Search Results

Search found 13256 results on 531 pages for 'password policy'.

Page 88/531 | < Previous Page | 84 85 86 87 88 89 90 91 92 93 94 95  | Next Page >

  • Does the password get sent in the clear when connecting to Sql-Server?

    - by Scott Chamberlain
    I was asked this today and I honestly did not know the answer. If you connect using a connection string without sspi to a server is there any way a 3rd party can intercept on the wire the password used to log in? "Data Source=MyServer;Initial Catalog=MyDatabase;User Id=sa;Password=CanThisBeSniffed;" I am not asking about MiTM attacks just someone listing on the same computer or on the same hub on the network with wireshark or something similar running. I fired up wireshark myself and did not see it in plain text but it could be a simple obfuscation or proper encryption, I just wanted to know which.

    Read the article

  • Suggestions? Password & Encrypted Read/Write File like a Mac (.dmg or .SparseBundle) also R/W on Windows, Ubuntu

    - by Jeff Drew
    For years I have used .dmg or .sparsebundle (Encrypted and Password Protected) to safely keep home directory backups on my Mac. Now, I am looking for a similar Full Permissions/Read/Write that maintains an encrypted, and password protected file that it Tri-Platform. I'd like to have the future ability to use it on Mac OS X, Windows 7/8, and Ubuntu (current releases+). I appreciate your recommendations. Thank you. (I like mounting a DMG and having a file directory structure that can be easily maintained and organized. When done, un-mounting the file.) (I've seen Windows tools to open encrypted DMG files? and I will explore these options, but with the desire to also keep the file accessible on on three OSes, someone might have additional suggestions.)

    Read the article

  • How can I implement ansible with per-host passwords, securely?

    - by supervacuo
    I would like to use ansible to manage a group of existing servers. I have created an ansible_hosts file, and tested successfully (with the -K option) with commands that only target a single host ansible -i ansible_hosts host1 --sudo -K # + commands ... My problem now is that the user passwords on each host are different, but I can't find a way of handling this in Ansible. Using -K, I am only prompted for a single sudo password up-front, which then seems to be tried for all subsequent hosts without prompting: host1 | ... host2 | FAILED => Incorrect sudo password host3 | FAILED => Incorrect sudo password host4 | FAILED => Incorrect sudo password host5 | FAILED => Incorrect sudo password Research so far: a StackOverflow question with one incorrect answer ("use -K") and one response by the author saying "Found out I needed passwordless sudo" the Ansible docs, which say "Use of passwordless sudo makes things easier to automate, but it’s not required." (emphasis mine) this security StackExchange question which takes it as read that NOPASSWD is required article "Scalable and Understandable Provisioning..." which says: "running sudo may require typing a password, which is a sure way of blocking Ansible forever. A simple fix is to run visudo on the target host, and make sure that the user Ansible will use to login does not have to type a password" article "Basic Ansible Playbooks", which says "Ansible could log into the target server as root and avoid the need for sudo, or let the ansible user have sudo without a password, but the thought of doing either makes my spleen threaten to leap up my gullet and block my windpipe, so I don’t" My thoughts exactly, but then how to extend beyond a single server? ansible issue #1227, "Ansible should ask for sudo password for all users in a playbook", which was closed a year ago by mpdehaan with the comment "Haven't seen much demand for this, I think most people are sudoing from only one user account or using keys most of the time." So... how are people using Ansible in situations like these? Setting NOPASSWD in /etc/sudoers, reusing password across hosts or enabling root SSH login all seem rather drastic reductions in security.

    Read the article

  • configure HTTPS server on a cisco router

    - by Sara
    For the past week I was trying to configure an HTTPS server on a cisco 2900 router, I've used the following commands and assigned a username and password to privilege 15 however, when Im trying to access a given ip it requires a username and password however when I insert the username and password I configured it does not allow me to enter and i'm not sure where the problem is. Router(config)# ip http secure-server Router(config)# ip http authentication local These were the commands i used for the https server and also I used the following to assign the username and password Router(config)#username name privilege 15 secret 0 password where 'name' and 'password' represent the username and password respectively I'm trying to access the 192.168.14.1 interface on the router and the username and password i created are not authorized to enter (I got the commands from a cisco router manual)

    Read the article

  • Samba users not added untill they logon first? Edit: How do I add users to tdbsam without a password prompt?

    - by glisignoli
    I add users to my server with the command useradd -m -p PASS_HASH -s /usr/sbin/nologin USERNAME Then I try to access their samba home share, but it never shows up until I login with the user: root:~$sudo login failtest Password:###### Added user failtest. Is there some way of added the user without logging in? Edit: The problem is that the user is added with the useradd command, but ubuntu seems to run an initalisation script when the user logs on for the first time. This script then adds that user to the tdbsam user database. Finding the initalisation script or the method it uses to add a user to the tdbsam database without requiring any user input (as smbpasswd -a USER prompts the user for a password). So all I need is a way to add a user+pass to the tdbsam database without prompting a user for a password (eg: samaba-add-user.sh USERNAME PASSWORD).

    Read the article

  • How secure is using "Normal password" for SMTP with connection type = STARTTLS?

    - by harshath.jr
    I'm using an email client for the first time - for the most part I've always used gmail via the web interface. Now I'm setting up thunderbird to connect to an email server of my own (on my own server, own domain name, etc). The server machine (and the email server on it) was preconfigured for me. Now i figured out away by which I'm able to send and receive email, but I noticed that in the outgoing and incoming servers section, the connection type was STARTTLS (and not SSL/TLS), and the Authentication Type was "Normal Password". Does this mean that the password will be sent across in plain text? I'm very paranoid about security - its the only way that it works for me. Can someone please post links that explain how SMTP (my outbound server) and IMAP (my inbound server) servers work, and what connection type means what? Thanks! PS: If this question does not belong here, please redirect me.

    Read the article

  • TrueCrypt - "Warning! Password locked: Fixed disk0" error message on boot

    - by Tibi
    TrueCrypt - "Warning! Password locked: Fixed disk0" error message on boot. When i start my laptop (Acer TravelMate 2410). after the starting memory check, the screen goes full black, and a message appears for about 3 seconds: Warning! Password locked: Fixed disk0 and after that, disappears, and next message comes out: Operating System Not Found and all stops here. Windows Xp was installed on it, before this came. TrueCrypt cd (witch was made during the process of full encryption) is not working, not in restoring MBR, no even in decrypting my drive - completely useless. Note: I detected some short of boot sector errors (i dont know the amount) on my drive before this happened. Please, i would greatfully thank every comment, or suggestion, because my computer is unusable now. The HDD is a Samsung HDD, 160Gb. Other preferences: Acer TravelMate 2410 Notebook, 2 Gb RAM, 1500 Mhz Intel Celeron M processor. Regards

    Read the article

  • Why do I have to enter my password every time I activate / deactivate AirPort (WiFi) on my MacBook P

    - by Another Registered User
    I use Snow Leopard, and I'm used to activate / deactivate WiFi like 20 times per day. The reason is that WiFi stops working properly after a few minutes of use. So every time I try to surf, I must stop/reactivate it first. But now, suddenly I have to enter my user password every time I want to do it. It's so annoying! The dialogue details say: Right: com.apple.airport.power Program: SystemUIServer What can I do that the Mac won't ask me for the password every time? It's hard enough that I have to stop/reactivate WiFi all the time (hardware bug). I have a admin account with full rights.

    Read the article

  • How iptables behaves on timezone change?

    - by pradipta
    I have doubt how iptables keep changing the info in iptables when timezone is change. I am using iptables s v 1.4.8 I have blocked one IP with following details # date Thu Jun 6 12:46:42 IST 2013 #iptables -A INPUT -s 10.0.3.128 -m time --datestart 2013-6-6T12:0:00 --datestop 2013-6-6T13:0:00 -j DROP # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination DROP all -- 10.0.3.128 anywhere TIME starting from 2013-06-06 12:00:00 until date 2013-06-06 13:00:00 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination But after I change the timezone following things happened automatically . AFTER TIME ZONE CHANGE +++++++++++++++++++++++ #date Thu Jun 6 15:17:48 HKT 2013 # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination DROP all -- 10.0.3.128 anywhere TIME starting from 2013-06-06 14:30:00 until date 2013-06-06 15:30:00 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination # The time value is changed in the rule . It is changing with the timezone how. Where iptables keeps track of timezone. Kindly explain me.

    Read the article

  • input field placeholder in jQuery

    - by Hristo
    I'm trying to create a Login page, not worrying about actually logging in yet, but I'm trying to achieve the effect where there is some faded text inside the input field and when you click on it, the text disappears or if you click away the text reappears. I have this working for my "Username" input field, but the "Password" field is giving me problems because I can't just do $("#password").attr("type","password"). Here's my code: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> <!-- Links --> <link rel="stylesheet" type="text/css" href="style.css" /> <!-- Scripts --> <script type="text/javascript" src="jQuery.js"></script> <script> // document script $(document).ready(function(){ // login box event handler $('#login').click(function(){ $('.loginBox').animate({ height: '150px' }, '1000' ); $('#username').show(); // add pw placeholder field $('#password').after('<input type="text" id="placeHolder" value="Password" class="placeHolder" />'); $('#password').hide(); }); // username field focus and blur event handlers $('#username').focus(function() { if($(this).hasClass('placeHolder')){ $(this).val(''); $(this).removeClass('placeHolder'); } }); $('#username').blur(function() { if($(this).val() == '') { $(this).val('Username'); $(this).addClass('placeHolder'); } }); // password field focus and blur event handlers $('#placeHolder').focus(function() { $('#placeHolder').hide(); $('#password').show(); $('#password').focus(); }); $('#password').blur(function() { if($('#password').val() == '') { $('#placeHolder').show(); $('#password').hide(); } }); }); </script> </head> <body> <div id="loginBox" class="loginBox"> <a id="login">Proceed to Login</a><br /> <div id="loginForm"> <form> <input type="text" id="username" class="placeHolder" value="Username" /> <input type="password" id="password" class="placeHolder" value="" /> </form> </div> </div> </body> </html> Right now, I can click on the password input box and type in it, but the text is not disappearing and the "type" doesn't get set to "password"... the new input field I create isn't being hidden, it just stays visible, and I'm not sure where the problem is. Any ideas? Thanks, Hristo

    Read the article

  • How to start/stop iptables in Ubuntu 12.04?

    - by imwrng
    I am using Ubuntu 12.04 . while learning some new things about iptables i cant through this . see at the image . while i am trying to start ,its saying as root@badfox:~# iptables -L -n -v Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination root@badfox:~# service iptables stop iptables: unrecognized service root@badfox:~# service iptables start iptables: unrecognized service Source: http://www.cyberciti.biz/tips/linux-iptables-examples.html Why i am getting like this ? EDIT: So my firewall already started but why i am not getting the output as i mentioned in the link at source link in first workout. . Here is my output root@badfox:~# sudo start ufw start: Job is already running: ufw root@badfox:~# iptables -L -n -v Chain INPUT (policy ACCEPT 4882 packets, 2486K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 5500 packets, 873K bytes) pkts bytes target prot opt in out source destination root@badfox:~#

    Read the article

  • How to know strong name of GWT serialization policy at the time of host page generation?

    - by Alexander Vasiljev
    There is an excellent article describing a way to embed GWT RPC payload into the host page. A key element is missing there is how to know Strong Name of RPC serialization policy at run time. Strong Name is computed at the compile time, put into the client and obfurscated. Strong name is sent to the server with RPC request as described here. What would you suggest to make this parameter available at the time of host page generation?

    Read the article

  • Error connecting to online fossil repository after changing password.

    - by Toby Allen
    I set up a fossil repository on a shared hosting account I have. I created a perl script fossil.pl that points to a cloned repository that I put up on the webspace. I set all the correct permissions (755). When I go to fossil.pl I get the web ui. Everythings cool. However I'm having a problem with pushes and hoping someone could point me to a solution. When I clone a repository it sets a new password for me (Toby) in the new cloned repository. If I push to this repository online without changing the password it works fine, I can push up changes from my local machine to the online repository. However once I change the password for Toby (to something more easily remembered by me) I get the following error. Bytes Cards Artifacts Deltas Send: 1810 9 0 2 1Server Error: not authorized to write fossil: server says: not authorized to write Anyone know why this is happening? Anyone know how to fix it?

    Read the article

  • Copying (or recovering) a .PFX password to another machine?

    - by Adam Robinson
    First things first, I'm aware of all of the finger-wagging potential that this question provides. However, I'm attempting to help out a friend with a project so I haven't been part of the decision making process thus far. I'm attempting to set up a new development machine, but one of the projects is signed with a .PFX key that's password protected and the original developer does not remember the password. The current development machine can open and build the project just fine, so I'm wondering if there is any way either to copy or to recover the saved password that Visual Studio is using on the original box so that the file can be used on the new box. Signing with a new file is obviously an option, but one that we'd prefer to avoid. Does anyone know of a way either to recover or copy the credentials for this file to a new machine?

    Read the article

  • Symfony 1.3 and forms: the password changes when i click on 'Save', why??

    - by user248959
    Hi, i have installed sfDoctrineGuardUser and have created this model that inherits sfGuardUser model: Usuario: inheritance: extends: sfGuardUser type: simple columns: nombre_apellidos: string(60) sexo: boolean fecha_nac: date provincia: string(60) localidad: string(255) email_address: string(255) avatar: string(255) avatar_mensajes: string(255) I have also created a module called 'miembros' based on that model. Well, I log normally through sfGuardAuth/signin, then i go to "miembros/edit/id/$id_of_the_member_i_used_to_log_in" and push 'Save' button. Then i logout. If i try to log in again, it says: "The username and/or password is invalid". Later, i have realized that when click 'Save' the value of the field 'password' changes (well its encrypted version). So that is the reason why i can not then log in. But, why the value of the password change when i click on 'Save' ??? Regards Javi

    Read the article

  • Rails: Accessing the username/password used for HTTP Basic Auth?

