RE: Client-side validation or Server-side Validation?
> I know you're approaching this from the perspective of > handling those who don't use js... but I'm leaning toward > assuming js, and letting the rest go. Some people can afford to do that. Others can't. This shouldn't be difficult to understand. > I don't think it's too much to ask of people who want to use > sites that use js to allow it to be used in their browsers. > I know there are issues for users behind corporate firewalls, > etc., but I think it's perhaps time for the development > community to start developing with js and demanding that IT > personnel learn to set up secure environments and protect > their systems and network. I don't think you, or the "development community" in general, have any leverage with IT personnel, whose jobs are generally not tied to making you happy. IT personnel already know how to protect their systems and network, and in many cases they do it by disabling JavaScript. > I've never had js disabled on any system or network I've ever > owned or managed and I've never had a single problem with it. In all seriousness, how would you even know? Most people whose machines are exploited don't know that their machines are exploited. And when there's an IE exploit that uses JavaScript, do you know what the MS recommended fix almost always is? "Disable Active Scripting". > The "Web 2.0" functionality is going to force the issue. > With Google and other basically "thumbing their nose" at > those who won't use js with apps like Gmail (at least that's > what I understand), people are going to have to embrace js > and other more risky technologies and learn to deal with them > securely or be left behind. Did you know Gmail works if you disable JavaScript? It does. It's called the "Basic HTML" view in Gmail. They also have views for mobile devices with even fewer features. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275508 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
> Client-side validation is going to have to server-side > validation, too, which means the server is going to have to > handle all the validation that the client-side does. So > there's just as much stress on the server. > Perhaps more so, if there are numerous problems with the form > data that aren't or can't be handled by client-side > validation, such as validation against query data, etc. A lot of form data validation can be completely contained within the client using JavaScript, without needing to verify anything against the server. This will execute comparatively quickly, and will let you build a user-friendly and responsive interface. You'll still need to do the same checks when the data is actually submitted to the server, but these shouldn't require any significant processing time if they were previously run on the client, because they'll all pass. And if they don't, for whatever reason, you won't really care about the processing overhead at that point anyway. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275507 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
> > Have you heard of Sturgeon's Law? > > Sturgeon was wrong... 90% of what he created may be crud, but > that's not true for what I create. Everyone says that about their own work, and yet a simple examination of the world around you will confirm Sturgeon's grasp of the obvious. > > Email is a textual medium. > > Not any more... if that were true, Sprint, Verizon, and > everyone else wouldn't be jumping through hoops trying to > accommodate photos, video, graphics, and HTML email into > their capabilities and there wouldn't be so much HTML > generated by spammers. (Except for the poor people in > Ethiopia, who apparently can't afford to put graphics in > their offerings of $25,000,000.00 dollars if I'll let them > use my bank account. :o) > > We're a visual world now, not a textual world. Then why did you bother typing a response? In your brave new visual world, you should have recorded a video of yourself and uploaded it to Youtube. And yet, you didn't. I wonder why. There is a time and a place for everything. Email, with its emphasis on written communication, is able to achieve a signal-to-noise ratio that most HTML documents never do. Sprint, Verizon, etc are jumping through hoops in an attempt to make more money, and yet the most popular form of non-audio communication over phones is ... wait for it ... SMS. Not too many pictures in those SMS messages. Here in DC, you can't swing your arm without knocking a Blackberry out of some lobbyist's hand. How does HTML mail work on those? Not so good. Using the greed of telecoms and spammers as an example doesn't really help your case. > I have to disagree with you on that one, Dave. HTML (done > well and used appropriately) will always be more effective in > communications than text html... > > Why do you see HTML email as such a bad thing? Size of messages > only? We obviously have different definitions for "communication". I think you mean "marketing". These are not the same thing, or even close to the same thing. HTML mail is an attempt to control the mail reader's experience, to force me to see your message as you want it to be seen. And then, half the time, it doesn't work anyway, due to security restrictions or non-standard clients (PDAs, etc). In those cases, your message really looks like crap, believe me. If you want me to see something, just put a link in the message, and I'll decide whether it's worth my time to view it. Most mail clients automatically convert URLs to links, you know. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275506 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Who is wrong ?
URLs should contain unescaped ampersands. This URL: .../index.cfm?id=3&cat=dusty defines two params, one named 'id, and one named 'amp;cat', with values you can surmise. cheers, barneyb On 4/16/07, Claude Schneegans <[EMAIL PROTECTED]> wrote: > Hi, > > I have some page the address of which is "...index.cfm?p=page*&id*=12" > > I have noticed that sometimes I have an error message that id is not > defined. > Actually, the visitor was sent on my page by some search engine. > The search shows the correct address ...index.cfm?p=page&id=12, > but actually calls index.cfm?p=page*&*id=12 in the HTTP request. > > Who is wrong? > Should I encode the parameters differently in the url? > > -- > ___ > REUSE CODE! Use custom tags; > See http://www.contentbox.com/claude/customtags/tagstore.cfm > (Please send any spam to this address: [EMAIL PROTECTED]) > Thanks. > > > ~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion?sdid=RVJR Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275505 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Who is wrong ?
Hi, I have some page the address of which is "...index.cfm?p=page*&id*=12" I have noticed that sometimes I have an error message that id is not defined. Actually, the visitor was sent on my page by some search engine. The search shows the correct address ...index.cfm?p=page&id=12, but actually calls index.cfm?p=page*&*id=12 in the HTTP request. Who is wrong? Should I encode the parameters differently in the url? -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275504 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
Thanks for all the feedback, Claude... :o) Rick -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 10:13 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? >>so where's the benefit to the server after all's been done? Just to make sure all's been done, in case someone is trying to hack your system and bypass your client side validation. See client side validation as some mat at your door, a convenience so that your guests can clean up their feet before entering your house. Server side validation is your alarm system that will call the police when intruders break open your door. ;-) -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275503 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Display number of users online
There are #tracker.getSessionCount()# active sessions There are #count_logged_in# logged in users Jaime Metcher > -Original Message- > From: Joel Watson [mailto:[EMAIL PROTECTED] > Sent: Tuesday, 17 April 2007 12:03 PM > To: CF-Talk > Subject: Display number of users online > > > I have a site (a forum, really) that allows users to login and > post messages. Is there a way that I can display the number of > users that are currently logged in? > > Thanks! > > ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275502 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Display number of users online
Here you go Joel, I got this code from someone else long ago, and now am
passing it on to you. =) You may store other data about them, but you
can go from here.
sessiontrackerObj=
createObject("java","coldfusion.runtime.SessionTracker");
activesessions =
sessiontrackerObj.getSessionCollection(application.applicationname);
nosessions=ListLen(structkeyList(activeSessions));
Total Sessions : #nosessions#
Username
Login Date
IP Address
#activesessions[i].fullname#
#dateFormat(activesessions[i].loginDate,
"short")# #timeFormat(activesessions[i].loginDate, "short")#
#activesessions[i].ip#
~|
Create Web Applications With ColdFusion MX7 & Flex 2.
Build powerful, scalable RIAs. Free Trial
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275501
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
OUTCOME: Re: Compare two lists and if one element common ... -
Thanks Jim for your suggestions. Its a bit late in the day for this project to redesign the whole user authentication/access/permission control architecture,but i have another project starting in a couple of weeks and ill take a good look at what you've done for that one. I am grateful for you input. I've valued your input many times before. Thanks. Thanks too, to Sean for seeing what i already knew and had only put here as a deliberate lie to check if anyone's paying attention of course my code would only find the last test instead of stopping the first time it found a match! I knew that!! So here's what i've done. ... In each page of the admin i have the following, right up at the top of the page: (meaning anyone holding either of these permissions can access the page - might be an edit content page or a delete a section) Then below that, in the header include is the following: (1 is the default - everyone has that even anonymous users. so to grant full access of a page to anyone i just dont set a permission in the lines above the header include) The function application.useraccess.CheckPermissions() returns either zero (dont allow access - cant find any permissions match) or a positive integer, being the position of the first match, in which case the user goes on to see the page. Here's the method application.useraccess.CheckPermissions(): This will also allow me to use this same method to show content only to some people if i want. I.e. if you're logged in and you're one of the people authorised to see this .. here's a bit just for you: yada yada yada An example might be a page about the organisation's coming events, with lots of stuff for the public, but also a section only shown to logged-in members. (the permission numbers are just numbers i made up for this thread - they're a whole different series of numbers in the real site) Thanks everyone. Might not be the perfect permissions set-up but it's working and it gives me the granular kind of control that i need for this application. And provides for the whims and fancies of the management in the future. Cheers Mike Kear Windsor, NSW, Australia Adobe Certified Advanced ColdFusion Developer AFP Webworks http://afpwebworks.com ColdFusion, PHP, ASP, ASP.NET hosting from AUD$15/month -- Cheers Mike Kear Windsor, NSW, Australia Adobe Certified Advanced ColdFusion Developer AFP Webworks http://afpwebworks.com ColdFusion, PHP, ASP, ASP.NET hosting from AUD$15/month ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275500 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: CF CAPTCHA - need help!
Besides the accessibilty issues with CAPTCHAs, I also find it a burden put on your user that is not necessary. It's not their fault that spammers abuse your form. They shouldn't be punished for it. There are other solutions - simply dynamically named hidden fields already eliminated 99% of spam on my site. If you don't have issues with JS, then the following is a good solution: http://cfformprotect.riaforge.org/ Eliminated 100% of form spam in all the sites I've implemented it. And that's only with 4 of 5 security levels activated. a. >>> [EMAIL PROTECTED] 16/04/2007 8:47 pm >>> I have a feedback form on our website, and we're getting a lot of SPAM. I don't know if it's because we're using mailto in the cf code or because we're not using some sort of image verification on the form (I'm sure it's a combination of the two). Does anyone know of a good CF based form validation/image verification code to help make our feedback section more secure? ~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJQ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275499 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Client-side validation or Server-side Validation?
>>so where's the benefit to the server after all's been done? Just to make sure all's been done, in case someone is trying to hack your system and bypass your client side validation. See client side validation as some mat at your door, a convenience so that your guests can clean up their feet before entering your house. Server side validation is your alarm system that will call the police when intruders break open your door. ;-) -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275498 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Display number of users online
I have a site (a forum, really) that allows users to login and post messages. Is there a way that I can display the number of users that are currently logged in? Thanks! ~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275497 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Client-side validation or Server-side Validation?
>>Client-side validation is going to have to server-side validation, too, which means the server is going to have to handle all the validation that the client-side does. So there's just as much stress on the server. Not really, because server side validation is done only once, by the submitted template in a whole, in only one HTTP request that you need anyway to get the form executed. Using Ajax for client side validation requires at least one HTTP request per field validated. One must not forget than an Ajax call IS an HTTP request, thus is almost as much overhead than refreshing the form. The only advantage is that you stay in the same page, and you do not have as much data to receive from the server. But the rest of all the overhead implied by an HTTP request is still there. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJQ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275496 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Client-side validation or Server-side Validation?
>>But why not incorporate the server-side validation into the client-side validation using Ajax Because it is barely more efficient than server side validation. The advantage of JS validation is that it can be done without any interaction with the server. Ajax should be used only when the validation really needs something to be done on the server, like checking the availability of a new user code in the database, or so. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275495 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
>>because they feel it has no added value and all the colors, backgrounds and images only distract from the content? You don't have to go to extreme just because you are using HTML. Just as you don't have to make any Word document look like a master piece. Sometimes some italic or bold judiciously used is useful. Making links clickable is also useful. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275494 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Parsing CSV
SQL Server 2005 uses SSIS, and only offers DTS for backwards-compatibility. SSIS can read content directly from a Web service and do whatever parsing you are looking for. What you are describing seems perfectly achievable using the standard SSIS graphical widgets, without resorting to using any custom programming. Good luck, Mike Chabot ~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJQ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275493 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Parsing CSV
SQL Server 2005 uses SSIS, and only offers DTS for backwards-compatibility. SSIS can read content directly from a Web service and do whatever parsing you are looking for. What you are describing seems perfectly achievable using the standard SSIS graphical widgets, without resorting to using any custom programming. Good luck, Mike Chabot On 4/16/07, Robert Rawlins - Think Blue <[EMAIL PROTECTED]> wrote: > Thanks Chris, > > I can agree that letting SQL do the job is a better way of doing this, I'll > just need to find someone with a little stored proc or more SQL experience > than me to help write the code. > > Thanks, > > Rob > > -Original Message- > From: Peterson, Chris [mailto:[EMAIL PROTECTED] > Sent: 16 April 2007 14:02 > To: CF-Talk > Subject: RE: Parsing CSV > > I belive you can write an import script in SQL 2K5 to import it directly > without having to parse in CF. I know you can do it manually with a > right-click - import on the database, and you might be able to save that > and invoke it with CF to import a file. That would probably be the > fastest. > > Chris Peterson > > > -Original Message- > From: Robert Rawlins - Think Blue > [mailto:[EMAIL PROTECTED] > Sent: Monday, April 16, 2007 8:53 AM > To: CF-Talk > Subject: Parsing CSV > > Hello Guys, > > > > I'm looking to get some advice on the best method to parse a CSV into my > SQL Server 2k5 database. The idea is that the data will be passed in as > a string to a web service. In the past I've spoken to people who seem to > think that the DTS is the best method for getting the text into the > database but to be honest it seems less fitting now the data is passed > into a web service, by the time the server has placed it into a file and > then DTS has auctioned it, I may as well use a Query or a StoredProc. > > > > What are your thoughts on this? The data comes in as something like > this. > > > > GF:34:00:3F:FD, 6, 1, 2007-01-01 13:00:00, 1 > > GF:34:00:3F:FD, 6, 2, 2007-01-01 13:01:00, 1 > > GF:34:00:3F:FD, 6, 1, 2007-01-01 13:04:00, 1 > > GF:34:00:3F:FD, 6, 4, 2007-01-01 13:08:00, 1 > > GF:34:00:3F:FD, 6, 1, 2007-01-01 13:10:00, 1 > > GF:34:00:3F:FD, 6, 1, 2007-01-01 13:20:00, 1 > > GF:34:00:3F:FD, 6, 1, 2007-01-01 13:22:00, 1 > > GF:34:00:3F:FD, 6, 5, 2007-01-01 13:26:00. 1 > > GF:34:00:3F:FD, 6, 1, 2007-01-01 13:29:00, 1 > > GF:34:00:3F:FD, 6, 5, 2007-01-01 13:29:00, 1 > > GF:34:00:3F:FD, 6, 1, 2007-01-01 13:30:00, 1 > > GF:34:00:3F:FD, 6, 2, 2007-01-01 13:32:00, 1 > > > > Ideally this data would be placed into two tables, the first table would > store all the MAC address's that are listed in the first column of the > CSV, the other elements of the log would then be stored in a second > table which would reference the MAC address using a foreign key. > > > > I'd be interested to hear your thoughts, these would most likely come in > through the web service a few times an hour and be perhaps a hundred > records long at tops. > > > > Thanks, > > > > Rob > > > > > > > > ~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion?sdid=RVJR Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275492 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: CF CAPTCHA - need help!
100% CF... no third party image components needed. http://acoderslife.com/downloads/bhcaptcha -Original Message- From: Steven Sprouse [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 8:48 AM To: CF-Talk Subject: CF CAPTCHA - need help! I have a feedback form on our website, and we're getting a lot of SPAM. I don't know if it's because we're using mailto in the cf code or because we're not using some sort of image verification on the form (I'm sure it's a combination of the two). Does anyone know of a good CF based form validation/image verification code to help make our feedback section more secure? ~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275491 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
> Are you doing any real load testing?
No... just basing my assumptions on the fact that my client's sites
only get probably 300-400 hits per day altogether. It's sad, but I
can get them to utilize their sites well.
Most of the traffic on the server will probably come in the form of
CMS usage built into the sites for my clients.
I see what you're saying below about the simplicity of client-side
validation instead of a hybrid system. And the slow-downs I may
experience could well change my mind about the hybrid.
But I've *always* performed *only* server-side, CF validation up to this
point, after submitted an entire form, and the feedback from CF is
virtually instantaneous. I'm sure it's slower that pure JS, client-side...
but
if it's not so significantly slower to bother the user, then I don't see a
problem.
And it seems as if you're comparing apples to oranges when looking at
how much code it takes to create client-side only validation, versus a
hybrid system.
You've got to account for the CF server-side coding, as well. And creating
a system
with both client-side and server-side validation that sends validation
messages back
to a user seems much more complicated. With a hybrid system, I only have
one
system to maintain, not two...
And, as I said, at *this* point, stress on the server is not an issue...
Rick
-Original Message-
From: Dan G. Switzer, II [mailto:[EMAIL PROTECTED]
Sent: Monday, April 16, 2007 7:45 PM
To: CF-Talk
Subject: RE: Client-side validation or Server-side Validation?
Rick,
>> You're adding a lot of complexity
>
>Less complexity as I see it...
Trust me, you're adding more. What happens if the AJAX request never
returns? What are you going to do? HTTP requests are not perfect and they do
from time to time fail. If you're validating during an onblur event--which I
know at one time you were--and a user starts tabbing through the fields, and
HTTP request be triggered off for each blur event. This is a lot of undo
traffic. It might work just dandy when you're test a single form and you're
the only person using it, but if you get any kind of traffic to your
site--it's going to cause issues.
The bottom line is, I had a choice between no client-side validation and
using AJAX-style validation, I'd clearly go w/no client-side validation.
Fortunately, there are so many tools out there that basically do all the
work for you.
>> lot of load to your server that's unnecessary
>
>Doesn't seem to have any issue handling it so far.
>(Of course that could change if I pursue this to a greater degree.)
>But like I've stated before, *all* validation I've performed up to this
>point has been by using CF. Never used client-side validation before.
Are you doing any real load testing? Running something locally w/no load is
quite different that in most real world use cases.
>> Using Joern's jQuery Form validation, you should be able to apply basic
>> validation to your form in minutes.
>
>Been there, done that. But then you have to add validation for the same
>data
>on the server-side. I don't see that as any more beneficial to the server.
Because the client does have to talk to the server for each and every error.
That's a lot less http requests to your site. Also, the user doesn't have to
wait for the server to respond--the messages will appear instantly.
I mean there's not a lot of coding involved in:
$(document).ready({
$("#yourForm").validate({
rules:{
name: {required: true},
email: {required: true, email: true}
}
});
});
I mean I just validate a form w/all client-side validation and made sure
that the "name" field and "email" field are both required and that the
e-mail field has to be an valid e-mail address.
I'd put money on it that it took you a lot more time to try and get your
AJAX-style client-side validation working correctly. I only needed to write
those 8 lines of code.
My code doesn't require any round tripping to the server either.
This isn't rocket science and it isn't hard. You're actually making it much
more difficult to solve than it is.
-Dan
~|
Upgrade to Adobe ColdFusion MX7
Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJQ
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275490
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
> JS would look at your rule and throw an error. There's > nothing at all for the server to do. I understand that part, but the server will still have to perform its own validation on the data on the server-side, so where's the benefit to the server after all's been done? -Original Message- From: Dan G. Switzer, II [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 7:25 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? Rick, >Client-side validation is going to have to server-side validation, too, >which means the server is going to have to handle all the validation >that the client-side does. So there's just as much stress on the server. No. The majority of client-side validation you'd use doesn't affect the server at all. JS would look at your rule and throw an error. There's nothing at all for the server to do. -Dan ~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275489 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
> Security is another issue. Hopefully, security can be handled by the CF code doing the validation... as well as the use of cfqueryparam in the queries... > I think the percentage of users with javascript > enabled will steadily increase but never reach 100%. True... there will always be luddites amongst us. :o) But with 500-lb gorillas around like Google offering apps that are hard for many to resist, we will always inch closer to JS (or other technologies) be the de-facto standard. Some people prefer to never eat a Krispy-Kreme donut, but I say they don't know what they're missing! :o) -Original Message- From: Josh Nathanson [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 7:24 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? >I know you're approaching this from the perspective of handling > those who don't use js... but I'm leaning toward assuming js, > and letting the rest go. In your particular application environment, I think that would be fine as regards form validation. Security is another issue. > I think it's > perhaps time for the development community to start developing > with js and demanding that IT personnel learn to set up secure > environments and protect their systems and network. Unfortunately, we as developers don't get to demand anything. Our job is to make things work within the requirements of our applications. Also unfortunately, for some of us those requirements include users without javascript. > The "Web 2.0" functionality is going to force the issue. With Google > and other basically "thumbing their nose" at those who won't use js > with apps like Gmail (at least that's what I understand), people are going > to have to embrace js and other more risky technologies and learn to deal > with them securely or be left behind. Google's market cap is like $160 billion. They can do whatever the hell they want. That being said, I think the percentage of users with javascript enabled will steadily increase but never reach 100%. -- Josh ~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275488 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
For single field validation on blur, which is mostly what I'm interested in using, I get such fast response from the server that it's speed is of no consequence... -Original Message- From: Josh Nathanson [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 5:02 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? > You can setup your server-side to do both the ajax and the non-js > submits. you create one validation method that gets called either way. That's true only if you consider ajax validation to be client side. This is not true client side validation, as it involves a call to the server. You are not getting the benefits of true client side validation (speed, no server traffic). -- Josh ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275487 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
> Actually using that, 90% of all mail is crap. Now that's probably true! I know, at least for me, this discussion is very needed and has been educational! -Original Message- From: Bader, Terrence C CTR MARMC, 231 [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 4:42 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? Actually using that, 90% of all mail is crap. Not just HTML email, but email period. Which is true; just look at me spam folder. lol for that matter look at this topic... its going way, way over the deep end and into the sh!tter. ~Terry -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 16:29 To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? > For well-designed HTML messages that wouldn't be an issue. > The colors, backgrounds, and images would always enhance the message, > not detract from it. Have you heard of Sturgeon's Law? http://en.wikipedia.org/wiki/Sturgeon's_law Why would HTML mail be exempt? > Why not just use word messages on TV instead of video/audio for > commercials? Because that, like HTML mail, is a poor use of the medium. TV is a visual medium. Email is a textual medium. You don't know how people will read their email, either. HTML mail looks like crap on anything except a standard computer. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion?sdid=RVJR Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275486 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
> Have you heard of Sturgeon's Law? Sturgeon was wrong... 90% of what he created may be crud, but that's not true for what I create. > Why would HTML be exempt? See answer to the first question... > Email is a textual medium. Not any more... if that were true, Sprint, Verizon, and everyone else wouldn't be jumping through hoops trying to accommodate photos, video, graphics, and HTML email into their capabilities and there wouldn't be so much HTML generated by spammers. (Except for the poor people in Ethiopia, who apparently can't afford to put graphics in their offerings of $25,000,000.00 dollars if I'll let them use my bank account. :o) We're a visual world now, not a textual world. -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 5:29 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? > For well-designed HTML messages that wouldn't be an issue. > The colors, backgrounds, and images would always enhance the > message, not detract from it. Have you heard of Sturgeon's Law? http://en.wikipedia.org/wiki/Sturgeon's_law Why would HTML mail be exempt? > Why not just use word messages on TV instead of video/audio > for commercials? Because that, like HTML mail, is a poor use of the medium. TV is a visual medium. Email is a textual medium. You don't know how people will read their email, either. HTML mail looks like crap on anything except a standard computer. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275485 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
Rick,
>> You're adding a lot of complexity
>
>Less complexity as I see it...
Trust me, you're adding more. What happens if the AJAX request never
returns? What are you going to do? HTTP requests are not perfect and they do
from time to time fail. If you're validating during an onblur event--which I
know at one time you were--and a user starts tabbing through the fields, and
HTTP request be triggered off for each blur event. This is a lot of undo
traffic. It might work just dandy when you're test a single form and you're
the only person using it, but if you get any kind of traffic to your
site--it's going to cause issues.
The bottom line is, I had a choice between no client-side validation and
using AJAX-style validation, I'd clearly go w/no client-side validation.
Fortunately, there are so many tools out there that basically do all the
work for you.
>> lot of load to your server that's unnecessary
>
>Doesn't seem to have any issue handling it so far.
>(Of course that could change if I pursue this to a greater degree.)
>But like I've stated before, *all* validation I've performed up to this
>point has been by using CF. Never used client-side validation before.
Are you doing any real load testing? Running something locally w/no load is
quite different that in most real world use cases.
>> Using Joern's jQuery Form validation, you should be able to apply basic
>> validation to your form in minutes.
>
>Been there, done that. But then you have to add validation for the same
>data
>on the server-side. I don't see that as any more beneficial to the server.
Because the client does have to talk to the server for each and every error.
That's a lot less http requests to your site. Also, the user doesn't have to
wait for the server to respond--the messages will appear instantly.
I mean there's not a lot of coding involved in:
$(document).ready({
$("#yourForm").validate({
rules:{
name: {required: true},
email: {required: true, email: true}
}
});
});
I mean I just validate a form w/all client-side validation and made sure
that the "name" field and "email" field are both required and that the
e-mail field has to be an valid e-mail address.
I'd put money on it that it took you a lot more time to try and get your
AJAX-style client-side validation working correctly. I only needed to write
those 8 lines of code.
My code doesn't require any round tripping to the server either.
This isn't rocket science and it isn't hard. You're actually making it much
more difficult to solve than it is.
-Dan
~|
ColdFusion MX7 by Adobe®
Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7.
Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275484
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
But can a hybrid method of JS and CF validation be circumvented? Certainly it can be disabled by turning JS off, but would that disable all input? (Disabling a submit button or being able to submit with the Enter key comes to mind) -Original Message- From: Bader, Terrence C CTR MARMC, 231 [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 4:12 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? And what I mean is that you should not depend on client-side validation as this can be circumvented and/or disabled. Its for end-user ease of use and reduce wear and tear on heavily used sites. ~Terry -Original Message- From: Bader, Terrence C CTR MARMC, 231 [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 15:09 To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? Agreed, client side validation is only for client side user ease of use and not for true validation of data being submitted to your data definitions. ~Terry ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275483 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
> client side validation is only for client side user ease of use > and not for true validation of data being submitted to your data > definitions. But if I Ajax the data over to CF code and use it to validate instead of js, which just provides interface feedback, then I've accomplished all methods at once... true validation... -Original Message- From: Bader, Terrence C CTR MARMC, 231 [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 4:09 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? Agreed, client side validation is only for client side user ease of use and not for true validation of data being submitted to your data definitions. ~Terry -Original Message- From: Dan G. Switzer, II [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 14:43 To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? Les, >> There's tons of example code and libraries (such as qForms) that will >allow >> you to easily apply client-side validation rules to your code. It's >> not >that >> difficult to implement. > >But then, you'd have to require javascript - so that's another vote in >that direction No. My point was don't use AJAX to do server-side validation on stuff you can do solely in the client. You need the server-side validation regardless of whether or not you do any client-side validation. - Dan ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275482 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
> you create one validation method that gets called either way. Exactly... one method to validate them all... -Original Message- From: Bader, Terrence C CTR MARMC, 231 [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 4:05 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? You can setup your server-side to do both the ajax and the non-js submits. you create one validation method that gets called either way. ~Terry -Original Message- From: Josh Nathanson [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 14:25 To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? > Why not just do both at once? You can't do both at once. Client and server each need an independent approach. The server must behave as if it is not at all dependent on what the client sends it. Thus you need to have CF code to handle validation on the server, and javascript to handle validation on the client (if desired). Even if you are doing ajax validations, you are still hitting the server, and your independent CF code must handle that server call. Also, if you are depending on an ajax call to validate, your non-javascripters will not make the ajax call and so not validate. -- Josh ~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJQ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275481 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
Maybe I'm wrong for viewing it this way, but I don't consider the cfqueryparam as part of my user-engaging validation. If I write my server-side validation (the part that does inform a user that an address is syntactically incorrect) correctly, then there shouldn't be any problem with it passing cfqueryparam's requirements. -Original Message- From: Jochem van Dieten [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 3:58 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? Les Mizzell wrote: >> If you need an extra layer for this, your server-side layer is broken. > > cfqueryparam isn't going to redirect the user back to the form and say > "Hey idiot, your email address is REQUIRED". > > What am I missing? cfqueryparam is also not going to validate that the data the user entered in the field for an email address is a syntactically correct email address. You need that other layer anyway. Jochem ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275480 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: CF and Java
Stupid question, but what JDK are you using to compile the Java code?
CF uses 1.4.x, so make sure you use a 1.4 JDK to compile the code.
If you use a 1.5+ compiler, you will run into issues.
Mark
On 4/17/07, Russ <[EMAIL PROTECTED]> wrote:
> AFAIK, the main method is not meant to be called by any other classes... it's
> only meant to be called when the program is directly executed.
>
> Take all the code from the main method, and put it into its own method. Call
> that method. Use the main method only when testing the app directly from
> eclipse or command line. (you can instantiate a class of itself and then
> call the methods of that object).
>
> Try the code I posted earlier, and see if that works from CF. Once you get
> that working, then put in your actual code.
>
> Once again, even if you do get the main somehow executing, it's poor coding
> practices and will cause you more problems in the long run. Your code should
> be properly structured.
>
> Russ
>
> > -Original Message-
> > From: Andrew Whone [mailto:[EMAIL PROTECTED]
> > Sent: Monday, April 16, 2007 11:50 AM
> > To: CF-Talk
> > Subject: Re: CF and Java
> >
> > I tried that and it's still the same error message so presumably the array
> > is problematic but should work see:
> > http://weblogs.macromedia.com/cantrell/archives/2003/06/passing_coldfus.cf
> > m
> >
> > I put the blank constructor in the code thus:
> >
> > public class IRMark {
> >/**
> > * Generate and print the IRmark.
> > *
> > * @param args - Pass the filename of the input document
> > * @throws Exception
> > */
> > public IRMark() {}
> > public static void main(String args[]) throws Exception {
> >
> > // Init the Apache XML security library
> > Init.init();
> > ...etc
> > I am wiser but no further on.
> > Any more suggestions much appreciated.
> > A+
> >
> >
>
>
~|
Upgrade to Adobe ColdFusion MX7
Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJQ
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275479
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
> The set of people that I trust to be able to both write interesting > content and design an HTML message that would act to enhance is exactly > identical to the set of people I trust not to need enhancements in the > first place. That may be true, but some of use prefer cartoons in our manuals. ;o) > The time that commercials wanted to inform viewers is long passed. Oh, they inform you alright, they've just become so slick at informing us, that we often don't realize what's happening... -Original Message- From: Jochem van Dieten [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 3:58 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? Rick Faircloth wrote: > For well-designed HTML messages that wouldn't be an issue. > The colors, backgrounds, and images would always enhance > the message, not detract from it. But people don't design messages. They write a message on top of some pre-existing layout template, whether that template enhances the message or not. The set of people that I trust to be able to both write interesting content and design an HTML message that would act to enhance is exactly identical to the set of people I trust not to need enhancements in the first place. > Why not just use word messages on TV instead of video/audio > for commercials? The time that commercials wanted to inform viewers is long passed. Jochem ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275478 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
> You're adding a lot of complexity Less complexity as I see it... > lot of load to your server that's unnecessary Doesn't seem to have any issue handling it so far. (Of course that could change if I pursue this to a greater degree.) But like I've stated before, *all* validation I've performed up to this point has been by using CF. Never used client-side validation before. > Using Joern's jQuery Form validation, you should be able to apply basic > validation to your form in minutes. Been there, done that. But then you have to add validation for the same data on the server-side. I don't see that as any more beneficial to the server. (Maybe the light will come on soon...but I'm beginning to wonder if there's a bulb in the argument to use two separate validation techniques, unless one's got a server that can't handle it...) -Original Message- From: Dan G. Switzer, II [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 3:53 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? Rick, >I've got solutions that use only client-side validation, but it seems >that the discussion everyone's having always comes back to needing >server-side validation to backup client-side. Which is true. >Seems to me that it's a lot less work to just integrate the two. Which is false. You're adding a lot of complexity and points of failure and add a lot of load to your server that's unnecessary. >I mean, if I'm going to have to validate client-side whether or not a >name is entered in a field, then turn around and validate the data >using server-side CF, that seems to add *more* complexity to the >code and the work of the server. > >Why not just do both at once? You're actually adding more complexity to your code trying to make the server-side do all your validation for you. The point is there is plenty of stuff out there that does all the heavy lifting in the client side for you. Anyone with a working knowledge of JS could use one of the many JS Form libraries out there to add pure client-side validation to a form in minutes. Using Joern's jQuery Form validation, you should be able to apply basic validation to your form in minutes. Instead of starting big, start small. Try to really understand what the code is you're writing is doing. -Dan ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275477 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
Rick, >Client-side validation is going to have to server-side validation, too, >which means the server is going to have to handle all the validation >that the client-side does. So there's just as much stress on the server. No. The majority of client-side validation you'd use doesn't affect the server at all. JS would look at your rule and throw an error. There's nothing at all for the server to do. -Dan ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275476 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
>I know you're approaching this from the perspective of handling > those who don't use js... but I'm leaning toward assuming js, > and letting the rest go. In your particular application environment, I think that would be fine as regards form validation. Security is another issue. > I think it's > perhaps time for the development community to start developing > with js and demanding that IT personnel learn to set up secure > environments and protect their systems and network. Unfortunately, we as developers don't get to demand anything. Our job is to make things work within the requirements of our applications. Also unfortunately, for some of us those requirements include users without javascript. > The "Web 2.0" functionality is going to force the issue. With Google > and other basically "thumbing their nose" at those who won't use js > with apps like Gmail (at least that's what I understand), people are going > to have to embrace js and other more risky technologies and learn to deal > with them securely or be left behind. Google's market cap is like $160 billion. They can do whatever the hell they want. That being said, I think the percentage of users with javascript enabled will steadily increase but never reach 100%. -- Josh ~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275475 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
No, it won't. But with the current hybrid client/server-side validation I'm working on, the CF code will return a message to the form stating that an email is required, or doesn't match the previous email entry, or is not a valid dollar value, or anything other message I want to return. -Original Message- From: Les Mizzell [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 3:41 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? > If you need an extra layer for this, your server-side layer is broken. cfqueryparam isn't going to redirect the user back to the form and say "Hey idiot, your email address is REQUIRED". What am I missing? ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275474 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
But why not incorporate the server-side validation into the client-side validation using Ajax instead of keeping it as a separate process? -Original Message- From: Dan G. Switzer, II [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 3:43 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? Les, >> There's tons of example code and libraries (such as qForms) that will >allow >> you to easily apply client-side validation rules to your code. It's not >that >> difficult to implement. > >But then, you'd have to require javascript - so that's another vote in >that direction No. My point was don't use AJAX to do server-side validation on stuff you can do solely in the client. You need the server-side validation regardless of whether or not you do any client-side validation. - Dan ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275473 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
I have to disagree with you on that one, Dave. HTML (done well and used appropriately) will always be more effective in communications than text html... Why do you see HTML email as such a bad thing? Size of messages only? -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 4:33 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? > > But what about the people that don't use HTML email > > because they feel it has no added value > > Same as for people that does to Macdo for a gastronomic > event ;-) You've got that backwards - it's HTML mail that's super-sized, full of lard and bad for you. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275472 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
> If you're doing both at once, you're not really doing client-side > validation. Using AJAX for validation largely defeats the purpose of > client-side validation - avoiding unnecessary trips to the server. This is where my understanding, perhaps, of the issue breaks down. Client-side validation is going to have to server-side validation, too, which means the server is going to have to handle all the validation that the client-side does. So there's just as much stress on the server. Perhaps more so, if there are numerous problems with the form data that aren't or can't be handled by client-side validation, such as validation against query data, etc. Perhaps you're talking about the "trips" to the server, rather than the stress on the server for validating a form's compete data set. ?? Rick -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 4:33 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? > I've got solutions that use only client-side validation, but > it seems that the discussion everyone's having always comes > back to needing server-side validation to backup client-side. > > Seems to me that it's a lot less work to just integrate the two. > > I mean, if I'm going to have to validate client-side whether > or not a name is entered in a field, then turn around and > validate the data using server-side CF, that seems to add > *more* complexity to the code and the work of the server. > > Why not just do both at once? If you're doing both at once, you're not really doing client-side validation. Using AJAX for validation largely defeats the purpose of client-side validation - avoiding unnecessary trips to the server. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275471 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
I know you're approaching this from the perspective of handling those who don't use js... but I'm leaning toward assuming js, and letting the rest go. I don't think it's too much to ask of people who want to use sites that use js to allow it to be used in their browsers. I know there are issues for users behind corporate firewalls, etc., but I think it's perhaps time for the development community to start developing with js and demanding that IT personnel learn to set up secure environments and protect their systems and network. I've never had js disabled on any system or network I've ever owned or managed and I've never had a single problem with it. The "Web 2.0" functionality is going to force the issue. With Google and other basically "thumbing their nose" at those who won't use js with apps like Gmail (at least that's what I understand), people are going to have to embrace js and other more risky technologies and learn to deal with them securely or be left behind. Rick -Original Message- From: Josh Nathanson [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 3:25 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? > Why not just do both at once? You can't do both at once. Client and server each need an independent approach. The server must behave as if it is not at all dependent on what the client sends it. Thus you need to have CF code to handle validation on the server, and javascript to handle validation on the client (if desired). Even if you are doing ajax validations, you are still hitting the server, and your independent CF code must handle that server call. Also, if you are depending on an ajax call to validate, your non-javascripters will not make the ajax call and so not validate. -- Josh ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275470 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Need more SQL help....
