Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 185/3920 | < Previous Page | 181 182 183 184 185 186 187 188 189 190 191 192  | Next Page >

  • Is this the most effect simple way to display a moving image? SDL2

    - by user36324
    I've looked around for tutorials on SDL2, but there isnt many so I am curious i was messing around and is this an effective way to move an image. One problem is that it drags along the image to where it moves. #include "SDL.h" #include "SDL_image.h" int main(int argc, char* argv[]) { bool exit = false; SDL_Init(SDL_INIT_EVERYTHING); SDL_Window *win = SDL_CreateWindow("Hello World!", 100, 100, 640, 480, SDL_WINDOW_SHOWN); SDL_Renderer *ren = SDL_CreateRenderer(win, -1, SDL_RENDERER_ACCELERATED | SDL_RENDERER_PRESENTVSYNC); SDL_Surface *png = IMG_Load("character.png"); SDL_Rect src; src.x = 0; src.y = 0; src.w = 161; src.h = 159; SDL_Rect dest; dest.x = 50; dest.y = 50; dest.w = 161; dest.h = 159; SDL_Texture *tex = SDL_CreateTextureFromSurface(ren, png); SDL_FreeSurface(png); while(exit==false){ dest.x++; SDL_RenderClear(ren); SDL_RenderCopy(ren, tex, &src, &dest); SDL_RenderPresent(ren); } SDL_Delay(5000); SDL_DestroyTexture(tex); SDL_DestroyRenderer(ren); SDL_DestroyWindow(win); SDL_Quit(); }

    Read the article

  • Looking for a code Plugin !!

    - by GrumpyOldDBA
    SET ANSI_NULLS ON SET QUOTED_IDENTIFIER ON GO IF NOT EXISTS( SELECT 1 FROM INFORMATION_SCHEMA . TABLES WHERE TABLE_SCHEMA = 'dbo' AND TABLE_NAME = 'MSPaymentForExtraction' ) BEGIN CREATE TABLE [dbo] . [MSPaymentForExtraction] ( [MSPaymentID] [int] NOT NULL IDENTITY ( 1 , 1 ) NOT FOR REPLICATION ) ON [PRIMARY] END GO...(read more)

    Read the article

  • What should NOT be included in comments? (opinion on a dictum by the inventor of Forth)

    - by AKE
    The often provocative Chuck Moore (inventor of the Forth language) gave the following advice (paraphrasing): "Use comments sparingly. Programs are self-documenting, with a modicum of help from mnemonics. Comments should say WHAT the program is doing, not HOW." My question: Should comments say WHY the program is doing what it is doing? Update: In addition to the answers below, these two provide additional insight. 1: Beginner's guide to writing comments? 2: http://programmers.stackexchange.com/a/98609/62203

    Read the article

  • Which modules can be disabled in apache2.4 on windows

    - by j0h
    I have an Apache 2.4 webserver running on Windows. I am looking into system hardening and the config file httpd.conf. There are numerous load modules and I am wondering which modules I can safely disable for performance and / or security improvements. Some examples of things I would think I can disable are: LoadModule cgi_module others like LoadModule rewrite_module LoadModule version_module LoadModule proxy_module LoadModule setenvif_module I am not so sure they can be disabled. I am running php5 as a scripting engine, with no databases, and that is it. My loaded modules are: core mod_win32 mpm_winnt http_core mod_so mod_access_compat mod_actions mod_alias mod_allowmethods mod_asis mod_auth_basic mod_authn_core mod_authn_file mod_authz_core mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_dav_lock mod_dir mod_env mod_headers mod_include mod_info mod_isapi mod_log_config mod_cache_disk mod_mime mod_negotiation mod_proxy mod_proxy_ajp mod_rewrite mod_setenvif mod_socache_shmcb mod_ssl mod_status mod_version mod_php5

    Read the article

  • Ownership/permissions of uploaded files

    - by Cudos
    Hello. I want to find out if I am on the right track. My script uploads files to the directory "images". The directory has this setup: owner/group = www-data Permissions = 700 Questions: Is this a good way to secure the directory from a hacker uploading files? Will the hacker be able to upload the files directly to the directory? Note: I have a bunch of other security measures in my upload script + an .htaccess script in the directory that disables script Execution. I just what to know if the permissions on the directory is sensible. I run apache 2.2

    Read the article

  • Hopping/Tumbling Windows Could Introduce Latency.

