Search Results

Search found 14302 results on 573 pages for 'saved password'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 88/573 | < Previous Page | 84 85 86 87 88 89 90 91 92 93 94 95  | Next Page >

  • Custom Rule Sets in JohnTheRipper

    - by user854619
    I'm trying to create a custom rule set to do hash cracking. I have a SHA1 hash and a rule set that was enforced to create the password. The password must be of the form, 6-8 characters Every other letter changes case Password "shifts" characters at least one degree and at most three One odd number and one even number are at the beginning of the password One special character and one punctuation character are appended to the end of the password How can I defined a brute force attack in JohnTheRipper or similar hash cracking program? I've also attempted to write code to generate a wordlist of possible passwords, with no success. Thanks!

    Read the article

  • No access to Samba shares

    - by koanhead
    I have three shared folders in my local home directory- that is to say, on my Ubuntu desktop's /home/me/. All were set up using "Sharing Options" in Nautilus' right-click menu. The standard "Music" and "Videos" folders are configured identically: the "Guest Access" box is checked, but the "Allow others to create and delete" is not. The third folder, called "shared", is configured to not allow Guest access but to allow others to modify files. I have not altered /etc/samba/smb.conf by hand, I have only used Sharing Options to create and modify these so-called "shares". My roommates have two Windows 7 computers and one Ubuntu Netbook Remix netbook. I have the aforementioned desktop machine and laptop running 10.04. None of these machines can access any of the shares. Attempts to access the Guest shares result in the message \\machine\directory is not accessible. The network name could not be found. This is the error message generated by a VM running Windows 2000. The other Windows machines generate a similar error. The Ubuntu laptop gives the error Unable to mount location: Failed to mount Windows share. Hurrah, once again, for informative error messages. That really helps a lot. When attempting to browse the folder called "shared" from the laptop, I'm confronted with a password dialog. This behavior is the same will all machines I've tried in the situation. On entering my username and password for the account to which the shares belong, the password dialog briefly disappears and is replaced with an identical dialog. No error message, useful or not, appears. When attempting to browse this folder with the VM, the outcome is the same except that the password dialog helpfully states "incorrect username or password". My assumption is that the username and password in question is that of the user which owns the shares. I have tried all other username and password combinations available in this context and the outcome is the same. I would like to be able to share files. Sharing them with Windows machines is a nice feature, or would be if it was available. Really I consider sharing files between two machines with the same version of the same operating system kind of a minimum condition for network usability. Samba last functioned reliably for me more than ten years ago. I have attempted to use it on and off since then with only intermittent success. Oh, and "Personal File Sharing" from the Preferences menu does not result in an entry in Places → Network → my-server. In fact, the old entry "MY-SERVER" goes away and is replaced by "koanhead's public files on my-server", which when I attempt to open it from the laptop gives a "DBus.Error.NoReply: Message did not receive a reply." I know I come here and gripe about Ubuntu a lot, but on the other hand I spend literally hours every day trying to fix things in Ubuntu. It's a good system which aspires to greatness, which is why things like this either Need to work; or Be adequately documented. Ideally both would be the case. Anyway, rant over. Hopefully someone will have some insight on this issue. Thanks all who bother to read this wall o'text for your time.

    Read the article

  • Ubuntu One Client 3.02 for windows - Authentication Failure signing in with existing account

    - by steigerj
    I have logged into ubuntu one using a browser successfully. But using the very same login email address and password in the windows client 3.02 gets me an 'authentication failed' message. I am 100% sure I used the same email address and password. My password does not contain any non-ascii characters. Someone suggested to use an older version of the client. Where could i possibly download a complete installer?

    Read the article

  • No access to Samba shares

    - by koanhead
    I have three shared folders in my local home directory- that is to say, on my Ubuntu desktop's /home/me/. All were set up using "Sharing Options" in Nautilus' right-click menu. The standard "Music" and "Videos" folders are configured identically: the "Guest Access" box is checked, but the "Allow others to create and delete" is not. The third folder, called "shared", is configured to not allow Guest access but to allow others to modify files. I have not altered /etc/samba/smb.conf by hand, I have only used Sharing Options to create and modify these so-called "shares". My roommates have two Windows 7 computers and one Ubuntu Netbook Remix netbook. I have the aforementioned desktop machine and laptop running 10.04. None of these machines can access any of the shares. Attempts to access the Guest shares result in the message \\machine\directory is not accessible. The network name could not be found. This is the error message generated by a VM running Windows 2000. The other Windows machines generate a similar error. The Ubuntu laptop gives the error Unable to mount location: Failed to mount Windows share. Hurrah, once again, for informative error messages. That really helps a lot. When attempting to browse the folder called "shared" from the laptop, I'm confronted with a password dialog. This behavior is the same will all machines I've tried in the situation. On entering my username and password for the account to which the shares belong, the password dialog briefly disappears and is replaced with an identical dialog. No error message, useful or not, appears. When attempting to browse this folder with the VM, the outcome is the same except that the password dialog helpfully states "incorrect username or password". My assumption is that the username and password in question is that of the user which owns the shares. I have tried all other username and password combinations available in this context and the outcome is the same. I would like to be able to share files. Sharing them with Windows machines is a nice feature, or would be if it was available. Really I consider sharing files between two machines with the same version of the same operating system kind of a minimum condition for network usability. Samba last functioned reliably for me more than ten years ago. I have attempted to use it on and off since then with only intermittent success. Oh, and "Personal File Sharing" from the Preferences menu does not result in an entry in Places → Network → my-server. In fact, the old entry "MY-SERVER" goes away and is replaced by "koanhead's public files on my-server", which when I attempt to open it from the laptop gives a "DBus.Error.NoReply: Message did not receive a reply." I know I come here and gripe about Ubuntu a lot, but on the other hand I spend literally hours every day trying to fix things in Ubuntu. It's a good system which aspires to greatness, which is why things like this either Need to work; or Be adequately documented. Ideally both would be the case. Anyway, rant over. Hopefully someone will have some insight on this issue. Thanks all who bother to read this wall o'text for your time.

