Can't get CF8 to read EXIF from .jpg on Remote server

[Lee Evans]

Hello, 

Using CF8 I'm building a app for a client that needs to retreive EXIF data from 
.jpg files not local to the CF server. 

Using the following code...

1   http://www.foo.com/photo.jpg";>
2   
3   
4   

Processing stops at line 3 and CF8 spits out 

"Exception occured in JPG processing. segment size would extend beyond file 
stream length" 

When I attempt to get around this issue by writing the image out to a temp file 
using the following

1   http://www.foo.com/photo.jpg";>
2   
3   
4   
5   

This executes, but the CFDump returns an Empty struct  After looking at 
phototemp.jpg as written by CF8 I find it does not contain any EXIF data. I've 
also tried retrieving the .jpg using CFHTTP and the EXIF is lost that way as 
well.

Has anyone gotten this to work? Any ideas?

Thanks. 

~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285556
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: CF / Alagad / Photography Questions

[Andrew Grosset]

I agree, CFX_ImageCR is excellent, you can download a free trial version and 
their instructions on how to use it are excellent - I did a couple of 
comparisons with photoshop and couldn't tell the difference!

Andrew.

>I have used CFX_ImageCR from Efflare (version 3) in the past with
>excellent results.  See www.efflare.com.
>
>
>-Justin Scott 

~|
Get the answers you are looking for on the ColdFusion Labs
Forum direct from active programmers and developers.
http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:28
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: If cfwindow exists

[AJ Mercer]

you can get to a cfdiv with
href="javaScript:ColdFusion.navigate('/calendar.cfm','demoDiv')"

were demoDiv is the name of the cfdiv

Some where to start looking.

HTH

On 8/7/07, Steve Sequenzia <[EMAIL PROTECTED]> wrote:
>
> Anyone know the syntax to tell whether a cfwindow by name exists on a
> page. I am having issues with it trying to reload a new window with same
> name.
>
> I need to figure out the syntax to tell whether it is defined.
>
> Any ideas?
>
> 

~|
ColdFusion 8 - Build next generation apps
today, with easy PDF and Ajax features - download now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285554
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: If cfwindow exists

[Raymond Camden]

I haven't tried it - but maybe ColdFusion.Window.getWindowObject -
maybe it returns null if the window doesn't exist.

On 8/6/07, Steve Sequenzia <[EMAIL PROTECTED]> wrote:
> Anyone know the syntax to tell whether a cfwindow by name exists on a page. I 
> am having issues with it trying to reload a new window with same name.
>
> I need to figure out the syntax to tell whether it is defined.
>
> Any ideas?
>
> 

~|
ColdFusion 8 - Build next generation apps
today, with easy PDF and Ajax features - download now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285553
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

If cfwindow exists

[Steve Sequenzia]

Anyone know the syntax to tell whether a cfwindow by name exists on a page. I 
am having issues with it trying to reload a new window with same name.

I need to figure out the syntax to tell whether it is defined.

Any ideas? 

~|
Get the answers you are looking for on the ColdFusion Labs
Forum direct from active programmers and developers.
http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285552
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

RE: cfoutput and groups

[Dale Fraser]

You need an inner 

#qGetCEProcedures.cecategory#


#qGetCEProcedures.cename#



So you can put stuff in the first cfoutput or second, the first one happens
once per group and the second for each item in the group.

Regards
Dale Fraser

http://dalefraser.blogspot.com


-Original Message-
From: Peter Tanswell [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, 7 August 2007 12:04 PM
To: CF-Talk
Subject: cfoutput and groups

Hi there

I have a query where I am getting information from 2 tables.

Basically a category table i.e. categories are face, body & breasts

Users have entered details of cosmetic enhancementprocedures according to
whether the procedure is for face, body or breasts, e.g. face has face lift,
rhinoplasty, browlift, Body has liposuction, tummy tuck etc

On the site I want to display the information in the respective groups hence
body, face and breasts.

My query is as follows:


SELECT  cecat.cecatid, cecat.cecategory, ce.cecategoryid, ce.cename,
ce.cedetails, ce.ceresults
FROM  tbl_cosmeticenhancement ce, tbl_cecategories cecat
WHERE  ce.cecategoryid = cecat.cecatid
Order by cecat.cecategory


Then I was going to have 



#qGetCEProcedures.cecategory#
#qGetCEProcedures.cename#


What I am finding is that I am only getting one result displayed for each
category instead of 3 or 4. 

Thanks in advance for feedback. 




~|
Download the latest ColdFusion 8 utilities including Report Builder,
plug-ins for Eclipse and Dreamweaver updates.
http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285551
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: cfoutput and groups

[James Holmes]

You need an inner cfoutput to loop inside the group.

On 8/7/07, Peter Tanswell <[EMAIL PROTECTED]> wrote:
> Hi there
>
> I have a query where I am getting information from 2 tables.
>
> Basically a category table i.e. categories are face, body & breasts
>
> Users have entered details of cosmetic enhancementprocedures according to 
> whether the procedure is for face, body or breasts, e.g. face has face lift, 
> rhinoplasty, browlift, Body has liposuction, tummy tuck etc
>
> On the site I want to display the information in the respective groups hence 
> body, face and breasts.
>
> My query is as follows:
>
>
> SELECT  cecat.cecatid, cecat.cecategory, ce.cecategoryid, ce.cename, 
> ce.cedetails, ce.ceresults
> FROM  tbl_cosmeticenhancement ce, tbl_cecategories cecat
> WHERE  ce.cecategoryid = cecat.cecatid
> Order by cecat.cecategory
>
>
> Then I was going to have
>
>
> 
> #qGetCEProcedures.cecategory#
> #qGetCEProcedures.cename#
>
>
> What I am finding is that I am only getting one result displayed for each 
> category instead of 3 or 4.


-- 
mxAjax / CFAjax docs and other useful articles:
http://www.bifrost.com.au/blog/

~|
Create robust enterprise, web RIAs.
Upgrade to ColdFusion 8 and integrate with Adobe Flex
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285550
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: cfoutput and groups

[Joel Watson]

> Hi there
> 
> I have a query where I am getting information from 2 tables.
> 
> Basically a category table i.e. categories are face, body & breasts
> 
> Users have entered details of cosmetic enhancementprocedures according 
> to whether the procedure is for face, body or breasts, e.g. face has 
> face lift, rhinoplasty, browlift, Body has liposuction, tummy tuck 
> etc
> 
> On the site I want to display the information in the respective groups 
> hence body, face and breasts.
> 
> My query is as follows:
> 
> 
> SELECT  cecat.cecatid, cecat.cecategory, ce.cecategoryid, ce.cename, 
> ce.cedetails, ce.ceresults
> FROM  tbl_cosmeticenhancement ce, tbl_cecategories cecat
> WHERE  ce.cecategoryid = cecat.cecatid
> Order by cecat.cecategory
> 
> 
> Then I was going to have 
> 
> 
> 
> #qGetCEProcedures.cecategory#
> #qGetCEProcedures.cename#
> 
> 
> What I am finding is that I am only getting one result displayed for 
> each category instead of 3 or 4. 
> 
> Thanks in advance for feedback. 


Have you tried joining the tables on the shared categoryID values? 

~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285549
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

cfoutput and groups

[Peter Tanswell]

Hi there

I have a query where I am getting information from 2 tables.

Basically a category table i.e. categories are face, body & breasts

Users have entered details of cosmetic enhancementprocedures according to 
whether the procedure is for face, body or breasts, e.g. face has face lift, 
rhinoplasty, browlift, Body has liposuction, tummy tuck etc

On the site I want to display the information in the respective groups hence 
body, face and breasts.

My query is as follows:


SELECT  cecat.cecatid, cecat.cecategory, ce.cecategoryid, ce.cename, 
ce.cedetails, ce.ceresults
FROM  tbl_cosmeticenhancement ce, tbl_cecategories cecat
WHERE  ce.cecategoryid = cecat.cecatid
Order by cecat.cecategory


Then I was going to have 



#qGetCEProcedures.cecategory#
#qGetCEProcedures.cename#


What I am finding is that I am only getting one result displayed for each 
category instead of 3 or 4. 

Thanks in advance for feedback. 


~|
Download the latest ColdFusion 8 utilities including Report Builder,
plug-ins for Eclipse and Dreamweaver updates.
http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285548
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: Issue with CF code not running in CMS

[Dinner]

On 8/6/07, Justin Scott wrote:

> does not get executed.  If you want that code in the database to be
> executed, you will need to write it to a file first, then include it in
> the page.  Generally I don't recommend doing that unless you absolutely

You can also create a function, like outputAnnouncementsQuery(),
which runs your bit of code, and then search and replace using
evaluate("#outputAnnouncementsQuery(your,args)#"), which will
run that bit of code for you without having to write anything to disk
or whatnot.

Just a little variation on the placeholder bit, basically.

> must as it will kill your page-load times unless you really know what
> you're doing and apply some caching to the process.

Evaluate isn't as bad as writing to disk, but it's still not optimal.

Actually, I can't remember what evaluate gave me over your standard
placeholder replacement technique... it was useful tho, IIRC.  Some
good reason for thinking that was cool, I bet.  Yeah.

Anyways, Bruce, I'd start building a meta-language, and use it, vs.
writing pure CF into a DB or whatnot.  With a meta-language, you
can always switch back-ends, ya know?  Unless you want to write
a cf interpreter... :-)

Now, as for what you're probably trying to do, I did something pretty
close-  pretty much did how DW does with the "live" preview, or
whatnot- I've got my meta-language, which inserts dynamic content,
but I keep the content locked, so you can't edit it (as you'd be editing
HTML, not the actual dynamic content) basically.

Thus, the user sees how it will look, while editing (WYSIWYG).

I should probably keep it all under wraps and come up with something
to sell, but what the hell- it ain't rocket science.  Or even "Ooo, la la"-ish.

On the other hand, if you really really want to code CF thru a web
interface, I've got that SVN plugin for FCKEditor-  you could set it
up to publish the page wherever you want.  And be versioned, to boot.
Yup, if that's what your after, Subversion it, baby!  lol =]

~|
Create robust enterprise, web RIAs.
Upgrade to ColdFusion 8 and integrate with Adobe Flex
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285547
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: Application-wide SQL Injection prevention?

[Paul Vernon]

I don't know how many times we've seen the subject of this thread over the
last few years but it generally ends with Jochem blowing holes in every type
of contrived SQL injection protection and the general consensus ends up
being if you are worried about SQL injection, use CFQUERYPARAM.

For XSS then you really should be looking at using HTMLEditFormat() and
HTMLCodeFormat() to make any user submitted content safe.

Take a look at some resources that others have posted to this list before:

http://www-106.ibm.com/developerworks/linux/library/l-sp2.html#IDADE4KC

http://www.unixwiz.net/techtips/sql-injection.html

If you don't want to go down the futile path of chasing down every attack
and bolting the door afterwards, just use the built in features of the CF
language. 

You may see errors on your site if you only employ these features when your
site is attacked but if someone is trying to hack your site using SQL
injection or XSS techniques why would you expect (or want) it to work
correctly because it shouldn't! Some errors are good errors... 

Every time I get a value is not of type CF_SQL_INTEGER error, I look at
their attack from the error dump, invariably smile at the fact that
CFQUERYPARAM has saved the day *again* and chalk one up for the good guys.

Paul



~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285546
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: CF / Alagad / Photography Questions

[Claude Schneegans]

 >>I have used CFX_ImageCR from Efflare (version 3) in the past with
excellent results.

Let me second this recommendation.
I get reduced images with the same quality as with the "smart resizing" 
in Paint Shop Pro.

-- 
___
REUSE CODE! Use custom tags;
See http://www.contentbox.com/claude/customtags/tagstore.cfm
(Please send any spam to this address: [EMAIL PROTECTED])
Thanks.


~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285545
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: AUTOSUGGESTBINDDELAY won't take anything less than 1

[David Mineer]

Sean.  Thank you.  That makes it work exactly like I want it to.

Too bad it can't default to 0.5 but allow us to choose 0.1 or even
0.0.  Is that a feature request that I could submit?  Would that go to
Yahoo or Adobe?

Is there an overwhelming reason to not allow us to set anything below 1?

Thanks again.

On 8/6/07, Sean Corfield <[EMAIL PROTECTED]> wrote:
> On 8/6/07, David Mineer <[EMAIL PROTECTED]> wrote:
> > I don't know what I could be doing wrong.  Anyone able to succesfully
> > use anything less than 1?
>
> You can change the default by modifying lines 20 and 28 of
> autocomplete-min.js in /CFIDE/scripts/ajax/yui/autocomplete - or
> copying the entire scripts tree elsewhere, modifying the copy and
> using scriptsrc= on your  tag. Obviously the latter is more
> "portable" across installations.
> --
> Sean A Corfield -- (904) 302-SEAN
> An Architect's View -- http://corfield.org/
>
> "If you're not annoying somebody, you're not really alive."
> -- Margaret Atwood
>
> 

~|
Check out the new features and enhancements in the
latest product release - download the "What's New PDF" now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285544
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: Application-wide SQL Injection prevention?

[Dinner]

On 8/6/07, Justin Scott wrote:
> > Anyways, while I'm percolating, anyone have any
> > ideas?  Doable, not-doable, done?  Hmmm
>
> There was a link to a site earlier today where I found a XSSBlock custom
> CFML tag that has an option to block basic SQL injection attacks:
>
> http://www.illumineti.com/documents/xssblock.txt

Great brain fodder!

Thank you Justin!

~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285543
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: Issue with CF code not running in CMS

[Justin Scott]

> All I see on the page is #Annoucement#.

When you output a variable, the contents of the variable are dumped out
to the browser.  If you have ColdFusion code in that variable, it is
treated as a string and dumped with anything else in that string.  It
does not get executed.  If you want that code in the database to be
executed, you will need to write it to a file first, then include it in
the page.  Generally I don't recommend doing that unless you absolutely
must as it will kill your page-load times unless you really know what
you're doing and apply some caching to the process.