    This is a pre-article to one I am going to be writing on adjusting an event’s time and duration to satisfy business process requirements but it is one that I think is really useful when understanding the way that Hopping/Tumbling windows work within StreamInsight.  A Tumbling window is just a special shortcut version of  a Hopping window where the width of the window is equal to the size of the hop Here is the simplest and often used definition for a Hopping Window.  You can find them all here public static CepWindowStream<CepWindow<TPayload>> HoppingWindow<TPayload>(     this CepStream<TPayload> source,     TimeSpan windowSize,     TimeSpan hopSize,     WindowInputPolicy inputPolicy,     HoppingWindowOutputPolicy outputPolicy )   And here is the definition for a Tumbling Window public static CepWindowStream<CepWindow<TPayload>> TumblingWindow<TPayload>(     this CepStream<TPayload> source,     TimeSpan windowSize,     WindowInputPolicy inputPolicy,     HoppingWindowOutputPolicy outputPolicy )   These methods allow you to group events into windows of a temporal size.  It is a really useful and simple feature in StreamInsight.  One of the downsides though is that the windows cannot be flushed until an event in a following window occurs.  This means that you will potentially never see some events or see them with a delay.  Let me explain. Remember that a stream is a potentially unbounded sequence of events. Events in StreamInsight are given a StartTime.  It is this StartTime that is used to calculate into which temporal window an event falls.  It is best practice to assign a timestamp from the source system and not one from the system clock on the processing server.  StreamInsight cannot know when a window is over.  It cannot tell whether you have received all events in the window or whether some events have been delayed which means that StreamInsight cannot flush the stream for you.   Imagine you have events with the following Timestamps 12:10:10 PM 12:10:20 PM 12:10:35 PM 12:10:45 PM 11:59:59 PM And imagine that you have defined a 1 minute Tumbling Window over this stream using the following syntax var HoppingStream = from shift in inputStream.TumblingWindow(TimeSpan.FromMinutes(1),HoppingWindowOutputPolicy.ClipToWindowEnd) select new WindowCountPayload { CountInWindow = (Int32)shift.Count() };   The events between 12:10:10 PM and 12:10:45 PM will not be seen until the event at 11:59:59 PM arrives.  This could be a real problem if you need to react to windows promptly This can always be worked around by using a different design pattern but a lot of the examples I see assume there is a constant, very frequent stream of events resulting in windows always being flushed. Further examples of using windowing in StreamInsight can be found here

    Read the article

  • How do you plan your asynchronous code?

    - by NullOrEmpty
    I created a library that is a invoker for a web service somewhere else. The library exposes asynchronous methods, since web service calls are a good candidate for that matter. At the beginning everything was just fine, I had methods with easy to understand operations in a CRUD fashion, since the library is a kind of repository. But then business logic started to become complex, and some of the procedures involves the chaining of many of these asynchronous operations, sometimes with different paths depending on the result value, etc.. etc.. Suddenly, everything is very messy, to stop the execution in a break point it is not very helpful, to find out what is going on or where in the process timeline have you stopped become a pain... Development becomes less quick, less agile, and to catch those bugs that happens once in a 1000 times becomes a hell. From the technical point, a repository that exposes asynchronous methods looked like a good idea, because some persistence layers could have delays, and you can use the async approach to do the most of your hardware. But from the functional point of view, things became very complex, and considering those procedures where a dozen of different calls were needed... I don't know the real value of the improvement. After read about TPL for a while, it looked like a good idea for managing tasks, but in the moment you have to combine them and start to reuse existing functionality, things become very messy. I have had a good experience using it for very concrete scenarios, but bad experience using them broadly. How do you work asynchronously? Do you use it always? Or just for long running processes? Thanks.

    Read the article

  • Why would Remote Assistance work but not Remote Desktop?

    - by Craig Johnston
    I have managed to get Remote Assistance working between two XP-Pro machines, but as soon as I try Remote Desktop I can't even get to the login screen without an error which gives a list of possibilities and concludes with "See your network administrator", which isn't very helpful. I have ramped up the security level on Remote Desktop including turning on encryption etc. Could this be the problem? I will only get a few hours on the machine at a time so I need to be well-prepared before I attack this problem again. Any ideas?

    Read the article

  • What happened to the this type of naming convention?

    - by Smith
    I have read so many docs about naming conventions, most recommending both Pascal and Camel naming conventions. Well, I agree to this, it's ok. This might not be pleasing to some, but I am just trying to get your opinion on why you name your objects and classes in a certain way. What happened to this type of naming conventions, and/or why are they bad? I want to name a structure, and I prefix it with "struct". My reason is that, with IntelliSense, I see all structures in one place, and anywhere I see the struct prefix, I know it's a "struct": structPerson structPosition another example is the enum, although I may not prefix it with "enum", but maybe with "enm": enmFruits enmSex again my reason is that in IntelliSense, I see all my enumerations in one place. Because .NET has so many built-in data structures, I think this helps me do less searching. Note that I used .NET in this example, but I welcome language agnostic answers.

