Search Results

Search found 5623 results on 225 pages for 'prevent deletion'.

Page 147/225 | < Previous Page | 143 144 145 146 147 148 149 150 151 152 153 154  | Next Page >

• Session ID Rotation - does it enhance security?

  - by dound

  (I think) I understand why session IDs should be rotated when the user logs in - this is one important step to prevent session fixation. However, is there any advantage to randomly/periodically rotating session IDs? This seems to only provide a false sense of security in my opinion. Assuming session IDs are not vulnerable to brute-force guessing and you only transmit the session ID in a cookie (not as part of URLs), then an attacker will have to access your cookie (most likely by snooping on your traffic) to get your session ID. Thus if the attacker gets one session ID, they'll probably be able to sniff the rotated session ID too - and thus randomly rotating has not enhanced security.

  Read the article

• Do not show partial items in a WPF listbox

  - by David Martin

  I've tried Google and I've tried Bing to no avail. Does anyone here have an idea on how to prevent partial items from appearing in a listbox in WPF? In case that does not make sense here is an example: Listbox is 200 pixels tall - each item is 35 pixels tall. That means I can show 5.7 items. 7/10 of an item is undesirable. I'd like to limit it to showing only 5 items. The user could then scroll to see the additional items. Should I A) try to dynamically size the listbox or ScrollViewer ViewPort so that it fits perfectly? Or B) implement a custom panel that would not arrange a child whose desired height is more than the remaining vertical space? Any thoughts would be greatly appreciated. Last note: If anyone knows of a 3rd party control (listbox or grid) that does this I would be interested in that as well.

  Read the article

• How to preserve hyperlink when submitting via php form into MySQL

  - by TheTub

  Hi All, I've created a form that stores free text fields into a MySQL database. All works fine and the data is displayed back as intended when viewed. Except for one niggle. In an attempt to prevent malicious attacks I have used mysql_real_escape_string to remove any unwanted code from the input. However, I need to be able to preserve hyperlinks and basic html. For example, I want to store the following: <p align="left">Please follow this <a href="link.html">link</a></p> But the link is being stored as \"link.html\" as the quotes are being escaped. How can I preserve this link and other html? Many thank TT

  Read the article

• How to create virtual Environment for users on server

  - by Bhushan Nagaonkar

  I have a web application where users can register them self and then save Java and C++ programs in their account. Programs are saved in a tmp directory like, /tmp -user1 --program1 --program2 -user2 --program1 --program2 So all the users folders are in same "tmp" directory. I want to know how can I proved security by not allowing a user to access files of other users. A user will be executing a java or c++ program in his folder which can be used to read files on the server. How to prevent this? I am new to this thing I don't know how to go about this. The server is Linux server and project is in python using Django. Thank in advance

  Read the article

• loading HTML fragments with jQuery

  - by sam

  Hi everybody, I'm very new to jQuery, Ajax and things like these. I've found solutions on how to inject HTML fragments into my site: $(document).ready(function(){ $('a').click(openContent); //binding all anchors to this function }); function openContent(){ var path = $(this).attr('href'); $('#content').load(path); return false; //to prevent browser from loading the single HTML fragment } That works really fine! The problem is, these function won't be executed when clicking on anchors located in the new HTML fragment which were injected right before. So the fragment won't get injected into div, the browser will only load the fragment for itself. Hope there are solutions which aren't that tricky... thanks sam

  Read the article

• displaying .aspx and .aspx.cs files such that its not understood by the browser

  - by user287745

  i have to give the user the option to upload his own aspx and aspx.cs files on to the server, adjust the hyperlink to point to a page which would do the following display the aspx and aspx.cs files code onto the page without actually rendering the code the browser should not understand anything, and while reading the files to display them the method be such that nothing is processed on the server regarding the code within the files to prevent from unnecessary problems many user would try to cause. i have tried many ways of displaying it but it ends up on displaying the actual comments instead of the code. please suggest with links to examples how to achieve the above. please note main concentration is on asp.net and c# using vs08, so j script and ready-made tools be avoided if feasible thank you all

  Read the article

• Is it possible to use IPC inside of a IE8 Browser Helper Object?

  - by Joel

  I need to communicate with a Service using IPC from inside of a Browser Helper Object (registered with IE8). Unfortunately, all of this communication is done through an Assembly API that I have no control over. Whenever this API starts up I get the following error: ExceptionSystem.Runtime.Remoting.RemotingException: Failed to connect to an IPC Port: The system cannot find the file specified. I realize that it is difficult to discern what the issue is without source. However I am curious if anyone knows of anything sort of permissions or DLL issues that would prevent IPC from working in this case.

