Search Results

Search found 14605 results on 585 pages for 'variable definition'.

Page 422/585 | < Previous Page | 418 419 420 421 422 423 424 425 426 427 428 429  | Next Page >

• Are there any security vulnerabilities in this PHP code?

  - by skorned

  Hi. I just got a site to manage, but am not too sure about the code the previous guy wrote. I'm pasting the login procedure below, could you have a look and tell me if there are any security vulnerabilities? At first glance, it seems like one could get in through SQL injection or manipulating cookies and the ?m= parameter. define ( 'CURRENT_TIME', time ()); / / Current time. define ( 'ONLINE_TIME_MIN', (CURRENT_TIME - BOTNET_TIMEOUT)); / / Minimum time for the status of "Online". define ( 'DEFAULT_LANGUAGE', 'en'); / / Default language. define ( 'THEME_PATH', 'theme'); / / folder for the theme. / / HTTP requests. define ( 'QUERY_SCRIPT', basename ($ _SERVER [ 'PHP_SELF'])); define ( 'QUERY_SCRIPT_HTML', QUERY_SCRIPT); define ( 'QUERY_VAR_MODULE', 'm'); / / variable contains the current module. define ( 'QUERY_STRING_BLANK', QUERY_SCRIPT. '? m ='); / / An empty query string. define ( 'QUERY_STRING_BLANK_HTML', QUERY_SCRIPT_HTML. '? m ='); / / Empty query string in HTML. define ( 'CP_HTTP_ROOT', str_replace ( '\ \', '/', (! empty ($ _SERVER [ 'SCRIPT_NAME'])? dirname ($ _SERVER [ 'SCRIPT_NAME']):'/'))); / / root of CP. / / The session cookie. define ( 'COOKIE_USER', 'p'); / / Username in the cookies. define ( 'COOKIE_PASS', 'u'); / / user password in the cookies. define ( 'COOKIE_LIVETIME', CURRENT_TIME + 2592000) / / Lifetime cookies. define ( 'COOKIE_SESSION', 'ref'); / / variable to store the session. define ( 'SESSION_LIVETIME', CURRENT_TIME + 1300) / / Lifetime of the session. ////////////////////////////////////////////////// ///////////////////////////// / / Initialize. ////////////////////////////////////////////////// ///////////////////////////// / / Connect to the database. if (! ConnectToDB ()) die (mysql_error_ex ()); / / Connecting topic. require_once (THEME_PATH. '/ index.php'); / / Manage login. if (! empty ($ _GET [QUERY_VAR_MODULE])) ( / / Login form. if (strcmp ($ _GET [QUERY_VAR_MODULE], 'login') === 0) ( UnlockSessionAndDestroyAllCokies (); if (isset ($ _POST [ 'user']) & & isset ($ _POST [ 'pass'])) ( $ user = $ _POST [ 'user']; $ pass = md5 ($ _POST [ 'pass']); / / Check login. if (@ mysql_query ( "SELECT id FROM cp_users WHERE name = '". addslashes ($ user). "' AND pass = '". addslashes ($ pass). "' AND flag_enabled = '1 'LIMIT 1") & & @ mysql_affected_rows () == 1) ( if (isset ($ _POST [ 'remember']) & & $ _POST [ 'remember'] == 1) ( setcookie (COOKIE_USER, md5 ($ user), COOKIE_LIVETIME, CP_HTTP_ROOT); setcookie (COOKIE_PASS, $ pass, COOKIE_LIVETIME, CP_HTTP_ROOT); ) LockSession (); $ _SESSION [ 'Name'] = $ user; $ _SESSION [ 'Pass'] = $ pass; / / UnlockSession (); header ( 'Location:'. QUERY_STRING_BLANK. 'home'); ) else ShowLoginForm (true); die (); ) ShowLoginForm (false); die (); ) / / Output if (strcmp ($ _GET [ 'm'], 'logout') === 0) ( UnlockSessionAndDestroyAllCokies (); header ( 'Location:'. QUERY_STRING_BLANK. 'login'); die (); ) ) ////////////////////////////////////////////////// ///////////////////////////// / / Check the login data. ////////////////////////////////////////////////// ///////////////////////////// $ logined = 0, / / flag means, we zalogininy. / / Log in session. LockSession (); if (! empty ($ _SESSION [ 'name']) & &! empty ($ _SESSION [ 'pass'])) ( if (($ r = @ mysql_query ( "SELECT * FROM cp_users WHERE name = '". addslashes ($ _SESSION [' name'])."' AND pass = ' ". addslashes ($ _SESSION [' pass']). " 'AND flag_enabled = '1' LIMIT 1 ")))$ logined = @ mysql_affected_rows (); ) / / Login through cookies. if ($ logined! == 1 & &! empty ($ _COOKIE [COOKIE_USER]) & &! empty ($ _COOKIE [COOKIE_PASS])) ( if (($ r = @ mysql_query ( "SELECT * FROM cp_users WHERE MD5 (name )='". addslashes ($ _COOKIE [COOKIE_USER ])."' AND pass = '". addslashes ($ _COOKIE [COOKIE_PASS]). " 'AND flag_enabled = '1' LIMIT 1 ")))$ logined = @ mysql_affected_rows (); ) / / Unable to login. if ($ logined! == 1) ( UnlockSessionAndDestroyAllCokies (); header ( 'Location:'. QUERY_STRING_BLANK. 'login'); die (); ) / / Get the user data. $ _USER_DATA = @ Mysql_fetch_assoc ($ r); if ($ _USER_DATA === false) die (mysql_error_ex ()); $ _SESSION [ 'Name'] = $ _USER_DATA [ 'name']; $ _SESSION [ 'Pass'] = $ _USER_DATA [ 'pass']; / / Connecting language. if (@ strlen ($ _USER_DATA [ 'language'])! = 2 | |! SafePath ($ _USER_DATA [ 'language']) | |! file_exists ( 'system / lng .'.$_ USER_DATA [' language '].' . php'))$_ USER_DATA [ 'language'] = DEFAULT_LANGUAGE; require_once ( 'system / lng .'.$_ USER_DATA [' language'].'. php '); UnlockSession ();

