RE: (Admin) Virus
It's a new creation: a worm with a EULA. The card comes with a EULA which allows the friendship-greeting.com folks to use your contact list, among other things, to send mail. Dshields had a long discussion last week. Check the archives http://www.dshields.org. drew -Original Message- From: Jochem van Dieten [mailto:jochemd@;oli.tudelft.nl] Sent: Friday, November 08, 2002 12:29 PM To: CF-Talk Subject: Re: (Admin) Virus Quoting Michael Dinowitz <[EMAIL PROTECTED]>: > > I've blocked the subject that the virus gets sent on. If your > response to the virus is blocked, this is the reason. I've already > seen one that has not hit the list due to this. I'll take sterner > steps against the virus if it starts to mutate its subject line > (which should not happen due to its nature). It might be a good idea to tell which virus it is. Jochem ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm
RE: OT: Section 508 Compliancy
Your examples suggest that the problem isn't with Lynx but with screen readers. Lynx cleanly separates form and content (the goal of css standards). Readers don't seem able to perform such separation. So either developers have to go to extraordinary lengths to accommodate proprietary screen reader idiosyncrasies or we need a standards based screen reader, and of course standards based sites. On balance, Jochem seems right. Lynx delivers content. So, Jaws over Lynx? Speech ready Lynx? drew -Original Message- From: Sandy Clark [mailto:slLists@;shayna.com] Sent: Thursday, November 07, 2002 2:52 PM To: CF-Talk Subject: RE: OT: Section 508 Compliancy Not necessarily the specific portions. It might even comply legally, but that doesn't meant that it would be easily readable in a screen reader such as JAWS or Simply Web. To give an example, use three programs. Lynx - http://lynx.browser.org Text Only Web Site. Any regular internet browser - IE, Netscape Simply Web 2000 http://www.econointl.com/sw/ A free text and speech web browser. Then, just for giggles, look at www.whitehouse.gov in each. This is supposed to be a 508 compliant site but doesn't validate in Bobby. Reads really well in Lynx, but notice what happens in the screen reader. This site http://www.ehdp.com/vitalnet/ did validate in Bobby. But again, look it in the screen reader. This is a good example of sites that follow the letter of the law, but not the spirit. A great book is published by Glasshaus, Accessible Web Sites, Jim Thatcher. Delves into a lot of trying to make a site truly compliant, not just verifiable by BOBBY. Another option (which is what I am starting to work towards) is using separating my content totally from presentation using XHTML and CSS2. By doing this, 508 becomes incredibly easy and truly useful. Glasshaus - Cascading Style Sheets: Separating Content from Presentation - Briggs Some sites if you are interested. http://www.glish.com http://www.webstandards.org http://www.alistapart.com -Original Message- From: Jochem van Dieten [mailto:jochemd@;oli.tudelft.nl] Sent: Thursday, November 07, 2002 11:11 AM To: CF-Talk Subject: Re: OT: Section 508 Compliancy Kevin Graeme wrote: > Sorry Jochem, but that just means it works in Lynx not that it meets > all the 508 criteria. Which parts of 1194.22 wouldn't it comply with then? Jochem ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
RE: JDBC socket reset (was CF supporter something or other....)
Yes, we have a project running cfmx on Solaris with Oracle (on a separate machine) which gets a JDBC connection pooling error on an intermittent basis. Restarting cfmx clears it for a few days. The error reads: "SQLException occurred in JDBCPool while attempting to connect, please check your username, password, URL, and other connectivity info." The setup uses Oracle OCI8 jdbc drivers. andy -Original Message- From: Jochem van Dieten [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 08, 2002 6:23 PM To: CF-Talk Subject: Re: JDBC socket reset (was CF supporter something or other) Mark A. Kruger - CFG wrote: > Dave, > > Yes - that's the fix we are using. But all the hype over Type 4 drivers > makes us want to use them instead of JDBC. Some people doing i18n will not call the MS SQL Server Type 4 JDBC drivers a hype. BTW, is there *anyone* that has JDBC problems where it is not with MS SQL Server? I sure get the impression that the problems are created by MS instead of MM. Jochem -- Why blame somebody else when you can blame MS? ~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting.
RE: Still dead?