    - by Shpigford
    I'm building a basic API where user information can be retrieved after that user's login and password are correctly sent. Right now I'm using something like this: http://foo:[email protected]/api/user.xml So, what I need to do is access the user/password sent in the request (the foo and bar) but am not sure how to access that info in a Rails controller. Then I'd check those variables via a quick User.find and then set those as the username and password variables for authenticate_or_request_with_http_basic. It's possible I'm looking at this at the completely wrong way, but that's where I'm at right now. :)

    Read the article

  • Why does my PDF ask for a password after being retrieved from Visual SourceSafe?

    - by Schnapple
    PREFACE: Yes we're moving away from VSS in the next few months. One of my web projects contains, as one of its files, a PDF. The PDF on our QA site is being pulled from VSS. A QA tester recently told me he's being prompted for a password when he tries to open it. VSS says the file I have on disk is different than the one it has, so I updated it, but afterwards it's still being shown as different. So basically VSS is mangling my PDF and the results are so wobbly that Adobe Acrobat Reader is confused and thinks it has a password. I've tried adding it as Auto-Detect and as Binary. Same results. Why does my PDF ask for a password after being retrieved from Visual SourceSafe and how can I prevent it?

    Read the article

  • How to change a Datasource's username/password at runtime in a J2EE app?

    - by Toto
    I've deployed a web-module which connects to the database via a datasource configured in the J2EE application server. Currently, the user/password for the database connection is set in the proper J2EE application server's datasources configuration file. I want to change during runtime the datasource's user/password. (e.g.: implement a new web form in which the user is asked to enter de user/password to be used in the database connection). Is there a standard way to do that in J2EE applications or it depends on the J2EE application server? In this case I'm using Orion application server.

    Read the article

  • MD5 hash validation failing for unknown reason in PHP

    - by Sennheiser
    I'm writing a login form, and it converts the given password to an MD5 hash with md5($password), then matches it to an already-hashed record in my database. I know for sure that the database record is correct in this case. However, it doesn't log me in and claims the password is incorrect. Here's my code: $password = mysql_real_escape_string($_POST["password"]); ...more code... $passwordQuery = mysql_fetch_row(mysql_query(("SELECT password FROM users WHERE email = '$userEmail'"))); ...some code... elseif(md5($password) != $passwordQuery) { $_SESSION["noPass"] = "That password is incorrect."; } ...more code after... I tried pulling just the value of md5($password) and that matched up when I visually compared it. However, I can't get the comparison to work in PHP. Perhaps it is because the MySQL record is stored as text, and the MD5 is something else?

    Read the article

  • jQuery: What listener do I use to check for browser auto filling the password input field?

    - by Jannis
    Hi, I have a simple problem that I cannot seem to find a solution to. Basically on this website here: http://dev.supply.net.nz/vendorapp/ (currently in development) I have some fancy label animations sliding things in and out on focus & blur. However once the user has logged in once the browser will most likely remember the password associated with the users email address/login. (Which is good and should not be disabled.) However I run into issues triggering my label slide out animation when the browser sets the value on the #password field automatically as the event for this is neither focus nor blur. Does anyone know which listener to use to run my function when the browser 'auto fills' the users password? Here is a quick screenshot of the issue:

    Read the article

  • Is it possible to create a jdbc connection without a password (using postgresql 'trust')?

    - by mojones
    I am using jdbc to connect to a postgresql database in a java application (actually the app is written in Groovy). I have postgresql set up to use the 'trust' authentication method. Is it possible to open a jdbc connection without specifying a password? When I try to use the normal constructor with a blank password, it fails with Exception in thread "Thread-2" org.postgresql.util.PSQLException: FATAL: password authentication failed for user "myuser" Even though, from the command line, this works fine psql -U myuser mydatabase Welcome to psql 8.3.5, the PostgreSQL interactive terminal. Type: \copyright for distribution terms \h for help with SQL commands \? for help with psql commands \g or terminate with semicolon to execute query \q to quit

    Read the article

  • Terminal Asks for Email and Password, how do I Programmatically fill it out (in Ruby)?

