Search Results

Search found 1397 results on 56 pages for 'cookies'.

Page 45/56 | < Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52 | Next Page >

Uniquely identify two instances of one browser that share Session state?

- by jdk

I want to make sure that a user isn't editing the same form data in two different browser tabs or windows (of the same web browser instance). It's to stop the user from stupidly overwriting their own data as they continue through a very long form process. On the server ongoing data input through the screens is collected into the Session. Assume for any browser, all tabs and windows run in the same instance of it (i.e. not each in a separate process). Obviously the browser tabs and windows share the same cookies in this scenario so cookie modification seems out of the question for viable solutions. This is also the reason they shared the same session. Considering that the form is already created and this is one of the final touches, how can I use ASP.NET, hopefully easily, to oversee this "feature"?

Read the article
IsAuthenticated is false!

- by Naor

This is how I login ('user' holds the data of the user): HttpResponse Response = HttpContext.Current.Response; HttpRequest Request = HttpContext.Current.Request; FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, user.UserId.ToString(), DateTime.Now, DateTime.Now.AddHours(12), false, UserResolver.Serialize(user)); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket)); cookie.Path = FormsAuthentication.FormsCookiePath; Response.Cookies.Add(cookie); string redirectUrl = user.HomePage; Response.Redirect(redirectUrl); After this login I get IsAuthenticated == false. Why?? It worked for me before an hour but I don't know what is wrong now.

Read the article
Thread Local Memory for Scratch Memory.

- by Hassan Syed

I am using Protocol Buffers and OpensSSL to generate, HMACs and then CBC encrypt the two fields to obfuscate the session cookies -- similar Kerberos tokens. Protocol Buffers' API communicates with std::strings and has a buffer caching mechanism; I exploit the caching mechanism, for successive calls in the the same thread, by placing it in thread local memory; additionally the OpenSSL HMAC and EVP CTX's are also placed in the same thread local memory structure ( see this question for some detail on why I use thread local memory and the massive amount of speedup it enables even with a single thread). The generation and deserialization, "my algorithms", of these cookie strings uses intermediary void *s and std::strings and since Protocol Buffers has an internal memory retention mechanism I want these characteristics for "my algorithms". So how do I implement a common scratch memory ? I don't know much about the rdbuf of the std::string object. I would presumeably need to grow it to the lowest common size ever encountered during the execution of "my algorithms". Thoughts ?

Read the article
How necessary is using PHP filters?

- by Jamie

I'm a relatively newbie to PHP and just making my way through the W3Schools tut. The tut makes a big point of saying you must always filter external data (i.e. cookies, form data etc). I'm writing a fairly simple system that talks with a third party Joomla extension. It's at a prototype stage where I'm just wanting to demonstrate the functionality in a minimum viable product. Basically, I'd like to know... what's the worst that could happen in I don't filter content. Are we talking 'I might get a bunch of spam', or 'a good hacker could get root server access'? Have hunted around online, but would love any of your experience / insight on the matter!

Read the article
jQuery resetting value of form input when hidden

- by RyanP13

Hi, I am trying to clear the value attribute of an 'Other' form input when it is hidden from the user like so: // hide 'Other' inputs to start $('.jOther').hide(); // event listener on all select drop downs with class of jTitle $("select.jTitle").change(function(){ //set the select value var $titleVal = $(this).val(); if($titleVal != 'Other') { $(this).parent().find('.jOther').hide(); $(this).parent().find('input.jOther').attr("value", ""); } else { $(this).parent().find('.jOther').show(); } // Sets a cookie with named after the title field's ID attribute var $titleId = $(this).attr('id'); $.cookies.set('cpqb' + $titleId, $titleVal); }); It doesn't seem to be working and i have tried the following to no avail as well: $(this).parent().find('input.jOther').val(""); I have managed to alter other attributes in this way, such as the name, maxlength etc. Any ideas?

Read the article
JAXWS and sessions

- by Pace

I'm fairly new to writing web services. I'm working on a SOAP service using JAXWS. I'd like to be able to have users log-in and in my service know which user is issuing a command. In other words, have some session handling. One way I've seen to do this is to use cookies and access the HTTP layer from my web service. However, this puts a dependency on using HTTP as the transport layer (I'm aware HTTP is almost always the transport layer but I'm a purist). Is there a better approach which keeps the service layer unaware of the transport layer? Is there some way I can accomplish this with servlet filters? I'd like the answer to be as framework agnostic as possible.

Read the article
How and when to log account access login with PHP?

- by Nazgulled

I want to implement a basic login system in some PHP app where no cookies will be involved. I mean, the user closes the browser and the login expires, it will remain active during the browser session (or if the user explicitly logs out) otherwise. I want to log all this activity and I'm thinking that every time the user refreshes the page, opens a different link or logs out, I record that time as the last access made by that user, overwriting the previous access log. But my problem is when and how should I insert another record into the database instead of overwriting the last one? Should I just define a timeout and if the last access was made above that timeout, another log should be inserted into the database? Should the session expire too after that timeout? Or is there a better way? Ideally, I would like to log the "log out action" when the browser was closed, but I don't think there's a way to detect that is there? Suggestions?

Read the article
httpOnly Session Cookie + Servlet 3.0 (e.g. Glassfish v3)

- by chris_l

By default, Glassfish v3 doesn't set the httpOnly flag on session cookies (when created as usual with request.getSession()). I know, there is a method javax.servlet.SessionCookieConfig.setHttpOnly(), but I'm not sure, if that's the best way to do it, and if yes, where the best place would be to put that line. BTW, of course it can't be done in the servlet itself (e.g. in init()): java.lang.IllegalStateException: PWC1426: Unable to configure httpOnly session tracking cookie property for servlet context /..., because this servlet context has already been initialized Generally, I would prefer to use a configuration option e.g. in web.xml.

Read the article
download file in iframe in IE

- by Estelle

in a webpage I have a link to let the user download file, such as, "showfile.aspx?filename=xxx" in showfile.aspx, I send the file using Response.OutputStream.Write method. now I get some problem when somebody put this webpage in an IFrame and open in IE, as I checked the code, showfile.aspx is requested twice when clicks the link, and in the second time the cookies of authorization and session Id are missing. I tried to add the p3p header but not working. my question is, is this how the IE designed with iframe? is there anyway to work around? thanks.

Read the article
httpCookie cause the page not to load

- by jvcoach23

I'm using VS 2010, vb.net and asp 3.5. I have a simple default.aspx page that has Dim ctx As HttpContext = HttpContext.Current Dim cookie As HttpCookie = ctx.Request.Cookies("SessionGUID") Me.lbl1.Text = cookie.Value.ToString the page loads fine when running it from within VS, but when i build the site and run the page, it doesn't load.. it doesn't give me an error, but nothing shows up. This is what the view source looks like HTMLHEAD META content="text/html; charset=windows-1252" http-equiv=Content-Type/HEAD BODY/BODY/HTML I took out the < in the tags so that it would display here... If i take out the Me.lbl1.Text = cookie.Value.ToString the page loads fine.. All i'm putting to the page is some text and the label control. anyone have any ideas

Read the article
jQuery-ajax call: async property is not working?

- by user269386

Hi, given to certain circumstances, I'm forced to keep page settings (Javascript-values) in the session and it has to be done right before leaving the page (I can't use cookies, since "pageSettings" can become quite large and localStorage is not an option yet ;) ). So this is how I tried it. However it seems that when I call the page directly again, the call of "http://blabla.com/bla" happens asynchronous, even though the async-attribute is set (I don't receive the settings of the previous call, but of the one before): $jQ(document).ready(function () { $jQ(window).unload(Main.__setSessionValues); }); var Main = { pageSettings: {}, __setSessionValues: function __setSessionValues() { $jQ.ajax({ type: "POST", async: false, url: "http://blabla.com/bla", data: { pageSettings: Object.toJSON(Main.pageSettings) } }); } }; Does anyone know what the problem might be? thanks in advance

Read the article
How to put log in box in a website to ensure one user can vote once only?

- by shah

I have a school project to do which requires us to develop an online voting website. how do i ensure one user has voted once only? the website is supposed to be in booths in public places which means i cannot use ip addresses or cookies. i was planning to use fb login id or maybe some other email id but i cannot find relevant codes/links. i just want people to go through the procedure of entering the log in id but not go to fb directly. my website cannot be published online. could you please suggest how i can achieve this? it is a bit urgent, thank you!

Read the article
jMeter not able to login to wordpress

- by Manish Sapariya

I am trying to create a jMeter test to login to wordpress and post a new blog on a local installation of wordpress. Recorded wordpress login sequence using the recorder. Added cookie manager to the test plan. However I am not able to login to wordpress. I tried all the possible of combination of Cookie policy and Implementation settings for Cookie manager, but it did not help. When I recorded against the publicly hosted wordpress, the login did not succeed, but the response had an error saying that your browser have not enabled cookies. I am using jMeter 2.11 on Windows 7.

Read the article
VisualSVN Server + Trac Authentication Problems

- by danscott

I have Trac set up on my VisualSVN server (using Subversion authentication), however every time I navigate to the Trac home page after opening the browser, I get the basic authentication dialog asking me for my username/password. What I would like to do is have a login form in Trac, which would allow me to log in forever using cookies. I have tried installing the AccountManagerPlugin, but I am completely unsure of how to correctly set it up. (I am used to working with IIS on corporate intranets, so this is kind of alien to me) I have managed to bypass the basic authentication dialog by setting this in my httpd-custom.conf: AuthName "Trac" AuthType Basic AuthBasicProvider file AuthUserFile "E:/Repositories/htpasswd" #Require valid-user I have tried using SvnServePasswordStore as my password store but I do not know which of the files in the repository directory to point it at. Help would be appreciated!

Read the article
How do I retain a requested url with parameters after redirecting to a login page?

- by Brent Parker

I have been asked to set up some authentication for some content on our website using JSP. What I would like to do seems simple to me but I can't quite figure out how to do it in JSP. What I would like to do is this: When a user requests a page that you must be logged in to see, I have a tag that checks their cookies for an authentication token. If it is not there, they are redirected to a login page. After they log in, I want to redirect them back to the page they first requested along with any parameters they were sending. Now, I have the tag that is checking their authentication and redirecting them to the login page. That part is working just fine. But I'm not sure how to maintain the first requested url and parameters so they can be redirected after they login. How might I accomplish this?

Read the article
Selecting two field in MySQL with PHP

- by Crays

Hi guys, i'm relatively new to php and mysql and would like to know how to select two value in mysql with php. What i have is $query = sprintf("SELECT COUNT(id) FROM table WHERE UPPER(username) = UPPER('%s') AND password='%s'"... in this case, i'm only selecting and count if the id exist and i use list($count) = mysql_fetch_row($result); if($count == 1) and by using cookies, i would like to retrieve two value from the database, namely user (the user's name) and power (which has value of 1,2 or 3, indicating the menu they would be able to see) basically it is to differentiate if you're admin or normal user, but i wonder if i could do SELECT COUNT(id) AND power FROM table WHERE ... is this possible? or is there any other way? Please guide me, thanks.

Read the article
How to implement a ilike Facebook system without user authentication and still prevent users from cheating ?

- by fabien7474

Hi, I am trying to implement something done in almost any website out there : a 'ilike' button (like Facebook) that does not require user authetication to be used for any article of my website written in Grails. I don't want to use any external solution, so I need to implement it myself (or use a grails plugin). So my question is : What does it take to implement this 'ilike' button and prevent users from cheating? For instance, do I need to store local cookies (I suppose yes)? Do I need to check the session ID and IP of the HTTP request? Any well-known implementation are welcomed. Thank you very much for your help.

Read the article
Deleting partial data from a field in MySQL

- by Graham

I am trying to remove a specific set of data from a MySQL database field, however I am not sure what the best statement would be for this. For example, if I have a data in a field such as... The use of a secondary password will allow you to gain access to your account from a non-authenticated computer. A non-authenticated computer is any computer that is not your primary computer, an elected authenticated computer or a computer that automatically deletes cookies. <p>This is a test</p> ...and I want to remove <p>This is a test</p> from the field, what statement would be best?

