Search Results

Search found 4492 results on 180 pages for 'michael james'.

Page 82/180 | < Previous Page | 78 79 80 81 82 83 84 85 86 87 88 89  | Next Page >

  • SQL Injection with Plain-Vanilla NHibernate

    - by James D
    Hello, Plain-vanilla NHibernate setup, eg, no fluent NHibernate, no HQL, nothing except domain objects and NHibernate mapping files. I load objects via: _lightSabers = session.CreateCriteria(typeof(LightSaber)).List<LightSaber>(); I apply raw user input directly to one property on the "LightSaber" class: myLightSaber.NameTag = "Raw malicious text from user"; I then save the LightSaber: session.SaveOrUpdate(myLightSaber); Everything I've seen says that yes, under this situation you are immune to SQL injection, because of the way NHibernate parameterizes and escapes the queries under the hood. However, I'm also a relative NHibernate beginner so I wanted to double-check. *waves hand* these aren't the droids you're looking for. Thanks!

    Read the article

  • Synchronizing ASP.NET MVC action methods with ReaderWriterLockSlim

    - by James D
    Any obvious issues/problems/gotchas with synchronizing access (in an ASP.NET MVC blogging engine) to a shared object model (NHibernate, but it could be anything) at the Controller/Action level via ReaderWriterLockSlim? (Assume the object model is very large and expensive to build per-request, so we need to share it among requests.) Here's how a typical "Read Post" action would look. Enter the read lock, do some work, exit the read lock. public ActionResult ReadPost(int id) { // ReaderWriterLockSlim allows multiple concurrent writes; this method // only blocks in the unlikely event that some other client is currently // writing to the model, which would only happen if a comment were being // submitted or a new post were being saved. _lock.EnterReadLock(); try { // Access the model, fetch the post with specificied id // Pseudocode, etc. Post p = TheObjectModel.GetPostByID(id); ActionResult ar = View(p); return ar; } finally { // Under all code paths, we must release the read lock _lock.ExitReadLock(); } } Meanwhile, if a user submits a comment or an author authors a new post, they're going to need write access to the model, which is done roughly like so: [AcceptVerbs(HttpVerbs.Post)] public ActionResult SaveComment(/* some posted data */) { // try/finally omitted for brevity _lock.EnterWriteLock(); // Save the comment to the DB, update the model to include the comment, etc. _lock.ExitWriteLock(); } Of course, this could also be done by tagging those action methods with some sort of "synchronized" attribute... but however you do it, my question is is this a bad idea? ps. ReaderWriterLockSlim is optimized for multiple concurrent reads, and only blocks if the write lock is held. Since writes are so infrequent (1000s or 10,000s or 100,000s of reads for every 1 write), and since they're of such a short duration, the effect is that the model is synchronized , and almost nobody ever locks, and if they do, it's not for very long.

    Read the article

  • The "Why" behind PMD's rules.

    - by James Kingsbery
    Is there a good resource which describes the "why" behind PMD rule sets? PMD's site has the "what" - what each rule does - but it doesn't describe why PMD has that rule and why ignoring that rule can get you in trouble in the real world. In particular, I'm interested in knowing why PMD has the AvoidInstantiatingObjectsInLoops and OnlyOneReturn rules (the first seems necessary if you need to create a new object corresponding to each object in a collection, the second seems like it is a necessity in many cases that return a value based on some criteria). Just to be clear, I know that I can disable these and how to do that, I'm just wondering why they are there in the first place. Sorry if there's something obvious I missed out there, but I did a Google search and SO search before posting this.

    Read the article

  • What's the primary use of Windows Event Viewer?

    - by james.ingham
    Hi all, Just wondering what everybody's opinion is on the Windows Admin tool Event Viewer? I'm writing a WCF application at the moment and have started logging errors to the windows event viewer when I handle them. I then started thinking, should I be logging more than just errors, such as when a user has logged in or out or would you go further logging even more activity? Or is this a tool that's mainly used for testing without using the debugger? Any input appreciated:-)

    Read the article

  • Facebook Sidebar/Tab Applications

    - by James
    Been searching the FB documentation to find an answer for this, but have been unsuccessful. Is an application able to appear as a tab on a page/profile, and also in the sidebar of that same page/profile? So the tab would show the full application details, but the sidebar would give a small breakdown. Is this possible? Thanks!