Ok, I have one last query to get right in my eval app. Here's my schema: http://wtomlinson.com/evalschema.gif Jim has been kind enough to help work out my queries. Now, I just need to rollup my rankings questions and I'm done (mostly). The data looks like this: tblquestions: Rank these tools in order of learning curve tblanswersets CF ..NET PHP tblanswers 1 2 3 Answer get inserted into an output table, tblevalanswerresults, where they can be counted. Here's what I need in plain english: Show me a list of questions. With each question, show me a list of the answers according to what they were ranked, listed highes ranked to lowest. Here's a query I'm workin with, the data isn't right tho. It just counts up the answers for each answerset. SELECT Q.questionID, Q.questionsetID, Q.question, Q.questioncatid, QAX.questionid, QAX.answersetid, ASets.answersetid, ASets.answersettypeid, ASets.answersetname, AST.answersettypename, ASAX.answersetid, ASAX.answerid, A.answerID, A.answername, A.answervalue, (SELECT count(*) FROM tblevalanswerresults e1 INNER JOIN tblevaluations e2 ON e1.evalid = e2.evalid WHERE e2.InstructorID = '#SESSION.CollegeID#' AND e1.answerID = A.answerID AND e1.questionid = Q.questionID) AS totalforthisquestion, (SELECT count(*) FROM tblevalanswerresults e1 INNER JOIN tblevaluations e2 ON e1.evalid = e2.evalid WHERE e2.InstructorID = '#SESSION.CollegeID#' AND e1.questionid = Q.questionID) AS totalforinstructor, ((SELECT count(*) FROM tblevalanswerresults e1 INNER JOIN tblevaluations e2 ON e1.evalid = e2.evalid WHERE e2.InstructorID = '#SESSION.CollegeID#' AND e1.answerID = A.answerID AND e1.questionid = Q.questionID)/ (SELECT count(*) FROM tblevalanswerresults e1 INNER JOIN tblevaluations e2 ON e1.evalid = e2.evalid WHERE e2.InstructorID = '#SESSION.CollegeID#' AND e1.questionid = Q.questionID)*100) AS answerpercentage FROM tblquestions Q INNER JOIN tblquestionsanswers_x QAX ON Q.questionID = QAX.questionID INNER JOIN tblanswersets ASets ON QAX.answersetid = ASets.answersetid INNER JOIN tblanswersettypes AST ON AST.answersettypeid = ASets.answersettypeid INNER JOIN tblanswersetsanswers_x ASAX ON QAX.answersetid = ASAX.answersetid INNER JOIN tblanswers A ON ASAX.answerid = A.answerid WHERE Q.questioncatid = 3 /* Additional Q = 3*/ AND ASets.answersettypeid = 3 /* Ranking answers only = 3*/ Thanks much, Will ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275469 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
>From the browser testing I have done during site development, FF & IE display similarly. Not exactly the same... but I develop with tables instead of CSS layout, so I don't run into as many issues. Now, don't get me wrong, I would like for all my sites to look great on every browser, but I just don't plan to put in the time and testing on every version of every browser in use. It just seems a little over-the-top. Rick -Original Message- From: Damien McKenna [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 3:14 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? On Apr 16, 2007, at 1:51 PM, Rick Faircloth wrote: > It's just too much work to cater to every minority group in the > virtual > universe. In one sentence you sum up the main problem with web development today: because people are unwilling to really look into how the standards work and to learn to work with them, users of browsers other than IE get the shaft on many, many major websites. If developers, such as yourself, and their developers were to investigate the standards and how browsers treat them, and maybe use a JS framework like JQuery or Prototype, you'd see that by following close to the standards you can develop sites that work perfectly for over 99% of your audience, rather than in your ignorance (definition: lack of knowledge) believe it is "too much work". For several years I've worked towards compatibility with Firefox and Safari, then patched the code to work around IE's problems, and it has worked great - higher than 99% compatibility with our visitor's websites and ultimately less work for me. Remember that IE is slowly (kick and screaming all the way) becoming *more* standards compliant over time, IE7 proved that Microsoft was beginning to listen and look how many websites had to be changed: most in-the-know developers just had to update their code to not load the JS/CSS hacks for IE7 and their sites worked fine, rather than the torment many went through of having to rewrite entire sites due to shortsightedness. So, for the good of your clients and visitors, and ultimately your own long-term peace of mind, please learn how to take advantage of the published standards. -- Damien McKenna - Web Developer - [EMAIL PROTECTED] The Limu Company - http://www.thelimucompany.com/ - 407-548-3800 ~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJQ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275468 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: CFchart scaleFrom and scaleTo
Oh Tom, How I wish all the links were new to me;-) I have been through all that and more. Does anyone have success with the code I posted? It should show a chart from 0.3 to 0.7 on the Y Axis... not from 0.0 to 0.6. It's starting to create real problems with numerous clients of ours. On 4/16/07, Tom McNeer <[EMAIL PROTECTED]> wrote: > To everyone who's been discussing this: > > I can't give you a definitive answer, but I do know that in accessing the > underlying chart application, the Macromedia/Adobe team made some decisions > on how to deal with values < 1. In the CF 6 days, there was originally code > which, if your point value was less than one, made the ScaleFrom value = -1. > Essentially, the code thought a value of say, 0.5, would produce a point too > close to the axis. So it changed the ScaleFrom value to make it "easier" to > read. > > I don't know if the problem you're discussing is related, but I'm guessing > that it is. > > Mike Nimer at Adobe seems to know more about this than anyone, and he seems > very willing to find out answers to CFChart questions regarding the > underlying implementation. Don't know his e-mail -- you might try > [EMAIL PROTECTED] But here's his blog: http://www.mikenimer.com/index.cfm > > -- > Thanks, > > Tom > > Tom McNeer > MediumCool > http://www.mediumcool.com > 1735 Johnson Road NE > Atlanta, GA 30306 > 404.589.0560 > > > ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275467 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Client-side validation or Server-side Validation?
> If you're doing both at once, you're not really doing client-side > validation. Using AJAX for validation largely defeats the purpose of > client-side validation - avoiding unnecessary trips to the server. > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ truebut at least the trips are "lighter" ;-) Bryan Stevenson B.Comm. VP & Director of E-Commerce Development Electric Edge Systems Group Inc. phone: 250.480.0642 fax: 250.480.1264 cell: 250.920.8830 e-mail: [EMAIL PROTECTED] web: www.electricedgesystems.com Notice: This message, including any attachments, is confidential and may contain information that is privileged or exempt from disclosure. It is intended only for the person to whom it is addressed unless expressly authorized otherwise by the sender. If you are not an authorized recipient, please notify the sender immediately and permanently destroy all copies of this message and attachments. ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275466 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
> You can setup your server-side to do both the ajax and the non-js > submits. you create one validation method that gets called either way. That's true only if you consider ajax validation to be client side. This is not true client side validation, as it involves a call to the server. You are not getting the benefits of true client side validation (speed, no server traffic). -- Josh ~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275465 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
>>You've got that backwards - it's HTML mail that's super-sized, full of lard and bad for you. BTW, I don't know what kind of crippled mail reader you're using, but its bad habit to strip the References header from your replies make the thread particularly difficult to follow. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJQ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275464 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
expandPath() and mod_rewrite
I've found an issue with mod_rewrite and expandPath() recently and
I'm wondering if anyone has a solution. It seems that Coldfusion
uses Apache to pull the directory information with expandPath().
This is the case on Linux (CentOS and SUSE 10), at least, since I
can't duplicate the problem on my Mac.
For example, I have the following rewrite rules:
RewriteEngine on
#General Rewrites
RewriteRule ^$ index.cfm [QSA]
RewriteRule ^([^.]+)$ $1.htm [QSA]
#Escape if file or directory exists
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
#Redirect all other requests through index.cfm
RewriteRule ^(.*)$ index.cfm?course=%{REQUEST_URI} [QSA,L]
The the two RewriteCond rules escape the redirect when a file or
directory exists however when using where an
expandPath is used to create the file path, Coldfusion returns the
path "redirect:index.cfm" as the expanded path instead - since the
file doesn't exist yet .
The workaround is to modify every path variable to two separate
variables - one for the directory and one for the file name and then
combine the two in the tag: Not a big deal, except that one
of the apps is a decent sized app with a bunch of file operations
being done in legacy code (in different directories) where I keep
running into this issue.
