hidden fields - Page 161

Neural Network Always Produces Same/Similar Outputs for Any Input

- by l33tnerd

I have a problem where I am trying to create a neural network for Tic-Tac-Toe. However, for some reason, training the neural network causes it to produce nearly the same output for any given input. I did take a look at Artificial neural networks benchmark, but my network implementation is built for neurons with the same activation function for each neuron, i.e. no constant neurons. To make sure the problem wasn't just due to my choice of training set (1218 board states and moves generated by a genetic algorithm), I tried to train the network to reproduce XOR. The logistic activation function was used. Instead of using the derivative, I multiplied the error by output*(1-output) as some sources suggested that this was equivalent to using the derivative. I can put the Haskell source on HPaste, but it's a little embarrassing to look at. The network has 3 layers: the first layer has 2 inputs and 4 outputs, the second has 4 inputs and 1 output, and the third has 1 output. Increasing to 4 neurons in the second layer didn't help, and neither did increasing to 8 outputs in the first layer. I then calculated errors, network output, bias updates, and the weight updates by hand based on http://hebb.mit.edu/courses/9.641/2002/lectures/lecture04.pdf to make sure there wasn't an error in those parts of the code (there wasn't, but I will probably do it again just to make sure). Because I am using batch training, I did not multiply by x in equation (4) there. I am adding the weight change, though http://www.faqs.org/faqs/ai-faq/neural-nets/part2/section-2.html suggests to subtract it instead. The problem persisted, even in this simplified network. For example, these are the results after 500 epochs of batch training and of incremental training. Input |Target|Output (Batch) |Output(Incremental) [1.0,1.0]|[0.0] |[0.5003781562785173]|[0.5009731800870864] [1.0,0.0]|[1.0] |[0.5003740346965251]|[0.5006347214672715] [0.0,1.0]|[1.0] |[0.5003734471544522]|[0.500589332376345] [0.0,0.0]|[0.0] |[0.5003674110937019]|[0.500095157458231] Subtracting instead of adding produces the same problem, except everything is 0.99 something instead of 0.50 something. 5000 epochs produces the same result, except the batch-trained network returns exactly 0.5 for each case. (Heck, even 10,000 epochs didn't work for batch training.) Is there anything in general that could produce this behavior? Also, I looked at the intermediate errors for incremental training, and the although the inputs of the hidden/input layers varied, the error for the output neuron was always +/-0.12. For batch training, the errors were increasing, but extremely slowly and the errors were all extremely small (x10^-7). Different initial random weights and biases made no difference, either. Note that this is a school project, so hints/guides would be more helpful. Although reinventing the wheel and making my own network (in a language I don't know well!) was a horrible idea, I felt it would be more appropriate for a school project (so I know what's going on...in theory, at least. There doesn't seem to be a computer science teacher at my school). EDIT: Two layers, an input layer of 2 inputs to 8 outputs, and an output layer of 8 inputs to 1 output, produces much the same results: 0.5+/-0.2 (or so) for each training case. I'm also playing around with pyBrain, seeing if any network structure there will work. Edit 2: I am using a learning rate of 0.1. Sorry for forgetting about that. Edit 3: Pybrain's "trainUntilConvergence" doesn't get me a fully trained network, either, but 20000 epochs does, with 16 neurons in the hidden layer. 10000 epochs and 4 neurons, not so much, but close. So, in Haskell, with the input layer having 2 inputs & 2 outputs, hidden layer with 2 inputs and 8 outputs, and output layer with 8 inputs and 1 output...I get the same problem with 10000 epochs. And with 20000 epochs. Edit 4: I ran the network by hand again based on the MIT PDF above, and the values match, so the code should be correct unless I am misunderstanding those equations. Some of my source code is at http://hpaste.org/42453/neural_network__not_working; I'm working on cleaning my code somewhat and putting it in a Github (rather than a private Bitbucket) repository. All of the relevant source code is now at https://github.com/l33tnerd/hsann.

Read the article

ASP.net MVC 2.0 using the same form for adding and editing.

- by Chevex

I would like to use the same view for editing a blog post and adding a blog post. However, I'm having an issue with the ID. When adding a blog post, I have no need for an ID value to be posted. When model binding binds the form values to the BlogPost object in the controller, it will auto-generate the ID in entity framework entity. When I am editing a blog post I DO need a hidden form field to store the ID in so that it accompanies the next form post. Here is the view I have right now. <% using (Html.BeginForm("CommitEditBlogPost", "Admin")) { %> <% if (Model != null) { %> <%: Html.HiddenFor(x => x.Id)%> <% } %> Title:<br /> <%: Html.TextBoxFor(x => x.Title, new { Style = "Width: 90%;" })%> <br /> <br /> Summary:<br /> <%: Html.TextAreaFor(x => x.Summary, new { Style = "Width: 90%; Height: 50px;" }) %> <br /> <br /> Body:<br /> <%: Html.TextAreaFor(x => x.Body, new { Style = "Height: 250px; Width: 90%;" })%> <br /> <br /> <input type="submit" value="Submit" /> <% } %> Right now checking if the model is coming in NULL is a great way to know if I'm editing a blog post or adding one, because when I'm adding one it will be null as it hasn't been created yet. The problem comes in when there is an error and the entity is invalid. When the controller renders the form after an invalid model the Model != null evaluates to false, even though we are editing a post and there is clearly a model. If I render the hidden input field for ID when adding a post, I get an error stating that the ID can't be null. Any help is appreciated. EDIT: I went with OJ's answer for this question, however I discovered something that made me feel silly and I wanted to share it just in case anyone was having a similar issue. The page the adds/edits blogs does not even need a hidden field for id, ever. The reason is because when I go to add a blog I do a GET to this relative URL BlogProject/Admin/AddBlogPost This URL does not contain an ID and the action method just renders the page. The page does a POST to the same URL when adding the blog post. The incoming BlogPost entity has a null Id and is generated by EF during save changes. The same thing happens when I edit blog posts. The URL is BlogProject/Admin/EditBlogPost/{Id} This URL contains the id of the blog post and since the page is posting back to the exact same URL the id goes with the POST to the action method that executes the edit. The only problem I encountered with this is that the action methods cannot have identical signatures. [HttpGet] public ViewResult EditBlogPost(int Id) { } [HttpPost] public ViewResult EditBlogPost(int Id) { } The compiler will yell at you if you try to use these two methods above. It is far too convenient that the Id will be posted back when doing a Html.BeginForm() with no arguments for action or controller. So rather than change the name of the POST method I just modified the arguments to include a FormCollection. Like this: [HttpPost] public ViewResult EditBlogPost(int Id, FormCollection formCollection) { // You can then use formCollection as the IValueProvider for UpdateModel() // and TryUpdateModel() if you wish. I mean, you might as well use the // argument since you're taking it. } The formCollection variable is filled via model binding with the same content that Request.Form would be by default. You don't have to use this collection for UpdateModel() or TryUpdateModel() but I did just so I didn't feel like that collection was pointless since it really was just to make the method signature different from its GET counterpart. Thanks for the help guys!

Read the article

Set postion in customized list field in blackberry

- by arunabha

I want three list field items to be displayed, from bottom to top. I am able to display three list field items, but they display from top to bottom. I have tried setting the position, but it isn't working. import java.util.Vector; import net.rim.device.api.system.Bitmap; import net.rim.device.api.system.Display; import net.rim.device.api.ui.ContextMenu; import net.rim.device.api.ui.DrawStyle; import net.rim.device.api.ui.Field; import net.rim.device.api.ui.Font; import net.rim.device.api.ui.Graphics; import net.rim.device.api.ui.Manager; import net.rim.device.api.ui.MenuItem; import net.rim.device.api.ui.UiApplication; import net.rim.device.api.ui.component.BitmapField; import net.rim.device.api.ui.component.Dialog; import net.rim.device.api.ui.component.LabelField; import net.rim.device.api.ui.component.ListField; import net.rim.device.api.ui.component.ListFieldCallback; import net.rim.device.api.ui.component.NullField; import net.rim.device.api.ui.container.FullScreen; import net.rim.device.api.ui.container.MainScreen; import net.rim.device.api.util.Arrays; import net.rim.device.api.ui.component.ListField; /** * @author Jason Emerick */ public class TaskListField extends UiApplication { //statics ------------------------------------------------------------------ public static void main(String[] args) { TaskListField theApp = new TaskListField(); theApp.enterEventDispatcher(); } public TaskListField() { pushScreen(new TaskList()); } } /*class List extends FullScreen { TaskList tl; List(){ super(); TaskList tl=new TaskList(); } }*/ class TaskList extends MainScreen implements ListFieldCallback { private Vector rows; private Bitmap p1; private Bitmap p2; private Bitmap p3; String Task; ListField listnew=new ListField(); public TaskList() { super(); listnew.setRowHeight(50); //setEmptyString("Hooray, no tasks here!", DrawStyle.HCENTER); listnew.setCallback(this); p1 = Bitmap.getBitmapResource("1.png"); p2 = Bitmap.getBitmapResource("2.png"); p3 = Bitmap.getBitmapResource("3.png"); rows = new Vector(); for (int x = 0; x < 3; x++) { TableRowManager row = new TableRowManager(); if (x== 0) { Task="On Air Now"; } if (x== 1) { Task="Music Channel"; } if (x==2) { Task="News Channel"; } // SET THE PRIORITY BITMAP FIELD // if high priority, display p1 bitmap if (x % 2 == 0) { row.add(new BitmapField(p1)); } // if priority is 2, set p2 bitmap else if (x % 3 == 0) { row.add(new BitmapField(p2)); } // if priority is 3, set p3 bitmap else { row.add(new BitmapField(p3)); } // SET THE TASK NAME LABELFIELD // if overdue, bold/underline LabelField task = new LabelField(Task, DrawStyle.ELLIPSIS); // if due today, bold if (x % 2 == 0) { task.setFont(Font.getDefault().derive( Font.BOLD)); } else { task.setFont(Font.getDefault().derive(Font.BOLD)); } row.add(task); LabelField task1 = new LabelField("Now Playing" + String.valueOf(x), DrawStyle.ELLIPSIS); // if due today, bold /* if (x % 2 == 0) { task.setFont(Font.getDefault().derive( Font.BOLD)); } else { task.setFont(Font.getDefault().derive(Font.BOLD)); }*/ Font myFont = Font.getDefault().derive(Font.PLAIN, 12); task1.setFont(myFont); row.add(task1); // SET THE DUE DATE/TIME row.add(new LabelField("", DrawStyle.ELLIPSIS | LabelField.USE_ALL_WIDTH | DrawStyle.RIGHT) { protected void paint(Graphics graphics) { graphics.setColor(0x00878787); super.paint(graphics); } }); rows.addElement(row); } listnew.setSize(rows.size()); this.add(listnew); } // ListFieldCallback Implementation public void drawListRow(ListField listField, Graphics g, int index, int y, int width) { //TaskList list =(TaskListField) listnew; TableRowManager rowManager = (TableRowManager)rows .elementAt(index); rowManager.drawRow(g, 0, y, width, listnew.getRowHeight()); } private class TableRowManager extends Manager { public TableRowManager() { super(0); } // Causes the fields within this row manager to be layed out then // painted. public void drawRow(Graphics g, int x, int y, int width, int height) { // Arrange the cell fields within this row manager. layout(0, 1); // Place this row manager within its enclosing list. setPosition(x,y); // Apply a translating/clipping transformation to the graphics // context so that this row paints in the right area. g.pushRegion(getExtent()); // Paint this manager's controlled fields. subpaint(g); g.setColor(0x00CACACA); g.drawLine(0, 0, getPreferredWidth(), 0); // Restore the graphics context. g.popContext(); } // Arrages this manager's controlled fields from left to right within // the enclosing table's columns. protected void sublayout(int width, int height) { // set the size and position of each field. int fontHeight = Font.getDefault().getHeight(); int preferredWidth = getPreferredWidth(); // start with the Bitmap Field of the priority icon /* Field field = getField(0); layoutChild(field, 0, 0); setPositionChild(field, 150, 300);*/ // set the task name label field /* field = getField(1); layoutChild(field, preferredWidth - 16, fontHeight + 1); setPositionChild(field, 34, 3); // set the list name label field field = getField(2); layoutChild(field, 150, fontHeight + 1); setPositionChild(field, 34, fontHeight + 6);*/ // set the due time name label field /* field = getField(3); layoutChild(field, 150, fontHeight + 1); setPositionChild(field,4,340);*/ /* layoutChild(listnew, preferredWidth, fontHeight); setPositionChild(listnew, 3, 396);*/ setExtent(360, 480); } // The preferred width of a row is defined by the list renderer. public int getPreferredWidth() { return getWidth(); } // The preferred height of a row is the "row height" as defined in the // enclosing list. public int getPreferredHeight() { return listnew.getRowHeight(); } } public Object get(ListField listField, int index) { // TODO Auto-generated method stub return null; } public int getPreferredWidth(ListField listField) { // TODO Auto-generated method stub return 0; } public int indexOfList(ListField listField, String prefix, int start) { // TODO Auto-generated method stub return 0; } }

Read the article

2 columns 100% height. Can the problem ever be solved in html markup???!!

