for CF Production
server?
Come on Charlie, don't be so humble. You're one of the community stars, and
have been for years. Revel in some kudos for a moment...
_
From: Charlie Arehart char...@carehart.org
To: discussion@acfug.org
Sent: Tue, January 26, 2010 11:22:46 AM
Subject: RE
.
You can't improve what you don't measure.
Quality is never an accident; it is always the result of high intention,
sincere effort, intelligent direction and skillful execution; it represents
the wise choice of many alternatives.
On Fri, Jan 15, 2010 at 7:31 PM, Charlie Arehart char...@carehart.org
what winners do.
You can't improve what you don't measure.
Quality is never an accident; it is always the result of high intention,
sincere effort, intelligent direction and skillful execution; it represents
the wise choice of many alternatives.
On Fri, Jan 15, 2010 at 7:31 PM, Charlie Arehart
Ajas, while you await Derrick's reply, I'll point out that the details for
how to purge database-driven CF client variable repositories is indeed
documented, but only in a technote:
http://kb2.adobe.com/cps/185/tn_18514.html
As for FR helping you see the time being spent per request and that
Just a couple more thoughts: if you really are just interested in the time
of execution for the *complete* request, then besides adding logging in your
application.cfc (as Cam helpfully suggested), note as well that info maybe
available in your web server logs. I know it's an option you can enable
Thanks, and to your next observation, I'll note that I do list resources
listing sites using CF in my CF411:
http://www.carehart.org/cf411/#cfpowered
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Derrick Peavy
Sent: Thursday, January 14, 2010 8:31 PM
To:
Wow, guys, I would offer significant caution about a lot of the assertions
here.
It's NOT always true that increasing memory will improve performance. Not at
all. Indeed, there are times when increasing the heap could cause MORE
problems (and even just raising it from 512 to 768). It's too much
To be clear, I wasn't referring at all to anything about you or setup
Derrick. :-) Still, as you're saying, yes there are also those kinds of
issues that can cause problems as well. Good that you've isolated a lot of
them.
That said, as for your moving to BD, I will argue that when some have
[mailto:ad...@acfug.org] On Behalf Of Cameron
Childress
Sent: Tuesday, December 08, 2009 1:52 PM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] ColdFusion debugging info
On Tue, Dec 8, 2009 at 10:25 AM, Charlie Arehart char...@carehart.org
wrote:
You may prefer to do this from
Hey folks, some will have gotten an email on the announcements list about next
week’s holiday part. I wanted to offer an update.
While it mentioned Artuzzi’s for dinner and WhirlyBall after that, it didn’t
mention the after party at ComputerArena, just around the corner. I’ve just
updated the
] On Behalf Of Cameron
Childress
Sent: Wednesday, December 09, 2009 10:18 AM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] ColdFusion debugging info
On Wed, Dec 9, 2009 at 9:59 AM, Charlie Arehart char...@carehart.org
wrote:
I don't like that when the instance
dies, all the info that went
Yep, if one runs the instances as services, that’s an easy way to start them,
as Arun said.
If you don’t want to run them as services there are of course still other ways
to stop/start the instance. And either way, there are options to start them
from the command line or a shortcut.
on security across the board (development, network, os,
etc.).
-dhs
On Dec 4, 2009, at 11:32 AM, Charlie Arehart wrote:
Wow, well with all that foundation money, they've found the right guy
to
guard it. :-) I know, I know, there'd be no connection between the
site and
the money. Just
Besides Cam's useful ideas, since you say you're running multiserver, I'll
suggest one other possibility: are you sure you enabled the debugging in the
right CF Admin? There's the cfusion one (on the main port, like 8300 if
using the built-in web server), then there's the one for each instance you
Darren, if among those miscellaneous staff you may want to outsource some
CF admin/install/config/tuning/troubleshooting help, I'm available for that
kind of work on a contractual basis.
Same offer goes to anyone needing that kind of help, really.
/charlie
From: ad...@acfug.org
Wes, check out nocCode, http://noccode.riaforge.org/, a web-based editor
with specific CFML support.
Speaking of that, if anyone ever has a question like are there any tools or
resources for xxx, please try to remember (and recommend to each other) my
CF411.com site. There, I have a category
Ajas, you mention some loving/some hating XML files. I didn't see any reply
from you on my note offering yet another alternative (sent 10/24), where I
said simply:
Or one may find it a little easier to use ini files, and CF's functions to
read them (added in CF 6), such as getprofilestring,
Good point. I did say I realized that ini files weren’t as “robust or
flexible”. :-) But WDDX files are definitely a step above that before making up
one’s own XML. They all have their place, so good to be reminded every once in
a while.
And thanks for the concurrence on INI files, Wes.
Hey folks, check this out, just for CFers, and happening in Atlanta on Wed
Nov 18. It's great that Atlanta is one of the several cities chosen. It
seems like just the ticket for those of us who have been on the fence about
Flex as CF developers. :-) I've registered, but don't know anything more
I just thought I should offer a heads up about why you’ll want to attend next
week’s ACFUG.
If you hadn’t seen the announcements list note Wednesday, I’ll be the speaker
at next week’s ACFUG meeting and I’ll be presenting “Hidden Gems in CFBuilder”.
Well, some of you may also have
Do you mean will I record the ACFUG meeting? No, we've just found that that
rarely works well, when you record an in-room presentation.
But given that your in Colorado, I certainly would then recommend that YOU go
ahead and just attend the online CF meetup :-), which is at 6pm Eastern on
Or on may find it a little easier to use ini files, and CF's functions to
read them (added in CF 6), such as getprofilestring, getprofilesections,
setprofilestring.
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Wes Byrd
Sent: Saturday, October 24, 2009 6:03 PM
To:
For those who may not have heard otherwise, nor saw the announcement posted
on the web site, this month's meeting is not tonight (as usual) but instead
next week, primarily because of conflicts with Max.
/charlie
-
To unsubscribe
Kristine, the blog entry pointed to clarifies that it DOES NOT apply to
teachers.
Teachers do get a discount, though (to $995, if they use the code EDU966). Of
course, that's not nearly as deep as the student discount.
/charlie
-Original Message-
From: ad...@acfug.org
Yep, that talk, from 6/11/09 is available at
recordings.coldfusionmeetup.com. Thanks for mentioning it, Tom.
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Tom McNeer
Sent: Saturday, September 05, 2009 10:47 AM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss]
Just to forestall saying, that doesn't work for me, the nifty ability to
do the statuscode in CFLOCATION is new in CF8. :-)
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Cheyenne
Throckmorton
Sent: Friday, September 04, 2009 1:52 PM
To: discussion@acfug.org
Subject:
And third, if you get the announcements didn't notice, the topics and
speaker lineup have changed as of yesterday.
Briefly, it's John Mason leading a CFUnited Conference Review and then
giving a talk on Some of the New ColdFusion 9 Features. Not sure the order
they will be offered, but they're
Did identifying the server version solve your problem, Andrew? I'd think
not, as I'd expect instead for you to get a CFML compilation error using a
tag that's not supported by an older version.
Instead, I would wonder if the problem is really with the underlying
Javascript libraries that are used
My!, with Charlie Arehart at this link
http://www.meetup.com/coldfusionmeetup/calendar/10155133/?from=list
http://www.meetup.com/coldfusionmeetup/calendar/10155133/?from=listoffset=
0 offset=0
I had a question pop up today and I posted it at his discussion thread
instead of emailing here since
No worries. Just clarifying. Will look forward to your reply there.
Nothing to see here folks. Move along. :-)
Or, Turn to the cfmeetup message board for continued coverage of this
breaking story. :-)
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Ajas
Hey Clarke, I caught your comment here, that
I was originally going to start with ColdBox to learn a ColdFusion
framework. But, I quickly got lost in the complexity. To really use ColdBox,
you
end up needing to know Coldspring and Transfer. But, since each of those
has a learning curve,
Well, I don't use ColdBox myself, so I can't answer your question about
whether CB expects one to use an ORM. Maybe someone else can chime here, or
again the CB list/forum would be a great place to ask. I just wanted to
clarify that one point about it not needing transfer or coldpsring to do
Not a word has been spoken. :-)
/charlie
-Original Message-
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Mike Staver
Sent: Monday, August 10, 2009 12:58 PM
To: discussion@acfug.org
Subject: RE: [ACFUG Discuss] ADobe ColdFusion Builder
Does anyone know an estimate
Hey Sean, that wouldn't be a problem with the RDS implementation. That would
be with the aspect of adding a server to be managed from within CFB.
