Search Results

Search found 20761 results on 831 pages for 'chef client'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 750/831 | < Previous Page | 746 747 748 749 750 751 752 753 754 755 756 757  | Next Page >

  • Request size limitation when using MultipartHttpServletRequest of Spring 3.0

    - by Spiderman
    I'd like to know what is the size limitation if I upload list of files in one client's form submition using HTTP multipart content type. On the server side I am using Spring's MultipartHttpServletRequest to handle the request. mM questions: Is there should be different file size limitation and total request size limitation or file size is the only limitation and the request is capable of uploading 100s of files as lonng as they are not too large. Doest the Spring request wrapper read the complete request and store it in the JAVA heap memory or it store temporaray files of it to be able to use big quota. Is the use of reading the httpservlet request in streaming would change the size limitation than using complete http request read at-once by the application server. What is the bottleneck of this process - Java heap size, the quota of the filesystem on which my web-server runs, the maximum allowed BLOB size that the DataBase in which I am gonna save the file alows? or Spring internal limitations? Related threads that still don't have exact answer to this: does-spring-framework-support-streaming-mode-in-mutlipart-requests is-there-a-way-to-get-raw-http-request-stream-from-java-servlet-handler how-to- drop-body-of-a-request-after-checking-headers-in-servlet apache-commons-fileupload-throws-malformedstreamexception

    Read the article

  • MVC3 custom validation attribute for an "at least one is required" situation

    - by Pricey
    Hi I have found this answer already: MVC3 Validation - Require One From Group Which is fairly specific to the checking of group names and uses reflection. My example is probably a bit simpler and I was just wondering if there was a simpler way to do it. I have the below: public class TimeInMinutesViewModel { private const short MINUTES_OR_SECONDS_MULTIPLIER = 60; //public string Label { get; set; } [Range(0,24, ErrorMessage = "Hours should be from 0 to 24")] public short Hours { get; set; } [Range(0,59, ErrorMessage = "Minutes should be from 0 to 59")] public short Minutes { get; set; } /// <summary> /// /// </summary> /// <returns></returns> public short TimeInMinutes() { // total minutes should not be negative if (Hours <= 0 && Minutes <= 0) { return 0; } // multiplier operater treats the right hand side as an int not a short int // so I am casting the result to a short even though both properties are already short int return (short)((Hours * MINUTES_OR_SECONDS_MULTIPLIER) + (Minutes * MINUTES_OR_SECONDS_MULTIPLIER)); } } I want to add a validation attribute either to the Hours & Minutes properties or the class itself.. and the idea is to just make sure at least 1 of these properties (Hours OR minutes) has a value, server and client side validation using a custom validation attribute. Does anyone have an example of this please? Thanks

    Read the article

  • looking to streamline my RSS feed mashup

    - by Mark Cejas
    Hello crafty developers, I have aggregated RSS feeds from various sources with RSSowl, fetching directly from the social mention API. The RSS feeds are categorized into the following major categories: blogs, news, twitter, Q&A and social networking sites. Each major category is nested with a common group of RSS feeds that represent a particular client/brand ontology. Merging these feeds into the RSSowl reader application, allows me to conduct and save refined search queries (from the aggregated data) into a single file - that I can then tag and further segment for analysis. This scheme is utilized for my own research needs and has helped me considerably. However, I find this RSS mashup scheme kinda clumsy, it requires quite a bit of time to initially organize all of the feeds and I would like to be able to do further natural language processing to the data as well as eventually be able to rank the collected list of URL's into some order of media prominence - right I don't want to pay the ridiculous radian6 web analytics fees, when my intuition is telling me that with a bit of 'elbow grease' I can maybe leverage some available resources online to develop a functional low scale web mining application and get some good intelligence from it. I am now starting to learn a little about computer science - my background is in physical science/statistics so is my thinking in the right track? So, I guess I am imagining an application that allows me to query in a refined manner. A manner that allows me to search for keyword combinations, applying AND/OR operators, selectively focus my queries into particular sources - like a collection of blogs or twitter, or social networking communities, then save the results of my queries into a structured format that can then be manipulated and explored. Am I dreaming? I just had to get all of this out. any bit of advice and insight would be hugely appreciated. my best, Mark

