Search Results

Search found 4253 results on 171 pages for 'mark funk'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 72/171 | < Previous Page | 68 69 70 71 72 73 74 75 76 77 78 79  | Next Page >

  • Java website protection solutions (especially XSS)

    - by Mark
    I'm developing a web application, and facing some security problems. In my app users can send messages and see other's (a bulletin board like app). I'm validating all the form fields that users can send to my app. There are some very easy fields, like "nick name", that can be 6-10 alpabetical characters, or message sending time, which is sended to the users as a string, and then (when users ask for messages, that are "younger" or "older" than a date) I parse this with SimpleDateFormat (I'm developing in java, but my question is not related to only java). The big problem is the message field. I can't restrict it to only alphabetical characters (upper or lowercase), because I have to deal with some often use characters like ",',/,{,} etc... (users would not be satisfied if the system didn't allow them to use these stuff) According to this http://ha.ckers.org/xss.html, there are a lot of ways people can "hack" my site. But I'm wondering, is there any way I can do to prevent that? Not all, because there is no 100% protection, but I'd like a solution that can protect my site. I'm using servlets on the server side, and jQuery, on the client side. My app is "full" AJAX, so users open 1 JSP, then all the data is downloaded and rendered by jQuery using JSON. (yeah, I know it's not "users-without-javascript" friendly, but it's 2010, right? :-) ) I know front end validation is not enough. I'd like to use 3 layer validation: - 1. front end, javascript validate the data, then send to the server - 2. server side, the same validation, if there is anything, that shouldn't be there (because of client side javascript), I BAN the user - 3. if there is anything that I wasn't able to catch earlier, the rendering process handle and render appropriately Is there any "out of the box" solution, especially for java? Or other solution that I can use?

    Read the article

  • Android: How to periodically send location to a server

    - by Mark
    Hi, I am running a Web service that allows users to record their trips (kind of like Google's MyTracks) as part of a larger app. The thing is that it is easy to pass data, including coords and other items, to the server when a user starts a trip or ends it. Being a newbie, I am not sure how to set up a background service that sends the location updates once every (pre-determined) period (min 3 minutes, max 1 hr) until the user flags the end of the trip, or until a preset amount of time elapses. Once the trip is started from the phone, the server responds with a polling period for the phone to use as the interval between updates. This part works, in that I can display the response on the phone, and my server registers the user's action. Similarly, the trip is closed server-side upon the close trip request. However, when I tried starting a periodic tracking method from inside the StartTrack Activity, using requestLocationUpdates(String provider, long minTime, float minDistance, LocationListener listener) where minTime is the poll period from the server, it just did not work, and I'm not getting any errors. So it means I'm clueless at this point, never having used Android before. I have seen many posts here on using background services with handlers, pending intents, and other things to do similar stuff, but I really don't understand how to do it. I would like the user to do other stuff on the phone while the updates are going on, so if you guys could point me to a tutorial that shows how to actually write background services (maybe these run as separate classes?) or other ways of doing this, that would be great. Thanks!

    Read the article

  • Using SSIS, how do you read a datetime field into a variable that is of Data Type string?

    - by Mark Kadlec
    This one has bugged me for the longest time and a great question to ask the Stackoverflow users I think. I have a rather large SSIS flow that uses a string variable to store the datetime. I would now like to dynamically read the datetime value from the database, but how would you construct the SSIS to do this? My first obvious thought would be to simply execute a SQL task to get the datetime and store it in the variable, but got the "differs from the current variable type" error. Is there a simple way to convert the database datetime into a String variable? Any help from the community would be appreciated,

    Read the article

  • hibernate insert to a collection causes a delete then all the items in the collection to be inserted

