Search Results

Search found 43347 results on 1734 pages for 'php security'.

Page 493/1734 | < Previous Page | 489 490 491 492 493 494 495 496 497 498 499 500 | Next Page >

How to build completely modular web applications

- by Webnet

In the coming months we're going to begin a project where we take a system we've built for a client (v1) and rebuild it from scratch. Our goal with v2 is to make it modular, so that this specific client will have their own set of modules they use, then another client may use a different set of modules altogether. The trick here is that Company A might have a series of checkout and user modules that change how that system works. Company B might stick with the standard checkout procedure but customize how products are browsed. What are some good approaches to application architecture when you're building an application from scratch that you want to have a Core that's shared among all clients while still maintaining the flexability for anything to be modified specifically for a client? I've seen CodeIgniter's hooks and don't think that's a good solution as we could end up with 250 hooks and it's still not flexible enough. What are some other solutions? Ideally we won't need to draw a line in the sand.

Read the article
Comments Application SEO

- by user1015448

I am developing a commenting application. Users will be able to integrate this application in Blogs. I am unsure how to make the comments searchable in Search Engines. What I want is all the comments which are being posted should be included in Search Engine results when searched with relevant keywords. Please give me some hint how to do this. Do I need to use meta tags ? If so, how should I create them?

Read the article
Combining a content management system with ASP.NET

- by Ek0nomik

I am going to be creating a site that seems like it requires a blend of a content management system (CMS) and some custom web development (which is done in ASP.NET MVC). I have plenty of web development experience to understand the ASP.NET MVC side of the fence, but, I don't have a lot of CMS knowledge aside from getting one stood up. Right now my biggest question is around integrating security from ASP.NET with the CMS. I currently have an ASP.NET MVC site that handles the authentication for multiple production sites and creates an authentication cookie under our domain (*.example.com). The page acts like a single sign on page since the cookie is a wildcard and can be used in any other applications of the same domain. I'd really like to avoid having users put in their credentials twice. Is there a CMS that will play well with the ASP.NET Forms Authentication given how I have these existing applications structured? As an aside, right now I am leaning towards Drupal, but, that isn't finalized.

Read the article
DB Object passing between classes singleton, static or other?

- by Stephen

So I'm designing a reporting system at work it's my first project written OOP and I'm stuck on the design choice for the DB class. Obviously I only want to create one instance of the DB class per-session/user and then pass it to each of the classes that need it. What I don't know it what's best practice for implementing this. Currently I have code like the following:- class db { private $user = 'USER'; private $pass = 'PASS'; private $tables = array( 'user','report', 'etc...'); function __construct(){ //SET UP CONNECTION AND TABLES } }; class report{ function __construct ($params = array(), $db, $user) { //Error checking/handling trimed //$db is the database object we created $this->db = $db; //$this->user is the user object for the logged in user $this->user = $user; $this->reportCreate(); } public function setPermission($permissionId = 1) { //Note the $this->db is this the best practise solution? $this->db->permission->find($permissionId) //Note the $this->user is this the best practise solution? $this->user->checkPermission(1) $data=array(); $this->db->reportpermission->insert($data) } };//end report I've been reading about using static classes and have just come across Singletons (though these appear to be passé already?) so what's current best practice for doing this?

Read the article
How to find classes that use certain DB tables

- by Songo

Problem: I'm asked to prepare a document where all our DB tables are listed and I'm supposed to list all Controllers that uses these DB tables for read and another list for Controllers that do write operations. Ex: +------------------------------------------+------------+ | DB table | tbl_Orders | +------------------------------------------+------------+ |Controllers that perform read operations | ?? | +------------------------------------------+------------+ |Controllers that perform write operations | ?? | +------------------------------------------+------------+ We are trying to write some documentation for a legacy system built using Zend framework. The code is scattered everywhere. There is code in the Controllers, in the models and even in the views. The application uses PROPEL as an ORM. What makes this really difficult is that the Controller may not be directly calling the table, but it may be instantiating a model class that calls that table. Is there an educated way to approach this crazy task? Note: Searching for the table name won't provide a solution because if a model uses that table I wouldn't know which Controller is using that model.

