Re: Adobe Abandons Flex
Don't worry G, it didn't make sense to me either. In my memory, when IE6 was released it's implementations of HTML and CSS didn't meet the 'standards' set forth by the existing W3C specs either. If you were writing to standards you were writing it for the brand new Firefox browser, then writing hacks to also make it work in IE (kind of like we have to do now). This conversation is going nowhere. The point is, closed system development is still very common because there are still companies and governments that can not/will not move beyond IE6. This is a fact, period. Although these organizations will, one day, upgrade, the reality of it is that pushing HTML5 adoption in this current environment is still a pipe dream in anything other than a consumer market. And *applications*, like those we develop day to day, are written more for internal enterprise and government users more than general consumers (not always the case, and an assumption on my part based on my experience). The one advantage we have today over the past is that we have cross browser libraries like JQueryUI and Ext JS, and technologies like Flex (in orgs that allow the Flash player, of which their are still many that do not). In my last gig, we had a large CMS that served up sites for the auto-dealer industry. This had two pieces, the CMS (administered by the dealerships) and the sites themselves. Because dealerships had internal applications they would not replace, our application (the CMS) had to be supported in IE6, even though the sites themselves went out to the general public. If we didn't support IE6 then we wouldn't have those clients, which would have cost us millions in annual revenue. Tell me about the markets you serve? And how is that vertical different? Steve 'Cutter' Blades Adobe Community Professional Adobe Certified Expert Advanced Macromedia ColdFusion MX 7 Developer http://cutterscrossing.com Co-Author Learning Ext JS 3.2 Packt Publishing 2010 https://www.packtpub.com/learning-ext-js-3-2-for-building-dynamic-desktop-style-user-interfaces/book The best way to predict the future is to help create it On 11/17/2011 3:29 PM, Gerald Guido wrote: Common sense says: write to standards, Color me stupid but I am not understanding what that means, Write to standards. I ran across the same thing here on this page. http://paulirish.com/2011/browser-market-pollution-iex-is-the-new-ie6/ Corporate users should be testing their applications against standards, not browser version numbers. What does that mean, testing their applications against standards? Any elucidation, or clarification would be greatly appreciated. Many TIA, G! On Thu, Nov 17, 2011 at 3:17 PM, Judah McAuleyju...@wiredotter.com wrote: Oh, I agree Russ, but you were making absolutist statements, not using common sense. Common sense says: write to standards, tweak as required for individual customer needs, plan periodic refreshes to better take advantage of improving/changing technology. Cheers, Judah On Thu, Nov 17, 2011 at 12:13 PM, Russ Michaelsr...@michaels.me.uk wrote: you have to use a bit of common sense here, obviously every app in the world was not written by you and does not work the same as yours, if they did then this thread would not exist nor would the previous comments. On Thu, Nov 17, 2011 at 7:01 PM, Judah McAuleyju...@wiredotter.com wrote: Not at all true, Russ. Here's a website that I wrote in 1994 that is archived (archive.org only has it back through 1996) that works just fine in Chrome 16, IE 9 and FireFox 8 on a Windows 7 box. http://web.archive.org/web/19961018091409/http://babel.uoregon.edu/yamada/guides.html None of those browsers even existed when I started that in 94. I was targeting HTML specs and, lo and behold, still works fine 15+ years later on browsers I could not have imagined at the time. Judah On Thu, Nov 17, 2011 at 9:45 AM, Russ Michaelsr...@michaels.me.uk wrote: not exactly true. If you have a 5 year old app that was written for the browsers of the time, it wont matter whether it was written for just 1 browser or for all browsers, it will still be out of date now and will still need updating for the latest browsers. If however it was only written to work for say IE then it only needs to be fixed for IE, much less work/time and cost. Making an app cross browser does not magically make it future proof. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348804 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: Adobe Abandons Flex
I'm new to this thread but has anyone having issues with IE tried this: http://code.google.com/p/html5shiv/ We started using it recently and it rocks Sorry if this is a repeat or if I'm stating the bleeding obvious :) ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348805 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Jrun issue?
We had an interesting fail that happened yesterday. We had a user send out a large amount of mail during the day which choked off almost all of our bandwidth. When this happened, it collapsed our VPN tunnel. This tunnel is how we make our connection to our Oracle Database. With the DB down of course regular CF functionally was fine until code that accesses the DB is executed. What appeared to happen is the site tried to make a DB connection and eventually timed out. This process continued over and over again with each attempted connection to the DB until Jrun crashed or became unresponsive. When I saw the Jrun error message, my first thought was to restart CF and Apache. This fixed the issue for the time until another connection to the DB was attempted. At that point this whole process restarted itself which lead to another crash. Eventually, we discovered that the VPN tunnel was not operational and that was what prevented the DB connections. The question I have from my boss is *what can we do to prevent this*? I think the answer is there is nothing we can do. My suggestion from the experience yesterday is to ensure the tunnel is operational. I don't think there is anything else that can be done. Thanks in advance, Mallory Woods ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348806 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Jrun issue?
