Re: Alternative to CFOBJECT
yes but only if not using sandboxes. On Fri, Aug 31, 2012 at 11:07 PM, Dave Watts wrote: > > > cfobject sure, but cfcontent ? > > CFCONTENT does pose a significant security risk (information leakage) > in a shared environment - you can use it to fetch any file that CF can > read. > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > http://training.figleaf.com/ > > Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on > GSA Schedule, and provides the highest caliber vendor-authorized > instruction at our training centers, online, or onsite. > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352392 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: SOT: Thoughts on Hostek?
I agree completely about Vivio. Great folks. On Fri, Aug 31, 2012 at 1:17 PM, Gerald Guido wrote: > > >> You **will not** find a better host in the CFML world. Period. > > 1++ for what Matt said. Hands down the best hosting company I have ever > dealt with and I have had (and worked for a couple) a lot of hosting > companies. > > G! > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352391 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Alternative to CFOBJECT
> cfobject sure, but cfcontent ? CFCONTENT does pose a significant security risk (information leakage) in a shared environment - you can use it to fetch any file that CF can read. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352390 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Alternative to CFOBJECT
cfobject sure, but cfcontent ? On Fri, Aug 31, 2012 at 9:52 PM, Jochem van Dieten wrote: > > On Thu, Aug 30, 2012 at 10:17 PM, Russ Michaels wrote: > > well the only reason they could have all those tags disabled is because > > they do not use security sandboxes, which would imply they are hosting > with > > the standard edition of ColdFusion, and tus have to disable any tag which > > allows files to be read/written from the server. > > If that were the case they would disable tags like cffile and > cfdirectory. Instead, what they have disabled are those tags that > allows you to instantiate arbitrary Java/COM/.NET classes and run > executables. (Plus cfdump which uses cfobject internally so would be > broken if enabled.) Those are the tags that allow you to bypass even a > properly configured security sandbox. > > Unfortunately sandboxes are imperfect and this is the price you pay if > you have to share an instance with somebody else. > > Jochem > > -- > Jochem van Dieten > http://jochem.vandieten.net/ > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352389 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Alternative to CFOBJECT
Her husband is a Major in the Army. She works for DHS. On Aug 31, 2012, at 7:32 AM, Scott Stewart wrote: > > She's only about 30 (ish) miles from where I'm living and she must be > loaded... Great Falls is not a cheap area :) > > On Thu, Aug 30, 2012 at 7:56 PM, Bruce Sorge wrote: > >> >> I just looked it up and she is in great falls. >> >> Sent from my iPhone 4S. >> >> On Aug 30, 2012, at 2:50 PM, Scott Stewart >> wrote: >> >>> >>> Where at in Alexandria? >>> >> >> > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352388 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Alternative to CFOBJECT
On Thu, Aug 30, 2012 at 10:17 PM, Russ Michaels wrote: > well the only reason they could have all those tags disabled is because > they do not use security sandboxes, which would imply they are hosting with > the standard edition of ColdFusion, and tus have to disable any tag which > allows files to be read/written from the server. If that were the case they would disable tags like cffile and cfdirectory. Instead, what they have disabled are those tags that allows you to instantiate arbitrary Java/COM/.NET classes and run executables. (Plus cfdump which uses cfobject internally so would be broken if enabled.) Those are the tags that allow you to bypass even a properly configured security sandbox. Unfortunately sandboxes are imperfect and this is the price you pay if you have to share an instance with somebody else. Jochem -- Jochem van Dieten http://jochem.vandieten.net/ ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352387 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: SOT: Thoughts on Hostek?
You can find some good host reviews over at forta.com and brownbook.net If your in usa i would recommend edge web hosting If your in uk, give us a try, cfmxhosting.co.uk Regards Russ Michaels On Aug 31, 2012 9:28 PM, ".jonah" wrote: > > Thanks All. > > > On 8/31/12 1:17 PM, Gerald Guido wrote: > >>> You **will not** find a better host in the CFML world. Period. > > 1++ for what Matt said. Hands down the best hosting company I have ever > > dealt with and I have had (and worked for a couple) a lot of hosting > > companies. > > > > G! > > > > On Fri, Aug 31, 2012 at 4:08 PM, Matt Quackenbush >wrote: > > > >> I am biased as hell (no, I don't make a penny from my bias), but I would > >> strongly urge you to have your client go with Vivio instead. You **will > >> not** find a better host in the CFML world. Period. > >> > >> https://www.viviotech.net/ > >> > >> > >> On Thu, Aug 30, 2012 at 8:41 PM, Jordan Michaels >>> wrote: > >>> The folks at Hostek are good people that I'm proud to call "friends" of > >>> mine. They know their stuff. I'm confident they can take care of you > and > >>> your client. > >>> > >>> Warm Regards, > >>> Jordan Michaels > >>> > >>> On 08/30/2012 06:35 PM, .jonah wrote: > Hi All, > > I have a client who's thinking of using Hostek.com for a fairly large > Mura site. > > I don't know anything about them - any experiences / thoughts / > recommendations? > > (Off list is fine too.) > > Thanks! > .jonah > > > >>> > >> > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352386 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: SOT: Thoughts on Hostek?
Thanks All. On 8/31/12 1:17 PM, Gerald Guido wrote: >>> You **will not** find a better host in the CFML world. Period. > 1++ for what Matt said. Hands down the best hosting company I have ever > dealt with and I have had (and worked for a couple) a lot of hosting > companies. > > G! > > On Fri, Aug 31, 2012 at 4:08 PM, Matt Quackenbush wrote: > >> I am biased as hell (no, I don't make a penny from my bias), but I would >> strongly urge you to have your client go with Vivio instead. You **will >> not** find a better host in the CFML world. Period. >> >> https://www.viviotech.net/ >> >> >> On Thu, Aug 30, 2012 at 8:41 PM, Jordan Michaels >> wrote: >>> The folks at Hostek are good people that I'm proud to call "friends" of >>> mine. They know their stuff. I'm confident they can take care of you and >>> your client. >>> >>> Warm Regards, >>> Jordan Michaels >>> >>> On 08/30/2012 06:35 PM, .jonah wrote: Hi All, I have a client who's thinking of using Hostek.com for a fairly large Mura site. I don't know anything about them - any experiences / thoughts / recommendations? (Off list is fine too.) Thanks! .jonah >>> >> > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352385 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: SOT: Thoughts on Hostek?
>> You **will not** find a better host in the CFML world. Period. 1++ for what Matt said. Hands down the best hosting company I have ever dealt with and I have had (and worked for a couple) a lot of hosting companies. G! On Fri, Aug 31, 2012 at 4:08 PM, Matt Quackenbush wrote: > > I am biased as hell (no, I don't make a penny from my bias), but I would > strongly urge you to have your client go with Vivio instead. You **will > not** find a better host in the CFML world. Period. > > https://www.viviotech.net/ > > > On Thu, Aug 30, 2012 at 8:41 PM, Jordan Michaels >wrote: > > > > > The folks at Hostek are good people that I'm proud to call "friends" of > > mine. They know their stuff. I'm confident they can take care of you and > > your client. > > > > Warm Regards, > > Jordan Michaels > > > > On 08/30/2012 06:35 PM, .jonah wrote: > > > > > > Hi All, > > > > > > I have a client who's thinking of using Hostek.com for a fairly large > > > Mura site. > > > > > > I don't know anything about them - any experiences / thoughts / > > > recommendations? > > > > > > (Off list is fine too.) > > > > > > Thanks! > > > .jonah > > > > > > > > > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352384 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: SOT: Thoughts on Hostek?
I am biased as hell (no, I don't make a penny from my bias), but I would strongly urge you to have your client go with Vivio instead. You **will not** find a better host in the CFML world. Period. https://www.viviotech.net/ On Thu, Aug 30, 2012 at 8:41 PM, Jordan Michaels wrote: > > The folks at Hostek are good people that I'm proud to call "friends" of > mine. They know their stuff. I'm confident they can take care of you and > your client. > > Warm Regards, > Jordan Michaels > > On 08/30/2012 06:35 PM, .jonah wrote: > > > > Hi All, > > > > I have a client who's thinking of using Hostek.com for a fairly large > > Mura site. > > > > I don't know anything about them - any experiences / thoughts / > > recommendations? > > > > (Off list is fine too.) > > > > Thanks! > > .jonah > > > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352383 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: SOT: Thoughts on Hostek?
