from:"Zachary Bedell"

CFMX Easter egg (I think)

2003-03-14 Thread Zachary Bedell

I certainly can't recommend anyone try this.  It didn't hurt my server any,
but my head still hurts a little.  

This is somewhat disturbing  Kind of reminds me of some of the SciFi
channel's logo spots lately. 

http:///cfide/administrator/settings/_licensedata.cfm?seri
alize

You'll need the Flash player installed.

Best regards,
Zac Bedell

~|
Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4
Subscription: 
http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Get the mailserver that powers this list at http://www.coolfusion.com

Unsubscribe: 
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4

RE: Cheaper Alternative to SQL Server 2000

2001-02-23 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> Does anyone have the link to Subscription page for MS 
> Developer Network? I
> have looked through the site and can't find it.

http://msdn.microsoft.com/subscriptions/prodinfo/overview.asp

That's the info page about the different levels.  There's a Purchase
link on that page to get you to the actual order form.

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOpaPVavhLS1aWPxeEQKpMQCeN2K7eGeOaP3Q14zNxKyb/uwkQOUAnjdG
2BCYc2XeL7DDpKiIwHp3ipGL
=t7Eu
-END PGP SIGNATURE-


~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Cheaper Alternative to SQL Server 2000

2001-02-23 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> system). Another option is to join the MS Developer Network and get
> a universal subscription for about $600 (plus tax/shipping). 
> With that, you
> get all the commerce server, visual studio, office and a 
> whole bunch of
> other software, including SQL Server. I wanted SQL Server to run on
> my development box and thought this was a great deal - Office 
> Developer, Win200
> and MS SQL (plus all the other stuff) for less than $700.

I have to ask...  Where on EARTH did you get an MSDN Universal sub
for $700?  We just paid like $2100

 
> BTW, if anyone needs/wants Visio 2000 Pro (plus a free copy 
> of Visio 2000
> Enterprise), I have a still-shrink-wrapped copy I don't need 
> anymore (since
> it's part of the MSDN subscription) that I'll let go for what 
> I paid - about
> $350.

Do keep in mind that your MSDN copy has extremely limited licensing. 
If you're using Visio to do anything other than develop Visio
applications, then you probably need to hold on to your shrink
wrapped copy to be legal.

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOpaGqqvhLS1aWPxeEQKBzACgqsEabX9aUOMw+CHIhQRZVTGQdNoAoLgx
c3VzUweW1h9p0RFNtObbgbU+
=jgMR
-END PGP SIGNATURE-


~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: How to choose Name or Scope when locking

2001-02-22 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> Zac,
> 
> Thanks.  This was very helpful.
> 
> One clarification question.  Does a Named lock prevent a 
> same-named  thread
> within the session or application(on a single server?)?

Well...  I'm not quite sure what you're asking.

The three scoped locks and any named lock are completely separate
beasts.  If you have two threads that hit the same named lock, one of
them will block until the other is done.  If you have session,
application, or server locks going on at the same time, that won't
effect the named lock in any way, nor will the named lock affect the
scoped locks.

Basically:
* Two named locks with the same name will affect each other.
* Two session locks in the same session will affect each other.
* Two application locks in the same application will affect each
other.
* Two server locks will affect each other.
* Any other possible combination, and the two locks won't even know
the other one exists.

Make sense?

Best regards,
Zac Bedell


-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOpV7G6vhLS1aWPxeEQIkRQCfa4VAxeyKKCnxNyQJkoi8NS+YCt4AoKMm
riKVynfg396liGRNk69NZ3YS
=bHQK
-END PGP SIGNATURE-


~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: How to choose Name or Scope when locking

2001-02-22 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> > > I haven't seen anything yet that talks explicitly about when to
> > > use the Name attribute and when to use the Scope
> > > attribute.  There have been a number of threads around
> > > whether to single thread updates to a single table.
> > >
> > > For example, lets say that I read from a table in two
> > > programs and write/delete from a third.  For this example,
> > > lets say I want to single thread all writes.   To do this,
> > > would you use  scope="application" type="readonly" to lock
> > > the two read queries and scope="application" type="exclusive"
> > > around the write or would replace the scope attribute in both
> > > with something like name="databasename.tablename"?
> >
> >First of all...  Why in lord's name would you want to single
> >thread your DB access?
>Fairly common example:
> 
> You insert something in the database, and immediately 
> need to access 
> the ID of that new thing.  You want to single thread the 
> insert and select, 
> so the table doesn't change.
>  Example:
>Table1   (a fairly static table)
>Table2   (A table that changes a lot)
>Table1Table2  (an intersection table, because their is 
> a many to 
> many relationship between table 1 and table 2)
> 
>  Insert into table2
>  select the thing you just inserted into table2 (to get the ID)
>  Inset into intersection table.
> 
> 
>  You'll want to the first to SQL statements to be 
> single-threaded.  There are SQL commands to do this, the 
> commands commit and rollback come to mind.  I typically 
> just use CFTRANSACTION in those 
> cases, so I don't have the exact SQL syntax memorized.

