Search Results

Search found 68155 results on 2727 pages for 'data security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 428/2727 | < Previous Page | 424 425 426 427 428 429 430 431 432 433 434 435  | Next Page >

  • MVC - Sanitizing data, where?

    - by dierre
    I'm using CakePHP but it's a question about the MVC pattern. I have in my form the input-text for the tags (separated by commas). To add the tags I've created a Tag model method that basically check if the tag exists and then add the new tag or just a new unit in the tag counter (the Tag model has these fields: id, name, slug, count). In the controller I explode the tags field and pass one tag at a time. The question is: where do I sanitize data? In the controller or in the model method? I think it should be in the controller because that's where I explode but in term of reusability I think I should sanitize data in the model. What do you think?

    Read the article

  • innerHTML yielding undefined, but correct data is visible

    - by Mike Dyer
    var Model,node; document.getElementById('sedans').innerHTML=''; var thismodelabbr,prevmodelabbr; for(var j=0; j<xmlDoc.getElementsByTagName('data').length; j++){ node = xmlDoc.getElementsByTagName('data')[j]; thismodelabbr=node.getAttribute('model'); if(prevmodelabbr!=thismodelabbr){ Model+='<a href="">'+ node.getAttribute('model')+'</a>'; } prevmodelabbr=thismodelabbr; document.getElementById('sedans').innerHTML=Model; } The above javascript snippet is working correctly and as needed, but I'm getting an "Undefined" response before the entry is displayed within its respective page. I'm assuming it has to do with the .innerHTML call. Any insight would be deeply appreciated.

    Read the article

  • HTTPS-Compliant Sharepoint Web Parts

    - by bporter
    We are planning to create a new sub-site within our company's intranet site. The intranet is built on SharePoint 2007. My question is this: Suppose I want to add a 3rd-party weather web part to the home page of my new intranet site. Since the new site uses HTTPS, do I need to make sure to find an HTTPS-compliant web part? If I use a standard web part, will users get a "This page contains both secure and non-secure items" error message when they load the page? Thanks in advance!

    Read the article

  • Authenticate User manually

    - by Sergey
    I am trying to authenticate the user after I got credentials using oAuth (with Twitter if that makes a difference). As far as I could understand it, I can directly put the Authentication object into SecurityContextHolder. Here is how I do it: Authentication auth = new TwitterOAuthAuthentication(member, userDetailsService.loadUserByUsername(member.getUsername()).getAuthorities()); SecurityContextHolder.getContext().setAuthentication(auth); This for some reason does absolutely nothing. What am I missing and what should I do to accomplish what need?

    Read the article

  • Java Sql Udate error, data type missmatch

    - by codo
    I have created a table in ms access. I have set the data type of ID to Auto Number in MS-access. In java when I try to update a record. the netBeans IDE gives me the error of " data type missmatch in criteria expression". But when I changed the ID number that was not in the table already it works well. The code is below. String sql = "Update table1 set price ='" + txtPrice.getText() + "', quantity='" + txtQuantity.getText() + "', description='" + txtDescription.getText() + "' where id= " + txtid.getText() + ""; try { pst = conn.prepareStatement(sql); pst.executeUpdate(); JOptionPane.showMessageDialog(null, "Updated"); UpdateJTable(); } catch (Exception e) { JOptionPane.showMessageDialog(null, e); }

    Read the article

  • Streaming data to the browser as a file of unknown size

    - by Sir Psycho
    I have some data which is queried from the database and I'd like to send it to the client as a csv file. The file size varies each time due to the fact that the DB data returned can be of any size. Instead of saving this file to the hard disk, I'd like to send it to the browser at the same time it's being processed into a CSV by my algorithm. Response.Write seems useless. For some reason, the file download dialog is only displayed once my processing is finished. This seems odd as I'm writting all my output to the Response.Output stream. I have downloaded files on the web before where the filesize is not known and the browser just keeps on downloading. Is there any way to achieve this? The following stackoverflow thread did not offer any good advise. http://stackoverflow.com/questions/873995/asp-net-downloading-large-files-of-unknown-size Thanks

    Read the article

  • Handling of data truncation (short reads/writes) in FUSE

    - by Vi
    I expect any good program should do all their reads and writes in a loop until all data written/read without relying that write will write everything (even with regular files). Am I right? Implemented simple FUSE filesystem which only allows reading and writing with small buffers, very often returning that it is written less bytes that in a buffer (using -o direct_io). Some programs work, some not (notably mountlo). Are them buggy or programs should not expect truncated writes and reads from the regular files? In general, are seekable file descriptors expected to truncate data like sockets and pipes?

