return Products.OrderByDescending(u => u.Sales.Count()); This returns an IQueryable dataset of my entities, sorted by the number of sales. I want my results page to show the rank of each product (in the dataset). My results should look like this: Page #1 1. Bananas 2. Apples 3. Coffee Page #2 4. Cookies 5. Ice Cream 6. Lettuce I'm expecting that I just want to add a column in my results using the SQL ROW_NUMBER variable...but I don't know how to add this column to my results datatable. My resulting page does contain a foreach loop, but since I'm using a paginated set I'm guessing using that number to fake a ranking number would NOT be the best approach. So my question is, how do I add a ROW_NUMBER column to my query results in this case?

  Read the article

• Password Confirmation Overlay

  - by Alasdair

  Hello, I'm creating a J2EE web application that uses jQuery and Ajax to help with some of the presentation for a user-friendly interface. I've done a lot of work ensuring security around persistant login cookies, and I've decided to request the password from any user that logged in using a persistant login cookie before being allowed to make any changes that could be malicious. This request would only happen once to confirm the user is who they say they are and will last throughout the session. At present, any requests that meet this criteria has their request information stored in session and then the user is forwarded to a page to confirm their password. Once confirmed, the user's original request is then performed and the requestion information removed from session. What I would like to do is avoid all this redirection and minimize what's held in session (even if it's just for a small time), thus improving usability and convenience for the user. I believe that a jQuery overlay could allow me to prompt the user for their password (if required) and then continue to submit the request if successful. I would of originally used ThickBox, but since that's now deprecated I don't see the benefit in implementing it in an application at this development stage. However, I have tried to create an overlay using jQuery but I've scrapped every attempt as I can't seem to make it all come together. My main problem is preventing the submission when the user incorrectly types a password or cancels the overlay. Desired Flow Persistant Login Sensitive Page Submit Password Confirmation Overlay [Continue Submit | (Cancel | Incorrect] I have already created JavaScript code to encrypt the password to be sent in a parameter, but all I need now is a method of controlling the overlay and how best to use Ajax for this purpose. Please ignore the fact that this is a J2EE web application when answering as it is irrelevant really. Thanks in advance, Alasdair

  Read the article

• How to troubleshoot PHP session file empty issue?

  - by Morgan Cheng

  I have a very simple test page for PHP session. <?php session_start(); if (isset($_SESSIONS['views'])) { $_SESSIONS['views'] = $_SESSIONS['pv'] + 1; } else { $_SESSIONS['views'] = 0; } var_dump($_SESSIONS); ?> After refreshing the page, it always show array 'views' => int 0 The environment is XAMPP 1.7.3. I checked phpInfo(). The session is enabled. Session Support enabled Registered save handlers files user sqlite Registered serializer handlers php php_binary wddx Directive Local Value Master Value session.auto_start Off Off session.bug_compat_42 On On When the page is accessed, there is session file sess_lnrk7ttpai8187v9q6iok74p20 created in my "D:\xampp\tmp" folder. But the content is empty. With Firebug, I can see cookies about the session. Cookie PHPSESSID=lnrk7ttpai8187v9q6iok74p20 It seems session data is not flushed to files. Is there any way or direction to trouble shoot this issue? Thanks.

  Read the article

• firefox lead dot in cookie issue

  - by Jon

  Hi all, We are having an annoying issue with Firefox and cookies. We have the following domains: sub1.mydomain.com sub2.mydomain.com sub3.mydomain.com otherdomain.com We have converting our framework to be multilingual and providing a drop down to change the language at any point during site. The code base is shared across all the domains above. We can not set a cookie across all "mydomain.com" sites, they have to be on each of the sub domains. To get this to work we set a JavaScript cookie when the users chooses a new language. When the page posts back to the server the code picks this up and sets the users preferences to that new language code, (this is all C# and ASP.NET). We have to set the host to be "subX.mydomain.com" and the path to be "/" in the cookie so that it is just for the subdomain and all parts of that domain. This works great on all browsers apart from FireFox. It seems that firefox will pre append a DOT to the beginning of domain so ".subX.mydomain.com". When the code posts back with FireFox the cookie is always null. Has anyone had this situation, (I imagine it is not al that uncommon). I have read a lot of people saying, remove the domain from the cookie, but that can not work for us as we have multiple subdomains that need their own cookie values. Thanks