Nearly. andy -Original Message- From: Sean A Corfield [mailto:[EMAIL PROTECTED]] Sent: Saturday, August 31, 2002 6:12 PM To: CF-Talk Subject: Still dead? Is cf-talk alive yet? "If you're not annoying somebody, you're not really alive." -- Margaret Atwood __ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Transport port
Websphere uses port 9080 for its plugin from the web server to what they call the "embedded http" server. Since this is an internal (non-web) communication, you shouldn't be able to see it. The assembled page will be served back to you on port 80 by the web server. From your browser's point of view, it's all been on port 80. andy -Original Message- From: Gianluca Pinelli [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 25, 2002 10:12 AM To: CF-Talk Subject: Re: Transport port > If you type in http://servername:9080/, and the web server is listening on > that port, then on that server, CGI.SERVER_PORT will be "9080". I don't > understand what you mean by "transport" port. When I request a page from the server, the port 80 answers from the HTTP_Server. But in reality the plugin comunicate with the Application server trough the port 9080. I want to know if is possible to know this transport port. __ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: security: attacks through submission of script
Since nobody else seems to have responded, I'll give it a quick pass. Data from forms needs to be validated. Regular expressions on the server side do this nicely (including dealing with sql insertion attack), if you construct them carefully. You can also check for the referring page to be sure it comes from your server. Yes, that means one set of validating scripts for the client before submission and another on the action page to filter attacks. Slower? A little. Safer? Oh yes! Javascript is indeed generally safe in and of itself. Most of the egregious security holes have long since been patched. But that doesn't mean proprietary implementations won't open new holes. The major holes now are in html email. Attacks through forms don't usually use javascript, other scripts or commands are sent thru the forms. For a quick fix you might yu might look at "Hack Proofing Your Web Application", Jeff Forristal and Julie Traxler, Syngress Press. And for hacking itself, the old reliable "Hacking Exposed" which may now be in a 3 edition from Osborne. Lots of good web references as well, but watch the source. andy -Original Message- From: Cornillon, Matthieu [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 26, 2002 4:09 PM To: CF-Talk Subject: security: attacks through submission of script Hi. I am evaluating the security of my application as regards malicious attack via manipulation of the Cookie, URL, or Form variables. I know about the business with submission of unauthorized SQL statements, and have already screened for it. But then there is the issue of unauthorized script insertion. For example, if a form asks for a value (FormVar) and the action page displays that value (#Form.FormVar#), the educated user can submit things other than those intended, causing interesting results. If they enter Check this out!, the next page will display Check this out! in red letters. I have also successfully passed JavaScript like this. Going on my basic (and hopefully correct) assumption that JavaScript is set up so that it cannot (a) harm the user's machine or (b) harm the server, I am not going to worry about this, since the worst a user will do is pass themselves a JavaScript routine that produces an error. That is fine for client-side scripting, but I am worried about server-side scripting. Submission of ColdFusion code through these variables shouldn't matter, since it won't appear in the template until after ColdFusion processing has occurred, meaning that the inserted code itself will not be processed. Are there any other scripting languages, though, that would be evaluated on the server side AFTER the CFAS processes the template? Thanks, Matthieu __ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: DNS Havoc!!
