Search Results

Search found 30819 results on 1233 pages for 'software security'.

Page 858/1233 | < Previous Page | 854 855 856 857 858 859 860 861 862 863 864 865  | Next Page >

• is it posible to upload directly to remote server using SFTP on ASP.net MVC

  - by DucDigital

  Hi! I am currently develope something using asp.net MVC, im still quite not experience with it so please help me out. I have a form for user to upload Video. The current ideal concept to upload to remote server is to Upload it to to the current server, then use FTP to push it to a remote server. For me, this is not quite fast since you have to upload to current server (Time x1) and then the current server push to new server (Time x2) so it's double the time. So my idea is to make user upload it to the current server, and WHILE user is uploading, the current server add the file to DB and also send the file to the remote server at the same time using SFTP... is it posible and are there any security hole in this concept? Thank you very much

  Read the article

• Finding the URL of an XMLHttpRequest

  - by hawkettc

  Hi, I've got some code that does an ajax request using jQuery, and handles success and error conditions. On an error, I want to find out what the URL I called was, so I can log it. This information appears to be contained in the XMLHttpRequest.channel, but firefox is complaining about accessing this - Permission denied for <http://localhost:8081> to get property XMLHttpRequest.channel Any ideas how I can determine the URL associated with an XMLHttpRequest? What's the security issue getting hold of this information? Cheers, Colin

  Read the article

• Can I create and connect to a SQL Server CE database if SQL Server 2005 isn't installed?

  - by MusiGenesis

  Is there any way to do this? Update: Sorry, I should have included more information. I am trying to create and connect to a SQL CE database using System.Data.SqlServerCe in C# running on a PC (i.e. not running on a Windows Mobile device). This code: string connstr = "Data Source=\"" + filename + "\";Persist Security Info=False;"; System.Data.SqlServerCe.SqlCeEngine engine = new SqlCeEngine(connstr); engine.CreateDatabase(); ... works fine on any PC that has SQL Server 2005 installed, but fails on any PC that doesn't have it installed. I'm trying to find out if there's any way to get this to work without installed SQL Server 2005 on the machine.

  Read the article

• what's the key different between data management and data governance?

  - by Sid Xing

  i just read some articles about these two theories, and i thought they have the similar goal, but DG is more about process management by follow some best practice. So my 1st question is about the difference between DG & DM. I'm confused. There're so many concepts around data management. Data quality, data security, data governance, data profiling, data integration, master data management, metadata management.... It seems like neither of them is EXACTLY separated, they're together. My 2nd question, or ask for your suggestion to help me better understand the relation between these concepts. Appreciate your help.

  Read the article

• CryptGenRandom to generate asp.net session id

  - by DoDo

  Hi! does anyone have working example of CryptGenrRandom class to generate session id (need to use in my iis module). HCRYPTPROV hCryptProv; BYTE pbData[16]; if(CryptAcquireContext( &hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { if(CryptGenRandom(hCryptProv, 8, pbData)) { std::string s(( const char *) pbData); printf(s.c_str()); } else { MyHandleError("Error during CryptGenRandom."); } } else { MyHandleError("Error during CryptAcquireContext!\n"); } i tried this code but, its not working quite well (i get it from msdn) and this example don't work for me ( http://www.codeproject.com/KB/security/plaintextsessionkey.aspx ) so if anyone know how to generate sessionid using this class plz let me know tnx anyway!

  Read the article

• PHP with SQL Injection

  - by Scott S

  For our first assignment in a System Security class, we have to hack into the professors "cheaply organized" sql database. I know the only user is "admin" and the select statement generated in the php is: select user_id from user where user_username = 'admin' AND user_password = md5('noob') I am having a number of problems attempting to bypass the password part of this statement as the professor has some javascript embedded in the page to sanitize the username and password of any non-alphanumeric values. This can be bypassed by turning off javascript :P but any values sent still get cleaned by the operating system (some build of Debian 32-bit). I've seen the code for the login request and it does not escape any characters. How do I bypass the operating systems escape sequences?

  Read the article

• Storing API keys in Android, is obfustication enough?

  - by fredley

  I'm using the Dropbox API. In the sample app, it includes these lines: // Replace this with your consumer key and secret assigned by Dropbox. // Note that this is a really insecure way to do this, and you shouldn't // ship code which contains your key & secret in such an obvious way. // Obfuscation is good. final static private String CONSUMER_KEY = "PUT_YOUR_CONSUMER_KEY_HERE"; final static private String CONSUMER_SECRET = "PUT_YOUR_CONSUMER_SECRET_HERE"; I'm well aware of the mantra 'Secrecy is not Security', and obfuscation really only slightly increases the amount of effort required to extract the keys. I disagree with their statement 'Obfustication is good'. What should I do to protect the keys then? Is obfustication good enough, or should I consider something more elaborate?

