Re: Honest question about cfform
Gerald, I used to use CFFORM, and it quickly got outdated as HTML and CSS and Javascript and jquery moved on. These days HTML5 is the go with CSS3. CFFORM doesnt produce those. Therefore things like client side validation, placeholder text, cross-browser issues, mobile devices are all possible but much more difficult to allow for with CFFORM than with the newer HTML5/CSS3 approach. Those new features are all built in with the new HTML5/CSS3 approach. Believe me, you'll get a much better result if you go to the trouble of converting to HTML/CSS3. You will have more control over the displayed result, you'll have better client-side scripting with inbuilt html features and jquery and the resulting form on a mobile device will be a far better product. As I said, I used to use CFFORM and at the time, it seemed like the bees knees. But now it just seems SOO old fashioned. I inherited a site that had CFFORM and the java applets all over it (CFGRID etc) and it pretty soon showed that it was a nightmare to do updates on, and as more and more of our users wanted to use devices that didnt have flash and java on them, we got more and more problems. It soon proved that we needed to change to a pure HTML/CSS3/jquery approach for all client-side stuff, leaving ColdFusion to handle the backend server-side stuff, which is where CFML really struts its stuff and knocks everything else out of the park. (Sorry about the mixed metaphor!) Cheers Mike Kear Windsor, NSW, Australia Adobe Certified Advanced ColdFusion Developer AFP Webworks http://afpwebworks.com ColdFusion Enterprise, PHP, ASP, ASP.NET hosting from AUD$15/month On Tue, Mar 4, 2014 at 5:26 PM, Wil Genovese jugg...@trunkful.com wrote: There is always better ways to do things than using the client side CF code. I have not looked at the output of CFFORM JavaScript in ages, but if it has not been updated at all there's a good chance it's not fully compatible with today's browsers. There are also form validation frameworks. One that I know of is ValidateThis http://www.validatethis.org/ I'm not sure if this will work in your case. It's worth at least looking into it. There are options and most will be better than CFFORM. Regards, Wil Genovese Sr. Web Application Developer/ Systems Administrator CF Webtools www.cfwebtools.com wilg...@trunkful.com www.trunkful. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357829 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Honest question about cfform
The cfide has caused so many security issues that it is best to simply avoid using it all and do not even have it in your site. The other issue is that you are reliant on this virtual dir. I have seen many customers who were oblivious to this requirement when they moved their hosting and as a result all their form validation on their site was broken since day 1. I have seen customers run for years like this and ended up forms being used for spam and websites defaced as a result. The results ptoduced by cfform are also generally considered poor and bloated. It is best to use code and libraries that are part of your site and can be easily updated. Russ Michaels www.michaels.me.uk cfmldeveloper.com cflive.net cfsearch.com On 4 Mar 2014 09:06, Mike K afpwebwo...@gmail.com wrote: Gerald, I used to use CFFORM, and it quickly got outdated as HTML and CSS and Javascript and jquery moved on. These days HTML5 is the go with CSS3. CFFORM doesnt produce those. Therefore things like client side validation, placeholder text, cross-browser issues, mobile devices are all possible but much more difficult to allow for with CFFORM than with the newer HTML5/CSS3 approach. Those new features are all built in with the new HTML5/CSS3 approach. Believe me, you'll get a much better result if you go to the trouble of converting to HTML/CSS3. You will have more control over the displayed result, you'll have better client-side scripting with inbuilt html features and jquery and the resulting form on a mobile device will be a far better product. As I said, I used to use CFFORM and at the time, it seemed like the bees knees. But now it just seems SOO old fashioned. I inherited a site that had CFFORM and the java applets all over it (CFGRID etc) and it pretty soon showed that it was a nightmare to do updates on, and as more and more of our users wanted to use devices that didnt have flash and java on them, we got more and more problems. It soon proved that we needed to change to a pure HTML/CSS3/jquery approach for all client-side stuff, leaving ColdFusion to handle the backend server-side stuff, which is where CFML really struts its stuff and knocks everything else out of the park. (Sorry about the mixed metaphor!) Cheers Mike Kear Windsor, NSW, Australia Adobe Certified Advanced ColdFusion Developer AFP Webworks http://afpwebworks.com ColdFusion Enterprise, PHP, ASP, ASP.NET hosting from AUD$15/month On Tue, Mar 4, 2014 at 5:26 PM, Wil Genovese jugg...@trunkful.com wrote: There is always better ways to do things than using the client side CF code. I have not looked at the output of CFFORM JavaScript in ages, but if it has not been updated at all there's a good chance it's not fully compatible with today's browsers. There are also form validation frameworks. One that I know of is ValidateThis http://www.validatethis.org/ I'm not sure if this will work in your case. It's worth at least looking into it. There are options and most will be better than CFFORM. Regards, Wil Genovese Sr. Web Application Developer/ Systems Administrator CF Webtools www.cfwebtools.com wilg...@trunkful.com www.trunkful. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357830 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
