Search Results

Search found 41147 results on 1646 pages for 'database security'.

Page 684/1646 | < Previous Page | 680 681 682 683 684 685 686 687 688 689 690 691 | Next Page >

Baffled by PHP escaping of double-quotes in HTML forms

- by rjray

I have a simple PHP script I use to front-end an SQLite database. It's nothing fancy or complex. But I have noticed from looking at the records in the database that anything I enter in a form-field with double-quotes comes across in the form-processing as though I'd escaped the quotes with a backslash. So when I entered a record with the title: British Light Utility Car 10HP "Tilly" what shows up in the database is: British Light Utility Car 10HP \"Tilly\" I don't know where these are coming from, and what's worse, even using the following preg_replace doesn't seem to remove them: $name = preg_replace('/\\"/', '"', $_REQUEST['kits_name']); If I dump out $name, it still bears the unwanted \ characters.

Read the article
How is an SOA architecture really supposed to be implemented?

- by smaye81

My project is converting a legacy fat-client desktop application into the web. The database is not changing as a result. Consequently, we are being forced to call external web services to access data in our own database. Couple this with the fact that some parts of our application are allowed to access the database directly through DAOs (a practice that is much faster and easier). The functionality we're supposed to call web services for are what has been deemed necessary for downstream, dependent systems. Is this really how SOA is supposed to work? Admittedly, this is my first foray into the SOA world, but I have to think this is the complete wrong way to go about this.

Read the article
Can phper give me some code snippet to consume the .net wcf service

- by Vincent

Hi, I can successfully make a call to wcf from php without WCF message security enabled. I search the whole forum and cannot find any clue. I'd like to know how can I pass the credential ? My WCF service use the basichttpbinding on SSL with Message security enabled. Here is my code snippet to call my wcf from .NET ServiceReference1.TestClient sc = new TestClient(); sc.ClientCredentials.UserName.UserName = "[email protected]"; sc.ClientCredentials.UserName.Password = "ABC123"; Console.WriteLine(sc.GetProfiledSchemas(412));

Read the article
ASP.Net mysterious behaviour

- by kalan

Does anyone have any idea why this works (expression in the if-clause) if (!(childNode.Roles != null && !Helper.HasEqualElements((string[])childNode.Roles, System.Web.Security.Roles.GetRolesForUser()))) AddNode(childNode, parentNode); And this doesn't if (childNode.Roles == null || Helper.HasEqualElements((string[])childNode.Roles, System.Web.Security.Roles.GetRolesForUser())) AddNode(childNode, parentNode); The problem is that the second if-clause sometimes doesn't work. Though it always works in debug mode, but it sometimes fails while running. And the strange thing is that these two pieces of code seems absolutely equal for me.

Read the article
Connection to .mdb file fails on windows 2008 core - 32bit

- by amritad

Hi, I have an application where I am doing connection with .mdb file. Here are the steps we are following : Creating object for database utils inteface Calling the connect() function, to get connected to the database whose extension is .mdb file Above flow is working correct on all windows platform but not on windows server 2008 CORE 32-bit. I also checked whether the ODBC drivers are installed or not, by opening regedit. I found that all drivers specially Microsoft access driver (*.mdb) is installed. ANd I think it is by default get installed while installing OS. Is anyone aware of any thing about ODBC drivers and connectivity to the database (like .mdb) on windows 2008 CORE ( which runs only on command line and no interface)

Read the article
Using Linq to SQL change events with attribute-based mapping

- by R Mene

I'm writing a new ASP.NET MVC2 application using Linq to SQL. This application depends on an existing SQL database. I am using attribute-based mapping to map my database fields to my Linq to SQL entities. I also need to make use of Linq to SQL's On[Property]Changed methods so I can perform change-auditing of database tables within my application. Whereas the documentation explains how to do this when using Linq to SQL's ORM and dbml files (i.e. by writing partial classes), it is not clear how to do with when using attribute-based mapping or when using XML-based mapping. It would be very helpful if someone could describe how to do this.

Read the article
Is Classic ADO still viable for a mixed managed/unmanaged App?

- by Andy Dent

We have a complex architecture with much logic in unmanaged code that needs database access. Currently this is via ODBC drivers and MFC classes and we're considering the issues of migrating our abstraction layer to use ADO or ADO.Net. In the latter case we'd have to be pushing database logic back up into the .Net layer. I'm trying to decide if the pain of invoking the database via .Net callbacks is offset by the improvements in ADO.Net. The Wikipedia comparison was interesting although I'm not sure I believe all the points in the comparison table (eg: does ADO.Net always use XML to pass data?). A 2005 comparison shows ADO.Net performing dramatically faster. Microsoft's guide to ADO.Net for ADO programmers suggests we will gain much from going to ADO.Net especially the way that data is available in native (.Net) types rather than solely through OLEAutomation's Variant.

