Search Results

Search found 10480 results on 420 pages for 'session cookies'.

Page 153/420 | < Previous Page | 149 150 151 152 153 154 155 156 157 158 159 160 | Next Page >

CodeIgniter based e-shop, shipping and gift address design problem

- by alexander

While building an ecommerce platform I have run into design problems. I'm working with the built-in CodeIgniter's cart class. It stores all the cart information in session. Let say that cart has already been filled with products and user clicks checkout. When should I store order in database? Just after that click or after several steps of gathering information and stoing it in session? How to deal with additional features like different shipping methods? Should I add it to the basket first and get additional (gift address) to session? I dont want to store it in database because of the relation between gift address and order is needed and since I dont know what's the ID of the order. I'm puzzled :) Additionally I think its crucial to keep cart aware of shipping methods and additional bought services (by selecting gift address there is an extra fee) because the cart content is just like an reciept? In brief, what is the best practice to process checkout?

Read the article
Sugar CRM integration with Java - How to add relationship

- by Arun P Johny

Hi, I'm trying to integrate Sugar CRM with one of my projects. I'm using Apache Axis as my SOAP client. I've created the Sugar CRM client Stub classes using Apache Axis. I'm able to login and add Leads, Opportunities, Accounts and Contacts. But I'm unable to add a relation ship between my Account and Opportunity. I've found following method in the SugarsoapPortType port.set_relationship(session, module_name, module_id, link_field_name, related_ids, name_value_list, delete) but I cannot understand the different parameters required by this method. Most of the online documents suggests a simple way as given below $result = $client->call('set_relationship',array("session"=>$session _id,array("module1"=>"Emails","module1_id"=>"<module1_id>","module2"=>"Accounts","module2_id"=> "<module2_id>"))); how can I achieve this using Java Thanks

Read the article
Scala 2.8: use Java annotation with an array parameter

- by yournamehere

I'm trying to implement an JavaEE Session Bean with Scala 2.8. Because it's a Remote Session Bean, i have to annotate it with the following Java Annotation: @Target({ElementType.TYPE}) @Retention(RetentionPolicy.RUNTIME) public @interface Remote { Class[] value() default {}; } I only found this example for scala 2.7. In Scala 2.7, its possible to define the session bean like this: @Remote {val value = Array(classOf[ITest])} class MyEJB ... How can i use this annotation the same way with Scala 2.8? I already tried many different versions, all resulting in "annotation argument needs to be a constant", "illegal start of simple expression". All of these definitions don't work: @Remote{val value = Array(classOf[PersonScalaEJB])} @Remote(val value = Array(classOf[PersonScalaEJB])) @Remote(Array(classOf[PersonScalaEJB]))

Read the article
How to make Requests HttpOnly in strus1.1 [on hold]

- by WSDL

I am using struts1.2 with jboss4 sever.I have to make my requests HttpOnly.How do I make this with jobss4 and struts1.2.Please Help me .It is urgent private void validateToken(HttpServletRequest request, HttpServletResponse response) { HttpSession session = request.getSession(true); String token = (String)session.getAttribute(TOKEN_KEY); if (token == null) { token = getRandomString(); session.setAttribute(TOKEN_KEY, token); // System.out.println("Executing the Filter............XSS1"); response.addHeader("Set-Cookie", "httpOnly"); } } private String getRandomString() { return String.valueOf(System.currentTimeMillis()); }

Read the article
ASP.Net MVC 2 Forms Authentication cookieless = "UseUri" while submit authorization fails

- by rintoantony

hi, I just started working with ASP.Net MVC 2. I created a new ASP.Net MVC application and created one vehicle controler with a database table connected with LINQ. Then created forms authentication mechanism for the application and tried to use the uri instead of cookies it was working smoothly but when i submit the form by creating a "Create" view from the controler using the utility it just dont work. The autherization got failed and asking to enter the user name and password again.I had created the authorization mechanism by adding Authorise attribute to the Controller so as to get authorized for all the actions. namespace MVCNEW.Controllers { [Authorize] public class VehicleController : Controller { But if i use the cookies instead of uri it works fine. Thanks in advance...