  Read the article

• How to rewrite the URL

  - by Kalpana

  I have a small application built using Seam 2.2, Richfaces 3.3, JBoss 5.1. Most of the page navigation adds the request parameters to the target URL. I would like to hide parameters to be hidden to the customer who is using the application (e.g. I would expect the URL to be something like "http://localhost:8080/books/Book.seam". The parameters (userId, orderId and cmId) are currently mapped to the backend bean via Book.page.xml. How do I prevent the request parameters from showing up in the browser URL, as it also allows the customer to manipulate the URL. We did look at seam URL re-writing feature, it talked about manipulating say the primary key id in a REST format, not sure how to accomplish something more complex like the above use case in a elegant fashion.

  Read the article

• Cloning java ArrayList and preventing it from modifications

  - by user222164

  I have a data structure like a database Rowset, which has got Rows and Rows have Columns. I need to initialize a Columns with null values, current code is to loop thru each column for a row and initialize values to NULL. Which is very inefficient if you have 100s or rows and 10s of column. So instead I am keeping a initialized ArrayList of columns are RowSet level, and then doing a clone of this Arraylist for individual rows, as I believe clone() is faster than looping thru each element. row.columnsValues = rowsset.NullArrayList.clone() Problem with this is NullArrayList can be accidentally modified after being cloned, thus sacrificing the integrity of ArrayList at RowSet level, to prevent I am doing 3 things 1) Delcaring ArrayList as final 2) Any elements I insert are final or null 3) Methods thurough this arrayList are passed to other arrays are declared a final. Sounds like a plan, do you see any holes ?

  Read the article

• Remove another user's lock obtained with sp_getapplock on SQL Server

  - by joshperry

  We have a system that uses sp_getapplock to create an exclusive mutex any time someone opens an order in the GUI. This is used to prevent multiple people from making changes to an order simultaneously. Sometimes people will open an order and go home, leaving it open. This effectively blocks anyone from being able to make changes to the order. I then get emails, calls and end up doing a kill <spid> in enterprise manager. Obviously I've gotten sick of this and want to make a quick self-service webform. The main problem I've run into is that kill requires sysadmin privileges, which I do not want to give to the user that the our website runs as. I have tried sp_releaseapplock but this doesn't let you release another user's lock (even when calling it as a sysadmin). So, finally my question; does anyone know of an alternative method to release a lock that was obtained by another user using sp_getapplock?

  Read the article

• Dynamically allocated structure and casting.

  - by Simone Margaritelli

  Let's say I have a first structure like this: typedef struct { int ivalue; char cvalue; } Foo; And a second one: typedef struct { int ivalue; char cvalue; unsigned char some_data_block[0xFF]; } Bar; Now let's say I do the following: Foo *pfoo; Bar *pbar; pbar = new Bar; pfoo = (Foo *)pbar; delete pfoo; Now, when I call the delete operator, how much memory does it free? sizeof(int) + sizeof(char) Or sizeof(int) + sizeof(char) + sizeof(char) * 0xFF ? And if it's the first case due to the casting, is there any way to prevent this memory leak from happening? Note: please don't answer "use C++ polymorphism" or similar, I am using this method for a reason.

  Read the article

• GUI-Library for microcontroller

  - by Martin Kirsche

  I want to create a GUI driven application for a micro-controller (Atmel XMEGA) that is connected to a 128x64 dots graphics LCD (EA DOGL128-6) and 4 buttons for navigation. Controlling the display itself (e.g. drawing pixels and characters) is no problem but in order to prevent me from reinventing the wheel I was googling for a GUI-Library/-Toolkit that is written in c, includes its source code, will run on a 32 MHz 8-bit micro-controller and provides at least the following controls: panel (to group elements) menu (scrollable) icon label button line-graph (optional) But I didn't find any thing useful. Does anyone know (or better uses) such a library(preferably for free)?

  Read the article

• BlogEngine - Mangling of HTML Anchor Links in TinyMCE Editor

  - by IrishChieftain

  When I create the following link: <a href="~/Contact.aspx" runat="server">Contact us</a> The editor strips out the runat attribute, breaking the link. It's also inserting "/page" into the URL which I do not want to happen. Is there some editor setting to prevent this from happening? I've checked here and couldn't find an answer. UPDATE I've added the following to tinyMCE.acsx to allow the addition of the runat attribute to anchor links: tinyMCE.init({ ... extended_valid_elements : "a[href|runat=server]" ... }); This solves the problem with the runat attribute being stripped out. My only remaining problem is the automatic insertion of "page" in the URL. Anybody?