SQL Global String Replace
Does anyone have an update program that can update a text string in all tables/rows/columns of an MS SQL data base? Need to do a global text string replace on several sites. Any help appreciated. Thanks, Robert Harrison Director of Interactive Services Austin Williams Advertising I Branding I Digital I Direct 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 T 631.231.6600 X 119 F 631.434.7022 http://www.austin-williams.com Blog: http://www.austin-williams.com/blog Twitter: http://www.twitter.com/austin_wi ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357831 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Honest question about cfform
On 3/3/2014 10:39 PM, Gerald Guido wrote: Why are people so vehemently opposed so to CFForm? Many TIA in advance, Curious-G! -- Gerald Guido Twitter https://twitter.com/CozmoTrouble Blarg http://www.myinternetisbroken.com Facebook https://www.facebook.com/gerald.guido.9 ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357832 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: SQL Global String Replace
you mean like this http://www.mssqltips.com/sqlservertip/1555/sql-server-find-and-replace-values-in-all-tables-and-all-text-columns/ On Tue, Mar 4, 2014 at 1:55 PM, Robert Harrison rob...@austin-williams.comwrote: Does anyone have an update program that can update a text string in all tables/rows/columns of an MS SQL data base? Need to do a global text string replace on several sites. Any help appreciated. Thanks, Robert Harrison Director of Interactive Services Austin Williams Advertising I Branding I Digital I Direct 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 T 631.231.6600 X 119 F 631.434.7022 http://www.austin-williams.com Blog: http://www.austin-williams.com/blog Twitter: http://www.twitter.com/austin_wi ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357833 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: SQL Global String Replace
Take a look at the sys.tables and sys.columns tables in your SQL database. You should be able to write a couple of cursors to loop over each and just print out the SQL to run separately (or you can get fancy and generate the SQL statement and run it via EXEC sp_executeSQL functions). I don't have my SQL server handy but can take a look later. -- Jeff -Original Message- From: Robert Harrison [mailto:rob...@austin-williams.com] Sent: Tuesday, March 04, 2014 6:56 AM To: cf-talk Subject: SQL Global String Replace Does anyone have an update program that can update a text string in all tables/rows/columns of an MS SQL data base? Need to do a global text string replace on several sites. Any help appreciated. Thanks, Robert Harrison Director of Interactive Services Austin Williams Advertising I Branding I Digital I Direct 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 T 631.231.6600 X 119 F 631.434.7022 http://www.austin-williams.com Blog: http://www.austin-williams.com/blog Twitter: http://www.twitter.com/austin_wi ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357834 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: SQL Global String Replace
Yes, I do mean like that, but I was really hoping someone had it already written up in CF with a tested procedure they would be willing to share. I was able to find several downloads for PHP, but nothing for CF. Thanks Robert Harrison Director of Interactive Services Austin Williams Advertising I Branding I Digital I Direct 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 T 631.231.6600 X 119 F 631.434.7022 http://www.austin-williams.com Blog: http://www.austin-williams.com/blog Twitter: http://www.twitter.com/austin_ ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357835 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: SQL Global String Replace
Actually, that's the kind of operation that you'd not want to perform in CF (or PHP or any other database client). Unless you truly need all that data within a CF page for some other reason, you shouldn't be sending it all back and forth between DBMS and CF. --- Ben (Sent from my newest Android device) On Mar 4, 2014 6:08 AM, Robert Harrison rob...@austin-williams.com wrote: Yes, I do mean like that, but I was really hoping someone had it already written up in CF with a tested procedure they would be willing to share. I was able to find several downloads for PHP, but nothing for CF. Thanks Robert Harrison Director of Interactive Services Austin Williams Advertising I Branding I Digital I Direct 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 T 631.231.6600 X 119 F 631.434.7022 http://www.austin-williams.com Blog: http://www.austin-williams.com/blog Twitter: http://www.twitter.com/austin_ ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357836 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: SQL Global String Replace
Actually, that's the kind of operation that you'd not want to perform in CF (or PHP or any other database client). Unless you truly need all that data within a CF page for some other reason, you shouldn't be sending it all back and forth between DBMS and CF. ... I'm going to do this locally, but it seems to be done in PHP as a matter of course. We use such a thing on our WordPress sites when to change the URLs we move from a staging URL to a live URL, and there are lots of PHP programs prewritten to do just that. What I'm doing here is the same thing... changing URLs embedded into the CMS pages. - Robert ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357837 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Honest question about cfform
I think it is acceptable to let CF do some things for you. For example, I don't want to go to Java and write the code to handle database calls. Could I? Sure. (Ok, I lie.) But is it a good use of my time? Probably not. I let CF handle that aspect for me and it has never been a problem. On the flip side, letting CF handle client side JS for me *has* caused me problems in the past. In many cases, I needed to do something different than what CF did. Sometimes this is easy to do, sometimes not. But in the cases where it was easy to do, I've gotten screwed when an CF update changes things that makes my customizations break. Back when CFFORM (and other client side tags, cftable anyone) was added, client side dev wasn't easy. CF was a great help in that area 10 years ago. But guess what? Client side dev has come a LONG way since then. Is it perfect? Of course not. But there are numerous libraries, tools, etc to help make this easier. The simple fact is that CF is *not* a benefit anymore in this area. It is *epic* for handling data integration with client side apps and I'd focus on that instead. On Tue, Mar 4, 2014 at 8:02 AM, Scott Stewart webmas...@sstwebworks.comwrote: On 3/3/2014 10:39 PM, Gerald Guido wrote: Why are people so vehemently opposed so to CFForm? Many TIA in advance, Curious-G! -- Gerald Guido Twitter https://twitter.com/CozmoTrouble Blarg http://www.myinternetisbroken.com Facebook https://www.facebook.com/gerald.guido.9 ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357838 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Honest question about cfform
Why are people so vehemently opposed so to CFForm? Mainly for historical reason. I don't know how is CFForm nowadays, but when it first appeared in CF, it was really week, missing a lot of essential features, and every message coming out of it was only in English, making it not an option for any application in any other language. Also, data validation was only server side, users prefer client side data validation. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357839 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Honest question about cfform
I have used cf since v4 and it has always had both client side and server side validation On Tue, Mar 4, 2014 at 2:45 PM, wrote: Why are people so vehemently opposed so to CFForm? Mainly for historical reason. I don't know how is CFForm nowadays, but when it first appeared in CF, it was really week, missing a lot of essential features, and every message coming out of it was only in English, making it not an option for any application in any other language. Also, data validation was only server side, users prefer client side data validation. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357840 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: Honest question about cfform
I have used cf since v4 and it has always had both client side and server side validation Ditto... but for client side validation I seldom use CFFORM unless it is a very simple form. CFFORM is good for required fields and for some validation of data types entered in fields. It falls short when there is any conditional validation (i.e., the validation for one field depends on the response made in a previous field) and it falls short on the aesthetics of reporting errors. Unless they've added something new I'm unaware of, it still uses an alert to show errors. Generally I'll use jQuery validation or write my own script. The user experience can be much improved from CFFORM validation. Robert Harrison Director of Interactive Services Austin Williams Advertising I Branding I Digital I Direct 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 T 631.231.6600 X 119 F 631.434.7022 http://www.austin-williams.com Blog: http://www.austin-williams.com/blog Twitter: http://www.twitter.com/austin_ ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357841 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Honest question about cfform
On Mon, Mar 3, 2014 at 10:42 PM, Gerald Guido wrote: My bad: Why are people so vehemently opposed to CFForm? Rule of thumb: Anything that is built into CF and spits out Java, Javascript, Flash, or any other client side parsed in the browser stuff should be avoided. Adobe has a roughly 18 month cycle on releases of ColdFusion so it will be at least 18 months out of date as some point, maybe 36 month if they skip updating it in a release. That's essentially a lifetime on the client side. You control the server side. So that code gets old and crufty, who cares? You do not control the client side, it needs to be able to grow and adapt alongside browsers as they evolve. Not on a 18-36 month release cycle dictated by an outside vendor. -Cameron PS: Cough, cough, PhoneGap integration, cough, cough, bleagh ... ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357842 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Honest question about cfform
