Search Results

Search found 11785 results on 472 pages for 'password protection'.

Page 87/472 | < Previous Page | 83 84 85 86 87 88 89 90 91 92 93 94  | Next Page >

  • Thoughts on security model to store credit card details

    - by Faisal Abid
    Here is the model we are using to store the CC details how secure does this look? All our information is encrypted using public key encryption and the keypair is user dependent (its generated on the server and the private key is symmetric encrypted using the users password which is also Hashed on the database) So basically on first run the user sends in his password via a SSL connection and the password is used with the addition of salt to generate an MD5 hash, also the password is used to encrypt the private key and the private key is stored on the server. When the user wants to make a payment, he sends his password. The password decrypts the private key, and the private key decrypts the CC details and the CC details are charged.

    Read the article

  • Drupal, mysql server settings

    - by Patrick
    hi, I've a problem to configure database settings in Drupal. I will propose here some sample data: Database Mysql: Database: databaseName User: user Password: password Server: server.com Server Choice: mysqldb2 (in phpmyadmin I have this option and I can choose between mysqldb1 and mysqldb2 to access to the mysql server) The error message I get is: The mysql error was: Access denied for user: 'user@localhost' (Using password: YES). I've tried the following lines in settings.php but I always get the same error message: $db_url = 'mysql://user:password@localhost/databaseName'; $db_url = 'mysql://user:password@localhost/databaseName/mysqldb2'; The user and password work in phpmyadmin so I'm sure they are correct. thanks

    Read the article

  • ActionMailer execution timeout

    - by user275729
    When trying to send an email to the user for reseting their password, I keep getting an execution timed out error. Other mailer functions work, so I know that the config settings are correct. The header reads: "Timeout::Error in Password resetsController#create" Here is the password_resets_controller: def create @user = User.find_by_email(params[:email]) if @user User.deliver_password_reset_instructions(@user.id) flash[:notice] = "Instructions to reset your password have been emailed to you. " + "Please check your email." redirect_to '/' else flash[:notice] = "No user was found with that email address" render :action => :new end end Here is the method inside of User.rb def self.deliver_password_reset_instructions(user_id) user = User.find(user_id) user.reset_perishable_token! Emailer.deliver_password_reset_instructions(user) end Finally, here is the actual method inside of emailer.rb: default_url_options[:host] = "http://0.0.0.0:3000" #development def password_reset_instructions(user) @subject = "FanGamb Password Reset" @from = '[email protected]' @recipients = user.email @sent_on = Time.now @body["edit_password_reset_url"] = edit_password_reset_url(user.perishable_token) @headers["X-SMTPAPI"] = "{\"category\" : \"Password Recovery\"}"#send grid category header end Why is "Password" in the error message referred to causing a timeout::error

    Read the article

  • How does this C# asp.net random password code work?

    - by quakkels
    Hello all, I'm new to .NET and C# and I'm trying to figure out how this code works: public static string CreateRandomPassword(int PasswordLength) { String _allowedChars = "abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ23456789"; Byte[] randomBytes = new Byte[PasswordLength]; RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); rng.GetBytes(randomBytes); char[] chars = new char[PasswordLength]; int allowedCharCount = _allowedChars.Length; for(int i = 0;i<PasswordLength;i++) { /// /// I don't understand how this line works: /// chars[i] = _allowedChars[(int)randomBytes[i] % allowedCharCount]; } return new string(chars); } I think I've got a pretty good handle on most of this. I haven't been able to understand the following line: chars[i] = _allowedChars[(int)randomBytes[i] % allowedCharCount]; I understand that the code generates random binary numbers and uses those random numbers in the for loop to select a character from the _allowedChars string. What I don't get is why this code uses the modulous operator (%) to get the _allowedChars index value. Thanks for any help

    Read the article

  • I am unable to find login page for phpmyadmin

    - by Awan
    I was using phpmyadmin(in Wamp) without a password for root. I thought to set a password for root and goto Privileges page and set a password for root. Now whenever I go to localhost/phpmyadmin page it gives me the following error. MySQL said: Documentation #1045 - Access denied for user 'root'@'localhost' (using password: NO) phpMyAdmin tried to connect to the MySQL server, and the server rejected the connection. You should check the host, username and password in your configuration and make sure that they correspond to the information given by the administrator of the MySQL server. I don't know that what is the problem. It is not showing me a login type page to enter a username and password. Any idea that what is the problem ? Thanks

    Read the article

  • ASP.NET MVC Page - Viewstate for Confirm email field is getting erased on Registration Page if valid