  Read the article

• How does memory management in Java and C# differ?

  - by David Johnstone

  I was reading through 2010 CWE/SANS Top 25 Most Dangerous Programming Errors and one of the entries is for Buffer Copy without Checking Size of Input. It suggests using a language with features to prevent or mitigate this problem, and says: For example, many languages that perform their own memory management, such as Java and Perl, are not subject to buffer overflows. Other languages, such as Ada and C#, typically provide overflow protection, but the protection can be disabled by the programmer. I was not aware that Java and C# differed in any meaningful way with regard to memory management. How is it that Java is not subject to buffer overflows, while C# only protects against overflows? And how is it possible to disable this protection in C#?

  Read the article

• Extending Throwable in Java

  - by polygenelubricants

  Java lets you create an entirely new subtype of Throwable, e.g: public class FlyingPig extends Throwable { ... } Now, very rarely, I may do something like this: throw new FlyingPig("Oink!"); and of course elsewhere: try { ... } catch (FlyingPig porky) { ... } My questions are: Is this a bad idea? And if so, why? What could've been done to prevent this subtyping if it is a bad idea? Since it's not preventable (as far as I know), what catastrophies could result? If this isn't such a bad idea, why not? How can you make something useful out of the fact that you can extends Throwable?

  Read the article

• Stop scrolling to top in UIWebView - iPhone

  - by sagar

  I have placed following javascript in my html file. <script TYPE="text/javascript"> function srk(){ document.ontouchmove = function(e){ e.preventDefault(); } } </script> I am scrolling my webview by following code with some animation. [myWebView stringByEvaluatingJavaScriptFromString:[NSString stringWithFormat: @"window.scrollTo(0,%i);",414*self.initialScrollPosition]]; Everything going right, but on problem that I am facing is as follows. Whenever User/I tap on the status bar of iPhone, WebView Bydefault scrolls to top. This should not be done. Is it possible to prevent inbuilt functionality ? I know one of the option is as follows. ((UIScrollView *)[[myWebView valueForKey:@"_internal"] valueForKey:@"scroller"]).scrollsToTop = NO; But is it valid to do ?

  Read the article

• problem with crawl many url in .net: Server IP not ping. maybe bandwidth or http connection limit ex

  - by Hamid

  Hi to all I develop web crawling service (windows service / multi-thread) . its work fine, but sometimes my server network not response. and i can't ping server IP (from internet), but can ping by other network card (local ip) that not access to internet. after i open server with remote desktop and stop crawling service. i could ping. What's my problem? Bandwidth limit or max connection limit exceed or ??? how to prevent this issue? Note: when this problem occur, i open browser for browse web site, but can't open any website!!! Could you please help me. Thanks in advanced

  Read the article

• Stretch column table in Primefaces

  - by Orange91

  How I can prevent to stretch table when I input long text: Screen: http://zapodaj.net/71821572f2445.jpg.html Meyby is it possible to make the text lines stretched row horizontally? My fragment example table: <p:dataTable id="table" styleClass="table" value="#{userMB.allInactive}" var="inactive" paginator="true" rows="15" rowKey="#{inactive.id}" selection="#{userMB.user}" selectionMode="single" > <f:facet name="header"> Lista kont nieaktywnych </f:facet> <p:column headerText="#{msg.firstName}"> <h:outputText value="#{inactive.firstName}" /> </p:column> I tried <p:column headerText="#{msg.firstName}" width="20px"> styleClass for column: <p:column styleClass="column" headerText="#{msg.firstName}" width="20px"> .column { width: 20px; } but I do not see any change, it does not work.

  Read the article

• JQuery Coding Question?