    Read the article

  • What is best practice for search engines when a website is under maintenance?

    - by jamescridland
    I need around a week to transition a heavily data-driven website from one back end to another. During that time I do plan to attempt to keep some pages live, but they won't all work well or look brilliant. Some pages won't work at all. What is the best way to ensure I don't scare Google? Should I hide everything from robots.txt, or mark everything that doesn't work as "503", or are there other things that I should be considering?

    Read the article

  • What are some best practices for minimizing code?

    - by CrystalBlue
    While maintaining the sites our development team has created, we have come across include files and plugins that have proven to be very useful to more then one part of our applications. Most of these modules have come with two different files, a normal source file and a min file. Seeing that the performance and speed of a page can be increased by minimizing the size of the file, we're looking into doing that to our pages as well. The problem that we run into is a lot of our normal pages (written in ASP classic) is a mix of HTML, ASP, Javascript, CSS, and include files. We have some pages that have their JS both in include files and in the page, depending on if the function is only really used in that page or if it's used in many other pages. For example, we have a common.js and an ajax.js file, both are used in a lot of pages, but not all of them. As well as having some functions in a page that doesn't really make sense to put into one master page. What I have seen a few other people do online is use one master JS file and place all of their javascript into that, minify it, gzip it, and only use that on their production server. Again, this would be great, but I don't know if that fully works for our purposes. What I'm looking for is some direction to go with on this. I'm in favor of taking all of our JS and putting it in one include file, and just having it included in every page that is hit. However, not every page we have needs every bit of JS. So would it be worth the compilation and minifying of the files into one master file and include it everywhere, or would it be better to minify all other files and still include them on a need-to-use basis?

    Read the article

  • Identifying program attempting to install certificate on windows

    - by R..
    I'm trying to help a friend using Windows (which I'm not an expert on by any means) who's experiencing malware-like behavior: a dialog box is repeatedly popping up reading: You are about to install a certificate from a certification authority (CA) claiming to represent: CE_UmbrellaCert Warning: If you install this root certificate, Windows will automatically trust any certificate issued by this CA. Installing a certificate with an unconfirmed thumbprint is a security risk. If you click "yes" you acknowledge this risk. AV and anti-malware scanners don't detect anything. My friend hasn't accepted installing the certificate, but whatever program is trying to install it keeps retrying, making the system unusable (constant interruptions). Is there any way to track down which program is making the attempt to install it so this program can be uninstalled/deleted?

    Read the article

  • What ever happened to the Defense Software Reuse System (DSRS)?

    - by emddudley
    I've been reading some papers from the early 90s about a US Department of Defense software reuse initiative called the Defense Software Reuse System (DSRS). The most recent mention of it I could find was in a paper from 2000 - A Survey of Software Reuse Repositories Defense Software Repository System (DSRS) The DSRS is an automated repository for storing and retrieving Reusable Software Assets (RSAs) [14]. The DSRS software now manages inventories of reusable assets at seven software reuse support centers (SRSCs). The DSRS serves as a central collection point for quality RSAs, and facilitates software reuse by offering developers the opportunity to match their requirements with existing software products. DSRS accounts are available for Government employees and contractor personnel currently supporting Government projects... ...The DoD software community is trying to change its software engineering model from its current software cycle to a process-driven, domain-specific, architecture-based, repository-assisted way of constructing software [15]. In this changing environment, the DSRS has the highest potential to become the DoD standard reuse repository because it is the only existing deployed, operational repository with multiple interoperable locations across DoD. Seven DSRS locations support nearly 1,000 users and list nearly 9,000 reusable assets. The DISA DSRS alone lists 3,880 reusable assets and has 400 user accounts... The far-term strategy of the DSRS is to support a virtual repository. These interconnected repositories will provide the ability to locate and share reusable components across domains and among the services. An effective and evolving DSRS is a central requirement to the success of the DoD software reuse initiative. Evolving DoD repository requirements demand that DISA continue to have an operational DSRS site to support testing in an actual repository operation and to support DoD users. The classification process for the DSRS is a basic technology for providing customer support [16]. This process is the first step in making reusable assets available for implementing the functional and technical migration strategies. ... [14] DSRS - Defense Technology for Adaptable, Reliable Systems URL: http://ssed1.ims.disa.mil/srp/dsrspage.html [15] STARS - Software Technology for Adaptable, Reliable Systems URL: http://www.stars.ballston.paramax.com/index.html [16] D. E. Perry and S. S. Popovitch, “Inquire: Predicate-based use and reuse,'' in Proceedings of the 8th Knowledge-Based Software Engineering Conference, pp. 144-151, September 1993. ... Is DSRS dead, and were there any post-mortem reports on it? Are there other more-recent US government initiatives or reports on software reuse?