    - by Mark
    I have a many to may relationship CohortGroup and Employee. Any time I insert an Employee into the CohortGroup hibernate deletes the group from the resolution table and inserts all the members again, plus the new one. Why not just add the new one? The annotation in the Group: @ManyToMany(cascade = { PERSIST, MERGE, REFRESH }) @JoinTable(name="MYSITE_RES_COHORT_GROUP_STAFF", joinColumns={@JoinColumn(name="COHORT_GROUPID")}, inverseJoinColumns={@JoinColumn(name="USERID")}) public List<Employee> getMembers(){ return members; } The other side in the Employee @ManyToMany(mappedBy="members",cascade = { PERSIST, MERGE, REFRESH } ) public List<CohortGroup> getMemberGroups(){ return memberGroups; } Code snipit Employee emp = edao.findByID(cohortId); CohortGroup group = cgdao.findByID(Long.decode(groupId)); group.getMembers().add(emp); cgdao.persist(group); below is the sql reported in the log delete from swas.MYSITE_RES_COHORT_GROUP_STAFF where COHORT_GROUPID=? insert into swas.MYSITE_RES_COHORT_GROUP_STAFF (COHORT_GROUPID, USERID) values (?, ?) insert into swas.MYSITE_RES_COHORT_GROUP_STAFF (COHORT_GROUPID, USERID) values (?, ?) insert into swas.MYSITE_RES_COHORT_GROUP_STAFF (COHORT_GROUPID, USERID) values (?, ?) insert into swas.MYSITE_RES_COHORT_GROUP_STAFF (COHORT_GROUPID, USERID) values (?, ?) insert into swas.MYSITE_RES_COHORT_GROUP_STAFF (COHORT_GROUPID, USERID) values (?, ?) insert into swas.MYSITE_RES_COHORT_GROUP_STAFF (COHORT_GROUPID, USERID) values (?, ?) This seams really inefficient and is causing some issues. If sevral requests are made to add an employee to the group then some get over written.

    Read the article

  • Are PDO prepared statements sufficient to prevent SQL injection?

    - by Mark Biek
    Let's say I have code like this: $dbh = new PDO("blahblah"); $stmt = $dbh->prepare('SELECT * FROM users where username = :username'); $stmt->execute( array(':username' => $_REQUEST['username']) ); The PDO documentation says The parameters to prepared statements don't need to be quoted; the driver handles it for you. Is that truly all I need to do to avoid SQL injections? Is it really that easy? You can assume MySQL if it makes a difference. Also, I'm really only curious about the use of prepared statements against SQL injection. In this context, I don't care about XSS or other possible vulnerabilities.

    Read the article

  • Restoring web reference in Visual Studio 2008

    - by Mark Cheeseborough
    I had a web reference set in my VS2008 ASP.NET project, but due to some source control weirdness it is no longer listed in the project. I have the set of files in the Web References folder under my project. There's a .wsdl, .disco and several .datasource files. Is there any way to re-add this web reference through the existing files rather than using the "Add Web Reference" dialog?

    Read the article

  • measuring uncertainty in matlabs svmclassify

    - by Mark
    I'm doing contextual object recognition and I need a prior for my observations. e.g. this space was labeled "dog", what's the probability that it was labeled correctly? Do you know if matlabs svmclassify has an argument to return this level of certainty with it's classification? If not, matlabs svm has the following structures in it: SVM = SupportVectors: [11x124 single] Alpha: [11x1 double] Bias: 0.0915 KernelFunction: @linear_kernel KernelFunctionArgs: {} GroupNames: {11x1 cell} SupportVectorIndices: [11x1 double] ScaleData: [1x1 struct] FigureHandles: [] Can you think of any ways to compute a good measure of uncertainty from these? (Which support vector to use?) Papers/articles explaining uncertainty in SVMs welcome. More in depth explanations of matlabs SVM are also welcome. If you can't do it this way, can you think of any other libraries with SVMs that have this measure of uncertainty?

    Read the article

  • How to set utf8 in the auto-generated PHP code of flash builder 4 ?

    - by Mark
    HI, PHP problem here (I think): I've just created a Flex (Flash Builder) project with a datagrid linked to a database - the database is all utf8. When I run the project using the auto-generated code in flex4, the non-English part comes like ????? while the English part comes fine. The auto-generated PHP code uses mysqli. I've tried: $this->connection->set_charset('utf8'); or mysqli_query($this->connection,"SET NAMES utf8"); I also tried writing the code myself (I'm not a PHP guy): mysql_query("set names utf8"); was fine - but that's mysql and not mysqli (that's an "i" after the mysql) and I want to use the auto-generated code... any help is appreciated.

    Read the article

  • How do I clear a WebView's content before loading a page?

    - by Mark
    I have an embedded WebView in my Cocoa application in which I load an external web page. Each time the user clicks on a button, the view opens and shows the page. The problem is that the second time the user opens the WebView, the previous page is still visible. Instead I'd like to show a blank/empty page (together with a progress indicator). How can I clear a WebView before loading a new page? The closest solution I could find was to call this: [webView stringByEvaluatingJavaScriptFromString:@"document.open();document.close()"]; Is there a better way to do this? Thanks!

