Search Results

Search found 12055 results on 483 pages for 'password complexity'.

Page 384/483 | < Previous Page | 380 381 382 383 384 385 386 387 388 389 390 391 | Next Page >

Circular database relationships. Good, Bad, Exceptions?

- by jim

I have been putting off developing this part of my app for sometime purely because I want to do this in a circular way but get the feeling its a bad idea from what I remember my lecturers telling me back in school. I have a design for an order system, ignoring the everything that doesn't pertain to this example I'm left with: CreditCard Customer Order I want it so that, Customers can have credit cards (0-n) Customers have orders (1-n) Orders have one customer(1-1) Orders have one credit card(1-1) Credit cards can have one customer(1-1) (unique ids so we can ignore uniqueness of cc number, husband/wife may share cc instances ect) Basically the last part is where the issue shows up, sometimes credit cards are declined and they wish to use a different one, this needs to update which their 'current' card is but this can only change the current card used for that order, not the other orders the customer may have on disk. Effectively this creates a circular design between the three tables. Possible solutions: Either Create the circular design, give references: cc ref to order, customer ref to cc customer ref to order or customer ref to cc customer ref to order create new table that references all three table ids and put unique on the order so that only one cc may be current to that order at any time Essentially both model the same design but translate differently, I am liking the latter option best at this point in time because it seems less circular and more central. (If that even makes sense) My questions are, What if any are the pros and cons of each? What is the pitfalls of circular relationships/dependancies? Is this a valid exception to the rule? Is there any reason I should pick the former over the latter? Thanks and let me know if there is anything you need clarified/explained. --Update/Edit-- I have noticed an error in the requirements I stated. Basically dropped the ball when trying to simplify things for SO. There is another table there for Payments which adds another layer. The catch, Orders can have multiple payments, with the possibility of using different credit cards. (if you really want to know even other forms of payment). Stating this here because I think the underlying issue is still the same and this only really adds another layer of complexity.

Read the article
HttpsURLConnection failing intermittently to the same URL

- by Arkaitz Jimenez

I think I'm experiencing the same as http://groups.google.com/group/android-developers/msg/9d37d64aad0ee357 This is Android 1.5 SDK. I happen to call several times below code(which is in a method) with the same url and it fails intermittently. When it fails, there is no exception, the stream is empty so the readConnection fails, and getResponseCode returns -1. Global caching is disabled, setDefaultUseCaches(false); I suppose there must be some kind of url connection object pool somewhere. Any idea on how can I workaround this? HttpURLConnection connection = null; try { URL url = new URL(this.url); connection = (HttpURLConnection) url.openConnection(); connection.setRequestProperty("Authorization", "basic " + Base64Coder.encodeString(user + ":" + password)); connection.setRequestProperty("User-Agent", userAgent); connection.connect(); readConnection(connection.getInputStream()); connection.disconnect(); } catch (IOException ex) { reportException(ex, connection.getResponseCode()) } catch (ParserException ex) { reportException(ex, connection.getResponseCode()) }

Read the article
How can I know if a file has been changed in .NET C#?

- by Anthony D

I have an application that requires a secure way to store its configuration. There are users that can change the configuration. I need some sort of signature scheme where I can verify that the config file has not changed with out a valid user. I had thought about using RSA, where the private key is encrypted with the users password, and the public key is used to sign the config. However there is nothing to prevent someone from changing the user file and adding their own public key, thus circumventing my security. Any ideas?

Read the article
Impersonating a user in wrong domain doesn't throw exception

- by Rita

I've used the common impersonation code and it worked just fine, until I inserted random 'dggdgsdg' in domain - and it worked nonetheless... if (LogonUser(Username, Domain, Password, Logon32LogonInteractive, Logon32ProviderDefault, ref existingTokenHandle) && DuplicateToken(existingTokenHandle, (int)SecurityImpersonationLevel.SecurityDelegation, ref duplicateTokenHandle)) { Identity = new WindowsIdentity(duplicateTokenHandle); ImpersonationContext = Identity.Impersonate(); } else { throw new Win32Exception(Marshal.GetLastWin32Error()); } I used some TestUser on my domain, and it worked. I then switched domain, to random nonsense 'werwerhrg', and it impersonated the TestUser on my domain! Why? I would expect an exception to be thrown, why on earth is it working?

Read the article
Selecting two field in MySQL with PHP

- by Crays

Hi guys, i'm relatively new to php and mysql and would like to know how to select two value in mysql with php. What i have is $query = sprintf("SELECT COUNT(id) FROM table WHERE UPPER(username) = UPPER('%s') AND password='%s'"... in this case, i'm only selecting and count if the id exist and i use list($count) = mysql_fetch_row($result); if($count == 1) and by using cookies, i would like to retrieve two value from the database, namely user (the user's name) and power (which has value of 1,2 or 3, indicating the menu they would be able to see) basically it is to differentiate if you're admin or normal user, but i wonder if i could do SELECT COUNT(id) AND power FROM table WHERE ... is this possible? or is there any other way? Please guide me, thanks.

