Search Results

Search found 18450 results on 738 pages for 'website attacks'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 206/738 | < Previous Page | 202 203 204 205 206 207 208 209 210 211 212 213  | Next Page >

  • A few questions about a Rails model for a simple addressbook app

    - by user284194
    I have a Rails application that lists information about local services. My objectives for this model are as follows: 1. Require the name and tag_list fields. 2. Require one or more of the tollfreephone, phone, phone2, mobile, fax, email or website fields. 3. If the paddress field has a value, then encode it with the Geokit plugin. Here is my entry.rb model: class Entry < ActiveRecord::Base validates_presence_of :name, :tag_list validates_presence_of :tollfreephone or :phone or :phone2 or :mobile or :fax or :email or :website acts_as_taggable_on :tags acts_as_mappable :auto_geocode=>{:field=>:paddress, :error_message=>'Could not geocode physical address'} before_save :geocode_paddress validate :required_info def required_info unless phone or phone2 or tollfreephone or mobile or fax or email or website errors.add_to_base "Please have at least one form of contact information." end end private def geocode_paddress #if paddress_changed? geo=Geokit::Geocoders::MultiGeocoder.geocode (paddress) errors.add(:paddress, "Could not Geocode address") if ! geo.success self.lat, self.lng = geo.lat,geo.lng if geo.success #end end end Requiring name and tag_list work, but requiring one (or more) of the tollfreephone, phone, phone2, mobile, fax, email or website fields does not. As for encoding with Geokit, in order to save a record with the model I have to enter an address. Which is not the behavior I want. I would like it to not require the paddress field, but if the paddress field does have a value, it should encode the geocode. As it stands, it always tries to geocode the incoming entry. The commented out "if paddress_changed?" was not working and I could not find something like "if paddress_exists?" that would work. Help with any of these issues would be greatly appreciated. I posted three questions pertaining to my model because I'm not sure if they are preventing each other from working. Thank you for reading my questions.

    Read the article

  • How Search Engine Bots Crawl Forums?

    - by Waleed Eissa
    If I have a forums site with a large number of threads, will the search engine bot crawl the whole site every time? Say I have over 1,000,000 threads in my site, will they get crawled every time the bot crawls my site? or how does it work? I want my website to be indexed but I don't want the bot to kill my website! In other words I don't want the bot to keep crawling the old threads again and again every time it crawls my website. Also, what about the pages crawled before? Will the bot request them every time it crawls my website to make sure they are still on the site? I'm asking this because I only link to the latest threads, i.e. there's a page that contains a list of all the latest threads, but I don't link to the older threads, they have to be explicitly requested by URL, e.g. http://www.mysite.com/showthread.aspx?threadid=7 , will this work to stop the bot from bringing my site down and consuming all my bandwidth? P.S. The site is still under development but I want to know in order to design the site so that search engine bots don't bring it down. Thanks

    Read the article

  • How do I add a default namespace with no prefix using XMLSerializer

    - by OldBob
    Hi Using C# and .Net 3.5; I am trying to generate an XML document that contains the default namespace without a prefix using XMLSerializer. eg. <?xml version="1.0" encoding="utf-8" ?> <MyRecord ID="9266" xmlns="http://www.website.com/MyRecord"> <List> <SpecificItem> using the following code string xmlizedString = null; MemoryStream memoryStream = new MemoryStream(); XmlSerializer xs = new XmlSerializer(typeof(ExportMyRecord)); XmlSerializerNamespaces xmlnsEmpty = new XmlSerializerNamespaces(); xmlnsEmpty.Add(string.Empty, string.Empty); XmlTextWriter xmlTextWriter = new XmlTextWriter(memoryStream, Encoding.UTF8); xs.Serialize(xmlTextWriter, myRecord, xmlnsEmpty); memoryStream = (MemoryStream)xmlTextWriter.BaseStream; xmlizedString = this.UTF8ByteArrayToString(memoryStream.ToArray()); and class structure [Serializable] [XmlRoot("MyRecord")] public class ExportMyRecord { [XmlAttribute("ID")] public int ID { get; set; } Now, I've tried various options XmlSerializer xs = new XmlSerializer(typeof(ExportMyRecord),"http://www.website.com/MyRecord"); or [XmlRoot(Namespace = "http://www.website.com/MyRecord", ElementName="MyRecord")] gives me <?xml version="1.0" encoding="utf-8"?> <q1:MylRecord ID="9266" xmlns:q1="http://www.website.com/MyRecord"> <q1:List> <q1:SpecificItem> I need the XML to have the namespace without the prefix as it's going to a third party provider and they reject all other alternatives. Any suggestions? No responses so far. Has anyone experienced this or know how to solve it?

