Search Results

Search found 20283 results on 812 pages for 'security context'.

Page 704/812 | < Previous Page | 700 701 702 703 704 705 706 707 708 709 710 711  | Next Page >

• Why would ASP.NET MVC use session state?

  - by ray247

  Recommended by the ASP.NET team to use cache instead of session, we stopped using session from working with the WebForm model the last few years. So we normally have the session turned off in the web.config <sessionState mode="Off" /> But, now when I'm testing out a ASP.NET MVC application with this setting it throw an error in class SessionStateTempDataProvider inside the mvc framework, it asked me to turn on session state, I did and it worked. Looking at the source it uses session Dictionary<string, object> tempDataDictionary = httpContext.Session[TempDataSessionStateKey] as Dictionary<string, object>; // line 20 in SessionStateTempDataProvider.cs So, why would they use session here? What am I missing? Thanks, Ray. ======================================================== Edit Sorry didn't mean for this post to debate on session vs. cache, but rather in the context of the ASP.NET MVC, I was just wondering why session is used here. In this Scott Watermasysk blog post he mentioned on turning off session too as a good practice, so I'm just wondering do I have to turn it on to use MVC from here on?

  Read the article

• sql statement supposed to have 2 distinct rows, but only 1 is returned

  - by jello

  I have an sql statement that is supposed to return 2 rows. the first with psychological_id = 1, and the second, psychological_id = 2. here is the sql statement select * from psychological where patient_id = 12 and symptom = 'delire'; But with this code, with which I populate an array list with what is supposed to be 2 different rows, two rows exist, but with the same values: the second row. OneSymptomClass oneSymp = new OneSymptomClass(); ArrayList oneSympAll = new ArrayList(); string connStrArrayList = "Data Source=.\\SQLEXPRESS;AttachDbFilename=|DataDirectory|\\PatientMonitoringDatabase.mdf; " + "Initial Catalog=PatientMonitoringDatabase; " + "Integrated Security=True"; string queryStrArrayList = "select * from psychological where patient_id = " + patientID.patient_id + " and symptom = '" + SymptomComboBoxes[tag].SelectedItem + "';"; using (var conn = new SqlConnection(connStrArrayList)) using (var cmd = new SqlCommand(queryStrArrayList, conn)) { conn.Open(); using (SqlDataReader rdr = cmd.ExecuteReader()) { while (rdr.Read()) { oneSymp.psychological_id = Convert.ToInt32(rdr["psychological_id"]); oneSymp.patient_history_date_psy = (DateTime)rdr["patient_history_date_psy"]; oneSymp.strength = Convert.ToInt32(rdr["strength"]); oneSymp.psy_start_date = (DateTime)rdr["psy_start_date"]; oneSymp.psy_end_date = (DateTime)rdr["psy_end_date"]; oneSympAll.Add(oneSymp); } } conn.Close(); } OneSymptomClass testSymp = oneSympAll[0] as OneSymptomClass; MessageBox.Show(testSymp.psychological_id.ToString()); the message box outputs "2", while it's supposed to output "1". anyone got an idea what's going on?

  Read the article

• java 6 web services share domain specific classes between server and client

  - by user173446

  Hi all, Context: Considering below defined Engine class being parameter of some webservice method. As we have both server and client in java we may have some benefits (???) in sharing Engine class between server and client ( i.e we may put in a common jar file to be added to both client and server classpath ) Some benefits would be : we keep specific operations like 'brushEngine' in same place build is faster as we do not need in our case to generate java code for client classes but to use them from the server build) if we later change server implementation for 'brushEngine' this is reflected automatically in client . Questions: How to share below detailed Engine class using java 6 tools ( i.e wsimport , wsgen etc )? Is there other tools for java that can achieve this sharing ? Is sharing a case that java 6 web services support is missing ? Can this case be reduced to other web service usage patterns? Thanks. Code: public class Engine { private String engineData; public String getData(){ return data; } public setData(String value){ this.data = value; } public void brushEngine(){ engineData = "BrushedEngine"+engineData; } }