-Justin Scott

~|
Check out the new features and enhancements in the
latest product release - download the "What's New PDF" now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285542
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: Javascript Calendar Deeley

[Dinner]

I've got a function for this: http://sourceforge.net/projects/jscalendar

Which makes it pretty easy:
#jscalendar("datesome")#

You could write one pretty fast (or have mine, of course).
__
Guess I should put it out at cflib.org- since there's this nifty little
list here in CFEclipse... (freaking AWESOME, BTW!  Woot!)

On 8/6/07, robert.rawlins wrote:
> Chaps,
>
> I know that CF has this stuff built in, but I'm not running it in
> production quite yet and need an old school solution. I need a little date
> selector calendar for my forms, similar to those for the datefield in the
> flash forms, only a JS/DHTML version which can be used on a standard form.
>
> Now, I've seen loads of them about but wanted your thoughts on the best
> ones, I want somthing clean and accessible which can be implemented nicely
> without excessive code.
>
> Thanks guys, look foward to getting your ideas,
>
> Rob
>
>
>
> 

~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285541
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Issue with CF code not running in CMS

[Bruce Sorge]

I am building a rather simple only-I-am-going-yo-use-it CMS until I can get
FCKeditor properly integrated into this new site. So my Default.cfm page has
this line:


   
  
  

 #getPagesRet.Body#
  




In the database table is a field called Body that has the actual HTML that
displays the page contents. So if I have in that code a cfoutput query,
rather than show the query that looks like this:

   #Annoucement# 


All I see on the page is #Annoucement#.

So how do I make it so that I can see the query results? Does this make
sense?

Thanks,

-- 
Bruce


~|
Enterprise web applications, build robust, secure 
scalable apps today - Try it now ColdFusion Today
ColdFusion 8 beta - Build next generation apps

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285540
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: CF / Alagad / Photography Questions

[Justin Scott]

> What kind of resolution (crisp look) can you obtain
> using ImageCR3 for a 19MEG file?

I've never tested it using an image that large personally, so I can't
say.  It does an excellent job knocking 1280x1024 photos down to small
thumbnails though.


-Justin Scott

~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285539
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Rey Bango]

If they're in GotCFM.com, then they used CF at some point. They may have 
changed technology.

Rey...

Damien McKenna wrote:
>> -Original Message-
>> From: Rey Bango [mailto:[EMAIL PROTECTED] 
>> Sent: Monday, August 06, 2007 11:36 AM
>> Subject: [NEWS] Top 100 ColdFusion websites by Alexa rank
>>
>> http://www.coldfusiondeveloper.com.au/go/top100/
> 
> Alexa rank, #94 - OpenSourceTemplates.org uses PHP?
> 
> 
> Damien McKenna
> Web Developer
> The LIMU Company
> 
> 

~|
Check out the new features and enhancements in the
latest product release - download the "What's New PDF" now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285538
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: CF / Alagad / Photography Questions

[Adkins, Randy]

Checking it out now. May have to check with the hosting provider if they
would install the CFX tag 

-Original Message-
From: Justin Scott [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 4:55 PM
To: CF-Talk
Subject: RE: CF / Alagad / Photography Questions

> 2. If you convert the photo for the client do you use Alagad, another 
> web graphics tag, or do you use Adobe Fireworks/Photoshop and convert

I have used CFX_ImageCR from Efflare (version 3) in the past with
excellent results.  See www.efflare.com.


-Justin Scott



~|
Download the latest ColdFusion 8 utilities including Report Builder,
plug-ins for Eclipse and Dreamweaver updates.
http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285536
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: CF / Alagad / Photography Questions

[Adkins, Randy]

What kind of resolution (crisp look) can you obtain using ImageCR3 for a
19MEG file? 
If it can keep a sharp look for the resizing of the image, then it will
be great!

I am downloading/installing and testing it now as well.

-Original Message-
From: Justin Scott [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 4:55 PM
To: CF-Talk
Subject: RE: CF / Alagad / Photography Questions

> 2. If you convert the photo for the client do you use Alagad, another 
> web graphics tag, or do you use Adobe Fireworks/Photoshop and convert

I have used CFX_ImageCR from Efflare (version 3) in the past with
excellent results.  See www.efflare.com.


-Justin Scott



~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285537
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: homesite for CF8?

[Pete Ruckelshaus]

Open-Sourcing HomeSite sure sounds good to me, I really don't like Eclipse,
and I'm not wild about Dreamweaver, either.  Of course, I've been using CF5
Studio since, well, CF5 first came out, so no reason why I can't use it for
another 7 years.

Pete


On 8/6/07, Sean Corfield <[EMAIL PROTECTED]> wrote:
>
> On 8/6/07, Ben Doom <[EMAIL PROTECTED]> wrote:
> > Even before the Adobe buyout, MM said they were dropping support for HS+
> > in favor of DW.
>
> Bear in mind that HomeSite is written in Delphi so it cannot be made
> cross-platform and with DW (and most all of Adobe's desktop tools)
> being in C++ and CF/Flex being in Java, why would they want to
> maintain one product written in Delphi?
>
> That said, a couple of pieces of HomeSite did get repurposed into the
> Eclipse plugins: the query builder and, because of that, the
> application wizards are Windows-only. Hopefully those will get
> rewritten in Java at some point and become cross-platform and then the
> Delphi codebase can die a quiet death :)
>
> Perhaps Adobe might be persuaded to Open Source HomeSite? (sans the
> RDS library, I'm sure, which would need to remain in binary-only
> format)
> --
> Sean A Corfield -- (904) 302-SEAN
> An Architect's View -- http://corfield.org/
>
> "If you're not annoying somebody, you're not really alive."
> -- Margaret Atwood
>
> 

~|
ColdFusion 8 - Build next generation apps
today, with easy PDF and Ajax features - download now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285535
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: CF / Alagad / Photography Questions

[Adkins, Randy]

Jordan,

Thanks for the comments..
Yeah for now CF8 is not an option as it is running on a shared host that
runs CFMX 7.

The host does run PHP. I am not a PHP guru or anything how difficult is
it to modify your PHP script?

Any assistant is appreciated!! I am at wits-end with this client. 

Thanks!

-Original Message-
From: Jordan Michaels [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 4:49 PM
To: CF-Talk
Subject: Re: CF / Alagad / Photography Questions

Hi Randy,

> 1. Has/Does anyone designed / maintain a photography website that 
> uploads photos?
> If yes, do you convert the original or does the client?

Not photography sites directly, but sites where image quality is
extremely important. Like you, our users were not extremely technical,
so we had to do the image conversion for them.

> 2. If you convert the photo for the client do you use Alagad, another 
> web graphics tag, or do you use Adobe Fireworks/Photoshop and convert 
> it before you upload?

This is a topic that comes up more often then it should. ;) The graphics
libraries that the JVM uses are based on what's on the system. If you're
on a windows machine, then the JVM uses windows libraries to process the
image. If the JVM is on a linux machine, then it uses the libraries from
Xorg. Either way, I've never been terribly impressed with the image
quality that java produces. However, I *have* been impressed with the
image quality that PHP produces. PHP uses the GD libraries to do it's
image processing. Come to find out, other languages, such as perl, also
use the GD libraries for their image processing. It's a great library
and does a wonderful job at retaining quality.

With this, and the knowledge that I could run PHP code from the
command-line, I wrote a PHP script that I could pass the image off to
and have the image scaled using the GD libraries.

This process has worked really well for us for a long time. We
occasionally need to make some changes to the PHP settings in order to
accommodate really large images, but in general it works wonderfully for
us.

On that note, I know Adobe has done some things with image processing in
CF8. The quality may have improved since I ran my tests. I haven't had a
chance to examine this particular feature of CF8 though.

> 3. The client basically does not want to do any computer work but take

> their photos from the CD, put them on the website, and them be as 
> crisp and have the 2 sizes available for the customers.
> How would you handle it? (They do not want to pay to have someone to 
> upload the photos for them. they want it done automatically).
>  
> Thoughts / Suggestions??

If CF8 doesn't do it for you, or is not an option. I'd look into a PHP
or Perl script that you can execute from the command line that will use
a different set of image processing libraries in order to get a better
result.

I'd happily share my php script with you if you'd like - but you will
almost certainly need to update your server settings in order to
accommodate those large images. Are you hosted on a VPS by chance?

Hope this helps!

Warm regards,
Jordan Michaels
Vivio Technologies
http://www.viviotech.net/
BlueDragon Alliance Member
[EMAIL PROTECTED]



~|
Check out the new features and enhancements in the
latest product release - download the "What's New PDF" now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285534
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

RE: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Damien McKenna]

> -Original Message-
> From: Rey Bango [mailto:[EMAIL PROTECTED] 
> Sent: Monday, August 06, 2007 11:36 AM
> Subject: [NEWS] Top 100 ColdFusion websites by Alexa rank
> 
> http://www.coldfusiondeveloper.com.au/go/top100/

Alexa rank, #94 - OpenSourceTemplates.org uses PHP?


Damien McKenna
Web Developer
The LIMU Company

~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285533
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: CF / Alagad / Photography Questions

[Justin Scott]

> 2. If you convert the photo for the client do
> you use Alagad, another web graphics tag, or do
> you use Adobe Fireworks/Photoshop and convert

I have used CFX_ImageCR from Efflare (version 3) in the past with
excellent results.  See www.efflare.com.


-Justin Scott

~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285532
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

RE: Application-wide SQL Injection prevention?

[Justin Scott]

> Anyways, while I'm percolating, anyone have any
> ideas?  Doable, not-doable, done?  Hmmm

There was a link to a site earlier today where I found a XSSBlock custom
CFML tag that has an option to block basic SQL injection attacks:

http://www.illumineti.com/documents/xssblock.txt


-Justin Scott | GravityFree
 Network Administrator

1960 Stickney Point Road, Suite 210
Sarasota | FL | 34231 | 800.207.4431
941.927.7674 x115 | f 941.923.5429
www.GravityFree.com

~|
ColdFusion 8 - Build next generation apps
today, with easy PDF and Ajax features - download now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285531
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: CF / Alagad / Photography Questions

[Jordan Michaels]

Hi Randy,

> 1. Has/Does anyone designed / maintain a photography website that
> uploads photos?
> If yes, do you convert the original or does the client?

Not photography sites directly, but sites where image quality is
extremely important. Like you, our users were not extremely technical,
so we had to do the image conversion for them.

> 2. If you convert the photo for the client do you use Alagad, another
> web graphics tag, or do you use Adobe Fireworks/Photoshop and convert it
> before you upload?

This is a topic that comes up more often then it should. ;) The graphics
libraries that the JVM uses are based on what's on the system. If you're
on a windows machine, then the JVM uses windows libraries to process the
image. If the JVM is on a linux machine, then it uses the libraries from
Xorg. Either way, I've never been terribly impressed with the image
quality that java produces. However, I *have* been impressed with the
image quality that PHP produces. PHP uses the GD libraries to do it's
image processing. Come to find out, other languages, such as perl, also
use the GD libraries for their image processing. It's a great library
and does a wonderful job at retaining quality.

With this, and the knowledge that I could run PHP code from the
command-line, I wrote a PHP script that I could pass the image off to
and have the image scaled using the GD libraries.

This process has worked really well for us for a long time. We
occasionally need to make some changes to the PHP settings in order to
accommodate really large images, but in general it works wonderfully for us.

On that note, I know Adobe has done some things with image processing in
CF8. The quality may have improved since I ran my tests. I haven't had a
chance to examine this particular feature of CF8 though.

> 3. The client basically does not want to do any computer work but take
> their photos from the CD, put them on the website, and them be as crisp
> and have the 2 sizes available for the customers.
> How would you handle it? (They do not want to pay to have someone to
> upload the photos for them. they want it done automatically).
>  
> Thoughts / Suggestions??

If CF8 doesn't do it for you, or is not an option. I'd look into a PHP
or Perl script that you can execute from the command line that will use
a different set of image processing libraries in order to get a better
result.

I'd happily share my php script with you if you'd like - but you will
almost certainly need to update your server settings in order to
accommodate those large images. Are you hosted on a VPS by chance?

Hope this helps!

Warm regards,
Jordan Michaels
Vivio Technologies
http://www.viviotech.net/
BlueDragon Alliance Member
[EMAIL PROTECTED]

~|
Get the answers you are looking for on the ColdFusion Labs
Forum direct from active programmers and developers.
http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285530
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Javascript Calendar Deeley

[robert . rawlins]

Chaps,

I know that CF has this stuff built in, but I'm not running it in
production quite yet and need an old school solution. I need a little date
selector calendar for my forms, similar to those for the datefield in the
flash forms, only a JS/DHTML version which can be used on a standard form.

Now, I've seen loads of them about but wanted your thoughts on the best
ones, I want somthing clean and accessible which can be implemented nicely
without excessive code.

Thanks guys, look foward to getting your ideas,

Rob



~|
Check out the new features and enhancements in the
latest product release - download the "What's New PDF" now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285529
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Application-wide SQL Injection prevention?

[Dinner]

I've inherited a fusebox site that doesn't seem to have much
in the way of cfqueryparamed user-entered variables...

There are a bunch of queries, so I'm thinking of how I could
work lazy-er and yet fun-er.  It's been a bit since I messed
with FB, but I was thinking perhaps I could create a circuit
or something that runs prior to any DB stuff, and sanitizes
the form and url scopes in some manner.

I was thinking this sounded cool, but then I was like, if it
was doable, people would have these things you could just
slap in onRequestStart or whatever and negate the need
for queryparam (or at least add a bit of light protection in
the meantime?).

Might take a stab at a meta-type deal, if it's possible...
maybe a bit of db introspection... mix it up, find something
that works... mmm... AOP it in some manner... hmmm...

Anyways, while I'm percolating, anyone have any ideas?
Doable, not-doable, done?  Hmmm

~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285528
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: AUTOSUGGESTBINDDELAY won't take anything less than 1

[Sean Corfield]

On 8/6/07, David Mineer <[EMAIL PROTECTED]> wrote:
> I don't know what I could be doing wrong.  Anyone able to succesfully
> use anything less than 1?