- by denja

I'm in despair trying to draw this simple thing. Two columns stretching 100% vertically. Is this ever possible? here there are two tries <html> <head> <title>Columns</title> </head> <body> <style type="text/css"> .wrapper {font-size:900px; width:1200px; margin:0 auto; } .col1 { width:600px; height:100%; float:left; background:#f00; } .col2 { width:600px; height:100%; float:left; background:#00f; } </style> <div class="wrapper"> <div class="col1"> C o l u m n 1 </div> <div class="col2"> C ol u m n 2 </div> </div> </body> </html> and <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB"> <head> <title>2 Column CSS Demo - Equal Height Columns with Cross-Browser CSS</title> <style media="screen" type="text/css"> /*  */ </style> </head> <body> <div id="container2"> <div id="container1"> <div id="col1"> aaaa a a a a a a a a a aa aa a a a a a a a a aa aa a a a a a a a a aa aa a a a a a a a aa a a a a aa aa a a a a a a a a aa aa a a a a a a a a aa aa a a a a aa a a a a aa aa a </div> <div id="col2"> fghdfghsfgddn fghdfghsfgddn fghdfghsfgddn fghdfghsfgddn fghdfghsfgddn fghdfghsfgddn fghdfghsfgddn v </div> </div> </div> <div id="footer">   </div> </body>

Read the article

(PHP) Validation, Security and Speed - Does my app have these?

- by Devner

Hi all, I am currently working on a building community website in PHP. This contains forms that a user can fill right from registration to lot of other functionality. I am not an Object-oriented guy, so I am using functions most of the time to handle my application. I know I have to learn OOPS, but currently need to develop this website and get it running soon. Anyway, here's a sample of what I let my app. do: Consider a page (register.php) that has a form where a user has 3 fields to fill up, say: First Name, Last Name and Email. Upon submission of this form, I want to validate the form and show the corresponding errors to the users: <form id="form1" name="form1" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <label for="name">Name:</label> <input type="text" name="name" id="name" /><br /> <label for="lname">Last Name:</label> <input type="text" name="lname" id="lname" /><br /> <label for="email">Email:</label> <input type="text" name="email" id="email" /><br /> <input type="submit" name="submit" id="submit" value="Submit" /> </form> This form will POST the info to the same page. So here's the code that will process the POST'ed info: <?php require("functions.php"); if( isset($_POST['submit']) ) { $errors = fn_register(); if( count($errors) ) { //Show error messages } else { //Send welcome mail to the user or do database stuff... } } ?> <?php //functions.php page: function sql_quote( $value ) { if( get_magic_quotes_gpc() ) { $value = stripslashes( $value ); } else { $value = addslashes( $value ); } if( function_exists( "mysql_real_escape_string" ) ) { $value = mysql_real_escape_string( $value ); } return $value; } function clean($str) { $str = strip_tags($str, '<br>,<br />'); $str = trim($str); $str = sql_quote($str); return $str; } foreach ($_POST as &$value) { if (!is_array($value)) { $value = clean($value); } else { clean($value); } } foreach ($_GET as &$value) { if (!is_array($value)) { $value = clean($value); } else { clean($value); } } function validate_name( $fld, $min, $max, $rule, $label ) { if( $rule == 'required' ) { if ( trim($fld) == '' ) { $str = "$label: Cannot be left blank."; return $str; } } if ( isset($fld) && trim($fld) != '' ) { if ( isset($fld) && $fld != '' && !preg_match("/^[a-zA-Z\ ]+$/", $fld)) { $str = "$label: Invalid characters used! Only Lowercase, Uppercase alphabets and Spaces are allowed"; } else if ( strlen($fld) < $min or strlen($fld) > $max ) { $curr_char = strlen($fld); $str = "$label: Must be atleast $min character & less than $max char. Entered characters: $curr_char"; } else { $str = 0; } } else { $str = 0; } return $str; } function validate_email( $fld, $min, $max, $rule, $label ) { if( $rule == 'required' ) { if ( trim($fld) == '' ) { $str = "$label: Cannot be left blank."; return $str; } } if ( isset($fld) && trim($fld) != '' ) { if ( !eregi('^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$', $fld) ) { $str = "$label: Invalid format. Please check."; } else if ( strlen($fld) < $min or strlen($fld) > $max ) { $curr_char = strlen($fld); $str = "$label: Must be atleast $min character & less than $max char. Entered characters: $curr_char"; } else { $str = 0; } } else { $str = 0; } return $str; } function val_rules( $str, $val_type, $rule='required' ){ switch ($val_type) { case 'name': $val = validate_name( $str, 3, 20, $rule, 'First Name'); break; case 'lname': $val = validate_name( $str, 10, 20, $rule, 'Last Name'); break; case 'email': $val = validate_email( $str, 10, 60, $rule, 'Email'); break; } return $val; } function fn_register() { $errors = array(); $val_name = val_rules( $_POST['name'], 'name' ); $val_lname = val_rules( $_POST['lname'], 'lname', 'optional' ); $val_email = val_rules( $_POST['email'], 'email' ); if ( $val_name != '0' ) { $errors['name'] = $val_name; } if ( $val_lname != '0' ) { $errors['lname'] = $val_lname; } if ( $val_email != '0' ) { $errors['email'] = $val_email; } return $errors; } //END of functions.php page ?> OK, now it might look like there's a lot, but lemme break it down target wise: 1. I wanted the foreach ($_POST as &$value) and foreach ($_GET as &$value) loops to loop through the received info from the user submission and strip/remove all malicious input. I am calling a function called clean on the input first to achieve the objective as stated above. This function will process each of the input, whether individual field values or even arrays and allow only tags and remove everything else. The rest of it is obvious. Once this happens, the new/cleaned values will be processed by the fn_register() function and based on the values returned after the validation, we get the corresponding errors or NULL values (as applicable). So here's my questions: 1. This pretty much makes me feel secure as I am forcing the user to correct malicious data and won't process the final data unless the errors are corrected. Am I correct? Does the method that I follow guarantee the speed (as I am using lots of functions and their corresponding calls)? The fields of a form differ and the minimum number of fields I may have at any given point of time in any form may be 3 and can go upto as high as 100 (or even more, I am not sure as the website is still being developed). Will having 100's of fields and their validation in the above way, reduce the speed of application (say upto half a million users are accessing the website at the same time?). What can I do to improve the speed and reduce function calls (if possible)? 3, Can I do something to improve the current ways of validation? I am holding off object oriented approach and using FILTERS in PHP for the later. So please, I request you all to suggest me way to improve/tweak the current ways and suggest me if the script is vulnerable or safe enough to be used in a Live production environment. If not, what I can do to be able to use it live? Thank you all in advance.

Read the article

EXC_BAD_ACCESS at UITableView on IOS

- by Suprie

Hi all, When scrolling through table, my application crash and console said it was EXC_BAD_ACCESS. I've look everywhere, and people suggest me to use NSZombieEnabled on my executables environment variables. I've set NSZombieEnabled, NSDebugEnabled, MallocStackLogging and MallocStackLoggingNoCompact to YES on my executables. But apparently i still can't figure out which part of my program that cause EXC_BAD_ACCESS. This is what my console said [Session started at 2010-12-21 21:11:21 +0700.] GNU gdb 6.3.50-20050815 (Apple version gdb-1510) (Wed Sep 22 02:45:02 UTC 2010) Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "x86_64-apple-darwin".sharedlibrary apply-load-rules all Attaching to process 9335. TwitterSearch(9335) malloc: recording malloc stacks to disk using standard recorder TwitterSearch(9335) malloc: process 9300 no longer exists, stack logs deleted from /tmp/stack-logs.9300.TwitterSearch.suirlR.index TwitterSearch(9335) malloc: stack logs being written into /tmp/stack- logs.9335.TwitterSearch.tQJAXk.index 2010-12-21 21:11:25.446 TwitterSearch[9335:207] View Did Load Program received signal: “EXC_BAD_ACCESS”. And this is when i tried to type backtrace on gdb : Program received signal: “EXC_BAD_ACCESS”. (gdb) backtrace #0 0x00f20a67 in objc_msgSend () #1 0x0565cd80 in ?? () #2 0x0033b7fa in -[UITableView(UITableViewInternal) _createPreparedCellForGlobalRow:withIndexPath:] () #3 0x0033177f in -[UITableView(UITableViewInternal) _createPreparedCellForGlobalRow:] () #4 0x00346450 in -[UITableView(_UITableViewPrivate) _updateVisibleCellsNow:] () #5 0x0033e538 in -[UITableView layoutSubviews] () #6 0x01ffc451 in -[CALayer layoutSublayers] () #7 0x01ffc17c in CALayerLayoutIfNeeded () #8 0x01ff537c in CA::Context::commit_transaction () #9 0x01ff50d0 in CA::Transaction::commit () #10 0x020257d5 in CA::Transaction::observer_callback () #11 0x00d9ffbb in __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ () #12 0x00d350e7 in __CFRunLoopDoObservers () #13 0x00cfdbd7 in __CFRunLoopRun () #14 0x00cfd240 in CFRunLoopRunSpecific () #15 0x00cfd161 in CFRunLoopRunInMode () #16 0x01a73268 in GSEventRunModal () #17 0x01a7332d in GSEventRun () #18 0x002d642e in UIApplicationMain () #19 0x00001d4e in main (argc=1, argv=0xbfffee34) at /Users/suprie/Documents/Projects/Self/cocoa/TwitterSearch/main.m:14 I really appreciate for any clue to help me debug my application. EDIT this is the Header file of table #import <UIKit/UIKit.h> @interface TwitterTableViewController : UITableViewController { NSMutableArray *twitters; } @property(nonatomic,retain) NSMutableArray *twitters; @end and the implementation file #import "TwitterTableViewController.h" @implementation TwitterTableViewController @synthesize twitters; #pragma mark - #pragma mark Table view data source - (NSInteger)numberOfSectionsInTableView:(UITableView *)tableView { // Return the number of sections. return 1; } - (NSInteger)tableView:(UITableView *)tableView numberOfRowsInSection:(NSInteger)section { // Return the number of rows in the section. return [twitters count]; } - (CGFloat)tableView:(UITableView *)tableView heightForRowAtIndexPath:(NSIndexPath *)indexPath { return 90.0f; } - (UITableViewCell *)tableView:(UITableView *)tableView cellForRowAtIndexPath:(NSIndexPath *)indexPath { const NSInteger TAG_IMAGE_VIEW = 1001; const NSInteger TAG_TWEET_VIEW = 1002; const NSInteger TAG_FROM_VIEW = 1003; static NSString *CellIdentifier = @"Cell"; UIImageView *imageView; UILabel *tweet; UILabel *from; UITableViewCell *cell = [tableView dequeueReusableCellWithIdentifier:CellIdentifier]; if (cell == nil) { cell = [[[UITableViewCell alloc] initWithStyle:UITableViewCellStyleDefault reuseIdentifier:CellIdentifier] autorelease]; // Image imageView = [[[[UIImageView alloc] initWithFrame:CGRectMake(5.0f, 5.0f, 60.0f, 60.0f)] autorelease] retain]; [cell.contentView addSubview:imageView]; imageView.tag = TAG_IMAGE_VIEW; // Tweet tweet = [[[UILabel alloc] initWithFrame:CGRectMake(105.0f, 5.0f, 200.0f, 50.0f)] autorelease]; [cell.contentView addSubview:tweet]; tweet.tag = TAG_TWEET_VIEW; tweet.numberOfLines = 2; tweet.font = [UIFont fontWithName:@"Helvetica" size:12]; tweet.textColor = [UIColor blackColor]; tweet.backgroundColor = [UIColor clearColor]; // From from = [[[UILabel alloc] initWithFrame:CGRectMake(105.0f, 55.0, 200.0f, 35.0f)] autorelease]; [cell.contentView addSubview:from]; from.tag = TAG_FROM_VIEW; from.numberOfLines = 1; from.font = [UIFont fontWithName:@"Helvetica" size:10]; from.textColor = [UIColor blackColor]; from.backgroundColor = [UIColor clearColor]; } // Configure the cell... NSMutableDictionary *twitter = [twitters objectAtIndex:(NSInteger) indexPath.row]; // cell.text = [twitter objectForKey:@"text"]; tweet.text = (NSString *) [twitter objectForKey:@"text"]; tweet.hidden = NO; from.text = (NSString *) [twitter objectForKey:@"from_user"]; from.hidden = NO; NSString *avatar_url = (NSString *)[twitter objectForKey:@"profile_image_url"]; NSData * imageData = [[NSData alloc] initWithContentsOfURL: [NSURL URLWithString: avatar_url]]; imageView.image = [UIImage imageWithData: imageData]; imageView.hidden = NO; return cell; } #pragma mark - #pragma mark Table view delegate - (void)tableView:(UITableView *)tableView didSelectRowAtIndexPath:(NSIndexPath *)indexPath { NSMutableDictionary *twitter = [twitters objectAtIndex:(NSInteger)indexPath.row]; NSLog(@"Twit ini kepilih :%@", [twitter objectForKey:@"text"]); } #pragma mark - #pragma mark Memory management - (void)didReceiveMemoryWarning { // Releases the view if it doesn't have a superview. [super didReceiveMemoryWarning]; } - (void)viewDidUnload { } - (void)dealloc { [super dealloc]; } @end

Read the article

Style:Display and Visibility errors ?

- by dhaliwaljee

< table border="1" cellpadding="0" cellspacing="0" width="100%"> < tr> < td>1< /td> < td>1< /td> < td>1< /td> < td>1< /td> < td>1< /td> </tr> < tr style="display:block "> < td>2< /td> < td>2< /td> < td>2< /td> < td>2< /td> < td>2< /td> </ tr> < tr style="visibility:hidden "> < td>3< /td> < td>3< /td> < td>3< /td> < td>3< /td> < td>3< /td> < /tr> < tr style="visibility:hidden "> < td>4< /td> < td>4< /td> < td>4< /td> < td>4< /td> < td>4< /td> < /tr> < tr> < td>5< /td> < td>5< /td> < td>5< /td> < td>5< /td> < td>5< /td> < /tr> < tr> < td>6< /td> < /tr> < tr> < td>7< /td> < /tr> < /table> see the code I am using visibility and display for hidden or showing rows but both have errors Visibility hide the row but do not removed space, like "display:none", I can use "display" but it is not working properly with safari and Firefox. Please give me solution for it. My requirement is:- Hide the row and also removed its space on all browsers.

Read the article

Updated data is not loaded in the same browser(using Ajax )

- by Mouli

Initilly load some datas into dropdown list. It contain company code and company related fields in Textbox. Using Ajax to load the company related Fields in onchange Function I edit the company related fields and update it. Its updated Successfully then i Click the back button and refresh the browser. I select the updated company form the dropdown list. It always list the old value insted of updated data. I want to show the updated fields into corresponding textbox. This part of coding is to load the companyname into dropdown list <% DBAccess dbAccess = Util.initDatabaseAccess(); ResultSet rs = null; ResultSet rsEdit = null; int updateSuccess = 0; String button = request.getParameter("saveAction"); rs = dbAccess.executeQuery("select companyname,Companycode,companyid from yosemitecompany where cmpstatus=1 order by companyname"); %> My Ajax function <script> function showCompanyDetails(str) { if (str=="") { document.getElementById("CompanyName").innerHTML=""; return; } if (window.XMLHttpRequest) { xmlhttp=new XMLHttpRequest(); } else { xmlhttp=new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange=function() { if (xmlhttp.readyState==4 && xmlhttp.status==200) { var resValue=new Array(); resValue = xmlhttp.responseText.split("$"); document.getElementById("CompanyName").value=resValue[0]; document.getElementById("StreetName1").value=(resValue[1]!=null && !resValue[1].equalsIgnoreCase("null") && resValue[1].length>0?resValue[1]:""); document.getElementById("StreetName2").value=(resValue[2]!=null && !resValue[2].equalsIgnoreCase("null") && resValue[2].length>0?resValue[2]:""); document.getElementById("City").value=(resValue[3]!=null && !resValue[3].equalsIgnoreCase("null") && resValue[3].length>0?resValue[3]:""); document.getElementById("Zipcode").value=trim((resValue[5]!=null && !resValue[5].equalsIgnoreCase("null") && resValue[5].length>0?resValue[5]:"")); document.getElementById("officePhone").value=(resValue[6]!=null && !resValue[6].equalsIgnoreCase("null") && resValue[6].length>0?resValue[6]:""); document.getElementById("Fax1").value=(resValue[7]!=null && !resValue[7].equalsIgnoreCase("null") && resValue[7].length>0?resValue[7]:""); document.getElementById("email").value=(resValue[8]!=null && !resValue[8].equalsIgnoreCase("null") && resValue[8].length>0?resValue[8]:""); document.getElementById("WebSite").value=(resValue[9]!=null && !resValue[9].equalsIgnoreCase("null") && resValue[9].length>0?resValue[9]:""); document.getElementById("description").value=(resValue[10]!=null && !resValue[10].equalsIgnoreCase("null") && resValue[10].length>0?resValue[10]:""); document.getElementById("companycode").value=resValue[11]; document.getElementById("tempCompanyId").value=resValue[12]; document.getElementById("tempStateId").value=resValue[13]; stateID = resValue[13]; countryID = resValue[14]; processAjaxRequestPost('ajaxRequestPost','SingleListHandler','getCountryListDetails', document.getElementById("tempCompanyId").value); showTimezone(resValue[15]); document.getElementById("userName").value=resValue[16]; document.getElementById("passWord").value=resValue[17]; } } xmlhttp.open("GET","customerDetail.jsp?val="+str,true); xmlhttp.send(); } </script> My Update function <%if(updateSuccess <= 0){ if(button != null && button.equalsIgnoreCase("update")) { String companyCode = request.getParameter("companycode").trim(); String companyName = request.getParameter("CompanyName").trim(); String StreetName1 = request.getParameter("StreetName1").trim(); String StreetName2 = request.getParameter("StreetName2").trim(); String City = request.getParameter("City").trim(); String Zipcode = request.getParameter("Zipcode").trim(); String officePhone = request.getParameter("officePhone").trim(); String Fax1 = request.getParameter("Fax1").trim(); String email = request.getParameter("email").trim(); String WebSite = request.getParameter("WebSite").trim(); String description = request.getParameter("description").trim(); String companyid = request.getParameter("tempCompanyId").trim(); String stateId = request.getParameter("tempStateId").trim(); String timeZone = request.getParameter("timezone").trim(); String uploadCustomerLogo = request.getParameter("uploadCustomerLogo").trim(); String userName = request.getParameter("userName").trim(); String passWord = request.getParameter("passWord").trim(); String smtpInsertFlag = "NO"; String getCompanyId = null; updateSuccess = dbAccess.executeUpdate("update yosemitecompany set companyname='"+com.zoniac.util.Util.deQuoteForSingleQuote(companyName)+"', streetname1='"+com.zoniac.util.Util.deQuoteForSingleQuote(StreetName1)+"', streetname2='"+com.zoniac.util.Util.deQuoteForSingleQuote(StreetName2)+"', cityname='"+com.zoniac.util.Util.deQuoteForSingleQuote(City)+"', zipcode='"+com.zoniac.util.Util.deQuoteForSingleQuote(Zipcode)+"', phonenumber1='"+com.zoniac.util.Util.deQuoteForSingleQuote(officePhone)+"', fax1='"+com.zoniac.util.Util.deQuoteForSingleQuote(Fax1)+"', email1='"+com.zoniac.util.Util.deQuoteForSingleQuote(email)+"', website='"+com.zoniac.util.Util.deQuoteForSingleQuote(WebSite)+"', description='"+com.zoniac.util.Util.deQuoteForSingleQuote(description)+"',timezoneid="+timeZone+", stateid="+stateId+" where companyid='"+companyid+"'"); if(rs != null) { rs = null; dbAccess.close(); } } %> My customerDetail.jsp File <% String val = request.getParameter("val"); DBAccess dbAccess = Util.initDatabaseAccess(); ResultSet rs = null; String outputResult = null; String ff = "NO"; rs = dbAccess.executeQuery("select companyname,streetname1,streetname2,cityname,(select statename from state where stateid = (select stateid from yosemitecompany where companyid ="+val+"))as state,zipcode,phonenumber1,fax1,email1,website,description,companycode,companyid,(select stateid from state where stateid = (select stateid from yosemitecompany where companyid ="+val+"))as statecode,(select countryid from country where countryid =(select countryid from state where stateid = (select stateid from yosemitecompany where companyid ="+val+")))as countryid,timezoneid from yosemitecompany where companyid = "+val+""); if(rs.next()){ outputResult = rs.getString(1)+"$"+rs.getString(2)+"$"+rs.getString(3)+"$"+rs.getString(4)+"$"+rs.getString(5)+"$"+rs.getString(6)+"$"+rs.getString(7)+"$"+rs.getString(8)+"$"+rs.getString(9)+"$"+rs.getString(10)+"$"+rs.getString(11)+"$"+rs.getString(12)+"$"+rs.getString(13)+"$"+rs.getString(14)+"$"+rs.getString(15)+"$"+rs.getString(16); } rs = null; rs = dbAccess.executeQuery("select username,password from EMAILAUTHENTICATIONDETAILS where companyid="+val); if(rs.next()){ ff="YES"; outputResult += "$"+rs.getString(1)+"$"+rs.getString(2); } if(ff.equals("NO")){ outputResult += "$$"; } out.println(outputResult); outputResult = null; ff = "NO"; if(rs!=null) { rs = null; dbAccess.close(); } %>

Read the article

Easiest way to submit data via PHP?

- by Abijah

I'm new to PHP, and have spent 10 hours trying to figure this problem out. The goal is to take all data entered into this order form, and send it to my email via PHP. I have 2 questions: 1. I can get PHP to send data from a single menu item (example: Mexican Tortas), but how do I get PHP to send data from multiple items (example: Mexican Tortas, Fish Sandwich and Hamburger)? 2. How do I tell PHP to not send data from menu items that don't have the "How Many?" or "Customize It?" text fields filled out? If you could provide a super simple example (or a link to a learning resource) I would really appreciate it. Thank you, Abijah PHP <?php if(isset($_POST['submit'])) { $to = "[email protected]"; $subject = "New Order"; $name_field = $_POST['name']; $phone_field = $_POST['phone']; $item = $_POST['item']; $quantity = $_POST['quantity']; $customize = $_POST['customize']; } $body = "Name: $name_field\nPhone: $phone_field\n\nItem: $item\nQuantity: $quantity\nCustomize: $customize"; echo "Data has been submitted to $to!"; mail($to, $subject, $body); ?> HTML <form action="neworder.php" method="POST"> <div class ="item"> <img style="float:left; margin-right:15px; border:1px Solid #000; width:200px; height:155px;" src="images/mexicantortas.jpg"> <h1>Mexican Torta - $8.50</h1> <input name="item" type="hidden" value="Mexican Torta"/> <h2>How Many? <font color="#999999">Ex: 1, 2, 3...?</font></h2> <input name="quantity" type="text"/> <h3>Customize It? <font color="#999999">Ex: No Lettuce, Extra Cheese...</font></h3> <textarea name="customize"/></textarea> </div> <div class ="item"> <img style="float:left; margin-right:15px; border:1px Solid #000; width:200px; height:155px;" src="images/fishsandwich.jpg"> <h1>Fish Sandwich - $8.50</h1> <input name="item" type="hidden" value="Fish Sandwich"/> <h2>How Many? <font color="#999999">Ex: 1, 2, 3...?</font></h2> <input name="quantity" type="text"/> <h3>Customize It? <font color="#999999">Ex: No Lettuce, Extra Cheese...</font></h3> <textarea name="customize"/></textarea> </div> <div class ="item"> <img style="float:left; margin-right:15px; border:1px Solid #000; width:200px; height:155px;" src="images/hamburgers.jpg"> <h1>Hamburger w/ Fries - $7.00</h1> <input name="item" type="hidden" value="Fish Sandwich"/> <h2>How Many? <font color="#999999">Ex: 1, 2, 3...?</font></h2> <input name="quantity" type="text"/> <h3>Customize It? <font color="#999999">Ex: No Lettuce, Extra Cheese...</font></h3> <textarea name="customize"/></textarea> </div> <div class="horizontal_form"> <div class="form"> <h2>Place Your Order Now: <font size="3"><font color="#037B41">Fill in the form below, and we'll call you when your food is ready to be picked up...</font></font></h2> <p class="name"> <input type="text" name="name" id="name" style="text-align:center;" onClick="this.value='';" value="Enter your name"/> </p> <p class="phone"> <input type="text" name="phone" id="phone" style="text-align:center;" onClick="this.value='';" value="Enter your phone #"/> </p> <p class="submit"> <input type="submit" value="Place Order" name="submit"/> </p> </div> </div> </form>

Read the article

Unable to center text in IE but works in firefox

- by greenpool

Can somebody point out where I'm going wrong with the following code. Text inside td elements need to be centered except for Summary and Experience. This only appears to work in Firefox/chrome. In IE8 all td text are displayed as left-justified. No matter what I try it doesn't center it. Any particular reason why this would happen? Thanks. css #viewAll { font-family:"Trebuchet MS", Arial, Helvetica, sans-serif; width:100%; border-collapse:collapse; margin-left:10px; table-layout: fixed; } #viewAll td, #viewAll th { font-size:1.1em; border:1px solid #98bf21; word-wrap:break-word; text-align:center; overflow:hidden; } #viewAll tbody td{ padding:2px; } #viewAll th { font-size:1.1em; padding-top:5px; padding-bottom:4px; background-color:#A7C942; color:#ffffff; } table <?php echo '<table id="viewAll" class="tablesorter">'; echo '<thead>'; echo '<tr align="center">'; echo '<th style="width:70px;">Product</th>'; echo '<th style="width:105px;">Prob</th>'; echo '<th style="width:105px;">I</th>'; echo '<th style="width:60px;">Status</th>'; echo '<th style="width:120px;">Experience</th>'; echo '<th style="width:200px;">Technical Summary</th>'; echo '<th style="width:80px;">Record Created</th>'; echo '<th style="width:80px;">Record Updated</th>'; echo '<th style="width:50px;">Open</th>'; echo '</tr>'; echo '</thead>'; echo '<tbody>'; while ($data=mysqli_fetch_array($result)){ #limiting the summary text displayed in the table $limited_summary = (strlen($data['summary']) > 300) ? substr(($data['summary']),0,300) . '...' : $data['summary']; $limited_exp = (strlen($data['exp']) > 300) ? substr(($data['exp']),0,300) . '...' : $data['exp']; echo '<tr align="center"> <td style="width:70px; text-align:center;">'.$data['product'].'</td>'; //if value is '-' do not display as link if ($data['prob'] != '-'){ echo '<td style="width:105px;">'.$data['prob'].'</a></td>'; } else{ echo '<td style="width:105px; ">'.$data['prob'].'</td>'; } if ($data['i'] != '-'){ echo '<td style="width:105px; ">'.$data['i'].'</a></td>'; } else{ echo '<td style="width:105px; ">'.$data['i'].'</td>'; } echo'<td style="width:40px; " >'.$data['status'].'</td> <td style="width:120px; text-align:left;">'.$limited_cust_exp.'</td> <td style="width:200px; text-align:left;">'.$limited_summary.'</td> <td style="width:80px; ">'.$data['created'].'</td> <td style="width:80px; ">'.$data['updated'].'</td>'; if (isset($_SESSION['username'])){ echo '<td style="width:50px; "> <form action="displayRecord.php" method="get">'.' <input type="hidden" name="id" value="'. $data['id'].'" style="text-decoration: none" /><input type="submit" value="Open" /></form></td>'; }else{ echo '<td style="width:50px; "> <form action="displayRecord.php" method="get">'.' <input type="hidden" name="id" value="'. $data['id'].'" style="text-decoration: none" /><input type="submit" value="View" /></form></td>'; } echo '</tr>'; }#end of while echo '</tbody>'; echo '</table>'; ?>