Read the article
SOAPUI Extract data from SOAP Response and use in REST request

- by Adrian

I have been looking at the answer to this question: Pulling details from response to new request SoapUI which is similar to what I am looking for but I can't get it to work. I have a small SOAPUI testsuite and I need to extract a value from the response of a SOAP request and then use this value in a subsequent REST request. The response to my SOAP request is: <ns0:session xmlns:ns0="http://www.someurl.com/la/la/v1_0"> <token>AQIC5wM2xAAIwMg==#</token> </ns0:session> so I need the token to use in my REST request. I know it involves using Property Transfer and some XPath / XQuery but I just can't get it right. At the moment my property transfer window points to Source: SOAP test Property: Response and has data(/session/token/text()) in the text box. In target it has Target: REST testcase Property: newProp and I have Use XQuery checked. Any help greatly appreciated. Thanks, Adrian

Read the article
SQLAlchemy automatically converts str to unicode on commit

- by Victor Stanciu

Hello, When inserting an object into a database with SQLAlchemy, all it's properties that correspond to String() columns are automatically transformed from <type 'str'> to <type 'unicode'>. Is there a way to prevent this behavior? Here is the code: from sqlalchemy import create_engine, Table, Column, Integer, String, MetaData from sqlalchemy.orm import mapper, sessionmaker engine = create_engine('sqlite:///:memory:', echo=False) metadata = MetaData() table = Table('projects', metadata, Column('id', Integer, primary_key=True), Column('name', String(50)) ) class Project(object): def __init__(self, name): self.name = name mapper(Project, table) metadata.create_all(engine) session = sessionmaker(bind=engine)() project = Project("Lorem ipsum") print(type(project.name)) session.add(project) session.commit() print(type(project.name)) And here is the output: <type 'str'> <type 'unicode'> I know I should probably just work with unicode, but this would involve digging through some third-party code and I don't have the Python skills for that yet :)

Read the article
log the http response codes in the file

- by dexter

i have created HTTP::Request which looks like this: #!/usr/bin/perl require HTTP::Request; require LWP::UserAgent; require HTTP::Cookies; $request = HTTP::Request->new(GET => 'http://www.google.com/'); $ua = LWP::UserAgent->new; $cookie_jar = HTTP::Cookies->new(); $ua->cookie_jar($cookie_jar); $cookie_jar->set_cookie(0,'testCookie','cookieValue','/','http://www.google.com/',80,0,0,86400,0); $response = $ua->request($request); if($response->is_success){ print "sucess\n"; print $response->code; print "\n"; } else { print "fail\n"; die $response->code; print "\n"; } now, When i send Request: i want to log the http response codes in the file please help thank you

Read the article
locking database record for editing

- by sd_dracula

I have a SQL 2008 DB and an asp.net frontend. I would like to implement a lock when a user is currently editing a record but unsure of which is the best approach. My idea is to have a isLocked column for the records and it gets set to true when a user pulls that record, meaning all other users have read only access until the first user finishes the editing. However, what if the session times out and he/she never saves/updates the record, the record will remain with isLocked = true, meaning others cannot edit it, right? How can I implement some sort of session time out and have isLocked be automatically set to false when the session times out (or after a predefined period) Should this be implemented on the asp.net side or the SQL side?

Read the article
RESTFul, statelesness and sessions

- by Per Arneng

RESTFul service has a rule that it should be stateless. By beeing that it does not allow a session to be created and maintained by sending a session key between the client and the server and then holding a session state on the server. If i look at the definition in wikipedia of stateless server http://en.wikipedia.org/wiki/Stateless_server "A stateless server is a server that treats each request as an independent transaction that is unrelated to any previous request" It states that it should be unrelated to any previous request. In practice this means that any type of authentication will be comparing the credentials of a user to a state on the server that was created by a previous operation. So a service called login is related to and dependent on the state that has been created by previous requests (ex: create_user and/or change_password). In my view you are breaking statelessnes by doing authentication. My point is that people are complaining about having sessions in RESTFul is breaking statelesness but doing authentication is also breaking the same rule. What do you think?

Read the article
How can I make a security token automatically expire in a passive STS setup?

- by Rising Star

I have a passive STS set up for a new application I'm working on. I've noticed that when a user's session expires, the user is still authenticated. I would have thought that when the session expires, the user would no longer be authenticated. My boss discussed this with me as I am currently charged with setting up the authentication. He says that it would be good if we could make the user's log on expire after a certain period of inactivity similar to how the session expires. I am familiar with how to sign a user out with a few lines of code. How can I make it so that the user is automatically signed out after a specified period of inactivity? Currently, I have some code in the global.asax file that programmatically checks when the last request was and compares it to the current time; it then signs the user out if a certain period of time has expired.

Read the article
Doesn't get into Debug Mode

- by Grace Jones

When I Press F5 on my VS2005 to debug the application, it launches the web app window but it is coming out of debug mode. When I tried to trace the Error in the EventViewer, this was the error: Failed in Token.vb(GetToken). The token was not in memory and the identity of the authenticated IIS caller was not permitted. The session may have unexpectedly terminated. The specific error message included: Session state can only be used when enableSessionState is set to true, either in a configuration file or in the Page directive. Please also make sure that System.Web.SessionStateModule or a custom session state module is included in the \\ section in the application configuration. I don't have any httpModules section in my config file and the sessionState mode="InProc"...

