Re:Fusebox - whats the big deal anyway?

2003-12-09 Thread Don 
Nobody is waiting for a big project!  While some small project may lead to a big project some other small one will never be able to turn into a big one.  For instance, a project for a small business, but of course the small business owner may introduce you to his other business friends/associates etc. if he/she thinks that's not against his/her own interest and he/she feels like doing so.  It seems to me the above goes without saying.  

About "the database schema changed", you didn't get it right if you were referring to relational database (I'm not into OO db, not sure how popular OO db is anyway), it's not what framework or methodology you use, but rather how good the code is, which also requires hell lot of inner/deep knowledge of database.

Respectfully,

Don Li

>The funny part about waiting for a big project is that small projects can
>commonly turn into big projects over time,
> 
>I'm working on a project right now, the start of it was to come up with one
>report based on a criteria screen.  Now the customers are so pleased with
>it, they want to add worksheets, more reports and the entire project has
>totally expanded.
> 
>When the call came to expand this, the other members of my team were worried
>about having to rework the entire framework, but because I started it in
>Fusebox 4, the transition has been very simple. I was able to add a lot of
>functionality without introducing bugs into the original areas (even though
>the database schema changed).
> 
>Try it out on a small project, figure out how it works, when it comes time
>to do your big project (or transform your small project into a large one),
>you'll be glad you did.
> 
>Sandy Clark
>
>  _  
>
>From: Chunshen (Don) Li [mailto:[EMAIL PROTECTED] 
>Sent: Monday, December 08, 2003 4:33 PM
>To: CF-Talk
>Subject: Re:Fusebox - whats the big deal anyway?
>
>
>Mike, 
>
>I appreciate your thoughts and I agree I or one would invest time in Fusebox
>once a big project which heavily involves FB in one way or another is
>imminent.
>
>Best regards,
>
>Don
>
>>I really think it depends on what sort of entity the web site is for and
>>what they want.  If you are dealing with organizations that want to use a
>>recognized framework for web applications then I am not aware of anything
>>that is as well distributed as Fusebox.  Once we began using Fusebox (early
>>on) we did not find any good reason not to carry on using it.  Of course
>Don
>>you are right many of the things Fusebox focuses on where already being
>used
>>by the better CF developers but followed closely, Fusebox brings that sort
>>of good practice to those who were not. One other point highlighted by Matt
>>Liotta earlier in this thread, at Webapper we have seen the benefits of
>>bringing in Fusebox developers to a Fusebox project mid-stream and were
>able
>>to get them up to speed very quickly.
>>
>>I also think your point re an 'OO' type thinking is a thought although
>>Fusebox is far from a true 'OO' entity.  Mach-II gets much nearer but there
>>are still limitations in CFC's that prevent CF from being a strict 'OO'
>>language.  Macromedia are using Mach-II for internal and I believe now one
>>external part of their site.  Sean Corfield of Macromedia has done a lot to
>>improve Mach-II and has recently contributed to modifying the core after
>>what he says was some fairly heavy load-testing of Mach-II.  If you're
>>interested you can find Sean's information on Mach-II here.
>>
>>http://www.corfield.org/index.php?fuseaction=machii.main
>>
>>Kind Regards - Mike Brunt
>>Webapper Services LLC
>>Web Site http://www.webapper.com
>>Blog http://www.webapper.net
>>
>>Webapper 
>>
>>-Original Message-
>>From: Chunshen (Don) Li [mailto:[EMAIL PROTECTED]
>>Sent: Sunday, December 07, 2003 3:03 PM
>>To: CF-Talk
>>Subject: Re:Fusebox - whats the big deal anyway?
>>
>>If the key benefit of FuseBox is about code-reuse, then, I would say,
>>code-reuse is not unique to FuseBox.  In the days before FuseBox, many of
>us
>>were already practising code-reuse methodology.
>>
>>Probably the creator(s) of FuseBox were big into object-oriented
>>programming, and wanted to steer the CFers towards that direction with
>>FuseBox, but I could be totally wrong on this assumption.
>>
>>Don Li
>>
>>>My very favorite feature with fusebox is only having to modify code in one
>>place
>>>and it will apply to the entire site.
>>>
>>>Fusebox is a methodology, not a religion, therefore it is your option to
>>develop
>>>web sites with reusable code or any other methodology that is acceptable
>>between
>>>you and your client.
>>>
>>>==
>>>Stop spam on your domain, use our gateway!
>>>http://www.clickdoug.com/mailfilter.cfm
>>>For hosting solutions http://www.clickdoug.com
>>>Featuring Win2003 Enterprise, RedHat Linux, CFMX 6.1 and PHP
>>>==
>>>If you are not satisfied with my service, my job isn't done!
>>>
>>>- Original Message -
>>>From: "

Re:Fusebox - whats the big deal anyway?

2003-12-09 Thread Don 
Good writing, thanks.

>Yep, Hal Helms has been a big proponent of OO for a while. He was
>working with a language called SmallTalk iirc prior to ColdFusion
>which was an OO language. And that probably also has a lot to do with
>his relationship to the new Mach-II framework which was originally
>intended to be labelled Fusebox MX before Hal decided to keep Fusebox
>as a proecural framework. I'm not sure if Hal kept it procedural for
>the sake of other developers or just because he suddenly had a lot of
>really great ideas about how to improve the existing framework.
>
>I'm a pretty big fan of OO concepts myself -- code reuse is a big part
>of OO, but more importantly, OO divides code reuse into several
>different avenues, most notably inheritance and interfaces. I think of
>OO code reuse as "meta-code reuse" -- it's less that you're reusing
>entire chunks of code (like a custom tag or a function) than that
>you're reusing bits and pieces of a large chunk (a class or object),
>while you suppress or replace other chunks on an as-needs basis. In
>some cases, such as with interfaces and polymorphism you may not even
>be reusing code per-se, but rather reusing the content the code
>manipulates, or the code's "meta-structure" while the guts of it have
>been entirely rewritten.
>
>OO functionality can often be created even when the language isn't
>inherently OO itself (virtual OO you might say). See for instance
>cfObjects.com which is a "competing" framework, although now that CFMX
>includes CFC's, there seems to be little call for cfObjects in
>general. Fusebox itself doesn't have any (that I'm aware of) built-in
>model for inheritance, interfaces or polymorphism, which are the
>staples of OO. Did Hal intend to steer the community toward OO? It's
>conceivable, although I don't think that's the case. Otherwise I think
>Hal's recommendations likely would have much more closely resembled
>cfObjects.
>
>My own framework (I couldn't respond without mentionig it :) also
>includes a lot of built-in methods for reusing code and managing code
>reuse in a consistent manner. In particular, the tiered application,
>html header and local settings stages of an onTap framework request
>allow for code to be easily applied across an entire site, an entire
>section of a site, or within an individual page or process, using the
>logical directory names you would create for an application anyway,
>i.e. /members/forum/post/ for instance. Is it OO? No it's not. I don't
>think it needs to be. Does it have some similarities to OO? Yea, sure.
>But ultimately it's a procedural framework because it doesn't need to
>be OO to accomplish its goal of providing consistent code structure
>and a fast, flexible means of creating, maintaining and extending
>ColdFusion applications.
>
>Ultimately I think the choice of framework should depend more on the
>developers involved in a project and their needs (including the needs
>of the project) than on any particular ideology like OO.
>
>s. isaac dealey    972-490-6624
>
>team macromedia volunteer  http://www.macromedia.com/go/team
>
>chief architect, tapestry cms  http://products.turnkey.to
>
>onTap is open source   http://www.turnkey.to/ontap
>
>
>
>> If the key benefit of FuseBox is about code-reuse, then, I
>> would say, code-reuse is not unique to FuseBox.  In the
>> days before FuseBox, many of us were already practising
>> code-reuse methodology.
>
>> Probably the creator(s) of FuseBox were big into
>> object-oriented programming, and wanted to steer the CFers
>> towards that direction with FuseBox, but I could be
>> totally wrong on this assumption.
>
>> Don Li
>
>>>My very favorite feature with fusebox is only having to
>>>modify code in one place
>>>and it will apply to the entire site.
>>>
>>>Fusebox is a methodology, not a religion, therefore it is
>>>your option to develop
>>>web sites with reusable code or any other methodology that
>>>is acceptable between
>>>you and your client.
>>>
>>>==
>>>Stop spam on your domain, use our gateway!
>>>http://www.clickdoug.com/mailfilter.cfm
>>>For hosting solutions http://www.clickdoug.com
>>>Featuring Win2003 Enterprise, RedHat Linux, CFMX 6.1 and
>>>PHP
>>>==
>>>If you are not satisfied with my service, my job isn't
>>>done!
>>>
>>>- Original Message -
>>>From: "Gabriel Robichaud" <[EMAIL PROTECTED]>
>>>To: "CF-Talk" <[EMAIL PROTECTED]>
>>>Sent: Saturday, December 06, 2003 12:54 PM
>>>Subject: RE: Fusebox - whats the big deal anyway?
>>>
>>>
>>>| I for one would love to see the arguments FOR using
>>>fusebox.  I have been to
>>>the FB web site and I am not sure its worth the effort of
>>>learning a completely
>>>new mehtodology and reengineering my processes to fit
>>>someone elses model.  I
>>>think that Dan's points are valid especially when it comes
>>>to creativity, but I
>>>am sure there are opinions, very good ones, pro FB.  I
>>>just don`t s

RE: Where is next year's conference?

2003-12-09 Thread Jim Davis 
I think Boston would be freakin' fantastic. at least then I could afford to
go.  Of course I would probably also just end up late for everything.

 
Jim Davis

 
  _  

From: Rick Root [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 9:38 PM
To: CF-Talk
Subject: Re: Where is next year's conference?

 
Raymond Camden wrote:

> On the survey, it asked that East Coast city would you prefer. Of course,
> that may not mean anything. I think I just ignored it and said somewhere
on
> the West Coast or in the middle of the country. Or New Orleans so I could
> drive to MAX. ;)

RAY!  Great idea!  New Orleans.  Never been.

Presumably, east coast city does not mean Orlando (been there done 
that)... and maybe not DC or Boston (allaire conferences were there..) 
Maybe Philly, or Atlanta... who knows.

Of course, based on the survey response they could decide NOT to do it 
on the east coast.


I'm really enjoying making use of all the fun stuff I learned at MAX. 
Flash, web services, RIA, etc.. =)  I've built my first flash app 
here never done CFCs *OR* flash before so this is fun.

http://www.ads.duke.edu/flash/directory.html


  - Rick
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

cfencrypt alternative that also works in visual basic 6 and visual basic .NET

2003-12-09 Thread ezine 
I have been working on an encrypt/decrypt alternative that works in(code) 
both ColdFusion, Visual Basic .NET, and Visual Basic 6.

This makes encrypted values available to applications outside of 
ColdFusion.   For example, lets say that you have a ColdFusion 
application and have stored the user's password in the database with 
UrlEncodedFormat(encrypt(UserPassword,DatabaseKey)) ..  but later, you 
want to have a chat server application to be able to compare encrypted 
versions of the password.   Currently, you can't do that with the encrypt 
function because its functionality cannot be simulated(except..  possibly 
in JAVA using the mimic object).  

Other solutions make use of third party COM objects that are another 
point of pain/failure for some developers.

This solution makes it possible to write multiple applications in 
different languages and have access to encrypted values.    

See Macromedia ColdFusion Forums thread # 647580

Full Link:
http://webforums.macromedia.com/coldfusion/messageview.cfm?
catid=7&threadid=647580

Be sure to copy and paste the full link as it looks as if it will be 
split between two lines.

Best Regards

Zine
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Ever growing single quotes (')

2003-12-09 Thread Ian Skinner 
Has anybody ever experienced a problem, where if you update a string in a SQL 2000 database with a  tag, each time the string is updated, an additional single quote is appended to each single quote in the string?

Start with the string
I'll just run to the store and get some milk.

Update it once and you get 
I''ll just run .

Update it a second time you get
Ill just run 

After not too many reputations of this, you can get an a awefully long series of single quotes.

I can't see anyplace where this is obviouslly happening.  The form that contains the string doesn't show the new quotes, but it will show the quotes the next time the record in viewed.

___
Ian Skinner
Web Developer
Sierra Outdoor Recreation
(http://www.SierraOutdoorRecreation.com)
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: weather feed

2003-12-09 Thread Jim Davis 
Thanks for the heads-up on the format change - maybe I'll set aside a
weekend to rebuild this thing.

 
Jim Davis

 
  _  

From: Todd Finney [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 4:37 AM
To: CF-Talk
Subject: RE: weather feed

 
At 02:11 AM 12/9/2003 -0500, you wrote:
>Don't expect much!  This is very old code (from 1999) -

It's CF.  I'm a perl guy. I wouldn't know good or bad CF if it smacked me 
firmly in the face. :)

I'm actually only here to talk about the weather feeds.  Once this thread 
dies, I'll quit pestering you guys.

>it still works

It probably won't work for much longer, though.  You're using the IWIN 
data, which is (in the words of the NOAA) not long for this world.  I used 
the IWIN data until August, when they changed the format of the national 
summary file that I was using from raw weather metrics to English write ups.

I'm currently parsing these , on 
the recommendation of the guys at the NOAA.

>  but I'm not sure if I'm proud of it any more.  ;^)

"Well", he said, "it's nicely indented."

--
Todd
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Prism Antivirus in HOF footer...

2003-12-09 Thread Jim Davis 
Well - for what it's worth I would hope that the file is checked for virus
BEFORE it gets put in the database!  ;^)

 
Jim Davis

 
  _  

From: Howie Hamlin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:57 PM
To: CF-Talk
Subject: Re: Prism Antivirus in HOF footer...

 
Couldn't you do this?:

- write from BLOB to temp file
- virus scan
- CFCONTENT

Regards,

Howie
  - Original Message - 
  From: Schuster, Steven 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 2:48 PM
  Subject: RE: Prism Antivirus in HOF footer...

  Ah yes but we write ours directly from a database BLOB and use the
  deletefile option to ensure it gets removed once it has been called so the
  file never really just sits out there.
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Payment Processors

2003-12-09 Thread Rick Root 
Bruce Sorge wrote:

> What payment processors are you all using that is similar to PayPal? I am
> looking for one with lower rates. I checked out 2CheckOut.com and they are
> pricier. I am looking for something that will work with CF.

I've used authorize.net but that's a "real" payment processor... but it 
works well with CF =)  We got our merchant account through payquake and 
they use authorize.net.

They had a nice plan that had no monthly minimums which is good because 
we haven't actually taken a credit card payment yet =)

  - Rick
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Where is next year's conference?

2003-12-09 Thread Rick Root 
Raymond Camden wrote:

> On the survey, it asked that East Coast city would you prefer. Of course,
> that may not mean anything. I think I just ignored it and said somewhere on
> the West Coast or in the middle of the country. Or New Orleans so I could
> drive to MAX. ;)

RAY!  Great idea!  New Orleans.  Never been.

Presumably, east coast city does not mean Orlando (been there done 
that)... and maybe not DC or Boston (allaire conferences were there..) 
Maybe Philly, or Atlanta... who knows.

Of course, based on the survey response they could decide NOT to do it 
on the east coast.


I'm really enjoying making use of all the fun stuff I learned at MAX. 
Flash, web services, RIA, etc.. =)  I've built my first flash app 
here never done CFCs *OR* flash before so this is fun.

	http://www.ads.duke.edu/flash/directory.html


  - Rick
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Application variables between two applications

2003-12-09 Thread Jim Davis 
There was thread on this just a few days ago on alt.comp.lang.coldfusion -
see it here:

 
http://groups.google.com/groups?hl=en

365%40enews1.newsguy.com&rnum=1>
&lr=&ie=UTF-8&oe=UTF-8&threadm=bqtqji0365%40enews1.newsguy.com&rnum=1

 
I've got a long post in there talking about how to do this - and which
describes one method for doing this using references (if you know what
you're doing).

 
Jim Davis

 
  _  

From: Ricky Fritzsching [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:21 AM
To: CF-Talk
Subject: Application variables between two applications

 
I have an administrative application that has persistent application
variables that I would like to share into another application on the
production side. 
When a user makes a change in the admin, it refreshes the persistence of the
variables and I need it somehow to change in both the admin and production
application.

Any ideas?

---
Ricky Fritzsching
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: array

2003-12-09 Thread Rick Root 
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
> I need to pass array from coldfusion  tag to database. How can 
> i do it?

You want to insert an entire array into a single field within a single 
row of a database?  If that's so... you could convert the array to a 
WDDX packet and insert THAT into a long text field (mysql text, access 
memo, etc)

If that's not what you are trying to do... clarify :)

  - Rick
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: testing out Fusebox

2003-12-09 Thread Barney Boisvert 
I'd guess you error is because you're missing a circuit definition in your
fbx_Circuits.cfm file.

However, a more pressing question is why you selected Fusebox 3, rather than
Fusebox 4?  The fusebox.org site has been having some administrative and
bureaucratic issues, so it hasn't been updated in a while (quite a while,
actually).  As a result, the Fusebox 4 stuff is located at
http://beta.fusebox.org.  I'd highly recommend that route.  More flexible,
much faster, and generally easier to work with than FB3.  Not to say that
FB3 is unpleasant, it's very nice, but FB4 is even nicer.

