Search Results

Search found 9715 results on 389 pages for 'bad passwords'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 81/389 | < Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >

  • AI to move custom-shaped spaceships (shape affecting movement behaviour)

    - by kaoD
    I'm designing a networked turn based 3D-6DOF space fleet combat strategy game which relies heavily on ship customization. Let me explain the game a bit, since you need to know a bit about it to set the question. What I aim for is the ability to create your own fleet of ships with custom shapes and attached modules (propellers, tractor beams...) which would give advantages and disadvantages to each ship, so you have lots of different fleet distributions. E.g., long ship with two propellers at the side would let the ship spin around that plane easily, bigger ships would move slowly unless you place lots of propellers at the back (therefore spending more "construction" points and energy when moving, and it will only move fast towards that direction.) I plan to balance all the game around this feature. The game would revolve around two phases: orders and combat phase. During the orders phase, you command the different ships. When all players finish the order phase, the combat phase begins and the ship orders get resolved in real-time for some time, then the action pauses and there's a new orders phase. The problem comes when I think about player input. To move a ship, you need to turn on or off different propellers if you want to steer, travel forward, brake, rotate in place... These propellers don't have to work at their whole power, so you can achieve more movement combinations with less propellers. I think this approach is a bit boring. The player doesn't want to fiddle with motors or anything, you just want to MOVE and KILL. The way I intend the player to give orders to these ships is by a destination and a rotation, and then the AI would calculate the correct propeller power to achive that movement and rotation. Propulsion doesn't have to be the same throught the entire turn calculation (after the orders have been given) so it would be cool if the ships reacted as they move, adjusting the power of the propellers for their needs dynamically, but it may be too hard to implement and it's not really needed for the game to work. In both cases, how would that AI decide which propellers to activate for the best (or at least not worst) trajectory to be achieved? I though about some approaches: Learning AI: The ship types would learn about their movement by trial and error, adjusting their behaviour with more uses, and finally becoming "smart". I don't want to get involved THAT far in AI coding, and I think it can be frustrating for the player (even if you can let it learn without playing.) Pre-calculated timestep movement: Upon ship creation, ALL possible movements are calculated for each propeller configuration and power for a given delta-time. Memory intensive, ugly, bad. Pre-calculated trajectories: The same as above but not for each delta-time but the whole trajectory, which would then be fitted as much as possible. Requires a fixed propeller configuration for the whole combat phase and is still memory intensive, ugly and bad. Continuous brute forcing: The AI continously checks ALL possible propeller configurations throughout the entire combat phase, precalculates a few time steps and decides which is the best one based on that. Con: what's good now might not be that good later, and it's too CPU intensive, ugly, and bad too. Single brute forcing: Same as above, but only brute forcing at the beginning of the simulation, so it needs constant propeller configuration throughout the entire combat phase. Coninuous angle check: This is not a full movement method, but maybe a way to discard "stupid" propeller configurations. Given the current propeller's normal vector and the final one, you can approximate the power needed for the propeller based on the angle. You must do this continuously throughout the whole combat phase. I figured this one out recently so I didn't put in too much thought. A priori, it has the "what's good now might not be that good later" drawback too, and it doesn't care about the other propellers which may act together to make a better propelling configuration. I'm really stuck here. Any ideas?

    Read the article

  • Incentivizing Work with Development Teams

    - by MarkPearl
    Recently I saw someone on twitter asking about incentives and if anyone had past experience with incentivizing work. I promised to respond with some of the experiences I have had in the past so here goes... **Disclaimer** - these are my experiences with incentives, generally in software development - in some other industries this may not be applicable – this is also my thinking at this point in time, with more experience my opinion may change. Incentivize at the level that you want people to group at If you are wanting to promote a team mentality, incentivize teams. If you want to promote an individual mentality, incentivize individuals. There is nothing worse than mixing this up. Some organizations put a lot of effort in establishing teams and team mentalities but reward individuals. This has a counter effect on the resources they have put towards establishing a team mentality. In the software projects that I work with we want promote cross functional teams that collaborate. Personally, if I was on a team and knew that there was an opportunity to work on a critical component of the system, and that by doing so I would get a bigger bonus, then I would be hesitant to include other people in solving that problem. Thus, I would hinder the teams efforts in being cross functional and reduce collaboration levels. Does that mean everyone in the team should get an even share of an incentive? In most situations I would say yes - even though this may feel counter-intuitive. I have heard arguments put forward that if “person x contributed more than person Y then they should be rewarded more” – This may sound controversial but I would rather treat people how would you like them to perform, not where they currently are at. To add to this approach, if someone is free loading, you bet your bottom dollar that the team is going to make this a lot more transparent if they feel that individual is going to be rewarded at the same level that everyone else is. Bad incentives promote destructive work If you are going to incentivize people, pick you incentives very carefully. I had an experience once with a sales person who was told they would get a bonus provided that they met an ordering target with a particular supplier. What did this person do? They sold everything at cost for the next month or so. They reached the goal, but the company didn't gain anything from it. It was a bad incentive. Expect the same with development teams, if you incentivize zero bug levels, you will get zero code committed to the solution. If you incentivize lines of code, you will get many many lines of bad code. Is there such a thing as a good incentives? Monetary wise, I am not sure there is. I would much rather encourage organizations to pay their people what they are worth upfront. I would also advise against paying money to teams as an incentive or even a bonus or reward for reaching a milestone. Rather have a breakaway for the team that promotes team building as a reward if they reach a milestone than pay them more money. I would also advise against making the incentive the reason for them to reach the milestone. If this becomes the norm it promotes people to begin to only do their job if there is an incentive at the end of the line. This is not a behaviour one wants to encourage. If the team or individual is in the right mind-set, they should not work any harder than they are right now with normal pay.

    Read the article

  • Is hidden content (display: none;) -indexed- by search engines? [closed]

    - by user568458
    Possible Duplicate: How bad is it to use display: none in CSS? We've established on this site before (in this question) that, since there are so many legitimate uses for hiding content with display: none; when creating interactive features, that sites aren't automatically penalised for content that is hidden this way (so long as it doesn't look algorithmically spammy). Google's Webmaster guidelines also make clear that a good practice when using content that is initially legitimately hidden for interactivity purposes is to also include the same content in a <noscript> tag, and Google recommend that if you design and code for users including users with screen readers or javascript disabled, then 9 times out of 10 good relevant search rankings will follow (though their specific advice seems more written for cases where javascript writes new content to the page). JavaScript: Place the same content from the JavaScript in a tag. If you use this method, ensure the contents are exactly the same as what’s contained in the JavaScript, and that this content is shown to visitors who do not have JavaScript enabled in their browser. So, best practice seems pretty clear. What I can't find out is, however, the simple factual matter of whether hidden content is indexed by search engines (but with potential penalties if it looks 'spammy'), or, whether it is ignored, or, whether it is indexed but with a lower weighting (like <noscript> content is, apparently). (for bonus points it would be great to know if this varies or is consistent between display: none;, visibility: hidden;, etc, but that isn't crucial). This is different to the other questions on display:none; and SEO - those are about good and bad practice and the answers are discussions of good and bad practice, I'm interested simply in the factual 'Yes or no' question of whether search engines index, or ignore, content that is in display: none; - something those other questions' answers aren't totally clear on. One other question has an answer, "Yes", supported by a link to an article that doesn't really clear things up: it establishes that search engines can spot that text is hidden, it discusses (again) whether hidden text causes sites to be marked as spam, and ultimately concludes that in mid 2011, Google's policy on hidden text was evolving, and that they hadn't at that time started automatically penalising display:none; or marking it as spam. It's clear that display: none; isn't always spam and isn't always treated as spam (many Google sites use it...): but this doesn't clear up how, or if, it is indexed. What I will do will be to follow the guidelines and make sure that all the content that is initially hidden which regular users can explore using javascript-driven interactivity is also structured in way that noscript/screenreader users can use. So I'm not interested in best practice, opinions etc because best practice seems to be really clear: accessibility best practices boosts SEO. But I'd like to know what exactly will happen: whether any display: none; content I have alongside <noscript> or otherwise accessibility-optimised content will be be ignored, or indexed again, or picked up to compare against the <noscript> content but not indexed... etc.