    Read the article

  • Connect from java mobile application to webservice to read messages.

    - by Alexandru Trandafir Catalin
    Hello, I have a website where users can send personal messages between them, now I want them to recieve the messages also on their mobile phone but without having to send them a SMS. I am thinking about providing them with a mobile phone with internet access over GPRS or 3G, then develop a Java application that will connect to the website and retrieve the messages. On the website I am thinking to make a webservice where the phone will login, get new messages, and also be able to answer back to messages. Does anyone know any mobile application tutorial that will do that? Or do you recommend me where to start? I never done a java mobile application before, I only work with websites and PHP. I also tried to use ICQ, the client is already done for java and for iphone, and I've also found a script that will send ICQ messages from PHP, but ICQ server bans you for 20 minutes when you do many reconnections, so I have to develop some kind of ICQ bot always online that will check for new messages to send from the mySQL database and then send them, one per 2-3 seconds, so the server won't ban me for flooding. Well any advice or recommendation is welcome about how to have users connected to the website messaging system from their phones. Thank you!

    Read the article

  • PHP $_SERVER['HTTP_HOST'] vs. $_SERVER['SERVER_NAME'], am I understanding the man pages correctly?

    - by Jeff
    I did a lot of searching and also read the PHP $_SERVER man page. Do I have this right regarding which to use for my PHP scripts for simple link definitions used throughout my site? $_SERVER['SERVER_NAME'] is based on your web servers' config file (Apache2 in my case), and varies depending on a few directives: (1) VirtualHost, (2) ServerName, (3) UseCanonicalName, etc. $_SERVER['HTTP_HOST'] is based on the request from the client. Therefore, it would seem to me that the proper one to use in order to make my scripts as compatible as possible would be $_SERVER['HTTP_HOST']. Is this assumption correct? Followup comments: I guess I got a little paranoid after reading this article and noting that someone said "they wouldn't trust any of the $_SERVER vars": http://markjaquith.wordpress.com/2009/09/21/php-server-vars-not-safe-in-forms-or-links/ and also: http://www.php.net/manual/en/reserved.variables.server.php (comment: Vladimir Kornea 14-Mar-2009 01:06) Apparently the discussion is mainly about $_SERVER['PHP_SELF'] and why you shouldn't use it in the form action attribute without proper escaping to prevent XSS attacks. My conclusion about my original question above is that it is "safe" to use $_SERVER['HTTP_HOST'] for all links on a site without having to worry about XSS attacks, even when used in forms. Please correct me if I'm wrong.

    Read the article

  • How to Manage CSS Explosion

    - by Jason
    I have been heavily relying on CSS for a website that I am working on (currently, everything is done as property values within each tag on the website and I'm trying to get away from that to make updates significantly easier). The problem I am running into, is I'm starting to get a bit of "CSS explosion" going on. It is becoming difficult for me to decide how to best organize and abstract data within the CSS file. For example: I am using a large number of div tags within the website (previously it was completely tables based). So I'm starting to get a lot of CSS that looks like this... div.title { background-color: Blue; color: White; text-align: center; } div.footer { /* Stuff Here */ } div.body { /* Stuff Here */ } etc. It's not too bad yet, but since I am learning here, I was wondering if recommendations could be made on how best to organize the various parts of a CSS file. What I don't want to get to is where I have a separate CSS attribute for every single thing on my website (which I have seen happen), and I always want the CSS file to be fairly intuitive. (P.S. I do realize this is a very generic, high-level question. My ultimate goal is to make it easy to use the CSS files and demonstrate their power to increase the speed of web development so other individuals that may work on this site in the future will also get into the practice of using them rather than hard-coding values everywhere.)