    Read the article

  • Binding Data Template element to property on sub-class

    - by TerrorAustralis
    Hi guys, I have a class, for experiment sake call it foo() and another class, call it bar() I have a data template for class foo() defined in my xaml, but one of foo()'s properties is a bar() object such that foo() { Public string Name {get; set;} Public int ID {get; set;} Public bar barProp {get; set;} } and bar() { Public string Description{get; set;} } I want my data template of foo to display the Description property of bar. I have tried the simple <textblock Text="{Binding Path=barProp.Description}" /> and variants to no avail Seeking wisdom, DJ

    Read the article

  • posting data to a site in C#

    - by Michel
    i'm flabbergasted, i've looked at almost every example, but it just doesn't work (the other party says they don't receive my data in the request parameter) I want to do this in code (send some xml data (without the xml declaration) to a uri): <form method="post" action="http://http://100.100.100.100:11111/getinfo"> <input type="text" value="<ps:Balance>100</ps:Balance>" name="request" id="request"> <br><br> <input type="submit" value="go"> </form>

    Read the article

  • Session Fixation in ASP.NET

    - by AJM
    I'm wondering how to prevent Session fixation in ASP.NET My approach would to this would normally be to generate and issue a new session id whenever someone logs in. But is this level of control possible in ASP.NET land?

    Read the article

  • Get with the ajax data into a php file

    - by Max Torstensson
    I'm trying to build a login system with ajax and php. I use a log-view where I then save the data in ajax which brings into my doLogin.php (php file). My problem is that php file should never be any ajax data for when I build it into a class and a function VIEW: public function DoLoginBox() { //inloggning form-tagg... return '<p>&nbsp;</p> <div id="content"> <h1>Login Form</h1> <form id="form1" name="form1" action="Handler/doLogin.php" method="post"> <p> <label for="username">Username: </label> <input type="text" name="username" id="username" /> </p> <p> <label for="password">Password: </label> <input type="password" name="password" id="password" /> </p> <p> <input type="submit" id="login" name="login" /> </p> </form> <div id="message"></div> </div>'; } AJAX: <script type="text/javascript"> $(document).ready(function() { $("#login").click(function() { var action = $("#form1").attr('action'); var form_data = { username: $("#username").val(), password: $("#password").val(), is_ajax: 1 }; $.ajax({ type: "POST", url: action, data: form_data, success: function(response) { if(response == 'success') $("#form1").slideUp('slow', function() { $("#message").html("<p class='success'>You have logged in successfully!</p>"); }); else $("#message").html("<p class='error'>Invalid username and/or password.</p>"); } }); return false; }); }); </script PHP: <?php require_once ("UserHandler.php"); class DoLogingHandler{ public function Login (){ $is_ajax = !empty($_REQUEST['is_ajax']); if(isset($is_ajax) && $is_ajax) { $username = $_REQUEST['username']; $password = $_REQUEST['password']; $UserHandler = new UserHandler(); $UserHandler -> controllDB($username,$password); if($username == 'demo' && $password == 'demo') { echo "success"; } } } } ` $DoLogingHandler = new DoLogingHandler(); $DoLogingHandler-Login(); ?

    Read the article

  • Reload AJAX data every X minutes/seconds, jQuery

    - by NightMICU
    Hi everyone, I programmed a CMS that has a log of who has recently logged into the system. Presently, this data is fed into a jQuery UI tab via Ajax. I would like to put this information into a sidebar on the main page and load it via AJAX every 30 seconds (or some set period of time). How would I go about doing this? Does the PHP response need to be JSON coded? I am fairly new to AJAX and JSON data. Here is the PHP I am currently using to pull details from the users table- <?php $loginLog = $db->query("SELECT name_f, name_l, DATE_FORMAT(lastLogin, '%a, %b %D, %Y %h:%i %p') AS lastLogin FROM user_control ORDER BY lastLogin ASC LIMIT 10"); while ($recentLogin = $loginLog->fetch()) { echo $recentLogin['name_f'] . " " . $recentLogin['name_l'] . " - " . $recentLogin['lastLogin']; } ?> Thanks!

    Read the article

  • What is this hacker trying to do?

    - by JW
    If you do a search for: http://www.google.co.uk/search?q=0x57414954464F522044454C4159202730303A30303A313527&hl=en&start=30&sa=N you will see a lot of examples of an attempted hack along the lines of: 1) declare @q varchar(8000) select @q = 0x57414954464F522044454C4159202730303A30303A313527 exec(@q) -- What is exactly is it trying to do? Which db is it trying to work on? Do you know of any advisories about this?

    Read the article

  • An old flaw in X Window System. How does it work?

    - by Legend
    I was going through an article today when it mentioned the following: "We've found many errors over the years. One of the absolute best was the following in the X Window System: if(getuid() != 0 && geteuid == 0) { ErrorF("Only root"); exit(1); } It allowed any local user to get root access. (The tautological check geteuid == 0 was intended to be geteuid() == 0. In its current form, it compress the address of geteuid to 0; given that the function exists, its address is never 0)." The article explained what was wrong with the code but I would like to know what it means to say that "It allowed any local user to get root access". I am not an expert in C but can someone give me an exact context in which this exploit would work? Specifically, what I mean is, lets say I am the local user, how would I get root access if we assume this code to be present somewhere?

    Read the article

  • Ajax, not sending querystring data

    - by Tom Gullen
    var http = false; // Creates xmlhttp object if (navigator.appName == "Microsoft Internet Explorer") { http = new ActiveXObject("Microsoft.XMLHTTP"); } else { http = new XMLHttpRequest(); } http.onreadystatechange = function() { if (http.readyState == 4) { alert(http.responseText); } } // Functions to calculate optimum layout etc. function compute() { var statusSpan = document.getElementById("cwStatus"); document.getElementById("fader").style.display = ""; document.getElementById("computingWait").style.display = ""; statusSpan.innerHTML = "<b>Status:</b> Realigning sattelites" http.open("GET", "alg.aspx?cr=8&cc=7&sq=3,3", true); http.send(null); } This code sort of works, but the querystring data isn't being passed through. It keeps returning an ASPX error page which only happens when there is no querystring data. Thanks for any help

    Read the article

  • Alternative to jQuery .data()?

    - by thebossman
    I'm a big fan of jQuery's .data() method, but I can't always use it. Often times I am rendering html templates that I pass via AJAX and I need to attach metadata to each of the elements in the template. For example: <ul> {% for item in itemlist %} <li metadata="{{ item.metadata }}">{{ item.name }}</li> {% endfor %} </ul> I know attaching attributes to store data is bad practice (and it might not even work in older versions of IE). What is the best practice? Is there a good alternative to this method?

    Read the article

  • Securing input of private / protected methods?

    - by ts
    Hello, normally, all sane developers are trying to secure input of all public methods (casting to proper types, validating, sanitizing etc.) My question is: are you in your code validating also parameters passed to protected / private methods? In my opinion it is not necessary, if you securize properly parameters of public methods and return values from outside (other classes, db, user input etc...). But I am constantly facing frameworks and apps (ie. prestashop to name one) where validation is often repeated in method call, in method body and once again for securize returned value - which, I think, is creating performace overhead and is also a sign of bad design.

    Read the article

  • How to control access to third party HTML pages

    - by Wylie
    Hello, We have a Learning Management System (LMS) that runs on its own server (IIS/Server 2003). Students must login with Forms authentication to gain access to the content. We want to offer access to third party flash and audio that is embedded in HTML pages hosted on the third party server (IIS/Server 2003). Currently we use a frame in a pop-up window that is populated via a simple URL to the third party HTML pages. How can the third party control access to their content, so that only students who launch the pop-up windows from our site can access their content? Since the content is mostly video and flash, we would prefer not to stream all of their content through our server to the Student. We have a programming staff, so we could maybe... - either post or get for our HTTP request to the third party server - we could use SSL - we could programmatically assign a global NT user account to all of our users and then do some kind of Active Directory login from the LMS server to the third party server - could the third party content be hosted at Amazon S3? Would this allow for secure access/download? These are just ideas. We really have no idea. Any suggestions would be greatly appreciated. TIA, Wylie

    Read the article

  • PHP => Alternative to session data?

    - by Armz
    i have a Web Application where Cookies and Session are both important. Since the Web Application is load balanced on different server, i am looking for suggestions to Alternative Store for the Session data that all server will be able to access. Some sessions could live up to severals days. The solutions that come to my mind: - Native PHP Sessions (this is the one i want to stop using) - MySQL Database - Serialize and write to a file (i want to avoid this, for performances) - Memcache (however it could become very big or older data getting knocked out) Thanks in advance!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 424 425 426 427 428 429 430 431 432 433 434 435  | Next Page >