Read the article
.NET connecting to oracle problems with the connectionstring

- by Oxymoron

At the moment I'm trying to make a connection to a local server. Connecting via, say, TOAD works fine. When I try to connect using .NET I get ora-12154. Which puzzles me, since I'm using the connectionstring from my TNSNAMES.ora file: XE = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = myPC)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = XE) ) ) As follows: private string connectionString = "Data Source=(DESCRIPTION =" +" (ADDRESS_LIST=(ADDRESS = (PROTOCOL = TCP)(HOST = myPC)(PORT = 1521)))" +" (CONNECT_DATA = (SERVER = DEDICATED)(SERVICE_NAME = XE));" +"User Id=sys;Password=zsxyzabc;"; Any ideas?

Read the article
Approaches for Content-based Item Recommendations

- by PartlyCloudy

Hello, I'm currently developing an application where I want to group similar items. Items (like videos) can be created by users and also their attributes can be altered or extended later (like new tags). Instead of relying on users' preferences as most collaborative filtering mechanisms do, I want to compare item similarity based on the items' attributes (like similar length, similar colors, similar set of tags, etc.). The computation is necessary for two main purposes: Suggesting x similar items for a given item and for clustering into groups of similar items. My application so far is follows an asynchronous design and I want to decouple this clustering component as far as possible. The creation of new items or the addition of new attributes for an existing item will be advertised by publishing events the component can then consume. Computations can be provided best-effort and "snapshotted", which means that I'm okay with the best result possible at a given point in time, although result quality will eventually increase. So I am now searching for appropriate algorithms to compute both similar items and clusters. At important constraint is scalability. Initially the application has to handle a few thousand items, but later million items might be possible as well. Of course, computations will then be executed on additional nodes, but the algorithm itself should scale. It would also be nice if the algorithm supports some kind of incremental mode on partial changes of the data. My initial thought of comparing each item with each other and storing the numerical similarity sounds a little bit crude. Also, it requires n*(n-1)/2 entries for storing all similarities and any change or new item will eventually cause n similarity computations. Thanks in advance! UPDATE tl;dr To clarify what I want, here is my targeted scenario: User generate entries (think of documents) User edit entry meta data (think of tags) And here is what my system should provide: List of similar entries to a given item as recommendation Clusters of similar entries Both calculations should be based on: The meta data/attributes of entries (i.e. usage of similar tags) Thus, the distance of two entries using appropriate metrics NOT based on user votings, preferences or actions (unlike collaborative filtering). Although users may create entries and change attributes, the computation should only take into account the items and their attributes, and not the users associated with (just like a system where only items and no users exist). Ideally, the algorithm should support: permanent changes of attributes of an entry incrementally compute similar entries/clusters on changes scale something better than a simple distance table, if possible (because of the O(n²) space complexity)

Read the article
Does anyone have an updated version of the SQLite .NET assembly, ie. SQLite 3.6.23.1 + possibly .NET

- by Lasse V. Karlsen

I'm at my wits end with the best .NET assembly version of SQLite, the one found at http://sqlite.phxsoftware.com. The only maintainer doesn't seem to have the time to update the library and it generally takes months, if not more, for newer versions to surface. Luckily, he has published the source code, so I'm hoping that someone else has made his/her own copy of it, and made the changes, and would be willing to share a copy. I've seen comments on the forums for the library to this effect, but sadly even the forum software seems to be grinding to a halt these days as password reminder emails seems to be lost to the big void, so I can't ask the few there that has said they have done it. So I'm here, hopefully the big userbase of StackOverflow can help. What I'm looking for: Updated with the latest changes to SQLite, ie. SQLite version 3.6.23.1 Possibly built for .NET 4.0 (I can do that if I can get a copy of working source) Does anyone have, or know of anyone, that has done this?

Read the article
Secure Gmail login on web browser from external Java program

- by Zach Scrivena

Is there a secure way of logging into a Gmail account on a web browser, from an external Java program? I know the following works, but is there a safer alternative? Desktop.getDesktop().browse(new URI( "https://www.google.com/accounts/ServiceLoginAuth?continue=http://mail.google.com/gmail" + "&service=mail&Email=LOGIN&Passwd=PASSWORD&null=Sign+in")); Clarification: The external Java program is GmailAssistant, a Gmail notifier that already uses the IMAP capabilities of JavaMail. I just need a way of allowing the user to access the account directly in a web browser.

Read the article
MySQL command-line tool: How to find out number of rows affected by a DELETE?

