Search Results

Search found 6312 results on 253 pages for 'sad admin'.

Page 84/253 | < Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >

  • PHP with SQL Injection

    - by Scott S
    For our first assignment in a System Security class, we have to hack into the professors "cheaply organized" sql database. I know the only user is "admin" and the select statement generated in the php is: select user_id from user where user_username = 'admin' AND user_password = md5('noob') I am having a number of problems attempting to bypass the password part of this statement as the professor has some javascript embedded in the page to sanitize the username and password of any non-alphanumeric values. This can be bypassed by turning off javascript :P but any values sent still get cleaned by the operating system (some build of Debian 32-bit). I've seen the code for the login request and it does not escape any characters. How do I bypass the operating systems escape sequences?

    Read the article

  • Accessing WordPress categories from outside

    - by John
    So, I have a client that needs all the categories from their blog to be displayed on their homepage. The WordPress blog is in its own directory, /blog. I have tried the following code (taken from a tutorial, I changed the path to fit clients site): <?php // Include WordPress define('WP_USE_THEMES', false); require('blog/wp-load.php'); query_posts('showposts=1'); ?> But this code just redirects me to the install file of WordPress (it actually wrongly redirects me). It goes to http://www.site.com/wp-admin/install.php instead of http://www.site.com/blog/wp-admin/install.php. Is there a better way than this method? I would pull in the categories from the database table, but I do not currently have access. Thanks!

    Read the article

  • Between-request Garbage Collection using Passenger

    - by raphaelcm
    We're using Rails 3.0.7 and REE 1.8.7. Long-term, we will be upgrading, but at the moment it's not feasible. Following the advice of several blog posts, we've been tuning our GC, and have settings that work pretty well. But we would really like to run GC outside of the request-response cycle. I've tried patching Passenger per this post, and using the code supplied in this SO question. In both cases, GC does indeed happen between requests. However, every time the between-request GC happens, I see a bunch of this: MONGODB [INFO] Connecting... MONGODB admin['$cmd'].find({:ismaster=>1}).limit(-1) MONGODB admin['$cmd'].find({:ismaster=>1}).limit(-1) MONGODB admin['$cmd'].find({:ismaster=>1}).limit(-1) Starting the New Relic Agent. Installed New Relic Browser Monitoring middleware SQL (0.0ms) SHOW TABLES SQL (0.0ms) SHOW TABLES RefinerySetting Load (0.0ms) SELECT `refinery_settings`.* FROM `refinery_settings` WHERE `refinery_settings`.`scoping` = 'pages' AND `refinery_settings`.`name` = 'use_marketable_urls' LIMIT 1 SQL (0.0ms) BEGIN RefinerySetting Load (0.0ms) SELECT `refinery_settings`.* FROM `refinery_settings` WHERE `refinery_settings`.`id` = 1 LIMIT 1 AREL (0.0ms) UPDATE `refinery_settings` SET `value` = '--- \"false\"\n', `callback_proc_as_string` = NULL WHERE `refinery_settings`.`id` = 1 SQL (0.0ms) SHOW TABLES RefinerySetting Load (0.0ms) SELECT `refinery_settings`.* FROM `refinery_settings` SQL (0.0ms) COMMIT SQL (0.0ms) SHOW TABLES RefinerySetting Load (4.0ms) SELECT `refinery_settings`.* FROM `refinery_settings` WHERE `refinery_settings`.`scoping` IS NULL AND `refinery_settings`.`name` = 'user_image_sizes' LIMIT 1 SQL (0.0ms) BEGIN RefinerySetting Load (0.0ms) SELECT `refinery_settings`.* FROM `refinery_settings` WHERE `refinery_settings`.`id` = 17 LIMIT 1 AREL (0.0ms) UPDATE `refinery_settings` SET `value` = '--- \n:small: 120x120>\n:medium: 280x280>\n:large: 580x580>\n', `callback_proc_as_string` = NULL WHERE `refinery_settings`.`id` = 17 SQL (0.0ms) SHOW TABLES RefinerySetting Load (0.0ms) SELECT `refinery_settings`.* FROM `refinery_settings` SQL (0.0ms) COMMIT ******** Engine Extend: app/helpers/blog_posts_helper SQL (0.0ms) SHOW TABLES SQL (0.0ms) SHOW TABLES SQL (0.0ms) SHOW TABLES SQL (4.0ms) SHOW TABLES SQL (0.0ms) SHOW TABLES SQL (0.0ms) SHOW TABLES SQL (0.0ms) SHOW TABLES ******** Engine Extend: app/models/user SQL (0.0ms) describe `roles_users` SQL (0.0ms) SHOW TABLES SQL (0.0ms) SHOW TABLES SQL (4.0ms) describe `roles_users` SQL (0.0ms) SHOW TABLES SQL (4.0ms) SHOW TABLES SQL (0.0ms) SHOW TABLES SQL (0.0ms) SHOW TABLES (etc, etc, etc) Which is what happens when rails "loads the world" when the app starts up. Basically, GC.start is re-loading the app for some reason. Because of this, between-request GC is much slower than inline GC. Is there a way around this? I would love to have snappy, between-request GC if possible. Thanks.

