|
Hi,
I don't know where to start with the following, I would like to create a webpage with a list of physical products. Once a user selects, a new dialog pops up with the product view in 3D. By dragging within the window, the user can rotate the view of the product (and zoom as well using another control). Anyone have an idea how this could be done?
THANKS!
I am a SysAdmin, I battle my own daemons.
|
|
|
|
|
|
You'll need to get into DHTML for most of it (javascript and DOM with some CSS thrown in) and probably Ajax to load product details. The rotate view I guess would need Flash.
|
|
|
|
|
Hi
Most of us as web developers know how to hash user passwords within our database in order to prevent hackers from abusing stolen passwords in case they are stored in a plain text format. But I personally haven't seen any thing as a best practice (something standard recommended to all developers) to protect our sensitive data from being stolen.
As an example of a situation where we might want to encrypt some of our database fields, consider a shopping site which sells all its products through custom credit cards designed and delivered by your company whose information (including amount of each card's credit) have been stored on a database. Now, as the owner of such database, I'm mostly obsessed with these concerns when it comes to data encryption in database:
1- Which of the symmetric encryption algorithms is faster or recommended for encrypting "credit" field?
2- Where do you store your encryption key? in source code? What if your source is stolen too? Is it sensible to rely on this fact that nobody can access our compiled .net assemblies on the server and hence storing the key there?
3- How do you detect a new record that hasn't been inserted to database by your application but by a hacker?
* These are my main approaches concerning above issues:
1- In order to prevent passwords from being seen: I'll hash them with a salt
2- I order to prevent a hacker from modifying the amount of a card: I will hash and store the credit amount using a salt (e.g. Hash("34$"+salt)), and I'll also store the encrypted value of the credit amount (e.g. Encrypt("34$"+password)). Now, whenever I see that the hashed credit value of a record doesn't match the previously hashed value, I'll restore the credit amount from where I've already encrypted it.
3- In order to prevent a hacker from inserting his own credit card into database: I'll assign a unique ID field to each card, which has been generated based on a rule (like a serial number). So, the hacker won't know how to generate new valid card IDs unless he accesses my code and knows the rule.
The last concern: Checking all the constraints mentioned above, doesn't it hit the performance considerably? If so, what should we do then?!!!
Any helping ideas are most welcome and greatly appreciated!
|
|
|
|
|
Performance won't be an issue. You are going to want atleast a 1024bit algorithm for credit card details (although you really shouldn't store these). Do a bit of research on Asymmetric encryption.
Brad
Australian
- Christian Graus on "Best books for VBscript"
A big thick one, so you can whack yourself on the head with it.
|
|
|
|
|
Hi
I know what asymmetric encryption is and know that it's much slower than symmetric. What kind of info should I search on asymmetric encryption? And why do you think that performance won't be an issue?!
thanks in advance
|
|
|
|
|
As said before, performance is not an issue. You should asymmetrically encrypt or hash all sensitive data.
Brad
Australian
- Captain See Sharp on "Religion"
any half intelligent person can come to the conclusion that pink unicorns do not exist.
|
|
|
|
|
Hi! for validation of password, i want to write an regular expression in javascript to validate user password. my requirement is...
1. Password should be of length 6 character.
2. password only can contains:? A-Z, a-z & 0-9 & _
3. password should contains at least one digit.
4. password can not be equal to user name.
5. password can not be reverse of user name.
6. password should begins from character belongint to A-Z or a-z.
can any one help me to write regular expression??
Thanks & Regards,
SAMir Nigam,
Software Developer,
STPL, Lucknow, India.
|
|
|
|
|
Nigam SAMir wrote: 1. Password should be of length 6 character.
2. password only can contains:? A-Z, a-z & 0-9 & _
6. password should begins from character belongint to A-Z or a-z.
^[A-Za-z][A-Za-z0-9_]{5}$
Note that best-practice dictates that your password should be at least 8 characters. Also insisting that the password starts with an alpha character weakens the password.
Nigam SAMir wrote: 3. password should contains at least one digit.
[0-9]
Nigam SAMir wrote: 4. password can not be equal to user name.
5. password can not be reverse of user name.
Cannot do using regular expression.
Hope that helps.
Andy
|
|
|
|
|
hi all
i setup Ajax 1.0 after that i create a project, i choise a page is Ajax
but on Webconfig i add <appsetting> is error
Error 36 Only one <configsections> element allowed per config file and if present must be the first child of the root <configuration> element. C:\Documents and Settings\Administrator\My Documents\Visual Studio 2005\WebSites\AJAXEnabledWebSite3\Web.config 8
????
|
|
|
|
|
Hmm, I'm going to go out on a limb here and guess that your web.config is a bit messed up. Perhaps making sure it is valid would be a start.
|
|
|
|
|
Hi,
I'm currently AJAX-enabling an existing project and came across the folliwing issue.
On the developer machine the whole app (localhost/appname) runs just fine, but is not reachable from remote machines (ipaddress/appname - using windows auth) - meaning the app starts, but failes to load the external ajax scripts (via ScriptResource.axd) which then results the known "Sys undefined" error message.
Same behaviour when I deploy my app to the test or production server.
I've tried to publish the web site and deploy the precompiled code but this didn't help anything. My Web.config is correct, the Script-Handlers are configured correct, etc. I really double-checked everything twice...
Any tips or hints?
|
|
|
|
|
According to the front end field right now it's too short.It shows just Name and Addres (example) if we like to add up more details of the front end.How should we design the programe? We need some help on this point. Thank you in advances.
Tospon
|
|
|
|
|
This is a very vague question - in what way do you need help?
|
|
|
|
|
I would like to design database and coding program example the right now the screen customer have field Name and Address (textbox for entry) but right now user request field Phone. I would like to add up field by user (user have back end screen (screen for setting) him can create field "Phone" by i don't modify program).Thank you in advances.
I would like to know how design and coding.
|
|
|
|
|
I have idea expand to this question. you can see http://www.zoho.com/crm press online demo press setup example header "Lead Einstellungen" press Felderliste. Right now you can add field by press "New custom field" .I would like to design and code program like that.Thank you in advances.
|
|
|
|
|
hi all
i want to check is COOKIES are Allowed or Not ?
and also if cookies are NOT ALLOWED in Browser it is possible using SCRIPT can i set cookies for my site ?
plz help me
SP
--
Bugs can neither be created nor be removed from software by a developer. They can only be converted from one form to another. The total number of bugs in the software always remain constant.
|
|
|
|
|
<script type="text/javascript">
var cookieEnabled=(navigator.cookieEnabled)? true : false
if (typeof navigator.cookieEnabled=="undefined" && !cookieEnabled){
document.cookie="testcookie"
cookieEnabled=(document.cookie.indexOf("testcookie")!=-1)? true : false
}
</script>
Ref: Determining JavaScript cookie support in client's browser
Thanks and Regards,
Michael Sync ( Blog: http://michaelsync.net)
If you want to thank me for my help, please vote my message by clicking one of numbers beside "Rate this message". Why vote? Plz Read it here. Thank you.
|
|
|
|
|
|
Hi all
My image (image is html) have Event onmouseover. I want Remove Event onmouseover by javacripts. how will i do it. ?????
""
-- modified at 22:14 Tuesday 27th February, 2007
|
|
|
|
|
I'm not very sure that I got you..
maybe. you can try like that..
<img src="Images/sliderbuttonoff.png" id="zoom0" onmouseout="javascript:this.src='Images/sliderbuttonoff.png';" onmouseover="javascript:this.src='Images/northover.png';" class="buttonBarButton0" alt="demo" />
Thanks and Regards,
Michael Sync ( Blog: http://michaelsync.net)
If you want to thank me for my help, please vote my message by clicking one of numbers beside "Rate this message". Why vote? Plz Read it here. Thank you.
|
|
|
|
|
Looks like it was removed for you.
Brad
Australian
- Christian Graus on "Best books for VBscript"
A big thick one, so you can whack yourself on the head with it.
|
|
|
|
|
How do I connect to a SQL SERVER 2005 DSN Using ASP? I have not done this in awhile (mainly Administration) and Having problems.
|
|
|
|
|
|
I am trying to export some data to an excel spreadsheet by passing variables to it. I keep getting a blank page. My code looks like this:
On the first page where I pull the data from the database I have this link:
target="_blank" href="DocAttach_Summary_Excel.asp?HMO=<%=request.form("HMO")%>">Export to Excel
My export to excel page looks like this:
<%
Response.ContentType = "application/vnd.ms-excel"
%>
<% set objconn=server.createobject("adodb.connection")
connpath="DBQ=" & server.mappath("/fpdb/ClaimMart_Access.mdb")
objconn.Open "DRIVER={Microsoft Access Driver (*.mdb)}; " & connpath
Dim THMO
THMO = request.querystring("HMO")
set objrs=objconn.execute("SELECT * FROM Tbl_DocAttached_Summary WHERE (HMO = THMO)")
%>
<%
' Loop through each Field, printing out the Field Names
For i = 0 to objrs.fields.count - 1
%>
<% next %>
<%
' Loop through rows, displaying each field
while not objrs.eof
%>
<% For i = 0 to objrs.fields.count - 1
%>
<% Next %>
<%
objrs.MoveNext
wend
objrs.Close
objconn.close
%><% = objrs(i).name %> | <% = objrs(i) %> |
|
|
|
|