- by ambivalence

I'm trying to run a script that deletes a bunch of rows in a MySQL (innodb) table in batches, by executing the following in a loop: mysql --user=MyUser --password=MyPassword MyDatabase < SQL_FILE where SQL_FILE contains a DELETE FROM ... LIMIT X command. I need to keep running this loop until there's no more matching rows. But unlike running in the mysql shell, the above command does not return the number of rows affected. I've tried -v and -t but neither works. How can I find out how many rows the batch script affected? Thanks!

Read the article
php: security question

- by Syom

in my cms i have index.php, where client must enter username and password. if they are correct, he'll moove to admin.php, where the cms is. but now hacker can enter to cms/admin.php, so my security now is awful. i know, that i can use $_SESSION variable. index.php - i can give some value to $_SESSION['error']: $_SESSION['error'] = TRUE, and in admin.php just verify it admin.php if($_SESSION['error'] == TRUE) { my script here... } else header("Location: index.php"); but i want to rich this effect without SESSION. could you give me an idea, how can i do it? thanks

Read the article
DNS Problem in my notebook [closed]

- by air

i have windows 2003 server domain environment in my office. my server ip is: 192.168.1.2 if i put this IP in DNS of my laptop network card my folder SYNC works fine & also internet work fine in office. but internet did't work in my home for that i need to change DNS again to Auto & internet start working again. its too difficult to change cause some time i don't have administrative password. is there any solution to that? Thanks

Read the article
Hot to log in to a website using installed twill?

- by brilliant

Hello, everybody!!!! I have just successfully installed TWILL on my computer with the help of one very supportive member of "StackOverflow" (you can check it out HERE) and have tried to run one of the simple examples on the twill documentation page (you can see that page HERE). Here is that example: Let's say my username on www.slash.org is lynxye and my password is mammal. When I try to enter that exanple code into my Python prompt, I can only enter the first line of the code bexcause when I click on "Enter" to start a new line, I get some error messages right away: The same happens when I try to enter this code into my terminal: I think I miss out on some basics here. Perhaps, I need to create a file that would contain that code and then run that file somehow, but I really don't know where I need to create that file and with what extensdion. Can anyone, please, help me with this?

Read the article
Redirect into two different page after login.jsp according user category

- by Ryon

I have created a login.jsp with some login username and password. Users are categorized into A and B. Then I have to redirect each user according to the user category. I also need to retrieve the username in the next page. My form in login.jsp page is something like this: <form method="POST" action='<%= response.encodeURL("j_security_check") %>' Do I have to use javax.servlet.Filter? what should be added in web.xml? Anyone had an idea how to do it?

Read the article
Joomla! 2.5 use login data from another database

- by user1756746

I have a hard question. I'd like the joomla login does not use its own database for users/password but I want to use my database users with my table fields, my passwords etc.. I don't know from where start, I thought I could edit database request for login to my db or create a little script to automatically add the users on joomla database. I tried to see components/com_users/views/login/tmpl/default_login.php but it seems that there is nothing. Can someone help me figure out what to change? Maybe the simple thing is import my database users into database user joomla, is there any plugin or something else that you know? p.s. I use Clarion theme build on Gantry framework, Joomla! 2.5.6 Stable, PHP 5.2.17

Read the article
Posting within PHP and receiving only cookie

- by faya

Hello I have a question. It might be sound ridiculous, but let me explain what I want to accomplish. Right now I try to embed open source forum to by site and I want to leave forum and my site databases split. When my site users are logging in I want them also automatically be logged in to the forum system. For that I want to login within my PHP code after receiving username and password in post, but I don't know how I can get only cookies in response. I have found out that I can use curl_init(), curl_exec(), curl_close() functionality, but response from curl_exec returns whole response(page content, cookies, headers). Is there a way to receive only cookies? P.S. - If my design is totally wrong please give an advise how I can embed this functionality! I would be very thankful!

Read the article
Git Clone from SSH Repository

- by Mike Silvis

I used to be able to clone from my personal git repository but now i seem to be running into an error. user:dev.site.com mikesilvis$ git clone { my ssh directory } server@ipaddress's password: remote: Counting objects: 3622, done. remote: Compressing objects: 100% (2718/2718), done. error: git upload-pack: git-pack-objects died with error. fatal: git upload-pack: aborting due to possible repository corruption on the remote side. remote: aborting due to possible repository corruption on the remote side. fatal: early EOF fatal: index-pack failed It seems to be working however while I push files to the repository.