    Read the article

  • jquery expanding menu+show/hide+multiple instances

    - by mark
    Hi, I have 2 scripts working ok separately but can't get them working together - What I'm after is expanding menus where if the items exceed 10 a 'more' link appears that expands the list, which can also then be hidden. http://www.brianfitzer.ie/test2/ expanding menu is file test12.html toggle+limit: toggle is file test13.html (I have these working separately) And then I need this to be able to be applied in multiple instances as I'll have multiple categories. Any code help greatly appreciated! (i'm a jquery newbie so if you have full code that would be xtra handy)

    Read the article

  • Silverlight: Is it possible to use custom mouse cursors/pointers?

    - by Mark Redman
    I have just found this page indicating the support for Silverlight mouse cursors: http://msdn.microsoft.com/en-us/library/system.windows.input.cursor(VS.95).aspx Is that it!!! :-| what are they thinking, at least there is stylish looking Eraser! Is there aany other way to use custom cursors? How efficient/usable would it be to hide the cursor and show a png instead?

    Read the article

  • How to add an additional field to a queryset?

    - by Mark
    I've got a list of affiliates (users who have referred someone to the site): affiliates = User.objects.annotate(referral_count=Count('referrals')).filter(referral_count__gt=0) And a count of the number of users each affiliate has referred within a time frame: new_users = User.objects.filter(date_joined__gt=sd, date_joined__lte=ed) new_referrals = User.objects.filter(referrals__user__in=new_users).annotate(referral_count=Count('referrals')) How can I do something like new_referrals['affiliate.username'].referral_count from within my template? Note that this is not just a syntax issue, I also need to index new_referrals somehow so that I'm able to do this. Either this, or if I can somehow add a new_referral_count to the first query, that'd work too.

    Read the article

  • How do I convert a simple ruby flashcard program into a ROR app?

    - by Mark Wilbur
    What I'm trying to do is make a basic flashcard app on rails. At this point, all I'm looking for is the functionality to iterate through a list of flashcards, quiz the user and let the user know if they were right or not. In ruby, it didn't take me long to write: class Card attr_accessor :answer, :question def initialize(answer = "", question="") @answer = answer @question = question end def quiz puts "What does #@question mean?" answer = gets.chomp if answer == @answer puts "Right" return true else puts "Wrong" return answer end end end class Cardlist attr_accessor :Cards def initialize(Cards = []) @Cards = Cards end def quiz Cards.each do |w| w.quiz end end end The problem I'm having with rails is figuring out where to put the logic to loop through all the cards in the list. I've made models specifying that Card belongs_to cardlist and that Cardlist has_many cards. I know application logic should go in the controller, but if I were to make a "quiz" action for my Cardlist controller, how would I make it iterate through all the cards? After each "quiz" page generated, I'd need to get an answer back from the user, respond (maybe flash) whether it was right or not and then continue onto the next question. Would any of that logic have to go into the view in order to make sure it's sending back the user inputted answers to the controller?

    Read the article

  • Need Help with .NET OpenId HttpHandler

    - by Mark E
    I'm trying to use a single HTTPHandler to authenticate a user's open id and receive a claimresponse. The initial authentication works, but the claimresponse does not. The error I receive is "This webpage has a redirect loop." What am I doing wrong? public class OpenIdLogin : IHttpHandler { private HttpContext _context = null; public void ProcessRequest(HttpContext context) { _context = context; var openid = new OpenIdRelyingParty(); var response = openid.GetResponse(); if (response == null) { // Stage 2: user submitting Identifier openid.CreateRequest(context.Request.Form["openid_identifier"]).RedirectToProvider(); } else { // Stage 3: OpenID Provider sending assertion response switch (response.Status) { case AuthenticationStatus.Authenticated: //FormsAuthentication.RedirectFromLoginPage(response.ClaimedIdentifier, false); string identifier = response.ClaimedIdentifier; //****** TODO only proceed if we don't have the user's extended info in the database ************** ClaimsResponse claim = response.GetExtension<ClaimsResponse>(); if (claim == null) { //IAuthenticationRequest req = openid.CreateRequest(identifier); IAuthenticationRequest req = openid.CreateRequest(Identifier.Parse(identifier)); var fields = new ClaimsRequest(); fields.Email = DemandLevel.Request; req.AddExtension(fields); req.RedirectingResponse.Send(); //Is this correct? } else { context.Response.ContentType = "text/plain"; context.Response.Write(claim.Email); //claim.FullName; } break; case AuthenticationStatus.Canceled: //TODO break; case AuthenticationStatus.Failed: //TODO break; } } }

    Read the article

  • How do you determine how coarse or fine-grained a 'responsibility' should be when using the single r

    - by Mark Rogers
    In the SRP, a 'responsibility' is usually described as 'a reason to change', so that each class (or object?) should have only one reason someone should have to go in there and change it. But if you take this to the extreme fine-grain you could say that an object adding two numbers together is a responsibility and a possible reason to change. Therefore the object should contain no other logic, because it would produce another reason for change. I'm curious if there is anyone out there that has any strategies for 'scoping', the single-responsibility principle that's slightly less objective?

    Read the article

  • PHPUnit test for error thrown with wrong argument type

    - by Spencer Mark
    I'm just starting with PHPUnit and am ok with all assert* methods, but can't figure out how to test for error thrown when the wrong argument is provided to the method - say hinted with array like so: public function(array $list) { } and then tested with null as argument. Could someone please provide an example of how to test for this sort of errors? I've checked quite a few posts on stackoverflow, but couldn't find the answer to this specific issue. Edit Ok - just to give you an idea of what I'm testing - here's the ArrayHelper::removeIfValueIsEmpty() method: public static function removeIfValueIsEmpty(array $array) { if (empty($array)) { return array(); } return array_filter($array, function($value) { return !Helper::isEmpty($value); }); } and now test: class ArrayHelperTest extends PHPUnit_Framework_TestCase { public function testRemoveIfValueIsEmpty() { $this->assertEmpty( \Cmd\Helper\ArrayHelper::removeIfValueIsEmpty(null), '\Cmd\Helper\ArrayHelper::removeIfValueIsEmpty method failed (checking with null as argument)' ); } } This throws an error: PHPUnit_Framework_Error : Argument 1 passed to Cmd\Helper\ArrayHelper::removeIfValueIsEmpty() must be of the type array, null given

    Read the article

  • rails - caches_action expire_action

    - by mark
    Hi I want to expire a cached action and wondered how to generate the correct reference. #controller caches_action :index, :layout => false #generates this fragment which works fine views/0.0.0.0:3000/article/someid/posts #sweeper ... expire_action article_posts_path(:article_id => post.article) # results in this Expired fragment: views//en/article/someid/posts (0.0ms) So this is almost ok, except the host is missing. What do I do that supplies this to the expire_action method? Thanks in advance.

    Read the article

  • TCP Socket.Connect is generating false positives

    - by Mark
    I'm experiencing really weird behavior with the Socket.Connect method in C#. I am attempting a TCP Socket.Connect to a valid IP but closed port and the method is continuing as if I have successfully connected. When I packet sniffed what was going on I saw that the app was receiving RST packets from the remote machine. Yet from the tracing that is in place it is clear that the connect method is not throwing an exception. Any ideas what might be causing this? The code that is running is basically this IPEndPoint iep = new IPEndPoint(System.Net.IPAddress.Parse(m_ipAddress), m_port); Socket tcpSocket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp); tcpSocket.Connect(iep); To add to the mystery... when running this code in a stand alone console application, the result is as expected – the connect method throws an exception. However, when running it in the Windows Service deployment we have the connect method does not throw an exception. Edit in response to Mystere Man's answer How would the exception be swallowed? I have a Trace.WriteLine right above the .Connect method and a Trace.WriteLine right under it (not shown in the code sample for readability). I know that both traces are running. I also have a try catch around the whole thing which also does a Trace.Writeline and I don't see that in the log files anywhere. I have also enabled the internal socket tracing as you suggested. I don't see any exceptions. I see what appears to be successful connections. I am trying to identify differences between the windows service app and the diagnostic console app I made. I am running out of ideas though End edit Thanks

    Read the article

  • How can I quickly sum all numbers in a file?

    - by Mark Roberts
    I have a file which contains several thousand numbers, each on it's own line: 34 42 11 6 2 99 ... I'm looking to write a script which will print the sum of all numbers in the file. I've got a solution, but it's not very efficient. (It takes several minutes to run.) I'm looking for a more efficient solution. Any suggestions?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 68 69 70 71 72 73 74 75 76 77 78 79  | Next Page >