  Read the article

• Django Testing: Faking User Creation

  - by Ygam

  I want to better write this test: def test_profile_created(self): self.client.post(reverse('registration_register'), data={ 'username':'ygam', 'email':'[email protected]', 'password1':'ygam', 'password2':'ygam' }) """ Test if a profile is created on save """ user = User.objects.get(username='ygam') self.assertTrue(UserProfile.objects.filter(user=user).exists()) and I just came upon this code on django-registration tests that does not actually "create" the user: def test_registration_signal(self): def receiver(sender, **kwargs): self.failUnless('user' in kwargs) self.assertEqual(kwargs['user'].username, 'bob') self.failUnless('request' in kwargs) self.failUnless(isinstance(kwargs['request'], WSGIRequest)) received_signals.append(kwargs.get('signal')) received_signals = [] signals.user_registered.connect(receiver, sender=self.backend.__class__) self.backend.register(_mock_request(), username='bob', email='[email protected]', password1='secret') self.assertEqual(len(received_signals), 1) self.assertEqual(received_signals, [signals.user_registered]) However he used a custom function for this "_mock_request": class _MockRequestClient(Client): def request(self, **request): environ = { 'HTTP_COOKIE': self.cookies, 'PATH_INFO': '/', 'QUERY_STRING': '', 'REMOTE_ADDR': '127.0.0.1', 'REQUEST_METHOD': 'GET', 'SCRIPT_NAME': '', 'SERVER_NAME': 'testserver', 'SERVER_PORT': '80', 'SERVER_PROTOCOL': 'HTTP/1.1', 'wsgi.version': (1,0), 'wsgi.url_scheme': 'http', 'wsgi.errors': self.errors, 'wsgi.multiprocess':True, 'wsgi.multithread': False, 'wsgi.run_once': False, 'wsgi.input': None, } environ.update(self.defaults) environ.update(request) request = WSGIRequest(environ) # We have to manually add a session since we'll be bypassing # the middleware chain. session_middleware = SessionMiddleware() session_middleware.process_request(request) return request def _mock_request(): return _MockRequestClient().request() However, it may be too long of a function for my needs. I want to be able to somehow "fake" the account creation. I have not much experience on mocks and stubs so any help would do. Thanks!

  Read the article

• Strange unset cookie problem

  - by neobie

  Hi there, I have a strange problem to clear Cookie via PHP. Lets say if I have a domain neobie.net I store "remember user login" cookie name as "USER_INFO" which contains string to identify user login in the next time of revisit. now using firefox, I saw that I have 2 cookies USER_INFO with domain "www.neobie.net" and ".neobie.net" with expiration date of 1 week later. I wrote a logout.php script, which clear the cookie of different domain (.neobie.net, www.neobie.net, neobie.net) to ensure that USER_INFO cookie is completely cleared for different domain. Now is the problem. The user isn't able to clear the cookie when user visit logout.php I found out that, I have to manually delete the cookie with domain "www.neobie.net", leaving the ".neobie.net " intact, then only the cookie can be cleared. So, I have to make the php script to setcookie USER_INFO on ".neobie.net", and prevent it to set cookie on "www.neobie.net" to make the logout.php script work. But I don't understand why I couldn't clear the cookie for "www.neobie.net" (with leading www. , tested on firefox and chrome)

  Read the article

• Cookie add in the Global.asax warning in application log

  - by Ioxp

  In my Global.ASAX file i have the following: System.Web.HttpCookie isAccess = new System.Web.HttpCookie("IsAccess"); isAccess.Expires = DateTime.Now.AddDays(-1); isAccess.Value = ""; System.Web.HttpContext.Current.Response.Cookies.Add(isAccess); So every time this method this is logged in the application events as a warning: Event code: 3005 Event message: An unhandled exception has occurred. Event time: 5/25/2010 12:23:20 PM Event time (UTC): 5/25/2010 4:23:20 PM Event ID: c515e27a28474eab8d99720c3f5a8e90 Event sequence: 4148 Event occurrence: 332 Event detail code: 0 Application information: Application domain: /LM/W3SVC/2100509645/Root-1-129192259222289896 Trust level: Full Application Virtual Path: / Application Path: <PathRemoved>\www\ Machine name: TIPPER Process information: Process ID: 6936 Process name: w3wp.exe Account name: NT AUTHORITY\NETWORK SERVICE Exception information: Exception type: NullReferenceException Exception message: Object reference not set to an instance of an object. Request information: Request URL: Request path: User host address: User: Is authenticated: False Authentication Type: Thread account name: NT AUTHORITY\NETWORK SERVICE Thread information: Thread ID: 7 Thread account name: NT AUTHORITY\NETWORK SERVICE Is impersonating: False Stack trace: at ASP.global_asax.Session_End(Object sender, EventArgs e) in <PathRemoved>\Global.asax:line 113 Any idea why this code would cause this error?

