Search Results

Search found 24207 results on 969 pages for 'anonymous users'.

Page 388/969 | < Previous Page | 384 385 386 387 388 389 390 391 392 393 394 395  | Next Page >

  • Rails: Obfuscating Image URLs on Amazon S3? (security concern)

    - by neezer
    To make a long explanation short, suffice it to say that my Rails app allows users to upload images to the app that they will want to keep in the app (meaning, no hotlinking). So I'm trying to come up with a way to obfuscate the image URLs so that the address of the image depends on whether or not that user is logged in to the site, so if anyone tried hotlinking to the image, they would get a 401 access denied error. I was thinking that if I could route the request through a controller, I could re-use a lot of the authorization I've already built into my app, but I'm stuck there. What I'd like is for my images to be accessible through a URL to one of my controllers, like: http://railsapp.com/images/obfuscated?member_id=1234&pic_id=7890 If the user where to right-click on the image displayed on the website and select "Copy Address", then past it in, it would be the SAME url (as in, wouldn't betray where the image is actually hosted). The actual image would be living on a URL like this: http://s3.amazonaws.com/s3username/assets/member_id/pic_id.extension Is this possible to accomplish? Perhaps using Rails' render method? Or something else? I know it's possible for PHP to return the correct headers to make the browser think it's an image, but I don't know how to do this in Rails... UPDATE: I want all users of the app to be able to view the images if and ONLY if they are currently logged on to the site. If the user does not have a currently active session on the site, accessing the images directly should yield a generic image, or an error message.

    Read the article

  • File size monitoring in C#

    - by manemawanna
    Hello, I work in the Systems & admin team and have been given the task of creating a quota management application to try and encourage users to better manage there resources as we currently have issues with disc space and don't enforce hard quotas. At the moment I'm using the code below to go through all the files in a users homespace to retrieve the overall amount of space they are using. As from what I've seen else where theres no other way to do this in C#, the issue with it is theirs quite a high overhead while it retireves the size of each file then creates a total. try { long dirSize = 0; FileInfo[] FI = new DirectoryInfo("I:\\").GetFiles("*.*", SearchOption.AllDirectories); foreach (FileInfo F1 in FI) { dirSize += F1.Length; } return dirSize; } So I'm looking for a quicker way to do this or a quick way to monitor changes in the size of files while using the options avaliable through FileSystemWatcher. At the moment the only thing I can think of is creating a hashtable containing the file location and size of each file, so when a size changed event occurs I can compare the old size against the new one and update the total. Any suggestions would be greatly appreciated.

    Read the article

  • Password security; Is this safe?

    - by Camran
    I asked a question yesterday about password safety... I am new at security... I am using a mysql db, and need to store users passwords there. I have been told in answers that hashing and THEN saving the HASHED value of the password is the correct way of doing this. So basically I want to verify with you guys this is correct now. It is a classifieds website, and for each classified the user puts, he has to enter a password so that he/she can remove the classified using that password later on (when product is sold for example). In a file called "put_ad.php" I use the $_POST method to fetch the pass from a form. Then I hash it and put it into a mysql table. Then whenever the users wants to delete the ad, I check the entered password by hashing it and comparing the hashed value of the entered passw against the hashed value in the mysql db, right? BUT, what if I as an admin want to delete a classified, is there a method to "Unhash" the password easily? sha1 is used currently btw. some code is very much appreciated. Thanks

    Read the article

  • Using PHP Frameworks to get Web 2.0 or Ajax and Other Special Features

    - by user504958
    I'm still struggling to understand when or how to use a framework such as Zend or Yii. Here's some of the features I'm going to need on my next project and I don't understand frameworks well enough to know where the framework fits into the picture. I won't say exactly what the project is but think about something like Yelp or Merchant Circle, on a smaller scale of course - a directory project. It will contain a search box and links to all and/or popular categories. 1) Autosuggest in Search box. (I already know how to do this using jQuery) 2) Analyze the search terms entered into the search box to determine if they misspelled a word. Offer to correct the misspelling or automatically correct the word and show relevant results. 3) Offer items, links, or ads that are related to their search term. 4) Allow users to determine which fields are shown. 5) Allow users to sort the results however they choose. 6) Allow editing of records on a grid/list view. Post form without refreshing the page. Delete or Add records without going to a different page or reloading the current page.