    - by viatropos
    I am running a command to push files to Google App Engine, and it might ask me for my email and password: $ appcfg.py update . Email: [email protected] Password: I am running that in Ruby right now using this: %x[appcfg.py update .]. How can I fill out the email and password? I have seen something like this with capistrano: %x[appcfg.py update .] do |channel, stream, data| channel.send_data "#{yaml['production']['email']}\n" if data =~ /^Email:/ end ...but haven't figured out how to set that up without it. What's the best way to fill out things the command line asks for programmatically?

    Read the article

  • Registration form validation not validating

    - by jgray
    I am a noob when it comes to web development. I am trying to validate a registration form and to me it looks right but it will not validate.. This is what i have so far and i am validating through a repository or database. Any help would be greatly appreciated. thanks <?php session_start(); $title = "User Registration"; $keywords = "Name, contact, phone, e-mail, registration"; $description = "user registration becoming a member."; require "partials/_html_header.php"; //require "partials/_header.php"; require "partials/_menu.php"; require "DataRepository.php"; // if all validation passed save user $db = new DataRepository(); // form validation goes here $first_nameErr = $emailErr = $passwordErr = $passwordConfirmErr = ""; $first_name = $last_name = $email = $password = $passwordConfirm = ""; if(isset($_POST['submit'])) { $valid = TRUE; // check if all fields are valid { if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["first_name"])) {$first_nameErr = "Name is required";} else { // $first_name = test_input($_POST["first_name"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*$/",$first_name)) { $first_nameErr = "Only letters and white space allowed"; } } if (empty($_POST["email"])) {$emailErr = "Email is required";} else { // $email = test_input($_POST["email"]); // check if e-mail address syntax is valid if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)) { $emailErr = "Invalid email format"; } } if (!preg_match("/(......)/",$password)) { $passwordErr = "Subject must contain THREE or more characters!"; } if ($_POST['password']!= $_POST['passwordConfirm']) { echo("Oops! Password did not match! Try again. "); } function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } } } if(!$db->isEmailUnique($_POST['email'])) { $valid = FALSE; //display errors in the correct places } // if still valid save the user if($valid) { $new_user = array( 'first_name' => $_POST['first_name'], 'last_name' => $_POST['last_name'], 'email' => $_POST['email'], 'password' => $_POST['password'] ); $results = $db->saveUser($new_user); if($results == TRUE) { header("Location: login.php"); } else { echo "WTF!"; exit; } } } ?> <head> <style> .error {color: #FF0000;} </style> </head> <h1 class="center"> World Wide Web Creations' User Registration </h1> <p><span class="error"></span><p> <form method="POST" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" onsubmit="return validate_form()" > First Name: <input type="text" name="first_name" id="first_name" value="<?php echo $first_name;?>" /> <span class="error"> <?php echo $first_nameErr;?></span> <br /> <br /> Last Name(Optional): <input type="text" name="last_name" id="last_name" value="<?php echo $last_name;?>" /> <br /> <br /> E-mail: <input type="email" name="email" id="email" value="<?php echo $email;?>" /> <span class="error"> <?php echo $emailErr;?></span> <br /> <br /> Password: <input type="password" name="password" id="password" value="" /> <span class="error"> <?php echo $passwordErr;?></span> <br /> <br /> Confirmation Password: <input type="password" name="passwordConfirm" id="passwordConfirm" value="" /> <span class="error"> <?php echo $passwordConfirmErr;?></span> <br /> <br /> <br /> <br /> <input type="submit" name="submit" id="submit" value="Submit Data" /> <input type="reset" name="reset" id="reset" value="Reset Form" /> </form> </body> </html> <?php require "partials/_footer.php"; require "partials/_html_footer.php"; ?> class DataRepository { // version number private $version = "1.0.3"; // turn on and off debugging private static $debug = FALSE; // flag to (re)initialize db on each call private static $initialize_db = FALSE; // insert test data on initialization private static $load_default_data = TRUE; const DATAFILE = "203data.txt"; private $data = NULL; private $errors = array(); private $user_fields = array( 'id' => array('required' => 0), 'created_at' => array('required' => 0), 'updated_at' => array('required' => 0), 'first_name' => array('required' => 1), 'last_name' => array('required' => 0), 'email' => array('required' => 1), 'password' => array('required' => 1), 'level' => array('required' => 0, 'default' => 2), ); private $post_fields = array( 'id' => array('required' => 0), 'created_at' => array('required' => 0), 'updated_at' => array('required' => 0), 'user_id' => array('required' => 