Search Results

Search found 36981 results on 1480 pages for 'string formatting'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 981/1480 | < Previous Page | 977 978 979 980 981 982 983 984 985 986 987 988  | Next Page >

  • Can this be improved? Scrubing of dangerous html tags.

    - by chobo2
    I been finding that for something that I consider pretty import there is very little information or libraries on how to deal with this problem. I found this while searching. I really don't know all the million ways that a hacker could try to insert the dangerous tags. I have a rich html editor so I need to keep non dangerous tags but strip out bad ones. So is this script missing anything? It uses html agility pack. public string ScrubHTML(string html) { HtmlDocument doc = new HtmlDocument(); doc.LoadHtml(html); //Remove potentially harmful elements HtmlNodeCollection nc = doc.DocumentNode.SelectNodes("//script|//link|//iframe|//frameset|//frame|//applet|//object|//embed"); if (nc != null) { foreach (HtmlNode node in nc) { node.ParentNode.RemoveChild(node, false); } } //remove hrefs to java/j/vbscript URLs nc = doc.DocumentNode.SelectNodes("//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'javascript')]|//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'jscript')]|//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'vbscript')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.SetAttributeValue("href", "#"); } } //remove img with refs to java/j/vbscript URLs nc = doc.DocumentNode.SelectNodes("//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'javascript')]|//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'jscript')]|//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'vbscript')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.SetAttributeValue("src", "#"); } } //remove on<Event> handlers from all tags nc = doc.DocumentNode.SelectNodes("//*[@onclick or @onmouseover or @onfocus or @onblur or @onmouseout or @ondoubleclick or @onload or @onunload]"); if (nc != null) { foreach (HtmlNode node in nc) { node.Attributes.Remove("onFocus"); node.Attributes.Remove("onBlur"); node.Attributes.Remove("onClick"); node.Attributes.Remove("onMouseOver"); node.Attributes.Remove("onMouseOut"); node.Attributes.Remove("onDoubleClick"); node.Attributes.Remove("onLoad"); node.Attributes.Remove("onUnload"); } } // remove any style attributes that contain the word expression (IE evaluates this as script) nc = doc.DocumentNode.SelectNodes("//*[contains(translate(@style, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'expression')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.Attributes.Remove("stYle"); } } return doc.DocumentNode.WriteTo(); }

    Read the article

  • how to unpack the contents of a javascript file?

    - by altvali
    Hi all! You know how those packed js files look like, right? eval(function(p,a,c,k,e,d){ ... } ('obfuscated-string'.split('|'),0,{})) It just so happens to be that i have to tweak some large legacy code that looks like that and i want to find a way to turn this into a more readable version. If that's not possible, can i at least get rid of the eval?

    Read the article

  • mysqli_stmt_bind_param SQL Injection

    - by profitphp
    Is there still an injection risk when using prepared statements and mysqli_stmt_bind_param? For example: $malicious_input = 'bob"; drop table users'; mysqli_stmt_bind_param($stmt, 's', $malicious_input); Behind the scenes does mysqli_stmt_bind_param pass this query string to mysql: SET @username = "bob"; drop table users"; Or does it perform the SET command through the API, or use some type of protection to keep this from happening?

    Read the article

  • Java - Make an object collection friendly

    - by DutrowLLC
    If an object holds a unique primary key, what interfaces does it need to implement in order to be collection friendly especially in terms of being efficiently sortable, hashable, etc...? If the primary key is a string, how are these interfaces best implemented? Thanks!

    Read the article

  • Placeholder for UITextView

    - by Gill Bates
    Anyone ever implements something in UITextView that stopping it from receiving future inputs when the text length is smaller than certain threshold? I plan to implement a textview like we have in the mail composer interface. We have a placeholder "Subject" there, and the cursor starts after. Placeholder in UITextView Inspired from this question, I wonder if there are some methods which could be used to stop changing the text in the UITextView once the cursor is moving back to the placeholder string. Any ideas?