You can change the default by modifying lines 20 and 28 of
autocomplete-min.js in /CFIDE/scripts/ajax/yui/autocomplete - or
copying the entire scripts tree elsewhere, modifying the copy and
using scriptsrc= on your  tag. Obviously the latter is more
"portable" across installations.
-- 
Sean A Corfield -- (904) 302-SEAN
An Architect's View -- http://corfield.org/

"If you're not annoying somebody, you're not really alive."
-- Margaret Atwood

~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285527
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

CF / Alagad / Photography Questions

[Adkins, Randy]

I have a client that wants to sell their photos online. ( awesome!!)
Now mind you the clients in this scenario are not computer literate.
 
We are running CFMX 7.02 and Alagad Image Component 2.0.
 
So here is what we designed:
 
Upload interface, they can select the photo from their hard drive
(basically their Kodak CD from developing), upload it to the website.
We in turn change the resolution to either 225 x 150 or   150  x 225
depending on the original resolution. We found those resolutions
to work well when displaying three across a page per row. 
 
Problem is it will not retain a crisp enough look for the client. I
tried explaining that the original photo being 19 megs in file size
with a resolution of 3504 x 2336 when scaled down will not be as crisp
as the original. (Unless I am using the tag wrong)
Oh also we are adding text to the image for copyright protection.
 
So there are 2 photos on the site after upload:
1. Thumbnail size (usually around 90K)
2. Original size ( + copyright text) (varies in file size/resolution)
(Largest I have seen was 19megs).
 
 
Here are my questions:
1. Has/Does anyone designed / maintain a photography website that
uploads photos?
If yes, do you convert the original or does the client?
 
2. If you convert the photo for the client do you use Alagad, another
web graphics tag, or do you use Adobe Fireworks/Photoshop and convert it
before you upload?
 
3. The client basically does not want to do any computer work but take
their photos from the CD, put them on the website, and them be as crisp
and have the 2 sizes available for the customers.
How would you handle it? (They do not want to pay to have someone to
upload the photos for them. they want it done automatically).
 
Thoughts / Suggestions??
 
 
 
 
 


~|
Get the answers you are looking for on the ColdFusion Labs
Forum direct from active programmers and developers.
http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285525
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: homesite for CF8?

[Sean Corfield]

On 8/6/07, Ben Doom <[EMAIL PROTECTED]> wrote:
> Even before the Adobe buyout, MM said they were dropping support for HS+
> in favor of DW.

Bear in mind that HomeSite is written in Delphi so it cannot be made
cross-platform and with DW (and most all of Adobe's desktop tools)
being in C++ and CF/Flex being in Java, why would they want to
maintain one product written in Delphi?

That said, a couple of pieces of HomeSite did get repurposed into the
Eclipse plugins: the query builder and, because of that, the
application wizards are Windows-only. Hopefully those will get
rewritten in Java at some point and become cross-platform and then the
Delphi codebase can die a quiet death :)

Perhaps Adobe might be persuaded to Open Source HomeSite? (sans the
RDS library, I'm sure, which would need to remain in binary-only
format)
-- 
Sean A Corfield -- (904) 302-SEAN
An Architect's View -- http://corfield.org/

"If you're not annoying somebody, you're not really alive."
-- Margaret Atwood

~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285526
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: SQL injection hack?

[Rick King]

Looks like using the Val() function did the trick.
No more errors being generated :)

Thanks
Rick


~|
Create robust enterprise, web RIAs.
Upgrade to ColdFusion 8 and integrate with Adobe Flex
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285524
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: SQL injection hack?

[Cutter (CFRelated)]

Someone might have to test this out, but my cf8 admin only let's me 
disable the CFC Type Check (so it says), so cfqueryparam 
wouldn't/shouldn't be affected by this.

Steve "Cutter" Blades
Adobe Certified Professional
Advanced Macromedia ColdFusion MX 7 Developer
_
http://blog.cutterscrossing.com

Claude Schneegans wrote:
>  >>In CF 8 it's worth noting that the type checking can be turned off for
> performance gains. I guess this is a trade off...
> 
> IMO, it is not only a trade off, it's kind of stupid...
> Where do you need performance? On the production server, but it is also 
> there that
> you need security.
> One could deactivate type checking on the development server, but who cares
> about performance on the development server?
> 

~|
Create robust enterprise, web RIAs.
Upgrade to ColdFusion 8 and integrate with Adobe Flex
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285523
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: CFMail Just spooling

[Cutter (CFRelated)]

See if this helps at all:

http://blog.cutterscrossing.com/index.cfm/2006/12/10/ColdFusion-Mail-Spool-Lock

Steve "Cutter" Blades
Adobe Certified Professional
Advanced Macromedia ColdFusion MX 7 Developer
_
http://blog.cutterscrossing.com

Rob Parkhill wrote:
> I know that this is a ridiculus question.  I have many applications that this 
> works in, but now on one of my production servers, I cannot send e-mail.  The 
> mail is just spooling, not sending.  I have never had this problem before.  
> Spooling is enabled in the administrator, but the delay is only a few seconds.
> 
> Does anyone have any hints for me, as to why this is happening?
> 
> Thanks,
> 
> Rob 
> 
> 

~|
Get the answers you are looking for on the ColdFusion Labs
Forum direct from active programmers and developers.
http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285522
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Rey Bango]

Thanks for letting people know that this site is NSFW Jacob.

Rey...

Jacob wrote:
> Excaliburfilms.com
> 
> :P
> 
> -Original Message-
> From: Eric Roberts [mailto:[EMAIL PROTECTED] 
> Sent: Monday, August 06, 2007 10:35 AM
> To: CF-Talk
> Subject: RE: [NEWS] Top 100 ColdFusion websites by Alexa rank
> 
> I noticed at least a couple of bog names that were missing...BP and the
> Discovery Channel 
> 
> Eric
> 
> -Original Message-
> From: Rey Bango [mailto:[EMAIL PROTECTED] 
> Sent: Monday, August 06, 2007 11:16 AM
> To: CF-Talk
> Subject: Re: [NEWS] Top 100 ColdFusion websites by Alexa rank
> 
> yea, yea... u did! LOL. Glad its up again. I'd like to 
> know who created the page.
> 
> Rey
> 
> Phillip M. Vector wrote:
>> No. It was down. I saw the restart happening. :)
>>
>> Rey Bango wrote:
>>> Huh? Its working for me. Maybe it crashed your browser? ;)
>>>
>>> Rey...
>>>
>>> Crow T. Robot wrote:
 crashed the server.  nice.

 On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
> I stumbled upon this link and I think its actually pretty cool:
>
> http://www.coldfusiondeveloper.com.au/go/top100/
>
> Its lists the top 100 CF sites based on Alexa's ranking. While Alexa
> isn't the greatest in terms of stats, this does provide an interesting
> view of where some top CF sites sit and helps to dispel the myth that
> CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not
> being used by some VERY important sites.
>
> I'd like to know who created this list as it would be a great feature
> to
> incorporate into GotCFM.com.
>
> Rey
>
>
>>
> 
> 
> 
> 
> 
> 

~|
Get the answers you are looking for on the ColdFusion Labs
Forum direct from active programmers and developers.
http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285521
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

RE: SQL injection hack?

[John Mason]

No problem, bare in mind that isn't going over the other server security or
data transfer items. That list is focused in on those automated scripting
attacks. There's a ton of over things to consider. The most obvious are
sandboxing, firewalls and SSLs. But for the programming side of things, this
gets the ball rolling..


John Mason
[EMAIL PROTECTED]
770.337.8363
 
www.FusionLink.com - ColdFusion and Flex hosting
Now offering ColdFusion 8 Enterprise hosting
FREE Subversion hosting


-Original Message-
From: Andy Matthews [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 1:45 PM
To: CF-Talk
Subject: RE: SQL injection hack?

Thanks John...this is a great checklist. 

-Original Message-
From: John Mason [mailto:[EMAIL PROTECTED]
Sent: Monday, August 06, 2007 12:25 PM
To: CF-Talk
Subject: RE: SQL injection hack?

You'll also see these automated scripts hitting other services like ftp,
email, etc. You need to make certain that all services are properly
protected and monitor. 

Cfqueryparam and stored procedures are good first steps, but bare in mind a
lot of information could still be disclosed even with these in place.

Here's my top 10 list of things to look at...

-Use cfqueryparam and stored procs

-Limit the other services on a site. If the site isn't using ASP, then turn
it off. Reduce the http verbs for CF to just GET,HEAD,POST

-Turn off RDS services

-If your site has a login page, limit the login to 3-5 attempts and block
after that. Send an alert that someone may be running a brute force attack
on your login.

-Have a restricted login for your datasource calls. In most cases, the web
site doesn't need full dbo permissions to a datasource. You can also limit
the sql commands in the cfadmin under the datasource listing.

-If using cfc's, take a closer look at the access and roles attributes. Most
cfc's I see have "public access" and that's it. There's far more you can do.

-Check for cross-site scripting attacks and use the various ways to prevent
them. No checking the cross-site toggle on the cfadmin or application is not
going to do the trick.

- Always have error catches in place and turn debugging off. Half the reason
for the attack is to see the debugging information.

- Turn off outside access to your CF Admin. Why give an automated script to
chance to break into that? 

-And finally monitor your logs (including the other services like ftp) and
site errors, that will help alert you to an attack.

If you did all these things, you're still not done. Security is an on going
process. New threats come up all the time. The point is to stay on top of
this and continuously improve the security of our web app but also keep the
usability that allows it to work.

John Mason
[EMAIL PROTECTED]
770.337.8363
 
www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8
Enterprise hosting FREE Subversion hosting


-Original Message-
From: Paul Vernon [mailto:[EMAIL PROTECTED]
Sent: Monday, August 06, 2007 12:01 PM
To: CF-Talk
Subject: RE: SQL injection hack?

We've been seeing the exact same thing, basic SQL injection attacks all
originating from China... It looks automated as they've spidered several
sites we host using the exact same technique and SQL phrase. It has been
going on continuously for about a week now. Thankfully the sites are
pro-actively monitored from an error management POV so we've been aware of
the attacks from the get go.

I agree. Using CFCs, having a common code base, employing type checking on
functions and using CFQUERYPARAM all make life a little bit easier in coping
with these things...

In CF 8 it's worth noting that the type checking can be turned off for
performance gains. I guess this is a trade off... What you gain in
performance, you lose in data validation. It's a shame this feature is a
global setting and not one that could be specified on a function by function
basis as I'd like to keep type checking on for my DB objects and turn it off
where I feel it's not necessary.

Paul

> -Original Message-
> From: jonese [mailto:[EMAIL PROTECTED]
> Sent: 06 August 2007 16:25
> To: CF-Talk
> Subject: Re: SQL injection hack?
> 
> Just an FYI to everyone else i've been at my current post for 3 years 
> and we've had pro-active error monitoring (versus re reactive "hey my 
> site doesn't work") now for close to 2 years.
> 
> Just in the recent weeks we started seeing basic SQL injection hacks 
> on site we host. We never saw anything like this till recently, so be 
> on your toes.
> 
> Like others have mentioned using CFQueryParam and Stored Procedures 
> can help. Also putting the stuff into CFC's and forcing incoming vars 
> to be typed help as well. (with everything except string of course).
> 
> If you are looking for preventive stuff on top of those already 
> mentioned you can look into the CF Firewalls which are starting to 
> spring up. As well as there are those who have made some really cool 
> stuff to help watch for this. I 

RE: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Jacob]

Excaliburfilms.com

:P

-Original Message-
From: Eric Roberts [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 10:35 AM
To: CF-Talk
Subject: RE: [NEWS] Top 100 ColdFusion websites by Alexa rank

I noticed at least a couple of bog names that were missing...BP and the
Discovery Channel 

Eric

-Original Message-
From: Rey Bango [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 11:16 AM
To: CF-Talk
Subject: Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

yea, yea... u did! LOL. Glad its up again. I'd like to 
know who created the page.

Rey

Phillip M. Vector wrote:
> No. It was down. I saw the restart happening. :)
> 
> Rey Bango wrote:
>> Huh? Its working for me. Maybe it crashed your browser? ;)
>>
>> Rey...
>>
>> Crow T. Robot wrote:
>>> crashed the server.  nice.
>>>
>>> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
 I stumbled upon this link and I think its actually pretty cool:

 http://www.coldfusiondeveloper.com.au/go/top100/

 Its lists the top 100 CF sites based on Alexa's ranking. While Alexa
 isn't the greatest in terms of stats, this does provide an interesting
 view of where some top CF sites sit and helps to dispel the myth that
 CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not
 being used by some VERY important sites.

 I'd like to know who created this list as it would be a great feature
to
 incorporate into GotCFM.com.

 Rey


>>
> 
> 





~|
Create robust enterprise, web RIAs.
Upgrade to ColdFusion 8 and integrate with Adobe Flex
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285519
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Rey Bango]

Hi Jerry,

Yep its a rather long list and I'm hoping to find the time to 
incorporate paging into it.

Rey...

Jerry Johnson wrote:
> that gotCFM site maxes out my machine for a good 396 seconds. On the
> "List of sites" page, it loads all items as the default, and it takes
> [EMAIL PROTECTED]
> 
> Freezes the whoe danged thing (other firefox windows, outlook, windows
> explorer, gtalk.)
> 
> 

~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285518
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

RE: SQL injection hack?

[Andy Matthews]

Thanks John...this is a great checklist. 

-Original Message-
From: John Mason [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 12:25 PM
To: CF-Talk
Subject: RE: SQL injection hack?

You'll also see these automated scripts hitting other services like ftp,
email, etc. You need to make certain that all services are properly
protected and monitor. 

Cfqueryparam and stored procedures are good first steps, but bare in mind a
lot of information could still be disclosed even with these in place.

Here's my top 10 list of things to look at...

-Use cfqueryparam and stored procs

-Limit the other services on a site. If the site isn't using ASP, then turn
it off. Reduce the http verbs for CF to just GET,HEAD,POST

-Turn off RDS services

-If your site has a login page, limit the login to 3-5 attempts and block
after that. Send an alert that someone may be running a brute force attack
on your login.

-Have a restricted login for your datasource calls. In most cases, the web
site doesn't need full dbo permissions to a datasource. You can also limit
the sql commands in the cfadmin under the datasource listing.

-If using cfc's, take a closer look at the access and roles attributes. Most
cfc's I see have "public access" and that's it. There's far more you can do.

-Check for cross-site scripting attacks and use the various ways to prevent
them. No checking the cross-site toggle on the cfadmin or application is not
going to do the trick.

- Always have error catches in place and turn debugging off. Half the reason
for the attack is to see the debugging information.

- Turn off outside access to your CF Admin. Why give an automated script to
chance to break into that? 

-And finally monitor your logs (including the other services like ftp) and
site errors, that will help alert you to an attack.

If you did all these things, you're still not done. Security is an on going
process. New threats come up all the time. The point is to stay on top of
this and continuously improve the security of our web app but also keep the
usability that allows it to work.

John Mason
[EMAIL PROTECTED]
770.337.8363
 
www.FusionLink.com - ColdFusion and Flex hosting Now offering ColdFusion 8
Enterprise hosting FREE Subversion hosting


-Original Message-
From: Paul Vernon [mailto:[EMAIL PROTECTED]
Sent: Monday, August 06, 2007 12:01 PM
To: CF-Talk
Subject: RE: SQL injection hack?

We've been seeing the exact same thing, basic SQL injection attacks all
originating from China... It looks automated as they've spidered several
sites we host using the exact same technique and SQL phrase. It has been
going on continuously for about a week now. Thankfully the sites are
pro-actively monitored from an error management POV so we've been aware of
the attacks from the get go.

I agree. Using CFCs, having a common code base, employing type checking on
functions and using CFQUERYPARAM all make life a little bit easier in coping
with these things...

In CF 8 it's worth noting that the type checking can be turned off for
performance gains. I guess this is a trade off... What you gain in
performance, you lose in data validation. It's a shame this feature is a
global setting and not one that could be specified on a function by function
basis as I'd like to keep type checking on for my DB objects and turn it off
where I feel it's not necessary.

Paul

> -Original Message-
> From: jonese [mailto:[EMAIL PROTECTED]
> Sent: 06 August 2007 16:25
> To: CF-Talk
> Subject: Re: SQL injection hack?
> 
> Just an FYI to everyone else i've been at my current post for 3 years 
> and we've had pro-active error monitoring (versus re reactive "hey my 
> site doesn't work") now for close to 2 years.
> 
> Just in the recent weeks we started seeing basic SQL injection hacks 
> on site we host. We never saw anything like this till recently, so be 
> on your toes.
> 
> Like others have mentioned using CFQueryParam and Stored Procedures 
> can help. Also putting the stuff into CFC's and forcing incoming vars 
> to be typed help as well. (with everything except string of course).
> 
> If you are looking for preventive stuff on top of those already 
> mentioned you can look into the CF Firewalls which are starting to 
> spring up. As well as there are those who have made some really cool 
> stuff to help watch for this. I think Shawn Gorrell has some code (he 
> mentioned it at a recent ACFUG meeting) you might reach out to him, 
> http://www.illumineti.com/blog/, if he doesn't notice this thread.
> 
> jonese
> 
> 
> 
> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
> > Looks that way.
> >
> > Rey
> >
> > Rick King wrote:
> > > Hey all,
> > >
> > > I just received this email that is generated when there is an 
> > > error
> on a site I built (www.woreitonce.com)
> > >
> > >  ---E-MAIL
> > > Invalid data 1 and 1=convert(int,(select top 1
> char(97)+admin_password from tbl_adminusers)) for CFSQLTYPE 
> CF_SQL_

Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Rey Bango]

Actually Mike, HoF isn't listed on GotCFM.com and if he used my listing 
to build his list, then that would explain why HoF isn't showing up on 
his results.

Go submit HoF. http://www.gotcfm.com

Rey...

Michael Dinowitz wrote:
> Don't take that to mean anything as Alexa's statistical model is
> faulty and their criteria of what a ColdFusion site is is suspect.
> Look at the Alexa numbers for http://www.houseoffusion.com and then
> look at their list. Tell me what's missing...
> 
> On 8/6/07, Alan Rother <[EMAIL PROTECTED]> wrote:
>> WHOO HOOO!!!
>>
>>
>> One of my company's sites made the list!
>>
>> #88... Sofitel North America
>>
>>
>> Sorry, I had to..
>>
>>
>> =]
>>
>> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
>>> yea, yea... u did! LOL. Glad its up again. I'd like to
>>> know who created the page.
>>>
>>> Rey
>>>
>>> Phillip M. Vector wrote:
 No. It was down. I saw the restart happening. :)

 Rey Bango wrote:
> Huh? Its working for me. Maybe it crashed your browser? ;)
>
> Rey...
>
> Crow T. Robot wrote:
>> crashed the server.  nice.
>>
>> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
>>> I stumbled upon this link and I think its actually pretty cool:
>>>
>>> http://www.coldfusiondeveloper.com.au/go/top100/
>>>
>>> Its lists the top 100 CF sites based on Alexa's ranking. While Alexa
>>> isn't the greatest in terms of stats, this does provide an interesting
>>> view of where some top CF sites sit and helps to dispel the myth that
>>> CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not
>>> being used by some VERY important sites.
>>>
>>> I'd like to know who created this list as it would be a great feature to
>>> incorporate into GotCFM.com.
>>>
>>> Rey
>>>
>>>

>>>
>>
> 
> 

~|
Enterprise web applications, build robust, secure 
scalable apps today - Try it now ColdFusion Today
ColdFusion 8 beta - Build next generation apps

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285516
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Eric Roberts]

I was thinking that too...I have worked on AT&T's site :-D

-Original Message-
From: Alan Rother [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 11:47 AM
To: CF-Talk
Subject: Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

WHOO HOOO!!!


One of my company's sites made the list!

#88... Sofitel North America


Sorry, I had to..


=]

On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
> yea, yea... u did! LOL. Glad its up again. I'd like to
> know who created the page.
>
> Rey
>
> Phillip M. Vector wrote:
> > No. It was down. I saw the restart happening. :)
> >
> > Rey Bango wrote:
> >> Huh? Its working for me. Maybe it crashed your browser? ;)
> >>
> >> Rey...
> >>
> >> Crow T. Robot wrote:
> >>> crashed the server.  nice.
> >>>
> >>> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
>  I stumbled upon this link and I think its actually pretty cool:
> 
>  http://www.coldfusiondeveloper.com.au/go/top100/
> 
>  Its lists the top 100 CF sites based on Alexa's ranking. While Alexa
>  isn't the greatest in terms of stats, this does provide an
interesting
>  view of where some top CF sites sit and helps to dispel the myth that
>  CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not
>  being used by some VERY important sites.
> 
>  I'd like to know who created this list as it would be a great feature
to
>  incorporate into GotCFM.com.
> 
>  Rey
> 
> 
> >>
> >
> >
>
> 



~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285515
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

RE: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Eric Roberts]

I noticed at least a couple of bog names that were missing...BP and the
Discovery Channel 

Eric

-Original Message-
From: Rey Bango [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 11:16 AM
To: CF-Talk
Subject: Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

yea, yea... u did! LOL. Glad its up again. I'd like to 
know who created the page.

Rey

Phillip M. Vector wrote:
> No. It was down. I saw the restart happening. :)
> 
> Rey Bango wrote:
>> Huh? Its working for me. Maybe it crashed your browser? ;)
>>
>> Rey...
>>
>> Crow T. Robot wrote:
>>> crashed the server.  nice.
>>>
>>> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
 I stumbled upon this link and I think its actually pretty cool:

 http://www.coldfusiondeveloper.com.au/go/top100/

 Its lists the top 100 CF sites based on Alexa's ranking. While Alexa
 isn't the greatest in terms of stats, this does provide an interesting
 view of where some top CF sites sit and helps to dispel the myth that
 CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not
 being used by some VERY important sites.

 I'd like to know who created this list as it would be a great feature
to
 incorporate into GotCFM.com.

 Rey


>>
> 
> 



~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285514
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: SQL injection hack?

[Claude Schneegans]

 >>In CF 8 it's worth noting that the type checking can be turned off for
performance gains. I guess this is a trade off...

IMO, it is not only a trade off, it's kind of stupid...
Where do you need performance? On the production server, but it is also 
there that
you need security.
One could deactivate type checking on the development server, but who cares
about performance on the development server?

-- 
___
REUSE CODE! Use custom tags;
See http://www.contentbox.com/claude/customtags/tagstore.cfm
(Please send any spam to this address: [EMAIL PROTECTED])
Thanks.


~|
Check out the new features and enhancements in the
latest product release - download the "What's New PDF" now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285513
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Jerry Johnson]

that gotCFM site maxes out my machine for a good 396 seconds. On the
"List of sites" page, it loads all items as the default, and it takes
[EMAIL PROTECTED]

Freezes the whoe danged thing (other firefox windows, outlook, windows
explorer, gtalk.)

~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285512
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: SQL injection hack?

[John Mason]

You'll also see these automated scripts hitting other services like ftp,
email, etc. You need to make certain that all services are properly
protected and monitor. 

Cfqueryparam and stored procedures are good first steps, but bare in mind a
lot of information could still be disclosed even with these in place.

Here's my top 10 list of things to look at...

-Use cfqueryparam and stored procs

-Limit the other services on a site. If the site isn't using ASP, then turn
it off. Reduce the http verbs for CF to just GET,HEAD,POST

-Turn off RDS services

-If your site has a login page, limit the login to 3-5 attempts and block
after that. Send an alert that someone may be running a brute force attack
on your login.

-Have a restricted login for your datasource calls. In most cases, the web
site doesn't need full dbo permissions to a datasource. You can also limit
the sql commands in the cfadmin under the datasource listing.

-If using cfc's, take a closer look at the access and roles attributes. Most
cfc's I see have "public access" and that's it. There's far more you can do.

-Check for cross-site scripting attacks and use the various ways to prevent
them. No checking the cross-site toggle on the cfadmin or application is not
going to do the trick.

- Always have error catches in place and turn debugging off. Half the reason
for the attack is to see the debugging information.

- Turn off outside access to your CF Admin. Why give an automated script to
chance to break into that? 

-And finally monitor your logs (including the other services like ftp) and
site errors, that will help alert you to an attack.

If you did all these things, you're still not done. Security is an on going
process. New threats come up all the time. The point is to stay on top of
this and continuously improve the security of our web app but also keep the
usability that allows it to work.

John Mason
[EMAIL PROTECTED]
770.337.8363
 
www.FusionLink.com - ColdFusion and Flex hosting
Now offering ColdFusion 8 Enterprise hosting
FREE Subversion hosting


-Original Message-
From: Paul Vernon [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 12:01 PM
To: CF-Talk
Subject: RE: SQL injection hack?

We've been seeing the exact same thing, basic SQL injection attacks all
originating from China... It looks automated as they've spidered several
sites we host using the exact same technique and SQL phrase. It has been
going on continuously for about a week now. Thankfully the sites are
pro-actively monitored from an error management POV so we've been aware of
the attacks from the get go.

I agree. Using CFCs, having a common code base, employing type checking on
functions and using CFQUERYPARAM all make life a little bit easier in coping
with these things...

In CF 8 it's worth noting that the type checking can be turned off for
performance gains. I guess this is a trade off... What you gain in
performance, you lose in data validation. It's a shame this feature is a
global setting and not one that could be specified on a function by function
basis as I'd like to keep type checking on for my DB objects and turn it off
where I feel it's not necessary.

Paul

> -Original Message-
> From: jonese [mailto:[EMAIL PROTECTED]
> Sent: 06 August 2007 16:25
> To: CF-Talk
> Subject: Re: SQL injection hack?
> 
> Just an FYI to everyone else i've been at my current post for 3 years 
> and we've had pro-active error monitoring (versus re reactive "hey my 
> site doesn't work") now for close to 2 years.
> 
> Just in the recent weeks we started seeing basic SQL injection hacks 
> on site we host. We never saw anything like this till recently, so be 
> on your toes.
> 
> Like others have mentioned using CFQueryParam and Stored Procedures 
> can help. Also putting the stuff into CFC's and forcing incoming vars 
> to be typed help as well. (with everything except string of course).
> 
> If you are looking for preventive stuff on top of those already 
> mentioned you can look into the CF Firewalls which are starting to 
> spring up. As well as there are those who have made some really cool 
> stuff to help watch for this. I think Shawn Gorrell has some code (he 
> mentioned it at a recent ACFUG meeting) you might reach out to him, 
> http://www.illumineti.com/blog/, if he doesn't notice this thread.
> 
> jonese
> 
> 
> 
> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
> > Looks that way.
> >
> > Rey
> >
> > Rick King wrote:
> > > Hey all,
> > >
> > > I just received this email that is generated when there is an 
> > > error
> on a site I built (www.woreitonce.com)
> > >
> > >  ---E-MAIL
> > > Invalid data 1 and 1=convert(int,(select top 1
> char(97)+admin_password from tbl_adminusers)) for CFSQLTYPE 
> CF_SQL_INTEGER.  The error occurred on line 30.
> > >  Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6)
> Gecko/20070725 Firefox/2.0.0.6
> > >  81.10.46.130
> > >
> > >  /Details.cfm
> > >
> Pro

Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Michael Dinowitz]

Don't take that to mean anything as Alexa's statistical model is
faulty and their criteria of what a ColdFusion site is is suspect.
Look at the Alexa numbers for http://www.houseoffusion.com and then
look at their list. Tell me what's missing...

On 8/6/07, Alan Rother <[EMAIL PROTECTED]> wrote:
> WHOO HOOO!!!
>
>
> One of my company's sites made the list!
>
> #88... Sofitel North America
>
>
> Sorry, I had to..
>
>
> =]
>
> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
> > yea, yea... u did! LOL. Glad its up again. I'd like to
> > know who created the page.
> >
> > Rey
> >
> > Phillip M. Vector wrote:
> > > No. It was down. I saw the restart happening. :)
> > >
> > > Rey Bango wrote:
> > >> Huh? Its working for me. Maybe it crashed your browser? ;)
> > >>
> > >> Rey...
> > >>
> > >> Crow T. Robot wrote:
> > >>> crashed the server.  nice.
> > >>>
> > >>> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
> >  I stumbled upon this link and I think its actually pretty cool:
> > 
> >  http://www.coldfusiondeveloper.com.au/go/top100/
> > 
> >  Its lists the top 100 CF sites based on Alexa's ranking. While Alexa
> >  isn't the greatest in terms of stats, this does provide an interesting
> >  view of where some top CF sites sit and helps to dispel the myth that
> >  CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not
> >  being used by some VERY important sites.
> > 
> >  I'd like to know who created this list as it would be a great feature 
> >  to
> >  incorporate into GotCFM.com.
> > 
> >  Rey
> > 
> > 
> > >>
> > >
> > >
> >
> >
>
> 

~|
Create robust enterprise, web RIAs.
Upgrade to ColdFusion 8 and integrate with Adobe Flex
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285510
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Rey Bango]

:)

Alan Rother wrote:
> WHOO HOOO!!!
> 
> 
> One of my company's sites made the list!
> 
> #88... Sofitel North America
> 
> 
> Sorry, I had to..
> 
> 
> =]
> 
> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
>> yea, yea... u did! LOL. Glad its up again. I'd like to
>> know who created the page.
>>
>> Rey
>>
>> Phillip M. Vector wrote:
>>> No. It was down. I saw the restart happening. :)
>>>
>>> Rey Bango wrote:
 Huh? Its working for me. Maybe it crashed your browser? ;)

 Rey...

