Search Results

Search found 41147 results on 1646 pages for 'database security'.

Page 354/1646 | < Previous Page | 350 351 352 353 354 355 356 357 358 359 360 361  | Next Page >

• Disadvantages of hard coding credentials? What's the resolution?

  - by SeeBees

  I am building a Sharepoint web part that will be used by all users. The web part connects to a web service which needs credentials with higher privileges than common users. I hard coded credentials in the web part's code. query.Credentials = new System.Net.NetworkCredential("username", "password", "domain"); query is an instance of the web service class This may not be a good approach. In regard with security, source code of the web apart is available to people who are not allowed to see the credential. This is bad enough, But is there any other drawback of this approach? How to prevent hard coding credentials into the source code? Thanks

  Read the article

• Reason to use more cookies than just a session hash for authentication?

  - by dierre

  I usually hang out in a community using vBulletin as its bulletin board. I was looking at what this software saves as cookie in my browser. As you can see it saves 6 cookies. Amongst them, what I consider to be important for authentification are: ngivbsessionhash: hash of the current session ngivbpassword: hash of the password ngivbuserid: user's id Those are my assumptions of course. I don't know for sure if ngilastactivity and ngilastvisit are used for the same reason. My question is: why use all these cookie for authentication? My guess would be that maybe generating a session hash would be to easy so using the hashedpassword and userid adds security but what about cookie spoofing? I'm basically leaving on the client all fundamental informations. What do you think?

  Read the article

• How are CD Keys generated?

  - by The Rook

  CD Keys are the defacto-standard as an anti-piracy measure. To be honest this strikes me as Security Though Obscurity, although I really have no idea how CD Keys are generated. What is a good (secure) example of CD Key generation? What cryptographic primitive (if any) are they using? Is it a message digest? If so what data would they be hashing? What methods do developers employ to make it difficult for crackers to build their own key generators?

  Read the article

• Sqlite database entries pass to array list?

  - by Rjay Guillermo Baltazar

  This is my code in getting the question into SQLite Database . I want to pass the questions into array list ? is it possible to my code ? Thanks for your help . public String getquestions() { // TODO Auto-generated method stub String[] sqlSelect = { "0 _id", "question", "answer" }; String sqlTables = "mytables"; SQLiteDatabase db = getWritableDatabase(); SQLiteQueryBuilder qb = new SQLiteQueryBuilder(); qb.setTables(sqlTables); String result = ""; c = qb.query(db, sqlSelect, null, null, null, null, null); int id = c.getColumnIndex(ID); int question = c.getColumnIndex(ROW1); int answer = c.getColumnIndex(ROW2); c.moveToFirst(); result = result + c.getString(question) + c.getString(count); return result; }

  Read the article

• How do I calculate a good hash code for a list of strings?

  - by Ian Ringrose

  Background: I have a short list of strings. The number of strings is not always the same, but are nearly always of the order of a “handful” In our database will store these strings in a 2nd normalised table These strings are never changed once they are written to the database. We wish to be able to match on these strings quickly in a query without the performance hit of doing lots of joins. So I am thinking of storing a hash code of all these strings in the main table and including it in our index, so the joins are only processed by the database when the hash code matches. So how do I get a good hashcode? I could: Xor the hash codes of all the string together Xor with multiply the result after each string (say by 31) Cat all the string together then get the hashcode Some other way So what do people think? (If you care we are using .NET and SqlServer)

  Read the article

• share image with url from database

  - by LauroSkr

  In my PHP web site will have a text converted to jpeg file,so it is a image. I want that i give users option to share the image. every image will have unique url so they can share image on facebook,twitter , do i need to put images with their url in mysql database or you do it in cloud? user will write text and then script will convert it to image and show it as image. then i want to provide user that he/she can share their created image. It would be great if you could provide me with a link or tutorial for my problem. Dont be hard on beginners,you were all in the same boat.. Thanks, LauroSkr

