Search Results

Search found 13222 results on 529 pages for 'security gate'.

Page 415/529 | < Previous Page | 411 412 413 414 415 416 417 418 419 420 421 422 | Next Page >

Drupal does not recognize my website has been installed

- by Marcos Buarque

After a successful Drupal install, I was trying to follow the security recommendations and reverted the settings.php file to 444 permissions (read, read, read). Then, all of a sudden, right after doing that, Drupal does not recognize the installation process was completed. It went back to the install screen. Worst of all. I did chmod back to 666 (write, write, write) but it does not work any more. When I move forward as if I was going to install Drupal again, he tells me he does not have permissions to create the files folder under sites/default... But since the installation has already been completed... the files folder is already there... I am puzzled... Could it be some sort of server caching? Since this is one of my first adventures with a Linux server, I am a bit confused. Any help appreciated... Thanks.

Read the article
How can I clean up this SELECT query?

- by Cruachan

I'm running PHP 5 and MySQL 5 on a dedicated server (Ubuntu Server 8.10) with full root access. I'm cleaning up some LAMP code I've inherited and I've a large number of SQL selects with this type of construct: SELECT ... FROM table WHERE LCASE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE( strSomeField, ' ', '-'), ',', ''), '/', '-'), '&', ''), '+', '') ) = $somevalue Ignoring the fact that the database should never have been constructed to require such a select in the first place, and the $somevalue field will need to be parameterised to plug the gaping security hole, what is my best option for fixing the WHERE condition into something less offensive? If I was using MSSQL or Oracle I'd simply put together a user-defined function, but my experience with MySQL is more limited and I've not constructed a UDF with it before, although I'm happy coding C. Update: For all those who've already raised their eyebrows at this in the original code, $somevalue is actually something like $GET['product']—there are a few variations on the theme. In this case the select is pulling the product back from the database by product name—after stripping out characters so it matches what could be previously passed as a URI parameter.

Read the article
Validating/Allowing YouTube Embed Code

- by mellowsoon

Hi, hopefully this is a simple question. I have a simple custom forum on my site written in PHP. For security reasons I don't allow any HTML in the forum posts. I only allow certain BBCode tags. I would however like to allow embedded YouTube videos. So my question is this: What's the best (most secure) way to validate the YouTube embed code? YouTube is currently using iframes to embed videos, but obviously I can't just allow the iframe tag. I also need to ensure the src of the iframe is a YouTube URL, and ensure there's no other malicious bits of code in the iframe code.

Read the article
Android sending SOAP object over Https via ksoap2 2.5.8

- by Jack-V

My first time posting a question here so please do not mind my mistakes here. I'm currently making an android application fetching and sending information from a .asmx web service. Everything goes well with the ksoap2 library and am using HttpTransportSE to call the web service. So now what I'm trying to do is to use the HttpsTransportSE to call the web service over Https. I got java.security.cert.certpathvalidatorexception trustanchor for certpath not found exception. I have the server certificate in .pfx , .jks and .bks format. My questions is what do i do with it to make my HttpsTransportSE call to be success? I've read around with articles using custom SSLSocketFactory but am still not sure how to implement it in my application. Thanks in advance for any suggestion/advices

Read the article
Download and replace Android resource files

- by Casebash

My application will have some customisation for each company that uses it. Up until now, I have been loading images and strings from resource files. The idea is that the default resources will be distributed with the application and company specific resources will be loaded from our server after they click on a link from an email to launch the initialisation intent. Does anyone know how to replace resource files? I would really like to keep using resource files to avoid rewriting a lot of code/XML. I would distribute the application from our own server, rather than through the app store, so that we could have one version per company, but unfortunately this will give quite nasty security warnings that would concern our customers.

Read the article
Windows Server 2008 Antivirus Software with an API

- by Dave Jellison

I'm looking for an Antivirus package that is compliant with Windows Server 2008. That's not the hard part. What I need is an API layer on the Antivirus that i can call from managed .net code. For example: I am developing an Asp.Net (C#) website that allows users to upload files to the web server which the web site resides on. We have full control of the server so there are no security/rights issues on the server. I need to be able to run the antivirus algorithm on the newly uploaded files without (hopefully) shelling out to a command-ilne version of the software. Does anyone know of such a package?