  Read the article

• eclipse django using wrong settings.py in pythonpath

  - by user1290264

  I have pydev/django installed in eclipse, and it runs fine. However, after adding a second django project to eclipse and running the server ('http://127.0.0.1:8000') the pythonpath seems to be stuck on project2 even when I run project1. As a summary, I have two django projects: project1, project2. When I run the django server for project1 I get: Validating models... 0 errors found Django version 1.5, using settings 'project1.settings' Development server is running at 'http://127.0.0.1:8000/' Quit the server with CTRL-BREAK. The above seems to suggest that django is using the correct settings file; however, when I go to 'http://127.0.0.1:8000/' it displays the urls from project2. Also, if I go to 'http://127.0.0.1:8000/admin' the models are getting pulled from the sqlite.db file in project2 as well. I've even tried removing project2 from eclipse entirely and now at 'http://127.0.0.1:8000/admin' I get this error: Python Path: ['C:\Users\Brad\workspaces\In Progress\project2', 'C:\Users\Brad\workspaces\In Progress\project2', 'C:\Python27\DLLs', 'C:\Python27\lib', 'C:\Python27\lib\plat-win', 'C:\Python27\lib\lib-tk', 'C:\Python27', 'C:\Python27\lib\site-packages', 'C:\Windows\system32\python27.zip'] If I run the server on a different port with project1 the path seems to be fine: runserver 7000 --noreload Then 'http://127.0.0.1:7000/' uses project1's paths, but it doesn't seem like I should have to do this. Note: I have setup the run configurations as correctly as I know how. In the main tab, the project and main module both point to the correct project (project1), and the "PYTHONPATH that will be used in the run:" includes project1. Also, I have cleared my browser history, cookies, and everything that chrome would let me delete.

  Read the article

• restrict script inside iframe to run only within pages of same top-level domain?

  - by Justin Grant

  I'd like to enforce a requirement that client script inside a page (which in turn is loaded inside an iframe of another page) will only run when the parent page is on the same top-level domain as the framed page (although it may be on another hostname in that domain). Is this do-able? I assume that the easy solution of looking at top.location.host won't be available due to cross-site scripting limitations, but I'm wondering if other javascript hackery could suffice. Constraints on any potential solution inculde: I need to be able to run XmlHttpRequest calls inside the child page, and I need to validate that the hostname is in the same domain before I make those calls. (this makes a document.domain solution challenging because AFAIK setting document.domain disables the ability to make XmlHttpRequest calls. I can control client-side script and HTML on both parent or child (and I can create new pages if needed), but I can't make any server-side code changes. I can't simulate the above via server-side calls or proxies, because the child page's hostname uses a forms auth system with hostname-scoped cookies that I can't get access to from the parent page since it's on a different hostname. I don't have enough control over the child-frame site to be able to put both sites behind the same reverse-proxy or load-balancer (which would enable me to put both sites on the same hostname). I don't actually need to access any UI inside the IFrame-- the iframe is invisible and I'm only using it to run javascript within the security context of a site on a different hostname from the parent page. So at this point I'm stumped. Got any ideas? I want to make sure I'm not overlooking an easy solution before giving up.

  Read the article

• Authentication using cookie key with asynchronous callback

  - by greg

  I need to write authentication function with asynchronous callback from remote Auth API. Simple authentication with login is working well, but authorization with cookie key, does not work. It should checks if in cookies present key "lp_login", fetch API url like async and execute on_response function. The code almost works, but I see two problems. First, in on_response function I need to setup secure cookie for authorized user on every page. In code user_id returns correct ID, but line: self.set_secure_cookie("user", user_id) does't work. Why it can be? And second problem. During async fetch API url, user's page has loaded before on_response setup cookie with key "user" and the page will has an unauthorized section with link to login or sign on. It will be confusing for users. To solve it, I can stop loading page for user who trying to load first page of site. Is it possible to do and how? Maybe the problem has more correct way to solve it? class BaseHandler(tornado.web.RequestHandler): @tornado.web.asynchronous def get_current_user(self): user_id = self.get_secure_cookie("user") user_cookie = self.get_cookie("lp_login") if user_id: self.set_secure_cookie("user", user_id) return Author.objects.get(id=int(user_id)) elif user_cookie: url = urlparse("http://%s" % self.request.host) domain = url.netloc.split(":")[0] try: username, hashed_password = urllib.unquote(user_cookie).rsplit(',',1) except ValueError: # check against malicious clients return None else: url = "http://%s%s%s/%s/" % (domain, "/api/user/username/", username, hashed_password) http = tornado.httpclient.AsyncHTTPClient() http.fetch(url, callback=self.async_callback(self.on_response)) else: return None def on_response(self, response): answer = tornado.escape.json_decode(response.body) username = answer['username'] if answer["has_valid_credentials"]: author = Author.objects.get(email=answer["email"]) user_id = str(author.id) print user_id # It returns needed id self.set_secure_cookie("user", user_id) # but session can's setup

  Read the article

• Have to login twice. PHP sessions and login troubles with Chrome and Opera.

  - by Robert

  The problem I am encountering is that for my login form I have to login twice for the session to register properly, but only in Chrome (my version is 4.0.249.89) and Opera (my version is 10.10). Here is the stripped down code that I am testing on: Login Page: session_start(); $_SESSION['user_id'] = 8; $_SESSION['user_name'] = 'Jim'; session_write_close(); header('Location: http://www.my-domain-name.com/'); exit(); Home Page: session_start(); if ( isset($_SESSION['user_id']) ) { echo "You are logged in!"; } else { echo "You are NOT logged in!"; } Logout Page: session_start(); session_unset(); session_destroy(); header('Location: http://www.my-domain-name.com/'); exit(); Currently, under a fresh load with no cookies, if I go to my-domain-name.com/login/ it will redirect to the home page and say "You are NOT logged in!" but if I go there again it will say "You are logged in!". Any ideas? Thanks for your help.

  Read the article

• Is it possible to do A/B testing by page rather than by individual?

  - by mojones

  Lets say I have a simple ecommerce site that sells 100 different t-shirt designs. I want to do some a/b testing to optimise my sales. Let's say I want to test two different "buy" buttons. Normally, I would use AB testing to randomly assign each visitor to see button A or button B (and try to ensure that that the user experience is consistent by storing that assignment in session, cookies etc). Would it be possible to take a different approach and instead, randomly assign each of my 100 designs to use button A or B, and measure the conversion rate as (number of sales of design n) / (pageviews of design n) This approach would seem to have some advantages; I would not have to worry about keeping the user experience consistent - a given page (e.g. www.example.com/viewdesign?id=6) would always return the same html. If I were to test different prices, it would be far less distressing to the user to see different prices for different designs than different prices for the same design on different computers. I also wonder whether it might be better for SEO - my suspicion is that Google would "prefer" that it always sees the same html when crawling a page. Obviously this approach would only be suitable for a limited number of sites; I was just wondering if anyone has tried it?

  Read the article

• facebook javascript api

  - by ngreenwood6

  I am trying to get my status from facebook using the javascript api. I have the following code: <div id="fb-root"></div> <div id="data"></div> <script src="http://connect.facebook.net/en_US/all.js"></script> <script type="text/javascript"> (function(){ FB.init({ appId : 'SOME ID', status : true, // check login status cookie : true, // enable cookies to allow the server to access the session xfbml : true // parse XFBML }); }); getData(); function getData(){ var query = FB.Data.query('SELECT message FROM status WHERE uid=12345 LIMIT 10'); query.wait(function(rows) { for(i=0;i<rows.length;i++){ document.getElementById('data').innerHTML += 'Your status is ' + rows[i].message + '<br />'; } }); } </script> When i try to get my name it works fine but the status is not working. Can someone please tell me what I am doing wrong because the documentation for this is horrible. And yes I replaced the uid with a fake one and yes i put in my app id because like i said when i try to get my name it works fine. Any help is appreciated.

  Read the article

• problem on running script on different operating system

  - by Praveen kalal

  i run use a javascript code for getting browser information it run fine on microsoft windows xp but it not working on microsoft windows server 2003. my code is folowing. plz help. <html> <head> <script type="text/javascript" src="zeroclipboard/ZeroClipboard.js"></script> <script type="text/javascript"> window.onload = function F() { var today = new Date(); var the_date = new Date("December 31, 2012"); var the_cookie_date = the_date.toGMTString(); var the_cookie = screen.width +"x"+ screen.height; var the_cookie = "Screen Resolution:"+the_cookie + ";\nExpires:" + the_cookie_date+";\n Browser CodeName:"+navigator.appCodeName+";\n Browser Name: " + navigator.appName+";\n Browser Version: " + navigator.appVersion+";\n Browser Version: " + navigator.appVersion+"; \n Cookies Enabled: " + navigator.cookieEnabled +";\n Platform: " + navigator.platform+";\n User-agent header: " + navigator.userAgent; / document.getElementById('box-content').value=the_cookie; } </script> </head> <body> <textarea name="box-content" id="box-content" rows="10" cols="70"> </textarea> <br /><br /> <p><input type="button" id="copy" name="copy" value="Copy to Clipboard" /></p> </body> </html> <script type="text/javascript"> //set path ZeroClipboard.setMoviePath('http://192.168.101.135:471/browserinfo/zeroclipboard/ZeroClipboard.swf'); //create client var clip = new ZeroClipboard.Client(); //event clip.addEventListener('mousedown',function() { clip.setText(document.getElementById('box-content').value); }); clip.addEventListener('complete',function(client,text) { alert('text is copied'); }); //glue it to the button clip.glue('copy'); </script>

  Read the article

• prevent javascript in the WMD editor's preview box

  - by Justin Grant

  There are many SO questions (e.g. here and here) about how to do server-side scrubbing of Markdown produced by the WMD editor to ensure the HTML generated doesn't contain malicious script, like this: <img onload="alert('haha');" src="http://www.google.com/intl/en_ALL/images/srpr/logo1w.png" /> Unfortunately, this still allows script to show up in the WMD client's preview box. I doubt this is a big deal since if you're scrubbing the HTML on the server, an attacker can't save the bad HTML so no one else will be able to see it later and have their cookies stolen or sessions hijacked by the bad script. But it's still kinda odd to allow an attacker to run any script in the context of your site, and it's probably a bad idea to allow the client preview window to allow different HTML than your server will allow. StackOverflow has clearly plugged this hole. How did they do it? [NOTE: I already figured this out but it required some tricky javascript debugging, so I'm answering my own question here to help others who may want to do ths same thing]

  Read the article

• Server side form validation and POST data

  - by tomcritchlow

  Hi, I have a user input form here: http://www.7bks.com/create (Google login required) When you first create a list you are asked to create a public username. Unfortuantely currently there is no constraint to make this unique. I'm working on the code to enforce unique usernames at the moment and would like to know the best way to do it. Tech details: appengine, python, webapp framework What I'm planning is something like this: first the /create form posts the data to /inputlist/ (this is the same as currently happens) /inputlist/ queries the datastore for the given username. If it already exists then redirect back to /create display the /create page with all the info previously but with an additional error message of "this username is already taken" My question is: Is this the best way of handling server side validation? What's the best way of storing the list details while I verify and modify the username? As I see it I have 3 options to store the list details but I'm not sure which is "best": Store the list details in the session cookie (I am using GAEsessions for cookies) Define a separate POST class for /create and post the list data back from /inputlist/ to the /create page (currently /create only has a GET class) Store the list in the datastore, even though the username is non-unique. Thank you very much for your help :) I'm pretty new to python and coding in general so if I've missed something obvious my apologies. Tom PS - I'm sure I can eventually figure it out but I can't find any documentation on POSTing data using the webapp appengine framework which I'd need in order to do solution 2 above :s maybe you could point me in the right direction for that too? Thanks! PPS - It's a little out of date now but you can see roughly how the /create and /inputlist/ code works at the moment here: 7bks.com Gist

  Read the article

< Previous Page | 50 51 52 53 54 55 56 57 58 59 60  | Next Page >