thanks claude
Do you see any potential security issues with this i.e. sql injection
via the email
As far as SQL injection is concerned, the risk is pretty low with an
Access database, since it cannot process
multi-statement SQL command. Unless there are tricks I don't know, all
SQL injections
Brook,
I don't think that DHTML will render correctly for cfdocument no matter what
you do.
-Mark
Mark A. Kruger, CFG, MCSE
(402) 408-3733 ext 105
www.cfwebtools.com
www.coldfusionmuse.com
www.necfug.com
-Original Message-
From: Brook Davies [mailto:cft...@logiforms.com]
Sent:
The more I venture into OO type of design the more I have to get my head around
todays its getters and setters. I think I am 'getting' in to the swing of
this but I could do with some advice please! any advice and help is welcome!
I have no idea if I am just making this up as I go along
I'm not sure exactly what the question is, but in a brief glance of the code
it appears that you have the general concepts correct. My concern is this
bit:
admin.cfc --- getters and setters, right?
I don't know what admin.cfc is, but based upon the context I am assuming it
is intended to be an
I have an application that, after 20 mins of idle (detected by JS), the user is
given a warning saying they are about to be logged out with a link to keep the
session going. My original plan was to sent an AJAX request to a page when the
link is clicked, but I have read that an AJAX request
I respectfully 100% disagree. You should **ALWAYS** validate ___ALL___ data
that comes from your users.
(Note the period at the end of that sentence.)
On Fri, Aug 14, 2009 at 3:57 PM, Kevan Stannard wrote:
If you are just logging in a user then you probably don't need the
validation
Just off the top of my head and without doing any research into the topic.
Assuming everything you said is accurate, that you can't sustain the session
with an AJAX request, when your user clicks the link, it could load a 1px
x1px iframe into a div on the page that loads a keep alive page, thus
I have read that an AJAX request will not keep the session alive.
Where did you hear that? If the Ajax request is to a ColdFusion page
that is part of your application it will most certainly keep the session
alive. The server, after all, doesn't even know it is an Ajax call.
~Brad
Can you provide a few more details on what you are trying to do? If you are
just logging in a user then you probably don't need the validation steps.
// Returns zero if not authenticated, else returns a User object
var user =
) that does some other tasks.
Is this possible?
Specifics:
DB Server: MS SQL Server 2005
OS: Windows 2003
Thanks!
Michael Reick
__ Information from ESET NOD32 Antivirus, version of virus signature
database 4336 (20090814) __
The message was checked by ESET NOD32 Antivirus.
http
Server:
If you have a session going and it is idle up to the timeout it will end. As
soon as another request happens after the timeout, a new session begins. If a
request occurs before the timeout, the countdown begins all over again.
Client/browser side:
Seems like you need to write
Look into calling a web service from a CLR. It'll be a hack job and
will require some C#, but the database doesn't generally initiate
communication with the application layer.
Ideally, if additional processing needs to occur any time certain data
is changed, that sort of stuff should probably
Technically the server can know, via headers.
http://www.developertutorials.com/learn-ajax/custom-http-headers-2643.php
At least if you're using jQuery I believe that it adds this to the header
automatically.
-Original Message-
From: b...@bradwood.com [mailto:b...@bradwood.com]
Sent:
Heh, I was waiting for someone to go there. Yes, you are correct that
specific headers can be added to an HTTP request by the client which
signal to the server that the request was made via an Ajax call.
Strictly speaking though, they aren't guaranteed to exists. Regardless,
the existence of
I have written a few vo's that I would like to connect to with using ajaxcfc.
So far everything seems to have worked until I started to attempt to access
data.
This is a simple version of my VO:
MemberVO.cfc - resides at com.model.vo.MemberVO
cfcomponent extends=ajax output=false
Ah, good point. What I meant was that for a typical user/pass authentication
scenario then no explicit validate() function would be required. The data
must be sanitized but I expect this would be this would be implicit in the
authentication code rather than an explicit step that returned a
2009/8/15 Eric Hynds e...@hynds.net:
I was wondering ... if what I read was wrong and you actually can keep the
session alive with an AJAX request.
This is the case.
mxAjax / CFAjax docs and other useful articles:
http://www.bifrost.com.au/blog
So I finally got around to fixing up CFFM
www.opensourcecf.com/cffm
Here's a basic summary of the (relatively minor) changes since the
last release about 2 years ago:
- changed throw() method to imagecfcthrow() in image.cfc, as cf9
doesn't like me using that function name.
- changed
You can also get the latest from here:
http://svn.riaforge.org/cffm
~|
Want to reach the ColdFusion community with something they want? Let them know
on the House of Fusion mailing lists
Archive:
19 matches
Mail list logo
