Search Results

Search found 40159 results on 1607 pages for 'multiple users'.

Page 580/1607 | < Previous Page | 576 577 578 579 580 581 582 583 584 585 586 587 | Next Page >

What XSS/CSRF attacks (if any) to be aware of when allowing video embeds?

- by fireeyedboy

I've been assigned a project for a website where users will be allowed to upload video's (using a YouTube API) but more importantly (for me) they will also be allowed to submit video embed codes (from numerous video sites, YouTube, Vimeo, etc. etc.). Having no experience with allowing users to embed video: How can I best protect against cross site scripting and/or cross site request forgery attacks specifically for video embedding? What are some of the common pitfalls to watch for? At a minumum I would think to strip all tags except <object> and <embed>. But I have a feeling this will not be enough, will it? If it is of importance, the environment will be: PHP/Zend Framework MySQL Bonuspoints: Is there a common minimum golden rule/code template for video embed codes that are valid across all video sites that I could use to filter the input?

Read the article
PHP While Loops from Arrays

- by Michael

I have a table that contains members names and a field with multiple ID numbers. I want to create a query that returns results where any values in the ID fields overlap with any values in the array. For example: lastname: Smith firstname: John id: 101, 103 I have Array #1 with the values 101, 102, 103 I want the query to output all members who have the values 101 or 102 or 103 listed in their id field with multiple ids listed. Array ( [0] => 101 [1] => 102 [2] => 103 ) $sql="SELECT firstname, lastname, id FROM members WHERE id LIKE '%".$array_num_1."%'"; $result=mysql_query($sql); while ($rows=mysql_fetch_array($result)) { echo $rows['lastname'].', '.$rows['firstname'].'-'.$rows['id']; }

Read the article
Prolog for beginners about logic and syntax

- by lnotik

Hello everybody. I have this question : I need to create a paradict "rightGuesses" which will get 3 arguments , each one of them is a list of letters : 1) The list of guessed letters 2) The word i have to guess 3) The letters that where guessed so far . for example : rightGuesses([n,o,p,q], [p,r,o,l,o,g], Ans). will give us Ans = [p, -, o, -, o, -]. i made: rightGuesses([],T2,[ANS]) rightGuesses([A|T1],T2,[ANS]):- (member(A,T2))=\=true , rightGuesses(T1,T2,[ _ |'-']). rightGuesses([A|T1],T2,[ANS]):- member(A,T2), rightGuesses(T1,T2,[ _ |A]). but i get : ERROR: c:/users/leonid/desktop/file3.pl:5:0: Syntax error: Operator expected Warning: c:/users/leonid/desktop/file3.pl:6: when i trying to compile it what is my problem , and is there is a better way to do it ? thanks in advance.

Read the article
Station ID - more than IP

- by bensiu

Hello I am working on internal PHP application where users login only from our network (we are on dedicated IP and application is checking $_SERVER['REMOTE_ADDR'] and if is match our IP go thru if not - Bye However how I can identify from which station user is login ? Using cookie not gonna work - those are windows station working under control MS StedyState and all cookies are deleted every login I don't need nothing fancy like full MAC address just any unique ID (can not be application username - because users use different stations) Any ideas ? Maybe Javascript is able to grab some Unique detail from station's browser (IE 8) and pass this as hidden input? bensiu

Read the article
How to Integrate SharePoint 2007/2010 and Google Apps?

- by goober

Hello All, My (smaller) company has an existing Google Apps Deployment, used for E-Mail / Calendar, etc. I'm looking into a SharePoint setup (2010 most likely). One of the best features is that new events are added to one's Outlook Calendar, e-mails can be sent automatically, etc. Naturally, this works best out-of-the-box with Exchange. I know I can add my own OpenID login system via an OpenID provider for SharePoint and get my users into the system. My question is, can anyone recommend the best way to go about making sure that events automatically find their way into users' calendars and e-mails on the Google Apps system? This would enable us to deploy SharePoint without worrying about migrating our e-mail system to Exchange first (Google Apps is more cost-effective for our needs and I'm required to keep it.) Thanks in advance for any help!

Read the article
Problem deriving a user control from an abstract base class in website project

- by Sprintstar

In a Visual Studio website, I have created a user control. This control is derived from a class (in App_Code) that is itself derived from System.Web.UI.UserControl. This is an abstract class with an abstract method. I then try to implement that method in the user control, but I get the following errors from Visual Studio: Error 1 'WebUserControl.AbstractMethod()': no suitable method found to override C:\Users\User\Documents\Visual Studio 2010\WebSites\Delme\WebUserControl.ascx.cs 10 28 C:\...\Delme\ Error 2 'WebUserControl' does not implement inherited abstract member 'AbstractBaseClass.AbstractMethod()' c:\Users\User\AppData\Local\Temp\Temporary ASP.NET Files\delme\0eebaa86\f1a48678\App_Web_nrsbzxex.0.cs 14 Error 1 says that my override of the abstract method is invalid, it doesn't recognise the abstract method in the base class. Error 2 says that the partial class automatically built by asp.net doesn't implement the abstract method! Note that this works fine when the code is used in a Web Application project. Why is this happening?

Read the article
Django User "per project" group assignation

- by Ben G

Hi, Here's my problem : my site has users, which can create projects, and access other user's projects. Each project can assign different rights to users. So, i could have Project A : user "John" is in group "manager" , and Project "B" user "John" is in group "worker". How could I use the Django User authentication model to do that ? From a SQL point a view, what i would like is to be able to add "project_id" in the primary key for the "auth_user_groups" table. I don't think profile is of any help here. Any advice ? UPDATE : "worker" and "manager" are just two examples of the permission group (or "roles") that my application defines. There will be more in the future. Eg : i will probably also have "admin", "reporting", etc...

Read the article
Unable to relate two MySQL tables (foreign keys)

- by KPL

Hello people, Here's my USER table CREATE TABLE IF NOT EXISTS `users` ( `id` int(11) NOT NULL AUTO_INCREMENT, `username` varchar(100) NOT NULL, `expiry` varchar(6) NOT NULL, `contact_id` int(11) NOT NULL, `email` varchar(255) NOT NULL, `password` varchar(100) NOT NULL, `level` int(3) NOT NULL, `active` tinyint(4) NOT NULL DEFAULT '1', PRIMARY KEY (`id`,`email`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ; And here's my contact_info table CREATE TABLE IF NOT EXISTS `contact_info` ( `id` int(11) NOT NULL AUTO_INCREMENT, `name` varchar(255) NOT NULL, `email_address` varchar(255) NOT NULL, `company_name` varchar(255) NOT NULL, `license_number` varchar(255) NOT NULL, `phone` varchar(30) NOT NULL, `fax` varchar(30) NOT NULL, `mobile` varchar(30) NOT NULL, `category` varchar(100) NOT NULL, `country` varchar(20) NOT NULL, `state` varchar(20) NOT NULL, `city` varchar(100) NOT NULL, `postcode` varchar(50) NOT NULL, PRIMARY KEY (`id`,`email_address`), ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ; The system uses username to login users.I want to modify it in such a way that it uses email for login. But there's no email_address in users table. I have added foreign key - email in user table(which is email_address in contact_info). How should I query database?

Read the article
Is a "Confirm Email" input good practice when user changes email address?

- by dibson

My organization has a form to allow users to update their email address with us. It's suggested that we have two input boxes for email: the second as an email confirmation. I always copy/paste my email address when faced with the confirmation. I'm assuming most of our users are not so savvy. Regardless, is this considered a good practice? I can't stand it personally, but I also realize it probably isn't meant for me. If someone screws up their email, they can't login, and they must call to sort things out.

Read the article
Retreive list of students registered for a particular course

- by Pankaj Khurana

Hi, I have moodle1.9 installed on my system and writing some custom reports. I want to retrieve list of students registered for a particular course. I have user profile field usercategoryid through which i figure out for which category he has enrolled. Course belongs to a particular category. Through mdl_user_info_data table i retrieve the category for a particular user. I have written a query to retrieve the users who have registered for a particular category for e.g. Financial Planning 2010. But the issue is that i now want users who have registered for a particular course for e.g. Insurance Planning. There is a relation between course and course category but i am unable to find out the table where course and user information is linked. Please help me on this Thanks

Read the article
Sharepoint 2010, get the Distinct Values of a User Profile Property?

- by Michael Stum

Is there any way in SharePoint 2010 to get the Distinct values of a property accross all users? For example, I want a list of all Departments in the Profile Store. In SQL I can do SELECT DISTINCT(PropertyVal) FROM [ProfileDB].[dbo].[UserProfileValue] WHERE PropertyID = 14 but accessing the SQL Database is a big no-no of course, so I wonder if there is something in the object model? Note that accessing the User Information List on an SPSite is not good enough, as only a fraction of all users is in that list. I want to get it directly from the Profile Store.

Read the article
VMWare Tools StartUp Script

- by Horst Walter

I am on the latest version of VMWare Workstation. In my VMWareTools I have configrued an individual script file (start.bat) to be started when the (guest) OS is booted. Unfortuantely it does not run when starting the guest system as intended. When pressing "run now" it works Running the script from CMD works as well I have changed the service (VMWareTools service) to run under different users - no success All Users (of the service) have had Administrator privileges I have no idea what is going wrong. Maybe someone is having an idea ....

Read the article
Hardware-specific questions

- by overflow

I'm good at programming yet I feel like I don't know enough about the architecture of the hardware I'm working on. What does the Northbridge on the mainboard do? What does the L2 cache of my processor do? Can Windows XP use multiple processors? Not in terms of concrete multitasking in all programs but using the capacity of all cores if needed instead of always only one core. How can my processor/mainboard interact with multiple kinds of graphics/sound cards?

Read the article
Membership.ValidateUser always returns false after upgrade to VS 2010 / .NET 4.0

- by nw

Not sure whether this pertains to VS 2010 or to the upgraded framework, but... we are using the Oracle membership provider to authenticate users. Prior to the upgrade everything worked fine, but now Membership.ValidateUser(user, password) returns false despite valid credentials. There is no exception thrown, so it's hard to determine what the problem might be. The website administration tool in VS 2010 is still able to manage users and roles (more or less), so I have no reason to question connectivity. What might the problem be?

Read the article
Validation errors from Google App Engine Logout link

- by goggin13

I am making a web page using the Google App Engine. I am validating my pages, and found that the logout link that is generated by the call to the users api (in python) users.create_logout_url(request.uri) does not validate as XHTML 1.0 Strict. The href in the anchor tag looks like this: /_ah/login?continue=http%3A//localhost%3A8080/&action=Logout Including a link with this anchor text throws three different validation errors: *general entity "action" not defined and no default entity *reference to entity "action" for which no system identifier could be generated *EntityRef: expecting ';' Here is a dummy page with the anchor tag in it, if you want to try it on w3c validator.Dummy Page. The logout link wont work, but you can see how the page is valid without it, but the actual text inside the href tag breaks the validation. Any thoughts on whats going on? Thank you!

Read the article
Vim: multi-file editing - having different makes in different splits

- by gmatt

I'm a recent vim convert (from fancy IDEs like eclipse.) I love the :make command in vim and use it extensively; however I also like to edit multiple projects (with separate makefiles.) So usually to edit more than one project I will do pushd project1 vim project1.cpp [suspend signal] pushd ../project2 vim project2.cpp and now I can switch between the two projects with ctrl+z i.e. suspend signal, and fg. When this becomes an issue is when I want to open one project in the context of another so I can do copy/pasting. So if instead in the above I do pushd project1 vim project1.cpp :vsp ../project2/project2.cpp I can edit both concurrently in the same vim process, however I can't effectively build one or the other with the :make command, it will only build project 1. Does anyone have some kind of scheme that gives them the best of both worlds: being able to edit concurrently while still being able to build multiple projects with the :make command all from the same vim process?

Read the article
What choices to make for an application backend

- by Saif Bechan

I am creating an web application and I at the point that i am starting to make backend choices. Now there are a lot of ways to go with this, so I am looking for some good points and back practices. Some of the question i have involve: Should i make a seperate table in the db for admin users Should i extend make some classes to load the admin data and the normal data, or make seperate classes for the admin section Where can i get some information on making different types of users Just some best practices for a backend My application is written in PHP with an MySQL database.

Read the article
Windows 2008 unable to execute c# powershell app. Returning access exception.

- by scope-creep

Hi, Does anybody know why I can't access the folder where my powershell scripts are in windows 2008 Ent. When I try to create a script with textpad it craps out. When I try and execute a c# powershell app, which is stored on another win 2003 drive, it craps out with an access exception as well. I've set powershell execution policy to unrestricted for both normal users and admin users with 'run as admin' on powershell, but it doesn't seem to make a difference. There must be a policy setting, doesn't allow scripts access to a directory, but where, and how to set it. Any help would be appreciated. scope_creep

Read the article
Detecting if a browser's cache is full

- by abitgone

We've identified that full browser caches are the cause of a problem on our extranet. It only affects a small number of our users, but we'd like to alert them to the problem and give them some guidance on how to fix the problem for themselves. We'd like to use a similar system to the one which GMail uses. When it detects that your browser's cache is full, it shows a warning message telling users that their cache is full and that it may cause problems with GMail, along with a link to a Gmail Help page on clearing your browser's cache. Does anyone know if there any resources out there, or examples of how to use JavaScript to detect that the browser's cache is full? Thanks.

Read the article
Sanitizing CSS in Rails

- by Erik

Hello! I want to allow the users of a web app that I'm building to write their own CSS in order to customize their profile page. However I am aware of this opening up for many security risks, i e background: url('javascript:alert("Got your cookies! " + document.cookies'). Hence I am looking for a solution to sanitize the CSS while still allowing as much CSS functionality as possible for my users. So my questions if anyone anyone knows of a gem or a plugin to handles this? I've googled my brains out already so any tips would be really appreciated!

Read the article
Whats the best method for queuing time-sensitive messages with PHP/MySQL?

- by Mike Diena

I'm building an SMS call and response system in a new app that receives a message via an aggregator gateway, checks it for functional keywords (run, stop, ask, etc), then processes it appropriately (save to the database, return an answer, or execute a task based on the users authorization). It's running fine at the moment as there are only a few users, but I figure its going to have more issues as we scale it up. We're currently running it on a single DV machine (mediatemple base dv). My question is this: does it make more sense to set something up like Memcached to run a queue, or a simple database with a daemon running to process each message one by one? I don't have much experience with either, so any advice would be helpful. Since the messaging is somewhat time-sensitive, what would be the fastest and most reliable way to handle this? Also, since we're sending responses, I'll probably need to set up and outbound message queue as well. Would it make sense to use the same concept for both?

Read the article
Kentico - Using punctuation with AuthenticateUser

- by Big Friendly Giant

We are currently using version 7.0 of the kentico API to authenticate users into our system. The following code is used to gain user details from the database and authenticate users. UserInfo objUserInfo = AuthenticationHelper.AuthenticateUser(username.ToLower(), password.ToLower(), CMSContext.CurrentSiteName); This has primarily been working correctly, but we are having issues with usernames and passwords that contain any of the following characters. " ! @ ' / \ < * - Is there any settings that I need to be aware of (web.config or otherwise) that would stop the API from accessing an account where a username or password contained special characters?

Read the article
Hosting two sites within single Joomla cms

- by jose

Is it possible to host multiple websites that all have one single/common CMS (Joomla)? Thanks.

Read the article
PHP & MySQL form question.

- by peakUC

How do I allow all users to have there username field empty without having them to enter a username when they submit the form using PHP and MySQL? Here is part my PHP and MySQL code. $username = mysqli_real_escape_string($mysqli, $purifier->purify(htmlentities(strip_tags($_POST['username'])))); if(isset($_POST['username'])) { // Make sure the username address is available: $u = "SELECT * FROM users WHERE username = '$username' AND user_id <> '$user_id'"; $r = mysqli_query ($mysqli, $u) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($mysqli)); if (mysqli_num_rows($r) == TRUE) { // Unavailable. echo '<p class="error">Your username is unavailable!</p>'; $username = NULL; } else if(mysqli_num_rows($r) == 0) { // Available. $username = mysqli_real_escape_string($mysqli, $purifier->purify(htmlentities(strip_tags($_POST['username'])))); } }

Read the article
Is OpenGL required for my iPhone game?

- by Ben X Tan

On an iPhone: If I am writing a game that has multiple levels, with multiple animations (image sequences), jpg and png (transparent), some full screen and some not, some looped and some played once only. What is the best way of doing it? Each level might have up to 10MB of images. Add on to this music, and video (cut scenes). All 2D graphics, no 3D models. Is OpenGL required? Or can this be achieved with Quartz or Core Animation?

Read the article

< Previous Page | 576 577 578 579 580 581 582 583 584 585 586 587 | Next Page >