1), 'title' => array('required' => 1), 'message' => array('required' => 1), 'private' => array('required' => 0, 'default' => 0), ); private $default_user = array( 'id' => 1, 'created_at' => '2013-01-01 00:00:00', 'updated_at' => '2013-01-01 00:00:00', 'first_name' => 'Admin Joe', 'last_name' => 'Tester', 'email' => '[email protected]', 'password' => 'a94a8fe5ccb19ba61c4c0873d391e987982fbbd3', 'level' => 1, ); private $default_post = array( 'id' => 1, 'created_at' => '2013-01-01 00:00:00', 'updated_at' => '2013-01-01 00:00:00', 'user_id' => 1, 'title' => 'My First Post', 'message' => 'This is the message of the first post.', 'private' => 0, ); // constructor will load existing data into memory // if it does not exist it will create it and initialize if desired public function __construct() { // check if need to reset if(DataRepository::$initialize_db AND file_exists(DataRepository::DATAFILE)) { unlink(DataRepository::DATAFILE); } // if file doesn't exist, create the initial datafile if(!file_exists(DataRepository::DATAFILE)) { $this->log("Data file does not exist. Attempting to create it... (".__FUNCTION__.":".__LINE__.")"); // create initial file $this->data = array( 'users' => array( ), 'posts' => array() ); // load default data if needed if(DataRepository::$load_default_data) { $this->data['users'][1] = $this->default_user; $this->data['posts'][1] = $this->default_post; } $this->writeTheData(); } // load the data into memory for use $this->loadTheData(); } private function showErrors($break = TRUE, $type = NULL) { if(count($this->errors) > 0) { echo "<div style=\"color:red;font-weight: bold;font-size: 1.3em\":<h3>$type Errors</h3><ol>"; foreach($this->errors AS $error) { echo "<li>$error</li>"; } echo "</ol></div>"; if($break) { "</br></br></br>Exiting because of errors!"; exit; } } } private function writeTheData() { $this->log("Attempting to write the datafile: ".DataRepository::DATAFILE." (".__FUNCTION__.":".__LINE__.")"); file_put_contents(DataRepository::DATAFILE, json_encode($this->data)); $this->log("Datafile written: ".DataRepository::DATAFILE." (line: ".__LINE__.")"); } private function loadTheData() { $this->log("Attempting to load the datafile: ".DataRepository::DATAFILE." (".__FUNCTION__.":".__LINE__.")"); $this->data = json_decode(file_get_contents(DataRepository::DATAFILE), true); $this->log("Datafile loaded: ".DataRepository::DATAFILE." (".__FUNCTION__.":".__LINE__.")", $this->data); } private function validateFields(&$info, $fields, $pre_errors = NULL) { // merge in any pre_errors if($pre_errors != NULL) { $this->errors = array_merge($this->errors, $pre_errors); } // check all required fields foreach($fields AS $field => $reqs) { if(isset($reqs['required']) AND $reqs['required'] == 1) { if(!isset($info[$field]) OR strlen($info[$field]) == 0) { $this->errors[] = "$field is a REQUIRED field"; } } // set any default values if not present if(isset($reqs['default']) AND (!isset($info[$field]) OR $info[$field] == "")) { $info[$field] = $reqs['default']; } } $this->showErrors(); if(count($this->errors) == 0) { return TRUE; } else { return FALSE; } } private function validateUser(&$user_info) { // check if the email is already in use $this->log("About to check pre_errors: ".DataRepository::DATAFILE." (".__FUNCTION__.":".__LINE__.")", $user_info); $pre_errors = NULL; if(isset($user_info['email'])) { if(!$this->isEmailUnique($user_info['email'])) { $pre_errors = array('The email: '.$user_info['email'].' is already used in our system'); } } $this->log("After pre_error check: ".DataRepository::DATAFILE." (".__FUNCTION__.":".__LINE__.")", $pre_errors); return $this->validateFields($user_info, $this->user_fields, $pre_errors); } private function validatePost(&$post_info) { // check if the user_id in the post actually exists $this->log("About to check pre_errors: ".DataRepository::DATAFILE." (".__FUNCTION__.":".__LINE__.")", $post_info); $pre_errors = NULL; if(isset($post_info['user_id'])) { if(!isset($this->data['users'][$post_info['user_id']])) { $pre_errors = array('The posts must belong to a valid user. (User '.$post_info['user_id'].' does not exist in the data'); } } $this->log("After pre_error check: ".DataRepository::DATAFILE." (".__FUNCTION__.":".__LINE__.")", $pre_errors); return $this->validateFields($post_info, $this->post_fields, $pre_errors); } private function log($message, $data = NULL) { $style = "background-color: #F8F8F8; border: 1px solid #DDDDDD; border-radius: 3px; font-size: 13px; line-height: 19px; overflow: auto; padding: 6px 10px;"; if(DataRepository::$debug) { if($data != NULL) { $dump = "<div style=\"$style\"><pre>".json_encode($data, JSON_PRETTY_PRINT)."</pre></div>"; } else { $dump = NULL; } echo "<code><b>Debug:</b> $message</code>$dump<br />"; } } public function saveUser($user_info) { $this->log("Entering saveUser: (".__FUNCTION__.":".__LINE__.")", $user_info); $mydata = array(); $update = FALSE; // check for existing data if(isset($user_info['id']) AND $this->data['users'][$user_info['id']]) { $mydata = $this->data['users'][$user_info['id']]; $this->log("Loaded prior user: ".print_r($mydata, TRUE)." (".