Develop Reference

Is there way to be absolutely sure that access came from QR code scan? [duplicate]

I have this project where I need to know if a visitor legitimately arrived from a QR code. Document.referrer value from a QR code shows blank. I have looked at some answers suggesting to put parameter in the query string (e.g. ?source=qr), but anyone could easily add the parameter into the URL and my code would believe it is from a QR code (e.g. www.project.com/check.page?source=qr) . I have thought of adding codes to make sure it is from a mobile phone / tablet as secondary way to authenticate but many browsers have add-ons to fool websites.
Any suggestions would be greatly appreciated.
Thanks in advance.

I think the best solution for you is creating your regional QR Codes pointing to:
Region 1) http://example.com/?qr=f61060194c9c6763bb63385782aa216f
Region 2) http://example.com/?qr=731417b947aa548528344fab8e0f29b6
Region 3) http://example.com/?qr=df189e7f7c8b89edd05ccc6aec36c36d
if the value of the parameter qr is anything other than f61060194c9c6763bb63385782aa216f, 731417b947aa548528344fab8e0f29b6 or df189e7f7c8b89edd05ccc6aec36c36d, then you can ignore it and assume the user didn't come from any QR Code.
Of course, any user can remove the source parameter. But at least he can't add a valid one, unless he really had access to the code.

...but anyone could easily add the parameter into the URL and my code would believe it is from a QR code
Well, anyone could also scan the QR code, view the link, and remove the source=qr from it.
Data collection is never 100% reliable. Users can change their browser's user agent, inject cookies with some strange values, open your page through a proxy server, and so on.
You could create your own device or App for scanning the QR-code. If you read the post I've linked, you will see that this is a waste of time and resources.
So, what is left is to make a solution which will work for most of the users. Appending a source=qr parameter to your URL seems to be the simplest solution. You could also link to an entirely different domain and redirect the request, so it would be more fraud-safe. But it will never be 100% accurate.

I need help understanding how to refresh cache for a place id

I have installed a Everest GPlaces Business Reviews and have found the place id that is required to be added. But it comes back Saying:
The provided Place ID is no longer valid. Please refresh cached Place IDs as per https://developers.google.com/maps/documentation/places/web-service/place-id#save-id
I have read this but I have no idea where to add a field they talk about and am totally stuck. All the reviews plugins have this place id and I don't know what to do from here.
Hoping for some help with what to do. In basic language.
Thanks in advance

I'm no expert; I ran into this problem myself and to my knowledge it seems like reviews can't be pulled easily with most plugins, if the GMB is set up as anything other than a location with a physical address.
Instead of the Places API you'd want to use the My Business API... although if you are using a plugin (and don't want to add a physical location to your GMB) you're stuck.

User Identity Info

I've been messing around with creating my own implementation of an AspNet.Security.OAuthProviders by copying the GitHub example. Have a few questions..
First, I successfully authenticate but when I get back my User.Identity.Name is empty. I don't see that information coming back from my provider. Noob question I imagine, but do I have to explicitly request the information I want back? If so, how do I know what to ask for.. I'm kind of working blindly.
Second, in the GitHub example of the Handler, CreateTicketAsync immediately makes a call to the UserInformationEndpoint. In my use case, after getting authorized I want to go to a page that has some links to some api requests that will use the acquired authorization, rather than do it right away. I'm not sure if there is an example for that or I'm making incorrect assumptions and going about this the wrong way.
This is entirely supposed to be for demo purposes as a "how to" for other developers so I want to make sure I do things the correct way.

How do you ban a user from posting to your CQ5 blog?

Apologies if I'm missing something here, but is it possible to ban a user from posting to a blog?
Is there a way to integrate with something like toolator or similar?

Are you talking about banning the end users to comment on a blog which is on publish server ? Are you capturing the user's email ID and name before commenting ? If yes you might have to reverse replicate all the comments and their respective username and email, further provide author to determine which all they want to block this could be achieved through many ways, one way could be a participant step with workflow to approve the comments. Once these are approved prepare a list of users need to be blocked and publish them. Add the logic in your comment so that the user not in the banned list can only comment. These are just my thoughts for now. Hope this helps you to get some direction. Putting here as an answer rather than comment since cannot add it in comments its too long.

Is there any API call or way to read the LinkedIn comment on my self post using REST API?

i am using like this for LinkedIn Comment, is there any wrong in call? to read LinkedIn comments
https://api.linkedin.com/v1/people/~/network/updates?scope=self
but i didn't get the result for comments. i had tried also by passing "after" parameter as a time stamp but still there is no luck ..please help me to fix this issue
I am looking help from one of you guys

You have missed the oauth2_access_token
Take a look to:
https://developer.linkedin.com/documents/authentication