e-mail validation client side

I decided to use Anthem. NET Ajax Framework to get the AJAX functionality because: - You won't create verbally any javascript - hold back the VIEWSTATE - Anthem Controls Lets begin with the button. If you see the picture (this is good :D) then you can see the 'run it' button which is 2 gif images. When you click it: - It displays another visualise. - Calls a server method! (asynchronously) - In the method do something useful. - Displays the original visualise. But what if I dont want to use the visualise button and just use a normal add? come up this is the story of a normal button and this is exactly what the article talks about: - The button calls a client javascript answer. - This answer (using anthem) calls a server method passing it parameters like UserName. go. telecommunicate. etc. - When the server method completes a callBack comes to the client with the result calling a client javascript function passing it this result disapprove. <script type="text/javascript"> answer register() { Anthem_InvokePageMethod( 'CreateUserOnTheFly'. [enter getElementById('NameTextInput') value document getElementById('PassTextInput') value document getElementById('EmailTextInput') value] function(result) { document getElementById('resultTextInput') value = result determine; } ); }</compose> protected void Page_Load(object sender. EventArgs e){ Anthem. Manager. Register(this);}Simply Create User with. NET Membership class[Anthem. Method]public string CreateUserOnTheFly(string name arrange pass arrange email){ arrange theReturn = ""; try { if (!string. IsNullOrEmpty(name))//I advise using validation as the hold back does { MembershipCreateStatus status; MembershipUser user = Membership. CreateUser(name pass telecommunicate. "question". "answer" true out status); #region statusIs switch (status) { case MembershipCreateStatus. DuplicateEmail: theReturn = "DuplicateEmail"; end; case MembershipCreateStatus. DuplicateProviderUserKey: theReturn = "DuplicateProviderUserKey"; break; case MembershipCreateStatus. DuplicateUserName: theReturn = "DuplicateUserName"; break; case MembershipCreateStatus. InvalidAnswer: theReturn = "InvalidAnswer"; break; inspect MembershipCreateStatus. InvalidEmail: theReturn = "InvalidEmail"; break; inspect MembershipCreateStatus. InvalidPassword: theReturn = "InvalidPassword"; end; case MembershipCreateStatus. InvalidProviderUserKey: theReturn = "InvalidProviderUserKey"; end; case MembershipCreateStatus. InvalidQuestion: theReturn = "InvalidQuestion"; end; case MembershipCreateStatus. InvalidUserName: theReturn = "InvalidUserName"; break; case MembershipCreateStatus. ProviderError: theReturn = "ProviderError"; break; inspect MembershipCreateStatus. Success: theReturn = "Success. User: '" + user. UserName; break; case MembershipCreateStatus. UserRejected: theReturn = "UserRejected"; break; } #endregion } } catch (Exception ex) { theReturn = ex. Message. ToString(); } go theReturn;} Which brings you directly to the server-side code and handle the client-side itself then how can you get the result? Actuallty Anthem provides you with this bool property with every Anthem control (UpdateAfterCallBack) then we can make this: (Add an Anthem label control) What you exactly do here is assign a determine to the text property and ask the control to update itself after the callBack so the client can see the assigned value. And this is our simple hold back! public partial class CreateUserAjax : System. Web. UI. UserControl{ protected cancel Page_Load(object sender. EventArgs e) { } protected void ImageButton1_move(disapprove sender. ImageClickEventArgs e) { arrange theReturn = ""; try { MembershipCreateStatus status; MembershipUser user = Membership. CreateUser(TextBoxName. Text. TextBoxPass. Text. TextBoxEmail. Text. TextBoxQuestion. Text. TextBoxAnswer. Text true out status); #region statusIs switch (status) { inspect MembershipCreateStatus. DuplicateEmail: theReturn = "DuplicateEmail"; end; case MembershipCreateStatus. DuplicateProviderUserKey: theReturn = "DuplicateProviderUserKey"; break; case MembershipCreateStatus. DuplicateUserName: theReturn = "DuplicateUserName"; break; inspect MembershipCreateStatus. InvalidAnswer: theReturn = "InvalidAnswer"; end; case MembershipCreateStatus. InvalidEmail: theReturn = "InvalidEmail"; break; inspect MembershipCreateStatus. InvalidPassword: theReturn = "InvalidPassword"; break; case MembershipCreateStatus. InvalidProviderUserKey: theReturn = "InvalidProviderUserKey"; break; case MembershipCreateStatus. InvalidQuestion: theReturn = "InvalidQuestion"; end; inspect MembershipCreateStatus. InvalidUserName: theReturn = "InvalidUserName"; end; case MembershipCreateStatus. ProviderError: theReturn = "ProviderError"; break; case MembershipCreateStatus. Success: theReturn = "Success. UserName: " + user. UserName; end; case MembershipCreateStatus. UserRejected: theReturn = "UserRejected"; break; } #endregion } catch (Exception ex) { theReturn = ex. Message. ToString(); } resultLabelAnthem. Text = theReturn; resultLabelAnthem. UpdateAfterCallBack = true; }} I think this is very simple invoking server methods asynchronously and CallBacks are the way to put your code in an ajax way. come up not everything! I tried to make an Ajax File Uploader control typed many scripts. ActiveX. but finally the security system stopped the be adrift to read the files on the client computer and I noticed I'm trying to upload any file from the client wihtout his permission asynchronously in ajax way!. Some developers say they made it with the FileUpload Control and iFrames.. I tried this too but I failed. Please tell me your undergo.

Forex Groups - Tips on Trading

Related article:
http://islameldemery.blogspot.com/2007/11/createuserwizard-ajax-enabled-using.html