    Read the article

  • Problem with jquery #find on partial postback

    - by anonymous
    I have a third party component. It is a calendar control. I have a clientside event on it which fires javascript to show a popup menu. I do everything client side so I can use MVC. dd function MouseDown(oDayView, oEvent, element) { try { e = oEvent.event; var rightClick = (e.button == 2); if (rightClick) { var menu = $find("2_menuSharedCalPopUp"); menu.showAt(200, 200, e); } } catch (err) { alert("MouseDown() err: " + err.description); } } The javascript fires perfectly withe $find intially. I have another clientside method which updates the calendar via a partial postback. Once I have done this all subsequent MouseDowns( rightclicks) which use the $find statment error with 'null'. All similar problems people have out there seem to be around calling javascript after a postback - with solutions being re-registering an event using PageRequestManager or registering a clientside function on the server - et cetera. However, the event is firing, and the javascript working - it's the reference in the DOM that seems an issue. Any ideas?

    Read the article

  • How can a software agency deliver quality software/win projects?

    - by optician
    I currently work for a bespoke software agency. Does anyone have any experience of how to win well priced work? It seems there is so much competition from offshore/bedroom program teams, that cost is extremely competetive these days. I feel that it is very different compared to a software product company or an internal it department, in terms of budget. As someone else said before, we only ever really get to version 1.0 of a lot of our software, unless the client is big enough. In which case it doesn't make business sense to spend ages making the software the best we can. Its like we are doing the same quality of work of internal it. Also a Lot of our clients are not technically minded and so therefor will not pay for things they don't understand. As our company does not have the money to turn down work it often goes that we take on complicated work for far too little money. I have got a lot better at managing change and keeping tight specs etc. It is still hard.

    Read the article

  • how do i implement / build / create an 'in memory database' for my unit test

    - by Michel
    Hi all, i've started unit testing a while ago and as turned out i did more regression testing than unit testing because i also included my database layer thus going to the database verytime. So, implemented Unity to inject a fake database layer, but i of course want to store some data, and the main opinion was: "create an in-memory database" But what is that / how do i implement that? Main question is: i think i have to fake the database layer, but doesn't that make me create a 'simple database' myself or: how can i keep it simple and not rebuilding Sql Server just for my unit tests :) At the end of this question i'll give an explanation of the situation i got in on the project i just started on, and i was wondering if this was the way to go. Michel Current situation i've seen at this client is that testdata is contained in XML files, and there is a 'fake' database layer that connects all the xml files together. For the real database we're using the entity framework, and this works very simple. And now, in the 'fake' layer, i have top create all kind of classes to load, save, persist etc. the data. It sounds weird that there is so much work in the fake layer, and so little in the real layer. I hope this all makes sense :)

    Read the article

  • Apache ReWriteEngine throwing 500 Internal Server Error for too many internal redirects... why?!?!?!

    - by Stephen G
    I'm trying to implement a new ReWrite rule on my local dev machine. I have 13 rules set up already, and all work fine (even as of this writing). However, for some reason the newest one is throwing me 500 Internal Server Errors. The ReWrite rule is: RewriteRule stuff/public_html/vault/mystuff/view/(.*) /stuff/public_html/vault/mystuff/view/index.php?stuff=$1 RewriteRule stuff/public_html/vault/mystuff/view/(.*)/ /stuff/public_html/vault/mystuff/view/index.php?stuff=$1 Checked my apache logs and got this: [Thu Jan 13 22:07:43 2011] [error] [client ::1] mod_rewrite: maximum number of internal redirects reached. Assuming configuration error. Use 'RewriteOptions MaxRedirects' to increase the limit if neccessary., referer: http://localhost:8888/stuff/public_html/vault/mystuff/all/index.php?curr=7 On the script I am trying to redirect to view/index.php?stuff=$1, there is nothing that even remotely resembles a redirect of any kind. I do have a very, very basic session verifier being called at the top of the landing script, which is as follows: //Start session session_start(); //Check whether the session variable SESS_MEMBER_ID is present or not if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) { header("location: ".$root_http.""); exit(); } However, when I access the page directly, it acts as it should, and there is no redirect. All of my other ReWrite rules and their corresponding landing pages are set up the exact same way. This is blowing my mind. Any help, PLEASE!?