    Read the article

  • Modifying UINavigation Bar Buttons in SubViews

    - by james
    I'm having trouble trying to modify the navigation bar in the subview portion of my application. self.navigationItem.rightBarButtonItem = [[[UIBarButtonItem alloc] initWithBarButtonSystemItem:UIBarButtonSystemItemDone target:self action:@selector(add_Clicked:)] autorelease]; I have no issues modifying the navigation bar in any of my UIViewControllers classes. The simplified application class outline is as such: AppDelegate - UIViewControllerA (has a left and a right navigationBarButton) - Subview is displayed when a SegmentControl is selected. (Within the subview, I'm trying to modify the right NavigationBarButton that is displayed) [self.view addSubview:newControllerName.view]; Methods I have attempted: Trying to set self.navigationItem.rightBarButtonItem within my subview to a new UIBarButtonItem. Creating a pointer to UIViewControllerA within my AppDelegate. The UIViewControllerA contains a function setNavButton I wrote to set the rightBarButtonItem to a button. Then I am referencing the AppDelegate's reference to UIViewControllerA and attempting to call setNavButton. I included a NSLog call to see if that function is being called and it is executing but the NavigationBar isn't being modified. I'm trying to avoid having to push a UIViewController after the SegmentControl is clicked in UIViewControllerA so that I can simulate the SegmentControl as tabs. I'm not getting any errors during compile or run time. Anyone have any ideas?

    Read the article

  • Verify Authenticode signature as being from our company for automatic updater

    - by James Johnston
    I am implementing an automatic update feature and need some advice on how to do this securely using best practices. I would like to use the downloaded file's Authenticode signature to verify that it is safe to run (i.e. originates from our company and hasn't been tampered with). My question is very similar to question #2008519. The bottom-line question: what's the best, most secure way to check Authenticode signatures for an automatic update feature? What fields in the certificate should be checked? Requirements being: (1) check signature is valid, (2) check it's my signature, (3) old clients can still update when my certificate expires and I get a new one. Here's some background information / ideas from my research: I believe this could be broken into two steps: Verify that the signature is valid. I believe this should be easy using WinVerifyTrust as outlined in http://msdn.microsoft.com/en-us/library/aa382384(VS.85).aspx - I don't expect problems here. Verify that the signature corresponds to our company, and not another company. This seems to be a more difficult question to answer: One possibility is to check some of the strings in the signature. Could be obtained via code at MS KB article #323809, but this article doesn't make recommendations on what fields should be checked for this type of application (or any other, for that matter). Question #1072540 also illustrates how to get some certificate info, but again doesn't recommend what fields to actually check. My concern is that the strings might not be the best check: what if another person is able to obtain a certificate with the same name, for example? Or if there's a valid reason for us to change the strings in the future? The person at question #2008519 has a very similar requirement. His need for a "TrustedByUs" function is identical to mine. However, he goes about doing the check by comparing public keys. While this would work in the short-term, it seems like it won't work for an automatic update feature. This is because code signing certificates are only valid for 2 - 3 years max. Therefore, in the future, when we buy a new certificate in 2 years, the old clients wouldn't be able to update any more due to the change in public key.

    Read the article

  • WCF web service Data Members defaulting to null

    - by James
    I am new to WCF and created a simple REST service to accept an order object (series of strings from XML file), insert that data into a database, and then return an order object that contains the results. To test the service I created a small web project and send over a stream created from an xml doc. The problem is that even though all of the items in the xml doc get placed into the stream, the service is nullifying some of them when it receives the data. For example lineItemId will have a value but shipment status will show null. I step through the xml creation and verify that all the values are being sent. However, if I clear the datamembers and change the names around, it can work. Any help would be appreciated. This is the interface code [ServiceContract] public interface IShipping { [OperationContract] [WebInvoke(Method = "POST", UriTemplate = "/Orders/UpdateOrderStatus/", BodyStyle=WebMessageBodyStyle.Bare)] ReturnOrder UpdateOrderStatus(Order order); } [DataContract] public class Order { [DataMember] public string lineItemId { get; set; } [DataMember] public string shipmentStatus { get; set; } [DataMember] public string trackingNumber { get; set; } [DataMember] public string shipmentDate { get; set; } [DataMember] public string delvryMethod { get; set; } [DataMember] public string shipmentCarrier { get; set; } } [DataContract] public class ReturnOrder { [DataMember(Name = "Result")] public string Result { get; set; } } This is what I'm using to send over an Order object: string lineId = txtLineItem.Text.Trim(); string status = txtDeliveryStatus.Text.Trim(); string TrackingNumber = "1x22-z4r32"; string theMethod = "Ground"; string carrier = "UPS"; string ShipmentDate = "04/27/2010"; XNamespace nsOrders = "http://tempuri.org/order"; XElement myDoc = new XElement(nsOrders + "Order", new XElement(nsOrders + "lineItemId", lineId), new XElement(nsOrders + "shipmentStatus", status), new XElement(nsOrders + "trackingNumber", TrackingNumber), new XElement(nsOrders + "delvryMethod", theMethod), new XElement(nsOrders + "shipmentCarrier", carrier), new XElement(nsOrders + "shipmentDate", ShipmentDate) ); HttpWebRequest request = (HttpWebRequest)WebRequest.Create("http://localhost:3587/Deposco.svc/wms/Orders/UpdateOrderStatus/"); request.Method = "POST"; request.ContentType = "application/xml"; try { request.ContentLength = myDoc.ToString().Length; StreamWriter sw = new StreamWriter(request.GetRequestStream()); sw.Write(myDoc); sw.Close(); using (HttpWebResponse response = (HttpWebResponse)request.GetResponse()) { StreamReader reader = new StreamReader(response.GetResponseStream()); string responseString = reader.ReadToEnd(); XDocument.Parse(responseString).Save(@"c:\DeposcoSvcWCF.xml"); } } catch (WebException wEx) { Stream errorStream = ((HttpWebResponse)wEx.Response).GetResponseStream(); string errorMsg = new StreamReader(errorStream).ReadToEnd(); }