    Read the article

  • MySQL Query still executing after a day..?

    - by Matt Jarvis
    Hi - I'm trying to isolate duplicates in a 500MB database and have tried two ways to do it. One creating a new table and grouping: CREATE TABLE test_table as SELECT * FROM items WHERE 1 GROUP BY title; But it's been running for an hour and in MySQL Admin it says the status is Locked. The other way I tried was to delete duplicates with this: DELETE bad_rows.* from items as bad_rows inner join ( select post_title, MIN(id) as min_id from items group by title having count(*) 1 ) as good_rows on good_rows.post_title = bad_rows.post_title; ..and this has been running for 24hours now, Admin telling me it's Sending data... Do you think either or these queries are actually still running? How can I find out if it's hung? (with Apple OS X 10.5.7)

    Read the article

  • What frameworks should we consider for a custom web application?

    - by justkevin
    A client is looking for a custom web application, which will eventually include lots of interconnected components, but the main features are: Subscription based membership as well as virtual/digital product sales Members have their own public web cookie-cutter directories (e.g., storefronts, pages, etc.) and personal member admin area. Site administrators will need both common tools (member admin, password changes, etc.) and custom tools that can be readily developed or integrated with 3rd party solutions. What frameworks should we be looking at? PHP/MySQL is preferable unless something really outstanding is available in another stack.

    Read the article

  • Web setup Installer(MSI) error on windows server 2008 environment

    - by mag1981
    Hello!, I have developed a Web Application on VS2008 and I have created WebSetup for my web site. It is working fine when I install this MSI or setup.exe on windows server 2003 environment. If I tried to install on windows server 2008 using MSI file it is throwing error as below- "You do not have sifficient privieges to compelte this instalaltion for all users of the machine. log on as administrator and the retry this instalaltion" settings as below, 1)I have loged in as admin user. 2)secpol.msc --Local Policies--Security Options--User Account Control: Run all administrator in Admin Approvl Mode ==Enabled Please suggest me on this. thanks in advance

    Read the article

  • CustomError not working properly

    - by IrfanRaza
    Hello friends, I am using following setting for customError. < customErrors mode="On" defaultRedirect="GenericErrorPage.aspx" < error statusCode="403" redirect="NoAccess.aspx" / < error statusCode="404" redirect="FileNotFound.aspx" / < /customErrors I have a folder "Admin" having access to administrators role. When someone other than administrators tries to access the pages inside admin folder, it is redirected to login page. My expectation is to display "NoAccess.aspx". Whats wrong with this code? Or is there other meaning to statusCode=403. Could someone provide help on this. Thanks for sharing your valuable time.

    Read the article

  • How to normalize a database where different user groups have different kinds of profiles?

    - by Stephen
    My application database has a Groups table that separates users into logical roles and defines access levels (admin, owner, salesperson, customer service, etc.) Groups has many Users. The Users table contains login details such as username and password. Now I wish to add user profiles to my database. The trouble I'm having (probably due to my relative unfamiliarity with proper database normalization) is that different user groups have different kinds of profiles. Ergo, a salesperson's profile will include his commission percentage, whereas an admin or customer service would not need this value. So, would the proper method be to create a unique profile table for each group? (e.g. admin_profiles, or salesperson_profiles). or is there a better way that combines certain details in a generic profile, while some users have extended info. And if so, whats a good example of how to do this with the commission example given?

