Search Results

Search found 1926 results on 78 pages for 'cookie monster'.

Page 69/78 | < Previous Page | 65 66 67 68 69 70 71 72 73 74 75 76  | Next Page >

  • tipfy for Google App Engine: Is it stable? Can auth/session components of tipfy be used with webapp?

    - by cv12
    I am building a web application on Google App Engine that requires users to register with the application and subsequently authenticate with it and maintain sessions. I don't want to force users to have Google accounts. Also, the target audience for the application is the average non-geek, so I'm not very keen on using OpenID or OAuth. I need something simple like: User registers with an e-mail and password, and then can log back in with those credentials. I understand that this approach does not provide the security benefits of Google or OpenID authentication, but I am prepared to trade foolproof security for end-user convenience and hassle-free experience. I explored Django, but decided that consecutive deprecations from appengine-helper to app-engine-patch to django-nonrel may signal that path may be a bit risky in the long-term. I'd like to use a code base that is likely to be maintained consistently. I also explored standalone session/auth packages like gaeutilities and suas. GAEUtilities looked a bit immature (e.g., the code wasn't pythonic in places, in my opinion) and SUAS did not give me a lot of comfort with the cookie-only sessions. I could be wrong with my assessment of these two, so I would appreciate input on those (or others that may serve my objective). Finally, I recently came across tipfy. It appears to be based on Werkzeug and Alex Martelli spoke highly of it here on stackoverflow. I have two primary questions related to tipfy: As a framework, is it as mature as webapp? Is it stable and likely to be maintained for some time? Since my primary interest is the auth/session components, can those components of the tipfy framework be used with webapp, independent of the broader tipfy framework? If yes, I would appreciate a few pointers to how I could go about doing that.

    Read the article

  • Facebook graph API post to user's wall

    - by Lance
    I'm using the FB graph api to post content to the user's wall. I orginally tried using this method: $wall_post = array(array('message' => 'predicted the', 'name' => 'predicted the'), array('message' => $winning_team, 'name' => $winning_team, 'link' => 'http://www.sportannica.com/teams.php?team='.$winning_team.'&amp;year=2012'), array('message' => 'to beat the', 'name' => 'to beat the',), array('message' => $losing_team, 'name' => $losing_team, 'link' => 'http://www.sportannica.com/teams.php?team='.$losing_team.'&amp;year=2012'), array('message' => 'on '.$game_date.'', 'name' => 'on '.$game_date.''), array('picture' => 'http://www.sportannica.com/img/team_icons/current_season_logos/large/'.$winning_team.'.png')); $res = $facebook->api('/me/feed/', 'post', '$wall_post'); But, much to my surprise, you can't post multiple links to a users wall. So, now I'm using the graph api to post content to a user's wall much like the way spotify does. So, now I've figured out that I need to create custom actions and objects with the open graph dashboard. So, I've created the "predict" action and gave it permission to edit the object "game." So, now I have the code: $facebook = new Facebook(array( 'appId' => 'appID', 'secret' => 'SECRET', 'cookie' => true )); $access_token = $facebook->getAccessToken(); $user = $facebook->getUser(); if($user != 0) { curl -F 'access_token='$.access_token.'' \ -F 'away_team=New York Yankees' \ -F 'home_team=New York Mets' \ -F 'match=http://samples.ogp.me/413385652011237' \ 'https://graph.facebook.com/me/predict-edit-add:predict' } I keep getting an error reading: Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING Any ideas?

    Read the article

  • Is a GWT app running on Google App Engine protected from CSRF

    - by gerdemb
    I'm developing a GWT app running on the Google App Engine and wondering if I need to worry about Cross-site request forgery or is that automatically taken care of for me? For every RPC request that requires authentication, I have the following code: public class BookServiceImpl extends RemoteServiceServlet implements BookService { public void deleteInventory(Key<Inventory> inventoryKey) throws NotLoggedInException, InvalidStateException, NotFoundException { DAO dao = new DAO(); // This will throw NotLoggedInException if user is not logged in User user = dao.getCurrentUser(); // Do deletion here } } public final class DAO extends DAOBase { public User getCurrentUser() throws NotLoggedInException { currentUser = UserServiceFactory.getUserService().getCurrentUser(); if(currentUser == null) { throw new NotLoggedInException(); } return currentUser; } I couldn't find any documentation on how the UserService checks authentication. Is it enough to rely on the code above or do I need to to more? I'm a beginner at this, but from what I understand to avoid CSRF attacks some of the strategies are: adding an authentication token in the request payload instead of just checking a cookie checking the HTTP Referer header I can see that I have cookies set from Google with what look like SID values, but I can't tell from the serialized Java objects in the payloads if tokens are being passed or not. I also don't know if the Referer header is being used or not. So, am I worrying about a non-issue? If not, what is the best strategy here? This is a common enough problem, that there must be standard solutions out there...

    Read the article

  • Did anyone have this issue with a simple Facebook app or know how to solve it?

