Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 762/886 | < Previous Page | 758 759 760 761 762 763 764 765 766 767 768 769  | Next Page >

• What are the worst examples of moral failure in the history of software engineering?

  - by Amanda S

  Many computer science curricula include a class or at least a lecture on disasters caused by software bugs, such as the Therac-25 incidents or Ariane 5 Flight 501. Indeed, Wikipedia has a list of software bugs with serious consequences, and a question on StackOverflow addresses some of them too. We study the failures of the past so that we don't repeat them, and I believe that rather than ignoring them or excusing them, it's important to look at these failures squarely and remind ourselves exactly how the mistakes made by people in our profession cost real money and real lives. By studying failures caused by uncaught bugs and bad process, we learn certain lessons about rigorous testing and accountability, and we make sure that our innocent mistakes are caught before they cause major problems. There are kinds of less innocent failure in software engineering, however, and I think it's just as important to study the serious consequences caused by programmers motivated by malice, greed, or just plain amorality. Thus we can learn about the ethical questions that arise in our profession, and how to respond when we are faced with them ourselves. Unfortunately, it's much harder to find lists of these failures--the only one I can come up with is that apocryphal "DOS ain't done 'til Lotus won't run" story. What are the worst examples of moral failure in the history of software engineering?

  Read the article

• PHP image watermark only displaying image on page

  - by Satch3000

  I am testing a script where I watermark an image in my webpage. The script works fine and the image is watermark but my problem is that only the image is displayed on the page. As soon as I add the script to my page it's like the web page is converted to the image that I'm watermarking. I think it's because of header("content-type: image/jpeg"); from the code. I need to watermark the image on my webpage but I also need the rest of my webpage to be displayed too. How is this done? I'm quite confused on how this works. The script I'm using is from here Here's the code I'm using: <?php $main_img = "Porsche_911_996_Carrera_4S.jpg"; // main big photo / picture $watermark_img = "watermark.gif"; // use GIF or PNG, JPEG has no tranparency support $padding = 3; // distance to border in pixels for watermark image $opacity = 100; // image opacity for transparent watermark $watermark = imagecreatefromgif($watermark_img); // create watermark $image = imagecreatefromjpeg($main_img); // create main graphic if(!$image || !$watermark) die("Error: main image or watermark could not be loaded!"); $watermark_size = getimagesize($watermark_img); $watermark_width = $watermark_size[0]; $watermark_height = $watermark_size[1]; $image_size = getimagesize($main_img); $dest_x = $image_size[0] - $watermark_width - $padding; $dest_y = $image_size[1] - $watermark_height - $padding; // copy watermark on main image imagecopymerge($image, $watermark, $dest_x, $dest_y, 0, 0, $watermark_width, $watermark_height, $opacity); // print image to screen header("content-type: image/jpeg"); imagejpeg($image); imagedestroy($image); imagedestroy($watermark); ?> NOTE: I'm getting the image path from the database so I cannot hardcode the image filename as it's dynamic.

  Read the article

• Sometimes can rename, remove a folder; sometimes cannot

  - by Vy Clarks

  In my website project. I need to rename or remove some folder by code. Sometimes I can do all of that, but sometimes I cannot with error: Access to the path is denied Try to find to solution on Google. May be, there are two reason: The permisstion of that Folder Some subFolder or some file in that Folder that's being held open. Try to check: Right click on Folder- Properties-- Security: if this is the right way to check the permission, the Folder allowes every action (read, write....) There are no file, no subfolder of that Folder is opened. Why? I still dont understant why sometimes I can rename folder but sometimes I cannot. Help!! I need your opinions!!! UPDATE: take a look at my code above: I want to rename the a folder with the new name inputed in a Textbox txtFilenFolderName: protected void btnUpdate_Click(object sender, EventArgs e) { string[] values = EditValue; string oldpath = values[0];// = "D:\\C#Projects\\website\\Lecturer\\giangvien\\New folder" string oldName = values[2]; //= New Folder string newName = txtFilenFolderName.Text; //= New Folder1 string newPath = string.Empty; if (oldName != newName) { newPath = oldpath.Replace(oldName, newName); Directory.Move(oldpath, newPath); } else lblmessage2.Text = "New name must not be the same as the old "; } } Try to debug: oldpath = "D:\\C#Projects\\website\\Lecturer\\giangvien\\New folder" oldName = New Folder newName= New Folder1 newpath = "D:\\C#Projects\\website\\Lecturer\\giangvien\\New folder1" Everything seems right, but I when I click on buton Edit --- rename--- Update--- an error occur: Access to the path is denied D:\\C#Projects\\website\\Lecturer\\giangvien\\New folder Help!