    Read the article

  • Grails external Jms broker (active mq)

    - by TheBigS
    I have what will become an 'external' activemq server I'd like grails to be able to talk to. Right now I am just running it on my dev box. Here is what I have setup right now: 1) Run activemq server 2) Run activemq/examples using ant to produce messages 3) View ActiveMQ admin site: http://localhost:8161/admin/queues.jsp verify that messages are in the queue. 4) Follow Mini Tutorial to create the Service and Controller: http://www.grails.org/ActiveMQ+Plugin 5) Configured my Grails resources.groovy file as follows: beans = { jmsConnectionFactory(SingleConnectionFactory){ targetConnectionFactory = { ActiveMQConnectionFactory cf -> brokerURL = 'tcp://localhost:61616' } } } When I run the grails app I get a BindException saying port 61616 is already in use. How do I configure this to use my server that is already running? I've tried changing 'localhost' to '127.0.0.1' and to my LAN ip, but no luck, it keeps trying to setup its own embedded activemq server. Any ideas?

    Read the article

  • (C#) How do you de-elevate permissions for a child process

    - by Davy8
    I know how to launch a process with Admin privileges from a process using: proc.StartInfo.UseShellExecute = true; proc.StartInfo.Verb = "runas"; where proc is a System.Diagnostics.Process. But how does one do the opposite? If the process you're in is already elevated, how do you launch the new process without admin privileges? More accurately, we need to launch the new process with the same permission level as Windows Explorer, so no change if UAC is diabled, but if UAC is enabled, but our process is running elevated, we need to perform a certain operation un-elevated because we're creating a virtual drive and if it's created with elevated permissions and Windows explorer is running unelevated it won't show up. Feel free to change the title to something better, I couldn't come up with a good description

    Read the article

  • SharePoint job queued, but never starts.

    - by Eric Uniacke
    I'm attempting to retract a solution from SharePoint. I've started the job via Central Admin site as well as from stsadm. The job is queued, however, it will stay in a state of pending for days. The SharePoint services - Admin and Timer service - are started. Any suggestoins of why the retraction jobs are queued, but never started? I'm really at a loss of what to try next, so anything will be helpful. Thank you!

    Read the article

  • Should default passwords always be empty?

    - by mafutrct
    I'm currently designing a system that requires an admin to log in using a password. For certain reasons, it is difficult to set this password during installation, but it can be changed later. My idea is this: If I leave the default password empty, it is so horridly insecure that every admin is going to fix this as soon as possible. If I were to use some kind of predefined password instead, admins may think "ah.. nobody would think I've got 'defaultpassword' as my password so it's not very important to change." So the basic thought is to make it so terrible that even the most lazy people are going to do something about it.

    Read the article

  • Running an app that requires an administrator account from a service

    - by Bergvall
    Is it possible to run handle.exe (from sysinternals) from a service (in windows7) without having to turn off UAC? The service is a custom c-app that needs to find out which process is locking a file it tries to access and handle.exe seems to be a good way to solve it but i can't get it to work with UAC turned on. This app runs all the time so i can't have a UAC prompt while its running but its fine if it shows up at startup. Handle.exe works fine from an admin commandprompt but fails when trying to run from a normal prompt. I call handle.exe from CreateProcess() and get the output from pipes. I guess there should be a way to solve this but i can't figure it out. Setting up the service to log in from an admin account does not seem to work.

    Read the article

  • EJB3.1 logout doesn't work

    - by Kevin
    Hello, I've got a problem with the authentication features of EJB3.1: With this code in a Servlet v3: log.info(""+request.getUserPrincipal()); log.info(""+request.getAuthType()); log.info("===^==="); request.logout() ; log.info(""+request.getUserPrincipal()); log.info(""+request.getAuthType()); request.authenticate(response) ; log.info("===v==="); log.info(""+request.getUserPrincipal()); log.info(""+request.getAuthType()); I would always expect to see the Username/login windows, because of the logout() function. Instead, it seems to be a 'cache' mechanism which repopulate the credential and cancel my logout ... Admin BASIC ===^=== null null ===v=== Admin BASIC is it a problem with my firefox, or something I'm missing in the Servlet code? Thanks

    Read the article

  • How to give 'Everybody' full rights to a file (programmatically)

    - by egrunin
    I'm modifying an old C++ program to run on Vista. It does not require Admin privileges. I've changed the code to put logfiles in \ProgramData\MyApp\. These logfiles are written with the stdio functions (fopen, fprintf, fclose). Here's the problem: UserA runs the program first, it creates \ProgramData\MyApp\MyLogFile.txt UserB runs the program next, it tries to append to MyLogFile.txt and gets access denied. I tried creating a null SECURITY_DESCRIPTOR and passing that to CreateFile(). That does create a file with "no permissions assigned", but it seems as if the first user to write to the file takes ownership and afterwards all the other non-admin users are out of luck. It's important that all users share the same logfiles, but it's also important that I change as little code as possible.

    Read the article

  • Passing CMD Results to Variable in a Batch File

    - by TripleNad
    I am trying to install an application and a group of services using PSTools, but I want to take into account that the computer I am trying to connect to may be turned off or on a different network, which is not reachable from the internal network. Basically if the machine is not able to be accessed through the admin share, this is the message that I am getting: Couldn't access MachineName: The network path was not found. Make sure that the default admin$ share is enabled on MachineName. This is the syntax I am using to try to capture the "Error Message" and then report back that if installation was successful or not (depending on if it can contact the machine) @echo off set /p name=What is the machine name?: psexec.exe \\\%name% -u *useraccount* -p *password* \\\ServerName\installation.bat FOR /F "tokens=*" %%A IN ('COMMAND ^| FIND "Couldn't access"') DO SET Error=%%A If "%Error%"=="Couldn't access" ECHO Installation Failed. Else ECHO Installtion complete. Pause exit Currently it hangs right at the point it's defining the Error Variable. Can't quite figure out what I am going wrong here.

    Read the article

  • sql server - bulk insert error

    - by user554134
    I am using bulk insert and getting below error: Note: The data in the load file is not beyong the configured column length Running Command: bulk insert load_data from 'C:\temp\dataload\load_file.txt' with (firstrow = 1, fieldterminator = '0x09', rowterminator = '\n',MAXERRORS = 0, ERRORFILE = 'C:\temp\dataload\load_file') Contents of load file: user_name file_path asset_owner city import_date admin C:\ admin toronto 04/12/2012 Error: Msg 4863, Level 16, State 1, Line 1 Bulk load data conversion error (truncation) for row 1, column 6 (validated). Msg 7399, Level 16, State 1, Line 1 The OLE DB provider "BULK" for linked server "(null)" reported an error. The provider did not give any information about the error. Msg 7330, Level 16, State 2, Line 1 Cannot fetch a row from OLE DB provider "BULK" for linked server "(null)".

    Read the article

  • asp.net mvc - limit access to web pages

    - by niao
    Greetings, in my asp.net mvc application what i would like to do is to enable access to some pages only after user was successfully authorized. I have already created custom membership provider and that works fine. How can I, in web config create such rule - for instance for all pages in ~Admin/ folder? I don't want to create on every controller's action the validation code. For now i have in my web.config the following statement: <location path="~/Admin"> <system.web> <authorization> <deny users="?"/> </authorization> </system.web> but it doesn't work.

    Read the article

  • Flash: How to dispatch a click event at the top of a loaded .swf?

    - by Myk
    So I'm trying to build a tool that will allow me and other users to all open the same .swf, and then I as the Admin user am able to interact with mine while they all see my mouse movements and button clicks etc on theirs. I'm using BlazeDS to manage this and I'm getting data sent back and forth etc - no difficulties there. The issue I'm running into is this: In an "Admin" instance, I click a button. I capture that X and Y, then tell Blaze to tell my clients to dispatch a Click event at that X and Y. On my client side, I get that data and dispatch a Click event at that X and Y - but the click is actually caught at the stage level. The click on my client side takes place UNDER all of my buttons and other content - so the whole thing fails. Does this make sense? Is there a way to tell it to start the click event at the top?

    Read the article

  • Windows 2008 unable to execute c# powershell app. Returning access exception.