Ouch, You're probably right, you can't totally prevent it - not without adding some local redundancy - however you can react to it faster. The first step towards that is actively monitoring the connection tunnel. I would create a schedule task / test file that looks to see if you can access a table in the DB - something dumb you know will always be there - if the query fails it notifies you immediately. I don't know much about your VPN setup, but if you can also hit a file system across it, then you may want to periodically try to do some file interaction on it as well - either test should tell you if the VPN is up or not. =] -- Alan Rother Manager, Phoenix Cold Fusion User Group, www.AZCFUG.org Twitter: @AlanRother ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348807 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Weird attack
Hi, Since a few days, I have all my sites receiving requests in which a string like /**/or/**/1=@@version)-- is added in the URL. Has someone any idea what this guy is actually trying to do ? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348808 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Jrun issue?
Monitoring all aspects of the server environment including the network is always a good thing. Elimination single points of failure will help, but that takes a lot of work and expense. For monitoring the VPN, there are network monitoring tools. The simplest one being PING. Wil Genovese Sr. Web Application Developer/ Systems Administrator CF Webtools www.cfwebtools.com wilg...@trunkful.com www.trunkful.com On Nov 18, 2011, at 10:57 AM, Alan Rother wrote: Ouch, You're probably right, you can't totally prevent it - not without adding some local redundancy - however you can react to it faster. The first step towards that is actively monitoring the connection tunnel. I would create a schedule task / test file that looks to see if you can access a table in the DB - something dumb you know will always be there - if the query fails it notifies you immediately. I don't know much about your VPN setup, but if you can also hit a file system across it, then you may want to periodically try to do some file interaction on it as well - either test should tell you if the VPN is up or not. =] -- Alan Rother Manager, Phoenix Cold Fusion User Group, www.AZCFUG.org Twitter: @AlanRother ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348809 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
I've gotten those as well. It appears he's using a proxy or it's a worm as it's traced to Germany and PA in the states. No clue as to what it's trying to accomplish. On Fri, Nov 18, 2011 at 8:57 AM, wrote: Hi, Since a few days, I have all my sites receiving requests in which a string like /**/or/**/1=@@version)-- is added in the URL. Has someone any idea what this guy is actually trying to do ? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348810 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
No clue what they are after, but I have been seeing that in my error notification alerts the week. Good old cfqueryparam has been working like a charm! Wil Genovese Sr. Web Application Developer/ Systems Administrator CF Webtools www.cfwebtools.com wilg...@trunkful.com www.trunkful.com On Nov 18, 2011, at 10:57 AM, Claude Schnéegans schneegans@internetiq.trunkful.com wrote: Hi, Since a few days, I have all my sites receiving requests in which a string like /**/or/**/1=@@version)-- is added in the URL. Has someone any idea what this guy is actually trying to do ? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348811 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
Well, if it wasn't cfqueryparam, I don't see any issues in the SQL that would cause ... anything. Am I missing something here? If it wasn't scrubbed, what would it do? On Fri, Nov 18, 2011 at 9:02 AM, Wil Genovese jugg...@trunkful.com wrote: No clue what they are after, but I have been seeing that in my error notification alerts the week. Good old cfqueryparam has been working like a charm! Wil Genovese Sr. Web Application Developer/ Systems Administrator CF Webtools www.cfwebtools.com wilg...@trunkful.com www.trunkful.com On Nov 18, 2011, at 10:57 AM, Claude Schnéegans schneegans@internetiq.trunkful.com wrote: Hi, Since a few days, I have all my sites receiving requests in which a string like /**/or/**/1=@@version)-- is added in the URL. Has someone any idea what this guy is actually trying to do ? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348812 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
That is an attempted SQL Injection. @@VERSION returns all the goodies you would expect, and offers information an attacker might be able to use to better expoit. MS SQL Server @@VERSION: http://msdn.microsoft.com/en-US/library/ms177512(v=SQL.90).aspx On Fri, Nov 18, 2011 at 11:02 AM, Wil Genovese jugg...@trunkful.com wrote: No clue what they are after, but I have been seeing that in my error notification alerts the week. Good old cfqueryparam has been working like a charm! Wil Genovese Sr. Web Application Developer/ Systems Administrator CF Webtools www.cfwebtools.com wilg...@trunkful.com www.trunkful.com On Nov 18, 2011, at 10:57 AM, Claude Schnéegans schneegans@ internetiq.trunkful.com wrote: Hi, Since a few days, I have all my sites receiving requests in which a string like /**/or/**/1=@@version)-- is added in the URL. Has someone any idea what this guy is actually trying to do ? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348813 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
Since a few days, I have all my sites receiving requests in which a string like /**/or/**/1=@@version)-- is added in the URL. I would guess it's targeting MS SQL Server (@@VERSION). Beyond that, I'd guess it's intended to identify vulnerable web apps using SQL Server and perhaps measure timings. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348814 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
Ah.. Thank you. On Fri, Nov 18, 2011 at 9:05 AM, Aaron deren...@gmail.com wrote: That is an attempted SQL Injection. @@VERSION returns all the goodies you would expect, and offers information an attacker might be able to use to better expoit. MS SQL Server @@VERSION: http://msdn.microsoft.com/en-US/library/ms177512(v=SQL.90).aspx On Fri, Nov 18, 2011 at 11:02 AM, Wil Genovese jugg...@trunkful.com wrote: No clue what they are after, but I have been seeing that in my error notification alerts the week. Good old cfqueryparam has been working like a charm! Wil Genovese Sr. Web Application Developer/ Systems Administrator CF Webtools www.cfwebtools.com wilg...@trunkful.com www.trunkful.com On Nov 18, 2011, at 10:57 AM, Claude Schnéegans schneegans@ internetiq.trunkful.com wrote: Hi, Since a few days, I have all my sites receiving requests in which a string like /**/or/**/1=@@version)-- is added in the URL. Has someone any idea what this guy is actually trying to do ? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348815 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Jrun issue?
VPN connections between servers for use in this way I had always found to be unreliable. There is nothing you can do to avoid this i'm afraid in this setup. CF requests will run until they either complete or timeout. Because a database connection is what is called native code, the request cannot be killed by CF or even fusionReactor so will usually just hang indefinitely However you should be using some form of monitoring to mitigate such situations, a decent network monitoring tool will be able to monitor your VPN and restart the service if it goes down. Take a look at PRTG or Kaseya. you could also use FusionReactor to monitor CF to detect problems with DB connections as well. I would suggest a failover solution for your database server, but that would presumably be on the other end of a VPN as well, so would suffer from the same problem. You could also consider putting mail and Oracle on the same network as the CF server to avoid this problem altogether. On Fri, Nov 18, 2011 at 4:49 PM, Mallory Woods mallory.wo...@gmail.com wrote: We had an interesting fail that happened yesterday. We had a user send out a large amount of mail during the day which choked off almost all of our bandwidth. When this happened, it collapsed our VPN tunnel. This tunnel is how we make our connection to our Oracle Database. With the DB down of course regular CF functionally was fine until code that accesses the DB is executed. What appeared to happen is the site tried to make a DB connection and eventually timed out. This process continued over and over again with each attempted connection to the DB until Jrun crashed or became unresponsive. When I saw the Jrun error message, my first thought was to restart CF and Apache. This fixed the issue for the time until another connection to the DB was attempted. At that point this whole process restarted itself which lead to another crash. Eventually, we discovered that the VPN tunnel was not operational and that was what prevented the DB connections. The question I have from my boss is *what can we do to prevent this*? I think the answer is there is nothing we can do. My suggestion from the experience yesterday is to ensure the tunnel is operational. I don't think there is anything else that can be done. Thanks in advance, Mallory Woods ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348816 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
I do not know about the whole expression. But a few references mentioned using 1=@@version) to trigger an error disclosing the database version. The @@version variable works in MySQL and MS SQL, maybe others. -Leigh ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348817 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
MS SQL Server (@@VERSION). Btw: MySQL supports @@VERSION too. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348818 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
this is SQL Injection. most hackers will first use a simple URL hack like this to identify vulnerable websites, their bot will collect the response and flag the ones that gave back the required response. If your site returned what they wanted, in this case SQL server version information, then they will attack you with a whole bunch of other SQL injection scripts that are intended to insert phishing Javascripts calls into your database, which will then be output into your page content on your site, this loading the phishing scripts into your unsuspecting visitors browsers. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348819 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
