Search Results

Search found 11453 results on 459 pages for 'hibernate session'.

Page 375/459 | < Previous Page | 371 372 373 374 375 376 377 378 379 380 381 382 | Next Page >

create cookie in web method

- by quantum62

i have a web method that check user in data base via a jquery-ajax method i wanna if client exists in db i create a cookie in client side with user name but i know that response is not available in staticmethod .how can i create a cookie in a method that call with jquery ajax and must be static. its my code that does not work cuz response is not accesible if (olduser.Trim() == username.Trim() && password.Trim()==oldpass.Trim()) { retval =olduser; HttpContext context = HttpContext.Current; context.Session[retval.ToString()] = retval.ToString(); HttpCookie cook = new HttpCookie("userath"); cook["submituser"] = "undifiend"; Response.Cookies.Add(cook); }

Read the article
RST packet sent by the server

- by intoTHEwild

I am developing a client in Flash and using http req/resp to communicate with the server. For a while the session works fine and then the connection is terminated by the server. I did a wireshark sniff at the server and the last message which it sends is a RST packet. Also it happens only when I'm using IE and the server and client are in different domains. This does not happen in FireFox. I have been struggling to find a sol, till I found this thread. It's a bit old but I hope I could get some help. I am not sure if this bit of info is important but I am connecting to the server via a gateway. Any clue or suggestions for where should I look into to locate the problem ?

Read the article
Using setSourceType with image picker up hides status bar

- by Aaron

I am pretty sure this is a bug but I thought I would check. I used the camera overlay to add a button so that on the iphone a user can switch from the camera view to the photo library. When button is taped the source type switches fine but the status bar is missing from the photo library. Throughout the rest of that session the status bar remains missing from all views evet thougth isStatusBarHidden reports NO. This is how the camera overlay view is created if (cameraOverlayView == nil) { [[NSBundle mainBundle] loadNibNamed:@"CameraOverlayView" owner:self options:nil]; } If camera is available this is when I set source type and add overlay if ([UIImagePickerController isSourceTypeAvailable:UIImagePickerControllerSourceTypeCamera]) { [imagePicker setSourceType:UIImagePickerControllerSourceTypeCamera]; [imagePicker setCameraOverlayView:cameraOverlayView]; } Here is the action statement to change source type. (IBAction)selectImage; { [imagePicker setSourceType:UIImagePickerControllerSourceTypePhotoLibrary]; } If I don't tap the button on the overlay there is no problem with the status bar. PS. I did submit a bug report on this.

Read the article
Security in API authentication

- by Carlos

We are in the process of revamping our server side API, and we need to manage security. Our current model requires that a credentials object (containing user, password, and pin) be included in each method invocation. Our development team, however, has decided that we should have session objects instead (which is fine by me), but the new credentials are just a GUID. This is very different from what I've seen in other APIs in our industry, so I'm a bit concerned about how secure the new model will be. I asked them if they had analyzed both alternatives, and they said they haven't. Does anyone know if there're any clear advantages, disadvantages, risks, etc. of using a set of credentials versus just one element (complex as it may be)? PS: the communication channel would be secure in either case, and it's separate from this particular topic

Read the article
Need help configuring SQL Server CE connections string in Fluent NHibernate

- by Yoav

Hi, I'm trying to return a session factory using this code: return Fluently.Configure() .Database(MsSqlCeConfiguration.Standard.ShowSql().ConnectionString(path)) .Mappings(m => m.FluentMappings.AddFromAssemblyOf<Project>()) .BuildSessionFactory(); Path is the full path to an .sdf file. And get this exception: System.ArgumentException: Format of the initialization string does not conform to specification starting at index 0. at System.Data.SqlServerCe.ConStringUtil.GetKeyValuePair(Char[] connectionString, Int32 currentPosition, String& key, Char[] valuebuf, Int32& vallength, Boolean& isempty) What am I doing wrong?

Read the article
Security approach in web application

- by meep

Hello everyone. I am designing a web application in ASP.NET / C# where each registered user has the ability to add/modify/delete rows based on their user-id. Take this example: I am going to edit my route on the page /route.aspx?routeid=854 which belongs to me (user-id: 1). But because I am a curious guy I try to access /route.aspx?routeid=855 which belongs to another user (user-id: 2). How can I best avoid people from accessing other peoples data? Should I send each user id (from session) with each database-call, should I validate user/password on every page load or what is the best and most secure approach? I hope I made this clear enough.