    - by scope-creep
    Hi, Does anybody know why I can't access the folder where my powershell scripts are in windows 2008 Ent. When I try to create a script with textpad it craps out. When I try and execute a c# powershell app, which is stored on another win 2003 drive, it craps out with an access exception as well. I've set powershell execution policy to unrestricted for both normal users and admin users with 'run as admin' on powershell, but it doesn't seem to make a difference. There must be a policy setting, doesn't allow scripts access to a directory, but where, and how to set it. Any help would be appreciated. scope_creep

    Read the article

  • php include file issue using document root

    - by nithi
    I have used the following code to get the document root. $path = get_file_dir(); function get_file_dir() { global $argv; return realpath($argv[0]); } Below code includes config.php and config.php has the $setuprun variable with a value. if((file_exists("$path/admin/config.php"))) { include_once "$path/admin/config.php"; } if($setuprun=="true") { //do some code } In my system, it takes the document root like /home/myname/myfolder and the variable $setuprun has the value and the code works perfectly. But in another user's system, it shows the following error. Notice: Undefined variable: setuprun in /usr/local/www/chat/setup.php on line 22. He is using FreeBSD 8.2 Stable with MySQL 5, PHP5 and Apache 2.2. Can anyone please help me to solve this error?

    Read the article

  • How to self-update PHP+MySQL CMS?

    - by SaltLake
    I'm writing a CMS on PHP+MySQL. I want it to be self-updatable (throw one click in admin panel). What are the best practices? How to compare current version of cms and a version of the update (application itself and database). Should it just download zip archive, upzip it and overwrite files? (but what to do with files that are no longer used). How to check if an update is downloaded correctly? Also it supports modules and I want this modules to be downloadable from the admin panel of cms. And how should I update MySQL tables?

    Read the article

  • Offsite data storage for simple app, or a similar supported persistence mechanism?

    - by jdk
    Question Is there a usable facebook entry point to the Data Storage API that facebook lists on their app admin page for developers, or should I consider an alternate mechanism? What alternative mechanisms exist to simply persist my information offsite (away from my server app) without stuffing it into a cookie that's prone to expire? ... Background The facebook Data Store Admin tool is made available in a facebook App's Settings as seen here: (continue reading below) However when I visit the DataStoreAdmin link nothing works (i.e. clicking the buttons to define the data store types and objects does nothing - I have tried different browsers). The Wiki page for Data Store API hasn't been updated recently and the second last update says the beta Data Store was taken offline. It seems odd the link would be readily available and highly visible at the top of the App configuration area if indeed it's defunct. I was hoping some kind of key/value pair solution to remove the data calls from my own server.

    Read the article

  • How to delete files with a Python script from a FTP server which are older than 7 days?

    - by Tom
    Hello I would like to write a Python script which allows me to delete files from a FTP Server after they have reached a certain age. I prepared the scipt below but it throws the error message: WindowsError: [Error 3] The system cannot find the path specified: '/test123/*.*' Do someone have an idea how to resolve this issue? Thank you in advance! import os, time from ftplib import FTP ftp = FTP('127.0.0.1') print "Automated FTP Maintainance" print 'Logging in.' ftp.login('admin', 'admin') # This is the directory that we want to go to directory = 'test123' print 'Changing to:' + directory ftp.cwd(directory) files = ftp.retrlines('LIST') print 'List of Files:' + files # ftp.remove('LIST') #------------------------------------------- now = time.time() for f in os.listdir(directory): if os.stat(f).st_mtime < now - 7 * 86400: if os.directory.isfile(f): os.remove(os.directory.join(directory, f)) #except: #exit ("Cannot delete files") #------------------------------------------- print 'Closing FTP connection' ftp.close()

    Read the article

  • Separating Spring and Dojo single page app codebases

    - by Pie21
    I'm working on a web application with a Spring Roo REST API backend and a Dojo single-page client app. Spring Roo provides a handy admin interface (with Web MVC) out of the box, so I'd like to keep that accessible for administrative duties. However I'd like the Dojo app to be decoupled from the server application as possible. The server is a platform for which we expect new client applications to be developed, so I'd like to develop the 'official' client web app in isolation. What is the best (or even just one good) way to structure the application code? It's easy to leave the server alone as an API and admin interface, but where does all the Dojo JS live? It works okay when it's in the Spring webapp directory, but gets complicated quickly as soon as the structure gets more complex or is moved anywhere else (Spring URL mappings are still awfully opaque to me). Ideally it could be hosted locally on a development machine, which introduces all the cross-domain JS issues as well.

    Read the article

< Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >