Search Results

Search found 12107 results on 485 pages for 'session timeout'.

Page 395/485 | < Previous Page | 391 392 393 394 395 396 397 398 399 400 401 402 | Next Page >

Image display permissions in PHP/Apache

- by Randy

I have a PHP site with a login system, and am trying to make a feature where only specific usernames can view particular images. I think what I'm trying to do is more involved than merely changing the .htaccess file, because a) this won't help discern between users that are/aren't allowed to view the image, and b) if someone enters the exact URL of the image ("directory/images/photos/230ru0q0238rn230nd_asdi0nqn8.jpg") they can still view the image (since it's a physical file in the directory, and not text in a DB, etc.). Again, restricting via .htaccess would restrict the directory as a whole, or all files in it, so I can't figure out how it would work. Ideally, all images would be blocked by trying to access them directly through their direct URL, and the image would only appear between <img> tags if the user's session/username is valid, else they get an error message. I've heard the term ACL but I'm not sure this is related to what I'm trying to do.

Read the article
How would you go to "design" a cart within a Zend Framework project?

- by ÉricP

Hi, I know ZF well, and a little bit of Magento, but I'm new to E-commerce, and I'm sure there are best practice to follow when designing a cart model. How would go to design a cart? I though of two models, Model_Cart and Model_Cart_Item used in conjonction with Zend_Session to store the cart in session. What are your feedbacks? How would you go to do that? What should I know about writing a cart system? Note that I need a simple system, I even don't need to work with quantity

Read the article
Store form values for later submission

- by kim griggs

I have a Rails app that lets users create tutorials and quizzes. There are many users taking the quizzes and many quizzes in a tutorial. My client wants the quiz results to persist when a student navigates away from the quiz. So the use case would be: User starts to take quiz User answers some of the questions User navigates away from quiz to check a fact in the tutorial User goes back to quiz and their answers are still there User finishes quiz and submits Now this would be pretty easy to do if I enforced a "Save" submit so that the answers could be stored in a session or whatever, but the client (and I agree) thinks people will not remember to save before navigating away. Looking for advice on how to approach this. I'm thinking an observer and cookies.

Read the article
Finding parents where child collection does not contain an item

- by Colin Bowern

I am trying to get a list of parents where the child collection does not contain an item of a specific type. The LINQ equivalent would be something like: dataset.Where(x => x.Items.FirstOrDefault(y => y.Type.Code == "ABC") == null) The object model is Parent Child (Items) Type Code If Parent is my aggregate root, how would I model this in NHibernate criteria/query? Here's my first attempt: var results = session.CreateCriteria<Parent>() .CreateCriteria("Items") .CreateCriteria("Type") .Add(Restrictions.Not(Restrictions.Eq("Code", "ABC"))) .SetResultTransformer(Transformers.DistinctRootEntity) .List<Parent>(); This doesn't seem to return the right entities - it just returns them all.

Read the article
REST client website login

- by Jordan

I have written a REST service that uses WSSE as an authentication method but i want to be able to use this rest service through a browser by creating a website around the service. I want the user to be able to log in on the website then when they view, for example the "view users" page an ajax request is made to test.com/users and back comes the list. The part i'm trying to get my head around is the logging in/out on the website and keeping the user logged in across pages. Since in a true REST implementation there's no state held on the server, i can't use $_SESSION and now i don't know where to start! What is the best way to go about this? Do i still need to store session information on the server then possibly use cURL to make the request? Thanks Jay

Read the article
NHibernate: Can I access a generated primary key after saving a model?

- by littlecharva

Howdy, So I've got a simple table with an ID field that's incrementally generated on INSERT. I've set the mapping up in NHibernate to reflect this: <id name="ID"> <generator class="identity" /> </id> And it all works fine. Trouble is, I need to get the generated ID after I've saved a new model to use elsewhere: var model = new MyModel(); session.SaveOrUpdate(model); But at this stage model.ID == null, not the ID. Any ideas? Anthony

Read the article
Refactoring common method header and footer

- by David Wong

I have the following chunk of header and footer code appearing in alot of methods. Is there a cleaner way of implementing this? Session sess = factory.openSession(); Transaction tx; try { tx = sess.beginTransaction(); //do some work ... tx.commit(); } catch (Exception e) { if (tx!=null) tx.rollback(); throw e; } finally { sess.close(); } The class in question is actually an EJB 2.0 SessionBean which looks like: public class PersonManagerBean implements SessionBean { public void addPerson(String name) { // boilerplate // dostuff // boilerplate } public void deletePerson(Long id) { // boilerplate // dostuff // boilerplate } }

Read the article
Which are the best techniques to protect a 'homemade' framework from unlogged visitors?