Read the article

PhpMyAdmin Hangs On MySQL Error

- by user75228

I'm currently running PhpMyAdmin 4.0.10 (the latest version supporting PHP 4.2.X) on my Amazon EC2 connecting to a MySQL database on RDS. Everything works perfectly fine except actions that return a mysql error message. Whether I perform "any" kind of action that will return a mysql error, Phpmyadmin will hang with the yellow "Loading" box forever without displaying anything. For example, if I perform the following command in MySQL CLI : select * from 123; It instantly returns the following error : ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '123' at line 1 which is completely normal because table 123 doesn't exist. However, if I execute the exact same command in the "SQL" box in Phpmyadmin, after I click "Go" it'll display "Loading" and stops there forever. Has anyone ever encountered this kind of issue with Phpmyadmin? Is this a bug or I have something wrong with my config.inc.php? Any help would be much appreciated. I also noticed these error messages in my apache error logs : /opt/apache/bin/httpd: symbol lookup error: /opt/php/lib/php/extensions/no-debug-non-zts-20060613/iconv.so: undefined symbol: libiconv_open /opt/apache/bin/httpd: symbol lookup error: /opt/php/lib/php/extensions/no-debug-non-zts-20060613/iconv.so: undefined symbol: libiconv_open /opt/apache/bin/httpd: symbol lookup error: /opt/php/lib/php/extensions/no-debug-non-zts-20060613/iconv.so: undefined symbol: libiconv_open Below are my config.inc.php settings : <?php /* vim: set expandtab sw=4 ts=4 sts=4: */ /** * phpMyAdmin sample configuration, you can use it as base for * manual configuration. For easier setup you can use setup/ * * All directives are explained in documentation in the doc/ folder * or at <http://docs.phpmyadmin.net/>. * * @package PhpMyAdmin */ /* * This is needed for cookie based authentication to encrypt password in * cookie */ $cfg['blowfish_secret'] = 'something_random'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ /* * Servers configuration */ $i = 0; /* * First server */ $i++; /* Authentication type */ $cfg['Servers'][$i]['auth_type'] = 'cookie'; /* Server parameters */ $cfg['Servers'][$i]['host'] = '*.rds.amazonaws.com'; $cfg['Servers'][$i]['connect_type'] = 'tcp'; $cfg['Servers'][$i]['compress'] = true; /* Select mysql if your server does not have mysqli */ $cfg['Servers'][$i]['extension'] = 'mysqli'; $cfg['Servers'][$i]['AllowNoPassword'] = false; $cfg['LoginCookieValidity'] = '3600'; /* * phpMyAdmin configuration storage settings. */ /* User used to manipulate with storage */ $cfg['Servers'][$i]['controlhost'] = '*.rds.amazonaws.com'; $cfg['Servers'][$i]['controluser'] = 'pma'; $cfg['Servers'][$i]['controlpass'] = 'password'; /* Storage database and tables */ $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark'; $cfg['Servers'][$i]['relation'] = 'pma__relation'; $cfg['Servers'][$i]['table_info'] = 'pma__table_info'; $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords'; $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages'; $cfg['Servers'][$i]['column_info'] = 'pma__column_info'; $cfg['Servers'][$i]['history'] = 'pma__history'; $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs'; $cfg['Servers'][$i]['tracking'] = 'pma__tracking'; $cfg['Servers'][$i]['designer_coords'] = 'pma__designer_coords'; $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig'; $cfg['Servers'][$i]['recent'] = 'pma__recent'; /* Contrib / Swekey authentication */ // $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf'; /* * End of servers configuration */ /* * Directories for saving/loading files from server */ $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; /** * Defines whether a user should be displayed a "show all (records)" * button in browse mode or not. * default = false */ //$cfg['ShowAll'] = true; /** * Number of rows displayed when browsing a result set. If the result * set contains more rows, "Previous" and "Next". * default = 30 */ $cfg['MaxRows'] = 50; /** * disallow editing of binary fields * valid values are: * false allow editing * 'blob' allow editing except for BLOB fields * 'noblob' disallow editing except for BLOB fields * 'all' disallow editing * default = blob */ //$cfg['ProtectBinary'] = 'false'; /** * Default language to use, if not browser-defined or user-defined * (you find all languages in the locale folder) * uncomment the desired line: * default = 'en' */ //$cfg['DefaultLang'] = 'en'; //$cfg['DefaultLang'] = 'de'; /** * default display direction (horizontal|vertical|horizontalflipped) */ //$cfg['DefaultDisplay'] = 'vertical'; /** * How many columns should be used for table display of a database? * (a value larger than 1 results in some information being hidden) * default = 1 */ //$cfg['PropertiesNumColumns'] = 2; /** * Set to true if you want DB-based query history.If false, this utilizes * JS-routines to display query history (lost by window close) * * This requires configuration storage enabled, see above. * default = false */ //$cfg['QueryHistoryDB'] = true; /** * When using DB-based query history, how many entries should be kept? * * default = 25 */ //$cfg['QueryHistoryMax'] = 100; /* * You can find more configuration options in the documentation * in the doc/ folder or at <http://docs.phpmyadmin.net/>. */ ?>

Read the article

How do I resolve "Unable to resolve attribute [organizationType.id] against path" exception?

- by Dave

I'm using Spring 3.1.1.RELEASE, Hibernate 4.1.0.Final, JUnit 4.8, and JPA 2.0 (hibernate-jpa-2.0-api). I'm trying to write a query and search based on fields of member fields. What I mean is I have this entity … @GenericGenerator(name = "uuid-strategy", strategy = "uuid.hex") @Entity @Table(name = "cb_organization", uniqueConstraints = {@UniqueConstraint(columnNames={"organization_id"})}) public class Organization implements Serializable { @Id @NotNull @GeneratedValue(generator = "uuid-strategy") @Column(name = "id") /* the database id of the Organization */ private String id; @ManyToOne @JoinColumn(name = "state_id", nullable = true, updatable = false) /* the State for the organization */ private State state; @ManyToOne @JoinColumn(name = "country_id", nullable = false, updatable = false) /* The country the Organization is in */ private Country country; @ManyToOne(optional = false) @JoinColumn(name = "organization_type_id", nullable = false, updatable = false) /* The type of the Organization */ private OrganizationType organizationType; Notice the members "organizationType," "state," and "country," which are all objects. I wish to build a query based on their id fields. This code @Override public List<Organization> findByOrgTypesCountryAndState(Set<String> organizationTypes, String countryId, String stateId) { CriteriaBuilder builder = entityManager.getCriteriaBuilder(); CriteriaQuery<Organization> criteria = builder.createQuery(Organization.class); Root<Organization> org = criteria.from(Organization.class); criteria.select(org).where(builder.and(org.get("organizationType.id").in(organizationTypes), builder.equal(org.get("state.id"), stateId), builder.equal(org.get("country.id"), countryId))); return entityManager.createQuery(criteria).getResultList(); } is throwing the exception below. How do I heal the pain? java.lang.IllegalArgumentException: Unable to resolve attribute [organizationType.id] against path at org.hibernate.ejb.criteria.path.AbstractPathImpl.unknownAttribute(AbstractPathImpl.java:116) at org.hibernate.ejb.criteria.path.AbstractPathImpl.locateAttribute(AbstractPathImpl.java:221) at org.hibernate.ejb.criteria.path.AbstractPathImpl.get(AbstractPathImpl.java:192) at org.mainco.subco.organization.repo.OrganizationDaoImpl.findByOrgTypesCountryAndState(OrganizationDaoImpl.java:248) at org.mainco.subco.organization.repo.OrganizationDaoTest.testFindByOrgTypesCountryAndState(OrganizationDaoTest.java:55) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20) at org.springframework.test.context.junit4.statements.RunBeforeTestMethodCallbacks.evaluate(RunBeforeTestMethodCallbacks.java:74) at org.springframework.test.context.junit4.statements.RunAfterTestMethodCallbacks.evaluate(RunAfterTestMethodCallbacks.java:83) at org.springframework.test.context.junit4.statements.SpringRepeat.evaluate(SpringRepeat.java:72) at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.runChild(SpringJUnit4ClassRunner.java:231) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:49) at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193) at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191) at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42) at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184) at org.springframework.test.context.junit4.statements.RunBeforeTestClassCallbacks.evaluate(RunBeforeTestClassCallbacks.java:61) at org.springframework.test.context.junit4.statements.RunAfterTestClassCallbacks.evaluate(RunAfterTestClassCallbacks.java:71) at org.junit.runners.ParentRunner.run(ParentRunner.java:236) at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.run(SpringJUnit4ClassRunner.java:174) at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:50) at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)

Read the article

C# Bind DataTable to Existing DataGridView Column Definitions

- by Timothy

I've been struggling with a NullReferenceException and hope someone here will be able to point me in the right direction. I'm trying to create and populate a DataTable and then show the results in a DataGridView control. The basic code follows, and Execution stops with a NullReferenceException at the point where I invoke the new UpdateResults_Delegate. Oddly enough, I can trace entries.Rows.Count successfully before I return it from QueryEventEntries, so I can at least show 1) entries is not a null reference, and 2) the DataTable contains rows of data. I know I have to be doing something wrong, but I just don't know what. private void UpdateResults(DataTable entries) { dataGridView.DataSource = entries; } private void button_Click(object sender, EventArgs e) { PerformQuery(); } private void PerformQuery() { DateTime start = new DateTime(dateTimePicker1.Value.Year, dateTimePicker1.Value.Month, dateTimePicker1.Value.Day, 0, 0, 0); DateTime stop = new DateTime(dateTimePicker2.Value.Year, dateTimePicker2.Value.Month, dateTimePicker2.Value.Day, 0, 0, 0); DataTable entries = QueryEventEntries(start, stop); UpdateResults(entries); } private DataTable QueryEventEntries(DateTime start, DateTime stop) { DataTable entries = new DataTable(); entries.Columns.AddRange(new DataColumn[] { new DataColumn("event_type", typeof(Int32)), new DataColumn("event_time", typeof(DateTime)), new DataColumn("event_detail", typeof(String))}); using (SqlConnection conn = new SqlConnection(DSN)) { using (SqlDataAdapter adapter = new SqlDataAdapter( "SELECT event_type, event_time, event_detail FROM event_log " + "WHERE event_time >= @start AND event_time <= @stop", conn)) { adapter.SelectCommand.Parameters.AddRange(new Object[] { new SqlParameter("@start", start), new SqlParameter("@stop", stop)}); adapter.Fill(entries); } } return entries; } Update I'd like to summarize and provide some additional information I've learned from the discussion here and debugging efforts since I originally posted this question. I am refactoring old code that retrieved records from a database, collected those records as an array, and then later iterated through the array to populate a DataGridView row by row. Threading was originally implemented to compensate and keep the UI responsive during the unnecessary looping. I have since stripped out Thread/Invoke; everything now occurs on the same execution thread (thank you, Sam). I am attempting to replace the slow, unwieldy approach using a DataTable which I can fill with a DataAdapter, and assign to the DataGridView through it's DataSource property (above code updated). I've iterated through the entries DataTable's rows to verify the table contains the expected data before assigning it as the DataGridView's DataSource. foreach (DataRow row in entries.Rows) { System.Diagnostics.Trace.WriteLine( String.Format("{0} {1} {2}", row[0], row[1], row[2])); } One of the column of the DataGridView is a custom DataGridViewColumn to stylize the event_type value. I apologize I didn't mention this before in the original post but I wasn't aware it was important to my problem. I have converted this column temporarily to a standard DataGridViewTextBoxColumn control and am no longer experiencing the Exception. The fields in the DataTable are appended to the list of fields that have been pre-specified in Design view of the DataGridView. The records' values are being populated in these appended fields. When the run time attempts to render the cell a null value is provided (as the value that should be rendered is done so a couple columns over). In light of this, I am re-titling and re-tagging the question. I would still appreciate it if others who have experienced this can instruct me on how to go about binding the DataTable to the existing column definitions of the DataGridView.

Read the article

How to overcome shortcomings in reporting from EAV database?

- by David Archer

The major shortcomings with Entity-Attribute-Value database designs in SQL all seem to be related to being able to query and report on the data efficiently and quickly. Most of the information I read on the subject warn against implementing EAV due to these problems and the commonality of querying/reporting for almost all applications. I am currently designing a system where almost all the fields necessary for data storage are not known at design/compile time and are defined by the end-user of the system. EAV seems like a good fit for this requirement but due to the problems I've read about, I am hesitant in implementing it as there are also some pretty heavy reporting requirements for this system as well. I think I've come up with a way around this but would like to pose the question to the SO community. Given that typical normalized database (OLTP) still isn't always the best option for running reports, a good practice seems to be having a "reporting" database (OLAP) where the data from the normalized database is copied to, indexed extensively, and possibly denormalized for easier querying. Could the same idea be used to work around the shortcomings of an EAV design? The main downside I see are the increased complexity of transferring the data from the EAV database to reporting as you may end up having to alter the tables in the reporting database as new fields are defined in the EAV database. But that is hardly impossible and seems to be an acceptable tradeoff for the increased flexibility given by the EAV design. This downside also exists if I use a non-SQL data store (i.e. CouchDB or similar) for the main data storage since all the standard reporting tools are expecting a SQL backend to query against. Do the issues with EAV systems mostly go away if you have a seperate reporting database for querying? EDIT: Thanks for the comments so far. One of the important things about the system I'm working on it that I'm really only talking about using EAV for one of the entities, not everything in the system. The whole gist of the system is to be able to pull data from multiple disparate sources that are not known ahead of time and crunch the data to come up with some "best known" data about a particular entity. So every "field" I'm dealing with is multi-valued and I'm also required to track history for each. The normalized design for this ends up being 1 table per field which makes querying it kind of painful anyway. Here are the table schemas and sample data I'm looking at (obviously changed from what I'm working on but I think it illustrates the point well): EAV Tables Person ------------------- - Id - Name - ------------------- - 123 - Joe Smith - ------------------- Person_Value ------------------------------------------------------------------- - PersonId - Source - Field - Value - EffectiveDate - ------------------------------------------------------------------- - 123 - CIA - HomeAddress - 123 Cherry Ln - 2010-03-26 - - 123 - DMV - HomeAddress - 561 Stoney Rd - 2010-02-15 - - 123 - FBI - HomeAddress - 676 Lancas Dr - 2010-03-01 - ------------------------------------------------------------------- Reporting Table Person_Denormalized ---------------------------------------------------------------------------------------- - Id - Name - HomeAddress - HomeAddress_Confidence - HomeAddress_EffectiveDate - ---------------------------------------------------------------------------------------- - 123 - Joe Smith - 123 Cherry Ln - 0.713 - 2010-03-26 - ---------------------------------------------------------------------------------------- Normalized Design Person ------------------- - Id - Name - ------------------- - 123 - Joe Smith - ------------------- Person_HomeAddress ------------------------------------------------------ - PersonId - Source - Value - Effective Date - ------------------------------------------------------ - 123 - CIA - 123 Cherry Ln - 2010-03-26 - - 123 - DMV - 561 Stoney Rd - 2010-02-15 - - 123 - FBI - 676 Lancas Dr - 2010-03-01 - ------------------------------------------------------ The "Confidence" field here is generated using logic that cannot be expressed easily (if at all) using SQL so my most common operation besides inserting new values will be pulling ALL data about a person for all fields so I can generate the record for the reporting table. This is actually easier in the EAV model as I can do a single query. In the normalized design, I end up having to do 1 query per field to avoid a massive cartesian product from joining them all together.