    Read the article

  • How to access UbuntOne when it asks for default keyring which has never been set?

    - by obu-tim
    I am trying to set up UbuntuOne on a new computer and after I enter the email and password, it asks for the keyring 'default'. I don't know what it is and I never set it. Makes it difficult to enter so it seems to be a counterproductive security default. I understand that if autologin is set the keyring is called. I tried setting the main user to need a password but if I reboot it doesn't ask for the password so it sort of autoboots still. So How do I set the keyring default password? If I can't set it I can't install UbuntOne

    Read the article

  • Why doesn't phpMyAdmin connect to MySQL server?

    - by Grafica
    I'm running xampp on Windows 7, and when I type localhost/phpmyadmin, there is an error: phpMyAdmin tried to connect to the MySQL server, and the server rejected the connection. You should check the host, username and password in your configuration and make sure that they correspond to the information given by the administrator of the MySQL server. Here's what I did, but I'm still not able to connect: In config.inc.php, changed from true to false: $cfg['Servers'[$i]['AllowNoPassword'] = false; Changed password here: localhost/security/xamppsecurity.php In resetroot.bat, typed new password where it says 'password': echo REPLACE INTO user VALUES ('localhost', 'pma', 'password', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', '', '', '', '', 0, 0, 0, 0, '', ''); >>resetroot.sql Restarted apache and mySQL I still get the same error message. Thanks in advance!

    Read the article

  • Dual Monitor Lock Screen Problem

    - by Justin Carver
    Ubuntu 12.04 Nvidia GTX 550-Ti x-swat Nvidia driver Problem: Using 2 monitors. When screen locks there is a blue box on top of the wallpaper and password dialog box that hides the field for entering your password or switching users. Problem is on 2 systems with similar hardware (Nvidia card, x-swat driver, dual monitors) You can still type your password in blindly and hit enter to login but it's irritating to not be able to see the dialog box.

    Read the article

  • Remote connect to mysql server?

    - by LF4
    I've been trying to figure out why I keep getting this error when I try to connect to the MySQL server with the following commands. $~ mysql -u username -h SQLserver -p Enter password: ERROR 1045 (28000): Access denied for user 'username'@'myIP' (using password: YES) I've done the following: Port is open in the firewall other wise I wouldn't get the error it'd just timeout. MySQL server not running with skip-networking or bind-address username has host as '%' and I can connect locally so the password is correct. GRANT USAGE ON *.* TO username@% IDENTIFIED BY 'password'; FLUSH PRIVILEGES; I wanted to know if anyone had ideas or ran into this issue before and solved it? mysql> select user, host from mysql.user where user='username'; +----------+------+ | user | host | +----------+------+ | username | % | +----------+------+ 1 row in set (0.00 sec) mysql> show grants for 'username'; +----------------------------------------------------------------------------------------------------------------+ | Grants for username@% | +----------------------------------------------------------------------------------------------------------------+ | GRANT ALL PRIVILEGES ON *.* TO 'username'@'%' IDENTIFIED BY PASSWORD '*F42AD03PASSWORDHASHADF4021C86B' | | GRANT ALL PRIVILEGES ON `DB2`.* TO 'username'@'%' | +----------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec)

    Read the article

  • Having problem to login after upgrading from 11.10 to 12.04

    - by LinuxIsMyFriend
    I just update to 12.04 from 11.10 and I get to the login screen w/o problems. When I enter my password the screen turns black and returns to the login screen half a second later. There is a related question out there which was solved by creating more space on the disk but my disks (or rather partitions) are all below 30%. I can log in as guest. I can also login at the cmd prompt (going to tty with Alt+Ctrl+F1) with my normal user credentials. When logged in as guest I can also install programs using my normal account password. There is the normal authentication error when I mistype my password so I'm also sure the password works. Any suggestions?

    Read the article

  • Cannot change User Accounts settings

    - by eimmy
    I recently changed the name of the administrator and turned off passwords then clicked lock. After some time, I decided to add a password so I clicked on unlock and it's prompting me to enter a password. I tried typing the old password and it didn't accepted it. I also tried to set password and keys as "set to default" but still nothing happened. Now I'm stuck and can't get to change the administrator settings. I did my research but nothing seems to work. Please help.

    Read the article

  • Why my register form don't accept spry validation in dw? [migrated]

    - by shaghayeh
    Why my register form don't accept spry validation in dw? Here is my code: <?php if(isset($_POST['go_register'])) { $last_login=jdate('Y/n/j ,H:i:s'); $firstname=trim($_POST['firstname']); $lastname=trim($_POST['lastname']); $email=trim($_POST['username']); $password=sha1($_POST['password']); $register_date=$_POST['register_date']; if(!empty($firstname)&& !empty($lastname)&& !empty($email)&& !empty($password)&& !empty($register_date)){ $reg_query="insert into users(firstname,lastname,email,password,register_date,last_login)values('$firstname','$lastname','$email','$password','$register_date','$last_login')"; $reg_result=mysqli_query($connection,$reg_query); if($reg_result){ echo "ok"; } }//end of not empty }//end of isset ?> <div class="sectionclass"> <script src="../SpryAssets/SpryValidationTextField.js" type="text/javascript"></script> <link href="../SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css"> <h2>??? ??? ???</h2> <form method="post" action="<?php echo $_SERVER['PHP_SELF']."?catid=2"; ?>"> <div> <span style="color:#F00">*</span> <label>??? </label> <span id="sprytextfield1"> <input type="text" name="firstname" /> <span class="textfieldRequiredMsg">A value is required.</span></span></div> <div> <span style="color:#F00">*</span> <label>??? ????????</label><input type="text" name="lastname" /> </div> <div> <span style="color:#F00">*</span> <label>??? ??????(?????)</label><input dir="ltr" type="text" name="username" /> </div> <div> <span style="color:#F00">*</span> <label>??? ????</label><input type="password" name="password" /> </div> <input type="hidden" name="register_date" value="<?php echo jdate('Y/n/j'); ?>"> <div> <input type="submit" name="go_register" value="??? ???"/> </div> </form> </div> <script type="text/javascript"> var sprytextfield1 = new Spry.Widget.ValidationTextField("sprytextfield1"); </script>

    Read the article

  • Securing Web Service communication with SSL using CXF

    - by reef
    Hi all, I am trying to secure communications via SSL/TLS for one of our Web Service using CXF 2.2.5. I am wondering how to update client and server Spring configuration file to activate this feature. I found some information on CXF's website (CXF Wiki) for the client configuration, here is the given example: <http:conduit name="{http://apache.org/hello_world}HelloWorld.http-conduit"> <http:tlsClientParameters> <sec:keyManagers keyPassword="password"> <sec:keyStore type="JKS" password="password" file="src/test/java/org/apache/cxf/systest/http/resources/Morpit.jks"/> </sec:keyManagers> <sec:trustManagers> <sec:keyStore type="JKS" password="password" file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks"/> </sec:trustManagers> <sec:cipherSuitesFilter> <!-- these filters ensure that a ciphersuite with export-suitable or null encryption is used, but exclude anonymous Diffie-Hellman key change as this is vulnerable to man-in-the-middle attacks --> <sec:include>.*_EXPORT_.*</sec:include> <sec:include>.*_EXPORT1024_.*</sec:include> <sec:include>.*_WITH_DES_.*</sec:include> <sec:include>.*_WITH_NULL_.*</sec:include> <sec:exclude>.*_DH_anon_.*</sec:exclude> </sec:cipherSuitesFilter> </http:tlsClientParameters> <http:authorization> <sec:UserName>Betty</sec:UserName> <sec:Password>password</sec:Password> </http:authorization> <http:client AutoRedirect="true" Connection="Keep-Alive"/> </http:conduit> Concerning this configuration, the Concerning the server side configuration I am unable to launch the server properly, here is the configuration I have: <http:destination name="{urn:ihe:iti:xds-b:2007}DocumentRepository_Port_Soap12.http-destination"> </http:destination> <httpj:engine-factory> <httpj:engine port="9043"> <httpj:tlsServerParameters> <sec:keyManagers keyPassword="changeit"> <sec:keyStore type="JKS" password="changeit" file="security/keystore.jks" /> </sec:keyManagers> <sec:trustManagers> <sec:keyStore type="JKS" password="changeit" file="security/cacerts.jks" /> </sec:trustManagers> <sec:cipherSuitesFilter> <!-- these filters ensure that a ciphersuite with export-suitable or null encryption is used, but exclude anonymous Diffie-Hellman key change as this is vulnerable to man-in-the-middle attacks --> <sec:include>.*_EXPORT_.*</sec:include> <sec:include>.*_EXPORT1024_.*</sec:include> <sec:include>.*_WITH_DES_.*</sec:include> <sec:include>.*_WITH_NULL_.*</sec:include> <sec:exclude>.*_DH_anon_.*</sec:exclude> </sec:cipherSuitesFilter> <sec:clientAuthentication want="true" required="true" /> </httpj:tlsServerParameters> </httpj:engine> </httpj:engine-factory> But when I run my application server (JOnas) with this configuration I have the following error message: Line 20 in XML document from ServletContext resource [/WEB-INF/beans.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'httpj:engine-factory'. Do you guys know how to solve this issue? Thanks in advance,

