Search Results

Search found 8253 results on 331 pages for 'secure coding'.

Page 233/331 | < Previous Page | 229 230 231 232 233 234 235 236 237 238 239 240  | Next Page >

• Should I use "id" or "unique username"?

  - by roa3

  I am using PHP, AS3 and mysql. I have a website. A flash(as3) website. The flash website store the members' information in mysql database through php. In "members" table, i have "id" as the primary key and "username" as a unique field. Now my situation is: When flash want to display a member's profile. My questions: Should Flash pass the member "ID" or "username" to php to process the mysql query? Is there any different passing the "id" or "username"? Which one is more secure? Which one you recommend? I would like to optimize my website in terms of security and performance.

  Read the article

• How to double the size of 8x8 Grid whilst keeping the relative position of certain tiles intact?

  - by ke3pup

  Hi guys I have grid size of size 8x8 , total of 64 Tiles. i'm using this Grid to implement java search algorithms such as BFS and DFS. The Grid has given forbidden Tiles (meaning they can't be traversed or be neighbour of any other tile) and Goal and Start tile. for example Tile 19,20,21,22 and 35, 39 are forbidden and 14 an 43 are the Goal and start node when the program runs. My question is , How can i double the size of the grid, to 16x16 whilst keeping the Relative position of forbidden tiles as well as the Relative position of start and goal Tiles intact? On paper i know i can do this by adding 4 rows and columns to all size but in coding terms i don't know how to make it work? Can someone please give any sort of hints?

  Read the article

• Best way to implement symfony admin components

  - by Chris T

  I am coding a backend in symfony using the sfThemePlugin (part of sympal). The dashboard should allow for new "admin plugins" to be added fairly easily. What I'd like is to have a config.yml config like this: sf_easy_admin_plugin: enabled_admin_dashboard_plugins: [Twitter, QuickBlogPost, QuickConfig] and when these are set it includes the correct components into the template. I'd like to have each one be in it's own plugin (sfTwitterEasyAdminModule, sfQuickBlogPostEasyAdminModule) or have them all bundled in one (sfEasyAdminModules). Is there anyway to accomplish this? As far I know symfonys include_component() only let's you include components from the current module and not from other plugins. Each "component" or admin plugin should render an icon for the dashboard and a html form that will be hidden until the user clicks the icon.

  Read the article

• Implementation Details as a "Document" ( In generic terms) - Python, C++

  - by mgj

  Hi..:) For documentation and presentation purposes, we often find professionals/students creating SRS, coding guidelines etc. for these things there is some kind of a checklist which one could use to appropriately match what could relate to a specific case and accordingly one does a documentation for each. On those grounds could you please give me some sort of a checklist( any points/guidelines) one could use for going about Implementation( in the form of Implementation Details) in Python and C++ . Although this might sound specific as the query is "Implementation Details" and is different for different cases as one goes about the REAL implementation, I just want a SET of guidelines one should follow ( Preferably In Python, C++ specific, even for any other language is Welcome) if this( Implementation Details ) has to also be documented or presented. Hope the question is clear, I am sorry if it still sounds ambiguous, I guess this is the best I could do to frame my query. Thank you for your time...:)

  Read the article

• Using Forms authentication with remote auth system?

  - by chobo

  I am working on a website that uses a remote websites database to check for authentication (they are both share some database tables, but are separate website...) Right now I check the username and password against the remote websites account / member table, if there is a match I create a session. Questions: Is this secure? On authenticated pages I just check if a session of a specific type exists.Is it possible for someone to create an empty session or something that could bypass this? Is it possible to use Forms authentication with this setup? Right now if a user is authenticated I just get an object back with the username, email and id.

  Read the article

• PHP Security checklist (injection, sessions etc)

  - by NoviceCoding

  So what kind of things should a person using PHP and MySql be focused on to maximize security. Things I have done: -mysql_real_escape_string all inputs -validate all inputs after escaping em -Placed random alpha numerics before my table names -50character salt + Ripemd passwords Heres where I think I am slacking: -I know know nothing about sessions and securing them. How unsafe/safe is it if all you are doing is: session_start(); $_SESSION['login']= $login; and checking it with: session_start(); if(isset($_SESSION['login'])){ -I heard something about other forms of injection like cross site injection and what not... -And probably many other things I dont know about. Is there a "checklist"/Quicktut on making php secure? I dont even know what I should be worried about.I kinda regret now not building off cakephp since I am not a pro.

  Read the article

• Are there any good books on writing commercial quality software?

