Search Results

Search found 20933 results on 838 pages for 'jeff post'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 718/838 | < Previous Page | 714 715 716 717 718 719 720 721 722 723 724 725  | Next Page >

  • Ways to prevent multiple email notification with php&mysql

    - by Louis Loudog Trottier
    My 1st post, but i got many great answers and tips from stackoverflow so far. This one was a close call- How does facebook, gmail send the real time notification? but not exactly, so let brainstorm this together. I have CMS system with mail notification when a change is made on the site. Everything wotk very well but i want to prevent multiple notification if somene make another quick change to, let say, fix a typo. Using php mail(), obviously. I've tough of 2 ways, one simple, and one.... let just say, pretty heavy... cough. the 3rd one was inspired by Implementing Email Notification but really doesn't look appealing to me to send bunch of email at once. Use a timestamp to check if another change was made in the 'let say' last 5 minutes. Record the last change, and compare it to the new one. Could be usefull for backup at the same time since i'll have to save the change somewhere, but text can be long and making an sql search would be painfull. Wouldn't it? Use cron to send changes every x minutes... convince me if you ythink it is a suitable solution. Any ideas, comment or suggestion of your own? Looking forward for your inputs, and since i now registered, i'll do my best to help around. Cheers, all llt

    Read the article

  • wp trim function

    - by Juliver Galleto
    Ok i have this code currently. <?php query_posts('category_name=widgets2'); echo "<div id='widgets-wrapper2'><div id='marginwidgets' style='overflow: auto; max- width: 100%; height: 450px; max-height: 100%; margin: 0 auto;'>"; while (have_posts()) : the_post(); echo "<div class='thewidgets2'>"; echo wp_trim_words( the_content(), $num_words = 0, $more = "..." ); echo '<div style="height: 20px;"></div><a class="button2" href="'.get_permalink().'">Read More</a></div>'; endwhile; echo "</div></div>"; ?> as you can see, it gets all the post from the category name widgets2 and then it should display it. and this line echo wp_trim_words( the_content(), $num_words = 100, $more = "..." ); should trim the words from the_content() to 100 and add a excerpt at the end character but unfortunately it doesnt work, instead it just display the entire contents that looks untrim at all. Hope someone here could figured out. Im open in any suggestions, recommendations and all relevant ideas, thank you.

    Read the article

  • C# Custom user settings class not saving

    - by Zenox
    I have the following class: [Serializable] [XmlRoot ( ElementName = "TextData", IsNullable = false)] public class TextData { private System.Drawing.Font fontColor; [XmlAttribute ( AttributeName = "Font" )] public System.Drawing.Font Font { get; set; } [XmlAttribute ( AttributeName = "FontColor" )] public System.Drawing.Color FontColor { get; set; } [XmlAttribute ( AttributeName = "Text" )] public string Text { get; set; } public TextData ( ) { } // End of TextData } // End of TextData And Im attempting to save it with the following code: // Create our font dialog FontDialog fontDialog = new FontDialog ( ); fontDialog.ShowColor = true; // Display the dialog and check for an ok if ( DialogResult.OK == fontDialog.ShowDialog ( ) ) { // Save our changes for the font settings if ( null == Properties.Settings.Default.MainHeadlineTextData ) { Properties.Settings.Default.MainHeadlineTextData = new TextData ( ); } Properties.Settings.Default.MainHeadlineTextData.Font = fontDialog.Font; Properties.Settings.Default.MainHeadlineTextData.FontColor = fontDialog.Color; Properties.Settings.Default.Save ( ); } Everytime I load the the application, the Properties.Settings.Default.MainHeadlineTextData is still null. Saving does not seem to take effect. I read on another post that the class must be public and it is. Any ideas why this would not be working properly?

    Read the article

  • jQuery: serializing array returns empty string

    - by John Smith
    I did not forget to add name attributes as is a common problem and yet my serialized form is returning an empty string. What am I doing wrong? HTML/javascript: <head> <script src="http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js"></script> <script> $( document ).ready( function() { $('#word_form').submit(function(e) { e.preventDefault(); console.log($(this).serialize()); //returns an empty string }); }); </script> </head> <body> <div id="wrapper"> <form name="word_form" id="word_form" method="POST"> <input type="image" name="thumbsUp" id="thumb1" value="1" src="http://upload.wikimedia.org/wikipedia/commons/8/87/Symbol_thumbs_up.svg" style="width:50px;height:50px;"> <input type="image" name="thumbsDown" id="thumb2" value="2" src="http://upload.wikimedia.org/wikipedia/commons/8/84/Symbol_thumbs_down.svg" style="width:50px;height:50px;"> </form> </div> </body> Thanks!