  Read the article

• document.write Not working when loading external Javascript source

  - by jadent

  I'm trying to load an external JavaScript file dynamically into an HTML element to preview an ad tag. The script loads and executes but the script contains "document.write" which has an issue executing properly but there are no errors. <html> <head> <script src="//ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js"></script> <script type="text/javascript"> $(function() { source = 'http://ib.adnxs.com/ttj?id=555281'; // DOM Insert Approach // ----------------------------------- var script = document.createElement('script'); script.setAttribute('type', 'text/javascript'); script.setAttribute('src', source); document.body.appendChild(script); }); </script> </head> <body> </body> </html> I can get it to work if If i move the the source to the same domain for testing If the script was modified to use document.createElement and appendChild instead of document.write like the code above. I don't have the ability to modify the script since it being generated and hosted by a 3rd party. Does anyone know why the document.write will not work correctly? And is there a way to get around this? Thanks for the help!

  Read the article

• PostgreSQL, Foreign Keys, Insert speed & Django

  - by Miles

  A few days ago, I ran into an unexpected performance problem with a pretty standard Django setup. For an upcoming feature, we have to regenerate a table hourly, containing about 100k rows of data, 9M on the disk, 10M indexes according to pgAdmin. The problem is that inserting them by whatever method literally takes ages, up to 3 minutes of 100% disk busy time. That's not something you want on a production site. It doesn't matter if the inserts were in a transaction, issued via plain insert, multi-row insert, COPY FROM or even INSERT INTO t1 SELECT * FROM t2. After noticing this isn't Django's fault, I followed a trial and error route, and hey, the problem disappeared after dropping all foreign keys! Instead of 3 minutes, the INSERT INTO SELECT FROM took less than a second to execute, which isn't too surprising for a table <= 20M on the disk. What is weird is that PostgreSQL manages to slow down inserts by 180x just by using 3 foreign keys. Oh, disk activity was pure writing, as everything is cached in RAM; only writes go to the disks. It looks like PostgreSQL is working very hard to touch every row in the referred tables, as 3MB/sec * 180s is way more data than the 20MB this new table takes on disk. No WAL for the 180s case, I was testing in psql directly, in Django, add ~50% overhead for WAL logging. Tried @commit_on_success, same slowness, I had even implemented multi row insert and COPY FROM with psycopg2. That's another weird thing, how can 10M worth of inserts generate 10x 16M log segments? Table layout: id serial primary, a bunch of int32, 3 foreign keys to small table, 198 rows, 16k on disk large table, 1.2M rows, 59 data + 89 index MB on disk large table, 2.2M rows, 198 + 210MB So, am I doomed to either drop the foreign keys manually or use the table in a very un-Django way by defining saving bla_id x3 and skip using models.ForeignKey? I'd love to hear about some magical antidote / pg setting to fix this.

  Read the article

• C# connect to domain SQL Server 2005 from non-domain machine

  - by user304582

  Hi, I asked a question a few days ago (http://stackoverflow.com/questions/2795723/access-to-sql-server-2005-from-a-non-domain-machine-using-windows-authentication) which got some interesting, but not usable suggestions. I'd like to ask the question again, but make clear what my constraints are: I have a Windows domain within which a machine is running SQL Server 2005 and which is configured to support only Windows authentication. I would like to run a C# client application on a machine on the same network, but which is NOT on the domain, and access a database on the SQL Server 2005 instance. I CANNOT create or modify OS or SQL Server users on either machine, and I CANNOT make any changes to permissions or impersonation, and I CANNOT make use of runas. I know that I can write Perl and Java applications that can connect to the SQL Server database using only these four parameters: server name, database name, username (in the form domain\user), and password. In C# I have tried various things around: string connectionString = "Data Source=server;Initial Catalog=database;User Id=domain\user;Password=password"; SqlConnection connection = new SqlConnection(connectionString); connection.Open(); and tried setting integrated security to true and false, but nothing seems to work. Is what I am trying to do simply impossible in C#? Thanks for any help, Martin

