Search Results

Search found 32114 results on 1285 pages for 'general development'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 232/1285 | < Previous Page | 228 229 230 231 232 233 234 235 236 237 238 239  | Next Page >

  • Am I under risk of CSRF attacks in a POST form that doesn't require the user to be logged in?

    - by Monika Sulik
    I'm probably being a total noob here, but I'm still uncertain about what a CSRF (Cross-Site Request Forgery) attack is exactly. So lets look at three situations... 1) I have a POST form that I use to edit data on my site. I want this data to be edited only by users that are logged in. 2) I have a site, which can be used by both users who are logged in as well as guests. Parts of the site are for logged in users only, but there are also POST forms that can be used by all users - anonymous and not (for example a standard contact form). Should the contact form be safeguarded against CSRF attacks? 3) I have a site which doesn't have an authentication system at all (well, perhaps that's unrealistic, so lets say it has an admin site which is separate from the rest of it and the admin part is properly safeguarded). The main part of the site is only used by anonymous users. Do the POST forms on it need to be safeguarded? In the case of 1) the answer is clearly yes. But in the case of 2 and 3 I don't know (and is the difference between 2 and 3 even significant?).

    Read the article

  • DotnetNuke redirect

    - by X-Dev
    our client needs to shortcuts to particular pages We need to redirect non existent urls like http://site.com/promotion1 to the actual URL similar to http://site.com/promotions/promotion1/tabid/799/language/en-AU/Default.aspx ... I've sent a list of appropriate DNN modules to our client but it may take them forever to get back to me. In the mean time they still submitting requests to us to create redirects for them. if there's no cost involved then i wont have to wait for them to get back to me. so I'm looking for a Quick and free way to enable the clients to set these up on this own. I've looked at: http://www.snowcovered.com/snowcovered2/Default.aspx?tabid=242&PackageID=3302 http://www.ventrian.com/Resources/Projects/FriendlyUrls.aspx http://www.codeproject.com/kb/aspnet/dnn2url_rewrite.aspx But haven't had much luck in the small amount of time i have available. Has anyone got some suggestions on how to achieve our goal with either the above resources or maybe some additional resource i haven't found yet? (DNN v4.9)

    Read the article

  • UrlEncoding-Safe Delimiter

    - by Aren B
    So the site I'm working on has a filter system that operates by passing a key and value system through a querystring. The whole site is going through a re-factor soon and I'm maintaining the existing site so before we discuss the RIGHT way to implement this, I just need ideas for changing my delimiter. The current format is like this: cf=<key>:<value> The problem is, I've recently run into an issue because some of our new values for this filter contain : in them. I.e: cf=MO_AspectRatio:16:10 The value is being UrlEncoded, but the browsers are de-coding %3a into : on the fly because the : doesn't inherently break the urls. I need some suggestions for url-safe delimiters that aren't :,-,_,&,? that makes sense. I'm not looking for a solution like () or something wild.

    Read the article

  • Remote File upload in grails

    - by BlackPanther
    I am creating a webapplication using grails which uses lot of ajax.I want to implement file upload using ajax.I dont know how to use ajax for file upload.My sample GSP code is : <!-- code for file upload form--> <div id="updateArea"> </div> I tried with and .After uploading I want to update the 'updateArea' with the result.In result I am planning to show details of the uploaded file.

    Read the article

  • Credit card system implementation?

    - by Mark
    My site is going to have a credit system that basically works a lot like a credit card. Each user has an unlimited credit limit, but at the end of each week, they have to pay it off. For example, a user might make several purchases between March 1st and 7th, and then at the end of March 7th, they would be emailed an invoice that lists all their purchases during the week and a total that is due by the 14th. If they don't pay it off, their account is simply deactivated until they do. I'm just trying to wrap my head around how to implement this. I have a list of all their purchases, that's not a problem, but I'm just trying to figure out what to do with it. On the end of the 7th day, I could set up a cronjob to generate an invoice, which would basically have an id, and due date, and then I would need another many-to-many table to link all the purchases to the invoice. Then when a user adds money to their account, I guess it's applied against their current outstanding invoice? And what if they don't pay off their invoice by the time a new invoice rolls around, so now they have 2 outstanding ones, how do I know which to apply it against? Or do I make the cronjob check for any previous outstanding invoices, cancel them, and add a new item to the new invoice as "balance forward (+interest)"? How would you apply the money against an invoice? Would each payment have to be linked to an invoice, or could I just deposit it to their account credit, and then somehow figure out whats been paid and what hasn't? What if they pay in advance, before their invoice has been generated? Do I deduct it from their credit from the invoice upon generation, or at the end of the week when its due? There are so many ways to do this... Can anyone describe what approach they would take?

    Read the article

  • alternatedocroot

    - by ring bearer
    Using Sun Glassfish Enterprise server v2.1.1 I am using "alternatedocroot" via sun-web.xml for my web application to abstract out static content from actual deploy-able code (EAR/WAR) What I have is a cluster of two server instances distributed across two physical hosts - HOST1 and HOST2. "alternatedocroot" points to /data/static-content/ on both HOST1 and HOST2. Would DAS (Domain application server )take care of syncing /data/static-content between HOST1 and HOST2 if I use syncinstances=true option while starting up the cluster? Thanks!

    Read the article

  • How to embedd cgi in html

    - by neversaint
    I have no problem executing a cgi file under the normal url like this: http://www.myhost.com/mydir/cgi-bin/test.cgi However when I tried to embedd it into HTML file (called index.html) like this: <HTML> <BODY> <P>Here's the output from my program: <FORM ACTION="/var/www/mydir/cgi-bin/test.cgi" METHOD=POST> </FORM> </P> </BODY> </HTML> The CGI doesn't get executed when I do: http://www.myhost.com/mydir/index.html The CGI file (test.cgi) simply looks like this: #!/usr/bin/perl -wT use CGI::Carp qw(fatalsToBrowser); print "Test cgi!\n"; What's the right way to do it?

    Read the article

  • [JavaScript] Global variables across multiple files

    - by Goro
    Hello, A bunch of my JavaScript code is in an external file called helpers.js. Inside the HTML that calls this JavaScript code I find myself in need of knowing if a certain function from helpers.js has been called. I have attempted to create a global variable by defining: var myFunctionTag = true; In global scope both in my HTML code and in helpers.js. Heres what my html code looks like: <html> ... <script type='text/javascript' src='js/helpers.js'></script> ... <script> var myFunctionTag = false; ... //I try to use myFunctionTag here but it is always false, even though it has been se t to 'true' in helpers.js </script> Is what I am trying to do even doable? Thanks,

    Read the article

  • Make Apache server available on a LAN via custom ServerName

    - by samwatt
    Hi, is it possible to set up an Apache server on a machine which is part of a LAN, then allow machines on the LAN to access the server via a custom ServerName (instead of Localhost). I want to serve a simple website in an office space using a short ServerName (no ports etc if possible), but I want to make sure this is possible (after originally being certain it was!). THanks in advance.

    Read the article

  • Error when pushing to Heroku - ...appear in group - Ruby on Rails

    - by bgadoci
    I am trying to deploy my first rails app to Heroku and seem to be having a problem. After git push heroku master, and heroku rake db:migrate I get an error saying: SELECT posts.*, count(*) as vote_total FROM "posts" INNER JOIN "votes" ON votes.post_id = posts.id GROUP BY votes.post_id ORDER BY created_at DESC LIMIT 5 OFFSET 0): I have included the full error below and also included the PostControll#index as it seems that is where I am doing the grouping. Lastly I included my routes.rb file. I am new to ruby, rails, and heroku so sorry for simple/obvious questions. Processing PostsController#index (for 99.7.50.140 at 2010-04-21 12:50:47) [GET] ActiveRecord::StatementInvalid (PGError: ERROR: column "posts.id" must appear in the GROUP BY clause or be used in an aggregate function : SELECT posts.*, count(*) as vote_total FROM "posts" INNER JOIN "votes" ON votes.post_id = posts.id GROUP BY votes.post_id ORDER BY created_at DESC LIMIT 5 OFFSET 0): vendor/gems/will_paginate-2.3.12/lib/will_paginate/finder.rb:82:in `send' vendor/gems/will_paginate-2.3.12/lib/will_paginate/finder.rb:82:in `paginate' vendor/gems/will_paginate-2.3.12/lib/will_paginate/collection.rb:87:in `create' vendor/gems/will_paginate-2.3.12/lib/will_paginate/finder.rb:76:in `paginate' app/controllers/posts_controller.rb:28:in `index' /home/heroku_rack/lib/static_assets.rb:9:in `call' /home/heroku_rack/lib/last_access.rb:25:in `call' /home/heroku_rack/lib/date_header.rb:14:in `call' thin (1.0.1) lib/thin/connection.rb:80:in `pre_process' thin (1.0.1) lib/thin/connection.rb:78:in `catch' thin (1.0.1) lib/thin/connection.rb:78:in `pre_process' thin (1.0.1) lib/thin/connection.rb:57:in `process' thin (1.0.1) lib/thin/connection.rb:42:in `receive_data' eventmachine (0.12.6) lib/eventmachine.rb:240:in `run_machine' eventmachine (0.12.6) lib/eventmachine.rb:240:in `run' thin (1.0.1) lib/thin/backends/base.rb:57:in `start' thin (1.0.1) lib/thin/server.rb:150:in `start' thin (1.0.1) lib/thin/controllers/controller.rb:80:in `start' thin (1.0.1) lib/thin/runner.rb:173:in `send' thin (1.0.1) lib/thin/runner.rb:173:in `run_command' thin (1.0.1) lib/thin/runner.rb:139:in `run!' thin (1.0.1) bin/thin:6 /usr/local/bin/thin:20:in `load' /usr/local/bin/thin:20 PostsController def index @tag_counts = Tag.count(:group => :tag_name, :order => 'count_all DESC', :limit => 20) conditions, joins = {}, :votes @ugtag_counts = Ugtag.count(:group => :ugctag_name, :order => 'count_all DESC', :limit => 20) conditions, joins = {}, :votes @vote_counts = Vote.count(:group => :post_title, :order => 'count_all DESC', :limit => 20) conditions, joins = {}, :votes unless(params[:tag_name] || "").empty? conditions = ["tags.tag_name = ? ", params[:tag_name]] joins = [:tags, :votes] end @posts=Post.paginate( :select => "posts.*, count(*) as vote_total", :joins => joins, :conditions=> conditions, :group => "votes.post_id", :order => "created_at DESC", :page => params[:page], :per_page => 5) @popular_posts=Post.paginate( :select => "posts.*, count(*) as vote_total", :joins => joins, :conditions=> conditions, :group => "votes.post_id", :order => "vote_total DESC", :page => params[:page], :per_page => 3) respond_to do |format| format.html # index.html.erb format.xml { render :xml => @posts } format.json { render :json => @posts } format.atom end end routes.rb ActionController::Routing::Routes.draw do |map| map.resources :ugtags map.resources :wysihat_files map.resources :users map.resources :votes map.resources :votes, :belongs_to => :user map.resources :tags, :belongs_to => :user map.resources :ugtags, :belongs_to => :user map.resources :posts, :collection => {:auto_complete_for_tag_tag_name => :get } map.resources :posts, :sessions map.resources :posts, :has_many => :comments map.resources :posts, :has_many => :tags map.resources :posts, :has_many => :ugtags map.resources :posts, :has_many => :votes map.resources :posts, :belongs_to => :user map.resources :tags, :collection => {:auto_complete_for_tag_tag_name => :get } map.resources :ugtags, :collection => {:auto_complete_for_ugtag_ugctag_name => :get } map.login 'login', :controller => 'sessions', :action => 'new' map.logout 'logout', :controller => 'sessions', :action => 'destroy' map.root :controller => "posts" map.connect ':controller/:action/:id' map.connect ':controller/:action/:id.:format' end UPDATE TO SHOW MODEL AND MIGRATION FOR POST class Post < ActiveRecord::Base has_attached_file :photo validates_presence_of :body, :title has_many :comments, :dependent => :destroy has_many :tags, :dependent => :destroy has_many :ugtags, :dependent => :destroy has_many :votes, :dependent => :destroy belongs_to :user after_create :self_vote def self_vote # I am assuming you have a user_id field in `posts` and `votes` table. self.votes.create(:user => self.user) end cattr_reader :per_page @@per_page = 10 end migrations for post class CreatePosts < ActiveRecord::Migration def self.up create_table :posts do |t| t.string :title t.text :body t.timestamps end end def self.down drop_table :posts end end _ class AddUserIdToPost < ActiveRecord::Migration def self.up add_column :posts, :user_id, :string end def self.down remove_column :posts, :user_id end end

    Read the article

  • Authlogic Current User Question - hiding admin links...

    - by bgadoci
    I think I am missing something while using the Authlogic gem w/ Rails. To set the stage I have multiple users and each user can create posts and comments. Upon the display of a post or comment I would like to give the user who created them the option to edit or destroy. I am successfully using the following code to hide and show elements based on if a user is logged in or not but can't seem to find out how to only show these links to the actual user who created them...not any user that is logged in. <% if current_user %> <%= link_to 'Edit', edit_question_path(question) %> | <%= link_to 'Destroy', question, :confirm => 'Are you sure?', :method => :delete %> <% else %> <p>nothing to see here</p> <% end %> Here is the def of current_user located in the application controller in case I need to change something here. class ApplicationController < ActionController::Base helper :all # include all helpers, all the time protect_from_forgery # See ActionController::RequestForgeryProtection for details# helper_method :current_user private def current_user_session return @current_user_session if defined?(@current_user_session) @current_user_session = UserSession.find end def current_user return @current_user if defined?(@current_user) @current_user = current_user_session && current_user_session.record end end

    Read the article

  • What are the CS fundamentals behind package/dependency management?

    - by Frep D-Oronge
    Often I hear about situations where companies are developing extensable in house software (the dreaded enterprise 'framework') which is supposed to support multiple 'plugins' from diffirent teams. Usually this ends up being a half baked solution that does not really work due to compatibility prolems between addins, or between addins and the framework itself. Usually this means QA have to 'rubber stamp' a global set of versions accross all plugins, or more usually plugins are released and stuff breaks in nasty ways. This problem has been solved before however, for example the package management systems like apt for debian linux. I suspect that the reason it works is that it is built from the start on a known 'Computer Science-y' concept. My question is what is it?

    Read the article

  • Enterprise ASP.NET MVC application architecture

    - by Ben
    I am still trying to figure out the right architecture for a complex ASP.NET MVC web application. I looked in a lot of example code and everywhere it's done differently. I would really appreciate your thoughts on this. Another Question: Would you use Linq to SQL or the Entity Framework? Thanks, -Ben

    Read the article

  • XNA 2D mouse picking

    - by Corndog
    I'm working on a simple 2D Real time strategy game using XNA. Right now I have reached the point where I need to be able to click on the sprite for a unit or building and be able to reference the object associated with that sprite. From the research I have done over the last three days I have found many references on how to do "Mouse picking" in 3D which does not seem to apply to my situation. I understand that another way to do this is to simply have an array of all "selectable" objects in the world and when the player clicks on a sprite it checks the mouse location against the locations of all the objects in the array. the problem I have with this approach is that it would become rather slow if the number of units and buildings grows to larger numbers. (it also does not seem very elegant) so what are some other ways I could do this. (Please note that I have also worked over the ideas of using a Hash table to associate the object with the sprite location, and using a 2 dimensional array where each location in the array represents one pixel in the world. once again they seem like rather clunky ways of doing things.)

    Read the article

  • Need tips for better usability for tabular data with pagination

    - by Anil Namde
    Hi all, Just another day i found myself writing code to show data on the UI. I am again using DataGrid/GridView (ASP.NET), User Id as link button (clickable) to redirect user to another page. User having hard time to find where to click(Though the link has underline and hand pointer as usual on hover) just another common table like structure Following are the columns for example, User ID (Link button), User Name, First Name, Last Name, Date Of Birth Now i would like to make it better form the usability point of view. Can someone suggest a good link, example or suggestions to make it better. Thanks all,

    Read the article

  • Application Context in Rails

    - by Sean McMains
    Rails comes with a handy session hash into which we can cram stuff to our heart's content. I would, however, like something like ASP's application context, which instead of sharing data only within a single session, will share it with all sessions in the same application. I'm writing a simple dashboard app, and would like to pull data every 5 minutes, rather than every 5 minutes for each session. I could, of course, store the cache update times in a database, but so far haven't needed to set up a database for this app, and would love to avoid that dependency if possible. So, is there any way to get (or simulate) this sort of thing? If there's no way to do it without a database, is there any kind of "fake" database engine that comes with Rails, runs in memory, but doesn't bother persisting data between restarts?

    Read the article

  • What should I check to know if I can send emails from my webapp?

    - by user248959
    I would like to know how I can send emails from my web app that I have hosted in a shared server. First of all I would like to know if I can, so my question is: what should I check? I heard that I should have a mail server in my hosting, so I tried telnet smtp.tirengarfio.com 465, but I get: telnet: could not resolve smtp.tirengarfio.com/465: Name or service not known tirengarfio.com is the domain where the webapp is hosted. What can I do?

    Read the article

  • Programming Technique: How to create a simple card game

    - by Shyam
    Hi, As I am learning the Ruby language, I am getting closer to actual programming. So I was thinking of creating a simple card game. My question isn't Ruby orientated, but I do know want to learn how to solve this problem with a genuine OOP approach. In my card game I want to have four players. Using a standard deck with 52 cards, no jokers/wildcards. In the game I won't use the Ace as a dual card, it is always the highest card. So, the programming problems I wonder about are the following: How can I sort/randomize the deck of cards? There are four types, each having 13 values. Eventually there can be only unique values, so picking random values could generate duplicates. How can I implement a simple AI? As there are tons of card games, someone would have figured this part out already, so references would be great. I am a truly Ruby nuby, and my goal here is to learn to solve problems, so pseudo code would be great, just to understand how to solve the problem programmatically. I apologize for my grammar and writing style if it's unclear, for it is not my native language. Also pointers to sites where such challenges are explained, would be a great resource! Thank you for your comments, answers and feedback!

    Read the article

  • [JavaScript] Continuous Progress Bar

    - by Goro
    Hello, I am trying to find the best option to create a simple progress bar that I need to be triggered periodically from within another JavaScript script. Every few minutes, a timer would cause the progress bar to start going from 0 to 100%. Once it reaches 100%, the bar would reset to 0. I am trying to implement a smooth animated version of the bar, like this one: http://www.webappers.com/progressBar/. (I tried adapting this particular one but I could not get it to work the way I described) I am looking into the jQuery UI ProgressBar: Is it possible to use it in the manner I have described? Thank you.

    Read the article

  • How to make a secure game in javascript ?

    - by rnaud
    Hello, I'm working on games using javascript some html and css, and I was wondering if there was any way to secure the game so that the user can't just call game.php?result=victory to finish the game and earn some point. As of right now here are the solution I have. For a chance game, start the page with the result already in place, win or loose, then just do some animations to show it, but all the score and win/loose stuff is done server-side. For a battle game, just get the action from the javascript call, and do the damage calculation, reaction of the oponent on the server and just send back the data. but the last solution imply that I will have to send actions each time the user do anything. This might work for a turn by turn battle game, but I think it would be to slow for any other kind of game. So my question is, is there some kind of secure way I can prep my javascript to secure the infomation sent.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 228 229 230 231 232 233 234 235 236 237 238 239  | Next Page >