  Read the article

• android, find the nearest location without going through all the locations

  - by Marwan

  I am building a taxi dispatching app first: I need the passenger app to show the nearest taxis, now I know how to do that in code but in my way I have to go through all the taxis locations(in database on server) and calculate the distance from the passenger location and get the lowest ones - I don't want to do this because there will be a lot of taxis and going through all of them and making some math is kind of pain on the server- is there a way to get the nearest ones without going through all of them? second: what the best database to use - first, should it be sql or non-sql - I need a very robust database, because there will be a lot of updates (I mean the passengers locations added then deleted when arriving to destination && the taxis location changes frequently) finally: I will use RubyOnRails to do the server side and json as data transfer format, do you have a recommendation to me on something better? Thanks

  Read the article

• Magento coupon entities in database

  - by koramaiku

  I'm trying to develop a Magento plugin which involves using coupons. Apparently after looking around I found I found a source that mentions use of a 'salesrule' table for coupons. However when I looked at my database i couldn't find it. However I did find 3 tables that had mention 'coupon' called 'coupon_aggregated', 'coupon_aggregated_order', and 'coupon_aggregated_updated'. I just wanted to know what is the difference between the 3 tables so I can start using them? I am on the latest version of Magento. Thanks guys in advance.

  Read the article

• How to localize static content in database with Django

  - by man with python

  My app has tables for languages and countries (actually django-countries at the moment, but open for suggestions). The tables are populated when I initialize the database and remain static after that. What would be the ideal localization mechanism for the contents of these tables, so that I can show the country and language names to users in their chosen site language? I'm aware of projects like django-multilingual and transdb, but IMO they are more suitable for dynamic content, i.e. stuff that's supposed to be modified. Please englighten me!

  Read the article

• How can I build a list of world geo locations and their relative geographical hierarchies?

  - by Nathan Ridley

  I want to build a database of geographical locations and would like to be able to identify locations that fall inside other locations. For example, The Empire State Building is going to have one geo-coordinate, but my database would be able to tell me that it falls inside Manhattan, which falls inside New York City, which is in the state of New York and so forth. I've been looking at OpenStreetMap which seems to have a pretty decent database but as best I can tell, I would need to create a set of polygon structures representing each region and then detect if a coordinate falls inside a given region's polygon. Is there a better way to do this, or is there a data source where all of this has already been calculated?

  Read the article

• Asynchronous database update in Django?

  - by Mark

  I have a big form on my site. When the users fill it out and submit it, most of the data just gets dumped to the database, and then they get redirected to a new page. However, I'd also like to use the data to query another site, and then parse the results. That might take a bit longer. It's not essential that the user sees these results right away, so I was wondering if it's possible to asynchronously call a function that will handle this, and then return an HttpResponse from my view like usual without making them wait? If so... how? Any particular libraries I should look at?

  Read the article

• The risk of granting to IUSR* NTFS permissions on a folder on the server

  - by vtortola

  I have two web applications that must share a file in the server file system. Both apps are inside of "Inetpub\wwwroot". The file cannot be accessed freely from outside, so it is in a folder out of "Inetpub". I have granted full NTFS permissions to the user "IUSR_whatever" (is the user that runs IIS in anonymous requests) in that folder. The folder has only that file, and has no other use. It works so far :) But, what is the risk? what should I be afraid of? As I see it, as long the folder is out of the "InetPub" cannot be accessed, and as long the apps don't have any security flaw like "path traversal" or server side code injection, it should be safe enough.... But I'm always keen to be wrong :) What do you think? May the file or even the server itself get compromised because of this? Thanks.

  Read the article

• referesh datagridview after database update in vb.net

  - by Gbolahan

  Dim myQuery = "UPDATE table1 SET data= CONCAT (data,'" & vbCrLf & "[ " & Date.Now() & " ]" & " " & "[" & getCN() & "]" & " " & txtTelenotes.Text & "[ item1 ]" & "') WHERE id='" & txtID.Text & "'" myCommand.Connection = conn myCommand.CommandText = myQuery myAdapter.SelectCommand = myCommand Dim myData As MySqlDataReader myData = myCommand.ExecuteReader() txtTelenotes.Text = "" dgvREcord.Refresh() tried refreshing the datagridview using dgvREcord.Refresh() but it does not load the changes form the database. Any help Pls.. Thanks.

  Read the article

• How to limit the number of connections to a SQL Server server from my tomcat deployed java applicati

  - by CJ

  I have an application that is deployed on tomcat on server A and sends queries to a huge variety of SQL Server databases on an server B. I am concerned that my application could overload this SQL Server database server and would like some way to preventing it making requests to connect to any database on that server if some arbitrary number of connections were already in existence and unclosed. I am looking at using connection pooling but am under the impression that this will only pool connections to a specific database on the SQL Server server, I want to control the total of these combined connections that will occur to many different databases (incidentally I can only find out the names of individual db's dynamically as they change day to day). Will connection pooling take care of this for me, are am I looking at this from the wrong perspective? I have no access to the configuration of the SQL Server server. Links to tutorials or working examples of your suggested solution are most welcome!

  Read the article

• Showing an image after loading it from sql database

  - by user330075

  I have a problem showing the image form database in a view Details and a ImageController. Inside the view I have: img src=Url.Action("GetFile","Image", new {id= Model.id}) and in controller: public FileContentResult GetFile(int idl) { //int idl = 32; SqlDataReader rdr; byte[] fileContent = null; ........... return File(,,); } When the view is called, function GetFile it just won't work. But if I cut out the parameter int id1 and I instantiate it as a variable it does work. public FileContentResult GetFile() { int idl = 32; SqlDataReader rdr; byte[] fileContent = null; ........... return File(,,); } Why?

  Read the article

• does it make sense to send password information during email communication from websites

  - by Samuel

  Most of the online sites on registration do send a link to activate the site and on any further correspondence with the end user they provide information about the site and also provide the login credentials with password in clear text (as given below) Username - [email protected] Password - mysecretpassword What would you do in such a case? From a usability perspective does it make sense to send the password information in clear text or should you just avoid sending this information. I was under the impression that most of the passwords are MD5 hashed before storing in the database and hence the service provider will not have any access to clear text passwords, is this a security violation?

  Read the article

• Archiving Database Tables using Java

  - by HonorGod

  My application demands archiving database tables between sybase and db2 and vice-a-versa and within(db2 to db2 and sybase to sybase) using java. I am trying to understand the best strategies around in terms performance, implementation, ease of use and scalability. Here is my current process - source and destination tables with the acceptable parameters (from java) are defined within xml. the application reads the source and destination configurations and execute them sequentially. destination is sometime optional when source is just deleting data from a specific table or when the source is just calling a stored procedure. dataset between source and destination is extremely large (in millions) From top of my head, it looks like I can define dependencies between multiple source and destination combination and have them execute in parallel in multiple treads. But will this improve any performance(i hope it will)? Are there any open-source frameworks for data archiving using java? Any other thoughts on the implements side will be really helpful. Thanks

  Read the article

• Web service accessing client database

  - by chupinette

  Hello all! I am new to web services and i have a question: Should a web service be able to access the client database? Sorry if i am not using the proper terms. Lets say i have a web service method called : GetCarDetails(string name) which will actually return details from car table. in this method i have an sql statement like SELECT * FROM car WHERE name = ?. In the client application, i have a textbox where i can input a name and a button on which when i click, fill a gridview. So im kinda confused, should the web service normally know that the client has a table called car?Please correct me if ive used the wrong terms. Thanks

  Read the article

• URIs vs Hidden Forms

  - by NateDogg

  I'm working in the Codeigniter framework, and want to send requests to my controller/model that have several variables involved. Is there a difference between passing those variables via a hidden form (i.e. using "post") as opposed to passing them through URIs (e.g. 'travel/$month/$day/')? What about security concerns? e.g. URIs: http://www.example.com/travel/$month/$day/ Hidden Form: form_hidden('month',$month); form_hidden('day',$day);

  Read the article

• SQL Script To Generate a Database Dictionary **With Linked Fields**

  - by Albert

  I would like to generate a Data Dictionary for a SQL Server 2008 database that has one row for each field, and the following columns: table_name field_name data_type link_table (for when the field in question is a foreign key) link_field (for when the field in question is a foreign key) I can get the first 3 columns with something like the SQL script below...but I don't know how to get the last two columns of foreign key information. INFORMATION_SCHEMA.TABLE_CONSTRAINTS gets close, but doesn't have the data I'm looking for. Can someone help with this point? SELECT TABLE_NAME,COLUMN_NAME,DATA_TYPE FROM INFORMATION_SCHEMA.COLUMNS Secondarily if anyone has any suggestions on additional fields which would be helpful please post.

  Read the article

• Sending passwords over the web

  - by Falmarri

  So I'm working on a mobile platform application that I'd like to have users authenticate over the web. I was wondering the best way to do security. The user is sending a password for HTTP to a php server wich authenticates against a mysql database on the same server. Obviously I don't want to send the password in plain text over the internet, but I also don't want to do 2 SHA hashes. This is what the server looks like (in pseudocode) $pass = $_POST['pass']; if ((get PASSWORD where USERNAME = USERNAME) == SHA($pass)) return PASS; This is pretty standard and I don't think there's any other way to do this. But I was wondering how I should prepare the data before sending it over the internet.

  Read the article

• WYSIWYG-editor with "add custom html feature" and secure (validated) html output?

  - by Tom

  I've been looking into some of the WYSIWYG editors (TinyMCE, FCKEditor, etc.) and they all seem to offer a lot of options. However, one vital feature that seems to lack is a simple "add custom html" option which would allow the user to input any of these embed-snippets you find all around the web these days, for example a youtube video. This is different than a "edit html/source" feature as that requires actual knowledge of html and there is the risk of the user writing invalid code. Another issue that I couldn't find much about is the output html. How would I make sure that this output causes no security invulnerabilities? Even when the user has the ability to add his own html? So, basically, is there an open source WYSIWYG editor which covers these 2 features?

  Read the article

• Updating my database

  - by Malcolm

  I am new with the subsonic, and I have a problem when trying to update the database from the sql server. I have created a gridview by still is not returning the updates results. can you please help me? its getting an error code on dc.AddMostaHse(); (Cannot implicity convert type 'void to 'object') Here is the code being done of DataAccess.cs page public void AddMostaHse() { Mosta.MostaHSE1 xx = new MostaHSE1(); xx.ID = 94; xx.FunctionLocation = "lza94"; xx.acno = 12; xx.Save(); } Binding it with the gridview. { DataAccess dc = new DataAccess(); gvtest.DataSource = dc.AddMostaHse(); gvtest.DataBind(); }

  Read the article

• MVC Forms Authentication with custom database

  - by AndrewVos

  I'm trying to get forms authentication working for an mvc site. I have a custom database with a users table, and I would like to do my own password validation. I am logging in my user like this: if (PasswordHasher.Hash(password) == dataUser.Password) { FormsAuthentication.SetAuthCookie(email, true); return true; } The problem is, when the session expires obviously the user has to login again. I am thinking I should be storing this Auth cookie in my users table? Update: I'm obviously in desperate need of more education in this area. I just noticed that the user stays authenticated even after an iisreset. I guess what I'm asking is how can I get persistent and non persistent authentication working properly. I want a user to not have to login again if they click "remember", and if they don't then their authentication should expire when the forms authentication is set to expire.

  Read the article

• Hibernate database connection configuration

  - by Alvin

  We have 2 different server environments using the same Hibernate configuration. One server has JNDI support for datasource, but the other does not. Currently the Hibernate configuration is configured to use JNDI, which is causing problem on the server that does not support JNDI. I have also tried to put the direct JDBC configuration together with JNDI configuration into the configuration file, but it looks like hibernate always favors JNDI over direct JDBC configuration if both exist. My question is, will it be the same if both JNDI and connection_provider configuration both exists? Will Hibernate still use JNDI over connection_provider? Or is there any way to change the precedence of the database connection property? I do not have access to the server all the time, so I thought I do ask the question before my window of the sever time. Thanks in advance.

  Read the article

< Previous Page | 350 351 352 353 354 355 356 357 358 359 360 361  | Next Page >