Search Results

Search found 68155 results on 2727 pages for 'data security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 425/2727 | < Previous Page | 421 422 423 424 425 426 427 428 429 430 431 432  | Next Page >

  • ideas: per-file authentication in order to download

    - by suIIIha
    i would love to use mod_xsendfile but i live in a shared environment which does not provide such a module. processing large files such as videos through a server-side script and sending it to the browser that way seems to be unacceptable in my case, so i am looking for a way to enable per-file authentication in such a way that is not going to consume resources much. nobody shall know what the actual path is to the file they are downloading. please suggest how to do that.

    Read the article

  • Do similar passwords have similar hashes?

    - by SLC
    Our computer system at work requires users to change their password every few weeks, and you cannot have the same password as you had previously. It remembers something like 20 of your last passwords. I discovered most people simply increment a digit at the end of their password, so "thisismypassword1" becomes "thisismypassword2" then 3, 4, 5 etc. Since all of these passwords are stored somewhere, I wondered if there was any weakness in the hashes themselves, for standard hashing algorithms used to store passwords like MD5. Could a hacker increase their chances of brute-forcing the password if they have a list of hashes of similar passwords?

    Read the article

  • Can a proxy server cache SSL GETs? If not, would response body encryption suffice?

    - by Damian Hickey
    Can a (||any) proxy server cache content that is requested by a client over https? As the proxy server can't see the querystring, or the http headers, I reckon they can't. I'm considering a desktop application, run by a number of people behind their companies proxy. This application may access services across the internet and I'd like to take advantage of the in-built internet caching infrastructure for 'reads'. If the caching proxy servers can't cache SSL delivered content, would simply encrypting the content of a response be a viable option? I am considering all GET requests that we wish to be cachable be requested over http with the body encrypted using asymmetric encryption, where each client has the decryption key. Anytime we wish to perform a GET that is not cachable, or a POST operation, it will be performed over SSL.

    Read the article

  • Cookieless Django for government site

    - by phoebebright
    As I'm writing a django site from government bodies I'm not going to be able to use cookies. I found this snippet http://djangosnippets.org/snippets/1540/ but it's currently not allowing users to login. Before I start debugging I wondered if anyone else has solved this problem with this snippet or in any other way?

    Read the article

  • Exporting winform data to .txt file

    - by EvanRyan
    I have a winform with two data grids, and multiple text boxes. I want to give the user the option to export this data to a text document in a location of their choice on their drive. I also want the text document to be pre-formatted, and the values from the text boxes and datagrids to be plugged in. Is it possible to pre-format a txt document using StreamWriter? And how to I go about giving the user the option of where to save this exported file?

    Read the article

  • Quick way to do data lookup in PHP

    - by Ghostrider
    I have a data table with 600,000 records that is around 25 megabytes large. It is indexed by a 4 byte key. Is there a way to find a row in such dataset quickly with PHP without resorting to MySQL? The website in question is mostly static with minor PHP code and no database dependencies and therefore fast. I would like to add this data without having to use MySQL if possible. In C++ I would memory map the file and do a binary search in it. Is there a way to do something similar in PHP?

    Read the article

  • FileSystemWatcher surpassing Active Directory restrictions

    - by DevexPP
    While experimenting with FileSystemWatcher, I've found out that it somehow surpasses Active Directory's restrictions to files and folders, and will raise change events with information about what has changed in files and folders that you don't even have access to. I have two questions about that: 1) Why does this happen ? 2) Is this a problem in the AD configuration ? how do I fix it ? 3) Is there any way to gather these files, or even create a FileSystemInfo of them to get more info about the files (not only the changes made on them) ? As far as I've tried, only the FileSystemWatcher immune to the restrictions, I can't run any other thing over it, here's a list of what I've tried: File.Exists Directory.Exists FileInfo instance on found files DirectoryInfo instance on found files File.Copy File.Delete

    Read the article

  • What is the difference between binding data in data grid view methods ??

    - by Ashish
    What is the difference between binding data in data grid view methods ?? <ItemTemplate> <asp:LinkButton ID="lnkBtnUserName" runat="server" Text='<%# DataBinder.Eval(Container.DataItem,"UserFirstName")%>' CommandArgument='<%# Eval("UserID") %>' OnClick="lnkBtnUserName_Click" /> </ItemTemplate> and this second one <asp:TemplateField HeaderText="Employee ID"> <ItemTemplate> <asp:Label ID="lblempid" runat="server" Text='<%# Bind("EmpId.EmpId") %>'></asp:Label> </ItemTemplate> </asp:TemplateField> means in method 1 Text='<%# DataBinder.Eval(Container.DataItem,"UserFirstName")%>' CommandArgument='<%# Eval("UserID") %>' method 2 Text='<%# Bind("EmpId.EmpId") also explain use one this CommandArgument='<%# Eval("UserID") in 1st one ????

    Read the article

  • Java: BufferedImage from raw BMP file format data

    - by Victor
    Hello there. I've got BMP file's raw pixels table in byte[], it's structure is: (b g r) (b g r) ... (b g r) padding ... (b g r) (b g r) ... (b g r) padding Where r, g, b are byte each, padding is to round row length up to a multiple of 4 bytes. So, how can I create new BufferedImage from this raw data without copying, just using this raw data? I took a look at creating BufferedImage from DataBuffer, but I just didn't get it. Unfortunately ImageIO is not allowed in my situation.

    Read the article

  • varchar data type to datetime data type resulted in an out-of-range??

    - by leen3o
    Very weird problem occurred, I have moved a site from one server to another - All is working, but any query involving a date is playing up. I get the following: DELETE FROM MYTABLE WHERE categoryId = -2 AND datecreated < '3/23/2010'; The conversion of a varchar data type to a datetime data type resulted in an out-of-range value Now what's strange is I have changed the LCID to 1033 on the new server as the date is showing as US format and its still throwing an error! I then tried 2057 and again the same error? Made no difference. I'm a little confused, as this is a working site from a server with IIS6 - The locale is 1033 on that server and it works perfectly!! :S I have just tried thrown a Cdate() around the date too and yet again the same error??? Any ideas??

    Read the article

  • WINSDK: Determining whether an arbitrary pid identifies a running process on Windows

    - by Vlad Romascanu
    Attempting to implement a poor man's test of whether a process is still running or not (essentially an equivalent of the trivial kill(pid, 0).) Hoped to be able to simply call OpenProcess with some minimal desired access then test for either GetLastError() == ERROR_INVALID_PARAMETER or GetExitCodeProcess(...) != STILL_ACTIVE. Nice try... Running on Windows XP, as administrator: HANDLE hProc = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, pid); if (!hProc) { DWORD dwLastError = GetLastError(); } ...fails miserably with dwLastError == ERROR_ACCESS_DENIED when pid is owned by a different (not SYSTEM) user. Moreover, if pid was originally owned by a different user but has since terminated, OpenProcess also fails with ERROR_ACCESS_DENIED (not ERROR_INVALID_PARAMETER.) Do I have to use Process32First/Process32Next or EnumProcesses? I absolutely do not want to use SeDebugPrivilege. Thanks, V

    Read the article

  • RewriteRule help

    - by Camran
    I have successfully setup htaccess to do this: domain.com/ad.php?ad_id=bmw_m3_2498224 INTO: domain.com/ads/bmw_m3_2498224 However, I have a link on the page which makes the page submit to itself... The link saves the ad inside a cookie: domain.com/ad.php?ad_id=bmw_m3_2498224&save=1 // Note the 'save' variable I need to make this work on the rewritten rule also, so this link: domain.com/ads/bmw_m3_2498224/save will save the cookie... I have this so far which DOES NOT work for the save part: RewriteRule ^annons/([a-zA-Z0-9_]+)$ ad.php?ad_id=$1 [NC,L] How can I include another rule to accomplish what I want? Thanks

    Read the article

  • String encryption only with numbers?

    - by HH
    Suppose your bank clerk gives you an arbitrary password such as hel34/hjal0@# and you cannot remember it without writing it to a paper. Dilemma: you never write passwords to paper. So you try to invent an encryption, one-to-one map, where you write only a key to a paper, only numbers, and leave the rest junk to your server. Of course, the password can consist of arbitrary things. Implemention should work like hel34/hjal0#@ ---- magic ----> 3442 and to other way: 3442 ---- server magic ---> hel34/hjal0#@ [Update] mvds has the correct idea, to change the base, how would you implement it?

    Read the article

  • How can I make CAPTCHA work across multiple pages?

    - by jm04469
    Ever visit a website such as myspace where they leverage CAPTCHA to prevent spam? The typical pattern is to present a challenge to each URL that is opened, yet the challenge doesn't actually belong to the page itself which causes additional bandwidth usage. So, if I open up six pages at the same time and want to present a challenge on each page. I want the challenge to be tied to the page and not to the session. How can I make this work with Spring and/or Struts.

    Read the article

  • PHP REMOTE_ADDR and secure sessions

    - by Christopher McCann
    One of the ways I have used to make securer sessions in the past is to also record the clients IP address and user agent at the handshake. Each time the client moves a page and calls session_start() I also check that the IP address and user agent stored is still the same to prevent hiijacking. But if someone is connecting from say a company network then all the users will probably have the same external static IP address and they could also really easily be using the same user agent. Is there other metrics I can use which are local only to the physical machine? Thanks

    Read the article

  • Get with the ajax data into a php file

    - by Max Torstensson
    I'm trying to build a login system with ajax and php. I use a log-view where I then save the data in ajax which brings into my doLogin.php (php file). My problem is that php file should never be any ajax data for when I build it into a class and a function VIEW: public function DoLoginBox() { //inloggning form-tagg... return '<p>&nbsp;</p> <div id="content"> <h1>Login Form</h1> <form id="form1" name="form1" action="Handler/doLogin.php" method="post"> <p> <label for="username">Username: </label> <input type="text" name="username" id="username" /> </p> <p> <label for="password">Password: </label> <input type="password" name="password" id="password" /> </p> <p> <input type="submit" id="login" name="login" /> </p> </form> <div id="message"></div> </div>'; } AJAX: <script type="text/javascript"> $(document).ready(function() { $("#login").click(function() { var action = $("#form1").attr('action'); var form_data = { username: $("#username").val(), password: $("#password").val(), is_ajax: 1 }; $.ajax({ type: "POST", url: action, data: form_data, success: function(response) { if(response == 'success') $("#form1").slideUp('slow', function() { $("#message").html("<p class='success'>You have logged in successfully!</p>"); }); else $("#message").html("<p class='error'>Invalid username and/or password.</p>"); } }); return false; }); }); </script PHP: <?php require_once ("UserHandler.php"); class DoLogingHandler{ public function Login (){ $is_ajax = !empty($_REQUEST['is_ajax']); if(isset($is_ajax) && $is_ajax) { $username = $_REQUEST['username']; $password = $_REQUEST['password']; $UserHandler = new UserHandler(); $UserHandler -> controllDB($username,$password); if($username == 'demo' && $password == 'demo') { echo "success"; } } } } ` $DoLogingHandler = new DoLogingHandler(); $DoLogingHandler-Login(); ?

    Read the article

  • Are PDO prepared statements sufficient to prevent SQL injection?

    - by Mark Biek
    Let's say I have code like this: $dbh = new PDO("blahblah"); $stmt = $dbh->prepare('SELECT * FROM users where username = :username'); $stmt->execute( array(':username' => $_REQUEST['username']) ); The PDO documentation says The parameters to prepared statements don't need to be quoted; the driver handles it for you. Is that truly all I need to do to avoid SQL injections? Is it really that easy? You can assume MySQL if it makes a difference. Also, I'm really only curious about the use of prepared statements against SQL injection. In this context, I don't care about XSS or other possible vulnerabilities.

    Read the article

  • PHP 2-way encryption: I need to store passwords that can be retrieved

    - by gAMBOOKa
    I am creating an application that will store passwords, which the user can retrieve and see. The passwords are for a hardware device, so checking against hashes are out of the question. What I need to know is: How do I encrypt and decrypt a password in PHP? What is the safest algorithm to encrypt the passwords with? Where do I store the private key? Instead of storing the private key, is it a good idea to require users to enter the private key any time they need a password decrypted? (Users of this application can be trusted) In what ways can the password be stolen and decrypted? What do I need to be aware of?

    Read the article

  • PHP: Safe way to store decryptable passwords

    - by Jammer
    I'm making an application in PHP and there is a requirement that it must be possible to decrypt the passwords in order to avoid problems in the future with switching user database to different system. What encryption/decryption algorithm would you suggest? Is it good idea to just store the encrypted value and then compare the future authentication attempts to that value? Are the passwords still as safe as MD5/SHA1 when the private key is not available to the attacker (Hidden in USB drive for example)? I should still use salting, right? What encryption libraries should I use for PHP?

    Read the article

  • Are volatile data members trivially copyable?

    - by Lightness Races in Orbit
    Whilst writing this answer I realised that I'm not as confident about my conclusions as I usually would ensure before hitting Post Your Answer. I can find a couple of reasonably convincing citations for the argument that the trivial-copyability of volatile data members is either implementation defined or flat-out false: https://groups.google.com/forum/?fromgroups=#!topic/comp.std.c++/5cWxmw71ktI http://gcc.gnu.org/bugzilla/show_bug.cgi?id=48118 http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2010/n3159.html#496 But I haven't been able to back this up in the standard1 itself. Particularly "worrying" is that there's no sign of the proposed wording change from that n3159 issues list in the actual standard's final wording. So, what gives? Are volatile data members trivially copyable, or not? 1   C++11

    Read the article

  • Claims-based Authentication: Are strings the essence of claims?

    - by Rising Star
    I've been programming with claims-based authentication for some time now with Windows Identity Foundation. It appears to me that in Windows Identity Foundation, once a user is logged in, the claims are basically strings of information that describe the user. With the old role-based authentication, I could say that a user is or is not a member of a given group, but with claims-based authentication, I can now have strings of information that describe a user. "This user is female". This user was born on "July 6, 1975". "This user logged in using a USB key". Is it the essence of claims-based authentication,that I have strings of information about the user given to the application by the framework?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 421 422 423 424 425 426 427 428 429 430 431 432  | Next Page >