    Read the article

  • Cast base class object to derived class

    - by Popgalop
    Lets say I have two classes, animal and dog like this. class Animal { }; class Dog : public Animal { }; And I have an animal object named animal, that is actually an instance of dog, how would I cast it back to dog? This may seem like an odd question, but I need it because I am writing a programming language interpreter, and on the stack everything is stored as a BaseObject, and all the other datatypes extend BaseObject. How would I cast the base object from the stack, to a specific data type? I have tried something like this Dog dog = static_cast<Dog>(animal); But it gives me an error 1>------ Build started: Project: StackTests, Configuration: Debug Win32 ------ 1> StackTests.cpp 1>c:\users\owner\documents\visual studio 2012\projects\stacktests\stacktests\stacktests.cpp(173): error C2440: 'static_cast' : cannot convert from 'Animal' to 'Dog' 1> No constructor could take the source type, or constructor overload resolution was ambiguous 1>c:\users\owner\documents\visual studio 2012\projects\stacktests\stacktests\stacktests.cpp(173): error C2512: 'Dog' : no appropriate default constructor available ========== Build: 0 succeeded, 1 failed, 0 up-to-date, 0 skipped ==========

    Read the article

  • Skipping nginx PHP cache for certain areas of a site?

    - by DisgruntledGoat
    I have just set up a new server with nginx (which I am new to) and PHP. On my site there are essentially 3 different types of files: static content like CSS, JS, and some images (most images are on an external CDN) main PHP/MySQL database-driven website which essentially acts like a static site dynamic PHP/MySQL forum It is my understanding from this question and this page that the static files need no special treatment and will be served as fast as possible. I followed the answer from the above question to set up caching for PHP files and now I have a config like this: location ~ \.php$ { try_files $uri =404; fastcgi_cache one; fastcgi_cache_key $scheme$host$request_uri; fastcgi_cache_valid 200 302 304 30m; fastcgi_cache_valid 301 1h; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/run/php-fastcgi/php-fastcgi.socket; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /srv/www/example$fastcgi_script_name; fastcgi_param HTTPS off; } However, now I want to prevent caching on the forum (either for everyone or only for logged-in users - haven't checked if the latter is feasible with the forum software). I've heard that "if is evil" inside location blocks, so I am unsure how to proceed. With the if inside the location block I would probably add this in the middle: if ($request_uri ~* "^/forum/") { fastcgi_cache_bypass 1; } # or possible this, if I'm able to cache pages for anonymous visitors if ($request_uri ~* "^/forum/" && $http_cookie ~* "loggedincookie") { fastcgi_cache_bypass 1; } Will that work fine, or is there a better way to achieve this?

    Read the article

  • Debug website on host from virtual machine

    - by Luchaguate
    I have a Windows 7 machine hosting a Windows 7 virtual machine. I am developing a web application using visual studio 2010 on my host machine. I want to run the application in debug mode and access my localhost server from a browser on the virtual machine. (The purpose of this is to be able to debug an application that uses Windows Authentication using different users without having to log off and on for different users on my host machine...) I am using a bridged connection for the virtual machine. I googled how to solve this problem and most of the threads that I found said that if I was using a bridged connection, I could access the server on the host machine by just entering the IP address of my host machine into the url in the browser of the virtual machine. I have tried some different urls using the IP but none of them have worked. As an example, suppose I run my web application in visual studio on my host machine and its url is http://localhost:62789/MyPage.aspx Assume also that I ran ipconfig in CommandPrompt on my host machine and found out that the IP address for my host machine is xxx.xxx.xxx.x. What url should I enter on the virtual machine to access my web application? Thanks in advance.

    Read the article

  • Removing HttpModule for specific path in ASP.NET / IIS 7 application?

    - by soccerdad
    Most succinctly, my question is whether an ASP.NET 4.0 app running under IIS 7 integrated mode should be able to honor this portion of my Web.config file: <location path="auth/windows"> <system.webServer> <modules> <remove name="FormsAuthentication"/> </modules> </system.webServer> </location> I'm experimenting with mixed mode authentication (Windows and Forms). Using IIS Manager, I've disabled Anonymous authentication to auth/windows/winauth.aspx, which is within the location path above. I have Failed Request Tracing set up to trace various HTTP status codes, including 302s. When I request the winauth.aspx page, a 302 HTTP status code is returned. If I look at the request trace, I can see that a 401 (unauthorized) was originally generated by the AnonymousAuthenticationModule. However, the FormsAuthenticationModule converts that to a 302, which is what the browser sees. So it seems as though my attempt to remove that module from the pipeline for pages in that path isn't working. But I'm not seeing any complaints anywhere (event viewer, yellow pages of death, etc.) that would indicate it's an invalid configuration. I want the 401 returned to the browser, which presumably would include an appropriate WWW-Authenticate header. A few other points: a) I do have <authentication mode="Forms"> in my Web.config, and that is what the 302 redirects to; b) I got the "name" of the module I'm trying to remove from the inetserv\config\applicationHost.config file; c) I have this element in my Web.config file: <modules runAllManagedModulesForAllRequests="false">; d) I tried a <location> element for the path in which I set the authentication mode to "None", but that gave a yellow exception page that the property can't be set below the application level. Anyone had any luck removing modules in this fashion?

    Read the article

  • Looking for resources to explain a security risk.

    - by Dave
    I've a developer which has given users the ability to download a zip archive which contains an html document which references a relative javascript file and flash document. The flash document accepts as one of it's parameters a url which is embedded in the html document. I believe that this archive is meant to be used as a means to transfer an advertisement to someone who would use the source to display the ad on their site, however the end user appears to want to view it locally. When one opens the html document the flash document is presented and when the user clicks on the flash document it redirects to this embedded url. However, if one extracts the archive on the desktop and opens the html document in a browser and clicks the flash object, nothing observable happens, they will not be redirected to the external url. I believe this is a security risk because one is transferring from the local computer zone to an external zone. I'm trying to determine the best way to explain this security risk in the simplest of terms to a very end user. They simply believe it's "broken" when it's not broken, they're being protected from a known vulnerability. The developer attempted to explain how to copy the files to a local iis instance, which I highly doubt is running on the users machine, and I do not consider this to be a viable explanation.

    Read the article

  • Quick and easy flood protection?

    - by James P
    I have a site where a user submits a message using AJAX to a file called like.php. In this file the users message is submitted to a database and it then sends a link back to the user. In my Javascript code I disabled the text box the user types into when they submit the AJAX request. The only problem is, a malicious user can just constantly send POST requests to like.php and flood my database. So I would like to implement simple flood protection. I don't really want the hassle of another database table logging users IPs and such... as if they are flooding my site there will be a lot of database read/writes slowing it down. I thought about using sessions, like have a session that contains a timestamp that gets checked every time they send data to like.php, and if the current time is before the timestamp let them add data to the database, otherwise send out an error and block them. If they are allowed to enter something into the database, update their session with a new timestamp. What do you think? Would this be the best way to go about it or are there easier alternatives? Thanks for any help. :)

    Read the article

  • Preloading data without messing up association when data is loaded the 2nd time.

    - by denniss
    This is how my model looks like User belongs_to :computer Computer has_many :user Users are created when people register for an account on the web site but computers are pre-loaded data that I create in seeds.rb/some .rake file. All is fine and good when the app is first launched and people start registering and get associated with the right computer_id. However, suppose I want to add another computer to the list Computer.destroy_all Computer.create({:name => "Akane"}) Computer.create({:name => "Yoda"}) Computer.create({:name => "Mojito"}) #newly added running the rakefile the second time around will mess up the associations because computer_id in the User table refer to the old id in Computer table. Since I have run the script above, the id keeps incrementing without any regard to the association that user has to it. Question: Is there a better way for me to pre-load data without screwing up my association? I want to be able to add new Computer without having to destroy the user's table. Destroying the computer table is fine with me and rebuilding it again but the old association that the existing users have must stay intact.

    Read the article

  • how to fetch more than 1000 entities NON keybased?

