Search Results

Search found 12107 results on 485 pages for 'session timeout'.

Page 81/485 | < Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >

  • Calling Facebook API without authenticating user/"connecting"

    - by Andy
    Hi, I am working with facebook's API and I want to call the links.prevew method. http://wiki.developers.facebook.com/index.php/Links.preview Is it possible to call this method without having my user authenticate or "connect"? For example, not all of my users have hooked up their facebook accounts to my website, but I still want to use this API method. I am getting the following error: Fatal error: Uncaught Exception: 453: A session key is required for calling this method thrown in /public_html/libs/facebook.php on line 413 But on the wiki it says that the method does not require a session key? If it is not possible to make API calls without such a key, is there anyway I can make calls on behalf of my account or my applications account (rather then a users account)? Any help is appreciated, thanks!

    Read the article

  • Shared User Session for Multiple ASP.NET Websites

    - by Oliver
    I have been tasked with developing a single Login and Dashboard page that user can login too, the user will then be shown all the systems (we developed) that they have access based to based on some roles stored in our databases. If they logged in we would like that "User Session" (not sure of correct terminology) to be carried to which ever system they are redirected too. To illustrate a very rough overview of what I want to achieve: Is there a way that a user can login in one site, and then carry over that login to the other sites? Help, Advice, Link will be much appreciated. Sorry I am not experienced at ASP.net but have a good understanding of Silverlight, C#, WPF. Thanks in advance.

    Read the article

  • TypeInitilazationException When Getting an NHibernate Session

    - by Paul Johnson
    I’ve run into what appears to be an NHibernate config problem. Basically, I ran up a simple proof of concept persistence integration test using NUnit, the test simply querys an Oracle database and successfully returns the last record received by the underlying table. However, when the assemblies are taken out of the NUnit test environment and deployed as they would be for an actual application build, my call for an NHibernate session results in a ‘TypeInitializationException’ whilst executing the code line: sessionFactory = New Configuration().Configure().BuildSessionFactory() The application is a vb.net console app running against an Oracle 9.2 database, using a ‘coding framework’ published on the web by Bill McCafferty entitled 'NHibernate Best Practices with ASP.NET' (pre S#harp Architecture). I am running version 2.1.2.4000 of NHibernate. Any assistance much appreciated. Kind Regards Paul J.

    Read the article

  • How do I get a full Magento session in an external script? (Specifically, Catalog Rules)

    - by Laizer
    I'm running an external script that loads up a Magento session. Within that script, I'm loading products and grabbing a bunch of properties. The one issue is that getFinalPrice() does not apply the catalog rules that apply to the product. I'm doing everything I know to set the session, even a bunch of stuff that I think is superfluous. Nothing seems to get these rules applied. Here's a test script: require_once "app/Mage.php"; umask(0); $app = Mage::app("default"); $app->getTranslator()->init('frontend'); //Probably not needed Mage::getSingleton('core/session', array('name'=>'frontend')); $session = Mage::getSingleton("customer/session"); $session->start(); //Probably not needed $session->loginById(122); $product = Mage::getModel('catalog/product')->load(1429); echo $product->getFinalPrice(); Any insight is appreciated.

    Read the article

  • Removing $_SESSION['layout']['action'] globally from all users!

    - by sologhost
    Ok, I am storing a session variable like so to load up users layouts faster if it's set instead of calling the database. But since the layout can be changed via the Administrator, I'd like to be able to globally remove all sessions where $_SESSION['layout']['action'] is set for all users. $_SESSION['layout']['action'] = array(a ton of indexes and mulit-dimensional arrays); Now, I know it's being stored into my database sessions table, there's a column for session_id, last_update, and data. So, question I have is how to remove that session array key ['action'] from all users. Using $_SESSION = array(); session_destroy(); Does not work. Basically, session_start() is being loaded on every page load, so I just want to remove all ['action'] keys from ['layout']. Is this possible to do? Thanks