    Read the article

  • Issue with org.apache.commons.net.ftp.FTPClient listFiles()

    - by James P.
    The listFiles() method of org.apache.commons.net.ftp.FTPClient works fine with Filezilla server on 127.0.0.1 but returns null on the root directory of public FTP servers such as belnet.be. There is an identical question on the link below but enterRemotePassiveMode() doesn't seem to help. http://stackoverflow.com/questions/2339855/apache-commons-ftpclient-listfiles Could it be an issue with list parsing? If so, how can go about solving this?

    Read the article

  • Best .NET blog engine

    - by James Newton-King
    I am thinking about switching my blog away from Community Server to something that is simpler and focuses more on just being a good blog. What are the different .NET blogging engines and which one do you recommend?

    Read the article

  • RSS feed created with PHP only shows the title in the feed reader

    - by James Simpson
    I am using the following PHP code to generate the XML for an RSS feed, but it doesn't seem to be working correctly. No short description is displayed in the feed reader, all I see is the title of the article. Also, all of the articles say they were published at the same time. This is the first time I have tried to setup an RSS feed, so I'm sure I've made several stupid mistakes. $result = mysql_query("SELECT * FROM blog ORDER BY id DESC LIMIT 10"); $date = date(DATE_RFC822); header('Content-type: text/xml'); echo ("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"); echo ("<rss version=\"2.0\">\n"); echo ("<channel>\n"); echo ("<lastBuildDate>$date</lastBuildDate>\n"); echo ("<pubDate>$date</pubDate>\n"); echo ("<title>my website name</title>\n"); echo ("<description><![CDATA[the description]]></description>\n"); echo ("<link>http://my-domain.com</link>\n"); echo ("<language>en</language>\n"); $ch=100; while ($a = mysql_fetch_array($result)) { $headline = htmlentities(stripslashes($a['subject'])); $posturl = $a[perm_link]; $content = $a['post']; $date = date(DATE_RFC822, $a['posted']); echo ("<item>\n"); echo ("<title>$headline</title>\n"); echo ("<link>$posturl</link>\n"); echo ("<description><![CDATA[$content]]></description>\n"); echo ("<guid isPermaLink=\"true\">$posturl</guid>\n"); echo ("<pubDate>$date2</pubDate>\n"); echo ("</item>\n"); } echo ("</channel>\n"); echo ("</rss>\n");

    Read the article

  • JavaScript Intellisene Problem?

    - by James Wiseman
    I've got an issue with JavaScript intellisense in Visual Web Developer 2008, which I'm starting to believe is "just one of those things", but thought I'd ask here just to check. I have a file MyOtherFile.js with a function GetRandomNumber() defined like so: function GetRandomNumber() { /// <summary> /// Summary description for GetRandomNumber /// </summary> return Math.random(); } When I reference this from another file, screen.js (/// <reference path="MyOtherFile.js" />) I get the intellisense as expected with the summary text as above. If, however, I call the function GetRandomNumber from within its own file (MyOtherFile.js) then I don't get the sumamry description. Any thoughts? Thanks.

