Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 325/3920 | < Previous Page | 321 322 323 324 325 326 327 328 329 330 331 332  | Next Page >

  • How does Contract.Exists add value?

    - by Scott Bilas
    I am just starting to learn about the code contracts library that comes standard with VS2010. One thing I am running into right away is what some of the contract clauses really mean. For example, how are these two statements different? Contract.Requires(!mycollection.Any(a => a.ID == newID)); Contract.Requires(!Contract.Exists(mycollection, a => a.ID == newID)); In other words, what does Contract.Exists do in practical purposes, either for a developer using my function, or for the static code analysis system?

    Read the article

  • Do you use logical negation operator (!) in "if" statement or check on "== false"

    - by Taras Terebkov
    Hello everyone, I just want to conduct a little survey about code style developers prefer. For me there are two ways to write "if" in such languages as Java, C#, C++, etc. (1) Logical negation operator public void foo() { if (!SessionManager.getInstance().hasActiveSession()) { . . . . . } } (2) Check on "false" public void foo() { if (SessionManager.getInstance().hasActiveSession() == false) { . . . . . } } I always believe that first way is much worst then the second one. Cause usually you don't "read" the code, but "recognize" it in one brief look. And exclamation symbol slipped from your mind, just disturbing you somewhere on the bottom of your unconscious. And only during reading the "if" block below you understand, that the logic is opposite - no sessions in "if" On the other hand in the second way of writing, an eye immediately catches words "SessionManager", "hasActiveSession" and "false". Also for me, the situation with "true" is different. In code like class SessionManager { private bool hasSession; public void foo() { if (hasSession == true) { . . . . . } else { . . . . . } } } I find "true" superfluous. why we repeating the sentence two times? The following is shorter and quicker to catch. class SessionManager { private bool hasSession; public void foo() { if (hasSession) { . . . . . } else { . . . . . } } } What do YOU think, guys?

    Read the article

  • Access denied for user 'root@localhost' (using password:NO)

    - by Nasser Hajloo
    I'm new to mysql, I'm trying to run Wordpress inmy windows desktop and it need Mysql. I install everything with Web Platform Installer which provided by microsoft. I never seta root password for mysql and in final step of installing wordpressit askfor root password of mysql. What is the default password for root (if there is one) and how to change it? I try mysql -u root password '123' but it show me Access denied for user 'root@localhost' (using password:NO) after this I try mysql -u root -p but it ask for a password which I don't have Thank you in advance

    Read the article

  • code in xmlhttp.readyState==4 doen't get executed

    - by shazia
    function download() { if (window.XMLHttpRequest) {// code for IE7+, Firefox, Chrome, Opera, Safari xmlhttp=new XMLHttpRequest(); } else {// code for IE6, IE5 xmlhttp=new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange=function() { //alert(xmlhttp.readyState); if(xmlhttp.readyState==4 && xmlhttp.status==200) { alert (xmlhttp.responseText); } } xmlhttp.open("GET","import.php?file="+document.getElementById('uploaded_file').value,false); xmlhttp.send(); // location.reload(true); } if I put alert and monitor xmlhttp.readyState then it shows me that its status does turn 4 and it does go in the if statement, if I don't monitor it with alert then it doesn't go in the if statement but I know import.php is working because I can see the changes in the database. I don't know whats going on...can anyone help. Thanks

    Read the article

  • How secure is .htaccess protected pages

    - by Steven smethurst
    Are there any known flaws with htaccess protected pages? I know they are acceptable to brute force attacks as there is no limit to the amount of times someone can attempt to login. And a user can uploaded and execute a file on the server all bets are off... Anything other .htaccess flaws?

    Read the article

  • how can I reliably check that requests to my service file have come from my website?

    - by woot586
    I have a service.php class that I use to service AJAX calls from my website. To prevent other people accessing the service using PHP CURL I would normally check the request has come from mysite, and if they are not then just redirect to my home page e.g. if($_SERVER['HTTP_REFERER'] != "http://www.mysite.com"){ header('location: http://www.mysite.com'); exit; } I read in the PHP holy bible: http://www.php.net/manual/en/reserved.variables.server.php that "Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted." So if this method is not reliable, my question is how can I reliably check that requests to my service file have come from my website? Thanks for any help you can provide!

    Read the article

  • Is it possible to authenticate on another website?

    - by Blankman
    If I am on a website#1, and I enter my username/pwd for website#2 on a login page that is on website#1, and website#1, behind the scenes, makes a httpwebrequest to website#2 and posts to the login page. If I then navigate to website#2, should I be logged in? website#2 uses formsauthentication and I call a httpHandler that is on website#2 and pass it the username/password via the querystring. Should this work?

    Read the article

  • include() Why should I not use it?

    - by aliov
    I am working through an older php mysql book written in 2003. The author uses the include() function to construct html pages by including header.inc, footer.inc, main.inc files, etc. Now I find out that this is not allowed in the default ini settings, (allow_url_include is set to Off) after I got many warnings from the server. I noticed also that you can use include without the parenthesis. I tried this and it works and I get no error messages or warnings. Are the two different? That is, is include() different from include ?

    Read the article

  • MSV1_0 Subauthentication Package Registration

    - by BigShot
    Hi; I'm trying to register a simple MSV1_0 subauthentication package for MS Windows Server 2003. I created a dll which implements required functions described in MSDN. I copied my dll to system32 folder. After that, I created a registry key Auth255 (I also tried Auth128) with a REG_SZ value ,which specifies my dll name, to this location; HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0. I expect that it will create a test.txt file for debugging puposes when the dll is called, but it doesn't create the file. How can I make this work? MSDN Link for this topic; http://msdn.microsoft.com/en-us/library/aa374786%28VS.85%29.aspx

    Read the article

  • Can the user take the resource from the iPhone Apps?

    - by Tattat
    I know that the Apple Mac OS .app file is a collection of programs and data. I guest the iPhone is similar in this way. I can unzip a Mac OS .app to find the resource , images using this way. Can the iPhone App do the similar thing? I mean, can the user unzip the iPhone .app to get the resource/ img from that? thz.

    Read the article

  • Prevent Apache from answering invalid requests

    - by nickdnk
    I have an Apache web-server that acts as a web front-end for iPhone and iPad applications that communicate by POST and JSON only. Is there any way to prevent Apache from answering requests that are invalid? I can see my error log is filled with attempts to open files such as /admin.php /index.php etc - files that don't exist on my server. I believe this is possible with IIS, but can you do the same thing with Apache? Basically I want the request to appear timed out unless you post exactly the right content to the right file - or at least if you do not request an existing file. This would make the server appear non-existing to everyone but my iPhone users as all communication is SSL and directories are not really guess-able. I did disable the ServerTokens and all that, but I still get File not found etc. when I access the server requesting a random file, which is what these bots do constantly.

    Read the article

  • Rails - How to secure foreign keys and still allow association selection

    - by Bryce
    For simplicity, assume that I have a simple has-many-through relationship class User < ActiveRecord::Base has_many :courses, :through => :registrations end class Registration < ActiveRecord::Base belongs_to :user belongs_to :course end class Course < ActiveRecord::Base has_many :users, :through => :registrations end I want to keep my app secure, so I use attr_accessible to whitelist my attributes. My question is twofold: How would I set up my whitelist attributes such that I could create a new Registration object through a form (passing in :user and :course, but not risk allowing those foreign keys to be maliciously updated later? How would I set up my validations such that both belongs_to associations are required BUT also allow for Registration objects to be created in nested forms?

    Read the article

  • Is this valid Java code?

    - by Eric
    I'm using Eclipse, and it is perfectly happy with the following code: public interface MessageType { public static final byte KICK = 0x01; public static final byte US_PING = 0x02; public static final byte GOAL_POS = 0x04; public static final byte SHUTDOWN = 0x08; public static final byte[] MESSAGES = new byte[] { KICK, US_PING, GOAL_POS, SHUTDOWN }; } public class MessageTest implements MessageType { public static void main(String[] args) { int b = MessageType.MESSAGES.length; //Not happy } } However, the platform that I'm running it on crashes at the line marked above. By crash, think an equivalent of a BSOD. Is there anything wrong with my code, or do I need to pursue the developers of the Java VM for my platform?

    Read the article

  • html-embedded php code not executing when hosted on iis

    - by Jack
    <HTML> <HEAD> <META NAME="GENERATOR" Content="Microsoft Visual Studio .NET 7.1"> <TITLE></TITLE> </HEAD> <BODY> <?php echo '<p>Hello World</p>'; ?> </BODY> </HTML> When I run the above code in a browser, firefox renders it like this: Hello World '; ?> I am doing my coding in Windows XP/IIS 5.1. I have PHP set up correctly because I have no problem running .php files. The problem, it seems to me, is that IIS can't render php code embedded inside html. Does anyone know how to fix this problem or should i switch to Apache?

    Read the article

  • Tools for understanding large codebase

    - by 0tar0gz
    Hi! My whole life I have been programming in simple plain text editor. Lately, I was contemplating about joining an open source project which is fairly large and written in C. I downloaded the sources, started to look around, read this, forget that... Then I thought to myself: this can't be true. This is 21st century there must be some tool which would help me to understand the code, perhaps some kind of IDE or "code navigator". What flows from here to where, this typedef struct is just interface to that private type, this function is just #define from above, function called in this file is defined in that file, ... you get the idea. Dear Stack Overflow, is this 21st century? Is there something like this?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 321 322 323 324 325 326 327 328 329 330 331 332  | Next Page >