So I'm setting up my form validation, inputs, error messages etc... and then realized a lot of the info that I'm collecting will need to be output again at some point. So I wrapped my inputs in: Server.HtmlEncode(txtbox.text); What else should I be doing to ensure that i avoid XSS types of attacks? Should I be be doing something whe...
I'm wondering if there is a way to add my own input method in iPhone. (I know there are some apps like iCosta and WeFit doing this.) But is there a officially supported way to do this? Or do you have any reference documents for this? Thanks ...
I want to compare a string with user input character by character. e.g. I want to let user input "I have an apple." and compare the input with this string to see if his input is correct. When he input a wrong character, iphone will vibrate to inform him immediately. The problem is that I find some characters like the space will call the ...
I am evaluating user inputs as commands for my application. If the user presses Q, or q, and then hits enter, the application quits and execution terminates. Is there a proper context, or best practices on how to do that? I do not have any resources to release, or anything like that. Should I just use System.exit(0);? Is there a recomm...
I am looking into starting a project which involves executing python code that the user enters via a HTML form. I know this can be potentially lethal (exec), but I have seen it done successfully in at least one instance. I sent an email off to the developers of the Python Challenge and I was told they are using a solution they came up ...
I was hoping to get some opinions regarding best practices and comments on the way I read user input from the command line. Is there a recommended way to do this, am I using the try/catch blocks properly? My example here works fine, but would still like to hear if there is a 'cleaner' way to do this. Many thanks. For example are he retu...
I am using the scanner class to capture user input from the command line (strings only), as an alternative to my previous question. The following seems to work fine, except the blank lines are not caught as they should by the second conditional. For example when I press enter, this should be captured as a blank line and the second condi...
What would be the most efficient way to clean a user input that is a comma seperated string made entirely on numbers - e.g 2,40,23,11,55 I use this function on a lot of my inputs function clean($input){ $input=mysql_real_escape_string(htmlentities($input,ENT_QUOTES)); return $input; } And on simple integers I do: if (!filter_v...
I'm looking for a way to parse some user-input. The input should show which searches have to be performed and how they have to be combined. 1 AND 2 (3 AND 2) OR 1 (3 AND 2) OR (1 AND 4) ( (3 OR 4) AND 1) OR 2 etc. The first example should combine the results of search 1 and 2 in an AND-fashion. The second example should combine the r...
I am having problems trying to write the correct code to test whether a string from the keyboard contains a valid date with the correct amount of months, days for each particular month and format mm/dd/yyyy with adjustments for leap years here is what Ive done so far I dont think I am even close but any help would be greatly appreciated...
In my lua program, i want to stop and ask user for confirmation before proceeding with an operation. I'm not sure how to stop and wait for user input, how can it be done? ...
Using MIPS assembly if I prompt a user to input an integer how can I then take that integer and break it up into it's requisite parts? Example: # User inputs a number li $v0, 5 # read value of n syscall I then store the value in $v0 in a temporary register, say $t0, and need to break it up into each part that...
Hello, I am trying to figure out what is the best way to manage the data a user inputs concerning non desirable tags he might insert: strip_tags() - the tags are removed and they are not inserted in the database the tags are inserted in the database, but when reading that field and displaying it to the user we would use htmlspecialcha...
Ok, so a user enters some information on a JSP and clicks 'submit' which launches a servlet. This servlet then processes the information and sends back another JSP. That works fine. However, what about if the servlet needs to ask the user a question before continuing the processing? In a general Java Application you can use the likes of...
I have a Tomcat application that requires multiple passwords on startup. My current configuration uses a Java Properties object to load in the passwords from a password.conf file. There's now a requirement that no passwords are allowed in 'the clear' on the system. I had suggested encrypting the password file, but this isn't an option. ...
Hello all, Consider the following scenario: http://www.yourdomain.com/Default.aspx?p=2 Now we ofcourse want to check if the querystring parameter p doesnt contain errors. I now have this setup: 1) Check if p exists 2) Filter out html from p's value 3) htmlencode p's value 4) check if p is integer 5) check if p's integer exists in ...
I'm creating a wizard-based series of forms for taking user inputs. One of the requirements for that wizard is that the script (PHP) cannot save the inputs into the database (MySQL) until the user clicks the 'Save' button, so I have to device a mechanism to transport user inputs in one form to another when the user clicks 'Previous' or '...
Hi, I'm trying to find a benchmark for how long users are willing to wait for a response from a remote service. In my case the response is for very useful but not business critical validation of data entry. I guess that there must have been some work done in the HCI space on this. If you know of a generally accepted definition for soft...
What is the maximum number of entries a simple ListBox (ComboBox) should contain? There are fifty states in the US - is 50 too many? There are over 270 countries and territories in the world - is 270 too many? When should a ListBox include search or type-ahead capabilities? When should the designer consider something other than a L...
I am writing a program in C#. The program controls a physical filter wheel which has interchangable wheels A through H. Each wheel can hold 8 filters. I want the user to be able to store friendly names for each filter in each wheel (64 total). The device and program are capable of identifying the wheel ID(A-H) and filter position (1-8) s...