__FUNCTION__.":".__LINE__.")"); } // copy over existing values $this->log("Before copying over existing values: (".__FUNCTION__.":".__LINE__.")", $mydata); foreach($user_info AS $k => $v) { $mydata[$k] = $user_info[$k]; } $this->log("After copying over existing values: (".__FUNCTION__.":".__LINE__.")", $mydata); // check required fields if($this->validateUser($mydata)) { // hash password if new if(isset($mydata['password'])) { $mydata['password'] = sha1($mydata['password']); } // if no id, add the next available one if(!isset($mydata['id']) OR (int)$mydata['id'] < 1) { $this->log("No id set: ".DataRepository::DATAFILE." (".__FUNCTION__.":".__LINE__.")"); if(count($this->data['users']) == 0) { $mydata['id'] = 1; $this->log("Setting id to 1: ".DataRepository::DATAFILE." (".__FUNCTION__.":".__LINE__.")"); } else { $mydata['id'] = max(array_keys($this->data['users']))+1; $this->log("Found max id and added 1 [".$mydata['id']."]: ".DataRepository::DATAFILE." (".__FUNCTION__.":".__LINE__.")"); } } // set created date if null if(!isset($mydata['created_at'])) { $mydata['created_at'] = date ("Y-m-d H:i:s", time()); } // update modified time $mydata['modified_at'] = date ("Y-m-d H:i:s", time()); // copy into data and save $this->log("Before data save: (".__FUNCTION__.":".__LINE__.")", $this->data); $this->data['users'][$mydata['id']] = $mydata; $this->writeTheData(); } return TRUE; } public function getUserById($id) { if(isset($this->data['users'][$id])) { return $this->data['users'][$id]; } else { return array(); } } public function isEmailUnique($email) { // find the user that has the right username/password foreach($this->data['users'] AS $k => $v) { $this->log("Checking unique email: {$v['email']} == $email (".__FUNCTION__.":".__LINE__.")", NULL); if($v['email'] == $email) { $this->log("FOUND NOT unique email: {$v['email']} == $email (".__FUNCTION__.":".__LINE__.")", NULL); return FALSE; break; } } $this->log("Email IS unique: $email (".__FUNCTION__.":".__LINE__.")", NULL); return TRUE; } public function login($username, $password) { // hash password for validation $password = sha1($password); $this->log("Attempting to login with $username / $password: (".__FUNCTION__.":".__LINE__.")", NULL); $user = NULL; // find the user that has the right username/password foreach($this->data['users'] AS $k => $v) { if($v['email'] == $username AND $v['password'] == $password) { $user = $v; break; } } $this->log("Exiting login: (".__FUNCTION__.":".__LINE__.")", $user); return $user; } public function savePost($post_info) { $this->log("Entering savePost: (".__FUNCTION__.":".__LINE__.")", $post_info); $mydata = array(); // check for existing data if(isset($post_info['id']) AND $this->data['posts'][$post_info['id']]) { $mydata = $this->data['posts'][$post_info['id']]; $this->log("Loaded prior posts: ".print_r($mydata, TRUE)." (".__FUNCTION__.":".__LINE__.")"); } $this->log("Before copying over existing values: (".__FUNCTION__.":".__LINE__.")", $mydata); foreach($post_info AS $k => $v) { $mydata[$k] = $post_info[$k]; } $this->log("After copying over existing values: (".__FUNCTION__.":".__LINE__.")", $mydata); // check required fields if($this->validatePost($mydata)) { // if no id, add the next available one if(!isset($mydata['id']) OR (int)$mydata['id'] < 1) { $this->log("No id set: ".DataRepository::DATAFILE." (".__FUNCTION__.":".__LINE__.")"); if(count($this->data['posts']) == 0) { $mydata['id'] = 1; $this->log("Setting id to 1: ".DataRepository::DATAFILE." (".__FUNCTION__.":".__LINE__.")"); } else { $mydata['id'] = max(array_keys($this->data['posts']))+1; $this->log("Found max id and added 1 [".$mydata['id']."]: ".DataRepository::DATAFILE." (".__FUNCTION__.":".__LINE__.")"); } } // set created date if null if(!isset($mydata['created_at'])) { $mydata['created_at'] = date ("Y-m-d H:i:s", time()); } // update modified time $mydata['modified_at'] = date ("Y-m-d H:i:s", time()); // copy into data and save $this->data['posts'][$mydata['id']] = $mydata; $this->log("Before data save: (".__FUNCTION__.":".__LINE__.")", $this->data); $this->writeTheData(); } return TRUE; } public function getAllPosts() { return $this->loadPostsUsers($this->data['posts']); } public function loadPostsUsers($posts) { foreach($posts AS $id => $post) { $posts[$id]['user'] = $this->getUserById($post['user_id']); } return $posts; } public function dump($line_number, $temp = 'NO') { // if(DataRepository::$debug) { if($temp == 'NO') { $temp = $this->data; } echo "<pre>Dumping from line: $line_number\n"; echo json_encode($temp, JSON_PRETTY_PRINT); echo "</pre>"; } } } /* * Change Log * * 1.0.0 * - first version * 1.0.1 * - Added isEmailUnique() function for form validation and precheck on user save * 1.0.2 * - Fixed getAllPosts() to include the post's user info * - Added loadPostsUsers() to load one or more posts with their user info * 1.0.3 * - Added autoload to always add admin Joe. */