  Read the article

• Admob banner not getting remove from superview

  - by Gamer

  I am developing one 2d game using cocos2d framework, in this game i am using admob for advertising, in some classes not in all classes but admob banner is visible in every class and after some time game getting crash also. I am not getting how admob banner is comes in every class in fact i have not declare in Rootviewcontroller class. can any one suggest me how to integrate Admob in cocos2d game, i want Admob banner in particular classes not in every class, I am using latest google admob sdk, my code is below: Thanks in advance ` -(void)AdMob{ NSLog(@"ADMOB"); CGSize winSize = [[CCDirector sharedDirector]winSize]; // Create a view of the standard size at the bottom of the screen. if (UI_USER_INTERFACE_IDIOM() == UIUserInterfaceIdiomPad){ bannerView_ = [[GADBannerView alloc] initWithFrame:CGRectMake(size.width/2-364, size.height - GAD_SIZE_728x90.height, GAD_SIZE_728x90.width, GAD_SIZE_728x90.height)]; } else { // It's an iPhone bannerView_ = [[GADBannerView alloc] initWithFrame:CGRectMake(size.width/2-160, size.height - GAD_SIZE_320x50.height, GAD_SIZE_320x50.width, GAD_SIZE_320x50.height)]; } if (UI_USER_INTERFACE_IDIOM() == UIUserInterfaceIdiomPad) { bannerView_.adUnitID =@"a15062384653c9e"; } else { bannerView_.adUnitID =@"a15062392a0aa0a"; } bannerView_.rootViewController = self; [[[CCDirector sharedDirector]openGLView]addSubview:bannerView_]; [bannerView_ loadRequest:[GADRequest request]]; GADRequest *request = [[GADRequest alloc] init]; request.testing = [NSArray arrayWithObjects: GAD_SIMULATOR_ID, nil]; // Simulator [bannerView_ loadRequest:request]; } //best practice for removing the barnnerView_ -(void)removeSubviews{ NSArray* subviews = [[CCDirector sharedDirector]openGLView].subviews; for (id SUB in subviews){ [(UIView*)SUB removeFromSuperview]; [SUB release]; } NSLog(@"remove from view"); } //this makes the refreshTimer count -(void)targetMethod:(NSTimer *)theTimer{ //INCREASE OF THE TIMER AND SECONDS elapsedTime++; seconds++; //INCREASE OF THE MINUTOS EACH 60 SECONDS if (seconds>=60) { seconds=0; minutes++; [self removeSubviews]; [self AdMob]; } NSLog(@"TIME: %02d:%02d", minutes, seconds); } `

  Read the article

• How to get application context path in spring-ws?

  - by Dhaliwal

  I am using Spring-WS to create a webservice. In my project, I have created a Helper class to reads sample response and request xml file which are located in my /src/main/resource folder. When I am unit-testing my webservice application 'locally', I use the System.getProperty("user.dir") to get the application context folder. The following is a method that I created in the Helper class to help me retrieve the file that I am interested in my resource folder. public static File getFileFromResources(String filename) { System.out.println("Getting file from resource folder"); File request = null; String curDir = System.getProperty("user.dir"); String contextpath = "C:\\src\\main\\resources\\"; request = new File(curDir + contextpath + filename); return request; } However, after 'publishing' the compiled WAR file to the ../webapps folder to the Apache Tomcat directory, I realise that System.getProperty("user.dir") no longer returns my application context path. Instead, it is returning the Apache Tomcat root directory as shown C:\Program Files\Apache Software Foundation\Tomcat 6.0\src\main\resources\SampleClientFile I cant seem to find any information about getting the root folder of my webservice. I have seen examples on Spring web application where I can retrieve the context path by using the following : request.getSession().getServletContext().getContextPath() But in this case, I am using a Spring web application where there is a servlet context in the request. But the Spring-WS, my entry point is an endpoint. How can I get the context path of my webservice application. I am expecting a context path of something like C:\Program Files\Apache Software Foundation\Tomcat 6.0\webapps\clientWebService\WEB-INF\classes Could someone suggest a way to achieve this?

  Read the article

• Opaque tenant identification with SQL Server & NHibernate

  - by Anton Gogolev

  Howdy! We're developing a nowadays-fashionable multi-tenanted SaaS app (shared database, shared schema), and there's one thing I don't like about it: public class Domain : BusinessObject { public virtual long TenantID { get; set; } public virtual string Name { get; set; } } The TenantID is driving me nuts, as it has to be accounted for almost everywhere, and it's a hassle from security standpoint: what happens if a malicious API user changes TenantID to some other value and will mix things up. What I want to do is to get rid of this TenantID in our domain objects altogether, and to have either NHibernate or SQL Server deal with it. From what I've already read on the Internets, this can be done with CONTEXT_INFO (here's a NHibernatebased implementation), NHibernate filters, SQL Views and with combination thereof. Now, my requirements are as follows: Remove any mentions of TenantID from domain objects ...but have SQL Server insert it where appropriate (I guess this is achieved with default constraints) ...and obviously provide support for filtering based on this criteria, so that customers will never see each other's data If possible, avoid SQL Server views. Have a solution which plays nicely with NHibernate, SQL Servers' MARS and general nature of SaaS apps being highly concurrent What are your thoughts on that?

