Search Results

Search found 30606 results on 1225 pages for 'database relations'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 809/1225 | < Previous Page | 805 806 807 808 809 810 811 812 813 814 815 816  | Next Page >

  • how to ensure comparison is case sensitive?

    - by newguy
    Hi there, im trying to do a comparison in MYSQL but wish for it to be case sensitive ex: $userID="test" $q = db_query("select * from users where user_id = '" . $userID . "'"); In DB: userid = "TEST" Ho do i go about making sure the mysql query does not return TRUE for this query as the userid varialbe doesnt match the case of the userid in the database thanks

    Read the article

  • how to reverse the order of words in query or c#

    - by Ranjana
    i have stored in the database as location India,Tamilnadu,Chennai,Annanagar while i bind in the grid view it ll be displaying as 'India,Tamilnadu,Chennai,Annanagar' this format. but i need to be displayed as 'Annanagar,Chennai,Tamilnadu,India' in this format. how to perform this reverse order in query or in c#

    Read the article

  • Drupal: update.php error...

    - by Patrick
    hi, I'm copying my Drupal installation to another folder and I've copied the related database. When I run update.php on the new copy I get the following error: http://dl.dropbox.com/u/72686/updateError.png should I disable some modules.. or is something about Drupal core ? thanks

    Read the article

  • What is the best way to generate XML from a C based CGI application using the SQLite API?

    - by Tommy
    Learning the basics of XML for the first time from W3C tutorials. How are most XML files generated? Does the server side application usually print a complete XML file to be parsed each time there is new data? I have a CGI application in C and it includes the SQLite API. Is the best way to do some sort of printf to a XML file (using my data from the database) so it can be parsed? Thanks.

    Read the article

  • SINGLE SIGN ON SECURITY THREAT! FACEBOOK access_token broadcast in the open/clear