Read the article
Identifying elements from data feeds generated by affiliate sites

- by SPI

I am working with data feeds from affiliate sites. The basic idea is to provide an interface where the user can paste a link to an XML datafeed (these are huge btw, around 60 mb) that would then be streamed, parsed into small chunks, and mined for the required data which would then be stored in the database. The problem is that different affiliate sites have different Schemas for their XML's. It is a little hard mapping the elements in an XML to your database attributes when you don't actually know which element contains what. My Solution: Use XPath to traverse through the first set of parent and it's descendent's, fetch the elements as well as the data and and ask the user to map this data to the attributes in the database by selecting from a set of radio buttons that represent the attributes from the database. This will be done just once for each new Feed, once the system know's what's what it will automatically upload the data from the XML to the database. Does this sound viable? Is there a better solution? I realize this leaves an uncomfortable opening for human error.. Thanks.

Read the article
How do you know when to split an object method into 2 or more other methods?

- by blacktie24

Hi, I know this is a very basic question, but I sometimes find myself struggling to figure out when to split a single object method into multiple methods. For example, I am trying to set up an ACL using Zend_Acl and Zend_Auth, as shown in this tutorial: http://devzone.zend.com/article/1665. However, I am wondering if the My_Plugin_Auth::preDispatch() method should invoke calls to a method called authenticate() and a method called authorize(), instead of having everything lumped in under preDispatch(). I was thinking that this would make the code more readable and encapsulate the logic into its smaller parts, but i'm not sure if this is reason enough.

Read the article
Uploading images to a post like on the stackexchange websites [on hold]

- by Loko

Stackexchange uses imgur link to show the image to their website, but how do I do this? I am really curious on what ways I can upload an image to a file and show it immediatly again. Like webshops where you can post your products are also uploading images to show them immediatly. What way are there to do this and what is the best / most secure?(I assume how stackexchange does it), but I also have no idea how to do that.

Read the article
Repository query conditions, dependencies and DRY

- by vFragosop

To keep it simple, let's suppose an application which has Accounts and Users. Each account may have any number of users. There's also 3 consumers of UserRepository: An admin interface which may list all users Public front-end which may list all users An account authenticated API which should only list it's own users Assuming UserRepository is something like this: class UsersRepository extends DatabaseAbstraction { private function query() { return $this->database()->select('users.*'); } public function getAll() { return $this->query()->exec(); } // IMPORTANT: // Tons of other methods for searching, filtering, // joining of other tables, ordering and such... } Keeping in mind the comment above, and the necessity to abstract user querying conditions, How should I handle querying of users filtering by account_id? I can picture three possible roads: 1. Should I create an AccountUsersRepository? class AccountUsersRepository extends UserRepository { public function __construct(Account $account) { $this->account = $account; } private function query() { return parent::query() ->where('account_id', '=', $this->account->id); } } This has the advantage of reducing the duplication of UsersRepository methods, but doesn't quite fit into anything I've read about DDD so far (I'm rookie by the way) 2. Should I put it as a method on AccountsRepository? class AccountsRepository extends DatabaseAbstraction { public function getAccountUsers(Account $account) { return $this->database() ->select('users.*') ->where('account_id', '=', $account->id) ->exec(); } } This requires the duplication of all UserRepository methods and may need another UserQuery layer, that implements those querying logic on chainable way. 3. Should I query UserRepository from within my account entity? class Account extends Entity { public function getUsers() { return UserRepository::findByAccountId($this->id); } } This feels more like an aggregate root for me, but introduces dependency of UserRepository on Account entity, which may violate a few principles. 4. Or am I missing the point completely? Maybe there's an even better solution? Footnotes: Besides permissions being a Service concern, in my understanding, they shouldn't implement SQL query but leave that to repositories since those may not even be SQL driven.

Read the article
When should I start learning a PHP Framework

- by Festus

I'm a beginner programmer I have been learning PHP for a while, though not consistently. But for the past few months (say 3 months) I have been a bit consistent in my learning, largely because of a project a friend ask me to do for him since he knew I was into web design. Though I struggled to complete the tiny project for him after about 3 weeks, because I got stuck some times and I have to look up tutorials/references relating to the problem I was trying to solve, but I feel fulfilled been able to accomplish a project and along the way grab most of PHP basics. My interest in Web development has grew higher since completing that project and I have been trying to learn PHP/MySQL as fast as I could, because the same friend want me to do something else for him, which to me is way beyond the basics I know. Though I don't charge him anything, but it gives me a sense of fulfillment. I want to learn a framework, because I heard it can make you accomplish more as a web developer and makes life much easier. Can I learn a framework without having OOP knowledge? I know how to create and use functions, though I don't use it much I know my question is not straight forward, but I know you will understand were I'm coming from and advice me appropriately. I wish to become a professional Web Developer. I really need your professional advice.

Read the article
Apache: DoS with mod_deflate & range requests, tomcat also? [migrated]

- by VextoR

I know that apache has a security bug http://seclists.org/fulldisclosure/2011/Aug/175 So if you do this command: curl -I -H "Range: bytes=0-1,0-2" -s www.yandex.ru/robots.txt it says HTTP/1.1 206 Partial Content it means, the problem is exist. But the fact is, that for apache tomcat (our server) curl says 206 Partial Content as well. So we need to fix it. I found solution for apache HTTP (.htaccess, mod_headers) but not for tomcat. I'm very newbie for servers things, so can't understand most, so please help

Read the article
Setting up fastcgi on an Ubunutu server (socket file permissions issue)

- by gray alien

I am trying to set up mod_fcgid on my server. Part of the requirement is that Apache needs to create a socket file for mod_fcgid. I specified the folder for Apache to write the socket data to: /var/run/apache2/fcgid I then specified this file in my fcgid.conf file as follows: SocketPath /var/run/apache2/fcgid/sock I then changed the owner of the folder to www-data (the apache user) and gave the owner full permissions to the folder and its contents. I was able to run my test fcgi app then. When I rebooted the machine, y fastcgi app no longer worked. After some investigation, I found that ownership of /var/run/apache2/fcgid has been reset to root, and with permission reset to 700 I have the following questions: Is there something specific about the /var/run folder? why is the permissions being reset after a reboot? Should I move my socket file to another location (in case root automatically takes ownership of contents in this folder for security reasons?) I am running Ubuntu 10.0.4 LTS 64 bit

Read the article
Is there a more efficient way to filter large arrays than preg_match()?

- by hozza

I have a log that our web application builds. Each month it contains around 16,000 entries of a string with about the average sentence worth of text. To filter/search through these in our admin panel the script uses preg_match() but this seems to be taking ages and timing out on the 30sec limit. I have isolated that it is indeed the preg_match() that causes the time out. Is there a more efficient way to search through values in a large array for a users input?

Read the article
Storing data on server [closed]

- by Maciekp

1.How am I supposed to store data on server, using not only: databases,text files and images? And how someone could implement storing data in fb's graph api http://developers.facebook.com/docs/reference/api/ , so when I go to: https://graph.facebook.com/19292868552 it shows me such data(how it can be stored? I guess it's not Mysql database) PS. Link to article: http://jayant7k.blogspot.com/2009/05/how-facebook-stores-billions-of-photos.html <- How can concurrent users writing requests be solved(while storing data in text file).

