Search Results

Search found 97980 results on 3920 pages for 'code security'.

Page 315/3920 | < Previous Page | 311 312 313 314 315 316 317 318 319 320 321 322  | Next Page >

  • PHP code cannot see query string param on return in Facebook oAuth flow

    - by TMC
    I am doing some integration with Facebook Open Graph using their oAuth flow and having issues with parsing query string parameters they return. On my callback URL, they pass back an "access_token" parameter with a hash (#). so the callback would be: http://mydomain.com/callback.php#access_token=foobar123 where foobar123 is my access token I'm trying to parse out. However, no matter what I do, my PHP code cannot see if and I've done every debug trick I know (even using phpinfo() to go through everything). The URL is stated only as http://mydomain.com/callback.php. It's as if the rest of the URL isn't really there! This code returns nothing: $token = $_REQUEST['access_token']; Any help would be greatly appreciated... I'm obviously missing something simple.

    Read the article

  • Good code visualization / refactoring tools for C++?

    - by Paul D.
    I've found myself coming across a lot of reasonably large, complicated codebases at work recently which I've been asked to either review or refactor or both. This can be extremely time consuming when the code is highly concurrent, makes heavy use of templates (particularly static polymorphism) and has logic that depends on callbacks/signals/condition variables/etc. Are there any good visualization tools for C++ period, and of those are there any that actually play well with "advanced" C++ features? Anything would probably be better than my approach now, which is basically pen+paper or stepping through the debugger. The debugger method can be good for following a particular code path, but isn't great for seeing the big picture you really need when doing serious refactoring. EDIT: I should mention that Visual Studio plugins aren't going to be a lot of help to me, since our stuff is mostly Linux-only.

    Read the article

  • PHP - What to store in a session?

    - by eWolf
    I know about all the issues with session fixation and hijacking. My question is really basic: I want to create an authentication system with PHP. For that, after the login, I would just store the user id in the session. But: I've seen some people do weird things like generating a GUID for each user and session and storing that instead of just the user id in the session. Why? The content of a session cannot be obtained by a client - or can it?

    Read the article

  • Web framework recommendation for python (webservices, auth, cache, ...)

    - by illuminated
    Hi all, Googling for the past week, but cannot finally decide which python web framework would be right for me. The web app I'm about to develop would be almost completely "pure" html with js (jQuery). Server side would have to do the following: authentication session management caching web services (almost all the on page data would be pulled with jQuery through web services) secured web services (through some form of authentication; this is for remote accessing some of the web services though other web apps, desktop/mobile applications) If there is a good tutorial/guide/idea for how to do this in Django I would be most thankfull if someone could share it as I already have experience with it. The thing that made me start thinking about other frameworks is Django's built in ORM. I know I could swap it with SQLAlchemy, but wouldn't go down that road if I'm not sure all the rest of the requirements is supported. Thanks all in advance.

    Read the article

  • Why NOT use POST method here?

    - by Camran
    I have a classifieds website. In the main page (index) I have several form fields which the user may or may not fill in, in order to specify a detailed search of classifieds. Ex: Category: Cars Price from: 3000 Price to: 10000 Color: Red Area: California The forms' action is set to a php page: <form action='query_sql.php' method='post'> In query_sql.php I fetch the variables like this: category=$_POST['category']; etc etc... Then query MySql: $query="SELECT........WHERE category='$category' etc etc.... $results = mysql_query($query); Then I simply display the results of the query to the user by creating a table which is filled in dynamically depending on the results set. However, according to an answer by Col. Shrapnel in my previous Q I shouldn't use POST here: http://stackoverflow.com/questions/3004754/how-to-hide-url-from-users-when-submitting-this-form The reason I use post is simply to hide the "one-page-word-document" long URL in the browsers adress bar. I am very confused, is it okay to use POST or not? It is working fine both when I use GET or POST now... And it is already on a production server... Btw, in the linked question, I wasn't referring to make URL invisible (or hide it) I just wanted it too look better (which I have accomplished with mod_rewrite). UPDATE: If I use GET, then how should I make the url better looking (beautiful)? Check this previous Q out: http://stackoverflow.com/questions/3000524/how-to-make-this-very-long-url-appear-short

    Read the article

  • How to secure the communication between an MSSQL database and a c# administrative tool?

    - by citronas
    How can I secure the communication between a C# programm running locally on my computer and a MSSQL Server in a hosted environment? I have an asp.net application that is secured by SSL encryption. So using the asp.net from an open wlan connection is no problem. How can I achieve the same kind of encryption for my administrative tool? Would it be best to write a service? But how would that connection to the service be secured?

    Read the article

  • How to I correctly add brackets to this code

    - by Mohammad
    This code removes whites paces, (fyi: it's credited to be very fast) function wSpaceTrim(s){ var start = -1, end = s.length; while (s.charCodeAt(--end) < 33 ); //here while (s.charCodeAt(++start) < 33 ); //here also return s.slice( start, end + 1 ); } The while loops don't have brackets, how would i correctly add brackets to this code? while(iMean){ like this; } Thank you so much!

    Read the article

  • Is this crufty?

    - by bobobobo
    I'm writing code like: class Game { int getMouseX() { return inputManager.getMouseX() ; } } ; I remember seeing code like this and hating it. One function passes off to another? What is this "pattern" (or, possibly, anti-pattern) called? I don't like it! On the other hand, it saves exposing the InputManager to the user of the class... would that be a better choice? Or should Game simply not contain InputManager? Edit What about using multiple inheritance instead? class Game : public InputManager, public Window { // by virtue of inheriting InputManager and Window, // Game now has "acquired" the capabilities of // InputManager's public functions, without requiring delegate. } ; Have I not found a reasonably good use for multiple inheritance??

    Read the article

  • How to sign XML document or verify XML document signature with C++?

    - by Budda
    Subj. I need to sign/verify in native C++ (no .NET), using private key for signing, public key for verification. I saw few examples on MSDN (http://msdn.microsoft.com/en-us/library/ms761363(VS.85).aspx) that demonstrate how to sign the document with CSP (I don't know what this means). For my case I need to create a "key" from the binary data array... can somebody help me with that? Thank you in advance.

    Read the article

  • Deleting a node in a circular linked list c++?

    - by angad Soni
    I was wondering if anyone could help me understand if this code for deleting a node from a circular linked list would work, or if there is something i'm missing out on. using c++ to code. void circularList::deleteNode(int x) { node *current; node *temp; current = this-start; while(current->next != this->start) { if(current->next->value == x) { temp = current->next; current->next = current->next->next; delete current->next; } } }

    Read the article

  • gcc options for fastest code

    - by rwallace
    I'm distributing a C++ program with a makefile for the Unix version, and I'm wondering what compiler options I should use to get the fastest possible code (it falls into the category of programs that can use all the computing power they can get and still come back for more), given that I don't know in advance what hardware, operating system or gcc version the user will have, and I want above all else to make sure it at least works correctly on every major Unix-like operating system. Thus far, I have g++ -O3 -Wno-write-strings, are there any other options I should add? On Windows, the Microsoft compiler has options for things like fast calling convention and link time code generation that are worth using, are there any equivalents on gcc? (I'm assuming it will default to 64-bit on a 64-bit platform, please correct me if that's not the case.)

    Read the article

  • What's the best way to identify subdomains by PHP dynamically?

    - by kavoir.com
    I have configured the wildcard DNS of *.mydomain.com and it's all working properly. My question is which of these should I rely on identifying client subdomain requests? $_SERVER["HTTP_HOST"] $_SERVER["SERVER_NAME"] $_SERVER["SCRIPT_URI"] They all seem to contain the subdomain part I want but after reading this article by Chris: http://shiflett.org/blog/2005/feb/more-on-filtering-input-and-escaping-output, I'm lost at see and there appears to be no safe way to do this? Any idea on accomplishing this task securely?

    Read the article

  • Optimizing BeautifulSoup (Python) code

    - by user283405
    I have code that uses the BeautifulSoup library for parsing, but it is very slow. The code is written in such a way that threads cannot be used. Can anyone help me with this? I am using BeautifulSoup for parsing and than save into a DB. If I comment out the save statement, it still takes a long time, so there is no problem with the database. def parse(self,text): soup = BeautifulSoup(text) arr = soup.findAll('tbody') for i in range(0,len(arr)-1): data=Data() soup2 = BeautifulSoup(str(arr[i])) arr2 = soup2.findAll('td') c=0 for j in arr2: if str(j).find("<a href=") > 0: data.sourceURL = self.getAttributeValue(str(j),'<a href="') else: if c == 2: data.Hits=j.renderContents() #and few others... c = c+1 data.save() Any suggestions? Note: I already ask this question here but that was closed due to incomplete information.

    Read the article

  • Is it safe to display user input as input values without sanitation?

    - by Svish
    Say we have a form where the user types in various info. We validate the info, and find that something is wrong. A field is missing, invalid email, et cetera. When displaying the form to the user again I of course don't want him to have to type in everything again so I want to populate the input fields. Is it safe to do this without sanitation? If not, what is the minimum sanitation that should be done first? And to clearify: It would of course be sanitized before being for example added to a database or displayed elsewhere on the site.

    Read the article

  • Implementation code for GetDateFormat Win32 function

    - by morpheous
    I am porting some legacy code from windows to Linux (Ubuntu Karmic to be precise). I have come across a Win32 function GetDateFormat(). The statements I need to port over are called like this: GetDateFormat(LOCALE_USER_DEFAULT, 0, &datetime, "MMMM", 'January', 31); OR GetDateFormat(LOCALE_USER_DEFAULT, 0, &datetime, "MMMM", 'May', 30); Where datetime is a SYSTEMTIME struct. Does anyone know where I can get the code for the function - or failing that, tips on how to "roll my own" equivalent function?

    Read the article

  • Securing Coredata objects

    - by Abraham Durairaj
    I am working on an application which has got some sensitive information. I am aware that it would be difficult for a layman to hack into iphone to get the information. If I use SQLite directly I have something called SQLite Cipher to encrypt / encode the database. Is there anyway where I can have the same way of encrypting the coredata so it makes it hard for hackers to get into the data. Can someone shed some light on this? Thanks in Advance

    Read the article

  • How do I secure a .NET Web Service for use by an iPhone application?

    - by David A Gibson
    Hello, The title says it all, I have a Web Service written in .NET that provides data for an iPhone application. It will also allow the application make a "reservation." Currently it's all internal to the corporate network but obviously when the iPhone application is published I will need ensure the Web Service is available externally. How would I go about securing the Web Service? There are two aspects I'm looking into: Authentication for accessing the web service Protection for the data being transferred I'm no so bothered about the data being passed back and forth as it will be viewable in the application anyway (which will be free). The key issue for me is preventing users from accessing the Web Service and making reservations themselves. At the moment I am considering encrypting any strings in the XML data passed back and forth so only the client can effectively use the web service sidestepping the need for authentication and providing protection for the data. This is the only model I have seen but I think the overheads on the iPhone and even for the web service make for a poor user experience. Any solutions at all would be most welcome? Thanks

    Read the article

  • Getting the errors for code in unopened .aspx pages

    - by Glennular
    Is there a way to check for errors in unopened *.ASPX pages. For example, if you change the name of a function Visual Studio will catch the error on the page and list it in the "Error List" only if the page is opened and being validated? I guess the question could be is there a validation option opposed to the compile option to check for errors? (Yes, i know code should go into the pre-compiled code-behind pages.) How do i find out about the following without running the page through the webserver or opening the page to be validated in VS? <script runat="server"> Public Sub MyFunciton() Undefined_FUNCTION() End Sub </script>

    Read the article

< Previous Page | 311 312 313 314 315 316 317 318 319 320 321 322  | Next Page >