Search Results

Search found 42993 results on 1720 pages for 'static method'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 232/1720 | < Previous Page | 228 229 230 231 232 233 234 235 236 237 238 239  | Next Page >

  • What are the weaknesses of this user authentication method?

    - by byronh
    I'm developing my own PHP framework. It seems all the security articles I have read use vastly different methods for user authentication than I do so I could use some help in finding security holes. Some information that might be useful before I start. I use mod_rewrite for my MVC url's. Passwords are sha1 and md5 encrypted with 24 character salt unique to each user. mysql_real_escape_string and/or variable typecasting on everything going in, and htmlspecialchars on everything coming out. Step-by step process: Top of every page: session_start(); session_regenerate_id(); If user logs in via login form, generate new random token to put in user's MySQL row. Hash is generated based on user's salt (from when they first registered) and the new token. Store the hash and plaintext username in session variables, and duplicate in cookies if 'Remember me' is checked. On every page, check for cookies. If cookies set, copy their values into session variables. Then compare $_SESSION['name'] and $_SESSION['hash'] against MySQL database. Destroy all cookies and session variables if they don't match so they have to log in again. If login is valid, some of the user's information from the MySQL database is stored in an array for easy access. So far, I've assumed that this array is clean so when limiting user access I refer to user.rank and deny access if it's below what's required for that page. I've tried to test all the common attacks like XSS and CSRF, but maybe I'm just not good enough at hacking my own site! My system seems way too simple for it to actually be secure (the security code is only 100 lines long). What am I missing? I've also spent alot of time searching for the vulnerabilities with mysql_real_escape string but I haven't found any information that is up-to-date (everything is from several years ago at least and has apparently been fixed). All I know is that the problem was something to do with encoding. If that problem still exists today, how can I avoid it? Any help will be much appreciated.

    Read the article

  • What is the simplest method to fill the area under a geom_freqpoly line?

    - by mattrepl
    The x-axis is time broken up into time intervals. There is an interval column in the data frame that specifies the time for each row. The column is a factor, where each interval is a different factor level. Plotting a histogram or line using geom_histogram and geom_freqpoly works great, but I'd like to have a line, like that provided by geom_freqpoly, with the area filled. Currently I'm using geom_freqpoly like this: ggplot(quake.data, aes(interval, fill=tweet.type)) + geom_freqpoly(aes(group = tweet.type, colour = tweet.type)) + opts(axis.text.x=theme_text(angle=-60, hjust=0, size = 6)) I would prefer to have a filled area, such as provided by geom_density, but without smoothing the line: UPDATE: The geom_area has been suggested, is there any way to use a ggplot2-generated statistic, such as ..count.., for the geom_area's y-values? Or, does the count aggregation need to occur prior to using ggplot2?

    Read the article

  • What does Method = "put document: 12.0.0.4518" means?

    - by Pari
    Hi All, I was trying to upload large size file on Sharepoint. And got following code sample (i.e FrontPage RPC (Remote Procedure Calls)) I am not getting use of "put document: 12.0.0.4518" and "string serviceName = "http://servername/sitename/_vti_bin/_vti_aut/author.dll";". I have worked on code but it is showing " Response time Out" error. But since i can't understand the code.It is not possible for me to solve this or any future problem.

    Read the article

  • Can I get rid of this read lock?

    - by Pieter
    I have the following helper class (simplified): public static class Cache { private static readonly object _syncRoot = new object(); private static Dictionary<Type, string> _lookup = new Dictionary<Type, string>(); public static void Add(Type type, string value) { lock (_syncRoot) { _lookup.Add(type, value); } } public static string Lookup(Type type) { string result; lock (_syncRoot) { _lookup.TryGetValue(type, out result); } return result; } } Add will be called roughly 10/100 times in the application and Lookup will be called by many threads, many of thousands of times. What I would like is to get rid of the read lock. How do you normally get rid of the read lock in this situation? I have the following ideas: Require that _lookup is stable before the application starts operation. The could be build up from an Attribute. This is done automatically through the static constructor the attribute is assigned to. Requiring the above would require me to go through all types that could have the attribute and calling RuntimeHelpers.RunClassConstructor which is an expensive operation; Move to COW semantics. public static void Add(Type type, string value) { lock (_syncRoot) { var lookup = new Dictionary<Type, string>(_lookup); lookup.Add(type, value); _lookup = lookup; } } (With the lock (_syncRoot) removed in the Lookup method.) The problem with this is that this uses an unnecessary amount of memory (which might not be a problem) and I would probably make _lookup volatile, but I'm not sure how this should be applied. (John Skeets' comment here gives me pause.) Using ReaderWriterLock. I believe this would make things worse since the region being locked is small. Suggestions are very welcome.

    Read the article

  • How to convert a .NET WebService-Method-Result (Soap) into its original datatype?

    - by Marc
    Hello everyone. I have two "identical" webservices (Soap) on two different servers. Don't ask why :-) WebService-1 decides if it handels the request itself or if it passes the request to WebService-2. If so, the response of WebService-2 should directly be returned from WebService-1. The response datatype is complex and self defined. With simple datatypes like 'int or 'string' there would be no problem. The response of WebService-2 is a serialized object (I think it is called "stubs") and theredore it is not possibel to pass this object through as the response of WebService-1 because the type of the objects doesn't match. Is there a simple way to convert the serialised datatype into its original type without buiding a complex converter?

    Read the article

  • Why "Finalize method should not reference any other objects" ?

    - by mishal153
    I have been pondering why it is recommended that we should not release managed resources inside finalize. If you see the code example at http://msdn.microsoft.com/en-us/library/system.gc.suppressfinalize.aspx , and search for string "Dispose(bool disposing) executes in two distinct scenarios" and read that comment, you will understand what I mean. Only possibility I can think of is that it probably has something to do with the fact that it is not possible to predict when finalizer will get called. Does anyone know the right answer ? thanks, mishal

    Read the article

  • Why can I call a non-const member function pointer from a const method?

    - by sdg
    A co-worker asked about some code like this that originally had templates in it. I have removed the templates, but the core question remains: why does this compile OK? #include <iostream> class X { public: void foo() { std::cout << "Here\n"; } }; typedef void (X::*XFUNC)() ; class CX { public: explicit CX(X& t, XFUNC xF) : object(t), F(xF) {} void execute() const { (object.*F)(); } private: X& object; XFUNC F; }; int main(int argc, char* argv[]) { X x; const CX cx(x,&X::foo); cx.execute(); return 0; } Given that CX is a const object, and its member function execute is const, therefore inside CX::execute the this pointer is const. But I am able to call a non-const member function through a member function pointer. Are member function pointers a documented hole in the const-ness of the world? What (presumably obvious to others) issue have we missed?

    Read the article

  • java singleton instantiation

    - by jurchiks
    I've found three ways of instantiating a Singleton, but I have doubts as to whether any of them is the best there is. I'm using them in a multi-threaded environment and prefer lazy instantiation. Sample 1: private static final ClassName INSTANCE = new ClassName(); public static ClassName getInstance() { return INSTANCE; } Sample 2: private static class SingletonHolder { public static final ClassName INSTANCE = new ClassName(); } public static ClassName getInstance() { return SingletonHolder.INSTANCE; } Sample 3: private static ClassName INSTANCE; public static synchronized ClassName getInstance() { if (INSTANCE == null) INSTANCE = new ClassName(); return INSTANCE; } The project I'm using ATM uses Sample 2 everywhere, but I kind of like Sample 3 more. There is also the Enum version, but I just don't get it. The question here is - in which cases I should/shouldn't use any of these variations? I'm not looking for lengthy explanations though (there's plenty of other topics about that, but they all eventually turn into arguing IMO), I'd like it to be understandable with few words.

    Read the article

  • Checking status after wait()

    - by Helper Method
    After creating a child process and exiting it immediately (_exit()), I want to perform a wait and check the status. Now I wonder if in the 'else' branch of the if/else construct I also need to check for WIFSIGNALED. As far as I understand, if I perform a wait, a) an error could have occured (-1), the child could have terminated normally by an (exit() or _exit()), or it could have been terminated by a signal, so the check could be omitted, right? //remainder omitted int status; pid_t t_pid = wait(&status); if (t_pid == -1) { perror("wait"); exit(EXIT_FAILURE); } if (WIFEXITED(status)) { printf("child terminated normally, status = %d\n", WEXITSTATUS(status) ); } else { // <-- do it have to check for WIFSIGNALED() here? printf("child was terminated by a signal, signum = %d\n", WTERMSIG(status) ); }

    Read the article

  • Why i am getting NullPointerException for this btree method??

    - by user306540
    hi, i am writing code for btree algorithms. i am getting NullPointerException . why???? please somebody help me...! public void insertNonFull(BPlusNode root,BPlusNode parent,String key) { int i=0; BPlusNode child=new BPlusNode(); BPlusNode node=parent; while(true) { i=node.numKeys-1; if(node.leaf) { while(i>=0 && key.compareTo(node.keys[i])<0) { node.keys[i+1]=node.keys[i]; i--; } node.keys[i+1]=key; node.numKeys=node.numKeys+1; } else { while(i>=0 && key.compareTo(node.keys[i])<0) { i--; } } i++; child=node.pointers[i]; if(child!=null && child.numKeys==7) { splitChild(root,node,i,child); if(key.compareTo(node.keys[i])>0) { i++; } } node=node.pointers[i]; } }

    Read the article

  • What is a good method to use with multithreading to simulate this?

    - by user1504257
    I am writing a program in c++ in visual studio to be able to handle a line at a park. I have all of my customers in a line at the park and I want to be able to service them using multithreading with openmp. When I put the pragma and such in, I have multiple threads servicing the same customer at the same time for each and every customer I create, not what I want. I want for example, if I had two threads and four customers, that thread one to do customer one while thread 2 does customer 2. Then I would like thread 1 to do customer 3 and thread 2 customer 4 at the same time. I don't know if its possible or if there is a better way, but I need to use openmp. Thanks for your input.

    Read the article

  • ASP.NET MVC security: how to check if a controller method is allowed to execute under current user's

    - by Gart
    Given an ASP.NET MVC Controller class declaration: public class ItemController : Controller { public ActionResult Index() { // ... } public ActionResult Details() { // ... } [Authorize(Roles="Admin, Editor")] public ActionResult Edit() { // ... } [Authorized(Roles="Admin")] public ActionResult Delete() { // .. } } I need to reflect a list of methods in this class which may be invoked with the current user's permissions. Please share some ideas of what could be done in this case.

    Read the article

  • "Thread-Safe Calls" with "Invoke" method to Winform control leads very heavy memory leak!!

    - by konnychen
    In the following link: "Make Thread-Safe Calls to Windows Forms Controls http://msdn.microsoft.com/en-us/library/ms171728.aspx" We can see an example which provide cross tread access to a winform control. But if the thread is in a while loop, it will cause the heavy memory leak. As I use taskmanage I can see the memory is increasing. Can anyone help me to solve the problem? oThread2 = new Thread(new ThreadStart(Cyclic_Call)); oThread2.Start(); delegate void SetText_lab_Statubar(string text); private void m_SetText_lab_Statubar(string text) { if (this.lab_Statubar.InvokeRequired) { SetText_lab_Statubar d = new SetText_lab_Statubar(m_SetText_lab_Statubar); this.Invoke(d, new object[] { text }); } else { this.lab_Statubar.Text = text; } } private void Cyclic_Call() { do { this.m_SetText_lab_Statubar("This string is set from thread"); Thread.Sleep(100); } while (!b_AbortThraed); }

    Read the article

  • Will this class cause memory leaks, and does it need a dispose method? (asp.net vb)

    - by Phil
    Here is the class to export a gridview to an excel sheet: Imports System Imports System.Data Imports System.Configuration Imports System.IO Imports System.Web Imports System.Web.Security Imports System.Web.UI Imports System.Web.UI.WebControls Imports System.Web.UI.WebControls.WebParts Imports System.Web.UI.HtmlControls Namespace ExcelExport Public NotInheritable Class GVExportUtil Private Sub New() End Sub Public Shared Sub Export(ByVal fileName As String, ByVal gv As GridView) HttpContext.Current.Response.Clear() HttpContext.Current.Response.AddHeader("content-disposition", String.Format("attachment; filename={0}", fileName)) HttpContext.Current.Response.ContentType = "application/ms-excel" Dim sw As StringWriter = New StringWriter Dim htw As HtmlTextWriter = New HtmlTextWriter(sw) Dim table As Table = New Table table.GridLines = GridLines.Vertical If (Not (gv.HeaderRow) Is Nothing) Then GVExportUtil.PrepareControlForExport(gv.HeaderRow) table.Rows.Add(gv.HeaderRow) End If For Each row As GridViewRow In gv.Rows GVExportUtil.PrepareControlForExport(row) table.Rows.Add(row) Next If (Not (gv.FooterRow) Is Nothing) Then GVExportUtil.PrepareControlForExport(gv.FooterRow) table.Rows.Add(gv.FooterRow) End If table.RenderControl(htw) HttpContext.Current.Response.Write(sw.ToString) HttpContext.Current.Response.End() End Sub Private Shared Sub PrepareControlForExport(ByVal control As Control) Dim i As Integer = 0 Do While (i < control.Controls.Count) Dim current As Control = control.Controls(i) If (TypeOf current Is LinkButton) Then control.Controls.Remove(current) control.Controls.AddAt(i, New LiteralControl(CType(current, LinkButton).Text)) ElseIf (TypeOf current Is ImageButton) Then control.Controls.Remove(current) control.Controls.AddAt(i, New LiteralControl(CType(current, ImageButton).AlternateText)) ElseIf (TypeOf current Is HyperLink) Then control.Controls.Remove(current) control.Controls.AddAt(i, New LiteralControl(CType(current, HyperLink).Text)) ElseIf (TypeOf current Is DropDownList) Then control.Controls.Remove(current) control.Controls.AddAt(i, New LiteralControl(CType(current, DropDownList).SelectedItem.Text)) ElseIf (TypeOf current Is CheckBox) Then control.Controls.Remove(current) control.Controls.AddAt(i, New LiteralControl(CType(current, CheckBox).Checked)) End If If current.HasControls Then GVExportUtil.PrepareControlForExport(current) End If i = (i + 1) Loop End Sub End Class End Namespace Will this class cause memory leaks? And does anything here need to be disposed of? The code is working but I am getting frequent crashes of the app pool when it is in use. Thanks.

    Read the article

  • What is a good automated data import method for SQL Server?

    - by Joel Potter
    I'm in the process of porting some SQL Server 2005 databases to SQL Server 2008. One of these databases has an associated import application (Windows task) which uses SSIS with a DTS package to import a large dataset from an MS Access database nightly. In upgrading to SQL Server 2008, I discovered that I can't run the same console application which has been performing the imports due to the missing manageddts DLL in SQL Server 2008. It's several years old and in need of a rewrite for various reason, plus, I've been fairly unhappy with DTS in general. The original reason DTS was chosen was for speed (5 min import time compared to 30+ for ADO.NET). The format of the data to import is out of my control (the client likes Access). I would also like to be able to run the import from a machine completely separate from the server hosting SQL Server and preferably with minimal SQL features installed. Options I've considered: Creating an Access application to connect to both databases (SQL Server and Access) and perform the import (Ugh!) Revisiting ADO.NET to see if the original implementation was poorly written. Updated SSIS packages. What other technologies should I be considering for this job?

    Read the article

  • Is there a Java method that encodes a collection of parameters as a URL query component?

    - by Steven Huwig
    Is there a widely-used Java library that does something like what dojo.objectToQuery() does? E.g. (assuming the use of HttpCore's HttpParams object, but any key-value mapping will do): HttpParams params = new BasicHttpParams() .setParameter("foo", "bar") .setParameter("thud", "grunt"); UnknownLibrary.toQueryString(params); should yield "foo=bar&thud=grunt". I know it's not hard to write but it seems like it should have already been written. I just can't find it.

    Read the article

  • Is there an encoding method that is mutual to flash and php?

    - by Gus
    I'm base64 encoding a JPG in AS3 and passing it to PHP where it would be decoded. It appears that AS3's encodeToBase64String() function and and PHP's base64_decode() function do not use the same algorithm. Is there a library or API for either language that would allow it to interface with the other? Alternatively, does anyone even know what PHP's default base64 map is? My Google searching is not yielding results.

    Read the article

  • Can AutoMapper call a method on destination for each member of collection on source?

    - by YonahW
    I have two classes as below. public class Destination { public Destination() { _StringCollection = new List<String>(); } private ICollection<String> _StringCollection; public IEnumerable<String> StringCollection { get { return _StringCollection.AsEnumerable<String>(); } } public void AddString(string str) { _StringCollection.Add(str); } } public class Source { public List<String> StringCollection { get; set; } } I would like to map that for each member of source call AddString(member) on Destination. I thought that maybe I could do something with a custom resolver but can't seem to figure out how.

    Read the article

  • Is it bad practice to have a long initialization method?

    - by Paperflyer
    many people have argued about function size. They say that functions in general should be pretty short. Opinions vary from something like 15 lines to "about one screen", which today is probably about 40-80 lines. Also, functions should always fulfill one task only. However, there is one kind of function that frequently fails in both criteria in my code: initialization functions. For example in an audio application, the audio hardware/API has to be set up, audio data has to be converted to a suitable format and the object state has to properly initialized. These are clearly three different tasks and depending on the API this can easily span more than 50 lines. The thing with init-functions is that they are generally only called once, so there is no need to re-use any of the components. Would you still break them up into several smaller functions would you consider big initialization functions to be ok?

    Read the article

  • JavaFX - reduce() function to show how to pass functions as parameters

    - by Helper Method
    At the moment I'm writing a JavaFX guide for Java developers. In order to show how to pass a function to another funtion i adopted the reduce() function found in Effective Java: function reduce(seq: Integer[], f: function(: Integer, : Integer): Integer, init: Integer) { var result = init; for (i in seq) { result = f(i, result); } result } def nums = [1 .. 10]; println(reduce(nums, function(a: Integer, b: Integer) { a + b }, 0)); // prints 55 println(reduce(nums, function(a: Integer, b: Integer) { a * b }, 0)); // prints 3628800 Now I wonder if this example is not to hard for someone starting to learn JavaFX. The tutorial is targeted to programmers with a solid understanding of Java, yet I'm not quite sure about the usefulness of the example. Any ideas?

    Read the article

  • Best method to cleanly shut down an application launched via another.

    - by JYelton
    I couldn't find any close answers to this, so I'm consulting the experience of SO users: Scenario: I have two small C# winforms applications where one behaves as a server or host, the other as a client. They share data via SQL Server, in terms of configuration settings. I am currently launching the client application (which only needs to run periodically) from the server application via Process.Start() and terminating it via Process.CloseMainWindow() (after finding it in the process list). While it seems clean enough, I wondered if there's a better way. Question: Which way would be best to instruct the client application to shut down: Continue using Process.CloseMainWindow()? Implement WCF between the applications? (I would need help on how to do this.) Set a variable in SQL that the client application checks for? Some other way?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 228 229 230 231 232 233 234 235 236 237 238 239  | Next Page >