Search Results

Search found 10698 results on 428 pages for 'interactive session'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 389/428 | < Previous Page | 385 386 387 388 389 390 391 392 393 394 395 396  | Next Page >

  • Rss: Bookmark is not working correctly.

    - by shruti
    I'm working on project RSS generation in MVC.Net. in taht i want to make bookmark. for that i have write the code on controller. first there is one aspx page from which subscription page gets open. public ActionResult ViewBlog() { if (Session[SessionVariables.username] == null) { return RedirectToAction("Login", "Home"); } else { return View(classObj.fetchAllBlogs()); } } and coding for subscription is: public ActionResult Rss() { string bcontent = classObj.showBlog(); DateTime postdate = classObj.showPostDate(); List<SyndicationItem> items = new SyndicationItem[] { new SyndicationItem("RSS Blog",bcontent+postdate,null), }.ToList(); RssResult r = new RssResult(); SyndicationFeed feed = new SyndicationFeed("Admin: Blog Posts", "RSS Feed",Request.Url , items); return new RssResult(feed); Developer", "The latest news on ASP.NET, C# and ASP.NET MVC "); } but problem is that when usr clicks on bookmark then intested of opening ViewBlog.aspx it opens the same page. i want to open ViewBlog.aspx. I think the problem is in: SyndicationFeed feed = new SyndicationFeed("Admin: Blog Posts", "RSS Feed",Request.Url , items); Plz help ...!

    Read the article

  • Return REF CURSOR to procedure generated data

    - by ThaDon
    I need to write a sproc which performs some INSERTs on a table, and compile a list of "statuses" for each row based on how well the INSERT went. Each row will be inserted within a loop, the loop iterates over a cursor that supplies some values for the INSERT statement. What I need to return is a resultset which looks like this: FIELDS_FROM_ROW_BEING_INSERTED.., STATUS VARCHAR2 The STATUS is determined by how the INSERT went. For instance, if the INSERT caused a DUP_VAL_ON_INDEX exception indicating there was a duplicate row, I'd set the STATUS to "Dupe". If all went well, I'd set it to "SUCCESS" and proceed to the next row. By the end of it all, I'd have a resultset of N rows, where N is the number of insert statements performed and each row contains some identifying info for the row being inserted, along with the "STATUS" of the insertion Since there is no table in my DB to store the values I'd like to pass back to the user, I'm wondering how I can return the info back? Temporary table? Seems in Oracle temporary tables are "global", not sure I would want a global table, are there any temporary tables that get dropped after a session is done?

    Read the article

  • Nhibernate, can i improve my MAPPING or Query

    - by dbones
    take this simple example A staff class which references other instances of the staff class public class Staff { public Staff() { Team = new List<Staff>(); } public virtual int Id { get; set; } public virtual string Name { get; set; } public virtual IList<Staff> Team { get; set; } public virtual Staff Manager { get; set; } } The Fluent Mapping public class StaffMap : ClassMap<Staff> { public StaffMap() { Id(x => x.Id); Map(x => x.Name); References(x => x.Manager).Column("ManagerId"); HasMany(x => x.Team).KeyColumn("ManagerId").Inverse(); } } Now I want to run a query, which will load all the Staff and eager load the manager and Team members. This is what I came up with IList<Staff> resutls = session.CreateCriteria<Staff>() .SetFetchMode("Team", FetchMode.Eager) .SetResultTransformer(Transformers.DistinctRootEntity) .List<Staff>(); however the SQL (does what i want) has duplicate columns, 2 team2_.ManagerId and 2 team2_.Id SELECT this_.Id as Id0_1_, this_.Name as Name0_1_, this_.ManagerId as ManagerId0_1_, team2_.ManagerId as ManagerId3_, team2_.Id as Id3_, team2_.Id as Id0_0_, team2_.Name as Name0_0_, team2_.ManagerId as ManagerId0_0_ FROM [SelfRef].[dbo].[Staff] this_ left outer join [SelfRef].[dbo].[Staff] team2_ on this_.Id=team2_.ManagerId The question is, should this be happening? did i do something wrong in the query or map? or is it a feature of the HHib im using (which is Version 2.1.0.4000)? many thanks in advance