Sorry to say you were ripped offed. Your new hosting company will make the DNS change and propagate it (they usually make changes every 12 hours). Propagation is automatic and updates are continuous between Zones of Authority. Once your new host enters the address it will be fully propagated within 48 hours (they like to say 12-24hrs but it doesn't always work that fast). Any charge for this is in the "setup" fee. No need to ever pay the old hosting company since they aren't involved in propagating the new ip. The old hosting company's expense for wiping your site and reissuing the ip is in the next persons setup fee. andy -Original Message- From: Phoeun Pha [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 13, 2002 3:02 PM To: CF-Talk Subject: RE: DNS Havoc!! Last Friday. By the way the old host (very nasty) charged 49.95 for a DNS change! u think they ripped us off? -Original Message- From: Joshua Tipton [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 13, 2002 2:35 PM To: CF-Talk Subject: RE: DNS Havoc!! How long ago did you change this sometimes it will take up to 24 hours to propogate around the world. Josh -Original Message- From: Mark A. Kruger - CFG [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 13, 2002 3:30 PM To: CF-Talk Subject: RE: DNS Havoc!! I'm getting the nw IP from both 207.x.x.x and 68.x.x.x -mk -Original Message- From: Phoeun Pha [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 13, 2002 1:47 PM To: CF-Talk Subject: SOT: DNS Havoc!! Hey guys i just switched to a new host for the website www.entelligence.com But for some reason it still pings to the old host IP address Can you guys Ping the site and tell me (directly to my email) what address you get? The new host IP is 66.28.113.146 The old host IP is 209.113.73.92 The wierd thing is the other coputers in my office are pointing to the new site! I have set up my DNS information correctly too, but it's still pointing to the old site. ahhh!!! __ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: very strange table behavour
In your style statement you have "visibility: hidden;". The table will not show at all this way since the and its children are not visible. andy -Original Message- From: Bruce, Rodney S HQISEC/SIGNAL [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 11, 2002 6:21 PM To: CF-Talk Subject: OT: very strange table behavour Hi everybody I was wondering if anyone might have an idea why I am getting this strange behavour. I have a table that isn't being displayed properly and I can figure out why. It is not nested. It is on a page and if I display the page by itself the table displays correctly. If I copy and paste the code on to the main page, instead of the cfinclude, the table does not display correctly. If I comment out a before it, then the table displays correctly, very confusing. If I cut and paste the table any were before the it is fine. I have taken all the "STYLE" out of the tag and table still does not display right. I have double checked all my tables and other tags before this code to make sure they all have end tags were needed. The table border and background color are not being displayed correctly. this is the from the main page: Look Up Closet for Current Building: test data place holder more stuff Any suggestions what to look for would be appreciated. Thanks Rodney __ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Macromedia Folks: What are you thinking?
Got it? DWMX is what DW has always been: an out-of-the-box web creation and management solution or non-coders. It's more elegant than FP or the old NetObjects but it is in the same class. In that market, file relating is crucial -- it avoids the intimate knowledge of the site or application that Mark wants. The process is automatic; as user proof as possible. andy -Original Message- From: Vernon Viehe [mailto:[EMAIL PROTECTED]] Sent: Monday, May 06, 2002 5:03 PM To: CF-Talk Subject: RE: Macromedia Folks: What are you thinking? I wanted to talk to some of our most seasoned CF'ers around here before I got back with you on this. We stepped through what was necessary to set up the RDS connection and edit files both in CF Studio and DWMX, and what the fundemental differences are. We think we've boiled it down to a few relevant differences. 1.) You must declare a local root folder: Keep in mind, you don't have to d/l the whole site to this folder. In fact, you can view files in the "remote" view so that you're looking at them live on the server. When you double-click the file, it will appear to open directly in DW (what actually happens is that DW d/l's the file to the local folder you declared in the definition, if you chose "Edit files directly on the testing server" in the site wizard, or chose "Automatically upload files on save" in the regular definition box, DW will upload the file as soon as you hit Save.) This is in effect the same as editing live on the server, with the exception that you will have a local copy of whichever file you edited, saved in a corresponding location in the local folder. All in all, this doesn't seem to present any barriers to one's workflow, it's just a different methodology whose results are pretty much the same in both programs. 