Search Results

Search found 23950 results on 958 pages for 'ie8 64 bit'.

Page 678/958 | < Previous Page | 674 675 676 677 678 679 680 681 682 683 684 685 | Next Page >

serving files using django - is this a security vulnerability

- by Tom Tom

I'm using the following code to serve uploaded files from a login secured view in a django app. Do you think that there is a security vulnerability in this code? I'm a bit concerned about that the user could place arbitrary strings in the url after the upload/ and this is directly mapped to the local filesystem. Actually I don't think that it is a vulnerability issue, since the access to the filesystem is restricted to the files in the folder defined with the UPLOAD_LOCATION setting. UPLOAD_LOCATION = is set to a not publicly available folder on the webserver url(r'^upload/(?P<file_url>[/,.,\s,_,\-,\w]+)', 'aeon_infrastructure.views.serve_upload_files', name='project_detail'), @login_required def serve_upload_files(request, file_url): import os.path import mimetypes mimetypes.init() try: file_path = settings.UPLOAD_LOCATION + '/' + file_url fsock = open(file_path,"r") file_name = os.path.basename(file_path) file_size = os.path.getsize(file_path) print "file size is: " + str(file_size) mime_type_guess = mimetypes.guess_type(file_name) if mime_type_guess is not None: response = HttpResponse(fsock, mimetype=mime_type_guess[0]) response['Content-Disposition'] = 'attachment; filename=' + file_name #response.write(file) except IOError: response = HttpResponseNotFound() return response

Read the article
Imagemagick command line in PHP

- by charly

Hello everyone, I've got the following two commands for imagemagick in the command line: convert in.png container-mask.png +matte -compose CopyOpacity -composite out.png composite container.png out.png -compose multiply final.png Those two commands include 3 files: in.png: the file that should be masked container-mask.png: the back/white mask of the areas of container.png where in.png should be visible container.png image that includes the container for in.png, the one that has been masked in black/white with container-mask.png Now the question is how to transpose this commands into PHP calls. I've played around quite a bit, but I can't make sense of the API at http://php.net/manual/en/book.imagick.php Thanks and Bests, Charly

Read the article
What does: throw 0 do/mean? Is it "bad"?

- by MartinP

Context I came across some code, like this: if( Some_Condition ) throw 0; I googled a bit, and found a few other code snippets using that odd looking throw 0 form. I presume one would catch this as: catch(const int& e) { } Or is this a NULL ptr? to be caught as void* ? Question What does this throw 0 do? Is it special in some way? My normal preference would be to throw something that is (or derived from) std::exception. So to me this looks "bad". Is it "bad" ?

Read the article
Where to put my xUnit tests for an F# assembly?

- by Benjol

I'm working on my first 'real' F# assembly, and trying to do things right. I've managed to get xUnit working too, but currently my test module is inside the same assembly. This bothers me a bit, because it means I'll be shipping an assembly where nearly half the code (and 80% of the API) is test methods. What is the 'right' way to do this? If I put the tests in another assembly, I think that means I have to expose internals that I'd rather keep private. I know that in C# there is a friend mechanism for tests (if that's the right terminology), is there an equivalent in F#? Alternatively, can anyone point me to an example project where this is being done 'properly'?

Read the article
jQuery Plugin Overwriting Parameters

- by Travis

Hey Everyone, This maybe a very mundane question, but this is the first jQuery plugin that I write and I'm a bit fuzzy on understanding the scope rules in Javascript. I'm trying to write an simple jQuery plugin that wraps around the Stack Overflow API. I'm starting off by trying to work with the Flair API. I wanted to make the plugin as configurable as possible so that you can easily pass it the domain and user id, and generate multiple Flairs. var superUser = $.jStackOverflow.flair({domain:"superuser.com", id: 30162, parentId:'#su-flair'}); var stackOverflow = $.jStackOverflow.flair({domain:"stackoverflow.com", id: 55954, parentId:'#so-flair'}); The problem is, when it makes the second call, its somehow using the correct domain and id parameters, but the parentId field that it's using in the callback function to create the html, is using the first parameter. You can see the plugin here and the html here

Read the article
count of distinct acyclic paths from A[a,b] to A[c,d]?