  Read the article

• Associate File Extension with Application

  - by fneep

  I've written a program that edits a specific filetype , and I want to give the user the option to set my application as the default editor for this filetype (since I don't want an installer) on startup. I've tried to write a re-useable method that associates a file for me (preferably on any OS, although I'm running Vista) by adding a key to HKEY_CLASSES_ROOT, and am using it with my application, but it doesn't seem to work. public static void SetAssociation(string Extension, string KeyName, string OpenWith, string FileDescription) { RegistryKey BaseKey; RegistryKey OpenMethod; RegistryKey Shell; RegistryKey CurrentUser; BaseKey = Registry.ClassesRoot.CreateSubKey(Extension); BaseKey.SetValue("", KeyName); OpenMethod = Registry.ClassesRoot.CreateSubKey(KeyName); OpenMethod.SetValue("", FileDescription); OpenMethod.CreateSubKey("DefaultIcon").SetValue("", "\"" + OpenWith + "\",0"); Shell = OpenMethod.CreateSubKey("Shell"); Shell.CreateSubKey("edit").CreateSubKey("command").SetValue("", "\"" + OpenWith + "\"" + " \"%1\""); Shell.CreateSubKey("open").CreateSubKey("command").SetValue("", "\"" + OpenWith + "\"" + " \"%1\""); BaseKey.Close(); OpenMethod.Close(); Shell.Close(); CurrentUser = Registry.CurrentUser.CreateSubKey(@"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ucs"); CurrentUser = CurrentUser.OpenSubKey("UserChoice", RegistryKeyPermissionCheck.ReadWriteSubTree, System.Security.AccessControl.RegistryRights.FullControl); CurrentUser.SetValue("Progid", KeyName, RegistryValueKind.String); CurrentUser.Close(); }

  Read the article

• Working with Decimal fields in SSIS

  - by CoffeeAddict

  I'm using SQL Server 2008 w/SP2. I've got an incoming decimal(9,2) field incoming through my OLE DB transformation to my recordset destination transformation. It's like it's reading it as something other than a decimal? I don't know..I'm not an SSIS guru. So continuing on...the problem I have starts here with me trying to stuff the value into a variable for this decimal field. In a foreach loop, I have a variable to represent this decimal field so I can work with it. The first problem that I believe is pretty well known is SSIS variables do not have a decimal type. And from my own testing and what I've read out there, people are using type object for the variable to make SSIS "happy" with decimal values? It makes mine happy. But, then in my foreach loop, I have a for loop. And inside that I'm using an E*xecute SQL Task transformation*. In it, I need to create a parameter mapping to my variable so I can work with that decimal field in my T-SQL call in here. So now I see a type decimal for the parameter and use it and set that to point to my variable. When I run SSIS and it hits my SQL call, I get this in my output window.: The type is not supported.DBTYPE_DECIMAL So I am hitting a wall here. All I wanna do is work with a decimal!!!

  Read the article

• JPA joined column allow every value...

  - by Fabio Beoni

  I'm testing JPA, in a simple case File/FileVersions tables (Master/Details), with OneToMany relation, I have this problem: in FileVersions table, the field "file_id" (responsable for the relation with File table) accepts every values, not only values from File table. How can I use the JPA mapping to limit the input in FileVersion.file_id only for values existing in File.id? My class are File and FileVersion: FILE CLASS @Id @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name="FILE_ID") private Long id; @Column(name="NAME", nullable = false, length = 30) private String name; //RELATIONS ------------------------------------------- @OneToMany(mappedBy="file", fetch=FetchType.EAGER) private Collection <FileVersion> fileVersionsList; //----------------------------------------------------- FILEVERSION CLASS @Id @GeneratedValue(strategy = GenerationType.IDENTITY) @Column(name="VERSION_ID") private Long id; @Column(name="FILENAME", nullable = false, length = 255) private String fileName; @Column(name="NOTES", nullable = false, length = 200) private String notes; //RELATIONS ------------------------------------------- @ManyToOne(fetch=FetchType.EAGER) @JoinColumn(name="FILE_ID", referencedColumnName="FILE_ID", nullable=false) private File file; //----------------------------------------------------- and this is the FILEVERSION TABLE CREATE TABLE `JPA-Support`.`FILEVERSION` ( `VERSION_ID` bigint(20) NOT NULL AUTO_INCREMENT, `FILENAME` varchar(255) NOT NULL, `NOTES` varchar(200) NOT NULL, `FILE_ID` bigint(20) NOT NULL, PRIMARY KEY (`VERSION_ID`), KEY `FK_FILEVERSION_FILE_ID` (`FILE_ID`) ) ENGINE=MyISAM AUTO_INCREMENT=4 DEFAULT CHARSET=latin1