2. There is no option to use FTP/RDS in the save-as dialog box: This means that to save & upload to another site/location other than the site currently chosen, you have to first save it to the corresponding location in the local root folder of that site, then switch to that site's definition in the files window to "put" the file. This can require a few extra steps which I can see being a pain if you need to save the same file to several sites often. Otherwise, if it's in the current site, then the option to Automatically upload on save pretty much takes care of this. If the FTP & RDS Explorer in the save as dialog is important to you, please let us know by using the Feature Request and Bug Report form at: http://www.macromedia.com/support/email/wishform?6213=6 I hope this helps! Vernon Viehe Community Manager Macromedia, Inc. Online diary: http://vvmx.blogspot.com/ > -Original Message- > From: Joshua Miller [mailto:[EMAIL PROTECTED]] > Sent: Monday, May 06, 2002 8:57 AM > To: CF-Talk > Subject: Macromedia Folks: What are you thinking? > > > Why did you remove basic use of FTP/RDS from Studio and > replace it with > the Dreamweaver SITE function? > __ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: update error
Second try. Judy, in the form for "updateform.cfm" you have the field: But on the "updateaction.cfm" page, your Update query has: Where Events.ID=#URL.ID# Would "#form.id# work or are you passing the #url.id# elsewhere in the code? andy -Original Message- From: Judy [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 18, 2002 12:56 PM To: CF-Talk Subject: Re: update error Here's the form code in my updateform.cfm file. > > >SELECT > Events.Title, > Events.InterDesc Here's the actual input code in my form for the title: Event Title: Here's code in my updateaction.cfm file: > > >UPDATE Events, Dates, times, Internet, Intranet, PPrint >SET > Events.Title = '#form.title#', > Events.InterDesc = '#form.InterDesc# > > - Original Message - From: "Jamie Jackson" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Thursday, April 18, 2002 12:38 PM Subject: Re: update error > Please post the pertinent form html. > > Jamie > > On Thu, 18 Apr 2002 12:23:22 -0400, in cf-talk you wrote: > > >When I edit data in a form and click update, I get an error and cannot see why I'm getting it. The field name is spelled correctly as it is in the database. > > > >Error Diagnostic Information > > > >An error occurred while evaluating the expression: > > > > > >#form.title# > > > > > > > >Error near line 7, column 19. > >--- - > > > >Error resolving parameter FORM.TITLE > > > > > >The specified form field cannot be found. This problem is very likely due to the fact that you have misspelled the form field name. > > > > > > > >The error occurred while processing an element with a general identifier of (#form.title#), occupying document position (7:18) to (7:29). > > > > > > > >Here's my code for that form field in my action file: > > > > > >UPDATE Events, Dates, times, Internet, Intranet, PPrint > >SET > > Events.Title = '#form.title#', > > Events.InterDesc = '#form.InterDesc# > > > >Here's the corresponding code in my update file. > > > > > >SELECT > > Events.Title, > > Events.InterDesc > > > > > > > >Please help. > > > > > > > __ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: pulling wrong dates from database
Won't --"#DateFormat(GetEventtoUpdate.BeginDate, "mm/dd/")#"-- pick up the same date variable each time it is used? As opposed to "#DateFormat(GetEventtoUpdate.Internet.BeginDate, "mm/dd/")#", for example. -Original Message- From: Judy [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 18, 2002 11:10 AM To: CF-Talk Subject: pulling wrong dates from database I have an SQL database with several tables in it. The Events table is the main one and contains the primary key ID and is an AutoNumber; it is related to each of the other tables: Dates, Internet, Intranet, PPrint which all contain their own ID field and contain the fields BeginDate and EndDate. All relationships are set up as one-to-many. When I access the form for an event, all the beginning and ending dates on the form are the same. I can't figure out what the problem with my code is. Hopefully, someone can tell me what I've done wrong here. _ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists __ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: IE 6.0 Bug
Its the long way to get to Minesweeper, but it works. andy -Original Message- From: Sam Roach [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 17, 2002 6:16 PM To: CF-Talk Subject: IE 6.0 Bug http://online.securityfocus.com/archive/1/267561 has anyone tried this? -- Sam __ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: CSS and Netscape - was(CSS and dynamically changing classes)
There aren't any totally compliant browsers. The thrust of the w3 standards is to separate content and presentation. The intent is to make the same content easily rendered on a variety of devices without the style interfering with the content. So a browser, a pda, a cell phone or your clothes washer could all receive and display the information in an intelligible manner. The idea is for developers and designers, to the extent these are separable groups, to code to the standards and push both open source and proprietary browsers closer to the standards. Clients seem to have a somewhat different view however. There's always a rub ain't there? andy -Original Message- From: Brad Roberts [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 16, 2002 2:23 PM To: CF-Talk Subject: RE: CSS and Netscape - was(CSS and dynamically changing classes) I don't think IE (or Netscape) should sit around and wait for w3.org to make something a "standard" before they impliment it in there products. I'm sure IE would be way behind where it is now if it had to wait on authorization from the