    Read the article

  • how to pass time Interval in list pref option

    - by user1748932
    <ListPreference android:entries="@array/listOptions2" android:entryValues="@array/listValues2" android:key="listprefrefresh" android:summary="set Refresh The Applciation" android:title="Set TIme Intervale" /> <item>10 </item> <item>30</item> </integer-array> <integer-array name="listValues2"> <item>10000</item> <item>30000</item> </integer-array> public static final String PREF_BEER_SIZE2 = "listprefrefresh"; Preference beerPref2 = (Preference) findPreference(PREF_BEER_SIZE2); beerPref2 .setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() { public boolean onPreferenceChange(Preference preference, Object newValue) { // TODO Auto-generated method stub final ListPreference listrefresh = (ListPreference) preference; final int idx = listrefresh .findIndexOfValue((String) newValue); if (idx == 0 ) { handler.post(timedTask); // } else if (idx == 1) { // System.out.println("2"); } return true; } }); This is my code i want Pass Time how can i implement right now? I am passing Integr value.please tell me

    Read the article

  • How to add sub category on my codeigniter php application ?

    - by sagarmatha
    Hello friends I have a view echo "<label for='parent'>Category</label><br/> "; echo form_dropdown('category_id', $categories). "<p>"; controller function create(){ if($this->input->post('name')){ $this->MProducts->addProduct(); $this->session->set_flashdata('message', 'Products Created'); redirect('admin/products/index', 'refresh'); }else{ $data['title'] = "Create Product"; $data['main'] = 'admin_product_create'; $data['categories']= $this->MCats->getTopCategories(); $this->load->vars($data); $this->load->view('dashboard'); } } and the model is function getTopcategories(){ $data = array(); $data[0] = 'root'; $this->db->where('parentid',0); $Q = $this->db->get('categories'); if($Q->num_rows() > 0){ foreach($Q->result_array() as $row){ $data[$row['id']] = $row['name']; } } $Q->free_result(); return $data; } Basically, what i want is we get sub categories when we click categories and 'selected' subcategory id goes to database when we create products, So that we can list products by sub categories. Please help me how do we do that ?

    Read the article

  • How can I save a file on an http server using just http requests and javascript?

    - by user170902
    hi all, I'm trying to understand some of the basics of web servers/html/javasacript etc. I'm not interested in any of the various frameworks like php/asp, i'm just trying to get a low level look at things (for now). At the moment I'm trying to understand how data can be sent to/saved on the backend, but i must admit that i'm getting a bit lost under the various specs/technical stuff on w3 at the moment! If I have some data, say xml, that I want to save on the backend how do I go about it? I assume that I would have to use something like an HTTP PUT or POST Request to an html doc that contains some javascript that in turn would process the data, e.g. save it somewhere. Now from googling around I can see that this doesn't seem to be the case, so my assumptions are completely wrong! So how is it done? Can it be done, or do I have to use something like php or asp? TIA. bg

    Read the article

  • Jquery form Ajax Submit

    - by user1766080
    I want to submit a form using ajax in the background. I tried: <div class="form-horizontal" id="form"> <label for="name" class="control-label">Username</label> <div class="controls"> <span id="name_input"><input type="text" name="name" id="medium" class='input-medium input-square'></span> <span class="help-inline" id = "ajax_load"></span> </div> <div class="form-actions"> <button class="btn btn-red5" onclick="resolve()">Login</button> <input type="reset" class='btn btn-danger' value="Reset"> </div> </div> And the Javascript: <script type="text/javascript"> var resolve = function () { jAlert('test', 'test'); $('#ajax_load').html('<a href="#" class="btn btn-mini btn-square tip" title="Reloading"><img src="templates/img/ajax-loader.gif" alt=""></a>'); $.ajax( { url : 'plugin.php?plugin=test', type : 'post', data: $("#form").serialize(), success : function( resp ) { if(resp.ajax_success == false) { } else { jAlert('test', 'test'); } } }); }; </script> I get an alert, but there is no form submit. I checked that with Live http headers. Why does it not submit the form?