  Read the article

• Where are the best locations to write an error log in Windows?

  - by Keith Sirmons

  Where would you write an error log file, say ErrorLog.txt, in Windows? Keep in mind the path would need to be open to basic users for file write permissions. I know the eventlog is a possible location for writing errors, but does it work for "user" level permissions? EDIT: I am targeting Windows 2003, but I was posing the question in such a way as to have a "General Guideline" for where to write error logs. As for the EventLog, I have had issues before in an ASP.NET application where I wanted to log to the Windows event log, but I had security issues causing me heartache. (I do not recall the issues I had, but remember having them.)

  Read the article

• Should I make sure arguments aren't null before using them in a function.

  - by Nathan W

  The title may not really explain what I'm really trying to get at, couldn't really think of a way to describe what I mean. I was wondering if it is good practice to check the arguments that a function accepts for nulls or empty before using them. I have this function which just wraps some hash creation like so. Public Shared Function GenerateHash(ByVal FilePath As IO.FileInfo) As String If (FilePath Is Nothing) Then Throw New ArgumentNullException("FilePath") End If Dim _sha As New Security.Cryptography.MD5CryptoServiceProvider Dim _Hash = Convert.ToBase64String(_sha.ComputeHash(New IO.FileStream(FilePath.FullName, IO.FileMode.Open, IO.FileAccess.Read))) Return _Hash End Function As you can see I just takes a IO.Fileinfo as an argument, at the start of the function I am checking to make sure that it is not nothing. I'm wondering is this good practice or should I just let it get to the actual hasher and then throw the exception because it is null.? Thanks.

  Read the article

• PHP require/include only works once in script then fails

  - by Colin

  Hi everybody, this isn't a problem as such but it's bugging me and I would appreciate any help. It might be totally obvious but I can't see it. $root_path = $_SERVER['DOCUMENT_ROOT'] require($root_path .'template/header.php') require($root_path .'template/footer.php') The script will include one or the other but not both. It will run and include the header but not the footer, if I swap them round it will load the footer first but not the header. I've tried using include instead of require but get the same result. It gives the error allow_url_include = 0. I know turning this on will solve it but my question is why is it happening? Why will it include one file but not the other? Is there any way to get them to both run without turning allow_url_include on (I'm trying to be security conscious). I have PHP 5.3 and am running WAMP. Thanks in advance for your help!

  Read the article

• Using an IN clause in Vb.net to save something to the database using SQL

  - by Rob

  I have a textbox and a button on a form. I wish to run a query (in Vb.Net) that will produce a query with the IN Values. Below is an example of my code myConnection = New SqlConnection("Data Source=sqldb\;Initial Catalog=Rec;Integrated Security=True") myConnection.Open() myCommand = New SqlCommand("UPDATE dbo.Recordings SET Status = 0 where RecID in ('" & txtRecID.Text & "') ", myConnection) ra = myCommand.ExecuteNonQuery() myConnection.Close() MsgBox("Done!", _ MsgBoxStyle.Information, "Done") When I enter a single value it works but when I enter values with commas it throws an error: "Conversion failed when converting the varchar value '1234,4567' to data type int." Could someone please help me to solve this or if there is an alternative way? Many Thanks

  Read the article

• Data Warehouse: One Database or many?

  - by drrollins

  At my new company, they keep all data associated with the data warehouse, including import, staging, audit, dimension and fact tables, together in the same physical database. I've been a database developer for a number of years now and this consolidation of function and form seems counter to everything I know. It seems to make security, backup/restore and performance management issues more manually intensive. Is this something that is done in the industry? Are there substantial reasons for doing or not doing it? The platform is Netezza. The size is in terabytes, hundreds of millions of rows. What I'm looking to get from answers to this question is a solid understanding of how right or wrong this path is. From your experience, what are the issues I should be focused on arguing if this is a path that will cause trouble for us down the road. If it is no big deal, then I'd like to know that as well.

  Read the article

• What is Visual C++ 2005 Service Pack 1 Redistributable Package for?

  - by Stan

  I am using Poco library and when running my program on other machines which don't have VS2005 installed, I have to install "Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package ATL Security Update", otherwise the the program will give error when launching. What is this redistributable package for? Is there any way to avoid installing this but still let my program running well? Also, there're so many vcredist_x86.exe out there. How can I know which one is necessary or not when getting error? Thanks.

  Read the article

• Firefox window.parent.location

  - by Mustafa Magdy

  I've a Html page index.htm which has an iframe to page search.htm the search.htm has code like this function executeSearch() { window.parent.location = "/SearchResults.aspx?t=" + txt_Search.value; } this code executed now from index.htm page and it works great on IE and Chrome, but not FireFox ... is there any work around ?? I tried window.parent.location.href, window.opener.location, window.parent.document.location ... but nothing of those worked. after searching the web i found some one with similar prob he said that this is a security settings in Firefox ... is this true?? and if so is there any workaround ?

  Read the article

• Execute VBA Macro via C# Interop?

  - by Jon Artus

  Hi all, just wondering if anyone could suggest why I might be getting an error? I'm currently trying to execute a macro in a workbook by calling the Application.Run method that the interop exposes. It's currently throwing the following COM Exception: {System.Runtime.InteropServices.COMException (0x800A03EC): Cannot run the macro Macro1'. The macro may not be available in this workbook or all macros may be disabled. I've put the containing workbook in a trusted location, set all of the security settings to their minimum values, and trusted programmatic access to my object model. I'm entirely out of ideas and Google's failed me so far! Has anyone done this, or can you suggest anything which I could try? Many thanks!

  Read the article

• NoSQL for concurrent reads/writes

  - by Mickael Marrache

  After getting some performance issues for an application using a MySQL database, I'm thinking of using NoSQL solutions. My architecture is as follows: One application receives messages from the network at a high throughput (i.e. 50000 messages/sec). Each message is stored in the DB, so it's important for the write rate to be as fast as the arrival rate. Then, I also have some PHP pages that accesses the DB to get the data stored by the other application. It's important for me that the retrieved data is as relevant as possible (i.e. not old data, let's say not more than 5 seconds old). Also, the data is not critical, so I don't need any security mechanism to avoid losing the data. I see there are a lot of NoSQL solutions, but I don't know if they are all relevant. Could you please provide me some directions. Thanks

  Read the article

• NHibernate Criteria Transform Result

  - by isuruceanu

  Hi I have an SecurityGroup entity witch has Memebers and Application properties. Application is a lookup. So securityGroups is in many-to-many relationship with User table and one-to-many with LookupApplciation (FK) Now I want to select all application linked to a specific user. I have follow criteria: public IList<LookupApplication> GetApplicationByUser(User user) { return this.Session.CreateCriteria(typeof(SecurityGroup), "sg") .CreateAlias("Members", "u") .CreateAlias("Application", "al") .Add(Restrictions.Eq("u.Id", user.Id)) .List<LookupApplication>(); } It trows an exception The value "Edi.Advance.Core.Model.Security.SecurityGroup" is not of type "Edi.Advance.Core.Model.Lookups.LookupApplication" and cannot be used in this generic collection. Parameter name: value and it is right. How can I transform the result to IList<LookupApplication>? Thanks

  Read the article

• How do I download an attachment from an annotation using client-side JScript?

  - by VVander

  I'm trying to provide a link to the attachment of a note through the client-side JScript. The standard MS-made Notes component does this through the following url: [serverurl]/[appname]/Activities/Attachment/download.aspx?AttachmentType=5&AttachmentId={blahblahblah}&IsNotesTabAttachment=1&CRMWRPCToken=blahblahblah&CRMWRPCTokenTimeStamp=blahblahblah The problem is that I don't know how to get the Token or TokenTimeStamp, so I'm receiving an Access Denied error ("form is no longer available, security precaution, etc"). The only other way I can think of doing this is through the OData endpoint, but that would at best get me a base64 string that I still would have translate into a filestream to give to the browser (all of which seems like it would take forever to implement/figure out). I've found a few other posts that describe the same thing, but no one has answered them: http://social.microsoft.com/Forums/en-US/crmdevelopment/thread/6eb9e0d4-0c0c-4769-ab36-345fbfc9754f/ http://social.microsoft.com/Forums/is/crm/thread/45dabb6e-1c6c-4cb4-85a4-261fa58c04da

  Read the article

• server.sh gives me following error Exception"main" java.lang.NoClassDefFoundError:

  - by NickNaik

  i am trying to start the "Program D" from the terminal, command in terminal "sh server.sh" gives me following error Starting Alicebot Program D. Exception in thread "main" java.lang.NoClassDefFoundError: org/alicebot/server/net/AliceServer Caused by: java.lang.ClassNotFoundException: org.alicebot.server.net.AliceServer at java.net.URLClassLoader$1.run(URLClassLoader.java:202) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:247) My Server.sh file ALICE_HOME=.SERVLET_LIB=lib/servlet.jar ALICE_LIB=lib/aliceserver.jar JS_LIB=lib/js.jar # Set SQL_LIB to the location of your database driver. SQL_LIB=lib/mysql_comp.jar # These are for Jetty; you will want to change these if you are using a different http server. HTTP_SERVER_LIBS=lib/org.mortbay.jetty.jar:lib/javax.xml.jaxp.jar:lib/org.apache.crimson.jar PROGRAMD_CLASSPATH=$SERVLET_LIB:$ALICE_LIB:$JS_LIB:$SQL_LIB:$HTTP_SERVER_LIBS java -classpath $PROGRAMD_CLASSPATH -Xms64m -Xmx64m org.alicebot.server.net.AliceServer $1

  Read the article

• How can I receive messages using over http without MSMQ

  - by pduncan

  I need a reliable messaging framework that runs over http/https (due to client security requirements) and that doesn't use MSMQ (because some clients will use Windows XP Home). The clients only need to be able to receive messages, not send them. We already have a message queue on the server for each user, and the receivers have been getting messages by connecting to an HttpHandler on the server and getting a Stream from WebResponse.GetResponseStream() We keep this stream open, and pull messages off of it using Stream.Read(). This MOSTLY works, but Stream.Read() is a blocking call, and we can't reliably interrupt it. We need to be able to stop and start the receiver without losing messages, but the old stream often hangs around, even after we call Thread.Abort on its thread. Any suggestions?

  Read the article

• How to Detect Trusted Connection in Crystal Reports using VB.NET?

  - by Michael

  I have some Crystal Reports connecting to a Sql Server db that I would like to detect whether the connection is trusted or whether I need to supply the log on info (reports are not supplied by me so I can't control the connect method). If I just blindly supply login credentials, it won't connect if it is a trusted connection. The following does not work: oRpt = oCR.OpenReport("C:\MyReport.rpt") if oRpt.Database.Tables(1).ConnectionProperties.Item("Integrated Security") = True then 'trusted connection else 'supply login credentials end if It gives the following error: Operator '=' is not defined for type 'IConnectionProperty' and type 'Boolean'. I cannot find how create a construct in vb.net for IConnectionProperty. I can't find any documents from Crystal that explain it. I am using Crystal Reports XI - Developer

  Read the article

• running excel macro from another workbook

  - by every_answer_gets_a_point

  I have a macro that is on a server. I need to be able to run it from different workstations that connect to this server. Currently I am doing: Application.Run ("L:\database\lcmsmacro\macro1.xlsm!macro_name") The error message I am getting is "The macro may not be available in this workbook #1004" I have already made sure that my security settings are set on the lowest level. How do I run a macro from another workbook which is hosted on a different server? would using add-ins help me?

  Read the article

• Remote desktop connection to Raspberry Pi without specifying a port

  - by Max Methot

  I have a Raspberry Pi running Raspbian Wheezy connected in "Site A", where the network is managed by a third party company and where all ports are closed the the Internet (for security reasons). So, there is no way for me to do any port forwarding to VNC, nor SSH or anything else. That means I just can't access it in any way other than locally, on-site. However, I need to connect to that device on the X Desktop session (graphical interface) to do some maintenance, and I am located in let's say "Site B", which is nearly 300 miles away from site A. I know you can do such tasks on Windows or x86 Linux computers with TeamViewer (we use it for our other hardware in the same location and it works like a charm), but since the Raspberry Pi is based on an ARM architecture, it isn't supported by TeamViewer yet. If anyone has ever achieved this, I would be glad to hear how to do it! Thanks!

  Read the article

• How can I know if a file has been changed in .NET C#?

  - by Anthony D

  I have an application that requires a secure way to store its configuration. There are users that can change the configuration. I need some sort of signature scheme where I can verify that the config file has not changed with out a valid user. I had thought about using RSA, where the private key is encrypted with the users password, and the public key is used to sign the config. However there is nothing to prevent someone from changing the user file and adding their own public key, thus circumventing my security. Any ideas?

  Read the article

• mysql_fetch_assoc data to COOKIE in user browser

  - by Gowtham Raj

  I had data in mysql, where it does not need any security. I had a sql query string to get the data out every time using mysql_fetch_assoc. So, I planed to store data in users browser.To reduce no of quires to sql. if (!isset($_COOKIE['countries'])){ $query = "SELECT iso,name FROM sel_country"; $countries = mysql_query($query); setcookie('countries', serialize($countries), time()+3600); }else{ $countries = $unserialize($_COOKIE['countries']); } while ($row = mysql_fetch_assoc($countries)) {echo $row['name']} But, When cookie is set it is showing following error Fatal error: Function name must be a string in /home/worlds/public_html/index/ctrl.php on line 15 My cookie in browser displaying content as i%3A0%3B Please help me out, how should i go?

  Read the article

< Previous Page | 854 855 856 857 858 859 860 861 862 863 864 865  | Next Page >