  Read the article

• Debugging a Google Web Toolkit application that has an error when deployed on Google App Engine

  - by gerdemb

  I have a Google Web Toolkit application that I am deploying to Google App Engine. In the deployed application, I am getting a JavaScript error Uncaught TypeError: Cannot read property 'f' of null. This sounds like the JavaScript equivalent of a Java NullPointerException. The problem is that the GWT JavaScript is obfuscated, so it's impossible to debug in the browser and I can't reproduce the same problem in hosted mode where I could use the Java debugger. I think the reason I'm only seeing the error on the deployed application is that the database I'm using on the GAE server is triggering something differently than the test database I'm using during testing and development. So, any ideas about the best way to proceed? I've thought of the following things: Deploy a non-obsfucated version of my application. Despite a lot of Googling, I can't figure out how to do this using the automatic deploy script provided with the Google Eclipse Plugin. Does anyone know? Download and copy my GAE data to the local server Somehow point my development code to use the GAE server for data instead of the local test database. This seems like the best idea... Can anyone suggest how to proceed here? Finally, is there a way to catch these JavaScript errors on the production server and log them somewhere? Without logging, I won't have anyway to know if my users are having errors that don't occur on the server. The GWT.log() function is automatically stripped out of the production code...

  Read the article

• JUnit confusion: use 'extend Testcase' or '@Test' ?

  - by Rabarberski

  I've found the proper use (or at least the documentation) of JUnit very confusing. This question serves both as a future reference and as a real question. If I've understood correctly, there are two main approaches to create and run a JUnit test: Approach A: create a class that extends TestCase, and start test methods with the word test. When running the class as a JUnit Test (in Eclipse), all methods starting with the word test are automatically run. import junit.framework.TestCase; public class DummyTestA extends TestCase { public void testSum() { int a = 5; int b = 10; int result = a + b; assertEquals(15, result); } } Approach B: create a 'normal' class and prepend a @Test annotation to the method. Note that you do NOT have to start the method with the word test. import org.junit.*; import static org.junit.Assert.*; public class DummyTestB { @Test public void Sum() { int a = 5; int b = 10; int result = a + b; assertEquals(15, result); } } Mixing the two seems not to be a good idea, see e.g. this stackoverflow question: Now, my questions(s): What is the preferred approach, or when would you use one instead of the other? Approach B allows for testing for exceptions by extending the @Test annotation like in @Test(expected = ArithmeticException.class). But how do you test for exceptions when using approach A? When using approach A, you can group a number of test classes in a test suite. TestSuite suite = new TestSuite("All tests");<br/> suite.addTestSuite(DummyTestA.class); suite.addTestSuite(DummyTestAbis.class);` But this can't be used with approach B (since each testclass should subclass TestCase). What is the proper way to group tests for approach B?

  Read the article

• division with wrong result

  - by PeterK

  Hi, I am trying to divide integers but get 0 as result. I just do not understand what i am doing wrong. I am using only int's in this example but get the same result testing with float or double. The code i use is: int wrongAnswers = askedQuestions - playerResult; int percentCorrect = (playerResult / askedQuestions) * 100; int percentWrong = (wrongAnswers / askedQuestions) * 100; NSLog(@"askedQuestions: %i", askedQuestions); NSLog(@"playerResult: %i", playerResult); NSLog(@"wrongAnswers: %i", wrongAnswers); NSLog(@"percentCorrect: %i", percentCorrect); NSLog(@"percentWrong: %i", percentWrong); NSLog(@"calc: %i", (wrongAnswers + playerResult)); NSLog(@"wrong answers %: %i %%", ((wrongAnswers / askedQuestions) * 100)); The result i get is: 2011-01-09 16:45:53.411 XX[8296:207] askedQuestions: 5 2011-01-09 16:45:53.412 XX[8296:207] playerResult: 2 2011-01-09 16:45:53.412 XX[8296:207] wrongAnswers: 3 2011-01-09 16:45:53.413 XX[8296:207] percentCorrect: 0 % 2011-01-09 16:45:53.414 XX[8296:207] percentWrong: 0 % 2011-01-09 16:45:53.414 XX[8296:207] calc: 5 2011-01-09 16:45:53.415 XX[8296:207] wrong answers : 0 % I would very much appreciate help :-)

  Read the article

• With the advent of HTML 5, is there a point in using COMET anymore?

  - by h2g2java

  I am very tempted to use long wait http or periodic polling by the client to set up pseudo-sockets on the browser side, for an application that would be used publicly. But then on the 2nd thought, I am thinking HTML 5 is here. But on the 3rd thought, what is the percentage of browsers out there that remain non-HTML5 within 12 months, 24 months, 36 months? If there are at least 20% of browsers still incapable of HTML5, then I cannot depend on HTML5 because 20% of users not being able to access an application is a significant amount. What do you think, how would your advice be (to me and to developers in general)? Q1. Is there any point in rigging in COMET into an application anymore? I am thinking of gwt comet - http://code.google.com/p/gwt-comet/. Q2. Should we release a new public application within the next 2 months that is dependent on HTML5 sockets and tell non-HTML5 browser users "sorry, your browser version cannot access this application"? Or should we architect the apps to use communication like GWT RPC? Q3. I am also very distrustful of long wait http request. I have never used it before but I have a horrible feeling about it. I have been using 10 to 20 second client-side polling. Is long wait http request risky (risk of hanging a browser session)? Does long wait request present any additional security risk?

  Read the article

• What is the best method for updating all changed data in EF 4?

  - by Soul_Master

  I try to create some method that can update any changed data from changed Data object (this object is generated by ASP.NET MVC) to old Data object (this object is retrieved from current data in DBMS) like the following code. public static bool UpdateSomeData(SomeEntities context, SomeModelType changedData) { var oldData = GetSomeModelTypeById(context, changedData.ID); UpdateModel(oldData, changedData); return context.SaveChanges() > 0; } I try to create method for saving any changed data without affects other unchanged data like the following source code. public static void UpdateModel<TModel>(TModel oldData, TModel changedData) { foreach (var pi in typeof(TModel).GetProperties() .Where ( // Ignore Change ID property for security reason x => x.Name.ToUpper() != "ID" && x.CanRead && x.CanWrite && ( // It must be primitive type or Guid x.PropertyType.FullName.StartsWith("System") && !x.PropertyType.FullName.StartsWith("System.Collection") && !x.PropertyType.FullName.StartsWith("System.Data.Entity.DynamicProxies") ) ) { var oldValue = pi.GetValue(oldData, null); var newValue = pi.GetValue(changedData, null); if (!oldValue.Equals(newValue)) { pi.SetValue(oldData, newValue, null); } } } I am not sure about the above method because it is so ugly method for updating data. From recent bug, it realizes me that if you update some property like Navigation Properties (related data from other table), it will remove current record from database. I don't understand why it happened. But it is very dangerous for me. So, do you have any idea for this question to ensure me about updating data from ASP.NET MVC? Thanks,

  Read the article

• Could my forms be hacked.

  - by Mike Sandman

  Hi there, I posted a question yesterday, which I intend to get back to today however I wrote some JavaScript as a first line of prevention against XSS. However when testing this on my live server I catch some invalid input as the javascript catches the php section. My form uses post and php isn't in my form items (i haven't typed it in). Could this be picking up the form action or something? I'm baffeled, Any ideas Here is my code, it is triggered on the submit button. function validateForBadNess(){ var theShit = new Array("*","^", "$", "(",")","{", "}","[", "]","\", "|", "'","/","?",",","=","","gt","lt", "<","script","`","´","php"); var tagName = new Array(); tagName[0] = "input"; tagName[1] = "select"; tagName[2] = "textbox"; tagName[3] = "textarea"; for (ms=0;ms // loop through the elements of the form var formItems = document.getElementsByTagName(tagName[ms]); for (var xs=0;xs var thisString = formItems[xs].value; // loop through bad array for (zs in theShit){ //alert(thisString + " " + thisString.indexOf(theShit[zs])) if(thisString.indexOf(theShit[zs]) >= 0){ alert("Sorry but the following character: " + theShit[zs] + " is not permitted. Please omit it from your input.\nIf this is part of your password please contact us to heave your password reset.") return false; } } // loop for formitems } // tagName toop } // original condition }

  Read the article

• code to ping websites works sometimes ...

  - by trustfundbaby

  I'm testing out a piece of code to ping a bunch of websites I own on a regular basis, to make sure they're up. I'm using rails and so far I have this hideous test action that I'm using to try it out (see below). The problem though, is that sometimes it works, and other times it won't ... sometimes it runs through the code just fine, other times, it seems to completely ignore the begin/rescue block ... a. I need help figuring out what the problem is b. And refactoring this to make it look respectable. Your help is much appreciated. require 'net/http' require 'uri' def ping @sites = NewsSource.all @sites.each do |site| if site.uri and !site.uri.empty? uri = URI.parse(site.uri) response = nil path = uri.path.blank? ? '/' : uri.path path = uri.query.blank? ? path : "#{path}?#{uri.query}" begin Net::HTTP.start(uri.host, uri.port) {|http| http.open_timeout = 30 http.read_timeout = 30 response = http.head(path) } if response.code.eql?('200') or response.code.eql?('301') or response.code.eql?('302') site.up = true else site.up = false end site.up_check_msg = response.message site.up_check_code = response.code rescue Errno::EBADF rescue Timeout::Error site.up = false site.up_check_msg = 'timeout' site.up_check_code = '408' end site.up_check_time = 0.seconds.ago site.save end end end

  Read the article

• SharpDevelop WIX project: MSBuild Configurations

  - by chezy525

  Using SharpDevelop, I wrote a windows service with a WIX setup project to install/auto-start it. For testing purposes, I've done a number of things I don't want to do in the release version (i.e. add an uninstall shortcut to the desktop). So, my question really boils down to this; how do you handle build configurations within a WiX project? I think I've solved most of my problems after I found this question Passing build parameters to .wxs file to dynamicaly build wix installers. And thus far I've done the following: Added a property that checks the Configuration variable <Product> ... <Property Id="DEBUG">$(var.Configuration) == 'Debug'</Property> ... Separated all of the debug files into unique components and setup as a separate feature with a condition checking the DEBUG property. <Product> ... <Feature> ... <Feature Id="DebugFiles" Level="1"> <ComponentRef Id="UninstallShortcutComponent" /> <Condition Level="0">DEBUG</Condition> </Feature> ... Then, finally, pointing to the correct file based on the configuration, using the Configuration variable <Directory> ... <Component> <File Source="..\mainProject\bin\$(var.Configuration)\main.exe" /> </Component> ... So, now my question is simplified to how to handle files that may not exist under certain build configurations (like .pdb files). Using all of the above (including pointing the file source to the ...\bin\Release\*.pdb, which I know isn't expected to exist) I get a LGHT0103 compiler error, it can't find the file.

  Read the article

• Converted PowerBuilder to ASP.Net browsing Errors

  - by user493325

  I had a powerbuilder application which i converted to web application in the format of ASP.Net (aspx) files. after deploying and publishing the converted web application (copy it and add ASP.Net and network Service AND IUser permissions to enable users to access it) in IIS V6.0 over Windows server 2003 and The ASP.Net version is 2.0 The error messages I get when I browse default.aspx web page are as the following:- Server Error in '/' Application. Runtime Error Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. Details: To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This tag should then have its "mode" attribute set to "Off". <!-- Web.Config Configuration File --> <configuration> <system.web> <customErrors mode="Off"/> </system.web> </configuration> Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's configuration tag to point to a custom error page URL. <!-- Web.Config Configuration File --> <configuration> <system.web> <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/> </system.web> </configuration> Another error message appears on the server is:- Server Error in '/' Application. Configuration Error <roleManager enabled="true"> <membership> </roleManager> Thanks in Advance...

  Read the article

• ASP.Net MVC, JS injection and System.ArgumentException - Illegal Characters in path

  - by Mose

  Hi, In my ASP.Net MVC application, I use custom error handling. I want to perform custom actions for each error case I meet in my application. So I override Application_Error, get the Server.GetLastError(); and do my business depending on the exception, the current user, the current URL (the application runs on many domains), the user IP, and many others. Obviousely, the application is often the target of hackers. In almost all the case it's not a problem to detect and manage it, but for some JS URL attacks, my error handling does not perform what I want it to do. Ex (from logs) : http://localhost:1809/Scripts/]||!o.support.htmlSerialize&&[1 When I got such an URL, an exception is raised when accessing the ConnectionStrings section in the web.config, and I can't even redirect to another URL. It leads to a "System.ArgumentException - Illegal Characters in path, etc." The screenshot below shows the problem : http://screencast.com/t/Y2I1YWU4 An obvious solution is to write a HTTP module to filter the urls before they reach my application, but I'd like to avoid it because : I like having the whole security being managed in one place (in the Application_Error() method) In the module I cannot access the whole data I have in the application itself (application specific data I don't want to debate here) Questions : Did you meet this problem ? How did you manage it ? Thanks for you suggestions, Mose

  Read the article

• String Length Evaluating Incorrectly

  - by Justin R.