    Read the article

  • How to use Jquery UI in my Custom Function? (Autocomplete)

    - by bakazero
    I want to create a function to simplify configuration of jQuery UI AutoComplete. Here is my function code: (function($) { $.fn.myAutocomplete = function() { var cache = {}; var dataUrl = args.dataUrl; var dataSend = args.dataItem; $.autocomplete({ source: function(request, response) { if (cache.term == request.term && cache.content) { response(cache.content); } if (new RegExp(cache.term).test(request.term) && cache.content && cache.content.length < 13) { var matcher = new RegExp($.ui.autocomplete.escapeRegex(request.term), "i"); response($.grep(cache.content, function(value) { return matcher.test(value.value) })); } $.ajax({ url: dataUrl, dataType: "json", type: "POST", data: dataSend, success: function(data) { cache.term = request.term; cache.content = data; response(data); } }); }, minLength: 2, }); } }) (jQuery); but when I'm using this function like: $("input#tag").myAutocomplete({ dataUrl: "/auto_complete/tag", dataSend: { term: request.term, category: $("input#category").val() } }); It's give me an error: Uncaught ReferenceError: request is not defined

    Read the article

  • how to arrange the checkboxes in 3/3 format on a layout of a form

    - by anwaar
    hi there can anyone plz tell me how to arrange the list of checkboxes of cuisines label which is retrived from the data base and when it is displaying it is not in the order coming side by side all together i want it to be displayed in a 3 by 3 format.here is the code for that: <div id="frmform"> <form name="frmrestaurant" id="frmrestaurant" method="post" onsubmit="" enctype="multipart/form-data"> <p class="msgsignup">Add Restaurant</p> <div id="iderror"></div> <div class="topinputs"> <div> <label for="restaurant_name" class="name">Restaurant Name :</label><input type="text" name="restaurant_name" size="32" id="restaurant_name" value="<?php echo $row->restaurant_name; ?>" class="validate[required,custom[onlyLetter],length[0,100]] text-input" /> </div> </div> <div> <label for="website" class="name">Website :</label><input size="32" type="text" name="website" id="website" value="<?php echo $row->website; ?>" class="validate[required,length[0,100]] text-input" /> </div> <div> <label for="budget" class="name">Budget :</label> <?php echo $this->lists['budget'];?> </div> <div> <label for="idcuisine" class="cuisine" >Cuisine:</label> <?php echo $this->lists['cuisine'] ;?> <div> <label for="idcategory" class="category">Category:</label> <?php echo $this->lists['category'];?> </div> the lists of cuisine and category is not displaying properly. thanks.

    Read the article

  • What are the potential problems with exposing the Facebook API secret?

    - by genehack
    I'm writing a little web utility that posts status updates to Twitter and/or Facebook. That involved creating 'applications' with both those services in order to get API keys and 'secrets'. My question is how protected I really need to keep those secrets -- in order for this to work at all, you seem to need the secret to interact with the authentication part of the service to grant the app access to your account and/or grant it permission to post updates on your behalf. Facebook's documentation says to protect the secret, but at least one other Facebook utility distributes the API key and secret in the source. It's important to note: this isn't your standard Facebook 'application' that runs within the context of Facebook, nor is it a standard "desktop"-style compiled app -- it's a web-based application intended to be run on your own web server. The audience for this is probably small and somewhat more sophisticated than average -- so, one technical alternative would be to require people to obtain their own API key and secret to use the app. That seems like a lot of work, however, and a fairly large barrier to entry to anybody using this. Anybody know or have any insight on what sort of trouble I'm letting myself in for if I put both the secrets and the API keys in the config for my app and check it into Github for all the world to see?

    Read the article

  • Sqlite3 INSERT INTO Question × 377

    - by user316717
    Hi, My 1st post. I am creating an exercise app that will record the weight used and the number of "reps" the user did in 4 "Sets" per day over a period of 7 days so the user may view their progress. I have built the database table named FIELDS with 2 columns ROW and FIELD_DATA and I can use the code below to load the data into the db. But the code has a sql statement that says, INSERT OR REPLACE INTO FIELDS (ROW, FIELD_DATA)VALUES (%d, '%@'); When I change the statment to: INSERT INTO FIELDS (ROW, FIELD_DATA)VALUES (%d, '%@'); Nothing happens. That is no data is recorded in the db. Below is the code: #define kFilname @"StData.sqlite3" - (NSString *)dataFilePath { NSArray *paths = NSSearchPathForDirectoriesInDomains (NSDocumentDirectory, NSUserDomainMask, YES); NSString *documentsDirectory = [paths objectAtIndex:0]; return [documentsDirectory stringByAppendingPathComponent:kFilname]; } -(IBAction)saveData:(id)sender; { for (int i = 1; i <= 8; i++) { NSString *fieldName = [[NSString alloc]initWithFormat:@"field%d", i]; UITextField *field = [self valueForKey:fieldName]; [fieldName release]; NSString *insert = [[NSString alloc] initWithFormat: @"INSERT OR REPLACE INTO FIELDS (ROW, FIELD_DATA) VALUES (%d, '%@');",i, field.text]; // sqlite3_stmt *stmt; char *errorMsg; if (sqlite3_exec (database, [insert UTF8String], NULL, NULL, &errorMsg) != SQLITE_OK) { // NSAssert1(0, @"Error updating table: %s", errorMsg); sqlite3_free(errorMsg); } } sqlite3_close(database); } So how do I modify the code to do what I want? It seemed like a simple sql statement change at first but obviously there must be more. I am new to Objective-C and iPhone programming. I am not new to using sql statements as I have been creating web apps in ASP for a number of years. Any help will be greatly appreciated, this is driving me nuts! Thanks in advance Dave

    Read the article

  • jQuery - Cancel form submit (using "return false"?)?

    - by Nike
    Hey there. I'm running into a bit of trouble while trying to cancel the submit of a form. I've been following this tutorial (even though i'm not making a login script), and it seems to be working for him. Here's my form: <form action="index.php" method="post" name="pForm"> <textarea name="comment" onclick="if(this.value == 'skriv här...') this.value='';" onblur="if(this.value.length == 0) this.value='skriv här...';">skriv här...</textarea> <input class="submit" type="submit" value="Publicera!" name="submit" /> </form> And here's the jquery: $(document).ready(function() { $('form[name=pForm]').submit(function(){ return false; }); }); I've already imported jQuery in the header and i know it's working. My first thought was that it might be outdated, but it's actually "just" a year ago. So do anyone see what's wrong? Thanks in advance. EDIT: From what i've read the easiest and most appropriate way to abort the submit is to return false? But i can't seem to get it working. I've searched the forum and i've found several helpful threads but none of them actually works. I must be screwing something up.

    Read the article

  • I need help with a SQL query. Fetching an entry, it's most recent revision and it's fields.

    - by Tigger ate my dad
    Hi there, I'm building a CMS for my own needs, and finished planning my database layout. Basically I am abstracting all possible data-models into "sections" and all entries into one table. The final layout is as follows: Database diagram: I have yet to be allowed to post images, so here is a link to a diagram of my database. Entries (section_entries) are children of their section (sections). I save all edits to the entries in a new revision (section_entries_revisions), and also track revisions on the sections (section_revisions), in order to match the values of a revision, to the fields of the section that existed when the entry-revision was made. The section-revisions can have a number of fields (section_revision_fields) that define the attributes of entries in the section. There is a many-to-many relationship between the fields (section_revision_fields) and the entry-revisions (section_entry_revisions), that stores the values of the attributes defined by the section revision. Feel free to ask questions if the diagram is confusing. Now, this is the most complex SQL I've ever worked with, and the task of fetching my data is a little daunting. Basically what i want help with, is fetching an entry, when the only known variables are; section_id, section_entry_id. The query should fetch the most recent revision of that entry, and the section_revision model corresponding to section_revision_id in the section_entry_revisions table. It should also fetch the values of the fields in the section-revision. I was hoping for a query result, where there would be as many rows as fields in the section. Each row would contain the information of the entry and the section, and then information for one of the fields (e.g. each row corresponding to a field and it's value). I tried to explain the best I could. Again, feel free to ask questions if my description somehow lacking. I hope someone is up for the challenge. Best regards. :-)

    Read the article

  • Automated browser testing: How to test JavaScript in web pages?

    - by Dave
    I am trying to write an application that will test a series of web-pages programmatically. The web pages being tested have JavaScript embedded within them which alter the structure of the HTML when they complete execution. It is then the goal to take the final HTML (post-execution of the embedded JavaScript) and compare it against a known output. Essentially, the Input --- Output for the test application is: URL ---[retrieve HTML]--- HTML ---[execute JS, then compare]--- PASS/FAIL Here is the challenge: I have been unable to find a solution that is able to take the HTML I retrieve from the URL and process the JavaScript, as a browser would, and generate the final HTML a user might see from "View Source" on the same page within the browser. It would be very surprising if this sort of approach has not been made before, so I'm hoping someone out there knows of a fitting solution for this application/problem? If at all possible, I'm hoping for a solution that integrates with .NET (I've tried using the WebBrowser, with no luck). However, if there is an existing 3rd party application that can do exactly this, that would be quite acceptable. Thanks in advance for the suggestions! Dave

    Read the article

  • WordPress > Cannot get custom meta settings to change once set...

    - by Scott B
    The script below adds a custom meta box to the WordPress page editor interface. It lists two specific categories, "noindex" and "nofollow", which my custom theme automatically installs when the theme is activated. It works fine for selecting and assigning the categories to the page. However, if the user unchecks either of them, the settings do not stick. Once selected, they cannot be removed from the page, regardless if they are unchecked when the page is saved. <?php function my_post_categories_meta_box() { add_meta_box('categorydiv', __('Page Options'), 'post_categories_meta_box_modified', 'page', 'side', 'core'); } function post_categories_meta_box_modified($post) { $noindexCat = get_cat_ID('noindex'); $nofollowCat = get_cat_ID('nofollow'); if(in_category("noindex")){ $noindexChecked = " checked='checked'";} if(in_category("nofollow")){ $nofollowChecked = " checked='checked'";} ?> <div id="categories-all" class="ui-tabs-panel"> <ul id="categorychecklist" class="list:category categorychecklist form-no-clear"> <li id='category-<?php echo $noindexCat ?>' class="popular-category"><label class="selectit"><input value="<?php echo $noindexCat ?>" type="checkbox" name="post_category[]" id="in-category-<?php echo $noindexCat ?>"<?php echo $noindexChecked ?> /> noindex</label></li> <li id='category-<?php echo $nofollowCat ?>' class="popular-category"><label class="selectit"><input value="<?php echo $nofollowCat ?>" type="checkbox" name="post_category[]" id="in-category-<?php echo $nofollowCat ?>"<?php echo $nofollowChecked ?> /> nofollow</label></li> </ul> </div> <?php } add_action('admin_menu', 'my_post_categories_meta_box'); ?>

    Read the article

  • I want to show the child category name not the parent category name

    - by Vhal
    <div class="careerleft"> <?php query_posts('cat=9&paged='.get_query_var('paged')); ?> <?php if (have_posts()) : while (have_posts()) : the_post(); ?> <div <?php post_class() ?> id="post-<?php the_ID(); ?>"> <p class="career">"><?php the_title(); ?></p> <p>Category: <?php single_cat_title()?></p> <p>Date posted:<?php the_time('F j, Y') ?></p> </div> <?php endwhile; ?> <?php else : ?> <h2>Not Found</h2> <?php endif; ?> </div> I want to show the child category name, but when I used the , it only shows the parent category name. In my categories, the parent category name is "careers", and this category has 3 child category names which are Managerial, IT Related and Accounting. What will be the code to show the child category name?

    Read the article

  • click event working in Chrome but error in Firefox and IE

    - by Hunter Stanchak
    I am writing a messaging system with jquery. When you click on a thread title with the class '.open_message', It opens a thread with all the messages for that thread via Ajax. My issue is that when the thread title is clicked it is not recognizing the id attribute for that specific thread title in firefox and IE. It works fine in chrome, though. Here is the code: $('.open_message').on('click', function(e) { $(this).parent().removeClass('unread'); $(this).parent().addClass('read'); $('.message_container').html(''); var theID = e.currentTarget.attributes[0].value; theID = theID.replace('#', ''); var url = '".$url."'; var dataString = 'thread_id=' + theID; $('.message_container').append('<img id=\"loading\" src=\"' + url + '/images/loading.gif\" width=\"30px\" />'); $.ajax({ type: 'POST', url: 'get_thread.php', data: dataString, success: function(result) { $('#loading').hide(); $('.message_container').append(result); } }); return false; }); Thanks for the help!

    Read the article

  • Passing huge amounts of data as an hexadecimal (0x123AB...) parameter of a clr stored procedure in s

    - by user193655
    I post this question has followup of This question, since the thread is not recieving more answers. I'm trying to understand if it is possible to pass as a parameter of a CLR stored procedure a large amount of data as "0x5352532F...". This is to avoid to send the data directly to the CLR stored procedure, instead of sending ti to a temporary DB field and from there passing it as varbinary(max) parmeter to the CLR stored procedure. I have a triple question: 1) is it possible, if yes how? Let's say i want to pass a pdf file to the CLR stored procedure (not the path, the full bits that make up the file). Something like: exec MyCLRStoredProcs.dbo.insertfile @file_remote_path ='c:\temp\test_file.txt' , @file_contents=0x4D5A90000300000004000.... --(this long list is the file content) where insertfile is a stored proc that writes to the server path (at file_remote_path) the binary data I pass as (file_contents). 2) is it there corruption risk of adopting this approach (or it is the same approach that sql server uses behind the scenes)? 3) how to convert the content of a file into the "0x23423..." hexadecimal representation

    Read the article

  • Sinatra: rendering snippets (partials)

    - by Michael
    I'm following along with an O'Reilly book that's building a twitter clone with Sinatra. As Sinatra doesn't have 'partials' (in the way that Rails does), the author creates his own 'snippets' that work like partials. I understand that this is fairly common in Sinatra. Anyways, inside one of his snippets (see the first one below) he calls another snippet text_limiter_js (which is copied below). Text_limiter_js is basically a javascript function. If you look at the javascript function in text_limiter_js, you'll notice that it takes two parameters. I don't understand where these parameters are coming from because they're not getting passed in when text_limiter_js is rendered inside the other snippet. I'm not sure if I've given enough information/code for someone to help me understand this, but if you can, please explain. =snippet :'/snippets/text_limiter_js' %h2.comic What are you doing? %form{:method => 'post', :action => '/update'} %textarea.update.span-15#update{:name => 'status', :rows => 2, :onKeyDown => "text_limiter($('#update'), $('#counter'))"} .span-6 %span#counter 140 characters left .prepend-12 %input#button{:type => 'submit', :value => 'update'} text_limiter_js.haml :javascript function text_limiter(field,counter_field) { limit = 139; if (field.val().length > limit) field.val(field.val().substring(0, limit)); else counter_field.text(limit - field.val().length); }

    Read the article

  • Image error with wordpress and php

    - by bubdada
    It may seem stupid question, but i've a serious problem... if you could check out orcik.net the thumbnail images does not appear. I figured out the reason but I don't know how to solve.. http://orcik.net/projects/thumb/orcikthumb.php?src=http://orcik.net/wp-content/uploads/2010/05/mac-safari-search-cache.png If you go to the above link you will get page not found error. However, if you go to the link below you'll get the thumbnail version of the image... http://orcik.net/projects/thumb/orcikthumb.php?src=/wp-content/uploads/2010/05/mac-safari-search-cache.png I'm using this piece of code on wordpress and the line appears like <a href="<?php the_permalink() ?>" rel="bookmark"> <img src="<?php bloginfo('template_directory'); ?>/includes/orcikthumb.php?src=<?php get_thumbnail($post->ID, 'full'); ?>&amp;h=<?php echo get_theme_mod($height); ?>&amp;w=<?php echo get_theme_mod($width); ?>&amp;zc=1" alt="<?php the_title(); ?>" /> </a> Thus, I believe I can't change the directory of image. But I could not figure out why I am getting page not found error. Is that might be CHMOD'es??? or something else?? Thanks

    Read the article

  • Codeigniter xss_clean dilemma

    - by Henson
    I know this question has been asked over and over again, but I still haven't found the perfect answer for my liking, so here it goes again... I've been reading lots and lots polarizing comments about CI's xss_filter. Basically majority says that it's bad. Can someone elaborate how it's bad, or at least give 1 most probable scenario where it can be exploited? I've looked at the security class in CI 2.1 and I think it's pretty good as it doesn't allow malicious strings like document.cookie, document.write, etc. If the site has basically non-html presentation, is it safe to use global xss_filter (or if it's REALLY affecting performance that much, use it on per form post basis) before inserting to database ? I've been reading about pros and cons about whether to escape on input/output with majority says that we should escape on output only. But then again, why allow strings like <a href="javascript:stealCookie()">Click Me</a> to be saved in the database at all? The one thing I don't like is javascript: and such will be converted to [removed]. Can I extend the CI's security core $_never_allowed_str arrays so that the never allowed strings return empty rather than [removed]. The best reasonable wrongdoing example of this I've read is if a user has password of javascript:123 it will be cleaned into [removed]123 which means string like this document.write123 will also pass as the user's password. Then again, what is the odds of that to happen and even if it happens, I can't think of any real harm that can do to the site. Thanks

