Search Results

Search found 6069 results on 243 pages for 'ftv admin'.

Page 79/243 | < Previous Page | 75 76 77 78 79 80 81 82 83 84 85 86  | Next Page >

  • Displaying untrusted HTML using PHP

    - by esryl
    I have a read a number of excellent questions and answers today about dealing with user input. I am now using htmlspecialchars() to display user data in the create/edit forms (but accepting the raw input via prepared PDO statements into my database). The main question I know have is, what do you do when you are allowing the user to submit HTML which will then be displayed to the public. Obviously htmlspecialchars() is no longer suitable as it just encodes the tags and renders the content useless for purpose. My application is currently accepting HTML from an admin for product descriptions. This would allow a malicious admin to inject potentially unsafe data into public facing pages. How do people cope with this?

    Read the article

  • What permissions needed to connect to SQL Server Integration Services

    - by rwmnau
    I need to allow a consultant to connect to SSIS on a SQL Server 2008 box without making him a local administrator. If I add him to the local administrators group, he can connect to SSIS just fine, but it seems that I can't grant him enough permissions through SQL Server to give him these rights without being a local admin. I've added him to every role on the server, every database role in MSDB shy of DBO, and he's still not able to connect. I don't see any SSIS-related Windows groups on the server - Is membership in the Local Administrators group really required to connect to the SSIS instance on a SQL Server? It seems like there is somewhere I should be able to grant "SSIS Admin" rights to a user (even if it's a Windows account and not a SQL account), but I can't find that place. UPDATE: I've found an MSDN article (See the section titled "Eliminating the 'Access if Denied' Error") that describes how to resolve problem, but even after following the stepsI'm still not able to connect. Just wanted to add it to the discussion

    Read the article

  • MVC Application Design

    - by Paul Brown
    Hello I am about to create my first proper application in ASP.NET MVC3. It is basically a jobs site with 3 levels: 1) Users - No registration and can view all jobs posted on the website 2) Posters - Need to register and login to post adverts 3) Admin - Need to register and login to post adverts and review postings before they go live Would you suggest I use the same Jobs controller for the three levels I mention above? With a LIST action to show jobs to "Users" and a CREATE & EDIT action for the "Posters" & "Admin"? Thanks Paul

    Read the article

  • TFS Security and Documents Folder

    - by pm_2
    I'm getting an issue with TFS where the documents folder is marked with a red cross. As far as I can tell, this seems to be a security issue, however, I am set-up as project admin on the relevant projects. I’ve come to the conclusion that it’s a security issue from running the TFS Project Admin tool (available here). When I run this, it tells me that I don’t have sufficient access rights to open the project. I’ve checked, and I’m not included in any groups that are denied access. Please can anyone shed any light as to why I may not have sufficient access to these projects?

    Read the article

  • How to give xpath expression in java using axiom

    - by user1811206
    <resource name="cde.xml" status="updated" isCollection="false"> <mediaType>xml</mediaType> <creator>admin</creator> <createdTime>1352783477964</createdTime> <lastUpdater>admin</lastUpdater> <lastModified>1352783477964</lastModified> <description /> <version>0</version> <content>ZGFza2QgbGQgbGt2Zmx3ZGFzamQgYWRsa2ogYWxramRrbGEgamQK </content> </resource> i want to catch nodes which are having status using xpath here is the xpath expression other part of the code is correct. I have problem with xpath expression AXIOMXPath xpathExpression = new AXIOMXPath ( "//resourse[@name]");

    Read the article

  • Problem with Delete Link?

    - by Kevin
    When I click on the delete link I created, it doesn't do anything (even the flash[:notice] part) in the controller. Am I not calling the .delete? part correctly? The POST part works as I can add tips. Link: <%= link_to "Delete", :controller => "/admin", :action => "tips", :id => t.id, :method => :delete, :confirm => "Are you sure?" %> Admin Controller def tips @tips = Tip.all if request.post? tip = Tip.new(params[:geek_tips]) if tip.save flash[:notice] = "Saved!" redirect_to :action => "tips" else flash[:notice] = "Error!" end elsif request.delete? tip = Tip.find_by_id(params[:id]) tip.delete! flash[:notice] = "Delete Message" redirect_to :action => "tips" end end

    Read the article

  • Where to place java applet policy file?