    Read the article

  • Distributed Message Ordering

    - by sbanwart
    I have an architectural question on handling message ordering. For purposes of this question, the transport is irrelevant, so I'm not going to specify one. Say we have three systems, a website, a CRM and an ERP. For this example, the ERP will be the "master" system in terms of data ownership. The website and the CRM can both send a new customer message to the ERP system. The ERP system then adds a customer and publishes the customer with the newly assigned account number so that the website and CRM can add the account number to their local customer records. This is a pretty straight forward process. Next we move on to placing orders. The account number is required in order for the CRM or website to place an order with the ERP system. However the CRM will permit the user to place an order even if the customer lacks an account number. (For this example assume we can't modify the CRM behavior) This creates the possibility that a user could create a new customer, and place an order before the account number gets updated in the CRM. What is the best way to handle this scenario? Would it be best to send the order message sans account number and let it go to an error queue? Would it be better to have the CRM endpoint hold the message and wait until the account number is updated in the CRM? Maybe something completely different that I haven't thought of? Thanks in advance for any help.

    Read the article

  • How to solve the problem of not being informed of successful payments by the 3rd party system used b

    - by user68759
    I have a subscription based website that interacts with a 3rd party system to handle the payments. The steps to process a new subscriber registration are as follow: The subscriber enters his/her details in the subscription form and click on the submit button. Assuming the details specified are valid, a new record is created in the database to store these details. The subscriber is then redirected to the website of the 3rd party system (similar to paypal) to process the payment. Once the payment is succesful, the 3rd party website then redirect the subscriber back to our website. At this time, I know that the payment was succesful, so the record in the database is updated to indicate that payment has been made successfully. A problem that I have found occurring quite often is that if a subscriber pays but does not complete the process correctly (e.g. uses the back browser, closes the window), his/her record in the database doesn't get updated about this. Accordingly, I don't know if s/he has paid by just looking the record and need to wait for the report from the 3rd party system to find this out. How do you solve this problem? PS. One of the main reasons to store their details into the database before the payment process is done is so they can come back to complete the payment without re-entering their details again. For example, when their credit cards were rejected by the 3rd party system and they need to sort this out with their financial institution which may take a while.

    Read the article

  • IIS site always returns 404 to WinMo emulator

    - by Derick Bailey
    I'm running Win7x64 Ultimate with Visual Studio 2008. I have a website built in ASP.NET 3.5 and hosted via IIS on my box. I can run the website perfectly fine and I can hit all of the web services that I have built in the website, using a web browser. When I pull up my Windows Mobile 6 emulator and hit the site (using my IP address) it always returns a 404 error. I have the emulator cradled w/ Device Emulator Manager and I can interact with the emulated device normally. I am also able to get out to google.com and other websites w/ the emulated device. I have also verified that the emulator is hitting my box by stopping the IIS website and seeing that the WinMo emulator cannot get any response. Then when I start the site again, I get a 404 error. When I pull up my site on my local dev box via FireFox or IE using the IP address it works perfectly fine. The worst part is this worked perfectly fine a few weeks ago, when I used it last. I don't know that I've changed anything since then - I'm just trying to use the emulator to hit my site again. Help?! Update: my http requests comign from the WinMo emulator are not getting logged in the IIS log files, while my requests from FireFox on my local box are getting logged. Not sure if that helps in figuring out the problem... Update 2: I can use the ruby Webbrick server on my local box and hit that server from my emulator just fine. is in IIS not allowing me to hit the IIS site from the emu? UPdate 3: I cradled an actual WinMo device to my box with it's networking turned off and was able to hit the IIS site just fine. that makes me think it's something set up wrong in the emulator.