- by Hermet

First of all, I would like to say that I have used the search box looking for a similar question unsuccessfully, maybe because of my poor english skills. The way I currently do this is checking in every single page that a session has been opened. If not, the user gets redirected to a 404 page, to seem like the file which has been requested doesn't exist. I really don't know if this is sure or there's a better and more safety way and I'm currently working with kind of confidential data that should never become public. Could you give me some tips? Or leave a link where I could find some? Thank you very much, and again excuse me for kicking the dictionary.

Read the article
Django and a referrer system question

- by Hellnar

Hello, I am trying develop a basic referrer system to my Django website, system will be generating a unique url for each users to share with their friends. Once these friends enter this website, system somehow keep the data that "this user is browsing by the reference of X user" and once this invited person decided to register for an account, system will save this information (maybe as an extra Foreign Key of the inviting user in the UserProfile model) Now how can I keep track of the inviting user from the moment entering using the referred link to the point where he/she registers to the site. Would session framework work on this? If not how could this be done ?

Read the article
Accesing Label.text in DataList

- by Itay Gurvich

So im trying to access informtaion from a label inside the DataList by pressing a button inside it. I put a code in thusly: protected void DataList1_SelectedIndexChanged(object sender, EventArgs e) { Character character = (Character)Session["character"]; Label lbl = (Label)DataList1.SelectedItem.FindControl("lblName"); int SkillID = int.Parse(DAL.ExecuteScalar("SELECT SkillID FROM skills WHERE SkillName = '" + lbl.ToString() + "'").ToString()); DAL.ExecuteNonQuery("INSERT INTO AssignedSkills (Offensive) Values ('" + SkillID.ToString() + "') WHERE CharID = '" + character.get_name().ToString() + "'"); } when i press the button its not even getting there and im getting an error "Invalid postback or callback argument." how can i access it?

Read the article
Linq to NHibernate - How to return a parent object with only certain child objects included

- by vakman

Given a simplified model like the following: public class Enquiry { public virtual DateTime Created { get; set; } public virtual Sender Sender { get; set; } } public class Sender { public virtual IList<Enquiry> Enquiries { get; set; } } How can you construct a Linq to Nhibernate query such that it gives you back a list of senders and their enquiries where the enquiries meet some criteria. I have tried something like this: return session.Linq<Enquiry>() .Where(enquiry => enquiry.Created < DateTime.Now) .Select(enquiry => enquiry.Sender) In this case I get an InvalidCastException saying you can't cast type Sender to type Enquiry. Any pointers on how I can do this without using HQL?

Read the article
Apache certificates for some urls not working

- by Vegaasen

We are having a rather strange problem with a Apache-installation. Here is a short summary: Currently I'm setting up Apache with https, and server-certificates. This is fairly easy and works straight out of the box - as expected. This is the configuration for this setup: Listen 443 SSLEngine on SSLCertificateFile "/progs/apache/ssl/example-site.no.pem" SSLCertificateKeyFile "/progs/apache/ssl/example-site.no.key" SSLCACertificateFile "/progs/apache/ssl/ca/example_root.pem" SSLCADNRequestFile "/progs/apache/ssl/ca/example_intermediate.pem" SSLVerifyClient none SSLVerifyDepth 3 SSLOptions +StdEnvVars +ExportCertData RequestHeader set ssl-ClientCert-Subject-CN "%{SSL_CLIENT_S_DN}s" RewriteEngine On ProxyPreserveHost On ProxyRequests On SSLProxyEngine On ... <LocationMatch /secureStuff/$> SSLVerifyClient require Order deny,allow Allow from All </LocationMatch> ... <Proxy balancer://exBalancer> Header add Set-Cookie "EX_ROUTE=EB.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED BalancerMember http://10.0.0.1:7200 route=ee1 retry=300 flushpackets=off keepalive=on BalancerMember http://10.0.0.2:7200 route=ee2 retry=300 flushpackets=off keepalive=on status=+H ProxySet stickysession=EX_ROUTE scolonpathdelim=Off timeout=10 nofailover=off failonstatus=505 maxattempts=1 lbmethod=bybusyness Order deny,allow Allow from all </Proxy> RewriteCond %{REQUEST_URI} !^/index.html [NC] RewriteRule ^/(.*)$ balancer://exBalancer/$1 [P,NC] ProxyPassReverse / balancer://exBalancer/ Header edit Set-Cookie "(.*)" "$1;HttpsOnly" ... So - everything works fine and as expected for all of the pages that are not a part of the LocationMatch-directive. When requesting something that matches the LocationMatch-directive, I'm asked for a certificate (hence the SSLVerifyClient required attribute) - and getting all the correct certificates in my browser that is based on the root/intermediate chain. After choosing a certificate and clicking "OK", this is what pops up in the apache logs: [ssl:info] [pid 9530:tid 25] [client :43357] AH01998: Connection closed to child 86 with abortive shutdown ( [Thu Oct 11 09:27:36.221876 2012] [ssl:debug] [pid 9530:tid 25] ssl_engine_io.c(1171): (70014)End of file found: [client 10.235.128.55:45846] AH02007: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!] And this just spams the logs. What is happening here? I can see this configuration working on my local machine, but not on one of our servers. There is no configration differences between the servers, only minor application-wise-changes. I've tried the following: 1) Removing CA-certificate-checking (works) 2) Adding required CA-certificate for the whole site (works) 3) Adding "SSLVerifyClient optional" does not work 4) ++ Server/Application Information Local: -OpenSSL v.1.0.1x -Apache 2.4.3 -Ubuntu -mpm: event -every configuration should be turned on (failing) server: -OpenSSL 0.9.8e -Apache 2.4.2 -SunOS -mpm: worker -every configuration should be turned on Please let me know if more information is needed, I'll provide it instantly. Brief sum-up: -Running apache 2.4 -Server certificates works just fine -Client certificates for some /Locations does not work, fails with errors PS: Could it be related with the OpenSSL version and the "Renegotiation" stuff related to TLS/SSLv3?

