Search Results

Search found 68155 results on 2727 pages for 'data security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 436/2727 | < Previous Page | 432 433 434 435 436 437 438 439 440 441 442 443  | Next Page >

  • Url rewriting : prevent to display xml

    - by Frank
    Edit : I've got an aspx file (default.aspx) that loads a flash file (index.swf), but this swf needs a xml file (foo.xml) to load correctly. However, I would like to block any request aiming directly at the xml file. Is it possible, using a rewritting engine (isapi_rewrite for example) to detect if the xml file is being 'hotlinked' or being loaded by the 'index.swf'(inside default.aspx)? Any ideas? Thank you.

    Read the article

  • Is this a secure way to structure a mysql_query in PHP

    - by Supernovah
    I have tried and tried to achieve an SQL injection by making custom queries to the server outside of firefox. Inside the php, all variables are passed into the query in a string like this. Note, by this stage, $_POST has not been touched. mysql_query('INSERT INTO users (password, username) VALUES(' . sha1($_POST['password']) . ',' . $_POST['username'] . ')); Is that a secure way to make a change?

    Read the article

  • problem in extracting the data from text file

    - by parijat24
    hello , i am new to python , and I want to extract the data from this format FBpp0143497 5 151 5 157 PF00339.22 Arrestin_N Domain 1 135 149 83.4 1.1e-23 1 CL0135 FBpp0143497 183 323 183 324 PF02752.15 Arrestin_C Domain 1 137 138 58.5 6e-16 1 CL0135 FBpp0131987 60 280 51 280 PF00089.19 Trypsin Domain 14 219 219 127.7 3.7e-37 1 CL0124 to this format FBpp0143497 5 151 Arrestin_N 1.1e-23 FBpp0143497 183 323 Arrestin_C 6e-16 I have written code in hope that it works but it does not work , please help! file = open('/ddfs/user/data/k/ktrip_01/hmm.txt','r') rec = file.read() for line in rec : field = line.split("\t") print field print field[:] print '>',field[0] print field[1], field[2], field[6], field[12] the hmmtext file is FBpp0143497 5 151 5 157 PF00339.22 Arrestin_N Domain 1 135 149 83.4 1.1e-23 1 CL0135 FBpp0143497 183 323 183 324 PF02752.15 Arrestin_C Domain 1 137 138 58.5 6e-16 1 CL0135 FBpp0131987 60 280 51 280 PF00089.19 Trypsin Domain 14 219 219 127.7 3.7e-37 1 CL0124

    Read the article

  • VS 2008 "Choose Data Source" wizard

    - by ELM
    Good Day, I'm using Visual Studio Professional 2008 SP 1. When I create a connection via the designer, the "Choose Data Source" dialog only lists the following data sources: Microsoft SQL Server Compact 3.5 Microsoft SQL Server Database File When I create a connection on the Server explorer the list is complete with : Microsoft SQL Server Compact 3.5, Microsoft SQL Server Database File, Microsoft SQL Server Compact, ODBC etc. Please help me out. I need to use SQL Server Compact. I have posted the same problem on the following thread with some screenshots: http://social.msdn.microsoft.com/Forums/en/vssetup/thread/906845c3-69e9-431a-ad07-7da2de684d33

    Read the article

  • Validate authenticity of website owner

    - by Cyber Junkie
    Hello all! I'm planning to develop a web app where users will list their site/blog. When people submit their sites, how can I confirm that they are the owners of it? So for instance there is a user Mark who wants to submit someone else's website without their approval. I want to restrict Mark from doing so unless he is the actual owner. My idea was to do a comparison between the user's email domain and the website domain she/he wants to submit. If they match allow the user to submit the website. However most people don't register with their website domain address.. or perhaps I'll implement a Facebook connect in the future. What other methods would you suggest?

    Read the article

  • Migrating just article contect of Joomla 1.0 to 2.5.x / 3.x?

    - by user2919408
    I have a simple website using Joomla 1.0.15, just having articles in some categories. As i want to install or remove components from admin area, i got : "You are not authorised to view this resource" or something like that. This is uncommon, this site is about 5 years old, and never got error message like that. I think my website is hacked ?? I have set safe_mode = off in php.ini, turn of sh404sef, removing .htaccess file etc ... and it still does not work. Then i try to upgrade to Joomla 2.5.x / 3.x . I found that i must migrate to Joomla 1.5.x first, then from there to 2.5.x. I got problem installing "migration.zip" component in my Joomla 1.0.x (always alert/err message pop up is shown). Is there another way to migrate the website ? May be just get the article section, category, article id and the content of Joomla 1.0.x , then import it to Joomla 2.5.x / 3.x ? I don't need components, modules, mambots (if any) of the old site. How to do it ? Thanks

    Read the article

  • Secure way to run other people code (sandbox) on my server?

    - by amikazmi
    I want to make a web service that run other people code locally... Naturally, I want to limit their code access to certain "sandbox" directory, and that they wont be able to connect to other parts of my server (DB, main webserver, etc) Whats the best way to do it? Run VMware/Virtualbox: (+) I guess it's as secure as it gets.. even if someone manage to "hack".. they only hack the guest machine (+) can limit the cpu & memory the process uses (+) easy to setup.. just create the VM (-) harder to "connect" the sandbox directory from the host to the guest (-) wasting extra memory and cpu for managing the VM Run underprivileged user: (+) doesnt waste extra resources (+) sandbox directory is just a plain directory (?) cant limit cpu and memory? (?) dont know if it's secure enough... Any other way? Server running Fedora Core 8, the "other" codes written in Java & C++

    Read the article

  • Read data from specific memory address

    - by rapid
    Hello. How can I read (and put into new variable) data stored at specific memory address? For instance I know that: <nfqueue.queue; proxy of <Swig Object of type 'queue *' at 0xabd2b00> > And I want to have data stored at 0xabd2b00 in new variable so that I can work and use all functionalities of the object. Let's assume that I don't have access to the original variable that created this object.

    Read the article

  • Long to timestamp for historic data (pre-1900s)

    - by Mike
    I have a database of start and stop times that have previously all had fairly recent data (1960s through present day) which i've been able to store as long integers. This is very simialr to unix timestamps, only with millisecond precision, so a function like java.util.Date.getTime() would be the value of the current time. This has worked well so far, but we recently got data from the 1860s, and the following code no longer works: to_timestamp('1-JAN-1970 00:00:00', 'dd-mon-yyyy hh24:mi:ss') + numtodsinterval(int_to_convert/(1000),'SECOND' ); This wraps the date and we get timestamps in the year 2038. Is there a way around this issue? All of the documentation i've looked at the documentation and timestamps should be able to handle years all the way back to the -4000 (BC), so i'm suspecting an issue with the numtodsinterval. Any ideas suggestions would be greatly appreciated.

    Read the article

  • Using directory traversal attack to execute commands

    - by gAMBOOKa
    Is there a way to execute commands using directory traversal attacks? For instance, I access a server's etc/passwd file like this http://server.com/..%01/..%01/..%01//etc/passwd Is there a way to run a command instead? Like... http://server.com/..%01/..%01/..%01//ls ..... and get an output? EDIT: To be clear here, I've found the vuln in our company's server. I'm looking to raise the risk level (or bonus points for me) by proving that it may give an attacker complete access to the system

    Read the article

  • couchdb: one database per account vs all in one database w. a namespace / property

    - by thruflo
    I'm modelling a document generation system in couchdb. It semi-automates the production of proposal and presentation documents from managable document fragments. Much like, say, Basecamp, it breaks down very simply into self-contained data per 'account'. Each account has multiple users, projects, documents, etc. However, nothing should be shared between accounts. I can see two ways of doing this: one couchdb database per account use a namespace / property to identify the account It seems to me that the first approach is conceptually sound and potentially has security and partitioning advantages. However, it seems to me to restrict some cross-database data querying (that I don't have a use case for now but you never know...) and to make updating views potentially require an awful lot of writes. Does anyone experienced with this kind of decision have any advice?

    Read the article

  • how do I get the form data in a javascript object so I can send it as the data parameter of an $.aja

    - by user281180
    How to return json after form.submit()? <form id="NotificationForm" action="<%=Url.Action("Edit",new{Action="Edit"}) %>" method="post" enctype="multipart/form-data" onsubmit='getJsonRequestAfterSubmittingForm(this); return false;'> <%Html.RenderPartial("IndexDetails", Model);%> </form> $.ajax({ url: '<%=Url.Action("Edit","Notification") %>', type: "POST", dataType: 'json', data: $("#NotificationForm").submit(), contentType: "application/json; charset=utf-8", success: function(result) { if (result.Result == true) { alert("ghjghsgd"); } }, error: function(request, status, error) { $("#NotSelectedList").html("Error: " & request.responseText); } });

    Read the article

  • What scenarios/settings will result in a query on SQL Server (2008) return stale data

    - by s1mm0t
    Most applications rarely need to display 100% accurate data. For example if this stack overflow question displays that there have been 0 views, when there have really been 10, it doesn't really matter. This is one way that the (perceived) performance of applications can be improved, by caching results and therefore sometimes not showing 100% accurate results. There are some cases where the data does need to be 100% accurate though. So if I run the query select * from Foo I want to be sure that the results are not stale. Now depending on how my database is set up, other activity on the database, use of transactions and isolation levels etc this query may or may not be a true reflection of the world. What scenario's and settings can people think of that will result in this query returning stale results or given that another connection is part way through a transaction that has updated this table, how can I guarantee that when the above query returns, the results will be accurate.

    Read the article

  • Latest stream cipher considered reasonably secure & easy to implement?

    - by hythlodayr
    (A)RC4 used to fit the bill, since it was so simple to write. But it's also less-than-secure these days. I'm wondering if there's a successor that's: Code is small enough to write & debug within an hour or so, using pseudo code as a template. Still considered secure, as of 2010. Optimized for software. Not encumbered by licensing issues. I can't use crypto libraries, otherwise all of this would be moot. Also, I'll consider block algorithms though I think most are pretty hefty. Thanks.

    Read the article

  • jQuery.post not working when using data type json

    - by swift
    I have been trying to utilize json in this jQuery.post because I need to return two values from my executed php. The code was working when I was not implementing json. I need to see if a promo code entered is valid for a particular broker. The two variables I need back are the instant message whether or not it's valid (this is displayed to the user) and I need to update a hidden field that will be used later while updating the database. The jQuery.post does not seem to be firing at all, but the code directly above it (the ajax-loader.gif) is working. I did re-write the whole thing at one point using jQuery.ajax, and had issues there too. Granted, I have probably been looking at this too long and have tried to re-write too many times, but any help is greatly appreciated!! Here's the jQuery.post <!-- Below Script is for Checking Promo Code Against Database--> <script type="text/javascript"> jQuery(document).ready(function() { jQuery("#promocode").keyup(function (e) { //removes spaces from PromoCode jQuery(this).val(jQuery(this).val().replace(/\s/g, '')); var promocode = jQuery(this).val(); var brokerdealerid = document.getElementById("BrokerDealerId").value; if(promocode.length > 0 ){ jQuery("#promo-result").html('<img src="../imgs/ajax-loader.gif" />'); jQuery.post( '../check_promocode.php', {promocode:promocode, brokerdealerid:brokerdealerid}, function(data) { $("#promo-result").html(data.promoresult); $("#promo-result-valid").html(data.promovalid); }, "json"); } }); }); </script> <!-- End Script is for Checking Promo Code Against Database--> Here's relevant code from check_promocode.php: //sanitize incoming parameters if (isset($_POST['brokerdealerid'])) $brokerdealerid = sanitizeMySQL($_POST['brokerdealerid']); $promocode = sanitizeMySQL($promocode); //check promocode in db $results = mysql_query("SELECT PromotionCodeIdentifier FROM PromotionCode WHERE PromotionCodeIdentifier='$promocode' AND BrokerDealerId='$brokerdealerid' AND PromotionCodStrtDte <= CURDATE() AND PromotionCodExpDte >= CURDATE()"); //return total count $PromoCode_exist = mysql_num_rows($results); //total records //if value is more than 0, promocode is valid if($PromoCode_exist) { echo json_encode(array("promoresult"=>"Promotion Code Valid", "promovalid"=>"Y")); exit(); }else{ echo json_encode(array("promoresult"=>"Invalid Promotion Code", "promovalid"=>"N")); exit(); }

    Read the article

  • What is the best nuclear missile crypto system?

    - by The Rook
    You are on a submarine and there is an encrypted message that you want to read. Two people must use their keys at the same time in order to obtain the plain text. What is best cryptographic primitive to use? Are the following two implementations suitable? plain_text=decrypt(Key1 XOR key2,ciper_text,IV) plain_text=decrypt(Key1,rc4_encrypt(key2,ciper_text,IV2),IV1)

    Read the article

  • how can i hide the main form when it log out! ??

    - by Azka
    when i click onto login button, login page appears and when i enter the user id and password it proceeds to main form.. but.. when i log out, the main form appears and the controls transfer back to the log in page.. ... i need to hide that main form when it log outs.. ?? is it clear now??

    Read the article

  • Is there a unique computer identifier that can be used reliably even in a virtual machine?

    - by SaUce
    I'm writing a small client program to be run on a terminal server. I'm looking for a way to make sure that it will only run on this server and in case it is removed from the server it will not function. I understand that there is no perfect way of securing it to make it impossible to ran on other platforms, but I want to make it hard enough to prevent 95% of people to try anything. The other 5% who can hack it is not my concern. I was looking at different Unique Identifiers like Processor ID, Windows Product ID, Computer GUID and other UIs. Because the terminal server is a virtual machine, I cannot locate anything that is completely unique to this machine. Any ideas on what I should look into to make this 95% secure. I do not have time or the need to make it as secure as possible because it will defeat the purpose of the application itself. I do not want to user MAC address. Even though it is unique to each machine it can be easily spoofed. As far as Microsoft Product ID, because our system team clones VM servers and we use corporate volume key, I found already two servers that I have access to that have same Product ID Number. I have no Idea how many others out there that have same Product ID By 95% and 5% I just simply wanted to illustrate how far i want to go with securing this software. I do not have precise statistics on how many people can do what. I believe I might need to change my approach and instead of trying to identify the machine, I will be better off by identifying the user and create group based permission for access to this software.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 432 433 434 435 436 437 438 439 440 441 442 443  | Next Page >