Search Results

Search found 43347 results on 1734 pages for 'php security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 438/1734 | < Previous Page | 434 435 436 437 438 439 440 441 442 443 444 445  | Next Page >

  • How to Synchronize Session / Security between ASP.NET and Tomcat?

    - by Jay Stevens
    I have an Asp.NET 3.5 application with security/authentication. I have a second application (built using GWT and running on Windows Tomcat) running on a different machine. I need to make the second application available to the user via a link generated from the .NET application. This part is easy, I have constructed the link in the asp.net page and the user can click on it to start working in the GWT/Tomcat session. My question is this... How do I set it up so that the Tomcat/GWT application is Only Accessible via the link in my asp.NET application? I don't want the user to be able to copy the link from my asp.net page and then share that with someone else who is not authenticated within my asp.net application.

    Read the article

  • How to insert data in xml file using php?

    - by Nitesh
    <?xml version="1.0" encoding="UTF-8"?> <root></root> This is my xml file. I want to insert-update data using the dom method in between the tags. I am a beginner in php and Xml technologies. I successfully created and read from this file but not been able to enter data in it using php. The code for creating is as follows:- $doc = new DOMDocument('1.0', 'UTF-8'); $ele = $doc->createElement( 'root' ); $ele->nodeValue = $uvar; $doc->appendChild( $ele ); $test = $doc->save("$id.xml"); The code for reading is as follows:- $xdoc = new DOMDocument( ); $xdoc->Load("$gid.xml"); $candidate = $xdoc->getElementsByTagName('root')->item(0); $newElement = $xdoc ->createElement('root'); $txtNode = $xdoc ->createTextNode ($root); $newElement -> appendChild($txtNode); $candidate -> appendChild($newElement); $msg = $candidate->nodeValue; Can someone help out with inserting and updating. Thank You!

    Read the article

  • PHP-How to choose XML section based on an attribute?

    - by Vincent
    All, I have a config xml file in the following format: <?xml version="1.0"?> <configdata> <development> <siteTitle>You are doing Development</siteTitle> </development> <test extends="development"> <siteTitle>You are doing Testing</siteTitle> </test> <production extends="development"> <siteTitle>You are in Production</siteTitle> </production> </configdata> To read this config file to apply environment settings, currently I am using, the following code in index.php file: $appEnvironment = "production"; $config = new Zend_Config_Xml('/config/settings.xml', $appEnvironment ); To deploy this code on multiple environments, as user has to change index.php file. Instead of doing that, is it possible to maintain an attribute in the xml file, "say active=true". Based on which the Zend_Config_Xml will know which section of the xml file settings to read? Thanks

    Read the article

  • traits in php – any real world examples/best practices?

    - by Max
    Traits have been one of the biggest additions for PHP 5.4. I know the synatax and understand the idea behind traits, like horizontal code re-usage for common stuff like logging, security, caching etc. However, I still dont know yet how I would make use of traits in my projects. Are there any open source projects that already use traits? Any good articles/reading material on how to structure architectures using traits?

    Read the article

  • How can I execute a Java program within a php script?

    - by user450775
    I am writing a simple web upload script. The goal is to upload a file using php, and then calling a java program to process this file. I have done the work for uploading the file, but I cannot get a java program to be successfully run from within the php script. I have tried exec(), shell_exec(), and system() with no results. For the command, I have used "java Test", "java < directory /Test", "/usr/bin/java < directory /Test", I have even set up the application as a jar file with no results. The actual line of code I have used is: echo shell_exec("java Test"); Usually there is no output. However, if I have just shell_exec("java"), then the last line of the help from java ("show splash screen with specified image") is displayed, which shows that the command has been executed. If I use, for example, shell_exec("whoami") I get "nobody" returned, which is correct. The only thing the java file does is create a file so that I can see that the application has been successfully run (the application runs successfully if I run it on the command line). I have set the permissions for the java file to 777 to rule out any possibility of permission errors. I have been struggling with this for a while trying all sorts of options with no results - the file is never created (the file is created with an absolute path so it's not being created and I just can't find the file). Does anyone have any ideas? Thanks.

