Search Results

Search found 5174 results on 207 pages for 'prevent'.

Page 146/207 | < Previous Page | 142 143 144 145 146 147 148 149 150 151 152 153  | Next Page >

• Preventing a security breach

  - by Wiz

  I am creating a website where you "post", and the form content is saved in a MySql database, and upon loading the page, is retrieved, similar to facebook. I construct all the posts and insert raw html into a template. The thing is, as I was testing, I noticed that I could write javascript or other HTML into the form and submit it, and upon reloading, the html or JS would treated as source code, not a post. I figured that some simple encoding would do the trick, but using is not working. Is there an efficient way to prevent this type of security hole?

  Read the article

• question in sql server 2005 Proc

  - by bassam

  i have this Proc CREATE Proc [dbo].Salse_Ditail -- Add the parameters for the stored procedure here @Report_Form varchar(1) , @DateFrom datetime , @DateTo datetime , @COMPANYID varchar(3), @All varchar(1) , @All1 varchar(1) , @All2 varchar(1) , @All3 varchar(1) , @All4 varchar(1) , @All5 varchar(1) , @Sector varchar(10), @Report_Parameter nvarchar(max) as BEGIN -- SET NOCOUNT ON added to prevent extra result sets from -- interfering with SELECT statements. DECLARE @STRWhere nvarchar(max) IF @All5=0 AND @All4=0 AND @All3=0 AND @All2=0 AND @All1=0 and @All=1 set @STRWhere= N'and Sector_id = @Sector' if @Report_Form =1 or @Report_Form =3 or @Report_Form =4 SELECT RETURNREASONCODEID, SITE,SITE_NAME,Factory_id,Factory_Name,Sector_id,sector_name,Customer_name, Customer_id,ITEMID,ITEMNAME,SALESMANID,SALESMAN_NAME,Net_Qty,Net_Salse,Gross_Sales,Gross_Qty, NETWEIGHT_Gross,NETWEIGHT_salse_Gross,NETWEIGHT_NET,NETWEIGHT_salse_NET,Return_Sales,Free_Good, CollectionAmount FROM hal_bas_new_rep WHERE DATAAREAID =@COMPANYID AND INVOICEDATE >= @DateFrom AND INVOICEDATE <= @DateTo and Report_Activti = @Report_Form if @Report_Form =2 SELECT RETURNREASONCODEID , RETURNREASONDESC, SITE , SITE_NAME , Factory_id , Factory_Name , Sector_id , sector_name , Customer_name , Customer_id , ITEMID , ITEMNAME , SALESMANID , SALESMAN_NAME , Return_Sales FROM dbo.hal_bas_new_rep WHERE DATAAREAID =@COMPANYID AND INVOICEDATE >= @DateFrom AND INVOICEDATE <= @DateTo and Report_Activti = @Report_Form and RETURNREASONCODEID in ( SELECT Val FROM dbo.fn_String_To_Table(@Report_Parameter,',',1) ) /* @STRWhere question how i can but the virble here */ end GO i want to but virble put a variable under where Expression and from this function buc I have many function i want to add if any one have answer pls send me

  Read the article

• Runtime Error in asp.net site?

  - by Surya sasidhar

  hi, I developed a website in asp.net and i place the site in online. I upload my site in online by using CuteFTP. After uploading when i type my url it is giving error like this... Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. Details: To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This tag should then have its "mode" attribute set to "Off". Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's configuration tag to point to a custom error page URL.

  Read the article

• Using Dom Objects in PHP, the default namespace is redeclared in some nodes.

  - by TomcatExodus

  I'm working on a template engine, having migrated from regex driven to DOM driven. It appears though, that whenever I create a DomDocumentFragment to encapsulate some portion of a document temporarily, the namespace attribute is added to each node in the fragment. Since my default namespace for a given document will 99% of the time be XHTML, it's adding the XHTML namespace declaration. Being the default namespace, this seems fruitless, and ultimately nodes in any other namespace will be stripped out at render time anyways. Aside from iteratively removing namespace attributes, is there some way I can prevent this from occurring to begin with? Its quite problematic, as this will likely increase render time filesize considerably, as large portions of a given document may be stored in a fragment. I've tried $doc->normalizeDocument(), but as I assumed, it did nothing.

  Read the article

• Runtime Error in asp.net?(online )

  - by Surya sasidhar

  hi, I develop a web application it is working fine in local. When i upload the site in online through CuteFTP it is showing the error like this... Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. Details: To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This tag should then have its "mode" attribute set to "Off". Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's configuration tag to point to a custom error page URL. please help me i place the but even though it is not working it is giving same error. Thank you

  Read the article

• jQuery.Form wont submit

  - by kim

  Im´trying to submit a form without refreshing the page, but I´m having a problem. When I click submit the page refreshes and anothing gets posted. Here is the code, what am I doing wrong? (I´m a newbie) jQuery 1.4.2 and the jQuery Form Plugin 2.43 is present. tnx $(document).ready(function() { var options = { target: '#output2', url: https://graph.facebook.com/<%=fbUid%>/feed, type: post, clearForm: true // clear all form fields after successful submit //dataType: null // 'xml', 'script', or 'json' (expected server response type) //resetForm: true // reset the form after successful submit // $.ajax options can be used here too, for example: //timeout: 3000 }; // bind to the form's submit event $('#fbPostStatus').submit(function() { // inside event callbacks 'this' is the DOM element so we first // wrap it in a jQuery object and then invoke ajaxSubmit $(this).ajaxSubmit(options); // !!! Important !!! // always return false to prevent standard browser submit and page navigation return false; }); });

  Read the article

• Getting service unavailable message when sending messages to google xmpp using wokkel

  - by Code freak

  Hi, I made a wokkel (twisted python) bot to send and receive messages from the google xmpp service. Everything (auth, presence) etc works fine. One of the rquirements of our prject is that we need to send broadcast messages to everyone in the list. Normal messages and replies work fin, but when i snd a broadcast message, i get this service unavailable error 503 message. There are about 1000 user in my contact list. Is this some bug in the code or is it google policy to prevent rapid messaging. Also, how do other google bots cater to a large contact base ? does google provide a commercial solution for such applications ? Thanks

  Read the article

• How can I strip line breaks from my XML with XSLT?

  - by Eric

  I have this XSLT: <xsl:strip-space elements="*" /> <xsl:template match="math"> <img class="math"> <xsl:attribute name="src">http://latex.codecogs.com/gif.latex?<xsl:value-of select="text()" /></xsl:attribute> </img> </xsl:template> Which is being applied to this XML (notice the line break): <math>\text{average} = \alpha \times \text{data} + (1-\alpha) \times \text{average}</math> Unfortunately, the transform creates this: <img class="math" src="http://latex.codecogs.com/gif.latex?\text{average} = \alpha \times \text{data} + (1-\alpha) \times&#10;&#9;&#9;&#9;&#9;&#9;\text{average}" /> Notice the whitespace character literals. Although it works, it's awfully messy. How can I prevent this?

  Read the article

• Preventing user from inserting *

  - by user990635

  I'm trying to prevent user from inserting * in a textbox. This is what I was trying to do, but here it only detects * if this is the only inserted character. For example texts like: *, etc. When allowed characters are mixed with *, then it cannot detect it. For example inputs such as: *hjh, etc.. and maybe how to make it replace only * with "" and not the whole field? <script type="text/javascript"> function testField(field) { var regExpr = new RegExp("[^*]"); if(!regExpr.test(field.value)) { field.value = ""; } } </script> <input type="text" id="searchGamesKeyword" class="searchGamesTextBox" name="searchGamesKeyword" onblur="testField(this);" />

  Read the article

• C++ include header conventions

  - by user231536

  Suppose I have a file X.h which defines a class X, whose methods are implemented in X.cc. The file X.h includes a file Y.h because it needs Y to define class X. In X.cc, we can refer to Y because X.h has already included Y.h. Should I still include Y.h in X.cc ? I understand that I don't need to and I can depend on header guards to prevent multiple inclusions. But on the one hand, including Y.h makes X.cc a little more independent of X.h (can't be completely independent of course). What is the accepted practice? Another example: including <iostream> in both .h and .cc files. I see some people do this and some don't.

  Read the article

• node.js storing gamestate, how?

  - by expressnoob

  I'm writing a game in javascript, and to prevent cheating, i'm having the game be played on the server (it's a board game like a more complicated checkers). Since the game is fairly complex, I need to store the gamestate in order to validate client actions. Is it possible to store the gamestate in memory? Is that smart? Should I do that? If so, how? I don't know how that would work. I can also store in redis. And that sort of thing is pretty familiar to me and requires no explanation. But if I do store in redis, the problem is that on every single move, the game would need to get the data from redis and interpret and parse that data in order to recreate the gamestate from scratch. But since moves happen very frequently this seems very stupid to me. What should I do?

  Read the article

• Visaul Studio 2010, TlbImp generates .net 4.0 interops in 2.0 projects

  - by DJScrib

  In a C# project we add a reference to a COM object via the Add References setup pointing to a COM object which results in the IDE auto-generating the interop assembly. So this is fine and good, but we are building based on .net 3.5 SP1 aka CLR 2.0, and the generated interops are using the 4.0 CLR making them incompatiable. Is there a way to prevent this? I assume the other option is in our build script to try using tlbimp.exe with the /references parameter? to point to mscorlib v2.0? Anyhow, I'm hoping there's a flag somewhere to allow this.

  Read the article

• Why is this jquery dialog window not displaying?

  - by user338413

  I've got a form that is using jquery validation. When the user clicks the submit button, I've got some jquery that intercepts the submit and should display a dialog window asking the user to verify the information they entered on the form. This dialog window should only display if the form has validated. Here is my code: $('#form').submit(function(){ fillVerificationDialog(); /* This loads up the dialog with form data */ if (('#form').valid()){ $('verification_dialog').dialog('open'); return false; } }); My dialog window is not displaying. It just submits the form. And I've verified that the form is valid by using an alert that checks the value of $('#form').valid() If I remove the if statement and just have the line that opens the dialog, the dialog displays. However, it will display even if the form has errors which is what I'm trying to prevent.

  Read the article

• Make sure base method gets called in C#

  - by Fnatte

  Can I somehow force a derived class to always call the overridden methods base? public class BaseClass { public virtual void Update() { if(condition) { throw new Exception("..."); // Prevent derived method to be called } } } And then in a derived class : public override void Update() { base.Update(); // Forced call // Do any work } I've searched and found a suggestion to use a non-virtual Update() but also a protected virtual UpdateEx(). It just doesn't feel very neat, isn't there any better way? I hope you get the question and I am sorry for any bad English.

  Read the article

• how to use a wav file in eclipse

  - by AlphaAndOmega

  I've been trying to add audio to a project I've been doing. I found some code on here for html that is also supposed to work with file but it keeps saying "Exception in thread "main" javax.sound.sampled.UnsupportedAudioFileException: could not get audio input stream from input file at javax.sound.sampled.AudioSystem.getAudioInputStream(Unknown Source) at LoopSound.main(LoopSound.java:15)" the code public class LoopSound { public static void main(String[] args) throws Throwable { File file = new File("c:\\Users\\rabidbun\\Pictures\\10177-m-001.wav"); Clip clip = AudioSystem.getClip(); // getAudioInputStream() also accepts a File or InputStream AudioInputStream wav = AudioSystem.getAudioInputStream( file ); clip.open(wav); // loop continuously clip.loop(-1000); SwingUtilities.invokeLater(new Runnable() { public void run() { // A GUI element to prevent the Clip's daemon Thread // from terminating at the end of the main() JOptionPane.showMessageDialog(null, "Close to exit!"); } }); } } What is wrong with the code?

  Read the article

• how can I reliably check that requests to my service file have come from my website?

  - by woot586

  I have a service.php class that I use to service AJAX calls from my website. To prevent other people accessing the service using PHP CURL I would normally check the request has come from mysite, and if they are not then just redirect to my home page e.g. if($_SERVER['HTTP_REFERER'] != "http://www.mysite.com"){ header('location: http://www.mysite.com'); exit; } I read in the PHP holy bible: http://www.php.net/manual/en/reserved.variables.server.php that "Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted." So if this method is not reliable, my question is how can I reliably check that requests to my service file have come from my website? Thanks for any help you can provide!

  Read the article

• Inconsistent Session data from IE - cached sessions???

  - by pedalpete

  I'm trying to prevent some basic click-fraud on my site, and am building links based on session time data. Everything works in FF, but in IE the information I'm storing in the session is somehow being changed. When I load up the main page, I set my session variables like this session_start(); $_SESSION['time']=$time(); I'm out putting the session value into the page, so I get something like 1275512393. When the user clicks on a link, I send an ajax request, and that page is returning the session which I am putting into an alert. session_start(); echo $_SESSION['time']; die(); The alert is returning 1275512422. Only in IE is the $_SESSION['time'] being returned different from the original $_SESSION['time'] It doesn't appear that this is a caching issue, as the times are always VERY near each other, and the second one is always after the first, but I'm not positive.

  Read the article

• Hook to make Subversion Read Only for specific users

  - by Shane

  We have an existing Subversion repository that uses LDAP to manage users/passwords. There are some new users who we would like to provide read-only access to SVN. I did some Google searches and found a way to open up read-only access to anonymous users, but this is not what we want. We do not want to open up SVN to everyone. We still want to control login through LDAP, but we would like to prevent certain named users from being able to add/edit/delete. I am assuming this can be done with a hook (pre-commit?), but I have no experience writing hooks. Can someone show me or point me to an example of how to do this?