  Read the article

• Forms authentication: disable redirect to the login page

  - by codeka

  I have an application that uses ASP.NET Forms Authentication. For the most part, it's working great, but I'm trying to add support for a simple API via an .ashx file. I want the ashx file to have optional authentication (i.e. if you don't supply an Authentication header, then it just works anonymously). But, depending on what you do, I want to require authentication under certain conditions. I thought it would be a simple matter of responding with status code 401 if the required authentication was not supplied, but it seems like the Forms Authentcation module is intercepting that and responding with a redirect to the login page instead. What I mean is, if my ProcessRequest method looks like this: public void ProcessRequest(HttpContext context) { Response.StatusCode = 401; Response.StatusDescription = "Authentication required"; } Then instead of getting a 401 error code on the client, like I expect, I'm actually getting a 302 redirect to the login page. For nornal HTTP traffic, I can see how that would be useful, but for my API page, I want the 401 to go through unmodified so that the client-side caller can respond to it programmatically instead. Is there any way to do that?

  Read the article

• Multi threading in WCF RIA Services

  - by synergetic

  I use WCF RIA Services to update customer database. In domain service: public void UpdateCustomer(Customer customer) { this.ObjectContext.Customers.AttachAsModified(customer); syncCustomer(customer); } After update, a database trigger launches and depending on the columns updated it may insert a new record in CustomerChange table. syncCustomer(customer) method is executed to check for a new record in the CustomerChange table and if found it will create a text file which contains customer information and forwards that file to external system for import. Now this synchronization may take a time so I wanted to execute it in different thread. So: private void syncCustomer(Customer customer) { this.ObjectContext.SaveChanges(); new Thread(() => syncCustomerInfo(customer.CustomerID)) { IsBackground = true }.Start(); } private void syncCustomerInfo(int customerID) { //Thread.Sleep(2000); //does real job here ... ... } The problem is in most cases syncCustomerInfo method cannot find any new CustomerChange record even if it was definitely there. If I force thread sleep then it finds a new record. I also looked Entity Framework events but the only event provided by object context is SavingChanges which occur before changes are saved. Please suggest me what else to try.

  Read the article

• ActionScript : Applying frame to a image / background?

  - by Jay

  I am editing a custom calendar application in flash. The purpose of this app is to let you select your own images, and create a calendar out of it. You can basically, drag and drop images of your choice and they apply frame/borders, or drag and drop embellishments. Here is the piece of code that draws a border/frame on the embellishment/image of your choice. tempListener.onLoadInit = function(target_mc:MovieClip) { var mcName = target_mc._name.substring(0, target_mc._name.indexOf("@", 0)); if(mcName == "frame_Image") { target_mc.onPress = function() { if(_root.selectedImage != null) { var index = this._name.substring(this._name.indexOf("@",0)+1, this._name.length); var objPath = nodesFrames.childNodes[index-1].attributes.image; if(_root.selectedImage._name.split("@")[0] == "image") { var mask = _root.selectedImage[_root.selectedImage._parent._name + "_" + _root.selectedImage._name + "_maskMc"]; frameImageWidth = mask._width; frameImageHeight = mask._height; frameImageXScale = -1; frameImageYScale = -1; } else { frameImageXScale = _root.selectedImage._xscale; frameImageYScale = _root.selectedImage._yscale; _root.selectedImage._xscale = 100; _root.selectedImage._yscale = 100; frameImageWidth = _root.selectedImage._width; frameImageHeight = _root.selectedImage._height; } if(_root.selectedImage["frame"]) {} else { _root.selectedImage.createEmptyMovieClip("frame", _root.selectedImage.getNextHighestDepth()); } var image_mcl1:MovieClipLoader = new MovieClipLoader(); image_mcl1.addListener(_root.mclFrameListener); image_mcl1.loadClip("Images/" + objPath, _root.selectedImage["frame"]); } } } I need to somehow apply the chosen frame image, to the entire background - not just to the embellishment or image. How do I go about this? Thanks in advance for your inputs. Please let me know if the question doesn't make sense, I will attach some images that can help you with the context.

  Read the article

• Animation is slow on iPhone

  - by Anthony Chan

  I'm developing an app that would display images and change them according to the user's action. I've created a subclass of UIView to contain an image, an index number and an array of image names. The code is like this: @interface CustomPic : UIView { UIImageView *pic; NSInteger index; NSMutableArray *picNames; //<-- an array of NSString } And in the implementation part, it has a method to change the image using a dissolve effect. - (void)nextPic { index++; if (index >= [picNames count]) { index = 0; } UIImageView *temp = pic; pic.image = [UIImage imageNamed:[picNames objectAtIndex:index]]; temp.alpha = 0; [UIView beginAnimations:nil context:nil]; [UIView setAnimationCurve:UIViewAnimationCurveEaseOut]; [UIView setAnimationDuration:0.25]; pic.alpha = 0; temp.alpha = 1; [UIView commitAnimations]; } In the viewController, there are several CustomPic which would change the images depends on users' choice. The images would change as expected with the fade in/out effect, but the animation performance is really bad. I've tested it on an iPhone 3G, the Instruments shows that the animation is only 2-3FPS! I tried many methods to simplify and modify the codes but with no hope. Is there something wrong in my code or in my concept? Thanks for any help. P.S. all the images are 320*480 PNGs with a max size of 15KB.

  Read the article

• problm with MANIFEST.MF in jar

  - by Atul

  hi I have created jar in the following folder: /usr/local/bin/niidle.jar. And my MANIFEST.MF file is as follows: Manifest-Version: 1.0 Main-Class: com.ensarm.niidle.web.scraper.NiidleScrapeManager Class-Path: hector-0.6.0-17.jar And I verified that,this 'hector-0.6.0-17.jar' file is also present in the folder: /Projects/EnwelibDatedOct13/Niidle/lib/hector-0.6.0-17.jar I don't want to give full class-path name in MANIFEST.MF file,because I have to run this jar on other's machine,so I gave only jar file name 'Class-Path=hector-0.6.0-17.jar' in MANIFEST.MF file. Inspite of mentioning the Class-Path in MANIFEST.MF file, when I run this using command: java -jar /usr/local/bin/niidle.jar arguments... It is showing error massage: --Exception in thread "main" java.lang.NoClassDefFoundError: me/prettyprint/hector/api/Serializer at com.ensarm.niidle.web.scraper.NiidleScrapeManager.main(NiidleScrapeManager.java:21) Caused by: java.lang.ClassNotFoundException: me.prettyprint.hector.api.Serializer at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:307) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:252) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:320) ... 1 more Please give me solution for this error message..

  Read the article

• Help me with the simplest program for "Trusted" application

  - by idazuwaika

  Hi, I hope anyone from the large community here can help me write the simplest "Trusted" program that I can expand from. I'm using Ubuntu Linux 9.04, with TPM emulator 0.60 from Mario Strasser (http://tpm-emulator.berlios.de/). I have installed the emulator and Trousers, and can successfully run programs from tpm-tools after running tpmd and tcsd daemons. I hope to start developing my application, but I have problems compiling the code below. #include <trousers/tss.h> #include <trousers/trousers.h> #include <stdio.h> TSS_HCONTEXT hContext; int main() { Tspi_Context_Create(&hContext); Tspi_Context_Close(hContext); return 0; } After trying to compile with g++ tpm.cpp -o tpmexe I receive errors undefined reference to 'Tspi_Context_Create' undefined reference to 'Tspi_Context_Close' What do I have to #include to successfully compile this? Is there anything that I miss? I'm familiar with C, but not exactly so with Linux/Unix programming environment. ps: I am a part time student in Master in Information Security programme. My involvement with programming has been largely for academic purposes.

  Read the article

• IIS URL Rewriting: How can I reliably keep relative paths when serving multiple files?

  - by NVRAM

  My WebApp is part CMS, and when I serve up an HTML page to the user it typically contains relative paths in a.href and img.src attributes. I currently have them accessed by urls like: ~/get-data.aspx/instance/user/page.html -- where instance indicates the particular instance for the report and "user/page.html" is a path created by an external application that generates the content. This works pretty reliably with code in the application's BeginRequest method that translates the text after ".aspx" into a query string, then uses Context.RewritePath(). So far so good, but I've just tripped over something that took me by surprise: it appears that if any of the query string ("instance/user/page.html") happens to contain a plus sign ("+") the BeginRequest method is never called, and a 404 is immediately returned to the user. So my question is two-fold: Am I correct in my belief that a "+" would cause the 404, and if so are there other things that could cause similar problems? Is there a way around that problem (perhaps a different method than BeginRequest)? Is there a better way to preserve relative URL paths for generated content than what I'm using? I'd rather not require site admins to install a 3rd party rewrite tool if I can help it.

  Read the article

• Exposed onsite vs IFD deployments for MS Dynamics CRM

  - by Greg McGuffey

  I'm working for the first time on a MS Dyanmics CRM 4.0 project. Our company has a high number of remote employees and even more remote consultants. As such it will be necessary to make the CRM solution available over the internet. As near as I can tell, I have three options: Have everyone use a VPN to access an intranet site (typical onsite deployment). However, we have found that VPNs are far from trouble free and cause many support issues. We avoid them like the plague. Use IFD to expose the CRM on the internet. I don't know much about this except that the URL will be different than the onsite URL, which could cause some headaches (see below). Expose the CRM site by opening the site to the internet, using SSL to encrypt traffic. We currently do this with our MS sharepoint sites. I'm not sure how secure this would be (one of the reasons for this question). I'd like to avoid using both the onsite intranet deployment and the IFD together for a couple of reasons. One of the requests for the solution is use email to notify users that they've been assigned a task, and include the URL to the task within the email. For this reason. If both deployments are used, then I'll need to include two URLs and the user would need to know which to use. Which leads to the second reason, the main users of the solution split time between being in the office and being remote. Thus they would need to access the solution two different ways, and know when to use which. Bad. So, what are the advantages/disadvantages of any of these methods? Any other options? Is there any issue using IFD from within the intranet? Security issues? Thanks!

  Read the article

• Can't combine "LINQ Join" with other tables

  - by FullmetalBoy

  The main problem is that I recieve the following message: "base {System.SystemException} = {"Unable to create a constant value of type 'BokButik1.Models.Book-Author'. Only primitive types ('such as Int32, String, and Guid') are supported in this context."}" based on this LinQ code: IBookRepository myIBookRepository = new BookRepository(); var allBooks = myIBookRepository.HamtaAllaBocker(); IBok_ForfattareRepository myIBok_ForfattareRepository = new Bok_ForfattareRepository(); var Book-Authors = myIBok_ForfattareRepository.HamtaAllaBok_ForfattareNummer(); var q = from booknn in allBooks join Book-Authornn in Book-Authors on booknn.BookID equals Book-Authornn.BookID select new { booknn.title, Book-AuthorID }; How shall I solve this problem to get a class instance that contain with property title and Book-AuthorID? // Fullmetalboy I also have tried making some dummy by using "allbooks" relation with Code Samples from the address http://www.hookedonlinq.com/JoinOperator.ashx. Unfortunately, still same problem. I also have taken account to Int32 due to entity framework http://msdn.microsoft.com/en-us/library/bb896317.aspx. Unfortunatley, still same problem. Using database with 3 tables and one of them is a many to many relationship. This database is used in relation with entity framework Book-Author Book-Author (int) BookID (int) Forfattare (int) Book BookID (int) title (string) etc etc etc

  Read the article

• C# custom control to get internal text as string

  - by Ed Woodcock

  ok, I'm working on a custom control that can contain some javascript, and read this out of the page into a string field. This is a workaround for dynamic javascript inside an updatepanel. At the moment, I've got it working, but if I try to put a server tag inside the block: <custom:control ID="Custom" runat="server"> <%= ControlName.ClientID %> </custom:control> The compiler does not like it. I know these are generated at runtime, and so might not be compatible with what I'm doing, but does anyone have any idea how I can get that working? EDIT Error message is: Code blocks are not supported in this context EDIT 2 The control: [DataBindingHandler("System.Web.UI.Design.TextDataBindingHandler, System.Design, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"), ControlValueProperty("Text"), DefaultProperty("Text"), ParseChildren(true, "Text"), AspNetHostingPermission(SecurityAction.LinkDemand, Level = AspNetHostingPermissionLevel.Minimal), AspNetHostingPermission(SecurityAction.InheritanceDemand, Level = AspNetHostingPermissionLevel.Minimal)] public class CustomControl : Control, ITextControl { [DefaultValue(""), Bindable(true), Localizable(true)] public string Text { get { return (string)(ViewState["Text"] ?? string.Empty); } set { ViewState["Text"] = value; } } }

  Read the article

• Detecting an online poker cheat

  - by Tom Gullen

  It recently emerged on a large poker site that some players were possibly able to see all opponents cards as they played through exploiting a security vulnerability that was discovered. A naïve cheater would win at an incredibly fast rate, and these cheats are caught very quickly usually, and if not caught quickly they are easy to detect through a quick scan through their hand histories. The more difficult problem occurs when the cheater exhibits intelligence, bluffing in spots they are bound to be called in, calling river bets with the worst hands, the basic premise is that they lose pots on purpose to disguise their ability to see other players cards, and they win at a reasonably realistic rate. Given: A data set of millions of verified and complete information hand histories Theoretical unlimited computer power Assume the game No Limit Hold'em, although suggestions on Omaha or limit poker may be beneficial How could we reasonably accurately classify these cheaters? The original 2+2 thread appeals for ideas, and I thought that the SO community might have some useful suggestions. It's an interesting problem also because it is current, and has real application in bettering the world if someone finds a creative solution, as there is a good chance genuine players will have funds refunded to them when identified cheaters are discovered.

  Read the article

• How to start animation when I'm pressing on item of ListView?

  - by Ares

  I want to implement next functional: When I'm tapping on ListView's item, it's turning into red color. If I release it has to reverse color back. I made transition drawable and set it as item's background. I tried to implement SimpleGestureListener and started animation on onDown and reversed it on onSingleTapUp events, but it doesn't give me any results (works fine, but items don't turn into red). If I return super.onDown (not true), the onLongPress raise every time(even I manage to release it). @Override public boolean onDown(MotionEvent e) { if(_currentRow.getTag()!=null) if(_currentRow.getTag().toString().equals("anim")) _currentRow.setBackgroundDrawable(context.getResources() .getDrawable(R.xml.listviewitem_yellow_red)); _drawable = (TransitionDrawable) _currentRow.getBackground(); _drawable.startTransition(500); return true; //super.onDown(e); // IF I UNCOMMENT IT TURNS INTO RED, BUT TRIGGERED onLongClick event!!! } @Override public boolean onSingleTapUp(MotionEvent e) { if(_drawable!=null){ _drawable.reverseTransition(500); } return super.onSingleTapUp(e); } @Override public void onLongPress(MotionEvent e) { if(getLongClickListener()!=null) getLongClickListener().onLongClick(_currentRow, _object); super.onLongPress(e); } If someone knows how to solve this problem, please help me.

  Read the article

• Why doesn't java.util.Set have get(int index)?

  - by Marty Pitt

  I'm sure there's a good reason, but could someone please explain why the java.util.Set interface lacks get(int Index), or any similar get() method? It seems that sets are great for putting things into, but I can't find an elegant way of retrieving a single item from it. If I know I want the first item, I can use set.iterator().next(), but otherwise it seems I have to cast to an Array to retrieve an item at a specific index? What are the appropriate ways of retrieving data from a set? (other than using an iterator) I'm sure the fact that it's excluded from the API means there's a good reason for not doing this -- could someone please enlighten me? EDIT: Some extremely great answers here, and a few saying "more context". The specific scneario was a dbUnit test, where I could reasonalby assert that the returned set from a query had only 1 item, and I was trying to access that item. However, the question is more valid without the scenario, as it remains more focussed : What's the difference between set & list. Thanks to all for the fantastic answers below.

  Read the article

• To what extent should code try to explain fatal exceptions?

  - by Andrzej Doyle

  I suspect that all non-trivial software is likely to experience situations where it hits an external problem it cannot work around and thus needs to fail. This might be due to bad configuration, an external server being down, disk full, etc. In these situations, especially if the software is running in non-interactive mode, I expect that all one can really do is log an error and wait for the admin to read the logs and fix the problem. If someone happens to interact with the software in the meantime, e.g. a request comes in to a server that failed to initialize properly, then perhaps an appropriate hint can be given to check the logs and maybe even the error can be echoed (depending on whether you can tell if they're a technical guy as opposed to a business user). For the moment though let's not think too hard about this part. My question is, to what extent should the software be responsible for trying to explain the meaning of the fatal error? In general, how much competence/knowledge are you allowed to presume on administrators of the software, and how much should you include troubleshooting information and potential resolution steps when logging fatal errors? Of course if there's something that's unique to the runtime context this should definitely be logged; but lets assume your software needs to talk to Active Directory via LDAP and gets back an error "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece]". Is it reasonable to assume that the maintainers will be able to Google the error code and work out what it means, or should the software try to parse the error code and log that this is caused by an incorrect user DN in the LDAP config? I don't know if there is a definitive best-practices answer for this, so I'm keen to hear a variety of views.

  Read the article

• Intermittent bug - IE6 showing file as text in browser, rather than as file download

  - by Richard Ev

  In an ASP.NET WebForms 2.0 site we are encountering an intermittent bug in IE6 whereby a file download attempt results in the contents of the being shown directly in the browser as text, rather than the file save dialog being displayed. Our application allows the user to download both PDF and CSV files. The code we're using is: HttpResponse response = HttpContext.Current.Response; response.Clear(); response.AddHeader("Content-Disposition", "attachment;filename=\"theFilename.pdf\""); response.ContentType = "application/pdf"; response.BinaryWrite(MethodThatReturnsFileContents()); response.End(); This is called from the code-behind click event handler of a button server control. Where are we going wrong with this approach? Edit Following James' answer to this posting, the code I'm using now looks like this: HttpResponse response = HttpContext.Current.Response; response.ClearHeaders(); // Setting cache to NoCache was recommended, but doing so results in a security // warning in IE6 //response.Cache.SetCacheability(HttpCacheability.NoCache); response.AppendHeader("Content-Disposition", "attachment; filename=\"theFilename.pdf\""); response.ContentType = "application/pdf"; response.BinaryWrite(MethodThatReturnsFileContents()); response.Flush(); response.End(); However, I don't believe that any of the changes made will fix the issue.

  Read the article

• how to store/model users/faceboook users/linkedin users, etc, with ActiveRecord?

  - by crankharder

  My app has "normal" users: those which come through a typical signup page facebook(FB) users: those which come from Facebook connect "FB-normal" users: a user that can log with both email/password * FB connect Further, there's the a slew of other openID-ish login methods (I don't think openID itself will be acceptable since it doesn't link up the accounts and allow the 3rd party specific features (posting to twitter, adding a FB post, etc etc)) So, how do I model this? Right now we have User class with #facebook_user? defined -- but it gets messy with the "FB-normal" users - plus all the validations become very tricky and hard to interpret. Also, there are methods like #deliver_password_reset! which make no sense in the context for facebook-only users. (this is lame) I've thought out STI (User::Facebook, User::Normal, User::FBNormal, etc.) This makes validations super slick, but it doesn't scale to other connection types, and all the permutations between them... User::FacebookLinkedInNormal(wtf?) Doing this with a bunch of modules I think would suck a lot. Any other ideas?

  Read the article

• Are Dynamic Prepared Statements Bad? (with php + mysqli)

  - by John

  I like the flexibility of Dynamic SQL and I like the security + improved performance of Prepared Statements. So what I really want is Dynamic Prepared Statements, which is troublesome to make because bind_param and bind_result accept "fixed" number of arguments. So I made use of an eval() statement to get around this problem. But I get the feeling this is a bad idea. Here's example code of what I mean // array of WHERE conditions $param = array('customer_id'=>1, 'qty'=>'2'); $stmt = $mysqli->stmt_init(); $types = ''; $bindParam = array(); $where = ''; $count = 0; // build the dynamic sql and param bind conditions foreach($param as $key=>$val) { $types .= 'i'; $bindParam[] = '$p'.$count.'=$param["'.$key.'"]'; $where .= "$key = ? AND "; $count++; } // prepare the query -- SELECT * FROM t1 WHERE customer_id = ? AND qty = ? $sql = "SELECT * FROM t1 WHERE ".substr($where, 0, strlen($where)-4); $stmt->prepare($sql); // assemble the bind_param command $command = '$stmt->bind_param($types, '.implode(', ', $bindParam).');'; // evaluate the command -- $stmt->bind_param($types,$p0=$param["customer_id"],$p1=$param["qty"]); eval($command); Is that last eval() statement a bad idea? I tried to avoid code injection by encapsulating values behind the variable name $param. Does anyone have an opinion or other suggestions? Are there issues I need to be aware of?

  Read the article

• C++ iterators, default initialization and what to use as an uninitialized sentinel.

  - by Hassan Syed

  The Context I have a custom template container class put together from a map and vector. The map resolves a string to an ordinal, and the vector resolves an ordinal (only an initial string to ordinal lookup is done, future references are to the vector) to the entry. The entries are modified intrusively to contain a a bool "assigned" and an iterator_type which is a const_iterator to the container class's map. My container class will use RCF's serialization code (which models boost::serialization) to serialize my container classes to nodes in a network. Serializing iterator's is not possible, or a can of worms, and I can easily regenerate them onces the vectors and maps are serialized on the remote site. The Question I need to default initialize, and be able to test that the iterator has not been assigned to (if it is assigned it is valid, if not it is invalid). Since map iterators are not invalidated upon operations performed on it (unless of course items are removed :D) am I to assume that map<x,y>::end() is a valid sentinel (regardless of the state of the map -- i.e., it could be empty) to initialize to ? I will always have access to the parent map, I'm just unsure wheather end() is the same as the map contents change. I don't want to use another level of indirection (--i.e., boost::optional) to achieve my goal, I'd rather forego compiler checks to correct logic, but it would be nice if I didn't need to. Misc This question exists, but most of its content seems non-sense. Assigning a NULL to an iterator is invalid according to g++ and clang++. This is another similar question, but it focuses on the common use-cases of iterators, which generally tends to be using the iterator to iterate, ofcourse in this use-case the state of the container isn't meant to change whilst iteration is going on.

  Read the article

• Weird onclick behavior of images on home screen widget

  - by kknight

  I wrote a home screen widget with one image on it. When the image is clicked, browser will be opened for a url link. Generally, it is working. But a weird thing is that, when I click background, then click the picture, the browser will not be open. Until I click the second time on the picture, the browser opens. The steps to reproduce is below: Click on the home screen widget background. Click on the image on the home screen. The browser is not opened. Click on the image again. The browser is opened. If I didn't click on the background, the image will react to click very well, i.e. browser will be open when the image is clicked the first time. The widget XML file is as below: <RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android" android:id="@+id/widget" android:layout_width="320dip" android:layout_height="200dip" android:background="@drawable/prt_base" > <ImageView android:id="@+id/picture1" android:layout_width="134dip" android:layout_height="102dip" android:layout_marginLeft="62dip" android:layout_marginTop="6dip" android:scaleType="center" android:src="@drawable/picture1" /> </RelativeLayout> The code to set OnClick on the picture1 ImageView is as below: defineIntent = new Intent(Intent.ACTION_VIEW, Uri .parse("http://www.google.com")); pendingIntent = PendingIntent .getActivity(context, 0 /* no requestCode */, defineIntent, 0 /* no flags */); updateViews.setOnClickPendingIntent( picId, pendingIntent); Anyone knows what's wrong? Thanks.