  My coworker and I are debugging an issue in a WCF service he's working on where a string's length isn't being evaluated correctly. He is running this method to unit test a method in his WCF service: // Unit test method public void RemoveAppGroupTest() { string addGroup = "TestGroup"; string status = string.Empty; string message = string.Empty; appActiveDirectoryServicesClient.RemoveAppGroup("AOD", addGroup, ref status, ref message); } // Inside the WCF service [OperationBehavior(Impersonation = ImpersonationOption.Required)] public void RemoveAppGroup(string AppName, string GroupName, ref string Status, ref string Message) { string accessOnDemandDomain = "MyDomain"; RemoveAppGroupFromDomain(AppName, accessOnDemandDomain, GroupName, ref Status, ref Message); } public AppActiveDirectoryDomain(string AppName, string DomainName) { if (string.IsNullOrEmpty(AppName)) { throw new ArgumentNullException("AppName", "You must specify an application name"); } } We tried to step into the .NET source code to see what value string.IsNullOrEmpty was receiving, but the IDE printed this message when we attempted to evaluate the variable: 'Cannot obtain value of local or argument 'value' as it is not available at this instruction pointer, possibly because it has been optimized away.' (None of the projects involved have optimizations enabled). So, we decided to try explicitly setting the value of the variable inside the method itself, immediately before the length check -- but that didn't help. // Lets try this again. public AppActiveDirectoryDomain(string AppName, string DomainName) { // Explicitly set the value for testing purposes. AppName = "AOD"; if (AppName == null) { throw new ArgumentNullException("AppName", "You must specify an application name"); } if (AppName.Length == 0) { // This exception gets thrown, even though it obviously isn't a zero length string. throw new ArgumentNullException("AppName", "You must specify an application name"); } } We're really pulling our hair out on this one. Has anyone else experienced behavior like this? Any tips on debugging it?

  Read the article

• Can I get consistent CSS colors across browsers?

  - by Trevor Burnham

  I'm testing a new site, and I have a div with background-color: #bbf6bb; That seems innocuous enough to me. And yet, on my MacBook Pro, the color looks very different in Firefox 3.6 vs. Safari 4. In Safari, it's the color I'd expect from the hex value: a pale green. In Firefox, there's a definite bluish tint, making the color turquoise. I'm aware of color inconsistencies that result from different treatment of images across browsers, but in pure CSS? Really? I'm guessing that Firefox trying to correct for my display in hopes of delivering better consistency with print, but I'd much rather have my site look the same hue to my users regardless of their choice of browser. Any ideas? Can someone confirm that Firefox is the culprit here? [Update: This seems to have been a fluke. Specifically, it's a narrow issue with Firefox—see my answer below. I'm puzzled, but relieved.]

  Read the article

• (Not So) Silly Objective-C inheritance problem when using property - GCC Bug?

  - by Ben Packard

  Update 2 - Many people are insisting I need to declare an iVar for the property. Some are saying not so, as I am using Modern Runtime (64 bit). I can confirm that I have been successfully using @property without iVars for months now. Therefore, I think the 'correct' answer is an explanation as to why on 64bit I suddenly have to explicitly declare the iVar when (and only when) i'm going to access it from a child class. The only one I've seen so far is a possible GCC bug (thanks Yuji). Not so simple after all... Update - I messed up one line of the original copy and paste - corrected. The @property call was missing (nonatomic, retain) but is a red herring - STILL NEED AN ANSWER! Thanks. I've been scratching my head with this for a couple of hours - I haven't used inheritance much. Here I have set up a simple Test B class that inherits from Test A, where an ivar is declared. But I get the compilation error that the variable is undeclared. This only happens when I add the property and synthesize declarations - works fine without them. TestA Header: #import <Cocoa/Cocoa.h> @interface TestA : NSObject { NSString *testString; } @end TestA Implementation is empty: #import "TestA.h" @implementation TestA @end TestB Header: #import <Cocoa/Cocoa.h> #import "TestA.h" @interface TestB : TestA { } @property (nonatomic, retain) NSString *testProp; @end TestB Implementation (Error - 'testString' is undeclared) #import "TestB.h" @implementation TestB @synthesize testProp; - (void)testing{ NSLog(@"test ivar is %@", testString); } @end

  Read the article

< Previous Page | 758 759 760 761 762 763 764 765 766 767 768 769  | Next Page >