    Read the article

  • HTTP Negotiate windows vs. Unix server implementation using python-kerberos

    - by ondra
    I tried to implement a simple single-sign-on in my python web server. I have used the python-kerberos package which works nicely. I have tested it from my Linux box (authenticating against active directory) and it was without problem. However, when I tried to authenticate using Firefox from Windows machine (no special setup, just having the user logged into the domain + added my server into negotiate-auth.trusted-uris), it doesn't work. I have looked at what is sent and it doesn't even resemble the things the Linux machine sends. This Microsoft description of the process pretty much resembles the way my interaction from Linux works, but the Windows machine generally sends a very short string, which doesn't even resemble the things microsoft documentation states, and when base64 decoded, it is something like 12 zero bytes followed by 3 or 4 non-zero bytes (GSS functions then return that it doesn't support such scheme) Either there is something wrong with the client Firefox settings, or there is some protocol which I am supposed to follow for the Negotiate protocol, but which I cannot find any reference anywhere. Any ideas what's wrong? Do you have any idea what protocol I should by trying to find, as it doesn' look like SPNEGO, at least from MS documentation.

    Read the article

  • Getting Preferred, Varied Products -- Tough Pseudocode Question

    - by Volomike
    I have a Dallas client who has given me a tough process to work out. I'm seeking your advice. I use PHP, but the language doesn't matter. We can work this out in pseudocode. In a nutshell, this involves showing products on a page based on matching keyword phrases, and using a preferred product provider, but varying this up so that I try to show products from each provider as much as possible when I can. He has 3 product companies: Amazon, eBay, and Overstock. I already have worked out with the API to get products back in an array via a function. He wants to give the user the preference of which one to use primarily -- so a priority number on each. He wants to display anywhere from 1 to 6 products on a page from them. Let's go with 6 for now in this example to start with. Let's assume Amazon first, then eBay, then Overstock as far as priority. He wants me to attempt to take a keyword phrase and find relevant products (all the keywords found in product title) from Amazon, eBay, and Overstock. If we find 1 product from each provider, he wants me to only display one product from each. But if we run out of a particular provider with a matching product, I start over again and grab another product from another provider until we reach 6 products. If there just aren't 6 relevant products, then I do the best I can -- even if I only display one product. If no relevant products, then I don't display anything.

    Read the article

  • C++ Program Flow: Sockets in an Object and the Main Function

    - by jfm429
    I have a rather tricky problem regarding C++ program flow using sockets. Basically what I have is this: a simple command-line socket server program that listens on a socket and accepts one connection at a time. When that connection is lost it opens up for further connections. That socket communication system is contained in a class. The class is fully capable of receiving the connections and mirroring the data received to the client. However, the class uses UNIX sockets, which are not object-oriented. My problem is that in my main() function, I have one line - the one that creates an instance of that object. The object then initializes and waits. But as soon as a connection is gained, the object's initialization function returns, and when that happens, the program quits. How do I somehow wait until this object is deleted before the program quits? Summary: main() creates instance of object Object listens Connection received Object's initialization function returns main() exits (!) What I want is for main() to somehow delay until that object is finished with what it's doing (aka it will delete itself) before it quits. Any thoughts?

    Read the article

  • Hide struct definition in static library.

    - by BobMcLaury
    Hi, I need to provide a C static library to the client and need to be able to make a struct definition unavailable. On top of that I need to be able to execute code before the main at library initialization using a global variable. Here's my code: private.h #ifndef PRIVATE_H #define PRIVATE_H typedef struct TEST test; #endif private.c (this should end up in a static library) #include "private.h" #include <stdio.h> struct TEST { TEST() { printf("Execute before main and have to be unavailable to the user.\n"); } int a; // Can be modified by the user int b; // Can be modified by the user int c; // Can be modified by the user } TEST; main.c test t; int main( void ) { t.a = 0; t.b = 0; t.c = 0; return 0; } Obviously this code doesn't work... but show what I need to do... Anybody knows how to make this work? I google quite a bit but can't find an answer, any help would be greatly appreciated. TIA!

    Read the article

  • Return latitude/longitude based on entered address

    - by Don
    I'm building a php based application for a client to enter in addresses for their customers' buildings. They'd like the ability to view the location on a map (either as individuals or grouped in a city search). What I'm trying to accomplish is a lookup once the address is entered into a form that populates the database, so after they enter in the addresss, city, state, zip (these are all US locations) they could click a "get lat/long info" link/button that would check to make sure the data is complete, then would lookup the address and return the latitude/longitude into the appropriate form fields. Then the form could be submitted to store the info, and I could later just pull the lat/long when plotting on a map. 1) Does this make sense, or would I be better off just doing the lookup when it's time to plot it? 2) Does anyone have any pointers to solve this problem? I've seen some of the Google/Yahoo API's but it looks like this is more based on the plotting a point part. I may be able to modify it to suit my needs, but I'm just trying to cut some research time posting here with the hopes one of you may have a more direct route. I'll RTFM if I have to... Thanks, D.

    Read the article

  • Nested loops through recursion with usable iterators

    - by narandzasto
    Help! I need to generate a query with loops,but there must be undefinitly numbers of loop or much as many a client wants. I know that it can be done with recursion,but don't know exectly how.One more thing. Notice,please,that I need to use those k,i,j iterators later in "if" condition and I don't know how to catch them. Thanks class Class1 { public void ListQuery() { for (int k = 0; k < listbox1.Count; k++) { for (int i = 0; i < listbox2.Count; i++) { for (int j = 0; j < listbox3.Count; j++) { if (k == listbox1.count-1 && i == listbox2.count-1 && j == listbox3.count-1) { if (!checkbox1) Query += resultset.element1 + "=" + listbox1[k]; if (!checkbox2) Query += resultset.element2 + "=" + listbox1[i]; if (!checkbox3) Query += resultset.element3 + "=" + listbox1[j]; } } } } } }

    Read the article

  • Emails sometimes get scrambled

    - by Alex
    Folks, I have a PHP-based based site (using the QCubed framework); as a part of the site, I have a daemon that's sending out several thousand emails a day (no i'm not a spammer, everything is opt-in :)). Emails are sent through a custom framework component; that component serves as an SMTP client. I'm using a paid SMTP gateway from DNSExit.com to get the emails actually delivered. Those emails are simple HTML-based emails; they really have just simple links inside. My issue is that these links sometimes (not consistently!) get scrambled during transition. Tags somehow get mixed up, and some links are non-functional in the email. The issue happens on a small percentage of all sent emails; it is not consistent (i.e. the same exact source message HTML may or may not cause the scrambling in transition). Have any of you seen this? Any thoughts on how to troubleshoot?

    Read the article

  • Preventing a heavy process from sinking in the swap file

    - by eran
    Our service tends to fall asleep during the nights on our client's server, and then have a hard time waking up. What seems to happen is that the process heap, which is sometimes several hundreds of MB, is moved to the swap file. This happens at night, when our service is not used, and others are scheduled to run (DB backups, AV scans etc). When this happens, after a few hours of inactivity the first call to the service takes up to a few minutes (consequent calls take seconds). I'm quite certain it's an issue of virtual memory management, and I really hate the idea of forcing the OS to keep our service in the physical memory. I know doing that will hurt other processes on the server, and decrease the overall server throughput. Having that said, our clients just want our app to be responsive. They don't care if nightly jobs take longer. I vaguely remember there's a way to force Windows to keep pages on the physical memory, but I really hate that idea. I'm leaning more towards some internal or external watchdog that will initiate higher-level functionalities (there is already some internal scheduler that does very little, and makes no difference). If there were a 3rd party tool that provided that kind of service is would have been just as good. I'd love to hear any comments, recommendations and common solutions to this kind of problem. The service is written in VC2005 and runs on Windows servers.

    Read the article

  • Is there some formal way to update the browser detection files for ASP.Net?

    - by Deane
    I have an ASP.Net site on which we're using control adapters. We have the adapters mapped to a "refID" of "Default." These adapters are working fine on all browsers except Chrome and Safari. For those browsers, they do not execute. I've given up trying to figure out why -- I have a question here on SO that no one has been able to answer, and I've been researching it for days now. It's just inexplicable. I have tested the same code in my local environment, and it works just fine. Additionally, no one else can replicate my problem on other servers. It seems to be somehow confined to the machines at my client's site. Could they be somehow out-of-date? If this is the case, is there some way to "update" the .browser files? I'm half-tempted to just copy the .browser files out of the Framework directory from my machine over to theirs, but I'm curious is there's something more formal than this? Is there some other source of data that ASP.Net uses for browser detection other than these files?

    Read the article

  • How to develop Online Shopping Portal Application using PHP ?

    - by Sarang
    I do not know PHP & I have to develop a Shopping Portal with following Definition : Scenario: Online Shopping Portal XYZ.com wants to create an online shopping portal for managing its registered customers and their shopping. The customers need to register themselves first before they do shopping using the shopping portal. However, everyone, whether registered or not, can view the various products along with the prices listed in the portal. The registered customers, after logging in, are allowed to place order for one or more products from the products listed in the portal. Once the order is placed, the customer gets a reference order number and the order status should be “order in process”. The customers can track their order using the given reference number. The management of XYZ.com should be able to modify the order status of a particular reference order number to “shipped” once the products are shipped to the shipping address entered by the customer at the time of placing the order. The Functionalities required are : Create the interface for the XYZ.com shopping portal using HTML/XHTML and CSS. Implement the client side validations using JavaScript. Create the tables using MySQL. Implement the functionality using the server side scripting language, PHP. Integrate all the above tasks and make the XYZ.com shopping portal functional. How do I develop this application with following proper steps of development ?

    Read the article

  • Fix a 404: missing parameters error from a GET request to CherryPy

    - by norabora
    I'm making a webpage using CherryPy for the server-side, HTML, CSS and jQuery on the client-side. I'm also using a mySQL database. I have a working form for users to sign up to the site - create a username and password. I use jQuery to send an AJAX POST request to the CherryPy which queries the database to see if that username exists. If the username exists, alert the user, if it doesn't, add it to the database and alert success. $.post('submit', postdata, function(data) { alert(data); }); Successful jQuery POST. I want to change the form so that instead of checking that the username exists on submit, a GET request is made as on the blur event from the username input. The function gets called, and it goes to the CherryPy, but then I get an error that says: HTTPError: (404, 'Missing parameters: username'). $.get('checkUsername', getdata, function(data) { alert(data); }); Unsuccessful jQuery GET. The CherryPy: @cherrypy.expose def submit(self, **params): cherrypy.response.headers['Content-Type'] = 'application/json' e = sqlalchemy.create_engine('mysql://mysql:pw@localhost/6470') c = e.connect() com1 = "SELECT * FROM `users` WHERE `username` = '" + params["username"] + "'" b = c.execute(com1).fetchall() if not len(b) > 0: com2 = "INSERT INTO `6470`.`users` (`username` ,`password` ,`website` ,`key`) VALUES ('" com2 += params["username"] + "', MD5( '" + params["password"] + "'), '', NULL);" a = c.execute(com2) c.close() return simplejson.dumps("Success!") #login user and send them to home page c.close() return simplejson.dumps("This username is not available.") @cherrypy.expose def checkUsername(self, username): cherrypy.response.headers['Content-Type'] = 'application/json' e = sqlalchemy.create_engine('mysql://mysql:pw@localhost/6470') c = e.connect() command = "SELECT * FROM `users` WHERE `username` = '" + username + "'" a = c.execute(command).fetchall(); c.close() sys.stdout.write(str(a)) return simplejson.dumps("") I can't see any differences between the two so I don't know why the GET request is giving me a problem. Any insight into what I might be doing wrong would be helpful. If you have ideas about the jQuery, CherryPy, config files, anything, I'd really appreciate it.

    Read the article

  • lightweight/portable VCS for server-hopping DBA?

    - by Aaron
    I'm looking for a VCS that'll help me keep all of my work scripts in-sync. Requirements: Portable (as in flash drive, not code-level) Run on Windows XP and Server 2003+ No installation dependencies (Cygwin, perl, Python) I use Mercurial on my work machine for version control of the various T-SQL, ksh, perl, and CMD/BAT scripts that I maintain as a MS SQL Server DBA and Unix sysadmin. So far, hg has worked for my AIX boxes- I mount my home directory as I login, and deal with the repo as if it were local. I haven't been able to find a similar solution for the Windows machines I use. Most of them I do not have Local Admin rights; even if I did, I'd rather not install (and maintain) Python + Mercurial on all of them. I can't get to my home directory on them remotely, which leaves a client running on each machine as the only option. Bonus points for an answer that would let me use a single repo for both the Windows and Unix machines. :) I'm running WinXP, with heavy use of Cygwin and a CrunchBang VM.

    Read the article

  • Best way to make a WYSIWYG in Flex?

    - by hngry4powr
    Hello, I have a client that wants a WYSIWYG form that behaves like MS word. It will have some section labels in it, with users expected to enter notes for each section, and it needs a place holder for a chart. The trick is that the user needs to know where page breaks are going to fall when printed. The customer agrees to fixed size paper with fixed sized margins. How should I approach this challenge? Thank you very much for your suggestions. Here is an example: Section 1: Explain Idea Here { As user types in this section, the space between this section and the next section expands, but I as the user can't delete the lines that say Section 1 or 2, or the place holder for the chart. However if I type a lot of text, I need to display where the page breaks are with a dashed line or something, so the user can make sure the content enters appears on the desired page. If I type a lot here for example, section 2 will get pushed onto the next page} Section 2: State why this is a Good Idea [ PLACE HOLDER FOR CHART . . . ] Section 3: Additional Remarks:

    Read the article

  • How can I prevent the "... has stopped working" window on my Server 2008 R2 dev box?

    - by serialhobbyist
    I'm using a Windows Server 2008 x64 R2 machine as a development box. Amongst many other things I've got Visual Studio 2008 SP1 installed on it. When I'm working on a project, I sometimes need to use Debug Start without Debugging (Ctrl + F5). If the program throws an exception, I get a new R2-style window appear. I'm pretty sure I didn't see this on my XP box - this is the first time I've developed directly on a server. Is there any way to avoid this - it's really beginning to bug me? E.g. my current project is accessing a WCF service - I'm using Ctrl+F5 to start a console program client. I run it and get the window. The title is the name of the project I've just started and it contains: [insert-project-name-here] has stopped working Windows can check online for a solution to the problem. --> Check online for a solution and close the program --> Close the program --> Debug the program V View problem details. Clicking on "Close the program" will actually close the window and the exception message appears in the console, which is what I want (but without the extra window-faffing). How can I avoid this annoyance?

    Read the article

  • ActiveX won't run from server

    - by user1709555
    I have a MFC activeX that runs fine from disk but when I put it on a server I get errors. Client: WIN7 machine Server: Ubunto running apache The HTML and the errors are below, please advice. 10xs, Nahum HTML: <html> <HEAD> <TITLE>myFirstOCX.CAB</TITLE> <script type="text/javascript" FOR="window"> function fn() { try{ document.all('Ctrl1').AboutBox();//error: Undifiend : object doesn't have AboutBox() method //OR var obj = new ActiveXObject ("activex.activexCtrl"); obj.AboutBox ();//error: Undifiend : Automation server can't create object } catch (ex) { alert("Error: " + ex.Description + " : " + ex.message); } } </script> </HEAD> <body bgcolor=lightblue > <TABLE BORDER> <TR> <TD><OBJECT CLASSID="CLSID:E228C560-FA68-48E6-850F-B1167515C920" CODEBASE=".\nsip.CAB#version=1,0,0,1" ID="Ctrl1" name="Ctrl1"> </OBJECT> </TD> </TR> <TR> <TD ALIGN="CENTER"> <INPUT TYPE=BUTTON VALUE="Click Me" onclick="fn()" > </TD> </TR> </TABLE> <INPUT TYPE=TEXT ID="ConnectionString" VALUE="" > </body> </html>

    Read the article

  • Is it possible to spoof or reuse VIEWSTATE or detect if it is protected from modification?