    - by makdere
    Hi all, I am working on an artificial intelligence project which is a logic game and aims two user connecting to the server on the network who acts as an Admin and then start to play one by one. In order to create connections, i have a server code which is just listening on localhost:8000 and assigning team values to the clients as they arrive. After connecting, clients make their move under Admin's control. The question is that when i try to put my code to work in the browser it fails with the following error: java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:8000 connect,resolve) Even though i have created my own policy, first granting only Socket access permission to the codebase of my project folder (file:///home/xxx/projects/-), after it didnt work i granted all permissions from all codebase. I tried placing my policy file both in the home directory and in the same directory where my applet code resides. Appreciate any tips, thanks.

    Read the article

  • jquery tablesorter problem in FF only - header row disappears after show-hide of rows

    - by dac
    When the page loads, all the records show. Sorting works great until show-hide is used to filter the rows so only some show. Then the header row--with the arrows for sorting--DISAPPEARS. The problem is only in Firefox. It works great in IE7 and IE8. I'm using jQuery 1.4.2 from google. Code for show-hide $(document).ready(function() { // show all the rows $("#org_status tr").show(); //find selected filter $("#filter_status a").click(function(evt) { evt.preventDefault(); $("#org_status tr").hide(); var id = $(this).attr('id'); $("." + id).show(); }); }); Here is the HTML: <!-- show-hide "buttons" --> <p id='filter_status'>Filter by status: <a href='#' id='All'>All</a> <a href='#' id='Active'>Active</a> <a href='#' id='Inactive'>Inactive</a> <a href='#' id='Pending'>Pending</a> </p> <!-- table to sort -> <table id='org_status' class='info_table tablesorter'> <thead> <tr> <th class='org-name-col'>Name</th> <th class='org-status-col'>Status</th> </tr> </thead> <tbody> <tr class='All Active'> <td><a href='admin/org_edit.php?org=29'>Foo Net</a></td> <td>Active</td>"; </tr> <tr class='All Inactive'> <td><a href='admin/org_edit.php?org=22'>Bar</a></td> <td>Active</td>"; </tr> <tr class='All Pending'> <td><a href='admin/org_edit.php?org=11'> Bar Foo Very Long Org Name Goes Here</a></td> <td>Active</td>"; </tr> </tbody> </table>

    Read the article

  • automatic link submission in search engine

    - by Bharanikumar
    Hi , in Google i find one open source search engine , This Open Source This is my first search engine project , This si one open source , In this site, There is a link called ADD link , There visitor will add his/her site , Then admin will look and later , admin index the user added links , this is basic functionality of this open source, My doubt is How Google really fetch and produce the search result , Yes there is one way ,i know , The user add his site in Google so Google cron the contents , But one of my site , am not added in google but google croned , i dont know how it is ? Ok come to my doubt , i want to add other site automatically, wihtout manual , really is it possible or not , What steps i should follow for that ? Regards Bharanikumar

    Read the article

  • 2008 Datacenter Word Automation issue

    - by Brad
    We have an application that uses word automation. It works fine under Windows XP, but does not work on our Windows Server 2008 64-bit virtual machine running on VMware ESX unless it is running as the domain administrator. Under any other account (including a local admin), Word starts, uses a lot of CPU for 40 seconds when opening a document, and then just hangs. Our application does not access anything not on the local machine, and this machine is not being used for anything else (not a domain controller, etc). I know others have posted similar issues, with the solution of creating a Desktop folder somewhere under the windows directory. We did this, and it did not solve the problem (Word did not get as far as it did before we did this though). Please don't turn this into a thread about why I am trying to do this, whether I should do this, or whether I need to. For argument sake, I don't need to do this, but understanding what privilege a local admin does not have that is needed to do this is a legitimate concern.

    Read the article

  • Can't find a Wordpress image/photo gallery plugin

    - by mgroves
    I've been looking at Wordpress plugins for photo galleries (so maybe this is for superuser.com), and I've been very frustrated so far. It seems like what I'd like to do would be a very common use case: Admin: Be able to upload multiple pictures (at a time) Admin: Be able to assign a "gallery" to those pictures as I upload them User: Be able to go to a page with a (paged) list of all galleries User: Be able to click on gallery and view the images (again, probably paged) in that gallery User: Be able to click on an image to get larger/largest sizes User: Be able to leave comments on individual pictures (this is a "nice to have") The images/galleries could be totally independent of posts/pages, but it would be nice to be able to embed those images/galleries into posts/pages when necessary. Is there anything out there like this that I'm missing? I've tried a handful of plugins and none of them seem to be for a use case anywhere close to what I'm looking for. One of the reasons I'm trying to use Wordpress is to reduce time spent coding everything I want.

    Read the article

  • How to start a Process as administrator mode in C#

    - by RP
    I have a visual studio windows app project. I've added code to download an installer update file. The installer after it has finished downloading would need administrator privilages to run. I have added a manifest file. When user clicks on the DownloadUpdate.exe, UAC prompts the user for Admin permissions. So i assumed that all processes created and called within DownloadUpdate.exe will run in admin capacity. So i made the setup call my downloaded file with the following code: Process p = new Process(); p.StartInfo.WindowStyle = ProcessWindowStyle.Hidden; p.StartInfo.FileName = strFile; p.StartInfo.UseShellExecute = false; p.StartInfo.RedirectStandardOutput = true; p.StartInfo.RedirectStandardError = true;

    Read the article

  • Securing Plugin Data in WordPress From Access by Other Plugins?

    - by farinspace
    There probably is some solution to this, whether it involves code running on just the wordpress installation or a combination of a wordpress installation and a master server I am not sure yet, but please remember not to have tunnel vision and consider any and all possible solutions: The scenario is this: A WordPress plugin (plugin-A) that manages some sort of valuable data (something that the admin would not want stolen), lets say, lead data with user's name and email addresses, the plugin uses its own db tables. Other than the obvious (which is the admin installing plugin-B, not knowing its malicious intent), what is to prevent another WordPress plugin (plugin-B) from accessing plugin-A data or hacking plugin-A files to circumvent security.

    Read the article

  • how to set a status

    - by ejah85
    hello guys..here i've a problem where i want to set the status whether it is approved or reject.. the condition are if admin select the registration number and driver name, that means the status is approve otherwise, if admin fill up the reason, that means the request is reject.. here is the code to set status if ($reason =='null'){ $query2 = "UPDATE usage SET status ='APPROVED' WHERE '$bookingno'=bookingno"; $result2 = @mysql_query($query2); } elseif (($regno =='null')&&($d_name =='null')) { $query3 = "UPDATE usage SET status ='REJECT' WHERE '$bookingno'=bookingno"; $result3 = @mysql_query($query3); } when i save the data, the status field are not updates..

    Read the article

  • what are the most essential bundles in symfony2?

    - by user
    this question but i hope it does not, i'll try my best to make clarify it I'm new to symfony2 but not to php, as far as i know, everything in symfony2 is bundles. Being a django guy, i know that the essential apps are: south Django-Debug-Toolbar Haystack Search Django Admin Tools (maybe) fabric the registration and user profile app (unless you decide to use django-userena) Piston I'm not going to make a longer list, you get the point. I know 2 essential apps for symfony2 so far the admin generator and FOSUserBundle. So what are other must have bundles?

    Read the article

  • Model objects versions in Django

    - by pablo
    Hi I'm building an e-commerce website. I have a Product and Order models. It's possible that a customer order a product and then the admin change its price or other fields before the customer actually get it. A possible solution is to add a 'version' field to the Product model. When the admin update a product field I'll add a timestamp and create a new object instead of updating the old one. An Order will have a reference to a specific product version. Does this make sense? Will overriding the Product Save method be sufficient to make it work? Thanks

    Read the article

  • ASP.NET MVC Actions that return different views, or just make a ton of Actions?

    - by Nate Bross
    So, I am in a situation, where I need to display a different view based on the "Role" that the authenticated user has. I'm wondering which approach is best here: [Authorize(Roles="Admin")] public ActionResult AdminList(int? divID, int? subDivID) { var data = GetListItems(divID.Value, subDivID.Value); return View(data); } [Authorize(Roles = "Consultant")] public ActionResult ConsultantList(int? divID, int? subDivID) { var data = GetListItems(divID.Value, subDivID.Value); return View(data); } or should I do something like this [Authorize] public ActionResult List(int? divID, int? subDivID) { var data = GetListItems(divID.Value, subDivID.Value); if(HttpContenxt.User.IsInRole("Admin") { return View("AdminList", data ); } if(HttpContenxt.User.IsInRole("Consultant") { return View("ConsultantList", data ); } return View("NotFound"); }

    Read the article

  • Adding a red5 app in a multiuser website

    - by Zakaria
    hi everybody, I have an mvc php website where users can publish their public information: http://www.example.com/foobar/profile. Beside this project, based on some red5 samples, I have an application (done with Flex) that sends audio: rtmp://server/sendAudio (very basic but works). I want to create for each subscribed on my website an admin part where can send an audio stream: http://admin.example.com/foobar. And, when someone goes on their public profile, they can listen to the streamed audio: http://www.example.com/foobar/profile). How can I use my red5/flash app dynamically with my php website so that my users can broadcast their proper canal? Do you have some experience to share ? Thank you, Regards.

    Read the article

  • Sessions and uploadify

    - by Uffo
    I'm using uploadify, and i can't set sessions in my php files, my script looks like this: $("#uploadify").uploadify({ 'uploader' : '/extra/flash/uploadify.swf', 'script' : '/admin/uploads/artistsphotos', 'scriptData' : {'PHPSESSID' : '<?= session_id(); ?>'}, 'cancelImg' : '/images/cancel.png', 'folder' : '/img/artists', 'queueID' : 'fileQueue', 'auto' : false, 'multi' : true, 'onComplete' : function(a, b, c, d, e){ }, 'onAllComplete': function(event,data){ $bla = $('#art').find(':selected',this); $fi = $bla.val(); $.ajax({ type: "POST", url: "/admin/uploads/artistsphotosupload", data: "artist="+$fi, success: function(msg){ console.log(msg); } }); } }); And in php if i try: $_SESSION['name'] = 'something'; I can't access it in another file.and i have session_start(); activated Any solutions?

    Read the article

  • Alert on gridview edit based on permission

    - by Vicky
    I have a gridview with edit option at the start of the row. Also I maintain a seperate table called Permission where I maintain user permissions. I have three different types of permissions like Admin, Leads, Programmers. These all three will have access to the gridview. Except admin if anyone tries to edit the gridview on clicking the edit option, I need to give an alert like This row has important validation and make sure you make proper changes. When I edit, the action with happen on table called Application. The table has a column called Comments. Also the alert should happen only when they try to edit rows where the Comments column have these values in them. ManLog datas Funding Approved Exported Applications My try so far. public bool IsApplicationUser(string userName) { return CheckUser(userName); } public static bool CheckUser(string userName) { string CS = ConfigurationManager.ConnectionStrings["ConnectionString"].ToString(); DataTable dt = new DataTable(); using (SqlConnection connection = new SqlConnection(CS)) { SqlCommand command = new SqlCommand(); command.Connection = connection; string strquery = "select * from Permissions where AppCode='Nest' and UserID = '" + userName + "'"; SqlCommand cmd = new SqlCommand(strquery, connection); SqlDataAdapter da = new SqlDataAdapter(cmd); da.Fill(dt); } if (dt.Rows.Count >= 1) return true; else return true; } protected void Details_RowCommand(object sender, GridViewCommandEventArgs e) { string currentUser = HttpContext.Current.Request.LogonUserIdentity.Name; string str = ConfigurationManager.ConnectionStrings["ConnectionString"].ToString(); string[] words = currentUser.Split('\\'); currentUser = words[1]; bool appuser = IsApplicationUser(currentUser); if (appuser) { DataSet ds = new DataSet(); using (SqlConnection connection = new SqlConnection(str)) { SqlCommand command = new SqlCommand(); command.Connection = connection; string strquery = "select Role_Cd from User_Role where AppCode='PM' and UserID = '" + currentUser + "'"; SqlCommand cmd = new SqlCommand(strquery, connection); SqlDataAdapter da = new SqlDataAdapter(cmd); da.Fill(ds); } if (e.CommandName.Equals("Edit") && ds.Tables[0].Rows[0]["Role_Cd"].ToString().Trim() != "ADMIN") { int index = Convert.ToInt32(e.CommandArgument); GridView gvCurrentGrid = (GridView)sender; GridViewRow row = gvCurrentGrid.Rows[index]; string strID = ((Label)row.FindControl("lblID")).Text; string strAppName = ((Label)row.FindControl("lblAppName")).Text; Response.Redirect("AddApplication.aspx?ID=" + strID + "&AppName=" + strAppName + "&Edit=True"); } } } Kindly let me know if I need to add something. Thanks for any suggestions.

    Read the article

  • How to isolate data per customer, Django powered website

    - by Sawwy
    I have recently started learning python and django and working on a project that includes building a website for collecting information from customers. I am currently trying to figure out best way to isolate the customer data (collected information is sensitive and should only be accessible by customer and the service provider). I found this post Postgresql - one database for everyone, or one-database per customer and my question is that can I automate the model inheritance with customer creation via admin? To be specific, when save() is called for adding customer via django admin, this should create the customer specific tables (create a new set of tables with 'company_name' -prefix). For more information of the environment, I have extended the basic user registration with custom UserProfile adding 'company' and 'role' fields for each user. Upon login, the 'company' of the user will be checked to filter out tables without the 'company_name' prefix. 'Role' will further filter the which company-specific tables and set rights (view, edit). will appreciate any suggestions if more elegant methods could be used to solve the data isolation problem than model inheritance.

    Read the article

  • How to generate a user role grid

    - by Svish
    I have the following tables: users (id, username, ... ) roles (id, name) roles_users (user_id, role_id) I am wondering how I can create a nice sort of user-role-grid from that which an admin can use to administer roles to users in a clear way. What I would like is basically a table full of checkboxes sort of like this: Login Editor Admin Alice ¦ ¦ ¦ Bob ¦ ? ? Carol ¦ ¦ ? [Apply] Generating the table isn't too much of a deal, but I am very unsure how to handle it when it comes to how to name all the checkboxes and especially how to read and update the database in a not too clumsy way. Does anyone have any good advice or pointers on how to do this in a mostly clean way? I'm using the Kohana 3 framework, if there is anything there that can make this even easier, but I of course welcome any answer.

    Read the article

  • Need an Asp.net MVC Application solution

    - by Daoming Yang
    I have implemented a small ordering and stock control system (for internal using) with the MVC 2 framework. Now my friends, they want to have a website to present the existing products for their customers. I know, I know they will ask me to do this one day. So in the beginning, I have made the controller name to start with "Admin". But now I am not sure the best way to implement their requirements. Could you advise me? 1.For the security reason, I did not allowed anonymous user to access the website a part from the CSS and image files. My question is the controllers' name are not folders' name, how could I set this up? 2.I'm planning to put the admin section into an "area" and will it be a good way to go? Can anyone provide me some suggestions. Many thanks.

    Read the article

  • Devise and cancan gems: has_many association

    - by tiktak
    I use devise and cancan gems and have simple model association: user has_many subscriptions, subscription belongs_to :user. Have following SubscriptionsController: class SubscriptionsController < ApplicationController load_and_authorize_resource :user load_and_authorize_resource :subscription, through: :user before_filter :authenticate_user! def index @subscriptions = @user.subscriptions.paginate(:page => params[:page]).order(:created_at) end #other actions end And Cancan Ability.rb: class Ability include CanCan::Ability def initialize(user) user ||=User.new can [:index, :show], [Edition, Kind] if user.admin? can :manage, :all elsif user.id can [:read, :create, :destroy, :pay], Subscription, user_id: user.id can [:delete_from_cart, :add_to_cart, :cart], User, id: user.id end end end The problem is that i cannot use subscriptions actions as a user but can as a admin. And have no problems with UsersController. When i delete following lines from SubscriptionsController: load_and_authorize_resource :user load_and_authorize_resource :subscription, through: :user before_filter :authenticate_user! Have no problems at all. So the issue in these lines or in Ability.rb. Any suggestions?

    Read the article

< Previous Page | 75 76 77 78 79 80 81 82 83 84 85 86  | Next Page >