    Read the article

  • Access Control Service v2: Registering Web Identities in your Applications [code]

    - by Your DisplayName here!
    You can download the full solution here. The relevant parts in the sample are: Configuration I use the standard WIF configuration with passive redirect. This kicks automatically in, whenever authorization fails in the application (e.g. when the user tries to get to an area the requires authentication or needs registration). Checking and transforming incoming claims In the claims authentication manager we have to deal with two situations. Users that are authenticated but not registered, and registered (and authenticated) users. Registered users will have claims that come from the application domain, the claims of unregistered users come directly from ACS and get passed through. In both case a claim for the unique user identifier will be generated. The high level logic is as follows: public override IClaimsPrincipal Authenticate( string resourceName, IClaimsPrincipal incomingPrincipal) {     // do nothing if anonymous request     if (!incomingPrincipal.Identity.IsAuthenticated)     {         return base.Authenticate(resourceName, incomingPrincipal);     } string uniqueId = GetUniqueId(incomingPrincipal);     // check if user is registered     RegisterModel data;     if (Repository.TryGetRegisteredUser(uniqueId, out data))     {         return CreateRegisteredUserPrincipal(uniqueId, data);     }     // authenticated by ACS, but not registered     // create unique id claim     incomingPrincipal.Identities[0].Claims.Add( new Claim(Constants.ClaimTypes.Id, uniqueId));     return incomingPrincipal; } User Registration The registration page is handled by a controller with the [Authorize] attribute. That means you need to authenticate before you can register (crazy eh? ;). The controller then fetches some claims from the identity provider (if available) to pre-fill form fields. After successful registration, the user is stored in the local data store and a new session token gets issued. This effectively replaces the ACS claims with application defined claims without requiring the user to re-signin. Authorization All pages that should be only reachable by registered users check for a special application defined claim that only registered users have. You can nicely wrap that in a custom attribute in MVC: [RegisteredUsersOnly] public ActionResult Registered() {     return View(); } HTH

    Read the article

  • PHP Requests Being Blocked After Making About 25 in Ten Minutes

    - by Daniel Stern
    We have an administrative portal where we run PHP functions through a Javascript portal using ajax for administrative purposes. For example, we might have a function called updateAllDatabaseEntries() which would call AJAX functions in rapid succession, with those functions each executing numerous SQL queries. The problem is after making several successive requests from the same computer (not an excessive amount, maybe 30 in ten minutes) the system will stop responding to any PHP, HTTP requests ETC ONLY from my computer. From other computers in the office the panel can still be accessed, and access is restored to this computer after about 15 minutes. We believe this is not a glitch but some kind of security feature built into our server, possibly relating to Suhosin and likely well-intentioned but currently preventing us from running our system administration. Server Info: Linux 2.6.32-5-xen-amd64 #1 SMP Tue Mar 8 00:01:30 UTC 2011 x86_64 GNU/Linux Cheers - DS

    Read the article

  • Windows Xp, Svchost.exe connecting to different ips with remote port 445

    - by Coll911
    Im using Windows Xp professional Sp2 Whenever i start my windows, svchost.exe starts connecting to all the possible ips on lan like from 192.168.1.2 to 192.168.1.200 The local port ranges from 1000-1099 and the remote port being 445. After its done with the local ips, it starts connecting to other random ips. I tried blocking connections to the port 445 using the local security polices but it didn't work Is there any possible way i could prevent svchost from connecting to these ips without involving any firewall installed ? since my pc slows down due to the load I'd be thankful for any advices

    Read the article

  • Making diff output more readable

    - by mgunes
    I'm looking for a tool that will take diff / debdiff output (and more specifically, the output of this script) and display the result of the comparison in a highly readable, graphical way. Any pointers would be appreciated. Ideally, it would be the GTK+, FOSS equivalent of MDR. Meld, Diffuse and similar software are not fit for this purpose, since they're intended to work standalone, and don't take input from stdin.