    Read the article

  • Exporting classes containing std:: objects (vector, map, etc) from a dll

    - by RnR
    I'm trying to export classes from a DLL that contain objects such as std::vectors and std::stings - the whole class is declared as dll export through: class DLL_EXPORT FontManager { The problem is that for members of the complex types I get this warning: warning C4251: 'FontManager::m__fonts' : class 'std::map<_Kty,_Ty' needs to have dll-interface to be used by clients of class 'FontManager' with [ _Kty=std::string, _Ty=tFontInfoRef ] I'm able to remove some of the warnings by putting the following forward class declaration before them even though I'm not changing the type of the member variables themselves: template class DLL_EXPORT std::allocator<tCharGlyphProviderRef>; template class DLL_EXPORT std::vector<tCharGlyphProviderRef,std::allocator<tCharGlyphProviderRef> >; std::vector<tCharGlyphProviderRef> m_glyphProviders; Looks like the forward declaration "injects" the DLL_EXPORT for when the member is compiled but is it safe? Does it realy change anything when the client compiles this header and uses the std container on his side? Will it make all future uses of such a container DLL_EXPORT (and possibly not inline?)? And does it really solve the problem that the warning tries to warn about? Is this warning anything I should be worried about or would it be best to disable it in the scope of these constructs? The clients and the dll will always be built using the same set of libraries and compilers and those are header only classes... I'm using Visual Studio 2003 with the standard STD library. ---- Update ---- I'd like to target you more though as I see the answers are general and here we're talking about std containers and types (such as std::string) - maybe the question really is: Can we disable the warning for standard containers and types available to both the client and the dll through the same library headers and treat them just as we'd treat an int or any other built-in type? (It does seem to work correctly on my side.) If so would should be the conditions under which we can do this? Or should maybe using such containers be prohibited or at least ultra care taken to make sure no assignment operators, copy constructors etc will get inlined into the dll client? In general I'd like to know if you feel designing a dll interface having such objects (and for example using them to return stuff to the client as return value types) is a good idea or not and why - I'd like to have a "high level" interface to this functionality... maybe the best solution is what Neil Butterworth suggested - creating a static library?

    Read the article

  • TouchCode XML parsing error

    - by itsaboutcode
    Hi, I have a xml document which has only one element in the document, which is <error>error string<error> But when i try to parse it, it says this document has no element at all. In other words when i try to access the rootElement it says "null" CXMLDocument *rssParser = [[[CXMLDocument alloc] initWithContentsOfURL:url options:0 error:nil] autorelease]; NSLog(@"Root: %@",[[rssParser rootElement] name]); Please tell me what is wroing with this. Thanks

    Read the article

  • Requested Service not found

    - by mathirengasamy
    I have an windows service application with which works on remoting.That is used to display the ballontip. sometime it displays this error... Exception :Requested Service not foundInner Exception : Stack Trace : Server stack trace: at System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMessage(IServerChannelSinkStack sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, Stream requestStream, IMessage& responseMsg, ITransportHeaders& responseHeaders, Stream& responseStream) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at Baloontip.clsBaloonTool.Messagebox(String Message) anybody help me..thanks in advance

    Read the article

  • How to configure SVN access list for directory/repository ?

    - by abatishchev
    I have next SVN repositories structure running Apache 2.2 under Windows Server 2008: http://example.com/svn/ is targeted to e:\svn (root) http://example.com/svn/dir/ is targeted to e:\svn\dir (some directory with a number of repositories) http://example.com/svn/dir/repo/ is targeted to e:\svn\dir\repo (a repository itself) How to access list so group @foo had rw access to repo? I have next access list: [groups] @foo = user1, user2 [/] * = r [dir/repo:/] @foo = rw The last string doesn't work in any combination I tried

    Read the article

  • How should I parse this simple text file in Java?

    - by Winston
    I have a text file that looks like this: grn129 agri- ac-214 ahss hud114 ahss lov1150 ahss lov1160 ahss lov1170 ahss lov1210 ahss What is the best way to parse this file using Java if I want to create a HashMap with the first column as the key and the second column as the value. Should I use the Scanner class? Try to read in the whole file as a string and split it? What is the best way?

    Read the article

  • Lisp's "some" in Python?

    - by Mark Probst
    I have a list of strings and a list of filters (which are also strings, to be interpreted as regular expressions). I want a list of all the elements in my string list that are accepted by at least one of the filters. Ideally, I'd write [s for s in strings if some (lambda f: re.match (f, s), filters)] where some is defined as def some (pred, list): for x in list: res = pred (x) if res: return res return False Is something like that already available in Python, or is there a more idiomatic way to do this?

    Read the article

  • passing nsdata in stringwithformat

    - by milanjansari
    hello, How to pass nsdata in below of the string NSData *myData = [NSData dataWithContentsOfFile:pathDoc]; pathDoc = [NSString stringWithFormat:@"<size>%d</size><type>%d</type><cdate>%@</cdate><file>%c</file><fname>File</fname>",fileSizeVal,filetype,creationDate,file]; Any idea about this? Thanks you, Milan

    Read the article

  • Java accessing variables using extends

    - by delo
    So here I have two classes: Customer Order Class and Confirmation Class. I want to access the data stored in LastNameTextField (Customer Order Class) and set it as the text for UserLastNameLabel (Confirmation Class) after clicking a "Submit" button. For some reason however, the output displays nothing. Snippet of my code: package customer_order; public class customer_order extends Frame{ private static final long serialVersionUID = 1L; private JPanel jPanel = null; private JLabel LastNameLabel = null; protected JTextField LastNameTextField = null; private JButton SubmitButton = null; public String s; public customer_order() { super(); initialize(); } private void initialize() { this.setSize(729, 400); this.setTitle("Customer Order"); this.add(getJPanel(), BorderLayout.CENTER); } /** * This method initializes LastNameTextField * * @return javax.swing.JTextField */ public JTextField getLastNameTextField() { if (LastNameTextField == null) { LastNameTextField = new JTextField(); LastNameTextField.setBounds(new Rectangle(120, 100, 164, 28)); LastNameTextField.setName("LastNameTextField"); } return LastNameTextField; } /** * This method initializes SubmitButton * * @return javax.swing.JButton */ private JButton getSubmitButton() { if (SubmitButton == null) { SubmitButton = new JButton(); SubmitButton.setBounds(new Rectangle(501, 225, 96, 29)); SubmitButton.setName("SubmitButton"); SubmitButton.setText("Submit"); SubmitButton.addActionListener(new java.awt.event.ActionListener() { public void actionPerformed(java.awt.event.ActionEvent e) { System.out.println("actionPerformed()"); // TODO Auto-generated Event stub actionPerformed() //THE STRING I WANT s = LastNameTextField.getText(); java.awt.EventQueue.invokeLater(new Runnable() { public void run() { new confirmation().setVisible(true); } }); } }); } return SubmitButton; } package customer_order; public class confirmation extends customer_order{ private static final long serialVersionUID = 1L; private JPanel jPanel = null; // @jve:decl-index=0:visual-constraint="58,9" private JLabel LastNameLabel = null; private JLabel UserLastNameLabel = null; // @jve:decl-index=0: /** * This method initializes frame * * @return java.awt.Frame */ public confirmation() { super(); initialize(); } private void initialize() { this.setSize(729, 400); this.setTitle("Confirmation"); this.add(getJPanel(), BorderLayout.CENTER); } /** * This method initializes jPanel * * @return javax.swing.JPanel */ private JPanel getJPanel() { if (jPanel == null) { UserLastNameLabel = new JLabel(); UserLastNameLabel.setBounds(new Rectangle(121, 60, 167, 26)); //THE PROBLEM? UserLastNameLabel.setText(s); } return jPanel; }

    Read the article

  • parse part of the text from regex pattern

    - by dalco
    I have a string: [\n['-','some text what\rcontains\nnewlines'],\n\n trying to parse: Regex.Split(@"[\n['-','some text what contains newlines'],\n\n", @"\[\n\['(.*)','(.*)'],.*"); but the split return array seems to be null i need to get part of text: "some text what contains newlines"

    Read the article

  • Multiple REPLACE function in Oracle

    - by Adnan
    I am using the REPLACE function in oracle to replace values in my string like; SELECT REPLACE('THE NEW VALUE IS #VAL1#','#VAL1#','55') from dual So this is OK to replace one value, but what about 20+, should I use 20+ REPLACE function or is there a more practical solution. All ideas are welcome.

    Read the article

  • How do I call the methods in a model via controller? Zend Framework

    - by Joel
    Hi guys, I've been searching for tutorials to better understand this, but I'm having no luck. Please forgive the lengthy explination, but I want make sure I explain myself well. First, I'm quite new to the MVC structure, though I have been doing tutorials and learning as best I can. I have been moving over a live site into the Zend Framework model. So far, I have all the views within views/scripts/index/example.phtml. So therefore I'm using one IndexController and I have the code in each Action method for each page: IE public function exampleAction() Because I didn't know how to interact with a model, I put all the methods at the bottom of the controller (a fat controller). So basically, I had a working site by using a View and Controller and no model. ... Now I'm trying to learn how to incorporate the Model. So I created a View at: view/scripts/calendar/index.phtml I created a new Controller at: controller/CalendarControllers.php and a new model at: model/Calendar.php The problem is I think I'm not correctly communication with the model (I'm still new to OOP). Can you look over my controller and model and tell me if you see a problem. I'm needing to return an array from runCalendarScript(), but I'm not sure if I can return an array into the object like I'm trying to? I don't really understand how to "run" the runCalendarScript() from the controller? Thanks for any help! I'm stripping out most of the guts of the methods for the sake of brevity: controller: <?php class CalendarController extends Zend_Controller_Action { public function indexAction() { $finishedFeedArray = new Application_Model_Calendar(); $this->view->googleArray = $finishedFeedArray; } } model: <?php class Application_Model_Calendar { public function _runCalendarScript(){ $gcal = $this->_validateCalendarConnection(); $uncleanedFeedArray = $this->_getCalendarFeed($gcal); $finishedFeedArray = $this->_cleanFeed($uncleanedFeedArray); return $finishedFeedArray; } //Validate Google Calendar connection public function _validateCalendarConnection() { ... return $gcal; } //extracts googles calendar object into the $feed object public function _getCalendarFeed($gcal) { ... return $feed; } //cleans the feed to just text, etc protected function _cleanFeed($uncleanedFeedArray) { $contentText = $this->_cleanupText($event); $eventData = $this->_filterEventDetails($contentText); return $cleanedArray; } //Cleans up all formatting of text from Calendar feed public function _cleanupText($event) { ... return $contentText; } //filterEventDetails protected function _filterEventDetails($contentText) { ... return $data; } }

    Read the article

  • What's the difference between these two calls to a function taking a collection of structural types?

    - by James Moore
    Why does the call to fn(Iterator("foo") compile, but the call to fn(fooIterator) fail with an error "type mismatch; found : Iterator[java.lang.String] required: scala.Iterator[com.banshee.Qx.HasLength]" object Qx { type HasLength = {def length: Int} def fn(xs: Iterator[HasLength]) = 3 var tn = fn(Iterator("foo")) var fooIterator = Iterator("foo") var tnFails = fn(fooIterator) //doesn't compile } Aren't they the same thing?

    Read the article

  • Efficient file buffering & scanning methods for large files in python

    - by eblume
    The description of the problem I am having is a bit complicated, and I will err on the side of providing more complete information. For the impatient, here is the briefest way I can summarize it: What is the fastest (least execution time) way to split a text file in to ALL (overlapping) substrings of size N (bound N, eg 36) while throwing out newline characters. I am writing a module which parses files in the FASTA ascii-based genome format. These files comprise what is known as the 'hg18' human reference genome, which you can download from the UCSC genome browser (go slugs!) if you like. As you will notice, the genome files are composed of chr[1..22].fa and chr[XY].fa, as well as a set of other small files which are not used in this module. Several modules already exist for parsing FASTA files, such as BioPython's SeqIO. (Sorry, I'd post a link, but I don't have the points to do so yet.) Unfortunately, every module I've been able to find doesn't do the specific operation I am trying to do. My module needs to split the genome data ('CAGTACGTCAGACTATACGGAGCTA' could be a line, for instance) in to every single overlapping N-length substring. Let me give an example using a very small file (the actual chromosome files are between 355 and 20 million characters long) and N=8 import cStringIO example_file = cStringIO.StringIO("""\ header CAGTcag TFgcACF """) for read in parse(example_file): ... print read ... CAGTCAGTF AGTCAGTFG GTCAGTFGC TCAGTFGCA CAGTFGCAC AGTFGCACF The function that I found had the absolute best performance from the methods I could think of is this: def parse(file): size = 8 # of course in my code this is a function argument file.readline() # skip past the header buffer = '' for line in file: buffer += line.rstrip().upper() while len(buffer) = size: yield buffer[:size] buffer = buffer[1:] This works, but unfortunately it still takes about 1.5 hours (see note below) to parse the human genome this way. Perhaps this is the very best I am going to see with this method (a complete code refactor might be in order, but I'd like to avoid it as this approach has some very specific advantages in other areas of the code), but I thought I would turn this over to the community. Thanks! Note, this time includes a lot of extra calculation, such as computing the opposing strand read and doing hashtable lookups on a hash of approximately 5G in size. Post-answer conclusion: It turns out that using fileobj.read() and then manipulating the resulting string (string.replace(), etc.) took relatively little time and memory compared to the remainder of the program, and so I used that approach. Thanks everyone!

    Read the article

  • Best way to return result from business layer to presentation layer when using LINQ-to-SQL

    - by samsur
    I have a business layer that has DTOs that are used in the presentation layer. This application uses entity framework. Here is an example of a class called RoleDTO: public class RoleDTO { public Guid RoleId { get; set; } public string RoleName { get; set; } public string RoleDescription { get; set; } public int? OrganizationId { get; set; } } In the BLL I want to have a method that returns a list of DTO. I would like to know which is the better approach: returning IQueryable or list of DTOs. Although I feel that returning IQueryable is not a good idea because the connection needs to be open. Here are the 2 different methods using the different approaches: First approach public class RoleBLL { private servicedeskEntities sde; public RoleBLL() { sde = new servicedeskEntities(); } public IQueryable<RoleDTO> GetAllRoles() { IQueryable<RoleDTO> role = from r in sde.Roles select new RoleDTO() { RoleId = r.RoleID, RoleName = r.RoleName, RoleDescription = r.RoleDescription, OrganizationId = r.OrganizationId }; return role; } Note: in the above method the DataContext is a private attribute and set in the constructor, so that the connection stays opened. Second approach public static List<RoleDTO> GetAllRoles() { List<RoleDTO> roleDTO = new List<RoleDTO>(); using (servicedeskEntities sde = new servicedeskEntities()) { var roles = from pri in sde.Roles select new { pri.RoleID, pri.RoleName, pri.RoleDescription }; //Add the role entites to the DTO list and return. This is necessary as anonymous types can be returned acrosss methods foreach (var item in roles) { RoleDTO roleItem = new RoleDTO(); roleItem.RoleId = item.RoleID; roleItem.RoleDescription = item.RoleDescription; roleItem.RoleName = item.RoleName; roleDTO.Add(roleItem); } return roleDTO; } } Please let me know, if there is a better approach.

    Read the article

  • C++ Class Access Specifier Verbosity

    - by PolyTex
    A "traditional" C++ class (just some random declarations) might resemble the following: class Foo { public: Foo(); explicit Foo(const std::string&); ~Foo(); enum FooState { Idle, Busy, Unknown }; FooState GetState() const; bool GetBar() const; void SetBaz(int); private: struct FooPartialImpl; void HelperFunction1(); void HelperFunction2(); void HelperFunction3(); FooPartialImpl* m_impl; // smart ptr FooState m_state; bool m_bar; int m_baz; }; I always found this type of access level specification ugly and difficult to follow if the original programmer didn't organize his "access regions" neatly. Taking a look at the same snippet in a Java/C# style, we get: class Foo { public: Foo(); public: explicit Foo(const std::string&); public: ~Foo(); public: enum FooState { Idle, Busy, Unknown }; public: FooState GetState() const; public: bool GetBar() const; public: void SetBaz(int); private: struct FooPartialImpl; private: void HelperFunction1(); private: void HelperFunction2(); private: void HelperFunction3(); private: FooPartialImpl* m_impl; // smart ptr private: FooState m_state; private: bool m_bar; private: int m_baz; }; In my opinion, this is much easier to read in a header because the access specifier is right next to the target, and not a bunch of lines away. I found this especially true when working with header-only template code that wasn't separated into the usual "*.hpp/*.inl" pair. In that scenario, the size of the function implementations overpowered this small but important information. My question is simple and stems from the fact that I've never seen anyone else actively do this in their C++ code. Assuming that I don't have a "Class View" capable IDE, are there any obvious drawbacks to using this level of verbosity? Any other style recommendations are welcome!

    Read the article

  • Asp.Net(C#) inline coding problem

    - by oraclee
    Hi all; <% int i = Eval("NAME").ToString().IndexOf("."); string str = Eval("NAME").ToString().Substring(i + 1); %> <img src="../images/img_<%= str %>.gif" alt="" /> EVAL("test.txt") I need "txt" how to make ? Please Help Thank you

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 977 978 979 980 981 982 983 984 985 986 987 988  | Next Page >