I would avoid... I'm glad they are helping the CF community at tradeshows and conferences but the lack of phone support really is noticeable compared to the fortune 500 that host CF.\Try Rackspace, intermedia.net or HostMySite.com On Thu, Aug 30, 2012 at 9:35 PM, .jonah wrote: > > Hi All, > > I have a client who's thinking of using Hostek.com for a fairly large > Mura site. > > I don't know anything about them - any experiences / thoughts / > recommendations? > > (Off list is fine too.) > > Thanks! > .jonah > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352382 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Any way to log every call to stored procedures
I didn't find anything in any of the CF Admin API's for this. I do think this
would be a good idea so I added a feature request to the Adobe Bug Base. Voter
for it if you think this is a good idea.
https://bugbase.adobe.com/index.cfm?event=bug&id=3322414
Feature 3322414
Title
ColdFusion 11 - more Debug API features
Description
I would like to be able to access the Debug API to do more than just adjust the
Debug settings. I'd like to capture the Debug output data so we can do what
ever we want with it.
A current example is with a massive code base we inherited, there isn't an UML
or documentation anywhere. There are thousands of stored proces. We'd like to
be able to log/record all the SP's and queries called on each page (URL) thus
helping to generate a mapping of things.
I think more features in the Debug API would allow for this.
Example ideas:
Debug.queries();
Debug.stackTrace();
Debug.scope('session');
Debug.scope('application');
Etc
Wil Genovese
Sr. Web Application Developer/
Systems Administrator
CF Webtools
www.cfwebtools.com
wilg...@trunkful.com
www.trunkful.com
On Aug 30, 2012, at 3:06 PM, kbutte...@yahoo.com kbutte...@yahoo.com wrote:
>
> We have a client for whom we are doing a bunch of refactoring of code. As
> part of the QA, the client would like to know, for every page, what stored
> procedures are called and how that page is accessed.
>
> So what I would like to do is to log the call stack and the stored procedures
> called for every page.
>
> That information is in the debug info, so it should be obtainable, but I
> can't see how.
>
> Any ideas?
>
> Thanks,
> Kathryn
>
>
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352381
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: convert to cfqueryparam
Ah I understand. Great, thank you. ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352380 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: convert to cfqueryparam
> I have a line of Oracle pl/sql (9i) where I'm trying to add cfqueryparam in
> CF7.
>
> I have:
> #iif(len(trim(arguments.inStruct.a_person_id))eq
> 0,DE("NULL"),DE("#arguments.inStruct.a_person_id#"))#,
>
> a coworker suggested:
> "CF_SQL_NUMERIC" null="#IIF(len(arguments.inStruct.a_person_id),0,1)#">
>
> But in reviewing it, I cannot tell if that is correct or not. I've gone over
> the sql several times. Also, I don't know DE().
The DE function is kind of confusing, as it's only used within string
evaluation to ... delay that evaluation. So, in your starting case, DE
prevents its string argument from being evaluated as code. (You want
the literal value of arguments.inStruct.a_person_id, not to treat that
value as a CF expression from which you'd later get a literal value.)
Your coworker's suggestion may well be correct, but it can be
simplified. You don't need IIF in this case:
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
http://training.figleaf.com/
Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on
GSA Schedule, and provides the highest caliber vendor-authorized
instruction at our training centers, online, or onsite.
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352379
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
convert to cfqueryparam
I have a line of Oracle pl/sql (9i) where I'm trying to add cfqueryparam in CF7.
I have:
#iif(len(trim(arguments.inStruct.a_person_id))eq
0,DE("NULL"),DE("#arguments.inStruct.a_person_id#"))#,
a coworker suggested:
But in reviewing it, I cannot tell if that is correct or not. I've gone over
the sql several times. Also, I don't know DE().
Any information on this is welcome. Thank you.
~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352378
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: Alternative to CFOBJECT
She's only about 30 (ish) miles from where I'm living and she must be loaded... Great Falls is not a cheap area :) On Thu, Aug 30, 2012 at 7:56 PM, Bruce Sorge wrote: > > I just looked it up and she is in great falls. > > Sent from my iPhone 4S. > > On Aug 30, 2012, at 2:50 PM, Scott Stewart > wrote: > > > > > Where at in Alexandria? > > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352377 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
