I wrote a detailed article a while back that incorporates something sort of
similar to this it's titled Messaging System using structures, wddx and
cfscript. It's purpose is more of a messaging system inside of fusebox
bundled with an introduction to structures but it might be somewhat useful
and could be adapted to a scenario like this ... or not!
Either way ... it's located @
http://www.orlandoartistry.com/MessagingSystem.zip
Kevin Bridges
-----Original Message-----
From: Sebastiaan Barlo [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 28, 2001 2:32 AM
To: Fusebox
Subject: Re: Been working on this all day . . . comments
I'm kinda new to the fusebox concept, but this looks amazing to me. That
looks very good Joseph. I will try some of it. I will definitely going to
use the fuseaction encryption part. Very usefull and very well done.
****************************************************************************
**
At 02:24 28-3-2001 -0700, you wrote:
>I added the following to my CF_FormURL2Attrubites.cfm and am going to
rename
>my local version of the tag CF_FormURLWDDXEncryption2Attributes.cfm hehe
>
>I include this in say an act_file.cfm:
> <CFSCRIPT>
> return_message=StructNew();
> StructInsert(return_message, "message_text", "Your password has
>been emailed to you.");
> StructInsert(return_message, "message_type", "Success");
> StructInsert(return_message, "fuseaction",
>"#attributes.XFA.onNormal#");
> </CFSCRIPT>
> <cfwddx action="CFML2WDDX" input="#return_message#"
>output="client.return_message" usetimezoneinfo="No">
> <CFLOCATION url="#self#" addtoken="No">
>
>Each of the name/value pairs in the structure would be variables that you
>wanted to access in the attributes scope on the other end.
>The main reason I did this is so that I can pass large(er) strings back to
>the calling template. I kept running into the 2K buffer.
>In FormURL2Attributes I added the followin lines just above the form
>processing section. I suppose that the order that you included these
parsers
>in the file would determine attributes precedence being gotten from say
url,
>then wddx, then form.
>
>
> <!--- Added on 3/27/01 to extend the attributes scope to include the WDDX
>structure 'client.return_message'
> It can include any attributes that are too long for your query_string.
> ==> client.return_message = a WDDX structure that contains variables that
>need to be scoped to attributes. This includes all name=value pairs.
> and contains a fuseaction=x pair. Required
>
> Future plans:
> ==> decrypt = [0|1] if the packet is encrypted then decrypt it. Defaults
>to 0.
> This would be useful for cookie stored client variables. Not
>implemented in this version
> ==> key = The variable that holds the decryption key. --->
>
> <cfif isdefined("client.return_message") and len(client.return_message)>
> <CF_WDDX_IsPacketValid
> PACKET="#client.return_message#">
> <CFIF WDDX_IsPacketValid>
> <cfwddx action="WDDX2CFML" input="#client.return_message#"
>output="AttributesTemp">
> <cfloop index="formItem" list="#StructKeyList(AttributesTemp)#">
> <cfset "caller.attributes.#trim(formItem)#" =
>"#Evaluate("AttributesTemp." & formItem)#">
> </cfloop>
> <!--- Reinitialize the clientvar so we do not pass the WDDX packet
every
>time. --->
> <cfset client.return_message = "">
> </cfif>
> </cfif>
>
>
>The CF_WDDX_IsPacketValid is available from the Developers exchange.
>
>
>Then I added a way to encrypt the fuseactions in my pages, so my forms and
>links are encrypted like so:
>http://cliniweb.isu.edu/index.cfm?fuseaction=decrypt&B6V%26%20KK9%24F761L0%
5
>EB0GY9CXL%3FU%3B%3E%21DX%5FQOF9C7X%40%282%29F5%20B0%2B%0A=
>Try to break into that and pass fako parameters. Alan, maybe a better
>implementation than using a lookup table for fake UUID's to mask numbers?
>This will always pass to the same fuse, decrypt which is handled in
>CF_FormURL2Attributes with just a different urlencoded, encrypted
>query_string. I plan to implement the encryption into the WDDX portion so
>that I can encrypt longer strings than can fit in a url and pass them
>seamlessly.
>
>
>
>In my app_Globals.cfm I set the key, and wether I want to encrypt all my
>links that have this code (I don't stick it in all of them, just the ones
>that have DB related numbers that I do not want people to muck with).
><cfset request.EncryptLinks="1">
><cfset request.thekey="Thisismyencryptionkey">
>
>To use this I put this stuff in place of the link in my code:
><cfset theLink =
>"fuseaction=#attributes.XFA.onDelete#&StudentID=#QueryStudentBySchool.stu_i
d
>#"> --the query_string
>Then based on weither I am encrypting or not (turn it off for debugging
>purposes, believe me or your brain will fry).
><A
>href="#self#?#IIf(request.EncryptLinks,DE("fuseaction=decrypt&#URLEncodedFo
r
>mat(encrypt(theLink,request.thekey))#="),DE("#theLink#"))#">Delete</A>
>
>Then added the following code in my CF_FormURL2Attrubites.cfm file:
>
>
><cfelse>
>
>-snipp-
>
> <!--- This is for converting url fields to attributes scoped variables.
>They may come in encrypted or normally. --->
> <cfif isDefined("URL.fuseaction") AND URL.fuseaction IS "decrypt">
> <!--- Added on 3/27/01 to use fuseaction = decrypt Joseph Higgins
>[EMAIL PROTECTED]
> This tag takes a query_string formatted like:
>fuseaction=decrypt&ENCRYPTEDCONTENT=A.
> It lops off the =A and fuseaction=decrypt&, decrypts the string into the
>new
> query_string.--->
> <!--- Decrypt and extract the string.
> To encrypt the string use the following in your code to produce your
>links.
>
>#self#?fuseaction=decrypt&#URLEncodedFormat(encrypt('fuseaction='&attribute
s
>..XFA.onCancel,request.key))#= --->
> <cfset Local.query_string = "#decrypt( URLDecode( Left(
>(Right(cgi.query_string,(Len(cgi.query_string)-19))) ,
>(Len(Right(cgi.query_string,(Len(cgi.query_string)-19)))-1) )
),caller.reque
>st.thekey)#">
><cfset caller.attributes.output = Local.query_string>
> <!--- Create Attributes scopes --->
> <cfloop list="#Local.query_string#" delimiters="&" index="valuepair">
> <cfset DecryptName = "#ListGetAt(valuepair, 1, "=")#">
> <CFIF refindnocase("[[:alpha:]]",left(trim(DecryptName),1)) and NOT
>ISDEFINED( 'caller.ATTRIBUTES.' & DecryptName )>
> <cfset "caller.attributes.#DecryptName#" = "#ListGetAt(valuepair, 2,
>"=")#">
>
> <!--- Remove these next 2 lines if you don't want a list of all
>attributes...
> it'll speed up processing by about .15 millisecond--->
> <!---<cfset request.attributeslist =
>listappend(request.attributeslist,DecryptName,"&")>
> <cfset request.attributeslist =
>listappend(request.attributeslist,urlencodedformat(evaluate("#DecryptName#"
)
>),"=")> --->
> </CFIF>
> </cfloop>
>
> <cfelseif isDefined("cgi.query_string")>
>
> <!--- Unencrypted url. --->
> <cfloop list="#cgi.query_string#" delimiters="&" index="valuepair">
> <cfset URLName = "#ListGetAt(valuepair, 1, "=")#">
> <CFIF refindnocase("[[:alpha:]]",left(trim(urlname),1)) and NOT
>ISDEFINED( 'caller.ATTRIBUTES.' & urlname )>
> <cfset "caller.attributes.#urlname#" =
>"#evaluate("url."&"#urlname#")#">
>
> <!--- Remove these next 2 lines if you don't want a list of all
>attributes...
> it'll speed up processing by about .15 millisecond--->
> <!--- <cfset request.attributeslist =
>listappend(request.attributeslist,urlname,"&")>
> <cfset request.attributeslist =
>listappend(request.attributeslist,urlencodedformat(evaluate("url.#urlname#"
)
>),"=")> --->
> </CFIF>
> </cfloop>
> </cfif>
> </cfif>
>--snip--
></cfif>
>
>
>Right now I hope all of your brains are frying as mine is - been working on
>this since 11 am today and it is now 2am tomorrow.
>A shrubbery?! Bring out yer dead. Hey I'm not quite dead yet. Here it comes
>begin the lashings.
>
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