    - by Jian Lin
    I have a really simple few lines of Facebook app, using the new Facebook API: <pre> <?php require 'facebook.php'; // Create our Application instance. $facebook = new Facebook(array( 'appId' => '117676584930569', 'secret' => '**********', // hidden here on the post... 'cookie' => true, )); var_dump($facebook); ?> but it is giving me the following output: http://apps.facebook.com/woolaladev/i2.php would give out object(Facebook)#1 (6) { ["appId:protected"]=> string(15) "117676584930569" ["apiSecret:protected"]=> string(32) "**********" <--- just hidden on this post ["session:protected"]=> NULL ["sessionLoaded:protected"]=> bool(false) ["cookieSupport:protected"]=> bool(true) ["baseDomain:protected"]=> string(0) "" } Session is NULL for some reason, but I am logged in and can access my home and profile and run other apps on Facebook (to see that I am logged on). I am following the sample on: http://github.com/facebook/php-sdk/blob/master/examples/example.php http://github.com/facebook/php-sdk/blob/master/src/facebook.php (download using raw URL: wget http://github.com/facebook/php-sdk/raw/master/src/facebook.php ) Trying on both hosting companies at dreamhost.com and netfirms.com, and the results are the same.

    Read the article

  • Facebook new js api and cross-domain file

    - by vondip
    Hi all, I am building a simple facebook iframe application. I've decided since the code is separate from facebook none the less, I will also create a connect website as well. In my connect website I'm trying to figure out the following: I am using facebook's new api and I am calling the init function. I can't seem to figure out where I combine my cross-domain file. There's no mention of it in their documentation either. http://developers.facebook.com/docs/reference/javascript/FB.init I am referring to these lines of code: <div id="fb-root"></div> <script> window.fbAsyncInit = function() { FB.init({appId: 'your app id', status: true, cookie: true, xfbml: true}); }; (function() { var e = document.createElement('script'); e.async = true; e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js'; document.getElementById('fb-root').appendChild(e); }()); </script>

    Read the article

  • EOFException in ObjectInputStream thrown accessing Servlet. Only for Webstart ?!

    - by Houtman
    Hi, My app. is started from both the commandline and by using an JNLP file. Im running java version 1.6.0_14 First i had the problem that i created the Buffered input and output streams in incorrect order. Found the solution here at StackOverflow . So starting from the commandline works fine now. But when starting the app using Webstart, it ends here java.io.EOFException at java.io.ObjectInputStream$PeekInputStream.readFully(Unknown Source) at java.io.ObjectInputStream$BlockDataInputStream.readShort(Unknown Source) at java.io.ObjectInputStream.readStreamHeader(Unknown Source) at java.io.ObjectInputStream.<init>(Unknown Source) at <..>remoting.thinclient.RemoteSocketChannel.<init>(RemoteSocketChannel.java:76) I found some posts regarding similar problems; at bugs.sun.com - identifies problem as solved in 6u10(b12)? at ibm.com - identifies cookies problem The latter suggests that there is a problem in Webstart with cookies. It doesn't seem to be acknowledged as a proper java bug though.. Still i am a bit lost in the solution provided regarding the cookies. Can anyone expand on the cookie solution? Many thanks.

    Read the article

  • Rackspace Cloud rewrite jpg causes Session reset

    - by willoller
    This may be the .Net version of this question. I have an image script with the following: ... Response.WriteFile(filename); Response.End(); I am rewriting .jpg files using the following rewrite rule in web.config: <rule name="Image Redirect" stopProcessing="true"> <match url="^product-images/(.*).jpg" /> <conditions> <add input="{REQUEST_URI}" pattern="\.(jp?g|JP?G)$" /> </conditions> <action type="Redirect" redirectType="SeeOther" url="/product-images/ProductImage.aspx?path=product-images/{tolower:{R:1}}.jpg" /> </rule> It basically just rewrites the image path into a query parameter. The problem is that (intermittently of course) Mosso returns a new Asp Session cookie which breaks the whole world. Directly accessing a static .jpg file does not cause this problem. Directly accessing the image script does not cause it either. Only rewriting a .jpg file to the .aspx script causes the Session loss. Things I have tried (From the Rackspace doc How can I bypass the cache?) I added Private cacheability to the image script itself: Response.Cache.SetCacheability(HttpCacheability.Private); I tried adding these cache-disabling nodes to web.config: <staticContent> <clientCache cacheControlMode="DisableCache" /> </staticContent> and <httpProtocol> <customHeaders> <add name="Cache-Control private" value="Cache-Control private" </customHeaders> </httpProtocol> The Solution I need The browser cache cannot be disabled. This means potential solutions involving Cache.SetNoStore() or HttpCacheability.NoCache will not work.