I do so lament that they have gone this way of kind of forcing people into
thinking that they need to add their server to CFB, and that they need to
a good topic for someone to step up and present on
here.
Douglas Knudsen
http://www.cubicleman.com
this is my signature, like it?
On Thu, Aug 6, 2009 at 11:21 AM, Charlie Arehart char...@carehart.org
wrote:
Hey Sean, that wouldn't be a problem with the RDS implementation. That would
Well, one thing to consider it to optimize the collection (can be done in
the CF Admin or with CFCOLLECTION).
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Jeff Howard
Sent: Thursday, July 30, 2009 3:47 PM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] verity
Just to be clear, Robert, the listing of the components in the DW feature is
driven from the server-side via RDS (just like the list of datasources,
etc.), so if there's a problem with DW seeing it, it's not about the setup
of your site (assuming your site points to the server with the CFCs) but
On top of what Teddy offered in reply to your question, Tim, I’d point out as
well that despite CF9 having ORM built-in, the other ORM frameworks could
continue to exist for years if only to serve those who don’t move to 9 (there’s
traditionally a long slow march to any new release, taking
Well, you can also do it with the Server mode. Have been able to since CF 6
(but I know many prefer multiserver mode for many reasons).
The challenge is just the web server integration, which is why (since 6)
there has been the built-in web server as an alternative, so that the new CF
edition
Clarke, in addition to the good stuff Shawn shared [and btw, Shawn, I'd
enjoy seeing that code :-)], I'll note that at least as far as the point he
made:
So the hoster is left with a hard choice: disable CFEXECUTE, CFOBJECT,
CreateObject(.NET), CreateObject(COM) and CreateObject(JAVA) or accept
Just to be clear, I didn’t take it as patronizing. “We cool.” :-)
But I stand by my statement (and confused by Jasun’s laughter. I was being
serious. But maybe that’s what he was laughing at.)
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Teddy R. Payne
Sent:
Ah, ok. Thanks. :-)
And to be clear, Teddy, I did in my reply say that you could have meant
either form of bandwidth. Meant to clarify that in my note below.
Juggling many things today, including a very cool announcement to come later
today about a special CF Meetup event. Will share
Just posted it (on the meetup site), and was about to send it to the group
here. Coming right up.
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Teddy R. Payne
Sent: Thursday, July 09, 2009 3:13 PM
To: discussion@acfug.org
Subject: Re: broken urls in email RE: [ACFUG
broke across two lines.
http://www.carehart.org/blog/client/index.cfm/2006/8/8/checking_jdbc_driver_version
The above link should work.
Teddy R. Payne, ACCFD
Google Talk - teddyrpa...@gmail.com
On Wed, Jul 8, 2009 at 3:38 PM, Charlie Arehart char...@carehart.org wrote:
And for those not on CF8
Eh? I don’t understand, honestly. How does a broken URL affect bandwidth? I’ll
assume you don’t mean bytes but time. You mean it’s regard as an offense if a
URL breaks? But it’s not something people do intentionally. It’s done by their
mail clients.
The solution is just to hit reply, so
Well, yeah, it could. But the thrust of the attack (and the focus of this
one) has been on sites that DO have it pre-installed, which is as of CF8.
No denying, of course, that sites that added FCKeditor themselves would be
vulnerable as well, but then it wouldn't be anything CF-specific at that
Sure, but let's not dismiss as hopelessly incapable of supporting source
code control. It does. It has built-in support for the SCC API, which is
supported by many source code control apps. I've hooked it up to SVN.
Conversely, Eclipse can certainly be hooked directly to a remote server via
FTP.
Well, Steve, I don't know if you meant me in the you guys, but I had said
in my note yesterday (to which Doug was replying) that, I really think it's
just part of the economic times. I offered the rest because I do think a
lot of people don't know about the fact that HS was written in Delphi, or
Well, I don't know. I think it's just that it was written in Delphi, and
perhaps Adobe doesn't have enough (or want to bother with) Delphi skills to
keep it going. It was brought forward from Allaire, and when Macromedia
already had DW it kind of spelled the beginning of the end. The first step
I'm curious about their phrasing of older installations of Cold Fusion
applications and FCKEditor. It was only included as of CF8 (codenamed
scorpio, as mentioned in this news from the fckeditor folks:
http://www.fckeditor.net/Adobe_to_embed_FCKeditor_in_ColdFusion). So it's
too bad that the
Yep, and it seems (as also discussed in John Mason's entry, at
http://www.codfusion.com/blog/post.cfm/cf8-and-fckeditor-security-threat)
that the problem goes beyond just what can be abused if one uses CFTEXTAREA
richtext=yes, but in fact what the hackers can do leveraging the FCKeditor
directly.