Read the article
How to generate a random alpha-numeric string in Java

- by Todd

I've been looking for a simple java algorithm to generate a pseudo-random alpha-numeric string. In my situation it would be used as a unique session/key identifier that would "likely" be unique over 500K+ generation (my needs don't really require anything much more sophisticated) . Ideally I would be able to specify a length depending on my uniqueness needs. For example, a generated string of length 12 might look something like "AEYGF7K0DM1X". Answers: I like @Apocalisp and @erickson's answers equally well. The only downside to @Apocalisp's answer is it requires an apache class. Thanks to both for the help!

Read the article
Why is the 'if' statement considered evil?

- by Vadim

I just came from Simple Design and Testing Conference. In one of the session we were talking about evil keywords in programming languages. Corey Haines, who proposed the subject, was convinced that if statement is absolute evil. His alternative was to create functions with predicates. Can you please explain to me why if is evil. I understand that you can write very ugly code abusing if. But I don't believe that it's that bad.

Read the article
Basic date/time manipulation in NHiberate query

- by Yann Trevin

I'm trying to restrict my NHibernate query with some basic date/time manipulation. More specifically, I want to execute the following statement (pseudo-SQL): select * from article where created_on + lifespan >= sysdate with: created_on is mapped to a property of type DateTime. lifespan is mapped to a property of type TimeSpan. sysdate is the current date/time (of the database server or ofthe application host, I don't care) Is there any built-in way to do that by using the Criteria-API or HQL? return session .CreateCriteria<Article>() .Add( ? ) .List<Article>();

Read the article
Custom User Management for Google App Engine Java

- by Gopi

I am using GAE Java for a multi-user application. There are multiple users with different roles. Each user can login, do some operations and logout. The business restricts me from using Google User Service and I need to implement my own for authentication and session management. Can anyone please share with me how should I go about implementing my own user management? I have read its very tricky to implement own user management. Any pointers in terms of best approaches/ design / existing frameworks if any ? I could see some similar posts but they are for python.

Read the article
Code igniter authentication code in controller security question

- by Prime Studios

I have a main controller to handle the very front-end of my authentication system, it handles login, logout, update user info, etc. functions that I anticipate calling by POST'ing from views/forms. What about something like a "delete_user" function though? My thoughts are a button in someones admin panel would say "Delete Account" and it would post to "/auth/delete", and the function would delete the user based on their session username or id. This seems a bit open ended, you could send out a link to someone and when they opened it while in that application it would delete their account.. Whats the best way to handle this?

Read the article
php - upload script mkdir saying file already exists when same directory even though different filename

- by neeko

my upload script says my file already exists when i try upload even though different filename <?php // Start a session for error reporting session_start(); ?> <?php // Check, if username session is NOT set then this page will jump to login page if (!isset($_SESSION['username'])) { header('Location: index.html'); } // Call our connection file include('config.php'); // Check to see if the type of file uploaded is a valid image type function is_valid_type($file) { // This is an array that holds all the valid image MIME types $valid_types = array("image/jpg", "image/JPG", "image/jpeg", "image/bmp", "image/gif", "image/png"); if (in_array($file['type'], $valid_types)) return 1; return 0; } // Just a short function that prints out the contents of an array in a manner that's easy to read // I used this function during debugging but it serves no purpose at run time for this example function showContents($array) { echo "<pre>"; print_r($array); echo "</pre>"; } // Set some constants // Grab the User ID we sent from our form $user_id = $_SESSION['username']; $category = $_POST['category']; // This variable is the path to the image folder where all the images are going to be stored // Note that there is a trailing forward slash $TARGET_PATH = "img/users/$category/$user_id/"; mkdir($TARGET_PATH, 0755, true); // Get our POSTed variables $fname = $_POST['fname']; $lname = $_POST['lname']; $contact = $_POST['contact']; $price = $_POST['price']; $image = $_FILES['image']; // Build our target path full string. This is where the file will be moved do // i.e. images/picture.jpg $TARGET_PATH .= $image['name']; // Make sure all the fields from the form have inputs if ( $fname == "" || $lname == "" || $image['name'] == "" ) { $_SESSION['error'] = "All fields are required"; header("Location: error.php"); exit; } // Check to make sure that our file is actually an image // You check the file type instead of the extension because the extension can easily be faked if (!is_valid_type($image)) { $_SESSION['error'] = "You must upload a jpeg, gif, or bmp"; header("Location: error.php"); exit; } // Here we check to see if a file with that name already exists // You could get past filename problems by appending a timestamp to the filename and then continuing if (file_exists($TARGET_PATH)) { $_SESSION['error'] = "A file with that name already exists"; header("Location: error.php"); exit; } // Lets attempt to move the file from its temporary directory to its new home if (move_uploaded_file($image['tmp_name'], $TARGET_PATH)) { // NOTE: This is where a lot of people make mistakes. // We are *not* putting the image into the database; we are putting a reference to the file's location on the server $imagename = $image['name']; $sql = "insert into people (price, contact, category, username, fname, lname, expire, filename) values (:price, :contact, :category, :user_id, :fname, :lname, now() + INTERVAL 1 MONTH, :imagename)"; $q = $conn->prepare($sql) or die("failed!"); $q->bindParam(':price', $price, PDO::PARAM_STR); $q->bindParam(':contact', $contact, PDO::PARAM_STR); $q->bindParam(':category', $category, PDO::PARAM_STR); $q->bindParam(':user_id', $user_id, PDO::PARAM_STR); $q->bindParam(':fname', $fname, PDO::PARAM_STR); $q->bindParam(':lname', $lname, PDO::PARAM_STR); $q->bindParam(':imagename', $imagename, PDO::PARAM_STR); $q->execute(); $sql1 = "UPDATE people SET firstname = (SELECT firstname FROM user WHERE username=:user_id1) WHERE username=:user_id2"; $q = $conn->prepare($sql1) or die("failed!"); $q->bindParam(':user_id1', $user_id, PDO::PARAM_STR); $q->bindParam(':user_id2', $user_id, PDO::PARAM_STR); $q->execute(); $sql2 = "UPDATE people SET surname = (SELECT surname FROM user WHERE username=:user_id1) WHERE username=:user_id2"; $q = $conn->prepare($sql2) or die("failed!"); $q->bindParam(':user_id1', $user_id, PDO::PARAM_STR); $q->bindParam(':user_id2', $user_id, PDO::PARAM_STR); $q->execute(); header("Location: search.php"); exit; } else { // A common cause of file moving failures is because of bad permissions on the directory attempting to be written to // Make sure you chmod the directory to be writeable $_SESSION['error'] = "Could not upload file. Check read/write persmissions on the directory"; header("Location: error.php"); exit; } ?>

Read the article
gdb stack strangeness

- by aaa

Hi I get this weird backtrace (sometimes): (gdb) bt #0 0x00002b36465a5d4c in AY16_Loop_M16 () from /opt/intel/mkl/10.0.3.020/lib/em64t/libmkl_mc.so #1 0x00000000000021da in ?? () #2 0x00000000000021da in ?? () #3 0xbf3e9dec2f04aeff in ?? () #4 0xbf480541bd29306a in ?? () #5 0xbf3e6017955273e8 in ?? () #6 0xbf442b937c2c1f37 in ?? () #7 0x3f5580165832d744 in ?? () ... Any ideas why i cant see the symbols? Compiled with debugging syms of course. The same session gives symbols at other points.

Read the article
Testing Zend_Controller wich is using Twitter API

- by ArneRie

Hi, iam trying to write an unit test for an Controller wich calls the Twitter API through an Service class. /** * Authenticate Step 1 for Twitter */ public function authenticateAction() { $this->service->authenticate(); } The Service does: /** * Authenticate with twitter * * @return void */ public function authenticate() { $consumer = new Zend_Oauth_Consumer($this->config); $token = $consumer->getRequestToken(); $this->session->twitterRequestToken = serialize($token); $consumer->redirect(); exit; } My Problem is, i have no idea to repleace the authenticate action inside the service for the unit test. I dont want to call the Twitter API while the tests run. Is there any Mocking Framework wich can do such things?

