I'm working on adding in one of the Digg APIs into an app I'm writing
and I'm having problems with it. I was wondering if there was anything
that I could inspect which would detail the full URL sent to the API.
tried posting a reply from email several times, but HoF seems to be broken...
We have a chunk of code on our footer that does the normal tracking.
outside the firewall or in the real world, or site runs fine,
inside the firewall it runs poorly.
any one care to explain how i could cfif the code out for users inside the
firewall..
i have played around with the all the cgi
cfif CGI.whatever contains first three octets of network IP block
cfelse
Load google code
/cfif
--
Scott Stewart
ColdFusion Developer
4405 Oakshyre Way
Raleigh, NC 27616
(h) 919.874.6229 (c) 703.220.2835
-Original Message-
From: Paul Ihrig [mailto:pih...@gmail.com]
Sent: Monday, April
i cant seem to be able to grab a variable that is different inside building
then outside.
every thing resolves to the same IP when pinged.
On Mon, Apr 6, 2009 at 8:13 AM, Scott Stewart sstwebwo...@bellsouth.netwrote:
cfif CGI.whatever contains first three octets of network IP block
cfelse
Use cgi.remote_addr ... that will be the address of the User, rather than
the Server. That should do it.
~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://www DOT rittal-corp DOT com/cgivars DOT cfm
ok i and the guy next to me get*
REMOTE_ADDR*: 63.144.103.200
so as long as that dosnt change i should be fine?
On Mon, Apr 6, 2009 at 9:59 AM, Jason Fisher ja...@wanax.com wrote:
Use cgi.remote_addr ... that will be the address of the
thanks
that seems to have done the trick..
On Mon, Apr 6, 2009 at 10:07 AM, Paul Ihrig pih...@gmail.com wrote:
http://www DOT rittal-corp DOT com/cgivars DOT cfm
ok i and the guy next to me get*
REMOTE_ADDR*: 63.144.103.200
so as long as that dosnt change i should be fine?
On Mon,
Hello,
I'm going through some testing with a Verity results page and for some reason,
the data displayed from PDF's shows a lot of question marks for quotes and
double quotes. I was thinking about doing a search and replace for these fields
but I can't capture what they actually are, because
Sounds like it's MS Word Smart Quotes
--
Scott Stewart
ColdFusion Developer
4405 Oakshyre Way
Raleigh, NC 27616
(h) 919.874.6229 (c) 703.220.2835
-Original Message-
From: Joe None [mailto:drue...@comcast.net]
Sent: Monday, April 06, 2009 12:04 PM
To: cf-talk
Subject: Verity Search
I tend to agree with that. You can use a replacelist to get rid of most of
the garbage from MS Word. Add as a filter to word pasted data and it should
work.
'#ReplaceList(trim(mywordtext),
,
,,,,®,©,,'',...,,,trade;,reg;,copy;)#',
Robert B. Harrison
Director of Interactive Services
Austin
Robert Harrison wrote:
I tend to agree with that. You can use a replacelist to get rid of most of
the garbage from MS Word. Add as a filter to word pasted data and it should
work.
or you could, you know, get encoding right.
I'm trying to create a page with two lists consisting of data from two
different sources. The first list is a table of real estate property
listings that have been processed and the second is a list of properties
*remaining* to be processed.
First, I obtained the processed listings:
CFQUERY
Robert Harrison wrote:
I tend to agree with that. You can use a replacelist to get rid of most of
the garbage from MS Word. Add as a filter to word pasted data and it should
work.
or you could, you know, get encoding right.
Do you know what encoding is used for Word's funky characters?
IN requires parentheses to delimit the expression it is searching within:
NOT IN (#listOfIds#) ...
And use CFQUERYPARAM. Really.
cheers,
barneyb
On Mon, Apr 6, 2009 at 11:02 AM, Dave Long d...@northgoods.com wrote:
I'm trying to create a page with two lists consisting of data from two
On Mon, Apr 6, 2009 at 2:02 PM, Dave Long d...@northgoods.com wrote:
Also use valuelist which means you don't need to create a list first.