Read the article

Event receiver on Content Type not triggered on WikiPageLibrary

- by Ciprian Grosu

Hello all, I created a new content type for a wiki page library. I added this content type to library by code (the interface did not allow this). Next, I added an event receiver to this content type (on ItemAdded and ItemAdding). My problem is that no event is trrigered. If I add this events directly to the wiki page library all works fine. Is there a limitation/bug/trick ? I looked at the content type attached to the library with SharePoint Manager and in his schema the part for event receiver is missing...I know that there should be something like: <XmlDocuments> <XmlDocument NamespaceURI="http://schemas.microsoft.com/sharepoint/events"> <spe:Receivers xmlns:spe="http://schemas.microsoft.com/sharepoint/events"> <Receiver> <Name> </Name> <Type>1</Type> <SequenceNumber>10000</SequenceNumber> <Assembly>RssFeedWP, Version=1.0.0.0, Culture=neutral, PublicKeyToken=f6722cbeba696def</Assembly> <Class>RssFeedWP.ItemEventReceiver</Class> <Data> </Data> <Filter> </Filter> </Receiver> <Receiver> <Name> </Name> <Type>10001</Type> <SequenceNumber>10000</SequenceNumber> <Assembly>RssFeedWP, Version=1.0.0.0, Culture=neutral, PublicKeyToken=f6722cbeba696def</Assembly> <Class>RssFeedWP.ItemEventReceiver</Class> <Data> </Data> <Filter> </Filter> </Receiver> </spe:Receivers> </XmlDocument> If I look with SPM to the content type added to site I see this part into schema. Here is my code: public override void FeatureActivated(SPFeatureReceiverProperties properties) { using (SPWeb web = (SPWeb)properties.Feature.Parent) { // create RssWiki content type SPContentType rssFeedContentType = new SPContentType(web.AvailableContentTypes["Wiki Page"], web.ContentTypes, "RssFeed Wiki Page"); // add rssfeed url field to the new content type AddFieldToContentType(web, rssFeedContentType, "RssFeed Url", SPFieldType.Note); // add use xslt check box field to the new content type AddFieldToContentType(web, rssFeedContentType, "Use Xslt", SPFieldType.Boolean); // add xslt url field to the new content type AddFieldToContentType(web, rssFeedContentType, "Xslt Url", SPFieldType.Note); web.ContentTypes.Add(rssFeedContentType); rssFeedContentType.Update(); web.Update(); AddContentTypeToList(web, rssFeedContentType); AddEventReceiversToCT(rssFeedContentType); //AddEventReceiverToList(web); } } private void AddFieldToContentType(SPWeb web, SPContentType ct, string fieldName, SPFieldType fieldType) { SPField rssUrlField = null; try { rssUrlField = web.Fields.GetField(fieldName); } catch (Exception ex) { if (rssUrlField == null) { web.Fields.Add(fieldName, fieldType, false); } } SPFieldLink rssUrlFieldLink = new SPFieldLink(web.Fields[fieldName]); ct.FieldLinks.Add(rssUrlFieldLink); } private static void AddContentTypeToList(SPWeb web, SPContentType ct) { SPList wikiList = web.Lists[listName]; wikiList.ContentTypesEnabled = true; wikiList.ContentTypes.Add(ct); wikiList.Update(); } private static void AddEventReceiversToCT(SPContentType ct) { //add event receivers string assemblyName = System.Reflection.Assembly.GetExecutingAssembly().FullName; string ctReceiverName = "RssFeedWP.ItemEventReceiver"; ct.EventReceivers.Add(SPEventReceiverType.ItemAdding, assemblyName, ctReceiverName); ct.EventReceivers.Add(SPEventReceiverType.ItemAdded, assemblyName, ctReceiverName); ct.Update(); } Thx !

Read the article

I'm trying to handle the updates on 2 related tables in one DetailsView using Jquery and Linq, and h

- by Ben Reisner

Given two related tables (reports, report_fields) where there can be many report_fields entries for each reports entry, I need to allow the user to enter new report_fields, delete existing report_fields, and re-arrange the order. Currently I am using a DetailsView to handle the editing of the reports. I added some logic to handle report_fields, and currently it allows you to succesfully re-arrange the order, but i'm a little stumped as to the best way to add new items, or delete existing items. The basic logic I have is that each report_fields is represented by a . It has a description as the text, and a field for each field in the report_fields table. I use JQuery Sortable to allow the user to re-arrange the LIs. Abbreviated Create Table Statements:(foreign key constraint ignored for brevity) create table report( id integer primary key identity, reportname varchar(250) ) create table report_fields( id integer primary key identity, reportID integer, keyname integer, keyvalue integer, field_order integer ) My abbreviated markup: <asp:DetailsView ...> ... <asp:TemplateField HeaderText="Fields"> <EditItemTemplate> <ul class="MySortable"> <asp:Repeater ID="Repeater1" runat="server" DataSource='<%# Eval("report_fields") %>'> <ItemTemplate> <li> <%# Eval("keyname") %>: <%# Eval("keyvalue") %> <input type="hidden" name="keyname[]" value='<%# Eval("keyname") %>' /> <input type="hidden" name="keyvalue[]" value='<%# Eval("keyvalue") %>' /> </li> </ItemTemplate> </asp:Repeater> </ul> </EditItemTemplate> </asp:TemplateField> </asp:DetailsView> <asp:LinqDataSource ID="LinqDataSource2" onupdating="LinqDataSource2_Updating" table=reports ... /> $(function() { $(".MySortable").sortable({ placeholder: 'MySortable-highlight' }).disableSelection(); }); Code Behind Class: public partial class Administration_AddEditReport protected void LinqDataSource2_Updating(object sender, LinqDataSourceUpdateEventArgs e) { report r = (report)e.NewObject; MyDataContext dc = new MyDataContext(); var fields = from f in dc.report_fields where f.reportID == r.id select f; dc.report_fields.DeleteAllOnSubmit(fields); NameValueCollection nvc = Request.Params; string[] keyname = nvc["keyname[]"].Split(','); string[] keyvalue = nvc["keyvalue[]"].Split(','); for (int i = 0; i < keyname.Length; i++) { report_field rf = new report_field(); rf.reportID = r.id; rf.keyname = keyname[i]; rf.keyvalue = keyvalue[i]; rf.field_order = i; dc.report_fields.InsertOnSubmit(rf); } dc.SubmitChanges(); } }

Read the article

MySQL query works in PHPMyAdmin but not PHP

- by Su4p

I do not understand what's happening. I have a query in PHP who crashes -with a strange error-. When I copy/paste the exact same request in PHPMyAdmin it works as expected. What am I doing wrong here ? SELECT oms_patient.id, oms_patient.date, oms_patient.date_modif, date_modif, AES_DECRYPT(nom,"xxxxx") AS "Nom", AES_DECRYPT(prenom,"xxxxx") AS "Prénom usuel", DATE_FORMAT(ddn, "%d/%m/%Y") AS "Date de naissance", villeNaissance AS "Lieu de naissance (ville)", CONCAT(oms_departement.libelle,"(",id_departement,")") AS "Lieu de vie", CONCAT(oms_pays.libelle,"(",id_pays,")") AS "Pays", CONCAT(patientsexe.libelle,"(",id_sexe,")") AS "Sexe", CONCAT(patientprofession.libelle,"(",id_profession,")") AS "Profession", IF(asthme>0,"Oui","Non") AS "Asthme", IF(rhinite>0,"Oui","Non") AS "Rhinite", IF(bcpo>0,"Oui","Non") AS "BPCO", IF(insuffisanceResp>0,"Oui","Non") AS "Insuffisance respiratoire chronique", IF(chirurgieOrl>0,"Oui","Non") AS "Chirurgie ORL du ronflement", IF(autreChirurgie>0,"Oui","Non") AS "Autre chirurgie ORL", IF(allergies>0,"Oui","Non") AS "Allergies", IF(OLD>0,"Oui","Non") AS "OLD", IF(hypertensionArterielle>0,"Oui","Non") AS "Hypertension artérielle", IF(infarctusMyocarde>0,"Oui","Non") AS "Infarctus du myocarde", IF(insuffisanceCoronaire>0,"Oui","Non") AS "Insuffisance coronaire", IF(troubleRythme>0,"Oui","Non") AS "Trouble du rythme", IF(accidentVasculaireCerebral>0,"Oui","Non") AS "Accident vasculaire cérébral", IF(insuffisanceCardiaque>0,"Oui","Non") AS "Insuffisance cardiaque", IF(arteriopathie>0,"Oui","Non") AS "Artériopathie", IF(tabagismeActuel>0,"Oui","Non") AS "Tabagisme actuel", CONCAT(nbPaquetsActuel," ","PA") AS "", IF(tabagismeAncien>0,"Oui","Non") AS "Tabagisme ancien", CONCAT(nbPaquetsAncien," ","PA") AS "", IF(alcool>0,"Oui","Non") AS "Alcool (conso régulière)", IF(refluxGastro>0,"Oui","Non") AS "Reflux gastro-oesophagien", IF(glaucome>0,"Oui","Non") AS "Glaucome", IF(diabete>0,"Oui","Non") AS "Diabète", CONCAT(patienttypeDiabete.libelle,"(",id_typeDiabete,")") AS "", IF(hypercholesterolemie>0,"Oui","Non") AS "Hypercholestérolémie", IF(hypertriglyceridemie>0,"Oui","Non") AS "Hypertriglycéridémie", IF(dysthyroidie>0,"Oui","Non") AS "Dysthyroïdie", IF(depression>0,"Oui","Non") AS "Dépression", IF(sedentarite>0,"Oui","Non") AS "Sédentarité", IF(syndromeDApneesSommeil>0,"Oui","Non") AS "SAS", IF(obesite>0,"Oui","Non") AS "Obésité", IF(dysmorphieFaciale>0,"Oui","Non") AS "Dysmorphie faciale", TextObservations AS "", id_user FROM oms_patient LEFT JOIN oms_departement ON oms_departement.id = id_departement LEFT JOIN oms_pays ON oms_pays.id = id_pays LEFT JOIN patientsexe ON patientsexe.id = id_sexe LEFT JOIN patientprofession ON patientprofession.id = id_profession LEFT JOIN patienttypeDiabete ON patienttypeDiabete.id = id_typeDiabete WHERE oms_patient.id=1 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'small"(conso régulière)", IF(refluxGastro0,"Oui","Non") as "Reflux ga' at line 1 "near 'small" <-- where is small o_O The PHP code isn't really relevant cause you won't see a lot. $db = mysql_connect(); mysql_select_db();//TODO SWITCH TO PDO mysql_query("SET NAMES UTF8"); $fields = $form->getFields($form); $settingsForm = $form->getSettings(); $sql = 'SELECT oms_patient.id,oms_patient.date,oms_patient.date_modif,'; foreach ($fields as $field) { if (!$field->isMultiSelect()) { $field->select_full(&$sql, 'oms_patient', null); } } if (isset($settingsForm['linkTo'])) { $idLinkTo = 'id_' . str_replace('oms_', '', $settingsForm['linkTo']); $sql .= $idLinkTo; } $sql.=' FROM oms_patient'; foreach ($fields as $field) { if (!$field->isMultiSelect() && $field->getTable('oms_patient')) { $sql .=' LEFT JOIN ' . $field->getTable('oms_patient') . ' ON ' . $field->getTable('oms_patient') . '.id = '.$field->getFieldName().' '; } } $sql.=' where oms_patient.id=' . $this->m_settings['e']; $result = mysql_query($sql) or die('Erreur SQL !<br>' . $sql . '<br>' . mysql_error()); $data = mysql_fetch_assoc($result); var_dump of $sql string(2663) "SELECT oms_patient.id,oms_patient.date,oms_patient.date_modif,date_modif,AES_DECRYPT(nom,"xxxxx") as "Nom",AES_DECRYPT("prenom","xxxxx") as "Prénom usuel",DATE_FORMAT(ddn, "%d/%m/%Y") as "Date de naissance",villeNaissance as "Lieu de naissance (ville)",CONCAT(oms_departement.libelle,"(",id_departement,")") as "Lieu de vie",CONCAT(oms_pays.libelle,"(",id_pays,")") as "Pays",CONCAT(patientsexe.libelle,"(",id_sexe,")") as "Sexe",CONCAT(patientprofession.libelle,"(",id_profession,")") as "Profession", IF"... can't go further to see what is in the output after the "..." <-- if you have an idea