    Read the article

  • WPF datagrid bind to previous row's cell

    - by James Price
    Hi, I have a datagrid and one of the columns is going to be a checkbox column. To give the background, the checkbox is going to turn something on / off and each row in the datagrid is going to be for a differernt time (in time order, ascending). Is it possible for one row's checkbox to be bound to the state of the previous row? That way if somebody turns off at 10am it will continue to be turned off until such a time that it is turned on again. Hope that makes sense, any help would be great. Sure this sounds like something that should be do-able with databindings just not sure on the way to do it! Thanks.

    Read the article

  • jQuery UI sortable issue with helper Y offset value being same as scroll offset on FireFox only

    - by James
    I have a problem with a jQuery UI 1.7.2 sortable list in Firefox, IE7-8 work fine. When I'm scrolled down a bit, the helper element seems to have an offset of the same height that I'm scrolled down from the mouse pointer which makes it impossible to see which item you originally started dragging. How do I fix this or work around the issue? If there is no fix what is a really good alternative drag-able plugin? Here are my initialization parameters for the sortable. $("#sortable").sortable( {placeholder: 'ui-state-highlight' } ); $("#sortable").disableSelection();

    Read the article

  • How to synchronize SQL Server 2008 database with SQL Server 2005 database?

    - by James McFarland
    I am using VS 2008 Team Suite and SQL Server 2008 in my development environment. I am deploying to a shared-host website with shared-host SQL Server 2005. I want to push changes from my development environment to my production host. I tried using Data | Schema Compare... and it reports to me that it does not support SQL Server 2008. What do people use for this (Besides Red-Gate tools - I use those at my day job, and they rock...this is a volunteer thing for my son's school)? I am looking for something very inexpensive if not free.

    Read the article

  • CakePHP form $options['options']

    - by James
    Hey! Total CakePHP noob here. This is sort of a two fold question. In a view that is used for adding user objects I would like to use a drop down (selection) field in the form. Each user belongs to a group so when I add a user I want a drop down that contains all of the groups that the user could possibly join. Currently the group_id field is a textfield. I know how to force it to be a selection field, but I don't know how to populate the selection with the names of the groups programmatically. The Current method: echo $form->input('group_id', array( '1' => 'NameOfGroup1', '2' => 'NameOfGroup2', '3' => 'NameOfGroup3') ); I want to generate the options array programmatically though. echo $form->input('group_id', $this->Group->find('list')); This doesn't work though. I get an error: Undefined property: View::$Group [APP/views/users/add.ctp, line 8] To me this means that I don't have access to the Group object from inside my user view. How can I accomplish this? Again, I want to do it programmatically so that it updates as I add groups or remove them.

    Read the article

  • .Net System.Net.HttpWebRequest & Authentication Cookies

    - by James
    I would like to know if the following is possible: As part of the PageLoad of an ASP.Net page request: Use HttpWebRequest (POST) to make a request to a forms authentication webpage of a different web application Examine the response to see if the authentication succeeded (identifiable if an authentication cookie has been set) If it fails, then finish the ASP.Net page request, which will display a message saying "couldn't auto-login" or some such thing If success, then instead of completing the ASP.Net page lifecycle, use "Response.Write" to send the response from the HttpWebRequest back to the browser (thus essentially displaying the webpage from the HttpWebRequest) If the above is possible, then, is there also a way to transfer the authentication cookie from the HttpWebResponse to the requesting browser? My gut feeling is probably not - but if this is the case, then how do proxy servers handle such things? Is that not essentially what they are doing? Thanks for any help

    Read the article

  • How to use IObservable/IObserver with ConcurrentQueue or ConcurrentStack

    - by James Black
    I realized that when I am trying to process items in a concurrent queue using multiple threads while multiple threads can be putting items into it, the ideal solution would be to use the Reactive Extensions with the Concurrent data structures. My original question is at: http://stackoverflow.com/questions/2997797/while-using-concurrentqueue-trying-to-dequeue-while-looping-through-in-parallel/ So I am curious if there is any way to have a LINQ (or PLINQ) query that will continuously be dequeueing as items are put into it. I am trying to get this to work in a way where I can have n number of producers pushing into the queue and a limited number of threads to process, so I don't overload the database. If I could use Rx framework then I expect that I could just start it, and if 100 items are placed in within 100ms, then the 20 threads that are part of the PLINQ query would just process through the queue. There are three technologies I am trying to work together: Rx Framework (Reactive LINQ) PLING System.Collections.Concurrent structures

    Read the article

  • Maven building for GoogleAppEngine, forced to include JDO libraries?

    - by James.Elsey
    Hi, I'm trying to build my application for GoogleAppEngine using maven. I've added the following to my pom which should "enhance" my classes after building, as suggested on the DataNucleus documentation <plugin> <groupId>org.datanucleus</groupId> <artifactId>maven-datanucleus-plugin</artifactId> <version>1.1.4</version> <configuration> <log4jConfiguration>${basedir}/log4j.properties</log4jConfiguration> <verbose>true</verbose> </configuration> <executions> <execution> <phase>process-classes</phase> <goals> <goal>enhance</goal> </goals> </execution> </executions> </plugin> According to the documentation on GoogleAppEngine, you have the choice to use JDO or JPA, I've chosen to use JPA since I have used it in the past. When I try to build my project (before I upload to GAE) using mvn clean package I get the following output [ERROR] BUILD ERROR [INFO] ------------------------------------------------------------------------ [INFO] Failed to resolve artifact. Missing: ---------- 1) javax.jdo:jdo2-api:jar:2.3-ec Try downloading the file manually from the project website. Then, install it using the command: mvn install:install-file -DgroupId=javax.jdo -DartifactId=jdo2-api -Dversion=2.3-ec -Dpackaging=jar -Dfile=/path/to/file Alternatively, if you host your own repository you can deploy the file there: mvn deploy:deploy-file -DgroupId=javax.jdo -DartifactId=jdo2-api -Dversion=2.3-ec -Dpackaging=jar -Dfile=/path/to/file -Durl=[url] -DrepositoryId=[id] Path to dependency: 1) org.datanucleus:maven-datanucleus-plugin:maven-plugin:1.1.4 2) javax.jdo:jdo2-api:jar:2.3-ec ---------- 1 required artifact is missing. for artifact: org.datanucleus:maven-datanucleus-plugin:maven-plugin:1.1.4 from the specified remote repositories: __jpp_repo__ (file:///usr/share/maven2/repository), DN_M2_Repo (http://www.datanucleus.org/downloads/maven2/), central (http://repo1.maven.org/maven2) [INFO] ------------------------------------------------------------------------ [INFO] For more information, run Maven with the -e switch [INFO] ------------------------------------------------------------------------ [INFO] Total time: 3 seconds [INFO] Finished at: Sat Apr 03 16:02:39 BST 2010 [INFO] Final Memory: 31M/258M [INFO] ------------------------------------------------------------------------ Any ideas why I should get such an error? I've searched through my entire source code and I'm not referencing JDO anywhere, so unless the app engine libraries require it, I'm not sure why I get this message.

    Read the article

  • Block users using auto-clickers

    - by James Simpson
    I'm having some problems with users cheating my online game by using macros to automatically click certain spots on the screen in a certain order to automate various tasks without having to actually be playing the game. Are there any methods that can be used to block this kind of activity without having to plaster CAPTCHAs all over the site and ruin the experience for the honest users?

    Read the article

  • Allowing optional variables with Rewrite Cond

    - by James Doc
    I currently have the following code: RewriteCond %{REQUEST_URI} !assets/ RewriteCond %{REQUEST_URI} !uploads/ RewriteRule ^([a-z|0-9_&;=-]+)/([a-z|0-9_&;=-]+) index.php?method=$1&value=$2 [NC,L] This works perfectly to redirect 'page/home' to 'index.php?method=page&value=home. However at some points I need to add an extra variable or two to the query string such as 'admin/useraccounts/mod/2'. When I simply tack on bits to the end of the rewrite rule it works if all the variables are 'page/home/rand/rand' or 'admin/useraccounts/mod/2', but if anything is missing such as 'page/home' I get a 404. What am I doing wrong? Many thanks.

    Read the article

  • Modal Dialog and Form Elements

    - by James Jeffery
    I have a form that contains some fields and a recaptcha box. I have hidden the recaptcha box. The user clicks "create profile" and a modal dialog pops up with the recaptcha box. All fine. But, how do I submit that information? I am using Javascript to create the recaptcha HTML in the modal. I have a button called "Create Profile" that has this code attatched to the onclick: $("#form").submit() The form data gets submitted to the create.php page, but the recaptcha info does not. Do I have to manually pass this information via the post request to create.php? Without the modal dialog it works fine. I can't understand what's going on. Any ideas?

    Read the article

< Previous Page | 78 79 80 81 82 83 84 85 86 87 88 89  | Next Page >