Cheers,
barneyb

> -Original Message-
> From: Dan Farmer [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, December 09, 2003 5:33 PM
> To: CF-Talk
> Subject: testing out Fusebox
> 
> I've decided Fusebox was worth looking into...
> 
> I've installed the core files and am following the Fusebox 
> manual, trying to 
> get the sample application to run. I'm getting this error. Any ideas?
> 
> 
> 
> 
> Error Occurred While Processing Request
> Element mySampleApp is undefined in a CFML structure 
> referenced as part of 
> an _expression_.
> 
> 
> The error occurred in 
> C:\JRun4\servers\cfusion\cfusion-ear\cfusion-war\Work\mySample
> App\fbx_fusebox30_CF50.cfm: 
> line 194
> Called from 
> C:\JRun4\servers\cfusion\cfusion-ear\cfusion-war\Work\mySample
> App\fbx_fusebox30_CF50.cfm: 
> line 1
> Called from 
> C:\JRun4\servers\cfusion\cfusion-ear\cfusion-war\Work\mySample
> App\fbx_fusebox30_CF50.cfm: 
> line 1
> Called from 
> C:\JRun4\servers\cfusion\cfusion-ear\cfusion-war\Work\mySample
> App\index.cfm: 
> line 17
> 
> 192 : 
> 
>
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: array

2003-12-09 Thread Michael T. Tangorre 
Not sure what you mean

  _  

From: [EMAIL PROTECTED] [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 5:28 PM
To: CF-Talk
Subject: array

I need to pass array from coldfusion  tag to database. How can i do
it?

Thank you 
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

testing out Fusebox

2003-12-09 Thread Dan Farmer 
I've decided Fusebox was worth looking into...

I've installed the core files and am following the Fusebox manual, trying to 
get the sample application to run. I'm getting this error. Any ideas?



Error Occurred While Processing Request
Element mySampleApp is undefined in a CFML structure referenced as part of 
an _expression_.

The error occurred in 
C:\JRun4\servers\cfusion\cfusion-ear\cfusion-war\Work\mySampleApp\fbx_fusebox30_CF50.cfm: 
line 194
Called from 
C:\JRun4\servers\cfusion\cfusion-ear\cfusion-war\Work\mySampleApp\fbx_fusebox30_CF50.cfm: 
line 1
Called from 
C:\JRun4\servers\cfusion\cfusion-ear\cfusion-war\Work\mySampleApp\fbx_fusebox30_CF50.cfm: 
line 1
Called from 
C:\JRun4\servers\cfusion\cfusion-ear\cfusion-war\Work\mySampleApp\index.cfm: 
line 17

192 :
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: CFC and ColdfusionQueries

2003-12-09 Thread Andrew Scott 
Thanks Raymond that was pretty silly of me not to see that.

Regards
Andrew Scott
Technical Consultant

NuSphere Pty Ltd
Level 2/33 Bank Street
South Melbourne, Victoria, 3205

Phone: 03 9686 0485  -  Fax: 03 9699 7976
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Question about memory usage under a CFMX 6.2 environment

2003-12-09 Thread Dave Carabetta 
>I think my message needs clarification.  I was thinking more on the 
>variable assignment level.  It would be nice to know how much memory each 
>variable scope is absorbing. For instance:
>
>
>
>
>
>As you create variables in these scopes, memory must manage it.  So I am 
>wondering if there is a way to know how much memory is allocated to 
>variable scopes.   If you could get as granular as each scope that would be 
>great, if not, a collective summary of all scopes would do.
>
>I have asked this question before Pre-MX and the response I received from 
>the list is that CF does not work close enough to the hardware to truly 
>know this as it is a security breach.  CF is merely delivered a spot in 
>which to reference where its variables sit, but has no other control over 
>memory.  At the time, that made sense.  I was wondering if any changes have 
>been made since MX has come along.
>
>This question comes from the idea that we would rather anticipate max 
>memory issues prior to running an application in production.
>
>Does that clear the air a little?
>

This may help:

http://www.bpurcell.org/blog/index.cfm?mode=entry&entry=967

Regards,
Dave.
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

array

2003-12-09 Thread activities_wa 
I need to pass array from coldfusion  tag to database. How can i do it?

Thank you
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Looking for CF5

2003-12-09 Thread Samuel R. Neff 
You mean other than MM's online store?

http://dynamic.macromedia.com/bin/MM/store/US/product.jsp?category=/Software
/Promos/ColdFusionP&type=FULL

http://dynamic.macromedia.com/bin/MM/store/US/product.jsp?category=/Software
/Promos/ColdFusionE&type=FULL

Sam

---
Blog: http://www.rewindlife.com
Charts: http://www.blinex.com/products/charting
---

> -Original Message-
> From: Howie Hamlin [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, December 09, 2003 4:33 PM
> To: CF-Talk
> Subject: Looking for CF5
> 
> If anyone has any new copies or knows where I can get one, 
> please let me know.
> 
> Thanks,
> 
> --
> Howie Hamlin
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Question about memory usage under a CFMX 6.2 environment

2003-12-09 Thread Michael Hodgdon 
I think my message needs clarification.  I was thinking more on the variable assignment level.  It would be nice to know how much memory each variable scope is absorbing. For instance:





As you create variables in these scopes, memory must manage it.  So I am wondering if there is a way to know how much memory is allocated to variable scopes.   If you could get as granular as each scope that would be great, if not, a collective summary of all scopes would do.  

I have asked this question before Pre-MX and the response I received from the list is that CF does not work close enough to the hardware to truly know this as it is a security breach.  CF is merely delivered a spot in which to reference where its variables sit, but has no other control over memory.  At the time, that made sense.  I was wondering if any changes have been made since MX has come along.  

This question comes from the idea that we would rather anticipate max memory issues prior to running an application in production. 

Does that clear the air a little?

Michael S Hodgdon
Web Development Project Manager
617 - 669 - 7183
[EMAIL PROTECTED]
  - Original Message - 
  From: Nathan Strutz 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 5:05 PM
  Subject: RE: Question about memory usage under a CFMX 6.2 environment

  you mean, like, with the windows task manager?

  -nathan strutz

    -Original Message-
    From: Michael Hodgdon [mailto:[EMAIL PROTECTED]
    Sent: Tuesday, December 09, 2003 2:40 PM
    To: CF-Talk
    Subject: Question about memory usage under a CFMX 6.2 environment

    Now that CFMX is using Java under the hood is it possible to get a little
  more insight toward how much memory a server is using?  It would be really
  nice to know how much memory is being used by ColdFusion.  Not sure if this
  is possible, any ideas?

    Michael
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread Che Vilnonis 
thanks...I'll be awaiting it.
  -Original Message-
  From: Bryan Stevenson [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, December 09, 2003 5:14 PM
  To: CF-Talk
  Subject: Re: Another simple question...

  yep...that's the one I had some problems with as well...I'll fire ya the
proper tag offlist ;-)

  Bryan Stevenson B.Comm.
  VP & Director of E-Commerce Development
  Electric Edge Systems Group Inc.
  t. 250.920.8830
  e. [EMAIL PROTECTED]

  -
  Macromedia Associate Partner
  www.macromedia.com
  -
  Vancouver Island ColdFusion Users Group
  Founder & Director
  www.cfug-vancouverisland.com
    - Original Message -
    From: Che Vilnonis
    To: CF-Talk
    Sent: Tuesday, December 09, 2003 2:08 PM
    Subject: RE: Another simple question...

    uh-oh...just looked at my code. i have cf_cryp. is that a bad custom
tag
    if so, Bryan, could you send me a link for your recommeded custom tag,
    cf_crypt?

    thanks, che

    -Original Message-
    From: Bryan Stevenson [mailto:[EMAIL PROTECTED]
    Sent: Tuesday, December 09, 2003 5:03 PM
    To: CF-Talk
    Subject: Re: Another simple question...

    ;-)  Yep...definately the right tool for the job then in your case.  I'd
say
    let 'em screw with the URL and show 'em an error page when they do ;-)

    So the cf_cfypt tag bombs eh?  so far I haven't seen a problembut
then
    again sometimes this tag gets confused with cf_cryp (which acts VERY
similar
    and the name is VERY close...hm) ;-)

    Cheers

    Bryan Stevenson B.Comm.
    VP & Director of E-Commerce Development
    Electric Edge Systems Group Inc.
    t. 250.920.8830
    e. [EMAIL PROTECTED]

    -
    Macromedia Associate Partner
    www.macromedia.com
    -
    Vancouver Island ColdFusion Users Group
    Founder & Director
    www.cfug-vancouverisland.com
  - Original Message -
  From: Che Vilnonis
  To: CF-Talk
  Sent: Tuesday, December 09, 2003 2:00 PM
  Subject: RE: Another simple question...

  man, you guys are taking this to the next level.
  yes, I check for errors. yes, I use Val() and cfqueryparam.
  yes, I display 'custom' message to the user when I record cannot be
found.

  i'm just trying to save what little horsepower I have left in my
    webserver.
  Bryan,
  I do use cf_crypt. I  think you recommended it to me a while back.
That
    is,
  in fact,
  the tag that occasionally bombs out.

  The site is an information portal. News, articles, reviews and such.
There
  are no
  user levels. Just a bunch of passed URL strings that I don't want
people
    to
  mess with.

  ~CV

-Original Message-
From: Bryan Stevenson [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 4:47 PM
To: CF-Talk
Subject: Re: Another simple question...

absolutelybut the point of encrypting IDs is to keep bad users
from
  seeing/manipulating data they shouldn't see.

YOu should always try and handle all potential situations (including
a
  messed with encrypted ID).  If you use a proper encrption tag (like
  cf_crypt) it will know if the encrypted value has been messed with and
  produce a non-numeric result when decrypting (which will cause any
queries
  or perhaps boolean logic based on that ID to fail).  If your code
properly
  trys/catches errors this error will be handled gracefully.  IMHO if a
user
  messes with a URL var they deserve an error message (not CF error
message
  but a nice error template telling them something is wrong).

Cheers

Bryan Stevenson B.Comm.
VP & Director of E-Commerce Development
Electric Edge Systems Group Inc.
t. 250.920.8830
e. [EMAIL PROTECTED]

-
Macromedia Associate Partner
www.macromedia.com
-
Vancouver Island ColdFusion Users Group
Founder & Director
www.cfug-vancouverisland.com
  - Original Message -
  From: Raymond Camden
  To: CF-Talk
  Sent: Tuesday, December 09, 2003 1:41 PM
  Subject: RE: Another simple question...

  Err, as I said before, even _if_ you encrypt it, the user can mess
    with
  it.
  The point is this -

  Your code should handle:

  A missing ID
  A bad ID (like id=apple)
  An ID that doesn't make sense (id=-1)
  An ID that points to a non existent record (id=109)

  And add to that any other logic. So, for example, if you show an
  index of press releases

RE: Where is next year's conference?

2003-12-09 Thread Raymond Camden 
On the survey, it asked that East Coast city would you prefer. Of course,
that may not mean anything. I think I just ignored it and said somewhere on
the West Coast or in the middle of the country. Or New Orleans so I could
drive to MAX. ;)
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Another simple question...

2003-12-09 Thread Bryan Stevenson 
yep...that's the one I had some problems with as well...I'll fire ya the proper tag offlist ;-)

Bryan Stevenson B.Comm.
VP & Director of E-Commerce Development
Electric Edge Systems Group Inc.
t. 250.920.8830
e. [EMAIL PROTECTED]

-
Macromedia Associate Partner
www.macromedia.com
-
Vancouver Island ColdFusion Users Group
Founder & Director
www.cfug-vancouverisland.com
  - Original Message - 
  From: Che Vilnonis 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 2:08 PM
  Subject: RE: Another simple question...

  uh-oh...just looked at my code. i have cf_cryp. is that a bad custom tag
  if so, Bryan, could you send me a link for your recommeded custom tag,
  cf_crypt?

  thanks, che

  -Original Message-
  From: Bryan Stevenson [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, December 09, 2003 5:03 PM
  To: CF-Talk
  Subject: Re: Another simple question...

  ;-)  Yep...definately the right tool for the job then in your case.  I'd say
  let 'em screw with the URL and show 'em an error page when they do ;-)

  So the cf_cfypt tag bombs eh?  so far I haven't seen a problembut then
  again sometimes this tag gets confused with cf_cryp (which acts VERY similar
  and the name is VERY close...hm) ;-)

  Cheers

  Bryan Stevenson B.Comm.
  VP & Director of E-Commerce Development
  Electric Edge Systems Group Inc.
  t. 250.920.8830
  e. [EMAIL PROTECTED]

  -
  Macromedia Associate Partner
  www.macromedia.com
  -
  Vancouver Island ColdFusion Users Group
  Founder & Director
  www.cfug-vancouverisland.com
    - Original Message -
    From: Che Vilnonis
    To: CF-Talk
    Sent: Tuesday, December 09, 2003 2:00 PM
    Subject: RE: Another simple question...

    man, you guys are taking this to the next level.
    yes, I check for errors. yes, I use Val() and cfqueryparam.
    yes, I display 'custom' message to the user when I record cannot be found.

    i'm just trying to save what little horsepower I have left in my
  webserver.
    Bryan,
    I do use cf_crypt. I  think you recommended it to me a while back. That
  is,
    in fact,
    the tag that occasionally bombs out.

    The site is an information portal. News, articles, reviews and such. There
    are no
    user levels. Just a bunch of passed URL strings that I don't want people
  to
    mess with.

    ~CV

  -Original Message-
  From: Bryan Stevenson [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, December 09, 2003 4:47 PM
  To: CF-Talk
  Subject: Re: Another simple question...

  absolutelybut the point of encrypting IDs is to keep bad users from
    seeing/manipulating data they shouldn't see.

  YOu should always try and handle all potential situations (including a
    messed with encrypted ID).  If you use a proper encrption tag (like
    cf_crypt) it will know if the encrypted value has been messed with and
    produce a non-numeric result when decrypting (which will cause any queries
    or perhaps boolean logic based on that ID to fail).  If your code properly
    trys/catches errors this error will be handled gracefully.  IMHO if a user
    messes with a URL var they deserve an error message (not CF error message
    but a nice error template telling them something is wrong).

  Cheers

  Bryan Stevenson B.Comm.
  VP & Director of E-Commerce Development
  Electric Edge Systems Group Inc.
  t. 250.920.8830
  e. [EMAIL PROTECTED]

  -
  Macromedia Associate Partner
  www.macromedia.com
  -
  Vancouver Island ColdFusion Users Group
  Founder & Director
  www.cfug-vancouverisland.com
- Original Message -
From: Raymond Camden
To: CF-Talk
Sent: Tuesday, December 09, 2003 1:41 PM
Subject: RE: Another simple question...

Err, as I said before, even _if_ you encrypt it, the user can mess
  with
    it.
The point is this -

Your code should handle:

A missing ID
A bad ID (like id=apple)
An ID that doesn't make sense (id=-1)
An ID that points to a non existent record (id=109)

And add to that any other logic. So, for example, if you show an
index of press releases that have been marked as "Active" in the
    database,
then your logic on the page that displays a PR should repeat that
  logic.
    Ie,
load the PR where active=1 and id=#url.id#.

Encrypting your ID won't stop me from changing the value, it just
  won't
    let
me (most likely) get a good value. But if you code your application
    right,
it wouldn't matter if I broke your encrypt

Where is next year's conference?

2003-12-09 Thread Bosky, Dave 
I missed this year's conference. Where is next year's conference being held?


HTC Disclaimer:  The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.  If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.  Thank you.
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: CF and MS SQL server authentication

2003-12-09 Thread Jochem van Dieten 
[EMAIL PROTECTED] wrote:
> 
> That might work for a single company's site, but hosting companies can't do that. You
> have to give your clients some kind of remote access to manage their databases.  Are
> there any techniques/suggestions for allowing remote access to SQL server via the
> internet?  Obviously changing the port is one small step but are there others people are
> using?

We do hosting with PostgreSQL and provide remote logins if people 
want it. Upon request we allow logins to specific databases, with 
specific usernames, from specific IP adresses on the internet. 
The only thing we require is that people connect to the databse 
using SSL. We don't really see a problem with people willing to 
put their own data at risk.
Surely you can build something similar into MS SQL Server.

Jochem

-- 
When you don't want to be surprised by the revolution
organize one yourself
 - Loesje
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread Che Vilnonis 
uh-oh...just looked at my code. i have cf_cryp. is that a bad custom tag
if so, Bryan, could you send me a link for your recommeded custom tag,
cf_crypt?

thanks, che

-Original Message-
From: Bryan Stevenson [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 5:03 PM
To: CF-Talk
Subject: Re: Another simple question...

;-)  Yep...definately the right tool for the job then in your case.  I'd say
let 'em screw with the URL and show 'em an error page when they do ;-)

So the cf_cfypt tag bombs eh?  so far I haven't seen a problembut then
again sometimes this tag gets confused with cf_cryp (which acts VERY similar
and the name is VERY close...hm) ;-)

Cheers

Bryan Stevenson B.Comm.
VP & Director of E-Commerce Development
Electric Edge Systems Group Inc.
t. 250.920.8830
e. [EMAIL PROTECTED]

-
Macromedia Associate Partner
www.macromedia.com
-
Vancouver Island ColdFusion Users Group
Founder & Director
www.cfug-vancouverisland.com
  - Original Message -
  From: Che Vilnonis
  To: CF-Talk
  Sent: Tuesday, December 09, 2003 2:00 PM
  Subject: RE: Another simple question...

  man, you guys are taking this to the next level.
  yes, I check for errors. yes, I use Val() and cfqueryparam.
  yes, I display 'custom' message to the user when I record cannot be found.

  i'm just trying to save what little horsepower I have left in my
webserver.
  Bryan,
  I do use cf_crypt. I  think you recommended it to me a while back. That
is,
  in fact,
  the tag that occasionally bombs out.

  The site is an information portal. News, articles, reviews and such. There
  are no
  user levels. Just a bunch of passed URL strings that I don't want people
to
  mess with.

  ~CV

    -Original Message-
    From: Bryan Stevenson [mailto:[EMAIL PROTECTED]
    Sent: Tuesday, December 09, 2003 4:47 PM
    To: CF-Talk
    Subject: Re: Another simple question...

    absolutelybut the point of encrypting IDs is to keep bad users from
  seeing/manipulating data they shouldn't see.

    YOu should always try and handle all potential situations (including a
  messed with encrypted ID).  If you use a proper encrption tag (like
  cf_crypt) it will know if the encrypted value has been messed with and
  produce a non-numeric result when decrypting (which will cause any queries
  or perhaps boolean logic based on that ID to fail).  If your code properly
  trys/catches errors this error will be handled gracefully.  IMHO if a user
  messes with a URL var they deserve an error message (not CF error message
  but a nice error template telling them something is wrong).

    Cheers

    Bryan Stevenson B.Comm.
    VP & Director of E-Commerce Development
    Electric Edge Systems Group Inc.
    t. 250.920.8830
    e. [EMAIL PROTECTED]

    -
    Macromedia Associate Partner
    www.macromedia.com
    -
    Vancouver Island ColdFusion Users Group
    Founder & Director
    www.cfug-vancouverisland.com
  - Original Message -
  From: Raymond Camden
  To: CF-Talk
  Sent: Tuesday, December 09, 2003 1:41 PM
  Subject: RE: Another simple question...

  Err, as I said before, even _if_ you encrypt it, the user can mess
with
  it.
  The point is this -

  Your code should handle:

  A missing ID
  A bad ID (like id=apple)
  An ID that doesn't make sense (id=-1)
  An ID that points to a non existent record (id=109)

  And add to that any other logic. So, for example, if you show an
  index of press releases that have been marked as "Active" in the
  database,
  then your logic on the page that displays a PR should repeat that
logic.
  Ie,
  load the PR where active=1 and id=#url.id#.

  Encrypting your ID won't stop me from changing the value, it just
won't
  let
  me (most likely) get a good value. But if you code your application
  right,
  it wouldn't matter if I broke your encryption.
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Looking for CF5 (nevermind)

2003-12-09 Thread Howie Hamlin 
Looks like we're just going to get it from MM directly.

Thanks,

Howie
  - Original Message - 
  From: Howie Hamlin 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 4:32 PM
  Subject: Looking for CF5

  If anyone has any new copies or knows where I can get one, please let me know.

  Thanks,

  -- 
  Howie Hamlin - inFusion Project Manager
  On-Line Data Solutions, Inc. - www.CoolFusion.com
  inFusion Mail Server (iMS) - The Award-winning, Intelligent Mail Server
  PrismAV - Virus scanning for ColdFusion applications
  >>> Please vote for iMS here: http://www.sys-con.com/coldfusion/readerschoice2003/index.cfm 
  >>> Find out how iMS Stacks up to the competition: http://www.coolfusion.com/imssecomparison.cfm
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: More date stuff!

2003-12-09 Thread Candace Cottrell 
That's definitely a thought... Or maybe let them use a flash calendar to select the dates.

Candace K. Cottrell, Web Developer 
The Children's Medical Center 
One Children's Plaza 
Dayton, OH 45404 
937-641-4293 
http://www.childrensdayton.org

[EMAIL PROTECTED]

>>> [EMAIL PROTECTED] 12/9/2003 4:10:52 PM >>>
Candace,

I think that Jochem is using postgresql so, timestamp in postgre = datetime
in MSSql2K.

As for the UI, why don't you give them a calendar on one page with check
boxes and have that submit to a second page that shows an entry for start
time and end time of each range (consider a single day by itself as a range
of it's own)?

Steve

-Original Message-
From: Candace Cottrell [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 4:01 PM
To: CF-Talk
Subject: Re: More date stuff!

Responses inline...

Candace K. Cottrell, Web Developer 
The Children's Medical Center 
One Children's Plaza 
Dayton, OH 45404 
937-641-4293 
http://www.childrensdayton.org  

[EMAIL PROTECTED]

>>> [EMAIL PROTECTED] 12/9/2003 3:40:17 PM >>>
Candace Cottrell wrote:

> I am building an on-call scheduling app for doctors. In the database,
> the dates are broken up like Start_Day, Start_Month, Start_Year,
> Start_Time, Start_AMPM and the same for the End info.

I would highly recommend combining these fields together in one 
timestamp field. You could even do so without touching anything 
in the UI by just adding a Start_Timestamp field and recombining 
the timestamp in a trigger on the fly.

--

What is the advantage of using a timestamp vs. a datetime in this scenario?

I am also thinking I should do an insert for every day as opposed to the
range. Do you see an advantage in doing this?
In addition, I am a bit worried about the secretaries who have to enter so
many records in the following scenario:

Dr. A 12/12 7am - 12/14 7am
Dr. B 12/14 7am - 12/15 7am
Dr. A 12/15 7am - 12/17 7am

instead of being able to pick dates from a calendar popup or something. I
watched one of them do it and it was time consuming.

At the same time, I am afraid to take out the range feature, becuase in some
cases one doctor is on-call for 2 months. So it's much easier for them to
type 12/1/2003 and 2/3/2003 instead of picking 60 days.

--

> 1) So there is a bit of overlapping in some cases, where Dr. A may be
> on call from 12/12/2003 - 12/14/2003 at 7am 
> And Dr. B may be on call from 12/14/2003 at 7am until 12/20/2003 at
> 4pm.

Does this really overlap?

---

I guess for an hour it does...

---

> So if Dr. A ENDS her shift at 7am on 12/12 and Dr. B BEGINS his shift
> at 7am on 12/12, it's taking Dr.A and extending her to 12/13.

So do you want both Dr. A and Dr. B to show on 12/12? Or just Dr. B?

---

Actually, they should both be listed.
Something like:

Dr. A. End: 7am
Dr. B Start:7am



> 2) I only want the start time to show up if it's the first day in the
> shift and I only want the end time to show if it's the LAST day in the
> shift. How can I get at this info if I am using a range?

I think you need to self-join so you can get start and end 
timestamps in one field. The and use a case statement to 
determine if a schedule event is a start or an end and sort on 
that field. If that doesn't make sense, please provide the full 
table schema's.

-

The only way I can see to do this is to have a separate record for each day.

Here's what the OnCall_Schedule table looks like:

http://www.childrensdayton.org/images/oncallSchema.gif
 

-

THANKS DEAR!!!

Jochem

-- 
When you don't want to be surprised by the revolution
organize one yourself
 - Loesje 
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: More date stuff!

2003-12-09 Thread Candace Cottrell 
True, Jerry :)
I need to sleep on all of this...

Candace K. Cottrell, Web Developer 
The Children's Medical Center 
One Children's Plaza 
Dayton, OH 45404 
937-641-4293 
http://www.childrensdayton.org

[EMAIL PROTECTED]

>>> [EMAIL PROTECTED] 12/9/2003 4:23:59 PM >>>
Just as a general note, remember that the entry for the secretaries does not have to exactly mirror the way you store the data.

You can have them enter a range, but store individual dates, if you so desire. Or vice versa.

Jerry Johnson

>>> [EMAIL PROTECTED] 12/09/03 04:00PM >>>
Responses inline...
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: More date stuff!

2003-12-09 Thread Jochem van Dieten 
Candace Cottrell wrote:
[EMAIL PROTECTED] 12/9/2003 3:40:17 PM >>>
> Candace Cottrell wrote:
> 
>>I am building an on-call scheduling app for doctors. In the database,
>>the dates are broken up like Start_Day, Start_Month, Start_Year,
>>Start_Time, Start_AMPM and the same for the End info.
> 
> I would highly recommend combining these fields together in one 
> timestamp field. You could even do so without touching anything 
> in the UI by just adding a Start_Timestamp field and recombining 
> the timestamp in a trigger on the fly.
> --
> What is the advantage of using a timestamp vs. a datetime in this scenario?

I have no idea what a datetime exactly is in MS SQL Server, so I 
just use the stand SQL terminology:
"The data types DATE, time, and timestamp are collectively 
referred to as datetime types."

BTW, there is an advantage in using a timestamp with time zone in 
case of DST changes.

> I am also thinking I should do an insert for every day as opposed to the range. Do you see an advantage in doing this?

No.

> In addition, I am a bit worried about the secretaries who have to enter so many records in the following scenario:
> 
> Dr. A 12/12 7am - 12/14 7am
> Dr. B 12/14 7am - 12/15 7am
> Dr. A 12/15 7am - 12/17 7am
> 
> .instead of being able to pick dates from a calendar popup or something. I watched one of them do it and it was time consuming.
> 
> At the same time, I am afraid to take out the range feature, becuase in some cases one doctor is on-call for 2 months. So it's much easier for them to type 12/1/2003 and 2/3/2003 instead of picking 60 days.

You can always provide both ways :-)

What I am refering to is not visible in the UI at all. All you 
have to do is define a BEFORE INSERT trigger that combines the 
information from Start_Day, Start_Month, Start_Year, Start_Hour 
and Start_Minute together into one timestamp field. Then you can 
query on that timestamp field without having to provide separate 
conditions for all the different fields.

>>1) So there is a bit of overlapping in some cases, where Dr. A may be
>>on call from 12/12/2003 - 12/14/2003 at 7am 
>>And Dr. B may be on call from 12/14/2003 at 7am until 12/20/2003 at
>>4pm.
> 
> Does this really overlap?
> ---
> I guess for an hour it does...
> ---

Really?

>>So if Dr. A ENDS her shift at 7am on 12/12 and Dr. B BEGINS his shift
>>at 7am on 12/12, it's taking Dr.A and extending her to 12/13.
> 
> So do you want both Dr. A and Dr. B to show on 12/12? Or just Dr. B?
> ---
> Actually, they should both be listed.
> Something like:
> 
> Dr. A. End: 7am
> Dr. B Start:7am

That is doable. And we shouldn't even need to do a self-join :-)


(
SELECT
    DOC_FIRST_NAME,
    DOC_LAST_NAME,
    START_MONTH AS shiftmonth,
    START_DAY as shiftday,
    START_HOUR as shifthour,
    START_AMPM as shiftampm,
    'start' AS shifttype
FROM
    DOCTORS, DIVISIONS, ONCALL_SHIFTS
WHERE
    ONCALL_SHIFTS.DIVISION_ID = 
cfsqltype="cf_sql_integer" value="9">
   AND
    DIVISIONS.DIVISIONID = ONCALL_SHIFTS.DIVISION_ID
   AND
    ONCALL_SHIFTS.DOCTOR_ID = DOCTORS.Doc_ID
   AND
    
value="#DateFormat(ThisDay, "D")# ">BETWEEN START_DAY AND END_DAY
   AND
    
value="#DateFormat(ThisCalMonth, "M")# "> BETWEEN START_MONTH AND 
END_MONTH

UNION

SELECT
    DOC_FIRST_NAME,
    DOC_LAST_NAME,
    END_MONTH AS shiftmonth,
    END_DAY AS shiftday,
    END_HOUR AS shifthour,
    END_AMPM AS shiftampm,
    'end' AS shifttype
FROM
    DOCTORS, DIVISIONS, ONCALL_SHIFTS
WHERE
    ONCALL_SHIFTS.DIVISION_ID = 
cfsqltype="cf_sql_integer" value="9">
   AND
    DIVISIONS.DIVISIONID = ONCALL_SHIFTS.DIVISION_ID
   AND
    ONCALL_SHIFTS.DOCTOR_ID = DOCTORS.Doc_ID
   AND
    
value="#DateFormat(ThisDay, "D")# ">BETWEEN START_DAY AND END_DAY
   AND
    
value="#DateFormat(ThisCalMonth, "M")# "> BETWEEN START_MONTH AND 
END_MONTH
)
ORDER BY shiftmonth, shiftday, shiftampm, shifthour, shifttype DESC


This will give you all the starts and ends of shifts neatly 
ordered for display. Just loop over them and put them in your 
calendar.

Jochem

-- 
When you don't want to be surprised by the revolution
organize one yourself
 - Loesje
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Question about memory usage under a CFMX 6.2 environment

2003-12-09 Thread Nathan Strutz 
you mean, like, with the windows task manager?

-nathan strutz

  -Original Message-
  From: Michael Hodgdon [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, December 09, 2003 2:40 PM
  To: CF-Talk
  Subject: Question about memory usage under a CFMX 6.2 environment

  Now that CFMX is using Java under the hood is it possible to get a little
more insight toward how much memory a server is using?  It would be really
nice to know how much memory is being used by ColdFusion.  Not sure if this
is possible, any ideas?

  Michael
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Another simple question...

2003-12-09 Thread Bryan Stevenson 
;-)  Yep...definately the right tool for the job then in your case.  I'd say let 'em screw with the URL and show 'em an error page when they do ;-)

So the cf_cfypt tag bombs eh?  so far I haven't seen a problembut then again sometimes this tag gets confused with cf_cryp (which acts VERY similar and the name is VERY close...hm) ;-)

Cheers

Bryan Stevenson B.Comm.
VP & Director of E-Commerce Development
Electric Edge Systems Group Inc.
t. 250.920.8830
e. [EMAIL PROTECTED]

-
Macromedia Associate Partner
www.macromedia.com
-
Vancouver Island ColdFusion Users Group
Founder & Director
www.cfug-vancouverisland.com
  - Original Message - 
  From: Che Vilnonis 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 2:00 PM
  Subject: RE: Another simple question...

  man, you guys are taking this to the next level.
  yes, I check for errors. yes, I use Val() and cfqueryparam.
  yes, I display 'custom' message to the user when I record cannot be found.

  i'm just trying to save what little horsepower I have left in my webserver.
  Bryan,
  I do use cf_crypt. I  think you recommended it to me a while back. That is,
  in fact,
  the tag that occasionally bombs out.

  The site is an information portal. News, articles, reviews and such. There
  are no
  user levels. Just a bunch of passed URL strings that I don't want people to
  mess with.

  ~CV

    -Original Message-
    From: Bryan Stevenson [mailto:[EMAIL PROTECTED]
    Sent: Tuesday, December 09, 2003 4:47 PM
    To: CF-Talk
    Subject: Re: Another simple question...

    absolutelybut the point of encrypting IDs is to keep bad users from
  seeing/manipulating data they shouldn't see.

    YOu should always try and handle all potential situations (including a
  messed with encrypted ID).  If you use a proper encrption tag (like
  cf_crypt) it will know if the encrypted value has been messed with and
  produce a non-numeric result when decrypting (which will cause any queries
  or perhaps boolean logic based on that ID to fail).  If your code properly
  trys/catches errors this error will be handled gracefully.  IMHO if a user
  messes with a URL var they deserve an error message (not CF error message
  but a nice error template telling them something is wrong).

    Cheers

    Bryan Stevenson B.Comm.
    VP & Director of E-Commerce Development
    Electric Edge Systems Group Inc.
    t. 250.920.8830
    e. [EMAIL PROTECTED]

    -
    Macromedia Associate Partner
    www.macromedia.com
    -
    Vancouver Island ColdFusion Users Group
    Founder & Director
    www.cfug-vancouverisland.com
  - Original Message -
  From: Raymond Camden
  To: CF-Talk
  Sent: Tuesday, December 09, 2003 1:41 PM
  Subject: RE: Another simple question...

  Err, as I said before, even _if_ you encrypt it, the user can mess with
  it.
  The point is this -

  Your code should handle:

  A missing ID
  A bad ID (like id=apple)
  An ID that doesn't make sense (id=-1)
  An ID that points to a non existent record (id=109)

  And add to that any other logic. So, for example, if you show an
  index of press releases that have been marked as "Active" in the
  database,
  then your logic on the page that displays a PR should repeat that logic.
  Ie,
  load the PR where active=1 and id=#url.id#.

  Encrypting your ID won't stop me from changing the value, it just won't
  let
  me (most likely) get a good value. But if you code your application
  right,
  it wouldn't matter if I broke your encryption.
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread Che Vilnonis 
man, you guys are taking this to the next level.
yes, I check for errors. yes, I use Val() and cfqueryparam.
yes, I display 'custom' message to the user when I record cannot be found.

i'm just trying to save what little horsepower I have left in my webserver.
Bryan,
I do use cf_crypt. I  think you recommended it to me a while back. That is,
in fact,
the tag that occasionally bombs out.

The site is an information portal. News, articles, reviews and such. There
are no
user levels. Just a bunch of passed URL strings that I don't want people to
mess with.

~CV

  -Original Message-
  From: Bryan Stevenson [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, December 09, 2003 4:47 PM
  To: CF-Talk
  Subject: Re: Another simple question...

  absolutelybut the point of encrypting IDs is to keep bad users from
seeing/manipulating data they shouldn't see.

  YOu should always try and handle all potential situations (including a
messed with encrypted ID).  If you use a proper encrption tag (like
cf_crypt) it will know if the encrypted value has been messed with and
produce a non-numeric result when decrypting (which will cause any queries
or perhaps boolean logic based on that ID to fail).  If your code properly
trys/catches errors this error will be handled gracefully.  IMHO if a user
messes with a URL var they deserve an error message (not CF error message
but a nice error template telling them something is wrong).

  Cheers

  Bryan Stevenson B.Comm.
  VP & Director of E-Commerce Development
  Electric Edge Systems Group Inc.
  t. 250.920.8830
  e. [EMAIL PROTECTED]

  -
  Macromedia Associate Partner
  www.macromedia.com
  -
  Vancouver Island ColdFusion Users Group
  Founder & Director
  www.cfug-vancouverisland.com
    - Original Message -
    From: Raymond Camden
    To: CF-Talk
    Sent: Tuesday, December 09, 2003 1:41 PM
    Subject: RE: Another simple question...

    Err, as I said before, even _if_ you encrypt it, the user can mess with
it.
    The point is this -

    Your code should handle:

    A missing ID
    A bad ID (like id=apple)
    An ID that doesn't make sense (id=-1)
    An ID that points to a non existent record (id=109)

    And add to that any other logic. So, for example, if you show an
    index of press releases that have been marked as "Active" in the
database,
    then your logic on the page that displays a PR should repeat that logic.
Ie,
    load the PR where active=1 and id=#url.id#.

    Encrypting your ID won't stop me from changing the value, it just won't
let
    me (most likely) get a good value. But if you code your application
right,
    it wouldn't matter if I broke your encryption.
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: fix cflogin cache

2003-12-09 Thread Dave Watts 
> I also recommend using J2EE Sessions unless you have a 
> compelling reason not to. They're more secure (for several 
> reasons).

I wouldn't go so far as to say they're more secure. By default, they use a
UUID instead of a pair of integers, but you can get the same effect with
CFID and CFTOKEN by enabling the "use UUID for CFTOKEN" option in the CF
Administrator. J2EE sessions use nonpersistent cookies, as opposed to the
persistent CFID and CFTOKEN cookies, but that doesn't really increase
security in any meaningful way; it just allows you to more easily tie the
end of a session to the closing of the user's browser. If you want the same
effect with CFID and CFTOKEN, just rewrite them as nonpersistent cookies.

Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Another simple question...

2003-12-09 Thread Bryan Stevenson 
Another approach Ray is to base user specific queries on a global var for the currently logged in user.  That way your "use proper SQL" approach works much easier because all user specific data retrieval queries run based on a global variable which is unchangeable by anyone ;-)

Did that make sense?it sounded good in my head ;-)

Cheers

Bryan Stevenson B.Comm.
VP & Director of E-Commerce Development
Electric Edge Systems Group Inc.
t. 250.920.8830
e. [EMAIL PROTECTED]

-
Macromedia Associate Partner
www.macromedia.com
-
Vancouver Island ColdFusion Users Group
Founder & Director
www.cfug-vancouverisland.com
  - Original Message - 
  From: Raymond Camden 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 1:43 PM
  Subject: RE: Another simple question...

  Assume that 115 is a valid DB record, but one you don't want the user to
  see. It makes more sense to write your SQL to check for that. So for
  example, if the user's "Level" is 0, and the DB record has a level of 1, and
  the logic is the user's level must be equal or higher, then your SQL should
  check for it.

  That way, if I break your encryption, I don't get anything.

  I'm not saying don't encrypt - just FIRST make your code rock solid, then
  add junk to "slow down" the script kiddies.

  > 
  > If the ID is 114, chances are good that 115 is going to be 
  > valid, and possible do something you shouldn't be doing 
  > (though that should be secured through other means).  However 
  > if the URL is a UUID, md5 hash, or whatever, the odds of 
  > changing it to a valid number is much smaller, as there will 
  > be gaps in the series.  It doesn't make the app any simpler, 
  > but it does accomplish something.
  > 
  > barneyb
  > 
  > > -Original Message-
  > > From: Raymond Camden [mailto:[EMAIL PROTECTED]
  > > Sent: Tuesday, December 09, 2003 1:08 PM
  > > To: CF-Talk
  > > Subject: RE: Another simple question...
  > > 
  > > But even if you encrypt it, someone can still change it. If 
  > your logic 
  > > correctly handles missing and bad ID values, what is the point of 
  > > encrypting it?
  > > 
  > > 
  > >
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread Barney Boisvert 
I'm pretty sure there is a createUUID() function in CF5.  But if you'r
eusing it as a database key, you'll want to generate it with your database
probably, so just set the primary key column to be type UUID/GUID if you
can.  If you can't, set it to varchar(35) and use the CF createUUID() in
your INSERT statement.

> -Original Message-
> From: Che Vilnonis [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, December 09, 2003 1:38 PM
> To: CF-Talk
> Subject: RE: Another simple question...
> 
> can you do UUID in CF5? how do you decrypt it?
>   -Original Message-
>   From: Barney Boisvert [mailto:[EMAIL PROTECTED]
>   Sent: Tuesday, December 09, 2003 4:24 PM
>   To: CF-Talk
>   Subject: RE: Another simple question...
> 
> 
>   If the ID is 114, chances are good that 115 is going to be 
> valid, and
>   possible do something you shouldn't be doing (though that should be
> secured
>   through other means).  However if the URL is a UUID, md5 hash, or
> whatever,
>   the odds of changing it to a valid number is much smaller, 
> as there will
> be
>   gaps in the series.  It doesn't make the app any simpler, 
> but it does
>   accomplish something.
> 
>   barneyb
> 
>   > -Original Message-
>   > From: Raymond Camden [mailto:[EMAIL PROTECTED]
>   > Sent: Tuesday, December 09, 2003 1:08 PM
>   > To: CF-Talk
>   > Subject: RE: Another simple question...
>   >
>   > But even if you encrypt it, someone can still change it. 
> If your logic
>   > correctly handles missing and bad ID values, what is the
>   > point of encrypting
>   > it?
>   >
>   >
>   >
> 
>
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Another simple question...

2003-12-09 Thread Bryan Stevenson 
absolutelybut the point of encrypting IDs is to keep bad users from seeing/manipulating data they shouldn't see.

YOu should always try and handle all potential situations (including a messed with encrypted ID).  If you use a proper encrption tag (like cf_crypt) it will know if the encrypted value has been messed with and produce a non-numeric result when decrypting (which will cause any queries or perhaps boolean logic based on that ID to fail).  If your code properly trys/catches errors this error will be handled gracefully.  IMHO if a user messes with a URL var they deserve an error message (not CF error message but a nice error template telling them something is wrong).

Cheers

Bryan Stevenson B.Comm.
VP & Director of E-Commerce Development
Electric Edge Systems Group Inc.
t. 250.920.8830
e. [EMAIL PROTECTED]

-
Macromedia Associate Partner
www.macromedia.com
-
Vancouver Island ColdFusion Users Group
Founder & Director
www.cfug-vancouverisland.com
  - Original Message - 
  From: Raymond Camden 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 1:41 PM
  Subject: RE: Another simple question...

  Err, as I said before, even _if_ you encrypt it, the user can mess with it.
  The point is this - 

  Your code should handle:

  A missing ID
  A bad ID (like id=apple)
  An ID that doesn't make sense (id=-1)
  An ID that points to a non existent record (id=109)

  And add to that any other logic. So, for example, if you show an
  index of press releases that have been marked as "Active" in the database,
  then your logic on the page that displays a PR should repeat that logic. Ie,
  load the PR where active=1 and id=#url.id#. 

  Encrypting your ID won't stop me from changing the value, it just won't let
  me (most likely) get a good value. But if you code your application right,
  it wouldn't matter if I broke your encryption.
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread Raymond Camden 
Assume that 115 is a valid DB record, but one you don't want the user to
see. It makes more sense to write your SQL to check for that. So for
example, if the user's "Level" is 0, and the DB record has a level of 1, and
the logic is the user's level must be equal or higher, then your SQL should
check for it.

That way, if I break your encryption, I don't get anything.

I'm not saying don't encrypt - just FIRST make your code rock solid, then
add junk to "slow down" the script kiddies.

> 
> If the ID is 114, chances are good that 115 is going to be 
> valid, and possible do something you shouldn't be doing 
> (though that should be secured through other means).  However 
> if the URL is a UUID, md5 hash, or whatever, the odds of 
> changing it to a valid number is much smaller, as there will 
> be gaps in the series.  It doesn't make the app any simpler, 
> but it does accomplish something.
> 
> barneyb
> 
> > -Original Message-
> > From: Raymond Camden [mailto:[EMAIL PROTECTED]
> > Sent: Tuesday, December 09, 2003 1:08 PM
> > To: CF-Talk
> > Subject: RE: Another simple question...
> > 
> > But even if you encrypt it, someone can still change it. If 
> your logic 
> > correctly handles missing and bad ID values, what is the point of 
> > encrypting it?
> > 
> > 
> >
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread Raymond Camden 
I agree with that, but it should be made clear that encrypting only slows
people down. Also, I see WAY too many web sites that don't properly check
their input parameters. That is FAR more important I would say.
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread Raymond Camden 
Err, as I said before, even _if_ you encrypt it, the user can mess with it.
The point is this - 

Your code should handle:

	A missing ID
	A bad ID (like id=apple)
	An ID that doesn't make sense (id=-1)
	An ID that points to a non existent record (id=109)
	
	And add to that any other logic. So, for example, if you show an
index of press releases that have been marked as "Active" in the database,
then your logic on the page that displays a PR should repeat that logic. Ie,
load the PR where active=1 and id=#url.id#. 

Encrypting your ID won't stop me from changing the value, it just won't let
me (most likely) get a good value. But if you code your application right,
it wouldn't matter if I broke your encryption.
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Question about memory usage under a CFMX 6.2 environment

2003-12-09 Thread Michael Hodgdon 
Now that CFMX is using Java under the hood is it possible to get a little more insight toward how much memory a server is using?  It would be really nice to know how much memory is being used by ColdFusion.  Not sure if this is possible, any ideas?

Michael
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread Che Vilnonis 
can you do UUID in CF5? how do you decrypt it?
  -Original Message-
  From: Barney Boisvert [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, December 09, 2003 4:24 PM
  To: CF-Talk
  Subject: RE: Another simple question...

  If the ID is 114, chances are good that 115 is going to be valid, and
  possible do something you shouldn't be doing (though that should be
secured
  through other means).  However if the URL is a UUID, md5 hash, or
whatever,
  the odds of changing it to a valid number is much smaller, as there will
be
  gaps in the series.  It doesn't make the app any simpler, but it does
  accomplish something.

  barneyb

  > -Original Message-
  > From: Raymond Camden [mailto:[EMAIL PROTECTED]
  > Sent: Tuesday, December 09, 2003 1:08 PM
  > To: CF-Talk
  > Subject: RE: Another simple question...
  >
  > But even if you encrypt it, someone can still change it. If your logic
  > correctly handles missing and bad ID values, what is the
  > point of encrypting
  > it?
  >
  >
  >
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Another simple question...

2003-12-09 Thread Bryan Stevenson 
So you don't give out valid record IDs from your databaseevery piece of the puzzle a hacker can get their hands on is bad ;-)

Bryan Stevenson B.Comm.
VP & Director of E-Commerce Development
Electric Edge Systems Group Inc.
t. 250.920.8830
e. [EMAIL PROTECTED]

-
Macromedia Associate Partner
www.macromedia.com
-
Vancouver Island ColdFusion Users Group
Founder & Director
www.cfug-vancouverisland.com
  - Original Message - 
  From: Raymond Camden 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 1:08 PM
  Subject: RE: Another simple question...

  But even if you encrypt it, someone can still change it. If your logic
  correctly handles missing and bad ID values, what is the point of encrypting
  it?
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Another simple question...

2003-12-09 Thread Bryan Stevenson 
Note that the enccrypt() decrypt() functions in CF SUCK EGGS ;-)

Bryan Stevenson B.Comm.
VP & Director of E-Commerce Development
Electric Edge Systems Group Inc.
t. 250.920.8830
e. [EMAIL PROTECTED]

-
Macromedia Associate Partner
www.macromedia.com
-
Vancouver Island ColdFusion Users Group
Founder & Director
www.cfug-vancouverisland.com
  - Original Message - 
  From: DURETTE, STEVEN J (AIT) 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 1:05 PM
  Subject: RE: Another simple question...

  Che,

  What about encrypt(id, someKey) and decrypt(id, someKey) CF Functions.  Just
  as an example someKey = 1234567890.

  Steve

  -Original Message-
  From: Che Vilnonis [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, December 09, 2003 3:56 PM
  To: CF-Talk
  Subject: Another simple question...

  This is for a CF5 webserver.
  I have the following URL.
  http://somesite.com/cnt_ask_an_expert_detail.cfm?id=114
   

  Basically, I would like to have some simple encryption on the URL.ID
  variable.
  Nothing fancy...just something that the average website user would not try
  to
  manipulate. The solution should be the LEAST taxing to the CFAS. Also, this
  solution should obviously be decryptable. Maybe there is a CF function that
  I
  have forgotton or unaware of...

  Thanks, Che 
    _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Another simple question...

2003-12-09 Thread Bryan Stevenson 
If it's not encrypted then users can mess with it - period!

use a tag like cf_crypt to encrypt it on it's way through the URL and then decrypt it on the receiving page...nice...simple...bulletproof...FAST!

Cheers

Bryan Stevenson B.Comm.
VP & Director of E-Commerce Development
Electric Edge Systems Group Inc.
t. 250.920.8830
e. [EMAIL PROTECTED]

-
Macromedia Associate Partner
www.macromedia.com
-
Vancouver Island ColdFusion Users Group
Founder & Director
www.cfug-vancouverisland.com
  - Original Message - 
  From: Che Vilnonis 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 12:56 PM
  Subject: Another simple question...

  This is for a CF5 webserver.
  I have the following URL.
  http://somesite.com/cnt_ask_an_expert_detail.cfm?id=114

  Basically, I would like to have some simple encryption on the URL.ID
  variable.
  Nothing fancy...just something that the average website user would not try
  to
  manipulate. The solution should be the LEAST taxing to the CFAS. Also, this
  solution should obviously be decryptable. Maybe there is a CF function that
  I
  have forgotton or unaware of...

  Thanks, Che
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Looking for CF5

2003-12-09 Thread Howie Hamlin 
If anyone has any new copies or knows where I can get one, please let me know.

Thanks,

-- 
Howie Hamlin - inFusion Project Manager
On-Line Data Solutions, Inc. - www.CoolFusion.com
inFusion Mail Server (iMS) - The Award-winning, Intelligent Mail Server
PrismAV - Virus scanning for ColdFusion applications
>>> Please vote for iMS here: http://www.sys-con.com/coldfusion/readerschoice2003/index.cfm 
>>> Find out how iMS Stacks up to the competition: http://www.coolfusion.com/imssecomparison.cfm
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: CF and MS SQL server authentication

2003-12-09 Thread Dave Watts 
> That might work for a single company's site, but hosting 
> companies can't do that. You have to give your clients 
> some kind of remote access to manage their databases. Are
> there any techniques/suggestions for allowing remote access 
> to SQL server via the internet? Obviously changing the port 
> is one small step but are there others people are using?

In fact, hosting companies can, and do, limit access to database servers so
that they only can be reached through the web server or through trusted
sources. I've worked with hosting companies who've done these things for
their clients.

If you're talking about shared hosting, though, I'm not sure how I'd respond
to that. I'm not a big fan of any sort of shared hosting, when it comes to
security concerns, though.

Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread Barney Boisvert 
If the ID is 114, chances are good that 115 is going to be valid, and
possible do something you shouldn't be doing (though that should be secured
through other means).  However if the URL is a UUID, md5 hash, or whatever,
the odds of changing it to a valid number is much smaller, as there will be
gaps in the series.  It doesn't make the app any simpler, but it does
accomplish something.

barneyb

> -Original Message-
> From: Raymond Camden [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, December 09, 2003 1:08 PM
> To: CF-Talk
> Subject: RE: Another simple question...
> 
> But even if you encrypt it, someone can still change it. If your logic
> correctly handles missing and bad ID values, what is the 
> point of encrypting
> it?
> 
> 
>
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: More date stuff!

2003-12-09 Thread Jerry Johnson 
Just as a general note, remember that the entry for the secretaries does not have to exactly mirror the way you store the data.

You can have them enter a range, but store individual dates, if you so desire. Or vice versa.

Jerry Johnson

>>> [EMAIL PROTECTED] 12/09/03 04:00PM >>>
Responses inline...
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread Che Vilnonis 
yes that is true. i guess the point is that it might make the end user less
likely
to change the url from 114 to 115 when he/she sees 12ADF334 to 12AGGH1.

imo, it's human nature to play around w/ these URL strings. i hoping that if
they
look ugly, they won't.

~Che
  -Original Message-
  From: Raymond Camden [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, December 09, 2003 4:08 PM
  To: CF-Talk
  Subject: RE: Another simple question...

  But even if you encrypt it, someone can still change it. If your logic
  correctly handles missing and bad ID values, what is the point of
encrypting
  it?
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: XML and the Degree Sign

2003-12-09 Thread Scott Brady 
Darron J. Schall wrote:

> You could try encoding the file as UTF-16, and mark it as so:
>
> 
> <...>
>
Unfortunately, that gets me "Switch from current encoding to specified 
encoding nt supported."
I've tried finding every spot in this code (which covers 3 different 
files) to set the encoding and the best I get is a bunch of garbage 
characters (which XML really doesn't like).  At this point it may just 
be easier to change the page to not use XML (there's really no reason 
for it to be using XML in the first place),  That's the "permanent" 
solution I'm going to suggest, anyway.  It's better than having to strip 
out characters (either on our end or from the database interface we're 
getting it from).

Scott

-- 
---
Scott Brady
http://www.scottbrady.net/
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: More date stuff!

2003-12-09 Thread DURETTE, STEVEN J (AIT) 
Candace,

 
I think that Jochem is using postgresql so, timestamp in postgre = datetime
in MSSql2K.

 
As for the UI, why don't you give them a calendar on one page with check
boxes and have that submit to a second page that shows an entry for start
time and end time of each range (consider a single day by itself as a range
of it's own)?

 
Steve

-Original Message-
From: Candace Cottrell [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 4:01 PM
To: CF-Talk
Subject: Re: More date stuff!

Responses inline...

Candace K. Cottrell, Web Developer 
The Children's Medical Center 
One Children's Plaza 
Dayton, OH 45404 
937-641-4293 
http://www.childrensdayton.org  

[EMAIL PROTECTED]

>>> [EMAIL PROTECTED] 12/9/2003 3:40:17 PM >>>
Candace Cottrell wrote:

> I am building an on-call scheduling app for doctors. In the database,
> the dates are broken up like Start_Day, Start_Month, Start_Year,
> Start_Time, Start_AMPM and the same for the End info.

I would highly recommend combining these fields together in one 
timestamp field. You could even do so without touching anything 
in the UI by just adding a Start_Timestamp field and recombining 
the timestamp in a trigger on the fly.

--

What is the advantage of using a timestamp vs. a datetime in this scenario?

I am also thinking I should do an insert for every day as opposed to the
range. Do you see an advantage in doing this?
In addition, I am a bit worried about the secretaries who have to enter so
many records in the following scenario:

Dr. A 12/12 7am - 12/14 7am
Dr. B 12/14 7am - 12/15 7am
Dr. A 12/15 7am - 12/17 7am

.instead of being able to pick dates from a calendar popup or something. I
watched one of them do it and it was time consuming.

At the same time, I am afraid to take out the range feature, becuase in some
cases one doctor is on-call for 2 months. So it's much easier for them to
type 12/1/2003 and 2/3/2003 instead of picking 60 days.

--

> 1) So there is a bit of overlapping in some cases, where Dr. A may be
> on call from 12/12/2003 - 12/14/2003 at 7am 
> And Dr. B may be on call from 12/14/2003 at 7am until 12/20/2003 at
> 4pm.

Does this really overlap?

---

I guess for an hour it does...

---

> So if Dr. A ENDS her shift at 7am on 12/12 and Dr. B BEGINS his shift
> at 7am on 12/12, it's taking Dr.A and extending her to 12/13.

So do you want both Dr. A and Dr. B to show on 12/12? Or just Dr. B?

---

Actually, they should both be listed.
Something like:

Dr. A. End: 7am
Dr. B Start:7am



> 2) I only want the start time to show up if it's the first day in the
> shift and I only want the end time to show if it's the LAST day in the
> shift. How can I get at this info if I am using a range?

I think you need to self-join so you can get start and end 
timestamps in one field. The and use a case statement to 
determine if a schedule event is a start or an end and sort on 
that field. If that doesn't make sense, please provide the full 
table schema's.

-

The only way I can see to do this is to have a separate record for each day.

Here's what the OnCall_Schedule table looks like:

http://www.childrensdayton.org/images/oncallSchema.gif
 

-

THANKS DEAR!!!

Jochem

-- 
When you don't want to be surprised by the revolution
organize one yourself
 - Loesje 
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread Che Vilnonis 
isn't there a good deal of overhead with that?
right now, i'm using a custom tag that does something similar and it
bombs out occasionally under heavy load.

maybe I am wrong about encrypt/decrypt...maybe i should give it a try.
  -Original Message-
  From: DURETTE, STEVEN J (AIT) [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, December 09, 2003 4:06 PM
  To: CF-Talk
  Subject: RE: Another simple question...

  Che,

  What about encrypt(id, someKey) and decrypt(id, someKey) CF Functions.
Just
  as an example someKey = 1234567890.

  Steve

  -Original Message-
  From: Che Vilnonis [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, December 09, 2003 3:56 PM
  To: CF-Talk
  Subject: Another simple question...

  This is for a CF5 webserver.
  I have the following URL.
  http://somesite.com/cnt_ask_an_expert_detail.cfm?id=114
  

  Basically, I would like to have some simple encryption on the URL.ID
  variable.
  Nothing fancy...just something that the average website user would not try
  to
  manipulate. The solution should be the LEAST taxing to the CFAS. Also,
this
  solution should obviously be decryptable. Maybe there is a CF function
that
  I
  have forgotton or unaware of...

  Thanks, Che
    _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread Barney Boisvert 
Encrypt()/decrypt() are available from CF, though they generate nasty
strings.  Cfusion_encrypt()/cfusion_decrypt() are undocumented, but have
been around since at least 4, and generate only alphanumaric strings.  I
don't know about performance for either one, but I'd imagine it's small
enough to be considered insignificant.

For an app I wrote a while ago (several years) we had to maintain numeric
Ids, but they could be any length (no max).  We used numbers that were
always 20 digits long where the first and third digits were the length of
the number we were encrypting, and the even numbered digits where the actual
number, starting with 2, and going as long as we needed.  The rest of the
digits were all random.  So the number "1234" would be encrypted like this:

01429394
^.^...length
.^.^.^.^..number
^.^...padding
Where I've used the digit '9' for ALL the random digits, rather than
actually selecting random ones.  It was a bit of a pain, because it was 4.5,
so no UDFs, but now that UDFs are available, it'd be a snap.

Cheers,
barneyb 

> -Original Message-
> From: Che Vilnonis [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, December 09, 2003 12:56 PM
> To: CF-Talk
> Subject: Another simple question...
> 
> This is for a CF5 webserver.
> I have the following URL.
> http://somesite.com/cnt_ask_an_expert_detail.cfm?id=114
> 
> Basically, I would like to have some simple encryption on the URL.ID
> variable.
> Nothing fancy...just something that the average website user 
> would not try
> to
> manipulate. The solution should be the LEAST taxing to the 
> CFAS. Also, this
> solution should obviously be decryptable. Maybe there is a CF 
> function that
> I
> have forgotton or unaware of...
> 
> Thanks, Che
> 
>
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread Raymond Camden 
But even if you encrypt it, someone can still change it. If your logic
correctly handles missing and bad ID values, what is the point of encrypting
it?
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Another simple question...

2003-12-09 Thread DURETTE, STEVEN J (AIT) 
Che,

 
What about encrypt(id, someKey) and decrypt(id, someKey) CF Functions.  Just
as an example someKey = 1234567890.

 
Steve

-Original Message-
From: Che Vilnonis [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 3:56 PM
To: CF-Talk
Subject: Another simple question...

This is for a CF5 webserver.
I have the following URL.
http://somesite.com/cnt_ask_an_expert_detail.cfm?id=114
 

Basically, I would like to have some simple encryption on the URL.ID
variable.
Nothing fancy...just something that the average website user would not try
to
manipulate. The solution should be the LEAST taxing to the CFAS. Also, this
solution should obviously be decryptable. Maybe there is a CF function that
I
have forgotton or unaware of...

Thanks, Che 
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: More date stuff!

2003-12-09 Thread Candace Cottrell 
Responses inline...

Candace K. Cottrell, Web Developer 
The Children's Medical Center 
One Children's Plaza 
Dayton, OH 45404 
937-641-4293 
http://www.childrensdayton.org

[EMAIL PROTECTED]

>>> [EMAIL PROTECTED] 12/9/2003 3:40:17 PM >>>
Candace Cottrell wrote:

> I am building an on-call scheduling app for doctors. In the database,
> the dates are broken up like Start_Day, Start_Month, Start_Year,
> Start_Time, Start_AMPM and the same for the End info.

I would highly recommend combining these fields together in one 
timestamp field. You could even do so without touching anything 
in the UI by just adding a Start_Timestamp field and recombining 
the timestamp in a trigger on the fly.

--

What is the advantage of using a timestamp vs. a datetime in this scenario?

I am also thinking I should do an insert for every day as opposed to the range. Do you see an advantage in doing this?
In addition, I am a bit worried about the secretaries who have to enter so many records in the following scenario:

Dr. A 12/12 7am - 12/14 7am
Dr. B 12/14 7am - 12/15 7am
Dr. A 12/15 7am - 12/17 7am

.instead of being able to pick dates from a calendar popup or something. I watched one of them do it and it was time consuming.

At the same time, I am afraid to take out the range feature, becuase in some cases one doctor is on-call for 2 months. So it's much easier for them to type 12/1/2003 and 2/3/2003 instead of picking 60 days.

--

> 1) So there is a bit of overlapping in some cases, where Dr. A may be
> on call from 12/12/2003 - 12/14/2003 at 7am 
> And Dr. B may be on call from 12/14/2003 at 7am until 12/20/2003 at
> 4pm.

Does this really overlap?

---

I guess for an hour it does...

---

> So if Dr. A ENDS her shift at 7am on 12/12 and Dr. B BEGINS his shift
> at 7am on 12/12, it's taking Dr.A and extending her to 12/13.

So do you want both Dr. A and Dr. B to show on 12/12? Or just Dr. B?

---

Actually, they should both be listed.
Something like:

Dr. A. End: 7am
Dr. B Start:7am



> 2) I only want the start time to show up if it's the first day in the
> shift and I only want the end time to show if it's the LAST day in the
> shift. How can I get at this info if I am using a range?

I think you need to self-join so you can get start and end 
timestamps in one field. The and use a case statement to 
determine if a schedule event is a start or an end and sort on 
that field. If that doesn't make sense, please provide the full 
table schema's.

-

The only way I can see to do this is to have a separate record for each day. 

Here's what the OnCall_Schedule table looks like:

http://www.childrensdayton.org/images/oncallSchema.gif


-

THANKS DEAR!!!

Jochem

-- 
When you don't want to be surprised by the revolution
organize one yourself
 - Loesje
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Another simple question...

2003-12-09 Thread Che Vilnonis 
This is for a CF5 webserver.
I have the following URL.
http://somesite.com/cnt_ask_an_expert_detail.cfm?id=114

Basically, I would like to have some simple encryption on the URL.ID
variable.
Nothing fancy...just something that the average website user would not try
to
manipulate. The solution should be the LEAST taxing to the CFAS. Also, this
solution should obviously be decryptable. Maybe there is a CF function that
I
have forgotton or unaware of...

Thanks, Che
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: More date stuff!

2003-12-09 Thread Jochem van Dieten 
Candace Cottrell wrote:

> I am building an on-call scheduling app for doctors. In the database,
> the dates are broken up like Start_Day, Start_Month, Start_Year,
> Start_Time, Start_AMPM and the same for the End info.

I would highly recommend combining these fields together in one 
timestamp field. You could even do so without touching anything 
in the UI by just adding a Start_Timestamp field and recombining 
the timestamp in a trigger on the fly.

> 1) So there is a bit of overlapping in some cases, where Dr. A may be
> on call from 12/12/2003 - 12/14/2003 at 7am 
> And Dr. B may be on call from 12/14/2003 at 7am until 12/20/2003 at
> 4pm.

Does this really overlap?

> So if Dr. A ENDS her shift at 7am on 12/12 and Dr. B BEGINS his shift
> at 7am on 12/12, it's taking Dr.A and extending her to 12/13.

So do you want both Dr. A and Dr. B to show on 12/12? Or just Dr. B?

> 2) I only want the start time to show up if it's the first day in the
> shift and I only want the end time to show if it's the LAST day in the
> shift. How can I get at this info if I am using a range?

I think you need to self-join so you can get start and end 
timestamps in one field. The and use a case statement to 
determine if a schedule event is a start or an end and sort on 
that field. If that doesn't make sense, please provide the full 
table schema's.

Jochem

-- 
When you don't want to be surprised by the revolution
organize one yourself
 - Loesje
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Anybody got the link on macromedia's site to...

2003-12-09 Thread Che Vilnonis 
Anybody got the link on Macromedia's site to...re-organize the files
so CF tags are seperated from CF functions, etc? They got all screwed
up and mixed together when I upgraded.

Che Vilnonis
Application Developer
Advertising Systems Incorporated
8470C Remington Avenue
Pennsauken, NJ 08110
p: 856.488.2211
f: 856.488.1990
www.asitv.com
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: CF and MS SQL server authentication

2003-12-09 Thread Tangorre, Michael 
Complete user lockdown and then carefully assigning permissions on the
object level.  :-)  I would imagine anyways

 
Mike



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 3:12 PM
To: CF-Talk
Subject: RE: CF and MS SQL server authentication

>> As for running SQL server on private network, that would be
>> fine except for remote administration - how can one with ease
>> connect to a host on a private network from a remote location.
>
> In that case, maybe you shouldn't be able to remotely administer your
> database server. In any case, your database server should not arbitrarily
> accept connections from anywhere in the world, and it really shouldn't be
> accessible at all from a public network. It should only accept connections
> from the web server, or from trusted internal sources. If you absolutely
> need remote administration, you could administer it from the web server, I
> suppose, although that has its own obvious problems.
>

That might work for a single company's site, but hosting companies can't do
that. You
have to give your clients some kind of remote access to manage their
databases.  Are
there any techniques/suggestions for allowing remote access to SQL server
via the
internet?  Obviously changing the port is one small step but are there
others people are
using?

Tom Nunamaker 
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: CF and MS SQL server authentication

2003-12-09 Thread tom 
>> As for running SQL server on private network, that would be
>> fine except for remote administration - how can one with ease
>> connect to a host on a private network from a remote location.
>
> In that case, maybe you shouldn't be able to remotely administer your
> database server. In any case, your database server should not arbitrarily
> accept connections from anywhere in the world, and it really shouldn't be
> accessible at all from a public network. It should only accept connections
> from the web server, or from trusted internal sources. If you absolutely
> need remote administration, you could administer it from the web server, I
> suppose, although that has its own obvious problems.
>

That might work for a single company's site, but hosting companies can't do that. You
have to give your clients some kind of remote access to manage their databases.  Are
there any techniques/suggestions for allowing remote access to SQL server via the
internet?  Obviously changing the port is one small step but are there others people are
using?

Tom Nunamaker
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

More date stuff!

2003-12-09 Thread Candace Cottrell 
I am building an on-call scheduling app for doctors. In the database,
the dates are broken up like Start_Day, Start_Month, Start_Year,
Start_Time, Start_AMPM and the same for the End info.

 
1) So there is a bit of overlapping in some cases, where Dr. A may be
on call from 12/12/2003 - 12/14/2003 at 7am 
And Dr. B may be on call from 12/14/2003 at 7am until 12/20/2003 at
4pm.

 
I have a page that outputs the schedule for the month in a calendar
looking format.

 
So, in trying to output the correct names in the boxes, I am running
the following query:

 

SELECT 
   DOC_FIRST_NAME,
   DOC_LAST_NAME,
   START_MONTH,
   START_DAY,
   START_HOUR,    
   START_AMPM,
   END_DAY,
   END_MONTH,
   END_HOUR,
   END_AMPM
FROM
   DOCTORS, DIVISIONS, ONCALL_SHIFTS
WHERE
   ONCALL_SHIFTS.DIVISION_ID = 
value="9">   
  AND
   DIVISIONS.DIVISIONID = ONCALL_SHIFTS.DIVISION_ID
  AND
   ONCALL_SHIFTS.DOCTOR_ID = DOCTORS.Doc_ID 
  AND
   BETWEEN START_DAY AND END_DAY
  AND 
   
value="#DateFormat(ThisCalMonth, "M")# "> BETWEEN START_MONTH AND
END_MONTH
   
  

 
This is working ALMOST correctly. But I am not getting any overlaps.
Instead, it's pushing forward a day.

 
So if Dr. A ENDS her shift at 7am on 12/12 and Dr. B BEGINS his shift
at 7am on 12/12, it's taking Dr.A and extending her to 12/13.

 
2) I only want the start time to show up if it's the first day in the
shift and I only want the end time to show if it's the LAST day in the
shift. How can I get at this info if I am using a range?

 
Should I put the query results into arrays?

 
I tried using the currentRow attribute of the above, but then realized
that won't work because of the date range part. One row could be
compensating for 10 days.

Any help is greatly appreciated!!!

 
Candace K. Cottrell, Web Developer 
The Children's Medical Center 
One Children's Plaza 
Dayton, OH 45404 
937-641-4293 
http://www.childrensdayton.org 

[EMAIL PROTECTED]
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: CF and MS SQL server authentication

2003-12-09 Thread Dave Watts 
> I want Windows Authentication for security reasons, SQL 
> server simply is not as secure as Windows. SQL server 2000 
> does not support locking out, minimal password length, 
> password expiry etc. So someone can setup a system whereas 
> the SQL server is being bombarded with attempts to gain 
> access, windows will lock the user out. SQL server admin 
> guide recommends using windows authentication and fall back 
> to SQL authentication in special circumstances (also for 
> someone out there using win98 or winME which do not support 
> windows authentication).

While in general, I would agree with this, I think that for web
applications, native SQL authentication is often better. You might have many
datasources on a single CF machine, for example, but if you're using Windows
authentication you'll only have one account for all your applications - the
one in which your CF service runs.

> As for running SQL server on private network, that would be 
> fine except for remote administration - how can one with ease 
> connect to a host on a private network from a remote location.

In that case, maybe you shouldn't be able to remotely administer your
database server. In any case, your database server should not arbitrarily
accept connections from anywhere in the world, and it really shouldn't be
accessible at all from a public network. It should only accept connections
from the web server, or from trusted internal sources. If you absolutely
need remote administration, you could administer it from the web server, I
suppose, although that has its own obvious problems.

Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Prism Antivirus in HOF footer...

2003-12-09 Thread Howie Hamlin 
Couldn't you do this?:

- write from BLOB to temp file
- virus scan
- CFCONTENT

Regards,

Howie
  - Original Message - 
  From: Schuster, Steven 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 2:48 PM
  Subject: RE: Prism Antivirus in HOF footer...

  Ah yes but we write ours directly from a database BLOB and use the
  deletefile option to ensure it gets removed once it has been called so the
  file never really just sits out there.
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: JS help

2003-12-09 Thread Cutter (CF-Talk) 
The code below is the code of the pop-up page itself, not the custom tag 
which calls it. This "Select a Date" page must be in the secure area, as 
must the custom tag if it is to use a relative path. If the custom tag 
is not in the same secure area then you will have to change the code of 
the "window.open" command in the custom tag to call the popup page from 
an absolute path beginning with "https:".

Cutter

Tim Do wrote:

> No http://
> this is what the source looks like:
> 
> 
> Select a DateA { color:

> #00; font-family:Verdana;font-size:12px; font-weight: normal;

> text-decoration: none; padding:0em .5em;}A:hover { color: #cc6600;

> background-color: #ecf4f7; padding:0em .5em; }body { background: #ff;

> }
> width=100% border=0 bordercolor=#ff cellpadding=0 cellspacing=0>
> bgcolor="#b2d9ec" colspan=7>December
> 2003
> color=#006699 size=1>Su
> size=1>Mo
> size=1>Tu
> size=1>We
> size=1>Th
> size=1>Fr
> size=1>Sa 
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> td align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> td align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> td align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%>
> href="">
> align="center" width=14.28%> 
> width=14.28%> 
> width=14.28%> 
> align="center">
> alt="" border="0" name="Backward" value="<<"
>  face=Verdana color=#006699
> size="1"> Arrows browse through the months. 
> src="" align="middle" alt="" border="0" name="Forward"
> value=">>"
> >
>  >
> 
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, December 09, 2003 11:38 AM
> To: CF-Talk
> Subject: RE: JS help
> 
> ugh, take a look at the HTML source after your page is drwan.  I bet there
> is an HTTP in the window.open call.
> 
> -Original Message-
> From: Tim Do [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, December 09, 2003 2:16 PM
> To: CF-Talk
> Subject: RE: JS help
> 
> There is no http anywhere... the calendar is all rendered inside the custom
> tag.
> 
> -Original Message-
> From: Schuster, Steven [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, December 09, 2003 11:20 AM
> To: CF-Talk
> Subject: RE: JS help
> 
> Make sure the tag code does not use http:// anywhere is one way.
> 
> Steve
> 
> -Original Message-
> From: Tim Do [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, December 09, 2003 2:10 PM
> To: CF-Talk
> Subject: OT: JS help
> 
> Hello all,
> 
> I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
> secure directory.   Inside the tag it has a window.open command that spawns
> a window.  When it does, the browser prompts that you're leaving a secure
> area.  The tag is inside the secure directory.  Can anybody tell me how to
> get it so the browser doesn't prompt the user that they're leaving a secure
> area?
> 
> Thanks in advance,
> Tim
> 
> Here is a piece of the js:
> 
> function openCalWin_#attributes.target#() {
> stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
> stats += 'scrollbars=no,resizable=no,width=300,height=250'
> CalWin = window.open ("","Calendar",stats)
>   _
>   _
>   _
>   _
>
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: JS help

2003-12-09 Thread Schuster, Steven 
This is the HTML source, I mean the actual TAG source code. Again, the
images need to be fully qualified in here as well but I am sure there is
more.

 
Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:36 PM
To: CF-Talk
Subject: RE: JS help

 
No http://
this is what the source looks like:

Select a DateA { color:

#00; font-family:Verdana;font-size:12px; font-weight: normal;

text-decoration: none; padding:0em .5em;}A:hover { color: #cc6600;

background-color: #ecf4f7; padding:0em .5em; }body { background: #ff;

}
width=100% border=0 bordercolor=#ff cellpadding=0 cellspacing=0>
bgcolor="#b2d9ec" colspan=7>December
2003
color=#006699 size=1>Su
size=1>Mo
size=1>Tu
size=1>We
size=1>Th
size=1>Fr
size=1>Sa 
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
td align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
td align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
td align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%> 
width=14.28%> 
width=14.28%> 
align="center">
alt="" border="0" name="Backward" value="<<"
 face=Verdana color=#006699
size="1"> Arrows browse through the months. 
src="" align="middle" alt="" border="0" name="Forward"
value=">>"
>
>

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:38 AM
To: CF-Talk
Subject: RE: JS help

ugh, take a look at the HTML source after your page is drwan.  I bet there
is an HTTP in the window.open call.

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 2:16 PM
To: CF-Talk
Subject: RE: JS help

There is no http anywhere... the calendar is all rendered inside the custom
tag.

-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:20 AM
To: CF-Talk
Subject: RE: JS help

Make sure the tag code does not use http:// anywhere is one way. 

Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:10 PM
To: CF-Talk
Subject: OT: JS help

Hello all,

I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
secure directory.   Inside the tag it has a window.open command that spawns
a window.  When it does, the browser prompts that you're leaving a secure
area.  The tag is inside the secure directory.  Can anybody tell me how to
get it so the browser doesn't prompt the user that they're leaving a secure
area?

Thanks in advance,
Tim

Here is a piece of the js:

function openCalWin_#attributes.target#() { 
stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
stats += 'scrollbars=no,resizable=no,width=300,height=250'
CalWin = window.open ("","Calendar",stats)
  _ 
  _ 
  _ 
  _
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: JS help

2003-12-09 Thread Heald, Tim 
Ok

 
but what does that tag produce in html and _javascript_?  It has to be using a
window.open in order to pop the new window somewhere.

-- 
Timothy Heald 
Web Portfolio Manager 
Overseas Security Advisory Council 
U.S. Department of State 
571.345.2319 

The opinions expressed here do not necessarily reflect those of the U.S.
Department of State or any affiliated organization(s).  Nor have these
opinions been approved or sanctioned by these organizations. This e-mail is
unclassified based on the definitions in E.O. 12958.

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 2:49 PM
To: CF-Talk
Subject: RE: JS help

here is the calling page:

alt="Calendar" border="0" formname="frmSearchInCheck" target="dateMax">

tag:

















var months = new

Array("January","February","March","April","May","June","July","August","Sep

tember","October","November","December")

var totalDays = new Array(31,28,31,30,31,30,31,31,30,31,30,31)



function openCalWin_#attributes.target#() { 

stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'

stats += 'scrollbars=no,resizable=no,width=300,height=250'

CalWin = window.open ("","Calendar",stats)



var calMonth = #DateFormat(attributes.date, "M")#

var calYear = #DateFormat(attributes.date, "")#



theDate = new Date(calYear, (calMonth - 1), 1)



buildCal_#attributes.target#(theDate)



}



function buildCal_#attributes.target#(theDate) {



var startDay = theDate.getDay()

var printDays = false

var currDay = 1

var rowsNeeded = 5



if (startDay + totalDays[theDate.getMonth()] > 35)

  rowsNeeded++



CalWin.document.write('Select a Date')

CalWin.document.write('')

CalWin.document.write('')

CalWin.document.write('
bordercolor=##ff cellpadding=0 cellspacing=0>')

CalWin.document.write('')

CalWin.document.write('')

for (x=1; x<=rowsNeeded; x++){

  CalWin.document.write('')

  for (y=0; y<=6; y++){

   if (currDay == 1 && !printDays && startDay == y)

    printDays = true

   CalWin.document.write('')

    if (currDay > totalDays[theDate.getMonth()])

 printDays = false

   }

   else

    CalWin.document.write(' ')

  }  

  CalWin.document.write('')

} 

CalWin.document.write('

face=Verdana color=##006699 size=2>' + months[theDate.getMonth()] + ' ' +

theDate.getFullYear() + '

color=##006699 size=1>Su
size=1>Mo
size=1>Tu
size=1>We
size=1>Th
size=1>Fr
size=1>Sa
')

   if (printDays){

  CalWin.document.write('
href="" + theDate.getMonth()

+ ',' +  currDay + ',' + theDate.getFullYear() + ')">' + currDay++ +

'

align="center">
alt="" border="0" name="Backward" value="<<"

 face=Verdana

color=##006699 size="1"> Arrows browse through the months. 
type="image" src="" align="middle" alt="" border="0"

name="Forward" value=">>"

>
CalWin.document.write('
')

CalWin.document.close()



}



function getNewCal_#attributes.target#(newDir) {

if (newDir == -1){

  theDate.setMonth(theDate.getMonth() - 1)

  if (theDate.getMonth() == 0){

   theDate.setMonth(12)

   theDate.setYear(theDate.getYear() - 1)

  }

}

else if (newDir == 1){

  theDate.setMonth(theDate.getMonth() + 1)

  if (theDate.getMonth() == 13){

   theDate.setMonth(1)

   theDate.setYear(theDate.getYear() + 1)

  }

}

  

  

CalWin.document.clear();

buildCal_#attributes.target#(theDate);



}



function placeDate_#attributes.target#(monthNum, dayNum, yearNum){

var dateString = (monthNum + 1) + '-' + dayNum + '-' + yearNum



document.#attributes.formname#.#attributes.target#.value = dateString

   

CalWin.close()

}

RE: JS help

2003-12-09 Thread Douglas.Knudsen 
Where is the window.open call though? This looks like the source of the popup window.  What about the HTML source of the page that opens this window?  I'm betting the custom tag generates a window.open call that has HTTP in it.

 
DK

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 2:36 PM
To: CF-Talk
Subject: RE: JS help

No http://
this is what the source looks like:

Select a DateA { color:

#00; font-family:Verdana;font-size:12px; font-weight: normal;

text-decoration: none; padding:0em .5em;}A:hover { color: #cc6600;

background-color: #ecf4f7; padding:0em .5em; }body { background: #ff;

}
width=100% border=0 bordercolor=#ff cellpadding=0 cellspacing=0>
bgcolor="#b2d9ec" colspan=7>December
2003
color=#006699 size=1>Su
size=1>Mo
size=1>Tu
size=1>We
size=1>Th
size=1>Fr
size=1>Sa 
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
td align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
td align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
td align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%> 
width=14.28%> 
width=14.28%> 
align="center">
alt="" border="0" name="Backward" value="<<"
 face=Verdana color=#006699
size="1"> Arrows browse through the months. 
src="" align="middle" alt="" border="0" name="Forward"
value=">>"
>
>

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:38 AM
To: CF-Talk
Subject: RE: JS help

ugh, take a look at the HTML source after your page is drwan.  I bet there
is an HTTP in the window.open call.

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 2:16 PM
To: CF-Talk
Subject: RE: JS help

There is no http anywhere... the calendar is all rendered inside the custom
tag.

-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:20 AM
To: CF-Talk
Subject: RE: JS help

Make sure the tag code does not use http:// anywhere is one way. 

Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:10 PM
To: CF-Talk
Subject: OT: JS help

Hello all,

I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
secure directory.   Inside the tag it has a window.open command that spawns
a window.  When it does, the browser prompts that you're leaving a secure
area.  The tag is inside the secure directory.  Can anybody tell me how to
get it so the browser doesn't prompt the user that they're leaving a secure
area?

Thanks in advance,
Tim

Here is a piece of the js:

function openCalWin_#attributes.target#() { 
stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
stats += 'scrollbars=no,resizable=no,width=300,height=250'
CalWin = window.open ("","Calendar",stats)
  _ 
  _ 
  _ 
  _ 
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: JS help

2003-12-09 Thread Heald, Tim 
That's the page that's created with window.open()

 
It's probably using just window.open('myfile.cfm') or something and you need
to be more specific.  Send the code for the originating page.

-- 
Timothy Heald 
Web Portfolio Manager 
Overseas Security Advisory Council 
U.S. Department of State 
571.345.2319 

The opinions expressed here do not necessarily reflect those of the U.S.
Department of State or any affiliated organization(s).  Nor have these
opinions been approved or sanctioned by these organizations. This e-mail is
unclassified based on the definitions in E.O. 12958.

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 2:45 PM
To: CF-Talk
Subject: RE: JS help

No http://
this is what the source looks like:

Select a DateA { color:

#00; font-family:Verdana;font-size:12px; font-weight: normal;

text-decoration: none; padding:0em .5em;}A:hover { color: #cc6600;

background-color: #ecf4f7; padding:0em .5em; }body { background: #ff;

}
width=100% border=0 bordercolor=#ff cellpadding=0 cellspacing=0>
bgcolor="#b2d9ec" colspan=7>December
2003
color=#006699 size=1>Su
size=1>Mo
size=1>Tu
size=1>We
size=1>Th
size=1>Fr
size=1>Sa 
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
td align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
td align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
td align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%> 
width=14.28%> 
width=14.28%> 
align="center">
alt="" border="0" name="Backward" value="<<"
 face=Verdana color=#006699
size="1"> Arrows browse through the months. 
src="" align="middle" alt="" border="0" name="Forward"
value=">>"
>
>

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:38 AM
To: CF-Talk
Subject: RE: JS help

ugh, take a look at the HTML source after your page is drwan.  I bet there
is an HTTP in the window.open call.

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 2:16 PM
To: CF-Talk
Subject: RE: JS help

There is no http anywhere... the calendar is all rendered inside the custom
tag.

-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:20 AM
To: CF-Talk
Subject: RE: JS help

Make sure the tag code does not use http:// anywhere is one way. 

Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:10 PM
To: CF-Talk
Subject: OT: JS help

Hello all,

I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
secure directory.   Inside the tag it has a window.open command that spawns
a window.  When it does, the browser prompts that you're leaving a secure
area.  The tag is inside the secure directory.  Can anybody tell me how to
get it so the browser doesn't prompt the user that they're leaving a secure
area?

Thanks in advance,
Tim

Here is a piece of the js:

function openCalWin_#attributes.target#() { 
stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
stats += 'scrollbars=no,resizable=no,width=300,height=250'
CalWin = window.open ("","Calendar",stats)
  _ 
  _ 
  _ 
  _ 
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: JS help

2003-12-09 Thread Schuster, Steven 
Well one thing right off the bat, the image call must be completely
qualified using https://address/path_to_image
 ...

 
I know it sucks, but it just does

 
I am looking at the other chunk right now.

 
Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:39 PM
To: CF-Talk
Subject: RE: JS help

 
here is the calling page:

alt="Calendar" border="0" formname="frmSearchInCheck" target="dateMax">

tag:

















var months = new

Array("January","February","March","April","May","June","July","August","Sep

tember","October","November","December")

var totalDays = new Array(31,28,31,30,31,30,31,31,30,31,30,31)



function openCalWin_#attributes.target#() { 

stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'

stats += 'scrollbars=no,resizable=no,width=300,height=250'

CalWin = window.open ("","Calendar",stats)



var calMonth = #DateFormat(attributes.date, "M")#

var calYear = #DateFormat(attributes.date, "")#



theDate = new Date(calYear, (calMonth - 1), 1)



buildCal_#attributes.target#(theDate)



}



function buildCal_#attributes.target#(theDate) {



var startDay = theDate.getDay()

var printDays = false

var currDay = 1

var rowsNeeded = 5



if (startDay + totalDays[theDate.getMonth()] > 35)

  rowsNeeded++



CalWin.document.write('Select a Date')

CalWin.document.write('')

CalWin.document.write('')

CalWin.document.write('
bordercolor=##ff cellpadding=0 cellspacing=0>')

CalWin.document.write('')

CalWin.document.write('')

for (x=1; x<=rowsNeeded; x++){

  CalWin.document.write('')

  for (y=0; y<=6; y++){

   if (currDay == 1 && !printDays && startDay == y)

    printDays = true

   CalWin.document.write('')

    if (currDay > totalDays[theDate.getMonth()])

 printDays = false

   }

   else

    CalWin.document.write(' ')

  }  

  CalWin.document.write('')

} 

CalWin.document.write('

face=Verdana color=##006699 size=2>' + months[theDate.getMonth()] + ' ' +

theDate.getFullYear() + '

color=##006699 size=1>Su
size=1>Mo
size=1>Tu
size=1>We
size=1>Th
size=1>Fr
size=1>Sa
')

   if (printDays){

  CalWin.document.write('
href="" + theDate.getMonth()

+ ',' +  currDay + ',' + theDate.getFullYear() + ')">' + currDay++ +

'

align="center">
alt="" border="0" name="Backward" value="<<"

 face=Verdana

color=##006699 size="1"> Arrows browse through the months. 
type="image" src="" align="middle" alt="" border="0"

name="Forward" value=">>"

>
CalWin.document.write('
')

CalWin.document.close()



}



function getNewCal_#attributes.target#(newDir) {

if (newDir == -1){

  theDate.setMonth(theDate.getMonth() - 1)

  if (theDate.getMonth() == 0){

   theDate.setMonth(12)

   theDate.setYear(theDate.getYear() - 1)

  }

}

else if (newDir == 1){

  theDate.setMonth(theDate.getMonth() + 1)

  if (theDate.getMonth() == 13){

   theDate.setMonth(1)

   theDate.setYear(theDate.getYear() + 1)

  }

}

  

  

CalWin.document.clear();

buildCal_#attributes.target#(theDate);



}



function placeDate_#attributes.target#(monthNum, dayNum, yearNum){

var dateString = (monthNum + 1) + '-' + dayNum + '-' + yearNum



document.#attributes.formname#.#attributes.target#.value = dateString

   

CalWin.close()

}







src="" border=0>


 





alert("You must supply a value for the FORMNAME & TARGET attributes!")





-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:43 AM
To: CF-Talk
Subject: RE: JS help

Can you send the code from the calling page

RE: Prism Antivirus in HOF footer...

2003-12-09 Thread Schuster, Steven 
Ah yes but we write ours directly from a database BLOB and use the
deletefile option to ensure it gets removed once it has been called so the
file never really just sits out there.

-Original Message-
From: Howie Hamlin [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:39 PM
To: CF-Talk
Subject: Re: Prism Antivirus in HOF footer...

 
Most of the time, CFCONTENT is sending a file that is on the hard drive.
You could scan that file like any other file.

Regards,

Howie
  - Original Message - 
  From: Schuster, Steven 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 2:26 PM
  Subject: RE: Prism Antivirus in HOF footer...

  I wonder how it would handle CFCONTENT streams??
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: JS help

2003-12-09 Thread Tim Do 
here is the calling page:

alt="Calendar" border="0" formname="frmSearchInCheck" target="dateMax">

 
tag:



 









 





 

var months = new

Array("January","February","March","April","May","June","July","August","Sep

tember","October","November","December")

var totalDays = new Array(31,28,31,30,31,30,31,31,30,31,30,31)



function openCalWin_#attributes.target#() { 

 stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'

 stats += 'scrollbars=no,resizable=no,width=300,height=250'

 CalWin = window.open ("","Calendar",stats)



var calMonth = #DateFormat(attributes.date, "M")#

 var calYear = #DateFormat(attributes.date, "")#



theDate = new Date(calYear, (calMonth - 1), 1)



 buildCal_#attributes.target#(theDate)



 

}



 

function buildCal_#attributes.target#(theDate) {



 var startDay = theDate.getDay()

 var printDays = false

 var currDay = 1

 var rowsNeeded = 5



 if (startDay + totalDays[theDate.getMonth()] > 35)

  rowsNeeded++



 CalWin.document.write('Select a Date')

 CalWin.document.write('')

 CalWin.document.write('')

 CalWin.document.write('
bordercolor=##ff cellpadding=0 cellspacing=0>')

 CalWin.document.write('')

 CalWin.document.write('')

 for (x=1; x<=rowsNeeded; x++){

  CalWin.document.write('')

  for (y=0; y<=6; y++){

   if (currDay == 1 && !printDays && startDay == y)

    printDays = true

   CalWin.document.write('')

    if (currDay > totalDays[theDate.getMonth()])

 printDays = false

   }

   else

    CalWin.document.write(' ')

  }  

  CalWin.document.write('')

 } 

 CalWin.document.write('

face=Verdana color=##006699 size=2>' + months[theDate.getMonth()] + ' ' +

theDate.getFullYear() + '

color=##006699 size=1>Su
size=1>Mo
size=1>Tu
size=1>We
size=1>Th
size=1>Fr
size=1>Sa
')

   if (printDays){

  CalWin.document.write('
href="" + theDate.getMonth()

+ ',' +  currDay + ',' + theDate.getFullYear() + ')">' + currDay++ +

'

align="center">
alt="" border="0" name="Backward" value="<<"

 face=Verdana

color=##006699 size="1"> Arrows browse through the months. 
type="image" src="" align="middle" alt="" border="0"

name="Forward" value=">>"

>
 CalWin.document.write('
')

 CalWin.document.close()



 

}



 

function getNewCal_#attributes.target#(newDir) {

 if (newDir == -1){

  theDate.setMonth(theDate.getMonth() - 1)

  if (theDate.getMonth() == 0){

   theDate.setMonth(12)

   theDate.setYear(theDate.getYear() - 1)

  }

 }

 else if (newDir == 1){

  theDate.setMonth(theDate.getMonth() + 1)

  if (theDate.getMonth() == 13){

   theDate.setMonth(1)

   theDate.setYear(theDate.getYear() + 1)

  }

 }

  

  

 CalWin.document.clear();

 buildCal_#attributes.target#(theDate);



 

}



 

function placeDate_#attributes.target#(monthNum, dayNum, yearNum){

 var dateString = (monthNum + 1) + '-' + dayNum + '-' + yearNum



 document.#attributes.formname#.#attributes.target#.value = dateString

   

 CalWin.close()

}



 



 


src="" border=0>


 


 



alert("You must supply a value for the FORMNAME & TARGET attributes!")





-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:43 AM
To: CF-Talk
Subject: RE: JS help

Can you send the code from the calling page and custom tag?

Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:33 PM
To: CF-Talk
Subject: RE: JS help

that is correct.

-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent:

Re: XML and the Degree Sign

2003-12-09 Thread Darron J. Schall 
You could try encoding the file as UTF-16, and mark it as so:


<...>

http://livedocs.macromedia.com/coldfusion/6.1/htmldocs/xml21.htm
http://livedocs.macromedia.com/coldfusion/6.1/htmldocs/funca110.htm

By using the right encoding, you don't need to worry about escaping/replacing anything.

-d
  - Original Message - 
  From: Scott Brady 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 2:00 PM
  Subject: Re: XML and the Degree Sign

  Well, it's partially solved.  I'm replacing the degree sign with #176; 
  and that seems to work in my plain test XML page.  Of course, in the 
  application, I have to do the replace in the Oracle query itself, but am 
  having some trouble getting it to display.  It's kind of hard to 
  explain, but I have to actually double-escape the pound sign in the 
  query (so it comes out as 176; ), but that's not quite working right.

  I'm checking to see if I can just replace it with "deg" or "degrees".

  Thanks for all the suggestions!

  Scott

  Scott Brady wrote:

  > Nick de Voil wrote:
  >
  > > Also a kludge I guess but you could substitute them all with the entity
  > > °
  > >
  > Actually, it doesn't seem to like ° either.  Since we do have some
  > ' in there (from XMLFormat() ), it doesn't choke on every entity.  
  > I guess I can try the ASCII version and see what happens.
  >
  > Scott
  >
  > -- 
  > ---
  > Scott Brady
  > http://www.scottbrady.net/
  >
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Application variables between two applications

2003-12-09 Thread Ian Skinner 
If a subdirectory defines it's own application name, there will be a new
application scope in that directory and below.  The other application scope
still exists, and if and when a file is called outside the sub-directory but
under the original application, those variables are again available.

 
We use this in our intranet, to parse off sections of our intranet that we
want to behave differently.

-- 
Ian Skinner 
Web Programmer 
BloodSource 
www.BloodSource.org 
Sacramento, CA 

-Original Message-
From: John Burns [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 9:49 AM
To: CF-Talk
Subject: RE: Application variables between two applications

I would guess this is the reason for naming the application so that you
_cannot_ access the variables from other applications.  Imagine if you
stored sensitive data in one application and it was somehow available within
another application. (Especially in a shared hosting environment)

I'm curious, however, what would happen if you had an application.cfm in the
webroot that grabbed all of the information that you needed for any of your
applications underneath that root.  Then, I believe, they would all
automatically inherit those application variables.  Anyone have more insight
on the workings of application.cfm in multiple directories?

Example:

WEBROOT

  -application.cfm

|_ APPLICATION 1

|   -application.cfm

|_ APPLICATION 2

|   -application.cfm

John Burns

-Original Message-
From: Ricky Fritzsching [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 12:27 PM
To: CF-Talk
Subject: RE: Application variables between two applications

I have all the business logic in CFC's, but I am using many objects for
these CFC's that pull the data in the application scope.

For example, in my admin application I am using this to refresh my data set
once the data has been manipulated.



application.oPartnerCollection.Select_Corps(oPartner.Partner_ID,"0","true");


Now, how could I call this same object from the differenct application? You
would think since it is in memory, there has to be way that I can retreive
it.

Thx so far - your making think about ways that I can correct this in the
future. 

Ricky

  _  

From: Raymond Camden [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:00 AM
To: CF-Talk
Subject: RE: Application variables between two applications

> The admin tool is for the other website. So in a nutshell, 
> are you suggesting that I just rename the application name in 
> the other website to match name of the application in the admin?
>

No, not if the applications aren't truly the same.

> Server variables - hmm...that might be a thought.
>

Just be aware that other apps on the box will also have access to the data.
Really only an issue if you are on a shared machine.

> I would prefer to keep them in the app scope, but if I have 
> to use the server scope that is ok.

You can consider using CFCs as well. App1 would ping App2's CFC and request
the data from it. 
  _

  _ 
   _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: JS help

2003-12-09 Thread Tim Do 
No http://
this is what the source looks like:

 
Select a DateA { color:

#00; font-family:Verdana;font-size:12px; font-weight: normal;

text-decoration: none; padding:0em .5em;}A:hover { color: #cc6600;

background-color: #ecf4f7; padding:0em .5em; }body { background: #ff;

}
width=100% border=0 bordercolor=#ff cellpadding=0 cellspacing=0>
bgcolor="#b2d9ec" colspan=7>December
2003
color=#006699 size=1>Su
size=1>Mo
size=1>Tu
size=1>We
size=1>Th
size=1>Fr
size=1>Sa 
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
td align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
td align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
td align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%>
href="">
align="center" width=14.28%> 
width=14.28%> 
width=14.28%> 
align="center">
alt="" border="0" name="Backward" value="<<"
 face=Verdana color=#006699
size="1"> Arrows browse through the months. 
src="" align="middle" alt="" border="0" name="Forward"
value=">>"
>
>

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:38 AM
To: CF-Talk
Subject: RE: JS help

ugh, take a look at the HTML source after your page is drwan.  I bet there
is an HTTP in the window.open call.

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 2:16 PM
To: CF-Talk
Subject: RE: JS help

There is no http anywhere... the calendar is all rendered inside the custom
tag.

-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:20 AM
To: CF-Talk
Subject: RE: JS help

Make sure the tag code does not use http:// anywhere is one way. 

Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:10 PM
To: CF-Talk
Subject: OT: JS help

Hello all,

I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
secure directory.   Inside the tag it has a window.open command that spawns
a window.  When it does, the browser prompts that you're leaving a secure
area.  The tag is inside the secure directory.  Can anybody tell me how to
get it so the browser doesn't prompt the user that they're leaving a secure
area?

Thanks in advance,
Tim

Here is a piece of the js:

function openCalWin_#attributes.target#() { 
stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
stats += 'scrollbars=no,resizable=no,width=300,height=250'
CalWin = window.open ("","Calendar",stats)
  _ 
  _ 
  _ 
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: JS help

2003-12-09 Thread Schuster, Steven 
Can you send the code from the calling page and custom tag?

 
Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:33 PM
To: CF-Talk
Subject: RE: JS help

 
that is correct.

-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:34 AM
To: CF-Talk
Subject: RE: JS help

So there are no internal links using http:// within the custom tag itself
and when you call it externally you are using https:// correct?

Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:16 PM
To: CF-Talk
Subject: RE: JS help

There is no http anywhere... the calendar is all rendered inside the custom
tag.

-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:20 AM
To: CF-Talk
Subject: RE: JS help

Make sure the tag code does not use http:// anywhere is one way. 

Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:10 PM
To: CF-Talk
Subject: OT: JS help

Hello all,

I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
secure directory.   Inside the tag it has a window.open command that spawns
a window.  When it does, the browser prompts that you're leaving a secure
area.  The tag is inside the secure directory.  Can anybody tell me how to
get it so the browser doesn't prompt the user that they're leaving a secure
area?

Thanks in advance,
Tim

Here is a piece of the js:

function openCalWin_#attributes.target#() { 
stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
stats += 'scrollbars=no,resizable=no,width=300,height=250'
CalWin = window.open ("","Calendar",stats)
  _ 
  _
  _ 
  _
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: CFSCHEDULE and file attribute problem

2003-12-09 Thread Schuster, Steven 
Are you talking code or the actual cfschedule block that executes. In your
code if you are writing a custom log then just do cffile with att of append.

Otherwise you may need to hack into MX to modify the way CFSchedule works??

 
Steve

-Original Message-
From: David Adams [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 1:39 PM
To: CF-Talk
Subject: CFSCHEDULE and file attribute problem

 
I am using cfschedule with action set to "update".  Upon completion of the
task it overwrites the file I have specified in the file attribute when I
really want it to only append to the file.

Any suggestions?
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Prism Antivirus in HOF footer...

2003-12-09 Thread Howie Hamlin 
Most of the time, CFCONTENT is sending a file that is on the hard drive.  You could scan that file like any other file.

Regards,

Howie
  - Original Message - 
  From: Schuster, Steven 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 2:26 PM
  Subject: RE: Prism Antivirus in HOF footer...

  I wonder how it would handle CFCONTENT streams??
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: JS help

2003-12-09 Thread Tim Do 
that is correct.

-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:34 AM
To: CF-Talk
Subject: RE: JS help

So there are no internal links using http:// within the custom tag itself
and when you call it externally you are using https:// correct?

Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:16 PM
To: CF-Talk
Subject: RE: JS help

There is no http anywhere... the calendar is all rendered inside the custom
tag.

-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:20 AM
To: CF-Talk
Subject: RE: JS help

Make sure the tag code does not use http:// anywhere is one way. 

Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:10 PM
To: CF-Talk
Subject: OT: JS help

Hello all,

I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
secure directory.   Inside the tag it has a window.open command that spawns
a window.  When it does, the browser prompts that you're leaving a secure
area.  The tag is inside the secure directory.  Can anybody tell me how to
get it so the browser doesn't prompt the user that they're leaving a secure
area?

Thanks in advance,
Tim

Here is a piece of the js:

function openCalWin_#attributes.target#() { 
stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
stats += 'scrollbars=no,resizable=no,width=300,height=250'
CalWin = window.open ("","Calendar",stats)
  _ 
  _
  _ 
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: JS help

2003-12-09 Thread Douglas.Knudsen 
ugh, take a look at the HTML source after your page is drwan.  I bet there is an HTTP in the window.open call.

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 2003 2:16 PM
To: CF-Talk
Subject: RE: JS help

There is no http anywhere... the calendar is all rendered inside the custom
tag.

-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:20 AM
To: CF-Talk
Subject: RE: JS help

Make sure the tag code does not use http:// anywhere is one way. 

Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:10 PM
To: CF-Talk
Subject: OT: JS help

Hello all,

I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
secure directory.   Inside the tag it has a window.open command that spawns
a window.  When it does, the browser prompts that you're leaving a secure
area.  The tag is inside the secure directory.  Can anybody tell me how to
get it so the browser doesn't prompt the user that they're leaving a secure
area?

Thanks in advance,
Tim

Here is a piece of the js:

function openCalWin_#attributes.target#() { 
stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
stats += 'scrollbars=no,resizable=no,width=300,height=250'
CalWin = window.open ("","Calendar",stats)
  _ 
  _ 
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

CFSCHEDULE and file attribute problem

2003-12-09 Thread David Adams 
I am using cfschedule with action set to "update".  Upon completion of the task it overwrites the file I have specified in the file attribute when I really want it to only append to the file.

Any suggestions?
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: OT: JS help

2003-12-09 Thread Schuster, Steven 
Bingo, exactly what I said.

-Original Message-
From: Cutter (CF-Talk) [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:25 PM
To: CF-Talk
Subject: Re: OT: JS help

 
JS Popup browsers are called like this:

window.open('http://www.mydomain.com/pagename.html','windowname','[attribute
s]');

This code is in the code of your custom tag. You must adjust this code 
to say "https:" instead of "http:". If the tag calls the popup page as a 
relative link rather than an absolute path then you will probably have 
to change it to an absolute path. Hope this helps.

Cutter

Tim Do wrote:
> Hello all,
> 
> 
> I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
> secure directory.   Inside the tag it has a window.open command that
spawns
> a window.  When it does, the browser prompts that you're leaving a secure
> area.  The tag is inside the secure directory.  Can anybody tell me how to
> get it so the browser doesn't prompt the user that they're leaving a
secure
> area?
> 
> 
> Thanks in advance,
> Tim
> 
> 
> Here is a piece of the js:
> 
> 
> function openCalWin_#attributes.target#() {
> stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
> stats += 'scrollbars=no,resizable=no,width=300,height=250'
> CalWin = window.open ("","Calendar",stats)
>
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: JS help

2003-12-09 Thread Schuster, Steven 
So there are no internal links using http:// within the custom tag itself
and when you call it externally you are using https:// correct?

 
Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:16 PM
To: CF-Talk
Subject: RE: JS help

 
There is no http anywhere... the calendar is all rendered inside the custom
tag.

-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:20 AM
To: CF-Talk
Subject: RE: JS help

Make sure the tag code does not use http:// anywhere is one way. 

Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:10 PM
To: CF-Talk
Subject: OT: JS help

Hello all,

I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
secure directory.   Inside the tag it has a window.open command that spawns
a window.  When it does, the browser prompts that you're leaving a secure
area.  The tag is inside the secure directory.  Can anybody tell me how to
get it so the browser doesn't prompt the user that they're leaving a secure
area?

Thanks in advance,
Tim

Here is a piece of the js:

function openCalWin_#attributes.target#() { 
stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
stats += 'scrollbars=no,resizable=no,width=300,height=250'
CalWin = window.open ("","Calendar",stats)
  _ 
  _
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: OT: JS help

2003-12-09 Thread Ben Doom 
The browser will *always* prompt the user that they are leaving a secure 
area (this is a feature not a bug) unless you open a secure URL in the 
flyout window.

--Ben

Tim Do wrote:

> Hello all,
> 
> 
> I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
> secure directory.   Inside the tag it has a window.open command that spawns
> a window.  When it does, the browser prompts that you're leaving a secure
> area.  The tag is inside the secure directory.  Can anybody tell me how to
> get it so the browser doesn't prompt the user that they're leaving a secure
> area?
> 
> 
> Thanks in advance,
> Tim
> 
> 
> Here is a piece of the js:
> 
> 
> function openCalWin_#attributes.target#() {
> stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
> stats += 'scrollbars=no,resizable=no,width=300,height=250'
> CalWin = window.open ("","Calendar",stats)
>
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: Prism Antivirus in HOF footer...

2003-12-09 Thread Schuster, Steven 
I wonder how it would handle CFCONTENT streams??

-Original Message-
From: Tom Kitta [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:21 PM
To: CF-Talk
Subject: Re: Prism Antivirus in HOF footer...

 
Wow, someone actually reads these adds at the bottom of group emails! :)

I don't know what does this program do (this tag) but to keep your
environment safe I think it is OK to run antiviral software on your server
and make sure to take extra care of files being uploaded by users. Also, to
keep your network free consider running integrated e-mail antiviral scanner
(saves on user problems and bandwidth usage).

TK
  - Original Message - 
  From: Angel Stewart 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 1:55 PM
  Subject: Prism Antivirus in HOF footer...

  This is the first time I've heard about this product, from the Ad at the
  end of one of these messages.

  "PrismAV for ColdFusion is a custom tag that allows you to scan for, and
  repair, virus-infected files from your ColdFusion environment. It is the
  first and only anti-virus solution designed specifically for ColdFusion
  applications."

  I'm a little confused. They say it is an Antivirus package for
  Coldfusion Applications. 

  Does this mean we can integrate Antivirus scanning into our coldfusion
  applications using this tool?
  For example to scan file attachments for a file management system or a
  CF based webmail system?

  Or is it some way to keep your CF Development environment free of
  viruses somehow integrating with CF Sandbox security in ways a standard
  AV program might not?

  -Gel

  ---
  Outgoing mail is certified Virus Free.
  Checked by AVG anti-virus system (http://www.grisoft.com).
  Version: 6.0.544 / Virus Database: 338 - Release Date: 11/25/2003
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: OT: JS help

2003-12-09 Thread Cutter (CF-Talk) 
JS Popup browsers are called like this:

window.open('http://www.mydomain.com/pagename.html','windowname','[attributes]');

This code is in the code of your custom tag. You must adjust this code 
to say "https:" instead of "http:". If the tag calls the popup page as a 
relative link rather than an absolute path then you will probably have 
to change it to an absolute path. Hope this helps.

Cutter

Tim Do wrote:
> Hello all,
> 
> 
> I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
> secure directory.   Inside the tag it has a window.open command that spawns
> a window.  When it does, the browser prompts that you're leaving a secure
> area.  The tag is inside the secure directory.  Can anybody tell me how to
> get it so the browser doesn't prompt the user that they're leaving a secure
> area?
> 
> 
> Thanks in advance,
> Tim
> 
> 
> Here is a piece of the js:
> 
> 
> function openCalWin_#attributes.target#() {
> stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
> stats += 'scrollbars=no,resizable=no,width=300,height=250'
> CalWin = window.open ("","Calendar",stats)
>
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: CF and MS SQL server authentication

2003-12-09 Thread ksuh 
Currenly, the drivers that come with CFMX do not support windows authentication, although they are supposed to be included in a later release.

To login into a private remote computer, log onto a computer than you can access publicly, and then from that computer, remote login into the private computer.

- Original Message -
From: Tom Kitta <[EMAIL PROTECTED]>
Date: Tuesday, December 9, 2003 12:16 pm
Subject: Re: CF and MS SQL server authentication

> I want Windows Authentication for security reasons, SQL server 
> simply is not as secure as Windows. SQL server 2000 does not 
> support locking out, minimal password length, password expiry etc. 
> So someone can setup a system whereas the SQL server is being 
> bombarded with attempts to gain access, windows will lock the user 
> out. SQL server admin guide recommends using windows 
> authentication and fall back to SQL authentication in special 
> circumstances (also for someone out there using win98 or winME 
> which do not support windows authentication).
> 
> As for running SQL server on private network, that would be fine 
> except for remote administration - how can one with ease connect 
> to a host on a private network from a remote location.
> 
> TK
>  - Original Message - 
>  From: Tangorre, Michael 
>  To: CF-Talk 
>  Sent: Tuesday, December 09, 2003 1:38 PM
>  Subject: RE: CF and MS SQL server authentication
> 
> 
>  Tom,
> 
> 
>  Just out of curiosity, why do you prefer Windows authentication? 
> I always
>  thought SQL Server authentication was better...
>  I am definitely Interested in responses...
> 
> 
>  Mike
> 
>  -Original Message-
>  From: Tom Kitta [EMAIL PROTECTED] 
>  Sent: Tuesday, December 09, 2003 1:37 PM
>  To: CF-Talk
>  Subject: CF and MS SQL server authentication
> 
>  When setting up ColdFusion to work with MS SQL server 2000 I am 
> having  trouble with usage of Windows only authentication 
> (prefered), I am forced to
>  use SQL authentication. SQL and CF run on different computers on 
> the same
>  network. What accounts (permissions) should SQL and CF work on 
> for windows
>  authentication to work?
> 
>  TK 
>    _
> 
>
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: JS help

2003-12-09 Thread Tim Do 
There is no http anywhere... the calendar is all rendered inside the custom
tag.

-Original Message-
From: Schuster, Steven [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 11:20 AM
To: CF-Talk
Subject: RE: JS help

Make sure the tag code does not use http:// anywhere is one way. 

Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:10 PM
To: CF-Talk
Subject: OT: JS help

Hello all,

I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
secure directory.   Inside the tag it has a window.open command that spawns
a window.  When it does, the browser prompts that you're leaving a secure
area.  The tag is inside the secure directory.  Can anybody tell me how to
get it so the browser doesn't prompt the user that they're leaving a secure
area?

Thanks in advance,
Tim

Here is a piece of the js:

function openCalWin_#attributes.target#() { 
stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
stats += 'scrollbars=no,resizable=no,width=300,height=250'
CalWin = window.open ("","Calendar",stats)
  _ 
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Prism Antivirus in HOF footer...

2003-12-09 Thread Tom Kitta 
Wow, someone actually reads these adds at the bottom of group emails! :)

I don't know what does this program do (this tag) but to keep your environment safe I think it is OK to run antiviral software on your server and make sure to take extra care of files being uploaded by users. Also, to keep your network free consider running integrated e-mail antiviral scanner (saves on user problems and bandwidth usage).

TK
  - Original Message - 
  From: Angel Stewart 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 1:55 PM
  Subject: Prism Antivirus in HOF footer...

  This is the first time I've heard about this product, from the Ad at the
  end of one of these messages.

  "PrismAV for ColdFusion is a custom tag that allows you to scan for, and
  repair, virus-infected files from your ColdFusion environment. It is the
  first and only anti-virus solution designed specifically for ColdFusion
  applications."

  I'm a little confused. They say it is an Antivirus package for
  Coldfusion Applications. 

  Does this mean we can integrate Antivirus scanning into our coldfusion
  applications using this tool?
  For example to scan file attachments for a file management system or a
  CF based webmail system?

  Or is it some way to keep your CF Development environment free of
  viruses somehow integrating with CF Sandbox security in ways a standard
  AV program might not?

  -Gel

  ---
  Outgoing mail is certified Virus Free.
  Checked by AVG anti-virus system (http://www.grisoft.com).
  Version: 6.0.544 / Virus Database: 338 - Release Date: 11/25/2003
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Payment Processors

2003-12-09 Thread Bruce Sorge 
What payment processors are you all using that is similar to PayPal? I am
looking for one with lower rates. I checked out 2CheckOut.com and they are
pricier. I am looking for something that will work with CF.



Thanks,

Bruce
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: JS help

2003-12-09 Thread Schuster, Steven 
Make sure the tag code does not use http:// anywhere is one way. 

 
Steve

-Original Message-
From: Tim Do [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 2:10 PM
To: CF-Talk
Subject: OT: JS help

 
Hello all,

I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
secure directory.   Inside the tag it has a window.open command that spawns
a window.  When it does, the browser prompts that you're leaving a secure
area.  The tag is inside the secure directory.  Can anybody tell me how to
get it so the browser doesn't prompt the user that they're leaving a secure
area?

Thanks in advance,
Tim

Here is a piece of the js:

function openCalWin_#attributes.target#() { 
stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
stats += 'scrollbars=no,resizable=no,width=300,height=250'
CalWin = window.open ("","Calendar",stats)
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

SiteExecutive update (for Tony)

2003-12-09 Thread Candace Cottrell 
Hey Tony,

 
We had our demo of Site Executive last Friday. Looking at the front
end/user interface that product is great for contributers. However, the
back end and admin stuff that I'd be doing just isn't as robust as
Merant Collage or Commonspot.   We are taking a final look at Commonspot
and Ektron CMS300 this week (we looked at Collage again yesterday and I
must say it's daggone impressive) and then will narrow down the choices
to 2.

 
Then we hope to make another presentation of those final two to the
contributers to get their feedback and then make a final decision. This
has been a long haul - we've ben demoing for over two years now -
considering moving to .NET, the whole 9 yards.

 
I think what was the most impressive to me was that Merant imported our
site in so little time. It seems to be built for folks who want to
"organize the mess they have" and the fact that it's agnostic as far as
languages. (Its built on J2EE)

 
Candace K. Cottrell, Web Developer 
The Children's Medical Center 
One Children's Plaza 
Dayton, OH 45404 
937-641-4293 
http://www.childrensdayton.org

[EMAIL PROTECTED]
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

OT: JS help

2003-12-09 Thread Tim Do 
Hello all,

 
I'm trying to use a calendar custom tag (cf_formFieldCalendar) inside a
secure directory.   Inside the tag it has a window.open command that spawns
a window.  When it does, the browser prompts that you're leaving a secure
area.  The tag is inside the secure directory.  Can anybody tell me how to
get it so the browser doesn't prompt the user that they're leaving a secure
area?

 
Thanks in advance,
Tim

 
Here is a piece of the js:

 
function openCalWin_#attributes.target#() { 
 stats='toolbar=no,location=no,directories=no,status=no,menubar=no,'
 stats += 'scrollbars=no,resizable=no,width=300,height=250'
 CalWin = window.open ("","Calendar",stats)
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: CF and MS SQL server authentication

2003-12-09 Thread Tom Kitta 
I want Windows Authentication for security reasons, SQL server simply is not as secure as Windows. SQL server 2000 does not support locking out, minimal password length, password expiry etc. So someone can setup a system whereas the SQL server is being bombarded with attempts to gain access, windows will lock the user out. SQL server admin guide recommends using windows authentication and fall back to SQL authentication in special circumstances (also for someone out there using win98 or winME which do not support windows authentication).

As for running SQL server on private network, that would be fine except for remote administration - how can one with ease connect to a host on a private network from a remote location.

TK
  - Original Message - 
  From: Tangorre, Michael 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 1:38 PM
  Subject: RE: CF and MS SQL server authentication

  Tom,

  Just out of curiosity, why do you prefer Windows authentication? I always
  thought SQL Server authentication was better...
  I am definitely Interested in responses...

  Mike

  -Original Message-
  From: Tom Kitta [mailto:[EMAIL PROTECTED] 
  Sent: Tuesday, December 09, 2003 1:37 PM
  To: CF-Talk
  Subject: CF and MS SQL server authentication

  When setting up ColdFusion to work with MS SQL server 2000 I am having
  trouble with usage of Windows only authentication (prefered), I am forced to
  use SQL authentication. SQL and CF run on different computers on the same
  network. What accounts (permissions) should SQL and CF work on for windows
  authentication to work?

  TK 
    _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: Prism Antivirus in HOF footer...

2003-12-09 Thread Howie Hamlin 
Yes, you can scan files from within your ColdFusion templates including Webmail.  So, any time that someone uploads or downloads a file to/from your server you can scan it for viruses or restricted file types (*.pif, for example).

You can trial the software for 60 days, BTW.

Regards,

-- 
Howie Hamlin - inFusion Project Manager
On-Line Data Solutions, Inc. - www.CoolFusion.com
inFusion Mail Server (iMS) - The Award-winning, Intelligent Mail Server
PrismAV - Virus scanning for ColdFusion applications
>>> Please vote for iMS here: http://www.sys-con.com/coldfusion/readerschoice2003/index.cfm 
>>> Find out how iMS Stacks up to the competition: http://www.coolfusion.com/imssecomparison.cfm

  - Original Message - 
  From: Angel Stewart 
  To: CF-Talk 
  Sent: Tuesday, December 09, 2003 1:55 PM
  Subject: Prism Antivirus in HOF footer...

  This is the first time I've heard about this product, from the Ad at the
  end of one of these messages.

  "PrismAV for ColdFusion is a custom tag that allows you to scan for, and
  repair, virus-infected files from your ColdFusion environment. It is the
  first and only anti-virus solution designed specifically for ColdFusion
  applications."

  I'm a little confused. They say it is an Antivirus package for
  Coldfusion Applications. 

  Does this mean we can integrate Antivirus scanning into our coldfusion
  applications using this tool?
  For example to scan file attachments for a file management system or a
  CF based webmail system?

  Or is it some way to keep your CF Development environment free of
  viruses somehow integrating with CF Sandbox security in ways a standard
  AV program might not?

  -Gel

  ---
  Outgoing mail is certified Virus Free.
  Checked by AVG anti-virus system (http://www.grisoft.com).
  Version: 6.0.544 / Virus Database: 338 - Release Date: 11/25/2003
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Re: XML and the Degree Sign

2003-12-09 Thread Scott Brady 
Well, it's partially solved.  I'm replacing the degree sign with #176; 
and that seems to work in my plain test XML page.  Of course, in the 
application, I have to do the replace in the Oracle query itself, but am 
having some trouble getting it to display.  It's kind of hard to 
explain, but I have to actually double-escape the pound sign in the 
query (so it comes out as 176; ), but that's not quite working right.

I'm checking to see if I can just replace it with "deg" or "degrees".

Thanks for all the suggestions!

Scott

Scott Brady wrote:

> Nick de Voil wrote:
>
> > Also a kludge I guess but you could substitute them all with the entity
> > °
> >
> Actually, it doesn't seem to like ° either.  Since we do have some
> ' in there (from XMLFormat() ), it doesn't choke on every entity.  
> I guess I can try the ASCII version and see what happens.
>
> Scott
>
> -- 
> ---
> Scott Brady
> http://www.scottbrady.net/
>
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

Prism Antivirus in HOF footer...

2003-12-09 Thread Angel Stewart 
This is the first time I've heard about this product, from the Ad at the
end of one of these messages.

 
"PrismAV for ColdFusion is a custom tag that allows you to scan for, and
repair, virus-infected files from your ColdFusion environment. It is the
first and only anti-virus solution designed specifically for ColdFusion
applications."

 
I'm a little confused. They say it is an Antivirus package for
Coldfusion Applications. 

 
Does this mean we can integrate Antivirus scanning into our coldfusion
applications using this tool?
For example to scan file attachments for a file management system or a
CF based webmail system?

 
Or is it some way to keep your CF Development environment free of
viruses somehow integrating with CF Sandbox security in ways a standard
AV program might not?

 
-Gel


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.544 / Virus Database: 338 - Release Date: 11/25/2003
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

SOLVED: Referencing a .CFC in a sub directory.

2003-12-09 Thread Angel Stewart 
Thanks Mike,

I created a mapping called hdcfc and pointed it to the
helpdesk/components directory.

 
This has worked with invoking the CFC using CFINVOKE
components="hdcfc.helpdesk_users.cfc"

 
Thanks a lot :-)

 
-Gel

-Original Message-
From: Mike Townend [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 9:44 AM

For that to work (i.e. using dot notation for CFOBJECT) you must setup a
CF
mapping.



will work as its IIS/Apache/Whatever handling the path to the CFC.

CFINVOKE/CFOBJECT/CreateObject use CF to get the path to the CFC so
either
the CFC must be in the same directory as the code invoking the CFC or a
CF
Mapping must be setup

HTH



---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.544 / Virus Database: 338 - Release Date: 11/25/2003
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: CF and MS SQL server authentication

2003-12-09 Thread Tangorre, Michael 
Tom,

 
Just out of curiosity, why do you prefer Windows authentication? I always
thought SQL Server authentication was better...
I am definitely Interested in responses...

 
Mike

-Original Message-
From: Tom Kitta [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 1:37 PM
To: CF-Talk
Subject: CF and MS SQL server authentication

When setting up ColdFusion to work with MS SQL server 2000 I am having
trouble with usage of Windows only authentication (prefered), I am forced to
use SQL authentication. SQL and CF run on different computers on the same
network. What accounts (permissions) should SQL and CF work on for windows
authentication to work?

TK 
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

RE: CF and MS SQL server authentication

2003-12-09 Thread cf-talk 
They need to run as the same account.  For example... if you set both up
to run as "Administrator" that would solve your problems.  I DO NOT
recommend this in a production environment.

 
I myself usually set up an account called "ColdFusion" or something like
that and give it only the necessary permissions.  I then connect to my
SQL server using SQL authentication and a VERY long password.

 
Ideally, your SQL server should NOT be exposed to the internet.  Run it
on a private .10 network or something instead.

 
Is there any reason why you need Windows only authentication?

 
-Novak

-Original Message-
From: Tom Kitta [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, December 09, 2003 10:37 AM
To: CF-Talk
Subject: CF and MS SQL server authentication

When setting up ColdFusion to work with MS SQL server 2000 I am having
trouble with usage of Windows only authentication (prefered), I am
forced to use SQL authentication. SQL and CF run on different computers
on the same network. What accounts (permissions) should SQL and CF work
on for windows authentication to work?

TK 
  _
 [Todays Threads] 
 [This Message] 
 [Subscription] 
 [Fast Unsubscribe] 
 [User Settings]

  1   2   3   >