    Read the article

  • Help with interesting VS2010 and SQL2008 bug

    - by user355770
    Hey So im using Visual Studio 2010 to create a webpage. im calling some tabels from sql server 2008 here is where im confused... The code runs fine no errors. The pages works except im missing my rows in my 3rd column from the table. Everything else shows up. Ive checked to make sure the names are matching everywhere and that in sql the joins and such worked. Its just very weird that i'd be missing my 2 rows from the 3rd column. anyone have any ideas to help?? the error is in the tab called research material else if (tabTagId == "tpArlington_ProjectInformation") { repArlington_ProjectInformation.DataSource = ds; repArlington_ProjectInformation.DataBind(); } else if (tabTagId == "tpArlington_Plan") { repArlington_Plan.DataSource = ds; repArlington_Plan.DataBind(); } else if (tabTagId == "tpArlington_ResearchMaterial") { repArlington_ResearchMaterial.DataSource = ds; repArlington_ResearchMaterial.DataBind(); } else if (Session["projectAbbreviation"].ToString() == "ARLING") { tpArlington_ProjectInformation.HeaderText = "Project Information"; tpArlington_ProjectInformation.Visible = true; tpArlington_Plan.HeaderText = "Plan"; tpArlington_Plan.Visible = true; tpArlington_ResearchMaterial.HeaderText = "ResearchMaterial"; tpArlington_ResearchMaterial.Visible = true; getTabData("tpArlington_ProjectInformation"); getTabData("tpArlington_Plan"); getTabData("tpArlington_ReasearchMaterial"); } the 2 other tabs work perfect. the research material is where the problem is. the stuff in the tab doesn't come up. the text in the tab DOES come up but not the stuff from sql. the stuff in sql looks good, the ids match and everything is joined properly otherwise the other 2 tabs wouldnt work. that is what is confusing me. any suggestions or specific info you need just ask. thanks!

    Read the article

  • How do I execute queries upon DB connection in Rails?

    - by sycobuny
    I have certain initializing functions that I use to set up audit logging on the DB server side (ie, not rails) in PostgreSQL. At least one has to be issued (setting the current user) before inserting data into or updating any of the audited tables, or else the whole query will fail spectacularly. I can easily call these every time before running any save operation in the code, but DRY makes me think I should have the code repeated in as few places as possible, particularly since this diverges greatly from the ideal of database agnosticism. Currently I'm attempting to override ActiveRecord::Base.establish_connection in an initializer to set it up so that the queries are run as soon as I connect automatically, but it doesn't behave as I expect it to. Here is the code in the initializer: class ActiveRecord::Base # extend the class methods, not the instance methods class << self alias :old_establish_connection :establish_connection # hide the default def establish_connection(*args) ret = old_establish_connection(*args) # call the default # set up necessary session variables for audit logging # call these after calling default, to make sure conn is established 1st db = self.class.connection db.execute("SELECT SV.set('current_user', 'test@localhost')") db.execute("SELECT SV.set('audit_notes', NULL)") # end "empty variable" err ret # return the default's original value end end end puts "Loaded custom establish_connection into ActiveRecord::Base" sycobuny:~/rails$ ruby script/server = Booting WEBrick = Rails 2.3.5 application starting on http://0.0.0.0:3000 Loaded custom establish_connection into ActiveRecord::Base This doesn't give me any errors, and unfortunately I can't check what the method looks like internally (I was using ActiveRecord::Base.method(:establish_connection), but apparently that creates a new Method object each time it's called, which is seemingly worthless cause I can't check object_id for any worthwhile information and I also can't reverse the compilation). However, the code never seems to get called, because any attempt to run a save or an update on a database object fails as I predicted earlier. If this isn't a proper way to execute code immediately on connection to the database, then what is?

    Read the article

  • SpringFramework3.0: How to create interceptors that only apply to requests that map to certain contr

    - by Fusion2004
    In it's simplest form, I want an interceptor that checks session data to see if a user is logged in, and if not redirects them to the login page. Obviously, I wouldn't want this interceptor to be used on say the welcome page or the login page itself. I've seen a design that uses a listing of every url to one of two interceptors, one doing nothing and the other being the actual interceptor you want implemented, but this design seems very clunky and limits the ease of extensibility of the application. It makes sense to me that there should be an annotation-based way of using interceptors, but this doesn't seem to exist. My friend has the idea of actually modifying the handler class so that during each request it checks the Controller it is mapping the request to for a new annotation we would create (ex @Interceptor("loginInterceptor") ). A major point of my thinking is the extensibility, because I'd like to later implement similar interceptors for role-based authentication and/or administration authentication. Does it sound like my friend's approach would work for this? Or what is a proper way of going about doing this?

