Search Results

Search found 29495 results on 1180 pages for 'cross site scripting'.

Page 963/1180 | < Previous Page | 959 960 961 962 963 964 965 966 967 968 969 970 | Next Page >

Linux server, locating files containing nothing but 4 specific lines.

- by Denis

Hi, I'm dealing with a compromised website, in which hackers injected an htaccess instruction to redirect traffic. I can easily locate .htaccess files that contain the forwarding hack, BUT in cases where the directory already contained an htaccess file, they appended the dangerous instructions, so I cannot just deleted any htaccess file or could harm the site by letting formerly pw-protected directories wide open, or urlrewrite instructions (WordPress) be deleted, etc. I could not find the way to locate files that only contain those 4 lines of redirect hack, could you shed some light ? So far, using find . -type f -exec grep -q targetpiratedomain {} \; -exec echo rm {} \; Thanks !

Read the article
Validating/Allowing YouTube Embed Code

- by mellowsoon

Hi, hopefully this is a simple question. I have a simple custom forum on my site written in PHP. For security reasons I don't allow any HTML in the forum posts. I only allow certain BBCode tags. I would however like to allow embedded YouTube videos. So my question is this: What's the best (most secure) way to validate the YouTube embed code? YouTube is currently using iframes to embed videos, but obviously I can't just allow the iframe tag. I also need to ensure the src of the iframe is a YouTube URL, and ensure there's no other malicious bits of code in the iframe code.

Read the article
MVC Custom Model Binder Binding Multiple Values

- by BMD86

Hello everyone, I have a scenario in which I have multiple sources to bind to my model. For one, I have a view tied to a strongly-typed model, but this scenario also entails posting data to this view from a 3rd party site. Essentially, what I believe I am after in the custom model binding is to investigate the form values in the Request object within HTTPContext to see if I have a field such as "postedFirstName". If so, I want to bind that value instead of the textbox "FirstName" in my view. I've done a good bit of searching but have not find anything that exactly addresses such a scenario. This link was close, I thought, but not quite: http://stackoverflow.com/questions/970335/asp-net-mvc-mixing-custom-and-default-model-binding Any input is greatly appreciated!

Read the article
Escaping quotes twice in PHP

- by Genadinik

Hello, I have a complicated form where I first have to take some _GET parameters and obviously I have to do a mysql_real_escape_string() on them since I look stuff up in the database with them. Them problem for me is after the initial db lookup. When the user submits a form, I send them along as a _POST request and obviously have to do this mysql_real_escape_string call again just in case someone tries to hack my site with a faked form submission. Then the problem I have is the arguments are escaped twice and my queries begin to look strange like this: select field1 , field2 , from my_table where some_id = \'.$lookup_id.\' ... So the system seems to be adding \' and it is messing me up :) Also, in my other forms I have not seen such behavior. Any ideas on what may be causing this? One weird thing is that I tried to send unescaped parameters to the post, and the same problem happens. That is a clue, but not a sufficient one for me. :( Thanks, Alex

Read the article
Linq-to-SQL and Performance.

- by jalpesh

HI, I am developing asp.net mvc site with linq-to-sql we are having 1000 cocurrent users and we are having performance problems. I have found that stackovewflow is also build on linq-to-sql? So can anybody know how they improved performance. Without line performance was good each page are loaded in 3 seconds but after migrating to linq as per our client requirement page comes in 8 to 10 seconds which is not acceptable performance. Our HTML is very clear but we are having very complex database operations. Any tip or code will be best answer. Thanks in advance,

Read the article
<a href> instead of <input submit> button

- by Idealflip

Hello all! Quick question I originally had a submit button. <input class="submit" type="submit" class="input" value="Add" name="command" /> but now I would like to use a instead. The issue is, the value="Add" is very important. I'm currently making the like this. <a href="javascript:document.register.submit();">submit</a> Any suggestions? Issue is, the site is not picking up that this specific was clicked, and therefore won't run my php code.

Read the article
javascript window.close, once again

- by John Kjøller

Im sorry if I havent done my research properly, - but couldnt find the answer I needed, so here goes: From my main page I open a new window using mainPlayer = window.open(); This window stays open until user clicks on a mainPlayer.close(); event. (or simply x closes the window) However, the idea is to make it possible to let the player keep playing, while browsing around the rest of the pages. But as soon as the user leaves the page that opened the mainPlayer window, the reference to the mainPlayer window seem to be lost. How do I, from the site's other pages, check if the mainPlayer window is open and close it on a click event? Thx John

Read the article
What is the best way to pass server side variables to JavaScript on the client side?