    - by user291071
    If I should be approaching this problem through a different method, please suggest so. I am creating an item based collaborative filter. I populate the db with the LinkRating2 class and for each link there are more than a 1000 users that I need to call and collect their ratings to perform calculations which I then use to create another table. So I need to call more than 1000 entities for a given link. For instance lets say there are over a 1000 users rated 'link1' there will be over a 1000 instances of this class for the given link property that I need to call. How would I complete this example? class LinkRating2(db.Model): user = db.StringProperty() link = db.StringProperty() rating2 = db.FloatProperty() query =LinkRating2.all() link1 = 'link string name' a = query.filter('link = ', link1) aa = a.fetch(1000)##how would i get more than 1000 for a given link1 as shown? ##keybased over 1000 in other post example i need method for a subset though not key class MyModel(db.Expando): @classmethod def count_all(cls): """ Count *all* of the rows (without maxing out at 1000) """ count = 0 query = cls.all().order('__key__') while count % 1000 == 0: current_count = query.count() if current_count == 0: break count += current_count if current_count == 1000: last_key = query.fetch(1, 999)[0].key() query = query.filter('__key__ > ', last_key) return count

    Read the article

  • PHP: Adding text to a file

    - by Kevin Duke
    I'm trying to set up authentication on my server, however, I know little about Php. I have a php file filled with users and passwords: function getPassword( $user ) { // the user/password database. For very small groups // of users, you may just get away with expanding this // array. $passwords= array ( 'user1' => 'password1', 'user2' => 'password2', 'user3' => 'password3', 'user4' => 'password4' ); $password = $passwords[ $user ]; if ( NULL == $password ) return NULL; Without manually editing the array of passwords, I want a php file to read in user inputs for usernames and passwords and append it to the array. I have a vague idea of how this could work by looking up documentation: <?php function fwrite_stream($fp, $string) { $fp = fopen('shit.php', 'w'); for ($written = 0; $written < strlen($string); $written += $fwrite) { $fwrite = fwrite($fp, substr($string, $written)); if ($fwrite === false) { return $written; } } return $written; fclose($fp); } ?> How do I tell this to write to the array?

    Read the article

  • How do I restrict access to certain web files/folders on an IIS 7.5 based web server?

    - by cpuguru
    We're moving a website that was previously hosted on Win2k3 & IIS 6 to a Win2k8 R2 & IIS 7.5 platform. The website is public, but we want to restrict anonymous access to certain files and folders such that the user would be prompted for a password to access them. If this were Apache, a simple .htaccess file would serve the purpose. However, since it's IIS 7.5 and we're serving up mainly static HTML files and a few classic ASP pages I'm in a bit of a quandry as to how to restrict access to individual files and folders for various committees such that attempts to committee_1's files and/or folders would prompt the user for a password and, if entered correctly, would serve up their files. Same thing for committee_2 and so on. Under IIS 6, we would take away the read privileges for IIS_IUSRS and create a user called "committee_1" with a password known by the group and give that user read privileges to the files/folders. There's got to be a better (and more secure) way. Reminder, these are not *.aspx pages that are being served up. Any suggestions on how to password protect key files and/or folders under IIS 7.5 are much appreciated.

    Read the article

  • Are TestContext.Properties usable ?

    - by DBJDBJ
    Using Visual Studio generate Test Unit class. Then comment in, the class initialization method. Inside it add your property, using the testContext argument. Upon test app startup this method is indeed called by the testing infrastructure. //Use ClassInitialize to run code before running the first test in the class [ClassInitialize()] public static void MyClassInitialize(TestContext testContext) { /* * Any user defined testContext.Properties * added here will be erased after this method exits */ testContext.Properties.Add("key", 1 ) ; // place the break point here } After leaving MyClassInitialize, any properties added by user are lost. Only the 10 "official" ones are left. Actually TestContext gets overwritten, with the inital offical one, each time before each test method is called. It it not overwritten only if user has test initialization method, the changes made over there are passed to the test. //Use TestInitialize to run code before running each test [TestInitialize()]public void MyTestInitialize(){ this.TestContext.Properties.Add("this is preserved",1) ; } This effectively means TestContext.Properties is "mostly" read only, for users. Which is not clearly documented in MSDN. It seems to me this is very messy design+implementation. Why having TestContext.Properties as an collection, at all ? Users can do many other solutions to have class wide initialization. Please discuss. --DBJ

    Read the article

  • Sharepoint Active directory forms authentication

    - by Sushant
    Hi, I am devloping a sharepoint website in Forms authentication mode. I am trying to authenticate myself/ my company users against company's active directory. The ldap path I received from my technical team is LDAP://infinmumcfac.inf.com OU=Infotech,DC=inf,DC=com I got this piece of code from microsoft site. <membership defaultProvider="LdapMembershipProvider"> <providers> <add name="LdapMembership" type="Microsoft.Office.Server.Security.LDAPMembershipProvider, Microsoft.Office.Server, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71E9BCE111E9429C" server="DC" port="389" useSSL="false" userDNAttribute="distinguishedName" userNameAttribute="sAMAccountName" userContainer="CN=Users,DC=userName,DC=local" userObjectClass="person" userFilter="(|(ObjectCategory=group)(ObjectClass=person))" scope="Subtree" otherRequiredUserAttributes="sn,givenname,cn" /> </providers> </membership> The site asked me to change the Server and Usercontainer attribute. I have modified the code to <membership defaultProvider="LdapMembershipProvider"> <providers> <add name="LdapMembership" type="Microsoft.Office.Server.Security.LDAPMembershipProvider, Microsoft.Office.Server, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71E9BCE111E9429C" server=” infinmumcfac.inf.com” port="389" useSSL="false" userDNAttribute="distinguishedName" userNameAttribute="sAMAccountName" userContainer=" OU=Infotech,DC=inf,DC=com " userObjectClass="person" userFilter="(|(ObjectCategory=group)(ObjectClass=person))" scope="Subtree" otherRequiredUserAttributes="sn,givenname,cn" /> </providers> </membership> I placed this code in web.config file of central administration site and my sharepoint website . I am still facing login issues. Any help or insight would be highly grateful.Thanking in anticipation.

    Read the article

  • Re-authentication required for registered-path links (to ASP.NET site) coming to IE from PowerPoint

    - by Daniel Halsey
    We're using URL routing based on Phil Haack's example, with config modifications based on MSDN Library article #CC668202, to provide "shareable" links for a ASP.NET forms site, and have run into a strange issue: For users attempting to open links from PowerPoint presentations, and who have IE set as their default browser, using one of these links forces (forms-based) re-authentication, even in the same browser instance with a live session. Info: We know the session is still alive. (Page returns information for the currently logged-in user; confirmed via debug watches) This doesn't happen with other browsers (FF, Chrome) or with other programs (Notepad++) as the URL source. We do not have a default path set, as this caused issues with root path handling at initial login. This primarily happens with PowerPoint, but will also happen in Word and OCS. On some machines, even after changing the default browser, Office apps will continue to use IE for these links, forcing this error. (A potential registry fix for this failed, but even if it had worked, we can't control default browser choice for our users.) We can't figure out if this is an Office oddity or is being caused by our decision to use app-level URL routing (rather than IIS rewriting). Has anyone else encountered this and found a solution?

    Read the article

  • Average over a timeframe with missing data

    - by BHare
    Assuming a table such as: UID Name Datetime Users 4 Room 4 2012-08-03 14:00:00 3 2 Room 2 2012-08-03 14:00:00 3 3 Room 3 2012-08-03 14:00:00 1 1 Room 1 2012-08-03 14:00:00 2 3 Room 3 2012-08-03 14:15:00 1 2 Room 2 2012-08-03 14:15:00 4 1 Room 1 2012-08-03 14:15:00 3 1 Room 1 2012-08-03 14:30:00 6 1 Room 1 2012-08-03 14:45:00 3 2 Room 2 2012-08-03 14:45:00 7 3 Room 3 2012-08-03 14:45:00 8 4 Room 4 2012-08-03 14:45:00 4 I wanted to get the average user count of each room (1,2,3,4) from the time 2PM to 3PM. The problem is that sometimes the room may not "check in" at the 15 minute interval time, so the assumption has to be made that the previous last known user count is still valid. For example the check-in's for 2012-08-03 14:15:00 room 4 never checked in, so it must be assumed that room 4 had 3 users at 2012-08-03 14:15:00 because that is what it had at 2012-08-03 14:00:00 This follows on through so that the average user count I am looking for is as follows: Room 1: (2 + 3 + 6 + 3) / 4 = 3.5 Room 2: (3 + 4 + 4 + 7) / 4 = 4.5 Room 3: (1 + 1 + 1 + 8) / 4 = 2.75 Room 4: (3 + 3 + 3 + 4) / 4 = 3.25 where # is the assumed number based on the previous known check-in. I am wondering if it's possible to so this with SQL alone? if not I am curious of a ingenious PHP solution that isn't just bruteforce math, as such as my quick inaccurate pseudo code: foreach ($rooms_id_array as $room_id) { $SQL = "SELECT * FROM `table` WHERE (`UID` == $room_id && `Datetime` >= 2012-08-03 14:00:00 && `Datetime` <= 2012-08-03 15:00:00)"; $result = query($SQL); if ( count($result) < 4 ) { // go through each date and find what is missing, and then go to previous date and use that instead } else { foreach ($result) $sum += $result; $avg = $sum / 4; } }

    Read the article

  • Visual SourceSafe (VSS): "Access to file (filename) denied" error

    - by tk-421
    Hi, can anybody help with the above SourceSafe error? I've spent hours trying to find a fix. I've also Googled the heck out of it but couldn't find a scenario matching mine, because in my case only a few files (not all) are affected. Here's what I found: only a few files in my project generate this error other files in the same directory (for example, App_Code has one of the problem files) work fine I've tried checking out from both the VSS client and Visual Studio another developer can check out the main problem file without any problems This sounds like a permission issue for my user, right? However: I found the location of one of the problem files in VSS's data directory (using VSS's naming format, as in 'fddaaaaa.a') and checked its permissions; everything looks fine and its permissions match those of other files I can check out successfully I can see no differences in the file properties between working and non-working files What else can I check? Has anyone encountered this problem before and found a solution? Thanks. P.S.: SourceGear, svn or git are not options, unfortunately. P.P.S.: Tried unsuccessfully to add tag "sourcesafe." EDIT: Hey Paddy, I tried to click 'add comment' to respond to your comment, but I'm getting a javascript error when loading this page in IE8 ("jquery undefined," etc.) so this isn't working. This is when checking out files, and yes, I've obliterated my local copy more times than I can remember. ;) EDIT 2: Thanks for the responses, guys (again I can't 'add comment' due to jQuery not loading, maybe blocked as discussed in Meta). If the problem was caused by antivirus or a bad disk, would other users still be able to check out the file(s)? That's the case here, which makes me think it's a permission issue specific to my account. However I've looked at the permissions and they match both other users' settings and settings on other files which I can check out.

    Read the article

  • Randomly Position A Div

    - by Connie
    I'm looking for a way to randomly position a div anywhere on a page (ONCE per load). I'm currently programming a PHP-based fantasy pet simulation game. One of the uncommon items on the game is a "Four Leaf Clover." Currently, users gain "Four Leaf Clovers" through random distribution - but I would like to change that (it's not interactive enough!). What I Am Trying To Do: The idea is to make users search for these "Four Leaf Clovers" by randomly placing this image anywhere on the page: (my rendition of a four leaf clover) I'd like to do this using a Java/Ajax script that generates a div, and then places it anywhere on the page. And does not move it once it's been placed, until the page is reloaded. I've tried so many Google searches, and the closest thing that I've found so far is this (click), from this question. But, removing the .fadein, .delay, and .fadeout stopped the script from working entirely. I'm not by any means a pro with Ajax. Is what I'm trying to do even possible?

    Read the article

  • disable mystery programs running at startup

    - by pstanton
    Hi and sorry for the ambiguous title... I have a few programs that should run at startup which are 'properly' configured to do so via adding shortcuts to the startup directory: C:\Users\[me]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup However I have (at least) 4 programs which are also starting up, which I can't find where they are configured or how to disable them. I have tried to find them in the above folder, as well as in the 'startup' section of 'msconfig'. The programs include: Skype (for which I have disabled 'start when windows starts' in its options) Thunderbird (for which I cannot find any option to run-at-startup) Task manager (as above) and some anonymous call to javaw (can't find any more details but it fails anyway) The other strange thing is that it seems like these (at least skype and thunderbird) are running 'as administrator' ... i have deduced this because I am unable to use the file-drag-and-drop feature in both (which is a known problem when running 'as administrator'). If someone could guide me to where these extra programs are configured to run-at-startup I would be very greatful! ps. my user account has the administrator role. EDIT: preferrably without another 3rd party tool...

    Read the article

  • Log session and session changes of a asp.net web user

    - by Johan Wikström
    This is going to be a quite broad question, and any suggestions, examples, links are very welcome! I'm looking for a good way to log my users session, and actions on the site up to a certain point. The site in question is a site for doing bookings. The users start with doing a search, doing a few steps of data gathering and selections and end up with a booking. So what I need to implement is some kind of logging of the current session variables at each step the user takes. And perhaps some other valid information. Logging should preferably be done to the a database. At the end i would like to associate all these session with a booking reference. The goal is to later if something goes wrong with the booking or we need to investigate a situation have all information we need. I understand log4net is a popular choice for logging, and used it a bit myself for simple purposes, but can not find any good examples regarding my situation. This should be a common situation, i'm curious how others do it.

    Read the article

  • How can one restrict network activity to only the VPN on a Mac and prevent unsecured internet activity?

    - by John
    I'm using Mac OS and connect to a VPN to hide my location and IP (I have the 'send all traffic over VPN connection' box checked in teh Network system pref), I wish to remain anonymous and do not wish to reveal my actual IP, hence the VPN. I have a prefpan called pearportVPN that automatically connects me to my VPN when I get online. The problem is, when I connect to the internet using Airport (or other means) I have a few seconds of unsecured internet connection before my Mac logs onto my VPN. Therefore its only a matter of time before I inadvertently expose my real IP address in the few seconds it takes between when I connect to the internet and when I log onto my VPN. Is there any way I can block any traffic to and from my Mac that does not go through my VPN, so that nothing can connect unless I'm logged onto my VPN? I suspect I would need to find a third party app that would block all traffic except through the Server Address, perhaps Intego Virus Barrier X6 or little snitch, but I'm afraid I'm not sure which is right or how to configure them. Any help would be much appreciated. Thanks!

    Read the article

  • paypal_adaptive gem in Rails: Dynamic Receiver "Population" (Chained Payments)

    - by Jmlevick
    Note: I didn't find a better title for this O.o Hello, Humm... Look, what I want to do is to have a Rails app where a visitor can click a button/link to make a "special" chained payment using Paypal; Currently I have a Users registration form that has one field for the user to enter his/her paypal account email, and as I saw here: http://marker.to/XGg9MR it is possible to specify the primary reciever and the secondary ones by adding such info in a controller action when using the paypal_adaptive gem in a rails app. The thing is, I don't want to hard code the secondary reciever as I need to specify a different secondary reciever from time to time, (being specific my primary reciever will always be the same, but depending on what button/link the visitor clicks, the secondary one is going to change) and I want that secondary reciever email to be the paypal e-mail account from one of the registered users when the visitor clicks on their specific button/link... My question is: Is it possible to create such enviroment functionality in my app using the current implementation of the paypal_adaptive gem? Could someone point me in the right direction on how to accomplish such thing? I'm still learning rails and also I'm really new in the paypal handling universe with this framework! XD P.S. Thanks! :)

    Read the article

  • Finding out the windows group by virtue of which a user is able to access a database in sql server?

    - by Raghu Dodda
    There is a SQL Server 2005 database with mixed-mode authentication. Among others, we have the following logins on the server: our-domain\developers-group-1, and our-domain\developers-group-2 which are AD groups. The our-domain\developer-group-2 is added to the sysadmin role on the server, by virture of which all domain users of that group can access any database as SQL Server implictly maps the sysadmin role to the dbo user in each database. There are two users our-domain\good-user and our-domain\bad-user The issue is the following: Both the good-user and the bad-user have the exact same AD group memberships. They are both members of our-domain\developers-group-1 and our-domain\developers-group-2. The good-user is able to access all the databases, and the bad-user is not. The bad-user is able to login, but he is unable access any databases. By the way, I am the good-user. How do I go about finding out why? Here's what I tried so far: When I do print current_user, I get dbo When I do print system_user, I get my-domain\good-user When I do select * from fn_my_permissions(NULL, 'SERVER'), I see permissions. But if do execute as user='my-domain\good-user'; select * from fn_my_permissions(NULL, 'SERVER'), I dont see any permisisons. And When I do, execute as user='my-domain\bad-user'; select * from fn_my_permissions(NULL, 'SERVER'), I dont see any permisisons. Also, I was wondering if there is a sql command that will tell me, "hey! the current database user is able to access this database because he is a member such-and-such ad-group, which is a login that is mapped to such-and-such user in this database".

    Read the article

< Previous Page | 384 385 386 387 388 389 390 391 392 393 394 395  | Next Page >