Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 313/3920 | < Previous Page | 309 310 311 312 313 314 315 316 317 318 319 320  | Next Page >

  • Python 2.6 and 3.1.1, earlier version compatibility

    - by Todd
    I ordered three books to start teaching myself Python - a beginning programming book, a computer science book that uses Python for all of its code references, and a book on Python network programming. Unfortunately, I was a little too quick on ordering them, because I hadn't noticed the version differences. The beginner book is for python 3.1, the CS book is Python 2.3, and the last is Python 2.6. The CS book is also oriented towards beginners. My question is, will the different versions be too different at this level for me to effectively use all three, or will I likely be able to get by learning from the 3.1 beginners book and then sort of teach myself from the 2.3 CS book, and be able to comprehend 2.6 code? That probably didn't make sense. I hope it did.

    Read the article

  • How to Run NUnit Tests from C# Code

    - by Dror Helper
    I'm trying to write a simple method that receives a file and runs it using NUnit. The code I managed to build using NUnit's source does not work: if(openFileDialog1.ShowDialog() != DialogResult.OK) { return; } var builder = new TestSuiteBuilder(); var testPackage = new TestPackage(openFileDialog1.FileName); var directoryName = Path.GetDirectoryName(openFileDialog1.FileName); testPackage.BasePath = directoryName; var suite = builder.Build(testPackage); TestResult result = suite.Run(new NullListener(), TestFilter.Empty); The problem is that I keep getting an exception thrown by builder.Build stating that the assembly was not found. What am I missing? Is there some other way to run the test from the code (without using Process.Start)?

    Read the article

  • require_owner code to limit controller actions not recognizing current user as owner

    - by bgadoci
    I am trying to restrict access to certain actions using a before_filter which seems easy enough. Somehow the ApplicationController is not recognizing that the current_user is the owner of the user edit action. When I take the filter off the controller correctly routes the current_user to their edit view information. Here is the code. Link to call edit action from user controller (views/questions/index.html.erb): <%= link_to "Edit Profile", edit_user_path(:current) %> ApplicationController (I am only posting the code that I think is affecting this but can post the whole thing if needed). class ApplicationController < ActionController::Base def require_owner obj = instance_variable_get("@#{controller_name.singularize.camelize.underscore}") # LineItem becomes @line_item return true if current_user_is_owner?(obj) render_error_message("You must be the #{controller_name.singularize.camelize} owner to access this page", root_url) return false end end and the before_filter class UsersController < ApplicationController before_filter :require_owner, :only => [:edit, :update, :destroy] #... end I simply get the rendering of the error message from the ApplicationController#require_owner action.

    Read the article

  • NSString stringWithContentsOfFile failing with what seems to be the wrong error code

    - by deanWombourne
    Hello. I'm trying to load a file into a string. Here is the code I'm using: NSError *error = nil; NSString *fullPath = [[NSBundle mainBundle] pathForResource:filename ofType:@"html"]; NSString *text = [NSString stringWithContentsOfFile:fullPath encoding:NSUTF8StringEncoding error:&error]; When passed in @"about" as the filename, it works absolutely fine, showing the code works. When passed in @"eula" as the filename, it fails with 'Cocoa error 258', which translates to NSFileReadInvalidFileNameError. However, if I swap the contents of the files over but keep the names the same, the other file fails proving there is nothing wrong with the filename, it's something to do with the content. The about file is fairly simple HTML but the eula file is a massive mess exported from Word by the legal department. Does anyone know of anything inside a HTML file that could cause this error to be raised? Much thanks, Sam

    Read the article

  • SSL Authentication with Certificates: Should the Certificates have a hostname?

    - by sixtyfootersdude
    Summary JBoss allows clients and servers to authenticate using certificates and ssl. One thing that seems strange is that you are not required to give your hostname on the certificate. I think that this means if Server B is in your truststore, Sever B can pretend to be any server that they want. (And likewise: if Client B is in your truststore...) Am I missing something here? Authentication Steps (Summary of Wikipeida Page) Client Server ================================================================================================= 1) Client sends Client Hello ENCRIPTION: None - highest TLS protocol supported - random number - list of cipher suites - compression methods 2) Sever Hello ENCRIPTION: None - highest TLS protocol supported - random number - choosen cipher suite - choosen compression method 3) Certificate Message ENCRIPTION: None - 4) ServerHelloDone ENCRIPTION: None 5) Certificate Message ENCRIPTION: None 6) ClientKeyExchange Message ENCRIPTION: server's public key => only server can read => if sever can read this he must own the certificate - may contain a PreMasterSecerate, public key or nothing (depends on cipher) 7) CertificateVerify Message ENCRIPTION: clients private key - purpose is to prove to the server that client owns the cert 8) BOTH CLIENT AND SERVER: - use random numbers and PreMasterSecret to compute a common secerate 9) Finished message - contains a has and MAC over previous handshakes (to ensure that those unincripted messages did not get broken) 10) Finished message - samething Sever Knows The client has the public key for the sent certificate (step 7) The client's certificate is valid because either: it has been signed by a CA (verisign) it has been self-signed BUT it is in the server's truststore It is not a replay attack because presumably the random number (step 1 or 2) is sent with each message Client Knows The server has the public key for the sent certificate (step 6 with step 8) The server's certificate is valid because either: it has been signed by a CA (verisign) it has been self-signed BUT it is in the client's truststore It is not a replay attack because presumably the random number (step 1 or 2) is sent with each message Potential Problem Suppose the client's truststore has certs in it: Server A Server B (malicous) Server A has hostname www.A.com Server B has hostname www.B.com Suppose: The client tries to connect to Server A but Server B launches a man in the middle attack. Since server B: has a public key for the certificate that will be sent to the client has a "valid certificate" (a cert in the truststore) And since: certificates do not have a hostname feild in them It seems like Server B can pretend to be Server A easily. Is there something that I am missing?