    Read the article

  • PHP MYSQLI query error?

    - by Chris Leah
    Hey This is my login script, using PHP5 and MYSQLi, I just had help spotting errors in my query, but still it will not let me login, even though the username and password are correct and in the database, it just keeps returning the error: your username and password do not match any in our db. But I know they do lol...could any body spot the problem? //Check if the form has been submitted if (isset($_POST['login'])) { //Check if username and password are empty if ($_POST['username']!='' && $_POST['password']!='') { //Create query to check username and password to database $validate_user = $mysqli->query('SELECT id, username, password, active FROM users WHERE = username = "'.$mysqli->real_escape_string($_POST['username']).'" AND password = "'.$mysqli->real_escape_string(md5($_POST['password'])).'"'); //We check if the query returns true if ($validate_user->num_rows == 1) { $row = $validate_user->fetch_assoc(); //Check if the user has activated there account if ($row['activated'] == 1) { $_SESSION['id'] = $row['id']; $_SESSION['logged_in'] = true; Header('Location: ../main/index.php'); } //Show this error if activation returns as 0 else { $error = '<p class="error">Please activate your account.</p>'; } } //Show this error if the details matched any in the db else { $error = '<p class="error">Your username and password are not in our database!</p>'; } } //Show this error if the username and password field have not been entered else { $error = '<p class="error">Please enter your username and password.</p>'; } }

    Read the article

  • python: how to design a container with elements that must reference their container

    - by Luke404
    (the title is admittedly not that great. Please forgive my English, this is the best I could think of) I'm writing a python script that will manage email domains and their accounts, and I'm also a newby at OOP design. My two (related?) issues are: the Domain class must do special work to add and remove accounts, like adding/removing them to the underlying implementation how to manage operations on accounts that must go through their container To solve the former issue I'd add a factory method to the Domain class that'll build an Account instance in that domain, and a 'remove' (anti-factory?) method to handle deletions. For the latter this seems to me "anti-oop" since what would logically be an operation on an Account (eg, change password) must always reference the containing Domain. Seems to me that I must add to the Account a reference back to the Domain and use that to get data (like the domain name) or call methods on the Domain class. Code example (element uses data from the container) that manages an underlying Vpopmail system: class Account: def __init__(self, name, password, domain): self.name = name self.password = password self.domain = domain def set_password(self, password): os.system('vpasswd %s@%s %s' % (self.name, self.domain.name, password) self.password = password class Domain: def __init__(self, domain_name): self.name = domain_name self.accounts = {} def create_account(self, name, password): os.system('vadduser %s@%s %s' % (name, self.name, password)) account = Account(name, password, self) self.accounts[name] = account def delete_account(self, name): os.system('vdeluser %s@%s' % (name, self.name)) del self.accounts[name] another option would be for Account.set_password to call a Domain method that would do the actual work - sounds equally ugly to me. Also note the duplication of data (account name also as dict key), it sounds logical (account names are "primary key" inside a domain) but accounts need to know their own name.

    Read the article

< Previous Page | 84 85 86 87 88 89 90 91 92 93 94 95  | Next Page >