    Read the article

  • Get Multiple Values From Database ASP.NET/C#

    - by user1043177
    I am trying to get/return multiple values from an SQL-Server database using and display them on an ASP.NET page. I am using a stored procedure to perform the SELECT command on the Database side. I am able to return the first value that matches the variable @PERSON but only one row is returned each time. Any help would be much appreciated. Database handler class public MainSQL() { _productConn = new SqlConnection(); _productConnectionString += "data source=mssql.database.co.uk;InitialCatalog=test_data;User ID=username;Password=password"; _productConn.ConnectionString = _productConnectionString; } public string GetItemName(int PersonID) { string returnvalue = string.Empty; SqlCommand myCommand = new SqlCommand("GetItem", _productConn); myCommand.CommandType = CommandType.StoredProcedure; myCommand.Parameters.Add(new SqlParameter("@PERSON", SqlDbType.Int)); myCommand.Parameters[0].Value = PersonID; _productConn.Open(); returnvalue = (string)myCommand.ExecuteScalar(); _productConn.Close(); return (string)returnvalue; } Stored Procedure USE [test_data] GO SET ANSI_NULLS ON GO SET QUOTED_IDENTIFIER ON GO ALTER PROCEDURE [ppir].[GetItem] ( @PERSON int ) AS /*SET NOCOUNT ON;*/ SELECT Description FROM [Items] WHERE PersonID = @PERSON RETURN return.aspx namespace test { public partial class Final_Page : System.Web.UI.Page { MainSQL GetInfo; protected void Page_Load(object sender, EventArgs e) { int PersonId = (int)Session["PersonID"]; GetInfo = new MainSQL(); string itemname = GetInfo.GetItemName(PersonId); ReturnItemName.Text = itemname; } // End Page_Load } // End Class } // End Namespace

    Read the article

  • Cross-Application User Authentication

    - by Chris Lieb
    We have a webapp written in .NET that uses NTLM for SSO. We are writing a new webapp in Java that will tightly integrate with the original application. Unfortunately, Java has no support for performing the server portion of NTLM authentication and the only library that I can find requires too much setup to be allowed by IT. To work around this, I came up with a remote authentication scheme to work across applications and would like your opinions on it. It does not need to be extremely secure, but at the same time not easily be broken. User is authenticated into .NET application using NTLM User clicks link that leaves .NET application .NET application generates random number and stores it in the user table along with the user's full username (domain\username) Insecure token is formed as random number:username Insecure token is run through secure cipher (likely AES-256) using pre-shared key stored within the application to produce a secure token The secure token is passed as part of the query string to the Java application The Java application decrypts the secure key using the same pre-shared key stored within its own code to get the insecure token The random number and username are split apart The username is used to retrieve the user's information from the user table and the stored random number is checked against the one pulled from the insecure token If the numbers match, the username is put into the session for the user and they are now authenticated If the numbers do not match, the user is redirected to the .NET application's home page The random number is removed from the database

    Read the article

  • Django | passing form values

    - by MMRUser
    I want to create a user sign up process that requires two different forms with the same data one (1st form) is for filling out the data and other one (2nd form) is for displaying the filled data as a summery (before actually saving the data) so then user can view what he/she has filled up... my problem is that how do I pass 1st form's data in to the 2nd one .. I have used the basic Django form manipulation mechanism and passed the form field values to the next form using Django template tags.. if request.method == 'POST': form = Users(request.POST) if form.is_valid(): cd = form.cleaned_data try: name = cd['fullName'] email = cd['emailAdd'] password1 = cd['password'] password2 = cd['password2'] phoneNumber = cd['phoneNumber'] return render_to_response('signup2.html', {'name': name, 'email': email, 'password1': password1, 'password2': password2, 'phone': phone, 'pt': phoneType}) except Exception, ex: return HttpResponse("Error %s" % str(ex)) and from the second from I just displayed those field values using tags and also used hidden fields in order to submit the form with values, like this: <label for="">Email:</label> {{ email }} <input type="hidden" id="" name="email" class="width250" value="{{ email }}" readonly /> It works nicely from the out look, but the real problem is that if someone view the source of the html he can simply get the password even hackers can get through this easily. So how do I avoid this issue.. and I don't want to use Django session since this is just a simple sign up process and no other interactions involved. Thanks.