    Read the article

  • Stateful vs. Stateless Webservices

    - by chrsk
    Imagine a more complex CRUD application which has a three-tier-architecture and communicates over webservices. The client starts a conversation to the server and doing some wizard like stuff. To process the wizard the client needs feedback given by the server. We started a discussion about stateful or stateless webservices for this approach. I made some research combined with my own experience, which points me to the question mentioned later. Stateless webservices having the following properties (in our case): + high scalability + high availability + high speed + rapid testing - bloated contract - implementing more logic on server-side But we can cross out the first two points, our application doesn't needs high scalability and availability. So we come to the stateful webservice. I've read a bunch of blogs and forum posts and the most invented point implementing a stateful webservice was: + simplifies contract (protocol) - bad testing - runs counter to the basic architecture of http But doesn't almost all web applications have these bad points? Web applications uses cookies, query strings, session ids, and all the stuff to avoid the statelessness of http. So why is it that bad for webservices?

    Read the article

  • Can I convert an ASCII MD5 hashed password into a Unicode MD5 hashed password?

    - by Jimmy Moo Moo
    Hello, I'm looking for help to convert an ASCII MD5 hashed password into a Unicode MD5 hashed password? For example, I'll use the string "password" . When it's converted to an ascii byte array, I get a base64 encoded hash of X03MO1qnZdYdgyfeuILPmQ== When it's converted into a unicode byte array, I get a base64 encoded hash of sIHb6F4ew//D1OfQInQAzQ== All my passwords are stored in an md5 hash that was applied to an ascii byte array, but I'm trying to migrate my application's user data to a system that stores password in an md5 hash that is applied a unicode byte array. In case it's not clear, with the following C#code: var passwordBytes = Encoding.ASCII.GetBytes("password"); var hashAlgorithm = HashAlgorithm.Create("MD5"); var hashBytes = hashAlgorithm.ComputeHash(passwordBytes); My current system uses this, but the system I'm moving to has a diff first time. It usese Encoding.Unicode.GetBytes. Does anybody know how I can convert my passwords? From X03MO1qnZdYdgyfeuILPmQ== into sIHb6F4ew//D1OfQInQAzQ== I'm guessing the answer is that I can't.. the encoding is being done before the hashing, but I thought I'd inquire the bright minds of stackoverflow and see if anybody has a way.

    Read the article

  • Best way for a remote web app to authenticate users in my current web app?

    - by jklp
    So a bit of background, I'm working on an existing web application which has a set of users, who are able to log in via a traditional login screen with a user name and password, etc. Recently we've managed to score a client (who have their own Intranet site), who are wanting to be able to have their users log into their Intranet site, and then have their users click a link on their Intranet which redirects to our application and logs them into it automatically. I've had two suggestions on how to implement this so far: Create a URL which takes 2 parameters (which are "username" and "password") and have the Intranet site pass those parameters to us (our connection is via TLS so it's all encrypted). This would work fine, but it seems a little "hacky", and also means that the logins and passwords have to be the same on both systems (and having to write some kind of web service which can update the passwords for users - which also seems a bit insecure) Provide a token to the Intranet, so when the client clicks on a link on the Intranet, it sends the token to us, along with the user name (and no password) which means they're authenticated. Again, this sounds a bit hacky as isn't that essentially the same as providing everyone with the same password to log in? So to summarise, I'm after the following things: A way for the users who are already authenticated on the Intranet to log into our system without too much messing around, and without using an external system to authenticate, i.e. LDAP / Kerberos Something which isn't too specific to this client, and can easily be implemented by other Intranets to log in

    Read the article

  • What is the best "forgot my password" method?

    - by Edward Tanguay
    I'm programming a community website. I want to build a "forgot my password" feature. Looking around at different sites, I've found they employ one of three options: send the user an email with a link to a unique, hidden URL that allows him to change his password (Gmail and Amazon) send the user an email with a new, randomly generated password (Wordpress) send the user his current password (www.teach12.com) Option #3 seems the most convenient to the user but since I save passwords as an MD5 hash, I don't see how option #3 would be available to me since MD5 is irreversible. This also seems to be insecure option since it means that the website must be saving the password in clear text somewhere, and at the least the clear-text password is being sent over insecure e-mail to the user. Or am I missing something here? So if I can't do option #1, option #2 seems to be the simplest to program since I just have to change the user's password and send it to him. Although this is somewhat insecure since you have to have a live password being communicated via insecure e-mail. However, this could also be misused by trouble-makers to pester users by typing in random e-mails and constantly changing passwords of various users. Option #1 seems to be the most secure but requires a little extra programming to deal with a hidden URL that expires etc., but it seems to be what the big sites use. What experience have you had using/programming these various options? Are there any options I've missed?