    Read the article

  • WCF service reference namespace differs from original

    - by Thorarin
    I'm having a problem regarding namespaces used by my service references. I have a number of WCF services, say with the namespace MyCompany.Services.MyProduct (the actual namespaces are longer). As part of the product, I'm also providing a sample C# .NET website. This web application uses the namespace MyCompany.MyProduct. During initial development, the service was added as a project reference to the website and uses directly. I used a factory pattern that returns an object instance that implements MyCompany.Services.MyProduct.IMyService. So far, so good. Now I want to change this to use an actual service reference. After adding the reference and typing MyCompany.Services.MyProduct in the namespace textbox, it generates classes in the namespace MyCompany.MyProduct.MyCompany.Services.MyProduct. BAD! I don't want to have to change using directives in several places just because I'm using a proxy class. So I tried prepending the namespace with global::, but that is not accepted. Note that I hadn't even deleted the original assembly references yet, and "reuse types" is enabled, but no reusing was done, apparently. However, I don't want to keep the assembly references around in my sample website for it to work anyway. The only solution I've come up with so far is setting the default namespace for my web application to MyCompany (because it cannot be empty), and adding the service reference as Services.MyProduct. Suppose that a customer wants to use my sample website as a starting point, and they change the default namespace to OtherCompany.Whatever, this will obviously break my workaround. Is there a good solution to this problem? To summarize: I want to generate a service reference proxy in the original namespace, without referencing the assembly. Note: I have seen this question, but there was no solution provided that is acceptable for my use case. Edit: As John Saunders suggested, I've submitted some feedback to Microsoft about this: Feedback item @ Microsoft Connect

    Read the article

  • Silverlight ClientAccessPolicy issue...I think

    - by Terrence
    Fisrt of all I have my ClientAccessPolicy.xml file in the root of my website. If I access my website using the public domain name like this: h t t p://www.mydomain.com and then go to the page where my SL control is, I get the spinning % numbers up until about 98%, then it quits and my SL control does not appear on the page. If I access my website using the machine name (website is at datacenter, we have vpn setup) like this: h t t p://machinename and then go to the page where my SL control is everything works fine. this must be a ClientAccess Policy issue don't your think? Or what DO you thnik the issue is? Thanks in advance. Here is the contents of my ClientAccessPolicy.xml file: <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*" /> </allow-from> <grant-to> <resource path="/" include-subpaths="true" /> </grant-to> </policy> </cross-domain-access> </access-policy>

    Read the article

  • DOM manipulation in PHP

    - by bluedaniel
    Hello everyone, Im trying to use the DOM in PHP to do a pretty specific job and Ive got no luck so far, the objective is to take a string of HTML from a Wordpress blog post (from the DB, this is a wordpress plugin). And then out of that HTML replace <div id="do_not_edit">old content</div>" with <div id="do_not_edit">new content</div>" in its place. Saving anything above and below that div in its structure. Then save the HTML back into the DB, should be simple really, I have read that a regex wouldnt be the right way to go here so Ive turned to the DOM instead. The problem is I just cant get it to work, cant extract the div or anything. Help me!! UPDATE The HTML coming out of the wordpress table looks like: Congratulations on finding us here on the world wide web, we are on a mission to create a website that will show off your culinary skills better than any other website does. <div id="do_not_edit">blah blah</div> We want this website to be fun and easy to use, we strive for simple elegance and incredible functionality.We aim to provide a 'complete package'. By this we want to create a website where people can meet, share ideas and help each other out. After several different (incorrect) workings all Ive got below is: $content = ($wpdb->get_var( "SELECT `post_content` FROM $wpdb->posts WHERE ID = {$article[post_id]}" )); $doc = new DOMDocument(); $doc->validateOnParse = true; $doc->loadHTMLFile($content); $element = $doc->getElementById('do_not_edit'); echo $element;

    Read the article

  • Managing shared product backlog items across multiple platforms

    - by MotoSV
    I am using TFS 2012 to develop a application that will be available as a website and a mobile application, i.e. Windows Phone, Android, etc. While I've been building up a list of features for this application I've noticed that a lot of them will be available across all platforms and I'm not to sure how to manage them within a product backlog. For example, there will be an option to sign in with a Facebook account and user will be able to do this on website and mobile applications. So my though was I would create a product backlog item "Sign in with Facebook account" and assign it to an area called "Website". I would then create another backlog item, with the same title, but this time assign it to an area called "Windows Phone". Therefore my backlog would have two items, both with the same title, but different areas. The idea is I could assign the "Sign in..." backlog item for the website to one sprint and then assign the "Sign in..." backlog item for Windows Phone to another sprint. Seeing as I'm new using Agile/Scrum would this be considered a viable way of managing a product backlog?