select @@VERSION does not work with PostgreSQL. This is the DB I use for all my sites. I scrub ALL data input, varchar fields get run through several scrubbers in my code. The one I am seeing this on are integer fields and I have cfqueryparam datatypes sets. Thus integers are scrubbed without any other code. Lazy, yes, but it works and I have error handling to deal with it. Wil Genovese Sr. Web Application Developer/ Systems Administrator CF Webtools www.cfwebtools.com wilg...@trunkful.com www.trunkful.com On Nov 18, 2011, at 11:15 AM, Leigh wrote: MS SQL Server (@@VERSION). Btw: MySQL supports @@VERSION too. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348820 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
Good old cfqueryparam has been working like a charm! If your template is not using URL parameters in a query, cfqueryparam wont help. And if the parameter is text, the scrap will get into your database as well. Happily, my moron trap is more general. ;-) ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348821 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
SQL Injection attacks are usually just one little possibility an attacker tries as fast and as many places as they can hoping one of them will give up the goods. That one in particular looks like they are banking on forcing their own parameterized query input comparison. If they can break your query's parsing logic and declare their own parameter point 1 then they can supply a test case version in say the form scope they may be thinking you are using directly in the code, and comparing that to your database's @@version information. Probably the hope for the attacker is query would run something like (the @@version output doesn't really look like my example, but the idea is the same): select * from table where ( ... Microsoft SQL Server 2000 build 1234, Windows Server 2003 SP1=@@version) -- and def = whatever) At this point they know what you are running if the query successfully executed, and probably try some known exploits for that platform. Luckily this isn't something to worry about when you parameterize your queries, since that input will not be executable query constructs. On Fri, Nov 18, 2011 at 11:05 AM, Phillip Vector vec...@mostdeadlygame.comwrote: Well, if it wasn't cfqueryparam, I don't see any issues in the SQL that would cause ... anything. Am I missing something here? If it wasn't scrubbed, what would it do? On Fri, Nov 18, 2011 at 9:02 AM, Wil Genovese jugg...@trunkful.com wrote: No clue what they are after, but I have been seeing that in my error notification alerts the week. Good old cfqueryparam has been working like a charm! Wil Genovese Sr. Web Application Developer/ Systems Administrator CF Webtools www.cfwebtools.com wilg...@trunkful.com www.trunkful.com On Nov 18, 2011, at 10:57 AM, Claude Schnéegans schneegans@ internetiq.trunkful.com wrote: Hi, Since a few days, I have all my sites receiving requests in which a string like /**/or/**/1=@@version)-- is added in the URL. Has someone any idea what this guy is actually trying to do ? ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348822 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
If your site returned what they wanted, in this case SQL server version information Ok, I see. In my case, I doubt the 403 error they get in return will help them a lot ;-) ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348823 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Weird attack
It is actually very difficult to change an application's rendered output, like in the case of obtaining version information. It is much easier to inject comparisons and see if the template continues to execute, and that would verify their inquiry. You are right an attacker that is just blanket attacking like that probably will see 403 errors and ignore it, but that is also why they hit a site everywhere they can because that injection will only work in specific conditions they hope you might have somewhere in your application. On Fri, Nov 18, 2011 at 11:33 AM, wrote: If your site returned what they wanted, in this case SQL server version information Ok, I see. In my case, I doubt the 403 error they get in return will help them a lot ;-) ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348824 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Query Errors
I've been using the query below in a CFC for months and today it started throwing random time out errors. Nothing has changed. Any thought as to why I may be getting errors on this query all of the sudden? cfquery name=random_poll datasource=#application.dsn# SELECT TOP 1 portal_polls.poll_id, portal_polls.question, portal_polls.answer1, portal_polls.answer2, portal_polls.answer3, portal_polls.answer4, portal_polls.answer5, portal_polls.number_answers FROM portal_polls WHERE (portal_polls.start_date #Now()# and portal_polls.end_date #Now()#) and (everyone=1 OR exists (SELECT DISTINCT poll_id FROM portal_groups_x_polls, portal_students_x_groups WHERE portal_groups_x_polls.poll_id=portal_polls.poll_id and portal_students_x_groups.group_id=portal_groups_x_polls.group_id and portal_students_x_groups.student_user_id=#session.userid#)) and not exists (SELECT poll_id FROM portal_students_x_completed_polls WHERE portal_students_x_completed_polls.poll_id=portal_polls.poll_id and portal_students_x_completed_polls.student_user_id=#session.userid#) ORDER BY NEWID(); /cfquery Thanks, Robert B. Harrison Director of Interactive Services Austin Williams 125 Kennedy Drive, Suite 100 Hauppauge NY 11788 P : 631.231.6600 Ext. 119 F : 631.434.7022 http://www.austin-williams.com Great advertising can't be either/or. It must be . Plug in to our blog: AW Unplugged http://www.austin-williams.com/unplugged ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348825 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Query Errors
I've been using the query below in a CFC for months and today it started throwing random time out errors. Nothing has changed. Any thought as to why I may be getting errors on this query all of the sudden? What happens when you run the query directly through a query analyzer? What happens when you use SHOWPLAN or the appropriate alternative for your database? Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348826 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Query Errors
have you checked the connectivity between your cf server and the db server to make sure it is running normally. test the queries directly against the database server as well too see how long they take. On Fri, Nov 18, 2011 at 6:22 PM, Dave Watts dwa...@figleaf.com wrote: I've been using the query below in a CFC for months and today it started throwing random time out errors. Nothing has changed. Any thought as to why I may be getting errors on this query all of the sudden? What happens when you run the query directly through a query analyzer? What happens when you use SHOWPLAN or the appropriate alternative for your database? Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348827 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
RE: Query Errors
Well, the errors stopped. Everything on the query checks out fine and the logs don't show any issues. I'm stumped. Probably a connectivity problem but see no other evidence of that. I guess I'll let it ride as a glitch and see what happened. Strange. Robert B. Harrison Director of Interactive Services Austin Williams 125 Kennedy Drive, Suite 100 Hauppauge NY 11788 P : 631.231.6600 Ext. 119 F : 631.434.7022 http://www.austin-williams.com Great advertising can't be either/or. It must be . Plug in to our blog: AW Unplugged http://www.austin-williams.com/unplugged ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348828 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
How to search for all occurences of a string in a text?
Hi, I have a series of texts, each of which I want to search for the occurence of links to images. From each text I want to extract image filenames that end on one of these strings: .gif,.jpg,.jpeg,.png,.bmp Searching a text containing the string img src=http://my.domain.com/path/to/images/testimg.gif; would give me testimg.gif, searching a text containing the strings img src=http://my.domain.com/path/to/images/testimg.gif; img src=http://my.domain.com/path/to/images/testimg.jpg; img src=http://my.domain.com/path/to/images/testimg.png; would give me testimg.gif,testimg.jpg,testimg.png I think REFindNoCase is most suitable for this since it's the only CF function that lets me search for multiple occurences of a pattern I know of. I can't get it to match _all_ occurences of the string I'm looking for. The regular expression I use: (img src ?= ?[|'][https?://]?[a-zA-Z0-9_\-/\\\.^\.jpg]+\.jpg)\s?(\1)* I do this: REFindNoCase(RE,string,1,true) where RE is the above regular expression and string is the string containing 3 img tags with an .jpg resource. This gives me an array containing the starting position and the length of the _first_ element in the string that matches with the regular expression. I can't get it to include all matches in the string. Is my regular expression wrong or is it not possible what I want? Marc ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348829 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: How to search for all occurences of a string in a text?
Start by simplifying the regex: cfset reg = [^]+/([^/]+\.(jpg|gif|png)) / (It just gets every image reference inside double-quotes.) Then use REMatchNoCase() to get an array of all matches: cfset test = reMatchNoCase(reg, string) / (REFindNoCase() only gets one match, so it only works if you put it inside a conditional loop.) Then loop over the array and get the last list element using the / as the delimiter (and also strip out the trailing quote): cfoutput cfloop array=#test# index=a #listLast(listLast(a, ), /)# br / /cfloop /cfoutput On 11/18/2011 7:32 PM, marc -- wrote: Hi, I have a series of texts, each of which I want to search for the occurence of links to images. From each text I want to extract image filenames that end on one of these strings: .gif,.jpg,.jpeg,.png,.bmp Searching a text containing the string img src=http://my.domain.com/path/to/images/testimg.gif; would give me testimg.gif, searching a text containing the strings img src=http://my.domain.com/path/to/images/testimg.gif; img src=http://my.domain.com/path/to/images/testimg.jpg; img src=http://my.domain.com/path/to/images/testimg.png; would give me testimg.gif,testimg.jpg,testimg.png I think REFindNoCase is most suitable for this since it's the only CF function that lets me search for multiple occurences of a pattern I know of. I can't get it to match _all_ occurences of the string I'm looking for. The regular expression I use: (img src ?= ?[|'][https?://]?[a-zA-Z0-9_\-/\\\.^\.jpg]+\.jpg)\s?(\1)* I do this: REFindNoCase(RE,string,1,true) where RE is the above regular expression and string is the string containing 3img tags with an .jpg resource. This gives me an array containing the starting position and the length of the _first_ element in the string that matches with the regular expression. I can't get it to include all matches in the string. Is my regular expression wrong or is it not possible what I want? Marc ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:348830 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
