Will signing messages with key derived from password work better than sending password

I was wondering recently how to create secure mechanism for sending password while log in to the system. Then i had wicked thought why to send password at all.

Let’s imagine mechanism where client sends user id who wants to be logged in, server “welcomes with bread and salt” by sending challenge and random salt.

Client calculate hash of concatenated salt and password, and then uses it as shared secret to calculate HMAC of challenge, and sends it back to server.

In this case login details are never shared across the network, and login message cannot be replayed.

But are they any downside of this which i didn’t thought about? And why it’s bad idea (I’m assuming is bad, as nobody is doing in this way)

Hat’s the use of event sourcing and asynchronous message queue for sending commands

In short: Out of order commands end up with out of order events, so does the ordering of the events matter in such situations?

Since we are uncertain about the order of commands when an asynchronous message queue like Rabbitmq is used for sending the commands,so we are uncertain about the order of the resulting events.

So what is the use of persisting the events as a sequence when we are unsure about their order?

What are design tips for using rabbitmq for sending commands and event store?

Blocked from sending mail

I cannot send any mail from my server since 2 weeks now, i am getting the following errors

I have already checked for spam, malicious files and secured the server more.. what do i need to do to get unblocked? The IP is also not in any list

host gmail-smtp-in.l.google.com [74.125.22.27]

SMTP error from remote mail server after end of data:

550-5.7.1 [174.142.68.41 1] Our system has detected an unusual rate of

550-5.7.1 unsolicited mail originating from your IP address. To…

Blocked from sending mail

PayPal Checkout API with PHP – Sending and retrieving additional data safely

I am learning to use the new API version of Paypal, and I have some doubts.

Note: I’ve tried this on https://www.sandbox.paypal.com and it works, I have not done the tests on Live.

onApprove:

I need to send additional personalized data to Paypal, and once the user makes the payment, I return to a URL on my server, and then retrieve the data I sent.

Paypal uses fetch() to do to specify the URL and a Json object called headers, there I am adding the additional value called user_ID that I need to recover.

I am using the PHP function getallheaders(), to retrieve user_ID, which I have specified.

My questions are:

  1. Is this a correct way to send personalized data to PayPal and then be recovered?
  2. It is safe to use getallheaders(), I understand that the headers can be modified before being sent, is there any possibility that these can be altered?
  3. Using $ _SERVER[‘HTTP_REFERER’], to detect that the referred website is from Paypal, is this still safe or difficult to break?
  4. Would this be a secure way to integrate Paypal Checkout?
  5. Any recommendation that can give me, please.

I would greatly appreciate your help.

<!DOCTYPE html>  <head>   <meta name="viewport" content="width=device-width, initial-scale=1">   <meta http-equiv="X-UA-Compatible" content="IE=edge" /> </head>  <body>       <input type="text" id="price" value="100.00">   <input type="hidden" id="user_id" value="15">      <div id="paypal-button-container"></div>      <script src="https://www.paypal.com/sdk/js?client-id=HERE_CLIENT_ID&currency=USD"></script>      <script>     paypal.Buttons({     createOrder: function(data, actions) {       return actions.order.create({         purchase_units: [{           amount: {             value: document.getElementById("price").value           }         }]       });     },     onApprove: function(data, actions) {       return actions.order.capture().then(function(details) {         alert('Transaction completed by ' + details.payer.name.given_name);         // Call your server to save the transaction         return fetch('https://my-domain.com/payment-from-paypal.php', {           method: 'post',           headers: {             'content-type': 'application/json',             'user_ID': document.getElementById("user_id").value           },           body: JSON.stringify({             orderID: data.orderID           })         });       });     }   }).render('#paypal-button-container');    </script> </body> 

Sending item from list webpart to infopath webpart

So on a page, I have 2 web parts.

  • A list which contains some items.
  • And a InfoPath web part.

I would like to send the items from the list to the Infopath viewer but I don’t know how to achieve this.

Right now I’m trying to use “Connections” option. So from the list I tried using the “Send Row of Data To” and then I selected “content type“.

I’m not sure what else I could select for provider name. And I left blank the other box. I tried several different combinations but I don’t know how or if it is possible to do.

When I tried that a select column appeared on my list. But if I press it nothing happens. My Infopath web part does not show item info just blank everywhere. Am I doing something wrong?

EDIT

Oh wow i got it to work with one single field. Is this how it works? You can select one single field and that’s all? I mean how useless this is xD I can’t understand SharePoint philosphy. Am i doing wrong or it’s the way we use this thing?

Sending item from list webpart to infopath webpart

So on a page, I have 2 web parts.

  • A list which contains some items.
  • And a InfoPath web part.

I would like to send the items from the list to the Infopath viewer but I don’t know how to achieve this.

Right now I’m trying to use “Connections” option. So from the list I tried using the “Send Row of Data To” and then I selected “content type“.

I’m not sure what else I could select for provider name. And I left blank the other box. I tried several different combinations but I don’t know how or if it is possible to do.

When I tried that a select column appeared on my list. But if I press it nothing happens. My Infopath web part does not show item info just blank everywhere. Am I doing something wrong?

EDIT

Oh wow i got it to work with one single field. Is this how it works? You can select one single field and that’s all? I mean how useless this is xD I can’t understand SharePoint philosphy. Am i doing wrong or it’s the way we use this thing?

Sending item from list webpart to infopath webpart

So on a page, I have 2 web parts.

  • A list which contains some items.
  • And a InfoPath web part.

I would like to send the items from the list to the Infopath viewer but I don’t know how to achieve this.

Right now I’m trying to use “Connections” option. So from the list I tried using the “Send Row of Data To” and then I selected “content type“.

I’m not sure what else I could select for provider name. And I left blank the other box. I tried several different combinations but I don’t know how or if it is possible to do.

When I tried that a select column appeared on my list. But if I press it nothing happens. My Infopath web part does not show item info just blank everywhere. Am I doing something wrong?

EDIT

Oh wow i got it to work with one single field. Is this how it works? You can select one single field and that’s all? I mean how useless this is xD I can’t understand SharePoint philosphy. Am i doing wrong or it’s the way we use this thing?

Trigger a workflow when item is created by sending email to SharePoint list

I have assigned an email address mylist@office1.xyz.com to a sharepoint calendar list.

When I send an email to this calendar list email address, the list is updated and it reflects the meeting i created via outlook and also saves the attachment as .ics.

However, I want to further trigger a workflow to forward this new item to a SharePoint group. So essentially, when I create an event by sending email to this calendar list, I want a workflow to automatically send another email to a group of users.

The challenge is, it works when I manually create entry within the list and the email is sent; however when the entry is created by sending email to the list email address, the workflow doesn’t trigger and no email is sent.

Please suggest. Thanks in anticipation