FWIW, I'll note that while I appreciate the cons of the idea, I also know
that others have seen the pros of it, and the BlueDragon engineers did as
well, and they added a Render function to let you execute CFML code as found
in any variable, whether from a DB query, a shared scope variable, etc.
Yes, and Clarke, I would highly recommend you drop a feedback into the
livedocs on that (the CF8 ones, not 7 or 6, as I don't know that they go
back and review those for ideas, though they should, since some find them
while doing searches.)
/charlie
From: ad...@acfug.org
Yeah, adding to what Howard noted, the DOMAIN attribute isn't there for the
reason you're using it. It's instead for controlling use of cookies on that
single domain that's setting the cookie, but controlling whether and how
it works for any subdomains under it.
You can't simply name another
.because you would instead need to be sending the jsessionid cookie instead.
I was about to write the same answer as Cameron, but adding that little
detail. ;--}
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Cameron
Childress
Sent: Thursday, June 18, 2009 2:22 PM
Sravan, CF will only create a new cfid/cftoken if they are not passed into a
request, whether via a cookie pair or on the URL (or in a form field, I
suppose). Whatever that other server's technology is for sending a request,
see if they're passing the data any of these ways.
You can also check
Following up on that, note that you can also control where the tag
(CFTEXTAREA) expects to find the editor code. It only defaults to
/CFIDE/scripts/ajax/FCKEditor. You can change it on the fly in the tag,
using the basetag attribute. More at:
http://www.cfquickdocs.com/cf8/#cftextarea
Of course,
Yes, and for that, Mischa's idea was a clever solution to consider.
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Ajas Mohammed
Sent: Friday, June 05, 2009 10:05 AM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] Re: CF 7 tif images
Thanks Mischa and
Ajas, I'll share my thoughts. I'm no expert in this subject, and things may
have changed, so someone can counter my observations.
First, the latter problem (of how files/pages opened via the browser open in
an unexpected program) is normally a matter of configuring the browser to
tell it how
But to get back to your original question, if someone for some reason did
NOT want to do an update, yes, you could call upon better encryption
functions than those includes in CF 6, by calling on them in the underlying
Java JVM (or whatever library the encryption functions live in). Someone may
Clarke, I wouldn't rely on the server monitor as proof of whether the thread
runs. For one thing, you have to have start monitoring enabled, which
isn't on by default. Just thought I'd clarify that if it might be the only
reason you don't see them. Even then, the threads could run very fast.
So are you saying that in fact things are ok, if you don't use that tool?
And as far as tools to analyze web services, there are those built into
Dreamweaver and Eclipse (with the Adobe CF Extensions). Have you tried
either of those? Each of these can explore any web service URL you provide,
and
Hey folks, since we're not having a regular CFUG meeting in June (first
Wednesday), due to the Ben meeting on the 8th (more at ACFUG.org), here's
a great way to spend that night.
Our own Dean Saxe is presenting to the OWASP Atlanta group that now-free
Wednesday night, June 3. For more on his
Well, there's one other difference: both the CFARGUMENT's have required
and default. If you think about it, these are mutually exclusive. If you
must specify an arg, then there's no need for a default. Of course, it's CF
that shouldn't allow them, and I don't know that they should result in the
Oy, so much palaver. Their very numbers show CF as having 30% more jobs than
their self-ascribed language of the moment Rails, and yet they still want
to label CF as dying.
Indeed, one could argue static numbers aren't a good measure. Trends are
what matter, and if they showed that CF was
Clarke, besides considering the other useful suggestions about whether it’s
appropriate to even try those, or if there may be alternatives, I’ll say that
I’ve done it before for other reasons, with code like this (where string was
what needed to be encrypted, and key was the key for
Ajas, this seems a good time to make a suggestion: sometimes, trying to
solve a challenging problem on a mailing list just isn't productive.
There can be too many variables, and many hours are spent as different
people throw out different suggestions, and you and they work to get to the
point
Thanks, Ajas.
I do realize it seemed a possibly simple problem at first, but as the many
comments have shown, there are many possible explanations, but they do all
center on the matter of client variables.
Indeed, I was tempted to write more yesterday to give you some direction,
and in
I'll throw out that if you had FusionReactor or SeeFusion, you could enable
their datasource monitoring feature to be able to see each SQL statement
sent to the DBMS, which may also have helped you see when/where the problem
was (and was not) occurring, since it may be that it happens sometimes
Sure, happy to help.
/charlie
-Original Message-
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Forrest C.
Gilmore
Sent: Tuesday, May 05, 2009 1:19 AM
To: discussion@acfug.org
Subject: Re: [ACFUG Discuss] OpenCMS Installation
Charlie:
I realized I was straying from CF
You'd need to install in the Enterprise/Developer Multiserver mode of
deployment, in order to deploy a WAR-based app (like OpenCMS) alongside CF.
Even then, it wouldn't really be running in CF. It would be using JRun as
the J2EE server on which it executes. (And no, as far as I know, one cannot
Forest, it generally does not matter at all that you have many versions of
the JRE or JDK. Most apps that need a particular one will include one within
their own directory, as both CF and JRun (and I imagine Tomcat) do.
And they also tend to set their own classpath within their startup scripts,
Thanks for sharing this, Dean. And folks may want to note that he's
scheduled to be their speaker in June (see the site). I hope you'll drop a
note then, too.
That said, do you know of a way one can be notified of upcoming meetings on
their own? I see no RSS feed on that site, and the mailing
not look at the archive to determine the
nature of the messages).
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Charlie Arehart
Sent: Thursday, April 23, 2009 6:31 PM
To: discussion@acfug.org
Subject: RE: [ACFUG Discuss] Fwd: [Owasp-atlanta] OWASP Workshop - 04.25.09
himself, Ray
Camden. Beyond that, several past ACFUG speakers will be presenting on
topics not presented at ACFUG before: Doug Knudsen, John Mason, Andy Powell,
and myself (Charlie Arehart). You can see their topic titles and
descriptions here:
http://express.cfunited.com/go/atlanta/2009/schedule
Just to be clear: Outlook can certainly be set so that outgoing messages are
in plain text (versus HTML) format, either on a per message basis or
globally.
Anyway, I don't know that that's what was happening with Seth's message, at
least as it appeared in Teddy's reply. That looked more like an
Seth, I saw the other replies to your question. One thing that wasn’t asked: do
you want the refreshes to be only when the data changes? Or are you ok with the
suggestions to refresh the client at a regular interval instead?
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On
Ajas, it seems your use of the init is fine. It's just that if you want to
call the constructor, you have to use init (and you can't have a real method
of that name within the java class). You pass whatever arguments you want to
call the appropriate constructor, and it should just work (whether
That seems odd. CFWindow isn’t a tag that can be restricted in CF (in Sandbox
Security, or Resource Security, as it’s called in Standard). I suspect instead
that it’s that the server you were on wasn’t CF 8, as that is a new cf8 tag.
But yes, there are ways to get what CFWINDOW does (including
Wow, if by that they mean that you can drop in a WAR or EAR, then we'll be
in business, whether with CF, BD, or Railo. Cool to hear. I did a little
googling and found some resources pondering it (but no specifics of if it's
just the language or war/ear deployment):
Interesting. Dusty's question got me curious. There's good news. On the
surface, it looks like it's free for a club, family, sports team or group:
http://www.google.com/apps/intl/en/group/index.html
And one may wonder if that applies to businesses. Well, if you look at the
comparison page:
Just to be clear (someone correct me if I’m wrong), now that I think of it, I
don’t think you can install software on a google apps site, so if you were
wanting to run CF (per the subject), I don’t know that GA would be a solution.
Anyone know different?
/charlie
From: ad...@acfug.org
Yes, it's not quite clear whether you're responding to things Shane or I
said, Jeremy.
Just to be clear, I too was never arguing that client-side validation
provided any security. It was the outlash against it--because it didn't help
with that--which I was arguing against. As you say, it's
, datasource, dbtype, sql, username,
password, maxrows, blockfactor, timeout,
dbname, cachedafter, cachedwithin, result, debug.
On Mon, Mar 9, 2009 at 6:54 PM, Charlie Arehart char...@carehart.org
wrote:
Dusty, I wonder if your problem isn't a CF one, but a web server one. I'd
bet
You make some good points, Shawn, but I'll say you also make a couple that
seem to back up part of my point.
First, you conclude, that some of live in environments where we can't
afford to get embarrassed by an outside security group. Well, I certainly
don't disagree with that at all. It was
Well, you did specifically call it a completely useless waste of time: :-)
You are correct Charlie, it only puts the hidden field there to tell
the server how to validate it. A completely useless waste of time,
since those hidden fields are removed by anyone who wants to bypass
your
Sure, I agree with that. And I'll say I did clarify that protecting against
SQLI, XSS, XSF, and the like is a very different subject, and even if one
has no valuable assets in their site, they're worth protecting against
because that site could be defaced, used to launch attacks against others,
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Charlie Arehart
Sent: Wednesday, March 11, 2009 10:49 AM
To: discussion@acfug.org
Subject: RE: [ACFUG Discuss] over-stating security concerns? (was RE:
ValidateAt parameter is effectively only client side )
You make some good points
Sure, but I've got to ask: is that a concession to my point? :-)
(that not every app that uses CFINPUT validation would be harmed if some
bastard removed it?)
This isn't about me winning an argument, by the way. It's just that I can't
tell if you're letting it go because you think I can't be
Thanks, Teddy, Dean, and Mischa for tying a nice bow on things. :-)
/charlie
-Original Message-
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Mischa
Uppelschoten
Sent: Wednesday, March 11, 2009 12:10 PM
To: Web Site
Subject: re[2]: [ACFUG Discuss] over-stating security
Mischa, I'm curious what you're getting at here. Perhaps I missed part of
what was being traded, but I was actually surprised by the assertion Dean
made (that you repeated). CFInput does NOT *always* use a hidden field to
force server-side validation. It only does that if you ask it to, using the
Lots of pretty cool stuff there, Dean
(http://www.foundstone.com/us/resources-free-tools.asp). Thanks for sharing.
/charlie
-Original Message-
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Dean H. Saxe
Sent: Tuesday, March 10, 2009 11:20 AM
To: discussion@acfug.org
Ah, ok. Now I see where you were coming from.
Still, I have to argue against the assertion that any sort of client-side
validation is a completely useless waste of time. I mean, I get it. You
make your living as a security consultant, and we're very lucky to have you
here bringing such concerns
Ajas, I tried your code and things worked as expected on both FF and Chrome
on CF 7 and 8, but on IE (7), the regex would not work even if a correct
value was entered the first time, so this is not about that once the alert
is displayed, even if the user corrects the error and enters a strong
the files might
become a problem. Perhaps I could read them into a cached query to solve
that problem?
Does anyone see any reason why this approach would not work?
Dusty
On Fri, Mar 6, 2009 at 4:23 PM, Charlie Arehart char...@carehart.org
wrote:
No love from anyone for CF411. :-( How can I
Dusty, I wonder if your problem isn't a CF one, but a web server one. I'd
bet when you try to retrieve the file as a CSV, the web server steps in and
changes the mime type to something other than plain text, and therefore CF
(and the CFHTTP) gets something other than what they expected.
(BTW,
Peyton, I have a generic answer and a specific recommendation.
First, I’ll point out that you can find dozens of alternative CF hosts listed
at:
ColdFusion Hosting Alternatives
http://www.cf411.com/#cfhost
This is one of a hundred-plus categories of resources and tools of interest
No love from anyone for CF411. :-( How can I get people to say, whenever
anyone asks what tools are there to do xyz, to tell them to check out
cf411.com. I'm not selling anything there. :-) It exists precisely to help
with these questions.
Dusty, check out:
Excel File Processing Tools
Thanks for sharing the conclusion.
I'll note that when I help people solve problems (in the consulting I do to
help people troubleshoot CF problems), we do often ultimately discern that
the problem isn't something inherently wrong with CF after all, but often
something outside of it, so this
Thanks, Doug. Glad to hear that clarification--though it would have been
helpful if he'd said, and I confirmed this is how he pronounces it. We
now know, but listeners may still be wondering. :-)
/charlie
From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Douglas Knudsen
Sent:
301 - 400 of 644 matches
Mail list logo