    - by Rita
    Hi I have a Registaration page with the following fields Email, Confirm Email, Password and Confrim Password. On Register Button click and post the model to the server, the Model validates and if that Email is already Registered, it displays the Validation Error Message "User already Exists. Please Login or Register with a different email ID". While we are displaying this validation error message, I am loosing the value of "Confirm Email" field. So that the user has to reenter again and I want to avoid this. Here I don't have confirm_Email field in my Model. Is there something special that has to be done to remain Confirm Email value on the Page even in case of Validation failure? Appreciate your responses. Here is my Code: <% using (Html.BeginForm()) {%> <%= Html.ValidationSummary(false) %> <fieldset> <div class="cssform"> <p> <%= Html.LabelFor(model => model.Email)%><em>*</em> <%= Html.TextBoxFor(model => model.Email, new { @class = "required email" })%> <%= Html.ValidationMessageFor(model => model.Email)%> </p> <p> <%= Html.Label("Confirm email")%><em>*</em> <%= Html.TextBox("confirm_email")%> <%= Html.ValidationMessage("confirm_email") %> </p> <p> <%= Html.Label("Password")%><em>*</em> <%= Html.Password("Password", null, new { @class = "required" })%> <%= Html.ValidationMessage("Password")%><br /> (Note: Password should be minimum 6 characters) </p> <p> <%= Html.Label("Confirm Password")%><em>*</em> <%= Html.Password("confirm_password")%> <%= Html.ValidationMessage("confirm_password") %> </p><hr /> <p>Note: Confirmation email will be sent to the email address listed above.</p> </fieldset> <% } %>

    Read the article

  • Fatal error: Function name must be a string in.. PHP error

    - by Jonesy
    Hi I have a class called User and a method called insertUser(). function insertUser($first_name, $last_name, $user_name, $password, $email_address, $group_house_id) { $first_name = mysql_real_escape_string($first_name); $last_name = mysql_real_escape_string($last_name); $user_name = mysql_real_escape_string($user_name); $password = mysql_real_escape_string($password); $email_address = mysql_real_escape_string($email_address); $query = "INSERT INTO Users (FirstName,LastName,UserName,Password,EmailAddress, GroupHouseID) VALUES ('$first_name','$last_name','$user_name','$password','$email_address','$group_house_id')"; $mysql_query($query); } And I call it like this: $newUser = new User(); $newUser->insertUser($first_name, $last_name, $user_name, $email, $password, $group_house_id); When I run the code I get this error: Fatal error: Function name must be a string in /Library/WebServer/Documents/ORIOnline/includes/class_lib.php on line 33 Anyone know what I am doing wronly? Also, this is my first attempt at OO PHP. Cheers, Jonesy

    Read the article

  • Not able to access the server after changing the password?

    - by cyrilsebastian
    While accessing the server, the error comes: Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again. I am logging in from Administrator in XP machine, able to access server from other machines. Is there any problem with administrator profile??

    Read the article

  • passing data from a client form via jquery ajax dinamicly

    - by quantum62
    i wanna insert specification of members that enter in textboxs of form in the database .i do this operation with jquery ajax when i call webmetod with static value the operation do successfully.for example this code is ok. $.ajax({ type: "POST", url:"MethodInvokeWithJQuery.aspx/executeinsert", data: '{ "username": "user1", "name":"john","family":"michael","password":"123456","email": "[email protected]", "tel": "123456", "codemeli": "123" }', contentType: "application/json; charset=utf-8", dataType: "json", async: true, cache: false, success: function (msg) { $('#myDiv2').text(msg.d); }, error: function (x, e) { alert("The call to the server side failed. " + x.responseText); } } ); but when i wanna use of values that enter in textboxes dynamically error occur.whats problem?i try this two code <script type="text/javascript"> $(document).ready( function () { $("#Button1").click( function () { var username, family, name, email, tel, codemeli, password; username = $('#<%=TextBox1.ClientID%>').val(); name = $('#<%=TextBox2.ClientID%>').val(); family = $('#<%=TextBox3.ClientID%>').val(); password = $('#<%=TextBox4.ClientID%>').val(); email = $('#<%=TextBox5.ClientID%>').val(); tel = $('#<%=TextBox6.ClientID%>').val(); codemeli = $('#<%=TextBox7.ClientID%>').val(); $.ajax( { type: "POST", url: "WebApplication20.aspx/executeinsert", data: "{'username':'username','name':name, 'family':family,'password':password, 'email':email,'tel':tel, 'codemeli':codemeli}", contentType: "application/json;charset=utf-8", dataType: "json", async: true, cache: false, success: function(msg) { alert(msg); }, error: function (x, e) { alert("The call to the server side failed. " + x.responseText); } } ); } ) }) </script> or $(document).ready( function () { $("#Button1").click( function () { var username, family, name, email, tel, codemeli, password; username = $('#<%=TextBox1.ClientID%>').val(); name = $('#<%=TextBox2.ClientID%>').val(); family = $('#<%=TextBox3.ClientID%>').val(); password = $('#<%=TextBox4.ClientID%>').val(); email = $('#<%=TextBox5.ClientID%>').val(); tel = $('#<%=TextBox6.ClientID%>').val(); codemeli = $('#<%=TextBox7.ClientID%>').val(); $.ajax( { type: "POST", url: "WebApplication20.aspx/executeinsert", data: '{"username" : '+username+', "name": '+name+', "family": '+family+', "password": '+password+', "email": '+email+', "tel": '+tel+' , "codemeli": '+codemeli+'}', contentType: "application/json;charset=utf-8", dataType: "json", async: true, cache: false, success: function(msg) { alert(msg); }, error: function (x, e) { alert("The call to the server side failed. " + x.responseText); } } ); } ) })

