RE: More Efficient (Faster) Method

2010-01-15 Thread Eric Nicholas Sweeney
Leigh - I believe it is when it is shipped TO you. (When the customer can expect it to show up.) It's based on the pricing/shipping matrix on FTD. (I need to duplicate their structure) http://www.ftd.com/delivery-charges/ They provide detailed charts of pricing and when Items can be expected

RE: More Efficient (Faster) Method

2010-01-15 Thread Eric Nicholas Sweeney
You are absolutely right Qing - a little sloppy of me in the coding. Fixed now. Thanks! As for the UDF - I am not sure that works - as I need Saturday as an option... Are there any thoughts on the cfifs and loops? Is that the "best" way to handle this? I may have to run this as a UDF several

RE: Recent SQL Injection attacks

2010-01-15 Thread Al Musella, DPM
What I do is similar.. IF I detect a sql injection, I also add the ip address of the user to my banned IP list. I ban them for a week.. this way if they manage to find a page that isn't protected, they can't do any damage. I use a server variable to hold the list of banned IP addresses, so I

RE: Recent SQL Injection attacks

2010-01-15 Thread Al Musella, DPM
What I do is similar.. IF I detect a sql injection, I also add the ip address of the user to my banned IP list. I ban them for a week.. this way if they manage to find a page that isn't protected, they can't do any damage. I use a server variable to hold the list of banned IP addresses, so I

RE: Recent SQL Injection attacks

2010-01-15 Thread Al Musella, DPM
What I do is similar.. IF I detect a sql injection, I also add the ip address of the user to my banned IP list. I ban them for a week.. this way if they manage to find a page that isn't protected, they can't do any damage. I use a server variable to hold the list of banned IP addresses, so I

RE: Recent SQL Injection attacks

2010-01-15 Thread Al Musella, DPM
What I do is similar.. IF I detect a sql injection, I also add the ip address of the user to my banned IP list. I ban them for a week.. this way if they manage to find a page that isn't protected, they can't do any damage. I use a server variable to hold the list of banned IP addresses, so I

RE: Recent SQL Injection attacks

2010-01-15 Thread Al Musella, DPM
What I do is similar.. IF I detect a sql injection, I also add the ip address of the user to my banned IP list. I ban them for a week.. this way if they manage to find a page that isn't protected, they can't do any damage. I use a server variable to hold the list of banned IP addresses, so I

RE: Recent SQL Injection attacks

2010-01-15 Thread Al Musella, DPM
What I do is similar.. IF I detect a sql injection, I also add the ip address of the user to my banned IP list. I ban them for a week.. this way if they manage to find a page that isn't protected, they can't do any damage. I use a server variable to hold the list of banned IP addresses, so I

RE: Recent SQL Injection attacks

2010-01-15 Thread Al Musella, DPM
What I do is similar.. IF I detect a sql injection, I also add the ip address of the user to my banned IP list. I ban them for a week.. this way if they manage to find a page that isn't protected, they can't do any damage. I use a server variable to hold the list of banned IP addresses, so I

RE: CFFILE move is copying

2010-01-15 Thread brad
Hmm, I've used that form many times and never had any problems. If you're on CF9, you can try the public bug tracker: http://cfbugs.adobe.com/cfbugreport/flexbugui/cfbugtracker/main.html If you really are having troubles submitting a bug via the go/wish form, your best bet might be to try and pi

Re: More Efficient (Faster) Method

2010-01-15 Thread Leigh
> > >#qryGetShipCosts.NextDay# What are the prices relative to: when the item is shipped by you, or when it is delivered? ~| Want to reach the ColdFusion community with something they want? Let them know on th

Re: CFFILE move is copying

2010-01-15 Thread Scott Brady
Well, I tried to, but every time I submit the form (using FireFox on Mac OS X), it says I haven't filled out forms I most certainly have filled out (e-mail address, etc.). Anyone know how to submit a bug report for their bug report form? :) On Fri, Jan 15, 2010 at 1:38 PM, wrote: > > Either

RE: Recent SQL Injection attacks

2010-01-15 Thread Chung Chow
On the SQL injection subject, here's something I add in all my projects. I usually use this snippet of code to intercept at the top level. It helps. if ( isdefined("cgi.query_string") and ( findnocase("DECLARE",cgi.query_string) or findnocase("CAST(",cgi.query_string) o

Re: More Efficient (Faster) Method

2010-01-15 Thread Qing Xia
Check out this UDF: http://www.cflib.org/udf/BusinessDaysAdd Also, if I may venture to suggest: 1. You don't need sharp signs inside ColdFusion tags 2. It would be nice to use cfqueryparam to pass in those variables to your query--faster and mor

RE: Recent SQL Injection attacks

2010-01-15 Thread Al Musella, DPM
For coldfusion, I use Fusionreactor.. I look at the request history, and you see the templates that were recently called with the url parameters.. when an attack is in progress, you see a lot of them with big url parameters. Easy to see at a glance. Best part is then you can view the sql

More Efficient (Faster) Method

2010-01-15 Thread Nick Sweeney
Hey everyone - I was wondering if anyone could suggest a "better" method of doing this. Essentially I am creating a dropdown list of Shipping Prices - based on the day they are making the purchase. (Customer defined "Next Day Shipping" prices - not UPS) It's Working - but I wonder if there is

RE: CFFILE move is copying

2010-01-15 Thread brad
Either way, you should write up all the details and some sample code and submit it to Adobe. http://www.adobe.com/go/wish ~Brad Original Message Subject: Re: CFFILE move is copying From: Scott Brady Date: Fri, January 15, 2010 5:18 am To: cf-talk Actually, I found a way

RE: Login protection and verification

2010-01-15 Thread Justin Scott
> I want to protect my site login. I first want to lock users > out after so many failed login attempts. Lock them out for > a specified amount of time. The way I usually approach this is to use a logging table. Each time a login is attempted it gets put into a table with the username, a times

Re: CF5 download

2010-01-15 Thread Dave Watts
> Maybe Halliwells should enter the 'comedy causer of the year' instead :-) > > -- > Helping to enthusiastically iterate sticky visionary infomediaries as part of > the IT team of the year, '09 and '08 I don't know, today's sounds more like a porn vendor, with the "sticky visionary infomediaries"

Re: CF5 download

2010-01-15 Thread Tom Chiverton
Maybe Halliwells should enter the 'comedy causer of the year' instead :-) -- Helping to enthusiastically iterate sticky visionary infomediaries as part of the IT team of the year, '09 and '08 This email is sent for and on behalf of Halliwel

Re: CFFILE move is copying

2010-01-15 Thread Scott Brady
Actually, I found a way around it. I'm using the underlying Java file reader (which is what I assume uses) that also includes a "close()" method that fixes it. I would think would do that automatically once you exit the loop (whether upon the end of the file or prematurely), but maybe there ar