 Crow T. Robot wrote:
> crashed the server.  nice.
>
> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
>> I stumbled upon this link and I think its actually pretty cool:
>>
>> http://www.coldfusiondeveloper.com.au/go/top100/
>>
>> Its lists the top 100 CF sites based on Alexa's ranking. While Alexa
>> isn't the greatest in terms of stats, this does provide an interesting
>> view of where some top CF sites sit and helps to dispel the myth that
>> CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not
>> being used by some VERY important sites.
>>
>> I'd like to know who created this list as it would be a great feature to
>> incorporate into GotCFM.com.
>>
>> Rey
>>
>>
>>>
>>
> 
> 

~|
Check out the new features and enhancements in the
latest product release - download the "What's New PDF" now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285509
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: AUTOSUGGESTBINDDELAY won't take anything less than 1

[Dan G. Switzer, II]

David,

>I agree that one needs to be careful.  I do understand the performance
>problems that could arise if you are making lots of round trips to the
>server.
>
>In this case I bind to: autosuggest="#ValueList(desc.description)#".
>So since I already have the results of the query I don't think there
>would be any roundtrips.
>
>The biggest thing is once I type a letter and some results are
>returned, then eliminating them as you type should require almost
>nothing, just drop off those that no longer match. With CFAUTOSUGGEST
>you have to pause for anything at all to happen.  So essentially you
>have to pause  1/2 second after every letter to let the list refresh
>and see your new options.  This is not good and as I said my users
>will go bezerko.  1/2 second may not seem like alot but when you
>multiply that by every letter, and the fact that my users will be
>using this lookup every time they enter a new record which is every 30
>seconds to 2 minutes, then you see how those little pauses may drive
>one crazy.

I agree that a local lookup (based on an array/list of values) should not be
limited to a 500ms delay. In those cases you should be able to increase the
lookup.

-Dan


~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285508
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Alan Rother]

WHOO HOOO!!!


One of my company's sites made the list!

#88... Sofitel North America


Sorry, I had to..


=]

On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
> yea, yea... u did! LOL. Glad its up again. I'd like to
> know who created the page.
>
> Rey
>
> Phillip M. Vector wrote:
> > No. It was down. I saw the restart happening. :)
> >
> > Rey Bango wrote:
> >> Huh? Its working for me. Maybe it crashed your browser? ;)
> >>
> >> Rey...
> >>
> >> Crow T. Robot wrote:
> >>> crashed the server.  nice.
> >>>
> >>> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
>  I stumbled upon this link and I think its actually pretty cool:
> 
>  http://www.coldfusiondeveloper.com.au/go/top100/
> 
>  Its lists the top 100 CF sites based on Alexa's ranking. While Alexa
>  isn't the greatest in terms of stats, this does provide an interesting
>  view of where some top CF sites sit and helps to dispel the myth that
>  CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not
>  being used by some VERY important sites.
> 
>  I'd like to know who created this list as it would be a great feature to
>  incorporate into GotCFM.com.
> 
>  Rey
> 
> 
> >>
> >
> >
>
> 

~|
Create robust enterprise, web RIAs.
Upgrade to ColdFusion 8 and integrate with Adobe Flex
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285507
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Rey Bango]

yea, yea... u did! LOL. Glad its up again. I'd like to 
know who created the page.

Rey

Phillip M. Vector wrote:
> No. It was down. I saw the restart happening. :)
> 
> Rey Bango wrote:
>> Huh? Its working for me. Maybe it crashed your browser? ;)
>>
>> Rey...
>>
>> Crow T. Robot wrote:
>>> crashed the server.  nice.
>>>
>>> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
 I stumbled upon this link and I think its actually pretty cool:

 http://www.coldfusiondeveloper.com.au/go/top100/

 Its lists the top 100 CF sites based on Alexa's ranking. While Alexa
 isn't the greatest in terms of stats, this does provide an interesting
 view of where some top CF sites sit and helps to dispel the myth that
 CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not
 being used by some VERY important sites.

 I'd like to know who created this list as it would be a great feature to
 incorporate into GotCFM.com.

 Rey


>>
> 
> 

~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285506
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Crow T. Robot]

No, it was a server crash definitely (Jrun error).  It's back up now tho.

Cool reference!

On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
>
> Huh? Its working for me. Maybe it crashed your browser? ;)
>
> Rey...
>
> Crow T. Robot wrote:
> > crashed the server.  nice.
> >
> > On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
> >> I stumbled upon this link and I think its actually pretty cool:
> >>
> >> http://www.coldfusiondeveloper.com.au/go/top100/
> >>
> >> Its lists the top 100 CF sites based on Alexa's ranking. While Alexa
> >> isn't the greatest in terms of stats, this does provide an interesting
> >> view of where some top CF sites sit and helps to dispel the myth that
> >> CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not
> >> being used by some VERY important sites.
> >>
> >> I'd like to know who created this list as it would be a great feature
> to
> >> incorporate into GotCFM.com.
> >>
> >> Rey
> >>
> >>
> >
> >
>
> 

~|
Enterprise web applications, build robust, secure 
scalable apps today - Try it now ColdFusion Today
ColdFusion 8 beta - Build next generation apps

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285505
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Phillip M. Vector]

No. It was down. I saw the restart happening. :)

Rey Bango wrote:
> Huh? Its working for me. Maybe it crashed your browser? ;)
> 
> Rey...
> 
> Crow T. Robot wrote:
>> crashed the server.  nice.
>>
>> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
>>> I stumbled upon this link and I think its actually pretty cool:
>>>
>>> http://www.coldfusiondeveloper.com.au/go/top100/
>>>
>>> Its lists the top 100 CF sites based on Alexa's ranking. While Alexa
>>> isn't the greatest in terms of stats, this does provide an interesting
>>> view of where some top CF sites sit and helps to dispel the myth that
>>> CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not
>>> being used by some VERY important sites.
>>>
>>> I'd like to know who created this list as it would be a great feature to
>>> incorporate into GotCFM.com.
>>>
>>> Rey
>>>
>>>
>>
> 
> 

~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285504
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: Cold Fusion MX Blackberry cache problem

[Ben Doom]

You could try adding nocache and expire headers.  I forget the exact 
syntax, but there have been threads about it on this list for dealing 
with proxy servers and the like.

--Ben Doom

Chad Nikirk wrote:
> Hi,
> 
> We have an ASP website that runs with Cold Fusion MX.  We recently made a 
> mobile version of the site and it's working quite well.  The one problem we 
> have is with most if not all Blackberries.  You constantly have to go in to 
> the browser and clear your 
> cache on the device to see new changes.   Other phones, pda's etc have not 
> problems.
> 
> Is there anything inside of Cold Fusion we can change, or we should I be 
> contacting RIM?
> 
> Any ideas would be appreciated.  Thanks. 
> 
> 

~|
Check out the new features and enhancements in the
latest product release - download the "What's New PDF" now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285503
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Rey Bango]

Huh? Its working for me. Maybe it crashed your browser? ;)

Rey...

Crow T. Robot wrote:
> crashed the server.  nice.
> 
> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
>> I stumbled upon this link and I think its actually pretty cool:
>>
>> http://www.coldfusiondeveloper.com.au/go/top100/
>>
>> Its lists the top 100 CF sites based on Alexa's ranking. While Alexa
>> isn't the greatest in terms of stats, this does provide an interesting
>> view of where some top CF sites sit and helps to dispel the myth that
>> CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not
>> being used by some VERY important sites.
>>
>> I'd like to know who created this list as it would be a great feature to
>> incorporate into GotCFM.com.
>>
>> Rey
>>
>>
> 
> 

~|
Create robust enterprise, web RIAs.
Upgrade to ColdFusion 8 and integrate with Adobe Flex
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285502
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: SQL injection hack?

[Paul Vernon]

We've been seeing the exact same thing, basic SQL injection attacks all
originating from China... It looks automated as they've spidered several
sites we host using the exact same technique and SQL phrase. It has been
going on continuously for about a week now. Thankfully the sites are
pro-actively monitored from an error management POV so we've been aware of
the attacks from the get go.

I agree. Using CFCs, having a common code base, employing type checking on
functions and using CFQUERYPARAM all make life a little bit easier in coping
with these things...

In CF 8 it's worth noting that the type checking can be turned off for
performance gains. I guess this is a trade off... What you gain in
performance, you lose in data validation. It's a shame this feature is a
global setting and not one that could be specified on a function by function
basis as I'd like to keep type checking on for my DB objects and turn it off
where I feel it's not necessary.

Paul

> -Original Message-
> From: jonese [mailto:[EMAIL PROTECTED]
> Sent: 06 August 2007 16:25
> To: CF-Talk
> Subject: Re: SQL injection hack?
> 
> Just an FYI to everyone else i've been at my current post for 3 years
> and we've had pro-active error monitoring (versus re reactive "hey my
> site doesn't work") now for close to 2 years.
> 
> Just in the recent weeks we started seeing basic SQL injection hacks
> on site we host. We never saw anything like this till recently, so be
> on your toes.
> 
> Like others have mentioned using CFQueryParam and Stored Procedures
> can help. Also putting the stuff into CFC's and forcing incoming vars
> to be typed help as well. (with everything except string of course).
> 
> If you are looking for preventive stuff on top of those already
> mentioned you can look into the CF Firewalls which are starting to
> spring up. As well as there are those who have made some really cool
> stuff to help watch for this. I think Shawn Gorrell has some code (he
> mentioned it at a recent ACFUG meeting) you might reach out to him,
> http://www.illumineti.com/blog/, if he doesn't notice this thread.
> 
> jonese
> 
> 
> 
> On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
> > Looks that way.
> >
> > Rey
> >
> > Rick King wrote:
> > > Hey all,
> > >
> > > I just received this email that is generated when there is an error
> on a site I built (www.woreitonce.com)
> > >
> > >  ---E-MAIL
> > > Invalid data 1 and 1=convert(int,(select top 1
> char(97)+admin_password from tbl_adminusers)) for CFSQLTYPE
> CF_SQL_INTEGER.  The error occurred on line 30.
> > >  Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6)
> Gecko/20070725 Firefox/2.0.0.6
> > >  81.10.46.130
> > >
> > >  /Details.cfm
> > >
> ProdID=1%20and%201=convert(int,(select%20top%201%20char(97)%2badmin_pas
> sword%20from%20tbl_adminusers))
> > >
> > > -E-MAIL
> > >
> > > Is this a SQL injection attack? Anything I can do?
> > >
> > > Thanks
> > > Rick
> > >
> > >
> > >
> > >
> > >
> >
> >
> 
> 

~|
Get the answers you are looking for on the ColdFusion Labs
Forum direct from active programmers and developers.
http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285501
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: SQL injection hack?

[Claude Schneegans]

 >>Just in the recent weeks we started seeing basic SQL injection hacks
on site we host.

Yes, I see more and more of these on my sites too.
Of course, they cause an error thanks to CFQUERYPARAM, but they are 
filling my error log table
with useless information.

So I'm planning to detect them (almost all ao queries will include the 
string "user")
and close the site to their IP address, at least for one day.

Is anyone aware of such a service of some black list or so, similar to 
spam attacks?

-- 
___
REUSE CODE! Use custom tags;
See http://www.contentbox.com/claude/customtags/tagstore.cfm
(Please send any spam to this address: [EMAIL PROTECTED])
Thanks.


~|
Download the latest ColdFusion 8 utilities including Report Builder,
plug-ins for Eclipse and Dreamweaver updates.
http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285500
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: AUTOSUGGESTBINDDELAY won't take anything less than 1

[David Mineer]

I agree that one needs to be careful.  I do understand the performance
problems that could arise if you are making lots of round trips to the
server.

In this case I bind to: autosuggest="#ValueList(desc.description)#".
So since I already have the results of the query I don't think there
would be any roundtrips.

The biggest thing is once I type a letter and some results are
returned, then eliminating them as you type should require almost
nothing, just drop off those that no longer match. With CFAUTOSUGGEST
you have to pause for anything at all to happen.  So essentially you
have to pause  1/2 second after every letter to let the list refresh
and see your new options.  This is not good and as I said my users
will go bezerko.  1/2 second may not seem like alot but when you
multiply that by every letter, and the fact that my users will be
using this lookup every time they enter a new record which is every 30
seconds to 2 minutes, then you see how those little pauses may drive
one crazy.

On 8/6/07, Dan G. Switzer, II <[EMAIL PROTECTED]> wrote:
> David,
>
> >..5 isn't really fast enough.  I know my users are going to scream.
> >Maybe it's not the speed.  But this is not working as I had hoped.
> >Once you start typing I would expect all matches to show up and then
> >the list would eliminate items which no longer match as you continued
> >typing.  With cfautosuggest you have to pause for the amount of time
> >in AUTOSUGGESTBINDDELAY before the list will pop up.
> >
> >So, nothing really happens until you pause.  The Javascript function I
> >was using before worked as I expected.  Your list popped up
> >immediately and items were eliminated as they no longer matched
> >without any delay at all.  This Javascript function also used the
> >results of a query.
> >
> >Am I stuck?  Any way to tweak cfautosuggest?
>
> Are you binding to an AJAX call or a local array?
>
> If binding to local array, I agree the timeout you specify should allow a
> smaller amount.
>
> However, when dealing w/AJAX calls you've got to be extremely careful that
> you don't flood the server with AJAX calls. This would be easy to due if you
> set the timeout too low.
>
> The problem with CFMX 8 adding lots of AJAX functionality is developers
> don't have to have understand what's going on behind the scenes. I think
> it's extremely important that Web Developers really understand AJAX and the
> potential server issues you introduce implementing lots of AJAX on a site.
>
> That's not a knock on AJAX and I think it's great Adobe has made great
> strides to make implementing complex DHTML easy to use--it's just I think
> it's extremely important to really understand what's going on behind the
> scenes.
>
> Where I'm going with this is that it wouldn't surprise me if Adobe purposely
> was trying to limit users from setting an obscurely low delay speed--since
> it could have serious impact on the server.
>
> However, that's only an issue if you're binding to an AJAX call.
>
> -Dan
>
>
> 

~|
ColdFusion 8 - Build next generation apps
today, with easy PDF and Ajax features - download now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285498
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: [NEWS] Top 100 ColdFusion websites by Alexa rank

[Crow T. Robot]

crashed the server.  nice.

On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
>
> I stumbled upon this link and I think its actually pretty cool:
>
> http://www.coldfusiondeveloper.com.au/go/top100/
>
> Its lists the top 100 CF sites based on Alexa's ranking. While Alexa
> isn't the greatest in terms of stats, this does provide an interesting
> view of where some top CF sites sit and helps to dispel the myth that
> CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not
> being used by some VERY important sites.
>
> I'd like to know who created this list as it would be a great feature to
> incorporate into GotCFM.com.
>
> Rey
>
> 

~|
Get the answers you are looking for on the ColdFusion Labs
Forum direct from active programmers and developers.
http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285499
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

RE: CFMail Just spooling

[Justin Scott]

> I know that this is a ridiculus question.  I have
> many applications that this works in, but now on
> one of my production servers, I cannot send e-mail.

You might check the \CFusionMX7\logs\mail.log file to see if it is
having some kind of issue.  In the past I've run into authentication
issues, errors on the server resolving the mail server hostname
properly, SPF issues, etc.  You could also set ColdFusion to immediate
delivery in the admin and it should throw a CF error right away if it
cannot perform the delivery.


-Justin Scott

~|
Enterprise web applications, build robust, secure 
scalable apps today - Try it now ColdFusion Today
ColdFusion 8 beta - Build next generation apps

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285496
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

[NEWS] Top 100 ColdFusion websites by Alexa rank

[Rey Bango]

I stumbled upon this link and I think its actually pretty cool:

http://www.coldfusiondeveloper.com.au/go/top100/

Its lists the top 100 CF sites based on Alexa's ranking. While Alexa 
isn't the greatest in terms of stats, this does provide an interesting 
view of where some top CF sites sit and helps to dispel the myth that 
CF-based technology (ie: ColdFusion, BlueDragon, Railo, et al) is not 
being used by some VERY important sites.

I'd like to know who created this list as it would be a great feature to 
incorporate into GotCFM.com.

Rey

~|
Enterprise web applications, build robust, secure 
scalable apps today - Try it now ColdFusion Today
ColdFusion 8 beta - Build next generation apps

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285497
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: SQL injection hack?

[Rick King]

Great info guys, thanks. 

~|
Get the answers you are looking for on the ColdFusion Labs
Forum direct from active programmers and developers.
http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285493
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: SQL injection hack?

[jonese]

Just an FYI to everyone else i've been at my current post for 3 years
and we've had pro-active error monitoring (versus re reactive "hey my
site doesn't work") now for close to 2 years.

Just in the recent weeks we started seeing basic SQL injection hacks
on site we host. We never saw anything like this till recently, so be
on your toes.

Like others have mentioned using CFQueryParam and Stored Procedures
can help. Also putting the stuff into CFC's and forcing incoming vars
to be typed help as well. (with everything except string of course).

If you are looking for preventive stuff on top of those already
mentioned you can look into the CF Firewalls which are starting to
spring up. As well as there are those who have made some really cool
stuff to help watch for this. I think Shawn Gorrell has some code (he
mentioned it at a recent ACFUG meeting) you might reach out to him,
http://www.illumineti.com/blog/, if he doesn't notice this thread.

jonese



On 8/6/07, Rey Bango <[EMAIL PROTECTED]> wrote:
> Looks that way.
>
> Rey
>
> Rick King wrote:
> > Hey all,
> >
> > I just received this email that is generated when there is an error on a 
> > site I built (www.woreitonce.com)
> >
> >  ---E-MAIL
> > Invalid data 1 and 1=convert(int,(select top 1 char(97)+admin_password from 
> > tbl_adminusers)) for CFSQLTYPE CF_SQL_INTEGER.  The error occurred on 
> > line 30.
> >  Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 
> > Firefox/2.0.0.6
> >  81.10.46.130
> >
> >  /Details.cfm
> >  
> > ProdID=1%20and%201=convert(int,(select%20top%201%20char(97)%2badmin_password%20from%20tbl_adminusers))
> >
> > -E-MAIL
> >
> > Is this a SQL injection attack? Anything I can do?
> >
> > Thanks
> > Rick
> >
> >
> >
> >
> >
>
> 

~|
Download the latest ColdFusion 8 utilities including Report Builder,
plug-ins for Eclipse and Dreamweaver updates.
http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285494
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE:_SQL_injection_hack?

[Chad Gray]

I also like to use val() on any integer like your ProdID appears to be an 
integer.

This way val() will take text and convert it to 0.

But yes use your CFQueryParams!  This is the best line of defense.




-Original Message-
From: Rick King [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 11:56 AM
To: CF-Talk
Subject: SQL injection hack?

Hey all,

I just received this email that is generated when there is an error on a site I 
built (www.woreitonce.com)

 ---E-MAIL
Invalid data 1 and 1=convert(int,(select top 1 char(97)+admin_password from 
tbl_adminusers)) for CFSQLTYPE CF_SQL_INTEGER.  The error occurred on line 
30.
 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 
Firefox/2.0.0.6
 81.10.46.130

 /Details.cfm
 
ProdID=1%20and%201=convert(int,(select%20top%201%20char(97)%2badmin_password%20from%20tbl_adminusers))

-E-MAIL

Is this a SQL injection attack? Anything I can do?

Thanks
Rick






~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285492
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Cold Fusion MX Blackberry cache problem

[Chad Nikirk]

Hi,

We have an ASP website that runs with Cold Fusion MX.  We recently made a 
mobile version of the site and it's working quite well.  The one problem we 
have is with most if not all Blackberries.  You constantly have to go in to the 
browser and clear your cache on the device to see new changes.   Other phones, 
pda's etc have not problems.

Is there anything inside of Cold Fusion we can change, or we should I be 
contacting RIM?

Any ideas would be appreciated.  Thanks. 

~|
ColdFusion 8 - Build next generation apps
today, with easy PDF and Ajax features - download now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285495
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

RE: SQL injection hack?

[Damien McKenna]

> -Original Message-
> From: Rick King [mailto:[EMAIL PROTECTED] 
> Sent: Monday, August 06, 2007 11:56 AM
> Subject: SQL injection hack?
> 
>  /Details.cfm
> ProdID=1%20and%201=convert(int,(select%20top%201%20char(97)
> %2badmin_password%20from%20tbl_adminusers))

IsNumeric and cfqueryparam are your friends.


Damien McKenna
Web Developer
The LIMU Company

~|
Get the answers you are looking for on the ColdFusion Labs
Forum direct from active programmers and developers.
http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285489
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: SQL injection hack?

[Justin Scott]

>  ---E-MAIL
> Invalid data 1 and 1=convert(int,(select top 1 
> char(97)+admin_password from tbl_adminusers)) for CFSQLTYPE 
> CF_SQL_INTEGER.  The error occurred on line 30.



> -E-MAIL
> 
> Is this a SQL injection attack? Anything I can do?

Yes, that is a SQL injection attack attempt.  You're already using
CFQUERYPARAM which will protect you from the attack itself.  If you want
to stop the errors from coming up, you can operate on the input variable
to force it to be a proper data format before passing it to the query.
For ID fields (usually positive integers) I use...



This forces it to be a positive integer and sets it to zero if the input
is textual (?id=blah for example) so the query will not error.  In some
cases we use  after the
operating and before the query if we know for sure that there really
should be a proper value passed.  

We've also seen Google pass large values to some ID URL's for some
reason (?id=21456878753 for example) that causes an "out of range" type
error, so use have strated wrapping some values with min(url.id,
200) to prevent those kinds of errors as well (only where the value
would never be over 200 though).


-Justin Scott

~|
Create robust enterprise, web RIAs.
Upgrade to ColdFusion 8 and integrate with Adobe Flex
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285490
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: SQL injection hack?

[Rey Bango]

Sorry didn't see your question at the bottom. One thing that will 
definitely help is using CFQUERYPARAM to enforce datatype checks on your 
conditional statements.

http://livedocs.adobe.com/coldfusion/6.1/htmldocs/tags-b20.htm

Also, consider writing code that will strip out certain commands from 
form variables that are being submitted and saved to your DB. You won't 
be able to catch every phrase but there are things to look out for. 
Check the CF-Talk archive for your topic for past examples of how to 
tackle this.

Rey

Rick King wrote:
> Hey all,
> 
> I just received this email that is generated when there is an error on a site 
> I built (www.woreitonce.com)
> 
>  ---E-MAIL
> Invalid data 1 and 1=convert(int,(select top 1 char(97)+admin_password from 
> tbl_adminusers)) for CFSQLTYPE CF_SQL_INTEGER.  The error occurred on 
> line 30.
>  Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 
> Firefox/2.0.0.6
>  81.10.46.130
> 
>  /Details.cfm
>  
> ProdID=1%20and%201=convert(int,(select%20top%201%20char(97)%2badmin_password%20from%20tbl_adminusers))
> 
> -E-MAIL
> 
> Is this a SQL injection attack? Anything I can do?
> 
> Thanks
> Rick
> 
> 
> 
> 
> 

~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285488
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: Content Placeholders

[Justin Scott]

> Trying to figure out how to use a placeholder in
> dynamic content to pull in other content at runtime.  

I would approach this by using a regular expression with some looping to
pull all of variables out of the content and put them into a list or
array.  Then, you can loop through the results, generate the content for
each variable (or discard invalid ones), then replace the variable in
the content with the generated content.  If you made a recursive process
to do the replacements, you could have variables in your generated
content as well.


-Justin Scott

~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285491
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: SQL injection hack?

[Rey Bango]

Looks that way.

Rey

Rick King wrote:
> Hey all,
> 
> I just received this email that is generated when there is an error on a site 
> I built (www.woreitonce.com)
> 
>  ---E-MAIL
> Invalid data 1 and 1=convert(int,(select top 1 char(97)+admin_password from 
> tbl_adminusers)) for CFSQLTYPE CF_SQL_INTEGER.  The error occurred on 
> line 30.
>  Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 
> Firefox/2.0.0.6
>  81.10.46.130
> 
>  /Details.cfm
>  
> ProdID=1%20and%201=convert(int,(select%20top%201%20char(97)%2badmin_password%20from%20tbl_adminusers))
> 
> -E-MAIL
> 
> Is this a SQL injection attack? Anything I can do?
> 
> Thanks
> Rick
> 
> 
> 
> 
> 

~|
Enterprise web applications, build robust, secure 
scalable apps today - Try it now ColdFusion Today
ColdFusion 8 beta - Build next generation apps

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285485
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: SQL injection hack?

[Rick King]

I am using cfqueryparam, so hopefully that'll be good enough.

Thanks

> On Monday 06 Aug 2007, [EMAIL PROTECTED] wrote:
> > Is this a SQL injection attack?
> 
> Yes.
> 
> > Anything I can do? 
> 
> Beyond the obvious ? No - it's a fact of life that internet visible 
> sites will 
> be attacked.
> You're using cfqueryparam by the looks of it, and that'll take care of 
> most 
> kidz.
> 
> -- 
> Tom Chiverton
> 
> 
> 
> This email is sent for and on behalf of Halliwells LLP.
> 
> Halliwells LLP is a limited liability partnership registered in 
> England and Wales under registered number OC307980 whose registered 
> office address is at St James's Court Brown Street Manchester M2 2JF.  
> A list of members is available for inspection at the registered office. 
> Any reference to a partner in relation to Halliwells LLP means a 
> member of Halliwells LLP. Regulated by the Law Society.
> 
> CONFIDENTIALITY
> 
> This email is intended only for the use of the addressee named above 
> and may be confidential or legally privileged.  If you are not the 
> addressee you must not read it and must not use any information 
> contained in nor copy it nor inform any person other than Halliwells 
> LLP or the addressee of its existence or contents.  If you have 
> received this email in error please delete it and notify Halliwells 
> LLP IT Department on 0870 365 8008.
> 
> For more information about Halliwells LLP visit www.halliwells.com.


~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285487
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: SQL injection hack?

[Tom Chiverton]

On Monday 06 Aug 2007, [EMAIL PROTECTED] wrote:
> Is this a SQL injection attack?

Yes.

> Anything I can do? 

Beyond the obvious ? No - it's a fact of life that internet visible sites will 
be attacked.
You're using cfqueryparam by the looks of it, and that'll take care of most 
kidz.

-- 
Tom Chiverton



This email is sent for and on behalf of Halliwells LLP.

Halliwells LLP is a limited liability partnership registered in England and 
Wales under registered number OC307980 whose registered office address is at St 
James's Court Brown Street Manchester M2 2JF.  A list of members is available 
for inspection at the registered office. Any reference to a partner in relation 
to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law 
Society.

CONFIDENTIALITY

This email is intended only for the use of the addressee named above and may be 
confidential or legally privileged.  If you are not the addressee you must not 
read it and must not use any information contained in nor copy it nor inform 
any person other than Halliwells LLP or the addressee of its existence or 
contents.  If you have received this email in error please delete it and notify 
Halliwells LLP IT Department on 0870 365 8008.

For more information about Halliwells LLP visit www.halliwells.com.


~|
Check out the new features and enhancements in the
latest product release - download the "What's New PDF" now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285486
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: CFFILE Makes No Sense - the file is there

[Chad Gray]

The file name cannot have a space on the front of the file name in a windows 
environment.

Of course you can on Mac so if you are using Mac file services on your PC 
server and a Mac made the file on the windows machine this would be possible, 
but windows file system will not like it.



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 10:08 AM
To: CF-Talk
Subject: CFFILE Makes No Sense - the file is there

WHy is CFFILE doing this?  I'm getting an error that says it can't find the 
file and I've checked several times, the file is there, on the server in the 
correct folder with the exact file name!!!

The following information is meant for the website developer for debugging 
purposes. 

Error Occurred While Processing Request 
An exception occurred when performing a file operation COPY on files 
D:\Inetpub\wwwroot\baby\ 38035273713000.jpg and 
D:\Inetpub\wwwroot\baby\images\babycontest\2007\picture_people\Tina_Nicorette_CHARLOTTE_0806_
 38035273713000_pp.jpg. 
The cause of this exception was: java.io.FileNotFoundException: 
D:\Inetpub\wwwroot\Yobaby\ 38035273713000.jpg (The system cannot find the file 
specified). 



~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285484
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Disregard last email about breadcrumb nav

[Bruce Sorge]

OK, I am stupid (no comments please). I figured out that  has a misspelled word
(Hiearchy). Corrected the spelling and it worked fine. Attention to detail.
You figure after so many years in the Army having that pounded into my head,
I would get it by now. LOL



-- 
Bruce


~|
Check out the new features and enhancements in the
latest product release - download the "What's New PDF" now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285483
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: SQL injection hack?

[Brian Peddle]

You can't prevent people from trying but you can code to prevent it from 
messing with your database.  Make sure you are using cfqueryparam every 
place you can or use Stored Procs.

Rick King wrote:
> Hey all,
>
> I just received this email that is generated when there is an error on a site 
> I built (www.woreitonce.com)
>
>  ---E-MAIL
> Invalid data 1 and 1=convert(int,(select top 1 char(97)+admin_password from 
> tbl_adminusers)) for CFSQLTYPE CF_SQL_INTEGER.  The error occurred on 
> line 30.
>  Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 
> Firefox/2.0.0.6
>  81.10.46.130
>
>  /Details.cfm
>  
> ProdID=1%20and%201=convert(int,(select%20top%201%20char(97)%2badmin_password%20from%20tbl_adminusers))
>
> -E-MAIL
>
> Is this a SQL injection attack? Anything I can do?
>
> Thanks
> Rick
>
>
>
>
> 

~|
Download the latest ColdFusion 8 utilities including Report Builder,
plug-ins for Eclipse and Dreamweaver updates.
http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285482
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

RE: AUTOSUGGESTBINDDELAY won't take anything less than 1

[Dan G. Switzer, II]

David,

>..5 isn't really fast enough.  I know my users are going to scream.
>Maybe it's not the speed.  But this is not working as I had hoped.
>Once you start typing I would expect all matches to show up and then
>the list would eliminate items which no longer match as you continued
>typing.  With cfautosuggest you have to pause for the amount of time
>in AUTOSUGGESTBINDDELAY before the list will pop up.
>
>So, nothing really happens until you pause.  The Javascript function I
>was using before worked as I expected.  Your list popped up
>immediately and items were eliminated as they no longer matched
>without any delay at all.  This Javascript function also used the
>results of a query.
>
>Am I stuck?  Any way to tweak cfautosuggest?

Are you binding to an AJAX call or a local array? 

If binding to local array, I agree the timeout you specify should allow a
smaller amount.

However, when dealing w/AJAX calls you've got to be extremely careful that
you don't flood the server with AJAX calls. This would be easy to due if you
set the timeout too low.

The problem with CFMX 8 adding lots of AJAX functionality is developers
don't have to have understand what's going on behind the scenes. I think
it's extremely important that Web Developers really understand AJAX and the
potential server issues you introduce implementing lots of AJAX on a site.

That's not a knock on AJAX and I think it's great Adobe has made great
strides to make implementing complex DHTML easy to use--it's just I think
it's extremely important to really understand what's going on behind the
scenes.

Where I'm going with this is that it wouldn't surprise me if Adobe purposely
was trying to limit users from setting an obscurely low delay speed--since
it could have serious impact on the server. 

However, that's only an issue if you're binding to an AJAX call.

-Dan


~|
Get the answers you are looking for on the ColdFusion Labs
Forum direct from active programmers and developers.
http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285480
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

SQL injection hack?

[Rick King]

Hey all,

I just received this email that is generated when there is an error on a site I 
built (www.woreitonce.com)

 ---E-MAIL
Invalid data 1 and 1=convert(int,(select top 1 char(97)+admin_password from 
tbl_adminusers)) for CFSQLTYPE CF_SQL_INTEGER.  The error occurred on line 
30.
 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 
Firefox/2.0.0.6
 81.10.46.130

 /Details.cfm
 
ProdID=1%20and%201=convert(int,(select%20top%201%20char(97)%2badmin_password%20from%20tbl_adminusers))

-E-MAIL

Is this a SQL injection attack? Anything I can do?

Thanks
Rick




~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285481
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Problems with output of Breadcrumb Navigation

[Bruce Sorge]

I am creating a breadcrumb navigation for our new site but the output is not
what I want - it is backwards and I am not sure what to do.
First, the queries:

This one is in my header. Needs to be called each time. Although these are
actually CFC's and Stored Procs, I am showing just the query for simplicity
sake:


SELECT *
FROM tblPages
WHERE ID = 12 AND Status = 'A'

Here is the result of the query:

ID parentID
Title
Status  Hierarchy

12 3Current Board Members
A   12~3



Now the bredcrumb code:


 




 #getPagesRet2.Title#'>



 #Variables.CrumbList#


So if I am looking at Board - Current members, the breadcrumb should be
Board > Current Members. What I am getting is Current Members > Board.



I am thinking that since the Hierarchy is 12~3 and not 3~12, this is the
issue. So in the database, I changed it to 3~12 and I get an error Element
HIEARCHY is undefined in GETPAGESRET2 when I click on Current Members.

So is there something else I can look at?



Thanks,

-- 
Bruce


~|
ColdFusion 8 - Build next generation apps
today, with easy PDF and Ajax features - download now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285479
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: AUTOSUGGESTBINDDELAY won't take anything less than 1

[David Mineer]

..5 isn't really fast enough.  I know my users are going to scream.
Maybe it's not the speed.  But this is not working as I had hoped.
Once you start typing I would expect all matches to show up and then
the list would eliminate items which no longer match as you continued
typing.  With cfautosuggest you have to pause for the amount of time
in AUTOSUGGESTBINDDELAY before the list will pop up.

So, nothing really happens until you pause.  The Javascript function I
was using before worked as I expected.  Your list popped up
immediately and items were eliminated as they no longer matched
without any delay at all.  This Javascript function also used the
results of a query.

Am I stuck?  Any way to tweak cfautosuggest?

On 8/6/07, Raymond Camden <[EMAIL PROTECTED]> wrote:
> The docs clearly say you must use a non-zero integer. So while the
> default is indeed 0.5, if you want to specify something it must be a
> whole #, 1 or higher.
>
> On 8/6/07, David Mineer <[EMAIL PROTECTED]> wrote:
> > I am using an autosuggest control and it works great.  However, I want
> > to lower the response time to "0.1".  If I try anything with a
> > decimal, that is anything between 0.1 and 0.9, I get an error.  Even
> > trying the default "0.5" gives me the following error:
> >
> > Attribute validation error for the CFINPUT tag.
> > The value of the AUTOSUGGESTBINDDELAY attribute is invalid. The value
> > specified, 0.0, must be greater than 0.0.
> >
> > I have tried ".1" and "0.1".
> >
> > If I don't specify the AUTOSUGGESTBINDDELAY value, than it works also,
> > with the default of 0.5.
> >
> > I don't know what I could be doing wrong.  Anyone able to succesfully
> > use anything less than 1?
> >
> > --
> > David Mineer Jr
> > -
> > The critical ingredient is getting off your butt and doing
> > something. It's as simple as that. A lot of people have ideas,
> > but there are few who decide to do something about them now.
> > Not tomorrow. Not next week. But today. The true entrepreneur
> > is a doer.
> >
> >
>
> 

~|
ColdFusion 8 - Build next generation apps
today, with easy PDF and Ajax features - download now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285478
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

RE: ReplaceNoCase - Replace moren than 1 argument

[Andy Matthews]

Like Kris said. If you're looking to replace two strings with two other
unique strings, then replacenocase twice is your best bet.

-Original Message-
From: nicolai bass dh [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 9:50 AM
To: CF-Talk
Subject: Re: ReplaceNoCase - Replace moren than 1 argument

Hi Andy,

thank your for your quick answer.

But i have another question. You have explain me how i can replace 2
arguments with one new argument.

But how can i replace 2 arguments with 2 new arguments. 
For example replace "andy" with "first example" and "stivn" with "second
example"

Thank your for your help and with best regards.

Stivn 



~|
ColdFusion 8 - Build next generation apps
today, with easy PDF and Ajax features - download now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285477
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: CFFILE Makes No Sense - the file is there

[Ryan, Terrence]

Are the spaces between the last \ and the file name really there, or an issue 
with email. 

If it is there it could be the source of the problem as ..baby\ 
38035273713000.jpg and ..baby\38035273713000.jpg are two different files. 

Terrence Ryan
I.T. Director
Wharton Computing and Information Technology   
E-mail:     [EMAIL PROTECTED]


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 10:08 AM
To: CF-Talk
Subject: CFFILE Makes No Sense - the file is there

WHy is CFFILE doing this?  I'm getting an error that says it can't find the 
file and I've checked several times, the file is there, on the server in the 
correct folder with the exact file name!!!

The following information is meant for the website developer for debugging 
purposes. 

Error Occurred While Processing Request 
An exception occurred when performing a file operation COPY on files 
D:\Inetpub\wwwroot\baby\ 38035273713000.jpg and 
D:\Inetpub\wwwroot\baby\images\babycontest\2007\picture_people\Tina_Nicorette_CHARLOTTE_0806_
 38035273713000_pp.jpg. 
The cause of this exception was: java.io.FileNotFoundException: 
D:\Inetpub\wwwroot\Yobaby\ 38035273713000.jpg (The system cannot find the file 
specified). 

~|
Get the answers you are looking for on the ColdFusion Labs
Forum direct from active programmers and developers.
http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285476
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

RE: CFFILE Makes No Sense - the file is there

[Adrian Lynch]

Copy the file path in the error message and put it in explorer. Can you get
to it that way? It looks like there's a space in from of the file name. Is
that right?

What about permissions. Does the CF user have permission to access this
file?

Adrian

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: 06 August 2007 15:08
To: CF-Talk
Subject: CFFILE Makes No Sense - the file is there


WHy is CFFILE doing this?  I'm getting an error that says it can't find the
file and I've checked several times, the file is there, on the server in the
correct folder with the exact file name!!!

The following information is meant for the website developer for debugging
purposes.

Error Occurred While Processing Request
An exception occurred when performing a file operation COPY on files
D:\Inetpub\wwwroot\baby\ 38035273713000.jpg and
D:\Inetpub\wwwroot\baby\images\babycontest\2007\picture_people\Tina_Nicorett
e_CHARLOTTE_0806_ 38035273713000_pp.jpg.
The cause of this exception was: java.io.FileNotFoundException:
D:\Inetpub\wwwroot\Yobaby\ 38035273713000.jpg (The system cannot find the
file specified).


~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285475
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

CFFILE Makes No Sense - the file is there

[coldfusion . developer]

WHy is CFFILE doing this?  I'm getting an error that says it can't find the 
file and I've checked several times, the file is there, on the server in the 
correct folder with the exact file name!!!

The following information is meant for the website developer for debugging 
purposes. 

Error Occurred While Processing Request 
An exception occurred when performing a file operation COPY on files 
D:\Inetpub\wwwroot\baby\ 38035273713000.jpg and 
D:\Inetpub\wwwroot\baby\images\babycontest\2007\picture_people\Tina_Nicorette_CHARLOTTE_0806_
 38035273713000_pp.jpg. 
The cause of this exception was: java.io.FileNotFoundException: 
D:\Inetpub\wwwroot\Yobaby\ 38035273713000.jpg (The system cannot find the file 
specified). 

~|
Create robust enterprise, web RIAs.
Upgrade to ColdFusion 8 and integrate with Adobe Flex
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285474
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: ReplaceNoCase - Replace moren than 1 argument

[Kris Jones]

Hi Stivn,

You'd can call the replacenocase function twice:




Cheers,
Kris

> But how can i replace 2 arguments with 2 new arguments.
> For example replace "andy" with "first example" and "stivn" with "second 
> example"

~|
Download the latest ColdFusion 8 utilities including Report Builder,
plug-ins for Eclipse and Dreamweaver updates.
http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285473
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: ReplaceNoCase - Replace moren than 1 argument

[Kris Jones]

Or, if you're trying to replace more than one instance of the string
with your new expression, make sure you use the scope parameter of
"ALL":

replacenocase(mystring, "searchexpression", "newexpression", "ALL")

> i am a real newbie on coldfusion development and this is my first posting in 
> this newsgroup.
>
> I want to replace more than 2 arguments in a text with the "ReplaceNoCase" 
> function.

~|
Check out the new features and enhancements in the
latest product release - download the "What's New PDF" now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285472
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: ReplaceNoCase - Replace moren than 1 argument

[nicolai bass dh]

Hi Andy,

thank your for your quick answer.

But i have another question. You have explain me how i can replace 2 arguments 
with one new argument.

But how can i replace 2 arguments with 2 new arguments. 
For example replace "andy" with "first example" and "stivn" with "second 
example"

Thank your for your help and with best regards.

Stivn 

~|
Download the latest ColdFusion 8 utilities including Report Builder,
plug-ins for Eclipse and Dreamweaver updates.
http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285471
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: homesite for CF8?

[Ben Doom]

Even before the Adobe buyout, MM said they were dropping support for HS+ 
in favor of DW.

--Ben Doom

Leitch, Oblio wrote:
> Ok, so it sounds like there aren't any plans?  Just extending HS 5.5
> until it hurts?
> 
> -Original Message-
> From: Rey Bango [mailto:[EMAIL PROTECTED] 
> Sent: Friday, August 03, 2007 1:52 PM
> To: CF-Talk
> Subject: Re: homesite for CF8?
> 
> There are new CF8 extensions for Homesite and CF Studio here:
> 
> http://www.adobe.com/support/coldfusion/downloads.html#cfdevtools
> 
> Rey...
> 
> Leitch, Oblio wrote:
>> Anyone have any idea what Adobe plans regarding Homesite?  Will
>> something be created for CF8?  Anyone have Dreamweaver CS3 and know if
>> it's on there?
>>
>>
>> This email message may contain privileged and/or confidential
> information. If you are not the intended recipient(s), you are hereby
> notified that any dissemination, distribution, or copying of this email
> message is strictly prohibited. If you have received this message in
> error, please immediately notify the sender and delete this email
> message from your computer.
>> CAUTION: The Agency of Human Services cannot ensure the
> confidentiality or security of email transmissions.
>>
>>
> 
> 
> 
> 

~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285470
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

RE: ReplaceNoCase - Replace moren than 1 argument

[Andy Matthews]

If you're looking to replace both arguments with the same text, then you can
use REReplaceNoCase. Assuming you want to replace both "andy" and "stivn"
with the word "John":

REReplaceNoCase(string, "Andy|Stivn", "John", "ALL")

The | character is a meta character indicating "or". So this expression says
"replace either 'Andy' OR 'Stivn' with the string 'John'".

Andy matthews
 

-Original Message-
From: nicolai bass dh [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 9:22 AM
To: CF-Talk
Subject: ReplaceNoCase - Replace moren than 1 argument

Hello,

i am a real newbie on coldfusion development and this is my first posting in
this newsgroup.

I want to replace more than 2 arguments in a text with the "ReplaceNoCase"
function.

Thank you for your help and with best regards

Stivn




~|
Check out the new features and enhancements in the
latest product release - download the "What's New PDF" now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285469
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

ReplaceNoCase - Replace moren than 1 argument

[nicolai bass dh]

Hello,

i am a real newbie on coldfusion development and this is my first posting in 
this newsgroup.

I want to replace more than 2 arguments in a text with the "ReplaceNoCase" 
function.

Thank you for your help and with best regards

Stivn


~|
ColdFusion 8 - Build next generation apps
today, with easy PDF and Ajax features - download now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285468
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: One form with two submit buttons in

[Andy Matthews]

Is there any sort of validation on the form itself? I ran into this problem
using a javascript validation library. It only recognized the "first" submit
button and nothing I did could get the other one to show up. Then I removed
the validation and presto. It worked. 

-Original Message-
From: Steve Sequenzia [mailto:[EMAIL PROTECTED] 
Sent: Sunday, August 05, 2007 5:59 PM
To: CF-Talk
Subject: One form with two submit buttons in 

I have this little bit of code that I am testing with inside of a
:




 




#cmd1#



#cmd2#


When inside the  and the form is submitted it always returns a
value for cmd1 no matter which submit button is clicked to submit the form
and no value for cmd2. See example: http://demo.thinksys.com/cf8/cflayout/

When not in the  it functions like I think it should. See
Example: http://demo.thinksys.com/cf8/cflayout/1.cfm

Anyone have any idea why. I am sure I am just confusing something because I
am really not sure about a lot of the new CF8 stuff.

Thanks in advance for any help. 



~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285467
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

(Admin) list speed and missing mail

[Michael Dinowitz]

After a lot of work over the weekend it turns out that the mail server
queue was corrupt and this was causing intermittent message failures.
This has been fixed and many here should have seen a torrent of mail
hitting them yesterday.
I appreciate the emails with heads up information from people. These
helped me track down where the error was.

-- 
Michael Dinowitz
President: House of Fusion(http://www.houseoffusion.com)
Publisher: Fusion Authority(http://www.fusionauthority.com)
Adobe Community Expert / Advanced Certified ColdFusion Professional

~|
Enterprise web applications, build robust, secure 
scalable apps today - Try it now ColdFusion Today
ColdFusion 8 beta - Build next generation apps

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285466
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: CFFORM with flash format does not work in Internet Explorer ONLY

[Jayesh Viradiya]

Hi,

I tried the given code on CF8 and IE version 7.0.5730.11.
It works absolutely fine. Didnt find any issue at all.

Thanks & Regards,
Jayesh Viradiya
Adobe CF Team

-Original Message-
From: Charles Sheehan-MIles [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 06, 2007 2:42 AM
To: CF-Talk
Subject: Re: CFFORM with flash format does not work in Internet Explorer
ONLY

I'm struggling with the same problem, and have not found a solution.
Here's
the situation: 

CF8
IE7

Flash forms don't display at all in IE7, they look fine in all other
browsers.  The same exact code works fine on a CF 7.0.2 server.



~|
Create robust enterprise, web RIAs.
Upgrade to ColdFusion 8 and integrate with Adobe Flex
http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285465
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: AUTOSUGGESTBINDDELAY won't take anything less than 1

[Raymond Camden]

The docs clearly say you must use a non-zero integer. So while the
default is indeed 0.5, if you want to specify something it must be a
whole #, 1 or higher.

On 8/6/07, David Mineer <[EMAIL PROTECTED]> wrote:
> I am using an autosuggest control and it works great.  However, I want
> to lower the response time to "0.1".  If I try anything with a
> decimal, that is anything between 0.1 and 0.9, I get an error.  Even
> trying the default "0.5" gives me the following error:
>
> Attribute validation error for the CFINPUT tag.
> The value of the AUTOSUGGESTBINDDELAY attribute is invalid. The value
> specified, 0.0, must be greater than 0.0.
>
> I have tried ".1" and "0.1".
>
> If I don't specify the AUTOSUGGESTBINDDELAY value, than it works also,
> with the default of 0.5.
>
> I don't know what I could be doing wrong.  Anyone able to succesfully
> use anything less than 1?
>
> --
> David Mineer Jr
> -
> The critical ingredient is getting off your butt and doing
> something. It's as simple as that. A lot of people have ideas,
> but there are few who decide to do something about them now.
> Not tomorrow. Not next week. But today. The true entrepreneur
> is a doer.
>
> 

~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285464
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

AUTOSUGGESTBINDDELAY won't take anything less than 1

[David Mineer]

I am using an autosuggest control and it works great.  However, I want
to lower the response time to "0.1".  If I try anything with a
decimal, that is anything between 0.1 and 0.9, I get an error.  Even
trying the default "0.5" gives me the following error:

Attribute validation error for the CFINPUT tag.
The value of the AUTOSUGGESTBINDDELAY attribute is invalid. The value
specified, 0.0, must be greater than 0.0.

I have tried ".1" and "0.1".

If I don't specify the AUTOSUGGESTBINDDELAY value, than it works also,
with the default of 0.5.

I don't know what I could be doing wrong.  Anyone able to succesfully
use anything less than 1?

-- 
David Mineer Jr
-
The critical ingredient is getting off your butt and doing
something. It's as simple as that. A lot of people have ideas,
but there are few who decide to do something about them now.
Not tomorrow. Not next week. But today. The true entrepreneur
is a doer.

~|
Get the answers you are looking for on the ColdFusion Labs
Forum direct from active programmers and developers.
http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72&catid=648

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285463
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: One form with two submit buttons in <cflayoutarea>

[Raymond Camden]

"keep the form in the layout" - what do you mean? Do you want to use
Ajax to submit the form so that the contents don't change at all? If
so you could easily use cfajaxproxy or ColdFusion.Ajax.submitform.

ColdFusionBloggers.org (the contact form) uses the submitform option.

On 8/5/07, Steve Sequenzia <[EMAIL PROTECTED]> wrote:
> Ok, so I am taking Ray's advice and changing a hidden form variable and 
> submitting the form with JS. Thing is when I use the normal submit() in JS it 
> breaks the page out of the original .
>
> Anyone know how to keep the form in the layout when submitting with JS?
>
> Thanks.
>
> > Ray,
> >
> > Thanks for the help again.

~|
ColdFusion 8 - Build next generation apps
today, with easy PDF and Ajax features - download now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285462
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

real estate applications

[Uwe Degenhardt]

Hi list,
a customer of mine
wants to buy/sell real estates via
her website.
Are there any ColdFusion-applications
around of you are aware of in
this field ?
Uwe



~|
ColdFusion 8 - Build next generation apps
today, with easy PDF and Ajax features - download now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285461
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: Branch target offset too large for short null

[Gualtiero Sappa]

Ok, thank you!
we proceed to modify the code... :-(


- Original Message - 
From: "Tom Chiverton" <[EMAIL PROTECTED]>
To: "CF-Talk" 
Sent: Monday, August 06, 2007 11:32 AM
Subject: Re: Branch target offset too large for short null


> On Monday 06 Aug 2007, [EMAIL PROTECTED] wrote:
>> The same code run correctly on CF7, do you know if in CF8 the size of
>> allowed chunks is smaller?
>
> Well, technically it's a problem with the Java code the CF server writes, 
> and
> CF8 writes different code, so if you were close to the limit in 7 you 
> might
> now be over in 8.
>
>> There is a configuration to set that?
>
> Nope.
>
> -- 
> Tom Chiverton
>
> 
>
> This email is sent for and on behalf of Halliwells LLP.
>
> Halliwells LLP is a limited liability partnership registered in England 
> and Wales under registered number OC307980 whose registered office address 
> is at St James's Court Brown Street Manchester M2 2JF.  A list of members 
> is available for inspection at the registered office. Any reference to a 
> partner in relation to Halliwells LLP means a member of Halliwells LLP. 
> Regulated by the Law Society.
>
> CONFIDENTIALITY
>
> This email is intended only for the use of the addressee named above and 
> may be confidential or legally privileged.  If you are not the addressee 
> you must not read it and must not use any information contained in nor 
> copy it nor inform any person other than Halliwells LLP or the addressee 
> of its existence or contents.  If you have received this email in error 
> please delete it and notify Halliwells LLP IT Department on 0870 365 8008.
>
> For more information about Halliwells LLP visit www.halliwells.com.
>
>
> 

~|
Get involved in the latest ColdFusion discussions, product
development sharing, and articles on the Adobe Labs wiki.
http://labs/adobe.com/wiki/index.php/ColdFusion_8

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285460
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4

Re: CFFORM with flash format does not work in Internet Explorer ONLY

[Charles Sheehan-MIles]

Yep, and like I said, the forms work in every browser except IE 7. With IE7,
I just get a blank space where the form should be.  It's really odd.


On 8/5/07 9:04 PM, "James Holmes" <[EMAIL PROTECTED]> wrote:

> Are you able to navigate to the scripts in the CFIDE folder on the cf8 server?
> 
> On 8/6/07, Charles Sheehan-MIles <[EMAIL PROTECTED]> wrote:
>> I'm struggling with the same problem, and have not found a solution.  Here's
>> the situation:
>> 
>> CF8
>> IE7
>> 
>> Flash forms don't display at all in IE7, they look fine in all other
>> browsers.  The same exact code works fine on a CF 7.0.2 server.
> 

-- 
Charles Sheehan-Miles | http://www.sheehanmiles.com
Author of Republic: A Novel of America's Future

Sparse, clean narrative... Pay attention to this new book... -- Pulitzer
Prize winning journalist John Hanchette, Niagara Falls Reporter

This novel ...may be prophetic...It will disturb you...It should. --
DailyKos


~|
ColdFusion is delivering applications solutions at at top companies 
around the world in government.  Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285459
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: Branch target offset too large for short null

[Tom Chiverton]

On Monday 06 Aug 2007, [EMAIL PROTECTED] wrote:
> The same code run correctly on CF7, do you know if in CF8 the size of
> allowed chunks is smaller?

Well, technically it's a problem with the Java code the CF server writes, and 
CF8 writes different code, so if you were close to the limit in 7 you might 
now be over in 8.

> There is a configuration to set that?

Nope.

-- 
Tom Chiverton



This email is sent for and on behalf of Halliwells LLP.

Halliwells LLP is a limited liability partnership registered in England and 
Wales under registered number OC307980 whose registered office address is at St 
James's Court Brown Street Manchester M2 2JF.  A list of members is available 
for inspection at the registered office. Any reference to a partner in relation 
to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law 
Society.

CONFIDENTIALITY

This email is intended only for the use of the addressee named above and may be 
confidential or legally privileged.  If you are not the addressee you must not 
read it and must not use any information contained in nor copy it nor inform 
any person other than Halliwells LLP or the addressee of its existence or 
contents.  If you have received this email in error please delete it and notify 
Halliwells LLP IT Department on 0870 365 8008.

For more information about Halliwells LLP visit www.halliwells.com.


~|
Check out the new features and enhancements in the
latest product release - download the "What's New PDF" now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285457
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

Re: OT: Driving cross country w/ CFMX and a mobile card

[Tom Chiverton]

On Friday 03 Aug 2007, [EMAIL PROTECTED] wrote:
> result ­ a "live" map of our journey across the United States with pinpoint
> precision as to where my car is 
> (including a live webcam). The map will update every 15 minutes, so long as
> we have an internet signal.

Handy - now I know where there is a laptop I can steal.

Only kidding :-)

-- 
Tom Chiverton



This email is sent for and on behalf of Halliwells LLP.

Halliwells LLP is a limited liability partnership registered in England and 
Wales under registered number OC307980 whose registered office address is at St 
James's Court Brown Street Manchester M2 2JF.  A list of members is available 
for inspection at the registered office. Any reference to a partner in relation 
to Halliwells LLP means a member of Halliwells LLP. Regulated by the Law 
Society.

CONFIDENTIALITY

This email is intended only for the use of the addressee named above and may be 
confidential or legally privileged.  If you are not the addressee you must not 
read it and must not use any information contained in nor copy it nor inform 
any person other than Halliwells LLP or the addressee of its existence or 
contents.  If you have received this email in error please delete it and notify 
Halliwells LLP IT Department on 0870 365 8008.

For more information about Halliwells LLP visit www.halliwells.com.


~|
Enterprise web applications, build robust, secure 
scalable apps today - Try it now ColdFusion Today
ColdFusion 8 beta - Build next generation apps

Archive: 
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:285458
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4