    Read the article

  • mocking command object in grails controller results in hasErrors() return false no matter what! Plea

    - by egervari
    I have a controller that uses a command object in a controller action. When mocking this command object in a grails' controller unit test, the hasErrors() method always returns false, even when I am purposefully violating its constraints. def save = { RegistrationForm form -> if(form.hasErrors()) { // code block never gets executed } else { // code block always gets executed } } In the test itself, I do this: mockCommandObject(RegistrationForm) def form = new RegistrationForm(emailAddress: "ken.bad@gmail", password: "secret", confirmPassword: "wrong") controller.save(form) I am purposefully giving it a bad email address, and I am making sure the password and the confirmPassword properties are different. In this case, hasErrors() should return true... but it doesn't. I don't know how my testing can be any where reliable if such a basic thing does not work :/ Here is the RegistrationForm class, so you can see the constraints I am using: class RegistrationForm { def springSecurityService String emailAddress String password String confirmPassword String getEncryptedPassword() { springSecurityService.encodePassword(password) } static constraints = { emailAddress(blank: false, email: true) password(blank: false, minSize:4, maxSize: 10) confirmPassword(blank: false, validator: { confirmPassword, form -> confirmPassword == form.password }) } }

    Read the article

  • How to save array of integer numbers in a column in SQL Server 2005

    - by hamed
    I have a table in SQL Server 2005 with the following properties: Users (UserID, Username, Password) where UserID is primary key I want to save an array of integer numbers in the password attribute in the Users table. -------------------- 0 1 2 3 -------------------- 1543 6543 7658 8765 -------------------- I plan to save this into the password column. On the other hand I use pictures instead of texts for password and each picture has a code (4 digit) and a password include 4 picture that produce 16 digit. I want to save these 16 digits (array of Ints) into the Password column please help me. thanks

    Read the article

  • How do I prevent WIX CAQuietExec from logging the command line?

    - by Noel Abrahams
    In order to prevent command windows from popping up during installation I am using the WIX built-in custom action CAQuietExec. First I define the command line: <CustomAction Id="A01" Property="QtExecCmdLine" Value="&quot;MyExe.exe&quot; /password [PASSWORD]" /> NB: The PASSWORD property is defined as Hidden. This prevents the Windows installer from writing the property value to the log. Then I call into the embedded WIX extension: <CustomAction Id="A02" BinaryKey="WixCA" DllEntry="CAQuietExec" Execute="immediate" Return="ignore" /> This works fine. However, when I go to the temp folder and open up the MSI log I see the following entry: CAQuietExec: "C:\Program Files\MyExe.exe" /password INCLEARTEXT I.e. the password is displayed in clear text and not hidden. How do I prevent the CAQuietExec from logging the password in clear text?

    Read the article

  • Passing variables to functions in Python

    - by brno792
    Im writing test scripts in python for selenium web testing. How do I pass parameters through a python function to call in a later function? I first have a login test function. Then I have a new user registration function. Im trying to pass the Username and Password I use in the registration function to the testLogin function that I call inside the testRegister function. This is my python code: userName = "admin" password = "admin" #pass username and password variables to this function def testLogin(userName,password): browser = webdriver.Firefox() browser.get("http://url/login") element = browser.find_element_by_name("userName") element.send_keys(userName) element = browser.find_element_by_name("userPassword") element.send_keys(password) element.send_keys(Keys.RETURN) browser.close() # test registration def testRegister(): browser = webdriver.Firefox() browser.get("http://url/register") #new username variable newUserName = "test" element = browser.find_element_by_name("regUser") element.send_keys(newUserName) #new password variable newUserPassword = "test" element = browser.find_element_by_name("regPassword") element.send_keys(newUserPassword) # #now test if user is registered, I want to call testLogin with the test user name and pw. testLogin(newUserName,newUserPassword) browser.close()

    Read the article

  • AFNetworking PostPath php Parameters are null

    - by Alejandro Escobar
    I am trying to send a username and password from an iOS app using AFNetworking framework to a php script. The iOS app continues to receive status code 401 which I defined to be "not enough parameters". I have tried returning the "username" from the php script to the iOS app and receive . Based on what I've been investigating so far, it seems as though: 1) The php script is not decoding the POST parameters properly 2) The iOS app is not sending the POST parameters properly The following is the iOS function - (IBAction)startLoginProcess:(id)sender { NSString *usernameField = usernameTextField.text; NSString *passwordField = passwordTextField.text; NSDictionary *parameters = [NSDictionary dictionaryWithObjectsAndKeys:usernameField, @"username", passwordField, @"password", nil]; NSURL *url = [NSURL URLWithString:@"http://localhost/~alejandroe1790/edella_admin/"]; AFHTTPClient *httpClient = [[AFHTTPClient alloc] initWithBaseURL:url]; [httpClient defaultValueForHeader:@"Accept"]; [httpClient setParameterEncoding:AFJSONParameterEncoding]; [httpClient postPath:@"login.php" parameters:parameters success:^(AFHTTPRequestOperation *operation, id response) { NSLog(@"operation hasAcceptableStatusCode: %d", [operation.response statusCode]); } failure:^(AFHTTPRequestOperation *operation, NSError *error) { NSLog(@"Error with request"); NSLog(@"%@",[error localizedDescription]); }]; } The following is the php script function checkLogin() { // Check for required parameters if (isset($_POST["username"]) && isset($_POST["password"])) { //Put parameters into local variables $username = $_POST["username"]; $password = $_POST["password"]; $stmt = $this->db->prepare("SELECT Password FROM Admin WHERE Username=?"); $stmt->bind_param('s', $username); $stmt->execute(); $stmt->bind_result($resultpassword); while ($stmt->fetch()) { break; } $stmt->close(); // Username or password invalid if ($password == $resultpassword) { sendResponse(100, 'Login successful'); return true; } else { sendResponse(400, 'Invalid Username or Password'); return false; } } sendResponse(401, 'Not enough parameters'); return false; } I feel like I may be missing something. Any assistance would be great.

    Read the article

  • jQuery mobile ajax login form authentication

    - by Jakub Zak
    I know i already asked simillar question, but now when I work with jQuery Mobile I can't figure it out. So I have this form: <div data-role="page" data-theme="a" id="login_page"> <div data-role="header" data-position="fixed"> <h1>****</h1> </div> <div data-role="content"> <form id="login_form" method="POST" data-ajax="false"> <label for="basic">Username:</label> <input type="text" name="name" id="username" value=""/> <label for="basic">Password:</label> <input type="password" name="password" id="password" value=""/> <input type="submit" value="Login" id="login" name="login"/> </form> </div> <div data-role="footer" data-position="fixed"> <div data-role="navbar"></div> </div> </div> And I need to submit Username and Password to php script, where php replies and send "success" or "failed". Here is php: <?php session_start(); $username = $_POST["name"]; $password = $_POST["password"]; include('mysql_connection.php'); mysql_select_db("jzperson_imesUsers", $con); $res1 = mysql_query("SELECT * FROM temp_login WHERE username='$username' AND password='$password'"); $count=mysql_num_rows($res1); if($count==1){ echo "success"; }else{ echo "failed"; } ?> And to do all this I want to use this script: $(document).ready(function() { $("form").submit(function(){ $.mobile.showPageLoadingMsg(); $.ajax({ url: "http://imes.jzpersonal.com/login_control.php", type: "POST", dataType: "jsonp", jsonp: "jsoncallback", data: $("form#login_form").serialize(), success: function( response ){ $.mobile.changePage( "http://imes.jzpersonal.com/user_panel.html"); } }); return false; }); }); But I can't make it work, I know I must have mistakes in there, I just can't find them, or better way to do it. Thank you in advance for any help.

