Search Results

Search found 43347 results on 1734 pages for 'php security'.

Page 445/1734 | < Previous Page | 441 442 443 444 445 446 447 448 449 450 451 452  | Next Page >

  • Git, auto updating, security and tampering?

    - by acidzombie24
    I was thinking about hosting my private project on my server (i may use 'gitolite') and have a copy on my local machine as backup (git clone then automated git fetch every few minute). I want to know what happens if there is a bug gitolite or somewhere else on my server and the source code and git repository has been tampered with? Will my backup also be corrupted? will i easily be able to revert the source using the history?

    Read the article

  • Dependency Injection and method signatures

    - by sunwukung
    I've been using YADIF (yet another dependency injection framework) in a PHP/Zend app I'm working on to handle dependencies. This has achieved some notable benefits in terms of testing and decoupling classes. However,one thing that strikes me is that despite the sleight of hand performed when using this technique, the method names impart a degree of coupling. Probably not the best example -but these methods are distinct from ... say the PEAR Mailer. The method names themselves are a (subtle) form of coupling //example public function __construct($dic){ $this->dic = $dic; } public function example(){ //this line in itself indicates the YADIF origin of the DIC $Mail= $dic->getComponent('mail'); $Mail->setBodyText($body); $Mail->setFrom($from); $Mail->setSubject($subject); } I could write a series of proxies/wrappers to hide these methods and thus promote decoupling from , but this seems a bit excessive. You have to balance purity with pragmatism... How far would you go to hide the dependencies in your classes?

    Read the article

  • Week in Geek: Steam Users at Risk from Potential New Security Vulnerability

    - by Asian Angel
    Our latest edition of WIG is filled with news link coverage on topics such as 10 things to do after installing Ubuntu 12.10, the FTC’s offer of a $50,000 cash bounty for technology to help eliminate robocalls, the new malware variant spreading across Skype, and more. Can Dust Actually Damage My Computer? What To Do If You Get a Virus on Your Computer Why Enabling “Do Not Track” Doesn’t Stop You From Being Tracked

    Read the article

  • How can I design my classes to include calendar events stored in a database?

    - by Gianluca78
    I'm developing a web calendar in php (using Symfony2) inspired by iCal for a project of mine. At this moment, I have two classes: a class "Calendar" and a class "CalendarCell". Here you are the two classes properties and method declarations. class Calendar { private $month; private $monthName; private $year; private $calendarCellList = array(); private $translator; public function __construct($month, $year, $translator) {} public function getCalendarCellList() {} public function getMonth() {} public function getMonthName() {} public function getNextMonth() {} public function getNextYear() {} public function getPreviousMonth() {} public function getPreviousYear() {} public function getYear() {} private function calculateDaysPreviousMonth() {} private function calculateNumericDayOfTheFirstDayOfTheWeek() {} private function isCurrentDay(\DateTime $dateTime) {} private function isDifferentMonth(\DateTime $dateTime) {} } class CalendarCell { private $day; private $month; private $dayNameAbbreviation; private $numericDayOfTheWeek; private $isCurrentDay; private $isDifferentMonth; private $translator; public function __construct(array $parameters) {} public function getDay() {} public function getMonth() {} public function getDayNameAbbreviation() {} public function isCurrentDay() {} public function isDifferentMonth() {} } Each calendar day can includes many calendar events (such as appointments or schedules) stored in a database. My question is: which is the best way to manage these calendar events in my classes? I think to add a eventList property in CalendarCell and populate it with an array of CalendarEvent objects fetched by the database. This kind of solution doesn't allow other coders to reuse the classes without db (because I should inject at least a repository services also) just to create and visualize a calendar... so maybe it could be better to extend CalendarCell (for instance in CalendarCellEvent) and add the database features? I feel like I'm missing some crucial design pattern! Any suggestion will be very appreciated!

    Read the article

  • CodeLobster PHP Edition 4.0.1 disponible : l'éditeur portable gratuit pour le Web rationalise et simplifie le processus de développement

    CodeLobster PHP Edition 4.0.1 disponible : l'éditeur portable gratuit pour PHP HTML, CSS, JavaScript rationalise et simplifie le processus de développement Web CodeLobster PHP Edition, l'environnement de développement Web gratuit est actuellement disponible en version 4.0.1. CodeLobster PHP Edition rationalise et simplifie le processus de développement en PH. Il propose un EDI pour les langages HTML, PHP, JavaSript et CSS, avec autocomplexion et coloration syntaxique. Le code mixte est encouragé, si bien que le domaine HTML sera mis en valeur en tant que HTML, le PHP en tant que PHP, et Javascript en tant que Javascript dans le même dossier. Pour PHP, la structu...

    Read the article

  • How to Upgrade PHP 5.2 to 5.3 on Windows Plesk Panel 8.2

    - by Jagat Sheth
    I need to upgrade my server PHP version becasue of Wordpress New version not support PHP 5.2. On My server windows 2003 stansard edition x64 with SP1 installed, IIS 6.0, MySQL 4.1, Plesk Panel 8.2. I have follow listed steps on plesk KB. http://kb.parallels.com/6670 How to update PHP 5 on a Windows server with Parallels Plesk Control Panel 8.x and 9.x installed. In order to upgrade PHP 5 to the necessary version (other than shipped with Parallels Plesk), please perform the following steps: Stop Plesk services (‘Control Panel’ and all that are included in the ‘Plesk Run-Time’ section) Rename folder %plesk_dir%\Additional\PleskPHP5 to the orig_PleskPHP5 Create a new folder %plesk_dir%\Additional\PleskPHP5 Download necessary version of PHP, unzip its content, and copy it to the newly created folder PleskPHP5 Copy the file php.ini from the old folder orig_PleskPHP5 to the new one Make sure the permissions are inherited Start Plesk services Click the "Refresh" button in the Components Management section in Parallels Plesk Panel and check if you can see the new PHP version there After follow steps when I open a PHP info it shows me specified module could not be found. If anybody know solution Kindly help me is highly priority. I am very thankful if any one help me to solve this ASAP. Thanks and regards, Jagat Sheth

    Read the article

  • Should I use nginx exclusively, or have it as a proxy to Tomcat (performance related)?

    - by Kevin
    I've planned to create a website that'll be pretty heavy on dynamic content, and want to know what would be the wisest choice for part of my webstack. Right now I'm trying to decide whether I should develop upon nginx, using PHP to deliver the dynamic content, or use nginx as a proxy to Tomcat and use servlets to deliver the dynamic content. I have a good amount of experience with Java, JSP, and servlets, so that's a plus right off the bat. Also, since it is a compiled language, it will execute faster than PHP (it is implied here that Java is around 37x faster than PHP) , and will create the web pages faster. I have no experience with PHP, however i'm under the impression that it is easy to pick up. It's slower than Java, but since the client will only be communicating with nginx, I'm thinking that serving the dynamically created web pages to the client will be faster this way. Considering these things, i'd like to know: Are my assumptions correct? Where does the bottleneck occur: creating pages or serving them back to the client? Will proxying Tomcat with nginx give me any of nginx performance benefits if I'm going to be using Tomcat to generate the dynamic content (keeping in mind my site is going to be heavy in this aspect)? I don't mind learning PHP if, in the end, its going to give me the best performance. I just want to know what would be the best choice from that standpoint.

    Read the article

  • ASP.NET Website Security Tips and Tricks

    This is a tutorial on how to secure your ASP.NET Mono website. Securing an ASP.NET website that runs in Mono is very different from securing an ASP.NET website hosted in a Windows environment because an ASP.NET Mono website runs on a non-Windows server such as Apache or Lighttpd and on an operating system such as Linux Unix. Thus the principles of securing a website in Apache server can be applied to securing an ASP.NET that runs in Mono.... Comcast? Business Class - Official Site Learn About Comcast Small Business Services. Best in Phone, TV & Internet.

    Read the article

  • What are some good ways for an intermediate programmer to build skills?

    - by Jordan
    Preface: I work mostly in Python, and Web Dev languages (HTML, CSS, Javascript and Jquery, PHP) I'm proficient at coding but I want to get better. In larger more advanced projects my programming skills break down. The more code there is the more trouble I have fitting all the pieces together. I understand syntax well, and I can catch and correct errors fairly easier. But the more advanced it gets the more I struggle. I believe I have a good understand of the basic and nuts and bolts of programming and I understand what's going on, but when it comes to larger projects, especially ones with heavy math involved my confidence flags and I start making mistakes. It's not that I can't do it, I'm just not used to doing it. Does anyone have any advice for someone who knows programming, but wants to get better? The only tutorials I can really find are beginner basic type stuff. Basically what I'm saying is I want to be confident when I'm tackling advanced projects, but I can't because I have little experience dealing with difficult situations.

    Read the article

  • How can I design my classes for a calendar based on database events?

    - by Gianluca78
    I'm developing a web calendar in php (using Symfony2) inspired by iCal for a project of mine. At this moment, I have two classes: a class "Calendar" and a class "CalendarCell". Here you are the two classes properties and method declarations. class Calendar { private $month; private $monthName; private $year; private $calendarCellList = array(); private $translator; public function __construct($month, $year, $translator) {} public function getCalendarCells() {} public function getMonth() {} public function getMonthName() {} public function getNextMonth() {} public function getNextYear() {} public function getPreviousMonth() {} public function getPreviousYear() {} public function getYear() {} private function calculateDaysPreviousMonth() {} private function calculateNumericDayOfTheFirstDayOfTheWeek() {} private function isCurrentDay(\DateTime $dateTime) {} private function isDifferentMonth(\DateTime $dateTime) {} } class CalendarCell { private $day; private $month; private $dayNameAbbreviation; private $numericDayOfTheWeek; private $isCurrentDay; private $isDifferentMonth; private $translator; public function __construct(array $parameters) {} public function getDay() {} public function getMonth() {} public function getDayNameAbbreviation() {} public function isCurrentDay() {} public function isDifferentMonth() {} } Each calendar day can includes many events stored in a database. My question is: which is the best way to manage these events in my classes? I think to add a eventList property in CalendarCell and populate it with an array of CalendarEvent objects fetched by the database. This kind of solution doesn't allow other coders to reuse the classes without db (because I should inject at least a repository services also) just to create and visualize a calendar... so maybe it could be better to extend CalendarCell (for instance in CalendarCellEvent) and add the database features? I feel like I'm missing some crucial design pattern! Any suggestion will be very appreciated!

    Read the article

  • how to fully unit test functions and their internal validation

    - by Patrick
    I am just now getting into formal unit testing and have come across an issue in testing separate internal parts of functions. I have created a base class of data manipulation (i.e.- moving files, chmodding file, etc) and in moveFile() I have multiple levels of validation to pinpoint when a moveFile() fails (i.e.- source file not readable, destination not writeable). I can't seem to figure out how to force a couple particular validations to fail while not tripping the previous validations. Example: I want the copying of a file to fail, but by the time I've gotten to the actual copying, I've checked for everything that can go wrong before copying. Code Snippit: (Bad code on the fifth line...) // if the change permissions is set, change the file permissions if($chmod !== null) { $mod_result = chmod($destination_directory.DIRECTORY_SEPARATOR.$new_filename, $chmod); if($mod_result === false || $source_directory.DIRECTORY_SEPARATOR.$source_filename == '/home/k...../file_chmod_failed.qif') { DataMan::logRawMessage('File permissions update failed on moveFile [ERR0009] - ['.$destination_directory.DIRECTORY_SEPARATOR.$new_filename.' - '.$chmod.']', sfLogger::ALERT); return array('success' => false, 'type' => 'Internal Server Error [ERR0009]'); } } So how do I simulate the copy failing. My stop-gap measure was to perform a validation on the filename being copied and if it's absolute path matched my testing file, force the failure. I know this is very bad to put testing code into the actual code that will be used to run on the production server but I'm not sure how else to do it. Note: I am on PHP 5.2, symfony, using lime_test(). EDIT I am testing the chmodding and ensuring that the array('success' = false, 'type' = ..) is returned

    Read the article

  • Security for LDAP authentication for Collabnet

    - by Robert May
    In a previous post, I wrote about how to get LDAP authentication working in Collabnet. By default, all LDAP users are put into the Users role on the server.  For most purposes, this is just fine, and I don’t have a way to change this.  The documentation gives hints that you can add them to other roles, but for now, I don’t have the need. However, adding permissions to different repositories is a different question. To add them, go to the repositories list, select Access Rules and then you can enter in their username, as it sits in Active Directory to the lists for the repositories or for the predefined groups that you have created.  To my knowledge, you cannot use the Active Directory groups in collabnet, which is a big problem.  Needing to micromanage users really limits the usefulness of the LDAP integration. Technorati Tags: subversion,collabnet

    Read the article

  • How can I have Vhosts with Lighttpd on Windows and keeping PHP through mod_cgi ?

    - by Pixelastic
    Hello, I installed Lighty on Windows 7 and managed to get it correctly serve both static and PHP files (through mod_cgi). At first I got the "No input file selected" message displayed when requesting a .php file. So, I updated the doc_root value in my php.ini to match the server.document-root defined in my Lighty config, and PHP stops complaining. Then I defined a VHost to point all foo.com requests to a specific dir. It worked well for all static files but when requesting a .php file, the mod_cgi was still picking files from the doc_root defined in php.ini, not in the directory I defined for server.document-root in my Vhost. I know its what's supposed to happen, PHP follows the config defined in php.ini. And I have to set this value in my php.ini otherwise no php is processed at all. What I don't understand is how I'm supposed to have virtual hosts with mod_cgi enabled here ? I tried adding [HOST=foo.com] section in the php.ini without any luck. I tried mod_fastcgi but could'n get it to work at all, I also tried mod_simple_host but could get it handle php. I managed to get it working by copying my PHP install to another dir (and changing the doc_root value) and adding a cgi.assign pointing to that install in my vhost. But this is a really hackish way, it means having one PHP install for each virtualhost. Note that I'm working on a development machine running Windows, this is not a production server, I just wanted to emulate the final Server config locally to test some changes. I googled a lot this problem but all I can find are people installing Lighty on windows with mod_cgi, or installing Lighty on Windows with virtual hosts, but I never found anyone who managed to get both.

    Read the article

  • Data Source Security Part 4

    - by Steve Felts
    So far, I have covered Client Identity and Oracle Proxy Session features, with WLS or database credentials.  This article will cover one more feature, Identify-based pooling.  Then, there is one more topic to cover - how these options play with transactions.Identity-based Connection Pooling An identity based pool creates a heterogeneous pool of connections.  This allows applications to use a JDBC connection with a specific DBMS credential by pooling physical connections with different DBMS credentials.  The DBMS credential is based on either the WebLogic user mapped to a database user or the database user directly, based on the “use database credentials” setting as described earlier. Using this feature enabled with “use database credentials” enabled seems to be what is proposed in the JDBC standard, basically a heterogeneous pool with users specified by getConnection(user, password). The allocation of connections is more complex if Enable Identity Based Connection Pooling attribute is enabled on the data source.  When an application requests a database connection, the WebLogic Server instance selects an existing physical connection or creates a new physical connection with requested DBMS identity. The following section provides information on how heterogeneous connections are created:1. At connection pool initialization, the physical JDBC connections based on the configured or default “initial capacity” are created with the configured default DBMS credential of the data source.2. An application tries to get a connection from a data source.3a. If “use database credentials” is not enabled, the user specified in getConnection is mapped to a DBMS credential, as described earlier.  If the credential map doesn’t have a matching user, the default DBMS credential is used from the datasource descriptor.3b. If “use database credentials” is enabled, the user and password specified in getConnection are used directly.4. The connection pool is searched for a connection with a matching DBMS credential.5. If a match is found, the connection is reserved and returned to the application.6. If no match is found, a connection is created or reused based on the maximum capacity of the pool: - If the maximum capacity has not been reached, a new connection is created with the DBMS credential, reserved, and returned to the application.- If the pool has reached maximum capacity, based on the least recently used (LRU) algorithm, a physical connection is selected from the pool and destroyed. A new connection is created with the DBMS credential, reserved, and returned to the application. It should be clear that finding a matching connection is more expensive than a homogeneous pool.  Destroying a connection and getting a new one is very expensive.  If you can use a normal homogeneous pool or one of the light-weight options (client identity or an Oracle proxy connection), those should be used instead of identity based pooling. Regardless of how physical connections are created, each physical connection in the pool has its own DBMS credential information maintained by the pool. Once a physical connection is reserved by the pool, it does not change its DBMS credential even if the current thread changes its WebLogic user credential and continues to use the same connection. To configure this feature, select Enable Identity Based Connection Pooling.  See http://docs.oracle.com/cd/E24329_01/apirefs.1211/e24401/taskhelp/jdbc/jdbc_datasources/EnableIdentityBasedConnectionPooling.html  "Enable identity-based connection pooling for a JDBC data source" in Oracle WebLogic Server Administration Console Help. You must make the following changes to use Logging Last Resource (LLR) transaction optimization with Identity-based Pooling to get around the problem that multiple users will be accessing the associated transaction table.- You must configure a custom schema for LLR using a fully qualified LLR table name. All LLR connections will then use the named schema rather than the default schema when accessing the LLR transaction table.  - Use database specific administration tools to grant permission to access the named LLR table to all users that could access this table via a global transaction. By default, the LLR table is created during boot by the user configured for the connection in the data source. In most cases, the database will only allow access to this user and not allow access to mapped users. Connections within Transactions Now that we have covered the behavior of all of these various options, it’s time to discuss the exception to all of the rules.  When you get a connection within a transaction, it is associated with the transaction context on a particular WLS instance. When getting a connection with a data source configured with non-XA LLR or 1PC (using the JTS driver) with global transactions, the first connection obtained within the transaction is returned on subsequent connection requests regardless of the values of username/password specified and independent of the associated proxy user session, if any. The connection must be shared among all users of the connection when using LLR or 1PC. For XA data sources, the first connection obtained within the global transaction is returned on subsequent connection requests within the application server, regardless of the values of username/password specified and independent of the associated proxy user session, if any.  The connection must be shared among all users of the connection within a global transaction within the application server/JVM.

    Read the article

< Previous Page | 441 442 443 444 445 446 447 448 449 450 451 452  | Next Page >