Re: Coldfusion Glassfish Apache
On Thursday 25 Jun 2009, Dirk Johnson wrote: I have a difference of opinion on how the whole cf8, glassfish, apache Can't speak for Glassfish, but ... I think that once you deploy cf8 to glassfish you mod_rewrite/mod_proxy in apache with different virtual hosts and document roots and you should be able to serve multiple domains with requests like myweb.com and yourweb.com from document roots of san/websites/myweb and san/websites/yourweb. ... that is certainly how Railo's CFML engine works. You deploy their J2EE app into the app server, and it's available to all the virtual hosts (defined at the app server level, not the Apache level, so you have to duplicate the virtual host config in Apache, where the rewrite rules are). He believes that cf and glassfish need to be altered Assuming he means 'configured'... so that the cf app can be root along with serving myweb.com as root. Any thoughts that could help me clarify this once and for all? ... he's right. As above, you need to setup virtual hosts in Glassfish, I guess. -- Helping to enthusiastically syndicate intuitive relationships as part of the IT team of the year, '09 and '08 This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB. A list of members is available for inspection at the registered office together with a list of those non members who are referred to as partners. We use the word partner to refer to a member of the LLP, or an employee or consultant with equivalent standing and qualifications. Regulated by the Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500. For more information about Halliwells LLP visit www.halliwells.co ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323965 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Coldfusion Glassfish Apache
I've not tried this myself, but ... http://www.dagen.net/blog/2008/08/look-ma-no-jrun/ Andy 2009/6/26 Tom Chiverton tom.chiver...@halliwells.com: On Thursday 25 Jun 2009, Dirk Johnson wrote: I have a difference of opinion on how the whole cf8, glassfish, apache Can't speak for Glassfish, but ... I think that once you deploy cf8 to glassfish you mod_rewrite/mod_proxy in apache with different virtual hosts and document roots and you should be able to serve multiple domains with requests like myweb.com and yourweb.com from document roots of san/websites/myweb and san/websites/yourweb. ... that is certainly how Railo's CFML engine works. You deploy their J2EE app into the app server, and it's available to all the virtual hosts (defined at the app server level, not the Apache level, so you have to duplicate the virtual host config in Apache, where the rewrite rules are). He believes that cf and glassfish need to be altered Assuming he means 'configured'... so that the cf app can be root along with serving myweb.com as root. Any thoughts that could help me clarify this once and for all? ... he's right. As above, you need to setup virtual hosts in Glassfish, I guess. -- Helping to enthusiastically syndicate intuitive relationships as part of the IT team of the year, '09 and '08 This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB. A list of members is available for inspection at the registered office together with a list of those non members who are referred to as partners. We use the word partner to refer to a member of the LLP, or an employee or consultant with equivalent standing and qualifications. Regulated by the Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500. For more information about Halliwells LLP visit www.halliwells.co ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323966 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: PHP to CF pseudo code...
Well Done. :) -Original Message- From: Peter Boughton [mailto:bought...@gmail.com] Sent: Thursday, June 25, 2009 5:54 PM To: cf-talk Subject: Re: PHP to CF pseudo code... Not sure it's how I'd write a rating widget, but here's a fairly direct translation. (Untested, so may contain stupid bugs.) cffunction name=in_range returntype=Numeric output=false cfargument name=Val type=Numeric / cfargument name=From type=Numeric default=0 / cfargument name=To type=Numeric default=100 / cfreturn min( Arguments.To , max( Arguments.From , Arguments.Val ) ) / /cffunction cffunction name=get_dbfile returntype=string output=false !--- I *think* __FILE__ from original is a global constant... not really sure? I've plonked it into Application --- cfreturn rereplace( Application.File , '\.php$' , '.dat' ) / /cffunction cffunction name=get_votes returntype=Struct output=false cfset var dbfile = get_dbfile() / cfif FileExists(dbfile) cfreturn deserializeJson( FileRead(dbfile) )/ cfelse cfreturn { votes : 0 , sum : 0 , avg : 0 } / /cfif /cffunction cffunction name=save_vote returntype=Struct output=false cfargument name=Vote type=Numeric / cfscript var db = get_votes() ; db.votes++ ; db.sum += Arguments.Vote ; db.avg = round( 100 * db.sum / db.votes ) / 100 ; FileWrite( get_dbfile() , serializeJson( db ) ) ; /cfscript cfreturn db / /cffunction That needs CF8 or Railo 3. If you've got Railo, you can do serialize/deserialize without using JSON, and also use the terniary if operator (as the PHP version does). ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323967 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: PHP to CF pseudo code...