    Read the article

  • How to catch this low level MySQL (?) error in PHP/Magento

    - by andnil
    When I'm executing the following statement in Magento with a really large $sku, the execution terminates without any errors thrown what so ever. There are no errors in either Magento's, Apache's or PHP's error logs. Mage::getModel('catalog/product')-loadByAttribute('sku', $sku); Question: How do I catch the error? I've tried to set custom error handlers, and for testing purposes I've also managed to trigger error situations where each of the error handler functions are invoked. But when running the previously mentioned Magento code with a large $sku, none of the error handling functions are executed. error_reporting( -1 ); set_error_handler( array( 'Error', 'captureNormal' ) ); set_exception_handler( array( 'Error', 'captureException' ) ); register_shutdown_function( array( 'Error', 'captureShutdown' ) ); For completeness, this is the $sku I'm passing to loadByAttribute(). (The sku is invalid, but that is not the issue) 1- 9685 0102046|1- 9685 1212100|1- 9685 1212092|1- 9685 1212096|1- 9685 1102100|1- 9685 1102108|1- 9685 1102112|1- 9685 1102092|1- 9685 0102048|1- 9685 0102054|1- 9685 0102056|1- 9685 0102058|1- 9685 1212104|1- 9685 1212108|1- 9685 0212058|1- 9685 0104050|1- 9685 0212050|1- 9685 0212056|1- 9685 0212044|1- 9685 0212048|1- 9685 0212052|1- 9685 0212054|1- 9685 1102104|1- 9685 1102124 Any insight into this matter is much appreciated! Update: Upon further investigation, this is the exact point in the code where execution terminates. when the foreach is executed I guess Magento goes into MySQL world and starts loading up data from the database. \Mage\Catalog\Model\Abstract.php public function loadByAttribute($attribute, $value, $additionalAttributes = '*') { $collection = $this->getResourceCollection() ->addAttributeToSelect($additionalAttributes) ->addAttributeToFilter($attribute, $value) ->setPage(1,1); foreach ($collection as $object) { // <--------------- HERE return $object; } return false; } Note, I'm ONLY interested in finding out how to properly CATCH these kinds of errors, not "fix" the logic. This is so that I can present a proper error message to the user. The example above with the malformed sku is contrived and I have no desire to make my Magento app work with those erroneous skus.

    Read the article

  • CodeIgniter: help with this query

    - by iamjonesy
    Hi, I have just started my first CI app. I have a view that displays some posts. Each post can have multiple comments and I want to display the total number of comments next to each post. So far all my db call are in my controller (will be changing this). function index(){ $data['query'] = $this->db->get('posts'); $this->load->view('blog_view', $data); } In my view: <?php foreach($query->result() as $row): <div class="post-box"> <p><?php echo $row->body; ?><small>&nbsp;added by <?php echo $row->username; ?> on <?php echo date ('d/m/Y',strtotime($row->created)); ?>&nbsp;<a href="<?php echo base_url(); ?>blog/comments/<?php echo $row->id; ?>"><img src="<?php echo base_url(); ?>images/comments_icon.png" />&nbsp;0</a></small></p> </div> <?php endforeach; ?> I want to get the total number of comments where comment.post_id = the current record's id. and display it next to the comments icon. Any help with this most appreciated, Billy

    Read the article

  • [PHP] MySql Proccesslist filled with "Sleep" Entries leading to "To many Connections" ?

    - by edorian
    Hi, i'd like to ask your help on a longstanding issue with php/mysql connections. Every time i execute a "SHOW PROCESSLIST" command it shows me about 400 idle (Status: Sleep) connections to the database Server emerging from our 5 Webservers. That never was much of a problem (and i didn't find a quick solution) until recently traffic numbers increased and since then MySql reports the "to many connections" Problems repeatedly, even so 350+ of those connections are in "sleep" state. Also a server can't get a mysql connection even if there are sleeping connection to that same server. All those connections vanish when a apache server is restated. The PHP Code used to create the Database connections uses the normal "mysql" Module, the "mysqli" Module, PEAR::DB and Zend Framework Db Adapter. (Different projects). NONE of the projects uses persistent connections. Raising the connection-limit is possible but doesn't seem like a good solution since it's 450 now and there are only 20-100 "real" connections at a time anyways. My question: Why are there so many connections in sleep state and how can i prevent that. Thank you for your time, if theres anything unclear or missing please let me know

    Read the article

  • PHP Multi-Domain Sessions; ini_set Not Working?

    - by SumWon
    Hello, I'm trying to set it up so if you log in to my website the session carries over to all sub-domains of my website. For example, if you go to domain.com and log in, then go to sub.domain.com, you'll already be logged in at sub.domain.com. To my understanding, you would want to use ini_set('session.cookie_domain','.domain.com') and then session_start(), then set your session variables, but this isn't working. Example of what I'm doing: Code for domain.com: <?php ini_set('session.cookie_domain','.domain.com'); session_start(); $_SESSION['variable'] = 1; ?> Code for sub.domain.com: <?php session_start(); echo $_SESSION['variable']; ?> But $_SESSION['variable'] isn't set. I've also tried using ini_set() in the sub.domain.com code, but it made no difference. I've verified that setting session.cookie_domain is working by using ini_get(). What am I doing wrong? Thanks!

    Read the article

  • How do you send email from IMAP account with PHP?

    - by arthurakay
    I'm having an issue sending email via PHP/IMAP - and I don't know if it's because: I don't correctly understand IMAP, or there's an issue with my server My application opens an IMAP connection to an email account to read messages in the inbox. It does this successfully. The problem I have is that I want to send messages from this account and have them display in the outbox/sent folder. As far as I can tell, the PHP imap_mail() function doesn't in any way hook into the IMAP stream I currently have open. My code executes without throwing an error. However, the email never arrives to the recipient and never displays in my sent folder. private function createHeaders() { return "MIME-Version: 1.0" . "\r\n" . "Content-type: text/html; charset=iso-8859-1" . "\r\n" . "From: " . $this->accountEmail . "\r\n"; } private function notifyAdminForCompleteSet($urlToCompleteSet) { $message = " <p> In order to process the latest records, you must visit <a href='$urlToCompleteSet'>the website</a> and manually export the set. </p> "; try { imap_mail( $this->adminEmail, "Alert: Manual Export of Records Required", wordwrap($message, 70), $this->createHeaders() ); echo(" ---> Admin notified via email!\n"); } catch (Exception $e) { throw new Exception("Error in notifyAdminForCompleteSet()"); } } I'm guessing I need to copy the message into the IMAP account manually... or is there a different solution to this problem? Also, does it matter if the domain in the "from" address is different than that of the server on whicn this script is running? I can't explain why the message is never sent.

    Read the article

  • How do I create and populate a non-uniformly structured array in PHP?

    - by stormist
    I am trying to decide on a data structure for an array that has a date for the key and the amount of bandwidth consumed as values. examples Key Consumed Policy October 50 Basic November 75 Basic December 100 Basic Some months, but not all, will have more than one policy. In that case, I need break them down by policy once the total is shown. So for the above example, assume December had 3 policies. The table i construct from my array would then need to show: Key Consumed Policy October 50 Basic November 75 Basic December 100 .. December 25 Basic December 25 Extended December 50 Premium Could all this data be represented in an array ? $myArray['december'] would be a different data structure than the others because it would need a last entry, probably another array, that had the policy names as keys and the amount of data consumed as values. Does PHP allow for arrays that are not structured uniformly? i.e. key october and November have only 2 entries under their key while December has 2 entries plus a 3rd which is an additional array. My best guess is something like: Array ( [October] => "50", "Basic" [November] => "75", "Basic" [December] => "100", "..", Array( [Basic] => 25 [Extended] =>25 [Premium] => 50 ) ) My question is if this is possible and how to declare it and populate it with values with PHP. Thanks in advance for any clarifications or assistance!

    Read the article

  • Get Form Input via Ajax

    - by user3651491
    I have a jqgrid plugin which I call via Ajax. I have index.php and a getGridData.php. How will I pass form input in getGridData.php via ajax and use it in getGridData.php? I tried serialize but I can't pass or access it on getGridData.php. I need it as parameters for mysql. Here's my code. <script language="javascript" type="text/javascript"> function jgGrid() { $(document).ready(function () { $("#grid").jqGrid({ url: "inc/Controller/getGridData.php"+$("#thisForm").serialize(), data : formData, datatype: "json", mtype: "POST", colNames: ["SiteID", "TerminalID", "TransactionType", "Amount", "ServiceStatus"], colModel: [ { name: "SiteID"}, { name: "TerminalID"}, { name: "TransactionType"}, { name: "Amount"}, { name: "ServiceStatus"}, ], pager: "#pager", rowNum: 10, rowList: [10,20], sortname: "SiteID", sortorder: "asc", height: 'auto', viewrecords: true, gridview: true, caption: "" }); }); } </script> getGridData.php include('../Model/Queries.php'); $cardnumber = $_POST['cardnumber']; $transact_type = $_POST['transact_type']; $fromdate = $_POST['fromdate']; $todate = $_POST['todate']; $loyalty = new Queries(); $get_mid = $loyalty->loyaltyConn($cardnumber); $somedata = json_encode($loyalty->nposConn($get_mid, $transact_type, $fromdate, $todate)); echo $somedata;

    Read the article

  • Help - use PHP-broswer, or proxy or get_page_contents or include page, or something else ??

    - by userlite
    Hi, I am trying to develop a web application for which I need to capture a specific user-driven event (such as mouse dblclick) occurring on a different-website page loaded through my website. What I want to do is : User visits my website - hosted by me. There, user types in any website URL (e.g.: http://www.example.com) That URL page gets loaded as is. When user double-clicks mouse over any link or image from that page, a popup/side-panel is displayed with content related to that particular image or link. I can do this with a combination of PHP get_page_contents or include-page, and javascript dblclick. However, when user clicks on any link or submits a form, the control goes to that other website, where I cannot show the side-panel. I might be able to handle the links by proxifying them when user clicks on any of them. How do I handle forms submission and other stuff ? I can use a full-featured proxy, but that will be too heavy just for the purpose of capturing the event. My question is that is there a way to write some kind of light PHP script that sits on my website - that loads other websites contents as is, but lets me capture the mouse-dblclick event to show related-content in the side panel . I have already searched the internet, but could not find anything. Any help is really appreciated. Thanks.

    Read the article

  • How to increase my "advanced" knowledge of PHP further? (quickly)

    - by Kerry
    I have been working with PHP for years and gotten a very good grasp of the language, created many advanced and not-so-advanced systems that are working very well. The problem I'm running into is that I only learn when I find a need for something that I haven't learned before. This causes me to look up solutions and other code that handles the problem, and so I will learn about a new function or structure that I hadn't seen before. It is in this way that I have learned many of my better techniques (such as studying classes put out by Amazon, Google or other major companies). The main problem with this is the concept of not being able to learn something if you don't know it exists. For instance, it took me several months of programming to learn about the empty() function, and I simply would check the string length using strlen() to check for empty values. I'm now getting into building bigger and bigger systems, and I've started to read blogs like highscalability.com and been researching MySQL replication and server data for scaling. I know that structure of your code is very important to make full systems work. After reading a recent blog about reddit's structure, it made me question if there is some standard or "accepted systems" out there. I have looked into frameworks (I've used Kohana, which I regretted, but decided that PHP frameworks were not for me) and I prefer my own library of functions rather than having a framework. My current structure is a mix between WordPress, Kohana and my own knowledge. The ways I can see as being potentially beneficial are: Read blogs Read tutorials Work with someone else Read a book What would be the best way(s) to "get to the next level" the level of being a very good system developer?

    Read the article

  • Duplicate information from sql result

    - by puddleJumper
    I looked in about 18 other posts on here an most people are asking how to delete the records not just hide them. So my problem: I have a database with staff members who are associated with locations. Many of the staff members are associated with more than one location. What I want to do is to only display the first location listed in the mysql result and skip over the others. I have the sql query linking the tables together and it works aside from it showing the same information for those staff members that are in those other locations multiple times so example would be like this: This is the sql statement I have currently SELECT staff_tbl.staffID, staff_tbl.firstName, staff_tbl.middleInitial, staff_tbl.lastName, location_tbl.locationID, location_tbl.staffID, officelocations_tbl.locationID, officelocations_tbl.officeName, staff_title_tbl.title_ID, staff_title_tbl.staff_ID, titles_tbl.titleID, titles_tbl.titleName FROM staff_tbl INNER JOIN location_tbl ON location_tbl.staffID = staff_tbl.staffID INNER JOIN officelocations_tbl ON location_tbl.locationID = officelocations_tbl.locationID INNER JOIN staff_title_tbl ON staff_title_tbl.staff_ID = staff_tbl.staffID INNER JOIN titles_tbl ON staff_title_tbl.title_ID = titles_tbl.titleID and my php is <?php do { ?> <tr> <td><?php echo $row_rs_Staff_Info['firstName']; ?>&nbsp; <?php echo $row_rs_Staff_Info['lastName']; ?></td> <td><?php echo $row_rs_Staff_Info['titleName']; ?>&nbsp; </td> <td><?php echo $row_rs_Staff_Info['officeName']; ?>&nbsp; </td> </tr> <?php } while ($row_mysqlResult = mysql_fetch_assoc($rs_mysqlResult)); ?> What I would like to know is there a way using php to select only the first entry listed for each person and display that and just skip over the other two. I was thinking it could be done by possibly adding the staffID's to an array and if they are in there to skip over the next one listed in the staff_title_tbl but wasn't quite sure how to write it that way. Any help would be great thank you in advance.

    Read the article

  • How to write this loop prettier?

    - by Tom
    I've just read this topic http://stackoverflow.com/questions/2930533/highlight-search-keywords-on-hover and actually I use pretty the same structure, but it looks awful. So can you give me an advice, how to write this loop prettier in one php file, I mean php and html at the same time? <table class="result"> <?php while ($row= mysql_fetch_array($result, MYSQL_ASSOC)) { $cQuote = highlightWords(htmlspecialchars($row['cQuotes']), $search_result); ?> <tr> <td style="text-align:right; font-size:15px;"><?php h($row['cArabic']); ?></td> <td style="font-size:16px;"><?php echo $cQuote; ?></td> <td style="font-size:12px;"><?php h($row['vAuthor']); ?></td> <td style="font-size:12px; font-style:italic; text-align:right;"><?php h($row['vReference']); ?></td> </tr> <?php } ?>

    Read the article

  • How to limit a user to entering 10 keywords or less using PHP & MySQL?

    - by G4TV
    I'm trying to limit my users to entering at least 10 keywords and was wondering how would I be able to do this using PHP & MySQL with my current Keyword script? Here is the add keywords PHP MySQL code. if (isset($_POST['tag']) && trim($_POST['tag'])!=='') { $tags = explode(",", $_POST['tag']); for ($x = 0; $x < count($tags); $x++){ $mysqli = mysqli_connect("localhost", "root", "", "sitename"); $query1 = "INSERT INTO tags (tag) VALUES ('" . mysqli_real_escape_string($mysqli, strtolower(htmlentities(trim(strip_tags($tags[$x]))))) . "')"; if (!mysqli_query($mysqli, $query1)) { print mysqli_error($mysqli); return; } $mysqli = mysqli_connect("localhost", "root", "", "sitename"); $dbc = mysqli_query($mysqli,"SELECT id FROM tags WHERE tag='" . mysqli_real_escape_string($mysqli, strtolower(htmlentities(trim(strip_tags($tags[$x]))))) . "'"); if (!$dbc) { print mysqli_error($mysqli); } else { while($row = mysqli_fetch_array($dbc)){ $id = $row["id"]; } } $query2 = "INSERT INTO question_tags (tag_id, question_id, user_id, date_created) VALUES ('$id', '$question', '$user', NOW())"; if (!mysqli_query($mysqli, $query2)) { print mysqli_error($mysqli); return; } } }

    Read the article

  • [PHP] Does unsetting array values during iterating save on memory?

    - by saturn_rising
    Hello fellow code warriors, This is a simple programming question, coming from my lack of knowledge of how PHP handles array copying and unsetting during a foreach loop. It's like this, I have an array that comes to me from an outside source formatted in a way I want to change. A simple example would be: $myData = array('Key1' => array('value1', 'value2')); But what I want would be something like: $myData = array([0] => array('MyKey' => array('Key1' => array('value1', 'value2')))); So I take the first $myData and format it like the second $myData. I'm totally fine with my formatting algorithm. My question lies in finding a way to conserve memory since these arrays might get a little unwieldy. So, during my foreach loop I copy the current array value(s) into the new format, then I unset the value I'm working with from the original array. E.g.: $formattedData = array(); foreach ($myData as $key => $val) { // do some formatting here, copy to $reformattedVal $formattedData[] = $reformattedVal; unset($myData[$key]); } Is the call to unset() a good idea here? I.e., does it conserve memory since I have copied the data and no longer need the original value? Or, does PHP automatically garbage collect the data since I don't reference it in any subsequent code? The code runs fine, and so far my datasets have been too negligible in size to test for performance differences. I just don't know if I'm setting myself up for some weird bugs or CPU hits later on. Thanks for any insights. -sR

    Read the article

  • what this json must work?

    - by user1772630
    hi i search alot for get a respone from php back and if that respone is ok do someting and if its false do something else(!!!!!!!! WHENE I HAVE OTHER OUTPUT FROM THAT PHP !!!!!!) this is my index file <head> <script src="jquery-1.7.2.js" type="text/javascript"></script> <script src="js.js" type="text/javascript"></script> </head> <body> <p> click </p> <input type="text" id="who"> <br> <input type="text" id="why"> <div id="bg" align="center"> </div> </body> this is my JS file $(document).ready(function(){ $('p').click(function(){ var who = $('input#who').val(); var why = $('input#why').val(); $.post('file.php',{who:who,why:why},function(data) { if(data.success){ alert(data.message); } else{ alert('ERROR:' + data.message); } }); }); }); and this is my file.php <?php $response = array('success' => 'true', 'code' => "jQuery('#bg').html('\"Javascript\", \"json\", \"PHP\"');"); echo json_encode($response); ?> my question : 1- why this is not work i get alert (error:undifined) 2- how i can get some result from that php file when its have other output like this: <?php echo "1"; echo "2"; echo "3"; and now echo that json ?> thanks :(

    Read the article

  • Beginner Geek: Scan Files for Viruses Before Using Them

    - by Mysticgeek
    To help avoid getting your computer infected by malicious software, it’s a good idea to scan files before executing them. Today we take a look at a couple of options that will let you scan files easily from your desktop. Scan File with Your Antivirus Software Most Antivirus software will put an option in the context menu so you can scan individual files. After downloading a file or email attachment, simply right-click the file and select the option to scan with your Antivirus software. If you want to scan more than one at a time, hold down the Ctrl key while you clicking each file you want to scan. Then right-click and select to scan with your Antivirus software. Here is our favorite Antivirus app, Microsoft Security Essentials scanning a couple of files. If a virus is found, your Antivirus app will delete it or put it in Quarantine so it cannot infect your system. Using VirusTotal Uploader To be very thorough and want a second opinion (actually 41), then you might want to check out the VirusTotal Uploader. This handy app will scan your files with 41 different Antivirus apps online. After installing VirusTotal Uploader, right-click the file, go to Send To, then VirusTotal. Alternately you can launch VirusTotal Uploader and Get and upload the file. It will send the file to VirusTotal.com and scan it with 41 different Antivirus apps and show you the results.   If you don’t want to install the Uploader, you can go to the VirusTotal site and upload a file from there to scan. We’ve noticed that occasionally there will be a false positive detected on files we know are clean. Sometimes the definition database of an Anti-malware app isn’t current, or an obscure Antivirus App will find something questionable. If that is the case, use your best judgment when viewing the results. Conclusion Most Antivirus apps today have real-time scanning and should be able to detect possible infections before you’re able to execute them. However, if they don’t or when in doubt, following these tips can save you a lot of headaches in the long run. If you use a lot of different flash drives throughout the day, check out our article on how to scan a thumb drive for viruses from the AutoPlay Dialog. Download Microsoft Security Essentials Download VirusTotal Uploader VirusTotal Website Similar Articles Productive Geek Tips Scan Files for Viruses Before You Download With Dr.WebMake Microsoft Security Essentials Scan Faster by Excluding Certain File TypesBeginner Geek: Delete User Accounts in Windows 7Scan Your Thumb Drive for Viruses from the AutoPlay DialogSecure Computing: Free Anti-Virus Protection With AVG Free Edition TouchFreeze Alternative in AutoHotkey The Icy Undertow Desktop Windows Home Server – Backup to LAN The Clear & Clean Desktop Use This Bookmarklet to Easily Get Albums Use AutoHotkey to Assign a Hotkey to a Specific Window Latest Software Reviews Tinyhacker Random Tips Xobni Plus for Outlook All My Movies 5.9 CloudBerry Online Backup 1.5 for Windows Home Server Snagit 10 Video preview of new Windows Live Essentials 21 Cursor Packs for XP, Vista & 7 Map the Stars with Stellarium Use ILovePDF To Split and Merge PDF Files TimeToMeet is a Simple Online Meeting Planning Tool Easily Create More Bookmark Toolbars in Firefox

    Read the article

  • 13 Lösungen für eine höhere Sicherheit in einer Oracle Datenbank (Best Practices)

    - by C.Muetzlitz
    Externe Einflüsse wie Gesetze fordern die IT auf, (unsere) Daten zu schützen. Doch wie prüft man die eingestellte Sicherheit einer Oracle Datenbank überhaupt? Ist die geforderte Sicherheit ausreichend umgesetzt und zwar im Idealfall entsprechend dem notwendigen Schutzbedarf? Wann haben Sie eigentlich die Sicherheit Ihrer Oracle Datenbank das letzte Mal überprüft? Und noch besser gefragt, kennen Sie die Bedrohungen und die davon abgeleiteten Risiken? Alles Fragen deren Antworten ein verantwortlicher Anwendungsbesitzer sofort parat haben sollte oder sehen Sie das anders? Wie kann man sich am besten vor Bedrohungen schützen? Die einzige richtige Antwort auf diese Frage ist, durch Informationen und daraus abgeleitetes Wissen. Nun umfassen Informationen und das darin versteckte Wissen wahrscheinlich sehr viele Quellen. D.h. es wird immer schwieriger sich das richtige Wissen anzueignen und dieses Wissen für den Schutz von Daten und Datenbanken anzuwenden.Betrachtet man die Oracle Datenbank, dann empfehle ich zwei wesentliche Bereiche, die man tun muss bzw. wissen sollte. Die Best Practices Lösungen kennen, die man implementieren sollte und teilweise muss, um gute Sicherheit zu garantieren.Ich nenne diesen Bereich „13 Lösungen für eine höhere Sicherheit in einer Oracle Datenbank (Best Practices)“ Wie sieht der wirkliche Sicherheitszustand einer Oracle Datenbank aus.Diesen Bereich nenne ich „Check Oracle DB Security“ In diesem Beitrag möchte ich Sie nun in die Grundlagen einer guten Oracle Datenbank Sicherheit einführen und Sie befähigen, den Sicherheitszustand Ihrer Datenbank selber bestimmen zu können. 13 Lösungen für eine höhere Sicherheit in einer Oracle Datenbank (Best Practices)“  Password-Management aktiveren:Seien Sie sich bewusst, dass schwache Passwords eine hohe Bedrohung bedeuten. Aktivieren Sie ein vernünftiges Password Management Kennen Sie den Funktionsumfang Ihrer aktuellen Datenbank Version, auch die Funktionen, die nicht mehr unterstützt werden.Der "New Feature und Upgrade Guide" sollte eine Pflichtlektüre werden. Implementieren Sie eine passende Mindestsicherheit.Oracle liefert hier viele Vorgaben. Haben Sie das Rollen- und Account Management im GriffHier geht es um eine kontrollierte Privilegien-Vergabe (Least Privileg), eine Zwecktrennung im Account Management und eine andauernde Überprüfung des Rollenmanagements und Zugriffskonzepts Sicheres Datenbank Link Konzept implementierenGerade im Bereich der Datenintegration werden wiederholt DB Links in der Datenbank konfiguriert. Diese Links eröffnen u.U. unkontrollierte Zugriffe auf entfernte Datenbanken. Tracken Sie den Zugriff und setzen Sie ein sicheres DB Link Konzept um. Oracle liefert hier die entsprechenden Vorgaben. Definieren Sie Schutz-Policies für Ihre Anwendungen.Hierunter fällt z.B. ein richtiges Anwendungs-Owner und Anwendungs-User Setup Implementieren Sie den notwendigen Datenschutz für wichtige DatenKennen Sie die Daten, die geschützt werden müssen und schützen Sie diese angemessen. Kontrollieren Sie den Ressourcenverbrauch in Ihrer Datenbank Implementieren Sie eine sinnvolle Zwecktrennung in der DatenbankAuch bei der Datenbank ist es sinnvoll eine Zwecktrennung zu implementieren. Schalten Sie eine sinnvolle und gesetzeskonforme Protokollierung ein.Gesetze erfordern das und Oracle gibt eine Mindestprotokollierung vor. Implementieren Sie Prozesse, die den guten Zustand der Datenbank erhalten Führen Sie regelmäßige Health- Checks durchOracle liefert z.B. mit dem Enterprise Manager eine vollständige Library. Definieren Sie ein funktionierendes Patch-ManagementKennen Sie die Critical Patch Updates und handeln Sie falls notwendig. Check Oracle DB Security oder wer den Sicherheitszustand nicht kennt, wird auch keine Maßnahmen ergreifen Den Sicherheitszustand einer Oracle Datenbank zu überprüfen, ist sehr wichtig. Hierfür kann man verschiedene Anwendungen nutzen, die im Markt erhältlich sind. Eine gute Entscheidung wäre z.B. den Oracle Enterprise Manager (Cloud Control) mit dem Lifecycle Management zu nutzen, der periodisch den Sicherheitszustand für Sie ermittelt. Eine manuelle Überprüfung ist auch möglich, erfordert aber tiefes Wissen. Doch auch trotz der hohen Wissensanforderung ist ein Verstehen, wie man eine Oracle Datenbank manuell auf Sicherheit überprüft, wichtig. Vertrauen Sie nicht mehr auf Vermutungen, sondern nehmen Sie die Sicherheit Ihrer Datenbank ernst und lernen Sie den realen Zustand Ihrer Datenbank kennen. Wissen über reale Zustände und Wissen über geeignete Konzepte schützen. Erst dann können Sie entscheiden, welche Maßnahmen tatsächlich notwendig sind. Weiterführende Informationen: Oracle Online Dokumentation für die Datenbank Verschiedene Artikel in der Knowledge Base vom Oracle Support Das neue Buch „Oracle Security in der Praxis. Vollständige Sicherheitsüberprüfung Ihrer Oracle Datenbank“.

    Read the article

  • Success function not being called when form is submitted. jQuery / validationEngine / PHP form proce

    - by Tom Hartman
    Hi, I've been trying to figure out why the following script's success function isn't running. Everything in my form works perfectly, and the form contents are being emailed correctly, but the success function isn't being called. If anyone could review my code and let me know why my success function isn't being called I would very much appreciate it! Here is the HTML form with notification divs, which are hidden via css: <div id="success" class="notification"> <p>Thank you! Your message has been sent.</p> </div> <div id="failure" class="notification"> <p>Sorry, your message could not be sent.</p> </div> <form id="contact-form" method="post" action="" class="jqtransform"> <label for="name">Name:</label> <input name="name" id="name" type="text" class="validate[required] input" /> <label for="company">Company:</label> <input name="company" id="company" type="text" class="input" /> <label for="phone">Phone:</label> <input name="phone" id="phone" type="text" class="input" /> <label for="email">Email:</label> <input name="email" id="email" type="text" class="validate[required,email] input" /> <div class="sep"></div> <label for="subject">Subject:</label> <input name="subject" id="subject" type="text" class="validate[required] input" /> <div class="clear"></div> <label for="message">Message:</label> <textarea name="message" id="message" class="validate[required]"></textarea> <div id="check-services"> <input type="checkbox" name="services[]" value="Contractor Recommendation" /> <div>Contractor Recommendation</div> <input type="checkbox" name="services[]" value="Proposal Review" /> <div>Proposal Review</div> <input type="checkbox" name="services[]" value="Existing Website Review" /> <div>Existing Website Review</div> <input type="checkbox" name="services[]" value="Work Evaluation" /> <div>Work Evaluation</div> <input type="checkbox" name="services[]" value="Layman Translation" /> <div>Layman Translation</div> <input type="checkbox" name="services[]" value="Project Management" /> <div>Project Management</div> </div> <div class="sep"></div> <input name="submit" id="submit" type="submit" class="button" value="Send" /> <input name="reset" id="reset" type="reset" class="button" value="Clear" onclick="$.validationEngine.closePrompt('.formError',true)" /> </form> Here is the javascript: // CONTACT FORM VALIDATION AND SUBMISSION $(document).ready(function(){ $('#contact-form').validationEngine({ ajaxSubmit: true, ajaxSubmitFile: 'lib/mail.php', scroll: false, success: function(){ $('#success').slideDown(); }, failure: function(){ $('#failure').slideDown(); $('.formError').animate({ marginTop: '+30px' }); } }); }); And here is my PHP mailer script: <?php $name = $_POST['name']; $company = $_POST['company']; $phone = $_POST['phone']; $email = $_POST['email']; $subject = $_POST['subject']; $message = $_POST['message']; $services = $_POST['services']; $to = '[email protected]'; $subject = 'THC - Contact'; $content .= "You received a message from ".$name.".\r\n\n"; if ($company): $content .= "They work for ".$company.".\r\n\n"; endif; $content .= "Here's the message:\r\n\n".$message."\r\n\n"; $content .= "And they are interested in the services below:\r\n\n"; $content .= implode("\r\n",$services); if ($phone): $content .= "\r\n\nYou can reach them at ".$phone."."; else: $content .= "\r\n\nNo phone number was provided."; endif; $headers = "From: ".$name."\r\n"; $headers .= "Reply-To: ".$email."\r\n"; if (mail($to,$subject,$content,$headers)): return true; else: return false; endif; ?>

    Read the article

  • Spring Custom Filter Problem?

    - by mr.lost
    greetings all,iam using spring security 3 and i want to perform some logic(saving some data in the session) when the user is visiting the site and he's remembered so i extended the GenericFilterBean class and performed the logic in the doFilter method then complete the filter chain by calling the chain.doFilter method,and then inserted that filter after the remember me filter in the security.xml file? but there's a problem is the filter is executed on each page even if the user is remembered or not is there's something wrong with the filter implementation or the position of the filter? and i have a simple question,is the filter chain by default is executed on each page? and when making a custom filter should i add it to the web.xml too? the filter class: package projects.internal; import java.io.IOException; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.filter.GenericFilterBean; import projects.ProjectManager; public class rememberMeFilter extends GenericFilterBean { private ProjectManager projectManager; @Autowired public rememberMeFilter(ProjectManager projectManager) { this.projectManager = projectManager; } @Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { System.out.println("In The Filter"); Authentication auth = (Authentication) SecurityContextHolder .getContext().getAuthentication(); HttpServletResponse response = ((HttpServletResponse) res); HttpServletRequest request = ((HttpServletRequest) req); // if the user is not remembered,do nothing if (auth == null) { chain.doFilter(request, response); } else { // the user is remembered save some data in the session System.out.println("User Is Remembered"); chain.doFilter(request, response); } } } the security.xml file: <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> <global-method-security pre-post-annotations="enabled"> </global-method-security> <http use-expressions="true" > <remember-me data-source-ref="dataSource"/> <intercept-url pattern="/" access="permitAll" /> <intercept-url pattern="/images/**" filters="none" /> <intercept-url pattern="/scripts/**" filters="none" /> <intercept-url pattern="/styles/**" filters="none" /> <intercept-url pattern="/p/login" filters="none" /> <intercept-url pattern="/p/register" filters="none" /> <intercept-url pattern="/p/forgot_password" filters="none" /> <intercept-url pattern="/p/**" access="isAuthenticated()" /> <custom-filter after="REMEMBER_ME_FILTER" ref="rememberMeFilter" /> <form-login login-processing-url="/j_spring_security_check" login-page="/p/login" authentication-failure-url="/p/login?login_error=1" default-target-url="/p/dashboard" authentication-success-handler-ref="myAuthenticationHandler" always-use-default-target="false" /> <logout/> </http> <beans:bean id="myAuthenticationHandler" class="projects.internal.myAuthenticationHandler" /> <beans:bean id="rememberMeFilter" class="projects.internal.rememberMeFilter" > </beans:bean> <authentication-manager alias="authenticationManager"> <authentication-provider> <password-encoder hash="md5" /> <jdbc-user-service data-source-ref="dataSource" /> </authentication-provider> </authentication-manager> </beans:beans> any help?

    Read the article

  • Custom Filter Problem?

    - by mr.lost
    greetings all,iam using spring security 3 and i want to perform some logic(saving some data in the session) when the user is visiting the site and he's remembered so i extended the GenericFilterBean class and performed the logic in the doFilter method then complete the filter chain by calling the chain.doFilter method,and then inserted that filter after the remember me filter in the security.xml file? but there's a problem is the filter is executed on each page even if the user is remembered or not is there's something wrong with the filter implementation or the position of the filter? and i have a simple question,is the filter chain by default is executed on each page? and when making a custom filter should i add it to the web.xml too? the filter class: package projects.internal; import java.io.IOException; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.filter.GenericFilterBean; import projects.ProjectManager; public class rememberMeFilter extends GenericFilterBean { private ProjectManager projectManager; @Autowired public rememberMeFilter(ProjectManager projectManager) { this.projectManager = projectManager; } @Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { System.out.println("In The Filter"); Authentication auth = (Authentication) SecurityContextHolder .getContext().getAuthentication(); HttpServletResponse response = ((HttpServletResponse) res); HttpServletRequest request = ((HttpServletRequest) req); // if the user is not remembered,do nothing if (auth == null) { chain.doFilter(request, response); } else { // the user is remembered save some data in the session System.out.println("User Is Remembered"); chain.doFilter(request, response); } } } the security.xml file: <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> <global-method-security pre-post-annotations="enabled"> </global-method-security> <http use-expressions="true" > <remember-me data-source-ref="dataSource"/> <intercept-url pattern="/" access="permitAll" /> <intercept-url pattern="/images/**" filters="none" /> <intercept-url pattern="/scripts/**" filters="none" /> <intercept-url pattern="/styles/**" filters="none" /> <intercept-url pattern="/p/login" filters="none" /> <intercept-url pattern="/p/register" filters="none" /> <intercept-url pattern="/p/forgot_password" filters="none" /> <intercept-url pattern="/p/**" access="isAuthenticated()" /> <custom-filter after="REMEMBER_ME_FILTER" ref="rememberMeFilter" /> <form-login login-processing-url="/j_spring_security_check" login-page="/p/login" authentication-failure-url="/p/login?login_error=1" default-target-url="/p/dashboard" authentication-success-handler-ref="myAuthenticationHandler" always-use-default-target="false" /> <logout/> </http> <beans:bean id="myAuthenticationHandler" class="projects.internal.myAuthenticationHandler" /> <beans:bean id="rememberMeFilter" class="projects.internal.rememberMeFilter" > </beans:bean> <authentication-manager alias="authenticationManager"> <authentication-provider> <password-encoder hash="md5" /> <jdbc-user-service data-source-ref="dataSource" /> </authentication-provider> </authentication-manager> </beans:beans> any help?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 434 435 436 437 438 439 440 441 442 443 444 445  | Next Page >