Read the article
Nginx redirect if cookie present

- by Joseph Silvashy

I've seen some limited resources on checking for cookies with Nginx, but I couldn't really find the answer I was looking for, hopefully some of you Nginx masters can give me a hand. Essentially I have a vhost that I'd like to redirect to a different domain unless the user has a cookie, here is what I've created: server { listen 80; server_name rerecipe.com; if ($http_cookie ~* "ngl_beta_pass" ) { # set $beta off; root /home/deploy/apps/rerecipe/current/public; passenger_enabled on; rack_env production; break; } rewrite ^/(.*) http://beta.rerecipe.com/$1 permanent; } But it doesn't seem to work, I get the error: [emerg]: "root" directive is not allowed here in /opt/nginx/conf/nginx.conf:45 I'm not sure how to proceed here, any ideas guys?

Read the article
Passing domain name to PayPal

- by ilhan

I'm trying to sell something to domain owners. I need to know their domain names. Before the payment procedure I'll ask their domain names in my web site, I'll store the data in the cookies or the url, then I want to pass the data (domain name) to the PayPal so that I'll know who paid for what domain name. I know PHP and HTML in advanced level but I don't know how to pass the data to PayPal. How I'll do that? Thanks in advance!

Read the article
Codeigniter + ajax(jQuery) session problem

- by faya

Hello, I have a problem in server side retrieving session with using ajax post request. Here is my sample code: JavaScript: $(function() { $('.jid_hidden_data').submit(function() { var serialized = $(this).serialize(); var sUrl = "http://localhost/stuff"; $.ajax({ url: sUrl, type: "POST", data: serialized, success: function(data) { alert(data); } }) return false; }); }); CodeIngiter(PHP) side: function stuff() { $post_stuff = $this->input->post('my_stuff'); // WORKS PERFECTLY $user_id = $this->session->userdata('user_id'); // RETURNS NULL } Where commented returns NULL it should return users session data, because it really exists. What is the problem? Method post doesn't get cookies or what? Thanks for any help!

Read the article
Store form values for later submission

- by kim griggs

I have a Rails app that lets users create tutorials and quizzes. There are many users taking the quizzes and many quizzes in a tutorial. My client wants the quiz results to persist when a student navigates away from the quiz. So the use case would be: User starts to take quiz User answers some of the questions User navigates away from quiz to check a fact in the tutorial User goes back to quiz and their answers are still there User finishes quiz and submits Now this would be pretty easy to do if I enforced a "Save" submit so that the answers could be stored in a session or whatever, but the client (and I agree) thinks people will not remember to save before navigating away. Looking for advice on how to approach this. I'm thinking an observer and cookies.

Read the article
Anonymous users support vs Google bot

- by Andy

I have a User class in my web app that represents a user currently logged in. Every time a user vists a page, a User instance is populated based on authentication data supplied in cookies. A User instance is created even if an anonymous user logs in - and a corresponding new record is created in the User table in the database. This approach allows me to save some state info for the current user regardless of its type. The problem however with this approach is the Google bot, and other non-human web organisms crawling my pages. Every time a bot starts to walk around the site, thousands of useless records will be created in the database, each of them only to be used for a single page. Question: what is the best trade off? How to support anonymous users, save their state, and don't get too much overhead because of cookieless bots?

Read the article
Android and PHP - Do I need to use sessions?

- by jtnire

I have created an Android App that communicates with a PHP web server. They both send JSON to each other. My App is almost finished, however there is one thing left to do: authentication. Since the user's username and password will be stored in Android SharedPreferences, is there any need to use PHP sessions, given that the user won't need to enter the username/password at every request? Since I can just send the username and password in the HTTP POST header for every request, and that I will be using SSL, is this sufficient? I guess I could add an extra field in the header called 'random' that just adds a random value, just to use as a salt so that the encrypted SSL payload will be different everytime. The reason why I don't want to use sessions is that my Android App would either have to handle cookies, or managed the storage of the session ID. If there are some serious cons to using my method above, then I'm more than happy to use sessions, however all advice is appreciated. Thanks

Read the article
How can I create a canned reply with the CKEditor toolbar?

- by Tur0k

Hello, Is it possible to create configurable quick replies within an html page using cookies or session tracking with Javascript/php and the CKEditor toolbar. Do I have to create a custom plugin or button for this? Example: button1 -Good job 2 1/2 points. Close ticket. button2 -Great job 5 points. Close ticket. button3 -Awesome job 10 points. Close ticket. Any advise would be awesome! Thanks.

Read the article

< Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52 | Next Page >