Search Results

Search found 43347 results on 1734 pages for 'php security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 428/1734 | < Previous Page | 424 425 426 427 428 429 430 431 432 433 434 435  | Next Page >

  • [PHP] What exactly does it mean when $_FILES is empty?

    - by Mike
    I am working on a PHP upload script and when testing my error checks, I attempted to upload a 17MB TIFF file. When I do this the $_FILES array is empty. The script works fine for what I need it to do, which is to upload JPEG files. My solution is to test if $_FILES is empty or not before continuing with the upload script. Can anybody explain why $_FILES is empty when a TIFF is attempted to be uploaded? Is my solution, to check if $_FILES is empty or not, an okay one? Does this have something to do with settings in php.ini?

    Read the article

  • PHP: Using a variable that are inside a function.

    - by Karem
    I have: include ('functions.php'); check_blocked(); echo $blocked; in functions.php, check_blocked(); exists. Inside check_blocked I got: global $blocked; $blocked = '1234'; I want to echo $blocked variable, that are inside check_blocked(). It doesnt work, no output.. This is an example of my original problem, so please dont say that I could just have the echo inside the function, as I cannot have in my original code.

    Read the article

  • ASP.NET Security Exception when Switch IIS7 to Use UNC Path for Content

    - by Jeremy H.
    I have a Windows Server 2008 R2 box running IIS7.5 with Medium Trust configured for ASP.NET. When I have the website running from local content (e.g.: c:\inetpub\wwwroot) everything works fine. When I change IIS to use a UNC path for the content (e.g.: \\computer\wwwroot) I get the following error: Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. I'm trying to figure out why ASP.NET/IIS would allow for the SQL call when using local content but not when using a UNC path. Any ideas what I need to do to use a UNC path from IIS7 properly?

    Read the article

  • ASP.NET Security Exception when Switch IIS7 to Use UNC Path for Content

    - by Jeremy H.
    I have a Windows Server 2008 R2 box running IIS7.5 with Medium Trust configured for ASP.NET. When I have the website running from local content (e.g.: c:\inetpub\wwwroot) everything works fine. When I change IIS to use a UNC path for the content (e.g.: \\computer\wwwroot) I get the following error: Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. I'm trying to figure out why ASP.NET/IIS would allow for the SQL call when using local content but not when using a UNC path. Any ideas what I need to do to use a UNC path from IIS7 properly?

    Read the article

  • Chrome shows "The site's security certificate is not trusted" error

    - by Emerald214
    From this morning I get this error whenever I access Google Docs and some websites. My system datetime is correct and I checked "Automatically from the Internet". My BIOS is OK. I cleared everything (cache, cookie, private data) in Chrome and restarted OS but nothing changes. How to fix it? Firefox works but Chrome has that problem. The site's security certificate is not trusted! You attempted to reach docs.google.com, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Google Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications. You cannot proceed because the website operator has requested heightened security for this domain.

    Read the article

  • Norton Security Suite Symantec Download Manager Error: "Error writing to disk"

    - by Stephen Pace
    My broadband provider (Comcast) decided to switch their 'included with service' security suite from McAfee to Norton Security Suite. Their email directed me to a site that downloaded the Symantec Download Manager (NortonDL.exe) and that went fine. I'm running Windows 7 32-bit and running this application pops up the standard User Account Control message and the software is correctly identified as coming from Symantec. I answer 'yes' to allow the software to install and upon launch immediately get an "Error writing to disk" error. I searched the Internet for this error, but mainly I find Comcast users complaining about the same issue with no resolution other than to call Symantec. I found no one suggesting a successful workaround and it appeared that most of the support calls took up to three hours. I'd like to avoid that if possible. Ideas? To be honest, I'm getting close to bagging this installation and just moving to Microsoft Security Essentials.

    Read the article

  • Oracle Advanced Security Options is Blank

    - by mak4pi
    I just installed Oracle DB 10gR2 with Oracle Advanced Security, but cannot see the algorithms. [user@db-1] adapters Installed Oracle Net transport protocols are: IPC BEQ TCP/IP SSL RAW Installed Oracle Net naming methods are: Local Naming (tnsnames.ora) Oracle Directory Naming Oracle Host Naming Oracle Names Server Naming Installed Oracle Advanced Security options are: Where are all the algorithms for Oracle Advanced Security options please? I checked the $ORACLE_HOME/bin/adapters file and it's looking for naea256i, naemd5i, etc. in the naetab.so file, but none of these are listed in the naetab.so file. What's wrong with the naetab.so file? Thanks.

    Read the article

  • View Security Server and Direct Connection

    - by Poort443
    I have a Security Server for my connections from the Internet. This works fine, accept when I enable "Direct Connection to the desktop". I found the following statement on this: If you bypass the secure connection, the client must establish a direct RDP communication to the desktop virtual machine over RDP (port 3389). Does this mean I have to open 3389 (RDP) to the Internet if I want to use Direct Connections? If I disable Direct Connections to get my Security Server working, I have to disable it on my Connection Server. It's my understanding that this means that if I reboot my Connection Server, all the View clients get disconnected. Is there a way I can disable "Direct Connections" for the Security Server, while enabling it for access from the LAN? Tia.

    Read the article

  • SharePoint Web Part Constructor Fires Twice When Adding it to the Page (and has a different security

    - by Damon
    We had some exciting times debugging an interesting issue with SharePoint 2007 Web Parts.  We had some code in staging that had been running just fine for weeks and had not been touched or changed in about the same amount of time.  However, when we tried to move the web part into a different staging environment, the part started throwing a security exception when we tried to add it to a page.  After a bit of debugging, we determined that the web part was throwing the exception while trying to access the SPGroups property on the SharePoint site.  This was pretty strange because we were logged in as an admin and the code was working perfectly fine before.  During the debugging process, however, we found out that the web part constructor was being fired twice.  On one request, the security context did not seem to have everything it needed in order to run.  On the other request, the security context was populated with the user context with the user making the request (like it normally is).  Moving the security code outside of the constructor seems to have fixed the issue. Why the discrepancy between the two staging environments?  Turns out we deployed the part originally, then deployed an update with the security code.  Since the part was never "added" to the page after the code updates were made (we just deployed a new assembly to make the updates), we never saw the problem.  It seems as though the constructor fires twice when you are adding the web part to the page, and when you run the web part from the web part gallery.  My only thought on why this would occur is that SharePoint is instantiating an instance to get some information from it - which is odd because you would think that would happen with reflection without requiring a new object.  Anyway, the work around is to just not put anything security related inside the constructor, or to do a good job accounting for the possibility of the security context not being present if you are adding the item to the page. Technorati Tags: SharePoint,.NET,Microsoft,ASP.NET

    Read the article

  • ResourceSerializable: an alternate to ORM and ActiveRecord

    - by Levi Morrison
    A few opinionated reasons I don't like the traditional ORM and ActiveRecord patterns: They work only with a database. Sometimes I'm dealing with objects from an API and other objects from a database. All the implementations I have seen don't allow for that. Feel free to clue me in if I'm wrong on this. They are brittle. Changes in the database will likely break your implemenation. Some implementations can help reduce this, but a few of the ones I've seen don't. Their very design is influenced by the database. If I want to switch to using an API, I'll have to redesign the object to get it to work (likely). It seems to violate the single-responsibility pattern. They know what they are and how they act, but they also know how they are created, destroyed and saved? Seems a bit much. What about an approach that is somewhat more familiar in PHP: implementing an interface? In php 5.4, we'll have the JsonSerializable interface that defines the data to be json_encoded, so users will become accustomed to this type of thing. What if there was a ResourceSerializable interface? This is still an ORM by name, but certainly not by tradition. interface ResourceSerializable { /** * Returns the id that identifies the resource. */ function resourceId(); /** * Returns the 'type' of the resource. */ function resourceType(); /** * Returns the data to be serialized. */ function resourceSerialize(); } Things might be poorly named, I'll take suggestions. Notes: ResourceId will work for API's and databases. As long as your primary key in the database is the same as the resource ID in the API, there is no conflict. All of the API's I've worked with have a unique ID for the resource, so I don't see any issues there. ResourceType is the group or type associated with the resource. You can use this to map the resource to an API call or a database table. If the ResourceType was person, it could map to /api/1/person/{resourceId} and the table persons (or people, if it's smart enough). resourceSerialize() returns the data to be stored. Keys would identify API parameters and database table columns. This also seems easier to test than ActiveRecord / Orm implemenations. I haven't done much automated testing on traditional ActiveRecord/ORM implemenations, so this is merely a guess. But it seems that I being able to create objects independently of the library helps me. I don't have to use load() to get an existing resource, I can simply create one and set all the right properties. This is not so easy in the ActiveRecord / Orm implemenations I've dealt with. Downsides: You need another object to serialize it. This also means you have more code in general as you have to use more objects. You have to map resource types to API calls and database tables. This is even more work, but some ORMs and ActiveRecord implementations require you to map objects to table names anyway. Are there other downsides that you see? Does this seem feasible to you? How would you improve it? Note: I almost asked this on StackOverflow because it might be too vague for their standards, but I'm still not really familiar with programmers.stackexchange.com, so please help me improve my question if it doesn't shape up to standards here.

    Read the article

  • Algorithm for tracking progress of controller method running in background

    - by SilentAssassin
    I am using Codeigniter framework for PHP on Windows platform. My problem is I am trying to track progress of a controller method running in background. The controller extracts data from the database(MySQL) then does some processing and then stores the results again in the database. The complete aforesaid process can be considered as a single task. A new task can be assigned while another task is running. The newly assigned task will be added in a queue. So if I can track progress of the controller, I can show status for each of these tasks. Like I can show "Pending" status for tasks in the queue, "In Progress" for tasks running and "Done" for tasks that are completed. Main Issue: Now first thing I need to find is an algorithm to track the progress of how much amount of execution the controller method has completed and that means tracking how much amount of method has completed execution. For instance, this PHP script tracks progress of array being counted. Here the current state and state after total execution are known so it is possible to track its progress. But I am not able to devise anything analogous to it in my case. Maybe what I am trying to achieve is programmtically not possible. If its not possible then suggest me a workaround or a completely new approach. If some details are pending you can mention them. Sorry for my ignorance this is my first post here. I welcome you to point out my mistakes. EDIT: Database outline: The URL(s) and keyword(s) are first entered by user which are stored in a database table called link_master and keyword_master respectively. Then keywords are extracted from all the links present in this table and compared with keywords entered by user and their frequency is calculated which is the final result. And the results are stored in another table called link_result. Now sub-links are extracted from the domain links and stored in a table called sub_link_master. Now again the keywords are extracted from these sub-links and the corresponding results are stored in a table called sub_link_result. The number of records cannot be defined beforehand as the number of links on any web page can be different. Only the cardinality of *link_result* table can be known which will be equal to multiplication of number of keyword(s) and URL(s) . I insert multiple records at a time using this resource. Controller outline: The controller extracts keywords from a web page and also extracts keywords from all the links present on that page. There is a method called crawlLink. I used Rolling Curl to extract keywords and web page content. It has callback function which I used for extracting keywords alongwith generating results and extracting valid sub-links. There is a insertResult method which stores results for links and sub-links in the respective tables. Yes, the processing depends on the number of records. The more the number of records, the more time it takes to execute: Consider this scenario: Number of Domain Links = 1 Number of Keywords = 3 Number of Domain Links Result generated = 3 (3 x 1 as described in the question) Number of Sub Links generated = 41 Number of Sub Links Result = 117 (41 x 3 = 123 but some links are not valid or searchable) Approximate time taken for above process to complete = 55 seconds. The above result is for a single link. I want to track the progress of the above results getting stored in database. When all results are stored, the task is complete. If results are getting stored, the task is In Progress. I am not clear how can I track this progress.

    Read the article

  • Why won't my code work in Ubuntu Server 11.10? Is it because of gd library?

    - by Derrick
    I get this error when running the following code: No such file found at "widgets/104-text.png" I know that the code works because it works on my other non-ubuntu server. I do not know if it is gd library or what. I tried both the bundled version and the non-bundled and both do not make this code work. $con = mysql_connect("localhost","user","abc123"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("satabase_name", $con); $productid2 = $this->product->id; $thename = mysql_query("SELECT * FROM pshop_product_lang WHERE id_product = '$productid2' LIMIT 1"); $thename2 = mysql_fetch_array($thename); $string2 = $thename2['name']; $string = (strlen($string2) > 25) ? substr($string2, 0, 25) . '...' : $string2; $font = 4; $width = imagefontwidth($font) * strlen($string); $height = imagefontheight($font); $image = imagecreatetruecolor ($width,$height); $white = imagecolorallocate ($image,255,255,255); $black = imagecolorallocate ($image,0,0,0); imagefill($image,0,0,$white); imagestring($image,$font,0,0,$string, $black); imagepng($image, 'widgets/' . $productid2 . '-text.png'); $getimg110 = mysql_query("SELECT * FROM pshop_image WHERE id_product = '$productid2'"); $gotimg110 = mysql_fetch_array($getimg110); $slash110 = addcslashes($gotimg110[id_image], '\0..\999999999999999999999'); $str110 = str_replace('\\', '/', $slash110); $newimg110 = '<img src="img/p' . $str110 . '/' . $gotimg110[id_image] . '-large_default.jpg" />'; include("conf.inc.php"); include('ImageWorkshop.php'); // Initialization of layer you need $pinguLayer = new ImageWorkshop(array( 'imageFromPath' => 'widgets/background.png', )); $pinguLayer2 = new ImageWorkshop(array( 'imageFromPath' => 'img/p' . $str110 . '/' . $gotimg110[id_image] . '-large_default.jpg', )); $pinguLayer3 = new ImageWorkshop(array( 'imageFromPath' => 'widgets/' . $productid2 . '-text.png', )); // resize pingu layer $thumbWidth2 = 150; // px $thumbHeight2 = 150; $thumbWidth = 400; // px $thumbHeight = 200; $pinguLayer2->resizeInPixel($thumbWidth2, $thumbHeight2); $pinguLayer->resizeInPixel($thumbWidth, $thumbHeight); // Add 2 layers on pingu layer $pinguLayer->addLayerOnTop($pinguLayer2, null, null, 'LM'); $pinguLayer->addLayerOnTop($pinguLayer3, 70, 25, 'MM'); // Saving the result in a folder $pinguLayer->save("widgets/", $productid2 . ".gif", true, null, 95); The file path is correct, however this part of the code is not creating the image as it is supposed to: $thename2 = mysql_fetch_array($thename); $string2 = $thename2['name']; $string = (strlen($string2) > 25) ? substr($string2, 0, 25) . '...' : $string2; $font = 4; $width = imagefontwidth($font) * strlen($string); $height = imagefontheight($font); $image = imagecreatetruecolor ($width,$height); $white = imagecolorallocate ($image,255,255,255); $black = imagecolorallocate ($image,0,0,0); imagefill($image,0,0,$white); imagestring($image,$font,0,0,$string, $black); imagepng($image, 'widgets/' . $productid2 . '-text.png');

    Read the article

  • Multiple Zend application code organisation

    - by user966936
    For the past year I have been working on a series of applications all based on the Zend framework and centered on a complex business logic that all applications must have access to even if they don't use all (easier than having multiple library folders for each application as they are all linked together with a common center). Without going into much detail about what the project is specifically about, I am looking for some input (as I am working on the project alone) on how I have "grouped" my code. I have tried to split it all up in such a way that it removes dependencies as much as possible. I'm trying to keep it as decoupled as I logically can, so in 12 months time when my time is up anyone else coming in can have no problem extending on what I have produced. Example structure: applicationStorage\ (contains all applications and associated data) applicationStorage\Applications\ (contains the applications themselves) applicationStorage\Applications\external\ (application grouping folder) (contains all external customer access applications) applicationStorage\Applications\external\site\ (main external customer access application) applicationStorage\Applications\external\site\Modules\ applicationStorage\Applications\external\site\Config\ applicationStorage\Applications\external\site\Layouts\ applicationStorage\Applications\external\site\ZendExtended\ (contains extended Zend classes specific to this application example: ZendExtended_Controller_Action extends zend_controller_Action ) applicationStorage\Applications\external\mobile\ (mobile external customer access application different workflow limited capabilities compared to full site version) applicationStorage\Applications\internal\ (application grouping folder) (contains all internal company applications) applicationStorage\Applications\internal\site\ (main internal application) applicationStorage\Applications\internal\mobile\ (mobile access has different flow and limited abilities compared to main site version) applicationStorage\Tests\ (contains PHP unit tests) applicationStorage\Library\ applicationStorage\Library\Service\ (contains all business logic, services and servicelocator; these are completely decoupled from Zend framework and rely on models' interfaces) applicationStorage\Library\Zend\ (Zend framework) applicationStorage\Library\Models\ (doesn't know services but is linked to Zend framework for DB operations; contains model interfaces and model datamappers for all business objects; examples include Iorder/IorderMapper, Iworksheet/IWorksheetMapper, Icustomer/IcustomerMapper) (Note: the Modules, Config, Layouts and ZendExtended folders are duplicated in each application folder; but i have omitted them as they are not required for my purposes.) For the library this contains all "universal" code. The Zend framework is at the heart of all applications, but I wanted my business logic to be Zend-framework-independent. All model and mapper interfaces have no public references to Zend_Db but actually wrap around it in private. So my hope is that in the future I will be able to rewrite the mappers and dbtables (containing a Models_DbTable_Abstract that extends Zend_Db_Table_Abstract) in order to decouple my business logic from the Zend framework if I want to move my business logic (services) to a non-Zend framework environment (maybe some other PHP framework). Using a serviceLocator and registering the required services within the bootstrap of each application, I can use different versions of the same service depending on the request and which application is being accessed. Example: all external applications will have a service_auth_External implementing service_auth_Interface registered. Same with internal aplications with Service_Auth_Internal implementing service_auth_Interface Service_Locator::getService('Auth'). I'm concerned I may be missing some possible problems with this. One I'm half-thinking about is a config.ini file for all externals, then a separate application config.ini overriding or adding to the global external config.ini. If anyone has any suggestions I would be greatly appreciative. I have used contextswitching for AJAX functions within the individual applications, but there is a big chance both external and internal will get web services created for them. Again, these will be separated due to authorization and different available services. \applicationstorage\Applications\internal\webservice \applicationstorage\Applications\external\webservice

    Read the article

  • Is this spaghetti code already? [migrated]

    - by hephestos
    I post the following code writen all by hand. Why I have the feeling that it is a western spaghetti on its own. Second, could that be written better? <div id="form-board" class="notice" style="height: 200px; min-height: 109px; width: auto;display: none;"> <script type="text/javascript"> jQuery(document).ready(function(){ $(".form-button-slide").click(function(){ $( "#form-board" ).dialog(); return false; }); }); </script> <?php echo $this->Form->create('mysubmit'); echo $this->Form->input('inputs', array('type' => 'select', 'id' => 'inputs', 'options' => $inputs)); echo $this->Form->input('Fields', array('type' => 'select', 'id' => 'fields', 'empty' => '-- Pick a state first --')); echo $this->Form->input('inputs2', array('type' => 'select', 'id' => 'inputs2', 'options' => $inputs2)); echo $this->Form->input('Fields2', array('type' => 'select', 'id' => 'fields2', 'empty' => '-- Pick a state first --')); echo $this->Form->end("Submit"); ?> </div> <div style="width:100%"></div> <div class="form-button-slide" style="float:left;display:block;"> <?php echo $this->Html->link("Error Results", "#"); ?> </div> <script type="text/javascript"> jQuery(document).ready(function(){ $("#mysubmitIndexForm").submit(function() { // we want to store the values from the form input box, then send via ajax below jQuery.post("Staffs/view", { data1: $("#inputs").attr('value'), data2:$("#inputs2").attr('value'),data3:$("#fields").attr('value'), data4:$("#fields2").attr('value') } ); //Close the dialog $( "#form-board" ).dialog('close') return false; }); $("#inputs").change(function() { // we want to store the values from the form input box, then send via ajax below var input_id = $('#inputs').attr('value'); $.ajax({ type: "POST", //The controller who listens to our request url: "Inputs/getFieldsFromOneInput/"+input_id, data: "input_id="+ input_id, //+"&amp; lname="+ lname, success: function(data){//function on success with returned data $('form#mysubmit').hide(function(){}); data = $.parseJSON(data); var sel = $("#fields"); sel.empty(); for (var i=0; i<data.length; i++) { sel.append('<option value="' + data[i].id + '">' + data[i].name + '</option>'); } } }); return false; }); $("#inputs2").change(function() { // we want to store the values from the form input box, then send via ajax below var input_id = $('#inputs2').attr('value'); $.ajax({ type: "POST", //The controller who listens to our request url: "Inputs/getFieldsFromOneInput/"+input_id, data: "input_id="+ input_id, //+"&amp; lname="+ lname, success: function(data){//function on success with returned data $('form#mysubmit').hide(function(){}); data = $.parseJSON(data); var sel = $("#fields2"); sel.empty(); for (var i=0; i<data.length; i++) { sel.append('<option value="' + data[i].id + '">' + data[i].name + '</option>'); } } }); return false; }); }); </script>

    Read the article

  • Are there any security vulnerabilities in this PHP code?

    - by skorned
    Hi. I just got a site to manage, but am not too sure about the code the previous guy wrote. I'm pasting the login procedure below, could you have a look and tell me if there are any security vulnerabilities? At first glance, it seems like one could get in through SQL injection or manipulating cookies and the ?m= parameter. define ( 'CURRENT_TIME', time ()); / / Current time. define ( 'ONLINE_TIME_MIN', (CURRENT_TIME - BOTNET_TIMEOUT)); / / Minimum time for the status of "Online". define ( 'DEFAULT_LANGUAGE', 'en'); / / Default language. define ( 'THEME_PATH', 'theme'); / / folder for the theme. / / HTTP requests. define ( 'QUERY_SCRIPT', basename ($ _SERVER [ 'PHP_SELF'])); define ( 'QUERY_SCRIPT_HTML', QUERY_SCRIPT); define ( 'QUERY_VAR_MODULE', 'm'); / / variable contains the current module. define ( 'QUERY_STRING_BLANK', QUERY_SCRIPT. '? m ='); / / An empty query string. define ( 'QUERY_STRING_BLANK_HTML', QUERY_SCRIPT_HTML. '? m ='); / / Empty query string in HTML. define ( 'CP_HTTP_ROOT', str_replace ( '\ \', '/', (! empty ($ _SERVER [ 'SCRIPT_NAME'])? dirname ($ _SERVER [ 'SCRIPT_NAME']):'/'))); / / root of CP. / / The session cookie. define ( 'COOKIE_USER', 'p'); / / Username in the cookies. define ( 'COOKIE_PASS', 'u'); / / user password in the cookies. define ( 'COOKIE_LIVETIME', CURRENT_TIME + 2592000) / / Lifetime cookies. define ( 'COOKIE_SESSION', 'ref'); / / variable to store the session. define ( 'SESSION_LIVETIME', CURRENT_TIME + 1300) / / Lifetime of the session. ////////////////////////////////////////////////// ///////////////////////////// / / Initialize. ////////////////////////////////////////////////// ///////////////////////////// / / Connect to the database. if (! ConnectToDB ()) die (mysql_error_ex ()); / / Connecting topic. require_once (THEME_PATH. '/ index.php'); / / Manage login. if (! empty ($ _GET [QUERY_VAR_MODULE])) ( / / Login form. if (strcmp ($ _GET [QUERY_VAR_MODULE], 'login') === 0) ( UnlockSessionAndDestroyAllCokies (); if (isset ($ _POST [ 'user']) & & isset ($ _POST [ 'pass'])) ( $ user = $ _POST [ 'user']; $ pass = md5 ($ _POST [ 'pass']); / / Check login. if (@ mysql_query ( "SELECT id FROM cp_users WHERE name = '". addslashes ($ user). "' AND pass = '". addslashes ($ pass). "' AND flag_enabled = '1 'LIMIT 1") & & @ mysql_affected_rows () == 1) ( if (isset ($ _POST [ 'remember']) & & $ _POST [ 'remember'] == 1) ( setcookie (COOKIE_USER, md5 ($ user), COOKIE_LIVETIME, CP_HTTP_ROOT); setcookie (COOKIE_PASS, $ pass, COOKIE_LIVETIME, CP_HTTP_ROOT); ) LockSession (); $ _SESSION [ 'Name'] = $ user; $ _SESSION [ 'Pass'] = $ pass; / / UnlockSession (); header ( 'Location:'. QUERY_STRING_BLANK. 'home'); ) else ShowLoginForm (true); die (); ) ShowLoginForm (false); die (); ) / / Output if (strcmp ($ _GET [ 'm'], 'logout') === 0) ( UnlockSessionAndDestroyAllCokies (); header ( 'Location:'. QUERY_STRING_BLANK. 'login'); die (); ) ) ////////////////////////////////////////////////// ///////////////////////////// / / Check the login data. ////////////////////////////////////////////////// ///////////////////////////// $ logined = 0, / / flag means, we zalogininy. / / Log in session. LockSession (); if (! empty ($ _SESSION [ 'name']) & &! empty ($ _SESSION [ 'pass'])) ( if (($ r = @ mysql_query ( "SELECT * FROM cp_users WHERE name = '". addslashes ($ _SESSION [' name'])."' AND pass = ' ". addslashes ($ _SESSION [' pass']). " 'AND flag_enabled = '1' LIMIT 1 ")))$ logined = @ mysql_affected_rows (); ) / / Login through cookies. if ($ logined! == 1 & &! empty ($ _COOKIE [COOKIE_USER]) & &! empty ($ _COOKIE [COOKIE_PASS])) ( if (($ r = @ mysql_query ( "SELECT * FROM cp_users WHERE MD5 (name )='". addslashes ($ _COOKIE [COOKIE_USER ])."' AND pass = '". addslashes ($ _COOKIE [COOKIE_PASS]). " 'AND flag_enabled = '1' LIMIT 1 ")))$ logined = @ mysql_affected_rows (); ) / / Unable to login. if ($ logined! == 1) ( UnlockSessionAndDestroyAllCokies (); header ( 'Location:'. QUERY_STRING_BLANK. 'login'); die (); ) / / Get the user data. $ _USER_DATA = @ Mysql_fetch_assoc ($ r); if ($ _USER_DATA === false) die (mysql_error_ex ()); $ _SESSION [ 'Name'] = $ _USER_DATA [ 'name']; $ _SESSION [ 'Pass'] = $ _USER_DATA [ 'pass']; / / Connecting language. if (@ strlen ($ _USER_DATA [ 'language'])! = 2 | |! SafePath ($ _USER_DATA [ 'language']) | |! file_exists ( 'system / lng .'.$_ USER_DATA [' language '].' . php'))$_ USER_DATA [ 'language'] = DEFAULT_LANGUAGE; require_once ( 'system / lng .'.$_ USER_DATA [' language'].'. php '); UnlockSession ();

