Search Results

Search found 9625 results on 385 pages for 'login'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 295/385 | < Previous Page | 291 292 293 294 295 296 297 298 299 300 301 302  | Next Page >

  • serving files using django - is this a security vulnerability

    - by Tom Tom
    I'm using the following code to serve uploaded files from a login secured view in a django app. Do you think that there is a security vulnerability in this code? I'm a bit concerned about that the user could place arbitrary strings in the url after the upload/ and this is directly mapped to the local filesystem. Actually I don't think that it is a vulnerability issue, since the access to the filesystem is restricted to the files in the folder defined with the UPLOAD_LOCATION setting. UPLOAD_LOCATION = is set to a not publicly available folder on the webserver url(r'^upload/(?P<file_url>[/,.,\s,_,\-,\w]+)', 'aeon_infrastructure.views.serve_upload_files', name='project_detail'), @login_required def serve_upload_files(request, file_url): import os.path import mimetypes mimetypes.init() try: file_path = settings.UPLOAD_LOCATION + '/' + file_url fsock = open(file_path,"r") file_name = os.path.basename(file_path) file_size = os.path.getsize(file_path) print "file size is: " + str(file_size) mime_type_guess = mimetypes.guess_type(file_name) if mime_type_guess is not None: response = HttpResponse(fsock, mimetype=mime_type_guess[0]) response['Content-Disposition'] = 'attachment; filename=' + file_name #response.write(file) except IOError: response = HttpResponseNotFound() return response

    Read the article

  • find_all_links() Perl function don't find all links

    - by Malincy Montoya
    I'm starting with Perl and I'm trying to do a script that log me out of a page (I already did the login one). The think is, I'm trying to use find_link function from WWW::Mechanize (I also tried WWW::Mechanize::Firefox) to find the logout link, but it's not working. So, my question is: is the event onmouseover avoiding that link to be founded? I think WWW::Mechanize::Firefox supports javascript but maybe it's not correct. Logout Is there a way to do what I want? Any help or suggestions will be highly appreciated.

    Read the article

  • AnkhSVN, mysisgit and Pageant

    - by Chalkey
    I have recently installed msysgit on my machine (its running Windows 7) to use Git for some projects. A lot of my projects are under SVN, in which I use AnkhSVN in Visual Studio 2008 to commit etc. Since I have installed msysgit everytime I try to commit, update etc inside Visual Studio, the program C:\msysgit\bin\ssh.exe loads up, asks for my password, then Ankh throws an exception. I currently use Pageant to save my login credentials for SVN - I have TortoiseSVN installed, which is still working fine... Has anybody got any suggestions to get Anhk working again - without uninstalling msysgit? Thanks

    Read the article

  • LOAD DATA INFILE not working in mariadb

    - by Haseena
    Iam trying to migrate from mysql to mariadb. On this time I can face an issue with mariadb. When I can trying to load a data file into a table, it shows an error like : SQL Error (29): File 'C:/Documents and Settings/Administrator/Local Settings/Temp/SAMPLE/DATA_TEMP1351761841668/SampleFile0' not found (Errcode: 2) But the file already exists in the path.... Another one point is that the same command successfully works with MySQL. Is MariaDB has any permission issue? Login as Administrator. See below my query : load data infile "'C:/Documents and Settings/Administrator/Local Settings/Temp/SAMPLE/DATA_TEMP1351761841668/SampleFile0" into table SAMPLETABLE; When changing the path loke "C:/SampleFile0", its working properly. From Administrator folder it doesn't working. Can anyone help me in this regard??? Iam a newone in MariaDB.

    Read the article

  • Cannot connect to local database.

    - by Smickie
    Hi, I have apache and mysql set up on my local machine (Mac). Whenever I go to any of my local sites I get the "Error establishing a database connection" whenever anything mySql related happens. It was working perfectly yesterday, but when I started my computer today it is not. I can login to mysql on the terminal and that all works fine, I can view database and run queries in the terminal. Look at all my table etc. I've tried restarting apache. Anyone know what's up? This is worrying.