    Read the article

  • How to delete a large cookie that causes Apache to 400

    - by jakemcgraw
    I've come across an issue where a web application has managed to create a cookie on the client, which, when submitted by the client to Apache, causes Apache to return the following: HTTP/1.1 400 Bad Request Date: Mon, 08 Mar 2010 21:21:21 GMT Server: Apache/2.2.3 (Red Hat) Content-Length: 7274 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>400 Bad Request</title> </head><body> <h1>Bad Request</h1> <p>Your browser sent a request that this server could not understand.<br /> Size of a request header field exceeds server limit.<br /> <pre> Cookie: ::: A REALLY LONG COOKIE ::: </pre> </p> <hr> <address>Apache/2.2.3 (Red Hat) Server at www.foobar.com Port 80</address> </body></html> After looking into the issue, it would appear that the web application has managed to create a really long cookie, over 7000 characters. Now, don't ask me how the web application was able to do this, I was under the impression browsers were supposed to prevent this from happening. I've managed to come up with a solution to prevent the cookies from growing out of control again. The issue I'm trying to tackle is how do I reset the large cookie on the client if every time the client tries to submit a request to Apache, Apache returns a 400 client error? I've tried using the ErrorDocument directive, but it appears that Apache bails on the request before reaching any custom error handling.

    Read the article

  • delayed evaluation of code in subroutines - 5.8 vs. 5.10 and 5.12

    - by Brock
    This bit of code behaves differently under perl 5.8 than it does under perl 5.12: my $badcode = sub { 1 / 0 }; print "Made it past the bad code.\n"; [brock@chase tmp]$ /usr/bin/perl -v This is perl, v5.8.8 built for i486-linux-gnu-thread-multi [brock@chase tmp]$ /usr/bin/perl badcode.pl Illegal division by zero at badcode.pl line 1. [brock@chase tmp]$ /usr/local/bin/perl -v This is perl 5, version 12, subversion 0 (v5.12.0) built for i686-linux [brock@chase tmp]$ /usr/local/bin/perl badcode.pl Made it past the bad code. Under perl 5.10.1, it behaves as it does under 5.12: brock@laptop:/var/tmp$ perl -v This is perl, v5.10.1 (*) built for i486-linux-gnu-thread-multi brock@laptop:/var/tmp$ perl badcode.pl Made it past the bad code. I get the same results with a named subroutine, e.g. sub badcode { 1 / 0 } I don't see anything about this in the perl5100delta pod. Is this an undocumented change? A unintended side effect of some other change? (For the record, I think 5.10 and 5.12 are doing the Right Thing.)

    Read the article

  • Is it possible to convert a 40-character SHA1 hash to a 20-character SHA1 hash?

    - by ewitch
    My problem is a bit hairy, and I may be asking the wrong questions, so please bear with me... I have a legacy MySQL database which stores the user passwords & salts for a membership system. Both of these values have been hashed using the Ruby framework - roughly like this: hashedsalt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") hashedpassword = Digest::SHA1.hexdigest("#{hashedsalt}:#{password}") So both values are stored as 40-character strings (varchar(40)) in MySQL. Now I need to import all of these users into the ASP.NET membership framework for a new web site, which uses a SQL Server database. It is my understanding that the the way I have ASP.NET membership configured, the user passwords and salts are also stored in the membership database (in table aspnet_Membership) as SHA1 hashes, which are then Base64 encoded (see here for details) and stored as nvarchar(128) data. But from the length of the Base64 encoded strings that are stored (28 characters) it seems that the SHA1 hashes that ASP.NET membership generates are only 20 characters long, rather than 40. From some other reading I have been doing I am thinking this has to do with the number of bits per character/character set/encoding or something related. So is there some way to convert the 40-character SHA1 hashes to 20-character hashes which I can then transfer to the new ASP.NET membership data table? I'm pretty familiar with ASP.NET membership by now but I feel like I'm just missing this one piece. However, it may also be known that SHA1 in Ruby and SHA1 in .NET are incompatible, so I'm fighting a losing battle... Thanks in advance for any insight.