Read the article
Package names - impl v internal

- by Ben J

In my time of digging around Java APIs I have come across both impl and internal packages. Up until now I never really thought about the difference - as with all enterprisey Java apps, I figured they just meant that "actual implementation in here; you (API user) should be really using the interface. Go away." A little bit of digging around Stack Overflow seems to suggest that the internal package at least can have some security placed around it. So, what is the difference? I don't think it is a matter of taste because I have seen APIs with both.

Read the article
Problem with commit in sharpsvn

- by zhangxiaoning

Hi,I'm a programmer in china. I want to commit the changes of a working copy in my computer to the repository. The repository is in an URL and i´m doing this now: using (SvnClient client = new SvnClient()){ string path = @"C:\testdelete\test.java"; client.Delete(path); client.Authentication.Clear(); // Clear predefined handlers client.Authentication.UserNamePasswordHandlers += delegate(object obj, SharpSvn.Security.SvnUserNamePasswordEventArgs args) { args.UserName = "username"; args.Password = "password"; }; var uri = client.GetUriFromWorkingCopy(path); if (uri != null) { SvnCommitArgs args = new SvnCommitArgs(); args.ThrowOnError = true; args.ThrowOnCancel = true; client.Commit(path, args);//here throw a SvnOperationCanceledException } } But it doesn´t work,Why?Thanks!

Read the article
Accessing FILESTREAM from an SQL CLR assembly

- by superware

I'm trying to stream FILESTREAM data from an unsafe SQL CLR assembly. The connection string is Data Source=LAPTOP2\SQLEXPRESS;Initial Catalog=test;Integrated Security=True;Enlist=False When creating a new SqlFileStream (inside a SqlTransaction, of course), I'm getting: The request is not supported at OpenSqlFilestream. So I decided to try native OpenSqlFilestream, but then I'm getting an invalid handle (-1) while GetLastWin32Error returns that same: The request is not supported (ERROR_NOT_SUPPORTED). I have also tried SqlContext.WindowsIdentity.Impersonate() with no apparent effect. I couldn't find any documentation referencing this restriction. Is it really unsupported? If it is unsupported, is there a good reason? Does anyone know of a workaround?

Read the article
What is the best way pre filter user access for sqlalchemy queries?

- by steve

I have been looking at the sqlalchemy recipes on their wiki, but don't know which one is best to implement what I am trying to do. Every row on in my tables have an user_id associated with it. Right now, for every query, I queried by the id of the user that's currently logged in, then query by the criteria I am interested in. My concern is that the developers might forget to add this filter to the query (a huge security risk). Therefore, I would like to set a global filter based on the current user's admin rights to filter what the logged in user could see. Appreciate your help. Thanks.

Read the article
iphone - how to properly handle exceptional situations (signals ?)

- by pmilosev

Hi In my iphone app, I want to provide some sort of app termination handler that will do some final work (delete some sensitive data) before the application terminates. I want to handle as much of the termination situations as possible: 1) User terminates the app 2) The device runs out of battery 3) The system terminates the app due to some reason (e.g. out of memory or app freeze) 4) Application crashes (EXC_BAD_ACCESS or SIGSEGV) Any other exceptional situation ? What is the best way to achieve this (e.g. is applicationWillTerminate method called in situation 2) ? Is it possible to do the cleanup in a signal handler (includes iPhone Security framework calls) ? regards

Read the article
Xampp error on windows

- by Deepak Kumar

My problem is when i use xampp i see many error and when i use my web it has no error Notice: Undefined index: action in C:\xampp\htdocs\xyz\index.php on line 3 Notice: Undefined index: usNick in C:\xampp\htdocs\xyz\config.php on line 11 Notice: Use of undefined constant setname - assumed 'setname' in C:\xampp\htdocs\xyz\config.php on line 31 Notice: Use of undefined constant setname - assumed 'setname' in C:\xampp\htdocs\xyz\config.php on line 31 Notice: Undefined index: usNick in C:\xampp\htdocs\xyz\config.php on line 34 Notice: A session had already been started - ignoring session_start() in C:\xampp\htdocs\xyz\data.php on line 2 Notice: Undefined index: r in C:\xampp\htdocs\xyz\data.php on line 4 Notice: Undefined index: ucNick in C:\xampp\htdocs\xyz\data.php on line 8 I have tried many time changing things in Setting, Security, Privileges etc but nothing changed, I want to know if im missing something out Thanks

Read the article
Is looking for Wi-Fi access points purely passive?