Read the article
Geeting internal Oracle connection from Hibernate in JBoss

- by espressoshot

Hello, I need to set an application context through Hibernate. I found there is a method setApplicationContext on oracle.jdbc.internal.OracleConnection. I wrote a test, in which I was getting the Oracle connection from the Hibernate session and it worked fine. However, when I moved the code to my application running under JBoss where connections are obtained from the pool the solution won't work. The error is: $Proxy51 cannot be cast to oracle.jdbc.internal.OracleConnection. (1) How can I get the internal connection in that environment? (2) Is there a better way to set an application context through Hibernate (docs don't say anything about it). Thanks so much. Kris

Read the article
Secure password transmission over unencrypted tcp/ip

- by academicRobot

I'm in the designing stages of a custom tcp/ip protocol for mobile client-server communication. When not required (data is not sensitive), I'd like to avoid using SSL for overhead reasons (both in handshake latency and conserving cycles). My question is, what is the best practices way of transmitting authentication information over an unencrypted connection? Currently, I'm liking SRP or J-PAKE (they generate secure session tokens, are hash/salt friendly, and allow kicking into TLS when necessary), which I believe are both implemented in OpenSSL. However, I am a bit wary since I don't see many people using these algorithms for this purpose. Would also appreciate pointers to any materials discussing this topic in general, since I had trouble finding any.

Read the article
Codeigniter: simple form function

- by Kevin Brown

I'm stuck writing a simple form...I feel dumb. Here's my controller: function welcome_message(){ //Update welcome message $id = $this->session->userdata('id'); $profile['welcome_message'] = $this->input->post('welcome_message'); $this->db->update('be_user_profiles',$profile, array('user_id' => $id)); } And the html: <?php print form_open('home/welcome_message')?> <input type="checkbox" value="0" checked="false">Don't show me this again</input> <p> <input class="button submit" type="submit" class="close-box" value="Close" /> </p> <?php print form_close()?> Edit I simply need it to submit to a private function and return to the home page (page submitted from).

Read the article
How to end a thread in java?

- by beagleguy

hi all, I have 2 pools of threads ioThreads = (ThreadPoolExecutor)Executors.newCachedThreadPool(); cpuThreads = (ThreadPoolExecutor)Executors.newFixedThreadPool(numCpus); I have a simple web crawler that I want to create an iothread, pass it a url, it will then fetch the url and pass the contents over to a cpuThread to be processed and the ioThread will then fetch another url, etc... At some point the IO thread will not have any new pages to crawl and I want to update my database that this session is complete. How can I best tell when the threads are all done processing and the program can be ended?

Read the article
MVC Forms Authentication with custom database

- by AndrewVos

I'm trying to get forms authentication working for an mvc site. I have a custom database with a users table, and I would like to do my own password validation. I am logging in my user like this: if (PasswordHasher.Hash(password) == dataUser.Password) { FormsAuthentication.SetAuthCookie(email, true); return true; } The problem is, when the session expires obviously the user has to login again. I am thinking I should be storing this Auth cookie in my users table? Update: I'm obviously in desperate need of more education in this area. I just noticed that the user stays authenticated even after an iisreset. I guess what I'm asking is how can I get persistent and non persistent authentication working properly. I want a user to not have to login again if they click "remember", and if they don't then their authentication should expire when the forms authentication is set to expire.

Read the article
On Linux, how do I run a GUI app from a terminal shell under a different login?

- by Eric

Here's the deal. I logged into a Linux box (CentOS, but that shouldn't matter) as user A. I had to build a program as user B, so I started up a terminal shell, logged into that shell as B, and built it. When I try to run the app, I get this message: "connect to ":0.0" refused by server" Most likely because the current X Windows session is owned by user A, and as B, I don't have permissions to access A's stuff. Is there a correct way to solve this. Any incorrect ways?

Read the article
Interview: Am I need to leave a hope for candidate?

- by Budda

Today I've interviewed a candidate who didn't answer any question. At all. After 3-4 answers (attempts to answer) for me was obvious: we won't hire him. Would you recommend me to say (definitely in polite form) something like: Sorry you don't meet our requirements? Or just to tell in another way: thank you, that are all my questions for now. Our HR department will let you know if/when we will need another interview session. Probably you see any other option. Thanks.

Read the article
Filemaker XSL 20sec Query Latency

- by Ian Wetherbee

I have an ASP frontend that loads data from a Filemaker database using XSL to perform simple queries. The problem is that the first page load takes 20 seconds +/- 200ms, then the next few page refreshes within a minute of the first request take <200ms, then the cycle starts over again. Each page load makes only 2 XSL queries, and they execute fast after the first page load, so what is causing the delay on the first page load? I have caching turned up with a 100% hit rate, and number of connections at 100. I've tried with XSL database sessions on and off, and session time anywhere from 1 to 60 minutes without any changes. The XSL loads from ASP use a GET request and add a Basic Authorization header to authenticate each time. During fast page requests, the fmserver.exe and fmswpc.exe processes don't even flinch, but during a 20 second holdup I see fmserver jump to 30% CPU and a 3mb I/O read a few seconds into the request, and occasionally fmswpc jump to 60% CPU.

Read the article
Can Grails exceptionHandler support the following Error Handling Flow

- by Andrew

In my rails app that I am porting to grails whenever an unexpected error occurs I intercept the error automatically and display a form to the user informing them that an error has occured and asking them for further information. Meanwhile, as the form is rendered I write the stack trace and other information about who was logged in to a database table. Then if the form is submitted I add that information to the error report. I cannot tell from the exceptionHandler documentation and BootStrap examples whether that will allow me to grab all the information including various session and request parameters and then stuff them into a database and then post a form. Any thoughts?

Read the article
curl cookie problem in PHP

- by safaali

hi as my client needs, I developed a code to login via cURl. login to www.web1.com and store cookies in cookie.txt go to www.web2.com and browse a page using that cookie.txt no problem with www.web2.com so when i want to do this with www.web3.com, the problem appears. the www.web3.com uses session and cookies itself and I have to gather and use them. it means I should have tow series of cookies, first those from www.web1.com , and second those from www.web3.com , then request the www.web3.com/somepage how I can do that?

Read the article
How can I create a canned reply with the CKEditor toolbar?

- by Tur0k

Hello, Is it possible to create configurable quick replies within an html page using cookies or session tracking with Javascript/php and the CKEditor toolbar. Do I have to create a custom plugin or button for this? Example: button1 -Good job 2 1/2 points. Close ticket. button2 -Great job 5 points. Close ticket. button3 -Awesome job 10 points. Close ticket. Any advise would be awesome! Thanks.

Read the article
How to render Max(Substring) with Lambda Extensions

- by caifa

Hi everybody. I'm using NHibernate with Lambda Extensions. I'd like to know how to nest a Max function with a Substring. The following statement retrieves Max("invoice_id") var ret = session .CreateCriteria<Invoice>() .SetProjection(Projections.Max("invoice_id")) .UniqueResult(); but in my case the field invoice_id is made in this way: 12345.10 where 12345 is the invoice number, and 10 refers to the current year (2010). So I need to calculate the Max function only over the first 5 digits. How can I do it?

Read the article
Password remember does not work as needed

- by sweetsecret

On the website I am working on it has been deployed but the problem I am facing is that when I enter a username and password and click on the check box to remember...It remembers the password for sometime.. wen I login in after 5 or 10 minutes it remembers the password but aftr a long period of time like about 2hours it forgets the username and password and i have to type it in all over again... this dint used to happen with the old server as even I could sign in and it remembered the password the next day until i log off... what can be the reason The session state im using is:

Read the article

< Previous Page | 391 392 393 394 395 396 397 398 399 400 401 402 | Next Page >