    Read the article

  • Invalid AuthenticityToken everywhere

    - by bwizzy
    I have a rails app that I just deployed which is generating Invalid AuthenticityToken errors anywhere a form is submitted. The app uses subdomains as account names and will also eventually allow for a custom domain to be entered. I have an entry in production.rb to allow for cross-domain session handling. The problem is that you can't login / or submit any form because everything raises an Invalid AuthenticityToken error. The issue looks similar but not the same as http://stackoverflow.com/questions/1201901/rails-invalid-authenticity-token-after-deploy plus I'm not using mongrel. I've tried clearing cookies in the browser, and restarting passenger but no luck. Anyone have any ideas? The server is running nginx + passenger 2.3.11, and Rails 2.3.5. #production.rb config.action_controller.session[:domain] = '.domain.com' #environment.rb config.action_controller.session = { :session_key => '_app_session', :secret => '.... nums and chars .....' }

    Read the article

  • Making .net navigation menu role specific

    - by Ricardo Deano
    Hello all. I'm currently using the good ol login control, .net membership & role providers for a web app I'm building. I have a tabbed navigation menu that I want to make role specific i.e. everyones sees 'Home', one role would be able to see additional tabs, another would be able to see three, etc. Doe sthe allow for such a thing? Has anyone created such a navigation menu and could point a newbie in the right direction? Any help gratefully received.

    Read the article

  • How to include css in a hmvc setup in codeigniter

    - by tariq
    I have setup the combination Codeigniter + HMVC + Twitter Bootstrap using this tutorial. I have created two modules named app and session. The app module contains the twitter bootstrap sample. When I click on About link, a new login page is displayed which is the session module configured using <?php echo Modules::run('session/session/index'); ?> The problem I am facing is that when I include the twitter bootstrap in both the views, the app module gets realigned and corousal doesnt work. How do I get the CSS to work with the session module ?

    Read the article

  • Accessing a module's action rendered output

    - by Flavius
    Hi. I'm writing an "Account" module which should take care of everything about accounts: registration, login/logout, user administration, password recovery, account activation, etc. So I thought it would be best to reuse whatever the module's DefaultController::actionRegister() generates to show on the main page. So my question is: how to create a new "sub request" (similar to CController::forward()) from any controller (either SiteController, read: from views/layouts/main.php, or another controller, eventually of another submodule) to a given module/controller/action? I've tried with $this-forward() from within my application layout without success: it shows a blank page, no error whatsoever. Thanks

    Read the article

  • ASP.NET SetAuthCookie Impersonation Help

    - by rlb.usa
    Hello SO, I'm trying to do user impersonation for a web application we have. The user selects the user they'd like to emulate/impersonate and then clicks the button which fires this: protected void uxImpersonate_Click(object sender, EventArgs e) { ... FormsAuthentication.SetAuthCookie(uxUserToEmulate.SelectedValue, false); Response.Redirect("Impersonation.aspx"); //reload page manually } We have a dev - test - production server environment and on two servers this works just fine, but on another one, in all browsers, it kicks me to the login screen. What's going on and how can I fix it? We're on ASP.NET 2.0, and I'm using http://stackoverflow.com/questions/549016/user-impersonation-with-asp-net-forms-authentication as a guide. UPDATE: It appears that the user actually is impersonated successfully but is loosing their Role as admin (only Admin Role's can access this impersonation page).

    Read the article

  • Adobe Flex, loading a remote swf

    - by JonoB
    I have a flex app running on my server. I have had a request from some clients to have the swf loaded on their server, so that their customers dont have to be transferred to my server to login; i.e. from the user's point of view it looks like they are logging in from theirsite.com instead of mysite.com I tried something really simple, and that was to give them a html wrapper to host on their site. The only modification that I made was to change the "src" var to: "src", "https://www.mysite.com/app/myapp.swf" and embed src="https://www.mysite.com/app/myapp.swf" To my surprise, this worked perfectly. And best of all, the service calls still seem to come from mysite.com, so I dont have to bother with modifying the crossdomain.xml file. All good it seems. Are there any issues or downsides to the above that I should be aware of?

    Read the article

  • PHP want to buy / find a eMall, Shopping Mall system with multiple vendor management backend

    - by Shiro
    Basically I am looking for a Shopping Mall system in PHP. User included Member / User Administrator Vendor Affiliate I find a lot ecommerce that support multiple shop, but each vendor don't have their own login and management. And in the front I would like to share the cart. and can buy from different shop. If multiple subdomain supported that would be more better. Web 2.0 design would be much more preferable. Any suggestion? I google some of it, hopefully can get more references. Buy / Open source also please advice. I don't think this kind of system got open source :p

    Read the article

  • Retrieving text from password field [python][pyqt4]

    - by Dr. Johnson
    def welcomeStage (self): self.test = QtGui.QLineEdit (self) self.test.move (50, 150) QtCore.QObject.connect (self.test, QtCore.SIGNAL ('returnPressed()'), self.passwordStage) def passwordStage (self): self.email = self.test.text() self.test.clear() self.test.setEchoMode (QtGui.QLineEdit.Password) QtCore.QObject.connect (self.test, QtCore.SIGNAL ('returnPressed()'), self.loginStage) def loginStage (self): self.pwd = self.test.text() print self.pwd if len (self.pwd) < 0: welcomeStage () return Simply put, I am making a login form. The user enters their email, then the text field is cleared and echo mode is set to Password mode. The text() function returns the email fine, but when I call text() after I have changed the echo mode, it returns 0. I've been pouring over the documentation looking for anything regarding the text() function and how it operates when Password mode is on, however I have not found anything. Does anybody know how this is done?

    Read the article

  • how to prevent hacking of a WP site

    - by HollerTrain
    I have a WP install, and every few weeks some hackers keep adding some bunk script to the bottom of certain files, making the WP site not function. I've changed the user/pass to WP and this obviously isn't working. I'm thinking since they are effecting files that are not visible via the WP login files (which are just theme files) then does this mean they are getting access to the FTP and making their hacks there? If they are getting into FTP then why wouldn't they just remove all docs? Any insight would be greatly appreciate it. While I appreciate the billable hours to find/remove this code every few days the client isn't as excited about it as I am.

    Read the article

  • Sugar CRM integration with Java - How to add relationship

    - by Arun P Johny
    Hi, I'm trying to integrate Sugar CRM with one of my projects. I'm using Apache Axis as my SOAP client. I've created the Sugar CRM client Stub classes using Apache Axis. I'm able to login and add Leads, Opportunities, Accounts and Contacts. But I'm unable to add a relation ship between my Account and Opportunity. I've found following method in the SugarsoapPortType port.set_relationship(session, module_name, module_id, link_field_name, related_ids, name_value_list, delete) but I cannot understand the different parameters required by this method. Most of the online documents suggests a simple way as given below $result = $client->call('set_relationship',array("session"=>$session _id,array("module1"=>"Emails","module1_id"=>"<module1_id>","module2"=>"Accounts","module2_id"=> "<module2_id>"))); how can I achieve this using Java Thanks

    Read the article

  • Best way to auto-restore db on an houlry basis

    - by aron
    Hello, I have a demo site where anyone can login and test a management interface. Every hour I would like to flush all the data in the SQL 2008 Database and restore it from the original. Rae Gate sql has some awesome tools for this, however they are beyond my budget right now. Could I simply make a backup copy of the database's data file, then have a c# console app that deletes it and copies over the original. Then I can have a windows schedule task to run the .exe every hour. It's simple and free... would this work? I'm using SQL Server 2008 R2 Web edition I understand that red gate is technically better because I can set it to analyze the db and only update the records that were altered, and the approach I have above is like a "sledge hammer".

    Read the article

  • How should I measure Concurrent Licence Usage

    - by Andrew Wood
    Hi I have detailed stats on user access to my system detailing login and logout times as well as machine used, network username etc. I am in need of measuring what I would term a concurrent user licences level based on this information. Now I could take the maximum logged in for any 1 day in a 3 month period say 170 or I could take the average say 133. Does anyone have or know of a formula for working this out or is it as simple as the high water mark which is 170 in my example. A client has recently gone from an unlimited licence to a concurrent licence so I am faced with the task of setting the initial licence level. There is potential for more licence sales in the future so I don't want it set to high and I do want it based on historical data that the system collects rather than guess work.

    Read the article

  • How can I download information from bank accounts?

    - by Eric Anastas
    There are a number of free finance tracking sites out there like mint.com, wesabe.com etc.. . I've tried all of them and all seem to miss the mark in one way or another. I'm interested in creating my own website, or possibly just a stand alone windows program for tracking my finances in ASP.NET or C#.NET. I'm assuming the answer is no, but is there any way that a personal developer can download transactions from financial websites like these? I know once you login to most financial sites you can download a CSV or Quicken file. Yet I really like how I can log-in to my Mint.com account and update all my accounts with one click.

    Read the article

  • jQuery Sortable + Droppable z-index problem

    - by unknowndomain
    I am having a probelm with the z-index of my sortable object not being above my droppable. If you visit http://clareshilland.unknowndomain.co.uk/. Press Ctrl + L to bring up the login screen. Enter the username clare and the password shilland. It will then load in the admin bar and if you click manage gallery. A pop down thumbnail view will appear with all the photos from that gallery. The issue is that when you drag the 'polaroids' from the grid to the delete area they are under the delete area. I tried putting the delete area inside the same div as the grid but it makes no difference, I just don't know what to do at this point so any help would be a massive help!

    Read the article

  • WCF Service and Properties

    - by Karnalta
    Hi all, Here is my question, I have a solution with 4 projects in it for a WCF Service : DLL Library : Service Interface. DLL Library : Service Code. Form Application : Service hosting application. Form Application : Service client application. I'd like to have certain properties of the service accessible for the hosting application but not for the client one. If I declare a property in the client interface they will both have access to it. In fact, my service manage user identity login and keep a list of all user currently logged in. I'd like to be able to show this list in the Hosting application, like a debugging tool. But I don't want the service client to be able to access to this list. How can I do ? Thank in advance.

    Read the article

  • jQuery/Ajax/javascript in FireFox Error when using $.post/$.get

    - by IsenGrim
    uncaught exception: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE)" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: http://localhost/scripts/jQuery.js :: anonymous :: line 808" data: no] Line 0 is the error i get when i bring up firebug. This only happens in firefox (and maybe other browsers) but the code works fine in IE8. I have codes like this in jquery: $("#Logout").live("click", function (e) { e.preventDefault(e); $.post("/logout.php", {}, function () { //--a bunch of animations--// window.location = "/login.php"; } }); I have no idea whats wrong as even the error message is not helpful at all.. inside logout.php: <?php session_start(); session_destroy(); ?> Also dont work if I used GET or inserted phantom data. Or is there a more elegant way to do this?

    Read the article

  • Passing an array into hidden_field ROR

    - by JZ
    I'm trying to pass an array into a hidden_field. The following User has 3 roles [2,4,5] >> u = User.find_by_login("lesa") => #<User id: 5, login: "lesa", email: "[email protected]", crypted_password: "0f2776e68f1054a2678ad69a3b28e35ad9f42078", salt: "f02ef9e00d16f1b9f82dfcc488fdf96bf5aab4a8", created_at: "2009-12-29 15:15:51", updated_at: "2010-01-06 06:27:16", remember_token: nil, remember_token_expires_at: nil> >> u.roles.map(&:id) => [2, 4, 5] Users/edit.html.erb <% form_for @user do |f| -%> <%= f.hidden_field :role_ids, :value => @user.roles.map(&:id) %> When I submit my edit form, I receive an error: ActiveRecord::RecordNotFound in UsersController#update "Couldn't find Role with ID=245" How can I pass an array into the hidden_field?

    Read the article

  • Seemingly normal link does not work in MVC, IIS5, SparkView.

    - by Matt W
    I have a regular link being generated in MVC1.0 as: /Login/Logout This link does not work. The code for it is: <a href="${Links.Logout}" class="SignOut">Sign out</a> As I am using SparkView. I am using IIS5.1 on WinXP Pro. I cannot work out why the link on the page calls the MVC action if I open the link in a separate browser tab but not when I click directly on it in the original page. This feels like a browser bug (Chrome, Firefox, IE8) but they all perform the same way. Thanks, Matt.

    Read the article

  • Assembly wide multicast attributes. Are they evil?

    - by HeavyWave
    I am working on a project where we have several attributes in AssemblyInfo.cs, that are being multicast to a methods of a particular class. [assembly: Repeatable( AspectPriority = 2, AttributeTargetAssemblies = "MyNamespace", AttributeTargetTypes = "MyNamespace.MyClass", AttributeTargetMemberAttributes = MulticastAttributes.Public, AttributeTargetMembers = "*Impl", Prefix = "Cls")] What I don't like about this, is that it puts a piece of login into AssemblyInfo (Info, mind you!), which for starters should not contain any logic at all. The worst part of it, is that the actual MyClass.cs does not have the attribute anywhere in the file, and it is completely unclear that methods of this class might have them. From my perspective it greatly hurts readability of the code (not to mention that overuse of PostSharp can make debugging a nightmare). Especially when you have multiple multicast attributes. What is the best practice here? Is anyone out there is using PostSharp attributes like this?

    Read the article

  • Any MVVM frameworks work well with NavigationWindows?

    - by Will
    I'd like to "throw away" the current version of a WPF application and move version 2 to a stable MVVM framework. The main concern I'm having is that I don't see much talk about MVVM frameworks and navigation (i.e., NavigationWindows and Frames). My current app relies heavily on Pages to present views to the user. I would prefer to keep it this way. I'd rather not change everything to UserControls and rely on DataTemplates to switch out the view I need to present. Are there any MVVM frameworks that: Work well with NavigationWindows and Pages Provide ViewModels adequate access to the navigation process Provide the ability to change navigation in response to security-related events (e.g., redirect to login Page after logout)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 291 292 293 294 295 296 297 298 299 300 301 302  | Next Page >