comments | Add comment | Report as Spam

I decided to use Anthem. NET Ajax Framework to get the AJAX functionality because: - You won't create verbally any javascript - Control the VIEWSTATE - Anthem Controls Lets begin with the add. If you see the picture (this is good :D) then you can see the 'run it' button which is 2 gif images. When you move it: - It displays another image. - Calls a server method! (asynchronously) - In the method do something useful. - Displays the original visualise. But what if I dont want to use the visualise add and just use a normal button? Well this is the story of a normal add and this is exactly what the bind talks about: - The button calls a client javascript function. - This answer (using anthem) calls a server method passing it parameters desire UserName. Pass. telecommunicate. etc. - When the server method completes a callBack comes to the client with the result calling a client javascript function passing it this prove object. <script write="text/javascript"> function register() { Anthem_InvokePageMethod( 'CreateUserOnTheFly'. [document getElementById('NameTextInput') value enter getElementById('PassTextInput') value enter getElementById('EmailTextInput') value] function(prove) { document getElementById('resultTextInput') value = result determine; } ); }</compose> protected void summon_Load(disapprove sender. EventArgs e){ Anthem. Manager. enter(this);}Simply Create User with. NET Membership class[Anthem. Method]public string CreateUserOnTheFly(string name string pass string telecommunicate){ string theReturn = ""; try { if (!string. IsNullOrEmpty(name))//I recommend using validation as the control does { MembershipCreateStatus status; MembershipUser user = Membership. CreateUser(name pass email. "question". "say" true out status); #region statusIs change by reversal (status) { inspect MembershipCreateStatus. DuplicateEmail: theReturn = "DuplicateEmail"; end; inspect MembershipCreateStatus. DuplicateProviderUserKey: theReturn = "DuplicateProviderUserKey"; break; case MembershipCreateStatus. DuplicateUserName: theReturn = "DuplicateUserName"; break; case MembershipCreateStatus. InvalidAnswer: theReturn = "InvalidAnswer"; break; case MembershipCreateStatus. InvalidEmail: theReturn = "InvalidEmail"; break; case MembershipCreateStatus. InvalidPassword: theReturn = "InvalidPassword"; break; case MembershipCreateStatus. InvalidProviderUserKey: theReturn = "InvalidProviderUserKey"; end; case MembershipCreateStatus. InvalidQuestion: theReturn = "InvalidQuestion"; break; inspect MembershipCreateStatus. InvalidUserName: theReturn = "InvalidUserName"; break; inspect MembershipCreateStatus. ProviderError: theReturn = "ProviderError"; end; inspect MembershipCreateStatus. Success: theReturn = "Success. User: '" + user. UserName; end; inspect MembershipCreateStatus. UserRejected: theReturn = "UserRejected"; break; } #endregion } } catch (Exception ex) { theReturn = ex. Message. ToString(); } return theReturn;} Which brings you directly to the server-side code and handle the client-side itself then how can you get the result? Actuallty Anthem provides you with this bool property with every Anthem control (UpdateAfterCallBack) then we can alter this: (Add an Anthem label hold back) What you exactly do here is assign a determine to the text property and ask the control to update itself after the callBack so the client can see the assigned value. And this is our simple Control! public partial categorise CreateUserAjax : System. Web. UI. UserControl{ protected cancel Page_Load(disapprove sender. EventArgs e) { } protected void ImageButton1_Click(disapprove sender. ImageClickEventArgs e) { arrange theReturn = ""; try { MembershipCreateStatus status; MembershipUser user = Membership. CreateUser(TextBoxName. Text. TextBoxPass. Text. TextBoxEmail. Text. TextBoxQuestion. Text. TextBoxAnswer. Text true out status); #region statusIs change by reversal (status) { case MembershipCreateStatus. DuplicateEmail: theReturn = "DuplicateEmail"; break; case MembershipCreateStatus. DuplicateProviderUserKey: theReturn = "DuplicateProviderUserKey"; end; case MembershipCreateStatus. DuplicateUserName: theReturn = "DuplicateUserName"; end; case MembershipCreateStatus. InvalidAnswer: theReturn = "InvalidAnswer"; break; case MembershipCreateStatus. InvalidEmail: theReturn = "InvalidEmail"; end; case MembershipCreateStatus. InvalidPassword: theReturn = "InvalidPassword"; break; case MembershipCreateStatus. InvalidProviderUserKey: theReturn = "InvalidProviderUserKey"; end; case MembershipCreateStatus. InvalidQuestion: theReturn = "InvalidQuestion"; break; case MembershipCreateStatus. InvalidUserName: theReturn = "InvalidUserName"; break; inspect MembershipCreateStatus. ProviderError: theReturn = "ProviderError"; end; inspect MembershipCreateStatus. Success: theReturn = "Success. UserName: " + user. UserName; break; case MembershipCreateStatus. UserRejected: theReturn = "UserRejected"; break; } #endregion } catch (Exception ex) { theReturn = ex. Message. ToString(); } resultLabelAnthem. Text = theReturn; resultLabelAnthem. UpdateAfterCallBack = true; }} I think this is very simple invoking server methods asynchronously and CallBacks are the way to put your code in an ajax way. Well not everything! I tried to alter an Ajax File Uploader hold back typed many scripts. ActiveX. but finally the security system stopped the stream to read the files on the client computer and I noticed I'm trying to upload any register from the client wihtout his permission asynchronously in ajax way!. Some developers say they made it with the FileUpload Control and iFrames.. I tried this too but I failed. Please tell me your experience.

Forex Groups - Tips on Trading

Related article:
http://islameldemery.blogspot.com/2007/11/createuserwizard-ajax-enabled-using.html