  Read the article

• Download dynaic file with GWT

  - by Maksim

  I have a GWT page where user enter data (start date, end date, etc.), then this data goes to the server via RPC call. On the server I want to generate Excel report with POI and let user save that file on their local machine. This is my test code to stream file back to the client but for some reason it does not know: public class ReportsServiceImpl extends RemoteServiceServlet implements ReportsService { public String myMethod(String s) { File f = new File("/excelTestFile.xls"); String filename = f.getName(); int length = 0; try { HttpServletResponse resp = getThreadLocalResponse(); ServletOutputStream op = resp.getOutputStream(); ServletContext context = getServletConfig().getServletContext(); resp.setContentType("application/octet-stream"); resp.setContentLength((int) f.length()); resp.setHeader("Content-Disposition", "attachment; filename*=\"utf-8''" + filename + ""); byte[] bbuf = new byte[1024]; DataInputStream in = new DataInputStream(new FileInputStream(f)); while ((in != null) && ((length = in.read(bbuf)) != -1)) { op.write(bbuf, 0, length); } in.close(); op.flush(); op.close(); } catch (Exception ex) { ex.printStackTrace(); } return "Server says: " + filename; } } I've red somewhere on internet that you can't do file stream with RPC and I have to use Servlet for that. Is there any example of how to use Servlet and how to call that servlet from ReportsServiceImpl

  Read the article

• Force sending a user to custom QuerySet.

  - by Jack M.

  I'm trying to secure an application so that users can only see objects which are assigned to them. I've got a custom QuerySet which works for this, but I'm trying to find a way to force the use of this additional functionality. Here is my Model: class Inquiry(models.Model): ts = models.DateTimeField(auto_now_add=True) assigned_to_user = models.ForeignKey(User, blank=True, null=True, related_name="assigned_inquiries") objects = CustomQuerySetManager() class QuerySet(QuerySet): def for_user(self, user): return self.filter(assigned_to_user=user) (The CustomQuerySetManager is documented over here, if it is important.) I'm trying to force everything to use this filtering, so that other methods will raise an exception. For example: Inquiry.objects.all() ## Should raise an exception. Inquiry.objects.filter(pk=69) ## Should raise an exception. Inquiry.objects.for_user(request.user).filter(pk=69) ## Should work. inqs = Inquiry.objects.for_user(request.user) ## Should work. inqs.filter(pk=69) ## Should work. It seems to me that there should be a way to force the security of these objects by allowing only certain users to access them. I am not concerned with how this might impact the admin interface.

  Read the article

• how to implement enhanced session handling in PHP

  - by praksant

  Hi, i'm working with sessions in PHP, and i have different applications on single domain. Problem is, that cookies are domain specific, and so session ids are sent to any page on single domain. (i don't know if there is a way to make cookies work in different way). So Session variables are visible in every page on this domain. I'm trying to implement custom session manager to overcome this behavior, but i'm not sure if i'm thinking about it right. I want to completely avoid PHP session system, and make a global object, which would store session data and on the end of script save it to database. On first access i would generate unique session_id and create a cookie On the end of script save session data with session_id, timestamps for start of session and last access, and data from $_SERVER, such as REMOTE_ADDR, REMOTE_PORT, HTTP_USER_AGENT. On every access chceck database for session_id sent in cookie from client, check IP, Port and user agent (for security) and read data into session variable (if not expired). If session_id expired, delete from database. That session variable would be implemented as singleton (i know i would get tight coupling with this class, but i don't know about better solution). I'm trying to get following benefits: Session variables invisible in another scripts on the same server and same domain Custom management of session expiration Way to see open sessions (something like list of online users) i'm not sure if i'm overlooking any disadvantages of this solution. Is there any better way? Thank you!!

  Read the article

< Previous Page | 700 701 702 703 704 705 706 707 708 709 710 711  | Next Page >