- by Sorush Rabiee

I'm writing a sokoban solver for fun and practice, it uses a simple algorithm (something like BFS with a bit of difference). now i want to estimate its running time ( O and omega). but need to know how to calculate count of acyclic paths from a vertex to another in a network. actually I want an expression that calculates count of valid paths, between two vertices of a m*n matrix of vertices. a valid path: visits each vertex 0 or one times. have no circuits for example this is a valid path: but this is not: What is needed is a method to find count of all acyclic paths between the two vertices a and b. comments on solving methods and tricks are welcomed.

Read the article
Problems with ASP.NET State Service version; state service is 1.1, website is 3.5

- by Mick Byrne

Hi there, I have a ASP.NET 3.5 website running on Windows Server 2003 and I'm using the ASP.NET State Service to manage sessions. It will appear to be working then I regularly get an error saying my code needs to have version 2.0 of the State Service running to work (I think that's what it said, I've temporarily switched back to storing sessions InProc). Refresh the page and the error goes away (for a bit, it's bound to come back). So I looked at the properties of the ASP.NET State Service in the Services interface and it's mapping to a .exe in the 1.1 framework folder: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe There's a corresponding version in the 2.0 framework folder, but I don't know how to add it as a new service. I'm also not sure that adding the 2.0 version (and stopping and/or removing the 1.1 version) will solve the problem. Thanks in advance for any help anyone can provide. Mick

Read the article
Checking that all libs and dlls are from the same build?

- by unknownthreat

I am developing a program in VS C++ 2008. Right now, I have a huge list of dll and lib dependencies and I am adding some more. I worry that when I need to update a dependency by building from source (where I have to manually replace built dlls and libs in the correct place), if I accidently forgot to replace something or vice versa, I may run into a compile and/or runtime problem. And finding which place goes wrong can be a bit difficult. So is there some sort of program or method out there that can suit this task to ease building a program with many updating dependencies?

Read the article
ORA-01722: invalid number

- by Lluis Martinez

I'm getting the infamous invalid number Oracle error. Hibernate is issuing an INSERT with a lot of columns, I want to know just the name of the column giving the problem. Is it possible? I hate Oracle messages, in 15 years they haven't improved a bit (the reason why is beyond my imagination). FYI the insert is this: insert into GEM_INVOICE_HEADER (ENDORSEE_ACCOUNT_ID, INVOICE_CODE, APPROVAL_ORGAN, APROVAL_DATE, APROVAL_REFERENCE, BALANCE_BASE_AMOUNT, BALANCE_DEDUCT_AMOUNT, BALANCE_TOTAL_AMOUNT, BALANCE_VAT_AMOUNT, BALANCE_VAT_DED_AMOUNT, BALANCE_VAT_NOT_DED_AMOUNT, DESCRIPTION, SUPPLIER_INVOICE_NUMBER, INVOICE_DATE, RECEIPT_DATE, MEMO, VAT_INTRACOM, INVOICE_BASE_AMOUNT, INVOICE_VAT_AMOUNT, INVOICE_VAT_DED_AMOUNT, INVOICE_VAT_NOT_DED_AMOUNT, INVOICE_DEDUCT_AMOUNT, INVOICE_TOTAL_AMOUNT, VAT_EXEMPT, RECTIFICATION_SIGN, REASON, LOT, FILE_ID, RETAINED, INSTITUTION_ID, PERIOD_CODE, IS_RECTIFIED, DEFAULT_OFFBUDGET_ACCOUNT, OFFBUDGET_DOC_ID, PHASE_OF_ACCOUNTING, ACCOUNTED_OFF_BUDGET, CANCEL_DOC_ID, BUDGET_TYPE, INVOICE_TYPE, SOURCE_ID, STATE_ID, MANAGER_UNIT_ID, DOCUMENT_TYPE_CODE, ACCOUNTED_DOC_ID, ACCOUNTING_LIST, ENDORSEE_ID, PAYMASTER_ID, SUPPLIER_ID, SUPPLIER_ACCOUNT_ID, PAY_JUSTIFY_ID, PETTY_CASH_ID, DBOID) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)

Read the article
What javascript min tool does jquery use?

- by JDS

I have a great deal of javascript that needs to be min'd before being served to the end user. Currently, I'm using JSMIN, but I'd like to switch to something a bit more powerful (such as something with local variable replacement). I'm currently looking at YUI min developed by yahoo, and it got me thinking about the min tool that jquery uses. Does anyone know what it is and if it's publicly available? Also, any recommendations on other min tools that might be better suited than YUI min? If possible, I'd like a java solution so I can just plug the library into what I've already created for the JSMIN solution. Thanks

Read the article
Navigating cursor rows in SQLite

- by Alan Harris-Reid

Hi there, I am trying to understand how the following builtin functions work when sequentially processing cursor rows. The descriptions come from the Python 3.1 manual (using SQLite3) Cursor.fetchone() Fetches the next row of a query result set, returning a single sequence. Cursor.fetchmany() Fetches the next set of rows of a query result, returning a list. Cursor.fetchall() Fetches all (remaining) rows of a query result, returning a list. So if I have a loop in which I am processing one row at a time using cursor.fetchone(), and some later code requires that I return to the first row, or fetch all rows using fetchall(), how do I do it? The concept is a bit strange to me, especially coming from a Foxpro background which has the concept of a record pointer which can be moved to the 1st or last row in a cursor (go top/bottom), or go to the nth row (go n) Any help would be appreciated. Alan

Read the article
Opinions Required: Custom HTML Markup from PHP with or without tag prefix.

- by buggedcom

I've created a class in PHP that allows you to create custom HTML markup. It basically works a bit like FB Markup or EE tags. It works off a tag prefix, so you can add tags like this. <ctag:pagination per_page="20" total="500" page="0" base="http://localhost/page?page={page}" mode="smart" adjecents="5" /> My question is: Is the markup above better than the markup below? I'm asking as I'm considering branching my code to rework the tag matching so you can just generate custom html elements. It would well for a drop in HTML5 replacement service. Match the User Agent for a none HTML5 browser and replace the HTML5 elements with your own replacements. <pagination per_page="20" total="500" page="0" base="http://localhost/page?page={page}" mode="smart" adjecents="5" /> PS, if anybody wants to look at the class I've put a download here.

Read the article
Ajax data two-way data binding strategies?

- by morgancodes

I'd like to 1) Draw create form fields and populate them with data from javascript objects 2) Update those backing objects whenever the value of the form field changes Number 1 is easy. I have a few js template systems I've been using that work quite nicely. Number 2 may require a bit of thought. A quick google search on "ajax data binding" turned up a few systems which seem basically one-way. They're designed to update a UI based on backing js objects, but don't seem to address the question of how to update those backing objects when changes are made to the UI. Can anyone recommend any libraries which will do this for me? It's something I can write myself without too much trouble, but if this question has already been thought through, I'd rather not duplicate the work.

Read the article
Mysql stored procedures

- by Richard M

Hello, I have a unique issue that I need advice on. I've been writing asp.net apps with SQL Server back ends for the past 10 years. During that time, I have also written some PHP apps, but not many. I'm going to be porting some of my asp.net apps to PHP and have run into a bit of an issue. In the Asp.net world, it's generally understood that when accessing any databases, using views or stored procedures is the preferred way of doing so. I've been reading some PHP/MySQL books and I'm beginning to get the impression that utilizing stored procedures in mysql is not advisable. I hesitate in using that word, advisable, but that's just the felling I get. So, the advice I'm looking for is basically, am I right or wrong? Do PHP developers use stored procedures at all? Or, is it something that is shunned? Thanks in advance.

Read the article
How to detect generation loss of a transcoded audio.

- by The Rook

Lets say you have a 96 kbit mp3 and you Transcode the file into a 320 kbit mp3. How could you programmatically detect the original bit rate or quality? Generation loss is created because each time a lossy algorithm is applied new information will be deemed "unnecessary" and is discarded. How could an algorithm use this property to detect the transcoding of audio. 128 kbps LAME mp3 transcoded to 320 kbps LAME mp3 (I Feel You, Depeche Mode) 10.8 MB. This image was taken from the bottom of this site. The 2 tracks above look nearly identical, but the difference is enough to support this argument.

Read the article
How to redirect every uri calls to one controller, except some static ones?

- by Oden

Hey, Im using codeigniter and want to make my portal a bit more seo friendly. I have a controller (articles) witch handles every article, on my portal. The URL looks like this: example.com/articles/category-sub-category/article-name I'm using mod rewrite module to hide my index.php, and codeigniter routing to hide the controller action that handles every call. I want to hide articles too, but if i hide it, every call goes to the articles controller, and thats not what i want, because i want my url look like this: example.com/category-sub-category/article-name Ive tried it with regexp routing rules in the routes.php but i found no way to make it right.

Read the article
How to register a function in a driver code as its ISR

- by CVS-2600Hertz-wordpress-com

Following the feedback i got from: http://stackoverflow.com/questions/2683682/new-to-linux-kernel-driver-development/2683819 I have written a driver (.c file) by comparing it with an existing driver and "borrowing" heavily from its code. The driver is registered fine and init() and probe() are working fine. I am also able to access the peripheral device registers. :-) However i am a bit hazy about the IRQ/ISR. The peripheral-device is a input device and raises an interrupt on a GPIO pin. How do i move ahead from my current state ( init(), probe(), etc. ) to be able to handle the IRQ and execute my ISR function?? Many-Thanks in Advance

Read the article
Ruby and Forking

- by Cory

Quick question about Ruby forking - I ran across a bit of forking code in Resque earlier that was sexy as hell but tripped me up for a few. I'm hoping for someone to give me a little more detail about what's going on here. Specifically - it would appear that forking spawns a child (expected) and kicks it straight into the 'else' side of my condition (less expected. Is that expected behavior? A Ruby idiom? My IRB hack here: def fork return true if @cant_fork begin if Kernel.respond_to?(:fork) Kernel.fork else raise NotImplementedError end rescue NotImplementedError @cant_fork = true nil end end def do_something puts "Starting do_something" if foo = fork puts "we are forking from #{Process.pid}" Process.wait else puts "no need to fork, let's get to work: #{Process.pid} under #{Process.ppid}" puts "doing it" end end do_something

Read the article
Porting Django's templates engine to C

- by sandra

Hi folks, I recently wrote a simple and tiny embedded HTTP server for my C++ app (QT) and I played a little bit with Ry's http-parser and loved it. This guy is crazy. So I told to myself: "Hey! Why not port the django template engine to C?" That'd be awesome! I know, it won't be an easy task (not at all, I know) but I'd really love to implement this. So I came here for inspiration, ideas, opinions... I'd really love to have some pointers on the subject, ideas, what is already done, which major problems I'll encounter (and how to solve them) - How not to reinvent the wheel... anyway, you got the idea :) Thanks a million times! P.S. Simple code snippets, and links to tools and libs are very welcome! P.P.S. I'm already aware of grantlee, I took a look into its sources. Well... that's C++ and its specific to Qt.

Read the article
How do I make a request using HTTP basic authentication with PHP curl?

- by Bedwyr Humphreys

I'm building a REST web service client in PHP and at the moment I'm using curl to make requests to the service. How do I use curl to make authenticated (http basic) requests? Do I have to add the headers myself? If so I've got some other questions - Is there a REST library for php? or is there a wrapper for curl that makes it a bit more rest friendly? or am I going to have to continue to roll my own? Thanks.

Read the article
How to handle multiple delegates

- by mac_55

I've got a view in my app that does pretty much everything, and I like it that way. The problem however is that it's implementing 5 or 6 different delegates, which seems a little bit messy. My question is, does the view controller have to implement all of the delegates? or is there some way I can separate the code out into different files (without having to do a major restructure or rewrite)? Here's all the delegates I'm implementing: @interface MyView : UIViewController <UIScrollViewDelegate, UIImagePickerControllerDelegate, UINavigationControllerDelegate, UIActionSheetDelegate, MFMailComposeViewControllerDelegate>

Read the article
Emacs & PHP indenting question

- by Danny

Hi all, I'm a bit new to using emacs for webdevelopment. I am using php-mode and i am happy with it. There is only one issue i have which causes me a lot of problems because of our company's coding style. When i have a function, e.g.: $instance = new Model('foo', 'bar'); And I want to indent it like this: $instance = new Model( 'foo', 'bar' ); Emacs does the following when i insert a newline before the first argument and indents it like this: $instance = new Model( 'foo', 'bar' ); Can anyone point me in a direction on how i can configure/change this? Thanks in advance

Read the article
Nullables? Detecting them

- by Aren B

Ok, im still a bit new to using nullable types. I'm writing a reflecting object walker for a project of mine, im getting to the point where im setting the value of a reflected property with the value i've retrieved from a reflected property. The value i've retrieved is still in object form, and it dawned on me, since i want my object walker to return null when it can't find something, (I thought about throwing an exception, but i want this to soft-fail when something's wrong). Anyway, some of the values im setting/getting are decimal bool etc... so it dawned on me that i should just NOT set a non-nullable value, but I realized I straight up don't know how to tell decimal from decimal? Is it enough to key on if the Type of the property im setting is inherited from ValueType?

Read the article
12c - Utl_Call_Stack...

- by noreply(at)blogger.com (Thomas Kyte)

Over the next couple of months, I'll be writing about some cool new little features of Oracle Database 12c - things that might not make the front page of Oracle.com. I'm going to start with a new package - UTL_CALL_STACK.In the past, developers have had access to three functions to try to figure out "where the heck am I in my code", they were:dbms_utility.format_call_stackdbms_utility.format_error_backtracedbms_utility.format_error_stackNow these routines, while useful, were of somewhat limited use. Let's look at the format_call_stack routine for a reason why. Here is a procedure that will just print out the current call stack for us:ops$tkyte%ORA12CR1> create or replace 2 procedure Print_Call_Stack 3 is 4 begin 5 DBMS_Output.Put_Line(DBMS_Utility.Format_Call_Stack()); 6 end; 7 /Procedure created.Now, if we have a package - with nested functions and even duplicated function names:ops$tkyte%ORA12CR1> create or replace 2 package body Pkg is 3 procedure p 4 is 5 procedure q 6 is 7 procedure r 8 is 9 procedure p is 10 begin 11 Print_Call_Stack(); 12 raise program_error; 13 end p; 14 begin 15 p(); 16 end r; 17 begin 18 r(); 19 end q; 20 begin 21 q(); 22 end p; 23 end Pkg; 24 /Package body created.When we execute the procedure PKG.P - we'll see as a result:ops$tkyte%ORA12CR1> exec pkg.p----- PL/SQL Call Stack ----- object line object handle number name0x6e891528 4 procedure OPS$TKYTE.PRINT_CALL_STACK0x6ec4a7c0 10 package body OPS$TKYTE.PKG0x6ec4a7c0 14 package body OPS$TKYTE.PKG0x6ec4a7c0 17 package body OPS$TKYTE.PKG0x6ec4a7c0 20 package body OPS$TKYTE.PKG0x76439070 1 anonymous blockBEGIN pkg.p; END;*ERROR at line 1:ORA-06501: PL/SQL: program errorORA-06512: at "OPS$TKYTE.PKG", line 11ORA-06512: at "OPS$TKYTE.PKG", line 14ORA-06512: at "OPS$TKYTE.PKG", line 17ORA-06512: at "OPS$TKYTE.PKG", line 20ORA-06512: at line 1The bit in red above is the output from format_call_stack whereas the bit in black is the error message returned to the client application (it would also be available to you via the format_error_backtrace API call). As you can see - it contains useful information but to use it you would need to parse it - and that can be trickier than it seems. The format of those strings is not set in stone, they have changed over the years (I wrote the "who_am_i", "who_called_me" functions, I did that by parsing these strings - trust me, they change over time!).Starting in 12c - we'll have structured access to the call stack and a series of API calls to interrogate this structure. I'm going to rewrite the print_call_stack function as follows:ops$tkyte%ORA12CR1> create or replace 2 procedure Print_Call_Stack 3 as 4 Depth pls_integer := UTL_Call_Stack.Dynamic_Depth(); 5 6 procedure headers 7 is 8 begin 9 dbms_output.put_line( 'Lexical Depth Line Name' ); 10 dbms_output.put_line( 'Depth Number ' ); 11 dbms_output.put_line( '------- ----- ---- ----' ); 12 end headers; 13 procedure print 14 is 15 begin 16 headers; 17 for j in reverse 1..Depth loop 18 DBMS_Output.Put_Line( 19 rpad( utl_call_stack.lexical_depth(j), 10 ) || 20 rpad( j, 7) || 21 rpad( To_Char(UTL_Call_Stack.Unit_Line(j), '99'), 9 ) || 22 UTL_Call_Stack.Concatenate_Subprogram 23 (UTL_Call_Stack.Subprogram(j))); 24 end loop; 25 end; 26 begin 27 print; 28 end; 29 /Here we are able to figure out what 'depth' we are in the code (utl_call_stack.dynamic_depth) and then walk up the stack using a loop. We will print out the lexical_depth, along with the line number within the unit we were executing plus - the unit name. And not just any unit name, but the fully qualified, all of the way down to the subprogram name within a package. Not only that - but down to the subprogram name within a subprogram name within a subprogram name. For example - running the PKG.P procedure again results in:ops$tkyte%ORA12CR1> exec pkg.pLexical Depth Line NameDepth Number------- ----- ---- ----1 6 20 PKG.P2 5 17 PKG.P.Q3 4 14 PKG.P.Q.R4 3 10 PKG.P.Q.R.P0 2 26 PRINT_CALL_STACK1 1 17 PRINT_CALL_STACK.PRINTBEGIN pkg.p; END;*ERROR at line 1:ORA-06501: PL/SQL: program errorORA-06512: at "OPS$TKYTE.PKG", line 11ORA-06512: at "OPS$TKYTE.PKG", line 14ORA-06512: at "OPS$TKYTE.PKG", line 17ORA-06512: at "OPS$TKYTE.PKG", line 20ORA-06512: at line 1This time - we get much more than just a line number and a package name as we did previously with format_call_stack. We not only got the line number and package (unit) name - we got the names of the subprograms - we can see that P called Q called R called P as nested subprograms. Also note that we can see a 'truer' calling level with the lexical depth, we can see we "stepped" out of the package to call print_call_stack and that in turn called another nested subprogram.This new package will be a nice addition to everyone's error logging packages. Of course there are other functions in there to get owner names, the edition in effect when the code was executed and more. See UTL_CALL_STACK for all of the details.

Read the article
JavaScript Metaprogramming: Reduce boilerplate of adding functions to a function queue

- by thurn

I'm working with animation in JavaScript, and I have a bunch of functions you can call to add things to the animation queue. Basically, all of these functions look like this: function foo(arg1, arg2) { _eventQueue.push(function() { // actual logic } } I'm wondering now if it would be possible to cut down on this boilerplate a little bit, though, so I don't need that extra "_eventQueue" line in the function body dozens of times. Would it be possible, for example, to make a helper function which takes an arbitrary function as an argument and returns a new function which is augmented to be automatically added to the event queue? The only problem is that I need to find a way to maintain access to the function's original arguments in this process, which is... complicated.

Read the article

< Previous Page | 674 675 676 677 678 679 680 681 682 683 684 685 | Next Page >