Read the article
Access Token Verification

- by DecafCoder

I have spent quite a few days reading up on Oauth and token based security measures for REST API's and I am currently looking at implementing an Oauth based authentication approach almost exactly like the one described in this post (OAuth alternative for a 2 party system). From what I understand, the token is to be verified upon each request to the resource server. This means the resource server would need to retrieve the token from a datastore to verify the clients token. Given this would have to happen upon every request I am concerned about the speed implications of hitting a datastore like MySQL or NoSQL upon every request just to verify the token. Is this the standard way to verify tokens by having them stored in a RDBMS or NoSQL database and retrieved upon each request? Or is it a suitable solution to have them cached (baring in mind that we are talking millions of users)?

Read the article
What to do about this gnome-keyring message?

- by arroy_0209

I upgraded from ubuntu 10.04 to 12.04 and installed lxde. Since then whenever I try to print some file (or use command lpstat), I get this message on the terminal: "WARNING: gnome-keyring:: couldn't connect to: /tmp/keyring-SZ59jJ/pkcs11: No such file or directory". This is beyond my knowledge and from search I only realize that this mey be related to security (as learned from gnome-keyring on wikipedia). I have no idea what to about this warning. Can anybody please suggest? Evidently as stated, I am not using gnome desktop, I choose lxde session at the time of logging in.

Read the article
Interface hierarchy design for separate domains

- by jerzi

There are businesses and people. People could be liked and businesses could be commented on: class Like class Comment class Person implements iLikeTarget class Business implements iCommentTarget Likes and comments are performed by a user(person) so they are authored: class Like implements iAuthored class Comment implements iAuthored People's like could also be used in their history: class history class Like implements iAuthored, iHistoryTarget Now, a smart developer comes and says each history is attached to a user so history should be authored: interface iHistoryTarget extends iAuthored so it could be removed from class Like: class Person implements iLikeTarget class Business implements iCommentTarget class Like implements iHistoryTarget class Comment implements iAuthored class history interface iHistoryTarget extends iAuthored Here, another smart guy comes with a question: How could I capture the Authored fact in Like and Comment classes? He may knows nothing about history concept in the project. By scalling these kind of functionallities, interfaces may goes to their encapsulated types which cause more type strength, on the other hand explicitness suffered and also code end users will face much pain to process. So here is the question: Should I encapsulate those dependant types to their parent types (interface hierarchies) or not or explicitly repeat each type for every single level of my type system or ...?

Read the article
Tunneling through SSH for 1521 port access?

- by A T

I am developing locally on my computer, using my own Apache server with PHP configured. My database however is remotely located on an Oracle 11g Database Server. We were also given a separate remote server for hosting our .html and .php files, however only FTP access has been provided there. Development is far too slow waiting for the FTP connection to push. So I decided to develop locally, but still use the remote DB server. Unfortunately that gives me an error. Not sure how—or where—to integrate tunnelling. Do I add something to the oci_connect HOST in my PHP file, or do I encapsulate my whole environment over SSH?

Read the article
Sharing object between 2 classes

- by Justin

I am struggling to wrap my head around being able to share an object between two classes. I want to be able to create only one instance of the object, commonlib in my main class and then have the classes, foo1 and foo2, to be able to mutually share the properties of the commonlib. commonlib is a 3rd party class which has a property Queries that will be added to in each child class of bar. This is why it is vital that only one instance is created. I create two separate queries in foo1 and foo2. This is my setup: abstract class bar{ //common methods } class foo1 extends bar{ //add query to commonlib } class foo2 extends bar{ //add query to commonlib } class main { public $commonlib = new commonlib(); public function start(){ //goal is to share one instance of $this->commonlib between foo1 and foo2 //so that they can both add to the properites of $this->commonlib (global //between the two) //now execute all of the queries after foo1 and foo2 add their query $this->commonlib->RunQueries(); } }

Read the article
How to edit thousands of html pages at once? [on hold]

- by Johnsy Omniscient

I need to edit thousands of pages for a website with dynamic content added manually by the owner throughout 3 years, it has thousands of pages and I'm sure there is a better way to edit them without spending hours opening each one of them. I know it would be easy to just edit the styles.css but page dynamics like the positions of the google ad-boxes are individually edited inside the html of each page, so there is no way to solve this through css. Is there some sort of code, script and macro that can edit the pages at once?