Read the article
Real pagination vs Next and Previous buttons

- by Pablo

By real pagination i mean something like this when in page 3: <<Previous 1 | 2 | {3} | 4 | 5 |...| 15 | Next>> By Next and Previous buttons i mean something like this when in page 3: <<previous Next>> Performance wise im sure the Previous and Next Buttons are better since unlike the real pagination it doesn't require over-querying the database. By over-querying the database i mean getting more information from the database than what you will need to display on the page. My theory is that the Previous and Next Buttons can drastically increase a site performance as it only requires the exact information you will need to display on a page, please correct me if im wrong on this. so, do users really have preference when it comes to this two options? is it just a Developer preference and its convenience? Which one do you prefer? why? *Note: Previous and Next Buttons are usually labeled Newer and older.

Read the article
MySQLi insert into prepare error

- by JPM

Hi I inserted a lot of stuff into a mysql databse. But now I get an error in the prepare statement. I see Database prepare error. What am I doing wrong? This is my Code: $sql = "INSERT INTO Contact (IP,To,Name,Email,Subject,Text) VALUES ( ?, ?, ?, ?, ?, ? ) "; if (!$stmt = $db->prepare($sql)) { echo 'Database prepare error'; exit; } $stmt->bind_param('ssssss', $ip_contact, $to_contact, $name_contact, $email_contact, $subject_contact, $text_contact); if (!$stmt->execute()) { echo 'Database execute error'; exit; } $stmt->close(); My SQL table looks like this: Contact: - ID int(11) auto_increment primary key - IP varchar(15) - To varchar(5) - Name varchar(20) - Email varchar(20) - Subject varchar(20) - Text varchar(600)

Read the article
Processing variable number of form fields

- by a_m0d

I am working on a form which displays information about orders. Each order has a unique id, but they are not necessarily sequential on the form. Also, the number of fields can vary (one field per row on the form). The input into the form will not be mapped straight into the database, but will be added to the current value in the database, and then saved. An example of the form is in the picture below - the callout on the right shows the id for each row. I know how to generate the form like this, but I can't work out how I can easily process each of these rows reliably. I also know how to give each of the fields a unique identifier, like name="row-23", but how can I translate that name so that I can update the related record in the database?

Read the article
Creating a session user login php

- by user2419393

I'm stuck on how to create a session for a user who logs in. I got the part of checking to make sure the log in information corresponds with the database information, but is stuck on how to take the email address and store into a session. Here is my php code below. <?php include '../View/header.php'; session_start(); require('../model/database.php'); $email = $_POST['username']; $password = $_POST['password']; $sql = "SELECT emailAddress FROM customers WHERE emailAddress ='$email' AND password = '$password'"; $result = mysql_query($sql, $db); if (!$result) { echo "DB Error, could not query the database\n"; echo 'MySQL Error: ' . mysql_error(); exit; } while ($row = mysql_fetch_assoc($result)) { echo $row['emailAddress']; } mysql_free_result($result); ?>

Read the article
Where to put a recursive function when following MVC?

- by Glibly

Hello, I have a recursive function being used to generate a menu on my site. The function is calling a database for each level of children in the menu, and generating html for them. I've currently put this function in a Model part of the code, however, I feel that generating html in the model goes against the MVC. I didn't put it in a Controller because I didn't want to have database calls or HTML generation there. I didn't put it in a View because I didn't want database calls there either. Is the 'correct' way of tackling this problem to have a Controller call a recursive function in a Model that returns a 2d array representing the menu. Then pass the array to a view which has it's own recursive function for generating html from the array?

Read the article
Scraping html WITHOUT uniquie identifiers using python

- by Nicholas Law

I would like to design an algorithm using python that scrapes thousands of pages like this one and this one, gathers all the data and inserts it into a MySQL database. The script will be run on a weekly or bi-weekly basis to update the database of any new information added to each individual page. Ideally I would like a scraper that is easy to work with for table structured data but also data that does not have unique identifiers (ie. id and classes attributes). Which scraper add-on should I use? BeautifulSoup, Scrapy or Mechanize? Are there any particular tutorials/books I should be looking at for this desired result? In the long-run I will be implementing a mobile app that works with all this data through querying the database.