That may have been the case at one time. HOWEVER with HTML 5 and such jQuery plugins as jQuery.Validate, even that argument in favour of CFFORM is no longer valid. With HTML 5 (assuming that the client browser can handle it) even required fields are much easier to do than with CF now. About the only thing I can see CFForm working well is with dependent selects. And that's only because I haven't tried setting up my own in jQuery or have used a jQuery plugin. I have used cf since v4 and it has always had both client side and server side validation Ditto... but for client side validation I seldom use CFFORM unless it is a very simple form. CFFORM is good for required fields and for some validation of data types entered in fields. It falls short when there is any conditional validation (i.e., the validation for one field depends on the response made in a previous field) and it falls short on the aesthetics of reporting errors. Unless they've added something new I'm unaware of, it still uses an alert to show errors. Generally I'll use jQuery validation or write my own script. The user experience can be much improved from CFFORM validation. Robert Harrison Director of Interactive Services Austin Williams Advertising I Branding I Digital I Direct 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 T 631.231.6600 X 119 F 631.434.7022 http://www.austin-williams.com Blog: http://www.austin-williams.com/blog Twitter: http://www.twitter. com/austin_ ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357843 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Honest question about cfform
On Mar 4, 2014 5:40 AM, Gerald Guido wrote: Why are people so vehemently opposed so to CFForm? Because it will only get you so far. And once you want to go further, you'll find that you can't. So then you have to go back, rip out cfform and replace it with something else. At which point you will discover that whatever skills you learned using cfform are useless because they don't transfer to other form frameworks. All of this is just fine if you know it beforehand and plan for it. But at the same time you are developing your cfform project, the rest of the world is moving forward. And I am guessing too many of us got burned when a project initially was fine with cfform, but then the requirements changed and it wasn't anymore Additionally I suspect plain old snobbery: it is not a technologically good solution, therefore it can never be a good solution from an ROI perspective. Jochem ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357844 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Honest question about cfform
And btw - don't forget - there is a whole project dedicated to helping you replace these items. (So instead of just saying Dont Do X, we can do Do This) - https://github.com/cfjedimaster/ColdFusion-UI-the-Right-Way On Tue, Mar 4, 2014 at 11:25 AM, Jochem van Dieten joch...@gmail.comwrote: On Mar 4, 2014 5:40 AM, Gerald Guido wrote: Why are people so vehemently opposed so to CFForm? Because it will only get you so far. And once you want to go further, you'll find that you can't. So then you have to go back, rip out cfform and replace it with something else. At which point you will discover that whatever skills you learned using cfform are useless because they don't transfer to other form frameworks. All of this is just fine if you know it beforehand and plan for it. But at the same time you are developing your cfform project, the rest of the world is moving forward. And I am guessing too many of us got burned when a project initially was fine with cfform, but then the requirements changed and it wasn't anymore Additionally I suspect plain old snobbery: it is not a technologically good solution, therefore it can never be a good solution from an ROI perspective. Jochem ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357845 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Best practices for xss security in CMS? - Related Question
On Mon, Mar 3, 2014 at 5:11 PM, Nick Gleason n.glea...@citysoft.com wrote: Pete, Much appreciated. I guess where I'm being a bit of a dunce is that in your example, if a malicious url.query variable was passed in by a hacker, wouldn't the display only be available on that single request? And if I come to the same search form 2 minutes later and do a normal search, won't it be clean? I guess that, assuming we have no sql injection to the db, I don't see how that attack stays persistent (as it would possibly for a comment or forum post). Sorry to be over-simple on this. Hi Nick, It is not a persistent attack unless it gets saved to a DB somewhere, etc. But it is still considered harmful, for example if I send you a link that uses javascript to write a login form on the page that submits to my server... then that is not a good thing. Normal visitors can't parse a query string to recognize that it is rewriting the DOM, especially when they see HTTPS they expect that everything on the page is as you intended it. Or the attacker might simply grab cookies and use them to hijack the victim's session. These examples are a bit more targeted, they will probably effect every user of the site but the attacker can use the hole to eventually get the info they are after. Re: the content security policy, that looks very interesting. Watching a presentation on it now. One quick question. If we are using that on a site and then an admin comes in and uses an iframe widget from youtube to display a video on a page in the site, does that get filtered by CSP (and require an exception for youtube)? I gather that would need to be excepted in the frame-src header, right? Yes you would have to allow the youtube.com domain in your CSP header, eg: Content-Security-Policy: default-src 'self'; frame-src 'self' youtube.com; One thing to keep in mind with Content-Security-Policy is that when you enable it, it will also block inline scripts and style elements, you can override that using unsalfe-inline but then you also loose a lot of the benefits of CSP. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357846 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: SQL Global String Replace
I agree with Ben...this is something that you should be running in SQL Management Studio. ColdFusion is not meant to run this kind of stuff (unless you set the timeout on your templates to 0). The code attached below will loop over all of the user tables, and then loop over all of the text type columns for that table while writing out an update statement. Send your results to Text in the query window. Then you can cut and paste the text results into a new query window and run it. Make sure you change the text values to be changed and what they are going to be changed to. Also, if your tables follow a naming convention, you can add that to the first cursor declaration as an additional where clause... DECLARE @tableName NVARCHAR(255), @objectID BIGINT, @columnName NVARCHAR(255), @TextToReplace NVARCHAR(1000), @ReplaceTextWith NVARCHAR(1000) SET @TextToReplace = 'www.mysite.com' SET @replaceTextWith = 'www.mynewsite.com' DECLARE userTables CURSOR FOR SELECT name, object_id FROM sys.tables WHERE [type] = 'U' OPEN userTables FETCH NEXT FROM userTables INTO @tableName, @objectID WHILE @@FETCH_STATUS = 0 BEGIN PRINT 'UPDATE ' + @tableName + ' SET ' /* Select the columns from the table where the data type is a text type column Text- 35 sql_variant - 98 ntext - 99 varchar - 167 char- 175 nvarchar- 231 nchar - 239 */ DECLARE userColumns CURSOR FOR SELECT name FROM sys.columns WHERE object_id = @objectID AND system_type_id IN (35,98,99,167,175,231,239) OPEN userColumns FETCH NEXT FROM userColumns INTO @columnName WHILE @@FETCH_STATUS = 0 BEGIN PRINT '[' + @columnName + '] = REPLACE([' + @columnname + '], ''' + @TextToReplace + ''', ''' + @ReplaceTextWith + '''),' FETCH NEXT FROM userColumns INTO @columnName END CLOSE userColumns DEALLOCATE userColumns PRINT '1=1' PRINT 'GO' PRINT ' ' FETCH NEXT FROM userTables INTO @tableName, @columnName END CLOSE userTables DEALLOCATE userTables Original Message From: Robert Harrison rob...@austin-williams.com Sent: Tuesday, March 04, 2014 7:19 AM To: cf-talk cf-talk@houseoffusion.com Subject: RE: SQL Global String Replace Actually, that's the kind of operation that you'd not want to perform in CF (or PHP or any other database client). Unless you truly need all that data within a CF page for some other reason, you shouldn't be sending it all back and forth between DBMS and CF. ... I'm going to do this locally, but it seems to be done in PHP as a matter of course. We use such a thing on our WordPress sites when to change the URLs we move from a staging URL to a live URL, and there are lots of PHP programs prewritten to do just that. What I'm doing here is the same thing... changing URLs embedded into the CMS pages. - Robert ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357847 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: ColdFusion ListServ app
Thanks Graham. Unfortunately creating accounts in GMail is not something our users will want to do, nor managing their email addresses in the group account something we want to do. Thanks for the ideas but I think we will use Exchange to do the ListServ and CF to manage the subscriptions and users. For the mailing lists I run is powered by software called Sympa. www. sympa.org. It utilizes MySQL back end and I am working on a cfml interface for it ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357848 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Honest question about cfform
Thank you all for taking the time to answer. It has been most enlightening.I must say that assumptions made were more interesting than the answers themselves. G! -- Gerald Guido Twitter https://twitter.com/CozmoTrouble Blarg http://www.myinternetisbroken.com Facebook https://www.facebook.com/gerald.guido.9 On Tue, Mar 4, 2014 at 12:35 PM, Raymond Camden raymondcam...@gmail.comwrote: And btw - don't forget - there is a whole project dedicated to helping you replace these items. (So instead of just saying Dont Do X, we can do Do This) - https://github.com/cfjedimaster/ColdFusion-UI-the-Right-Way On Tue, Mar 4, 2014 at 11:25 AM, Jochem van Dieten joch...@gmail.com wrote: On Mar 4, 2014 5:40 AM, Gerald Guido wrote: Why are people so vehemently opposed so to CFForm? Because it will only get you so far. And once you want to go further, you'll find that you can't. So then you have to go back, rip out cfform and replace it with something else. At which point you will discover that whatever skills you learned using cfform are useless because they don't transfer to other form frameworks. All of this is just fine if you know it beforehand and plan for it. But at the same time you are developing your cfform project, the rest of the world is moving forward. And I am guessing too many of us got burned when a project initially was fine with cfform, but then the requirements changed and it wasn't anymore Additionally I suspect plain old snobbery: it is not a technologically good solution, therefore it can never be a good solution from an ROI perspective. Jochem ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:357849 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm