Search Results

Search found 42115 results on 1685 pages for 'access management'.

Page 726/1685 | < Previous Page | 722 723 724 725 726 727 728 729 730 731 732 733 | Next Page >

best way to get new access_token using PHP sdk

- by randy

I am getting the error "An active access token must be used to query information about the current user". There seems to be tons of articles and ideas, but am very confused and it seems that things are changing as well. A lot say to use offline-access but that appears to be going away. I did find this article. Does anyone have an example using the PHP SDK? I tried doing something like the below but it does not seem to work; $FBuser is still zero: $token_url = "https://graph.facebook.com/oauth/access_token?" . "client_id=" . FB_APP_ID . "&client_secret=" . FB_APP_SECRET . "&grant_type=client_credentials"; list($name, $ACCESS_TOKEN) = explode("=", file_get_contents($token_url) ); $facebook->setAccessToken(ACCESS_TOKEN); $FBuser = $facebook->getUser();

Read the article
Accessing ArrayBuffer from PHP $_POST after xmlHTTPrequest send()

- by Dan

I'm following the tuitions on XMLHttpRequest 2 from : https://developer.mozilla.org/en/DOM/XMLHttpRequest/Sending_and_Receiving_Binary_Data and http://www.html5rocks.com/en/tutorials/file/xhr2/#toc-send-arraybuffer They're great tutorials for the client side, and here is a working extract from my script: var imagebuffer = new ArrayBuffer(size); // create the readonly memory buffer var imagedata= new Uint8Array(imagebuffer); // create a view to manipulate data // do some cool stuff with imagedata var exchange=new XMLHttpRequest(); exchange.open("POST",url,true); exchange.send(arraybuffer); So far so good, and I can see from the both client and server control panels that plenty of data is being transferred. Here's my problem: how do I access the ArrayBuffer with PHP at the server? I'm used to the $_POST superglobal wanting parameters passing from a HTML form so it can be accessed as an array but I can't find any reference for how to access this binary array and stick it in my MySQL database.

Read the article
Does ASP.net Report Viewer / Reports require Reporting Services on SQL server

- by soldieraman

I have an application that makes use of Report Viewer and Report (.rdlc) files. Does this mean that I need to have "Reporting Services" installed on my SQL server?? Also would not having "SQL Server Analysis services" affect me any way I want to make sure I keep using - SQL Server Profiler - SQL Server Agent - create and run management tasks - Reporting services if the first question's answer is true.

Read the article
javascript prototype errors

- by vakas

i am sending ajax requests after 5 seconds and i have 3 types of requests to send but after few request it starts errrors 401 access denied 501 how to overcome dis

Read the article
UTF-8 GET using Indy 10.5.8.0 and Delphi XE2

- by Bogdan Botezatu

I'm writing my first Unicode application with Delphi XE2 and I've stumbled upon an issue with GET requests to an Unicode URL. Shortly put, it's a routine in a MP3 tagging application that takes a track title and an artist and queries Last.FM for the corresponding album, track no and genre. I have the following code: function GetMP3Info(artist, track: string) : TMP3Data //<---(This is a record) var TrackTitle, ArtistTitle : WideString; webquery : WideString; [....] WebQuery := UTF8Encode('http://ws.audioscrobbler.com/2.0/?method=track.getcorrection&api_key=' + apikey + '&artist=' + artist + '&track=' + track); //[processing the result in the web query, getting the correction for the artist and title] // eg: for artist := Bucovina and track := Mestecanis, the corrected values are //ArtistTitle := Bucovina; // TrackTitle := Mestecani?; //Now here is the tricky part: webquery := UTF8Encode('http://ws.audioscrobbler.com/2.0/?method=track.getInfo&api_key=' + apikey + '&artist=' + unescape(ArtistTitle) + '&track=' + unescape(TrackTitle)); //the unescape function replaces spaces (' ') with '+' to comply with the last.fm requests [some more processing] end; The webquery looks in a TMemo just right (http://ws.audioscrobbler.com/2.0/?method=track.getInfo&api_key=e5565002840xxxxxxxxxxxxxx23b98ad&artist=Bucovina&track=Mestecani?) Yet, when I try to send a GET() to the webquery using IdHTTP (with the ContentEncoding property set to 'UTF-8'), I see in Wireshark that the component is GET-ing the data to the ANSI value '/2.0/?method=track.getInfo&api_key=e5565002840xxxxxxxxxxxxxx23b98ad&artist=Bucovina&track=Mestec?ni?' Here is the full headers for the GET requests and responses: GET /2.0/?method=track.getInfo&api_key=e5565002840xxxxxxxxxxxxxx23b98ad&artist=Bucovina&track=Mestec?ni? HTTP/1.1 Content-Encoding: UTF-8 Host: ws.audioscrobbler.com Accept: text/html, */* Accept-Encoding: identity User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.23) Gecko/20110920 Firefox/3.6.23 SearchToolbar/1.22011-10-16 20:20:07 HTTP/1.0 400 Bad Request Date: Tue, 09 Oct 2012 20:46:31 GMT Server: Apache/2.2.22 (Unix) X-Web-Node: www204 Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST, GET, OPTIONS Access-Control-Max-Age: 86400 Cache-Control: max-age=10 Expires: Tue, 09 Oct 2012 20:46:42 GMT Content-Length: 114 Connection: close Content-Type: text/xml; charset=utf-8; <?xml version="1.0" encoding="utf-8"?> <lfm status="failed"> <error code="6"> Track not found </error> </lfm> The question that puzzles me is am I overseeing anything related to setting the property of the tidhttp control? How can I stop the well-formated URL i'm composing in the application from getting wrongfully sent to the server? Thanks.

Read the article
Limited user premissions in team foundation server

- by Alex James

Can I setup Team Foundation Server in such a manner that every uer have only access to some source code files?

Read the article
Magento - zend - backend error

- by user325659

I get the following error when i am logged into the backend in magento Fatal error: Interface 'Zend_Http_Client_Adapter_Interface' not found in /homepages/45/d210005774/htdocs/websitename/lib/Varien/Http/Adapter/Curl.php on line 176 Also i got this error previously in my index management section in magento Fatal error: Call to undefined method Zend_Locale_Data::disableCache() in /homepages/45/d210005774/htdocs/websitename/lib/Zend/Locale/Format.php on line 153 Could anyone help me out with this? I think the problem is to do with zend framework but i am not sure whats causing this

Read the article
What are best practices for securing the admin section of a website?

- by UpTheCreek

I'd like to know what people consider best practice for securing the Admin sections of websites, specifically from an authentication/access point of view. Of course there are obvious things, such as using SSL and logging all access, but I'm wondering just where above these basic steps people consider the bar to be set. For example: Are you just relying on the same authentication mechanism that you use for normal users? If not, what? Are you running the Admin section in the same 'application domain'? What steps do you take to make the admin section undiscovered? (or do you reject the while 'obscurity' thing)

Read the article
Load Balancing and Failover for Read-Only PostgreSQL Database

- by Eric J.

Scenario Multiple application servers host web services written in Java, running in SpringSource dm Server. To implement a new requirement, they will need to query a read-only PostgreSQL database. Issue To support redundancy, at least two PostgreSQL instances will be running. Access to PostgreSQL must be load balanced and must auto-fail over to currently running instances if an instance should go down. Auto-discovery of newly running instances is desirable but not required. Research I have reviewed the official PostgreSQL documentation on this issue. However, that focuses on the more general case of read/write access to the database. Top google results tend to lead to older newsgroup messages or dead projects such as Sequoia or DB Balancer, as well as one active project PG Pool II Question What are your real-world experiences with PG Pool II? What other simple and reliable alternatives are available?

Read the article
Multitenant shared user account?

- by jpartogi

Dear all, Based on your experience, which is the route to go for a multi-tenant user login? One user login per account. Which means if there is one user that has access to multiple account, there will be redundancy of record in the database One user login for all account that she has privileges to. Which means one user record has access to multiple account if she has privileges to that account. From your experience, which one is better and why? I was thinking to choose the latter, but I don't know whether it will cause security issue or less flexibility. Thank you for sharing your experience.

Read the article
Generating custom-form documents from base-form plus XML?

- by KlaymenDK

Hi all, this is my first stack overflow, and it's a complex one. Sorry. My task is to generate custom documents from a basic template plus some XML without having a custom form design element for each case. Here's the whole picture: We are building a Lotus Notes (client, not web) application for world-wide application access control; the scope is something like 400.000 users being able to request access to any of 1000+ applications. Each application needs its own request form -- different number of approvers, various info required, that sort of thing. We simply can't have a thousand forms in a database (one per application), and anyway their maintenance really needs to be pushed from the developers to the application owners. So instead of custom forms, we'd like to create a generic "template" form that stores a block of basic fields, but then allows application owners to define another block of fields dynamically -- "I want a mandatory plain-text field named 'Name' here, and then a date field named 'Due' here that must be later than today's date, and then ...". I hope this makes sense (if not, think of it as a generic questionnaire application). I pretty much have the structure in place for designing the dynamic fields (form builder GUI - XML-encoded data - pre-rendered DXL for injecting into a form), including mark-up for field types, value options, and rudimentary field validation instructions. My problem is generating a document with this dynamic content injected at the proper location (without needing a custom form design element for each case). Doing the dynamic content via HTML is out. The Notes client web rendering is simply way too poor, and it would be quite a challenge to implement things like field validation instructions, date selectors, and name look-ups. DXL, on the other hand, would allow us to use native Notes fields and code. As a tech demo, I've managed to implement a custom form generator that injects the pre-rendered DXL for the dynamic content into a base form; but as I said, we don't want a ton of custom form design elements. I've tried to implement a way to create a document with the "store form in document" flag set, but once I've created the document from the base form, I can't get DXL access to the stored form design, and so I can't inject my dynamic content. I know this is not something Notes was ever intended to do. Has anyone ever tried something like it (and gotten away with it)? Thanks for reading this far. With a boatload of thanks in advance, Jan Gundtofte-Bruun

Read the article
IE8 no honoring display:none

- by user357034

I have the following markup on a page and unfortunately I do not have direct access to it. . This page is opened in an iframe. There is other code on the page but it is not relevant so I have not posted it. The only access to target the code in via css. I want to not display the close button so I added this to the css file img[alt='Close'] {display:none !important;} this is the markup <td align="center"><a href='javascript:window.close()'><img src='v/vspfiles/templates/100/images/buttons/btn_close.gif' alt='Close' border=0></a></td> It works as expected in all browsers that i have tested (firefox, Opera, Safari) but in IE8 it seems to ignore this css and shows the button. Not sure if it doesn't like the selector or perhaps I have a syntax error. Not sure where to go from here.

Read the article
PHP can be exclusively accessed by SWF

- by brett

I'm not sure how to describe this, but basically I have a PHP class file: class HelloHello { public function getSomeData($input_parameter){ // code to retrieve data from the database } public function deleteSomeData($input_parameter){ // code to delete data from the database } } This class is on the server and is part of the backend that connects with a database, and it's meant to be accessed by the frontend SWF only (not to be directly accessed). I've setup Flex to read this class and access it. But how do I make sure that someone doesn't develop a script that can call this php file directly and access its methods? For example using a script to add data in a fast automated way, or use the delete method directly, ouch. Is this a legitimate concern, or this can't be done?

Read the article
Iterating 'Active' View Controllers

- by ISDi

Ola Folks, In an iPhone application I am displaying different views by using the addSubView:SomeViewController.view method. I want to be able to, at the very least, log the view controllers that are in the view hierarchy that is being displayed. I would prefer to be able to get a handle to a specific view controller. I know how to iterate the views, I just do not see how to access the view controllers of those views. I am looking for something that will give me the type of access to the view controllers that UINavigationController::ViewControllers does. I thought I could get away with: for (UIViewController* oVC in [self.view subviews]) but this is not having the intended effect. If someone has a way of doing this, please share it with me. -isdi-

Read the article
Free version control services?

- by thr

What free version control service would you recommend? I'm not looking for a complete project management service like Sourceforge, just something so I don't have to run a SVN/GIT server myself.

Read the article
Receive and Process Email with ASP.NET / C# [closed]

- by Arthur Chaparyan

Possible Duplicates: Recommendations for a .NET component to access an email inbox coding for how to receive a mail in windows apllication What methods are there for having .NET code run and handle e-mails as they arrive? I'm developing a social networking site that will allow users to send an email to an email address that is for posting. This is the same thing Blogger does. This allows me to take a picture with my phone and send it to [email protected] and have it posted to my profile. The site is running IIS6 and I have full access to the server. Emails are currently being processed using the SMTP service that comes with Windows 2003 Server, but I can switch to another system without any issues. I am assuming I would have to somehow have the incoming emails either go into a folder that my application is watching or cause incoming emails to trigger a script. can anyone point me in the right direction?

Read the article
SELECT INTO or Stored Procedure?

- by Kerry

Would this be better as a stored procedure or leave it as is? INSERT INTO `user_permissions` ( `user_id`, `object_id`, `type`, `view`, `add`, `edit`, `delete`, `admin`, `updated_by_user_id` ) SELECT `user_id`, $object_id, '$type', 1, 1, 1, 1, 1, $user_id FROM `user_permissions` WHERE `object_id` = $object_id_2 AND `type` = '$type_2' AND `admin` = 1 You can think of this with different objects, lets say you have groups and subgroups. If someone creates a subgroup, it is making everyone who had access to the parent group now also have access to the subgroup. I've never made a stored procedure before, but this looks like it might be time. This call be probably be called very often. Should I be creating a procedure or will the performance be insignificant?