CFQUERY name=GetResidential dataSource=#DSN1#
SELECT MLS_Number
FROM Residential
WHERE List_Firm = #FirmID#
AND MLS_Number NOT IN
Next I created a list from the first query:
CFOUTPUT query=GetRecord
CFSET list = #GetRecord.MLS_number#
/CFOUTPUT
This code does NOT produce a list. this only sets the list variable to the
current record's MLS_number. the correct code to create a list of all the
MLS_numbers in the
Hi there. We've just seen a hack attempt that we haven't seen before and I
wanted to get feedback.
The symptom is that some script code is inserted at the bottom of certain
pages (e.g. index.cfm). The script (which has been scrubbed) looks like
this:
script!--
var applstrna0 = if;
Ummm...try this:
cfquery name=getRecord datasource=#dsn2# -- second # was missing in
first query
select mls_number
from VPT
where mls_number
not in (select mls_number
from residential
where list_firm =
Well, that helped... I think.
I added a comma to the CFSET that creates the list:
CFOUTPUT query=GetRecord
cfset list = #ViewField2#,
#list#
/CFOUTPUT
Which displays:
87867, 88623, 89035, 89094, 89256, 100336, 100349, 100506, 100516, 100519,
100520, 100521, 100522, 100708, 100711, 100713,
I need to write a routine that executes various actions based on user
entered dates/times. The dates/times to act would be listed in a data base.
I really don't see a way to use the Scheduled Tasks page for this as that
seems more in tune to batch processing type stuff. The only way I can
I need to write a routine that executes various actions based on user
entered dates/times. The dates/times to act would be listed in a data base.
I really don't see a way to use the Scheduled Tasks page for this as that
seems more in tune to batch processing type stuff. The only way I can
You can have the page use cfschedule to set up an event to go off or
you can have a schedule set up to check every min. and see if
something needs to happen.
On Mon, Apr 6, 2009 at 12:07 PM, Robert Harrison
rob...@austin-williams.com wrote:
I need to write a routine that executes various
Robert,
For something like this, I generally have a scheduled task for a given
application that executes every 5 minutes (or whatever is appropriate). When
it executes, it queries a datatable of tasks that need to be executed. This
table can be updated manually or be data-driven (as it sounds
On Mon, Apr 6, 2009 at 11:02 AM, Dave Long d...@northgoods.com wrote:
So far, I am unable to find any other syntax for comparing the second query
results to the list. Can anyone advise me?
look into the valueList() function for getting a comma-delimited list
of values from a query column.
Is the malicious string in the actual index.cfm page on the server, or
is it being output on the page when CF processes it as part of a
variable from the form/url or database?
If the actual files on your web server have been modified, change all
your FTP and remote admin passwords immediately
Do a search on this list for 'exec('
There was a big todo about this last summer. Probably in your database
-Original Message-
From: Nick Gleason n.glea...@citysoft.com
Sent: Monday, April 06, 2009 2:19 PM
To: cf-talk cf-talk@houseoffusion.com
Subject: Question about hack
Hi there.
For something like this, I generally have a scheduled task for a given
application that executes every 5 minutes (or whatever is appropriate).
I may be able to do this. Sound feasible.
Now here's the next thought. How can I tell if a program is already running
in an application? Its
Robert,
To deal with that, I will de-activate the task item while it is running and
then reactivate when the task is done.
Or maybe I put an is_running flag on the record such that my pseudo code is
like this:
* Query for tasks that are active, need to be executed (by date), and are
NOT
Brad,
Many thanks for your response. We'll take a look at those things.
It appears that the code is in the actual index.cfm pages on the web server.
There are some old sites on this server that may be vulnerable, so that is a
theory. However, I would expect that kind of vulnerability to
William,
That's a great post - we're re-reading it now. However, this situation
seems to be code in the index.cfm page, not something being appended from
the db. So, I'm not sure if that post will be relevant in this case.
Thoughts?
N
-Original Message-
From: William
Thanks everyone, but I must be trying to accomplish the impossible with our
version 5 CF server. None of these suggestions has worked. I guess we're
just going to have to write down which listings we've processed.
Thanks again.
-Original Message-
From: Yuliang Ruan
Ben Forta was like, Yo, this.customtagpaths / listAppend(
this.customtagpaths, newPath ).
http://www.forta.com/blog/index.cfm/2007/4/24
But then the Adobe documentation's all like, this.customtagpath ( singular )
http://livedocs.adobe.com/coldfusion/8/htmldocs/help.html?content=AppEvents_01.html
It's an iframe injection hack. It will insert a hidden frame into any
index.* page it finds.
Some urls entries inserted are 'ggleleadsense.biz/?click=*',
'mediahousenameshopfilm.cn/in.cgi?income29'
Change FTP passwords...
-Original Message-
From: Nick Gleason
Why *not* use a CF scheduled task that runs every minute or so?
You could also use a database trigger that runs when a date/time record is
inserted into the respective table.
-Original Message-
From: Robert Harrison [mailto:rob...@austin-williams.com]
Sent: Monday, April 06, 2009 2:07
This is how I does it (in Application.CFC):
!--- Store the root path to application. ---
cfset THIS.RootPath = GetDirectoryFromPath( GetCurrentTemplatePath() ) /
!--- Build up an array of custom tag paths. ---
cfset THIS.CustomTagPathsArray = [
(THIS.RootPath tags/),
...,
...,
Charlie! You did it!!!
Dahnke! ¡Gracias! Thank you! Thank you! Thank you!!!
It's taken me all day to get this right. Thank goodness, I'm self-employed
or I'd be looking for a new place to sit down to work.
Dave
-Original Message-
From: Charlie Griefer
Nick, it is *POSSIBLE* for your actual index.cfm files to be modified
via SQL injection (xp_cmdshell on MS SQL Server), but it is highly
doubtful.
I can't think of a scenario where XSS could actually affect files on
your server since that is a client-based attack. The XSS attack would
need to
And if your CFML templates have been changed, it is possible that malware has
been installed on the server itself (via cfexecute).
In that case, you can no longer trust the host, or it's host (if it's
visualised). In the latter case, all other guests on the same box are also
suspect.
Tom
Hi Folks!
I hope it's ok to post this here; I know it's off-topic. But I just know many
of you here must work with talented designers.
I am looking for a good freelancer who excels at that Web 2.0 look for a
particular project.
Any suggestions?
--
Cheers!
Michael David
Nick:
In addition to FTP, etc., check to see if you have WebDAV enabled on your
server. It's an extension of HTTP that allows people to remotely author
files on a website. A couple of years back, a client of mine had their site
modified with WebDAV and, upon further review, every site on that
Hi there. We've just seen a hack attempt that we
haven't seen before and I wanted to get feedback.
The symptom is that some script code is inserted at
the bottom of certain pages (e.g. index.cfm). The
script (which has been scrubbed) looks like this:
script!--
var applstrna0 = if;
So, I guess one question is whether an XSS type
hack can result in code being added to a file on the
web server.
No, not by itself. The WebDAV that Mosh mentioned, that's a likely culprit.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
Fig Leaf Software provides the highest
In that case, you can no longer trust the host, or it's
host (if it's visualised). In the latter case, all other
guests on the same box are also suspect.
I've not heard of a remote exploit that can climb out of a VM.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
Fig Leaf
Thanks, I'll check it out.
Hmm I tried it and it dosn't seam to line wrap. The 220 and 300 are
actually x and Y co-ords. It's been a long time since I had to use
this.
I'd follow up on Rays suggestion here:
http://www.bennadel.com/resources/demo/imageutils/demos/index.cfm and
Joe None wrote:
Do you know what encoding is used for Word's funky characters?
depends on the language it's using but most likely windows-1252 which is a
*superset* of latin-1/iso-8859-1 (and is the cause of a lot of the encoding
problems most folks see) though you can probably just use
Anyone here have any experience with oAuth? Or better yet with Twitter's
oAuth implementation?
I'm just not making any headway. I've downloaded this:
http://oauth.riaforge.org/
But there's very little documentation on the CF oAuth side or on the Twitter
side.
Anyone ever get oAuth to work? I
46 matches
Mail list logo