    Read the article

  • Visual Studio 2008 profiler analysis - missing time

    - by Scott Vercuski
    I ran the Visual Studio 2008 profiler against my ASP.NET application and came up with the following result set. CURRENT FUNCTION TIME (msec) ---------------------------------------------------|-------------- Data.GetItem(params) | 10,158.12 ---------------------------------------------------|-------------- Functions that were called by Data.GetItem(params) TIME (msec) ---------------------------------------------------|-------------- Model.GetSubItem(params) | 0.83 Model.GetSubItem2(params) | 0.77 Model.GetSubItem3(params) | 0.76 etc. The issue I'm facing is that the sum of the Functions called by Data.GetItem(params) do not sum up to the 10,158.12 msec total. This would lead me to believe that the bulk of the time is actually spent executing the code within that method. My question is ... does Visual Studio provide a way to analyze the method itself so I can see which sections of code are taking the longest? if it does not are there any recommended tools to do this? or should I start writing my own timing scripts? Thank you

    Read the article

  • Should I Use Anchor, Button Or Form Submit For "Follow" Feature In Rails

    - by James
    I am developing an application in Rails 3 using a nosql database. I am trying to add a "Follow" feature similar to twitter or github. In terms of markup, I have determined that there are three ways to do this. 1) Use a regular anchor. (Github Uses This Method) <a href="/users/follow?target=Joe">Follow</a> 2) Use a button. (Twitter Uses This Method) <button href="/friendships/create/">Follow</button> 3) Use a form with a submit button. (Has some advantages for me, but I haven't see anyone do it yet.) <form method="post" id="connection_new" class="connection_new" action="/users/follow"> <input type="hidden" value="60d7b563355243796dd8496e17d36329" name="target" id="target"> <input type="submit" value="Follow" name="commit" id="connection_submit"> </form> Since I want to store the user_id in the database and not the username, options 1 and 2 will force me to do a database query to get the actual user_id, whereas option 3 will allow me to store the user_id in a hidden form field so that I don't have to do any database lookups. I can just get the id from the params hash on form submission. I have successfully got each of these methods working, but I would like to know what is the best way to do this. Which way is more semantic, secure, better for spiders, etc...? Is there a reason both twitter and github don't use forms to do this? Any guidance would be appreciated. I am leaning towards using the form method since then I don't have to query the db to get the id of the user, but I am worried that there must be a reason the big guys are just using anchors or buttons for this. I am a newb so go easy on me if I am totally missing something. Thanks!

    Read the article

  • What's the best, Escape then store Or store then escape the output?

    - by Axel
    Hi, After doing a long search on stackoverflow i didn't find any one talked about this even if it's a big choice, the Question is what's the best in order to prevent both of XSS and SQL injection, Escaping the data then store it in the DB or Store it as it is and escape when output it? Note: it is better if you give some examples of practics if possible. Thanks

    Read the article

  • code duplication in sql case statements

    - by NS
    Hi I'm trying to output something like the following but am finding that there is a lot of code duplication going on. | australian_has_itch | kiwi_has_itch | | yes | no | | no | n/a | | n/a | no | ... My query looks like this with two case statements that do the same thing but flip the country (my real query has 5 of these case statements): SELECT CASE WHEN NOT EXISTS ( SELECT person_id FROM people_with_skin WHERE people_with_skin.person_id = people.person_id AND people.country = "Australia" ) THEN 'N/A' WHEN EXISTS ( SELECT person_id FROM itch_none_to_report WHERE people.country = "Australia" AND person_id = people.person_id ) THEN 'None to report' WHEN EXISTS ( SELECT person_id FROM itchy_people WHERE people.country = "Australia" AND person_id = people.person_id ) THEN 'Yes' ELSE 'No' END australian_has_itch, CASE WHEN NOT EXISTS ( SELECT person_id FROM people_with_skin WHERE people_with_skin.person_id = people.person_id AND people.country = "NZ" ) THEN 'N/A' WHEN EXISTS ( SELECT person_id FROM itch_none_to_report WHERE people.country = "NZ" AND person_id = people.person_id ) THEN 'None to report' WHEN EXISTS ( SELECT person_id FROM itchy_people WHERE people.country = "NZ" AND person_id = people.person_id ) THEN 'Yes' ELSE 'No' END kiwi_has_itch, FROM people Is there a way for me to condense this somehow and not have so much code duplication? Thanks!

    Read the article

  • SimpleMembership updating the "isconfirmed" flag

    - by Vijay V
    My Users table (the one that I created) has the following columns: UserId,UserName,FirstName,LastName,DOB After I ran this command WebSecurity.InitializeDatabaseConnection("DefaultConnection", "Users", "UserId", "UserName", autoCreateTables: true); it created the required simple membership tables for me. How would I go about "UnConfirming" an user or setting the "IsConfirmed" flag to false in the webpages_Membership using the new SimpleMembership API? (Earlier, before going to simplemembership using the "Membership" class I could update an user using the api call : Membership.UpdateUser( user );)

    Read the article

  • Code to find nth largest number in an array

    - by user136104
    I have written following code in perl #!/usr/bin/perl @array = (3,6,8,1,2); my $second_largest = 0; my $largest = 0; for (@array) { if($_ > $largest) { $second_largest = $largest; $largest = $_; } if($_ > $second_largest && $_ < $largest) { $second_largest = $_; } } print "Second largest::".$second_largest; print "largest::".$largest; But I need a general code to find out "Nth" largest and smallest number of an array Please help me

    Read the article

  • iOS - Application logging test and production code

    - by Peter Warbo
    I am doing a bunch of logging when I'm testing my application which is useful for getting information about variable state and such. However I have read that you should use logging sparsely in production code (because it can potentially slow down your application). But my question is now: if my app is in production and people are using it, whenever a crash (god forbid) occurs, how will I be able to interpret the crash information if I have removed the logging statements? Then I suppose I will only have a stacktrace for me to interpret? Does this mean I should leave logging in production code only WHERE it's really essential for me to interpret what has happened? Also how will the logging statements relate to the crash reports? Will they be combined? I'm thinking of using Flurry as analytics and crash reports...

    Read the article

  • Where is the probem in this code (javascript)?

    - by user318068
    Hi I have a problem in my code. can anybody help me ... <html> <body> <script type="text/javascript"> <?php $conn = mysql_connect("localhost","root"); mysql_select_db("tr", $conn); $q = mysql_query("SELECT message FROM messages WHERE to_viewed = '0' "); if (mysql_num_rows($q)) { require('pm.php'); ?> var answer = confirm("you have new message "); <?php } ?> if (answer) { window.location = "http:>>>/"; } else { } //--> </script> </body> </html> Thanks .... The error that appears in my code is that the confirm is not working if I open my page (no output)

    Read the article

  • Attack from anonymous proxy

    - by mmgn
    We got attacked by some very-bored teenagers registering in our forums and posting very explicit material using anonymous proxy websites, like http://proxify.com/ Is there a way to check the registration IP against a black list database? Has anyone experienced this and had success?

    Read the article

  • Best Tools for Software Maintenance Engineering

    - by Pev
    Yes, the dreaded 'M' word. You've got a workstation, source control and half a million lines of source code that you didn't write. The documentation was out of date the moment that it was approved and published. The original developers are LTAO, at the next project/startup/loony bin and not answering email. What are you going to do? {favourite editor} and Grep will get you started on your spelunking through the gnarling guts of the code base but what other tools should be in the maintenance engineers toolbox? To start the ball-rolling; I don't think I could live without source-insight for C/C++ spelunking. (DISCLAIMER: I don't work for 'em).

    Read the article

  • ASP.NET Thread Safety in aspx.cs code behind file

    - by Tim Michalski
    I am thinking of adding a DataContext as a member variable to my aspx.cs code-behind class for executing LinqToSql queries. Is this thread safe? I am not sure if a new instance of this code-behind class is created for each HTTP request, or if the instance is shared amongst all request threads? My fear is that I will get 10 simultaneous concurrent http requests that will be using the same database session. public partial class MyPage : System.Web.UI.Page { private DataContext myDB = new DataContext(); protected void MyAction_Click(object sender, EventArgs e) { myDB.DoWork(); } }

    Read the article

  • How necessary is using PHP filters?

    - by Jamie
    I'm a relatively newbie to PHP and just making my way through the W3Schools tut. The tut makes a big point of saying you must always filter external data (i.e. cookies, form data etc). I'm writing a fairly simple system that talks with a third party Joomla extension. It's at a prototype stage where I'm just wanting to demonstrate the functionality in a minimum viable product. Basically, I'd like to know... what's the worst that could happen in I don't filter content. Are we talking 'I might get a bunch of spam', or 'a good hacker could get root server access'? Have hunted around online, but would love any of your experience / insight on the matter!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 309 310 311 312 313 314 315 316 317 318 319 320  | Next Page >