Read the article
Why I cannot create DB in MySQL throw PHP?

- by Roman

I have this code: $link = mysql_connect("localhost", "ctman", "blablabla"); if ( ! $link ) die ("I cannot connect to MySQL.<br>\n"); else print "Connection is established.<br>\n"; // Create the "ct" database. mysql_query("create database ct", $link) or die("I cannot create the DB: ".mysql_error()."<br>\n"); And I get this error message: I cannot create the DB: Access denied for user 'ctmanager'@'%' to database 'ct' Does anybody have any idea why I cannot create a DB and why I have '@%' symbols in the error message?

Read the article
Buffering db inserts in multithreaded program

- by Winter

I have a system which breaks a large taks into small tasks using about 30 threads as a time. As each individual thread finishes it persists its calculated results to the database. What I want to achieve is to have each thread pass its results to a new persisance class that will perform a type of double buffering and data persistance while running in its own thread. For example, after 100 threads have moved their data to the buffer the persistance class then the persistance class swaps the buffers and persists all 100 entries to the database. This would allow utilization of prepared statements and thus cut way down on the I/O between the program and the database. Is there a pattern or good example of this type of multithreading double buffering?

Read the article
converting from int to hex

- by Catherine

I want to convert some ints to hex,but i'm getting something like this : "?|???plL4?h??N{" from 12345. Why? int t = 12345; System.Security.Cryptography.MD5CryptoServiceProvider ano = new System.Security.Cryptography.MD5CryptoServiceProvider(); byte[] d_ano = System.Text.Encoding.ASCII.GetBytes(t.ToString()); byte[] d_d_ano = ano.ComputeHash(d_ano); string st_data1 = System.Text.Encoding.ASCII.GetString(d_d_ano); string st_data = st_data1.ToString(); I'm using it in window form,not in console.

Read the article
How to deploy and secure an ASP.NET web app to be available to internal and outside users?

- by Swoop

My company has several web applications written in ASP.NET. We need to make these applications available to Intranet users as well as authenticated external users. Most of the features are the same for the two groups, though there are some extra features available to the Internal users. The two different sets of users would use a slightly different security setup... our internal people will be authenticated using LDAP against Exchange, whereas the external users will have accounts in SQL Server. What is the best approach for deploying our web apps? Should we deploy 2 copies to different servers, one configured for an Intranet and one for outside users? Or is there a better way to share the code between the 2 servers, yet have the flexibility to use different web.config settings for security??

Read the article
What is a good way of coding a file processing program, which accepts multisource data in Java

- by jjepsuomi

I'm making a data prosessing system, which currently is using csv-data as input and output form. In the future I might want to add support for example database-, xml-, etc. typed input and output forms. How should I desing my program so that it would be easy to add support for new type of data sources? Should simply make for example an abstract data class (which would contain the basic file prosessing methods) and then inherit this class for database, xml, etc. cases? Hope my question is clear =) In other words my question is: "How to desing a file prosessing system, which can be easily updated to accept input data from different sources (database, XML, Excel, etc.)".

Read the article
SQL Server Mapping a user to a login and adding roles programmatically

- by user163457

In my SQL Server 2005 server I create databases and logins using Management Studio. My application requires that I give a newly created user read and write permissions to another database. To do this I right-click the newly created login, select properties and go to User Mapping. I put a check beside the database to map this login to the db and select db_datareader and db_datawriter as the roles to map. Can this be done programmatically? I've read about using Alter User and sp_change_users_login but I'm having problems getting these to work, since sp_change_users_login has been deprecated so I'd prefer to use Alter User. Please note my understanding of SQL Server database users/logins/roles is basic

Read the article
Should I use WPF or Windows Forms Application for my project in C#?

- by RAJ K

I am developing a Client-Server based application in which client application will access server database to store billing information. It will also have report generation facility. Windows Forms is good in document printing & I don't see such facility or controls in WPF. If I am wrong then please correct me. I want database security, which DB should I use, SQL Server, MySQL or Oracle. I would like to use free DB but security is my priority. Please suggest how I can implement a Client-Server architecture with multiple clients in C#? Thank you Geeks!!!