    Read the article

  • How to get the real, actual duration of an MP3 file (VBR or CBR) server-side

    - by Cummander Checkov
    I used to calculate the duration of MP3 files server-side using ffmpeg - which seemed to work fine. Today i discovered that some of the calculations were wrong. Somehow, for some reason, ffmpeg will miscalculate the duration and it seems to happen with variable bit rate mp3 files only. When testing this locally, i noticed that ffmpeg printed two extra lines in green. Command used: ffmpeg -i song_9747c077aef8.mp3 ffmpeg says: [mp3 @ 0x102052600] max_analyze_duration 5000000 reached at 5015510 [mp3 @ 0x102052600] Estimating duration from bitrate, this may be inaccurate After a nice, warm google session, i found some posts on this, but no solution was found. I then tried to increase the maximum duration: ffmpeg -analyzeduration 999999999 -i song_9747c077aef8.mp3 After this, ffmpeg returned only the second line: [mp3 @ 0x102052600] Estimating duration from bitrate, this may be inaccurate But in either case, the calculated duration was just plain wrong. Comparing it to VLC i noticed that here the duration is correct. After more research i stumbled over mp3info - which i installed and used. mp3info -p "%S" song_9747c077aef8.mp3 mp3info then returned the CORRECT duration, but only as an integer, which i cannot use as i need a more accurate number here. The reason for this was explained in a comment below, by user blahdiblah - mp3info is simply pulling ID3 info from the file and not actually performing any calculations. I also tried using mplayer to retrieve the duration, but just as ffmpeg, mplayer is returning the wrong value. Now i ran out of options. If somebody knows how to get around this, any hints, tips, guides or corrections are welcome! Thank You!

    Read the article

  • Android - save/restore state of custom class

    - by user1209216
    I have some class for ssh support - it uses jsch internally. I use this class on main activity, this way: public class MainActivity extends Activity { SshSupport ssh = new SshSupport(); ..... @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); //Handle events for ssh ssh.eventHandler = new ISshEvents() { @Override public void SshCommandExecuted(SshCommandsEnum commandType, String result) { } //other overrides here } //Ssh operations on gui item click @Override public void onItemClick(AdapterView<?> arg0, View v, int position, long arg3) { if (ssh.IsConnected() == false) { try { ssh.ConnectAsync(/*parameters*/); } catch (Exception e) { e.printStackTrace(); } } try { ssh.ExecuteCommandAsync(SshCommandsEnum.values()[position]); } catch (Exception e) { e.printStackTrace(); } } }); } It works very well. My application connects to ssh, performs all needed operation in background thread and results are reported to gui, via events as shown above. But nothing works after user change device orientation. It's clear for me - activity is re-created and all state is lost. Unfortunately, my SshSupport class object is lost as well. It's pretty easy to store gui state for dynamically changed/added objects (using put/get serializable etc methods). But I have no idea how to prevent my ssh object, ssh connected session being lost. Since my class is not serializable, I can't save it to bundle. Also, even if I make my SshSupport class serializable, jsch objects it uses still are not serializable. So what is the best way to solve this?

    Read the article

  • load data from grid row into (pop up) form for editing

    - by user1495457
    I read in Ext JS in Action ( by J. Garcia) that if we have an instance of Ext.data.Record, we can use the form's loadRecord method to set the form's values. However, he does not give a working example of this (in the example that he uses data is loaded into a form through a file called data.php). I have searched many forums and found the following entry helpful as it gave me an idea on how to solve my problem by using form's loadRecord method: load data from grid to form Now the code for my store and grid is as follows: var userstore = Ext.create('Ext.data.Store', { storeId: 'viewUsersStore', model: 'Configs', autoLoad: true, proxy: { type: 'ajax', url: '/user/getuserviewdata.castle', reader: { type: 'json', root: 'users' }, listeners: { exception: function (proxy, response, operation, eOpts) { Ext.MessageBox.alert("Error", "Session has timed-out. Please re-login and try again."); } } } }); var grid = Ext.create('Ext.grid.Panel', { id: 'viewUsersGrid', title: 'List of all users', store: Ext.data.StoreManager.lookup('viewUsersStore'), columns: [ { header: 'Username', dataIndex: 'username' }, { header: 'Full Name', dataIndex: 'fullName' }, { header: 'Company', dataIndex: 'companyName' }, { header: 'Latest Time Login', dataIndex: 'lastLogin' }, { header: 'Current Status', dataIndex: 'status' }, { header: 'Edit', menuDisabled: true, sortable: false, xtype: 'actioncolumn', width: 50, items: [{ icon: '../../../Content/ext/img/icons/fam/user_edit.png', tooltip: 'Edit user', handler: function (grid, rowIndex, colIndex) { var rec = userstore.getAt(rowIndex); alert("Edit " + rec.get('username')+ "?"); EditUser(rec.get('id')); } }] }, ] }); function EditUser(id) { //I think I need to have this code here - I don't think it's complete/correct though var formpanel = Ext.getCmp('CreateUserForm'); formpanel.getForm().loadRecord(rec); } 'CreateUserForm' is the ID of a form that already exists and which should appear when user clicks on Edit icon. That pop-up form should then automatically be populated with the correct data from the grid row. However my code is not working. I get an error at the line 'formpanel.getForm().loadRecord(rec)' - it says 'Microsoft JScript runtime error: 'undefined' is null or not an object'. Any tips on how to solve this?

    Read the article

  • How to pass javascript/jQuery settings from page to page in rails?

    - by aronchick
    When doing javascript manipulation of what's visible, how does one pass that from page to page (ideally in Rails)? For example, let's say I have the following simple jQuery code: <% link_to "Next Page", report_path %> <div class="clickable-div" style="background-color:#FFFFFF;"></div> <script> $('.clickable-div').click(function () { var color = $(this).css("background-color", "#000000"); }); </script> If it's not clear, the code is just supposed to change the color of the div based on whether or not it has been clicked. Regardless, there's also a link on the page that allows someone to go to the reporting page. What's a way to pass the state of the div to the action call? EDIT It seems unnecessary to do it in a session - am I wrong? This is just something from one page to the next, I couldn't care less anywhere else on the site. EDIT 2 To confirm, Rails needs to have access to the action that occurred in Javascript on the previous page.

    Read the article

  • I need help solving a rather weird error in a WCF service.

    - by Moulde
    Hi.. I have a solution that contains three projects. A main project with my MVC app, a silverlight application and a (silverlight enabled) WCF service project. In my silverlight project i have made a Service Reference to my WCF service. And i pretty much got that working. In my WCF service i have a method that returns an Book object, which got some random fields like title, date etc. In the book class, i have a ICollection field that contains a list of events. The book class is generated using entity framework 4.0, and Lazy Loading is enabled. If i in my getBook(int id) method return a book with the events field not initialized, it works as a charm. But if i initialize the field, i'm getting this error. The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error. I have a few ideas why that is happening, and while writing this i just got another one. The wcf service somehow threw away the reference to the event class. That would be very weird since i have a reference between my main mvc app (with the models) and my WCF service. Since i have enabled lazy loading in EF 4.0, i suspect that it may be the thing generating the error. But i'm not sure why that would be, because i'm not in any way accessing that field. I could understand that i may not be able to access the events field after i recive the object in my silverlight application since the connection between the book object and the entity framework is like broken. Did i mention that Lazy Loading is enabled on my EF instance? And there is no inner exception in the thrown exception. Thanks in advance. Malte Baden Hansen

    Read the article

  • Using struts 2 with no tags

    - by WannaAsk
    Hi everyone, I wonder if you could guide me on this struts issue - I feel hopeless on this... I am working on migrating our web application to a Struts 2 portlet (I'm using Struts 2.1.8). The thing is, I am forced to avoid struts tags because our application relies on Dijit widgets, which are omitted when using struts tags. So now I should implement the <s:form tag using scriptlets. My question is: how you would suggest I imitate the way struts handles the "action" attribute? Right now it appears I should: Create a regular html form in my jsp. Get/create the ActionConfig object during onsubmit and set on it values which match my desired destination: class+method+result jsp. Execute the action I set in 2. Would you recommend this? If so - is ActionConfig obtained from the session? Can I initiate an action execution from ActionConfig? (Aletrnatively... generating an action url using struts' form.vm file - what do you say?) I would appreciate any help on this - Thanks a lot in advance!!!

    Read the article

  • Loading GWT Messages from a Database

    - by Lars Tackmann
    In GWT one typically loads i18n strings using a interface like this: public interface StatusMessage extends Messages { String error(String username); : } which then loads the actual strings from a StatusMessage.property file: error=User: {0} does not have access to resource This is a great solution, however my client is unbendable in his demand for putting the i18n strings in a database so they can be changed at runtime (though its not a requirement that they be changed realtime). One solution is to create a async service which takes a message ID and user locale and returns a string. I have implemented this and find it terribly ugly (and it introduces a huge amount of extra communication with the server, plus it makes property placeholder replacement rather complicated). So my question is this, can I in some nice way implement a custom message provider that loads the messages from the backend in one big swoop (for the current user session). If it can also hook into the default GWT message mechanism, then I would be completely happy (i.e. so I can create a interface like above and keep using the the nice {0}, {1}... property replacement format). Other suggestions for clean database driven messages in GWT are also welcome.

    Read the article

  • CakePHP – 2 controllers, 1 form

    - by user1327
    I need to create a review form. I have 2 models and 2 controllers – Products and Reviews with 'Products' hasMany 'Reviews' relationship, the review form will be displayed on the current product page (Products controller, 'view' action), and this form will be use another controller (Reviews). Also I need validation with validation errors being displayed for this form. In my Products controller view.ctp I have: // product page stuff... echo $this->Form->create($model = 'Review', array('url' => '/reviews/add')); echo $this->Form->input('name', array('label' => 'Your name:')); echo $this->Form->input('email', array('label' => 'Your e-mail:')); echo $this->Form->input('message', array('rows' => '6', 'label' => 'Your message:')); echo $this->Form->end('Send'); echo $this->Session->flash(); ReviewsController - add: public function add() { if ($this->request->is('post')) { $this->Review->save($this->request->data); $this->redirect(array('controller' => 'products', 'action' => 'view', $this->request->data['Review']['product_id'], '#' => 'reviews')); } } Somehow this horrible code works.. in part. Review saves, but I don't get validation errors, and I can't add 'if ($this->Review->save($this->request->data);) { //... } because it will break this action (missed view error). My question is how to properly deal with this situation to achieve functionality that I need? Should I use elements with request action or I should move adding reviews to the ProductsController?

    Read the article

  • Best way to update/insert into a table based on a remote table.

    - by martilyo
    I have two very large enterprise tables in an Oracle 10g database. One table keeps the historical information of the other table. The problem is, I'm getting to the point where the records are just too many that my insert update is taking too long and my session is getting killed by the governor. Here's a pseudocode of my update process: sqlsel := 'SELECT col1, col2, col3, sysdate FROM table2@remote_location dpi WHERE (col1, col2, col3) IN ( SELECT col1, col2, col3 FROM table2@remote_location MINUS SELECT DISTINCT col1, col2, col3 FROM table1 mpc WHERE facility = '''||load_facility||''' )'; EXECUTE IMMEDIATE sqlsel BULK COLLECT INTO table1; I've tried the MERGE statement: MERGE INTO table1 t1 USING ( SELECT col1, col2, col3 FROM table2@remote_location ) t2 ON ( t1.col1 = t2.col1 AND t1.col2 = t2.col2 AND t1.col3 = t2.col3 ) WHEN NOT MATCHED THEN INSERT (t1.col1, t1.col2, t1.col3, t1.update_dttm ) VALUES (t2.col1, t2.col2, t2.col3, sysdate ) But there seems to be a confirmed bug on versions prior to Oracle 10.2.0.4 on the merge statement when doing a merge using a remote database. The chance of getting an enterprise upgrade is slim so is there a way to further optimize my first query or write it in another way to have it run best performance wise? Thanks.

    Read the article

  • What prevents a user from adding controls to an ASP.NET page client side?

    - by Curtis White
    This goes back to my other question which I thought was sufficiently answers but upon reflect am not sure that it was (sorry). Backgrounder: I am generating a form dynamically. I am pulling from the database the controls. I must associate each control with a database ID which is not the user's session id. I do this currently by storing my ID in the ID for the web control with some other stuff to make it unique/clear what I am doing. On the post back, I iterate through all the controls on my web page checking for my special identifier, ie, MyGeneratedTextBox_ID_Unique. This process enables for 2 important steps, identifying the control was one I generated and also getting the ID for this input field. And, all of this works but I'm still concerned about the security of it. I do not see a security issue with showing the actual database ID's in this case, although agree it is not desirable. However, I am concerned of the following possibilities: If a user could add a nefarious control to my collection and use that for a SQL injection attack. More academic, but if a user could somehow store data for fields they do not have access too by changing the id's. I agree this is a "hack" of a way to do it. But my question is, is it a security risk and is there an 'easy' way to do it in a less hack way? I assume that only the controls that are created/instantiated on the page are added to the controls list.. thus all controls must be created server side and thus the security issue is address but just wanted to validate. Thanks again. PS: I could see adding a property for each control and encrypting the viewstate would be a little more secure.

    Read the article

  • Flash Player: Any remedy for the stale video image data problem (in a reused NetStream object)?

    - by amn
    Has anyone experienced stale stills of a previous playback for a reused NetStream object? If so, what are the workarounds for this, except re-creating the object (which eats performance and time)? It is hard to reuse NetStream objects because of a (in my opinion) fundamental issue with NetStream objects - when you 'close' a playing stream and at a later point issue a 'play' call on it again with a different name, the stream appears to still contain a stale image lingering from previous playback, and this is of course displayed in the Video object for a moment - the moment I assume it takes for new stream data to become available from server. Because of this behavior, to improve my users' visual experience, I simply discard a NetStream object after a playback session, and assign a new NetStream object to the same variable, set it up, and play something else. It appears to work - no stale image - but what bugs me is that it's a work around and costs performance (construction and setting up the object again - event listeners and 'client' delegates and more memory usage - NetStream objects are not garbage collected immediately, it takes some time). It would be really nice to REALLY be able to reuse a stream. I am thinking of something akin to Video.clear method, but for the NetStream class. Am I missing something?

    Read the article

  • How to re-enable the idle timer in ios once it has been disabled (to allow the display to sleep again)?

    - by lindon fox
    I have figured out how to stop an iOS device from going to sleep (see below), but I am having troubles undoing that setting. According to the Apple Documentation, it should just be changing the value of the idleTimerDisabled property. But when I test this, it does not work. This is how I am initially stopping the device from going to sleep: //need to switch off and on for it to work initially [UIApplication sharedApplication].idleTimerDisabled = NO; [UIApplication sharedApplication].idleTimerDisabled = YES; I would have thought that the following would do the trick: [UIApplication sharedApplication].idleTimerDisabled = NO; From the Apple Documentation: The default value of this property is NO. When most applications have no touches as user input for a short period, the system puts the device into a "sleep” state where the screen dims. This is done for the purposes of conserving power. However, applications that don't have user input except for the accelerometer—games, for instance—can, by setting this property to YES, disable the “idle timer” to avert system sleep. Important: You should set this property only if necessary and should be sure to reset it to NO when the need no longer exists. Most applications should let the system turn off the screen when the idle timer elapses. This includes audio applications. With appropriate use of Audio Session Services, playback and recording proceed uninterrupted when the screen turns off. The only applications that should disable the idle timer are mapping applications, games, or similar programs with sporadic user interaction. Has anyone come across this problem? I am testing on iOS6 and iOS5. Thanks in advance.