    Read the article

  • How can I reject a Windows "Service Stop" request in ATL 7?

    - by Matt Dillard
    I have a Windows service built upon ATL 7's CAtlServiceModuleT class. This service serves up COM objects that are used by various applications on the system, and these other applications naturally start getting errors if the service is stopped while they are still running. I know that ATL DLLs solve this problem by returning S_OK in DllCanUnloadNow() if CComModule's GetLockCount() returns 0. That is, it checks to make sure no one is currently using any COM objects served up by the DLL. I want equivalent functionality in the service. Here is what I've done in my override of CAtlServiceModuleT::OnStop(): void CMyServiceModule::OnStop() { if( GetLockCount() != 0 ) { return; } BaseClass::OnStop(); } Now, when the user attempts to Stop the service from the Services panel, they are presented with an error message: Windows could not stop the XYZ service on Local Computer. The service did not return an error. This could be an internal Windows error or an internal service error. If the problem persists, contact your system administrator. The Stop request is indeed refused, but it appears to put the service in a bad state. A second Stop request results in this error message: Windows could not stop the XYZ service on Local Computer. Error 1061: The service cannot accept control messages at this time. Interestingly, the service does actually stop this time (although I'd rather it not, since there are still outstanding COM references). I have two questions: Is it considered bad practice for a service to refuse to stop when asked? Is there a polite way to signify that the Stop request is being refused; one that doesn't put the Service into a bad state?

    Read the article

  • prevent javascript in the WMD editor's preview box

    - by Justin Grant
    There are many SO questions (e.g. here and here) about how to do server-side scrubbing of Markdown produced by the WMD editor to ensure the HTML generated doesn't contain malicious script, like this: <img onload="alert('haha');" src="http://www.google.com/intl/en_ALL/images/srpr/logo1w.png" /> Unfortunately, this still allows script to show up in the WMD client's preview box. I doubt this is a big deal since if you're scrubbing the HTML on the server, an attacker can't save the bad HTML so no one else will be able to see it later and have their cookies stolen or sessions hijacked by the bad script. But it's still kinda odd to allow an attacker to run any script in the context of your site, and it's probably a bad idea to allow the client preview window to allow different HTML than your server will allow. StackOverflow has clearly plugged this hole. How did they do it? [NOTE: I already figured this out but it required some tricky javascript debugging, so I'm answering my own question here to help others who may want to do ths same thing]

    Read the article

  • Is this a variation of the traveling salesman problem?

    - by Ville Koskinen
    I'm interested in a function of two word lists, which would return an order agnostic edit distance between them. That is, the arguments would be two lists of (let's say space delimited) words and return value would be the minimum sum of the edit (or Levenshtein) distances of the words in the lists. Distance between "cat rat bat" and "rat bat cat" would be 0. Distance between "cat rat bat" and "fat had bad" would be the same as distance between "rat bat cat" and "had fat bad", 4. In the case the number of words in the lists are not the same, the shorter list would be padded with 0-length words. My intuition (which hasn't been nurtured with computer science classes) does not find any other solution than to use brute force: |had|fat|bad| a solution ---+---+---+---+ +---+---+---+ cat| 2 | 1 | 2 | | | 1 | | ---+---+---+---+ +---+---+---+ rat| 2 | 1 | 2 | | 3 | | | ---+---+---+---+ +---+---+---+ bat| 2 | 1 | 1 | | | | 4 | ---+---+---+---+ +---+---+---+ Starting from the first row, pick a column and go to the next rows without ever revisiting a column you have already visited. Do this over and over again until you've tried all combinations. To me this sounds a bit like the traveling salesman problem. Is it, and how would you solve my particular problem?

    Read the article

  • JBoss Client-Cert Authentication: Hot to setup UsersRolesLoginModule in login-config.xml

    - by sixtyfootersdude
    I am looking that chapter 8 of the RedHat, JBoss documentation. I am trying to setup Certificate Authentication as described on this page . On the page it says that the login-config file should have this in it: <application-policy name="jmx-console"> <authentication> <login-module code="org.jboss.security.auth.spi.BaseCertLoginModule" flag="required"> <module-option name="password-stacking">useFirstPass</module-option> <module-option name="securityDomain">java:/jaas/jmx-console</module-option> </login-module> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> <module-option name="password-stacking">useFirstPass</module-option> <module-option name="usersProperties">jmx-console-users.properties</module-option> <module-option name="rolesProperties">jmx-console-roles.properties</module-option> </login-module> </authentication> </application-policy> I think that the BaseCertLoginModule chekcs the clients server and the UsersRolesloginModule assigns the client to role (using the file jmx-console-roles.properties). However I am completely bewildered as to what should be in this file: jmx-console-users.properties. Normally that file stores user/password pairs (source) but when using client-cert I don't think that there should be passwords in there. Right now I am leaving that file empty but I am getting this exception: [org.jboss.security.auth.spi.UsersRolesLoginModule.initialize:135] Failed to load users/passwords/role files java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found ... What should be in that file? Thanks.

    Read the article

  • What's the correct way to do a "catch all" error check on an fstream output operation?

    - by Truncheon
    What's the correct way to check for a general error when sending data to an fstream? UPDATE: My main concern regards some things I've been hearing about a delay between output and any data being physically written to the hard disk. My assumption was that the command "save_file_obj << save_str" would only send data to some kind of buffer and that the following check "if (save_file_obj.bad())" would not be any use in determining if there was an OS or hardware problem. I just wanted to know what was the definitive "catch all" way to send a string to a file and check to make certain that it was written to the disk, before carrying out any following actions such as closing the program. I have the following code... int Saver::output() { save_file_handle.open(file_name.c_str()); if (save_file_handle.is_open()) { save_file_handle << save_str.c_str(); if (save_file_handle.bad()) { x_message("Error - failed to save file"); return 0; } save_file_handle.close(); if (save_file_handle.bad()) { x_message("Error - failed to save file"); return 0; } return 1; } else { x_message("Error - couldn't open save file"); return 0; } }

    Read the article

  • Weird output of Throwable getMessage()

    - by Ravi Gupta
    Hi I have below pseudo code with throws an exception like this throw new MyException("Bad thing happened","com.stuff.errorCode"); where MyException extends Exception class. So the problem is when I try to get the message from MyException class by calling myEx.getMessage() it returns ???en_US.Bad thing happened??? instead of my original message i.e. Bad thing happened I have checked that MyException class doesn't overrides Throwable class's getMessage() behavior. Below is the how the call passes from MyException.getMessage() to Throwable.getMessage() public MyException(String msg, String sErrorCode){ super(msg); this.sErrorCode = sErrorCode; this.iSeverity = 0; } which then calls public Exception(String message) { super(message); } and finally public Throwable(String message) { fillInStackTrace(); detailMessage = message; } when I do a getMessage on myexception it calls Throwable's getMessage as below public String getMessage() { return detailMessage; } So ideally it should return the original message as I set when throwing the exception. What's the ???en_US thing ?

    Read the article

  • Firefox proxy dilemma

    - by Mike L.
    Any idea why when using system proxy settings in firefox, it can not accept a proxy such as: user:[email protected]:port ??? IE will allow and connect to a proxy in this format. Not only does firefox not work, but it does not prompt for the password, nor attempt to make a connection to the proxy. Basically get a "proxy server not found" error. Anybody know a way around this? I am working on a proxy switching program for IE & Firefox, and I would like to use system-wide proxy settings. If I just store the server:port combination, firefox prompts for the password, as well as IE. Then they can be cached and it will not ask again. Maybe my only option is to programmatically cache the user/pass? Anybody know a way to do this? I am pretty sure IE stores them at HTTP basic authentication passwords and I can add them with AddCredential. After saving a password for a proxy in firefox, it shows up in saved passwords in a format like "moz-proxy://server:port" anybody know how to programmatically add a saved password to firefox? Thanks

    Read the article

  • Extracting word from file using grep or sed

    - by Marco
    Hi, I have a file in the format below: File : \\dvtbbnkapp115\nautilus\030db28a-f241-4054-a0e3-9bfa7e002535.dip was processed. Entries Found : 0 Unarchived Documents : 1 File Size : 1 K Error : The following line could not be processed. Bad Document Type. Error : Marketing and Contact preference change update||7000003735||078ef1f3-db6b-46a8-bb0d-c40bb2296ab5.pdf File : \\dvtbbnkapp115\nautilus\078ef1f3-db6b-46a8-bb0d-c40bb2296ab5.dip was processed. Entries Found : 0 Unarchived Documents : 1 File Size : 1 K Error : The following line could not be processed. Bad Document Type. Error : Declined - Bureau Data (process)||7000003723|252204|2f1d71f4-052c-49f1-95cf-9ca9b4268f0c.pdf File : \\dvtbbnkapp115\nautilus\2f1d71f4-052c-49f1-95cf-9ca9b4268f0c.dip was processed. Entries Found : 0 Unarchived Documents : 1 File Size : 1 K Error : The following line could not be processed. Bad Document Type. Error : Unable to call - please contact|40640510016710|7000003180||3e6a792f-c136-4a4b-a654-37f4476ccef8.pdf I require to extract just the pdf file names after the double pipe and write them to a file. I am a novice when it comes to unix/sed/grep commands, i have tried but no luck? any ideas or examples i could use to extract the information above? thanks

    Read the article

  • Firefox proxy delima

    - by Mike L.
    Any idea why when using system proxy settings in firefox, it can not accept a proxy such as: user:[email protected]:port ??? IE will allow and connect to a proxy in this format. Not only does firefox not work, but it does not prompt for the password, nor attempt to make a connection to the proxy. Basically get a "proxy server not found" error. Anybody know a way around this? I am working on a proxy switching program for IE & Firefox, and I would like to use system-wide proxy settings. If I just store the server:port combination, firefox prompts for the password, as well as IE. Then they can be cached and it will not ask again. Maybe my only option is to programmatically cache the user/pass? Anybody know a way to do this? I am pretty sure IE stores them at HTTP basic authentication passwords and I can add them with AddCredential. After saving a password for a proxy in firefox, it shows up in saved passwords in a format like "moz-proxy://server:port" anybody know how to programmatically add a saved password to firefox? Thanks

    Read the article

  • Do I need to Salt and Hash a randomly generated token?

    - by wag2639
    I'm using Adam Griffiths's Authentication Library for CodeIgniter and I'm tweaking the usermodel. I came across a generate function that he uses to generate tokens. His preferred approach is to reference a value from random.org but I considered that superfluous. I'm using his fall back approach of randomly generating a 20 character long string: $length = 20; $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $token = ''; for ($i = 0; $i < $length; $i++) { $token .= $characters[mt_rand(0, strlen($characters)-1)]; } He then hashes this token using a salt (I'm combing code from different functions) sha1($this->CI->config->item('encryption_key').$str); I was wondering if theres any reason to to run the token through the salted hash? I've read that simply randomly generating strings was a naive way of making random passwords but is the sh1 hash and salt necessary? Note: I got my encryption_key from https://www.grc.com/passwords.htm (63 random alpha-numeric)

    Read the article

  • When is it safe to use a broken hash function?

    - by The Rook
    It is trivial to use a secure hash function like SHA256 and continuing to use md5 is reckless behavior. However, there are some complexities to hash function vulnerabilities that I would like to better understand. Collisions have been generated for md4 and md5. According to NIST md5() is not a secure hash function. It only takes 2^39th operations to generate a collision and should never be used for passwords. However SHA1 is vulnerable to a similar collision attack in which a collision can be found in 2^69 operations, where as brute force is 2^80th. No one has generated a sha1 collision and NIST still lists sha1 as a secure message digest function. So when is it safe to use a broken hash function? Even though a function is broken it can still be "big enough". According to Schneier a hash function vulnerable to a collsion attack can still be used as an HMAC. I believe this is because the security of an HMAC is Dependant on its secret key and a collision cannot be found until this key is obtained. Once you have the key used in a HMAC its already broken, so its a moot point. What hash function vulnerabilities would undermine the security of an HMAC? Lets take this property a bit further. Does it then become safe to use a very weak message digest like md4 for passwords if a salt is perpended to the password? Keep in mind the md4 and md5 attacks are prefixing attacks, and if a salt is perpended then an attacker cannot control the prefix of the message. If the salt is truly a secret, and isn't known to the attacker, then does it matter if its a appended to the end of the password? Is it safe to assume that an attacker cannot generate a collision until the entire message has been obtained? Do you know of other cases where a broken hash function can be used in a security context without introducing a vulnerability? (Please post supporting evidence because it is awesome!)

    Read the article

  • How would I authenticate against a local windows user on another machine in an ASP.NET application?

    - by Daniel Chambers
    In my ASP.NET application, I need to be able to authenticate/authorise against local Windows users/groups (ie. not Active Directory) on a different machine, as well as be able to change the passwords of said remote local Windows accounts. Yes, I know Active Directory is built for this sort of thing, but unfortunately the higher ups have decreed it needs to be done this way (so authentication against users in a database is out as well). I've tried using DirectoryEntry and WinNT like so: DirectoryEntry user = new DirectoryEntry(String.Format("WinNT://{0}/{1},User", serverName, username), username, password, AuthenticationTypes.Secure) but this results in an exception when you try to log in more than one user: Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again. I've tried making sure my DirectoryEntries are used inside a using block, so they're disposed properly, but this doesn't seem to fix the issue. Plus, even if that did work it is possible that two users could hit that line of code concurrently and therefore try to create multiple connections, so it would be fragile anyway. Is there a better way to authenticate against local Windows accounts on a remote machine, authorise against their groups, and change their passwords? Thanks for your help in advance.

    Read the article

  • Assigning Object to View, big MySQL resultset.

    - by A Finn
    Hello (Sorry for my bad English) Is it bad practice to assign object to view and call its methods in there? I use smarty as my template engine. In my controller I could do like this 1# $this->view->assign("name", $this->model->getName); and in my view <p>{$name}</p> OR 2# $this->view->assign("Object", $this->model); and in my view <p>{$Report->getName()}</p> Well my biggest problem is that I have to handle a big amount of data coming out from the MySQL and I thought that if I would made a method that would print out the data while looping mysql_fetch_row. Well at least I know that using html-tags in the model is a bad thing to do. So I would assign the object to the view to get the result to the right position on the page.. Reading a mysql-result to an array first may cause memory problems am I right? So what is the solution doing things MVC style.. And yes Im using a framework of my own.

    Read the article

  • Devise password reset issue (new_user?)

    - by rabid_zombie
    When a user's email is inputted into the forgot password form and submitted, I am receiving an error saying login can't be blank. I looked around devise.en.yml for this error message, but can't seem to find it anywhere. Here is my views/devise/passwords/new.html.haml: %div.registration_page %h2 Forgot your password? = form_for(resource, :as => resource_name, :url => user_password_path, :html => { :method => :post, :id => 'forgot_pw_form', :class => 'forgot_pw' }) do |f| %div = f.email_field :email, :placeholder => 'Email', :autofocus => true, :autocomplete => 'off' %div.email_error.error %input.btn.btn-success{:type => 'submit', :value => 'Send Instructions'} = render "devise/shared/links" The form is posting to users/password like it should, but I noticed that my forgot password form attaches class = 'new_user'. Here is what my form displays: <form accept-charset='UTF-8' action='/users/password' class='new_user' id='forgot_pw_form' method='post' novalidate='novalidate'></form> My routes for devise (I have custom sessions and registrations controllers): devise_for :users, :controllers => {:sessions => 'sessions', :registrations => 'registrations'} How can I setup devise's forgot password functionality? Why am I receiving this error message and why is that class being added there? I've tried: Adding my own passwords controller and adding new routes for my custom controller. Same error Adding my own class and id to the form. This successfully changes the id and class of the form, but reverts back to class and id of new_user Thanks.

    Read the article

  • Best way to design a class in python

    - by Fraz
    So, this is more like a philosophical question for someone who is trying to understand classes. Most of time, how i use class is actually a very bad way to use it. I think of a lot of functions and after a time just indent the code and makes it a class and replacing few stuff with self.variable if a variable is repeated a lot. (I know its bad practise) But anyways... What i am asking is: class FooBar: def __init__(self,foo,bar): self._foo = foo self._bar = bar self.ans = self.__execute() def __execute(self): return something(self._foo, self._bar) Now there are many ways to do this: class FooBar: def __init__(self,foo): self._foo = foo def execute(self,bar): return something(self._foo, bar) Can you suggest which one is bad and which one is worse? or any other way to do this. This is just a toy example (offcourse). I mean, there is no need to have a class here if there is one function.. but lets say in __execute something() calls a whole set of other methods.. ?? Thanks

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >