Search Results

Search found 30858 results on 1235 pages for 'database tuning'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 787/1235 | < Previous Page | 783 784 785 786 787 788 789 790 791 792 793 794  | Next Page >

  • What are the weaknesses of this user authentication method?

    - by byronh
    I'm developing my own PHP framework. It seems all the security articles I have read use vastly different methods for user authentication than I do so I could use some help in finding security holes. Some information that might be useful before I start. I use mod_rewrite for my MVC url's. Passwords are sha1 and md5 encrypted with 24 character salt unique to each user. mysql_real_escape_string and/or variable typecasting on everything going in, and htmlspecialchars on everything coming out. Step-by step process: Top of every page: session_start(); session_regenerate_id(); If user logs in via login form, generate new random token to put in user's MySQL row. Hash is generated based on user's salt (from when they first registered) and the new token. Store the hash and plaintext username in session variables, and duplicate in cookies if 'Remember me' is checked. On every page, check for cookies. If cookies set, copy their values into session variables. Then compare $_SESSION['name'] and $_SESSION['hash'] against MySQL database. Destroy all cookies and session variables if they don't match so they have to log in again. If login is valid, some of the user's information from the MySQL database is stored in an array for easy access. So far, I've assumed that this array is clean so when limiting user access I refer to user.rank and deny access if it's below what's required for that page. I've tried to test all the common attacks like XSS and CSRF, but maybe I'm just not good enough at hacking my own site! My system seems way too simple for it to actually be secure (the security code is only 100 lines long). What am I missing? I've also spent alot of time searching for the vulnerabilities with mysql_real_escape string but I haven't found any information that is up-to-date (everything is from several years ago at least and has apparently been fixed). All I know is that the problem was something to do with encoding. If that problem still exists today, how can I avoid it? Any help will be much appreciated.

    Read the article

  • In php, Prepare string and create XML/RSS Feed

    - by Bill
    I want to create my own RSS/XML feed. I fetch data from the database to display, but keep getting invalid character errors. If the string has an ampersand or other strange characters in it, the XML will be invalid. I tried using urlencode and htmlentities, but these don't capture all possible characters which need to be escaped. Does anyone know of a PHP function which will prepare a string for XML output?

    Read the article

  • Linq-to-SQL: how many datacontexts ?

    - by sh00
    I have a SQL Server 2008 database with 300 tables. The application I have to design is an Windows Forms app, .NET 3.5, C#. Which is the best way to work with Linq-to-SQL ? I intend to make a datacontext for each business entity. Is there any problem ? I need to know if this way of working with Linq-to-SQL has any disadvantage or can create performance issues ? Thanks.

    Read the article

  • Entity Framework with XML Files

    - by Tim
    Can someone point me to a good tutorial explaining the Entity Framework using an XML file instead of a database? I have seen some good tutorials with SQL databases, but I can't make the leap to an XML file. Thanks!

    Read the article

  • Cross browser window close event

    - by slik
    Is there a solution for cross browser event. I need to check if user closes their window and to throw an ajax request to my database to sign them out. I've looked everyone but most cases its not working in all browsers. Anyone have a solution? Or Alternative on how to do this perhaps a conditional statement depending on the browser? Thanks!

    Read the article

  • Communicating with remote server in Android

    - by primal
    Hi, As part of the college mini-project, I am developing a micro-blogging platform for Android. I am planning to use Django framework in python to handle the communication between Android and remote server so as to make database API independent. I heard its best practice to use HTTP methods for the communication. Which is the best site/book to learn using HTTP methods for Android? I

    Read the article

  • How to Use Accordian Control in GridView

    - by Khilen
    i have Category & subCategory Detail i want that in Header of Accordion i can get Category Detail and when click on that related subcategory is displayed but i am retrieving data from database and even the subcateogry will contain a gridview so please give me example how to make such

    Read the article

  • SQL Images in different tables

    - by Adonis L
    I am storing images in a SQL database , right now I have images being stored in separate tables depending on the object the images belong to, is there any reason ( performance etc..) why I should keep it this way and not store all images in the same table?

    Read the article

  • Specify ApplicationName when using ASP.NET Web Site Administration Tool

    - by ProfK
    This tool is supposed to configure users and roles etc., but when I use it on a new web site, with a new aspnetdb database, it adds a record to the aspnet_Applications table with the ApplicationName and the LoweredApplicationName fields set to /. I think it would make more sense if it actually used the application name, i.e. the web site name. Can I safely just change the application name? Is there a better way of configuring these things?

    Read the article

  • How do I update with a newly-created detached entity using NHibernate?

    - by Daniel T.
    Explanation: Let's say I have an object graph that's nested several levels deep and each entity has a bi-directional relationship with each other. A -> B -> C -> D -> E Or in other words, A has a collection of B and B has a reference back to A, and B has a collection of C and C has a reference back to B, etc... Now let's say I want to edit some data for an instance ofC. In Winforms, I would use something like this: var instanceOfC; using (var session = SessionFactory.OpenSession()) { // get the instance of C with Id = 3 instanceOfC = session.Linq<C>().Where(x => x.Id == 3); } SendToUIAndLetUserUpdateData(instanceOfC); using (var session = SessionFactory.OpenSession()) { // re-attach the detached entity and update it session.Update(instanceOfC); } In plain English, we grab a persistent instance out of the database, detach it, give it to the UI layer for editing, then re-attach it and save it back to the database. Problem: This works fine for Winform applications because we're using the same entity all throughout, the only difference being that it goes from persistent to detached to persistent again. The problem occurs when I'm using a web service and a browser, sending over JSON data. In this case, the data that comes back is no longer a detached entity, but rather a transient one that just happens to have the same ID as the persistent one. If I use this entity to update, it will wipe out the relationship to B and D unless I sent the entire object graph over to the UI and got it back in one piece. Question: My question is, how do I serialize detached entities over the web, receive them back, and save them, while preserving any relationships that I didn't explicitly change? I know about ISession.SaveOrUpdateCopy and ISession.Merge() (they seem to do the same thing?), but this will still wipe out the relationships if I don't explicitly set them. I could copy the fields from the transient entity to the persistent entity one by one, but this doesn't work too well when it comes to relationships and I'd have to handle version comparisons manually.

    Read the article

  • SQL DROP TABLE foreign key constraint

    - by Polly Hollanger
    If I want to delete all the tables in my database like this, will it take care of the foreign key constraint? If not, how do I take care of that first? GO IF OBJECT_ID('dbo.[Course]','U') IS NOT NULL DROP TABLE dbo.[Course] GO IF OBJECT_ID('dbo.[Student]','U') IS NOT NULL DROP TABLE dbo.[Student]

    Read the article

  • cx_Oracle and output variables

    - by Tim
    I'm trying to do this again an Oracle 10 database: cursor = connection.cursor() lOutput = cursor.var(cx_Oracle.STRING) cursor.execute(""" BEGIN %(out)s := 'N'; END;""", {'out' : lOutput}) print lOutput.value but I'm getting DatabaseError: ORA-01036: illegal variable name/number Is it possible to define PL/SQL blocks in cx_Oracle this way?

    Read the article

  • Use Tablediff to compare all tables

    - by Davie
    Hi, I have recently discovered the tablediff utility of SQL Server 2005. I have 2 instances of the same database each on a different server. Is it possible to compare all tables using tablediff without having to replicate the same command while only changing the table name? For example, compare table1 on server1 with table1 on server2 then compare table2 on server1 with table2 on server2, until all tables have been compared.

    Read the article

  • UNIQUE Constraints in SQL (SQL Server)

    - by rockbala
    Why are UNIQUE Constraints needed in database ? Can you provide any examples ? Primary Key is UNIQUE by default... Understandable as they are referred in other tables as Foreign keys... relation is needed to connect them for rdbms platform... but why would one refer to other columns as UNIQUE, what is benefit of doing so ?)

    Read the article

  • Oracle DB on solaris utilizing swap memory when free RAM available

    - by Ara
    Hi, We have a weird instance where we noticed our oracle database server swap utilization was 100% and surprised to see that the system had free memory available during that period. To my knowledge, swap memory utilization starts once system runs out of free RAM (please correct me if i'm wrong). Not sure what could have caused this unusual activity. Had anyone else experienced such behaviour? Regs,

    Read the article

  • Change MS Access to Exclusive on the fly

    - by Nate
    I have a process in an MS Acess database that the users will usually run once daily, but could be more or less. It takes several minutes and requires temporary exclusive access because it deletes and recreates the main table. I have code to check to see if there are other users in the db before the process starts, but is there a way to change the access to "exclusive" at the beginning, and then change it back to open access at the end? Thanks for any help.

    Read the article

  • .net: does anyone know a free library to download nntp messages

    - by stighy
    hi folks, i'm using ip*works for download newsgroup message and insert them into a database... ipworks is "comfortable" to use because it automatically split nntp data return into different object (or variable). So i've "author" "date" "topic" "messagge" already splitted to my use. However ipworks isn't free and it cost a lot for my use.. so i'm asking you some component or code snippet to use to download and "manage" nntp messagges. Thanks in advance and regards!

    Read the article

  • selecting data from table based on date .

    - by mehdi
    i have database table like this +-------+--------------+----------+ | id | ip | date | +-------+--------------+----------+ | 505 |192.168.100.1 |2010-04-03| | 252 |192.168.100.5 |2010-03-03| | 426 |192.168.100.6 |2010-03-03| | 201 |192.168.100.7 |2010-04-03| | 211 |192.168.100.10|2010-04-03| +-------+--------------+----------+ how can i retirive data from this table where month=03 how to write sql to do that . select * from table where month=03 something like that .

    Read the article

  • How to access the client registry using JavaScript?

    - by Vibin Jith
    Hai , How to set Key and Value in the client registry using javascript. I Just want to keep the user profiles in the registry. When a user visit the page from a particular system , automatically connect to the system preferred database.For that I want to keep the connection string in the windows registry. Please tell with code snippets , i am new in javascript.

    Read the article

  • Should I be regularly shrinking my DB or at least my log file?

    - by Tom
    My question is, should I be running one or both of the shrink command regularly, DBCC SHRINKDATABASE OR DBCC SHRINKFILE ============================= background Sql Server: Database is 200 gigs, logs are 150 gigs. running this command SELECT name ,size/128.0 - CAST(FILEPROPERTY(name, 'SpaceUsed') AS int) / 128.0 AS AvailableSpaceInMB FROM sys.database_files;` produces this output.. MyDB: 159.812500 MB free MyDB_Log: 149476.390625 MB free So it seems there is some free space. We backup transaction logs every hour, diff backup 5 nights a week, full backup the other 2 nights of the week.

    Read the article

  • MSQL upgrade on Ubuntu - any heads ups?

    - by Rob Sedge
    I am needing to upgrade MYSQL on Ubuntu, it is a production server and naturally cautious. My many googles look to be essentially saying that I need to : 1) Backup my current mysql database and tables/data 2) Uninstall current mysql 3) Install new MYSQL 5+ 4) Restore Databases/ tables and data 5) Hope and Pray I got it right ?? Something doesn't seem right, sounds like a lot of down time and risk Am I missing something / or any simple solutions? Upgrading from mSQL 4 to 5 on Ubuntu 10 Many Thanks, Rob

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 783 784 785 786 787 788 789 790 791 792 793 794  | Next Page >