    Read the article

  • Intermittent asp.net mvc exception: “A public action method ABC could not be found on controller XYZ

    - by Chris Schoon
    Hi, I'm getting an intermittent exception saying that asp.net mvc can’t find the action method. Here’s the exception: A public action method 'Fill' could not be found on controller 'Schoon.Form.Web.Controllers.ChrisController'. I think I have the routing set up correctly because this application works most of the time. Here is the controller’s action method. [ActionName("Fill")] [AcceptVerbs(HttpVerbs.Get | HttpVerbs.Post), UserIdFilter, DTOFilter] public ActionResult Fill(int userId, int subscriberId, DisplayMode? mode) { //… } The route: routes.MapRoute( "SchoonForm", "Form/Fill/{subscriberId}", new { controller = "ChrisController", action = "Fill" }, new { subscriberId = @"\d+" } ); And here is the stack: System.Web.HttpException: A public action method 'Fill' could not be found on controller 'Schoon.Form.Web.Controllers.ChrisController'. at System.Web.Mvc.Controller.HandleUnknownAction(String actionName) in C:\dev\ThirdParty\MvcDev\src\SystemWebMvc\Mvc\Controller.cs:line 197 at System.Web.Mvc.Controller.ExecuteCore() in C:\dev\ThirdParty\MvcDev\src\SystemWebMvc\Mvc\Controller.cs:line 164 at System.Web.Mvc.ControllerBase.Execute(RequestContext requestContext) in C:\dev\ThirdParty\MvcDev\src\SystemWebMvc\Mvc\ControllerBase.cs:line 76 at System.Web.Mvc.ControllerBase.System.Web.Mvc.IController.Execute(RequestContext requestContext) in C:\dev\ThirdParty\MvcDev\src\SystemWebMvc\Mvc\ControllerBase.cs:line 87 at System.Web.Mvc.MvcHandler.ProcessRequest(HttpContextBase httpContext) in C:\dev\ThirdParty\MvcDev\src\SystemWebMvc\Mvc\MvcHandler.cs:line 80 at System.Web.Mvc.MvcHandler.ProcessRequest(HttpContext httpContext) in C:\dev\ThirdParty\MvcDev\src\SystemWebMvc\Mvc\MvcHandler.cs:line 68 at System.Web.Mvc.MvcHandler.System.Web.IHttpHandler.ProcessRequest(HttpContext httpContext) in C:\dev\ThirdParty\MvcDev\src\SystemWebMvc\Mvc\MvcHandler.cs:line 104 at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) Here is an example of my filters they all work the same way: public class UserIdFilter : ActionFilterAttribute { public override void OnActionExecuting(ActionExecutingContext filterContext) { const string Key = "userId"; if (filterContext.ActionParameters.ContainsKey(Key)) { filterContext.ActionParameters[Key] = // get the user id from session or cookie } base.OnActionExecuting(filterContext); } } Thanks, Chris

    Read the article

  • Jsp static import

    - by folone
    I've created a Spring Roo project. Everything looks fine. Now I want to add a form with a text input and a button to my index.jspx. This form will change a static field currentUser in my ToDo class. So I'm adding: <form> <%@ page import="static com.mypack.domain.ToDo.*" %> <label for="_username_id">My name is:</label> <% currentUser = request.getParameter("username"); %> <input type="text" id="username" name="username" maxlength="30" path="username" size="0" value="<%= currentUser %>"/> <input type="submit"/> </form> somewhere in the middle of it. And now it won't work: This page contains the following errors: error on line 6 at column 20: StartTag: invalid element name Below is a rendering of the page up to the first error. function readCookie(name) { var nameEQ = name + '='; var ca = document.cookie.split(';'); for(var i=0;i If I comment the lines above, it works just fine. What is wrong? Is there a way to write a value to a static field of a class from a jsp page? How do I work around this?

    Read the article

  • Problem with sending cookies with file_get_contents

    - by Ikke
    Hi, i'm trying to get the contents from another file with file_get_contents (don't ask why). I have two files: test1.php and test2.php. Test1.php returns a string, bases on the user that is logged in. Test2.php tries to get the contents of test1.php and is being executed by the browser, thus getting the cookies. To send the cookies with file_get_contents, i create a streaming context: $opts = array('http' => array('header'=> 'Cookie: ' . $_SERVER['HTTP_COOKIE']."\r\n"))`; I'm retreiving the contents with: $contents = file_get_contents("http://www.domain.com/test1.php", false, $opts); But now I get the error: Warning: file_get_contents(http://www.domain.com/test1.php) [function.file-get-contents]: failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found Does somebody knows what i'm doing wroing here? edit: forgot to mention: Without the streaming_context, the page just loads. But withouth the cookies I don't get the info I need.

    Read the article

  • Loading a helper elsewhere than the autoload.php?