- by steve_c

Our application uses a lot of configuration options. Those options need to be reflected on the client side in the form of User preferences, site wide preferences, etc. Currently, we pass server side settings down to the client side in the form of JSON that is stored in custom attributes in the markup for a specific element (and no, our application currently doesn't worry about W3C validation). We then retrieve the data from the custom attribute, and parse it into a JSON object for use in script using jQuery. One drawback to this is referencing attributes on elements from within event handlers. I know this is frowned upon, as it can create circular references, and subsequently memory leaks. I would much prefer to use jQuery's data function, but you can't invoke this from the server side at page render time. What does everyone else do in this type of scenario?

Read the article
Best ways to reuse Java methods

- by carillonator

I'm learning Java and OOP, and have been doing the problems at Project Euler for practice (awesome site btw). I find myself doing many of the same things over and over, like: checking if an integer is prime/generating primes generating the Fibonacci series checking if a number is a palindrome What is the best way to store and call these methods? Should I write a utility class and then import it? If so, do I import a .class file or the .java source? I'm working from a plain text editor and the Mac terminal. Thanks!

Read the article
How to clear a cookie programatically?

- by peter

Hi All, I am using silverlight unit tests to test an important part of our site. Is it possible to clear cookies before each unit test runs? The problem is that if I do this, HtmlPage.Document.Cookies = ""; It doesn't work. If the cookie already was this, key = value I can do this, HtmlPage.Document.Cookies = "key="; It kind of clears it out, but the string "key" is still part of the cookie. Any ideas? Are there any other classes in .NET that deal with cookies? The functionality seems quite limited when I am dealing with more complicated scenarios.

Read the article
A very strange problem -> CSS file not detected .Java web application

- by Nitesh Panchal

Hello, If i browse my site using http://localhost:8080/abc/Login/index.jsf, everything works fine. But if browse it using simply http://localhost:8080/abc, the page is shown but all its images and css files are missing. What can be the problem? I have this in my web.xml :- <form-login-config> <form-login-page>/Login/index.jsf</form-login-page> <form-error-page>/Login/index.jsf</form-error-page> </form-login-config> Probably, images are not getting referenced correctly. Can anybody help me? I have referenced css file as follows :- <link href="./Css/MainStyleSheet.css" rel="stylesheet" type="text/css" /> where Css is folder in Login

Read the article
Joomla contact form doesn't pass W3C validation

- by aramaz

Hi, I get the following error when I try to validate a contact page on my site: document type does not allow element "script" here The element named above was found in a context where it is not allowed. This could mean that you have incorrectly nested elements -- such as a "style" element in the "body" section instead of inside "head" -- or two elements that overlap (which is not allowed). One common cause for this error is the use of XHTML syntax in HTML documents. Due to HTML's rules of implicitly closed elements, this error can create cascading effects. For instance, using XHTML's "self-closing" tags for "meta" and "link" in the "head" section of a HTML document may cause the parser to infer the end of the "head" section and the beginning of the "body" section (where "link" and "meta" are not allowed; hence the reported error). I am using Joomla 1.5.7, and the doctype is <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> Any idea how to fix this?

Read the article
How to handle images folder with many images

- by Billy

I'm developing a new aspnet website with 200k images in a /Images/ -folder. Many operations in Visual Studio is slow because it access the folder, adding a web service takes 10 minutes. The images is not checked into scm (svn). How should I structure the tree of code, to improve performance in VS? It would also be neat if not all developers needed to copy 200k images to their local disk to be able to develop on the site. Images as DB blobs is not an option.

Read the article
question of sed replace

- by chun

hi i have a config file xml <tflow name="CENTRE" inputDTD="/JOBS/cnav/etc/jobReporting/batch/dtd/dtd-ContactCentre.dtd" inputFile="/JOBS/cnav/etc/jobReporting/import/2010.05.02.CONTACTCENTRE.xml" logPath="/JOBS/cnav/etc/jobReporting/logs/" rejectPath="/JOBS/cnav/etc/jobReporting/rejets/"/> <tflow name="SKILL" inputDTD="/JOBS/cnav/etc/jobReporting/batch/dtd/dtd-Skill.dtd" inputFile="/JOBS/cnav/etc/jobReporting/import/2010.05.02.SKILLS.xml" logPath="/JOBS/cnav/etc/jobReporting/logs/" rejectPath="/JOBS/cnav/etc/jobReporting/rejets/"/> my shell is aim to change, by example '2010.05.02.SKILLS.xml' with 'newdate.SKILLS.xml' currently i think of SED, i wrote: sed 's/(import\/)(\d{4}.\d{2}.\d{2})/$1$newdate/g' myfile.xml it doesn't work,i test the pattern with RegExr(a site) which is fine. is it a problem of synthesis of SED? thanks.

Read the article
How to handle null {id} on route?

- by MattSlay

What if a user hits my site with http://www.mysite.com/Quote/Edit rather than http://www.mysite.com/Quote/Edit/1000 In other words, they do not specify a value for {id}. If they do not, I want to display a nice "Not Found" page, since they did not give an ID. I currentl handle this by accepting a nullable int as the parameter in the Controller Action and it works fine. However, I'm curious if there a more standard MVC framework way of handling this, rather than the code I presently use (see below). Is a smoother way to handle this, or is this pretty mush the right way to do it? [HttpGet] public ActionResult Edit(int? id) { if (id == null) return View("QuoteNotFound"); int quoteId = (int)id; var viewModel = new QuoteViewModel(this.UserId); viewModel.LoadQuote(quoteId); if (viewModel.QuoteNo > 0) { return View("Create", viewModel.Quote.Entity); } else return View("QuoteNotFound"); }

Read the article
How can i connect two or more machines via tcp cable to form a network grid?

- by Gath

How can i connect two or more machines to form a network grid and how can i distribute work load to the two machines? What operating systems do i need to run on the machines, and what application should i use to manage the load balancing? NB: I read somewhere that google uses cheap machines to perform this fete, how do they connect two network cards( 'Teaming' ) and distribute load across the machines? Good practical examples would serve me good, with actual code samples. Pointers to some good site i might read this stuff will be highly appreciated.

Read the article
Previewing php pages inside Expression Web 3 suddently stopped working

- by user1660569

On a Windows 7 development machine, I have expression web 3, PHP 5 installed I have been using expression web and PHP for a while, and previewing php pages etc on pressing F12 (preview using local server). Suddenly on F12 all PHP pages display as blank, even a phpinfo() file. Standard html pages continue to work correctly on F12. If I place the same page php inside the default website on inetpub and browse using localhost then the phpinfo() file works. So I know that php is installed and configured correctly for IIS. Things I've checked: Gone into site settings in Expression web and confirmed that php is selected and it is pointing to the php executable Reinstalled php Checked iis that the php extension is registered. Copied files to a different machine with expression web and php installed and it works on. The strange thing is that it gives a blank (no errors) page inside expression web, but does work inside inetpub This was working up until recently, then suddenly stopped for no reason.

Read the article
Sort database entries via a dropdown list

- by Lin

Hello! I'm curious if anyone could possibly help me, because I can't find anything exactly related to it anywhere, and it's driving me nuts. I'd like to have a dropdown list on a page, that will give the visitor the option to sort all entries by year. I have entries from i.e. 2001, 2005, 2009, 2010. The years should be displayed in the dropdown, so the visitor can easily just select all entries dated 2001 if they want. The year for each entry is located in the one database table I have. In other words, I simply want a "sort by" dropdown that you can see on pretty much any shopping site nowadays. But with set years. Thanks in advance for any replies!

Read the article
Can't read output of httpservice

- by tag

I have an HTTPservice that uses id="myhttp" url="site.com/script.php" method="POST" resultFormat="xml" script.php returns $output = '' . $worked . ''; echo $output; Problem is when I try to read worked, it tells me the variable worked is not there event.result.worked myhttp.lastResult.worked The only thing that works is using toString() myhttp.lastResult.toString() or event.result.toString() What am I doing wrong? I plan to add other variables to the output time, so need to access each time and worked separately. I may also need to return multiple responses each with their own worked and time values. How do I do that. I was thinking to not use XML. Is there a more lightweight option. Flex shows I have the following options: array e4x flashvars object text xml

Read the article
How to create a changelog?

- by Jasper Kennis

I'm building a site that shows changes in deals that we have in our db. For example, if a deals status changes from pending to win, I want to show it, and if the value goes up or down, I want to show it, that kind of thing. Also, if you open the overview page, I want it to show the history of changes. So I need some kind of change logging, to be able to look in the past. How do I do this? It is a rails project, but I think that's irrelevant.

Read the article
How to archive old revisions from Apache SVN on linux server

- by user1260729

I have a site through which user can write their own Screenplays. This screenplays are saved in the form of revisions. Apache SVN has been installed. I want to save only the last 5 revisions for every user's document. But the problem is on the backend the all the revisions are stored in one folder called "Docsrepo" and its classified as 1000 revisions in 1 folder. and like this it has 234 folders. Meaning 234*1000 revisions. Now I want to archive all of this revision to keep only the last 5 revisions of each document. How do i do that?

Read the article
Are all <canvas> tag dimensions in pixels?

- by Simon Omega

Are all tag dimensions in pixels? I am asking because I understood them to be. But my math is broken or I am just not grasping something here. I have been doing python mostly and just jumped back into Java Scripting. If I am just doing something stupid let me know. For a game I am writing, I wanted to have a blocky gradient. I have the following: HTML <canvas id="heir"></canvas> CSS @media screen { body { font-size: 12pt } /* Game Rendering Space */ canvas { width: 640px; height: 480px; border-style: solid; border-width: 1px; } } JavaScript (Shortened) function testDraw ( thecontext ) { var myblue = 255; thecontext.save(); // Save All Settings (Before this Function was called) for (var i = 0; i < 480; i = i + 10 ) { if (myblue.toString(16).length == 1) { thecontext.fillStyle = "#00000" + myblue.toString(16); } else { thecontext.fillStyle = "#0000" + myblue.toString(16); } thecontext.fillRect(0, i, 640, 10); myblue = myblue - 2; }; thecontext.restore(); // Restore Settings to Save Point (Removing Styles, etc...) } function main () { var targetcontext = document.getElementById(“main”).getContext("2d"); testDraw(targetcontext); } To me this should produce a series of 640w by 10h pixel bars. In Google Chrome and Fire Fox I get 15 bars. To me that means ( 480 / 15 ) is 32 pixel high bars. So I change the code to: function testDraw ( thecontext ) { var myblue = 255; thecontext.save(); // Save All Settings (Before this Function was called) for (var i = 0; i < 16; i++ ) { if (myblue.toString(16).length == 1) { thecontext.fillStyle = "#00000" + myblue.toString(16); } else { thecontext.fillStyle = "#0000" + myblue.toString(16); } thecontext.fillRect(0, (i * 10), 640, 10); myblue = myblue - 10; }; thecontext.restore(); // Restore Settings to Save Point (Removing Styles, etc...) } And get a true 32 pixel height result for comparison. Other than the fact that the first code snippet has shades of blue rendering in non-visible portions of the they are measuring 32 pixels. Now back to the Original Java Code... If I inspect the tag in Chrome it reports 640 x 480. If I inspect it in Fire Fox it reports 640 x 480. BUT! Fire Fox exports the original code to png at 300 x 150 (which is 15 rows of 10). Is it some how being resized to 640 x 480 by the CSS instead of being set to a true 640 x 480? Why, how, what? O_o I confused...

Read the article
Should a service layer return view models for an MVC application?

- by erg39

Say you have an ASP.NET MVC project and are using a service layer, such as in this contact manager tutorial on the asp.net site: http://www.asp.net/mvc/tutorials/iteration-4-make-the-application-loosely-coupled-cs If you have viewmodels for your views, is the service layer the appropriate place to provide each viewmodel? For instance, in the service layer code sample there is a method public IEnumerable<Contact> ListContacts() { return _repository.ListContacts(); } If instead you wanted a IEnumerable, should it go in the service layer, or is there somewhere else that is the "correct" place? Perhaps more appropriately, if you have a separate viewmodel for each view associated with ContactController, should ContactManagerService have a separate method to return each viewmodel?

Read the article
facebook app development

- by musoNic80

I have always developed my projects using MAMP locally and once done simply uploaded everything to a live server. However, I'm wanting to integrate some FB functionality in my current project and I believe I'm correct in saying that it is not possible to fully test FB integration locally. My problem is I don't want to release the project I'm working on until it's finished (or at least nearly finished!) by placing it on a live server. I don't even want people to see a login screen or anything. Is there a way I can upload everything to my domain for testing purposes but prevent anyone apart from me from accessing the site?

Read the article
Best way to handle MySQL date for performance with thousands of users

- by bitLost

I am currently part of a team designing a site that will potentially have thousands of users who will be doing a number of date related searches. During the design phase we have been trying to determine which makes more sense for performance optimization. Should we store the datetime field as a mysql datetime. Or should be break it up into a number of fields (year, month, day, hour, minute, ...) The question is with a large data set and a potentially large set of users, would we gain performance wise breaking the datetime into multiple fields and saving on relying on mysql date functions? Or is mysql already optimized for this?

Read the article

< Previous Page | 959 960 961 962 963 964 965 966 967 968 969 970 | Next Page >