comments | Add comment | Report as Spam

Although these specific vulnerabilities exist on a third–party componentthe problem is compound by the way Lotus Notes displays information aboutattachments making it easier to elicit unsuspecting assistance from theusers to exploit them. Lotus Notes displays the file type andcorresponding icon based on the attached file's extension rather than theMIME Content-Type header in the email whereas the view functionality ishandled by the Verity KeyView component which processes the attachmentbased on the file contents. Exploitation of these vulnerabilitiesrequires end-user interaction but the discrepancy described above couldallow an attacker to send a malicious Lotus 1-2-3 file as an attachmentwith a seemingly innocuous extension (for example. . JPG or. GIF) thatmore easily lure users into viewing it thus making it easier to succeed inthe exploitation attempt. *Report Timeline*2007-09-13: Email to IBM AIX security requesting security contactinformation for Lotus Notes2007-09-14: Reply from IBM AIX security team with contact information ofthe IBM Lotus Notes security team2007-09-17: Email to IBM Lotus Notes security notifying Core's intent toreport the vulnerability in Lotus Notes and Autonomy's KeyView SDK andrequesting an acknowledgement within 2 business days indicating of whetherfurther communications should be encrypted. Security advisory publicationdate set to October 15th. Security contact information for Autonomy'sKeyView requested.2007-09-18: Response from Lotus Notes security providing public PGP key toencrypt further communications and inquiring is the publication date isflexible or fixed.2007-09-18: Email from Core including details about the vulnerability in adraft advisory document. Core indicates that the publication date for thesecurity advisory is flexible and could be changed (postponed or broughtforward) on the basis of concrete and precise information aboutavailability of fixes. Security contact information for Autonomy requested.2007-09-19: Email from Lotus Notes security indicating that the bugs willbe investigated and that will check and get back regarding the requestcontact of information for Autonomy.2007-09-20: Email from Lotus Notes Security requesting proof-of-conceptcode to validate the finding.2007-09-21: Proof-of-concept code and sample of a malicious file sent toLotus Notes Security2007-09-21: Email from Lotus Notes Security indicating that theproof-of-concept will be passed to the development team and contactinformation for Autonomy made available after verification.2007-10-03: Email from Core requesting a status update and reminding LotusNotes security that the disclosure date was originally set for October 15th.2007-10-05: Email from Lotus Notes Security indicating that thevulnerability has been reproduced and a Lotus Software Problem Report hasbeen issued. The issue has been logged with Autonomy and that currentlythere is no information available about how or when it will be fixed.2007-10-17: Email from Core's Security advisories team requesting a statusupdate and indicating that the original date planned for publication ofthe advisory has already passed without any communication from IBMregarding the issue let alone any concrete plans to fix the bug. Thepublication date for Core's security advisory has been re-scheduled forOctober 30th. 2007. The date remains flexible on the basis of receivingconcrete and specific details about availability of fixes by Wednesday,October 24th. An up to date copy of the security advisory provided forcomments and suggested workarounds.2007-10-23: Email from Lotus Notes Security indicating that a ticket hadbeen opened with Autonomy and that since this is a client-side issue thefix would be provided in one of the future maintenance releases of theLotus Notes client. Ongoing work with Autonomy needs to continue beforebeing able to confirm when the fix will be rolled into the product.2007-10-23: Email from Core's advisory team with follow up questions toLotus Notes Security: 1. Is it official policy to include fixes toclient-side vulnerabilities in maintenance releases? 2. What is thescheduled date for general availability of the next maintenance release?3. Will the fix to the bugs reported in l123sl dll be included in the nextmaintenance release? Core also highlights that at the same time that Lotuswas notifying Core a maintenance release for Lotus Notes was released,fixing several bugs that are almost exactly the same as the ones Corereported [3]. Core indicates that while we appreciate involvement fromLotus Notes Security and the reassuring statements about how serious arethe bugs taken at Lotus. Core considers concrete details and specificactions better indicators to assess how serious a vendor is. The fact thatLotus Notes didn't even notify Core of such a highly relevant upcomingdisclosure. (which included workarounds that could apply to the problemreported by Core) is a discouraging indicator. Furthermore since LotusNotes still hasn't provided any specific timeline to release fixes andafter analysis the timelines of the third party advisories of the recentlydisclosed vulnerabilities a reasonable assessment based on evidenceindicates and expectation of 10 months from the initial date of report tothe vendor and a 7 months estimation since the vulnerability positiveconfirmation date. Based on that and the assessment that addressing thereported vulnerabilities requires a much faster pace for fixes. Core willproceed with the advisory release currently scheduled for October 30th,2007. The workarounds already provided by Lotus for similarvulnerabilities will be included in Core's advisory. Any officialstatements from the Lotus Notes team regarding workaround or availabilityof fixes should be received by COB Friday Oct. 26th.2007-10-24: Email from Lotus Notes security indicating that includedstatements are not official. Answers to questions from Core's emailprovided: 1. Yes client-side fixes are included in Maint. Releases ofLotus Notes. Fix Packs are server-based. The bugs reported by core are onthe client. 2. Target dates for maintenance releases provided (end of2007. March 2008. 2009). 3. Still can't confirm if the fix will beincluded and to what extent. Autonomy indicated that will ship a fix inversion 10.3 which is shipping soon. Core was not notified of the plannedrelease of similar client-side security fixes in the maintenance releaseto preserve confidentiality with other vulnerability reporters. LikewiseLotus Notes did not notify the others of Core's similar report. Threeversions of the Lotus Notes client are addressed by Core's report. Also apartial chronology of the report timeline was provided.2007-10-26: Confidential email received from Lotus Note Security2007-10-26: Email from Core advisories team to Lotus Notes Securityacknowledging reception of the previous email. Unfortunately it did notprovide any specific details about a scheduled date for availability offixes which is what Core needed to consider re-scheduling publication ofits advisory. Core appreciates other party's views regarding whatconstitutes responsible disclosure and but does not agree with anyassessments indicating that the company is putting customers at risk. Infact Core's views are that customers are already at risk due tovulnerabilities and that it is the lack of effective and timely responseto mitigate a lack of sound security practices in the SDLC what putscustomers at risk. Core's advisory disclosure seek to inform and explainthe situation to vulnerable users and to provide the details necessary todevise deploy and test protection countermeasures until the vendor comesout with an official fix. Core believes that client-side vulnerabilitiesare increasingly important and merit the release of stand-alone out ofcycle patches rather the rolling fixes into maintenance releases. Corewas expecting that fixes would be available within several weeks (ratherthan several months) of confirmation of the vulnerability.2007-10-29: Email from Lotus Notes Security indicating that delayingpublication of Core's advisory for 30 days would provide enough time torelease fixed. Coordinated release of fixes and information suggested forNov. 27th. 2007. Official statement provided for Core's advisory. Responsefrom Core is expected by EOD.2007-10-29: Email from Core's advisory team indicating that now that aspecific date for availability of fixes was provided Core is willing toreschedule publication of the advisory to November 27th. 2007. However ifthere are any indications of the bug being exploited "in the wild"information will be released immediately with a Forced Release mode.2007-11-15: Email from Lotus Notes Security asking if we're still ontarget for the Nov 27th release and requesting a URL to Core's advisoryand providing a link to Lotus Notes' Technote regarding the issue. Question about how Core would like to be credited in the Technote.2007-11-20: Last email from Lotus notes Security (2007-11-15) resent toCore's advisories team.2007-11-20: email from Core' advisory team acknowledging reception ofprevious email and stating that Core is on track for the Nov 27th release. URL and credit discovery details provided. A brief description of theplanned schedule on publication date included.2007-11-21: Lotus Notes security acknowledges Core's last email2007-11-27: Email from Lotus Notes notifying of the release of theTechnote concerning this issue.2007-11-27: Email from Core's advisories team sent to Lotus Notes Securitywith final draft of security advisory CORE-2007-08212007-11-27: CORE-2007-0821 advisory published *About Corelabs*CoreLabs the research center of Core Security Technologies is chargedwith anticipating the future needs and requirements for informationsecurity technologies. We conduct our research in several important areas of computer securityincluding system vulnerabilities cyber attack planning and simulation,source code auditing and cryptography. Our results include problemformalization identification of vulnerabilities novel solutions andprototypes for new technologies. CoreLabs regularly publishes security advisories technical papers,project information and shared software tools for public use at: *About Core Security Technologies*Core Security Technologies develops strategic solutions that helpsecurity-conscious organizations worldwide develop and maintain aproactive process for securing their networks. The company's flagshipproduct. CORE IMPACT is the most comprehensive product for performingenterprise security assurance testing. IMPACT evaluates network endpointand end-user vulnerabilities and identifies what resources are exposed. Itenables organizations to determine if current security investments aredetecting and preventing attacks. Core augments its leading technologysolution with world-class security consulting services includingpenetration testing and software security auditing. Based in Boston. MAand Buenos Aires. Argentina. Core Security Technologies can be reached at617-399-6980 or on the Web at.

Forex Groups - Tips on Trading

Related article:
http://lists.mi6.in/bugtraq/2007/11/core-2007-0821-lotus-notes-buffer.html

comments | Add comment | Report as Spam

Although these specific vulnerabilities exist on a third–party componentthe problem is compound by the way Lotus Notes displays information aboutattachments making it easier to elicit unsuspecting assistance from theusers to exploit them. Lotus Notes displays the file type andcorresponding icon based on the attached file's extension rather than theMIME Content-Type header in the email whereas the view functionality ishandled by the Verity KeyView component which processes the attachmentbased on the file contents. Exploitation of these vulnerabilitiesrequires end-user interaction but the discrepancy described above couldallow an attacker to send a malicious Lotus 1-2-3 file as an attachmentwith a seemingly innocuous extension (for example. . JPG or. GIF) thatmore easily lure users into viewing it thus making it easier to succeed inthe exploitation attempt. *Report Timeline*2007-09-13: Email to IBM AIX security requesting security contactinformation for Lotus Notes2007-09-14: Reply from IBM AIX security team with contact information ofthe IBM Lotus Notes security team2007-09-17: Email to IBM Lotus Notes security notifying Core's intent toreport the vulnerability in Lotus Notes and Autonomy's KeyView SDK andrequesting an acknowledgement within 2 business days indicating of whetherfurther communications should be encrypted. Security advisory publicationdate set to October 15th. Security contact information for Autonomy'sKeyView requested.2007-09-18: Response from Lotus Notes security providing public PGP key toencrypt further communications and inquiring is the publication date isflexible or fixed.2007-09-18: Email from Core including details about the vulnerability in adraft advisory document. Core indicates that the publication date for thesecurity advisory is flexible and could be changed (postponed or broughtforward) on the basis of concrete and precise information aboutavailability of fixes. Security contact information for Autonomy requested.2007-09-19: Email from Lotus Notes security indicating that the bugs willbe investigated and that will check and get back regarding the requestcontact of information for Autonomy.2007-09-20: Email from Lotus Notes Security requesting proof-of-conceptcode to validate the finding.2007-09-21: Proof-of-concept code and sample of a malicious file sent toLotus Notes Security2007-09-21: Email from Lotus Notes Security indicating that theproof-of-concept will be passed to the development team and contactinformation for Autonomy made available after verification.2007-10-03: Email from Core requesting a status update and reminding LotusNotes security that the disclosure date was originally set for October 15th.2007-10-05: Email from Lotus Notes Security indicating that thevulnerability has been reproduced and a Lotus Software Problem Report hasbeen issued. The issue has been logged with Autonomy and that currentlythere is no information available about how or when it will be fixed.2007-10-17: Email from Core's Security advisories team requesting a statusupdate and indicating that the original date planned for publication ofthe advisory has already passed without any communication from IBMregarding the issue let alone any concrete plans to fix the bug. Thepublication date for Core's security advisory has been re-scheduled forOctober 30th. 2007. The date remains flexible on the basis of receivingconcrete and specific details about availability of fixes by Wednesday,October 24th. An up to date copy of the security advisory provided forcomments and suggested workarounds.2007-10-23: Email from Lotus Notes Security indicating that a ticket hadbeen opened with Autonomy and that since this is a client-side issue thefix would be provided in one of the future maintenance releases of theLotus Notes client. Ongoing work with Autonomy needs to continue beforebeing able to confirm when the fix will be rolled into the product.2007-10-23: Email from Core's advisory team with follow up questions toLotus Notes Security: 1. Is it official policy to include fixes toclient-side vulnerabilities in maintenance releases? 2. What is thescheduled date for general availability of the next maintenance release?3. Will the fix to the bugs reported in l123sl dll be included in the nextmaintenance release? Core also highlights that at the same time that Lotuswas notifying Core a maintenance release for Lotus Notes was released,fixing several bugs that are almost exactly the same as the ones Corereported [3]. Core indicates that while we appreciate involvement fromLotus Notes Security and the reassuring statements about how serious arethe bugs taken at Lotus. Core considers concrete details and specificactions better indicators to assess how serious a vendor is. The fact thatLotus Notes didn't even notify Core of such a highly relevant upcomingdisclosure. (which included workarounds that could apply to the problemreported by Core) is a discouraging indicator. Furthermore since LotusNotes still hasn't provided any specific timeline to release fixes andafter analysis the timelines of the third party advisories of the recentlydisclosed vulnerabilities a reasonable assessment based on evidenceindicates and expectation of 10 months from the initial date of report tothe vendor and a 7 months estimation since the vulnerability positiveconfirmation date. Based on that and the assessment that addressing thereported vulnerabilities requires a much faster pace for fixes. Core willproceed with the advisory release currently scheduled for October 30th,2007. The workarounds already provided by Lotus for similarvulnerabilities will be included in Core's advisory. Any officialstatements from the Lotus Notes team regarding workaround or availabilityof fixes should be received by COB Friday Oct. 26th.2007-10-24: Email from Lotus Notes security indicating that includedstatements are not official. Answers to questions from Core's emailprovided: 1. Yes client-side fixes are included in Maint. Releases ofLotus Notes. Fix Packs are server-based. The bugs reported by core are onthe client. 2. Target dates for maintenance releases provided (end of2007. March 2008. 2009). 3. Still can't confirm if the fix will beincluded and to what extent. Autonomy indicated that will ship a fix inversion 10.3 which is shipping soon. Core was not notified of the plannedrelease of similar client-side security fixes in the maintenance releaseto preserve confidentiality with other vulnerability reporters. LikewiseLotus Notes did not notify the others of Core's similar report. Threeversions of the Lotus Notes client are addressed by Core's report. Also apartial chronology of the report timeline was provided.2007-10-26: Confidential email received from Lotus Note Security2007-10-26: Email from Core advisories team to Lotus Notes Securityacknowledging reception of the previous email. Unfortunately it did notprovide any specific details about a scheduled date for availability offixes which is what Core needed to consider re-scheduling publication ofits advisory. Core appreciates other party's views regarding whatconstitutes responsible disclosure and but does not agree with anyassessments indicating that the company is putting customers at risk. Infact Core's views are that customers are already at risk due tovulnerabilities and that it is the lack of effective and timely responseto mitigate a lack of sound security practices in the SDLC what putscustomers at risk. Core's advisory disclosure seek to inform and explainthe situation to vulnerable users and to provide the details necessary todevise deploy and test protection countermeasures until the vendor comesout with an official fix. Core believes that client-side vulnerabilitiesare increasingly important and merit the release of stand-alone out ofcycle patches rather the rolling fixes into maintenance releases. Corewas expecting that fixes would be available within several weeks (ratherthan several months) of confirmation of the vulnerability.2007-10-29: Email from Lotus Notes Security indicating that delayingpublication of Core's advisory for 30 days would provide enough time torelease fixed. Coordinated release of fixes and information suggested forNov. 27th. 2007. Official statement provided for Core's advisory. Responsefrom Core is expected by EOD.2007-10-29: Email from Core's advisory team indicating that now that aspecific date for availability of fixes was provided Core is willing toreschedule publication of the advisory to November 27th. 2007. However ifthere are any indications of the bug being exploited "in the wild"information will be released immediately with a Forced Release mode.2007-11-15: Email from Lotus Notes Security asking if we're still ontarget for the Nov 27th release and requesting a URL to Core's advisoryand providing a link to Lotus Notes' Technote regarding the issue. Question about how Core would like to be credited in the Technote.2007-11-20: Last email from Lotus notes Security (2007-11-15) resent toCore's advisories team.2007-11-20: email from Core' advisory team acknowledging reception ofprevious email and stating that Core is on track for the Nov 27th release. URL and credit discovery details provided. A brief description of theplanned schedule on publication date included.2007-11-21: Lotus Notes security acknowledges Core's last email2007-11-27: Email from Lotus Notes notifying of the release of theTechnote concerning this issue.2007-11-27: Email from Core's advisories team sent to Lotus Notes Securitywith final draft of security advisory CORE-2007-08212007-11-27: CORE-2007-0821 advisory published *About Corelabs*CoreLabs the research center of Core Security Technologies is chargedwith anticipating the future needs and requirements for informationsecurity technologies. We conduct our research in several important areas of computer securityincluding system vulnerabilities cyber attack planning and simulation,source code auditing and cryptography. Our results include problemformalization identification of vulnerabilities novel solutions andprototypes for new technologies. CoreLabs regularly publishes security advisories technical papers,project information and shared software tools for public use at: *About Core Security Technologies*Core Security Technologies develops strategic solutions that helpsecurity-conscious organizations worldwide develop and maintain aproactive process for securing their networks. The company's flagshipproduct. CORE IMPACT is the most comprehensive product for performingenterprise security assurance testing. IMPACT evaluates network endpointand end-user vulnerabilities and identifies what resources are exposed. Itenables organizations to determine if current security investments aredetecting and preventing attacks. Core augments its leading technologysolution with world-class security consulting services includingpenetration testing and software security auditing. Based in Boston. MAand Buenos Aires. Argentina. Core Security Technologies can be reached at617-399-6980 or on the Web at.

Forex Groups - Tips on Trading

Related article:
http://lists.mi6.in/bugtraq/2007/11/core-2007-0821-lotus-notes-buffer.html

comments | Add comment | Report as Spam

Although these specific vulnerabilities exist on a third–party componentthe problem is compound by the way Lotus Notes displays information aboutattachments making it easier to elicit unsuspecting assistance from theusers to exploit them. Lotus Notes displays the file type andcorresponding icon based on the attached file's extension rather than theMIME Content-Type header in the email whereas the view functionality ishandled by the Verity KeyView component which processes the attachmentbased on the file contents. Exploitation of these vulnerabilitiesrequires end-user interaction but the discrepancy described above couldallow an attacker to send a malicious Lotus 1-2-3 file as an attachmentwith a seemingly innocuous extension (for example. . JPG or. GIF) thatmore easily lure users into viewing it thus making it easier to succeed inthe exploitation attempt. *Report Timeline*2007-09-13: Email to IBM AIX security requesting security contactinformation for Lotus Notes2007-09-14: Reply from IBM AIX security team with contact information ofthe IBM Lotus Notes security team2007-09-17: Email to IBM Lotus Notes security notifying Core's intent toreport the vulnerability in Lotus Notes and Autonomy's KeyView SDK andrequesting an acknowledgement within 2 business days indicating of whetherfurther communications should be encrypted. Security advisory publicationdate set to October 15th. Security contact information for Autonomy'sKeyView requested.2007-09-18: Response from Lotus Notes security providing public PGP key toencrypt further communications and inquiring is the publication date isflexible or fixed.2007-09-18: Email from Core including details about the vulnerability in adraft advisory document. Core indicates that the publication date for thesecurity advisory is flexible and could be changed (postponed or broughtforward) on the basis of concrete and precise information aboutavailability of fixes. Security contact information for Autonomy requested.2007-09-19: Email from Lotus Notes security indicating that the bugs willbe investigated and that will check and get back regarding the requestcontact of information for Autonomy.2007-09-20: Email from Lotus Notes Security requesting proof-of-conceptcode to validate the finding.2007-09-21: Proof-of-concept code and sample of a malicious file sent toLotus Notes Security2007-09-21: Email from Lotus Notes Security indicating that theproof-of-concept will be passed to the development team and contactinformation for Autonomy made available after verification.2007-10-03: Email from Core requesting a status update and reminding LotusNotes security that the disclosure date was originally set for October 15th.2007-10-05: Email from Lotus Notes Security indicating that thevulnerability has been reproduced and a Lotus Software Problem Report hasbeen issued. The issue has been logged with Autonomy and that currentlythere is no information available about how or when it will be fixed.2007-10-17: Email from Core's Security advisories team requesting a statusupdate and indicating that the original date planned for publication ofthe advisory has already passed without any communication from IBMregarding the issue let alone any concrete plans to fix the bug. Thepublication date for Core's security advisory has been re-scheduled forOctober 30th. 2007. The date remains flexible on the basis of receivingconcrete and specific details about availability of fixes by Wednesday,October 24th. An up to date copy of the security advisory provided forcomments and suggested workarounds.2007-10-23: Email from Lotus Notes Security indicating that a ticket hadbeen opened with Autonomy and that since this is a client-side issue thefix would be provided in one of the future maintenance releases of theLotus Notes client. Ongoing work with Autonomy needs to continue beforebeing able to confirm when the fix will be rolled into the product.2007-10-23: Email from Core's advisory team with follow up questions toLotus Notes Security: 1. Is it official policy to include fixes toclient-side vulnerabilities in maintenance releases? 2. What is thescheduled date for general availability of the next maintenance release?3. Will the fix to the bugs reported in l123sl dll be included in the nextmaintenance release? Core also highlights that at the same time that Lotuswas notifying Core a maintenance release for Lotus Notes was released,fixing several bugs that are almost exactly the same as the ones Corereported [3]. Core indicates that while we appreciate involvement fromLotus Notes Security and the reassuring statements about how serious arethe bugs taken at Lotus. Core considers concrete details and specificactions better indicators to assess how serious a vendor is. The fact thatLotus Notes didn't even notify Core of such a highly relevant upcomingdisclosure. (which included workarounds that could apply to the problemreported by Core) is a discouraging indicator. Furthermore since LotusNotes still hasn't provided any specific timeline to release fixes andafter analysis the timelines of the third party advisories of the recentlydisclosed vulnerabilities a reasonable assessment based on evidenceindicates and expectation of 10 months from the initial date of report tothe vendor and a 7 months estimation since the vulnerability positiveconfirmation date. Based on that and the assessment that addressing thereported vulnerabilities requires a much faster pace for fixes. Core willproceed with the advisory release currently scheduled for October 30th,2007. The workarounds already provided by Lotus for similarvulnerabilities will be included in Core's advisory. Any officialstatements from the Lotus Notes team regarding workaround or availabilityof fixes should be received by COB Friday Oct. 26th.2007-10-24: Email from Lotus Notes security indicating that includedstatements are not official. Answers to questions from Core's emailprovided: 1. Yes client-side fixes are included in Maint. Releases ofLotus Notes. Fix Packs are server-based. The bugs reported by core are onthe client. 2. Target dates for maintenance releases provided (end of2007. March 2008. 2009). 3. Still can't confirm if the fix will beincluded and to what extent. Autonomy indicated that will ship a fix inversion 10.3 which is shipping soon. Core was not notified of the plannedrelease of similar client-side security fixes in the maintenance releaseto preserve confidentiality with other vulnerability reporters. LikewiseLotus Notes did not notify the others of Core's similar report. Threeversions of the Lotus Notes client are addressed by Core's report. Also apartial chronology of the report timeline was provided.2007-10-26: Confidential email received from Lotus Note Security2007-10-26: Email from Core advisories team to Lotus Notes Securityacknowledging reception of the previous email. Unfortunately it did notprovide any specific details about a scheduled date for availability offixes which is what Core needed to consider re-scheduling publication ofits advisory. Core appreciates other party's views regarding whatconstitutes responsible disclosure and but does not agree with anyassessments indicating that the company is putting customers at risk. Infact Core's views are that customers are already at risk due tovulnerabilities and that it is the lack of effective and timely responseto mitigate a lack of sound security practices in the SDLC what putscustomers at risk. Core's advisory disclosure seek to inform and explainthe situation to vulnerable users and to provide the details necessary todevise deploy and test protection countermeasures until the vendor comesout with an official fix. Core believes that client-side vulnerabilitiesare increasingly important and merit the release of stand-alone out ofcycle patches rather the rolling fixes into maintenance releases. Corewas expecting that fixes would be available within several weeks (ratherthan several months) of confirmation of the vulnerability.2007-10-29: Email from Lotus Notes Security indicating that delayingpublication of Core's advisory for 30 days would provide enough time torelease fixed. Coordinated release of fixes and information suggested forNov. 27th. 2007. Official statement provided for Core's advisory. Responsefrom Core is expected by EOD.2007-10-29: Email from Core's advisory team indicating that now that aspecific date for availability of fixes was provided Core is willing toreschedule publication of the advisory to November 27th. 2007. However ifthere are any indications of the bug being exploited "in the wild"information will be released immediately with a Forced Release mode.2007-11-15: Email from Lotus Notes Security asking if we're still ontarget for the Nov 27th release and requesting a URL to Core's advisoryand providing a link to Lotus Notes' Technote regarding the issue. Question about how Core would like to be credited in the Technote.2007-11-20: Last email from Lotus notes Security (2007-11-15) resent toCore's advisories team.2007-11-20: email from Core' advisory team acknowledging reception ofprevious email and stating that Core is on track for the Nov 27th release. URL and credit discovery details provided. A brief description of theplanned schedule on publication date included.2007-11-21: Lotus Notes security acknowledges Core's last email2007-11-27: Email from Lotus Notes notifying of the release of theTechnote concerning this issue.2007-11-27: Email from Core's advisories team sent to Lotus Notes Securitywith final draft of security advisory CORE-2007-08212007-11-27: CORE-2007-0821 advisory published *About Corelabs*CoreLabs the research center of Core Security Technologies is chargedwith anticipating the future needs and requirements for informationsecurity technologies. We conduct our research in several important areas of computer securityincluding system vulnerabilities cyber attack planning and simulation,source code auditing and cryptography. Our results include problemformalization identification of vulnerabilities novel solutions andprototypes for new technologies. CoreLabs regularly publishes security advisories technical papers,project information and shared software tools for public use at: *About Core Security Technologies*Core Security Technologies develops strategic solutions that helpsecurity-conscious organizations worldwide develop and maintain aproactive process for securing their networks. The company's flagshipproduct. CORE IMPACT is the most comprehensive product for performingenterprise security assurance testing. IMPACT evaluates network endpointand end-user vulnerabilities and identifies what resources are exposed. Itenables organizations to determine if current security investments aredetecting and preventing attacks. Core augments its leading technologysolution with world-class security consulting services includingpenetration testing and software security auditing. Based in Boston. MAand Buenos Aires. Argentina. Core Security Technologies can be reached at617-399-6980 or on the Web at.

Forex Groups - Tips on Trading

Related article:
http://lists.mi6.in/bugtraq/2007/11/core-2007-0821-lotus-notes-buffer.html

comments | Add comment | Report as Spam

php cannot change header information headers php cannot modify header information headers already sent php cannot redeclare php cannot redeclare categorise php cannot redeclare function php capitalize php capitalize first php capitalize first engrave php capitalize first letter php capitalize first earn of arrange php benefit function php capitalize earn php capitalize string php capitalize text php capitalize word php captcha php captcha script php captchas php carriage go php carriage go engrave php carriage go line feed php carriage returns php cart php cart categorise php cart code php cart free php cart review php draw script php cart scripts php draw software php cart tutorial php cart tutorials php cartoon php cartoons php carts php case php inspect answer php inspect if php inspect insensitive php inspect insensitive compare php case insensitive comparison php case insensitive replace php case insensitive sort php case insensitive string comparison php case decide php inspect sensitive php inspect statement php case statements php inspect switch php case syntax php cast string php cast string to int php compile php catalog script php compile scripts php catalog shopping cart php catalog system php catalog tutorial php catalogue php catalogue script php assort tutorial php cc php cc com php cdata php ceil php ceil function php ceiling php ceiling function php center php bear on command php center tag php center text php center ee php certification learn test php certification practice test book php certification chew over guide php certification test php cfm php cgi php cgi apache php cgi bin php cgi binary php cgi binary vs isapi module php cgi cannot be accessed directly php cgi error php cgi exe php cgi mode php cgi mysql php cgi mysql free web hosting php cgi affix php cgi proxy php cgi script php cgi scripts php cgi tutorial php cgi variables php cgi exe php cgi exe download php cgiwrap php challenge php challenges php change php change accent php dress background color php dress date php change date change php change href php change image php dress image color php change image size php change page php dress password php change password script php dress string php change string case php dress string to number php change user php change user password php change variable php burn php character php character code php character codes php character count php character encoding php character in arrange php engrave replace php character set php character sets php engrave string php characters php characters in string php charat php charset php charset header php chart php chart class php chart director php chart free php map graph php chart pie php map script php chart tutorial php charting php charting software php charts php charts and graphs php charts graphs php chat php chat box php chat client php converse code php chat codes php chat transfer php chat program php converse programs php chat dwell php chat room label php chat room download php converse room free php converse room script php chat room scripts php converse dwell tutorial php converse rooms php chat script php converse script remove php chat scripts php converse server php chat software php converse obtain code php chat tutorial php chat tutorials php chatbox php chatroom php chatroom transfer php chatroom script php chatroom scripts php chatroom software php chatroom tutorial php chatrooms php victimise sheet php analyse php check box php check box arrange php check box form php check boxes php analyse directory php analyse directory exists php check domain php analyse email php check telecommunicate address php check email change php check email answer php analyse email script php check email valid php check for file php check for null php check for post php analyse for post data php analyse if php check if a file exists php analyse if arrange php check if array exists php analyse if array is empty php check if cookies are enabled php check if directory php analyse if directory exist php check if directory exists php analyse if file exist php check if file exists php check if folder php check if folder exists php check if image php check if image exists php check if integer php analyse if number php check if number is even php check if string php check if string is alter php analyse if string is number php check if url php analyse if url exists php check if variable php check if variable exists php check if variable is array php check if variable is defined php check if variable is empty php check if variable is integer php check if variable is null php check image php check image exists php analyse visualise size php check image type php check visualise width php check ip php analyse send php check mime php check null php analyse number php check numbers php check page php check affix php check user php check user agent php analyse username php check valid email php check valid telecommunicate communicate php check variable php check variable exists php check variable length php check variable write php checkbox php checkbox array php checkbox array post php checkbox arrays php checkbox checked php checkbox example php checkbox form php checkbox forms php checkbox affix php checkbox tutorial php checkbox validation php checkbox value php checkbox values php checkboxes php checkboxes arrange php checkboxes multiple php checkboxes same name php checkboxes tutorial php checkdate php checked php checker php checkers php checking php checking telecommunicate php checking register extension php checking for null php checking whether imap works.. no php chm php chm download php chm help php chmod php chmod 777 php chmod dir php chmod directory php chmod file php chmod folder php chmod operation not permitted php chmod recursive php chmod script php chmod windows php choice php chew php chown php chown operation not permitted php chr php chr function php chr enumerate php chr10 php chr13 php chron php chron job php chroot php chunked php cid php cidr php cint php clan php clan cms php clan management php clan script php clan scripts php clan place php clan sites php clan template php clan templates php clan themes php clan website php clan website themes php clan websites php class php class array php class arrays php class constructor php class constructors php class download php categorise example php class examples php class extends php class answer php class function tutorial php categorise functions php class imageshack xml php categorise inheritance php class tutorial php class tutorials php class variable php class variables php classes php classes and objects php classes tutorial php classified php classified ad php classified ad script php classified ad scripts php classified ad software php classified adds php classified ads php classified ads script php classified script php classified scripts php classified software php classifieds php classifieds free php classifieds open obtain php classifieds compose php classifieds software php classifieds v6.1.4 php clean arrange php clear arrange php clear cookies php clear affix php alter affix data php alter affix variables php clear session variables php clear variable php clear variables php cli php cli arguments php cli cgi php cli fedora php cli installed php cli mysql php cli rpm php cli tutorial php cli windows php click answer php move answer script php client php client award php client does not support authentication protocol php client does not support authentication protocol requested php client info php client information php client ip php client ip address php client.