Read the article
SQLAlchemy declarative syntax with autoload in Pylons

- by Juliusz Gonera

I would like to use autoload to use an existings database. I know how to do it without declarative syntax (model/_init_.py): def init_model(engine): """Call me before using any of the tables or classes in the model""" t_events = Table('events', Base.metadata, schema='events', autoload=True, autoload_with=engine) orm.mapper(Event, t_events) Session.configure(bind=engine) class Event(object): pass This works fine, but I would like to use declarative syntax: class Event(Base): __tablename__ = 'events' __table_args__ = {'schema': 'events', 'autoload': True} Unfortunately, this way I get: sqlalchemy.exc.UnboundExecutionError: No engine is bound to this Table's MetaData. Pass an engine to the Table via autoload_with=<someengine>, or associate the MetaData with an engine via metadata.bind=<someengine> The problem here is that I don't know where to get the engine from (to use it in autoload_with) at the stage of importing the model (it's available in init_model()). I tried adding meta.Base.metadata.bind(engine) to environment.py but it doesn't work. Anyone has found some elegant solution?

Read the article
Embed remote desktop in browser

- by Shaun_web

I would like to embed a Remote Desktop session within my browser. I must use remote desktop because my clients can't install any additional software on the server. Here are some problems that I can already foresee: 1) I believe that I can embed an RDP ActiveX control, but then all I could support is IE. And even then, IE lockdown may forbid ActiveX controls. 2) I don't know anything about Apple computers, but I presume that they don't inherently run RDP? 3) I think there are ways to run RDP through a Java control. I don't have experience to know if this is a good or bad idea. I suppose that Java may even be disabled on some browsers, but don't know if this is a common case? So, what options have I got here to make this work reliably? I presume that I may need some default options (ie ActiveX), and then some fallback options (ie Java), and code to identify the correct option each time.

Read the article
Can I pop up alert in javascript using php.

- by Shantanu Gupta

I want to trigger javascript alert using PHP. Is it possible I want to use it in head section, for displaying it at load time. <head> <?php $valid="valid"; if(!isset($valid)) echo "<script type=\"text/javascript\"> alert('Hi');</script>"; ?> </head> EDIT i want to display javascript alert() at load time after checking existance of session

Read the article
getting a gridview and dropdownlist to remember their states after navigate away and back button scr

- by nat

hi i have a page filling a gridview which is all working fine. the grid is basically the result of a search .. the filters for which are a number of dropdowns and a couple of textboxes the data from the grid and dropdowns are saved in the session and the whole page lives inside an updatepanel when i navigate away from the page (as it happens by clicking a link inside the grid) and then back button to it, all the droppers are back to their unselected values and the grid is nowhere to be seen.. i understand that this is because of the scriptmanager doesnt do 'standard' postbacks so the browser doesnt realise what has happened. however i have set the EnableHistory to true in the scriptmanager is there an easy way to get this to remember without dropping the updatepanel/scriptmanager? also to complicate things further the scriptmanger /updatepanel is actually in a master page. so not really sure how i can get the navigate bits to work in the scriptmanager.. clearly i am a bit confuised and any help that someone could provide would be happily received thanks nat

Read the article
Web services Authentication Jungle

- by redben

I have been doing some research lately about best approaches to authenticating web services calls (REST SOAP or whatever). But none of the Approaches convinced me... But i still can't a make a choise... Some talk about SSL and http basic authentication -login/password- which just seems weird for a machine (i mean having to assign a login/password to a machine, or is it not ?). Some others say API keys (seems like these scheme is more used for tracking and not realy for securing). Some say tokens (like session IDs) but shouldn't we stay stateless (especially if in REST style) ? In my use case, when a remote app is calling one of our web services, i have to authenticate the calling application obviously, and the call must - if applicable - tell me which user it impersonates so i can deal with authorization later. Any thoughts ?

Read the article
Where to maintain common information, that could be accessed by all forms

- by The King

Hi All, This is my first winform app in .NET... I have made a couple of ASP.NET app... In this app, I have some common variables, like current user name, his selected process etc.. etc.. This should be made accessible from all forms in the app at any time... How could I do this... Is there any place like "Session" in ASP.NET here... Further How do coders generally pass information from one form to another... Here I want to pass on the info I acquired in the first form to the subsequent forms... I use constructor overloading and pass the values as parameters... I'm pretty sure there has to be a better way to do it... Thanks for your time...

Read the article
request payload versus query string parameters

- by Sarah Sides

I am absolutely in the dark when it comes to this request payload that I'm seeing in my Chrome browser. A Query string will have a variable attached like session:2g0SoEE but this payload has just one long string I'm guessing is in base64. I do understand that the request payload can have whatever, but how do I use it? Can I do a post with jquery and send this request payload? For example: $.post(url, {variable: "variable"}, function(data){}); When this posts it will send &variable=variable this will be found as query string parameter in the headers sent in chrome. In this game I'm playing I see another piece of info being sending in the header called a payload request. I'm a confused as to how this is read, used, made, how I can reduplicate this? Here is something similar: Chrome is caching an HTTP PUT request and How to retrieve Request Payload

Read the article
NHibernate 'IdentifierGenerationException' on an Update trigger

- by Jan Jongboom

In my database I have an id column defined as [autonumber] [int] IDENTITY(1,1) NOT NULL which is mapped in my .hbm.xml like: <id name="Id" column="autonumber" type="int"> <generator class="identity" /> </id> When calling session.Save() updates are successful committed to the database. When adding a versioning trigger I however get the error this id generator generates Int64, Int32, Int16 of type IdentifierGenerationException. The trigger is defined as: ALTER TRIGGER [dbo].[CatchUpdates_NVM_FDK_Kenmerken] ON [dbo].[NVM_FDK_Kenmerken] INSTEAD OF UPDATE AS BEGIN SET NOCOUNT ON UPDATE NVM_FDK_Kenmerken SET idIsActive = 0 WHERE internalId IN (SELECT internalId FROM INSERTED) INSERT INTO dbo.NVM_FDK_Kenmerken ( vestigingNummer , internalId , someOtherColumns, dateInserted, idIsActive ) SELECT vestigingNummer, internalId, someOtherColumns, GETDATE(), 1 FROM INSERTED END What am I doing wrong here? When doing manual updates everything works just fine and as expected.

Read the article
PHP: passing GET between multiple pages

- by aterimperator

I'm building a set of pages where I have a number of GET variables and it is often valuable to keep passing it along to the next page. This leads to ugly code where I have to have "if this $_GET variable is set, dynamically add it to this hyperlink". This is, in many senses, not a problem; but I had the thought "there must be a better way to do this", I mean after all basically all I want is to take the '?' and everything after it and append it to the links on that page, it would seem this should be rather simple (or at least possible to do in a for loop). I tried google searching but couldn't find anything, so I figured I'd see if any of you happen to know. Why not use SESSION? Because these pages need to be capable of being bookmarked. Thank you.

Read the article
Trigger local program execution from browser

- by DroidIn.net

First and foremost: I know it's not right or even good thing to do but my current customer will not cave in. So here's what he is asking for (this is for in-house-behind-a-firewall-etc project). In the web report I need to supply a link which points to the executable script that lives on the universally mapped location (network file server). When user clicks on it it is expected to run on the local client starting local executable which should be pre-installed on the client's box. It should be agnostic to OS (Windows or Linux) and the browser used. Customer doesn't mind to click on angry pop-up alerts but he wants to do it once per client browser (or at minimum - session). QUESTION: Will trusted Java applet be able to do it? Or is the any other (better, simpler) ways of achieving the same? ActiveX control is out of question

Read the article
Ora-01000 - maximum open cursors exceeded error

- by PeteDaMeat

I am receiving the following error message within my Delphi/Oracle application "ora-01000 - maximum open cursors exceeded". The code is as follows: begin for i := 0 to 150 do begin with myADOQuery do begin SQL.Text := 'DELETE FROM SOMETABLE'; ExecSQL; -- from looking at V$OPEN_CURSOR a new cursor is added on each iteration for the session Close; -- thought this would close the cursor but doesn't end; end; end; I'm aware I can resolve the problem by simply increasing the number of OPEN_CURSORS parameters, however, I would rather find a solution whereby the cursor is closed after the query is executed. Any ideas? Delphi 2006 BDS Oracle 10g

Read the article

< Previous Page | 371 372 373 374 375 376 377 378 379 380 381 382 | Next Page >