    Read the article

  • ASP.NET Membership API not working on Win2008 server/IIS7

    - by Program.X
    I have a very odd problem. I have a web app that uses the .NET Membership API to provide login functionality. This works fine on my local dev machine, using WebDev 4.0 server. I'm using .NET 4.0 with some URL Rewriting, but not on the pages where login is required. I have a Windows Server 2008 with IIS7 However, the Membership API seemingly does not work on the server. I have set up remote debugging and the LoginUser.LoggedIn event of the LoginUser control gets fired okay, but the MembershipUser is null. I get no answer about the username/password being invalid so it seems to be recognising it. If I enter an invalid username/password, I get an invalid username/password response. Some code, if it helps: <asp:ValidationSummary ID="LoginUserValidationSummary" runat="server" CssClass="validation-error-list" ValidationGroup="LoginUserValidationGroup"/> <div class="accountInfo"> <fieldset class="login"> <legend>Account Information</legend> <p> <asp:Label ID="UserNameLabel" runat="server" AssociatedControlID="UserName">Username:</asp:Label> <asp:TextBox ID="UserName" runat="server" CssClass="textEntry"></asp:TextBox> <asp:RequiredFieldValidator ID="UserNameRequired" runat="server" ControlToValidate="UserName" CssClass="validation-error" Display="Dynamic" ErrorMessage="User Name is required." ToolTip="User Name is required." ValidationGroup="LoginUserValidationGroup">*</asp:RequiredFieldValidator> </p> <p> <asp:Label ID="PasswordLabel" runat="server" AssociatedControlID="Password">Password:</asp:Label> <asp:TextBox ID="Password" runat="server" CssClass="passwordEntry" TextMode="Password"></asp:TextBox> <asp:RequiredFieldValidator ID="PasswordRequired" runat="server" ControlToValidate="Password" CssClass="validation-error" Display="Dynamic" ErrorMessage="Password is required." ToolTip="Password is required." ValidationGroup="LoginUserValidationGroup">*</asp:RequiredFieldValidator> </p> <p> <asp:CheckBox ID="RememberMe" runat="server"/> <asp:Label ID="RememberMeLabel" runat="server" AssociatedControlID="RememberMe" CssClass="inline">Keep me logged in</asp:Label> </p> </fieldset> <p class="login-action"> <asp:Button ID="LoginButton" runat="server" CommandName="Login" CssClass="submitButton" Text="Log In" ValidationGroup="LoginUserValidationGroup"/> </p> and the code behind: protected void Page_Load(object sender, EventArgs e) { LoginUser.LoginError += new EventHandler(LoginUser_LoginError); LoginUser.LoggedIn += new EventHandler(LoginUser_LoggedIn); } void LoginUser_LoggedIn(object sender, EventArgs e) { // this code gets run so it appears logins work Roles.DeleteCookie(); // this behaviour has been removed for testing - no difference } void LoginUser_LoginError(object sender, EventArgs e) { HtmlGenericControl htmlGenericControl = LoginUser.FindControl("errorMessageSpan") as HtmlGenericControl; if (htmlGenericControl != null) htmlGenericControl.Visible = true; } I have "Fiddled" with the Login form reponse and I get the following Cookie-Set headers: Set-Cookie: ASP.NET_SessionId=lpyyiyjw45jjtuav1gdu4jmg; path=/; HttpOnly Set-Cookie: .ASPXAUTH=A7AE08E071DD20872D6BBBAD9167A709DEE55B352283A7F91E1066FFB1529E5C61FCEDC86E558CEA1A837E79640BE88D1F65F14FA8434AA86407DA3AEED575E0649A1AC319752FBCD39B2A4669B0F869; path=/; HttpOnly Set-Cookie: .ASPXROLES=; expires=Mon, 11-Oct-1999 23:00:00 GMT; path=/; HttpOnly I don't know what is useful here because it is obviously encrypted but I find the .APXROLES cookie having no value interesting. It seems to fail to register the cookie, but passes authentication

    Read the article

  • C#, AES encryption check!

    - by Data-Base
    I have this code for AES encryption, can some one verify that this code is good and not wrong? it works fine, but I'm more concern about the implementation of the algorithm // Plaintext value to be encrypted. //Passphrase from which a pseudo-random password will be derived. //The derived password will be used to generate the encryption key. //Password can be any string. In this example we assume that this passphrase is an ASCII string. //Salt value used along with passphrase to generate password. //Salt can be any string. In this example we assume that salt is an ASCII string. //HashAlgorithm used to generate password. Allowed values are: "MD5" and "SHA1". //SHA1 hashes are a bit slower, but more secure than MD5 hashes. //PasswordIterations used to generate password. One or two iterations should be enough. //InitialVector (or IV). This value is required to encrypt the first block of plaintext data. //For RijndaelManaged class IV must be exactly 16 ASCII characters long. //KeySize. Allowed values are: 128, 192, and 256. //Longer keys are more secure than shorter keys. //Encrypted value formatted as a base64-encoded string. public static string Encrypt(string PlainText, string Password, string Salt, string HashAlgorithm, int PasswordIterations, string InitialVector, int KeySize) { byte[] InitialVectorBytes = Encoding.ASCII.GetBytes(InitialVector); byte[] SaltValueBytes = Encoding.ASCII.GetBytes(Salt); byte[] PlainTextBytes = Encoding.UTF8.GetBytes(PlainText); PasswordDeriveBytes DerivedPassword = new PasswordDeriveBytes(Password, SaltValueBytes, HashAlgorithm, PasswordIterations); byte[] KeyBytes = DerivedPassword.GetBytes(KeySize / 8); RijndaelManaged SymmetricKey = new RijndaelManaged(); SymmetricKey.Mode = CipherMode.CBC; ICryptoTransform Encryptor = SymmetricKey.CreateEncryptor(KeyBytes, InitialVectorBytes); MemoryStream MemStream = new MemoryStream(); CryptoStream CryptoStream = new CryptoStream(MemStream, Encryptor, CryptoStreamMode.Write); CryptoStream.Write(PlainTextBytes, 0, PlainTextBytes.Length); CryptoStream.FlushFinalBlock(); byte[] CipherTextBytes = MemStream.ToArray(); MemStream.Close(); CryptoStream.Close(); return Convert.ToBase64String(CipherTextBytes); } public static string Decrypt(string CipherText, string Password, string Salt, string HashAlgorithm, int PasswordIterations, string InitialVector, int KeySize) { byte[] InitialVectorBytes = Encoding.ASCII.GetBytes(InitialVector); byte[] SaltValueBytes = Encoding.ASCII.GetBytes(Salt); byte[] CipherTextBytes = Convert.FromBase64String(CipherText); PasswordDeriveBytes DerivedPassword = new PasswordDeriveBytes(Password, SaltValueBytes, HashAlgorithm, PasswordIterations); byte[] KeyBytes = DerivedPassword.GetBytes(KeySize / 8); RijndaelManaged SymmetricKey = new RijndaelManaged(); SymmetricKey.Mode = CipherMode.CBC; ICryptoTransform Decryptor = SymmetricKey.CreateDecryptor(KeyBytes, InitialVectorBytes); MemoryStream MemStream = new MemoryStream(CipherTextBytes); CryptoStream cryptoStream = new CryptoStream(MemStream, Decryptor, CryptoStreamMode.Read); byte[] PlainTextBytes = new byte[CipherTextBytes.Length]; int ByteCount = cryptoStream.Read(PlainTextBytes, 0, PlainTextBytes.Length); MemStream.Close(); cryptoStream.Close(); return Encoding.UTF8.GetString(PlainTextBytes, 0, ByteCount); } Thank you

    Read the article

  • Moving from MySQL to MySQLi? I have the code here but I don't get it

    - by MuqMan
    I have posted the code there, please help me out as I am a newbie, I don't know much in terms of deprecation and stuff. <?php session_start(); include('settings.php'); $issub = $_POST['issub']; if($issub == "yes") { require('settings.php'); $dbcon = mysql_connect($dbhost, $dbuser, $dbpword); if(!dbcon) { die('Could not connect'.mysql_error()); } $selectdb = mysql_select_db($db, $dbcon); $formset = 'yes'; $val = 0; $user = trim($_POST['username'], ' '); $luser = mysql_real_escape_string($user); $password = $_POST['password']; $lpassword = mysql_real_escape_string($password); $selectdb; $userq = mysql_query("SELECT user FROM users WHERE user='".$luser."'"); $userresult = @mysql_result($userq, 0); //echo $userresult; if($userresult == $user) { $val = $val + 1; $usercorrect = 'yes'; } else { $usercorrect = 'no'; } $dbselect; $passwordq = mysql_query("SELECT password FROM users where user='".$luser."'"); $passresult = @mysql_result($passwordq, 0); if($passresult == sha1($password)) { $val = $val + 1; $passcorrect = 'yes'; } else { $passcorrect = 'no'; } if ($val == 2) { $_SESSION['loggedin'] = 'yes'; $_SESSION['uloggedin'] = $user; header('location: logged.php'); } }?> <?php ini_set('display_errors', 1); require('testinclude.php'); ?> <body> <div id="loginform"> <form action="/login.php" method="post" > <input type="hidden" name="issub" value="yes" /> <?php if($usercorrect == 'no') { echo '<span class="required"><i><small>The email address or password you entered is incorrect, please try again.</a></small></i></span>'; } ?> <br /> email: <?php if ($issub == 'yes') { if($user == null){ echo '<br /><span class="required"><i><small>Please enter your email address</a></small></i></span>'; } } ?> <br /><input type="text" name="username" id="usename" /> <br /> password: <br /><input type="password" name="password" id="password" /> <br /> <input type="submit" value="login" /> </form> <div> </body>

    Read the article

  • expanding/collapsing div using jQuery

    - by Hristo
    I'm trying to expand and collapse a <div> by clicking some text inside the <div>. The behavior right now is very odd. For example, if I click the text after the <div> is expanded... the <div> will collapse and then expand again. Also, if I click somewhere inside the div after it is expanded, it will collapse again, and I think that is because I'm triggering the animation since the <div> being animated is inside the wrapper <div>. Here's the code: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> <!-- Links --> <link rel="stylesheet" type="text/css" href="style.css" /> <!-- Scripts --> <script type="text/javascript" src="jQuery.js"></script> <script> // document script $(function(){ // login box event handler $('#login').click(function() { $('#loginBox').toggle( function() { $('.loginBox').animate({ height: '150px' }, '1000' ); $('#username').show(); $('#password').hide(); $('#placeHolder').show(); }, function() { $('.loginBox').animate({ height: '50px' }, '1000' ); $('#username').hide(); $('#password').hide(); $('#placeHolder').hide(); } ); }); // username field focus and blur event handlers $('#username').focus(function() { if($(this).hasClass('placeHolder')){ $(this).val(''); $(this).removeClass('placeHolder'); } }); $('#username').blur(function() { if($(this).val() == '') { $(this).val('Username'); $(this).addClass('placeHolder'); } }); // password field focus and blur event handlers $('#placeHolder').focus(function() { $(this).hide(); $('#password').show(); $('#password').focus(); $('#password').removeClass('placeHolder'); }); $('#password').blur(function() { if($(this).val() == '') { $('#placeHolder').show(); $(this).hide(); } }); }); </script> </head> <body> <div id="loginBox" class="loginBox"> <a id="login" class="login">Proceed to Login</a><br /> <div> <form> <input type="text" id="username" class="placeHolder" value="Username" /> <input type="password" id="password" class="placeHolder" value="" /> <input type="text" id="placeHolder" class="placeHolder" value="Password" /> </form> </div> </div> </body> </html> Any ideas? Thanks, Hristo

    Read the article

  • Multi tenant membership provider ASP.NET MVC

    - by Masna
    Hello, I'm building a multi-tenant app with ASP.NET MVC and have a problem with validating users. Situation I have: -a table with User(ID, Name, FirstName, Email) This table is made, so that a users who is registered in two tenants doesn't need to login again. -a table with Tentantuser(ID, TenantID, UserID (FK to table User), UserName, Loginname, Password, Active) This table contains de login en password for one tenant. Example: UserX is registered in TenantA and TenantB UserX logs in on TenantA, with his login and password for TenantA System verifies or login and password are correct in the table TenantUser System validates UserX which userID corresponds to the Id in the table User UserX goes to TenantB and is automatically logged in My problem: How can I create a custom Provider so I can check the login & password in a tenant? For example: public abstract bool ValidateUser(string username,string password); How can I say to my provider on which tenant the user is? How can I change this in something like: public overrides bool ValidateUser(string username,string password, string tenant); ? Or what is another way to solve this issue?

    Read the article

  • ASP.NET MVC Page - hyper links in HTML.ValidationSummary

    - by Rita
    Hi I have Registration page and if the validation fails, it displays the error messages using HTML.ValidationSummary control. Now i have to display the Hyperlink in that Validation Error Message. But it is treating href also as string. The Validation Message that I am trying to display with hyperlink is: **"User already exists in the system, please <a href='../Login.aspx'>login</a>"** Appreciate your responses. Here is my Code: <% using (Html.BeginForm()) {%> <%= Html.ValidationSummary(false) %> <fieldset> <div class="cssform">; <p> <%= Html.LabelFor(model => model.email)%><em>*</em> <%= Html.TextBoxFor(model => model.email, new { @class = "required email" })%> <%= Html.ValidationMessageFor(model => model.email)%> </p> <p> <%= Html.Label("Confirm email")%><em>*</em> <%= Html.TextBox("confirm_email")%> <%= Html.ValidationMessage("confirm_email") %> </p> <p> <%= Html.Label("Password")%><em>*</em> <%= Html.Password("Password", null, new { @class = "required" })%> <%= Html.ValidationMessage("Password")%><br /> (Note: Password should be minimum 6 characters) </p> <p> <%= Html.Label("Confirm Password")%><em>*</em> <%= Html.Password("confirm_password")%> <%= Html.ValidationMessage("confirm_password") %> </p><hr /> <% } %