  - by SLAPme

  I'm kind of new to JQuery i really don't know how to code in the .hide() so that it hides the following code from begin displayed until clicked <li>Changes saved!</li> and then have it fade in using the .fadeIn. Can some one show me how to code in the .hide() and .fadeIn correctly into my JQuery code? Here is the JQuery code. $(function() { $(".save-button").click(function() { $.post($("#contact-form").attr("action"), $("#contact-form").serialize(), function(html) { $("div.contact-info-form").html(html); $('#changes-saved').append('<li>Changes saved!</li>'); }); return false; // prevent normal submit }); });

  Read the article

• How to assign default values and define unique keys in Entity Framework 4 Designer

  - by csharpnoob

  Hello, I've had a look at the Entity Framework 4. While generating code for the SQL Server 2008 I came to the point where I want to define some default values for some fields. how to define in the designer for a Created DateTime Field the DateTime.Now default value? - Error 54: Default value (DateTime.Now) is not valid for DateTime. The value must be in the form 'yyyy-MM-dd HH:mm:ss.fffZ' how to make for code generation a string Field unique. Like E-Mail or Username can exists only once in the table. I've search alot in the internet and also checked my books Pro Entity Framework 4.0 and Programming Entity Framework. But none of them seems to come up with the default value issue, or using sql commands as default values for database generation. Another thing is, how to prevent on database generation always from droping tables? Instead i want to append non existing fields and keep the data. Thanks for any suggestions.

  Read the article

• FxCop giving a warning on private constructor CA1823 and CA1053

  - by Luis Sánchez

  I have a class that looks like the following: Public Class Utilities Public Shared Function blah(userCode As String) As String 'doing some stuff End Function End Class I'm running FxCop 10 on it and it says: "Because type 'Utilities' contains only 'static' ( 'Shared' in Visual Basic) members, add a default private constructor to prevent the compiler from adding a default public constructor." Ok, you're right Mr. FxCop, I'll add a private constructor: Private Utilities() Now I'm having: "It appears that field 'Utilities.Utilities' is never used or is only ever assigned to. Use this field or remove it." Any ideas of what should I do to get rid of both warnings?

  Read the article

• Naming a typedef for a boost::shared_ptr<const Foo>

  - by Blair Zajac

  Silly question, but say you have class Foo: class Foo { public: typedef boost::shared_ptr<Foo> RcPtr; void non_const_method() {} void const_method() const {} }; Having a const Foo::RcPtr doesn't prevent non-const methods from being invoked on the class, the following will compile: #include <boost/shared_ptr.hpp> int main() { const Foo::RcPtr const_foo_ptr(new Foo); const_foo_ptr->non_const_method(); const_foo_ptr->const_method(); return 0; } But naming a typedef ConstRcPtr implies, to me, that the typedef would be typedef const boost::shared_ptr<Foo> ConstRcPtr; which is not what I'm interested in. An odder name, but maybe more accurate, is RcPtrConst: typedef boost::shared_ptr<const Foo> RcPtrConst; However, Googling for RcPtrConst gets zero hits, so people don't use this as a typedef name :) Does anyone have any other suggestions?

  Read the article

• Joomla template parameters and params.ini - file becomes unwritable after save.

  - by Moak

  I am using wamp and creating a Joomla template with changeable parameters. initially the message is The parameter file \templates\ssc_2010\params.ini is writable! once I make changes everything works as expected, except now i get the message: The parameter file \templates\ssc_2010\params.ini is unwritable! One solution is to brows to the directory, right click the file, select properties, and uncheck read-only. Again the file is writable but once I modify the parameters again it becomes read only again. I'm quite lazy and would like to prevent this from happening again, I've notice this happening in past projects, but now I have to work a lot with parameters so it becomes quite boring doing manual labor like that :P

  Read the article

• What is lifetime of lambda-derived implicit functors in C++ ?

  - by Fyodor Soikin

  The question is simple: what is lifetime of that functor object that is automatically generated for me by the C++ compiler when I write a lambda-expression? I did a quick search, but couldn't find a satisfactory answer. In particular, if I pass the lambda somewhere, and it gets remembered there, and then I go out of scope, what's going to happen once my lambda is called later and tries to access my stack-allocated, but no longer alive, captured variables? Or does the compiler prevent such situation in some way? Or what?

  Read the article

• Return a dynamic string from std::exception's `what`

  - by Shtééf

  I'm convinced at this point that I should be creating subclasses of std::exception for all my exception throwing needs. Now I'm looking at how to override the what method. The situation that I'm facing, it would be really handy if the string what returns be dynamic. Some pieces of code parse an XML file for example, and adding a position or line number to the error message is useful to me. What I'd like to know: what returns a const char *, which implies any catcher is likely not going to free the string. So I need some other place to store the result, but where would that be? (I need thread-safety.) what also includes throw() in its signature. While I can prevent my what from throwing anything, it seems to me that this method really isn't intended for anything too dynamic. If what is not the right place, then where should I be doing this instead?

  Read the article

< Previous Page | 143 144 145 146 147 148 149 150 151 152 153 154  | Next Page >