Thanks Peter. Bonus on actually writing it out. Ultimately, I was just trying to understand the PHP a bit better. -Original Message- From: Peter Boughton [mailto:bought...@gmail.com] Subject: Re: PHP to CF pseudo code... Not sure it's how I'd write a rating widget, but here's a fairly direct translation. (Untested, so may contain stupid bugs.) cffunction name=in_range returntype=Numeric output=false cfargument name=Val type=Numeric / cfargument name=From type=Numeric default=0 / cfargument name=To type=Numeric default=100 / cfreturn min( Arguments.To , max( Arguments.From , Arguments.Val ) ) / /cffunction cffunction name=get_dbfile returntype=string output=false !--- I *think* __FILE__ from original is a global constant... not really sure? I've plonked it into Application --- cfreturn rereplace( Application.File , '\.php$' , '.dat' ) / /cffunction cffunction name=get_votes returntype=Struct output=false cfset var dbfile = get_dbfile() / cfif FileExists(dbfile) cfreturn deserializeJson( FileRead(dbfile) )/ cfelse cfreturn { votes : 0 , sum : 0 , avg : 0 } / /cfif /cffunction cffunction name=save_vote returntype=Struct output=false cfargument name=Vote type=Numeric / cfscript var db = get_votes() ; db.votes++ ; db.sum += Arguments.Vote ; db.avg = round( 100 * db.sum / db.votes ) / 100 ; FileWrite( get_dbfile() , serializeJson( db ) ) ; /cfscript cfreturn db / /cffunction ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323968 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Switched from CF to Java - need tool recommendations
SQLyog from WebYog: http://www.webyog.com/en/sqlyog_feature_list.php +1 for SQLYog - Great tool. I am rather fond of HeidiSQL. It is the reincarnation of Mysql Front which was my Mysql workhorse for many years. http://www.heidisql.com NetBeans is another popular free Java IDE http://www.netbeans.org/ HTH G! SQLyog from WebYog: http://www.webyog.com/en/sqlyog_feature_list.php Navicat: http://www.navicat.com/ ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323969 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: FedEx Rates
If there is a .NET example, you should be able to glean enough information from it to write your own code. -Original Message- From: Chad Gray [mailto:cg...@careyweb.com] Sent: Thursday, June 25, 2009 11:38 AM To: cf-talk Subject: FedEx Rates I am having a hard time finding example code for FedEx rate web service. They have example code on their web site for everything but CF. I checked RIAForge and could not find a project. Anyone have example code? I am reading through the docs and I cant even find the URL to hit the web service. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323970 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
How to model a large combo box function.
Trying to build a proof of concept for my first web 2.0 ish application. I want to build a combo box like select interface that will allow a user to select a product from a list of 51,000+ items. I am imagining a front end that will have a place to type in part of a name for a product and have a list of the the items be filtered as one type, ideally highlighting the part of the product name that matches what has been typed in to the box. What I think I need is a back end component that will incrementally deliver the list of products to the user interface as well as respond to input from the control to change the filter the over all list that is incrementally delivered to the interface. In more colorful language. I well understand how to send an entire loaf of data to something. How does one control this to send the loaf in small bites. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323971 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
ColdFusion and RSS
I wrote a blog using CF (actually, I started with someone else's code). I am having occasional troubles with my RSS. What happens is that I post an entry, usually it is something that I've pasted into the text box, and then the RSS feed fails because of invalid characters. When I create the RSS feed, I am generating the description element by surrounding the results from my db call with xmlformat, as description#xmlFormat(post)#/description I am not using HTMLCodeFormat nor HTMLEditFormat prior to saving the post. Perhaps it is as simple as using one of those? Thanks! ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323972 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: ColdFusion and RSS
My blog software is all custom, barring my RSS feed. I'm using Ray Camden's RSS.cfc. The thing that catches me most of the time are ampersands . andy -Original Message- From: bill turner [mailto:bill.tur...@selectcomfort.com] Sent: Friday, June 26, 2009 10:32 AM To: cf-talk Subject: ColdFusion and RSS I wrote a blog using CF (actually, I started with someone else's code). I am having occasional troubles with my RSS. What happens is that I post an entry, usually it is something that I've pasted into the text box, and then the RSS feed fails because of invalid characters. When I create the RSS feed, I am generating the description element by surrounding the results from my db call with xmlformat, as description#xmlFormat(post)#/description I am not using HTMLCodeFormat nor HTMLEditFormat prior to saving the post. Perhaps it is as simple as using one of those? Thanks! ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323973 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
8.01 version question concerning Firefox
I'm having a problem with a cfwindow that captures some information and is submitted, then closes the window,emails the information and then reloads the underlying page not working in Firefox. The page was working in CF 8.00 and works fine with IE in 8.01. I've already tried stripping out anything extra and broke it down to a simple form, but still can't get it working in production using Firefox. The development server on Windows running version 8,0,1,195765 which Adobe's site says is the current version. But production however is running version 8,0,1,196946 on Red Hat Linux. The only references I could find on Google was a blog comment that stated 8,0,1,196946 was the Japanese version of 8.01 and people complaining that they were having problems with CFImage on the enterprise version. Note we're running CF standard in production. Is there any significance to the difference in version numbers? I am suspecting that the problem may not be related to my code. Anyone know the difference between 8,0,1,195765 and 8,0,1,196946? Is it possible to be running CF standard with a 8,0,1,196946 version number? Rick Mason ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323974 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: ColdFusion and RSS
You may like to try: description![CDATA[#post#]]/description However, the xmlformat will definately be cleaning up any invalid xml characters; are you using it in the title, etc? Perhaps it could be an encoding issue. Dominic 2009/6/26 bill turner bill.tur...@selectcomfort.com: description#xmlFormat(post)#/description ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323975 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: ColdFusion and RSS
XMLFormat() does NOT clean up all invalid XML characters, it still leaves in a lot of bar chars that will mess up XML readers. I think there is a function on cflib that does a better job, I wrote one too a while back: http://www.stillnetstudios.com/2008/09/14/cleaning-up-non-ascii-characters/ -Ryan Dominic Watson wrote: You may like to try: description![CDATA[#post#]]/description However, the xmlformat will definately be cleaning up any invalid xml characters; are you using it in the title, etc? Perhaps it could be an encoding issue. Dominic 2009/6/26 bill turner bill.tur...@selectcomfort.com: description#xmlFormat(post)#/description ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323976 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
HTMLEditFormat() on Password Fields
Is it wise to use htmlEditFormat() on the value of password fields? It is allowed for a user to enter as part of their password. However, if I use htmlEditFormat(form.password) as the value of a password field, it will escape it to amp;. Therefore a password may end up being Mikeamp;Becky rather than MikeBecky. As such, should you use htmlEditFormat() on username fields as well? Thanks! Michael Dawson Manager of Web Applications Office of Technology Services University of Evansville Each time you send an email message with a background pattern or loud background color, an endangered tree dies. Please help us save a tree. Just say NO to email backgrounds. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323977 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: HTMLEditFormat() on Password Fields
Hi Use htmlEditFormat()... The encodings ( - amp;, for example) don't affect the actual value in the edit box... It only changes the HTML used to get that value into the edit box (safely). Try it for yourself to see... (and if I'm wrong, well damn, let me know and I will have just learned something). Thanks Mark -Original Message- From: Dawson, Michael [mailto:m...@evansville.edu] Sent: Friday, June 26, 2009 12:20 PM To: cf-talk Subject: HTMLEditFormat() on Password Fields Is it wise to use htmlEditFormat() on the value of password fields? It is allowed for a user to enter as part of their password. However, if I use htmlEditFormat(form.password) as the value of a password field, it will escape it to amp;. Therefore a password may end up being Mikeamp;Becky rather than MikeBecky. As such, should you use htmlEditFormat() on username fields as well? Thanks! Michael Dawson Manager of Web Applications Office of Technology Services University of Evansville Each time you send an email message with a background pattern or loud background color, an endangered tree dies. Please help us save a tree. Just say NO to email backgrounds. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323978 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: HTMLEditFormat() on Password Fields
Is it wise to use htmlEditFormat() on the value of password fields? I wouldn't be passing a value through to a password field at all. Makes it too easy for someone to view source and see the existing password. For example, Sarah has her password saved in Firefox. Sarah leaves the room for a while and John gets on her computer and logs in as Sarah since the password is saved. John goes to the account page and views source. Now he knows Sarah's password and can log in from anywhere. Yes, it's a stretch, but a possibility that can be avoided by simply not passing a value of the password field. -Justin ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323979 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: HTMLEditFormat() on Password Fields
mm.. It actually does. If you go.. cfset whoBobLikes = Mary kate cfset sanitizeBob = htmleditFormat(whoBobLikes) The variables sanitizeBob will become Mary amp; Kate. Dawson, if I were you I would recommend using the htmleditformat() function either only inside edit boxes, or while you're trying to output the password onto a page. I think your issue is your using it to sanitize the data and well, your going to have issues with that. I personally am against changing a users data, I think if your going to do any sort of sanitization it should be done on the output rather than in the input. Also, just a recommendation, if you're trying to do this sanitization for XSS security purposes, I would look into enabling global script protection in the ColdFusion administrator. This will sanitize all of your form, cgi, url and cookie information so that you don't need to worry about XSS attacks. At least for the most part. -Original Message- From: Gaulin, Mark [mailto:mgau...@globalspec.com] Sent: Friday, June 26, 2009 12:37 PM To: cf-talk Subject: RE: HTMLEditFormat() on Password Fields Hi Use htmlEditFormat()... The encodings ( - amp;, for example) don't affect the actual value in the edit box... It only changes the HTML used to get that value into the edit box (safely). Try it for yourself to see... (and if I'm wrong, well damn, let me know and I will have just learned something). Thanks Mark -Original Message- From: Dawson, Michael [mailto:m...@evansville.edu] Sent: Friday, June 26, 2009 12:20 PM To: cf-talk Subject: HTMLEditFormat() on Password Fields Is it wise to use htmlEditFormat() on the value of password fields? It is allowed for a user to enter as part of their password. However, if I use htmlEditFormat(form.password) as the value of a password field, it will escape it to amp;. Therefore a password may end up being Mikeamp;Becky rather than MikeBecky. As such, should you use htmlEditFormat() on username fields as well? Thanks! Michael Dawson Manager of Web Applications Office of Technology Services University of Evansville Each time you send an email message with a background pattern or loud background color, an endangered tree dies. Please help us save a tree. Just say NO to email backgrounds. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323980 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: HTMLEditFormat() on Password Fields
Very good advice. Thanks, Mike -Original Message- From: Justin Scott [mailto:jscott-li...@gravityfree.com] Sent: Friday, June 26, 2009 11:40 AM To: cf-talk Subject: RE: HTMLEditFormat() on Password Fields Is it wise to use htmlEditFormat() on the value of password fields? I wouldn't be passing a value through to a password field at all. Makes it too easy for someone to view source and see the existing password. For example, Sarah has her password saved in Firefox. Sarah leaves the room for a while and John gets on her computer and logs in as Sarah since the password is saved. John goes to the account page and views source. Now he knows Sarah's password and can log in from anywhere. Yes, it's a stretch, but a possibility that can be avoided by simply not passing a value of the password field. -Justin ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323981 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: HTMLEditFormat() on Password Fields
This is true. Michael, what are you using this for? Are you using the htmlEditFormat() to sanitize the passwords before they get inserted? Or are you using this to output the users password to them in a textbox? -Original Message- From: Justin Scott [mailto:jscott-li...@gravityfree.com] Sent: Friday, June 26, 2009 12:40 PM To: cf-talk Subject: RE: HTMLEditFormat() on Password Fields Is it wise to use htmlEditFormat() on the value of password fields? I wouldn't be passing a value through to a password field at all. Makes it too easy for someone to view source and see the existing password. For example, Sarah has her password saved in Firefox. Sarah leaves the room for a while and John gets on her computer and logs in as Sarah since the password is saved. John goes to the account page and views source. Now he knows Sarah's password and can log in from anywhere. Yes, it's a stretch, but a possibility that can be avoided by simply not passing a value of the password field. -Justin ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323982 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: HTMLEditFormat() on Password Fields
I have a login form with username and password fields. If the user typed something wrong, the page would re-load with the values already entered so that it could be corrected. However, as Justin pointed out, it's probably not a good idea to default the password back into the password field. But, I still think it's fine to default the username into the username field. Thanks, Mike -Original Message- From: Paul Alkema [mailto:paulalkemadesi...@gmail.com] Sent: Friday, June 26, 2009 11:51 AM To: cf-talk Subject: RE: HTMLEditFormat() on Password Fields This is true. Michael, what are you using this for? Are you using the htmlEditFormat() to sanitize the passwords before they get inserted? Or are you using this to output the users password to them in a textbox? -Original Message- From: Justin Scott [mailto:jscott-li...@gravityfree.com] Sent: Friday, June 26, 2009 12:40 PM To: cf-talk Subject: RE: HTMLEditFormat() on Password Fields Is it wise to use htmlEditFormat() on the value of password fields? I wouldn't be passing a value through to a password field at all. Makes it too easy for someone to view source and see the existing password. For example, Sarah has her password saved in Firefox. Sarah leaves the room for a while and John gets on her computer and logs in as Sarah since the password is saved. John goes to the account page and views source. Now he knows Sarah's password and can log in from anywhere. Yes, it's a stretch, but a possibility that can be avoided by simply not passing a value of the password field. -Justin ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323983 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Detect data change in cfform
Hi, All: I am building a form that allows users to edit data retrieved from multiple tables. There are many fields in the form. If the users don't change anything and hit the cancel button, then I don't need to do the update, otherwise several sql update statements will be executed. Is there an easy way to detect if users have made changes to the data in cfform rather than comparing each field to the original data? Nathan ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323984 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Detect data change in cfform
I am building a form that allows users to edit data retrieved from multiple tables. There are many fields in the form. If the users don't change anything and hit the cancel button, then I don't need to do the update, otherwise several sql update statements will be executed. Is there an easy way to detect if users have made changes to the data in cfform rather than comparing each field to the original data? Not really, but why would your cancel button submit the form? Simply have it do something else, like redirect the user to the previous screen. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323985 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Gearworx VPS customers, need mail setup help
I'm turning to this community in hopes that I can get some help here, because Gearworx's customer support seems to have lost the ability to reply to tickets. I am setting up a new domain on my CF8 VPS. I am having some confusions regarding the mail setup. This domain will serve as the primary email addresses for 3 people, and I want to give their mailboxes each 100 MB of quota. The problem is that the Plesk setup seems to be maxing them out at 9.8MB and I cannot find where I can change that. Anybody familiar with setting up sites and email in their Plesk system, help is very much appreciated. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323986 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: ColdFusion and RSS
This string should clean up your data. It work fine for the XML generators I've written, and they're in use on several sites. #ReplaceList(XmlFormat(YOURFIELDNAME),amp;trade;,amp;reg;,amp;copy;,# #x2122;,##x00AE;,##xA9;)# Robert B. Harrison Director of Interactive Services Austin Williams 125 Kennedy Drive, Suite 100 Hauppauge NY 11788 P : 631.231.6600 Ext. 119 F : 631.434.7022 http://www.austin-williams.com Great advertising can't be either/or. It must be . Plug in to our blog: AW Unplugged http://www.austin-williams.com/unplugged __ Information from ESET Smart Security, version of virus signature database 4192 (20090626) __ The message was checked by ESET Smart Security. http://www.eset.com ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323987 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Detect data change in cfform
If I understand the question correctly. Off the top of my head I would save a copy of the data that you used to populate the form as a struct in the session scope and when the form is submitted you can compare the form to the saved struct using the structCompare() from cflib.org http://www.cflib.org/udf/structCompare HTH G On Fri, Jun 26, 2009 at 12:56 PM, Nathan Chen nathan.c...@cu.edu wrote: Hi, All: I am building a form that allows users to edit data retrieved from multiple tables. There are many fields in the form. If the users don't change anything and hit the cancel button, then I don't need to do the update, otherwise several sql update statements will be executed. Is there an easy way to detect if users have made changes to the data in cfform rather than comparing each field to the original data? Nathan ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323988 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Gearworx VPS customers, need mail setup help
Hi Rob, It's possible that this isn't a Plesk limit, per se. There are all sorts of limits that could be effecting your mailbox size limitations. Can you tell me (or the list) what mail server you're using? Is this a windows machine or a linux machine? Is the mail server postfix, sendmail, qmail, or something else? Knowing those things would help us (as a community) point you in the right direction regarding which limits to check. Also, mail logs are extremely helpful when diagnosing issues like this. You might find more helpful information in your logs that could point you in the right direction. If all else fails, we have an extended support feature which you could tap into where one of our techs could log in to the server and see exactly what's going on with it. Hope this helps! Warm regards, Jordan Michaels Vivio Technologies http://www.viviotech.net/ Open BlueDragon Steering Committee Adobe Solution Provider Rob Barthle wrote: I'm turning to this community in hopes that I can get some help here, because Gearworx's customer support seems to have lost the ability to reply to tickets. I am setting up a new domain on my CF8 VPS. I am having some confusions regarding the mail setup. This domain will serve as the primary email addresses for 3 people, and I want to give their mailboxes each 100 MB of quota. The problem is that the Plesk setup seems to be maxing them out at 9.8MB and I cannot find where I can change that. Anybody familiar with setting up sites and email in their Plesk system, help is very much appreciated. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323989 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
webservice
When you hook up a web service in CF Admin how do you access it in your CFM pages? ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323990 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: HTMLEditFormat() on Password Fields
I have a login form with username and password fields. If the user typed something wrong, the page would re-load with the values already entered so that it could be corrected. Ah, for those I wouldn't put the password back in either. In this case the point is for the user to correct whatever they did wrong, but with a password field, you can't see what you typed, and the user would just need to clear the field and re-type the whole password anyway. -Justin ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323991 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: webservice
When you hook up a web service in CF Admin how do you access it in your CFM pages? You can use CFINVOKE or createObject to do this. You use the name you gave it in the CF Administrator instead of the WSDL URL. Of course, you can just use the WSDL URL and not bother registering the service at all in the CF Administrator. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323992 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: ColdFusion and RSS
if I wrap in CDATA, won't I lose the html markup? You may like to try: description![CDATA[#post#]]/description However, the xmlformat will definately be cleaning up any invalid xml characters; are you using it in the title, etc? Perhaps it could be an encoding issue. Dominic description#xmlFormat(post)#/description ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323993 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: ColdFusion and RSS
This seems logical, but not sure it will solve my problem. The problems are often things like single quotes that are some sort of special encoding that is not recognized. I was hoping to find something that cleans up all such data and/or be able to dynamically call an rss validator to test my post before I save it. So far, I haven't found anything I can call dynamically. I haven't looked much, yet, either. This string should clean up your data. It work fine for the XML generators I've written, and they're in use on several sites. #ReplaceList(XmlFormat(YOURFIELDNAME),amp;trade;,amp;reg;,amp;copy;,# #x2122;,##x00AE;,##xA9;)# Robert B. Harrison Director of Interactive Services Austin Williams 125 Kennedy Drive, Suite 100 Hauppauge NY 11788 P : 631.231.6600 Ext. 119 F : 631.434.7022 http://www.austin-williams.com Great advertising can't be either/or. It must be . Plug in to our blog: AW Unplugged http://www.austin-williams.com/unplugged __ Information from ESET Smart Security, version of virus signature database 4192 (20090626) __ The message was checked by ESET Smart Security. http://www.eset.com ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323994 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: ColdFusion and RSS
Thanks, Ryan. I will look into this. XMLFormat() does NOT clean up all invalid XML characters, it still leaves in a lot of bar chars that will mess up XML readers. I think there is a function on cflib that does a better job, I wrote one too a while back: http://www.stillnetstudios.com/2008/09/14/cleaning-up-non-ascii-characters/ -Ryan Dominic Watson wrote: ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323995 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: ColdFusion and RSS
I've downloaded Ray's cfc. I'll dig into that a bit later. Thanks, Andy! Bill My blog software is all custom, barring my RSS feed. I'm using Ray Camden's RSS.cfc. The thing that catches me most of the time are ampersands . andy I wrote a blog using CF (actually, I started with someone else's code). I am having occasional troubles with my RSS. What happens is that I post an entry, usually it is something that I've pasted into the text box, and then the RSS feed fails because of invalid characters. When I create the RSS feed, I am generating the description element by surrounding the results from my db call with xmlformat, as description#xmlFormat(post)#/description I am not using HTMLCodeFormat nor HTMLEditFormat prior to saving the post. Perhaps it is as simple as using one of those? Thanks! ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323996 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
fedex web service
Well the only way I have found to communicate with the FedEx rate service is to HTTP post XML to it. It returns the following XML below. How do I grab the data I need out of it? Say I want to grab the XmlText of v6:Severity... how do I get the word SUCCESS? So far what I have tried does not like the colons in the names of the nodes. ?xml version=1.0 encoding=UTF-8? soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/; soapenv:Header xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance/ soapenv:Body xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; v6:RateReply xmlns:v6=http://fedex.com/ws/rate/v6; v6:HighestSeveritySUCCESS/v6:HighestSeverity v6:Notifications v6:SeveritySUCCESS/v6:Severity v6:Sourcecrs/v6:Source v6:Code0/v6:Code v6:MessageRequest was successfully processed./v6:Message v6:LocalizedMessageRequest was successfully processed./v6:LocalizedMessage /v6:Notifications ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323997 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: fedex web service
On Fri, Jun 26, 2009 at 3:00 PM, Chad Gray cg...@careyweb.com wrote: Well the only way I have found to communicate with the FedEx rate service is to HTTP post XML to it. It returns the following XML below. How do I grab the data I need out of it? Say I want to grab the XmlText of v6:Severity... how do I get the word SUCCESS? If your cfhttp.FileContent variable with this xml is called reply as example it would be as such. cfset reply = XMLParse(trim(cfhttp.FileContent) cfset IsSuccess = reply[v6:RateReply][v6:Notifications][v6Severity][XMLText] ?xml version=1.0 encoding=UTF-8? soapenv:Envelope xmlns:soapenv=http://schemas.xmlsoap.org/soap/envelope/ soapenv:Header xmlns:xsi= http://www.w3.org/2001/XMLSchema-instance/ soapenv:Body xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance v6:RateReply xmlns:v6=http://fedex.com/ws/rate/v6; v6:HighestSeveritySUCCESS/v6:HighestSeverity v6:Notifications v6:SeveritySUCCESS/v6:Severity v6:Sourcecrs/v6:Source v6:Code0/v6:Code v6:MessageRequest was successfully processed./v6:Message v6:LocalizedMessageRequest was successfully processed./v6:LocalizedMessage /v6:Notifications ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323998 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: HTMLEditFormat() on Password Fields
Paul, you are correct in what htmlEditFormat does to its input, but not in how it will be interpreted when used in a real form, like this: cfset whoBobLikes = Mary kate cfset sanitizeBob = htmleditFormat(whoBobLikes) cfoutput form action=dumpformvars.cfm input name=x value=#sanitizeBob# /form /cfoutput When you submit that form the value of x will be Mary kate, not Mary amp; kate. That is what encoding is for... preserving the original value. Thanks Mark -Original Message- From: Paul Alkema [mailto:paulalkemadesi...@gmail.com] Sent: Friday, June 26, 2009 12:45 PM To: cf-talk Subject: RE: HTMLEditFormat() on Password Fields mm.. It actually does. If you go.. The variables sanitizeBob will become Mary amp; Kate. Dawson, if I were you I would recommend using the htmleditformat() function either only inside edit boxes, or while you're trying to output the password onto a page. I think your issue is your using it to sanitize the data and well, your going to have issues with that. I personally am against changing a users data, I think if your going to do any sort of sanitization it should be done on the output rather than in the input. Also, just a recommendation, if you're trying to do this sanitization for XSS security purposes, I would look into enabling global script protection in the ColdFusion administrator. This will sanitize all of your form, cgi, url and cookie information so that you don't need to worry about XSS attacks. At least for the most part. -Original Message- From: Gaulin, Mark [mailto:mgau...@globalspec.com] Sent: Friday, June 26, 2009 12:37 PM To: cf-talk Subject: RE: HTMLEditFormat() on Password Fields Hi Use htmlEditFormat()... The encodings ( - amp;, for example) don't affect the actual value in the edit box... It only changes the HTML used to get that value into the edit box (safely). Try it for yourself to see... (and if I'm wrong, well damn, let me know and I will have just learned something). Thanks Mark -Original Message- From: Dawson, Michael [mailto:m...@evansville.edu] Sent: Friday, June 26, 2009 12:20 PM To: cf-talk Subject: HTMLEditFormat() on Password Fields Is it wise to use htmlEditFormat() on the value of password fields? It is allowed for a user to enter as part of their password. However, if I use htmlEditFormat(form.password) as the value of a password field, it will escape it to amp;. Therefore a password may end up being Mikeamp;Becky rather than MikeBecky. As such, should you use htmlEditFormat() on username fields as well? Thanks! Michael Dawson Manager of Web Applications Office of Technology Services University of Evansville Each time you send an email message with a background pattern or loud background color, an endangered tree dies. Please help us save a tree. Just say NO to email backgrounds. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323999 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: fedex web service
On Fri, Jun 26, 2009 at 3:08 PM, Casey Dougall ca...@uberwebsitesolutions.com wrote: soapenv:Body you might need soapenv:Body Node as well I can't remember. If they allow straight xml call I'd use that method vs soap so you don;t need to deal with all that soap shit. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324000 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: fedex web service
Thanks! Here is final code that worked. I have never seen it formatted like that [][][]... Is this to kind of 'escape' the colons? cfset IsSuccess = reply[soapenv:Envelope][soapenv:Body][v6:RateReply][v6:Notifications][v6:Severity][XMLText] -Original Message- From: Casey Dougall [mailto:ca...@uberwebsitesolutions.com] Sent: Friday, June 26, 2009 3:11 PM To: cf-talk Subject: Re: fedex web service On Fri, Jun 26, 2009 at 3:08 PM, Casey Dougall ca...@uberwebsitesolutions.com wrote: soapenv:Body you might need soapenv:Body Node as well I can't remember. If they allow straight xml call I'd use that method vs soap so you don;t need to deal with all that soap shit. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324001 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: fedex web service
Chad Gray wrote: Thanks! Here is final code that worked. I have never seen it formatted like that [][][]... Is this to kind of 'escape' the colons? Not really, it is array notation and it allows for more control of the functionality then the common dot notation such as using characters, like colons, that are illegal in variable names and thus can not be used in dot notation syntax. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324002 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Detect data change in cfform
Maybe I wasn't clear. Sometimes users would make some changes and then click the cancel button by mistake and find out they lose the changes. I need a routine that detects if data have been altered. Nathan -Original Message- From: Dave Watts [mailto:dwa...@figleaf.com] Sent: Friday, June 26, 2009 11:09 AM To: cf-talk Subject: Re: Detect data change in cfform I am building a form that allows users to edit data retrieved from multiple tables. There are many fields in the form. If the users don't change anything and hit the cancel button, then I don't need to do the update, otherwise several sql update statements will be executed. Is there an easy way to detect if users have made changes to the data in cfform rather than comparing each field to the original data? Not really, but why would your cancel button submit the form? Simply have it do something else, like redirect the user to the previous screen. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324003 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: HTMLEditFormat() on Password Fields
Yeah, I misinterpreted the original email. I was under the impression that the issue was that he was using htmleditformat() to sanitize his data before inserting it into the database, then when the user tried to sign in, their password's didn't match. I see what you're saying, good point. :) -Original Message- From: Gaulin, Mark [mailto:mgau...@globalspec.com] Sent: Friday, June 26, 2009 3:10 PM To: cf-talk Subject: RE: HTMLEditFormat() on Password Fields Paul, you are correct in what htmlEditFormat does to its input, but not in how it will be interpreted when used in a real form, like this: cfset whoBobLikes = Mary kate cfset sanitizeBob = htmleditFormat(whoBobLikes) cfoutput form action=dumpformvars.cfm input name=x value=#sanitizeBob# /form /cfoutput When you submit that form the value of x will be Mary kate, not Mary amp; kate. That is what encoding is for... preserving the original value. Thanks Mark -Original Message- From: Paul Alkema [mailto:paulalkemadesi...@gmail.com] Sent: Friday, June 26, 2009 12:45 PM To: cf-talk Subject: RE: HTMLEditFormat() on Password Fields mm.. It actually does. If you go.. The variables sanitizeBob will become Mary amp; Kate. Dawson, if I were you I would recommend using the htmleditformat() function either only inside edit boxes, or while you're trying to output the password onto a page. I think your issue is your using it to sanitize the data and well, your going to have issues with that. I personally am against changing a users data, I think if your going to do any sort of sanitization it should be done on the output rather than in the input. Also, just a recommendation, if you're trying to do this sanitization for XSS security purposes, I would look into enabling global script protection in the ColdFusion administrator. This will sanitize all of your form, cgi, url and cookie information so that you don't need to worry about XSS attacks. At least for the most part. -Original Message- From: Gaulin, Mark [mailto:mgau...@globalspec.com] Sent: Friday, June 26, 2009 12:37 PM To: cf-talk Subject: RE: HTMLEditFormat() on Password Fields Hi Use htmlEditFormat()... The encodings ( - amp;, for example) don't affect the actual value in the edit box... It only changes the HTML used to get that value into the edit box (safely). Try it for yourself to see... (and if I'm wrong, well damn, let me know and I will have just learned something). Thanks Mark -Original Message- From: Dawson, Michael [mailto:m...@evansville.edu] Sent: Friday, June 26, 2009 12:20 PM To: cf-talk Subject: HTMLEditFormat() on Password Fields Is it wise to use htmlEditFormat() on the value of password fields? It is allowed for a user to enter as part of their password. However, if I use htmlEditFormat(form.password) as the value of a password field, it will escape it to amp;. Therefore a password may end up being Mikeamp;Becky rather than MikeBecky. As such, should you use htmlEditFormat() on username fields as well? Thanks! Michael Dawson Manager of Web Applications Office of Technology Services University of Evansville Each time you send an email message with a background pattern or loud background color, an endangered tree dies. Please help us save a tree. Just say NO to email backgrounds. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324004 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: fedex web service
If you hit their web service there is no WSDL... they give you a static WSDL file with the development docs, but the web service itself does not publish a WSDL. So I can't hit is straight up with CFInvoke. I have to pass it a chunk of XML and go the SOAP route. At least I have not found a way. Here is the development web service address. https://gatewaybeta.fedex.com:443/web-services -Original Message- From: Casey Dougall [mailto:ca...@uberwebsitesolutions.com] Sent: Friday, June 26, 2009 3:11 PM To: cf-talk Subject: Re: fedex web service On Fri, Jun 26, 2009 at 3:08 PM, Casey Dougall ca...@uberwebsitesolutions.com wrote: soapenv:Body you might need soapenv:Body Node as well I can't remember. If they allow straight xml call I'd use that method vs soap so you don;t ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324005 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Setting Server Variables
Almost all of my applications are running on multiple machines and i would like to use server variables to save things like IP addresses and server names that can be used for CFHTTP requests or error reporting. These variables would basically be static and would almost always have the same value for that particular server. For example, WebServer1 will most likely always be named WebServer1, so Server.serverName will never change values on WebServer1. I would like to avoid adding code to every app that always checks to see if the server variables are set. I would prefer to set the server variables after ColdFusion restarts. Any ideas? ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324006 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Setting Server Variables
Donnie Carvajal wrote: Any ideas? Look forward to upgrading to ColdFusion 9 in the next year that will (if it does not go away) a Server.cfc file with an OnServerStart() method for just such a purpose. Until, then you have to do something a bit more hokey with your OnApplciaitonStart() method or something with other mechanisms available on your server or something manual. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324007 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Setting Server Variables
I would just set your variables in the application variables scope instead of the server variable scope. Or you could set a request variable on the application.cfm page and just call that every time you need it. -Original Message- From: Donnie Carvajal [mailto:donnie.carva...@transformyx.com] Sent: Friday, June 26, 2009 4:03 PM To: cf-talk Subject: Setting Server Variables Almost all of my applications are running on multiple machines and i would like to use server variables to save things like IP addresses and server names that can be used for CFHTTP requests or error reporting. These variables would basically be static and would almost always have the same value for that particular server. For example, WebServer1 will most likely always be named WebServer1, so Server.serverName will never change values on WebServer1. I would like to avoid adding code to every app that always checks to see if the server variables are set. I would prefer to set the server variables after ColdFusion restarts. Any ideas? ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324008 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: ColdFusion and RSS
2009/6/26 bill turner bill.tur...@selectcomfort.com: if I wrap in CDATA, won't I lose the html markup? No, as long as you don't use XmlFormat or another XML cleaning function, you're markup will remain intact. CDATA tells the parser not to parse the contents as XML. Dominic ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324009 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: SOT: CF based Message Queue - Thread safe stored procedure
I've been trying to reply to correct myself but apparently the only place that I can get messages to the list from is home... not even using webmail (for the same account I use at home) will work... odd. Anyway... that is NOT the query I ended up with. This is... cfquery datasource=#variables.dsn# name=local.getNextQueueItem Select top 1m.messageID , m.messageStatus , m.messageXML fromqueue.messages m with (updlock) where m.messageStatus = 'pending' and m.dateStarted is null /cfquery Everything is working as it should now. Thanks again for the help. .:.:.:.:.:.:.:.:.:.:. Bobby Hartsfield http://acoderslife.com http://cf4em.com -Original Message- From: Bobby Hartsfield [mailto:bo...@acoderslife.com] Sent: Thursday, June 25, 2009 9:22 PM To: cf-talk Subject: RE: SOT: CF based Message Queue - Thread safe stored procedure Been having issues posting to the list, hopefully this one makes it through... (thanks for posting the question for me Will). I'll forgive the fact that you owe me a car. That is actually something I tried in the stored procedure already but it looks like my problem may actually be somewhere else all together. The queue process goes like this... 1) Grab the next message with status of pending 2) update the message status to running 3) Execute that Message 4) Log the message to a message Queue log table 5) Delete the message I was testing this with the full message queue process and should have put something together that was much smaller and just a test of the locking issue. I was queuing up about 500 messages and firing off about 5 threads to process them. When I was done, I would end up with anywhere from 450 to 475 records in the log table and 60 to 70 messages still in the queue with a status of running. What I didn't check was to see if those 500 messages actually executed... which they are; all 500 every time! So apparently now that I'm locking the records, the process that logs them , then deletes is having trouble reading/deleting them. I'm going to try and change the logic around a bit and see what I can come up with. I started out simple with this then I made it way more complicated (in my head) than it needed to be. Thanks very much for putting me back on track Jochem. I'll keep you posted on the results. Oh. By the way, I did move the sql back into CF and this is what is working. cftransaction cfquery datasource=#variables.dsn# name=local.getNextQueueItem Select top 1 m.messageID , m.messageStatus , m.messageXML fromqueue.messages m with(XLOCK, SERIALIZABLE) where m.messageStatus = 'pending' and m.dateStarted is null FOR UPDATE /cfquery cfif local.getNextQueueItem.recordcount cfquery datasource=#variables.dsn# name=local.updateMessageStatus update queue.messages set queue.messages.messageStatus = 'running' where queue.messages.messageID = cfqueryparam cfsqltype=cf_sql_integer value=#local.getNextQueueItem.messageID# / /cfquery /cfif /cftransaction .:.:.:.:.:.:.:.:.:.:. Bobby Hartsfield http://acoderslife.com http://cf4em.com -Original Message- From: Jochem van Dieten [mailto:joch...@gmail.com] Sent: Thursday, June 25, 2009 6:09 PM To: cf-talk Subject: Re: SOT: CF based Message Queue - Thread safe stored procedure On Thu, Jun 25, 2009 at 9:52 PM, Will Tomlinsonwrote: The whole flow of the Stored Procedure needs to be something like this... 1) Grab the next message record where the status is 'pending' 2) Update that record's status to 'running' 3) Return the record While that is running, no other process should be able to access the record that is being processed but It'd be nice if it didn't cause immediate deadlocks but waited In CF / SQL you don't need stored procedures for that, just the SQL FOR UPDATE to locjk a row until transaction commit: !-- Get candidate rows -- cfquery name=q1 SELECT PK FROM queue WHERE running = FALSE /cfquery cfloop query=q1 cftransaction !-- Try to lock -- cfquery name=q2 SELECT * FROM queue WHERE PK = #q1.PK# AND running = FALSE FOR UPDATE /cfquery cfif q2.recordcount !-- Lock success -- cfset result = q2 / !-- Update row -- cfquery name=q3 UPDATE queue SET running = TRUE WHERE PK = #q1.PK# /cfquery /cfif /cftransaction /cfloop This is all assuming your database understands and implements the SQL standard. If it doesn't you may have to translate some of these queries to something else, like using with (updlock) and snapshot isolation, before it works. (or even moved to the next record if possible) In order to do
Re: How to model a large combo box function.
something like this? http://cfsilence.com/blog/client/index.cfm/2007/8/21/Ajax-Paging-Through-Records-On-Scroll demo: http://www.coldfusionjedi.com/demos/sharp/ajaxLoadOnScroll/test.cfm extend it with a textbox to filter returned results, throw in a bit of jquery and you are flying! Azadi Saryev Sabai-dee.com http://www.sabai-dee.com/ On 26/06/2009 22:05, Ian Skinner wrote: Trying to build a proof of concept for my first web 2.0 ish application. I want to build a combo box like select interface that will allow a user to select a product from a list of 51,000+ items. I am imagining a front end that will have a place to type in part of a name for a product and have a list of the the items be filtered as one type, ideally highlighting the part of the product name that matches what has been typed in to the box. What I think I need is a back end component that will incrementally deliver the list of products to the user interface as well as respond to input from the control to change the filter the over all list that is incrementally delivered to the interface. In more colorful language. I well understand how to send an entire loaf of data to something. How does one control this to send the loaf in small bites. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324011 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
GoDaddy, Access DBs, and cfinsert/cfupdate
I'm porting a website for a client over to GoDaddy from another server. Using cfinsert/cfupdate tags to manipulate Access databases. When trying to insert/edit more than a few sentences of data into a memo field, it causes an error on the GoDaddy server: Error Executing Database Query. Application uses a value of the wrong type for the current operation. GoDaddy, of course, will not enable Robust Exception Information so that's all I get. What works perfectly on the other server fails on GoDaddy. Both are CF7. Any ideas? Thanks in advance, Les ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324012 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: GoDaddy, Access DBs, and cfinsert/cfupdate
I'm porting a website for a client over to GoDaddy from another server. Using cfinsert/cfupdate tags to manipulate Access databases. When trying to insert/edit more than a few sentences of data into a memo field, it causes an error on the GoDaddy server: Error Executing Database Query. Application uses a value of the wrong type for the current operation. GoDaddy, of course, will not enable Robust Exception Information so that's all I get. What works perfectly on the other server fails on GoDaddy. Both are CF7. Any ideas? I suggest you use CF7's logging and error handling to capture the error information yourself. If I had to guess, I'd say it's probably a datasource setting controlling the length and use of large object fields (CLOB, BLOB). Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more informati ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:324013 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4