    Read the article

  • Rails Form Submission, User can't be blank

    - by pmanning
    I'm trying to create an event through an event form and I keep getting a form error that says "User can't be blank". The event needs a user_id to post a feed_item showing who created the event. Why can't this event get created? event.rb class Event < ActiveRecord::Base attr_accessible :description, :location, :title, :category_id, :start_date, :start_time, :end_date, :end_time, :image belongs_to :user belongs_to :category has_many :rsvps has_many :users, through: :rsvps, dependent: :destroy mount_uploader :image, ImageUploader validates :title, presence: true, length: { maximum: 60 } validates :user_id, presence: true create_events.rb (database) class CreateEvents < ActiveRecord::Migration def change create_table :events do |t| t.string :title t.date :start_date t.time :start_time t.date :end_date t.time :end_time t.string :location t.string :description t.integer :category_id t.integer :user_id t.timestamps end add_index :events, [:user_id, :created_at] end end events_controller.rb def new @event = Event.new @user = current_user end def create @event = current_user.events.build(params[:event]) if @event.save flash[:success] = "Sesh created!" redirect_to root_url else @feed_items = [] render 'static_pages/home' end end routes.rb SampleApp::Application.routes.draw do resources :users do member do get :following, :followers, :events end end resources :events do member do get :members end end root to: 'static_pages#home' events/new.html.erb <%= form_for @event, :html => {:multipart => true} do |f| %> <%= render 'shared/error_messages', object: @event %>

    Read the article

  • Incorrect usage of UPDATE and ORDER BY

    - by nico55555
    I have written some code to update certain rows of a table with a decreasing sequence of numbers. To select the correct rows I have to JOIN two tables. The last row in the table needs to have a value of 0, the second last -1 and so on. To achieve this I use ORDER BY DESC. Unfortunately my code brings up the following error: Incorrect usage of UPDATE and ORDER BY My reading suggests that I can't use UPDATE, JOIN and ORDER BY together. I've read that maybe subqueries might help? I don't really have any idea how to change my code to do this. Perhaps someone could post a modified version that will work? while($row = mysql_fetch_array( $result )) { $products_id = $row['products_id']; $products_stock_attributes = $row['products_stock_attributes']; mysql_query("SET @i = 0"); $result2 = mysql_query("UPDATE orders_products op, orders ord SET op.stock_when_purchased = (@i:=(@i - op.products_quantity)) WHERE op.orders_id = ord.orders_id AND op.products_id = '$products_id' AND op.products_stock_attributes = '$products_stock_attributes' AND op.stock_when_purchased < 0 AND ord.orders_status = 2 ORDER BY orders_products_id DESC") or die(mysql_error()); }

    Read the article

  • submit in html on sql query

    - by user1644661
    i need to run this sql query , which give me a list of Id and Dates i want to click each result and take with me the Id value to the next form i wrote this query above but i see in the debager that the hidden ID get his value but not pass to the next form i think i have a problem with the submit() . where should i put him ? thanks anat function ShowAllCarts($user_email) { $connB = new ProductDAO(); $connB->Connect(); $pro_query = "SELECT * FROM Cart WHERE `Email`='$user_email';"; $db_result = $connB->ExecSQL($pro_query); $html_result = '<div data-role="content"> <ul data-role="listview" data-theme="b"> '; $html_result .= '<form action="PreviouscartProduct.php" method="POST"/>'; while($row_array = $db_result->fetch_array(MYSQLI_ASSOC)) { $Id= $row_array['Id']; $Date= $row_array['Date']; //$html_result // $html_result .="<li><a href='PreviouscartProduct.php'>Cart number: $Id from Date: $Date><input type='hidden' name='Id' value'<?=$Id?>'</input></a></li>'"; $html_result .= '<a onclick="this.form.submit();" </a>; } $html_result .= ' </ul> </div>'; $html_result .= '</form>'; $connB->Disconnect(); return $html_result; } //display all carts $func_result = ShowAllCarts($Email);

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 714 715 716 717 718 719 720 721 722 723 724 725  | Next Page >