Read the article
issues regarding UAC prompt

- by peter

I want to implement a UAC prompt for an application in visualc++ the operating system is 32bit x7460(2processor) Windowsserver 2008 the exe is myproject.exe through manifest.. Here for testing i wl build the application in Windows XP OS and copy the exe in to system containg the Windowsserver 2008 machine and replace it So what i did is i added a manifest like this name of that is myproject.exe.manifest My project has 3 folders like Headerfile,Resourcefile and Source file.I added this manifest(myproject.exe.manifest) in the Sourcefile folder containing other cpp and c code <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <assemblyIdentity version="4.0" processorArchitecture="X7460" name="myproject" type="win32"/> <description>myproject Problem</description>  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges> <requestedExecutionLevel level="requireAdministrator" uiAccess="false"/> </requestedPrivileges> </security> </trustInfo> </assembly> then i added this line of code in Resourcefile(.rc).Means one header file is there(Myproject.h).I added the line of code there #define MANIFEST_RESOURCE_ID 1 MANIFEST_RESOURCE_ID RT_MANIFEST "myproject.exe.manifest" Finally i did the following step Under Project, select Properties. 3. In Properties, select Manifest Tool, and then select Input and Output. 4. Add in the name of your application manifest file under Additional manifest files. 5. Rebuild your application. But i am getting lot of Syntax errors Is there any problems in the way which i followed.If i commented the line #define MANIFEST_RESOURCE_ID 1 MANIFEST_RESOURCE_ID RT_MANIFEST "myproject.exe.manifest" which added in Myproject.h for adding values in .rc file there willnot any error other than this general error c1010070: Failed to load and parse the manifest. The system cannot find the file specified. .\myproject.exe.manifest How to enable UAC prompt through programming

Read the article
How do detect that transaction has already been started?

- by xelurg

I am using Zend_Db to insert some data inside a transaction. My function starts a transaction and then calls another method that also attempts to start a transaction and of course fails(I am using MySQL5). So, the question is - how do I detect that transaction has already been started? Here is a sample bit of code: try { Zend_Registry::get('database')->beginTransaction(); $totals = self::calculateTotals($Cart); $PaymentInstrument = new PaymentInstrument; $PaymentInstrument->create(); $PaymentInstrument->validate(); $PaymentInstrument->save(); Zend_Registry::get('database')->commit(); return true; } catch(Zend_Exception $e) { Bootstrap::$Log->err($e->getMessage()); Zend_Registry::get('database')->rollBack(); return false; } Inside PaymentInstrument::create there is another beginTransaction statement that produces the exception that says that transaction has already been started.

Read the article
Is there a better way to do SELECT queries in MySQL and sort them in PHP than this way?

- by Kent

I am just learning PHP/MySQL, one this I am having to do a lot is displaying data that was previously inserted into the database out to the user's browser. So I am doing this: $select = mysql_query('SELECT * FROM pages'); while ($return = mysql_fetch_assoc($select)) { $title = $return['title']; $author = $return['author']; $content = $return['content']; } then I can use these variables through out the page. Now, doing it the above way isn't an issue when I only have 3 columns in a database but what if I am dealing with a huge database with many more columns. I have a nagging feeling that the pros do it in some more efficient way where they maybe loop through the table they are selecting from to find all columns it has and associate them with variables automatically. Is that the case? or is the above how you guys do it too?

Read the article
Do you leave Windows Automatic Updates enabled on your production IIS server?

- by Nobody

If you were running a 24/7 website on Windows Server 2003 (IIS6). Would you leave the Windows automatic update feature enabled or would you turn it off? When enabled, you always get the latest security patches and bug fixes automatically as soon as they're available, which is the most secure choice. However, the machine will sometimes get automatically rebooted to apply the updates leading to a couple of minutes of downtime in the middle of the night. Also, I've seen rare occasions where the machine does not restart correctly resulting in further downtime. If auto updates are off, when do you apply the patches? I guess you have to use a load balancer with multiple web servers and rotate them out of the production site, apply patches manually, and put them back in. This can be logistically inconvenient when the load balancer is managed by a hosting company. You will also have machines in production that don't always have the latest security patches and you have to routinely spend time deciding which patches to apply and when.

Read the article
ASP, My SQL & case sensitity suddenly broken

- by user131812

Hi There, We have an old ASPsite that has been working fine for years with a MY SQL database. All of a sudden last week lots fo SQL queries stopped working. The database has a table called 'members' but the code calls 'Members'. It appears the queries used to work regardless of case sensitivity on the table names, but something has changed recently somewhere to enforce case. This has me stumped as the site has not been touched in years, the server config hasn't changed & the database provide has not changed anything. Is there any simple way to ignore case for an ASP site (without editing lots fo files :) Thanks Ben

Read the article

< Previous Page | 680 681 682 683 684 685 686 687 688 689 690 691 | Next Page >