Read the article
How to store private pictures and videos in Ruby on Rails

- by TK

Here's a story: User A should be able to upload an image. User A should be able to set a privacy. ("Public" or "Private"). User B should not be able to access "Private" images of User A. I'm planning to user Paperclip for dealing with uploads. If I store the images under "RAILS_ROOT/public/images", anyone who could guess the name of the files might access the files. (e.g., accessing http://example.com/public/images/uploads/john/family.png ) I need to show the images using img tags, so I cannot place a file except public. How can I ensure that images of a user or group is not accessible by others?

Read the article
iPhone Wax accessing already instantiated classes

- by John Smith

I am trying to access already instantiated OBjC classes via Lua. How can I do it?

Read the article
Can you set SQL Server permissions from a Silverlight app?

- by Paul Smith

Is it possible to create a Silverlight application which can be used to provide a nice user interface for managing SQL Server permissions? We want to create a simple admin app to allow certain users to create new users, disable old users, and manage specific permissions for those users, but we feel that SQL Server Management Studio is perhaps too complex.

Read the article
What are the weaknesses of this user authentication method?

- by byronh

I'm developing my own PHP framework. It seems all the security articles I have read use vastly different methods for user authentication than I do so I could use some help in finding security holes. Some information that might be useful before I start. I use mod_rewrite for my MVC url's. Passwords are sha1 and md5 encrypted with 24 character salt unique to each user. mysql_real_escape_string and/or variable typecasting on everything going in, and htmlspecialchars on everything coming out. Step-by step process: Top of every page: session_start(); session_regenerate_id(); If user logs in via login form, generate new random token to put in user's MySQL row. Hash is generated based on user's salt (from when they first registered) and the new token. Store the hash and plaintext username in session variables, and duplicate in cookies if 'Remember me' is checked. On every page, check for cookies. If cookies set, copy their values into session variables. Then compare $_SESSION['name'] and $_SESSION['hash'] against MySQL database. Destroy all cookies and session variables if they don't match so they have to log in again. If login is valid, some of the user's information from the MySQL database is stored in an array for easy access. So far, I've assumed that this array is clean so when limiting user access I refer to user.rank and deny access if it's below what's required for that page. I've tried to test all the common attacks like XSS and CSRF, but maybe I'm just not good enough at hacking my own site! My system seems way too simple for it to actually be secure (the security code is only 100 lines long). What am I missing? I've also spent alot of time searching for the vulnerabilities with mysql_real_escape string but I haven't found any information that is up-to-date (everything is from several years ago at least and has apparently been fixed). All I know is that the problem was something to do with encoding. If that problem still exists today, how can I avoid it? Any help will be much appreciated.

Read the article
Requesting a website by client side script = Cross Side Scripting Hack. But requesting a website by

- by 1s2a3n4j5e6e7v

Generally, when we want to show the contents of some web page in the same page, we go for ajax requests. If say, I request to a web page in different domain with AJAX, it is not allowed because of the Cross side scripting error. But why is it allowed to access via a server side page. For e.g. we can use CURL in php to access any site.? Why is this feature OK for server side scripting and NOT OK for Client Side Scripting?

Read the article
.NET WebService Security who can see and use.

- by user295734

Trying to firgure out how to test the security of a WebService. Is there some way to search a site for webservices? I have 2 applications one has a webservice and the other a reference to that service. I let visual studio build the reference in the App_WebReferences folder. The webservice works, but i started wondering, can anyone access this service from any website? If so, how can i test this? How do you search a site for webservices? Could I use jQuery/JSON code from a simple site to access a webservice? I guess if it is not secure, how do you secure a webservice?

Read the article
Corporate developers: Do you feel your code is adding value to the company?

- by Pierreten

I'm going through a phase where I'm not being productive at all. I find it hard to justify to myself getting paid six figures to sit in front of my computer and act busy. Management is completely disengaged, and the users as well. What do you do in this type of situation? I've taken to learning some deeper aspects of .Net and software construction in general, but don't like the feeling that I'm stiffing my employer.

Read the article
How to integrate Windows Azure, Spring.NET and NHibernate?

- by paologios

Hi, we have a ASP.NET web application which makes use of NHibernate and Spring.NET (to do the session and transaction management stuff). Now we want to port parts of it to a Windows Azure application without making lots of changes to the used components. I already found this article of stackoverflow so I hope to get NHibernate running on Azure. My question: Has anybody experiences in running Spring.NET on Azure (with or without NHibernate) ??

Read the article

< Previous Page | 722 723 724 725 726 727 728 729 730 731 732 733 | Next Page >