I'm writing a web application for public consumption...How do you get over/ deal with the fear of User Input? As a web developer, you know the tricks and holes that exist that can be exploited particularly on the web which are made all the more easier with add-ons like Firebug etc Sometimes it's so overwhelming you just want to forget t...
I create a program that simulates me browsing to gmail, entering the user name and password and clicking the submit button. All this with C#. I would appreciate two kinds of answers: One that tells how to do this programaticaly. Since I may be interested in automating more sophisticated user activities. On that tells me about a pro...
Hi. I have application full of various controls databound to my classes. I would like to ask user "You are closing application and you made some changes. Do you want to save your changes?". For this I need to recognize that user made any changes. How to catch user made changes in databound controls? Is textBoxXXX_TextChanged the only w...
I run a small online gaming community and deal with a database of accounts. The setup is this: Folder named Accounts Inside the Accounts directory, there is 200,000+ text files organized by player name. Access to this folder manually is a pain because of the needed RAM to get in and search files. I find this very inconvenient. I acce...
I'm trying to write a helper function to use in a bash script to take a variable prompt string and return the value the user inputs. What I have sits and waits for a user to input the value without displaying the prompt first, which is puzzling. It also stores the echo in the return value ($foo), and doesn't keep the value read in with...
I'm trying to validate that an uploaded file really does have the .csv extension. This code isn't working, however: function upload_validate($form, &$form_state) { // code that does work ... else { $file = file_save_upload('upload'); $errors = file_validate_extensions($file, 'csv'); if (! empty($errors)) { form_set_err...
I would like to let my users use regular expressions for some features. I'm curious what the implications are of passing user input to re.compile(). I assume there is no way for a user to give me a string that could let them execute arbitrary code. The dangers I have thought of are: The user could pass input that raises an exception...
I want to use the response from an askstring prompt to set a variable. Unfortunately, I have the dilemma that I'm trapped in the loop asking the question or the window refuses to draw because the variable (urltoopen) has no value. The code as it stands: urltoopen = tkSimpleDialog.askstring('Address', 'Where do we get the pictures from?...
As part of a subscriber acquisition I am looking to grab user entered data from a html form and write it to a tab delimited text file using php.The data written needs to be separated by tabs and appended below other data. After clicking subscribe on the form I would like it to remove the form and display a small message like "thanks fo...
Is this enough? $listing = mysql_real_escape_string(htmlspecialchars($_POST['listing'])); ...
I'm a newbie at this, so please be nice to me =^) I'm creating a website with ASP.net and I have a sign up page. The user has to enter a name and password in textboxex, and choose a location and reason for joining from dropdown lists. (There is a built in wizard for new user sign-up but I chose not to use it). I would like to save the i...
Why 'exactly' does this code loop endlessly if you enter a non number character? The first question comes about because I want to learn good defensive coding. Does anyone know a good way to check user input? My google-fu failed me. Some people seemed to be of the opinion that if I specify %f in scanf that I am 'demanding' a float; I ver...
I have a database full of messages from a bulletin board. The board uses BB codes as formatting style. I.e.: I'm not formatted This is [b]bold[/b] text Tags can also [i][b]be[/b] nested[/i] And the [b]nesting [i]can be[/b] rather[/i] ugly My ultimate goal is to convert these messages to some well formed XML (no discussion here ;) ). ...
I've been using the free Firefox extension XSS Me from Security Compass to test for XSS problems. However, using what I understand to be safe filtering, XSS me still reports warnings. Are these accurate warnings or spurious? Using the code below as a testcase: <form method="post" action=""> <input type="text" name="param" value="<?php ...
I am very new to Java Me (first time). I want my program to ask the user for an IP addres. So four numbers that are between 0 and 255. It doesn't need to be difficult, but as I said, I'm new to Java Me. ...
Hi, I have one problem in a web server regarding the creation user folders and management. I have one page that users use to add the contents. During this add the user push one select button and add the content in one her folder like UserFolder/TheContent. I need to extend to use personalized folders using some item added by the user in...
I have a user input that would be used in a search string that may contain a metacharacter For e.g. C# or C++ my grep command in a function was: grep -E "$1|$2" test.txt under direct replacement: grep -E "C\+\+|testWord" test.txt grep -E "C\#|testWord" test.txt the first caught the lines fine but not the second. Strangely, # was...
In my application, I want to let users customize keyboard shortcuts, just like it's done in Visual Studio's keyboard options. The user can focus a blank text box and then type any shortcut he wants to assign to a command. The closest I've come to make it work is by subscribing to the TextBox.PreviewKeyDown event, setting it as handled t...
Hi, AnyOne knows how to do this in .NET? ...
Consider this situation: I've got an aquarium simulator where I have 5 different types of fishes. Different types means different attributes (speed, colour, hunger, etc). What if I want the user of my simulator to be able to create a new type of fish and give it its values for its attributes? How is that implemented by the programmer? D...