    Read the article

  • XMPP SASL authentication on Ejabberd with PHP

    - by bucabay
    I'm trying to authenticate with an XMPP server using SASL. /** * Send Authentication, SASL * @return Bool * @param $username String * @param $password String */ function authenticate($username, $password) { $this->username = $username; $this->password = $password; var_dump($username, $password, $this->domain); $auth = base64_encode($username.'@'.$this->domain."\u0000".$username."\u0000".$password); $xml = '<auth mechanism="PLAIN" xmlns="urn:ietf:params:xml:ns:xmpp-sasl">'.$auth.'</auth>'; if ($this->write($xml)) { if ($xml = $this->listen(1, true)) { if (preg_match("/<success/i", $xml)) { $this->authenticated = $this->_sendStream(); } } } $this->events->trigger('authenticate', $this->authenticated); return $this->authenticated; } The XMPP server however responds with: <failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><bad-protocol/></failure> This is against an Ejabberd server. When I open the XMPP stream, it advertises: <stream:features><starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>DIGEST-MD5</mechanism><mechanism>PLAIN</mechanism></mechanisms><register xmlns='http://jabber.org/features/iq-register'/></stream:features> So it seams to me that SASL - PLAIN should work. I have a JavaScript version, that works perfectly on OpenFire server. (I can't test it on Ejabberd at the moment) sendAuthentication: function() { clearTimeout(XMPP.sendAuthentication_timer); var auth = Base64.encode(XMPP.username+'@'+XMPP.domain+'\u0000'+XMPP.username+'\u0000'+XMPP.password); mySocket.events.receive.observe(XMPP.receivedAuthSuccess, function() { mySocket.send('<auth mechanism="PLAIN" xmlns="urn:ietf:params:xml:ns:xmpp-sasl">' + auth + '</auth>'); }); } So I can't get why the PHP version is not working.

    Read the article

  • how does hash element make a secure login on zend framework?

    - by ulduz114
    hello all i saw a example for login form same blow code class Form_Login extends Zend_Form { //put your code here public function init($timeout=360){ $this->addElement('hash', 'token', array( 'timeout' => $timeout )); $this->setName('Login'); $username = $this->createElement ( 'text', 'username' ); $username->setLabel('user name:') ->setRequired(); $this->addElement($username); $password=$this->createElement('password','password'); $password->setLabel('password:'); $password->setRequired(); $this->addElement($password); $login=$this->createElement('submit','login'); $login->setLabel('Login'); $this->addElement($login); $this->setMethod('post'); $this->setAction(Zend_Controller_Front::getInstance()->getBaseUrl().'/authentication/login'); } } and in submitAction a part code same below if (!$form->isValid($request->getPost())) { if (count($form->getErrors('token')) > 0) { return $this->_forward('csrf-forbidden', 'error'); } $this->view->form = $form; return $this->render('login'); } now , my question, whats the reason for use of hash element? how this hash element make secure login? anybody may help explain these? thanks

    Read the article

  • Asp.net Login Status Question: It Aint Working

    - by contactmatt
    I'm starting to use Role Management in my website, and I'm current following along on the tutorial from http://www.asp.net/Learn/Security/tutorial-02-vb.aspx . I'm having a problem with the asp:LoginStatus control. It is not telling me that I am currently logged in after a successful login. This can't be true because after successfully logging in, my LoggedInTemplate is shown. The username and passwords are simply stored in a array. Heres the Login.aspx page code. Protected Sub btnLogin_Click(ByVal sender As Object, ByVal e As System.EventArgs) _ Handles btnLogin.Click ' Three valid username/password pairs: Scott/password, Jisun/password, and Sam/password. Dim users() As String = {"Scott", "Jisun", "Sam"} Dim passwords() As String = {"password", "password", "password"} For i As Integer = 0 To users.Length - 1 Dim validUsername As Boolean = (String.Compare(txtUserName.Text, users(i), True) = 0) Dim validPassword As Boolean = (String.Compare(txtPassword.Text, passwords(i), False) = 0) If validUsername AndAlso validPassword Then FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, chkRemember.Checked) End If Next ' If we reach here, the user's credentials were invalid lblInvalid.Visible = True End Sub Here is the content place holder on the master page specifically designed to hold Login Information. On successfull login, the page is redirected to '/Default.aspx', and the LoggedIn Template below is shown...but the status says Log In. <asp:ContentPlaceHolder Id="LoginContent" runat="server"> <asp:LoginView ID="LoginView1" runat="server"> <LoggedInTemplate> Welcome back, <asp:LoginName ID="LoginName1" runat="server" />. </LoggedInTemplate> <AnonymousTemplate> Hello, stranger. </AnonymousTemplate> </asp:LoginView> <br /> <asp:LoginStatus ID="LoginStatus1" runat="server" LogoutAction="Redirect" LogoutPageUrl="~/Logout.aspx" /> </asp:ContentPlaceHolder> Forms authentication is enabled. I'm not sure what to do about this :o.

    Read the article

  • Why can't I get a TRUE return in this prepared statement?