    Read the article

  • Java: Netbeans debugging session works faster than normal run

    - by Martijn Courteaux
    Hello, I'm making Braid in Netbeans 6.7.1. Computer Spec: Windows 7 Running processes: 46 Running threads: +/- 650 NVidia GeForce 9200M GS Intel Core 2 Duo CPU P8400 @ 2.26Ghz Game-spec with normal run: Memory: between 80 MB and 110 MB CPU: between 9% and 20% CPU when time rewinding: 90% The same values for the debugging session, except when I rewind the time: CPU: 20%. Is there any reason for? Is there a way to reach the same performance with a normal run. This is my repaint code: @Override public void repaint() { BufferStrategy bs = getBufferStrategy(); // numBuffers: 4 Graphics g = bs.getDrawGraphics(); g.setColor(Color.BLACK); g.fillRect(-1, -1, 2000, 2000); gamePanel.paint(g.create(x, y, gameDim.width, gameDim.height)); bs.show(); g.dispose(); Toolkit.getDefaultToolkit().sync(); update(g); } The game runs in fullscreen (undecorated + frame.size = screensize) Martijn

    Read the article

  • Generic test suite for ASP.NET Membership/Role/Profile/Session Providers

    - by SztupY
    Hi! I've just created custom ASP.NET Membership, Role, Profile and Session State providers, and I was wondering whether there exists a test suite or something similar to test the implementation of the providers. I've checked some of the open source providers I could find (like the NauckIt.PostgreSQL provider), but neither of them contained unit tests, and all of the forum topics I've found mentioned only a few test cases (like checking whether creating a user works), but this is clearly not a complete test suite for a Membership provider. (And I couldn't find anything for the other three providers) Are there more or less complete test suites for the above mentioned providers, or are there custom providers out there that have at least some testing avaialable?

    Read the article

  • Object reference error even when object is not null

    - by Shrewd Demon
    hi, i have an application wherein i have incorporate a "Remember Me" feature for the login screen. I do this by creating a cookie when the user logs in for the first time, so next time when the user visits the site i get the cookie and load the user information. i have written the code for loading user information in a common class in the App_Code folder...and all my pages inherit from this class. code for loading the user info is as follows: public static void LoadUserDetails(string emailId) { UsersEnt currentUser = UsersBL.LoadUserInfo(emailId); if (currentUser != null) HttpContext.Current.Session["CurrentUser"] = currentUser; } Now the problem is i get an "Object reference" error when i try to store the currentUser object in the session variable (even though the currentUser object is not null). However the password property in the currentUser object is null. Am i getting the error because of this...or is there some other reason?? thank you

    Read the article

  • Facebooker Session is not created when config.cache_classes = true

    - by Michal
    I am using Facebooker (along with devise & devise_facebook_connectable). The problem is that user can't sign in with Facebook Connect in production environment unless I set config.cache_classes to false (which I don't want to do in production obviously). When cache_classes = true, Facebooker::Session.current is nil. Trying to set it manually creates other problems, so I assume it's not the solution. Using Rails 2.3.8 (tried on 2.3.5 too) and Facebooker 1.0.70 (tries on 1.0.69 too) and passenger 2.2.11. Any hints?

    Read the article

  • Facebook Connect via Javascript doesn't close and doesn't pass session id

    - by ensnare
    I'm trying to authenticate users via Facebook Connect using a custom Javascript button: <form> <input type="button" value="Connect with Facebook" onclick="window.open('http://www.facebook.com/login.php?api_key=XXXXX&extern=1&fbconnect=1&req_perms=publish_stream,email&return_session=0&v=1.0&next=http%3A%2F%2Fwww.example.com%2Fxd_receiver.htm&fb_connect=1&cancel_url=http%3A%2F%2Fwww.example.com%2Fregister%2Fcancel', '_blank', 'top=442,width=480,height=460,resizable=yes', true)" onlogin='window.location="/register/step2"' /> </form> I am able to authenticate users. However after authentication, the popup window just stays open and the main window is not directed anywhere. In fact, it is the popup window that goes to "/register/step2" How can I get the login window to close as expected, and to pass the facebook session id to /register/step2? Thanks!

    Read the article

  • Castle ActiveRecord: session error search and access to lazy loading property in different threads

    - by sc911
    Hi *, I've got a problem with an multi-threaded desktop application using Castle ActiveRecord in C#: To keep the GUI alive while searching for the objects based on userinput I'm using the BackgroundWorker for the search-function. Some of the properties of the objects, especially some HasMany-Relations, are marked as Lazy. Now, when the search is finished and the user selects an resulting object, some of the properties of this object should be displayed. But as the search was done by the BackgroundWorker in a different thread, accessing the properties fails as the session for the lazy-access is no longer available. What will be the best way to do the search in an extra thread to keep the GUI alive and to access all properties correctly including those marked as lazy? Thanks for any advise! Regards sc911

    Read the article

  • Profile:Object reference not set to an instance of an object

    - by sallalman83
    Hi, i just lunch my web site i used the asp.net routing technology on it, and its work fine in my localhost but when i moved the project to the hosting server(Godaddy.com) its just work fine when there is no virtual sub directories like this(havebreak.com) but when u click on this link (havebreak.com/Registration/) or any other links that contain a virtual sub-directories its give Object reference not set to an instance of an object error on the profile object if (!Profile.IsAnonymous) Line 18: mlvRegistratioin.ActiveViewIndex = 1; i check my IIS settings and found it using the "Integrated pipeline" as recommended (at least at my knowledge), i checked the httpModules and httpHandlers tags under the system.webServer (since my hosting plan use the IIS7) and under the normal tag and every thing is fine then i used the url-rewriting instead of URL-Routing and the same problem exist and i notice that the session also not working in the virtual sub-directories too and by the way the ASP.NET routing work fine with my site its just the profile and session objects that not workin any help will be appreciated

    Read the article

  • What are the weaknesses of this user authentication method?

    - by byronh
    I'm developing my own PHP framework. It seems all the security articles I have read use vastly different methods for user authentication than I do so I could use some help in finding security holes. Some information that might be useful before I start. I use mod_rewrite for my MVC url's. Passwords are sha1 and md5 encrypted with 24 character salt unique to each user. mysql_real_escape_string and/or variable typecasting on everything going in, and htmlspecialchars on everything coming out. Step-by step process: Top of every page: session_start(); session_regenerate_id(); If user logs in via login form, generate new random token to put in user's MySQL row. Hash is generated based on user's salt (from when they first registered) and the new token. Store the hash and plaintext username in session variables, and duplicate in cookies if 'Remember me' is checked. On every page, check for cookies. If cookies set, copy their values into session variables. Then compare $_SESSION['name'] and $_SESSION['hash'] against MySQL database. Destroy all cookies and session variables if they don't match so they have to log in again. If login is valid, some of the user's information from the MySQL database is stored in an array for easy access. So far, I've assumed that this array is clean so when limiting user access I refer to user.rank and deny access if it's below what's required for that page. I've tried to test all the common attacks like XSS and CSRF, but maybe I'm just not good enough at hacking my own site! My system seems way too simple for it to actually be secure (the security code is only 100 lines long). What am I missing? I've also spent alot of time searching for the vulnerabilities with mysql_real_escape string but I haven't found any information that is up-to-date (everything is from several years ago at least and has apparently been fixed). All I know is that the problem was something to do with encoding. If that problem still exists today, how can I avoid it? Any help will be much appreciated.

    Read the article

  • asp classic and javascript to check for session status

    - by StealthRT
    Hey all, i am in need of some help with trying to figure out how to go about checking the users session and seeing if they are still logged in or not. The problem being is because i have a static page that pretty much loads everything into "tabs" using jquery. So when they use navigates the page, it really never leaves that same page they started out on. Hints my problem in trying to determine if they are still logged in or not when they click on update their information on their profile or whatnot. Any suggestions/help would be great! :o) David

    Read the article

  • Is this a legitimate implementation of a 'remember me' function for my web app?

    - by user246114
    Hi, I'm trying to add a "remember me" feature to my web app to let a user stay logged in between browser restarts. I think I got the bulk of it. I'm using google app engine for the backend which lets me use java servlets. Here is some pseudo-code to demo: public class MyServlet { public void handleRequest() { if (getThreadLocalRequest().getSession().getAttribute("user") != null) { // User already has session running for them. } else { // No session, but check if they chose 'remember me' during // their initial login, if so we can have them 'auto log in' // now. Cookie[] cookies = getThreadLocalRequest().getCookies(); if (cookies.find("rememberMePlz").exists()) { // The value of this cookie is the cookie id, which is a // unique string that is in no way based upon the user's // name/email/id, and is hard to randomly generate. String cookieid = cookies.find("rememberMePlz").value(); // Get the user object associated with this cookie id from // the data store, would probably be a two-step process like: // // select * from cookies where cookieid = 'cookieid'; // select * from users where userid = 'userid fetched from above select'; User user = DataStore.getUserByCookieId(cookieid); if (user != null) { // Start session for them. getThreadLocalRequest().getSession() .setAttribute("user", user); } else { // Either couldn't find a matching cookie with the // supplied id, or maybe we expired the cookie on // our side or blocked it. } } } } } // On first login, if user wanted us to remember them, we'd generate // an instance of this object for them in the data store. We send the // cookieid value down to the client and they persist it on their side // in the "rememberMePlz" cookie. public class CookieLong { private String mCookieId; private String mUserId; private long mExpirationDate; } Alright, this all makes sense. The only frightening thing is what happens if someone finds out the value of the cookie? A malicious individual could set that cookie in their browser and access my site, and essentially be logged in as the user associated with it! On the same note, I guess this is why the cookie ids must be difficult to randomly generate, because a malicious user doesn't have to steal someone's cookie - they could just randomly assign cookie values and start logging in as whichever user happens to be associated with that cookie, if any, right? Scary stuff, I feel like I should at least include the username in the client cookie such that when it presents itself to the server, I won't auto-login unless the username+cookieid match in the DataStore. Any comments would be great, I'm new to this and trying to figure out a best practice. I'm not writing a site which contains any sensitive personal information, but I'd like to minimize any potential for abuse all the same, Thanks

    Read the article

  • Cookie parameter value problem

    - by cagin
    Hi there I want to use cookie in my project. But now i m using session. And i have some session parameters in .aspx pages.. for example: <SelectParameters> <asp:SessionParameter Name="refKlinik_id" SessionField="refKlinik_id" /> </SelectParameters> Now i want to use Cookie Paramter like that: <SelectParameters> <asp:CookieParameter Name="refKlinik_id" CookieName="refKlinik_id" </SelectParameters> but cookie's value is like that: sauidpU655614411262762102024i1600369917542431520431414503529630051999*CoreID683251601618012627621046&c but i need an integer value like 24. How can i convert cookie's value to int32 Thanks for your helps

    Read the article

  • Randomly Losing Session Variables Only In Google Chrome & URL Rewriting

    - by Toby
    Using Google Chrome, I'm seemingly losing/corrupting session data when navigating between pages (PHP 5.0.4, Apache 2.0.54). The website works perfectly fine in IE7/8, Firefox, Safari & Opera. The issue is only with Google Chrome. I narrowed down the problem. I'm using search friendly URL's, and hiding my front controller (index.php) via a .htaccess file. So the URL looks like: www.domain.com/blah/blah/ Here's the .htaccess file contents: Options +FollowSymlinks RewriteEngine on #allow cool urls RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*) index.php [L] #allow to have Url without index.php If I remove the .htaccess file, and expose the front controller in the URL: www.domain.com/index.php/blah/blah/, Chrome works perfectly fine. Any thoughts ideas? I'm thinking it's some kind of problem with how Chrome identifies what cookie to use and send to the server? This happens in Chrome 4 & 5. Thanks!

    Read the article

  • Approaches to timing out sessions on a web app using AJAX autorefreshes

    - by Braintapper
    I'm writing a web application that autorefreshes data with an AJAX call at set intervals. Because it's doing that, server side user sessions never time out, since the last activity is refreshed with every ajax call. Are there good client side rules I could implement to time out the user? I.e. should I track mouse movements in the browser, etc., or should I point the AJAX calls to URLs that don't refresh the session? I like that my AJAX calls hit a session-enabled URL, because I can also validate that the user is logged in, etc. Any thoughts in terms of whether I should even bother timing out the users?

    Read the article

  • Prevent PHP sesison hijack, are these good ideas?

    - by matthew Rhodes
    I'm doing a simple shopping cart for a small site. I plan to store cart items as well as logged in user_id in session variables. to make things a little more secure, I thought I'd do this: sha1() the user_id before storing it in the session. Also sha1() and store the http_user_agent var with some salt, and check this along with the user_id. I know there is more one can do, but I thought this at least helps quite a bit right? and is easy for me to implement.

    Read the article

  • GameKit server disconnect makes session invalid

    - by Markus
    Hi everyone, I'm trying to build a 4 player multiplayer game using GameKit. I tried many things and I'm currently using client/server mode, meaning that I have 1 session in GKSessionModeServer and 3 other sessions connecting to this one in GKSessionModeClient. My goal is, that when a user leaves the game or gets disconnected for whatever reason, that the others can continue their game. So far this works if any of the Clients leave the game, but if the Sevrer leaves the game, send and receive calls are not reaching the other peers anymore. I tried the same with 4 peers in GKSessionModePeer with the same result (where the player who accepts connections cannot quit). Does anyone had better success in making this work? Any help is highly appreciated. Thanks!

    Read the article

  • deny direct access to a php file by typing the link in the url

    - by aeonsleo
    hi, I am using php session for a basic login without encryption for my site. I want to prevent a user from directly accessing a php page by typing the url when he/she is not signed in. But this is not happening. I am using session_start(), initializing session variables and aslo unsetting and destroying sesssion during logout. Also if I type the link in a different browser the page is getting displayed. I am not very well versed with php , only a beginner. I googled for such problem and found few alternatives as keeping all files in a seperate folder from the web root, using .htaccess etc. Can someone explain in simple terms what could be a good solution.thanks in advance.

    Read the article

  • Removing DOM event handlers in long-running browser session

    - by Chris Beck
    I have a browser interface with a ul#contacts list on the left and div#contact property panel (email, phone) on the right. Click a contact in the list and my app makes an XHR request to get the contact property HTML fragment and update div#contact.innerHTML. Each contact fragment has an "Edit Contact" link. With JS, I progressively upgrade that link with an event listener that performs an XHR request to replace the static property panel with an in-place edit form. This can happen many times during a single browser session. How should I clean up my "Edit Contact" event listener? Do I need to remove it manually before the form overwrites the property panel? Or is the event listener cleaned up automatically when the contents of div#contact (and the node that I'm listening on) is overwritten? FWIW, I still consider IE6 to be part of my target market.

    Read the article

  • Make user object available to all Controllers in Zend?

    - by Sled
    Hey guys, I'm using Zend_Auth to identify a user in my application. This creates a session with the userobject. My question is how do I make this object available to every Controller and action, so I don't have to pull it out of the session every time I need data from this object? I'm guessing this should be done in bootstrap.php or index.php but I don't really know how to makte it available to every controller.. so any code examples would be appreciated! Thanks!

    Read the article

  • PHP Captcha without session

    - by Anton N
    Ok, here is an issue: in the project i'm working on, we can't rely on server-side sessions for any functionality. The problem is that common captcha solutions from preventing robotic submits require session to store the string to match captcha against. The question is - is there any way to solve the problem without using sessions? What comes to my mind - is serving hidden form field, containing some hash, along with captcha input field, so that server then can match these two values together. But how can we make this method secure, so that it couldn't be used to break captcha easily.

    Read the article

< Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >