Search Results

Search found 33012 results on 1321 pages for 'method injection'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 464/1321 | < Previous Page | 460 461 462 463 464 465 466 467 468 469 470 471  | Next Page >

  • How to write a good PHP database insert using an associative array

    - by Tom
    In PHP, I want to insert into a database using data contained in a associative array of field/value pairs. Example: $_fields = array('field1'=>'value1','field2'=>'value2','field3'=>'value3'); The resulting SQL insert should look as follows: INSERT INTO table (field1,field2,field3) VALUES ('value1','value2','value3'); I have come up with the following PHP one-liner: mysql_query("INSERT INTO table (".implode(',',array_keys($_fields)).") VALUES (".implode(',',array_values($_fields)).")"); It separates the keys and values of the the associative array and implodes to generate a comma-separated string . The problem is that it does not escape or quote the values that were inserted into the database. To illustrate the danger, Imagine if $_fields contained the following: $_fields = array('field1'=>"naustyvalue); drop table members; --"); The following SQL would be generated: INSERT INTO table (field1) VALUES (naustyvalue); drop table members; --; Luckily, multiple queries are not supported, nevertheless quoting and escaping are essential to prevent SQL injection vulnerabilities. How do you write your PHP Mysql Inserts? Note: PDO or mysqli prepared queries aren't currently an option for me because the codebase already uses mysql extensively - a change is planned but it'd take alot of resources to convert?

    Read the article

  • Does/Will autofac's ASP.NET integration support PreInit or Init events?

    - by David Rubin
    I see from poking around in the 1.4.4 source that Autofac's ASP.NET integration (via Autofac.Integration.Web) peforms injection of properties on the Page as part of the HttpContext.PreRequestHandlerExecute event handling, but that the page's child controls don't get their properties injected until Page.PreLoad. What this means, though is that the injected properties of child controls are unavailable for use in the OnInit event handler. For example, this works fine: HelloWorld.aspx: <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="HelloWorld.aspx.cs" Inherits="HelloWorld" %> <html> <body> <asp:Label runat="server" id="lblMsg" OnInit="HandleInit"/> </body> </html> HelloWorld.aspx.cs: ... protected void HandleInit() { lblMsg.Text = _msgProvider.GetMessage(); } public IMsgProvider _msgProvider { private get; set; } // <-- Injected But changing the HelloWorld Page to a UserControl (.acsx) and putting the UserControl in another page doesn't work because _msgProvider isn't injected early enough. Is there a way to make Autofac inject properties of child controls earlier? Or is this something that can be addressed in a future build? Thanks!

    Read the article

  • NetworkOnMainThreadException while using AsyncTask

    - by Fansher
    Im making an app that uses the internet to retrive information. I get an NetworkOnMainThreadException as i tried to run it on 3.0 and above and have therefore tried to set it up using AsyncTask, but it still gives the exception and i don't know what is wrong. Oddly enough i read on this thread Android NetworkOnMainThreadException inside of AsyncTask that if you just removes the android:targetSdkVersion="10" statement from the manifest file it will be able to run. This works but i don't find it as the right solution to solve the problem this way. So if anyone can tell me what im doing wrong with the AsyncTask i will really appriciate it. Also if there is anybody that knows why removing the statement in the manifest makes it work, im really interested in that also. My code looks like this: public class MainActivity extends Activity { static ArrayList<Tumblr> tumblrs; ListView listView; TextView footer; int offset = 0; ProgressDialog pDialog; View v; String responseBody = null; HttpResponse r; HttpEntity e; String searchUrl; @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); requestWindowFeature(Window.FEATURE_NO_TITLE); getWindow().setFlags(WindowManager.LayoutParams.FLAG_FULLSCREEN, WindowManager.LayoutParams.FLAG_FULLSCREEN); final ConnectivityManager conMgr = (ConnectivityManager) getSystemService(Context.CONNECTIVITY_SERVICE); final NetworkInfo activeNetwork = conMgr.getActiveNetworkInfo(); if (activeNetwork != null && activeNetwork.isConnected()) { setContentView(R.layout.main); try { tumblrs = getTumblrs(); listView = (ListView) findViewById(R.id.list); View v = getLayoutInflater().inflate(R.layout.footer_layout, null); footer = (TextView) v.findViewById(R.id.tvFoot); listView.addFooterView(v); listView.setAdapter(new UserItemAdapter(this, R.layout.listitem)); } catch (ClientProtocolException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } catch (JSONException e) { e.printStackTrace(); } new GetChicks().execute(); footer.setOnClickListener(new View.OnClickListener() { @Override public void onClick(View v) { new loadMoreListView().execute(); } }); } else { setContentView(R.layout.nonet); } } public class UserItemAdapter extends ArrayAdapter<Tumblr> { public UserItemAdapter(Context context, int imageViewResourceId) { super(context, imageViewResourceId, tumblrs); } @Override public View getView(int position, View convertView, ViewGroup parent) { View v = convertView; if (v == null) { LayoutInflater vi = (LayoutInflater) getSystemService(Context.LAYOUT_INFLATER_SERVICE); v = vi.inflate(R.layout.listitem, null); } Tumblr tumblr = tumblrs.get(position); if (tumblr != null) { ImageView image = (ImageView) v.findViewById(R.id.avatar); if (image != null) { image.setImageBitmap(getBitmap(tumblr.image_url)); } } return v; } } public Bitmap getBitmap(String bitmapUrl) { try { URL url = new URL(bitmapUrl); return BitmapFactory.decodeStream(url.openConnection() .getInputStream()); } catch (Exception ex) { return null; } } public ArrayList<Tumblr> getTumblrs() throws ClientProtocolException, IOException, JSONException { searchUrl = "http://api.tumblr.com/v2/blog/"webside"/posts?api_key=API_KEY"; ArrayList<Tumblr> tumblrs = new ArrayList<Tumblr>(); return tumblrs; } private class GetChicks extends AsyncTask<Void, Void, Void> { @Override protected Void doInBackground(Void... unused) { // TODO Auto-generated method stub runOnUiThread(new Runnable() { public void run() { HttpClient client = new DefaultHttpClient(); HttpGet get = new HttpGet(searchUrl); HttpResponse r = null; try { r = client.execute(get); int status = r.getStatusLine().getStatusCode(); if (status == 200) { e = r.getEntity(); responseBody = EntityUtils.toString(e); } } catch (ClientProtocolException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } catch (IOException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } JSONObject jsonObject; try { jsonObject = new JSONObject(responseBody); JSONArray posts = jsonObject.getJSONObject("response") .getJSONArray("posts"); for (int i = 0; i < posts.length(); i++) { JSONArray photos = posts.getJSONObject(i) .getJSONArray("photos"); for (int j = 0; j < photos.length(); j++) { JSONObject photo = photos.getJSONObject(j); String url = photo.getJSONArray("alt_sizes") .getJSONObject(0).getString("url"); Tumblr tumblr = new Tumblr(url); tumblrs.add(tumblr); } } } catch (JSONException e) { // TODO Auto-generated catch block e.printStackTrace(); } } }); return null; } } public class Tumblr { public String image_url; public Tumblr(String url) { this.image_url = url; } } private class loadMoreListView extends AsyncTask<Void, Void, Void> { @Override protected void onPreExecute() { // Showing progress dialog before sending http request pDialog = new ProgressDialog(MainActivity.this); pDialog.setMessage("More chicks coming up.."); pDialog.setIndeterminate(true); pDialog.setCancelable(false); pDialog.show(); } @Override protected Void doInBackground(Void... unused) { // TODO Auto-generated method stub runOnUiThread(new Runnable() { public void run() { // increment current page offset += 2; // Next page request tumblrs.clear(); String searchUrl = "http://api.tumblr.com/v2/blog/"webside"/posts?api_key=API_KEY&limit=2 + offset; HttpClient client = new DefaultHttpClient(); HttpGet get = new HttpGet(searchUrl); HttpResponse r = null; try { r = client.execute(get); int status = r.getStatusLine().getStatusCode(); if (status == 200) { HttpEntity e = r.getEntity(); responseBody = EntityUtils.toString(e); } } catch (ClientProtocolException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } catch (IOException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } JSONObject jsonObject; try { jsonObject = new JSONObject(responseBody); JSONArray posts = jsonObject.getJSONObject("response") .getJSONArray("posts"); for (int i = 0; i < posts.length(); i++) { JSONArray photos = posts.getJSONObject(i) .getJSONArray("photos"); for (int j = 0; j < photos.length(); j++) { JSONObject photo = photos.getJSONObject(j); String url = photo.getJSONArray("alt_sizes") .getJSONObject(0).getString("url"); Tumblr tumblr = new Tumblr(url); tumblrs.add(tumblr); } } } catch (JSONException e) { // TODO Auto-generated catch block e.printStackTrace(); } // Setting new scroll position listView.setSelectionFromTop(0, 0); } }); return null; } protected void onPostExecute(Void unused) { pDialog.dismiss(); } } @Override public boolean onCreateOptionsMenu(android.view.Menu menu) { // TODO Auto-generated method stub super.onCreateOptionsMenu(menu); MenuInflater blowUp = getMenuInflater(); blowUp.inflate(R.menu.cool_menu, menu); return true; } @Override public boolean onOptionsItemSelected(MenuItem item) { // TODO Auto-generated method stub switch (item.getItemId()) { case R.id.aboutUs: Intent i = new Intent("com.example.example.ABOUT"); startActivity(i); break; case R.id.refresh: Intent f = new Intent(MainActivity.this, MainActivity.class); startActivity(f); finish(); break; case R.id.exit: finish(); break; } return false; } } Thanks for helping out.

    Read the article

  • PHP OOP: Avoid Singleton/Static Methods in Domain Model Pattern

    - by sunwukung
    I understand the importance of Dependency Injection and its role in Unit testing, which is why the following issue is giving me pause: One area where I struggle not to use the Singleton is the Identity Map/Unit of Work pattern (Which keeps tabs on Domain Object state). //Not actual code, but it should demonstrate the point class Monitor{//singleton construction omitted for brevity static $members = array();//keeps record of all objects static $dirty = array();//keeps record of all modified objects static $clean = array();//keeps record of all clean objects } class Mapper{//queries database, maps values to object fields public function find($id){ if(isset(Monitor::members[$id]){ return Monitor::members[$id]; } $values = $this->selectStmt($id); //field mapping process omitted for brevity $Object = new Object($values); Monitor::new[$id]=$Object return $Object; } $User = $UserMapper->find(1);//domain object is registered in Id Map $User->changePropertyX();//object is marked "dirty" in UoW // at this point, I can save by passing the Domain Object back to the Mapper $UserMapper->save($User);//object is marked clean in UoW //but a nicer API would be something like this $User->save(); //but if I want to do this - it has to make a call to the mapper/db somehow $User->getBlogPosts(); //or else have to generate specific collection/object graphing methods in the mapper $UserPosts = $UserMapper->getBlogPosts(); $User->setPosts($UserPosts); Any advice on how you might handle this situation? I would be loathe to pass/generate instances of the mapper/database access into the Domain Object itself to satisfy DI - At the same time, avoiding that results in lots of calls within the Domain Object to external static methods. Although I guess if I want "save" to be part of its behaviour then a facility to do so is required in its construction. Perhaps it's a problem with responsibility, the Domain Object shouldn't be burdened with saving. It's just quite a neat feature from the Active Record pattern - it would be nice to implement it in some way.

    Read the article

  • What characters are NOT escaped with a mysqli prepared statement?

    - by barfoon
    Hey everyone, I'm trying to harden some of my PHP code and use mysqli prepared statements to better validate user input and prevent injection attacks. I switched away from mysqli_real_escape_string as it does not escape % and _. However, when I create my query as a mysqli prepared statement, the same flaw is still present. The query pulls a users salt value based on their username. I'd do something similar for passwords and other lookups. Code: $db = new sitedatalayer(); if ($stmt = $db->_conn->prepare("SELECT `salt` FROM admins WHERE `username` LIKE ? LIMIT 1")) { $stmt->bind_param('s', $username); $stmt->execute(); $stmt->bind_result($salt); while ($stmt->fetch()) { printf("%s\n", $salt); } $stmt->close(); } else return false; Am I composing the statement correctly? If I am what other characters need to be examined? What other flaws are there? What is best practice for doing these types of selects? Thanks,

    Read the article

  • jquery with php loading file

    - by Marcus Solv
    I'm trying to use jquery with a simple php code: $('#some').click(function() { <?php require_once('some1.php?name="some' + index + '"'); ?> }); It shows no error, so I don't know what is wrong. In some1 I have: <?php //Start session session_start(); //Include database connection details require_once('../sql/config.php'); //Connect to mysql server $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } //Function to sanitize values received from the form. Prevents SQL injection function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } //Sanitize the POST values $name = clean($_GET['name']); ?> It's not complete because I want to make a sql command (insert). I want when I click in #some to execute that file (create a entry in the table that isn't define yet).

    Read the article

  • T-SQL: Dynamic Query by Selected Column in ASP.NET GridView

    - by jp2code
    I'm trying to modify a stored procedure used in an ASP.NET page. By default, the stored procedure returns all of the data, which can be overwhelming for employees in the plant. I want to add a drop down menu item for the column name and a text box for a value to allow our employees to search the data for their specific items. What I would like to add is the ability to pass in a Column Name and Column Value to search, similar to the following: DECLARE @colName nVarChar(50), @colValue nVarChar(50) SET @colName='EmployeeID' SET @colValue='007135' SELECT Column1, Column2, Column3, Column4, Column5, Column6, Column7 FROM viewNum1 WHERE ((@colName IS NULL) OR (@colValue IS NULL) OR ('['+@colName+']'=@colValue)) If all values passed in (@colValue and @colName), all records return; however, if I try specifying that @colName=EmployeeID and @colValue='007135' (a value that does exist in the database), no records are returned. Next is the problem that I am running an old SQL Server 2000 database that does not allow the stored procedure to access the table column names, and the whole technique looks prone to SQL Injection. Finally, I don't see how to bind my GridView control to this and still have the ability to display all records. How would I write such a filtering stored procedure?

    Read the article

  • DNS protocol message example

    - by virtual-lab
    hello there, I am trying to figure out how to send out DNS messages from an application socket adapter to a DNSBL. I spent the last two days understanding the basics, including experimenting with WireShark to catch an example of message exchanged. Now I would like to query the DNS without using dig or host command (I'm using Ubuntu); how can I perform this action at low level, without the help of these tools in wrapping the request in a proper DNS message format? How the message should be post it? Hex or String? Thanks in advance for any help. Regards Alessandro Ilardo Comment added I am investigating on JDev and Oracle SOA. The platform provides a Socket Adapter which simply apply a transformation (XSLT) and send the message straight to the socket. How the payload parameters (ex. the host I'm looking up) are wrapped within the message is left to the developer. So basically I have an idea on how the all DNS message is structured, but rather than put everything on JDev stright away I'd like to make some tests on my own just to make sure I got a valid message format. So, I am not using any specific language (I don't even understand why they moved my question from serverfault) and I don't want to use any tools which would hide part of the message, such as the header. I know they work well btw. I guess this stuff has something to do with packet injection. Someone suggested me to use telnet, but I've only used for SMTP or HTTP, I haven't got a clue on how it works for DNS request. Does it make more sense now?