    - by drpcken
    I inherited a project and I'm cleaning up a bit and trying to finish it. I noticed that they used (or wrote) a breadcrumb helper. It is in my helpers folder and is named breadcrumb_helper.php It has a single function to build a breadcrumb menu with links and pass it to the view breadcrumbs.php. Here's the code: function show_breadcrumbs() { $ci =& get_instance(); $ci->load->helper('inflector'); $data = ''; //build breadcrumb and store in $data $this->load->view("breadcrumbs", $data) } I was trying to figure out how this helper worked and I checked the autoload.php but there is no reference to the helper in there. In face here is my autoload: $autoload['helper'] = array('url','asset','combine','navigation','form','portfolio','cookie','default'); This show_breadcrumbs() function is used quite a bit in some of my pages so I'm confused as to how its loading if it isn't in the autoloader. It is called like this in a few of my pages: <?=show_breadcrumbs()?> What am I missing? Why isn't this in my autoload? I even did a global search and couldn't find anywhere the helper is being loaded.

    Read the article

  • How to prevent session hijacking with SID (CGI perl)

    - by Gnippots
    I have a web app used by a small number of people (internal only) and am using a randomised sessionID that is stored under the user record and placed in various links. I have had a problem where users are sending links to each other which is allowing them to hijack the sender's session. What are some ways of preventing this from happening while still letting users send links to one another? Edit: The session ID in the link (which also contains $username) is just compared to what is stored in the User table. &incorrectLogin just prints an error followed by die; if ($sid) { $sth = $dbh->prepare("SELECT * FROM tbl_User WHERE UserID = '$username'"); $sth->execute(); $ref = $sth->fetchrow_hashref(); $session_chk = $ref->{'usr_sessionID'}; unless ($sid eq $session_chk) {&incorrectLogin;} } The problem is that if someone uses a link that is created by someone else, the page will load as them. I am not using cookies, and I recall being told in the past that CGI perl cookie handling is quite poor.

    Read the article

  • X-Forwarded-For causing Undefined index in PHP

    - by bateman_ap
    Hi, I am trying to integrate some third party tracking code into one of my sites, however it is throwing up some errors, and their support isn't being much use, so i want to try and fix their code myself. Most I have fixed, however this function is giving me problems: private function getXForwardedFor() { $s =& $this; $xff_ips = array(); $headers = $s->getHTTPHeaders(); if ($headers['X-Forwarded-For']) { $xff_ips[] = $headers['X-Forwarded-For']; } if ($_SERVER['REMOTE_ADDR']) { $xff_ips[] = $_SERVER['REMOTE_ADDR']; } return implode(', ', $xff_ips); // will return blank if not on a web server } In my dev enviroment where I am showing all errors I am getting: Notice: Undefined index: X-Forwarded-For in /sites/webs/includes/OmnitureMeasurement.class.php on line 1129 Line 1129 is: if ($headers['X-Forwarded-For']) { If I print out $headers I get: Array ( [Host] => www.domain.com [User-Agent] => Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 [Accept] => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 [Accept-Language] => en-gb,en;q=0.5 [Accept-Encoding] => gzip,deflate [Accept-Charset] => ISO-8859-1,utf-8;q=0.7,*;q=0.7 [Keep-Alive] => 115 [Connection] => keep-alive [Referer] => http://www10.toptable.com/ [Cookie] => PHPSESSID=nh9jd1ianmr4jon2rr7lo0g553; __utmb=134653559.30.10.1275901644; __utmc=134653559 [Cache-Control] => max-age=0 ) I can't see X-Forwarded-For in there which I think is causing the problem. Is there something I should add to the function to take this into account? I am using PHP 5.3 and Apache 2 on Fedora

    Read the article

  • Any danger in calling flash messages html_safe?

    - by PreciousBodilyFluids
    I want a flash message that looks something like: "That confirmation link is invalid or expired. Click here to have a new one generated." Where "click here" is of course a link to another action in the app where a new confirmation link can be generated. Two drawbacks: One, since link_to isn't defined in the controller where the flash message is being set, I have to put the link html in myself. No big deal, but kind of messy. Number two: In order for the link to actually display properly on the page I have to html_safe the flash display function in the view, so now it looks like (using Haml): - flash.each do |name, message| = content_tag :div, message.html_safe This gives me pause. Everything else I html_safe has been HTML I've written myself in helpers and whatnot, but the contents of the flash hash are stored in a cookie client-side, and could conceivably be changed. I've thought through it, and I don't see how this could result in an XSS attack, but XSS isn't something I have a great understanding of anyway. So, two questions: 1. Is there any danger in always html_safe-ing all flash contents like this? 2. The fact that this solution is so messy (breaking MVC by using HTML in the controller, always html_safe-ing all flash contents) make me think I'm going about this wrong. Is there a more elegant, Rails-ish way to do this? I'm using Rails 3.0.0.beta3.

    Read the article

  • I am looking for an actual functional web browser control for .NET, maybe a C++ library

    - by Joshua
    I am trying to emulate a web browser in order to execute JavaScript code and then parse the DOM. The System.Windows.Forms.WebBrowser object does not give me the functionality I need. It let's me set the headers, but you cannot set the proxy or clear cookies. Well you can, but it is not ideal and messes with IE's settings. I've been extending the WebBrowser control pinvoking native windows functions so far, but it is really one hack on top of another. I can mess with the proxy and also clear cookies and such, but this control has its issues as I mentioned. I found something called WebKit .NET (http://webkitdotnet.sourceforge.net/), but I don't see support for setting proxies or cookie manipulation. Can someone recommend a c++/.NET/whatever library to do this: Basically tell me what I need to do to get an interface to similar this in .NET: // this should probably pause the current thread for the max timeout, // throw an exception on failure or return null w/e, VAGUELY similar to this string WebBrowserEmu::FetchBrowserParsedHtml(Uri url, WebProxy p, int timeoutSeconds, byte[] headers, byte[] postdata); void WebBrowserEmu::ClearCookies(); I am not responsible for my actions.

    Read the article

  • ASP.Net forms authentication - multiple providers

    - by Chris Klepeis
    I have an ASP.Net 4.0 application, and within it is a folder called "Forum", setup as a sub application in IIS 7. This forum package implements a custom provider for .net membership. The forum is running in .net 3.5. I'd like to setup the main site so that when users login, it logs them into both my site and the forum site. Both the main site and the forum have separate .Net membership tables. How can I specify which provider to use with formsauthentication? right now I have FormsAuthentication.SetAuthCookie(...); this, however, just uses my default provider and does nothing with the provider for the forum I tried setting the forum app and my web app to have the same cookie name, as well as setting the machinekey on each: <machineKey validationKey="AutoGenerate" validation="SHA1" /> no dice. I googled and didnt really come up with any example of how to use multiple providers like I want to. I updated my web.config to have both provideers but this is useless if I cannot specify in my code which one to use.

    Read the article

  • setting cookies

    - by aharon
    Okay, so I'm trying to set cookies using Ruby. I'm in a Rack environment. response[name]=value will add an HTTP header into the HTTP headers hash rack has. I know that it works. The following method doesn't work: def set_cookie(opts={}) args = { :name => nil, :value => nil, :expires => Time.now+314, :path => '/', :domain => Cambium.uri #contains the IP address of the dev server this is running on }.merge(opts) raise ArgumentError, ":name and :value are mandatory" if args[:name].nil? or args[:value].nil? response['Set-Cookie']="#{args[:name]}=#{args[:value]}; expires=#{args[:expires].clone.gmtime.strftime("%a, %d-%b-%Y %H:%M:%S GMT")}; path=#{args[:path]}; domain=#{args[:domain]}" end Why not? And how can I solve it? Thanks.

    Read the article

  • How someone using my Facebook website app can post to their pages timeline

    - by user1334414
    I have a website where businesses create content through a PHP backend system. Each time they create a new piece of content, I want it to publish to their Facebook pages timeline (not the users timeline). I have created the authenticate code: <div id="fb-root"></div> <script> window.fbAsyncInit = function() { FB.init({ appId : 'XXXXXXXXXX', status : true, cookie : true, xfbml : true, oauth : true, }); }; (function(d){ var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;} js = d.createElement('script'); js.id = id; js.async = true; js.src = "//connect.facebook.net/en_US/all.js"; d.getElementsByTagName('head')[0].appendChild(js); }(document)); </script> <div class="fb-login-button" scope="manage_pages"> Login with Facebook </div> With manage_pages as a scope. I need to know how they can select which page they want the post to go to (if they have more than 1 page), and also how to automatically post to that pages wall when they submit the content (which is done via a PHP form). Thanks

    Read the article

  • PHP Facebook Cronjob with offline access

    - by Mohamed Salem
    1:the code to greet the user, ask for his permission and store his session data so that we can use a cronjob with his session data afterwards. <?php $db_server = "localhost"; $db_username = "username"; $db_password = "password"; $db_name = "databasename"; #go to line 85, the script actually starts there mysql_connect($db_server,$db_username,$db_password); mysql_select_db($db_name); #you have to create a database to store session values. #if you do not know what columns there should be look at line 76 to see column names. #make them all varchars # Now lets load the FB GRAPH API require './facebook.php'; // Create our Application instance. global $facebook; $facebook = new Facebook(array( 'appId' => '121036530138', 'secret' => '9bbec378147064', 'cookie' => false,)); # Lets set up the permissions we need and set the login url in case we need it. $par['req_perms'] = "friends_about_me,friends_education_history,friends_likes, friends_interests,friends_location,friends_religion_politics, friends_work_history,publish_stream,friends_activities, friends_events, friends_hometown,friends_location ,user_interests,user_likes,user_events, user_about_me,user_status,user_work_history,read_requests, read_stream,offline_access,user_religion_politics,email,user_groups"; $loginUrl = $facebook->getLoginUrl($par); function save_session($session){ global $facebook; # OK lets go to the database and see if we have a session stored $sid=mysql_query("Select access_token from facebook_user WHERE uid =".$session['uid']); $session_id=mysql_fetch_row($sid); if (is_array($session_id)) { # We have a stored session, but is it valid? echo " We have a session, but is it valid?"; try { $attachment = array('access_token' => $session_id[0]); $ret_code=$facebook->api('/me', 'GET', $attachment); } catch (Exception $e) { # We don't have a good session so echo " our old session is not valid, let's delete saved invalid session data "; $res = mysql_query("delete from facebook_user WHERE uid =".$session['uid']); #save new good session #to see what is our session data: print_r($session); if (is_array($session)) { $sql="insert into facebook_user (session_key,uid,expires,secret,access_token,sig) VALUES ('".$session['session_key']."','".$session['uid']."','". $session['expires']."','". $session['secret'] ."','" . $session['access_token']."','". $session['sig']."');"; $res = mysql_query($sql); return $session['access_token']; } # this should never ever happen echo " Something is terribly wrong: Our old session was bad, and now we cannot get the new session"; return; } echo " Our old stored session is valid "; return $session_id[0]; } else { echo " no stored session, this means the user never subscribed to our application before. "; # let's store the session $session = $facebook->getSession(); if (is_array($session)) { # Yes we have a session! so lets store it! $sql="insert into facebook_user (session_key,uid,expires,secret,access_token,sig) VALUES ('".$session['session_key']."','".$session['uid']."','". $session['expires']."','". $session['secret'] ."','". $session['access_token']."','". $session['sig']."');"; $res = mysql_query($sql); return $session['access_token']; } } } #this is the first meaningful line of this script. $session = $facebook->getSession(); # Is the user already subscribed to our application? if ( is_null($session) ) { # no he is not #send him to permissions page header( "Location: $loginUrl" ); } else { #yes, he is already subscribed, or subscribed just now #in case he just subscribed now, save his session information $access_token=save_session($session); echo " everything is ok"; # write your code here to do something afterwards } ?> error Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/content/28/9687528/html/ss/src/indexx.php:1) in /home/content/28/9687528/html/ss/src/facebook.php on line 49 Fatal error: Call to undefined method Facebook::getSession() in /home/content/28/9687528/html/ss/src/indexx.php on line 86 2:A cronjob template that reads the stored session of a user from database, uses his session data to work on his behalf, like reading status posts or publishing posts etc. <?php $db_server = "localhost"; $db_username = "username"; $db_password = "pass"; $db_name = "database"; # Lets connect to the Database and set up the table $link = mysql_connect($db_server,$db_username,$db_password); mysql_select_db($db_name); # Now lets load the FB GRAPH API require './facebook.php'; // Create our Application instance. global $facebook; $facebook = new Facebook(array( 'appId' => 'appid', 'secret' => 'secret', 'cookie' => false, )); function get_check_session($uidCheck){ global $facebook; # This function basically checks for a stored session and if we have one it returns it # OK lets go to the database and see if we have a session stored $sid=mysql_query("Select access_token from facebook_user WHERE uid =".$uidCheck); $session_id=mysql_fetch_row($sid); if (is_array($session_id)) { # We have a session # but, is it valid? try { $attachment = array('access_token' => $session_id[0],); $ret_code=$facebook->api('/me', 'GET', $attachment); } catch (Exception $e) { # We don't have a good session so echo " User ".$uidCheck." removed the application, or there is some other access problem. "; # let's delete stored data $res = mysql_query("delete from facebook_user where WHERE uid =".$uidCheck); return; } return $session_id[0]; } else { # "no stored session"; echo " error:newsFeedcrontab.php No stored sessions. This should not have happened "; } } # get all users that have given us offline access $users = getUsers(); foreach($users as $user){ # now for each user, check if they are still subscribed to our application echo " Checking user".$user; $access_token=get_check_session($user); # If we've not got an access_token we actually need to login. # but in the crontab, we just log the error, there is no way we can find the user to give us permission here. if ( is_null($access_token) ) { echo " error: newsFeedcrontab.php There is no access token for the user ".$user." "; } else { #we are going to read the newsfeed of user. There are user's friends' posts in this newsfeed try{ $attachment = array('access_token' => $access_token); $result=$facebook->api('/me/home', 'GET', $attachment); }catch(Exception $e){ echo " error: newsfeedcrontab.php, cannot get feed of ".$user.$e; } #do something with the result here #but what does the result look like? #go to http://developers.facebook.com/docs/reference/api/user/ and click on the "home" link under connections #we can also read the home of user. Home is the wall of the user who has given us offline access. try{ $attachment = array('access_token' => $access_token); $result=$facebook->api('/me/feed', 'GET', $attachment); }catch(Exception $e){ echo " error: newsfeedcrontab.php, cannot get wall of ".$user.$e; } #do something with the result here # #but what does the result look like? #go to http://developers.facebook.com/docs/reference/api/user/ and click on the "feed" link under connections } } function getUsers(){ $sql = "SELECT distinct(uid) from facebook_user Where 1"; $result = mysql_query($sql); while($row = mysql_fetch_array($result)){ $rows [] = $row['uid']; } print_r($rows); return $rows; } mysql_close($link); ?> error Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/content/28/9687528/html/ss/src/cron.php:1) in /home/content/28/9687528/html/ss/src/facebook.php on line 49 Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/content/28/9687528/html/ss/src/cron.php on line 110 Warning: Invalid argument supplied for foreach() in /home/content/28/9687528/html/ss/src/cron.php on line 64

    Read the article

  • Kohana Sessions data does not persist across pages in chrome and ir browsers

    - by user1062637
    Kohana Session data does not persist across pages opened in Chrome and IE browsers the same works fine in a Firefox browser Kohana version used is 2.3 session config files hold $config['driver'] = 'native'; /** * Session storage parameter, used by drivers. */ $config['storage'] = ''; /** * Session name. * It must contain only alphanumeric characters and underscores. At least one letter must be present. */ $config['name'] = 'NITWSESSID'; /** * Session parameters to validate: user_agent, ip_address, expiration. */ $config['validate'] = array(); /** * Enable or disable session encryption. * Note: this has no effect on the native session driver. * Note: the cookie driver always encrypts session data. Set to TRUE for stronger encryption. */ $config['encryption'] = FALSE; /** * Session lifetime. Number of seconds that each session will last. * A value of 0 will keep the session active until the browser is closed (with a limit of 24h). */ $config['expiration'] = 2700; /** * Number of page loads before the session id is regenerated. * A value of 0 will disable automatic session id regeneration. */ $config['regenerate'] = 0; /** * Percentage probability that the gc (garbage collection) routine is started. */ $config['gc_probability'] = 2; Help needed urgently

    Read the article

  • How to authenticate multiple entry points in a facebook app?

    - by Simon_Weaver
    I am using an IFrame application with XFBML and the new Javascript API. I'd like to have a facebook application with multiple entry points. These will most likely represent different links coming from a fan page tab. I can do this quite easily if the pages don't require authentication - for instance I can create several pages under the app and if a new user comes I can send them to any page: http://apps.facebook.com/myapp/offers http://apps.facebook.com/myapp/game http://apps.facebook.com/myapp/products The problem is that if I need to have authentication then once the user is authenticated they get redirected to my default post-authorization url. Is there a way for a user that comes to /game to stay on /game after they are authenticated without redirecting. I thought I could do it with the AJAX login form - but I cannot find out how to do that in a Facebook IFrame application. I think the example using requirelogin only works for FBML. <a href="http://apps.facebook.com/mysmiley" requirelogin=1> Welcome to my app</a>. Is there a way to accomplish this with Facebook APIs - or will I have to do some kind of clever cookie handling?

    Read the article

  • Apache + Passenger not passing on custom status codes

    - by harm
    I'm currently building an API. This API communicates with the client via status codes. I created several custom status codes (as per http://www.w3.org/Protocols/rfc2616/rfc2616-sec6.html#sec6) in order to inform the client on certain things. For example I introduced the 481 status code to signify a specific client error. The Rails app I wrote works like a charm. But when Apache and Passenger are serving it things run aground. When I provoke a 481 error the response header looks like this: HTTP/1.1 500 Internal Server Error Date: Wed, 19 May 2010 06:37:05 GMT Server: Apache/2.2.9 (Debian) Phusion_Passenger/2.2.5 mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.2.5 Cache-Control: no-cache X-Runtime: 1938 Set-Cookie: _session_id=32bc259dc763193ad57ae7dc19d5f57e; path=/; HttpOnly Content-Length: 62 Status: 481 Content-Type: application/json; charset=utf-8 As you can see the original Status header is still there almost a the end. But the 'true' status header (the very first line) is quiet different. It seems that Apache doesn't like Status headers it has no knowledge of and thus assumes an error. Is there anyway to fix this? Maybe via the mod_headers ( http://httpd.apache.org/docs/2.2/mod/mod_headers.html) module? I don't know enough of Apache to figure this out on my own. Thanks,

    Read the article

  • Can a WebServiceHost be changed to avoid the use of HttpListener?

    - by sbyse
    I am looking for a way to use a WCF WebServiceHost without having to rely on the HttpListener class and it's associated permission problems (see this question for details). I'm working on a application which communicates locally with another (third-party) application via their REST API. At the moment we are using WCF as an embedded HTTP server. We create a WebServiceHost as follows: String hostPath = "http://localhost:" + portNo; WebServiceHost host = new WebServiceHost(typeof(IntegrationService), new Uri(hostPath)); // create a webhttpbinding for rest/pox and enable cookie support for session management WebHttpBinding webHttpBinding = new WebHttpBinding(); webHttpBinding.AllowCookies = true; ServiceEndpoint ep = host.AddServiceEndpoint(typeof(IIntegrationService), webHttpBinding, ""); host.Open() ChannelFactory<IIntegrationService> cf = new ChannelFactory<IIntegrationService>(webHttpBinding, hostPath); IIntegrationService channel = cf.CreateChannel(); Everything works nicely as long as our application is run as administrator. If we run our application on a machine without administrative privileges the host.Open() will throw an HttpListenerException with ErrorCode == 5 (ERROR_ACCESS_DENIED). We can get around the problem by running httpcfg.exe from the command line but this is a one-click desktop application and that's not really as long term solution for us. We could ditch WCF and write our own HTTP server but I'd like to avoid that if possible. What's the easiest way to replace HttpListener with a standard TCP socket while still using all of the remaining HTTP scaffolding that WCF provides?

    Read the article

  • Struts 2 discard cache header

    - by Dewfy
    I have strange discarding behavior of struts2 while setting cache option for my image. I'm trying to put image from db to be cached on client side To render image I use ( http://struts.apache.org/2.x/docs/how-can-we-display-dynamic-or-static-images-that-can-be-provided-as-an-array-of-bytes.html ) where special result type render as follow: public void execute(ActionInvocation invocation) throws Exception { ...//some preparation HttpServletResponse response = ServletActionContext.getResponse(); HttpServletRequest request = ServletActionContext.getRequest(); ServletOutputStream os = response.getOutputStream(); try { byte[] imageBytes = action.getImage(); response.setContentType("image/gif"); response.setContentLength(imageBytes.length); //I want cache up to 10 min Date future = new Date(((new Date()).getTime() + 1000 * 10*60l)); ; response.addDateHeader("Expires", future.getTime()); response.setHeader("Cache-Control", "max-age=" + 10*60 + ""); response.addHeader("cache-Control", "public"); response.setHeader("ETag", request.getRequestURI()); os.write(imageBytes); } catch(Exception e) { response.sendError(HttpServletResponse.SC_NOT_FOUND); } os.flush(); os.close(); } But when image is embedded to page it is always reloaded (Firebug shows code 200), and neither Expires, nor max-age are presented in header Host localhost:9090 Accept image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language en-us,en;q=0.5 Accept-Encoding gzip,deflate Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive 300 Connection keep-alive Referer http://localhost:9090/web/result?matchId=1 Cookie JSESSIONID=4156BEED69CAB0B84D950932AB9EA1AC; If-None-Match /web/_srv/teamcolor Cache-Control max-age=0 I have no idea why it is dissapered, may be problem in url? It is forms with parameter: http://localhost:9090/web/_srv/teamcolor?loginId=3

    Read the article

  • Debugging Post Request with Chrome Dev Tools

    - by benek
    I am trying to use Chrome Dev for debugging the following Angular post request : $http.post("http://picjboss.puma.lan:8880/fluxpousse/api/flow/createOrUpdateHeader", flowHeader) After running the statement with right-click / evaluate, I can see the post in the network panel with a pending state. How can I get the result or "commit" the request and leave easily this "pending" state from the dev console ? I am not yet very familiar with JS callbacks, some code is expected. Thanks. EDIT I have tried to run from the console : $scope.$apply(function(){$http.post("http://picjboss.puma.lan:8880/fluxpousse/api/flow/createOrUpdateHeader", flowHeader).success(function(data){console.log("error "+data)}).error(function(data){console.log("error "+data)})}) It returns : undefined EDIT The post I am trying to solve generate an HTTP 400. Here is the result : Request URL:http://picjboss.puma.lan:8880/fluxpousse/api/flow/createOrUpdateHeader Request Method:POST Status Code:400 Mauvaise Requ?te Request Headersview source Accept:application/json, text/plain, / Accept-Encoding:gzip,deflate,sdch Accept-Language:fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4 Connection:keep-alive Content-Length:5354 Content-Type:application/json;charset=UTF-8 Cookie:JSESSIONID=285AF523EA18C0D7F9D581CDB2286C56 Host:picjboss.puma.lan:8880 Origin:http://picjboss.puma.lan:8880 Referer:http://picjboss.puma.lan:8880/fluxpousse/ User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36 X-Requested-With:XMLHttpRequest Request Payloadview source {refHeader:IDSFP, idEntrepot:619, codeEntreprise:null, codeBanniere:null, codeArticle:7,…} cessionPrice: 78 codeArticle: "7" codeBanniere: null codeDateAppro: null codeDateDelivery: null codeDatePrepa: null codeEntreprise: null codeFournisseur: null codeUtilisateur: null codeUtilisateurLastUpdate: null createDate: null dateAppro: null dateDelivery: null datePrepa: null hasAssortControl: null hasCadenceForce: null idEntrepot: 619 isFreeCost: null labelArticle: "Mayonnaise de DIJON" labelFournisseur: null listDetail: [,…] pcbArticle: 12 pvc: 78 qte: 78 refCommande: "ref" refHeader: "IDSFP" state: "CREATED" stockArticle: 1200 updateDate: null Response Headersview source Connection:close Content-Length:996 Content-Type:text/html;charset=utf-8 Date:Fri, 08 Nov 2013 15:19:30 GMT Server:Apache-Coyote/1.1 X-Powered-By:Servlet 2.5; JBoss-5.0/JBossWeb-2.1

    Read the article

< Previous Page | 65 66 67 68 69 70 71 72 73 74 75 76  | Next Page >