    Read the article

  • PHP, MySQL - My own version of SALT (I call salty) - Login Issue

    - by Fabio Anselmo
    Ok I wrote my own version of SALT I call it salty lol don't make fun of me.. Anyway the registration part of my script as follows is working 100% correctly. //generate SALTY my own version of SALT and I likes me salt.. lol function rand_string( $length ) { $chars = "ABCDEFGHIJKLMNOPQRSTUWXYZabcdefghijklmnopqrstuwxyz1234567890"; $size = strlen( $chars ); for( $i = 0; $i < $length; $i++ ) { $str .= $chars[ rand( 0, $size - 1 ) ]; } return $str; } $salty = rand_string( 256 ); //generate my extra salty pw $password = crypt('password'); $hash = $password . $salty; $newpass = $hash; //insert the data in the database include ('../../scripts/dbconnect.php'); //Update db record with my salty pw ;) // TESTED WITH AND WITHOUT SALTY //HENCE $password and $newpass mysql_query("UPDATE `Register` SET `Password` = '$password' WHERE `emailinput` = '$email'"); mysql_close($connect); However my LOGIN script is failing. I have it setup to TEST and echo if its login or not. It always returns FAILED. I entered the DB and changed the crypted salty pw to "TEST" and I got a SUCCESS. So my problem is somewhere in this LOGIN script I assume. Now I am not sure how to implement my $Salty in this. But also be advised that even without SALTY (just using crypt to store my pass) - I was still unable to perform a login successfully. And if you're gonna suggest i use blowfish - note that my webhost doesn't have it supported and i don't know how to install it. here's my login script: if (isset($_POST['formsubmitted'])) { include ('../../scripts/dbconnect.php'); $username = mysql_real_escape_string($_POST['username']); $password = crypt(mysql_real_escape_string($_POST['password'])); $qry = "SELECT ID FROM Register WHERE emailinput='$username' AND Password='$password'"; $result = mysql_query($qry); if(mysql_num_rows($result) > 0) { echo 'SUCCESS'; //START SESSION } else { echo 'FAILED'; //YOU ARE NOT LOGGED IN } } So what's wrong with this login? Why isn't it working just using the crypt/storing only crypt? How can i make it work storing both the crypt and randomly generated SALTY :) ? Ty advance

    Read the article

  • In order to bypass a website's login screen, can you load a link with a username and password?

    - by Jeff
    I am relatively new to web development, and I was hoping I could get some pointers about the feasibility of a feature I would like to implement. Is it possible to have a url link that you can click on, that can contain login credentials for the website it is linking to, so as to bypass that websites login screen? In other words, can I make a link from my website to facebook, that would allow me to login right in to my facebook, from any computer? Meaning, if I don't have cookies to store my login info in, is it possible to login still? This is just a conceptual question, so any help would be appreciated! Thanks!

    Read the article

  • How to change password hashing algorithm when using spring security?

    - by harry
    I'm working on a legacy Spring MVC based web Application which is using a - by current standards - inappropriate hashing algorithm. Now I want to gradually migrate all hashes to bcrypt. My high level strategy is: New hashes are generated with bcrypt by default When a user successfully logs in and has still a legacy hash, the app replaces the old hash with a new bcrypt hash. What is the most idiomatic way of implementing this strategy with Spring Security? Should I use a custom Filter or my on AccessDecisionManager or …?

    Read the article

  • Is there an easy way to add a secure file upload form (username, password, select file) to a website

    - by user346602
    Hi, I am very new to website design. Have an architect who wants his clients to enable his clients to upload (ftp - but don't know if http could be a better alternative?) files (plans etc.) to him, through the website I'm designing for him. I have seen similar things available on printers websites... I have seen uploadify, but it requires flash (I can only code HTML, CSS and a tiny bit of PHP), and don't think it is a secure option. I have also seen net2ftp, but don't really understand how it works. Any direction would be sincerely appreciated.

    Read the article

  • How to ReHash a password stored into my Database ? (PHP)

    - by Vincent Roye
    Hi! I have some passwords encrypted in my database and I would like to find a way to display them. Here is how they are saved into my mysql database: function generateHash($plainText, $salt = null){ if ($salt === null) { $salt = substr(md5(uniqid(rand(), true)), 0, 25); } else { $salt = substr($salt, 0, 25); } return $salt . sha1($salt . $plainText); } $secure_pass = generateHash($this->clean_password); Then $secure_pass is saved into my database. Anyone would have an idea ?? Thank you very much ;)

    Read the article

< Previous Page | 83 84 85 86 87 88 89 90 91 92 93 94  | Next Page >