standards committee. However, they should both at least support the standard first, and then add bells and whistles on top of it. I do agree that it's a pain to develop for Netscape (especially 4.x), however, I don't like the forgiveness of IE. If I forget a "", IE kindly dismisses it. I'd rather be alerted that I forgot an end tag. FWIW, NoMoreNetscape.com is available. I say we build a site that allows web developers to post their opinions to AOL/Time Warner. There's probably already one out there, I just don't know about it. -Brad > -Original Message- > From: Jeffry Houser [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, April 16, 2002 1:47 PM > To: CF-Talk > Subject: RE: CSS and Netscape - was(CSS and dynamically changing > classes) > > > At the risk of opening a can of worms. > Which one is more standards compliant? Netscape or IE? Since I > concentrate on database stuff or functionality, I rarely use 'advanced' > layout features such as layers or CCS. Are you asking Steve Case > / AOL to > be compatible with Microsoft Internet Explorer? Or are you > asking them to > adhere to w3.org standards? > > Internet Explorer may be the "defacto standard in usability, > functionality, and features" but saying that does not address whether or > not they are more (or less) standards-compliant than Navigator. > Since that > is the issue you want to be addressed, it is probably what you > should point > out in the letter. > > Perhaps Mr Case will just point you to Mozilla, which (although > I haven't > used) is supposed to adhere strictly to standards compliancy. > > > At 01:16 PM 4/16/2002 -0400, you wrote: > >Dear Mr. Case, > > > > We are a group of internet designers/ developers that have come > >together to express our dissatisfaction with the Netscape line of > >browsers. > > Developing for Netscape is more than a headache for web designers > >and developers. It means money spent for time when developing a new > >site for multiple browsers; it means having to code for the lowest > >common denominator in browsers and using the least number of features > >available. It means that people have different technologies to access > >the same medium, and they get different, unequal experiences. None of > >these things are good for the internet. > > Let us use an analogy: If our television were to get Time-Warner > >Cable, with every channel from HBO to Fox News, and your different brand > >of television received the same cable line but the top 30 channels were > >fuzzy, and then advertisements appeared much different than when the > >designers created them, what kind of experience would that be? You have > >advertisers unhappy because their messages do not get across to a > >maximum sized audience; some of the audience gets the newest and > >fastest, while parts of it just stay the same because they don't know > >how to change. Television programmers go crazy trying to figure out what > >is viable viewing and what isn't. > > We are not trying to condone a monopoly by any company, especially > >Microsoft, but rather a standard which must be set and achieved. > >Internet Explorer sets the defacto standard in usability, functionality, > >and features. Netscape needs to step up or step out. Netscape 6.X still > >does not meet the standard. > > > > We hope you get this and understand our position. > > > > Thank you for you time. > > > >Matthew Small [EMAIL PROTECTED] > >Mark Kruger [EMAIL PROTECTED] > >Katherine Maltby [EMAIL PROTECTED] > > > > > -- > Jeffry Houser | mailto:[EMAIL PROTECTED] > Need a Web Developer? Contact me! > AIM: Reboog711 | Fax / Phone: 860-223-7946 > -- > My Books: http://www.instantcoldfusion.com > My Band: http://www.farcryfly.com > > __ Signup for the Fusion Authority news alert and ke
RE: CSS and Netscape - was(CSS and dynamically changing classes)
The "A List Apart" discussion on css might be helpful, Matt, http://www.alistapart.com/stories/journey/. Try sticking the @import code in and see what it does to the 4x browsers:
RE: Preventing SQL injection attacks...?
Also try http://www.sqlsecurity.com/faq.asp. andy -Original Message- From: Garza, Jeff [mailto:[EMAIL PROTECTED]] Sent: Friday, April 12, 2002 11:37 AM To: CF-Talk Subject: RE: Preventing SQL injection attacks...? There was a real good white paper from NGSSoftware. It's called Advanced SQL Injection and can be found near the bottom of this page. http://www.nextgenss.com/research.html#papers Frightening... Jeff Garza Lead Developer/Webmaster Spectrum Astro, Inc. [EMAIL PROTECTED] http://www.spectrumastro.com -Original Message- From: Ian Lurie [mailto:[EMAIL PROTECTED]] Sent: Friday, April 12, 2002 8:30 AM To: CF-Talk Subject: RE: Preventing SQL injection attacks...? That's what I thought. Man, you think you're an expert, and then some 13 year old somewhere makes you feel like a punk again :) Is there a good paper on Macromedia.com about this? I read some of the stuff but nothing seemed really on-point... -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED]] Sent: Friday, April 12, 2002 8:30 AM To: CF-Talk Subject: RE: Preventing SQL injection attacks...? > make sure you are at the latest MDAC and have all service pack applied > for SQL. I think that the latest MDAC prevents attacks like this, but > I could be wrong. No, MDAC does nothing to prevent SQL injection attacks, which, after all, use perfectly valid SQL statements. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 __ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Calendar where events span more than one day...
Don't know about Forta's version but I do know that Jeffry Houser's will do multiple days. That would be Chapter 15 in "Instant Cold Fusion 5", Osborne. andy -Original Message- From: JamesEdmunds [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 9:29 AM To: CF-Talk Subject: Calendar where events span more than one day... I am working on a calendar implentation for a client who wants to be able to show events that span more than one day, but show them on a traditional month-grid calendar. I have had good luck in another project adapting Ben Forta's CF_Calendar from the Advanced CF Development book, including making it a bit more Netscape friendly, as well as passing database/popup window calls through the associated tags,etc. but that seems to take me only down to the one-day level. Can anyone point to something helpful, some hint about how to go about this or even an available application or tag? Netscape friendly would be best, of course. My first thoughts are that this would be accomplished by somehow manipulating table definitions, with some cells spanning rows, etc., and also that the database for the calendar would use start and end dates, but that's as far as I have gotten up to this point. Much thanks in advance for any help, insights, or useful directions for what to explore. Regards, James Edmunds __ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Group in cfoutput query. brain fart
Since cfoutput creates the table one row at a time as each query row is output, wouldn't it be possible to put a cfif statement in the cfoutput to set first and last name to blank if they already exist? -Original Message- From: Paul Ihrig [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 12:23 PM To: CF-Talk Subject: RE: Group in cfoutput query. brain fart thanks Chuck & all but it is still not working the way i envision it. any more advice on this would be great! i know i know it, just cant get it! i have tried nesting different the Current Results: Adkins , John (241) Edit Photo Adkins , John 222-223- Edit Photo Anderson , Dorman Edit Photo Anderson , Dorman 222-223- Edit Photo Appleford , Chris 222-223- Edit Photo Ayars , Daniel 222-621- What i want the Results to be: Adkins , John (241) Edit Photo 222-223- Anderson , Dorman Edit Photo 222-223- Appleford , Chris 222-223- Edit Photo Ayars , Daniel 222-621- Thank You All -paul SELECT tblEmployee.FirstName, tblEmployee.EMPLOYEE_ID, tblEmployee.LastName, tblEmployee.EmployeeID, tblEmployee.StudioID, tblEmployee.Status, tblStudio.StudioID, tblStudio.OfficeID, tblStudio.StudioName, tblOffice.OfficeID, tblOffice.City, tblPhone.PhoneNumb, tblFloor.floor FROM tblEmployee, tblStudio, tblOffice, tblPhone, tblFloor WHERE tblEmployee.studioid = tblStudio.studioid AND tblOffice.OfficeID = '#FORM.OfficeID#' AND tblPhone.EmpResID = tblEmployee.EMPLOYEE_ID AND tblEmployee.studioid in (#FORM.StudioID#) AND tblEmployee.floorid = tblFloor.floorid ORDER BY #FORM.OrderBy#, tblOffice.City, tblEmployee.EMPLOYEE_ID; Name Extension Edit Office - Studio #Employees.City# - #Employees.StudioName# #Employees.LastName#, #Employees.FirstName# #Employees.PhoneNumb# Edit Photo CHECKED> __ Get Your Own Dedicated Windows 2000 Server PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionb FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
re: can someone see a problem with this
Jeff, you said you are using Access. I've had problems with how Access reads dates when they are inputted through a form to update an entry. The error thrown is the mismatch error. The best solution I've found is to use some form of sql database. Although sometimes inputting dates as -mm-dd seems to work. __ Why Share? Dedicated Win 2000 Server · PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionc FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Problem query
Crispin, Aren't you only asking for resources booked on a particular date: Events.Event_Date = #variables.EventDate#? Wouldn't it be better to Order By or Group By #variables.EventDate# and remove the #variables.EventDate# from the Where clause? This would give you all the resources for that date not just those booked. andy -Original Message- From: Crispin Ryan [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 28, 2002 5:38 AM To: CF-Talk Subject: Problem query Each course should show: All resource names, and the total number of each resource booked on that date. Right now there are three tables: resources (resource_id, description, total_available) resources allocated: (allocation_id, resource_id, event_id) and events with event_id and event_date So far the closest I've got is SELECT DISTINCT SUM(Resource_Allocation.Resource_Id)AS Booked,Resources.Total_Available, Resources.Description, Events.Event_Date FROM Events,Resources,Resource_Allocation WHERE Resource_Allocation.Resource_Id = Resources.Resource_Id ANDResource_Allocation.Event_Id = Events.Event_Id ANDEvents.Event_Date = #variables.EventDate# GROUP BY Resources.Description, Resources.Total_Available,Events.Event_Date But this only shows the resources booked for that day, not the whole list of resources I'm grateful if anyone can help Crispin Ryan __ Why Share? Dedicated Win 2000 Server · PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionc FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
porting cf
We're trying to port from NT4, CF4.0 to Sun Solaris 2.8 running CF 4.5. Case has been checked, the datasource is verified. The query referred to in the error is: (about as basic as it can be) select * from dsel The error message is: Error Diagnostic Information ODBC Error Code = S1000 (General error) [MERANT][ODBC SQL Server Driver]Unicode conversion failed The error occurred while processing an element with a general identifier of (CFQUERY), occupying document position (13:1) to (13:53). Date/Time: Wed Feb 06 11:00:42 2002 Browser: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Q312461) Can this be done or is the Unicode simply easier to deal with by rewriting on the Solaris? __ Get Your Own Dedicated Windows 2000 Server PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionb FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: calendar
Osborne. ISBN 0-07-213238-8; 2001 -Original Message- From: Thane Sherrington [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 07, 2002 9:24 AM To: CF-Talk Subject: Re: calendar At 08:55 AM 02/07/2002 -0500, Trusz, Andrew wrote: >Get a copy of Jeffry Houser's "Instant Cold Fusion 5". Nice chapter on >designing a calendar. Since he contributes here maybe he'll have a few extra >tips for you. Who publishes this? T __ Get Your Own Dedicated Windows 2000 Server PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionb FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: calendar
Can he borrow it, Jeffry? andy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 07, 2002 9:02 AM To: CF-Talk Subject: RE: calendar > Get a copy of Jeffry Houser's "Instant Cold Fusion 5". Nice chapter on > designing a calendar. Since he contributes here maybe he'll have > a few extra > tips for you. If only I had the time... I need a deliverable by this afternoon so it can be demo'ed to a potential client tomorrow morning. Hatton __ Get Your Own Dedicated Windows 2000 Server PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionb FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
calendar
Get a copy of Jeffry Houser's "Instant Cold Fusion 5". Nice chapter on designing a calendar. Since he contributes here maybe he'll have a few extra tips for you. __ Get Your Own Dedicated Windows 2000 Server PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionb FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re:checkbox
Since you seem to be saying the value of the checkbox is always to be "yes", the simple way is to not import the value of the checkbox to the processing form and have the value hardcoded to yes in the sql insert statement. __ Why Share? Dedicated Win 2000 Server · PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionc FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Verity revisited
I have a couple of Verity collections which have suddenly stopped opening. The error is "collection failed to open". This isn't a Forum, its a searchable collection. Any ideas on how to unlock it? Here's the error: Error Diagnostic Information Error occurred in tag CFINDEX Collection failed to open: read The error occurred while processing an element with a general identifier of (CFINDEX), occupying document position (6:1) to (12:143). If I use the "xxx_VOpenFile.cfm" file, I get a different error: An error occurred while evaluating the expression: Find( '..', URL.ServerFilePath ) or not FindNoCase( WorkingDirectory, URL.ServerFilePath ) Error near line 7, column 2. Error resolving parameter URL.SERVERFILEPATH The specified URL parameter cannot be found. This problem is very likely due to the fact that you have misspelled the parameter name. I've not changed any locations, nor changed anything on the servers themselves. The boxes were physically moved about two feet each. They were shut down and moved but no other changes were made. And I believe both were accessible after the move (I didn't do the moves so I am a little fuzzy on this point). The cfm files and the oracle db's (located on the 2 servers which were moved) function fine. The db that constitutes one of the collections is reachable and can be queried. The library which makes up the other db can be reached over the network and is intact. And other cf interfaces to oracle db's work fine. All cf services are running. I can find no Verity services. I even created a new collection using the above mentioned library. No luck. Still won't open. If I purge and recreate I can index the collection exactly once. The repair function in CF Admin completes successfully but the collections do not open. It's as if I inadvertently locked the collections and threw away the key. I notice there is a "collectn.lck" file. Should there be an unlock as well? Any ideas? andy trusz ~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