  Read the article

• disable download of my paid app in Android

  - by Boy

  I have a paid app in the store which will remove the ads in another app when it is installed on that device. Now I want to remove this 'remove ads' app, as I want to have an in-app payement for this for instance (or maybe I just keep the ads version only). But the problem is, if I unpublish the app, people who bought it will not be able to download it again when they get a new phone or reset their phone. How to I keep the app in the Play Store, but prevent people from buying it? Is this possible? My backup plan is: make the app cost 10.000 euro's and put in the message that this app should not be bought anymore. But I don't like that...

  Read the article

• Aptana Studio is opening but not ever closing a python.exe process

  - by SC Ghost

  I am developing a small testing website using Django 1.2 in Aptana Studio build 2.0.4.1268158907. I have a Django project that I test by running the command "runserver 8001" on my project. This command runs the project on a small server that comes with Django. However the problem arises that every time I run this command Aptana opens two instances of the process "python.exe". Upon terminating the command only one of these instances is ended. The other process continues to run and use memory. My server is not online, and the process doesn't seem to do anything that I can find. This happens every time i run the runserver command on my project and therefore more and more python.exe instances will open up through my development period. Any help discovering either the purpose of this extra python.exe or a way to prevent it from opening would be much appreciated.

  Read the article

• Explicitly persist states in Workflow 4.0 rather than everything.

  - by jlafay

  I have ran into an issue with my SQL instance store attached to a WorkflowApplication that is running. When I exit my application I'm calling an Unload() on the WF app to persist it. I didn't think about it during design time, but it does makes sense, it's persisting an arg that was passed in to the WorkflowApplication constructor when instanced. When the application runs, everything in the workflow works as expected. When I call Unload() I get an unhandled exception that states that the arg is not serializable and needs [DataContractAttribute]. What's passed into the workflow is my applications custom logger object that I wrote so that the WF can log to disk in a uniform way that I prefer. How do I prevent the workflow app from persisting this one argument and persist everything else? I'm sure something can be done with extensions but I'm having a hard time finding info on them or finding persistence examples for my scenario.

  Read the article

• Best way to delay access to static web pages until services become available with J2EE

  - by Dean Povey

  I have a J2EE application front-ended by a bunch of GWT pages. When the server is starting up, it is possible that these static pages can be accessed before the services required to implement the GWT RPC calls (database etc) are available. I wondering what the best approach is to prevent a user accessing this static content before these services become available. For the purpose of this exercise, assume that there is an isInitialized() method somewhere. I am happy with either a page displaying an error message or simply refusing the connection.

  Read the article

• javascript welcoming msgbox problem

  - by shouq

  hey... i'm doing my html and javascript class project and i want to have a msgbox welcoming the visitor asking for his name and then a welcoming msgbox shows up saying "hello (the name added)" i know how to do that but my only problem is that if i pressed back and went to the homepage of my website again, the msg will show up again asking for my name is there anyway to prevent this from happening? seriously don't want the visitor to wite his name each time he goes to the home page please help this is the code i'm using: <script> response = window.prompt("Welcome!","Please enter your name"); window.alert("hello " + response); </script> please help

  Read the article

• How do I stop setNeedsDisplayInRect / drawRect coalescence?

  - by No One in Particular

  When programming my app, I get to the point where I have to update two rectangles on the screen. So I call [self setNeedsDisplayInRect:rect1] and then [self setNeedsDisplayInRect:rect2]. When my drawRect method is called, the rectangle parameter is the smallest rectangle which contains both rect1 and rect2. I can handle this with no problem, but when the two rectangles are far apart, then I am updating a lot of real estate with no gain. In this case, I would just like to repaint my two small rectangles. So my question is how can I prevent the underlying system from coalescing my two calls into one?

  Read the article

• How to persist every new entity?

  - by simpatico

  I expect every instantiated entity to correspond to a tuple (& co) in the database. In the examples I see around, one always instantiates the entity (via a constructor) and then calls persist with that entity. I find this error-prone, and was wondering if it wasn't possible to have every instantiated entity automatically managed/persisted/reflected to the database (at least intended to). This also seems to prevent me from persisting instance variable entities. I.e. I've an entity which instantiates another (entities it has an association with) in its constructor.

  Read the article

< Previous Page | 142 143 144 145 146 147 148 149 150 151 152 153  | Next Page >