Read the article
I need to create an employee schedule/appointments program, but I don't know how to set it up

- by robz228

I work for a gym. I am the programmer, its just me, nobody else! Gets really frustrating when there's nobody to bounce conceptual ideas off of. I'm getting rid of our archaic paper binder systems for tracking appointments and what not. I've made a lot of things successfully already, now I'm trying to tackle the personal training department. What I want: Trainer information and work schedule Appointment booking that can be done by time slot with all available trainers for that time, or by trainer with all available hours for that trainer What I've tried so far: I started with an 'appointments' database, a 'trainers' database, and a 'schedules' database. This became so complicated trying to fit the schedule in that I scrapped it. Does anyone know know the best way to structure the tables for this and how to sort of make them communicate correctly? I don't need specific code, I just need help understand how to make this thing!

Read the article
Synchronizing Mysql Table Schema [on hold]

- by user1122069

I have some difficulty keeping track of my SQL changes in a text file in SVN. One solution that I am aware of is to put the SQL queries in files (1.sql, 2.sql...) and to manually load each file at the proper time. Besides missing commas, the process is too cumbersome when builds become more frequent. I have actually taken to asking a co-worker to send me his SQL changes on Skype and we just apply the changes immediately on our local, development, and production servers (using three PhpMyAdmin tabs). I have seen several GUI tools mentioned in similar questions on SO, but these are actually more work and less automated than the aforementioned methods. Is there any standardized process by which this is done in an automated way? I can only guess that large companies build their own mechanisms of keeping track of database schema changes (yet I can't find a word about it - maybe they use files?). This question was closed as off-topic on Stack Overflow, so I am re-posting it here.

Read the article
What plug in or module to use with WordPress? [migrated]

- by Qacro

I am developing travel website where users can search and book their travel deal. It goes like this: Providers are creating their travel deals (same as some blogger create blog in WordPress); Users book wanted travel deals; Providers, who have their account where they can see if users book their deal, are notified by the email and sms about just booked (sold) deal. Site is going to be developed using WordPress. Is there any plugin or module that I can use to accomplish this, or at least something similar to reconfigure and not to take this process from scratch?

Read the article
OOP Structure for web application

- by Query

Ok so I have a website in which users complete tasks to earn points. When they earn enough points, they rise in rank. The site from my understanding is very basic and only executes one query or two queries at most a page. There is a user table, a support ticket table, and an orders table. All of these contain a relational row for username. Our class was familiarized with OOP back in highschool with Java but that was for video games and I could grasp the concept on why you would need a class player and class enemy. However I don't understand it's web application. At least not in my situation. I understand the user class might contain stuff like: getUsername getPoints getEmail setEmail addPoints (does this belong here? OR only things the user can manipulate should be here?) etc.. But I'm at a loss with everything else such as user registration. Can you help give me a wire framework that I could wrap my head around? Pointing me to a good eBook would help greatly

Read the article
SSL on multiple directories

- by Shredder

I have a website that is http, but has a port set up for https for a specific directory that is for the shopping cart. Now I'd like to use our SSL on a different directory in the same site as well. How can I go about configuring that? I have tried looking into all of the config files as well as the docs and cannot figure it out. I tried setting this in httpd.config as well <VirtualHost 127.0.0.1:[ssl port]> #also tried *:[ssl port] and [actual IP]:[ssl port] ServerAdmin [email protected] DocumentRoot "C:/path/sslNeededDir" ServerName www.example.com </VirtualHost> hoping that it would cause pages in this directory to use ssl port and become https, but that didn't do anything. Any help is greatly appreciated. Update: This finally got migrated over. I'm still looking for a solid answer on this. If anyone could help me, it would be greatly appreciated.

Read the article

< Previous Page | 489 490 491 492 493 494 495 496 497 498 499 500 | Next Page >