    - by Peter Jaric
    Question ASP and ASP.NET web applications use a value called VIEWSTATE in forms. From what I understand, this is used to persist some kind of state on the client between requests to the web server. I have never worked with ASP or ASP.NET and need some help with two questions (and some sub-questions): 1) Is it possible to programmatically spoof/construct a VIEWSTATE for a form? Clarification: can a program look at a form and from that construct the contents of the base64-encoded VIEWSTATE value? 1 a) Or can it always just be left out? 1 b) Can an old VIEWSTATE for a particular form be reused in a later invocation of the same form, or would it just be luck if that worked? 2) I gather from http://msdn.microsoft.com/en-us/library/ms972976.aspx#viewstate_topic12 that it is possible to turn on security so that the VIEWSTATE becomes secure from spoofing. Is it possible for a program to detect that a VIEWSTATE is safeguarded in such a way? 2 a) Is there a one-to-one mapping between the occurrence of EVENTVALIDATION values and secure VIEWSTATEs? Regarding 1) and 2), if yes, can I have a hint about how I would do that? For 2) I am thinking I could base64-decode the value and search for a string that always is found in unencrypted VIEWSTATEs. "First:"? Something else? Background I have made a small tool for detecting and exploiting so called CSRF vulnerabilities. I use it to quickly make proof of concepts of such vulnerabilities that I send to the affected site owners. Quite often I encounter these forms with a VIEWSTATE, and these I don't know if they are secure or not. Edit 1: Clarified question 1 somewhat. Edit 2: Added text in italics.

    Read the article

  • How to best launch C++ application from web page

    - by JB
    I guess there are two parts to this question, one technical and one best practice for security and doing things "right". I'm working on a little game using C++ / directx but I would like to be able to launch it from a web page by someone clicking on a link on that page. Ideally I would like the first time they clicked for it to launch an installer downloads and installs the game on their machine, and then the next time to launch an application which updates the game from a web site if it's old and then launches it. I have no problems with the expected security popups and questions the first time it runs. I want people to be certain what they are installing and understand what they are doing. But it would be nice if once it is installed they could run it with the minimum of fuss. My question then is what technologies I could use to do this? I'm thinking that it would need a browser plugin and an activex control so that first time you'd install that, and subsequently the control/plugin would be able to launch the game. I'm not sure that under newer browser secuity models that a plugin would have the permissions to be able to run an installer though or silently invoke applications on the client machine even if they are already installed. Is there a more sensible way to achive what I want to achieve? And I'm worried about the security aspects too. I want this to be convenient for users but I of course want to do it "right". I know this can be done as I've seen several mmorpg type games that launch in this way from the browser now but it's not entirely clear to me how they've done it.

    Read the article

  • Using javascript and php together

    - by EmmyS
    I have a PHP form that needs some very simple validation on submit. I'd rather do the validation client-side, as there's quite a bit of server-side validation that happens to deal with writing form values to a database. So I just want to call a javascript function onsubmit to compare values in two password fields. This is what I've got: function validate(form){ var password = form.password.value; var password2 = form.password2.value; alert("password:"+password+" password2:" + password2); if (password != password2) { alert("not equal"); document.getElementByID("passwordError").style.display="inline"; return false; } alert("equal"); return true; } The idea being that a default-hidden div containing an error message would be displayed if the two passwords don't match. The alerts are just to display the values of password and password2, and then again to indicate whether they match or not (will not be used in production code). I'm using an input type=submit button, and calling the function in the form tag: <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" onsubmit="return validate(this);"> Everything is alerting as expected when entering non-matching values. I would have hoped (and assumed, based on past use) that if the function returned false, the actual submit would not occur. And yet, it is. I'm testing by entering non-matching values in the password fields, and the alerts clearly show me the values and the not equal result, but the actual form action is still occurring and it's trying to write to my database. I'm pretty new at PHP; is there something about it that will not let me combine with javascript this way? Would it be better to use an input type=button and include submit() in the function itself if it returns true?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 746 747 748 749 750 751 752 753 754 755 756 757  | Next Page >