    Read the article

  • Write SQL Code for MySQL Using HeidiSQL 4

    HeidiSQL is a free GUI client for MySQL, favored by many Web developers and database administrators of small to medium-sized businesses to manage persistent storage of data. This article will familiarize you with HeidiSQL&#146;s Query editor by using it to write a query that will join four tables together to perform searches against a help library.

    Read the article

  • Tool to launch a script driven by modem activity

    - by Will M
    Can anyone suggest a software tool (preferably under Windows XP or later) that would launch an application or script in response to a phone call being received on a landline phone line connected to a data modem on the same PC? or, better, in response to a sequence of touch-tones being played over such a phone line. This would allow, for example, using the telephone to manipulate firewall settings so as to create another layer of security in connection with remote internet access to that computer. I seem to recall seeing tools to do this sort of thing in the days before broadband internet access, when there was more attention to various tips and tricks for the dial-up modem, but a few attempts at Google hasn't turned anything up.

    Read the article

  • Returning "200 OK" in Apache on HTTP OPTIONS requests

    - by i..
    I'm attempting to implement cross-domain HTTP access control without touching any code. I've got my Apache(2) server returning the correct Access Control headers with this block: Header set Access-Control-Allow-Origin "*" Header set Access-Control-Allow-Methods "POST, GET, OPTIONS" I now need to prevent Apache from executing my code when the browser sends a HTTP OPTIONS request (it's stored in the REQUEST_METHOD environment variable), returning 200 OK. How can I configure Apache to respond "200 OK" when the request method is OPTIONS? I've tried this mod_rewrite block, but the Access Control headers are lost. RewriteEngine On RewriteCond %{REQUEST_METHOD} OPTIONS RewriteRule ^(.*)$ $1 [R=200,L]

    Read the article

  • I need a script to lockdown the system time to users via gpedit.msc

    - by Chester
    I need to lockdown the system time on a number of PCs via gpedit.msc and then removing administrators from the group and then adding 'administrator' and 'polling'. Can I do this via a script? Essentially I have to; Run gpedit.msc Computer Configuration Windows Settings Security Settings Local Policies User Rights Assignment Double Click Change the system time Select Administrators Click Remove Click Add User or Group Type Administrator Click Check Names Type polling Click Check Names OK Apply OK Logoff I have to do this for a huge number of computers so is there a batch file I could run on each PC to do this? Your help would be very much appreciated. Best Regards

    Read the article

  • How to merge several detached signatures from different people into one?

    - by Petr Pudlák
    A group of people wants to publish a file and they all want to digitally sign the file as different recipients of the file will have different chains of trust. For simplicity, it's desired that there is only one detached signature file with all the signatures, so that the recipients don't need to check them one by one: foo.tar.gz foo.tar.gz.sig However, for security reasons, every person needs to perform the signing on their computer, it's not possible to create the combined signature by having multiple private keys on one computer and performing the operation with one command. Is it possible with GPG to somehow merge detached signatures of a file from multiple participants?

    Read the article

  • How to check the OS is running on bare metal and not in virtualized environment created by BIOS?

    - by Arkadi Shishlov
    Is there any software available as a Linux, *BSD, or Windows program or boot-image to check (or guess with good probability) the environment an operating system is loaded onto is genuine bare metal and not already virtualized? Given recent information from various sources, including supposed to be E.Snowden leaks, I'm curious about the security of my PC-s, even about those that don't have on-board BMC. How it could be possible and why? See for example Blue Pill, and a number of papers. With a little assistance from network card firmware, which is also loadable on popular card models, such hypervisor could easily spy on me resulting in PGP, Tor, etc. exercises futile.

    Read the article

  • Safety concerns on allowing connections to MySQL with no password on localhost?

    - by ÉricO
    In the case of a Linux system, is there any security concern to let MySQL users with standard privileges (that is, not the root users) connect to the database with no password from localhost? I think that enforcing a password even for localhost can add a layer of protection, since, with no password the database access would be compromised if the SSH access is itself compromised. Considering that, would it be less safe to allow no password connection to MySQL than having the same password for SSH and for MySQL? I don't know if that is to be taken into account, but we also use phpMyAdmin to let users administrate their own database. I am asking because I kinda dislike having to put our database passwords unencrypted in the source or configuration files of our applications, where they can easily be leaked unintentionally. Since our servers are configured to run our applications as the Linux user the application belongs to, I was considering allowing no password from localhost as a simple solution. So, would that be a very bad idea or not?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 181 182 183 184 185 186 187 188 189 190 191 192  | Next Page >