    Read the article

  • Difference between MVC FilterAttribute and Filter

    - by zaaaaphod
    I'm trying to write my own custom AuthorizationAttribute that uses DI. I'm using the MUNQ IoC provider for it's speed and have decided to use constructor injection on all my classes as opposed to post instatiation property binding (because I prefer it). I'm trying to write a custom IFilterProvider that will use my IoC container to return requests for filters (so that I can map concrete classes using the container). I've come up with the following. public class FilterProvider : IFilterProvider { private readonly IocContainer _container; public FilterProvider(IocContainer container) { _container = container; } public IEnumerable<Filter> GetFilters(ControllerContext controllerContext, ActionDescriptor actionDescriptor) { var x = Enumerable.Union<Object>(_container.ResolveAll<IActionFilter>(), _container.ResolveAll<IAuthorizationFilter>()); foreach (Filter actionFilter in x) yield return new Filter(actionFilter, FilterScope.First, null); } } The above code will fail during the foreach because my objects that implement IAuthorizationFilter are based on FilterAttribute and not Filter My question is, what is the difference between Filter and FilterAttribute? I would have thought that there would have been a common link between them, unless I'm missing something. Another deeper question is, how come there is no IFilterAttributeProvider that would support IEnumerable GetFilters(...) Is there some other way that I should be using to resolve IAuthorizationFilter via my IoC container? Thank you very much for your help. Z

    Read the article

  • Updating database row from model

    - by Jamie Dixon
    Hey everyone, I'm haing a few problems updating a row in my database using Linq2Sql. Inside of my model I have two methods for updating and saving from my controller, which in turn receives an updated model from my view. My model methods like like: public void Update(Activity activity) { _db.Activities.InsertOnSubmit(activity); } public void Save() { _db.SubmitChanges(); } and the code in my Controller likes like: [HttpPost] public ActionResult Edit(Activity activity) { if (ModelState.IsValid) { UpdateModel<Activity>(activity); _activitiesModel.Update(activity); _activitiesModel.Save(); } return View(activity); } The problem I'm having is that this code inserts a new entry into the database, even though the model item i'm inserting-on-submit contains a primary key field. I've also tried re-attaching the model object back to the data source but this throws an error because the item already exists. Any pointers in the right direction will be greatly appreciated. UPDATE: I'm using dependancy injection to instantiate my datacontext object as follows: IMyDataContext _db; public ActivitiesModel(IMyDataContext db) { _db = db; }

    Read the article

  • As an Agile Java developer, what should I be looking for when hiring a C++ developer?

    - by agoudzwaard
    I come from an effective team of Agile Java developers. We've had a lot of success in hiring more people like ourselves - people passionate about technology with experience primarily in the Agile Java/J2EE space. We're looking to hire our first C++ developer to serve as an on-shore resource for maintaining and adding to the C++ portion of our code base. Up until now the entirety of our C++ development has been done out of an off-shore location. We consider our interview process to be fairly thorough: A phone screen centered on Object-Oriented Programming and Java A non-trivial at-home code project using Java An in-person interview covering technical and behavioral competency We look for a demonstration of Agile best practices (expressive code, test-driven development, continuous integration) throughout the entire process, however there is a common conception that Agility is primarily practiced by Java developers. If we retrofit our interview process for C++, should we still expect Agile qualities when interviewing for a C++ role? I'm asking on behalf of a team that has worked with Java too long to know what a good C++ developer looks like. Specifically we're looking to answer the following questions: Can we expect a demonstrated understanding of OO design and Separation of Concerns? In the code project we want the candidate to write unit tests. Would a good C++ developer be surprised by this expectation? Are there any "extra" competencies we can look for? For example with Java developers we always look for a familiarity with Dependency Injection.

    Read the article

  • Blocking HTML and Javascript from being displayed on my site

    - by Tim Powell
    I am working on this new social networking site. One of it's various functions is posting. You can post to Facebook and my site, or Twitter and my site. That being said, I couldn't help but try and post HTML as I was testing sql injection. When I did, I noticed that there where ways to manipulate the site to, for instance, using a element to completely screw up the CSS design, or redirect a user to another site using javascript. That being said, I want to make my site a safe environment for my users... not a site that is used to distribute computer viruses, porn, and other things that might make someone tend to stay off of my site. When I searched this topic, I found ways to "strip" the HTML out of the $post variable before submitting it to the database. However, I would just like to make it so you can post any text, including HTML and Javascript, without the browser interpreting it as "run this..." code: I want to display it as plane text. I've seen it on Facebook, and when I looked at it the source code of a post, it showed <, /, and as regular text. I tried "dissecting" Facebook's source code, but found nothing. I have tried using tags such as <pre> and <code>, but because of the lack of ability to style and control them, I gave up and went back to just allowing HTML. Please, anyone who knows how to do this, please help me out. Thanks in advance, TP

    Read the article

  • where are the frameworks for creating libraries?

    - by fayer
    whenever i create a php library (not a framework) i tend to reinvent everything everytime. "where to put configuration options" "which design pattern to use here" "how should all the classes extend each other" and so on... then i think, isn't there a good library framework to use anywhere? it's like a framework for a web application (symfony, cakephp...) but instead of creating a web application, this framework will help coder to create a library, providing all the standard structure and classes (observer pattern, dependency injection etc). i think that will be the next major thing if not available right now. in this way there will be a standard to follow when creating libraries, or else, it's like a djungle when everyone creates their own structure, and a lot of coders just code without thinking of reusability etc. there isn't any framework for creating libraries at the moment? if not, don't u agree with me that this is the way to do it, with a library framework? cause i am really throwing a lot of time (weeks!) just thinking about how to organize things, both in code and file level, when i should just start to code the logic. share your thoughts!

    Read the article

  • Passing System classes as constructor parameters

    - by mcl
    This is probably crazy. I want to take the idea of Dependency Injection to extremes. I have isolated all System.IO-related behavior into a single class so that I can mock that class in my other classes and thereby relieve my larger suite of unit tests of the burden of worrying about the actual file system. But the File IO class I end up with can only be tested with integration tests, which-- of course-- introduces complexity I don't really want to deal with when all I really want to do is make sure my FileIO class calls the correct System.IO stuff. I don't need to integration test System.IO. My FileIO class is doing more than simply wrapping System.IO functions, every now and then it does contain some logic (maybe this is the problem?). So what I'd like is to be able to test my File IO class to ensure that it makes the correct system calls by mocking the System.IO classes themselves. Ideally this would be as easy as having a constructor like so: public FileIO( System.IO.Directory directory, System.IO.File file, System.IO.FileStream fileStream ) { this.Directory = directory; this.File = file; this.FileStream = fileStream; } And then calling in methods like: public GetFilesInFolder(string folderPath) { return this.Directory.GetFiles(folderPath) } But this doesn't fly since the System.IO classes in question are static classes. As far as I can tell they can neither be instantiated in this way or subclassed for the purposes of mocking.

    Read the article

  • What prevents a user from adding controls to an ASP.NET page client side?

    - by Curtis White
    This goes back to my other question which I thought was sufficiently answers but upon reflect am not sure that it was (sorry). Backgrounder: I am generating a form dynamically. I am pulling from the database the controls. I must associate each control with a database ID which is not the user's session id. I do this currently by storing my ID in the ID for the web control with some other stuff to make it unique/clear what I am doing. On the post back, I iterate through all the controls on my web page checking for my special identifier, ie, MyGeneratedTextBox_ID_Unique. This process enables for 2 important steps, identifying the control was one I generated and also getting the ID for this input field. And, all of this works but I'm still concerned about the security of it. I do not see a security issue with showing the actual database ID's in this case, although agree it is not desirable. However, I am concerned of the following possibilities: If a user could add a nefarious control to my collection and use that for a SQL injection attack. More academic, but if a user could somehow store data for fields they do not have access too by changing the id's. I agree this is a "hack" of a way to do it. But my question is, is it a security risk and is there an 'easy' way to do it in a less hack way? I assume that only the controls that are created/instantiated on the page are added to the controls list.. thus all controls must be created server side and thus the security issue is address but just wanted to validate. Thanks again. PS: I could see adding a property for each control and encrypting the viewstate would be a little more secure.

    Read the article

  • Any techniques to interrupt, kill, or otherwise unwind (releasing synchronization locks) a single de

    - by gojomo
    I have a long-running process where, due to a bug, a trivial/expendable thread is deadlocked with a thread which I would like to continue, so that it can perform some final reporting that would be hard to reproduce in another way. Of course, fixing the bug for future runs is the proper ultimate resolution. Of course, any such forced interrupt/kill/stop of any thread is inherently unsafe and likely to cause other unpredictable inconsistencies. (I'm familiar with all the standard warnings and the reasons for them.) But still, since the only alternative is to kill the JVM process and go through a more lengthy procedure which would result in a less-complete final report, messy/deprecated/dangerous/risky/one-time techniques are exactly what I'd like to try. The JVM is Sun's 1.6.0_16 64-bit on Ubuntu, and the expendable thread is waiting-to-lock an object monitor. Can an OS signal directed to an exact thread create an InterruptedException in the expendable thread? Could attaching with gdb, and directly tampering with JVM data or calling JVM procedures allow a forced-release of the object monitor held by the expendable thread? Would a Thread.interrupt() from another thread generate a InterruptedException from the waiting-to-lock frame? (With some effort, I can inject an arbitrary beanshell script into the running system.) Can the deprecated Thread.stop() be sent via JMX or any other remote-injection method? Any ideas appreciated, the more 'dangerous', the better! And, if your suggestion has worked in personal experience in a similar situation, the best!

    Read the article

  • How do I configure encodings (UTF-8) for code executed by Quartz scheduled Jobs in Spring framework

    - by Martin
    I wonder how to configure Quartz scheduled job threads to reflect proper encoding. Code which otherwise executes fine within Springframework injection loaded webapps (java) will get encoding issues when run in threads scheduled by quartz. Is there anyone who can help me out? All source is compiled using maven2 with source and file encodings configured as UTF-8. In the quartz threads any string will have encoding errors if outside ISO 8859-1 characters: Example config <bean name="jobDetail" class="org.springframework.scheduling.quartz.JobDetailBean"> <property name="jobClass" value="example.ExampleJob" /> </bean> <bean id="jobTrigger" class="org.springframework.scheduling.quartz.SimpleTriggerBean"> <property name="jobDetail" ref="jobDetail" /> <property name="startDelay" value="1000" /> <property name="repeatCount" value="0" /> <property name="repeatInterval" value="1" /> </bean> <bean class="org.springframework.scheduling.quartz.SchedulerFactoryBean"> <property name="triggers"> <list> <ref bean="jobTrigger"/> </list> </property> </bean> Example implementation public class ExampleJob extends QuartzJobBean { private Log log = LogFactory.getLog(ExampleJob.class); protected void executeInternal(JobExecutionContext ctx) throws JobExecutionException { log.info("ÅÄÖ"); log.info(Charset.defaultCharset()); } } Example output 2010-05-20 17:04:38,285 1342 INFO [QuartzScheduler_Worker-9] ExampleJob - vÖvÑvñ 2010-05-20 17:04:38,286 1343 INFO [QuartzScheduler_Worker-9] ExampleJob - UTF-8 The same lines of code executed within spring injected beans referenced by servlets in the web-container will output proper encoding. What is it that make Quartz threads encoding dependent?

    Read the article

  • How to bind a servlet to a context?

    - by simpatico
    I got javax.servlet.ServletException: Error instantiating servlet class servlets.MemoServlet javax.naming.NameNotFoundException: Name servlets.MemoServlet is not bound in this Context when using <form action="MemoServlet"> I know I could use managedbeans, but I've to use servlets. I suspect the problem has to do with JSF. context.xml: <?xml version="1.0" encoding="UTF-8"?> <Context antiJARLocking="true" path="/MemoWeb/faces"/> web.xml: <servlet-mapping> <servlet-name>MemoServlet</servlet-name> <url-pattern>/faces/MemoServlet</url-pattern> </servlet-mapping> <servlet> <servlet-name>MemoServlet</servlet-name> <servlet-class>servlets.MemoServlet</servlet-class> </servlet> I seem to have this problem all over the place: com.sun.faces.mgbean.ManagedBeanCreationException: An error occurred performing resource injection on managed bean userManager .... Caused by: javax.naming.NameNotFoundException: Name user.UserManager is not bound in this Context

    Read the article

  • What could the negative effects be of attaching to a process as a debugger?

    - by I_like_traffic_lights
    Background A client of mine has a major problem. They have a CRM system, which was created by a single person over a period of 9 years. Unfortunatelly, a few weeks ago, this person died. I believe the company has learned their lesson, and they have started a project of rewriting the CRM system to a modern platform. I have been hired to create a solution in the meantime to make adaptations to the CRM system. I have given up understanding the code, as this would take too long. My solution, is therefore, to make a window and show this on top of the CRM system, whenever this CRM system is showing. This part works fine, but my major problem is extracting the data from the CRM system. Proposed solution After excluding 6 approaches, including runtime code injection, memory searching, database integration, I have arrived at attaching to the process as a debugger, so I get notified about event, and use this in combination with reading from process memory. This approach seems to work, but I am worried about possible side-effects of this approach. Question What are the dangers of using this in a production environment, where there are 250 employees utilizing the system. Needless to say, I cannot risk reducing the already shaky stability of the system.

    Read the article

  • Potential Django Bug In QuerySet.query?

    - by Mike
    Disclaimer: I'm still learning Django, so I might be missing something here, but I can't see what it would be... I'm running Python 2.6.1 and Django 1.2.1. (InteractiveConsole) >>> from myproject.myapp.models import * >>> qs = Identifier.objects.filter(Q(key="a") | Q(key="b")) >>> print qs.query SELECT `app_identifier`.`id`, `app_identifier`.`user_id`, `app_identifier`.`key`, `app_identifier`.`value` FROM `app_identifier` WHERE (`app_identifier`.`key` = a OR `app_identifier`.`key` = b ) >>> Notice that it doesn't put quotes around "a" or "b"! Now, I've determined that the query executes fine. So, in reality, it must be doing so. But, it's pretty annoying that printing out the query prints it wrong. Especially if I did something like this... >>> qs = Identifier.objects.filter(Q(key=") AND") | Q(key="\"x\"); DROP TABLE `app_identifier`")) >>> print qs.query SELECT `app_identifier`.`id`, `app_identifier`.`user_id`, `app_identifier`.`key`, `app_identifier`.`value` FROM `app_identifier` WHERE (`app_identifier`.`key` = ) AND OR `app_identifier`.`key` = "x"); DROP TABLE `app_identifier` ) >>> Which, as you can see, not only creates completely malformed SQL code, but also has the seeds of a SQL injection attack. Now, obviously this wouldn't actually work, for quite a number of reasons (1. The syntax is all wrong, intentionally, to show the oddity of Django's behavior. 2. Django won't actually execute the query like this, it will actually put quotes and slashes and all that in there like it's supposed to). But, this really makes debugging confusing, and it makes me wonder if something's gone wrong with my Django installation. Does this happen for you? If so/not, what version of Python and Django do you have? Any thoughts?

    Read the article

  • Satisfying indirect references at runtime.

    - by automatic
    I'm using C# and VS2010. I have a dll that I reference in my project (as a dll reference not a project reference). That dll (a.dll) references another dll that my project doesn't directly use, let's call it b.dll. None of these are in the GAC. My project compiles fine, but when I run it I get an exception that b.dll can't be found. It's not being copied to the bin directory when my project is compiled. What is the best way to get b.dll into the bin directory so that it can be found at run time. I've thought of four options. Use a post compile step to copy b.dll to the bin directory Add b.dll to my project (as a file) and specify copy to output directory if newer Add b.dll as a dll reference to my project. Use ILMerge to combine b.dll with a.dll I don't like 3 at all because it makes b.dll visible to my project, the other two seem like hacks. Am I missing other solutions? Which is the "right" way? Would a dependency injection framework be able to resolve and load b.dll?

    Read the article

  • How can I secure my $_GETs in PHP?

    - by ggfan
    My profile.php displays all the user's postings,comments,pictures. If the user wants to delete, it sends the posting's id to the remove.php so it's like remove.php?action=removeposting&posting_id=2. If they want to remove a picture, it's remove.php?action=removepicture&picture_id=1. Using the get data, I do a query to the database to display the info they want to delete and if they want to delete it, they click "yes". So the data is deleted via $POST NOT $GET to prevent cross-site request forgery. My question is how do I make sure the GETs are not some javascript code, sql injection that will mess me up. here is my remove.php //how do I make $action safe? //should I use mysqli_real_escape_string? //use strip_tags()? $action=trim($_GET['action']); if (($action != 'removeposting') && ($action != 'removefriend') && ($action != 'removecomment')) { echo "please don't change the action. go back and refresh"; header("Location: index.php"); exit(); } if ($action == 'removeposting') { //get the info and display it in a form. if user clicks "yes", deletes } if ($action =='removepicture') { //remove pic } I know I can't be 100% safe, but what are some common defenses I can use. EDIT Do this to prevent xss $action=trim($_GET['action']); htmlspecialchars(strip_tags($action)); Then when I am 'recalling' the data back via POST, I would use $posting_id = mysqli_real_escape_string($dbc, trim($_POST['posting_id']));

    Read the article

  • Should I re-use UI elements across view controllers?

    - by Endemic
    In the iPhone app I'm currently working on, I'd like two navigation controllers (I'll call them A and B) to have toolbars that are identical in appearance and function. The toolbar in question will look like this: [(button) (flexible-space) (label)] For posterity's sake, the label is actually a UIBarButtonItem with a custom view. My design requires that A always appear directly before B on the navigation stack, so B will never be loaded without A having been loaded. Given this layout, I started wondering, "Is it worth it to re-use A's toolbar items in B's toolbar?" As I see it, my options are: 1. Don't worry about re-use, create the toolbar items twice 2. Create the toolbar items in A and pass them to B in a custom initializer 3. Use some more obscure method that I haven't thought of to hold the toolbar constant when pushing a view controller As far as I can see, option 1 may violate DRY, but guarantees that there won't be any confusion on the off chance that (for example) the button may be required to perform two different (no matter how similar) functions for either view controller in future versions of the app. Were that to happen, options 2 or 3 would require the target-action of the button to change when B is loaded and unloaded. Even if the button were never required to perform different functions, I'm not sure what its proper target would be under option 2. All in all, it's not a huge problem, even if I have to go with option 1. I'm probably overthinking this anyway, trying to apply the dependency injection pattern where it's not appropriate. I just want to know the best practice should this situation arise in a more extreme form, like if a long chain of view controllers need to use identical (in appearance and function) UI elements.

    Read the article

  • Implementing search functionality with multiple optional parameters against database table.

    - by quarkX
    Hello, I would like to check if there is a preferred design pattern for implementing search functionality with multiple optional parameters against database table where the access to the database should be only via stored procedures. The targeted platform is .Net with SQL 2005, 2008 backend, but I think this is pretty generic problem. For example, we have customer table and we want to provide search functionality to the UI for different parameters, like customer Type, customer State, customer Zip, etc., and all of them are optional and can be selected in any combinations. In other words, the user can search by customerType only or by customerType, customerZIp or any other possible combinations. There are several available design approaches, but all of them have some disadvantages and I would like to ask if there is a preferred design among them or if there is another approach. Generate sql where clause sql statement dynamically in the business tier, based on the search request from the UI, and pass it to a stored procedure as parameter. Something like @Where = ‘where CustomerZip = 111111’ Inside the stored procedure generate dynamic sql statement and execute it with sp_executesql. Disadvantage: dynamic sql, sql injection Implement a stored procedure with multiple input parameters, representing the search fields from the UI, and use the following construction for selecting the records only for the requested fields in the where statement. WHERE (CustomerType = @CustomerType OR @CustomerType is null ) AND (CustomerZip = @CustomerZip OR @CustomerZip is null ) AND ………………………………………… Disadvantage: possible performance issue for the sql. 3.Implement separate stored procedure for each search parameter combinations. Disadvantage: The number of stored procedures will increase rapidly with the increase of the search parameters, repeated code.

    Read the article

  • Tomcat 7 ClassNotFoundException: org.apache.tomcat.JarScanner

    - by CodesLikeA_Mokey
    When I try and start my app I get this error. I have verified that JarScanner exists in the CATALINA_HOME directory so I dont know why it cant find it. Is there anything that could lead to this issue starting my app? I noticed that earlier in the same log i find this: [Loaded org.apache.tomcat.JarScanner from file:/usr/local/apache-tomcat-7.0.30/lib/tomcat-api.jar] Here is the actual error further down: Oct 8, 2012 1:24:01 PM org.apache.catalina.core.ContainerBase addChildInternal SEVERE: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/client]] at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:154) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:618) at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:650) at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1582) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) at java.util.concurrent.FutureTask.run(FutureTask.java:138) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:662) Caused by: java.lang.NoClassDefFoundError: org/apache/tomcat/JarScanner at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClassCond(ClassLoader.java:631) at java.lang.ClassLoader.defineClass(ClassLoader.java:615) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141) at java.net.URLClassLoader.defineClass(URLClassLoader.java:283) at java.net.URLClassLoader.access$000(URLClassLoader.java:58) at java.net.URLClassLoader$1.run(URLClassLoader.java:197) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:295) at java.lang.ClassLoader.loadClass(ClassLoader.java:247) at org.apache.catalina.core.StandardContext.getJarScanner(StandardContext.java:1025) at org.apache.catalina.startup.ContextConfig.processJarsForWebFragments(ContextConfig.java:1911) at org.apache.catalina.startup.ContextConfig.webConfig(ContextConfig.java:1265) at org.apache.catalina.startup.ContextConfig.configureStart(ContextConfig.java:878) at org.apache.catalina.startup.ContextConfig.lifecycleEvent(ContextConfig.java:369) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119) at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:90) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5173) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) ... 11 more Caused by: java.lang.ClassNotFoundException: org.apache.tomcat.JarScanner at java.net.URLClassLoader$1.run(URLClassLoader.java:202) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:247) ... 33 more Oct 8, 2012 1:24:01 PM org.apache.catalina.startup.HostConfig deployDescriptor SEVERE: Error deploying configuration descriptor /software/sirsi/tomcat_sbox7/conf/Catalina/localhost/client.xml java.lang.IllegalStateException: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/client]] at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:904) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:618) at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:650) at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1582) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) at java.util.concurrent.FutureTask.run(FutureTask.java:138) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:662) Oct 8, 2012 1:24:01 PM org.apache.catalina.startup.HostConfig deployDescriptor INFO: Deploying configuration descriptor /software/sirsi/tomcat_sbox7/conf/Catalina/localhost/custom.xml Oct 8, 2012 1:24:01 PM org.apache.catalina.core.StandardContext setPath WARNING: A context path must either be an empty string or start with a '/'. The path [custom] does not meet these criteria and has been changed to [/custom] Oct 8, 2012 1:24:01 PM org.apache.catalina.startup.SetContextPropertiesRule begin WARNING: [SetContextPropertiesRule]{Context} Setting property 'debug' to '0' did not find a matching property. Oct 8, 2012 1:24:01 PM org.apache.catalina.core.ContainerBase addChildInternal SEVERE: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/custom]] at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:154) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:618) at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:650) at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1582) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) at java.util.concurrent.FutureTask.run(FutureTask.java:138) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:662) Caused by: java.lang.NoClassDefFoundError: org/apache/tomcat/util/scan/StandardJarScanner at org.apache.catalina.core.StandardContext.getJarScanner(StandardContext.java:1025) at org.apache.catalina.startup.ContextConfig.processJarsForWebFragments(ContextConfig.java:1911) at org.apache.catalina.startup.ContextConfig.webConfig(ContextConfig.java:1265) at org.apache.catalina.startup.ContextConfig.configureStart(ContextConfig.java:878) at org.apache.catalina.startup.ContextConfig.lifecycleEvent(ContextConfig.java:369) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119) at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:90) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5173) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) ... 11 more Oct 8, 2012 1:24:01 PM org.apache.catalina.startup.HostConfig deployDescriptor SEVERE: Error deploying configuration descriptor /software/sirsi/tomcat_sbox7/conf/Catalina/localhost/custom.xml java.lang.IllegalStateException: ContainerBase.addChild: start: org.apache.catalina.LifecycleException: Failed to start component [StandardEngine[Catalina].StandardHost[localhost].StandardContext[/custom]] at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:904) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:618) at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:650) at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1582) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) at java.util.concurrent.FutureTask.run(FutureTask.java:138) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:662)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 460 461 462 463 464 465 466 467 468 469 470 471  | Next Page >