I 'm trying to use the Baas Parse for my Android application.
I've followed the quickstart guide with success, so i'have successfully registered a TestObject into my Parse database.
Now, I try to adapt Parse to my needs and to register a User into Parse database with that code:
Parse.initialize(this, "NkThBbZ4gcXQf3s59UGTozpCjKQbECVP5SmuXCkY", "n7a65t3o8fZNAXTOygWIg2L9Kui316yepfgoSdhf");
ParseObject userParse = new ParseObject("User");
userParse.put("username", user.getPseudonyme());
userParse.put("password", user.getPassword());
userParse.saveInBackground();
But it doesn't insert my user into the User table, instead it creates a new table and insert my User in that new User table.
The first User table is a default table created by parse as far as i understand but i don't understand why is it impossible to use it.
The result is that i have 2 Users tables.
Thank you very much for your answers if anyone had the same problem.
Sebastien
The pre-made User table actually has an underscore before it. It is the _User table, not the User table. The underscore is to signify it's a special class that Parse gives you. Use _User instead of User.
Related
I am trying to create a java servlet with a NoSQL injection vulnerability. I've connected the servlet with MongoDB and check if the login info submitted by the user exists, I'm doing the next query:
String andQuery = "{$and: [{user: \""+u+"\"}, {password: \""+p+"\"}]}";
Where u is the user and p is the password given by the user.
For what I've seen this is correct, and the NoSQL injection should exist, bu I really dont kno how to prove it.
I've tried submitting with burp this:
username[$ne]=1&password[$ne]=1
But its not working, and when I check the content of u and p after I submitted that the content of both variables is null.
I dont have the servlet configured to receive json objects so I need a solition that doesn't imply send a json object with burp.
PD: I tryed also to insert something like this:
{\"$gt\":\"\" }
in the user and password fields but the result query is
{"$and": [{"user": "{\"$gt\":\"\" }"}, {"password": "{\"$gt\":\"\" }"}]}
I guess this doesn't work because the {"$gt":"" } is in quotes, ¿how can I do the servlet to be vulnarable and with which input it would be vulnerabel?
how to display record data depending on user login?
Means when a logged in to application page, data or record searched must be related to user.
thanks.
One way might be to use the SQL-Server SUSER_NAME() function. For example:
select <<some data>> from <<some table>> where SUSER_NAME() = "selected_user"
I am trying to print all users I have saved on Parse database on my screen. But somehow it doesn't work, I can print the data from all other tables expect the users...
I think the problem is somewhere here, because when I change the "Todo" to User table it doesn't work anymore...
mainAdapter = new ParseQueryAdapter<ParseObject>(this, "Todo");
mainAdapter.setTextKey("title");
any suggestions? Thanks!
The user class is special (so are a couple of others) because it's built into the platform. The name doesn't work because the name is private. As you can see _Users is the private name, but you shouldn't use it - you can't guarantee it won't change. The correct way to query is:
ParseQuery<ParseUser> query = ParseUser.getQuery();
I created an user whit XXX username from java code.
Because it was done with wrong permission and I can't see it from web interface, I delete directly from database.
After that if I try to create the same user I got the following exeception:
com.liferay.portal.GroupFriendlyURLException
What could gone wrong?
After some investigation I discover that:
Store user info in USER_ table
For each USER_ row there are a row in GROUP_ table, where personal sites url are
On user cration Liferay use username to generate a friendly url
this url have to be validated, and one rule is that must be unique
My problem was that I deleted the USER_ row only, so whe I tried to recreate deleted user control on GROUP_ table failed.
So I solved with:
GROUP_ row deletion (the one whit / on friendly url column)
Liferay restart
On my User class I have a field that is a list of strings:
#Persistent
private List<String> openIds;
When I create a new user I do this:
User user = new User();
user.openIds.add(openid);
pm.makePersistent(user);
When I break after that last line and look, the openIds contains the openid I put in there.
But, when I later call User user = pm.getObjectById(User.class, id); with the correct id, the openIds field is an empty list.
Anyone know what could cause that?
EDIT: BTW I'm running on the Google App Engine
UPDATE: Looking at the datastore viewer, I can see the openid was correctly stored in the database. So its just not getting it out correctly...
UPDATE 2: Its working fine now. I'm pretty sure I didn't change anything. I think what must have happened is that there was an old version of the user object being pulled from the database. A user object that was put in before I had the code that saves the openid. Once I wiped the database things worked fine.
Not putting that field in the fetch plan ?
Accessing persistent fields directly, rather than going via setters ?