  - by Andy

  Hey, My background has been generally new technology demonstrators, which, well... demonstrate the latest technology and how it can be of use to a clients company. They use it for internal demos etc. Now my career has shiffed course a bit more into actual products, in particular software which runs in locations like museums as interactive pieces. Clearly, although the technology demonstrators had to be well coded etc, there wasn't as much emphasis as there is on my current work, which has to work, be highly configurable, probably multi-ligual and run constantly, without restarts. So my question is, now that I'm trying to up my coding quality and write more commercial applications, are there any books which discuss issues surrounding high quality commercial software? I currently have a copy of Code Complete 2nd Edition, which is excellent, but just wondering if there's any better, possibly more focused titles out there? Thanks a lot! Andy.

  Read the article

• Is there a semantic difference <span>'s and <div>'s?

  - by DavidR

  I know when coding HTML, I'm supposed to keep semantics in mind, e.g., h1 needs to be a main header, h2 needs to be a subheader, tables need to be tables, use <em> for emphasis instead of <i>, etc. Is there a proper difference between divs and spans except one is a block and the other is in-line? When I was learning I was told that <span>'s were for styling text mid-line. If I had a small blurb of text that I needed positioned at a certain point in my webpage, one that doesn't warrent a <p> tag, would I use a span should I stick with div's? What if that text needs to cover two lines (i.e., it needs a width) if it contains nothing but text, what should I use?

  Read the article

• Problem with session based login after moving relevent files to site root

  - by YsoL8

  Hello I have a site which I have been testing in a sub-folder of my clients site-root. I had no log in problems during testing, but then I moved the new site files from a sub-directory to the main site root, and now I'm losing my logged in state after almost every page refresh in secure areas. I am running a $_session based login system that refreshes the session id on every page load, with a comparison value stored in the MySQL database. Does anyone have suggestions for what could be causing this problem?

  Read the article

• What is a good practice for handling SQL connections within a WCF call?

  - by Rising Star

  Suppose I want to create a (stateless) WCF service with three methods exposed on an endpoint: performSqlOperationA(), performSqlOperationB(), and performSqlOperationC(). Each method inserts data into a SQL database. The way I've seen things done at my office, each method would begin with code to initialize a SqlConnection object. Each method would end with code to safely dispose it. What is a good practice for coding these WCF methods so that the SqlConnection object is initialized and disposed in each method without having to do these things in each method? I know that I can have the connection initialized in the constructor for the class for the WCF methods, but I don't know about disposing it... The calls cannot be wrapped in a using block. One solution I'm familiar with is PostSharp, which allows me to set an attribute which causes specific code to automatically run at the beginning and end of each method call, but it would be greatly preferable to do this with only the .net framework.

  Read the article

• Why is 'virtual' optional for overridden methods in derived classes?

  - by squelart

  When a method is declared as virtual in a class, its overrides in derived classes are automatically considered virtual as well, and the C++ language makes this keyword virtual optional in this case: class Base { virtual void f(); }; class Derived : public Base { void f(); // 'virtual' is optional but implied. }; My question is: What is the rationale for making virtual optional? I know that it is not absolutely necessary for the compiler to be told that, but I would think that developers would benefit if such a constraint was enforced by the compiler. E.g., sometimes when I read others' code I wonder if a method is virtual and I have to track down its superclasses to determine that. And some coding standards (Google) make it a 'must' to put the virtual keyword in all subclasses.

  Read the article

• How to structure web application with part of it being secured (SSL)

  - by spirytus

  What is the common pattern to structure web application where part of it has to be secured. So lets say I have page_a and page_b which do not need to be secured, although should display login information (login fields or login details once user logged in). This web app. also would have secured pages (admin, checkout or similar) secure_page_c and secure_page_d. My questions are: What is the common folder structure for such assuming I code in php with no frameworks? Also how shall I deal with session variables in case user navigates lets say from secure_page_b to non secure page_a or vice versa? What else might be a problem and should be considered when coding that kind of app in php? Thank you all for any suggestions

  Read the article

• wxpython : button covers all in the frame

  - by Prakash

  Below is my code: #!/usr/bin/python # -*- coding: utf-8 -*- import wx class Example(wx.Frame): def __init__(self): #super(Example, self).__init__(parent, title=title, size=(300, 200)) wx.Frame.__init__(self, None, wx.ID_ANY, 'wxButton', pos=(300, 150), size=(320, 250)) self.button1 = wx.Button(self, id=-1, label='Button1', pos=(8, 8), size=(10, 20)) self.button1.Bind(wx.EVT_BUTTON, self.button1Click) self.Centre() self.Show() def button1Click(self,event): #self.button1.Hide() self.SetTitle("Button1 clicked") if __name__ == '__main__': app = wx.App() Example() app.MainLoop() Actually I am expecting the button1 on the frame to have a look like a button - a bit raised and be placed in center of frame - but it is just expanding to the full frame. Also text Button1 looks like a text which does not has a button look like feeling? What wrong am I doing?

  Read the article

• Securing an ajax request

  - by asdasdsa

  i have a website that uses session cookies for security. it works fine and all, but any ajax requests right now are not secure. example being lets say a user is on a page. they can only get to this page if they are logged in with a session - so far so good. but now the ajax request they ask for is ajaxpages/somepage.php?somevar=something&anothervar=something if any other user decides to just go to that link themselves (without a session) they still get the same ajax output that was meant for logged in people. so obviously im going to have to pass session data across when i send an ajax request. anyone have any tips for the best way of doing this? ive never done this before and would rather use trusted methods than make up my own.

  Read the article

• servlet stops working with tomcat server after some hits or time

  - by nekin

  hi all i have very strange issue with some of my servlet. below is my configuration Folder A is having X number os servelet deployed in tomcat directory Folder B is having Y number of servelet deployed in tomcat directory. now after certain amount of time or hits to any of the servelet in Folder B is stops working properly, whereas at same time All servelet of Folder A works fine i am not able to trace where i am doing mistake all coding for both folder's servelet is same only difference is they are with different dB, but it is very simple read only operation with dB though. any idea ? thks

  Read the article

• Is it inefficient to access a python class member container in a loop statement?

  - by Dave

  Hi there. I'm trying to adopt some best practices to keep my python code efficient. I've heard that accessing a member variable inside of a loop can incur a dictionary lookup for every iteration of the loop, so I cache these in local variables to use inside the loop. My question is about the loop statement itself... if I have the following class: class A(object): def init(self) self.myList = [ 'a','b','c', 'd', 'e' ] Does the following code in a member function incur one, or one-per-loop-iteration (5) dictionary lookups? for letter in self.myList: print letter IE, should I adopt the following pattern, if I am concerned about efficiency... localList = self.myList for letter in localList: print letter or is that actually LESS efficient due to the local variable assign? Note, I am aware that early optimization is a dangerous pitfall if I'm concerned about the overall efficiency of code development. Here I am specifically asking about the efficiency of the code, not the coding. Thanks in advance! D

  Read the article

• How to add authentication property for login to directory path when running batch file in WCF?

  - by blankon91

  I have class in my WCF service to execute batch file. when I test to run the batch file in shared directory, everything is fine, the batch was executed, but when I try to run the batch file from secure diretory, I get error "ACCESS DENIED". How to add login property so I can access my secured directory to execute my batch file? here is my code: public string ExecuteBat() { string hasil = ""; ProcessStartInfo processInfo = new ProcessStartInfo(@"D:\Rpts\SSIS_WeeklyFlash_AAF_1.bat"); processInfo.CreateNoWindow = true; processInfo.UseShellExecute = false; Process process = Process.Start(processInfo); process.WaitForExit(); if (process.ExitCode == 0) { hasil = "BAT EXECUTED!"; } else { hasil = "EXECUTE BAT FAILED"; } return hasil; }

  Read the article

• Do you leave Windows Automatic Updates enabled on your production IIS server?

  - by Nobody

  If you were running a 24/7 website on Windows Server 2003 (IIS6). Would you leave the Windows automatic update feature enabled or would you turn it off? When enabled, you always get the latest security patches and bug fixes automatically as soon as they're available, which is the most secure choice. However, the machine will sometimes get automatically rebooted to apply the updates leading to a couple of minutes of downtime in the middle of the night. Also, I've seen rare occasions where the machine does not restart correctly resulting in further downtime. If auto updates are off, when do you apply the patches? I guess you have to use a load balancer with multiple web servers and rotate them out of the production site, apply patches manually, and put them back in. This can be logistically inconvenient when the load balancer is managed by a hosting company. You will also have machines in production that don't always have the latest security patches and you have to routinely spend time deciding which patches to apply and when.

  Read the article

• Advantages of using WCF to work with Sharepoint Services WSS3.0?

  - by val

  Hi folks, what is your opinion or better off your practical experience using WCF to work with WSS instead of SP web services? I am writing some custom library for our software to store and retrieve files from WSS document libraries using sharepoint web services. I am not entirely happy with the performance of the sp web services - a bit too slow in many cases. Now, microsoft claims a significant improvements in WCF over remoting and I am looking into a good way to use WCF for my file services. Any suggestions or ideas? Maybe a good source of coding practices or blogs? Thanks a lot, Val

  Read the article

• 'Advanced' Console Application

  - by keynesiancross

  Hi all, I'm not sure if this question has been answered elsewhere and I can't seem to find anything through google that isn't a "Hello World" example... I'm coding in C# .NET 4.0. I'm trying to develop a console application that will open, display text, and then wait for the user to input commands, where the commands will run particular business logic. For example: If the user opens the application and types "help", I want to display a number of statements etc etc. I'm not sure how to code the 'event handler' for user input though. Hopefully this makes sense. Any help would be much appreciated! Cheers.

  Read the article

• Programmatic binding of accelerators in wxPython

  - by Inductiveload

  I am trying to programmatically create and bind a table of accelerators in wxPython in a loop so that I don't need to worry about getting and assigning new IDs to each accelerators (and with a view to inhaling the handler list from some external resource, rather than hard-coding them). I also pass in some arguments to the handler via a lambda since a lot of my handlers will be the same but with different parameters (move, zoom, etc). The class is subclassed from wx.Frame and setup_accelerators() is called during initialisation. def setup_accelerators(self): bindings = [ (wx.ACCEL_CTRL, wx.WXK_UP, self.on_move, 'up'), (wx.ACCEL_CTRL, wx.WXK_DOWN, self.on_move, 'down'), (wx.ACCEL_CTRL, wx.WXK_LEFT, self.on_move, 'left'), (wx.ACCEL_CTRL, wx.WXK_RIGHT, self.on_move, 'right'), ] accelEntries = [] for binding in bindings: eventId = wx.NewId() accelEntries.append( (binding[0], binding[1], eventId) ) self.Bind(wx.EVT_MENU, lambda event: binding[2](event, binding[3]), id=eventId) accelTable = wx.AcceleratorTable(accelEntries) self.SetAcceleratorTable(accelTable) def on_move(self, e, direction): print direction However, this appears to bind all the accelerators to the last entry, so that Ctrl+Up prints "right", as do all the other three. How to correctly bind multiple handlers in this way?

  Read the article

• How to securely stream video from amazon S3

  - by JP.

  I have couple of copyright videos available on my S3 buckets. I want to stream them on my website, but at the same time. I don't want the users to rip the video from the video player. I tried to google about it but still i am not confident on this, coz i do not know the intricacies of options available like Server Side encryption None/ AES-256 2) A very interesting option is under Metadata tab - It shows couple of keys & Values. How can i use them to secure my video content? 3) Add more meta data and related options?

  Read the article

• How to implement B+ Tree for file systems ?

  - by user312544

  I have a text file which contains some info on extents about all the files in the file system, like below C:\Program Files\abcd.txt 12345 100 23456 200 C:\Program Files\bcde.txt 56789 50 26746 300 ... Now i have another binary which tries to find out about extents for all the files. Now currently i am using linear search to find extent info for the files in the above mentioned text file. This is a time consuming process. Is there a better way of coding this ? Like Implementing any good data structure like BTree. If B+ Tree is used what is the key, branch factor i need to use ?

  Read the article

• Three Java classes: point out all the issues you can find!

  - by Sicarius

  I wrote three classes for a colleague of mine (I'm new at this job). They compile just fine, but he tells me there are "defects, bugs, and style problems." He wants me to print the files out and mark the problems such as the standard coding conventions, best practices, format, design, and logic. I wrote this code when I was extremely tired and I plan to rewrite it completely. My mistake was showing to it before looking it over myself again. However, he still wants me to do the markings on paper. Any input is greatly appreciated! The three Java classes ['Station.java', 'ParserInt.java', 'ParserException.java'] are uploaded here: http://www.megaupload.com/?d=N2CUVSV2

  Read the article

• @Secured not working

  - by user3640507

  I am new to spring and trying to implement Role based authorization with the help of @Secured annotation. I have a method which is specifically for ADMIN and I have written @Secured ("ROLE_ADMIN") to secure it. @Secured ("ROLE_ADMIN") public void HelloUser(String name) { System.out.println("Hello ADMIN"); } Now when I call this method by creating a class object it gets called eventhough user dont have ADMIN authority But when I dont create an object and use @autowired annotation instead then it works i.e User is not allowed to access this method. In my security.xml as well as servlet.xml I have added <global-method-security secured-annotations="enabled" /> Can some one please tell me where I am going wrong or is this the natural behaviour in spring ?

  Read the article

< Previous Page | 229 230 231 232 233 234 235 236 237 238 239 240  | Next Page >