    Read the article

  • How To Block The UserName After 3 Invalid Password Attempts IN ASP.NET

    - by shihab
    I used the following code for checking user name and password. and I want ti block the user name after 3 invalid password attempt. what should I add in my codeing MD5CryptoServiceProvider md5hasher = new MD5CryptoServiceProvider(); Byte[] hashedDataBytes; UTF8Encoding encoder = new UTF8Encoding(); hashedDataBytes = md5hasher.ComputeHash(encoder.GetBytes(TextBox3.Text)); StringBuilder hex = new StringBuilder(hashedDataBytes.Length * 2); foreach (Byte b in hashedDataBytes) { hex.AppendFormat("{0:x2}", b); } string hash = hex.ToString(); SqlConnection con = new SqlConnection("Data Source=Shihab-PC;Initial Catalog=test;User ID=SOMETHING;Password=SOMETHINGELSE"); SqlDataAdapter ad = new SqlDataAdapter("select password from Users where UserId='" + TextBox4.Text + "'", con); DataSet ds = new DataSet(); ad.Fill(ds, "Users"); SqlDataAdapter ad2 = new SqlDataAdapter("select UserId from Users ", con); DataSet ds2 = new DataSet(); ad2.Fill(ds2, "Users"); Session["id"] = TextBox4.Text.ToString(); if ((string.Compare((ds.Tables["Users"].Rows[0][0].ToString()), hash)) == 0) { if (string.Compare(TextBox4.Text, (ds2.Tables["Users"].Rows[0][0].ToString())) == 0) { Response.Redirect("actioncust.aspx"); } else { Response.Redirect("actioncust.aspx"); } } else { Label2.Text = "Invalid Login"; } con.Close(); }

    Read the article

  • How to Check Authenticity of an AJAX Request

    - by Alex Reisner
    I am designing a web site in which users solve puzzles as quickly as they can. JavaScript is used to time each puzzle, and the number of milliseconds is sent to the server via AJAX when the puzzle is completed. How can I ensure that the time received by the server was not forged by the user? I don't think a session-based authenticity token (the kind used for forms in Rails) is sufficient because I need to authenticate the source of a value, not just the legitimacy of the request. Is there a way to cryptographically sign the request? I can't think of anything that couldn't be duplicated by a hacker. Is any JavaScript, by its exposed, client-side nature, subject to tampering? Am I going to have to use something that gets compiled, like Flash? (Yikes.) Or is there some way to hide a secret key? Or something else I haven't thought of? Update: To clarify, I don't want to penalize people with slow network connections (and network speed should be considered inconsistent), so the timing needs to be 100% client-side (the timer starts only when we know the user can see the puzzle). Also, there is money involved so no amount of "trusting the user" is acceptable.

    Read the article

  • PHP/Javascript: Restart Form Button Isn't Working, Code Insde

    - by Josh K
    Basically I want a confirmation box to pop up when they click the button asking if they sure they want to restart, if yes, then it destroys session and takes them to the first page. Heres what i got... echo "<form id=\"form\" name=\"form\" method=\"post\" action=\"nextpage.php\">\n"; echo " <input type=\"button\" name='restart' value='Restart' id='restart' onclick='restartForm()' />"; and for the script... <script type=\"text/javascript\"> <!-- function restartForm() { var answer = confirm('Are you sure you want to start over?'); if (answer) { form.action=\"firstpage.php\"; session_destroy(); form.submit(); } else alert ('Restart Cancelled'); } // -- </script>"; EDIT: Note that pressing the button brings up the confirm box, but if you click okay nothing happens sometimes. Sometimes if u click cancel it still submits the form (To the original action)

    Read the article

  • Need method to seek next/previous records id without cycling through all records.

    - by dqhendricks
    I am using MySQL and PHP. I have a MySQL blog post result set with id fields, and publish_date fields. I display one blog post per page, and the script knows which blog post to display based on $_GET['id'], which correlates to each blog entry's id field. I would like to reference them by id in the url, because I would like each blog post to have a perminant url. I would like to order the blog posts by publish date (descending). Now, on each page there will be next and previous links, which contain the $_GET['id'] value for the next and previous blog posts. How can I figure out what the id of the next and previous blog posts (determined by it's publish_date order) without cycling through each mysql result row? I can't mysql_data_seek(), because I do not know the row index of the current blog post id. I do not want to store a row index in a GET variable because the urls would no longer be perminant. I obviously cannot store the row index in a SESSION variable because then direct links to specific blog posts would have broken next and previous links. Any suggestions would be greatly appreciated.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 385 386 387 388 389 390 391 392 393 394 395 396  | Next Page >