verity
I have a couple of Verity collections which have suddenly stopped opening. The error is collection failed to open. This isn't a forum, its a searchable collection. Any ideas on how to unlock it? Here's the error: Error Diagnostic Information Error occurred in tag CFINDEX Collection failed to open: read The error occurred while processing an element with a general identifier of (CFINDEX), occupying document position (6:1) to (12:143). Thanks andy trusz Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
verity and oracle: II
Thanks to Dave Fauth and Stephen Moretti for their suggestions. I don't think I articulated the problem properly so I'll try again. Simply put, Oracle stores all tables in a single database. Schemas are used to internally keep track of which tables belong together. What we think of as "databases" are just parts of a complex single entity. If one looks in the orant file (we are running it on NT), one sees a large collection of .int, .ora, .sql, .cmd, .lst and other assorted files which are associated with either particular "databases" or with system management. I neither need nor want all of these indexed. So when I have named the collection and am trying to have Verity perform the initial indexing function, what file do I tell it to index? Using Orant/database will include all of those unnecessary documents. Do I modify the basic wizard PathIndexing template to make it a Custom CFIndex from the start? If so, how? Do I extract all of the data from the table (there is only one in this "database") and somehow save it to a separate file? If so, how? Or do I junk Verity and just write a very complex query covering all the requested searches? Has anyone actually used Verity with an Oracle database? Thanks andy trusz Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
verity and oracle
I'm trying to create a search tool for a collection of documents which is added to at least daily and which needs to be partially editable. I've created an Oracle database/schema to house the documents. My problem is how to point Verity to the correct table (there is only one table in this schema). I'm trying to index only one Oracle schema. Telling Verity to index the entire Orant/database file seems a bit much. Is there a way to identify only a single schema.? Also it looks as if there is going to be a permissions issue involved here. The Oracle is not on the same server as CF. Any suggestions on how to handle that issue? Thanks in advance. andy trusz [EMAIL PROTECTED] Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
verity and oracle
I'm trying to create a search tool for a collection of documents which is added to at least daily and which needs to be partially editable. I've created an Oracle database/schema to house the documents. My problem is how to point Verity to the correct table (there is only one table in this schema). I'm trying to index only one Oracle schema. Telling Verity to index the entire Orant/database file seems a bit much. Is there a way to identify only a single schema.? Also it looks as if there is going to be a permissions issue involved here. The Oracle is not on the same server as CF. Any suggestions on how to handle that issue? Thanks in advance. andy trusz [EMAIL PROTECTED] ~ Paid Sponsorship ~ Get Your Own Dedicated Win2K Server! Instant Activation for $99/month w/Free Setup from SoloServer PIII600 / 128 MB RAM / 20 GB HD / 24/7/365 Tech Support Visit SoloServer, https://secure.irides.com/clientsetup.cfm. Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
unstable cfserver
Having a problem with a CFserver which generates and Oracle instantiation failure error. Using 4.5.1 with SP1 on NT4 with SP6 and IIS4. Also have Word from Off2K and Access2K. This is the production server. The development server differs in having less memory and Office 97, SP1. This server does not exhibit the same problem and has run since being created in Feb 2000. Usage on both is light. Allaire says mdac may be the culprit (2000 installs mdac2.50.4403.12 while Off97 uses the 2.1 with CF). MS TechNet seems to agree. Anyone have any similar experiences? Is OS reinstall the only practicable answer at this point? andy trusz Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message with 'unsubscribe' in the body to [EMAIL PROTECTED]
and missing table
Hello, Having trouble with . The table being updated is not found in the datasource even though the data to be updated has just been extracted from that table. Database is Oracle 8 Tag is . Any help? andy -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