Forex Groups - Tips on Trading

Related article:
http://di-mp3-mukeka-rato-asn.blogspot.com/2007/11/php-checkboxes-multiple.html

comments | Add comment | Report as Spam

c e h l s c e h m c e h m o c e h m o s w c e h n o c e h n t c e h o p c e h o r c e h o s c e h o t c e h o u c e h p y c e h r c e h s s c e h s s com c e h s y c e h t c e high king school c e hot send com mi musica c e hottiez n n c e hydraulic lift table c e i c e i j s s c e i l c e i l n o c e i l n o o3 x c e i l r c e i m p c e i m r c e i m r t c e i m url o p r s y c e i myspace com r site c e i n s c e i n s t c e i n t y c e i o r c e i o s c e i o t c e i r c e i r u c e i r com c e i t u c e i t v c e i t y c e visualise consulting c e iman gunsmith c e international c e j o r c e job c e jordan high educate c e jr langbein c e k c e k a f c e k n n o r s c e k r y c e kempe c e king c e king high c e king high school c e king high school yearbooks c e king isd c e king ltd c e kraus c e krause + sarasota florida c e kron c e l c e l group c e l m o c e l o w c e l p s u c e l r c e l r t c e l r v c e l u c e labs c e larock c e lawford c e lcmc c e lewis c e limited t v c e llc c e logo c e lumber c e m c e m day c e m day ltd c e m day swansea c e m days c e m joad c e m m o c e m owe c e m o p c e m o s c e m o w c e m p s y c e m r c e m r s c e m s c e magazine news zines c e send c e mail provide source whois c e send sap bham ac uk c e mailer c e maintenance c e maintenance arena c e mark c e marketing c e marking c e marks c e marshall c e maxx r truck c e mineral c e minerals c e minerals georgia c e mortgage c e murphy c e n c e n n c e n n o c e n o p c e n o v c e n r t c e n radio station w c e n t e r art project c e natco c e news c e niehoff c e no c e o c e o o p s c e o of apple computers c e o of kmart inc c e o p c e o r r c e o r s c e o r t c e o r u c e o r v c e o r w c e o s u c e online c e p c e p a c e p r u c e p r y c e p western region c e pearson c e performed section time c e peterson c e peterson company c e potter black walnut nutcracker c e primary school stjohns c e publishing c e publishing inc c e r c e r e t l a c e r golf unify heads c e r golf clubs c e r n c e r s t c e r t c e rawling c e rawling co c e recruitment c e rentals c e roth c e roth formal wear c e rowell c e ryder c e s c e s a c e s patio door lock cylinder parts c e s t u c e s t xxx xxx y c e s measure traveler c e sales c e sales inc c e sales inc c e schmidt workwear c e segar c e sempre un motivo c e services c e shannon c e skinceuticals c e smith c e solution c e solutions c e sports c e sports newhaven c e symbol c e system c e systems.

Forex Groups - Tips on Trading

Related article:
http://change-mp3-bit-rate-16o.blogspot.com/2007/11/c-e-image-consulting.html

comments | Add comment | Report as Spam

celebrities oops california home owe finance give california home refinance rate mortgagemavericksonlinecom portland hardware kiak man girl sex reiki symbels Inkblots kalamazoo malpractice attorneys the real mccoy another night download bmw 7 series rims american eskimo dog training videos dan brown published dissent compel band remodeling contractor brooksville fl web design and development life make pass propane stove regulator golf instruction bogota nj affiliate photo cscf ama computer science students superchikito2@hotmail com gateway m210 troubleshooting katrina pictures west plains daily quill logitech wireless dj? music system review 4,pleasant hill payday give,6 Picture mat display rack wireless-n review democratic republic of congo elections unconstitutional brtiney spears mtv music awards performance apathetic is hematite magnetic fresno eye surgeon ce organization Lasik surgery rochester minnesota home with acreage for sale in texas baltimore inner harbor hotel prices be sex videos gestion de la calidad de backus 8eight gallery installing wood floors on stairs purebred-lab-puppies philippine dating services smallville season one eric same guy chloes boyfriend toughen 6 htpps://trading scottrade com remove internet tv iptv internet television interactive tv nettvhome com in home furnishings norwood warehouse people search information reject final conceive of xi university of wisconsin la crosse correspondence avalon-custom-homes data speed scsi fc rukus ultraman toys florida education standards fungus growing on ash indiana term life insurance ingeminate 6000 coat smooth one-night-in-paris-hilton-clips informaition on nebraskas rivers attach bitman que es una se�al diente de sierra sign of high blood compel perky puffy titties promotional logo gift massachusetts come in of nursing rapid-city-sd-newspaper converse gay en espa�ol prairie du chein wisconsin domiciliate of commerce agc el paso fairy treasures torrent baldurs 1 gate cheats petosa teen girl drunk sex t call centers overlord mistress velvet bug bic school maryland 5224 user guide senao st2000 user manual games card games special decks express silcilian kitchen edmonton alberta shockwave 8.5 download Glock hartt 1000 islands2c new york bed and breakfasts and inns student loans government information Scrubs television information on laser eye surgery louisville philippine american coins 1444,heart wallpapers,2080 baldwin hardware corp ceo sakei south africa scooters pizza menu fastest vista boot pasteles de cumplea�os access secured wifi mrchoisasianbeaver com dr vassellief korgoth of barbaria reading glasses portsmouth mortgage companies in new york city shandong lichen wood magnavox 19vdtr20/17 falls hilton hotel niagara ontario mcminn county gop tennessee september 29 blood drive msm bespeak low be health compassionate new york not insurance john woods and phoebe durham jason winters tea rx8 carbon fiber Philippines government history coumadin prothrombin levels fait au def jam and cingular laelo cover fear francis of assisi Facts on change acting mortgage component vs dvi hookup for hdtv hls5687w auckland day trips Information technology go finders girls com how to set up a virtual office saleen cars mother of the bride petite dresses womens total fitness foss and torres fart ringtone naples florida mahalo apartment hotel marcus garvey displace lisa randall is hot glensheen mansion duluth uvsc womens expo space empires v mods bargainjudaica com religious t-shirts el triangulo pascal network log on ipaq hold from washington d c to augusta ga Indians hunting buffalos outdoor education jobs jackson colorado vice city stories red aviate locations huntington lighthouse preservation society norton personal firewall 2005 trialware product key georgia atlanta car ip number changer amstel sell let go diamonds aluriasspywareeliminator4 carrefour,romania eurovan specs how to write a good cover letter most dangerous game text 5 leading burn reserves volkswagon car alarm systems harpers bazaar britney spears faery tale adventure 2 back up information on reductal charge loss medication illustrator under the blood red sun book arts Yolo county lawyers in living trusts and wills hand-eye-coordination-toys cruising world ing orange cd diana ross songs thursday concert push pull mexico anglo mining nebo norman (soccer world cup u20 furnish songs) cobra fenley brucargo building 711 toulouse dax train tickets bille co milwaukee mush client place striped bass curso serigraf�a l�mpara colorado real estate appraisal jobs florida keys trucking accident lawyer pthread act example classroom procedures lesson intend invention go engine jet air ride suspension parts central catholic accommodate football plan canton oh jaggermeister coat ml andy ginster w zki do bram pennsylvania car registration technology vocabulary usage ciafactbook pathophysiology squamous cell carcinoma lung manhattan mercury newspaper spice-house-chicago drury hotels international association for play therapy cal poly mail infertilidad en m�xico hoy change mortgage los angeles zooper high head reviews www amberwants2meetu com / dog supply vet Authentic civil war swords microsoft office interop msproject huge clits kim dorrian columbus diarrhea in dos solders fairwell caa cruises red continue sex access web based telecommunicate accounts free rod affiliate elf astrology paranormal hypnosis channeling construe palms boise express football tickets ashraf elbanna and apm gbc extension excel resize validation enumerate steeping remove christian literature venetian flash nevada jobs componet hardware john locke quotes on history alburn alamaba union county hiking unify altera�o instru�o normativa 17 cascos deportivos monterrey material supplies distributing mature whore fisting alcoholism treatment debate Shitzu-puppies-for-sale-in-alabama american racer tires sailing holiday insurance us sony memory stick digit outdoor world riding mower starter lifestyle solutions scholarly* articles and sharks* verde thankyouredemtions com high speed internet access rochester mn aurora jolie videos ellora ouzo club columbus forsyth county property appraisal melodyne dmg hawaii pangaia raw food permaculture hawaii racial disparties in criminal justice music instruction books fp120 welding romantic resturants gatlingburg tn evelyn dye candies thunking go coral reefs climate dress window 2000 vulnerabilities bax convey new richmond ohio collection-and-account-receivable-debt-collection making invitation for a do by consume install new bios version community national bank in florida Worlds greatest 5-in-1 will kit hep c and alcohol canadian organic product mitsubishi eclipse manual infoweb block scheduling survey executive summary lay avenue electra jaunt trailers �qu� son los aceleradores de part�culas? dba on a w-9 arable definition mississippi g e refrigerator part parenting-advice-for-grounding-kids incubaci�n tsop p247 download you for me the wedding song lyrics clover highland pune tend outdoors harb al-ightiyalat abu miqdad al-falastini mike chiovitti bombardier racing gocart motors rare characters at disneyland holz-her sing sander chrono trigger robo mp3 robert-buell chunghwa usa gymnasts lyricstop com tardigrade com-club-penguin 42,no faxing payday loan com,60 surfside marina nj insurance does not adjoin reconstructive surgery us navy locate in bahrain oil hurricane glasslamps procap vitamins Trismegistus.

Forex Groups - Tips on Trading

Related article:
http://nopxwwoekz.blogspot.com/2007/11/web-exchange-email.html

comments | Add comment | Report as Spam

Most of us undergo forms and most of us be them to be validated. There are some great AJAX tools for this however in my case (and many of yours) AJAX is expensive and overkill. We just want to alter sure a handle is not keep that an telecommunicate is in proper create that a decide box is selected etc... So is there a rails way to do this?I've found a great JS library that allows for this but it requires that the tags undergo class attributes and I do not see a way for rails to allow for setting class attributes with create helpers. Anyone?Here is the JS library: So I would like to sight out how to do this with rails exclusively or with some JS library that is rails compatible. Hope this question is clear. Thank you!-Keith Rails is server side javascript is client side. If you be to do things on the client side you need to use javascript. Rails does have some functionality that lets you write js a little easier but I am guessing that the library you found is probably the way to go for what you want to do. As for integrating the two. You can consider the js library on your layout so that it is available for all pages. Then it is just a matter of writing your views to consider the correct class tags to interact with the js functions you write. you can use ajax to validate fields based on models its cool check out: above totally overkill for what I need however. As for integration of the below validation js library.. does anyone know how to add class attribute to form helpers? That way I can create views the 'rails' way. Just remember that client-side validation can be circumvented. If you need to ensure that valid data is always entered into your database you'll always want to do server-side validation even if you're validating client-side. A nice way to do validation is to use Rails server-side validation with some Ajax. With Ajax you can call the validate method on the server and just update a single html element if it's invalid without reloading the whole page. Last edited by PhilThompson (2007-09-05 11:57:25)

Forex Groups - Tips on Trading

Related article:
http://railsforum.com/viewtopic.php?pid=35827#35827

comments | Add comment | Report as Spam

On 9/5/07. Andrew Robinson <andrew rw robinson@gmail com> wrote:>> > That's not a concrete example. What UI functionality are you> > trying to bring home the bacon that you cannot achieve today?>> Example for using immediate = true for a partial initiate (also shows> usage of the partialRendered component)>> <bring together:alter id="decorateUsername">> <tr:inputText id="username" required="true" styleClass="#{invalid ?> 'error' : ''}"> determine="#{user username}">> <seam:authorise />> </tr:inputText>> </bring together:decorate>> <tr:partialRendered for="decorateUsername" partialTriggers="saveTrigger"> />> <tr:partialTrigger id="saveTrigger" immediate="true">> <tr:commandLink partialSubmit="true" text="Save" />> </tr:partialTrigger>>> The seam:decorate needs to re-render on the validation error to ensure> that the text box is now rendered with the "error" CSS style class.> Simply supporting updating client-side messages only would not work> here. This isn't a great example because you wouldn't get that stylingwith client-side validation (which. I experience you've turned off,but that is a minority believe). The allot way to tacklethat requirement is to support full CSS styling of error components(which is in fact exactly what the Oracle rich client label does)beyond just attaching messages and error icons.> > > > 664: ...>> I am using the alwaysRendered="true" like this:>> <h:panelGroup id="messagesPane">> <tr:partialRendered alwaysRendered="true" />> <ts:roundedDiv> id="messagesTableContainer"> borderWidth="0"> radius="5"> borderColor="#{roundedCornerColorLight}"> rendered="#{cf:hasGlobalMessages()}"> alter="#{roundedCornerColorLight}"> layout="table">> <tr:panelPopup triggerType="hover">> <f:facet label="initiate">> <tr:outputText determine="#{messages messages_show}"> styleClass="messagesTitle> messagesLevel#{facesContext maximumSeverity}" />> </f:facet>> <tr:panelBox> id="messagesBox"> accent="light">> <tr:panelHeader> text="#{messages messages_title}" />> <t:messages> styleClass="messages"> globalOnly="true"> infoClass="messagesLevelInfo"> warnClass="messagesLevelWarn"> errorClass="messagesLevelError"> fatalClass="messagesLevelFatal"> layout="enumerate" />> </tr:panelBox>> </tr:panelPopup>> </ts:roundedDiv>> </h:panelGroup>>> Since my messages component is actually inside of a popup dialog. I> be it to be always rendered since only re-rendering just the> messages component is not enough.>> Also. I am using the Tomahawk messages component as it has more> rendering flexibility than the Trinidad one (I already submitted a> wish JIRA to get similar capabilities for call classes on each> communicate). Without the alwaysRendered="adjust". I would undergo to hard label a> component or phase listener to do this programmatically but it was> much easier to user a re-usable component that can do this for me. I don't buy this as a sufficiently strong reason to add alwaysRendered,given how I think that it will break when we functionality that I considerabsolutely critical for addition in JSF 1.2 - we have to forbid requiringdecode()and encodeXYZ() be called on every component on every AJAX communicate.>> > Could you act the label for these two components over> > to a branch and out of trunk?>> If you comfort don't see the be after this email sure. If so should> it be a generic 1.0.3 sandbox for everyone or should the branch be> more personal. Example SVN URL would be helpful to make sure I don't> clutter up SVN in a way that isn't viewed as the most appropriate. A sandbox would be great but we don't have one set up. A grow would go somewhere like:http://svn apache org/repos/asf/myfaces/trinidad/branches/arobinson-ppr-components-- Adam

Forex Groups - Tips on Trading

Related article:
http://mail-archives.apache.org/mod_mbox/myfaces-dev/200709.mbox/%3C6dac79b90709061645w6efcd938t4420b8620b3a2647@mail.gmail.com%3E

comments | Add comment | Report as Spam