Read the article

Drupal 7 Forms API Conditional Logic not working in IE

- by Francis Yaconiello

I have a drupal 7 form with a bunch of fields: $form['account_type'] = array( '#title' => t('Utility Account Type'), '#type' => 'select', '#options' => necp_enrollment_administration_portal_account_type_options(), '#required' => TRUE, '#default_value' => isset($form_state['values']['account_type']) ? $form_state['values']['account_type'] : '', ); // Should show if account_type = 1 $form['home_wrapper'] = array( '#type' => 'fieldset', '#states' => array( 'visible' => array( ':input[name="account_type"]' => array('value' => 1), ), ), ); $form['home_wrapper']['first_name_1'] = array( '#title' => t('Primary Account First Name'), '#type' => 'textfield', '#default_value' => isset($form_state['values']['first_name_1']) ? $form_state['values']['first_name_1'] : '', '#states' => array( 'required' => array( ':input[name="account_type"]' => array('value' => 1), ), ), ); $form['home_wrapper']['last_name_1'] = array( '#title' => t('Primary Account Last Name'), '#type' => 'textfield', '#default_value' => isset($form_state['values']['last_name_1']) ? $form_state['values']['last_name_1'] : '', '#states' => array( 'required' => array( ':input[name="account_type"]' => array('value' => 1), ), ), ); // Should show if account_type = 2 $form['business_wrapper'] = array( '#type' => 'fieldset', '#states' => array( 'visible' => array( ':input[name="account_type"]' => array('value' => 2), ), ), ); $form['business_wrapper']['company_name'] = array( '#title' => t('Company/Organization'), '#type' => 'textfield', '#default_value' => isset($form_state['values']['company_name']) ? $form_state['values']['company_name'] : '', '#states' => array( 'required' => array( ':input[name="account_type"]' => array('value' => 2), ), ), ); In Firefox/Chrome/Opera all versions this form behaves as it should. However in all versions of IE the form initializes with display:none; style on all of the conditional fields regardless of what the value in account_type is. Changing the selected option of account_type does not effect the hidden status. Any tips on debugging this form would be awesome. Notes: I am not much of a Drupal developer, I inherited this site. Just trying to iron out the last couple bugs so we can go live there are more fields than are listed above, I just gave you some of the applicable ones so that you could get the gist of how my forms were setup current url for the form in development: https://northeastcleanpower.com/enroll_new I'm using http://www.browserstack.com/ to debug IE 7 - 10pp4 (I think we only have to support 8 and up though) I've also tried: ':select[name="account_type"]' => array('value' => 1), '#edit-account-type' => array('value' => 1),

Read the article

ADO program to list members of a large group.

- by AlexGomez

Hi everyone, I'm attempting to list all the members in a Active Directory group using ADO. The problem I have is that many of these groups have over 1500 members and ADSI cannot handle more than 1500 items in a multi-valued attribute. Fortunately I came across Richard Muller's wonderful VBScript that handles more than 1500 members at http://www.rlmueller.net/DocumentLargeGroup.htm I modified his code as shown below so that I can list ALL the groups and its memberships in a certain OU. However, I'm keeping getting the exception shown below: "ADODB.Recordset: Item cannot be found in the collection corresponding to the requested name or ordinal." My program appears to get stuck at: strPath = adoRecordset.Fields("ADsPath").Value Set objGroup = GetObject(strPath) All I am doing above is issuing the query to get back a recordset consisting of the ADsPath for each group in the OU. It then walks through the recordset and grabs the ADsPath for the first group and store its in a variable named strPath; we then use the value of that variable to bind to the group account for that group. It really should work! Any idea why the code below doesn't work for me? Any pointers will be great appreciated. Thanks. Option Explicit Dim objRootDSE, strDNSDomain, adoCommand Dim adoConnection, strBase, strAttributes Dim strFilter, strQuery, adoRecordset Dim strDN, intCount, blnLast, intLowRange Dim intHighRange, intRangeStep, objField Dim objGroup, objMember, strName ' Determine DNS domain name. Set objRootDSE = GetObject("LDAP://RootDSE") 'strDNSDomain = objRootDSE.Get("DefaultNamingContext") strDNSDomain = "XXXXXXXX" ' Use ADO to search Active Directory. Set adoCommand = CreateObject("ADODB.Command") Set adoConnection = CreateObject("ADODB.Connection") adoConnection.Provider = "ADsDSOObject" adoConnection.Open = "Active Directory Provider" adoCommand.ActiveConnection = adoConnection adoCommand.Properties("Page Size") = 100 adoCommand.Properties("Timeout") = 30 adoCommand.Properties("Cache Results") = False ' Specify base of search. strBase = "<LDAP://" & strDNSDomain & ">" ' Specify the attribute values to retrieve. strAttributes = "member" ' Filter on objects of class "group" strFilter = "(&(objectClass=group)(samAccountName=*))" ' Enumerate direct group members. ' Use range limits to handle more than 1000/1500 members. ' Setup to retrieve 1000 members at a time. blnLast = False intRangeStep = 999 intLowRange = 0 IntHighRange = intLowRange + intRangeStep Do While True If (blnLast = True) Then ' If last query, retrieve remaining members. strQuery = strBase & ";" & strFilter & ";" _ & strAttributes & ";range=" & intLowRange _ & "-*;subtree" Else ' If not last query, retrieve 1000 members. strQuery = strBase & ";" & strFilter & ";" _ & strAttributes & ";range=" & intLowRange & "-" _ & intHighRange & ";subtree" End If adoCommand.CommandText = strQuery Set adoRecordset = adoCommand.Execute adoRecordset.MoveFirst intCount = 0 Do Until adoRecordset.EOF strPath = adoRecordset.Fields("ADsPath").Value Set objGroup = GetObject(strPath) For Each objField In adoRecordset.Fields If (VarType(objField) = (vbArray + vbVariant)) _ Then For Each strDN In objField.Value ' Escape any forward slash characters, "/", with the backslash ' escape character. All other characters that should be escaped are. strDN = Replace(strDN, "/", "\/") ' Check dictionary object for duplicates. 'If (objGroupList.Exists(strDN) = False) Then ' Add to dictionary object. 'objGroupList.Add strDN, True ' Bind to each group member, to find member's samAccountName Set objMember = GetObject("LDAP://" & strDN) ' Output group cn, group samaAccountName and group member's samAccountName. Wscript.Echo objMember.samAccountName intCount = intCount + 1 'End if Next End If Next adoRecordset.MoveNext Loop adoRecordset.Close ' If this is the last query, exit the Do While loop. If (blnLast = True) Then Exit Do End If ' If the previous query returned no members, then the previous ' query for the next 1000 members failed. Perform one more ' query to retrieve remaining members (less than 1000). If (intCount = 0) Then blnLast = True Else ' Setup to retrieve next 1000 members. intLowRange = intHighRange + 1 intHighRange = intLowRange + intRangeStep End If Loop

Read the article

Rails ActiveRecord friendly code from a Complex Join, Sum, and Group query

- by Chad M

PROBLEM Hello, I am having no luck trying to break down this SQL statement into ActiveRecord/Rails friendly code and I'd like to learn how I can avoid a find_by_sql statement in this situation. Scenario I have users that create audits when they perform an action. Each audit is of a specific audit_activity. Each audit_activity is worth a certain number of points, based on score_weight. I need to find the total scores of each user, based on their total accumulated audit_activity score_weights. Eventually I'll need to rank them which means adding a sort to this as well. My Code Here is my sql and simplified versions of the tables in question. Any thoughts? SQL with full column names (for clarity) SELECT users.id, u.email, SUM(audit_activity.score_weight) FROM users JOIN audits ON users.id = audits.user_id JOIN audit_activities ON audit_activities.id = audits.audit_activity_id GROUP BY users.id; Models: User, Audit, AuditActivity User fields: id, email class User < ActiveRecord::Base include Clearance::User has_many :audits end Audit fields: id, user_id, audit_activity_id class Audit < ActiveRecord::Base belongs_to :user belongs_to :audit_activity end AuditActivity fields: id, score_weight class AuditActivity < ActiveRecord::Base has_many :audits end Example Data Here is a set of SQL statements so you can play with similar data I'm working with and see what comes up when the concerned query is run. You should just be able to copy/paste the whole thing into a database query browser. CREATE TABLE users( id INTEGER NOT NULL, email TEXT (25), PRIMARY KEY (id) ); CREATE TABLE audits( id INTEGER NOT NULL, user_id INTEGER, audit_activity_id INTEGER, PRIMARY KEY (id) ); CREATE TABLE audit_activities( id INTEGER NOT NULL, score_weight INTEGER, PRIMARY KEY (id) ); INSERT INTO users(id, email) VALUES(1, "[email protected]"); INSERT INTO users(id, email) VALUES(2, "[email protected]"); INSERT INTO users(id, email) VALUES(3, "[email protected]"); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(1, 1, 1); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(2, 1, 2); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(3, 1, 1); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(4, 1, 3); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(5, 1, 1); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(6, 1, 4); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(7, 2, 4); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(8, 2, 4); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(9, 2, 4); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(10, 3, 3); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(11, 3, 2); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(12, 3, 2); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(13, 3, 2); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(14, 3, 3); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(15, 3, 1); INSERT INTO audits(id, user_id, audit_activity_id) VALUES(16, 3, 1); INSERT INTO audit_activities(id, score_weight) VALUES(1, 1); INSERT INTO audit_activities(id, score_weight) VALUES(2, 2); INSERT INTO audit_activities(id, score_weight) VALUES(3, 7); INSERT INTO audit_activities(id, score_weight) VALUES(4, 11); The Query Again, here is the query. SELECT u.id, u.email, SUM(aa.score_weight) FROM users u JOIN audits a ON u.id = a.user_id JOIN audit_activities aa ON aa.id = a.audit_activity_id GROUP BY u.id; Many Thanks, Chad

Read the article

jQuery , Trigger change event on newly created elements

- by kwhohasamullet

Hi Guys, I have a button in a form that when clicked adds another set of form fields, In these form fields there are 2 drop downs where the contents of the 2nd dropdown rely on what is selected in the first dropdown... What i want to do is when the new form field button is clicked for the new items to be added and then the change event to be triggered on the drop down that was created so what only that drop down changes and not all the drop downs with the same name currently in that form. THe first drop down is called product Category The code for the addFormField function is: function addFormField() { var id = document.getElementById("field_id").value; $("#products").append("<table width='600' cellpadding='5' cellspacing='0' class='Add_Products' id='row" + id + "'><td width='250' class='left'><label>Select Product Category</label></td><td class='right' ><label><select name='" + id + "' id='ProductCategory'><?php foreach($categories as $key=>$category){ echo "<option value=".$key.">".$category."</option>"; } ?></select></label></td></tr><tr><td width='250' class='left'><label>Select Product Template</label></td><td class='right' ><label><select name='data[QuoteItem][" + id + "][product_id]' id='QuoteItem" + id + "product_id' class='Product' title='" + id + "'></select></label></td></tr><tr ><td class='left'>Name</td><td class='right'><label><input name='data[QuoteItem][" + id + "][name]' type='text' id='QuoteItem" + id + "name' size='50' /></label></td></tr><tr ><td class='left'>Price (ex GST)</td><td class='right'><input type='text' name='data[QuoteItem][" + id + "][price]' id='QuoteItem" + id + "price' onchange='totalProductPrice();' class='quote-item-price' value='0' /></td></tr><tr><td class='left'>Description</td><td class='right'><label><textarea name='data[QuoteItem][" + id + "][description]' cols='38' rows='5' id='QuoteItem" + id + "description'></textarea></label></td></tr><tr><td><a href='#' onClick='removeFormField(\"#row" + id + "\"); return false;'>Remove</a></td></tr></table>"); $('#row' + id).highlightFade({ speed:1000 }); id = (id - 1) + 2; document.getElementById("field_id").value = id; } The code that detects change in ProductCategory dropdown and triggers the AJAX is below: $("select#ProductCategory").live('change', function(){ var url = base + "/quotes/productList/" + $(this).val() + ""; var id = $(this).attr('name'); $.getJSON(url,{id: $(this).val(), ajax: 'true'}, function(j){ var options = ''; options += '<option value="0">None</option>'; $.each(j, function(key, value){ options += '<option value="' + key + '">' + value + '</option>'; }) $("select#QuoteItem" + id + "product_id").html(options); }) }).trigger('change'); I have been trying all afternoon to work this out and the closest one i got to work applied the returned ajax values to all items. Currently using the live function people can add new fields and are able to use the drops down independant of each other dropdown but its only when the field is first added that i have trouble getting is populated Thanks in advance for any help

Read the article

Need help to properly remove duplicates in NHibernate

- by Michael D. Kirkpatrick

Here is the problem I am having. I have a database with over 100 records in it. I am paging through the data to get 9 results at a time. When I added a check to see if items are active, it caused the results to start doubling up. A little background: "Product" is the actual product line "ProductSkus" are the actual products that exist in the product line When there is more then 1 ProductSku within Product, it causes a duplicate entry to be returned. See the NHibernate Query below: result = this.Session.CreateCriteria<Model.Product>() .Add(Expression.Eq("IsActive", true)) .AddOrder(new Order("Name", true)) .SetFirstResult(indexNumber).SetMaxResults(maxNumber) // This part of the query duplicates the products .CreateAlias("ProductSkus", "ProdSkus", JoinType.InnerJoin) .Add(Expression.Eq("ProdSkus.IsActive", true)) .CreateAlias("ProductToSubcategory", "ProdToSubcat") .CreateAlias("ProdToSubcat.ProductSubcategory", "ProdSubcat") .Add(Expression.Eq("ProdSubcat.ID", subCatId)) // This part takes out the duplicate products - Removes too many items... // Turns out that with .SetFirstResult(indexNumber).SetMaxResults(maxNumber) // it gets 9 records back then the duplicates are removed. // Example: // Total Records over 100 // Max = 9 // 4 Duplicates removed // Yields 5 records when there should be 9 // Why??? This line is ran in NHibernate on the data after it has been extracted from the SQL server. .SetResultTransformer(new NHibernate.Transform.DistinctRootEntityResultTransformer()) .List<Model.Product>(); I added the DistinctRootEntityResultTransformer to clean up the duplicates. The problem is that it pulls 9 records back that contains duplicates. DistinctRootEntityResultTransformer then cleans up the duplicates in the 9 records. I am basically needing a distinct statement to be ran on the SQL server to begin with. However, distinct on SQL is not going to work since NHibernate by default wants to add every field from every table in the select part of the statement. I am only using the fields that belong to the root table to begin with (Model.Product). If I can tell NHibernate to not add the fields to the joined tables into the select part of the statement along with adding Distinct, it would work. I use NHibernare Profiler to see the actual query: SELECT top 9 this_.ID as ID351_3_, this_.Name as Name351_3_, this_.Description as Descript3_351_3_, this_.IsActive as IsActive351_3_, this_.ManufacturerID as Manufact5_351_3_, prodskus1_.ID as ID373_0_, prodskus1_.Description as Descript2_373_0_, prodskus1_.PartNumber as PartNumber373_0_, prodskus1_.Price as Price373_0_, prodskus1_.IsKit as IsKit373_0_, prodskus1_.IsActive as IsActive373_0_, prodskus1_.IsFeaturedProduct as IsFeatur7_373_0_, prodskus1_.DateAdded as DateAdded373_0_, prodskus1_.Weight as Weight373_0_, prodskus1_.TimesViewed as TimesVi10_373_0_, prodskus1_.TimesOrdered as TimesOr11_373_0_, prodskus1_.ProductID as ProductID373_0_, prodskus1_.OverSizedBoxID as OverSiz13_373_0_, prodtosubc2_.ID as ID362_1_, prodtosubc2_.MasterSubcategory as MasterSu2_362_1_, prodtosubc2_.ProductID as ProductID362_1_, prodtosubc2_.ProductSubcategoryID as ProductS4_362_1_, prodsubcat3_.ID as ID352_2_, prodsubcat3_.Name as Name352_2_, prodsubcat3_.ProductCategoryID as ProductC3_352_2_, prodsubcat3_.ImageID as ImageID352_2_, prodsubcat3_.TriggerShow as TriggerS5_352_2_ FROM Product this_ inner join ProductSku prodskus1_ on this_.ID = prodskus1_.ProductID and (prodskus1_.IsActive = 1) inner join ProductToSubcategory prodtosubc2_ on this_.ID = prodtosubc2_.ProductID inner join ProductSubcategory prodsubcat3_ on prodtosubc2_.ProductSubcategoryID = prodsubcat3_.ID WHERE this_.IsActive = 1 /* @p0 */ and prodskus1_.IsActive = 1 /* @p1 */ and prodsubcat3_.ID = 3 /* @p2 */ ORDER BY this_.Name asc If I hand modify the query and run it directly on the SQL server I get the result set I want (I removed all the extra fields in the select section and added DISTINCT): SELECT DISTINCT top 9 this_.ID as ID351_3_, this_.Name as Name351_3_, this_.Description as Descript3_351_3_, this_.IsActive as IsActive351_3_, this_.ManufacturerID as Manufact5_351_3_, FROM Product this_ inner join ProductSku prodskus1_ on this_.ID = prodskus1_.ProductID and (prodskus1_.IsActive = 1) inner join ProductToSubcategory prodtosubc2_ on this_.ID = prodtosubc2_.ProductID inner join ProductSubcategory prodsubcat3_ on prodtosubc2_.ProductSubcategoryID = prodsubcat3_.ID WHERE this_.IsActive = 1 /* @p0 */ and prodskus1_.IsActive = 1 /* @p1 */ and prodsubcat3_.ID = 3 /* @p2 */ ORDER BY this_.Name asc The big question I now must ask is... What must I change in the NHibernate Query to ultimately get the exact same result? Thanks in advance.

Read the article

How to fix “SearchAdministration.aspx webpage cannot be found. 404”

- by ybbest

Problems: One of my colleague is having a wired issue today with Search Service Application in SharePoint2010.After he created the Search Service Application, he could not browse to the Search Administration (http://ybbest:5555/searchadministration.aspx?appid=6508b5cc-e19a-4bdc-89b3-05d984999e3c) ,he got 404 page not found every time he browse to the page. Analysis After some basic trouble-shooting, it turns out we can browse to any other page in the search application ,e.g. Manage Content Sources(/_admin/search/listcontentsources.aspx) or Manage Crawl Rules(/_admin/search/managecrawlrules.aspx).After some more research , we think some of the web parts in the Search Administration page might cause the problem. Solution You need to activate a hidden feature using #Enable-SPFeature SearchAdminWebParts -url <central admin URL> Enable-SPFeature SearchAdminWebParts -url http://ybbest:5555 If the feature is already enabled, you need to disable the feature first and then enable it. Disable-SPFeature SearchAdminWebParts -url http://ybbest:5555 Enable-SPFeature SearchAdminWebParts -url http://ybbest:5555 References: MSDN Forum

Read the article

Guarding against CSRF Attacks in ASP.NET MVC2

- by srkirkland

Alongside XSS (Cross Site Scripting) and SQL Injection, Cross-site Request Forgery (CSRF) attacks represent the three most common and dangerous vulnerabilities to common web applications today. CSRF attacks are probably the least well known but they are relatively easy to exploit and extremely and increasingly dangerous. For more information on CSRF attacks, see these posts by Phil Haack and Steve Sanderson. The recognized solution for preventing CSRF attacks is to put a user-specific token as a hidden field inside your forms, then check that the right value was submitted. It's best to use a random value which you’ve stored in the visitor’s Session collection or into a Cookie (so an attacker can't guess the value). ASP.NET MVC to the rescue ASP.NET MVC provides an HTMLHelper called AntiForgeryToken(). When you call <%= Html.AntiForgeryToken() %> in a form on your page you will get a hidden input and a Cookie with a random string assigned. Next, on your target Action you need to include [ValidateAntiForgeryToken], which handles the verification that the correct token was supplied. Good, but we can do better Using the AntiForgeryToken is actually quite an elegant solution, but adding [ValidateAntiForgeryToken] on all of your POST methods is not very DRY, and worse can be easily forgotten. Let's see if we can make this easier on the program but moving from an "Opt-In" model of protection to an "Opt-Out" model. Using AntiForgeryToken by default In order to mandate the use of the AntiForgeryToken, we're going to create an ActionFilterAttribute which will do the anti-forgery validation on every POST request. First, we need to create a way to Opt-Out of this behavior, so let's create a quick action filter called BypassAntiForgeryToken: [AttributeUsage(AttributeTargets.Method, AllowMultiple=false)] public class BypassAntiForgeryTokenAttribute : ActionFilterAttribute { } Now we are ready to implement the main action filter which will force anti forgery validation on all post actions within any class it is defined on: [AttributeUsage(AttributeTargets.Class, AllowMultiple = false)] public class UseAntiForgeryTokenOnPostByDefault : ActionFilterAttribute { public override void OnActionExecuting(ActionExecutingContext filterContext) { if (ShouldValidateAntiForgeryTokenManually(filterContext)) { var authorizationContext = new AuthorizationContext(filterContext.Controller.ControllerContext); //Use the authorization of the anti forgery token, //which can't be inhereted from because it is sealed new ValidateAntiForgeryTokenAttribute().OnAuthorization(authorizationContext); } base.OnActionExecuting(filterContext); } /// <summary> /// We should validate the anti forgery token manually if the following criteria are met: /// 1. The http method must be POST /// 2. There is not an existing [ValidateAntiForgeryToken] attribute on the action /// 3. There is no [BypassAntiForgeryToken] attribute on the action /// </summary> private static bool ShouldValidateAntiForgeryTokenManually(ActionExecutingContext filterContext) { var httpMethod = filterContext.HttpContext.Request.HttpMethod; //1. The http method must be POST if (httpMethod != "POST") return false; // 2. There is not an existing anti forgery token attribute on the action var antiForgeryAttributes = filterContext.ActionDescriptor.GetCustomAttributes(typeof(ValidateAntiForgeryTokenAttribute), false); if (antiForgeryAttributes.Length > 0) return false; // 3. There is no [BypassAntiForgeryToken] attribute on the action var ignoreAntiForgeryAttributes = filterContext.ActionDescriptor.GetCustomAttributes(typeof(BypassAntiForgeryTokenAttribute), false); if (ignoreAntiForgeryAttributes.Length > 0) return false; return true; } } The code above is pretty straight forward -- first we check to make sure this is a POST request, then we make sure there aren't any overriding *AntiForgeryTokenAttributes on the action being executed. If we have a candidate then we call the ValidateAntiForgeryTokenAttribute class directly and execute OnAuthorization() on the current authorization context. Now on our base controller, you could use this new attribute to start protecting your site from CSRF vulnerabilities. [UseAntiForgeryTokenOnPostByDefault] public class ApplicationController : System.Web.Mvc.Controller { } //Then for all of your controllers public class HomeController : ApplicationController {} What we accomplished If your base controller has the new default anti-forgery token attribute on it, when you don't use <%= Html.AntiForgeryToken() %> in a form (or of course when an attacker doesn't supply one), the POST action will throw the descriptive error message "A required anti-forgery token was not supplied or was invalid". Attack foiled! In summary, I think having an anti-CSRF policy by default is an effective way to protect your websites, and it turns out it is pretty easy to accomplish as well. Enjoy!

Read the article

Toorcon14

- by danx

Toorcon 2012 Information Security Conference San Diego, CA, http://www.toorcon.org/ Dan Anderson, October 2012 It's almost Halloween, and we all know what that means—yes, of course, it's time for another Toorcon Conference! Toorcon is an annual conference for people interested in computer security. This includes the whole range of hackers, computer hobbyists, professionals, security consultants, press, law enforcement, prosecutors, FBI, etc. We're at Toorcon 14—see earlier blogs for some of the previous Toorcon's I've attended (back to 2003). This year's "con" was held at the Westin on Broadway in downtown San Diego, California. The following are not necessarily my views—I'm just the messenger—although I could have misquoted or misparaphrased the speakers. Also, I only reviewed some of the talks, below, which I attended and interested me. MalAndroid—the Crux of Android Infections, Aditya K. Sood Programming Weird Machines with ELF Metadata, Rebecca "bx" Shapiro Privacy at the Handset: New FCC Rules?, Valkyrie Hacking Measured Boot and UEFI, Dan Griffin You Can't Buy Security: Building the Open Source InfoSec Program, Boris Sverdlik What Journalists Want: The Investigative Reporters' Perspective on Hacking, Dave Maas & Jason Leopold Accessibility and Security, Anna Shubina Stop Patching, for Stronger PCI Compliance, Adam Brand McAfee Secure & Trustmarks — a Hacker's Best Friend, Jay James & Shane MacDougall MalAndroid—the Crux of Android Infections Aditya K. Sood, IOActive, Michigan State PhD candidate Aditya talked about Android smartphone malware. There's a lot of old Android software out there—over 50% Gingerbread (2.3.x)—and most have unpatched vulnerabilities. Of 9 Android vulnerabilities, 8 have known exploits (such as the old Gingerbread Global Object Table exploit). Android protection includes sandboxing, security scanner, app permissions, and screened Android app market. The Android permission checker has fine-grain resource control, policy enforcement. Android static analysis also includes a static analysis app checker (bouncer), and a vulnerablity checker. What security problems does Android have? User-centric security, which depends on the user to grant permission and make smart decisions. But users don't care or think about malware (the're not aware, not paranoid). All they want is functionality, extensibility, mobility Android had no "proper" encryption before Android 3.0 No built-in protection against social engineering and web tricks Alternative Android app markets are unsafe. Simply visiting some markets can infect Android Aditya classified Android Malware types as: Type A—Apps. These interact with the Android app framework. For example, a fake Netflix app. Or Android Gold Dream (game), which uploads user files stealthy manner to a remote location. Type K—Kernel. Exploits underlying Linux libraries or kernel Type H—Hybrid. These use multiple layers (app framework, libraries, kernel). These are most commonly used by Android botnets, which are popular with Chinese botnet authors What are the threats from Android malware? These incude leak info (contacts), banking fraud, corporate network attacks, malware advertising, malware "Hackivism" (the promotion of social causes. For example, promiting specific leaders of the Tunisian or Iranian revolutions. Android malware is frequently "masquerated". That is, repackaged inside a legit app with malware. To avoid detection, the hidden malware is not unwrapped until runtime. The malware payload can be hidden in, for example, PNG files. Less common are Android bootkits—there's not many around. What they do is hijack the Android init framework—alteering system programs and daemons, then deletes itself. For example, the DKF Bootkit (China). Android App Problems: no code signing! all self-signed native code execution permission sandbox — all or none alternate market places no robust Android malware detection at network level delayed patch process Programming Weird Machines with ELF Metadata Rebecca "bx" Shapiro, Dartmouth College, NH https://github.com/bx/elf-bf-tools @bxsays on twitter Definitions. "ELF" is an executable file format used in linking and loading executables (on UNIX/Linux-class machines). "Weird machine" uses undocumented computation sources (I think of them as unintended virtual machines). Some examples of "weird machines" are those that: return to weird location, does SQL injection, corrupts the heap. Bx then talked about using ELF metadata as (an uintended) "weird machine". Some ELF background: A compiler takes source code and generates a ELF object file (hello.o). A static linker makes an ELF executable from the object file. A runtime linker and loader takes ELF executable and loads and relocates it in memory. The ELF file has symbols to relocate functions and variables. ELF has two relocation tables—one at link time and another one at loading time: .rela.dyn (link time) and .dynsym (dynamic table). GOT: Global Offset Table of addresses for dynamically-linked functions. PLT: Procedure Linkage Tables—works with GOT. The memory layout of a process (not the ELF file) is, in order: program (+ heap), dynamic libraries, libc, ld.so, stack (which includes the dynamic table loaded into memory) For ELF, the "weird machine" is found and exploited in the loader. ELF can be crafted for executing viruses, by tricking runtime into executing interpreted "code" in the ELF symbol table. One can inject parasitic "code" without modifying the actual ELF code portions. Think of the ELF symbol table as an "assembly language" interpreter. It has these elements: instructions: Add, move, jump if not 0 (jnz) Think of symbol table entries as "registers" symbol table value is "contents" immediate values are constants direct values are addresses (e.g., 0xdeadbeef) move instruction: is a relocation table entry add instruction: relocation table "addend" entry jnz instruction: takes multiple relocation table entries The ELF weird machine exploits the loader by relocating relocation table entries. The loader will go on forever until told to stop. It stores state on stack at "end" and uses IFUNC table entries (containing function pointer address). The ELF weird machine, called "Brainfu*k" (BF) has: 8 instructions: pointer inc, dec, inc indirect, dec indirect, jump forward, jump backward, print. Three registers - 3 registers Bx showed example BF source code that implemented a Turing machine printing "hello, world". More interesting was the next demo, where bx modified ping. Ping runs suid as root, but quickly drops privilege. BF modified the loader to disable the library function call dropping privilege, so it remained as root. Then BF modified the ping -t argument to execute the -t filename as root. It's best to show what this modified ping does with an example: $ whoami bx $ ping localhost -t backdoor.sh # executes backdoor $ whoami root $ The modified code increased from 285948 bytes to 290209 bytes. A BF tool compiles "executable" by modifying the symbol table in an existing ELF executable. The tool modifies .dynsym and .rela.dyn table, but not code or data. Privacy at the Handset: New FCC Rules? "Valkyrie" (Christie Dudley, Santa Clara Law JD candidate) Valkyrie talked about mobile handset privacy. Some background: Senator Franken (also a comedian) became alarmed about CarrierIQ, where the carriers track their customers. Franken asked the FCC to find out what obligations carriers think they have to protect privacy. The carriers' response was that they are doing just fine with self-regulation—no worries! Carriers need to collect data, such as missed calls, to maintain network quality. But carriers also sell data for marketing. Verizon sells customer data and enables this with a narrow privacy policy (only 1 month to opt out, with difficulties). The data sold is not individually identifiable and is aggregated. But Verizon recommends, as an aggregation workaround to "recollate" data to other databases to identify customers indirectly. The FCC has regulated telephone privacy since 1934 and mobile network privacy since 2007. Also, the carriers say mobile phone privacy is a FTC responsibility (not FCC). FTC is trying to improve mobile app privacy, but FTC has no authority over carrier / customer relationships. As a side note, Apple iPhones are unique as carriers have extra control over iPhones they don't have with other smartphones. As a result iPhones may be more regulated. Who are the consumer advocates? Everyone knows EFF, but EPIC (Electrnic Privacy Info Center), although more obsecure, is more relevant. What to do? Carriers must be accountable. Opt-in and opt-out at any time. Carriers need incentive to grant users control for those who want it, by holding them liable and responsible for breeches on their clock. Location information should be added current CPNI privacy protection, and require "Pen/trap" judicial order to obtain (and would still be a lower standard than 4th Amendment). Politics are on a pro-privacy swing now, with many senators and the Whitehouse. There will probably be new regulation soon, and enforcement will be a problem, but consumers will still have some benefit. Hacking Measured Boot and UEFI Dan Griffin, JWSecure, Inc., Seattle, @JWSdan Dan talked about hacking measured UEFI boot. First some terms: UEFI is a boot technology that is replacing BIOS (has whitelisting and blacklisting). UEFI protects devices against rootkits. TPM - hardware security device to store hashs and hardware-protected keys "secure boot" can control at firmware level what boot images can boot "measured boot" OS feature that tracks hashes (from BIOS, boot loader, krnel, early drivers). "remote attestation" allows remote validation and control based on policy on a remote attestation server. Microsoft pushing TPM (Windows 8 required), but Google is not. Intel TianoCore is the only open source for UEFI. Dan has Measured Boot Tool at http://mbt.codeplex.com/ with a demo where you can also view TPM data. TPM support already on enterprise-class machines. UEFI Weaknesses. UEFI toolkits are evolving rapidly, but UEFI has weaknesses: assume user is an ally trust TPM implicitly, and attached to computer hibernate file is unprotected (disk encryption protects against this) protection migrating from hardware to firmware delays in patching and whitelist updates will UEFI really be adopted by the mainstream (smartphone hardware support, bank support, apathetic consumer support) You Can't Buy Security: Building the Open Source InfoSec Program Boris Sverdlik, ISDPodcast.com co-host Boris talked about problems typical with current security audits. "IT Security" is an oxymoron—IT exists to enable buiness, uptime, utilization, reporting, but don't care about security—IT has conflict of interest. There's no Magic Bullet ("blinky box"), no one-size-fits-all solution (e.g., Intrusion Detection Systems (IDSs)). Regulations don't make you secure. The cloud is not secure (because of shared data and admin access). Defense and pen testing is not sexy. Auditors are not solution (security not a checklist)—what's needed is experience and adaptability—need soft skills. Step 1: First thing is to Google and learn the company end-to-end before you start. Get to know the management team (not IT team), meet as many people as you can. Don't use arbitrary values such as CISSP scores. Quantitive risk assessment is a myth (e.g. AV*EF-SLE). Learn different Business Units, legal/regulatory obligations, learn the business and where the money is made, verify company is protected from script kiddies (easy), learn sensitive information (IP, internal use only), and start with low-hanging fruit (customer service reps and social engineering). Step 2: Policies. Keep policies short and relevant. Generic SANS "security" boilerplate policies don't make sense and are not followed. Focus on acceptable use, data usage, communications, physical security. Step 3: Implementation: keep it simple stupid. Open source, although useful, is not free (implementation cost). Access controls with authentication & authorization for local and remote access. MS Windows has it, otherwise use OpenLDAP, OpenIAM, etc. Application security Everyone tries to reinvent the wheel—use existing static analysis tools. Review high-risk apps and major revisions. Don't run different risk level apps on same system. Assume host/client compromised and use app-level security control. Network security VLAN != segregated because there's too many workarounds. Use explicit firwall rules, active and passive network monitoring (snort is free), disallow end user access to production environment, have a proxy instead of direct Internet access. Also, SSL certificates are not good two-factor auth and SSL does not mean "safe." Operational Controls Have change, patch, asset, & vulnerability management (OSSI is free). For change management, always review code before pushing to production For logging, have centralized security logging for business-critical systems, separate security logging from administrative/IT logging, and lock down log (as it has everything). Monitor with OSSIM (open source). Use intrusion detection, but not just to fulfill a checkbox: build rules from a whitelist perspective (snort). OSSEC has 95% of what you need. Vulnerability management is a QA function when done right: OpenVas and Seccubus are free. Security awareness The reality is users will always click everything. Build real awareness, not compliance driven checkbox, and have it integrated into the culture. Pen test by crowd sourcing—test with logging COSSP http://www.cossp.org/ - Comprehensive Open Source Security Project What Journalists Want: The Investigative Reporters' Perspective on Hacking Dave Maas, San Diego CityBeat Jason Leopold, Truthout.org The difference between hackers and investigative journalists: For hackers, the motivation varies, but method is same, technological specialties. For investigative journalists, it's about one thing—The Story, and they need broad info-gathering skills. J-School in 60 Seconds: Generic formula: Person or issue of pubic interest, new info, or angle. Generic criteria: proximity, prominence, timeliness, human interest, oddity, or consequence. Media awareness of hackers and trends: journalists becoming extremely aware of hackers with congressional debates (privacy, data breaches), demand for data-mining Journalists, use of coding and web development for Journalists, and Journalists busted for hacking (Murdock). Info gathering by investigative journalists include Public records laws. Federal Freedom of Information Act (FOIA) is good, but slow. California Public Records Act is a lot stronger. FOIA takes forever because of foot-dragging—it helps to be specific. Often need to sue (especially FBI). CPRA is faster, and requests can be vague. Dumps and leaks (a la Wikileaks) Journalists want: leads, protecting ourselves, our sources, and adapting tools for news gathering (Google hacking). Anonomity is important to whistleblowers. They want no digital footprint left behind (e.g., email, web log). They don't trust encryption, want to feel safe and secure. Whistleblower laws are very weak—there's no upside for whistleblowers—they have to be very passionate to do it. Accessibility and Security or: How I Learned to Stop Worrying and Love the Halting Problem Anna Shubina, Dartmouth College Anna talked about how accessibility and security are related. Accessibility of digital content (not real world accessibility). mostly refers to blind users and screenreaders, for our purpose. Accessibility is about parsing documents, as are many security issues. "Rich" executable content causes accessibility to fail, and often causes security to fail. For example MS Word has executable format—it's not a document exchange format—more dangerous than PDF or HTML. Accessibility is often the first and maybe only sanity check with parsing. They have no choice because someone may want to read what you write. Google, for example, is very particular about web browser you use and are bad at supporting other browsers. Uses JavaScript instead of links, often requiring mouseover to display content. PDF is a security nightmare. Executible format, embedded flash, JavaScript, etc. 15 million lines of code. Google Chrome doesn't handle PDF correctly, causing several security bugs. PDF has an accessibility checker and PDF tagging, to help with accessibility. But no PDF checker checks for incorrect tags, untagged content, or validates lists or tables. None check executable content at all. The "Halting Problem" is: can one decide whether a program will ever stop? The answer, in general, is no (Rice's theorem). The same holds true for accessibility checkers. Language-theoretic Security says complicated data formats are hard to parse and cannot be solved due to the Halting Problem. W3C Web Accessibility Guidelines: "Perceivable, Operable, Understandable, Robust" Not much help though, except for "Robust", but here's some gems: * all information should be parsable (paraphrasing) * if not parsable, cannot be converted to alternate formats * maximize compatibility in new document formats Executible webpages are bad for security and accessibility. They say it's for a better web experience. But is it necessary to stuff web pages with JavaScript for a better experience? A good example is The Drudge Report—it has hand-written HTML with no JavaScript, yet drives a lot of web traffic due to good content. A bad example is Google News—hidden scrollbars, guessing user input. Solutions: Accessibility and security problems come from same source Expose "better user experience" myth Keep your corner of Internet parsable Remember "Halting Problem"—recognize false solutions (checking and verifying tools) Stop Patching, for Stronger PCI Compliance Adam Brand, protiviti @adamrbrand, http://www.picfun.com/ Adam talked about PCI compliance for retail sales. Take an example: for PCI compliance, 50% of Brian's time (a IT guy), 960 hours/year was spent patching POSs in 850 restaurants. Often applying some patches make no sense (like fixing a browser vulnerability on a server). "Scanner worship" is overuse of vulnerability scanners—it gives a warm and fuzzy and it's simple (red or green results—fix reds). Scanners give a false sense of security. In reality, breeches from missing patches are uncommon—more common problems are: default passwords, cleartext authentication, misconfiguration (firewall ports open). Patching Myths: Myth 1: install within 30 days of patch release (but PCI Â§6.1 allows a "risk-based approach" instead). Myth 2: vendor decides what's critical (also PCI Â§6.1). But Â§6.2 requires user ranking of vulnerabilities instead. Myth 3: scan and rescan until it passes. But PCI Â§11.2.1b says this applies only to high-risk vulnerabilities. Adam says good recommendations come from NIST 800-40. Instead use sane patching and focus on what's really important. From NIST 800-40: Proactive: Use a proactive vulnerability management process: use change control, configuration management, monitor file integrity. Monitor: start with NVD and other vulnerability alerts, not scanner results. Evaluate: public-facing system? workstation? internal server? (risk rank) Decide:on action and timeline Test: pre-test patches (stability, functionality, rollback) for change control Install: notify, change control, tickets McAfee Secure & Trustmarks — a Hacker's Best Friend Jay James, Shane MacDougall, Tactical Intelligence Inc., Canada "McAfee Secure Trustmark" is a website seal marketed by McAfee. A website gets this badge if they pass their remote scanning. The problem is a removal of trustmarks act as flags that you're vulnerable. Easy to view status change by viewing McAfee list on website or on Google. "Secure TrustGuard" is similar to McAfee. Jay and Shane wrote Perl scripts to gather sites from McAfee and search engines. If their certification image changes to a 1x1 pixel image, then they are longer certified. Their scripts take deltas of scans to see what changed daily. The bottom line is change in TrustGuard status is a flag for hackers to attack your site. Entire idea of seals is silly—you're raising a flag saying if you're vulnerable.

Search Results

Search found 12046 results on 482 pages for 'hidden fields'.

Page 161/482 | < Previous Page | 157 158 159 160 161 162 163 164 165 166 167 168 | Next Page >

- by l33tnerd

- by Chevex

- by arunabha

- by denja

- by Devner

- by Suprie

- by dhaliwaljee

- by Mouli

- by Abijah

- by greenpool

- by user75228

- by Dave

- by Timothy

- by David Archer

- by Ciprian Grosu

- by Ben Reisner

- by Su4p

- by Francis Yaconiello

- by AlexGomez

- by Chad M

- by kwhohasamullet

- by Michael D. Kirkpatrick

- by ybbest

- by srkirkland

- by danx

< Previous Page | 157 158 159 160 161 162 163 164 165 166 167 168 | Next Page >