Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 315/3920 | < Previous Page | 311 312 313 314 315 316 317 318 319 320 321 322  | Next Page >

  • Hashes or tokens for "remember me" cookies?

    - by Emanuil Rusev
    When it comes to remember me cookies, there are 2 distinct approaches: Hashes The remember me cookie stores a string that can identify the user (i.e. user ID) and a string that can prove that the identified user is the one it pretends to be - usually a hash based on the user password. Tokens The remember me cookie stores a random (meaningless), yet unique string that corresponds with with a record in a tokens table, that stores a user ID. Which approach is more secure and what are its disadvantages?

    Read the article

  • What's wrong with XOR encryption?

    - by Colin
    I wrote a short C++ program to do XOR encryption on a file, which I may use for some personal files (if it gets cracked it's no big deal - I'm just protecting against casual viewers). Basically, I take an ASCII password and repeatedly XOR the password with the data in the file. Now I'm curious, though: if someone wanted to crack this, how would they go about it? Would it take a long time? Does it depend on the length of the password (i.e., what's the big-O)?

    Read the article

  • PKCS#11 Test suite

    - by Sasha
    Can somebody give me a link to PKCS#11 test suite? This may be a simple utility or part of big project no matter. I now only this one: Netscape PKCS #11 Test Suites

    Read the article

  • How can I progrommatically change the target framework from 4.0 to 3.5 of a project/solution?

    - by scott
    Edit 3: After more googling it looks like you can't have the TargetFrameworkMoniker property in a .NET 3.5 application. So I guess I should be asking a different question. How do I change the Target framework from 4.0 to 3.5? Unfortunately, I can only find stuff on how to go the other way. or better yet how do i progrommatically set the target framework version of a project to something other than 4.0? Original question: I just switched to vs2010. I have an application that uses .net 3.5. It loads plugins which are generated by a different app. The plugins are using .net 4 and there for cannot be loaded. I'm using EnvDTE.Project to create a project and set the settings. I can't find what setting needs to be set for this. Edit 1: I'm generating code for about 50 solutions. When I made the switch from vs2005 to vs2010 the projects in those solutions are defaulting to .NET Framework 4.0. So I need to set the .NET Framework to 3.5 when I am generating the code for these solutions. Edit 2: After a lot of googling I found this. so then I tried this: loProp = vsGetProperty("TargetFrameworkMoniker"); vsSetValue(loProp, ".NETFramework,Version=v3.5"); the definitions for those two methods are below. as far as I can tell they do the same this as project.Properties.Item("TargetFrameworkMoniker").Value = ".NETFramework,Version=v4.0,Profile=Client"; I start getting an Property Unavailable Exception later in the code. When I remove the new lines everything works except the projects target framework is still 4.0. The code generators target framework is 3.5 so I can't use the FrameworkName class like shown in the second example in that link. here is vsGetProperty protected Property vsGetProperty(string aProperty) { bool lbDone = false; int liCount = 0; Property loProp; while (!lbDone && liCount < pMaxRetries) { try { loProp = pProject.Properties.Item(aProperty); lbDone = true; return loProp; } catch (System.Runtime.InteropServices.COMException loE) { liCount++; if ((uint)loE.ErrorCode == 0x80010001) { // RPC_E_CALL_REJECTED - sleep half sec then try again System.Threading.Thread.Sleep(pDelayBetweenRetry); } } } return null; } and vsSetValue protected void vsSetValue(Property aProperty, string aValue) { bool lbDone = false; int liCount = 0; while (!lbDone && liCount < pMaxRetries) { try { aProperty.Value = aValue; lbDone = true; } catch (System.Runtime.InteropServices.COMException loE) { liCount++; if ((uint)loE.ErrorCode == 0x80010001) { // RPC_E_CALL_REJECTED - sleep half sec then try again System.Threading.Thread.Sleep(pDelayBetweenRetry); } } } }

    Read the article

  • How to manually verify a user against the asp.net memberhip database

    - by Ekk
    I would like to know how I can verify a user's credential against an existing asp.net membership database. The short story is that we want provide single sign on access. So what I've done is to connect directly to the membership database and tried to run a sql query against the aspnet_Membership table: private bool CanLogin(string userName, string password) { // Check DB to see if the credential is correct try { string passwordHash = FormsAuthentication.HashPasswordForStoringInConfigFile(password, "SHA1"); string sql = string.Format("select 1 from aspnet_Users a inner join aspnet_Membership b on a.UserId = b.UserId and a.applicationid = b.applicationid where a.username = '{0}' and b.password='{1}'", userName.ToLowerInvariant(), passwordHash); using (SqlConnection sqlConn = new SqlConnection(ConfigurationManager.ConnectionStrings["LocalSqlServer"].ConnectionString)) using (SqlCommand sqlCmd = new SqlCommand(sql, sqlConn)) { sqlConn.Open(); int count = sqlCmd.ExecuteNonQuery(); sqlConn.Close(); return count == 1; } } catch (Exception ex) { return false; } } The problem is the password value, does anyone know how the password it is hashed?

    Read the article

  • gcc options for fastest code

    - by rwallace
    I'm distributing a C++ program with a makefile for the Unix version, and I'm wondering what compiler options I should use to get the fastest possible code (it falls into the category of programs that can use all the computing power they can get and still come back for more), given that I don't know in advance what hardware, operating system or gcc version the user will have, and I want above all else to make sure it at least works correctly on every major Unix-like operating system. Thus far, I have g++ -O3 -Wno-write-strings, are there any other options I should add? On Windows, the Microsoft compiler has options for things like fast calling convention and link time code generation that are worth using, are there any equivalents on gcc? (I'm assuming it will default to 64-bit on a 64-bit platform, please correct me if that's not the case.)

    Read the article

  • MVC Serve audio files while preventing direct linking using HttpResponseBase

    - by VinceGeek
    I need to be able to serve audio files to an mvc app while preventing direct access. Ideally the page would render with a player control so the user can start/stop the audio linked to the database record (audio files are in a folder not the db). I have a controller action like this: Response.Clear(); Response.ContentType = "audio/wav"; Response.TransmitFile(audioFilename); Response.End(); return Response; and the view uses the RenderAction method <% Html.RenderAction("ServeAudioFile"); %> this works but it won't display inline on the existing view, it opens a new page with just the media control. Am I totally barking up the wrong tree or is there a way to embed the response in the existing view? works exactly as I would like but I can't control access to the file.

    Read the article

  • Service not able to access a mapped drive.

    - by Rohit
    Hi All, I have read in many forums that mapped drives are not accessible from a service as no user is logged on. Question 1) I tried making my service as a log on - as some account and i had my network drive mapped in that very account. The service still cannot access it. Why? Question 2) From the same sevice, i invoke another process. Under what user account will the process run? Thanks

    Read the article

  • Maintaining a secure database of user logins and info?

    - by Rafe Kettler
    I want to have a login form on a charity website I am building (it's for a friend, and I'm learning on the go), and I want to know what languages/software should I learn to build databases for user logins and info? Note: it HAS to be secure and relatively simple to learn for someone with moderate programming experience. Update: I understand that CMSs offer good tools for logins etc. but I want to do this all by myself.

    Read the article

  • Get redirected url from code

    - by Skoder
    Hey, I'm using an API which, given a url, redirects to a file on the server. The file names have "_s,_m and _l" appended to the end (small, medium, large). However, since the url's querystring is parsed dynamically, I don't retrieve the actual file name. The image displays correctly, but is it possible to retrieve the filename of the image file from the code? (i.e. where the url has redirected to)? e.g. http://api.somesite.com/getimage?small (this is what I enter) "http://somesite.com/images/userimage_s" (this is where it redirects to. I would like to get this address from code) Thanks for any advice

    Read the article

  • The shortest way to convert infix expressions to postfix (RPN) in C

    - by kuszi
    Original formulation is given here (you can try also your program for correctness) . Additional rules: 1. The program should read from standard input and write do standard output. 2. The program should return zero to the calling system/program. 3. The program should compile and run with gcc -O2 -lm -s -fomit-frame-pointer. The challenge has some history: the call for short implementations has been announced at the Polish programming contest blog in September 2009. After the contest, the shortest code was 81 chars long. Later on the second call has been made for even shorter code and after the year matix2267 published his solution in 78 bytes: main(c){read(0,&c,1)?c-41&&main(c-40&&(c%96<27||main(c),putchar(c))):exit(0);} Anyone to make it even shorter or prove this is impossible?

    Read the article

  • Best evidence to offer a sandboxed appdomain for a C# evaluator.

    - by scope-creep
    I have a c# evaluator which uses the (I think) the .Net 4 new simplified sandboxed appdomain model to host the c# assembly, with remoting doing the rest. The call to create the appdomain is Evidence ev = new Evidence(); ev.AddHostEvidence(new Zone(SecurityZone.Trusted)); PermissionSet pset = SecurityManager.GetStandardSandbox(ev); AppDomainSetup ads = new AppDomainSetup(); ads.ApplicationBase = "C:\\Sandbox"; // Create the sandboxed domain. AppDomain sandbox = AppDomain.CreateDomain( "Sandboxed Domain", ev, ads, pset, null); The c# eval is embedded in a server app, but I don't want give the sandbox to much control unless it bo bo's the caller. What i'm looking for is regarding some clarification as to what to provide as Evidence from the caller. I'm looking for advice and guidance. Any help would be appreciated.

    Read the article

  • How to add exception in this jquery code?

    - by metal-gear-solid
    How to add exception in this jquery code? $(function() { $("table tr:nth-child(even)").addClass("striped"); }); this code is applying on all tables. but for specfic pages i don't want strip effect. I've differnt body id on each page. I want to know how to add exception for a id. $(function() { $("table tr:nth-child(even)").addClass("striped"); //I want to add exception to not to add striped class to only to page with <body id="nostrip"> });

    Read the article

  • What makes an input vulnerable to XSS?

    - by vtortola
    Hi! I've been reading about XSS and I made a simple form with a text and submit input, but when I execute <script>alert();</script> on it, nothing happens, the server gets that string and that's all. What do I have to do for make it vulnerable?? (then I'll learn what I shouldn't do hehe) Cheers.

    Read the article

  • Swing code in sockets

    - by asb
    I am learning swings for making GUI. I was thinking which is the best possible way in case of socket with swings. 1. The whole swing code goes in the server file. All the handlers and logic in on server side. Client only create socket. 2. The server have logic part. The code for the swing to display interface goes on client side. Client Creates stream to send / rec. data from server. Whch is the good way out of 2 ?

    Read the article

  • Good code architecture for this problem?

    - by RCIX
    I am developing a space shooter game with customizable ships. You can increase the strength of any number of properties of the ship via a pair of radar charts*. Internally, i represent each ship as a subclassed SpaceObject class, which holds a ShipInfo that describes various properties of that ship. I want to develop a relatively simple API that lets me feed in a block of relative strengths (from minimum to maximum of what the radar chart allows) for all of the ship properties (some of which are simplifications of the underlying actual set of properties) and get back a ShipInfo class i can give to a PlayerShip class (that is the object that is instantiated to be a player ship). I can develop the code to do the transformations between simplified and actual properties myself, but i would like some recommendations as to what sort of architecture to provide to minimize the pain of interacting with this translator code (i.e. no methods with 5+ arguments or somesuch other nonsense). Does anyone have any ideas? *=not actually implemented yet, but that's the plan.

    Read the article

  • Implementation code for GetDateFormat Win32 function

    - by morpheous
    I am porting some legacy code from windows to Linux (Ubuntu Karmic to be precise). I have come across a Win32 function GetDateFormat(). The statements I need to port over are called like this: GetDateFormat(LOCALE_USER_DEFAULT, 0, &datetime, "MMMM", 'January', 31); OR GetDateFormat(LOCALE_USER_DEFAULT, 0, &datetime, "MMMM", 'May', 30); Where datetime is a SYSTEMTIME struct. Does anyone know where I can get the code for the function - or failing that, tips on how to "roll my own" equivalent function?

    Read the article

  • What's the best way to identify subdomains by PHP dynamically?

    - by kavoir.com
    I have configured the wildcard DNS of *.mydomain.com and it's all working properly. My question is which of these should I rely on identifying client subdomain requests? $_SERVER["HTTP_HOST"] $_SERVER["SERVER_NAME"] $_SERVER["SCRIPT_URI"] They all seem to contain the subdomain part I want but after reading this article by Chris: http://shiflett.org/blog/2005/feb/more-on-filtering-input-and-escaping-output, I'm lost at see and there appears to be no safe way to do this? Any idea on accomplishing this task securely?

    Read the article

  • How to flush coverage data when my test cause app crash - For ios app

    - by Ypy
    I want to get the code coverage of my tests. So I set the settings, build an app with .gcno files and run it on simulator. It can get the coverage data successfully if there is no crash issue. But if the app crashed, I will get nothing. So how can I get the code coverage data when the app crash? In my thought, this is because it will not call __gcov_flush() method when app crash. I only add app does not run in background to my plist file, so __gcov_flush() is called only at the time I press Home button. Is there any way to call __gcov_flush() before the app crash?

    Read the article

  • Watermarking Flash Videos (server-side)

    - by Roberto Aloi
    Hi all, I have a bunch of flash videos that I need to watermark with user related information, to make illegal re-distribution of these files harder. I'm wondering how can this be done server-side. If done client-side, it will be quite easy for the user to intercept the videos before they are watermarked. Since the watermark should contain user-specific information I can't really watermark the videos before encoding them (unless I have an encoded video per user - not feasible). I'm expecting this to affect the streaming performances a lot, though. Any idea how this can be done (possibly in an efficient way)?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 311 312 313 314 315 316 317 318 319 320 321 322  | Next Page >