- by Aric TenEyck

Say I carry a Wi-Fi enabled phone or laptop through an area where there are WAPs. Assuming that I don't actively try to connect to them or otherwise interact with them, is it possible for the owner of that WAP to know that I was there? I'm asking this in the context of my earlier question: Looking for MACs on the network I was talking with a friend about my newfound ability to detect phones (and other devices with MAC addresses) on the network, and he pointed out that it might be useful to detect unknown phones on the network; I could use that data to track down anyone who was in my house and brought a Wi-Fi phone with them. So, if I set up a logging fake WAP with no security or encryption, can I glean any useful information about the devices that come into the house? Assuming that the thief doesn't actively try to connect...

Read the article
In which language the KIS application might have been developed??

- by Jeba

Hello all, I just went through this link http://www.pcauthority.com.au/Feature/91093,the-tsar-of-antivirus.aspx and found that it's developed using c/c++ and visual studio with a little assembly language support. As a programmer i just want to know in what programming language the kaspersky internet security User Interface(UI) has been developed? Might be using QT(coz. of c++)? or using MFC(coz. of visual studio)?? With side tab like thing the UI looks good. Expecting the answers from expert analysts.

Read the article
What is the most suitable for writing a high speed server C, C++ or C# ?

- by wniroshan

I'm goint to write a server which does lots of image processing. Server-end processsing is expected to be very tedious. Server will maily have mobile phones as its clients. I am really concerend about speed and effciency. Security is pretty important too. Server will be running on a windows platform. Can anyone tell me what should I use as the language C, C++ or C#? or at least what are the ares that I should be looking at when selecting one of them Thank you.

Read the article
Asp.net 3.5 Deployment issue

- by peter

For deploying my website in server by using IIS 5.1,,i created virtual directory,,i browsed in to my application and selected asp.net 2.0 tab(application is framework3.5)..I reset framwork configuratio 2,0 Runtime security Policy Enterprise,Machine,User tab,,What ever things i can do i did Still also application is working properly,,but i am not able to deploy it in IIS i am getting this error If i browse Login.aspx i am getting ** Server Application Unavailable The web application you are attempting to access on this web server is currently unavailable. Please hit the "Refresh" button in your web browser to retry your request. Administrator Note: An error message detailing the cause of this specific request failure can be found in the application event log of the web server. Please review this log entry to discover what caused this error to occur. ** Is it with IIS 5.1?? Here my machine is acting as server ,It has xp professional 2002 service pack 2 and IIS 5.1

Read the article
What to do with twitter oauth token once retreived?

- by mcintyre321

I'm writing a web app that will use twitter as its primary log on method. I've written code which gets the oauth token back from Twitter. My plan is now to Find the entry in my Users table for the twitter username retreived using the token, or create the entry if necessary Update the Users.TwitterOAuthToken column with the new OAuth token Create a permanent cookie with a random guid on the site and insert a record into my UserCookies table matching Cookie to User when a request comes in I will look for the browser cookie id in the UserCookies table, then use that to figure out the user, and make twitter requests on their behalf Write the oauth token into some pages as a js variable so that javascript can make requests on behalf of the user If the user clears his/her cookies the user will have to log in again to twitter Is this the correct process? Have I created any massive security holes? thanks!

Read the article
How to give anonymous access to site in IIS ?

- by Lalit

Hi, I want to give the anonymous access to my deployed site on IIS. i checked in Directory Security by right clicking on site in IIS there is checked the box Enable Anonymous access.also there is user IUSR_MySERVER is there. but still it is asking for user name & pwd. why. I don't want to ask any uname and pwd when site accessing. What to do? please help. I fact my application is, i am importing the Excel sheet from file location in my applicatiom. When i saying browse it run perfect . But when i say Import , it asking for the username and password. on Click of Import button I am reading Excelsheet in datatable by interop services. What should this problem should be?

Read the article
Ping or otherwise tell if a device is on the network by MAC in C#

- by Aric TenEyck

I'm developing a home security application. One thing I'd like to do is automatically turn it off and on based on whether or not I'm at home. I have a phone with Wifi that automatically connects to my network when I'm home. The phone connects and gets its address via DHCP. While I could configure it to use a static IP, I'd rather not. Is there any kind of 'Ping' or equivalent in C# / .Net that can take the MAC address of a device and tell me whether or not it's currently active on the network?

Read the article
How to run a .class file in Windows 7 OS?

- by jNoob

Hi, This is probably a stupid question, but how do I run a class file on windows 7? I usually create my own .java files and then use a basic IDE (with JDK6) to compile it to a class and run it automatically. My professor gave a .class file that we are supposed to play with extensively but I have no idea how to to run it here. Note that I cannot run it by typing: java classname.class because it contains gui stuff especially buttons and such. If I do the above I get the following error: java.lang.NoClassDefFoundError: Test1/2/class Caused by: java.lang.ClassNotFoundException: Test1.2.class at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClassInternal(Unknown Source) Could not find the main class: Test1.2.class. Program will exit. Exception in thread "main" Any help would be highly appreciated. Thanks.

Read the article
Class declaration bug (NoClassDefFoundError caused by ClassNotFoundException)

- by aladine

Please advise me what's wrong with this class declaration: ExchEngine.java package engine; public class ExchEngine { public ExchEngine() { } public static void main(String[] args) { ExchEngine engine=new ExchEngine() ; } } When I compile this file, I always get exception: java.lang.NoClassDefFoundError: test_engine/ExchEngine Caused by: java.lang.ClassNotFoundException: test_engine.ExchEngine at java.net.URLClassLoader$1.run(URLClassLoader.java:202) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:307) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:248) Exception in thread "main" This seems very weird that ExchEngine.java is inside a package and it cannot run itself. Thanks for any help.

Read the article
Can events fired from an iframe be handled by elements in its parent?

- by allyourcode

Suppose I have a page located at www.example.com/foo, and it contains an iframe with src="http://www.example.com/bar". I want to be able to fire an event from /bar and have it be heard by /foo. Using the Prototype library, I've tried doing the following without success: Element.fire(parent, 'ns:frob'); When I do this, in ff 3.5, I get the following error: Node cannot be used in a document other than the one in which it was created" code: "4 Line 0 Not sure if that's related to my problem. Is there some security mechanism that's preventing scripts in /bar from kicking off events in /foo?

Read the article
Request for the permission of type 'System.Data.SqlClient.SqlClientPermission failed

- by Richmond

Hi All! I have asp.net application, using LINQ to connecto to SQL Server 2008 R2 databse. My connection string: Data Source=[SqlServerIp];Initial Catalog=[databaseName]User Id=newLogin;Password=newPassword; When I deploy application on my local IIS (which is not the same machine as database server) it works fine, but when I deploy application on other IIS (the same machine as sqlServer) it throws an exception: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. Anyone knows how to fix it? Maybe it is due to some bad configuration of IIS? Please help.

Read the article
Windows XP: Have my program run in kernel mode?

- by Kalamari

I'm currently learning about the different modes the Windows operating system runs in (kernel mode vs. user mode), device drivers, their respective advantages and disadvantages and computer security in general. I would like to create a practical example of what a faulty device driver that runs in kernel mode can do to the system, by for example corrupting memory used for critical OS-processes. How can I execute my code in kernel mode instead of user mode, directly? Do I have to write a dummy device driver and install it to do this? Where can I read more about kernel and user mode in Windows? I know the dangers of this and will do all of the experiments on a virtual machine running Windows XP only

Read the article
Organizing PHP includes in your development environment

- by Andrew Heath

I'm auditing my site design based on the excellent Essential PHP Security by Chris Shiflett. One of the recommendations I'd like to adopt is moving all possible files out of webroot, this includes includes. Doing so on my shared host is simple enough, but I'm wondering how people handle this on their development testbeds? Currently I've got an XAMPP installation configured so that localhost/mysite/ matches up with D:\mysite\ in which includes are stored at D:\mysite\includes\ In order to keep include paths accurate, I'm guess I need to replicate the server's path on my local disk? Something like D:\mysite\public_html\ Is there a better way?

Read the article

< Previous Page | 411 412 413 414 415 416 417 418 419 420 421 422 | Next Page >