  Read the article

• What does this C++ code mean

  - by Markus Orreilly

  I was trying to understand how webkit parses urls, and I'm having a hard time making heads or tails of this: Vector<char, 4096> buffer(fragmentEnd * 3 + 1); This line is on line 1214 (you can see it here: http://trac.webkit.org/browser/trunk/WebCore/platform/KURL.cpp#L1214). I get that it's making a vector of type char, with each entry being an array of char 4096 bytes large, but I don't get the buffer(fragmentEnd * 3 + 1) part. I think that it confuses me most b/c I can't find where the buffer variable is instantiated anywhere (shouldn't it be something more like Vector<char, 4096> buffer = new Vector<char, 4096>(...)? Thanks in advance

  Read the article

• Is there a way of getting a file name and inserting into Matlab script?

  - by torr

  In a folder, I have both my .m file that contains the script and an imaging .dcm file that needs to be analyzed. Folder structure: Folder1/analysis.m Folder1/meas_dynamic_123.dcm My script (analysis.m) begins as follows: target =''; <== here should go the full path to the file + filename example: /Volumes/Data/Folder1/meas_dynamic_123.m txt = dir(target); // etc So I'm wondering if there is a way of when running analysis.m it will: automatically search the folder it's in, grab the full path + filename of file containing string dynamic in the name, insert its full path + name into target variable continue running the script Does anyone have any pointers on how to achieve this? Using ffpath?

  Read the article

• Remove successive 0th entries in args[] for a Java command line interface?

  - by Bill IV

  I recall seeing, somewhere, an example that stepped through String args[] by deleting the lowest numbered value(s) public static void main( String args[]) { while (args.length > 0 ) { // do something and obliterate elements from args[] } } Obviously, a variable tracking current position in args and compared to args.length will do it; or an ArrayList made from args[]'s contents, with argsAL.size(). Am I mis-remembering an ArrayList example? I know this is a borderline question, the likely answer is, "No, there isn't and there shouldn't be either!". Maybe I'm over-focused... Bill

  Read the article

• How Do Sockets Work in C?

  - by kaybenleroll

  I am a bit confused about socket programming in C. You create a socket, bind it to an interface and an IP address and get it to listen. I found a couple of web resources on that, and understood it fine. In particular, I found an article Network programming under Unix systems to be very informative. What confuses me is the timing of data arriving on the socket. How can you tell when packets arrive, and how big the packet is, do you have to do all the heavy lifting yourself? My basic assumption here is that packets can be of variable length, so once binary data starts appearing down the socket, how do you begin to construct packets from that?

  Read the article

• Javascript function returning number with two decimals...?

  - by muzzledBYbrass

  I have a function to return points along a line and my return comes back with two decimal points...? For example, a return of my variable px will be something like -88.4029.032940598. vx is the x vector and mult is the distance of the line plus distance to calculate the point. Here is the operation that is returning these values: var mult = parseFloat(mag + theUnit); var px = coord_one.x_point + (vx * mult); console.log(px); Never have seen this before- I appreciate any and all help!

  Read the article

• PHP: form input field names containing square brackets like field[index]

  - by gidireich

  Hi, I've seen lot of code that handle forms, which creates input fields with names containing square brackets. I understand that this is being somehow converted to PHP arrays when a PHP script examines the $_POST variable. My questions about this: What is the mechanism behind? At which point this names that merely contain brackets are converted to arrays? Is this a feature of the HTPP protocol? Of web servers? Of the PHP language? Continuing the previous question, is this a commonly used hack or a normal programming tool? What are (all) the rules of using brackets in input field names? Can multidimensional arrays be created this way? Thanks, Gidi

  Read the article

• Why do they initialize pointers this way?

  - by Rob

  In almost all of the books I read and examples I go through I see pointers initialized this way. Say that I have a class variable NSString *myString that I want to initialize. I will almost always see that done this way: -(id)init { if (self = [super init]) { NSString *tempString = [[NSString alloc] init]; myString = tempString; [tempString release]; } return self; } Why can't I just do the following? -(id)init { if (self = [super init]) { myString = [[NSString alloc] init]; } return self; } I don't see why the extra tempString is ever needed in the first place, but I could be missing something here with memory management. Is the way I want to do things acceptable or will it cause some kind of leak? I have read the Memory Management Guide on developer.apple.com and unless I am just missing something, I don't see the difference.

  Read the article

• Why did I get a 400 Bad Request when getting a page with PHP Curl?

  - by user307272

  Hi, I was trying to access a page using curl. I could access it perfectly using the browser and using "static" strings as the URL, like: $url = "http://www.example.com/?q=1234" But when I tried to access the page using a variable in the URL string like: $url = "http://www.example.com/?q=$param" I got a 400 error code. I checked out on the web and found some comments here in this stackoverflow thread: Then, just for curiosity I did the following: $url = "http://www.example.com/?q=" . trim($param); and it worked! And no, $param did NOT contain any spaces. To me, it seems that it can be some encoding error, but I really can't find an explanation for it. Does anyone here in stackoverflow know what it can possibly be? Thanks in advance :)

  Read the article

• Preventing entire JOINed MYSQL query from failing when one field is missing within a WHERE clause

  - by filip o

  I am doing a couple of joins with a variable in the WHERE clause. I'm not sure if I am doing everything as efficiently as I could, or even using the best practices but my issue is that half my tables have data for when tableC.type=500, and the other half don't resulting in the entire query failing. SELECT tableA.value1 , tableB.value2, tableC.value3 FROM tableA JOIN tableB ON tableB.id=tableA.id JOIN tableC ON tableC.id=tableB.id WHERE tableA.category=$var && tableC.type=500; What I would like to happen is to still get tableA.value1 and tableB.value2 even if there is no field in tableC with a type=500. any thoughts? i'm totally stumped as how to approach this...

  Read the article

• Populate javascript array with PHP array of Variables

  - by user1704514

  The following code is used to populate a pie chart in javascript: <script type="text/javascript"> var agg = { label: 'Aggressive', pct: [60, 10, 6, 30, 14, 10] }, bal = { label: 'Balanced', pct: [24, 7, 2, 18, 13, 36] }, mod = { label: 'Moderate', pct: [12, 4, 2, 10, 11, 61] }, inc = { label: 'Income', pct: [ 0, 0, 0, 0, 0,100] }, </script> Instead of tm: [40, 60, 67, 30, 74, 50] as seen above, I would like to make each of 6 values a php variable. Like: tm: [$r1, $r2, $r3, $r4, $r5, $r6] . How do I do this? How do I do this with? A php array or json encode?

  Read the article

• how to dynamically recolor a CGGradientRef

  - by saintmac

  I have three CGGradientRef's that I need to be able to dynamically recolor. When I Initialise the CGGradientRef's the first time I get the expected result, but every time I attempt to change the colors nothing happens. Why? gradient is an instance variable ins a subclass of CALayer: @interface GradientLayer : CALayer { CGGradientRef gradient; //other stuff } @end Code: if (gradient != NULL) { CGGradientRelease(gradient); gradient = NULL; } RGBA color[360]; //set up array CGColorSpaceRef rgb = CGColorSpaceCreateDeviceRGB(); gradient = CGGradientCreateWithColorComponents ( rgb, color, NULL, sizeof (color) / sizeof (color[0]) ); CGColorSpaceRelease(rgb); [self setNeedsDisplay];

  Read the article

• Need help: input int from console and pass it into method in different class

  - by christophe

  i'm a beginner, Need help, Please!!! I want to read number "a" from console and then store them in variable to use as passing to a different class (different .java file). How do i code the 2 classes? thanks public class PassedInMethod{ private int a; . public PAssMethod(int a) { a = a; // TODO: where to get the a? System.out.println("a was passed in!"+a); } public class Mainclass{ public static void main( String args[] ){ Scanner input = new Scanner( System.in ); int a; System.out.print( "Enter your nember: " ); a = input.nextInt(); PassedInMethod(int a); }

  Read the article

• Function argument treated as undeclared

  - by Mikulas Dite

  I've prepared this simple example which is not working for me #include <stdio.h> #include <stdlib.h> FILE *fp; char filename[] = "damy.txt"; void echo (char[] text) { fp = fopen(filename, "a"); fwrite(text, 1, strlen(text), fp); fclose(fp); printf(text); } int main () { echo("foo bar"); return 0; } It's supposed to write both to command window and to file. However, this gives compilation error - the text used in echo() is not declared. Does c need another declaration of the variable?

  Read the article

• VBscript and CMD writing into a text file

  - by Effected

  I am writing a script that executes and write everything to the file here is example, I stored the complete command in the variable 'Command' , Command = "ftp ftp.xyz.com 21 " & vbCRLF and then executing it in command prompt, shell.Run "%comspec% /c FTP " & Command & " > " & E:/abc.txt, 0, TRUE but when this program execute it won't write anything to the text file because this is an incomplete command, this command on execution prompt user to input username and password of FTP, how can i do this , that my programm automatically input username and password when prompt and then write everything to file ?

  Read the article

• IDisposable, does it really matter

  - by adrianm

  Coming from C/C++ a long time ago I still have a habit of ensuring that all resources are cleaned up correctly. I always ensure Dispose is called on IDisposable classes and implement Dispose patterns in my classes containing disposable objects. However, in my environment I'm more or less the only one doing this. Others just don't understand what I'm doing and think my code is more difficult to understand. They just create database connections, open streams etc without calling Close or Dispose. Sometimes they set a local or member variable to "Nothing" at the end of a method (guess their background). My problem is that their code works just as well as mine. Code that over time creates thousands of database connection objects just works. So, ignoring any arguments about code correctness, following guidelines etc, does IDiposable really matter? Has anyone actually ran out of resources from not Disposing objects?

  Read the article

• Why use of session name and session id in the get variables does not work?

  - by Roman

  I have the following code: $location .= 'red=no&'.session_name() . "=". session_id(); $content = file_get_contents($location); echo $content; If I run it, noting is displayed in my browser. However, if I modify it in the following way: $location .= 'red=no'; $content = file_get_contents($location); echo $content; everything works fine (I see the content in my browser). What is also strange, if I display the value of the $location variable from the first example (url) and manually paste it in the address line of my browser, I do see the content. So, my browser is able to use this URL and file_get_contents not. Does anybody know how it can be explained?

  Read the article

• function in c language

  - by sandy101

  Hello, I am practice the function in c and come across to the program .... include int main() { float a=15.5; char ch ='C'; printit(a,ch); return 0; } printit(a,ch) { printf("%f\n%c",a,ch); } I want to know that why the above program compile and not give the error as i understood so for is ... 1) The function in c must be declared with the specific prototype (but this program does not contain the prototype ) 2)why the program give the output 'x'for the char variable 3)can the function in c are capable of accepting the value without being declared about type in parameters like what has done in the function declaration .... plz.... help

  Read the article

• JAVA: How do I accept input during a certain period of time only

  - by sebrock

  Im trying to do a simple game where I continually need input from players. This needs to happen during a certain time period only. Everything that is sent after that will be discarded. After the time period a new game starts. So: Start game Wait for input from all players during 10 seconds 10 secs no more input Calculate the winner and do some stuff Goto 1. I was thinking using a timer and timertask to keep track of time and maybe use a boolean variable that changes from "open" to "closed" after 10 seconds? Please give me some advise on this.

  Read the article

• Whats the best to way convert a set of Java objects to another set of objects?

  - by HDave

  Basic Java question here from a real newbie. I have a set of Java objects (of class "MyClass") that implement a certain interface (Interface "MyIfc"). I have a set of these objects stored in a private variable in my class that is declared as follows: protected Set<MyClass> stuff = new HashSet<MyClass>(); I need to provide a public method that returns this set as a collection of objects of type "MyIfc". public Collection<MyIfc> getMyStuff() {...} How do I do the conversion? The following line gives me an error that it can't do the conversion. I would have guessed the compiler knew that objects of class MyClass implemented MyIfc and therefore would have handled it. Collection<MyIfc> newstuff = stuff; Any enlightenment is appreciated.

  Read the article

• Using adaptive step sizes with scipy.integrate.ode

  - by Mike

  The (brief) documentation for scipy.integrate.ode says that two methods (dopri5 and dop853) have stepsize control and dense output. Looking at the examples and the code itself, I can only see a very simple way to get output from an integrator. Namely, it looks like you just step the integrator forward by some fixed dt, get the function value(s) at that time, and repeat. My problem has pretty variable timescales, so I'd like to just get the values at whatever time steps it needs to evaluate to achieve the required tolerances. That is, early on, things are changing slowly, so the output time steps can be big. But as things get interesting, the output time steps have to be smaller. I don't actually want dense output at equal intervals, I just want the time steps the adaptive function uses.

  Read the article

• Ruby: having callbacks on 'attr' objects

  - by JP

  Essentially I'm wondering how to place callbacks on objects in ruby, so that when an object is changed in anyway I can automatically trigger other changes: class MyClass attr_reader :proxy def proxy=(string_proxy = "") begin @proxy = URI.parse("http://"+((string_proxy.empty?) ? ENV['HTTP_PROXY'] : string_proxy)) @http = Net::HTTP::Proxy.new(@proxy.host,@proxy.port) rescue @http = Net::HTTP end end end m = MyClass.new m.proxy = "myproxy.com:8080" p m.proxy # => <URI: @host="myproxy.com" @port=8080> # However changing m.proxy will not change the @http variable, as proxy= is not being called. # Desired functionality: m.proxy = nil # Now @http.class is Net::HTTP, not Net::HTTP::Proxy

  Read the article

• Smarty dynamic error list

  - by Brainscrewer

  Im new to Smarty in combination with PHP and I really like it. Unfortunatly im running into a problem while validating fields after a $_POST has been done. I've made an array called $errors and use that to save error messages in, for example: $errors[] .= "Wrong email";. My problem is in sending the $errors array over to the template so I can use it to display the error messages. My question: How do you 'transfer' the $errors variable over to the template file so you can use it there with, for example {foreach}. I was planning on doing something like {if $hasErrors} {foreach from=errors item=error} <li>{$error}</li> {/foreach} {/if} Thanks in advance

  Read the article

• Strings, regexp and files

  - by A Moose

  <?php $iprange = array( "^12\.34\.", "^12\.35\.", ); foreach($iprange as $var) { if (preg_match($var, $_SERVER['REMOTE_ADDR'])) { I'm looking to have a list that will constitute each of the values inside the array. Let's call it iprange.txt, from which I would extract the variable $iprange. I would also be updating the file with new ranges, but I also want to convert those strings to regexp if that's something that's needed in php, as it is in the above example. If you could help me with the two following issues: I understand that somehow I would be using an array include, but I'm not sure how to implement it. I would like to run a cron that would update the text file and turn it into a regexp acceptable for use in the above example, if you think regexp is a good idea and there isn't another option. I know how to apply a cron in a directadmin gui, but I don't know what the cronned file would look like.

  Read the article

• Converting c++ string to int

  - by skazhy

  Hi! I have the following data in a c++ string John Doe 01.01.1970 I need to extract the date and time from it into int variables. I tried it like this: int last_space = text_string.find_last_of(' '); int day = int(text_string.substr(last_space + 1, 2)); But I got invalid cast from type ‘std::basic_string’ to type ‘int’. When I extract the "John Doe" part in another string variable, all works fine. What's wrong? I am trying to compile it with g++ -Wall -Werror.

  Read the article

< Previous Page | 418 419 420 421 422 423 424 425 426 427 428 429  | Next Page >