Read the article
How can I monitor if a cookie is being sent to a domain other than the one it originated from?

- by Brendan Salt

I am trying to write a program that will verify that all cookies sent out from the machine are in fact going to the domain they came from. This is part of a larger security project to detect cookie based malicious attacks (such as XSS). The main snag for this project is actually detecting the out-going cookies. Can someone point me in the right direction for monitoring out-going HTTP traffic for cookie information? Other information about the project: This is a windows application written in C and numerous scripting languages. Thanks so much for the help.

Read the article
WiX: Extracting Binary-string in Custom Action yields string like "???good data"

- by leiflundgren

I just found a weird behaviour when attempting to extract a string from the Binary-table in the MSI. I have a file containing "Hello world", the data I get is "???Hello world". (Literary question mark.) Is this as intended? Will it always be exactly 3 characters in the beginning? Regards Leif Sample code: [CustomAction] public static ActionResult CustomAction2(Session session) { View v = session.Database.OpenView("SELECT `Name`,`Data` FROM `Binary`"); v.Execute(); Record r = v.Fetch(); int datalen = r.GetDataSize("Data"); System.IO.Stream strm = r.GetStream("Data"); byte[] rawData = new byte[datalen]; int res = strm.Read(rawData, 0, datalen); strm.Close(); String s = System.Text.Encoding.ASCII.GetString(rawData); // s == "???Hello World" return ActionResult.Success; }

Read the article
How can I use offline access with the Facebook javascript SDK?

- by Tony

In the Facebook javascript api there is a login function in which you specify extended permissions: http://developers.facebook.com/docs/reference/javascript/FB.login One of these permissions is offline access. So I can save the facebook user's session key and assume it will not expire for a long time. The question I have is simple - how do I use the session key? I understand that the session key will last longer, but I don't understand how to use it in the Facebook API. For one of my products, a user must restart his/her browser and I would like to recognize them when they restart. The problem is that they are logged out of facebook, so they must login on my site again where I would rather just use offline access. Sample code would be great! Thanks

Read the article
HSM - cryptoki - opening sessions overhead

- by Raj

I am having a query regarding sessions with HSM. I am aware that there is an overhead if you initialise and finalise the cryptoki api for every file you want to encrypt/decrypt. My queries are, Is there an overhead in opening and closing individual sessions for every file, you want to encrypt/decrypt.(C_Initialize/C_Finalize) How many maximum number of sessions can i have for a HSM simultaneously, with out affecting the performance? Is opening and closing the session for processing individual files the best approach or opening a session and processing multiple files and then closing the session the best approach? Thanks

Read the article
What is a right way to use servlets?

- by vikp

Hi, I'm studying EJB3. I have a session bean which provides services to create/update customer accounts. This session bean offers services on the lines of: public void addCustomer(Customer c); public void updateCustomer(Customer c); Ideally I'd like to have a single servlet: CustomerServlet and it would invoke the session beans that I have listed above. Problem is that I have two JSPs: UpdateAccount.jsp and CreateAccount.jsp. Both of these JSPs have a form with a method POST and action "CustomerServlet". How can I distinguish in a customer servlet which operation I should carry out: createAccount or updateAccount? I guess the alternative is to have a separate servlet for each operation... Thank you

Read the article
Should we use require_once instead header location?

- by jartaud

Hello commnunity, i have somthing like this: (if this page needs the user to be logged) if(!isset($_SESSION['usr_id'])){ //if not a logged user $_SESSION['redir']=curPageURL();//Saving the current page for the redirection header('Location: ../Session/loginFrm.php'); } and in loginFrm.php, we do: {...after validation} if(isset($_SESSION['redir'])){ header('Location: '.$_SESSION['redir']); }else{...} in this page, they say we should use something like this instead: ... require_once '../Session/loginFrm.php'; exit(); This doesn't work for me, the session variable now contains the included page, and not the current page. What do you think about?

Read the article
Deleting a Collection with NHibernate Using the Criteria API

- by lomaxx

I think I know what the answer to this question is probably going to be, but I thought I'd go ahead and ask it anyway. It appears that within NHibernate if I do something like this: IList<Customer> customers = Session.CreateCriteria(typeof(Customer)) .Add(Restrictions.Eq("Name", "Steve") .List<Customer>(); And I want to then delete that list of customers. From what I can tell the only way to do it is like this: foreach(var customer in customers) { Session.Delete(customer); } But what I'm wondering is if there's any way I can just go: Session.Delete(customers); And delete the entire collection with a single call?

Read the article
How to wrap Plone authentication around a third-party servlet?

- by smocking

We're using Plone to serve up some third-party middle-ware. Unfortunately the middle-ware has a particular servlet that gets invoked from a Java applet and doesn't do any kind of authentication. I would like to firewall this off and somehow wrap authentication around it, preferably using the existing session that users will have on Plone. My first idea was to configure nginx (which we're using as the reverse proxy) to check the cookie and only proxy if the user has a valid session (along the lines of this example). However, how to check the session ID against Plone, since it's all stored in the Zope database? Alternatively we could have a Plone python script that basically passes everything along to the back-end after authenticating, but I'm not sure how to do that. Any suggestions? Or alternative ideas?

Read the article
Sanitizing CSS in Rails

- by Erik

Hello! I want to allow the users of a web app that I'm building to write their own CSS in order to customize their profile page. However I am aware of this opening up for many security risks, i e background: url('javascript:alert("Got your cookies! " + document.cookies'). Hence I am looking for a solution to sanitize the CSS while still allowing as much CSS functionality as possible for my users. So my questions if anyone anyone knows of a gem or a plugin to handles this? I've googled my brains out already so any tips would be really appreciated!

Read the article
I am looking for an actual functional web browser type control for .NET, maybe a C++ LIBRARY#$??$?

- by Joshua

I am trying to emulate a web browser in order to execute JavaScript code and then parse the DOM. The System.Windows.Forms.WebBrowser object does not give me the functionality I need. It let's me set the headers, but you cannot set the proxy or clear cookies. Well you can, but it is not ideal and messes with IE's settings. I've been extending the WebBrowser control pinvoking native windows functions so far, but it is really one hack on top of another. I can mess with the proxy and also clear cookies and such, but this control has its issues as I mentioned. I found something called WebKit .NET (http://webkitdotnet.sourceforge.net/), but I don't see support for setting proxies or cookie manipulation. Can someone recommend a c++/.NET/whatever library to do this: Basically tell me what I need to do to get an interface to similar this in .NET: string FetchBrowserParsedHtml(Uri url, WebProxy p, int timeoutSeconds, byte[] headers, byte[] postdata); void ClearCookies(); I am not responsible for my actions.

Read the article
Coffeeshop limits Internet connection to 30 minutes -- how does it recognize me if I delete my cooki

- by Andrew

I was connected to the Internet in a coffeeshop earlier today, but I was only allowed 30 minutes of access. I tried deleting my cookies after my time was up (though admittedly I didn't delete my Flash cookies -- would that have solved the problem?), but the connection still recognized that I'd already used 30 minutes, so I couldn't connect again. How did the connection recognize me still? The wireless was unprotected (no code or password), it just had a portal you had to pass through upon the initial connection. I'm not terribly familiar with web development or computer networks, so just trying to get a better idea of what's happening (and possibly to know what to do next time I use up my minutes =)).

Read the article
NHibernate parent-childs save redundant sql update executed

- by Broken Pipe

I'm trying to save (insert) parent object with a collection of child objects, all objects are new. I prefer to manually specify what to save\update and when so I do not use any cascade saves in mappings and flush sessions by myself. So basically I save this object graph like: session.Save(Parent) foreach (var child in Parent.Childs) { session.Save(child); } session.Flush() I expect this code to insert Parent row, then each child row, however NHibernate executes this SQL: INSERT INTO PARENT.... INSERT INTO CHILD .... UPDATE CHILD SET ParentId=@1 WHERE Id=@2 This update statement is absolutely unnecessary, ParentId was already set correctly in INSERT. How do I get rid of it? Performance is very important for me.

Read the article
Pass errors in Django using HttpResponseRedirect

- by JPC

I know that HttpResponseRedirect only takes one parameter, a URL. But there are cases when I want to redirect with an error message to display. I was reading this post: How to pass information using an http redirect (in Django) and there were a lot of good suggestions. I don't really want to use a library that I don't know how works. I don't want to rely on messages which, according to the Django docs, is going to be removed. I thought about using sessions. I also like the idea of passing it in a URL, something like: return HttpResponseRedirect('/someurl/?error=1') and then having some map from error code to message. Is it good practice to have a global map-like structure which hard codes in these error messages or is there a better way? Or should I just use a session EDIT: I got it working using a session. Is that a good practice to put things like this in the session?

Read the article

< Previous Page | 149 150 151 152 153 154 155 156 157 158 159 160 | Next Page >