Search Results

Search found 34056 results on 1363 pages for 'mod access'.

Page 512/1363 | < Previous Page | 508 509 510 511 512 513 514 515 516 517 518 519 | Next Page >

Removing the email validation requirement - Login Toboggan

- by Rob Orr

I'm building a premium membership site where a visitor can purchase a role and gain access to the privileged content using ubercart. I've got all that working fine, but the last tiny snag that my client wants to remove is to remove the validation email requirement that's fired when someone signs up on the site in Login Toboggan (6.1.9). I've got nothing set that is forcing this extra step and I've come to believe that this may be a feature in Drupal (acquia distro 6.22) core for any user that registers. I was hoping that this module (login toboggan) would eliminate that step but I've not as of yet been able to do so. I can allow the newly registered user access by setting that in the module, but the notification and validation email requirement still remains. Can anyone recommend a way around this? I just want them to be able to come to the site purchase their membership without any validation/confirmation email. Is this possible? Thanks - Rob

Read the article
NHibernate filters don't work with Session.Get

- by Khash

I'm trying to implement a Soft-deletable repository. Usually this can be easily done with a Delete Event listener. To filter out the deleted entities, I can add a Where attribute to my class mapping. However, I also need to implement two more methods in the repository for this entity: Restore and Purge. Restore will "undelete" entities and Purge will hard-delete them. This means I can't use Where attribute (since it block out soft-deleted entities to any access) I tried using filters instead. I can create a filter and enable or disable it within session to achieve the same result. But the problem is filters don't have any effect on Session.Get method (they only affect ICriteria based access). Any ideas as to how solve this problem? Thanks

Read the article
CodeIgniter's Scaffolding not working

- by 01010011

Hi, I keep getting a 404 Page Not Found whenever I try to access CodeIgniter's Scaffolding page in my browser, like so: localhost/codeignitor/index.php/blog/scaffolding/mysecretword I can access localhost/codeignitor/index.php/blog just fine. I followed CodeIgnitor's instructions in their "Create a blog in 20 minutes" by storing my database settings in the database.php file; and automatically connecting to the database by inserting "database" in the core array of the autoload.php; and I've added both parent::Controller(); and $this-load-scaffolding('myTableName') to blog's constructor. It still gives me this 404. Any suggestions?

Read the article
E4X in ActionScript

- by Brian Genisio

Hey all, Looking at the E4X implementation in ActionScript, it occurs to me that they had to figure out how to do three things that I am not sure can be done within ActionScript regularly: Properties/Getters prefixed with @: var myAttribute = xmlPerson.@name; Nameless functions for filtering: xmlData.person.(/* predicate */) lambda syntax for predicates: xmlData.person.(@name == "Brian") So here is my question: Are these just one-off capabilities (much like Vector.<>) they put in just for E4X, therefore keeping out of reach for us? Or do we, as ActionScript developers, have access to these features? More specifically, I'd love to get access to the expression tree of that lambda predicate for my own code (not tied to the XML classes in any way). I figured out that this is called the "filter operator"... but I am not sure how to harness it. Not sure I can... since ActionScript does not allow for operator overloading :(

Read the article
Java - SwingWorker - problem in done() method

- by Yatendra Goel

I am using javax.swing.SwingWorker for the first time. I want to update a JLabel from the interim result published by the swing worker as follows: publish("Published String"); Now to update the JLabel, I have coded the following: process(List<String> chunks) { if (chunks.size() > 0) { String text = chunks.get(chunks.size() - 1); label.setText(text); } } The above code works but my problem(or to be more specific, my doubt) is as follows: The above swing worker task is an annonymous inner class so it can access label field. But what if I want to make the swing worker class a non-inner class. Should I need to pass label as an argument to the constructor of swing worker class so that the process() method can access. Or Is there any other way? What approach does other developer follow to update UI components from the swing worker class' result when the swing worker class is not an inner class?

Read the article
How to find modal dialog opener from javascript?

- by yapiskan

I have a page that opens a modal dialog. After the operations done on dialog I want to refresh the opener page. But when I open the popup by using "openDialog" I cannot access to the opener by using window.opener on popup page. It appears "undefined" when I wanted to access. (I dont want to use "popup" method in this case. I want it to be a dialog by the way. using "popup" is my second plan.) What is the best practice to get rid off this issue?

Read the article
Jenkins and Visual Studio Online integration authentication

- by user3120361

right now I am trying to Setup Continuouse Integration - Delivery for a basic WCF Service, which will be hosted on a Microsoft Azure VM. The Project is Version Controlled through Visual Studio Online. So I installed Jenkins (also on the Azure VM), TFS plugin etc. and started the first Test Build: As Server URL I used "[VSO Adress]/DefaultCollection" and for Login purposes my Microsoft Account (I can Access VSO with that). The Problem is, when I run the Build I get the following error: Started by user Developer Building in workspace C:\Program Files (x86)\Jenkins\jobs\test\workspace [workspace] $ "C:\Program Files (x86)\TEE-CLC-11.0.0.1306\TEE-CLC-11.0.0\tf.cmd" workspaces -format:brief -server:[VSO Adress]/DefaultCollection ****" An error occurred: Access denied connecting to TFS server [VSO Adress] (authenticating as har****@*******o.com) FATAL: Executable returned an unexpected result code [100] ERROR: null Finished: FAILURE So my question is, whether it is generally possible to connect Jenkins and VSO that way and if so, which login credentials are needed

Read the article
Possible Performance Considerations using Linq to SQL Repositories

- by Robert Harvey

I have an ASP.NET MVC application that uses Linq to SQL repositories for all interactions with the database. To deal with data security, I do trimming to filter data to only those items to which the user has access. This occurs in several places: Data in list views Links in a menu bar A treeview on the left hand side containing links to content Role-based security A special security attribute, inheriting from AuthorizeAttribute, that implements content-based authorization on every controller method. Each of these places instantiates a repository, which opens a Linq to Sql DataContext and accesses the database. So, by my count, each request for a page access opens at least six separate Linq to SQL DataContexts. Should I be concerned about this from a performance perspective, and if so, what can be done to mitigate it?

Read the article
How to determine whether a .NET exception is being handled?

- by romkyns

We're investigating a coding pattern in C# in which we'd like to use a "using" clause with a special class, whose Dispose() method does different things depending on whether the "using" body was exited normally or with an exception. To the best of my understanding, the CLR keeps track of the current exception being handled until it's been consumed by a "catch" handler. However it's not entirely clear whether this information is exposed in any way for the code to access. Do you know whether it is, and if so, how to access it? For example: using (var x = new MyObject()) { x.DoSomething(); x.DoMoreThings(); } class MyObject : IDisposable { public void Dispose() { if (ExceptionIsBeingHandled) Rollback(); else Commit(); } } This looks almost like System.Transactions.TransactionScope, except that success/failure is not determined by a call to x.Complete(), but rather based on whether the using body was exited normally.

Read the article
Apache/Rails/Passenger directory URLs that don't end in '/' fail to 404.

- by Portamento

I'm using Apache with passenger to run a rails app. In my rails app, I have some static content in subdirectories of the public directory. Each subdirectory has an index.html in it. So, inside the public directory, I have a subdir called 'b' and inside it, is an index.html. So it's like this: /public/b/index.html I have links to these pages, of the form: http://a.com/b If I do this in my regular non-rails web directory, Apache correctly rewrites this URL to be http://a.com/b/ which then, subsequently shows the index.html. It's only when accessing my rails app that it doesn't work. In fact, if I turn off passenger mod... so it just accesses my rails app like a regular document root, it works correctly also. What the heck do I need to do to get this to work properly with passenger? Again, it works fine in apache itself when passenger is not involved. I am running passenger 2.1.3. I have another server running passenger 2.0 that doesn't seem to have this problem, but I don't see anything different in the config other than the different versions of passenger itself. HELP! Been working on this for two days solid with no improvement!

Read the article
Multitenant shared user account?

- by jpartogi

Dear all, Based on your experience, which is the route to go for a multi-tenant user login? One user login per account. Which means if there is one user that has access to multiple account, there will be redundancy of record in the database One user login for all account that she has privileges to. Which means one user record has access to multiple account if she has privileges to that account. From your experience, which one is better and why? I was thinking to choose the latter, but I don't know whether it will cause security issue or less flexibility. Thank you for sharing your experience.

Read the article
How to make an Asp.net MVC 2 website have a Private Beta Mode.

- by Mark Kitz

I am creating an ASP.Net MVC website that I am launching soon in private beta. What I am using. ASP.NET MVC 2 ASP.NET Sql Membership Provider Authorization Attributes on ActionMethods. ex. [EditorsOnly] What I am trying to accomplish: During the private Beta period of my website, I want no anonymous users to access my site. Only Beta Testers of my site should be able to login and use my site as normal. After the private beta period people can access it using the security structure I already have set up. I am hoping I do not have to recompile but can have a setting in the webconfig to switch between Private Beta mode to Normal mode. Thanks for your suggestions.

Read the article
Apache + Passenger not passing on custom status codes

- by harm

I'm currently building an API. This API communicates with the client via status codes. I created several custom status codes (as per http://www.w3.org/Protocols/rfc2616/rfc2616-sec6.html#sec6) in order to inform the client on certain things. For example I introduced the 481 status code to signify a specific client error. The Rails app I wrote works like a charm. But when Apache and Passenger are serving it things run aground. When I provoke a 481 error the response header looks like this: HTTP/1.1 500 Internal Server Error Date: Wed, 19 May 2010 06:37:05 GMT Server: Apache/2.2.9 (Debian) Phusion_Passenger/2.2.5 mod_ssl/2.2.9 OpenSSL/0.9.8g X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.2.5 Cache-Control: no-cache X-Runtime: 1938 Set-Cookie: _session_id=32bc259dc763193ad57ae7dc19d5f57e; path=/; HttpOnly Content-Length: 62 Status: 481 Content-Type: application/json; charset=utf-8 As you can see the original Status header is still there almost a the end. But the 'true' status header (the very first line) is quiet different. It seems that Apache doesn't like Status headers it has no knowledge of and thus assumes an error. Is there anyway to fix this? Maybe via the mod_headers ( http://httpd.apache.org/docs/2.2/mod/mod_headers.html) module? I don't know enough of Apache to figure this out on my own. Thanks,

Read the article
What are the weaknesses of this user authentication method?

- by byronh

I'm developing my own PHP framework. It seems all the security articles I have read use vastly different methods for user authentication than I do so I could use some help in finding security holes. Some information that might be useful before I start. I use mod_rewrite for my MVC url's. Passwords are sha1 and md5 encrypted with 24 character salt unique to each user. mysql_real_escape_string and/or variable typecasting on everything going in, and htmlspecialchars on everything coming out. Step-by step process: Top of every page: session_start(); session_regenerate_id(); If user logs in via login form, generate new random token to put in user's MySQL row. Hash is generated based on user's salt (from when they first registered) and the new token. Store the hash and plaintext username in session variables, and duplicate in cookies if 'Remember me' is checked. On every page, check for cookies. If cookies set, copy their values into session variables. Then compare $_SESSION['name'] and $_SESSION['hash'] against MySQL database. Destroy all cookies and session variables if they don't match so they have to log in again. If login is valid, some of the user's information from the MySQL database is stored in an array for easy access. So far, I've assumed that this array is clean so when limiting user access I refer to user.rank and deny access if it's below what's required for that page. I've tried to test all the common attacks like XSS and CSRF, but maybe I'm just not good enough at hacking my own site! My system seems way too simple for it to actually be secure (the security code is only 100 lines long). What am I missing? I've also spent alot of time searching for the vulnerabilities with mysql_real_escape string but I haven't found any information that is up-to-date (everything is from several years ago at least and has apparently been fixed). All I know is that the problem was something to do with encoding. If that problem still exists today, how can I avoid it? Any help will be much appreciated.