Any idea of a rewrite rule or workaround that will allow CF (and
expandPath()) to do it's thing in peace while allowing all other
rewrite rules to be processed?I've been digging into the
mod_rewrite book and trying to tweak the existing rules with no success.
Thanks,
Jon
~|
Create robust enterprise, web RIAs.
Upgrade & integrate Adobe Coldfusion MX7 with Flex 2
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275463
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
Actually using that, 90% of all mail is crap. Not just HTML email, but email period. Which is true; just look at me spam folder. lol for that matter look at this topic... its going way, way over the deep end and into the sh!tter. ~Terry -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 16:29 To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? > For well-designed HTML messages that wouldn't be an issue. > The colors, backgrounds, and images would always enhance the message, > not detract from it. Have you heard of Sturgeon's Law? http://en.wikipedia.org/wiki/Sturgeon's_law Why would HTML mail be exempt? > Why not just use word messages on TV instead of video/audio for > commercials? Because that, like HTML mail, is a poor use of the medium. TV is a visual medium. Email is a textual medium. You don't know how people will read their email, either. HTML mail looks like crap on anything except a standard computer. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275462 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
> For well-designed HTML messages that wouldn't be an issue. > The colors, backgrounds, and images would always enhance the > message, not detract from it. Have you heard of Sturgeon's Law? http://en.wikipedia.org/wiki/Sturgeon's_law Why would HTML mail be exempt? > Why not just use word messages on TV instead of video/audio > for commercials? Because that, like HTML mail, is a poor use of the medium. TV is a visual medium. Email is a textual medium. You don't know how people will read their email, either. HTML mail looks like crap on anything except a standard computer. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275461 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: CFchart scaleFrom and scaleTo
To everyone who's been discussing this: I can't give you a definitive answer, but I do know that in accessing the underlying chart application, the Macromedia/Adobe team made some decisions on how to deal with values < 1. In the CF 6 days, there was originally code which, if your point value was less than one, made the ScaleFrom value = -1. Essentially, the code thought a value of say, 0.5, would produce a point too close to the axis. So it changed the ScaleFrom value to make it "easier" to read. I don't know if the problem you're discussing is related, but I'm guessing that it is. Mike Nimer at Adobe seems to know more about this than anyone, and he seems very willing to find out answers to CFChart questions regarding the underlying implementation. Don't know his e-mail -- you might try [EMAIL PROTECTED] But here's his blog: http://www.mikenimer.com/index.cfm -- Thanks, Tom Tom McNeer MediumCool http://www.mediumcool.com 1735 Johnson Road NE Atlanta, GA 30306 404.589.0560 ~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion?sdid=RVJR Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275460 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
And what I mean is that you should not depend on client-side validation as this can be circumvented and/or disabled. Its for end-user ease of use and reduce wear and tear on heavily used sites. ~Terry -Original Message- From: Bader, Terrence C CTR MARMC, 231 [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 15:09 To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? Agreed, client side validation is only for client side user ease of use and not for true validation of data being submitted to your data definitions. ~Terry ~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275459 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
Agreed, client side validation is only for client side user ease of use and not for true validation of data being submitted to your data definitions. ~Terry -Original Message- From: Dan G. Switzer, II [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 14:43 To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? Les, >> There's tons of example code and libraries (such as qForms) that will >allow >> you to easily apply client-side validation rules to your code. It's >> not >that >> difficult to implement. > >But then, you'd have to require javascript - so that's another vote in >that direction No. My point was don't use AJAX to do server-side validation on stuff you can do solely in the client. You need the server-side validation regardless of whether or not you do any client-side validation. - Dan ~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275458 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
You can setup your server-side to do both the ajax and the non-js submits. you create one validation method that gets called either way. ~Terry -Original Message- From: Josh Nathanson [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 14:25 To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? > Why not just do both at once? You can't do both at once. Client and server each need an independent approach. The server must behave as if it is not at all dependent on what the client sends it. Thus you need to have CF code to handle validation on the server, and javascript to handle validation on the client (if desired). Even if you are doing ajax validations, you are still hitting the server, and your independent CF code must handle that server call. Also, if you are depending on an ajax call to validate, your non-javascripters will not make the ajax call and so not validate. -- Josh ~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion?sdid=RVJR Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275457 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Client-side validation or Server-side Validation?
Les Mizzell wrote: >> If you need an extra layer for this, your server-side layer is broken. > > cfqueryparam isn't going to redirect the user back to the form and say > "Hey idiot, your email address is REQUIRED". > > What am I missing? cfqueryparam is also not going to validate that the data the user entered in the field for an email address is a syntactically correct email address. You need that other layer anyway. Jochem ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275456 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
Rick Faircloth wrote: > For well-designed HTML messages that wouldn't be an issue. > The colors, backgrounds, and images would always enhance > the message, not detract from it. But people don't design messages. They write a message on top of some pre-existing layout template, whether that template enhances the message or not. The set of people that I trust to be able to both write interesting content and design an HTML message that would act to enhance is exactly identical to the set of people I trust not to need enhancements in the first place. > Why not just use word messages on TV instead of video/audio > for commercials? The time that commercials wanted to inform viewers is long passed. Jochem ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275455 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: CFchart scaleFrom and scaleTo
Hi Ian, I have been struggling with scaleFrom, scaleTo as well and like you my clients really don't like the results from this. Have you had any luck fixing this yet? I have upgraded MX7 7.0 with the latest .jar file as suggested on the adobe website. Wondering if CFMX 7.0.2 does any better? == This clearly doesn't work as anyone can easily check. On 9/20/06, Ian Skinner <[EMAIL PROTECTED]> wrote: > Thanks Josh > > I had thought about multiplying the results to make them simple integers. > Unfortunately I'm working from what is currently done in Excel and with a > client base that is very finicky. It could be a bit of a sell to show them a > chart that shows values of 8, 15, 37 instead of what is currently shown, > 0.0008, 0.0015, 0.0037. > ~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275454 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
Rick, >I've got solutions that use only client-side validation, but it seems >that the discussion everyone's having always comes back to needing >server-side validation to backup client-side. Which is true. >Seems to me that it's a lot less work to just integrate the two. Which is false. You're adding a lot of complexity and points of failure and add a lot of load to your server that's unnecessary. >I mean, if I'm going to have to validate client-side whether or not a >name is entered in a field, then turn around and validate the data >using server-side CF, that seems to add *more* complexity to the >code and the work of the server. > >Why not just do both at once? You're actually adding more complexity to your code trying to make the server-side do all your validation for you. The point is there is plenty of stuff out there that does all the heavy lifting in the client side for you. Anyone with a working knowledge of JS could use one of the many JS Form libraries out there to add pure client-side validation to a form in minutes. Using Joern's jQuery Form validation, you should be able to apply basic validation to your form in minutes. Instead of starting big, start small. Try to really understand what the code is you're writing is doing. -Dan ~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275453 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
Les, >> There's tons of example code and libraries (such as qForms) that will >allow >> you to easily apply client-side validation rules to your code. It's not >that >> difficult to implement. > >But then, you'd have to require javascript - so that's another vote in >that direction No. My point was don't use AJAX to do server-side validation on stuff you can do solely in the client. You need the server-side validation regardless of whether or not you do any client-side validation. - Dan ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275452 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
> If you need an extra layer for this, your server-side layer is broken. cfqueryparam isn't going to redirect the user back to the form and say "Hey idiot, your email address is REQUIRED". What am I missing? ~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion?sdid=RVJR Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275451 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
For e-commerce sites, I think I'd probably have to jump through the hoops to accommodate more users. But at this point, I haven't created any e-commerce sites. Just not used in this area (so far)... My sites are mostly informational... Real Estate, church sites, etc. And, up to this point, I haven't used any forms that would require JS at all. All validation has been performed with CF. The JS front-end is something I'm just starting to get into. And that's why I started this dialogue... to get some perspective for those more experienced with using it and the issues they face. Thanks for your feedback... Rick -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 4:08 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? > I'm all for forcing users of sites I develop to use Javascript. > > If it's not turned on just send them a message: "You must > enable Javascript to use this form." If they choose not to, so > be it. If you can afford that luxury, good for you! That's simply not an option for most people trying to sell something. > It's like people who refuse to use HTML email... I think it's > time for these folks to come into the light and forget their > paranoia about security, if that's what's keeping them from > using these technologies. I refuse to use HTML email. I'm far from paranoid about security, but there are security risks with HTML mail, especially on Windows. Plus, I find it to be a distraction from the actual content of email (if there is any). Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275449 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
For well-designed HTML messages that wouldn't be an issue. The colors, backgrounds, and images would always enhance the message, not detract from it. Why not just use word messages on TV instead of video/audio for commercials? Rick -Original Message- From: Jochem van Dieten [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 3:06 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? Rick Faircloth wrote: > It's like people who refuse to use HTML email... I think it's time for > these folks to come into the light and forget their paranoia about > security, if that's what's keeping them from using these technologies. But what about the people that don't use HTML email because they feel it has no added value and all the colors, backgrounds and images only distract from the content? Jochem ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275450 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
> > But what about the people that don't use HTML email > > because they feel it has no added value > > Same as for people that does to Macdo for a gastronomic > event ;-) You've got that backwards - it's HTML mail that's super-sized, full of lard and bad for you. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275448 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
> I've got solutions that use only client-side validation, but > it seems that the discussion everyone's having always comes > back to needing server-side validation to backup client-side. > > Seems to me that it's a lot less work to just integrate the two. > > I mean, if I'm going to have to validate client-side whether > or not a name is entered in a field, then turn around and > validate the data using server-side CF, that seems to add > *more* complexity to the code and the work of the server. > > Why not just do both at once? If you're doing both at once, you're not really doing client-side validation. Using AJAX for validation largely defeats the purpose of client-side validation - avoiding unnecessary trips to the server. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275447 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Auto Index Dbase datasource?
>>I haven't been able to figure out how to use the Merant driver in MX7, is this possible? In MX 7 you can still use the ODBC socket and connect to any ODBC connection set in Windows, using Microsoft Foxpro or dBase driver, and probably also the Merant driver. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275446 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
>>But what about the people that don't use HTML email because they feel it has no added value ... which makes a pretty good reason to show them how to enable JS. They will be grateful. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275445 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
I realize that's every user's choice, but again, I'm willing to lose a few customers rather than jump through so many hoops to accommodate every user's preferences, be it with HTML e-mail or use of JS, or whatever. It's just a pragmatic choice, rather than an ideal one. So far, I've heard no complaints *ever* from users... -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 4:08 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? > > But what about, as already mentioned, somebody browsing > > with Javascript turn off > > In that case they get the message "Your browser should have > Javascript turned on to proceed" and no form at all. In that case, I take my business elsewhere. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion?sdid=RVJR Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275444 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
> Why not just do both at once? You can't do both at once. Client and server each need an independent approach. The server must behave as if it is not at all dependent on what the client sends it. Thus you need to have CF code to handle validation on the server, and javascript to handle validation on the client (if desired). Even if you are doing ajax validations, you are still hitting the server, and your independent CF code must handle that server call. Also, if you are depending on an ajax call to validate, your non-javascripters will not make the ajax call and so not validate. -- Josh ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275443 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
Is it safe to assume that you're talking about CSS-based design when you mention "standards compliance" and previously "accessibility?" Perhaps not, but if so, I've tried working with CSS (or table-less) design and it's a pain in the rear. Besides, when a client wants a site redesign, I want to have work to do! :o) Really, I tried CSS-based design, and it wasn't working for me... perhaps later. I just design for IE, and take the quirks in the layout, if there are any, in stride as far as the rest of the browsers are concerned. Perhaps not the most effective approach, but certainly a very efficient one! Rick -Original Message- From: Judah McAuley [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 2:49 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? Rick Faircloth wrote: > It's like coding for users of the Opera browser. If they want to be able > to have the best experience on my sites, then install IE. > > It's just too much work to cater to every minority group in the virtual > universe. And this is where I fundamentally disagree. Its really not that difficult at all. The newer generations of browsers have a large overlapping set of standards compliance. The largest quirks are fairly well known and easy to find out information on. The rise of javascript libraries has done a great job of taking into account the differences between browsers there. So what's the "too much work" part? Judah ~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion?sdid=RVJR Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275442 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
>>But what about the people that don't use HTML email because they feel it has no added value Same as for people that does to Macdo for a gastronomic event ;-) -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion?sdid=RVJR Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275441 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Client-side validation or Server-side Validation?
Les Mizzell wrote: > I've had to add an "in between" layer to check for missing info when the > client-side validation fails (due to no javascript) and kick them back > to the form before it ever gets to the data-processing page. Since the > forms are pretty darned big, that's a ton of extra code (almost 30% more). If you need an extra layer for this, your server-side layer is broken. Jochem ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275440 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
Thanks for the colorful encouragement, Damien. :o) With what you said in mind, that's why it seems to me to be best to combine a front-end JS "message-delivery" system and a back-end CF validation system. Then I get my user-friendly front end and my secure backend. Yes, it does tax the server more, but before now, *all* my validation was done with CF processing, so this is not a step backwards as far as work done by the server. Rick -Original Message- From: Damien McKenna [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 2:46 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? On Apr 14, 2007, at 10:46 AM, Rick Faircloth wrote: > But now that I've started down the client-side validation road, I hear > from passersby, "No! You should always validate server-side or both!" Not validating server-side is too much of a security risk. I always consider server-side validation to be utterly essential, and client- side an extra bonus if you have the time. Never, ever, ever, ever (don't you see!), ever, ever, never, ever do just client-side validation, you're leaving yourself open to have your data stolen, your cat painted and your lunch left too long in the microwave, i.e. "bad things." -- Damien McKenna - Web Developer - [EMAIL PROTECTED] The Limu Company - http://www.thelimucompany.com/ - 407-548-3800 ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275439 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
Thanks for the feedback, Dan. I've got solutions that use only client-side validation, but it seems that the discussion everyone's having always comes back to needing server-side validation to backup client-side. Seems to me that it's a lot less work to just integrate the two. I mean, if I'm going to have to validate client-side whether or not a name is entered in a field, then turn around and validate the data using server-side CF, that seems to add *more* complexity to the code and the work of the server. Why not just do both at once? Rick -Original Message- From: Dan G. Switzer, II [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 2:31 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? Rick, >I'm leaning toward a combination of JS for user-friendliness with >the validation coming from ColdFusion programming. > >I get the best of both worlds that way. It's not the best of both worlds. If you're doing all validation based on AJAX operations, then you've introduced a huge layer of complexity and point of failure to your code. Not to mention added additional HTTP requests that are unneeded. Only use AJAX validation for client-side errors for things that you can't do w/out interaction with the server (such as validating if a username exists.) There's tons of example code and libraries (such as qForms) that will allow you to easily apply client-side validation rules to your code. It's not that difficult to implement. There's absolutely no reason to make an HTTP request to see if a field is required, to see if a field looks like a valid e-mail address, to see if a value is a number, etc. There's tons of stuff out there that you can leverage. These are not difficult problems to solve. -Dan ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275438 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
On Apr 16, 2007, at 1:51 PM, Rick Faircloth wrote: > It's just too much work to cater to every minority group in the > virtual > universe. In one sentence you sum up the main problem with web development today: because people are unwilling to really look into how the standards work and to learn to work with them, users of browsers other than IE get the shaft on many, many major websites. If developers, such as yourself, and their developers were to investigate the standards and how browsers treat them, and maybe use a JS framework like JQuery or Prototype, you'd see that by following close to the standards you can develop sites that work perfectly for over 99% of your audience, rather than in your ignorance (definition: lack of knowledge) believe it is "too much work". For several years I've worked towards compatibility with Firefox and Safari, then patched the code to work around IE's problems, and it has worked great - higher than 99% compatibility with our visitor's websites and ultimately less work for me. Remember that IE is slowly (kick and screaming all the way) becoming *more* standards compliant over time, IE7 proved that Microsoft was beginning to listen and look how many websites had to be changed: most in-the-know developers just had to update their code to not load the JS/CSS hacks for IE7 and their sites worked fine, rather than the torment many went through of having to rewrite entire sites due to shortsightedness. So, for the good of your clients and visitors, and ultimately your own long-term peace of mind, please learn how to take advantage of the published standards. -- Damien McKenna - Web Developer - [EMAIL PROTECTED] The Limu Company - http://www.thelimucompany.com/ - 407-548-3800 ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275437 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
Judah, I definitely see your point. I guess I'm looking at this from a "developer of may websites / apps", none of which are as "mission-critical" as, say, an e-commerce app. If I just worked on one site, say for a company that I worked for, I could see taking the time and expense of creating multiple versions of a site, etc. But as an independent developer whose clients almost always want things created as inexpensively as possible, it's difficult to justify the time spent creating a "one-size fits all" site, when I'm not getting compensation for that work. For one of my sites, my stats tell me that 98.63% of users have javascript enabled. The other .37% aren't worth the extra work. And if they do have trouble and don't know what it is, then perhaps they'll dig a little bit and get javascript enabled. (If they're allowed to...) Eventually, I may come to the point where I do code for both, but right now I'm just starting to use JS for validation, so it's new to me. I'll have to start with crawling, then walking, then running... Rick -Original Message- From: Judah McAuley [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 2:44 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? Rick you might be right in some audiences but I think you may be wrong in many other audiences. Larger corporations, for instance, do much more extensive security filtering. They can block javascript/activeX/etc at the firewall and they can also enforce browser settings at the desktop level. The end user may not have any participation in the security decisions nor even know that javascript has been disabled for them. They just know that some things don't work. That's a recipe for bad user experience. In general, my approach is to make javascript optional for all front end tools with an unknown audience and then tailor the use of javascript/flash/etc. in admin applications to the expected audience since it is likely to be a much better known user base. Judah Rick Faircloth wrote: > Josh, > > You refer to customers who don't have javascript enabled > as "javascript-challenged." Since not using javascript would > take some knowledge and tinkering, wouldn't it be more likely > that those who don't use javascript are advanced users and > just simply choosing not to use javascript? > > Rick ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275436 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
> further more, how many among those 10% just didn't know > they had JS disabled and will be so glad you told them that > they will buy anything in your boutique? ;-) Most non-technical users don't know or care what JavaScript is. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion?sdid=RVJR Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275435 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Client-side validation or Server-side Validation?
Rick Faircloth wrote: > It's like people who refuse to use HTML email... I think it's time for > these folks to come into the light and forget their paranoia about > security, if that's what's keeping them from using these technologies. But what about the people that don't use HTML email because they feel it has no added value and all the colors, backgrounds and images only distract from the content? Jochem ~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion?sdid=RVJR Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275434 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
> I'm all for forcing users of sites I develop to use Javascript. > > If it's not turned on just send them a message: "You must > enable Javascript to use this form." If they choose not to, so > be it. If you can afford that luxury, good for you! That's simply not an option for most people trying to sell something. > It's like people who refuse to use HTML email... I think it's > time for these folks to come into the light and forget their > paranoia about security, if that's what's keeping them from > using these technologies. I refuse to use HTML email. I'm far from paranoid about security, but there are security risks with HTML mail, especially on Windows. Plus, I find it to be a distraction from the actual content of email (if there is any). Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275433 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
> > But what about, as already mentioned, somebody browsing > > with Javascript turn off > > In that case they get the message "Your browser should have > Javascript turned on to proceed" and no form at all. In that case, I take my business elsewhere. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! This email has been processed by SmoothZap - www.smoothwall.net ~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275432 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: CF CAPTCHA - need help!
Hello Steven and listers, It certainly worked for me. The results appears below: Please correct these errors: You did not match the image text. Please try again. Wanting to give you the benefit of a doubt I gave it a shot. Because my screen reader could not read the text in the image I received the error message above and was unable to submit the form. This is exactly the kind of accessibility problem we have with captchas and screen readers. If one could read the text without it being included in an image the problem could be solved. Peter Donahue - Original Message - From: "Steven Sprouse" <[EMAIL PROTECTED]> To: "CF-Talk" Sent: Monday, April 16, 2007 12:42 PM Subject: Re: CF CAPTCHA - need help! Okay, I've made changes to the form, http://www2.ccboe.com/feedback/feedbackform.cfm The CAPTCHA is there and looking nice, but I can still submit the form without having to enter anything in the image field. Any help with this? Does the mailto look ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275431 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
> Larger corporations, for instance, do much more > extensive security filtering. They can block javascript/activeX/etc at > the firewall and they can also enforce browser settings at the desktop > level. The end user may not have any participation in the security > decisions nor even know that javascript has been disabled for them. They > just know that some things don't work. This is exactly what I ran across. The actual end user has no idea what's going on, or how to fix it. Thanks for clarifying Judah. -- Josh ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275430 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Client-side validation or Server-side Validation?
Rick Faircloth wrote: > It's like coding for users of the Opera browser. If they want to be able > to have the best experience on my sites, then install IE. > > It's just too much work to cater to every minority group in the virtual > universe. And this is where I fundamentally disagree. Its really not that difficult at all. The newer generations of browsers have a large overlapping set of standards compliance. The largest quirks are fairly well known and easy to find out information on. The rise of javascript libraries has done a great job of taking into account the differences between browsers there. So what's the "too much work" part? Judah ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275429 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Urgent Help Please!
Oh man, I would if I could. Quite honestly, the entire query is "SELECT * FROM USERS" Then, they have 4 - 5 other queries that QoQ back against the result set... And the query is on each page, not stuck in a shared scope. I have cleaned a few of the main pages, working on more. Once you know the trick, its pretty simple to modify the QoQ to pull directly from the DB and eliminate the SELECT * I will get there, but I think this is the bulk of my problem =) Thanks for any help guys, took me a while to dig into the err.log file for my instance and file the out of memory error. Sorry about the momentary panic =) Chris -Original Message- From: Jon Clausen [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 2:42 PM To: CF-Talk Subject: Re: Urgent Help Please! Chris, I've been there and feel your pain (some from my own doing, though, so I can't throw too many stones). In the meantime, as a stop-gap you might be able to get by with adding a couple of multi-column indexes on the database side (if you haven't already) for your commonly used 'WHERE' columns to limit the number of records being parsed on the base query. If your query is: SELECT * FROM foo WHERE bar = 'FooBar' AND foo_user = 2; Create an index with the two columns: ALTER table foo ADD INDEX(bar,foo_user); This will speed things up on the DBMS side and possibly help the page execution times - freeing up more memory since CF isn't waiting around.It won't help you with the processing that CF is doing of the returned query itself, though. For that you'll need to roll up your sleeves and apply some lipstick to that pig... :-) Regards, Jon On Apr 16, 2007, at 2:14 PM, Peterson, Chris wrote: > Jon, > > You are most likely correct, as the people who originally coded this > site didn't know how to do a cross-database join, so instead did a > SELECT * from Users, and now there are, ohhh, 26,000+ users on the > site. > Not to mention the SELECT * from items, which contains about 100,000+ > items. Unfortunately, this code is on about 50 - 100 pages, and you > can imagine that its not written for readability or ease of > maintenance. I am ban aiding it for now, and working on permanent > fixes for the future. > > Chris > > -Original Message- > From: Jon Clausen [mailto:[EMAIL PROTECTED] > Sent: Monday, April 16, 2007 1:25 PM > To: CF-Talk > Subject: Re: Urgent Help Please! > > Chris, > > First of all, I defer to any of the suggestions that Jochem gives you, > since he's way better in the server configuration arena than I > am (or many of us, for that matter). Windows defaults out of the > box to about 7200 concurrent threads (src - http://gregluck.com/blog/ > archives/2004/12/limits_to_threa_1.html - and his thread-test.jar > available from the same post) for the JVM, though which should be > adequate in most cases if what's being served from CF is optimized. > > If I may, I might also suggest taking a look at the queries on your > hardest hit pages. > > The biggest violator in CF I've found, personally, for > java.lang.OutOfMemory errors has been in manipulating the results of > queries that are returning a large number of records in the base > query (i.e. QoQ or ). Sometimes > this starts to happen unexpectedly when a table has grown very large > over time and the original queries weren't designed to deal with > recordsets on that scale.Memory issues then get progressively > worse as the table grows larger until the number of records being > manipulated is so large that it creates the Out of memory errors and > eventually hangs the server. > > HTH, > > Jon > > PS - "Connection reset by peer: socket write error" which you also > mentioned can be caused by database connectivity issues - possibly > also a query issue on the DBMS side. > > On Apr 16, 2007, at 11:31 AM, Peterson, Chris wrote: > >> Nope, debugging is not enabled on either cluster-member instance. >> Check >> this one out, now I am finding this in my err.log file: >> >> java.lang.OutOfMemoryError: unable to create new native thread >> >> It looks like its hitting some type of native OS memory limit for >> creating threads? I found this article about it: >> http://www.talkingtree.com/blog/index.cfm/2005/3/11/NewNativeThread >> > > > > > > ~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275428 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
On Apr 14, 2007, at 10:46 AM, Rick Faircloth wrote: > But now that I've started down the client-side validation road, I hear > from passersby, "No! You should always validate server-side or both!" Not validating server-side is too much of a security risk. I always consider server-side validation to be utterly essential, and client- side an extra bonus if you have the time. Never, ever, ever, ever (don't you see!), ever, ever, never, ever do just client-side validation, you're leaving yourself open to have your data stolen, your cat painted and your lunch left too long in the microwave, i.e. "bad things." -- Damien McKenna - Web Developer - [EMAIL PROTECTED] The Limu Company - http://www.thelimucompany.com/ - 407-548-3800 ~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275427 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
Rick you might be right in some audiences but I think you may be wrong in many other audiences. Larger corporations, for instance, do much more extensive security filtering. They can block javascript/activeX/etc at the firewall and they can also enforce browser settings at the desktop level. The end user may not have any participation in the security decisions nor even know that javascript has been disabled for them. They just know that some things don't work. That's a recipe for bad user experience. In general, my approach is to make javascript optional for all front end tools with an unknown audience and then tailor the use of javascript/flash/etc. in admin applications to the expected audience since it is likely to be a much better known user base. Judah Rick Faircloth wrote: > Josh, > > You refer to customers who don't have javascript enabled > as "javascript-challenged." Since not using javascript would > take some knowledge and tinkering, wouldn't it be more likely > that those who don't use javascript are advanced users and > just simply choosing not to use javascript? > > Rick ~| ColdFusion MX7 and Flex 2 Build sales & marketing dashboard RIAâs for your business. Upgrade now http://www.adobe.com/products/coldfusion/flex2?sdid=RVJT Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275426 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Urgent Help Please!
Chris, I've been there and feel your pain (some from my own doing, though, so I can't throw too many stones). In the meantime, as a stop-gap you might be able to get by with adding a couple of multi-column indexes on the database side (if you haven't already) for your commonly used 'WHERE' columns to limit the number of records being parsed on the base query. If your query is: SELECT * FROM foo WHERE bar = 'FooBar' AND foo_user = 2; Create an index with the two columns: ALTER table foo ADD INDEX(bar,foo_user); This will speed things up on the DBMS side and possibly help the page execution times - freeing up more memory since CF isn't waiting around.It won't help you with the processing that CF is doing of the returned query itself, though. For that you'll need to roll up your sleeves and apply some lipstick to that pig... :-) Regards, Jon On Apr 16, 2007, at 2:14 PM, Peterson, Chris wrote: > Jon, > > You are most likely correct, as the people who originally coded this > site didn't know how to do a cross-database join, so instead did a > SELECT * from Users, and now there are, ohhh, 26,000+ users on the > site. > Not to mention the SELECT * from items, which contains about 100,000+ > items. Unfortunately, this code is on about 50 - 100 pages, and > you can > imagine that its not written for readability or ease of > maintenance. I > am ban aiding it for now, and working on permanent fixes for the > future. > > Chris > > -Original Message- > From: Jon Clausen [mailto:[EMAIL PROTECTED] > Sent: Monday, April 16, 2007 1:25 PM > To: CF-Talk > Subject: Re: Urgent Help Please! > > Chris, > > First of all, I defer to any of the suggestions that Jochem gives you, > since he's way better in the server configuration arena than I > am (or many of us, for that matter). Windows defaults out of the > box to about 7200 concurrent threads (src - http://gregluck.com/blog/ > archives/2004/12/limits_to_threa_1.html - and his thread-test.jar > available from the same post) for the JVM, though which should be > adequate in most cases if what's being served from CF is optimized. > > If I may, I might also suggest taking a look at the queries on your > hardest hit pages. > > The biggest violator in CF I've found, personally, for > java.lang.OutOfMemory errors has been in manipulating the results of > queries that are returning a large number of records in the base > query (i.e. QoQ or ). Sometimes > this starts to happen unexpectedly when a table has grown very large > over time and the original queries weren't designed to deal with > recordsets on that scale.Memory issues then get progressively > worse as the table grows larger until the number of records being > manipulated is so large that it creates the Out of memory errors and > eventually hangs the server. > > HTH, > > Jon > > PS - "Connection reset by peer: socket write error" which you also > mentioned can be caused by database connectivity issues - possibly > also > a query issue on the DBMS side. > > On Apr 16, 2007, at 11:31 AM, Peterson, Chris wrote: > >> Nope, debugging is not enabled on either cluster-member instance. >> Check >> this one out, now I am finding this in my err.log file: >> >> java.lang.OutOfMemoryError: unable to create new native thread >> >> It looks like its hitting some type of native OS memory limit for >> creating threads? I found this article about it: >> http://www.talkingtree.com/blog/index.cfm/2005/3/11/NewNativeThread >> > > > > > > ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275425 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: CF CAPTCHA - need help!
Good afternoon again everyone, If you can set it up to where it produces a string of straight text, and not text embedded within an image your captcha text/questions will then be readable by screen reading solutions. Some companies have implemented audio rendering of this text, but the audio is often a poor quality, and the site is inaccessible to those who are both blind and deaf or have severe hearing impairments. Doing this will also go a long way to ensuring that your Web sites are Section 508 Compliant. Peter Donahue - Original Message - From: "Steven Sprouse" <[EMAIL PROTECTED]> To: "CF-Talk" Sent: Monday, April 16, 2007 8:16 AM Subject: Re: CF CAPTCHA - need help! The feedback form can be found here: http://www2.ccboe.com/feedback/feedbackform.cfm I think I've tried the lyla capcha in the past and couldn't figure it out. Maybe I'll give it another go. ~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJQ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275424 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Client-side validation or Server-side Validation?
> There's tons of example code and libraries (such as qForms) that will allow > you to easily apply client-side validation rules to your code. It's not that > difficult to implement. But then, you'd have to require javascript - so that's another vote in that direction ~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion?sdid=RVJR Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275423 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Secure Web Service
Depending how high end you want to go, you can actually do salted encryption (randomized) to everything you want to pass and decode it locally with the advanced features of the Encrypt tag. It's not necessary, but it does add another layer of security. We recently did this with a CF client to a C# service. It wasn't easy but now that it's in place, everyone sleeps well. !k -Original Message- From: Robert Rawlins - Think Blue [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 9:10 AM To: CF-Talk Subject: RE: Secure Web Service Thanks for that James and Tom. The client system won't be CF, it'll be a JAVA or Python based app, but that's a handy tip about the username and password argument names, and I'll be sure to push the production version over SSL as well to keep them nice and safe. Thanks again guys, if you have any other golden nuggets I'd love to hear them. Rob -Original Message- From: James Holmes [mailto:[EMAIL PROTECTED] Sent: 16 April 2007 16:02 To: CF-Talk Subject: Re: Secure Web Service This is what we've done. Just use SSL and pass arguments into each method call but don't call them "username" and "password" as CF (if that's the client machine's platform) will instead pass these along as http basic authentication (which, btw, you don't want to use as a CF client will cache the authentication and potentially give everyone on the remote box access to your webservice). Call them wsusername and wspassword or something similar. On 4/16/07, Tom Chiverton <[EMAIL PROTECTED]> wrote: > On Monday 16 Apr 2007, Robert Rawlins - Think Blue wrote: > > I am a little worried about putting too much overhead on this as they could > > potentially get quite busy, am I ok to simple request a username and > > password argument into the service and use that to authenticate the user? > > Could do - make sure you are running over SSL though so know one can see the > passwords go past. > > > IP in my database as they're all sat on static lines. I feel that querying > > the database every time the client accesses the service is a little > > sluggish, but perhaps not. > > I wouldn't expect it to be slow. If, as you say, it's fairly busy then the > query results will be in the database servers query cache. > You could set the cache options in the CFQUERY tag too of course. > > -- > Tom Chiverton > Helping to greatly exploit impactful markets > on: http://thefalken.livejournal.com > > > > This email is sent for and on behalf of Halliwells LLP. > > Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law Society. > > CONFIDENTIALITY > > This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. > > For more information about Halliwells LLP visit www.halliwells.com. > > > ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275422 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Auto Index Dbase datasource?
In 5 I was using the Merant dBase/FoxPro. I haven't been able to figure out how to use the Merant driver in MX7, is this possible? -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 1:38 PM To: CF-Talk Subject: Re: Auto Index Dbase datasource? >>its an old dbase 3 database As far as you have an ODBC driver to support it and able to re-index tables, it should also take care of indexes when updating. I don't see your point. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275421 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: CF CAPTCHA - need help!
> Okay, I've made changes to the form, http://www2.ccboe. > com/feedback/feedbackform.cfm > > The CAPTCHA is there and looking nice, but I can still submit the form > without having to enter anything in the image field. Any help with > this? Does the mailto look UPDATE - I was able to get it to work. To the people with more experience in this than me, does it look like, code wise, that I've improved the functionality and reduced the amount of SPAM that might get through? ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275420 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
Rick, >I'm leaning toward a combination of JS for user-friendliness with >the validation coming from ColdFusion programming. > >I get the best of both worlds that way. It's not the best of both worlds. If you're doing all validation based on AJAX operations, then you've introduced a huge layer of complexity and point of failure to your code. Not to mention added additional HTTP requests that are unneeded. Only use AJAX validation for client-side errors for things that you can't do w/out interaction with the server (such as validating if a username exists.) There's tons of example code and libraries (such as qForms) that will allow you to easily apply client-side validation rules to your code. It's not that difficult to implement. There's absolutely no reason to make an HTTP request to see if a field is required, to see if a field looks like a valid e-mail address, to see if a value is a number, etc. There's tons of stuff out there that you can leverage. These are not difficult problems to solve. -Dan ~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJQ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275419 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Client-side validation or Server-side Validation?
> I'm leaning towards using a combination of JS on the interface > and CF for data validation. That'll take care of security. The application I'm thinking about is an insurance enrollment system. Users have to already be registered to access the system - which is a multi-page form. I'm using a combination of CFFORM validation and then server-side validation on the database. BUT - I've had to add a third layer for folks without javascript! When they enter the system, most of their user info is already filled out for them, so you'd think you'd not get many submissions with info missing. Even so, you wouldn't believe the number of submissions where a simple "Your Email" field is left blank. AND IT'S FILLED IN TO START WITH! ..and marked in red "REQUIRED". And they'll still erase whatever is in there and leave it blank. I've had to add an "in between" layer to check for missing info when the client-side validation fails (due to no javascript) and kick them back to the form before it ever gets to the data-processing page. Since the forms are pretty darned big, that's a ton of extra code (almost 30% more). I'd just as soon kill that extra layer and require javascript. If part of the application itself is javascript and they refuse to use it, isn't that like refusing to put the proper fuel in your car and then complaining about how it isn't running too good? I dunno - this is something I'm still considering myself. It would certainly save a lot of coding headaches, that's for sure. ~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275418 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Urgent Help Please!
Jon, You are most likely correct, as the people who originally coded this site didn't know how to do a cross-database join, so instead did a SELECT * from Users, and now there are, ohhh, 26,000+ users on the site. Not to mention the SELECT * from items, which contains about 100,000+ items. Unfortunately, this code is on about 50 - 100 pages, and you can imagine that its not written for readability or ease of maintenance. I am ban aiding it for now, and working on permanent fixes for the future. Chris -Original Message- From: Jon Clausen [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 1:25 PM To: CF-Talk Subject: Re: Urgent Help Please! Chris, First of all, I defer to any of the suggestions that Jochem gives you, since he's way better in the server configuration arena than I am (or many of us, for that matter). Windows defaults out of the box to about 7200 concurrent threads (src - http://gregluck.com/blog/ archives/2004/12/limits_to_threa_1.html - and his thread-test.jar available from the same post) for the JVM, though which should be adequate in most cases if what's being served from CF is optimized. If I may, I might also suggest taking a look at the queries on your hardest hit pages. The biggest violator in CF I've found, personally, for java.lang.OutOfMemory errors has been in manipulating the results of queries that are returning a large number of records in the base query (i.e. QoQ or ). Sometimes this starts to happen unexpectedly when a table has grown very large over time and the original queries weren't designed to deal with recordsets on that scale.Memory issues then get progressively worse as the table grows larger until the number of records being manipulated is so large that it creates the Out of memory errors and eventually hangs the server. HTH, Jon PS - "Connection reset by peer: socket write error" which you also mentioned can be caused by database connectivity issues - possibly also a query issue on the DBMS side. On Apr 16, 2007, at 11:31 AM, Peterson, Chris wrote: > Nope, debugging is not enabled on either cluster-member instance. > Check > this one out, now I am finding this in my err.log file: > > java.lang.OutOfMemoryError: unable to create new native thread > > It looks like its hitting some type of native OS memory limit for > creating threads? I found this article about it: > http://www.talkingtree.com/blog/index.cfm/2005/3/11/NewNativeThread > ~| Upgrade to Adobe ColdFusion MX7 The most significant release in over 10 years. Upgrade & see new features. http://www.adobe.com/products/coldfusion?sdid=RVJR Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275417 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: CF CAPTCHA - need help!
Hello Less and listers, I applaud your approach with this captia solution. As one who uses a screen reader to access applications and Web sites these captias are a real problem for those who must use this technology to gain access to secured areas of a Web site. The traditional, "Copy the letters/numbers you see in to the field below" captia effectively locks blind people out of areas of Web sites and computer applications where this type of captia is used. Having a captia that displays a text string that can be read by screen readers that asks a question and provides one with an edit field to write their answer would allow you to secure your forms and still make it possible for blind persons using screen reading software to gain full access to protected areas of your Web site. Since traditional captia information is presented as an OCR image these cannot be read by screen readers, but text strings can. If you're able to create a CF Captia I'd love to see the code myself and would consider using it on my Web sites as well. I'll be following this thread with interest. Peter Donahue - Original Message - From: "Les Mizzell" <[EMAIL PROTECTED]> To: "CF-Talk" Sent: Monday, April 16, 2007 9:30 AM Subject: Re: CF CAPTCHA - need help! Though I'm using captcha solutions for most of my main clients (and server side too, thank you), I've been toying around with ideas on a smaller site or two owned by myself just to see what would happen. A very simple "Does a cow "moo", "bark", "howl", "mew" or "whistle"?" question with a blank to write in the correct answer with a simple cfif after submission to check for the correct response has, for over a month, stopped 100% of the form spams I was getting. I have an email alert sent to myself just so I can see what's hitting the form, and it's 10 to 20 bots a day... For a second test, I've placed a "fake" form in front of the real one and hidden it with CSS. The form bots fill this one out, and never get to the real form on the page. It's been 100% effective as well against 10 to 20 bots a day... ~| Deploy Web Applications Quickly across the enterprise with ColdFusion MX7 & Flex 2 Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJU Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275416 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Client-side validation or Server-side Validation?
Hi Rick, I can only speak from my personal experience. The main site I work on sells plus-size clothing for ladies. When I first put up our new CF ecommerce site, we were getting several calls a day from angry ladies who couldn't add a product to their shopping bag. I had foolishly made the "Add to Bag" button dependent on an onClick event, which obviously didn't work if their javascript was disabled. I'm pretty sure these ladies were not advanced users! All I can think is that their scripting had been disabled on their browser or somewhere up the chain by a tech guy at their office (most people shop from work). At any rate, you never know who will have javascript enabled/disabled, but I would think advanced users would be understanding of any security issues, and have javascript enabled because they feel confident about handling any security problems. -- Josh - Original Message - From: "Rick Faircloth" <[EMAIL PROTECTED]> To: "CF-Talk" Sent: Monday, April 16, 2007 10:35 AM Subject: RE: Client-side validation or Server-side Validation? > Josh, > > You refer to customers who don't have javascript enabled > as "javascript-challenged." Since not using javascript would > take some knowledge and tinkering, wouldn't it be more likely > that those who don't use javascript are advanced users and > just simply choosing not to use javascript? > > Rick > > -Original Message- > From: Josh Nathanson [mailto:[EMAIL PROTECTED] > Sent: Monday, April 16, 2007 1:09 PM > To: CF-Talk > Subject: Re: Client-side validation or Server-side Validation? > >> How bad would it be to make having javascript turned on *REQUIRED* >> before visotors can view certain content (forms)? > > This all depends your intended audience, and the purpose of your website. > > I run a mission-critical eCommerce site, so we have to make sure our > javascript-challenged customers can still buy stuff. We still use > javascript validation for those who have JS enabled, but saying "you must > have javascript enabled to use this form" is simply not an option in this > scenario. > > -- Josh > > > > > ~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275415 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
As I stated when I responded to Robert... I'm leaning towards using a combination of JS on the interface and CF for data validation. That'll take care of security. Rick -Original Message- From: Brad Wood [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 1:17 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? That's all well and good, but it still doesn't prevent a black hat from posting directly to your web server (They wouldn't even need to use a browser) in an attempt to pass data that would have not been permissible from the form. I see JavaScript as flimsy when it comes to security issues because I can't control it. There are too many tools which even let users modify the contents of hidden fields on a page. Even thought it is extra work, I still back up my client-side validation with server side validation. Besides, sometimes I have the need to do more than simple data-type validation like "That order number is not found in our database". How would you do that in JavaScript without going to the server anyway? ~Brad -Original Message- From: Rick Faircloth [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 11:58 AM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? I'm all for forcing users of sites I develop to use Javascript. ~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275414 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Client-side validation or Server-side Validation?
I'm leaning toward a combination of JS for user-friendliness with the validation coming from ColdFusion programming. I get the best of both worlds that way. I'm not big on web standards and accessibility. At least not right now. I agree that the audience is a big factor, but if it's the general population we're talking about, then the small minority can make a choice to use my sites or not. *Their* choice to exclude themselves, not mine to exclude them. It's like coding for users of the Opera browser. If they want to be able to have the best experience on my sites, then install IE. It's just too much work to cater to every minority group in the virtual universe. Rick -Original Message- From: Robert Rawlins - Think Blue [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 1:20 PM To: CF-Talk Subject: RE: Client-side validation or Server-side Validation? I don't think it's very user friendly at all, but I'm quite a big web standards and accessibility fan. You should always have an alternative version of your site that can be viewed on a small screen or text only browser and things like that. You can achieve a perfectly rich feel from server side validation on simple forms, if you want to do more complex stuff with AJAX then I'm sure that insisting on javascript enabled browser is something you don't really have a choice about, but that's something you have to consider when taking into consideration when deciding to go down that route. I think expecting or pressuring the user into doing anything is a bad move, after all assumption is the mother of all f*** ups. Like 'Josh' says it's really about your audience, when you're working with any high volume traffic of something you would deem 'mission critical' then why would you EVER take the risk of 10% of the potential market not being able to access your application? It would be madness. But 'rich content' and 'form validation' are very different things, and this thread started talking about form validation in which case, relying on JS alone, or having a system that doesn't work unless JS is enabled is a massive mistake to make. With rich content then you're probably a little safer, but with anything that is mission critical or a major revenue driver for your business, I think it's a risk you shouldn't be taking. Rob -Original Message- From: Les Mizzell [mailto:[EMAIL PROTECTED] Sent: 16 April 2007 17:47 To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? > Looking at the latest published W3C statistics you would educate a guess of > about 10% of browsers not having JS enabled on them, that's a fairly hefty > chunk. How bad would it be to make having javascript turned on *REQUIRED* before visotors can view certain content (forms)? It's something I've considered, especially after looking at the extra code I've had to place on certain pages to check required fields if javascript is off - but how 'user friendly" is this if done? Opinions? ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275413 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: CF CAPTCHA - need help!
Okay, I've made changes to the form, http://www2.ccboe.com/feedback/feedbackform.cfm The CAPTCHA is there and looking nice, but I can still submit the form without having to enter anything in the image field. Any help with this? Does the mailto look ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275412 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Client-side validation or Server-side Validation?
>> does this figures suppose that 10% of visitors having Javascript disabled IS a potential market? further more, how many among those 10% just didn't know they had JS disabled and will be so glad you told them that they will buy anything in your boutique? ;-) -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275411 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Auto Index Dbase datasource?
>>its an old dbase 3 database As far as you have an ODBC driver to support it and able to re-index tables, it should also take care of indexes when updating. I don't see your point. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| ColdFusion MX7 by Adobe® Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7. Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275410 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Client-side validation or Server-side Validation?
Josh, You refer to customers who don't have javascript enabled as "javascript-challenged." Since not using javascript would take some knowledge and tinkering, wouldn't it be more likely that those who don't use javascript are advanced users and just simply choosing not to use javascript? Rick -Original Message- From: Josh Nathanson [mailto:[EMAIL PROTECTED] Sent: Monday, April 16, 2007 1:09 PM To: CF-Talk Subject: Re: Client-side validation or Server-side Validation? > How bad would it be to make having javascript turned on *REQUIRED* > before visotors can view certain content (forms)? This all depends your intended audience, and the purpose of your website. I run a mission-critical eCommerce site, so we have to make sure our javascript-challenged customers can still buy stuff. We still use javascript validation for those who have JS enabled, but saying "you must have javascript enabled to use this form" is simply not an option in this scenario. -- Josh ~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275409 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