    Read the article

  • YouTube API Security Error Flex

    - by 23tux
    Hi, I've tried to use the YoutTube API within a Flex project. But i got this error: *** Security Sandbox Violation *** SecurityDomain 'http://www.youtube.com/apiplayer?version=3' tried to access incompatible context 'file:///Users/YouTubePlayer/bin-debug/YouTubePlayer.html' Here are the two files: <?xml version="1.0" encoding="utf-8"?> <s:Application xmlns:fx="http://ns.adobe.com/mxml/2009" xmlns:s="library://ns.adobe.com/flex/spark" xmlns:mx="library://ns.adobe.com/flex/halo" minWidth="1024" minHeight="768" xmlns:youtube="youtube.*" creationComplete="init();"> <fx:Script> <![CDATA[ [Bindable] private var ready:Boolean = true; private function init():void { Security.allowInsecureDomain("*"); Security.allowDomain("*"); Security.allowDomain('www.youtube.com'); Security.allowDomain('youtube.com'); Security.allowDomain('s.ytimg.com'); Security.allowDomain('i.ytimg.com'); } private function changing():void { /* trace("currentTime: " + player.getCurrentTime()); trace("startTime: " + player.startTime); trace("stopTime: " + player.stopTime); timeSlider.value = player.getCurrentTime() */ } private function startPlaying():void { player.play(); } private function checkStartSlider():void { if(startSlider.value > stopSlider.value) stopSlider.value = startSlider.value + 1; } private function checkStopSlider():void { if(stopSlider.value < startSlider.value) startSlider.value = stopSlider.value - 1; } ]]> </fx:Script> <s:VGroup> <youtube:Player id="player" videoID="DVFvcVuWyfE" change="changing();" ready="ready=true"/> <s:HGroup> <s:Button label="play" click="startPlaying();" /> </s:HGroup> <s:HGroup> <s:HSlider id="timeSlider" width="250" minimum="0" maximum="{player.stopTime}" snapInterval=".01" enabled="{ready}"/> <s:Label id="currentTimeLbl" text="current time: 0" /> </s:HGroup> <s:HGroup> <s:HSlider id="startSlider" width="250" minimum="0" maximum="{player.stopTime}" snapInterval=".01" change="checkStartSlider();" enabled="{ready}" value="0"/> <s:Label id="startTimeLbl" text="start time: {player.startTime}" /> </s:HGroup> <s:HGroup> <s:HSlider id="stopSlider" width="250" minimum="0" maximum="{player.stopTime}" snapInterval=".01" change="checkStopSlider();" enabled="{ready}" value="{player.stopTime}"/> <s:Label id="stopTimeLbl" text="stop time: {player.stopTime}" /> </s:HGroup> </s:VGroup> </s:Application> Here is the player package youtube { import flash.display.Loader; import flash.events.Event; import flash.events.TimerEvent; import flash.net.URLRequest; import flash.system.Security; import flash.utils.Timer; import mx.core.UIComponent; [Event(name="change", type="flash.events.Event")] [Event(name="ready", type="flash.events.Event")] public class Player extends UIComponent { private var player:Object; private var loader:Loader; private var _startTime:Number = 0; private var _stopTime:Number = 0; private var _videoID:String; private var metadataTimer:Timer = new Timer(200); private var playTimer:Timer = new Timer(200); public function Player() { // The player SWF file on www.youtube.com needs to communicate with your host // SWF file. Your code must call Security.allowDomain() to allow this // communication. Security.allowInsecureDomain("*"); Security.allowDomain("*"); // This will hold the API player instance once it is initialized. loader = new Loader(); loader.contentLoaderInfo.addEventListener(Event.INIT, onLoaderInit); loader.load(new URLRequest("http://www.youtube.com/apiplayer?version=3")); } private function onLoaderInit(event:Event):void { addChild(loader); loader.content.addEventListener("onReady", onPlayerReady); loader.content.addEventListener("onError", onPlayerError); loader.content.addEventListener("onStateChange", onPlayerStateChange); loader.content.addEventListener("onPlaybackQualityChange", onVideoPlaybackQualityChange); } private function onPlayerReady(event:Event):void { // Event.data contains the event parameter, which is the Player API ID trace("player ready:", Object(event).data); // Once this event has been dispatched by the player, we can use // cueVideoById, loadVideoById, cueVideoByUrl and loadVideoByUrl // to load a particular YouTube video. player = loader.content; // Set appropriate player dimensions for your application player.setSize(0, 0); } private function onPlayerError(event:Event):void { // Event.data contains the event parameter, which is the error code trace("player error:", Object(event).data); } private function onPlayerStateChange(event:Event):void { // Event.data contains the event parameter, which is the new player state trace("player state:", Object(event).data); } private function onVideoPlaybackQualityChange(event:Event):void { // Event.data contains the event parameter, which is the new video quality trace("video quality:", Object(event).data); } [Bindable] public function get videoID():String { return _videoID; } public function set videoID(value:String):void { _videoID = value; } [Bindable] public function get stopTime():Number { return _stopTime; } public function set stopTime(value:Number):void { _stopTime = value; } [Bindable] public function get startTime():Number { return _startTime; } public function set startTime(value:Number):void { _startTime = value; } public function play():void { if(_videoID!="") { player.loadVideoById(_videoID, 0); // add the event listener, so that all 200 milliseconds is an event dispatched metadataTimer.addEventListener(TimerEvent.TIMER, metadataTimeHandler); // if the timer is running, stop and reset it if(metadataTimer.running) metadataTimer.reset(); else metadataTimer.start(); } } private function metadataTimeHandler(e:TimerEvent):void { if(player.getDuration() > 0) { startTime = 0; stopTime = player.getDuration(); metadataTimer.reset(); metadataTimer.stop(); metadataTimer.removeEventListener(TimerEvent.TIMER, metadataTimeHandler); player.playVideo(); playTimer.addEventListener(TimerEvent.TIMER, playTimerHandler); dispatchEvent(new Event("ready")); } } private function playTimerHandler(e:TimerEvent):void { if(getCurrentTime() > _stopTime) { seekTo(startTime); } dispatchEvent(new Event(Event.CHANGE)); } public function getCurrentTime():Number { if(!player.getCurrentTime()) return 0; else return player.getCurrentTime(); } public function seekTo(time:uint):void { player.seekTo(time); } } } Hope someone can help. thx, tux

    Read the article

  • Ajax call file or files

    - by WAC0020
    I have a module setup that uses ajax calls, should I have one file for all my ajax calls or should all the calls have their own file? Example of what I mean: index.php ------ With the ajax calls Should I have one file such as 'ajax.php' that has functions for update, delete, and edit. Or should I have update.php, delete.php, and edit.php?

    Read the article

  • Display processing page then redirect when complete

    - by user285379
    I have a script that takes a while. I'd like to display a page during the processing of the script then redirect when the process is complete. E.g.: form.php - processing.php - display_result.php I would like that processing.php is displayed immediately after form is submitted showing (Processing your information, please wait...) Once processing is complete the page should be redirected to display_result.php Is there anyway to sort of flush the content to the browser before processing begins, then redirect when the process is complete?

    Read the article

  • CodeIgniter's form_hidden

    - by 01010011
    Hi, How do I achieve this: //view.php <input type="hidden" name="Name" value="<?php echo $variable->id; ?> using CodeIgniter’s form_hidden helper: //view.php <?php echo form_hidden('Name','<?php echo $variable->id;') ?> The first one works fine when I display $variable-id but CI's form_hidden doesn't work.

    Read the article

  • Losing reference to $_post variable?

    - by Scott B
    In the code below, the echo at the top returns true, but the echo at the bottom returns nothing. Apparently the code in between is causing me to lose a reference to the $_post variable? <?php echo "in category: ".in_category('is-sidebar', $_post); //RETURNS TRUE if (!get_option('my_hide_recent')) { $cat=get_cat_ID('top-menu'); $catHidden=get_cat_ID('hidden'); $myquery = new WP_Query(); $myquery->query(array( 'cat' => "-$cat,-$catHidden", 'post_not_in' => get_option('sticky_posts') )); $myrecentpostscount = $myquery->found_posts; if ($myrecentpostscount > 0) { ?> <div class="menu"><h4><?php if ($my_sidebar_heading_recent !=="") { echo $my_sidebar_heading_recent; } else { echo "Recent Posts";} ?></h4><ul> <?php global $post; $current_page_recent = get_post( $current_page ); $myrecentposts = get_posts(array('post_not_in' => get_option('sticky_posts'), 'cat' => "-$cat,-$catHidden",'showposts' => $my_recent_count)); foreach($myrecentposts as $idxrecent=>$post) { if($post->ID == $current_page_recent->ID) { $home_menu_recent = ' class="current_page_item'; } else { $home_menu_recent = ' class="page_item'; } $myclassrecent = ($idxrecent == count($myrecentposts) - 1 ? $home_menu_recent.' last"' : $home_menu_recent.'"'); ?> <li<?php echo $myclassrecent ?>><a href="<?php the_permalink(); ?>"><?php the_title(); ?></a></li> <?php } ; if (($myrecentpostscount > $my_recent_count) && $my_recent_count > -1){ ?><li><a href="<?php bloginfo('url'); ?>/site-map">View all</a></li><?php } ?></ul></div> <?php } } global $sitemap; echo "in category: ".in_category('is-sidebar', $_post); //RETURNS NOTHING

    Read the article

  • Wordpress Custom Field

    - by kwek-kwek
    I wanted to use the custom field for wordpress to have a different header banner for my site here is my code: <?php get_header(); ?> <?php if (have_posts()) : while (have_posts()) : the_post(); ?> <div id="BodyWrap"> <!--MAIN CONT--> <div id="mainCont"> <?php get_sidebar(); ?> <div id="rotateBanner"><?php // check for image $image = get_post_meta($post->ID, 'image', $single = true);?> <img class="mainImg" src="<?php bloginfo(template_url); echo $image; ?>" alt=""/> </div> <div id="mainCopy"> <div id="content"> <h2><?php single_post_title(); ?></h2> <?php the_content('<p class="serif">Read the rest of this page &raquo;</p>'); ?> <?php wp_link_pages(array('before' => '<p><strong>Pages:</strong> ', 'after' => '</p>', 'next_or_number' => 'number')); ?> </div> </div> </div> </div> <?php endwhile; endif; ?> <?php get_footer(); ?> Now the code renders but for some reason it only renders the img path as: <img alt="" src="http://www.testground.idghosting.com/philcom/wp-content/themes/phil"/> here is the demosite in the custom field I put this: image For the value I put this: /images/sampleHead.png

    Read the article

  • Count words like Microsoft Word does

    - by Maarten
    I need to count words in a string using PHP or Javascript (preferably PHP). The problem is that the counting needs to be the same as it works in Microsoft Word, because that is where the people assemble their original texts in so that is their reference frame. PHP has a word counting function (http://php.net/manual/en/function.str-word-count.php) but that is not 100% the same as far as I know. Any pointers?

    Read the article

  • Can a simple web form like this get hacked?

    - by Haskella
    Hi I have a web form that sends a string to one php file which redirects them to a corresponding URL. I've searched about web form hacking and I've only received information about PHP and SQL... my site only uses a single PHP file, very basic etc. Would it be open to any exploits? I'm obviously not going to post the URL, but here is some code I was working on for the php file: http://stackoverflow.com/questions/2888077/newbie-php-coding-problem-header-function-maybe-i-need-someone-to-check-my-cod Thanks

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 424 425 426 427 428 429 430 431 432 433 434 435  | Next Page >