Search Results

Search found 2729 results on 110 pages for 'curious apprentice'.

Page 75/110 | < Previous Page | 71 72 73 74 75 76 77 78 79 80 81 82 | Next Page >

Are PDO prepared statements sufficient to prevent SQL injection?

- by Mark Biek

Let's say I have code like this: $dbh = new PDO("blahblah"); $stmt = $dbh->prepare('SELECT * FROM users where username = :username'); $stmt->execute( array(':username' => $_REQUEST['username']) ); The PDO documentation says The parameters to prepared statements don't need to be quoted; the driver handles it for you. Is that truly all I need to do to avoid SQL injections? Is it really that easy? You can assume MySQL if it makes a difference. Also, I'm really only curious about the use of prepared statements against SQL injection. In this context, I don't care about XSS or other possible vulnerabilities.

Read the article
Benefits of arrays

- by Vitalii Fedorenko

As I see it, the advantages of List over array are pretty obvious: Generics provide more precise typing: List<Integer>, List<? extends Number>, List<? super Integer>. List interface has a bunch useful methods: addAll, remove etc. While for arrays all standard operations except get/set must be performed in a procedure manner by passing it to a static method. Collections offer different implementations like ArrayList, LinkedList, unmodifieable and synchronized lists, which can be hidden under common List interface. OOB length control. As disadvantages I can only mention absence of syntactic sugar and runtime type check. At the same time supporting of both structures requires frequent using of asList and toArray methods, which makes code less readable. So I am curious if there are any important benefits of using arrays that I miss.

Read the article
postgresql duplicate table names best practice

- by veilig

My company has a handful of apps that we deploy in the websites we build. Recently a very old app needed to be included along side a newer app and there was a conflict w/ a duplicate table name needed to be used by both apps. We are now in the process of updating an old app and there will be some DB updates. I'm curious what people consider best practice (or how do you do it) to help ensure these name collisions don't happen. I've looked at schema's but not sure if thats the right path we want to take. As the documentation prescribes, I don't want to "wire" a particular schema name into an application and if I add schema's to the user search path how would it know which table I was referring to if two schema's have the same table name. although, maybe I'm reading to much into this. Any insights or words of wisdom would be greatly appreciated!

Read the article
Different ways to specify libraries to gcc/g++

- by abigagli

I'd be curious to understand if there's any substantial difference in specifying libraries (both shared and static) to gcc/g++ in the two following ways (CC can be g++ or gcc) CC -o output_executable /path/to/my/libstatic.a /path/to/my/libshared.so source1.cpp source2.cpp ... sourceN.cpp vs CC -o output_executable -L/path/to/my/libs -lstatic -lshared source1.cpp source2.cpp ... sourceN.cpp I can only see a major difference being that passing directly the fully-specified library name would make for a greater control in choosing static or dynamic versions, but I suspect there's something else going on that can have side effects on how the executable is built or will behave at runtime, am I right? Andrea.

Read the article
Location of various javax.xml.* packages within the Java 6 SDK.

- by celestialorb

Alright, so recently I was using Notepad++ for all of my programming needs, but I've started using Eclipse for larger-scale Java projects now. I decided to pick up an old project of mine which used various classes within the "javax.xml.*" namespaces. When I was compiling and running the program with Notepad++ it worked just fine, however Eclipse can't seem to find these packages. My question is this, since I obviously have the classes somewhere within my current installation of JDK 6 (since I had no problems when using Notepad++), where can I find the location of the .JAR file(s) that include these namespaces/classes so that I can add them to my Eclipse project? Thanks for any help you can give me! Regards, celestialorb Also, if you're curious about the specific packages I'm looking for they are: javax.xml.soap.* javax.xml.transform.* Thanks again!

Read the article
Database Design Question: GUID + Natural Numbers

- by Alan

For a database I'm building, I've decided to use natural numbers as the primary key. I'm aware of the advantages that GUID's allow, but looking at the data, the bulk of row's data were GUID keys. I want to generate XML records from the database data, and one problem with natural numbers is that I don't want to expose my database key's to the outside world, and allow users to guess "keys." I believe GUID's solve this problem. So, I think the solution is to generate a sparse, unique iD derived from the natural ID (hopefully it would be 2-way), or just add an extra column in the database and store a guid (or some other multibyte id) The derived value is nicer because there is no storage penalty, but it would be easier to reverse and guess compared to a GUID. I'm (buy) curious as to what others on SO have done, and what insights they have.

Read the article
What are the primary advantages of Visual Studio Team Foundation Server over the other versions?

- by Andrew Dunaway

We are looking into the possibility of upgrading to Team Foundation Server 2008 for our development team. One of our primary reasons is some of the deployment capabilities surrounding BizTalk 2009, but I am curious what other benefits there are for other projects outside of BizTalk. Some of our interests so far are moving to a one click build and deploy process, the addition of unit tests, and continuous integration. Some definite steps forward for the company I work for. What other benefits or information should I look at as I pitch this to upper management? I am looking for technical reasons, money is a not really a concern for this discussion.

Read the article
memcached cluster maintenance

- by Yang

Scaling up memcached to a cluster of shards/partitions requires either distributed routing/partition table maintenance or centralized proxying (and other stuff like detecting failures). What are the popular/typical approaches/systems here? There's software like libketama, which provides consistent hashing, but this is just a client-side library that reacts to messages about node arrivals/departures---do most users just run something like this, plus separate monitoring nodes that, on detecting failures, notify all the libketamas of the departure? I imagine something like this might be sufficient since typical use of memcached as a soft-state cache doesn't require careful attention to consistency, but I'm curious what people do.

Read the article
Implementing a "flag as spam/offensive" system

- by UltraVi01

I am looking for a community moderated way of managing/eliminating spam and offensive content. Functionality similar to StackOverflow and many other sites seems like a good way to go. Although I'm sure this could greatly vary based on specific needs, I am curious about the backend mechanism/algorithm --that is, has anyone had success using something like "3 strikes and you're out" -- the flagged post is automatically closed/deleted after 3 reports by users with the required credentials. Would something like this likely be effective or would it require a more complex solution to ensure honesty and effectiveness. Any thoughts / experiences would be great

Read the article
500 error on https, site loads fine [closed]

- by jetlej

Using http://web-sniffer.net/, I'm seeing a 500 internal error when accessing the https://www version of my site (https://moblized.com). However that URL loads perfectly fine with no errors. I was checking this because Google Webmaster is showing a bunch of 500 errors on my site. Also just noticed that I get a 200 success error if sniffing with HTTP 1.0, but a 500 with HTTP 1.1 Note: All other URL versions 301 redirect to https://www, eg. http://www , https:// , http:// FIXED: For any curious parties, there was one PHP bug that was causing a fatal error, but was still allowing the page to load. Turning on php_debug helped...

Read the article
Sort database entries via a dropdown list

- by Lin

Hello! I'm curious if anyone could possibly help me, because I can't find anything exactly related to it anywhere, and it's driving me nuts. I'd like to have a dropdown list on a page, that will give the visitor the option to sort all entries by year. I have entries from i.e. 2001, 2005, 2009, 2010. The years should be displayed in the dropdown, so the visitor can easily just select all entries dated 2001 if they want. The year for each entry is located in the one database table I have. In other words, I simply want a "sort by" dropdown that you can see on pretty much any shopping site nowadays. But with set years. Thanks in advance for any replies!

Read the article
Code reviews for larger ASP.NET MVC team using TFS

- by Parrots

I'm trying to find a good code review workflow for my team. Most questions similar to this on SO revolve around using shelved changes for the review, however I'm curious about how this works for people with larger teams. We usually have 2-3 people working a story (UI person, Domain/Repository person, sometimes DB person). I've recommended the shelf idea but we're all concerned about how to manage that with multiple people working the same feature. How could you share a shelf between multiple programmers at that point? We worry it would be clunky and we might easily have unintended consequences moving to this workflow. Of course moving to shelfs for each feature avoids having 10 or so checkins per feature (as developers need to share code) making seeing the diffs at code review time painful. Has anyone else been able to successfully deal with this? Are there any tools out there people have found useful aside from shelfs in TFS (preferably open-source)?

Read the article
How to handle null {id} on route?

- by MattSlay

What if a user hits my site with http://www.mysite.com/Quote/Edit rather than http://www.mysite.com/Quote/Edit/1000 In other words, they do not specify a value for {id}. If they do not, I want to display a nice "Not Found" page, since they did not give an ID. I currentl handle this by accepting a nullable int as the parameter in the Controller Action and it works fine. However, I'm curious if there a more standard MVC framework way of handling this, rather than the code I presently use (see below). Is a smoother way to handle this, or is this pretty mush the right way to do it? [HttpGet] public ActionResult Edit(int? id) { if (id == null) return View("QuoteNotFound"); int quoteId = (int)id; var viewModel = new QuoteViewModel(this.UserId); viewModel.LoadQuote(quoteId); if (viewModel.QuoteNo > 0) { return View("Create", viewModel.Quote.Entity); } else return View("QuoteNotFound"); }

Read the article
How to break whenever any line of code executes

- by Aequitarum Custos

I have a very strange bug, which I believe is caused by some code we have executing, but I'm not sure where. We can reproduce it to the point it happens whenever we click Tab, but short of putting a break point at the beginning of every method in the project to find out what is executing. Is there a way to set visual studio to break whenever anything executes? For those curious about the problem, every now and then, we have a few Rich Text Boxes that refuse to lose focus. You can't click out of it or tab out of it. We have no On Validation or On Text Changed events attached to the control, and believe it's an event attached somewhere else to something we just aren't noticing.

Read the article
best way to build iphone settings screen

- by Christian Schlensker

I'm building a settings screen for an iPhone app and it is supposed to resemble a grouped table view. Each "cell" should behave like a button. Most cells just have a image view, label view, and disclosure indicator. One will display a value in addition to a label. All of these buttons will present a new view when tapped. Now, how to implement this? I was considering just laying out a set of buttons with custom background images, or would it be best to just use a table view. If that's the case what should it be implemented. So far I've only used table views to display some kind of dynamic data in which each cell displayed the same basic detail view. I'm most curious to figure out how to setup cellForRowAtIndexPath. Would this contain some sort of switch statement to configure each cell individually, or is there an easier way to handle all this?

Read the article
what factors should a fresher(for programmer job) consider and learn before saying yes to employer f

- by Senthil

what factors should a fresher(for programmer job) consider and learn before saying yes to employer for job offer? and to contract? and most importantly how should one get the details?how can I approach them? I know some employers dont want to give such details..right? I have shortlisted by a Software COmpany..that is parter with microsoft. and works on technology like VB ADO.DOTNET,and some other reporting stuffs.,sql servers etc.,Tell me about scope of that..because They are asking me to sign for 2 year certificate bond agreement..I want to be a great programmer and Project Leader after 5 years..advise me guys..Language/OS not problem for me,As I curious to learn more things. Most of the SO members are programmers..so yours advice is greatly appreciated

Read the article
Looking for a clear and concise web page explaining why lower bits of random numbers are usually not

- by Hamish Grubijan

I am putting together an internal "every developer should know" wiki page. I saw many discussions regarding rand() % N, but not a single web page that explains it all. For instance, I am curious if this problem is only C- and Linux-specific, or if it also applies to Windows, C++,. Java, .Net, Python, Perl. Please help me get to the bottom of this. Also, just how non-random do the numbers get? Thank you!

Read the article
What is the use of reflection in Java/C# etc

- by zengr

I was just curious, why should we use reflection in the first place? // Without reflection Foo foo = new Foo(); foo.hello(); // With reflection Class cls = Class.forName("Foo"); Object foo = cls.newInstance(); Method method = cls.getMethod("hello", null); method.invoke(foo, null); We can simply create an object and call the class's method, but why do the same using forName, newInstance and getMthod functions? To make everything dynamic?

Read the article
better for-loop syntax for detecting empty sequences?

- by Dmitry Beransky

Hi, Is there a better way to write the following: row_counter = 0 for item in iterable_sequence: # do stuff with the item counter += 1 if not row_counter: # handle the empty-sequence-case Please keep in mind that I can't use len(iterable_sequence) because 1) not all sequences have known lengths; 2) in some cases calling len() may trigger loading of the sequence's items into memory (as the case would be with sql query results). The reason I ask is that I'm simply curious if there is a way to make above more concise and idiomatic. What I'm looking for is along the lines of: for item in sequence: #process item *else*: #handle the empty sequence case (assuming "else" here worked only on empty sequences, which I know it doesn't)

Read the article
String Occurance Counting Algorithm

- by Hellnar

Hello, I am curious what is the most efficient algorithm (or commonly used) to count the number of occurances of a string in a chunck of text. From what I read, Boyer–Moore string search algorithm is the standard for string search but I am not sure if counting occurance in an efficient way would be same as searching a string. In python this is what I want: text_chunck = "one two three four one five six one" occurance_count(text_chunck, "one") # gives 3. Regards EDIT: It seems like python str.count serves me such method however I am not able to find what algorithm it uses.

Read the article
Is the last digit of a phone number random?

- by sehugg

I have a telephony app which has a prompt which requires user choice. I made the app select one of 10 different phone prompts based on the last digit of the caller's phone number. Then I measure whether the user responds to the prompt (accept) or decides to skip to the next step (reject). I thought this would work well enough as a random selection, but I think I may be wrong. What I'm finding is that the exact same prompt has a dramatically different response rate (25% vs 35%) for two different last digits. Now I'm curious why this is. Does anyone know how phone numbers are assigned and why the last digit would be significant?

Read the article
Security of PHP script, embedded or otherwise

- by typoknig

Hi all, I am curious about the security of PHP on an HTML webpage where PHP code is embedded (a webpage that would exist on the server as "webpage.php") or on a PHP script that may be referenced by an HTML page (that is, a PHP script that is not actually part of a webpage that exists on the server as "something.php" and is referenced by "webpage.html"). Getting to the point, let us say that if the source code of my PHP script is known by anyone it would be a very big problem. I know that when you view the source of a PHP page in a browser the PHP script is not shown, but what if the PHP server failed and the HTML still loaded (is this even possible), would a user be able to see the PHP script? To be more general, is there ANY possible way that a user could access the source of a PHP script from a web browser, and if so, how do I prevent it?

Read the article
How long can a hash left out in the open be considered safe?

- by Xeoncross

If I were to leave a SHA2 family hash out on my website - how long would it be considered safe? How long would I have before I could be sure that someone would find a collision for it and know what was hashed? I know that the amount of time would be based on the computational power of the one seeking to break it. It would also depend on the string length, but I'm curious just how secure hashes are. Since many of us run web-servers we constantly have to be prepared for the day when someone might make it all the way to the database which stores the user hashes. So, move the server security out of the way and then what do you have? This is a slightly theoretical area for many of the people I have talked with, so I would love to actually have some more information about average expectations for cracking.

Read the article
PHP Fatal error on line number that doesn't exist

- by alexantd

Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 523800 bytes) in /Library/WebServer/Documents/XMLDataStore.class.php on line 981 The curious thing about this error is not the memory leak, which would be easy enough to troubleshoot. Rather, it is the fact that XMLDataStore.class.php is only 850 lines long, which I have verified in multiple text editors. This is with the PHP 5.3 bundled with Snow Leopard. I'm not using an opcode cache. Here is my php.ini: allow_url_fopen = Off error_reporting = -1 display_errors = 1 display_startup_errors = 1 date.timezone = 'America/Los_Angeles' output_buffering = Off realpath_cache_size = 0k XMLDataStore.class.php has recently been refactored and it used to be longer than 981 lines. It's almost as if PHP has cached a 2-week-old version and is reading that. I'm positive that the current version at /Library/WebServer/Documents/XMLDataStore.class.php is only 850 lines long, though.

Read the article
C/C++ usage of special CPU fetures

- by b-gen-jack-o-neill

Hi, I am curious, do new compilers use some extra features built into new CPUs such as MMX SSE,3DNow! and so? I mean, in original 8086 there was even no FPU, so compiler that old cannot even use it, but new compilers can, since FPU is part of every new CPU. So, does new compilers use new features of CPU? Or, it should be more right to ask, does new C/C++ standart library functions use new features? Thanks for answer.

Read the article

< Previous Page | 71 72 73 74 75 76 77 78 79 80 81 82 | Next Page >