    - by Cortopasta
    I can't seem to get this to do anything but return false. My best guess is that the prepared statement isn't executing, but I have no idea why. private function check_credentials($plain_username, $md5_password) { global $dbcon; $ac = new ac(); $ac->dbconnect(); $userid = $dbcon->prepare('SELECT id FROM users WHERE username = :username AND password = :password LIMIT 1'); $userid->bindParam(':username', $plain_username); $userid->bindParam(':password', $md5_password); $userid->execute(); $id = $userid->fetch(); Return $id; } *EDIT:*I've even tried hard coding the username and password into the function itself to try and isolate the problem like this: private function check_credentials($plain_username, $md5_password) { global $dbcon; $plain_username = "jim"; $md5_username = "waffles"; $ac = new ac(); $ac->dbconnect(); $userid = $dbcon->prepare('SELECT id FROM users WHERE username = :username AND password = :password LIMIT 1'); $userid->bindParam(':username', $plain_username); $userid->bindParam(':password', $md5_password); $userid->execute(); print_r($dbcon->errorInfo()); $id = $userid->fetch(); Return $id; } Still nothing :-/

    Read the article

  • Simplest way to handle and display errors in a Python Pylons controller without a helper class

    - by ensnare
    I have a class User() that throw exceptions when attributes are incorrectly set. I am currently passing the exceptions from the models through the controller to the templates by essentially catching exceptions two times for each variable. Is this a correct way of doing it? Is there a better (but still simple) way? I prefer not to use any third party error or form handlers due to the extensive database queries we already have in place in our classes. Furthermore, how can I "stop" the chain of processing in the class if one of the values is invalid? Is there like a "break" syntax or something? Thanks. >>> u = User() >>> u.name = 'Jason Mendez' >>> u.password = '1234' Traceback (most recent call last): File "<stdin>", line 1, in <module> File "topic/model/user.py", line 79, in password return self._password ValueError: Your password must be greater than 6 characters In my controller "register," I have: class RegisterController(BaseController): def index(self): if request.POST: c.errors = {} u = User() try: u.name = c.name = request.POST['name'] except ValueError, error: c.errors['name'] = error try: u.email = c.email = request.POST['email'] except ValueError, error: c.errors['email'] = error try: u.password = c.password = request.POST['password'] except ValueError, error: c.errors['password'] = error try: u.commit() except ValueError, error: pass return render('/register.mako')

    Read the article

  • Designing secure consumer blackberry application

    - by Kiran Kuppa
    I am evaluating a requirement for a consumer blackberry application that places high premium on security of user's data. Seems like it is an insurance company. Here are my ideas on how I could go about it. I am sure this would be useful for others who are looking for similar stuff Force the user to use device password. (I am guessing that this would be possible - though not checked it yet). Application can request notifications when the device is about to be locked and just after it has been unlocked. Encryption of application specific data can be managed at those times. Application data would be encrypted with user's password. User's credentials would be encrypted with device password. Remote backup of the data could be done over HTTPS (any better ideas are appreciated) Questions: What if the user forgets his device password. If the user forgets his application password, what is the best and secure way to reset the password? If the user losses the phone, remote backup must be done and the application data must be cleaned up. I have some ideas on how to achieve (3) and shall share them. There must be an off-line verification of the user's identity and the administrator must provide a channel using which the user must be able to send command to the device to perform the wiping of application data. The idea is that the user is ALWAYS in control of his data. Without the user's consent, even the admin must not be able to do activities such as cleaning up the data. In the above scheme of things, it appears as if the user's password need not be sent over the air to server. Am I correct? Thanks, --Kiran Kumar

    Read the article

  • Devise routes to only use custom sign in page

    - by eblume
    I am trying to learn Devise and seem to have hit a problem that is nearly the same as many, many questions here on SO but just slightly different enough that I am not getting much traction following those questions' threads. I have a very simple application. Users can sign in and sign out (and also the devise 'forgot password' stuff is enabled - I am not concerned about it at this time) and that is it. They can't register, they can't edit their profile other than to change their password, they can't do anything except sign in and sign out. (Account creation will, for now, be handled manually at the command line.) I would vastly prefer that the only page that users can log in from was "/" (root_path). I already have it working where you can log in from "/", and that is great. The problem I am having is that if you type in your user/password combination incorrectly from the root_path login page, it automatically sends you to the Devise sign-in page to continue trying to sign in. How can I make Devise redirect to root_path on sign-in failure? Here are my routes - they are probably not optimal or correctly configured and I would appreciate pointers on fixing them: root to: "core_pages#splash" devise_for :users, skip: [:sessions] as :user do # get 'signin' => 'devise/sessions#new', as: :new_user_session post 'signin' => 'devise/sessions#create', as: :user_session delete 'signout' => 'devise/sessions#destroy', as: :destroy_user_session, via: Devise.mappings[:user].sign_out_via end match '/home' => 'core_pages#home' Note the commented-out 'get signin' line. The system works without this line but, surprisingly (to me), "GET /signin" results in a HTTP 400 (OK) response and renders the Devise login template. I would prefer it return some sort of 'invalid request' or just silently redirect the user to root_path. Running rake routes on these routes gives: root / core_pages#splash user_password POST /users/password(.:format) devise/passwords#create new_user_password GET /users/password/new(.:format) devise/passwords#new edit_user_password GET /users/password/edit(.:format) devise/passwords#edit PUT /users/password(.:format) devise/passwords#update user_session POST /signin(.:format) devise/sessions#create destroy_user_session DELETE /signout(.:format) devise/sessions#destroy home /home(.:format) core_pages#home Thanks!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 84 85 86 87 88 89 90 91 92 93 94 95  | Next Page >