Read the article
Understanding CGI and SQL security from the ground up

- by Steve

This question is for learning purposes. Suppose I am writing a simple SQL admin console using CGI and Python. At http://something.com/admin, this admin console should allow me to modify a SQL database (i.e., create and modify tables, and create and modify records) using an ordinary form. In the least secure case, anybody can access http://something.com/admin and modify the database. You can password protect http://something.com/admin. But once you start using the admin console, information is still transmitted in plain text. So then you use HTTPS to secure the transmitted data. Questions: To describe to a learner, how would you incrementally add security to the least secure environment in order to make it most secure? How would you modify/augment my three (possibly erroneous) steps above? What basic tools in Python make your steps possible? Optional: Now that I understand the process, how do sophisticated libraries and frameworks inherently achieve this level of security?

Read the article
Is it possible to get Logged in user Non Restricted token from a service on Vista?

- by coolcake

Hello All, I need to create a process with integrity level high, so that it can do all the administrative tasks. But the created process should run in the current logged in desktop i.e. it should not run in session 0. By default only administrators will log on to the console. The service should launch the process, as service is running in session 0 and system account. Can it any how get the non restricted token and use it in CreateProcessAsUser, so that the process created does have integrity level of high or system. Is it possible? One more thing is i should get the non restricted token with out prompting for user name or password of the logged in user. Thanks

Read the article
Security when writing a PHP webservice?

- by chustar

I am writing a web service in PHP for the first time and had ran into some security problems. 1) I am planning to hash passwords using md5() before I write them to the database (or to authenticate the user) but I realize that to do that, I would have to transmit the password in plaintext to the server and hash it there. Because of this I thought of md5()ing it with javascript client side and then rehashing on the server but then if javascript is disabled, then the user can't login, right? 2) I have heard that anything that when the action is readonly, you should use GET but if it modifies the database, you should use POST. Isn't post just as transparent as GET, just not in the address bar?

Read the article
Servlet's doGet not called from JSP form

- by RadnaOdela

I have this code on my JSP page <form action="LoginServlet" method="get"> <input type="text" name="username" /> <input type="text" name="password" /> <input type="submit" value="Submit" /> </form> and when I press Submit I get: The page cannot be displayed The page you are looking for is currently unavailable. The Web site might be experiencing technical difficulties, or you may need to adjust your browser settings. and LoginServlet.doGet method doesn't get called. But then when I press Enter again (in address bar) my doGet method gets called. What is wrong? I am using JEE eclipse and Tomcat

Read the article
Streaming video using realnetwork helix

- by aspdotnetjunkie

Hi all and thanks in advance. I'm new to streaming media. I've just signed up for streaming services from gate.com for my website. They provided me with the following info. It says it's provided by realnetwork Helix This is all they gave me, with no instructions of how to do it. UN:media.mydomain.com Password:xxxxxx Hostname: rtsp://media.mydomain.com:554/media.mydomain.com/FileName.rm Questions: How do I upload videos to my new account? Can I play them using flash player? Thank you,

Read the article
Can phper give me some code snippet to consume the .net wcf service

- by Vincent

Hi, I can successfully make a call to wcf from php without WCF message security enabled. I search the whole forum and cannot find any clue. I'd like to know how can I pass the credential ? My WCF service use the basichttpbinding on SSL with Message security enabled. Here is my code snippet to call my wcf from .NET ServiceReference1.TestClient sc = new TestClient(); sc.ClientCredentials.UserName.UserName = "[email protected]"; sc.ClientCredentials.UserName.Password = "ABC123"; Console.WriteLine(sc.GetProfiledSchemas(412));

Read the article
Login form to an a secured app in tomcat

- by patricio

I have a normal HTML page in a normal Apache http server (http://yyy.yyy.yyy.yyy/index.html ), with an authentication form, with that form I need to access with the credentials to an application located in other server with diferent IP , that server have a secured application with tomcat: here is the login form in the apache http server: <form method="POST" id="theForm" action="http://xxx.xxx.xxx.xxx:8080/securedapp/j_security_check"> <input name="j_username" type="text" class="tx_form" id="j_username" size="20" /> <input name="j_password" type="password" class="tx_form" id="textfield2" size="20" /> <input name="btn" type="submit" value="login" /> </form> the submit only works random in chrome and dont work in IE and FF. im doing something wrong?

Read the article
Security question

- by Syom

in my cms i have index.php, where client must enter username and password. if they are correct, he'll moove to admin.php, where the cms is. but now hacker can enter to cms/admin.php, so my security now is awful. i know, that i can use $_SESSION variable. index.php - i can give some value to $_SESSION['success']: $_SESSION['success'] = TRUE, and in admin.php just verify it admin.php if($_SESSION['success'] == TRUE) { my script here... } else header("Location: index.php"); but i want to rich this effect without SESSION. could you give me an idea, how can i do it? thanks

Read the article

< Previous Page | 380 381 382 383 384 385 386 387 388 389 390 391 | Next Page >