Read the article
Requesting a website by client side script = Cross Side Scripting Hack. But requesting a website by

- by 1s2a3n4j5e6e7v

Generally, when we want to show the contents of some web page in the same page, we go for ajax requests. If say, I request to a web page in different domain with AJAX, it is not allowed because of the Cross side scripting error. But why is it allowed to access via a server side page. For e.g. we can use CURL in php to access any site.? Why is this feature OK for server side scripting and NOT OK for Client Side Scripting?

Read the article
How to store private pictures and videos in Ruby on Rails

- by TK

Here's a story: User A should be able to upload an image. User A should be able to set a privacy. ("Public" or "Private"). User B should not be able to access "Private" images of User A. I'm planning to user Paperclip for dealing with uploads. If I store the images under "RAILS_ROOT/public/images", anyone who could guess the name of the files might access the files. (e.g., accessing http://example.com/public/images/uploads/john/family.png ) I need to show the images using img tags, so I cannot place a file except public. How can I ensure that images of a user or group is not accessible by others?

Read the article
PHP can be exclusively accessed by SWF

- by brett

I'm not sure how to describe this, but basically I have a PHP class file: class HelloHello { public function getSomeData($input_parameter){ // code to retrieve data from the database } public function deleteSomeData($input_parameter){ // code to delete data from the database } } This class is on the server and is part of the backend that connects with a database, and it's meant to be accessed by the frontend SWF only (not to be directly accessed). I've setup Flex to read this class and access it. But how do I make sure that someone doesn't develop a script that can call this php file directly and access its methods? For example using a script to add data in a fast automated way, or use the delete method directly, ouch. Is this a legitimate concern, or this can't be done?

Read the article
Does my Dictionary must use locking mechanism?

- by theateist

Many threads have access to summary. Each thread will have an unique key for accessing the dictionary; Dictionary<string, List<Result>> summary; Do I need locking for following operations? summary[key] = new List<Result>() summary[key].Add(new Result()); It seems that I don't need locking because each thread will access dictionary with different key, but won't the (1) be problematic because of adding concurrently new record to dictionary with other treads?

Read the article
jquery ajax vs browser url

- by danwoods

Hello all, I'm trying to use youtube's api to bring back a listing of a user's videos. The request url looks something like: http://gdata.youtube.com/feeds/api/users/username/uploads with 'username' being the correct username. This bring back the appropriate url in the browser. However when I try to access that url via jQuery's $.ajax or $.get functions, using something like: $.ajax({ //set parameters url: "http://gdata.youtube.com/feeds/api/users/username/uploads", type: "GET", //on success success: function (data) { alert("xml successfully captured\n\n" + data); }, //on error error:function (XMLHttpRequest, textStatus, errorThrown, data){ alert(" We're sorry, there seem to be a problem with our connection to youtube.\nYou can access all our videos here: http://www.youtube.com/user/username"); alert(data); } }); $.get("http://gdata.youtube.com/feeds/api/users/username/uploads", function(data){ alert("Data Loaded: " + data); }); I get an empty document returned. Any ideas why this is?

Read the article
In Java, is there a way to obtain the command line parameters even if main() didn't save them?

- by Uri

We have a program with a main() that parses certain CLPs but does not save them anywhere. I then have my own plug-in code that needs access to the original CLPs (so I can transmit more parameters) for it. However, I cannot change main() I saw that there is apparently a way to do this in C#, I'm looking for an equivalent Java solution on Linux. UPDATE: Obviously, I'm aware of how main() works. Unfortunately, I cannot change the existing application or the way it is invoked (except for CLPs). I can only access via a sandboxed plugin code. My question is whether there is a way to get the command line (rather then the environment variables with -D) that the JVM was invoked with.

Read the article
Limited user premissions in team foundation server

- by Alex James

Can I setup Team Foundation Server in such a manner that every uer have only access to some source code files?

Read the article
How to create a communication layer in android

- by Palo

I want to create a communication layer in android. The layer will communicate with server asynchronously. Multiple activities should be able to call methods of the communication layer. The layer will get messages from the server (it is not important for the scope of this question how) and should be able to tell activities to do some work based on these messages. How should I implement this? Should I do this using android Service? The main questions that I need to answer are: How can activities access the layer? How can the layer access activities? How can i make the communication layer live for the lifetime of the application?

Read the article
Programmatically Binding to a Property

- by M312V

I know it's a generic title, but my question is specific. I think it will boil down to a question of practice. So, I have the following code: public class Component : UIElement { public Component() { this.InputBindings.Add(new MouseBinding(SomeCommandProperty, new MouseGesture(MouseAction.LeftClick))); } } I could easily aggregate the ViewModel that owns SomeCommandProperty into the Component class, but I'm currently waiving that option assuming there is another way. Component is a child of ComponentCollection which is child of a Grid which DataContext is the ViewModel. ComponentCollection as the name suggests contains a collection of Components. <Grid Name="myGrid"> <someNamespace:ComponentCollection x:Name="componentCollection"/> </Grid> It's the same scenario as the XAML below, but with TextBlock. I guess I'm trying to replicate what's being done in the XAML below programatically. Again, Component's top most ancestor's DataContext is set to ViewModel. <Grid Name="myGrid"> <TextBlock Text="SomeText"> <TextBlock.InputBindings> <MouseBinding Command="{Binding SomeCommandProperty}" MouseAction="LeftClick" /> </TextBlock.InputBindings> </TextBlock> </Grid> Update 1 Sorry, I'm unable to comment because I lack the reputation points. Basically, I have a custom control which inherit from a Panel which children are a collection of Component. It's not a hack, like I've mentioned, I could directly have access to SomeCommandProperty If I aggregate the ViewModel into Component. Doing so, however, feels icky. That is, having direct access to ViewModel from a Model. I guess the question I'm asking is. Given the situation that Component's parent UIElement's DataContext is set to ViewModel, is it possible to access SomeCommandProperty without Component owning a reference to the ViewModel that owns SomeCommandProperty? Programatically, that is. Using ItemsControl doesn't change the fact that I still need to bind SomeCommandProperty to each Items.

Read the article
Java/MySQL: Working with data in classes

- by skiwi

What is the best way to deal with accessing/modifying tables in a database? I have read about the Data Access Object approach, but none of the resources I have found so far indicate a clear implementation of it. So assume you have a database with a table called accounts that has columns id, name, password and email. How would you properly access it within Java? I mean most people know how to do SQL statements, but that is not really the point. I hope people here can be of help. Regards.

Read the article
Single database with multiple instances of Django

- by jwesonga

I have a Django project where the company will have a main site like www.ourcompany.org and a bunch of sub-domains like project.ourcompany.org. Content appearing in the sub-domains like case studies should also appear in the main site. I've decided to use multiple instances of Django BUT one database for each sub-domain so that I can have some flexibility and take advantage of the Sites framework. What I'm not sure of is how to access the models across the multiple instances. If I have a model: class CaseStudy(models.Model): title=models.CharField(max_length=100) site=models.ManyToMany(Site) Do I need to create this model in every instance so that I can have access to the object?

Read the article

< Previous Page | 508 509 510 511 512 513 514 515 516 517 518 519 | Next Page >