    - by MOKANA
    Subsequent to my posting there was a remark made that this was not really a question but I thought I did indeed postulate one. So that there is no ambiquity here is the question with a lead in: Since there is no data sent from Facebook during the Canvas Load process that is not at some point divulged, including the access_token, session and other data that could uniquely identify a user, does any one see any other way other than adding one more layer, i.e., a password, sent over the wire via HTTPS along with the access_toekn, that will insure unique untampered with security by the user? Using Wireshark I captured the local broadcast while loading my Canvas Application page. I was hugely surprised to see the access_token broadcast in the open, viewable for any one to see. This access_token is appended to any https call to the Facebook OpenGraph API. Using facebook as a single click log on has now raised huge concerns for me. It is stored in a session object in memory and the cookie is cleared upon app termination and after reviewing the FB.Init calls I saw a lot of HTTPS calls so I assumed the access_token was always encrypted. But last night I saw in the status bar a call from what was simply an http call that included the App ID so I felt I should sniff the Application Canvas load sequence. Today I did sniff the broadcast and in the attached image you can see that there are http calls with the access_token being broadcast in the open and clear for anyone to gain access to. Am I missing something, is what I am seeing and my interpretation really correct. If any one can sniff and get the access_token they can theorically make calls to the Graph API via https, even though the call back would still need to be the site established in Facebook's application set up. But what is truly a security threat is anyone using the access_token for access to their own site. I do not see the value of a single sign on via Facebook if the only thing that was established as secure was the access_token - becuase for what I can see it clearly is not secure. Access tokens that never have an expire date do not change. Access_tokens are different for every user, to access to another site could be held tight to just a single user, but compromising even a single user's data is unacceptable. http://www.creatingstory.com/images/InTheOpen.png Went back and did more research on this: FINDINGS: Went back an re ran the canvas application to verify that it was not any of my code that was not broadcasting. In this call: HTTP GET /connect.php/en_US/js/CacheData HTTP/1.1 The USER ID is clearly visible in the cookie. So USER_ID's are fully visible, but they are already. Anyone can go to pretty much any ones page and hover over the image and see the USER ID. So no big threat. APP_ID are also easily obtainable - but . . . http://www.creatingstory.com/images/InTheOpen2.png The above file clearly shows the FULL ACCESS TOKEN clearly in the OPEN via a Facebook initiated call. Am I wrong. TELL ME I AM WRONG because I want to be wrong about this. I have since reset my app secret so I am showing the real sniff of the Canvas Page being loaded. Additional data 02/20/2011: @ifaour - I appreciate the time you took to compile your response. I am pretty familiar with the OAuth process and have a pretty solid understanding of the signed_request unpacking and utilization of the access_token. I perform a substantial amount of my processing on the server and my Facebook server side flows are all complete and function without any flaw that I know of. The application secret is secure and never passed to the front end application and is also changed regularly. I am being as fanatical about security as I can be, knowing there is so much I don’t know that could come back and bite me. Two huge access_token issues: The issues concern the possible utilization of the access_token from the USER AGENT (browser). During the FB.INIT() process of the Facebook JavaScript SDK, a cookie is created as well as an object in memory called a session object. This object, along with the cookie contain the access_token, session, a secret, and uid and status of the connection. The session object is structured such that is supports both the new OAuth and the legacy flows. With OAuth, the access_token and status are pretty much al that is used in the session object. The first issue is that the access_token is used to make HTTPS calls to the GRAPH API. If you had the access_token, you could do this from any browser: https://graph.facebook.com/220439?access_token=... and it will return a ton of information about the user. So any one with the access token can gain access to a Facebook account. You can also make additional calls to any info the user has granted access to the application tied to the access_token. At first I thought that a call into the GRAPH had to have a Callback to the URL established in the App Setup, but I tested it as mentioned below and it will return info back right into the browser. Adding that callback feature would be a good idea I think, tightens things up a bit. The second issue is utilization of some unique private secured data that identifies the user to the third party data base, i.e., like in my case, I would use a single sign on to populate user information into my database using this unique secured data item (i.e., access_token which contains the APP ID, the USER ID, and a hashed with secret sequence). None of this is a problem on the server side. You get a signed_request, you unpack it with secret, make HTTPS calls, get HTTPS responses back. When a user has information entered via the USER AGENT(browser) that must be stored via a POST, this unique secured data element would be sent via HTTPS such that they are validated prior to data base insertion. However, If there is NO secured piece of unique data that is supplied via the single sign on process, then there is no way to guarantee unauthorized access. The access_token is the one piece of data that is utilized by Facebook to make the HTTPS calls into the GRAPH API. it is considered unique in regards to BOTH the USER and the APPLICATION and is initially secure via the signed_request packaging. If however, it is subsequently transmitted in the clear and if I can sniff the wire and obtain the access_token, then I can pretend to be the application and gain the information they have authorized the application to see. I tried the above example from a Safari and IE browser and it returned all of my information to me in the browser. In conclusion, the access_token is part of the signed_request and that is how the application initially obtains it. After OAuth authentication and authorization, i.e., the USER has logged into Facebook and then runs your app, the access_token is stored as mentioned above and I have sniffed it such that I see it stored in a Cookie that is transmitted over the wire, resulting in there being NO UNIQUE SECURED IDENTIFIABLE piece of information that can be used to support interaction with the database, or in other words, unless there were one more piece of secure data sent along with the access_token to my database, i.e., a password, I would not be able to discern if it is a legitimate call. Luckily I utilized secure AJAX via POST and the call has to come from the same domain, but I am sure there is a way to hijack that. I am totally open to any ideas on this topic on how to uniquely identify my USERS other than adding another layer (password) via this single sign on process or if someone would just share with me that I read and analyzed my data incorrectly and that the access_token is always secure over the wire. Mahalo nui loa in advance.

    Read the article

  • What's SQL table name for table between 'Users' and 'UserTypes' ?

    - by Space Cracker
    i have tow tables in my database : Users : contain user information UserTypes : contain the names of user types ( student , teacher , specialist ) - I can't rename it to 'Types' as we have a table with this name relation between Users and UserTypes many to many .. so i'll create a table that have UserID(FK) with UserTypeID(FK) but I try to find best name for that table ... any suggestion please ?

    Read the article

  • Oracle 10g express edition import

    - by Jasim
    How can i import a DMP file into my oracle 10g expression edition database? I tried with imp but its showing an error: IMP-00010: not a valid export file, header failed verification IMP-00000: Import terminated unsuccessfully How can i solve this?

    Read the article

  • Windows Media Service authentication issue

    - by George2
    Hello everyone, I am using Windows Server 2008 R2 with Windows Media Service. At the client side, I want to use Silverlight to play the media file. I am using VSTS 2008 + Silverlight 3 + ASP.Net + .Net 3.5. I want to know how to implement a custom authentication protocol (I have a custom user database, which contains user name and password. I want to enable logged-in user to be able to play through Silverlight)? thanks in advance, George

    Read the article

  • How we can dyanamically bind data with diffrerent dropdownlist in a grid view?

    - by Lock up
    i am wking on an assignment in which i have a gridview that contain deptno in a dropdownlist.by selecting a particular deptno from that dropdownlist,the number of employee of that department displayed in second dropdownlist that is for displaying employyee of a department.And after selecting the employee its salary detail and date of joining displayed in textboxes?we have two database table one is for employee(fields are deptno,empname,salary,joining date,status(true/false))and second department(fields are deptno,deptname,location);;;

    Read the article

  • SimpleDB as Denormalized DB

    - by Max
    In an environment where you have a relational database which handles all business transactions is it a good idea to utilise SimpleDB for all data queries to have faster and more lightweight search? So the master data storage would be a relational DB which is "replicated"/"transformed" into SimpleDB to provide very fast read only queries since no JOINS and complicated subselects are needed.

    Read the article

  • Persistance Queue Implementation

    - by Winter
    I was reading an article on Batch Processing in java over at JDJ http://java.sys-con.com/node/415321 . The article mentioned using a persistence queue as a Batch Updater instead of immediately sending an individual insert or update to the database. The author doesn't give a concrete example of this concept so I googled Persistence Queue but that didn't come up with much. Does anyone know of a good example of this?

    Read the article

  • Hibernate find by criteria get single result

    - by GigaPr
    Hi, i am experimenting using Hibernate. I am trying to get a User by id this is what i do public User get(DetachedCriteria dc){ List<User> users = getHibernateTemplate().findByCriteria(dc); if(users != null) { return users.get(0); } else return null; } but it fails when the user is not in the database. Could you help me to understand how to achieve this? Thanks

    Read the article

  • save Date Number in PHP variable.

    - by Denoteone
    This question goes along with another one of my post that I already accepted How do I get the "date number" in php 2010-08-24 20:00:00.000 I want to assign the current date number to a variable $current_date_num so I can use it in my query to compare what is already in the database. $query ="SELECT * FROM Reservations WHERE [Room_ID] = '$field' AND [Meeting Start] > '$current_date_num' ORDER BY [Meeting Start] asc ";

    Read the article

  • memory size exceeded?

    - by asdas
    i have a form that submits data to a database, i have a function that looks like this: //connect foreach ($_POST as $key => $value) { $_POST[$key] = mysql_real_escape_string($value); } now when i post, SOMETIMES i get an error that says this: Allowed memory size of 268435456 bytes exhausted i figured out that when i do a linebreak, or press enter in the message field, then that is when it causes the error, otherwise it works normal. any ideas?

    Read the article

  • jQuery + ajax livesearch

    - by andrei
    I am doing a mysql database search and retrieving some results via ajax livesearch using the example on w3schools and i want to manipulate those results (drag and drop them) but im having a problem because the script loads before you enter the search and get the results so it does absolutely nothing no the search results. Any thoughts on this matter ?

    Read the article

  • Is it possible to Load hbm.xml info at app startup instead of via an embedded resource?

    - by Daniel Auger
    All of the NHibernate examples I've see that use hbm files have the hbm.xml file set as an embedded resource with "do not copy" chosen in the file properties. This means that if a database column name were to change in production, the app would have to be recompiled with the changes in the hbm.xml file during build time. Is there any way to make NHibernate load the hbm.xml files from the file system at application startup instead of using an embedded version?

    Read the article

  • Not able to create a datasource registration with WAMP MysQL 5.0 in DBArtisan

    - by Alf Christophersen
    I try in a test version of DBArtisan to set up a datasource and register both servere as localhost, database to use, my username and password, but, when testing the connection, I get message that connection failed. Hooking up from eg. Delphi and other utilities run nicely. But not DBArtisan, Is MySQL 5.0 not supported yet ?? Or is it WAMP that is the culprit naming the service wampmysqld insted of just mysqld ??

    Read the article

  • Help getting the following create table function to work with mysql and C#

    - by Matt
    string createTable = "CREATE TABLE IF NOT EXISTS " + m_strDatabase + "_TimeLogs (logName VARCHAR(16), logTime INTEGER, logCountry TEXT, UNIQUE(logName)) TYPE=MyISAM;"; When this runs, no table is created. No errors either. Im using an ODBC connector. the variable passes in the db name, so that the table created would be users_TimeLogs if the database was called users for example. Am I doing something wrong?

    Read the article

  • Facebook application - Add wall

    - by fortysixandtwo
    How can I add a wall on my facebook-application (fbml). Do I have to store the wallposts (user-id and comment) in my database, and display them using fb:wall, fb:wallposts, or is it a plugin like fb:comments for this? If so, how do I add a textfield/form for interacting with the wall?

    Read the article

  • Conditional use of wp_list_categories (Wordpress)

    - by YsoL8
    Hello I am using the wp_list_categories tag in Wordpress. I would like to wrap this in a condition so it is only used when there are posts in the database. Something like: if ($number_of_posts > "0") { } But I can't find a function that'll let me count the number of posts. Anyone know the solution?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 805 806 807 808 809 810 811 812 813 814 815 816  | Next Page >