    Read the article

  • C#; On casting to the SAME class that came from another assembly

    - by G. Stoynev
    For complete separation/decoupling, I've implemented a DAL in an assebly that is simply being copied over via post-build event to the website BIN folder. The website then on Application Start loads that assembly via System.Reflection.Assembly.LoadFile. Again, using reflection, I construct a couple of instances from classes in that assembly. I then store a reference to these instances in the session (HttpContext.Current.Items) Later, when I try to get the object stored in the session, I am not able to cast them to their own types (was trying interfaces initially, but for debugging tried to cast to THEIR OWN TYPES), getting this error: [A]DAL_QSYSCamper.NHibernateSessionBuilder cannot be cast to [B] DAL_QSYSCamper.NHibernateSessionBuilder. Type A originates from 'DAL_QSYSCamper, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' in the context 'Default' at location 'C:\Users\dull.anomal\AppData\Local\Temp\Temporary ASP.NET Files\root\ad6e8bff\70fa2384\assembly\dl3\aaf7a5b0\84f01b09_b10acb01\DAL_QSYSCamper.DLL'. Type B originates from 'DAL_QSYSCamper, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' in the context 'LoadNeither' at location 'C:\Users\dull.anomal\Documents\Projects\QSYS\Deleteme\UI\MVCClient\bin\DAL_QSYSCa mper.DLL'. This is happening while debugging in VS - VS manages to stop into the source DAL project even though I've loaded from assembly and the project is not refferenced by the website project (they're both in the solution). I do understand the error, but I don't understand how and why the assembly is being used/loaded from two locations - I only load it once from the file and there's no referrence to the project. Should mention that I also use Windsor for DI. The object that tries to extract the object from the session is A) from a class from that DAL assembly; B) is injected into a website class by Windsor. I will work on adding some sample code to this question, but wanted to put it out in case it's obvious what I do wrong.

    Read the article

  • VS ASP.NET 500 Server Error

    - by rlb.usa
    Hey guys, I'm having a super weird problem with my VS 2008 solution. We had this hand-coded ASP.NET compiled web app on our old IIS6/Win2003 server, working great, moved it to our new IIS7/Win2008 server, still working great, but when I try to compile the application and publish it again to our new Win2008 server, I get server 500 errors. It's ASP.NET 2.0 with AJAX extensions and AJAX control toolkit. I'm not too great with server issues, or even sure if it is a server issue but here are some more symptoms... ? I know the website works (it only differs by some minor code fixes) and can use it's code on a development machine, there are no errors, and it publishes fine. Publishing (using the DLL files), and even not publishing and trying to use the code-behind files on our new server, both no success. The old website does work on the new server just fine. If I put a simple hello world html page in the website's virtual directory, with the old code, it works fine, but with the new code, that html page gets the 500 error. And in fact, oddly, I can add all the files to the website, only when I add the web.config, do I get the 500 error. The web.config has not changed. Tried stopping and restarting IIS What's the problem, here? Any ideas, what else can I do to troubleshoot the problem?

    Read the article

  • Freelance web hosting - what are good LAMP choices?

    - by tkotitan
    I think it's best if I ask this question with an example scenario. Let's say your mom-and-pop local hardware store has never had a website, and they want you, the freelance developer to build them a website. You have all the skills to run a LAMP setup and admin a system, so the difficult question you ask yourself is - where will I host it? As you aren't going to host it out of the machine in your apartment. Let's say you want to be able to customize your own system, install the version of PHP you want, and manage your own database. Perhaps the best kind of hosting is to get a virtual machine so you can customize the system as you see fit. But this essentially a "set it and forget it" site you make, bill by the hour for, and then are done. In other words, the hosting should not be an issue. Given the requirements of hosting a website: Unlimited growth potential needing good amounts of bandwidth to handle visitors Wide range of system and programming options allowing it to be portable Relatively cheap (not necessarily the cheapest) or reasonable scaling cost Reliable hosting with good support Hosted entirely on the host company's hardware Who would you pick to host this website? Yes I am asking for a business/company recommendation. Is there a clear answer for this scenario, or a good source that can reliably give the current answer? I know there are all kinds of schemes out there. I'm just wondering if any one company fills the bill for freelancers and stands out in such a crowded market.

    Read the article

  • Am I fundamentally misunderstanding how Silverlight runs? (debugging issues)

    - by SP
    I've got a vs2010 solution containing an ASP.Net 4 website, and a Silverlight 4 project. The website is linked to the Silverlight project ('Map') and the ClientBin folder contains a Map.xap file. The Map project is very simple. It contains the default App.xaml and App.xaml.cs files. The MainPage.xaml file looks like this <UserControl x:Class="Map.MainPage" xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:d="http://schemas.microsoft.com/expression/blend/2008" xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006" mc:Ignorable="d" d:DesignHeight="380" d:DesignWidth="800"> <Canvas x:Name="MainCanvas" Width="800" Height="380"> <Canvas.Background> <ImageBrush ImageSource="map.png" Stretch="None"/> </Canvas.Background> </Canvas> The code behind for that looks like this: public partial class MainPage : UserControl { public MainPage() { InitializeComponent(); throw new Exception(); } } Inside one of the website pages I have the default object pointing to my Silverlight xap When I run the website, I see my background image on the Canvas in the Silverlight window, so I know it's working in that sense. However, I cannot break on any breakpoints set in the MainPage.xaml.cs file (in IE). I have checked the correct settings for Silverlight debugging. And see that Exception I'm throwing in the MainPage constructor? I'm not seeing that either. In fact, nothing I put in there seems to be run at all, but I know the xaml is rendering because I can see my canvas background. What am I not getting here?

    Read the article

  • DOM manipulation

    - by bluedaniel
    Hello everyone, Im trying to use the DOM in PHP to do a pretty specific job and Ive got no luck so far, the objective is to take a string of HTML from a Wordpress blog post (from the DB, this is a wordpress plugin). And then out of that HTML replace <div id="do_not_edit">old content</div>" with <div id="do_not_edit">new content</div>" in its place. Saving anything above and below that div in its structure. Then save the HTML back into the DB, should be simple really, I have read that a regex wouldnt be the right way to go here so Ive turned to the DOM instead. The problem is I just cant get it to work, cant extract the div or anything. Help me!! UPDATE The HTML coming out of the wordpress table looks like: Congratulations on finding us here on the world wide web, we are on a mission to create a website that will show off your culinary skills better than any other website does. <div id="do_not_edit">blah blah</div> We want this website to be fun and easy to use, we strive for simple elegance and incredible functionality.We aim to provide a 'complete package'. By this we want to create a website where people can meet, share ideas and help each other out. After several different (incorrect) workings all Ive got below is: $content = ($wpdb->get_var( "SELECT `post_content` FROM $wpdb->posts WHERE ID = {$article[post_id]}" )); $doc = new DOMDocument(); $doc->validateOnParse = true; $doc->loadHTMLFile($content); $element = $doc->getElementById('do_not_edit'); echo $element;

    Read the article

  • Access problems with IIS 7 and a WCF service

    - by Steve
    I have a Silverlight app that calls a WCF service, the service calls some stored procedures in an SQL db using Visual Studio 2008's Link to SQL class and returns the information to whatever called it. I have set up the compiled project (website with embedded app and the WCF service) on an remote IIS 7 server. I recompiled my local copy to use the WCF service that is now hosted on the IIS box and not the one on the local dev server that Visual Studio provides, if I use the local version of the website (hosted on the dev server, and using the remote SCF service) it is able to make calls it needs and display the information. However, if I use the website that is being hosted by the remote IIS server, the app will not get the information it needs from the service. On the IIS server I have the application pool and the website running under my credentials, which have access to the database. Users connecting to the webpage use anonymous authentication. Any ideas as to why I can only access the service when running from the dev server and not through the remotely hosted webpage are appreciated. If anything needs clarification, please ask.

    Read the article

  • Avoid slowdowns while using off-site database

    - by Anders Holmström
    The basic layout of my problem is this: Website (ASP.NET/C#) hosted at a dedicated hosting company (location 1) Company database (SQL Server) with records of relevant data (location 2). Location 1 & 2 connected through VPN. Customer visiting the website and wanting to pull data from the company database. No possibility of changing the server locations or layout (i.e. moving the website to an in-office server isn't possible). What I want to do is figure out the best way to handle the data acces in this case, minimizing the need for time-expensive database calls over the VPN. The first idea I'm getting is this: When a user enters the section of the website needing the DB data, you pull all the needed tables from the database into a in-memory dataset. All subsequent views/updates to the data is done on this dataset. When the user leaves (logout, session timeout, browser closed etc) the dataset gets sent to the SQL server. I'm not sure if this is a realistic solution, and it obviously has some problems. If two web visitors are performing updates on the same data, the one finishing up last will have their changes overwriting the first ones. There's also no way of knowing you have the latest data (i.e. if a customer pulls som info on their projects and we update this info while they are viewing them, they won't see these changes PLUS the above overwriting issue will arise). The other solution would be to somehow aggregate database calls and make sure they only happen when you need them, e.g. during data updates but not during data views. But then again the longer a pause between these refreshing DB calls, the bigger a chance that the data view is out of date as per the problem described above. Any input on the above or some fresh ideas would be most welcome.

    Read the article

  • 3 questions about JSON-P format.

    - by Tristan
    Hi, I have to write a script which will be hosted on differents domains. This script has to get information from my server. So, stackoverflow's user told me that i have to use JSON-P format, which, after research, is what i'm going to do. (the data provided in JSON-P is for displaying some information hosted on my server on other website) How do I output JSON-P from my server ? Is it the same as the json_encode function from PHP How do i design the tree pattern for the output JSON-P (you know, like : ({"name" : "foo", "id" : "xxxxx", "blog" : "http://xxxxxx.com"}); can I steal this from my XML output ? (http://bit.ly/9kzBDP) Each time a visitor browse a website on which my widget is it'll make a request on my server, requesting the JSON-P data to display on the client side. It'll increase dramatically the CPU load (1 visitor on the website who will have the script = 1 SQL request on my server to output data), so is there any way to 'caching' the JSON-P information output to refresh it only one or twice a day and stores it into a 'file' (in which extension?). BUT on the other hand i would say that requesting the JSON-P data directly (without caching it) is a plus, because, websites which will integrates the script only want to display THEIR information and not the whole data. So, making a script with something like that: jQuery.getJSON("http://www.something.com/json-p/outpout?filter=5&callback=?", function(data) { ................); }); Where filter= the information the website wants to display What do you think ? Thank you very much ;)

    Read the article

  • When is it safe to use a broken hash function?

    - by The Rook
    It is trivial to use a secure hash function like SHA256 and continuing to use md5 is reckless behavior. However, there are some complexities to hash function vulnerabilities that I would like to better understand. Collisions have been generated for md4 and md5. According to NIST md5() is not a secure hash function. It only takes 2^39th operations to generate a collision and should never be used for passwords. However SHA1 is vulnerable to a similar collision attack in which a collision can be found in 2^69 operations, where as brute force is 2^80th. No one has generated a sha1 collision and NIST still lists sha1 as a secure message digest function. So when is it safe to use a broken hash function? Even though a function is broken it can still be "big enough". According to Schneier a hash function vulnerable to a collsion attack can still be used as an HMAC. I believe this is because the security of an HMAC is Dependant on its secret key and a collision cannot be found until this key is obtained. Once you have the key used in a HMAC its already broken, so its a moot point. What hash function vulnerabilities would undermine the security of an HMAC? Lets take this property a bit further. Does it then become safe to use a very weak message digest like md4 for passwords if a salt is perpended to the password? Keep in mind the md4 and md5 attacks are prefixing attacks, and if a salt is perpended then an attacker cannot control the prefix of the message. If the salt is truly a secret, and isn't known to the attacker, then does it matter if its a appended to the end of the password? Is it safe to assume that an attacker cannot generate a collision until the entire message has been obtained? Do you know of other cases where a broken hash function can be used in a security context without introducing a vulnerability? (Please post supporting evidence because it is awesome!)

    Read the article

  • Best way of showing more results with javascript/css

    - by Ricardo Neves
    I'm developing a website and i'm having troubles showing the search results to the user the way I want. Basically, after the user search, the page makes a couple of ajax requests and as soon as a response arrive it appends the info to a specific element on my page. Each results is shown as a line... The problem is that in most case there are going to be more than 1000 results and this would make the page have a large scroll. My idea was to show only the first 15 results and when the user clicks "show more" the element would expand and show the next 15 results and so on... This would be easier to do if the website wasn't responsive, but because it is I can't find the proper way of implementing what I want without lowering the website perfomance. I have "2 ideas": The first is by using something like #element .div:nth-child(-n+15) on my css and figure a way of changing the "15" to how much results I want to show... I don't know if this can be done. Is it possible to call css rules with parameters? Maybe with less css? The second option is probably a bad option if i don't want to lower the website performance. Using javascript I would check if there is a specific css class(like .show-15 .show30 .show45) and add that class to my element and if it don't exist, create it somehow.. Any help would be appreciated.

    Read the article

  • How to create the automatic mass form submitter (javascript-ajax script) to be used on the 3rd part

    - by Daniel
    I need a script that can handle the following tasks. Take user data from my database and fill in and submit / post data to forms located on third part websites.: So I want to know if is it hard to create or do somebody knows if does exists some script for mass form submissions in PHP -Javascript-Ajax ? I run Dancers & Hostess & Model jobs website, I would like to find some script which allows the girls automaticly submit to hundreds websites forms (other 3rd part model agencies) with their similar model application form info on my website previously specified, 1).Firstly the girls will fill out my agency portfolio very detailed form , like this i will get all the model personal info from them , 2) Secondly i would like to allow for example models to submit to 100 and more other model agencies forms (I will find those websites before, and I will get their field names = values and thanks to some script would like to connect them with every girl data already created in my website to submit . I would like to implement it to my wordpress website where the girls has their portfolios instead of my pages . I would like to offer this service especially to models , it should work like some directory submitters , The script knows names - values and fill it out itself, but I want it online - browser side, where the girls should only fill out captcha if there is and click the button "submit".After succesful submit it should offer other form to submit. I would be very happy if you know the answer or if you can redirect me to some article

    Read the article

  • iPhone application purchase verification -- possible?

    - by Sedate Alien
    The iPhone 3.0 SDK's StoreKit.framework provides support for in-app purchases to give the user additional content, functionality and so on. It is possible for an app to send the transactionReceipt property of SKPaymentTransaction objects to the developer's server for verification of successful purchasing before granting service. Is there any analogous SDK to verify the initial application purchase itself? A developer that wishes for their server to only provide services to genuine applications (i.e. not pirated) without using IAP could do so by verifying the application in this manner, e.g. ensure that only users with the correct transactionReceipt are catered for. I understand that this approach would still be vulnerable to replay attacks; a dedicated group of pirates could share a valid transactionReceipt. However, my server provides a consumable service to users, i.e. once they've connected and done the work, it needn't work a second time so replay attacks are nullified. The service that my app provides is relatively niche. I could distribute it on the App Store as a free application that requires at least one IAP to do anything useful, but I am lead to believe that this would be a very unpopular move among users as it would be considered misleading. If I distribute it as a paid app, I do not know how to ensure that only genuine apps can access the webservice. This is important as every invocation of the webservice costs me money! What are my options?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 202 203 204 205 206 207 208 209 210 211 212 213  | Next Page >