Are you using MS SQL Server or Access here?  SQL Server and any other
halfway decent RDBMS should support something like the following
syntax:


SET NOCOUNT ON

INSERT INTO Table2 (Whatever) VAUES ('Thingy')

SELECT @@IDENTITY AS ThatSnazzyNewIDNumber

SET NOCOUNT OFF





INSERT INTO Table1Table2 (Table1ID, Table2ID) VALUES
(#WhateverHadTheTable1ID#, #Table2ID#)



Now you've got the ID without any chance of other updates messing you
up AND you don't need to limit the DB to only one update at a time. 
Pretty neat, ne?

> I think the remainder of this e-mail says it all about 
> naming vs scope in a lock, though.  ;)

I learned locking at the School Of Hard Knocks, and I've become
somewhat of a locking evangelist...  I'll get off my soapbox now...
*grin*

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOpVsuqvhLS1aWPxeEQLzswCgqz8aORvfImWJFl/9IEXQ/Ov8Q7IAoI5i
aziyM1EUWzwHn5anI/qT8XU0
=JOFP
-END PGP SIGNATURE-


~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Cheaper Alternative to SQL Server 2000

2001-02-22 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> Well, there's always MySQL, but I bet there's a chorus of 
> folks here who'll
> say it ain't ready for primetime, which is why I'm posting... 
>  could anyone
> expound on this? Especially using mySQL with CF.

Ok...  I'll bite...

Probably the biggest things about MySQL that aren't ready for prime
time are these:

1) Its support for transactions is limited (at best!).  I know
they're working on that and it's getting better, but that's a fairly
big limitation for some situations.

2) As far as I know, it still doesn't support any kind of stored
procedure.

3) They take shortcuts on things like log-before-write that can cause
data loss or corruption if your server loses power or if MySQL goes
down hard.  Microsoft SQL Server is pretty close to bullet-proof in
that regard.  If SQL Server tells ODBC that data was written, then
indeed it will be written -- either permanently to the DB or at least
to the log where it will be recovered if anything unpleasant happens
to the server.  MySQL doesn't do that, so there's a chance of
problems.  I've never run into any, but it's mathematically
possible

4) MySQL's support for JOINs is fairly dumb in my experience.  I find
I have to use completely different syntax to do the same things in
SQL Server / MS Access then I do for MySQL.


That's not to say MySQL doesn't have it's plusses.  It *is* free. 
I've got the MP3 player in the trunk of my car running MySQL and it
works just *fine*.  I just wouldn't want to sick a thousand paying
customers on that server and hope it keeps working through it...

That's just my jaded opinion of course, so please take it with the
proper grain of salt...

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOpVqcKvhLS1aWPxeEQIqvwCg9CPpRT2K4DZyloBKYUDP7JvuTCoAoOxC
CippPV+adIoyx7ZEQPHH7zqQ
=YGHK
-END PGP SIGNATURE-


~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: How to choose Name or Scope when locking

2001-02-22 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> I haven't seen anything yet that talks explicitly about when 
> to use the Name attribute and when to use the Scope 
> attribute.  There have been a number of threads around 
> whether to single thread updates to a single table.  
> 
> For example, lets say that I read from a table in two 
> programs and write/delete from a third.  For this example, 
> lets say I want to single thread all writes.   To do this, 
> would you use  scope="application" type="readonly" to lock 
> the two read queries and scope="application" type="exclusive" 
> around the write or would replace the scope attribute in both 
> with something like name="databasename.tablename"?

First of all...  Why in lord's name would you want to single thread
your DB access?  You use an RDBMS like Access, SQL Server, or
whatever because your DB handles all the locking & concurrency issues
for you.  I can think of a few VERY limited cases where you might
need to single thread access (perhaps in some sort of status tracking
or *something*).  If I ever ran into a situation like that, I'd think
LONG & HARD about how to get around the problem without single
threading the DB.  That's just ASKING for performance nightmares...

In any case, if you did need to lock your DB for one particular
table, then you would use a named lock with something like
name="database.table" or whatever.

Here's the skinny on when to use scope & when to use name for CFLOCK:

If you're accessing a shared CF variable in the session, application,
or server scope, then you should use a scoped lock of the appropriate
scope.  You *shouldn't* access more than one scope within a single
lock, tho I suspect you could access session in an application lock
and application & session in a server lock without killing the
server.  I would think that if automatic checking is enabled, it
would probably disallow that activity.  I certainly wouldn't code
anything to use it.

For basically everything else, you use named locks.  When you're
controlling access to anything that falls outside of the three CF
shared scopes -- mostly "outside world" type of stuff -- scope
doesn't work.

Examples:
You have a non-thread safe CFX tag.  You should use a lock that is
the name of the tag around all accesses to it.
Your DB example above is another valid example, tho I'm not sure why
you'd want to do that.


Hopefully that's at least a little clearer than mud...

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOpU3x6vhLS1aWPxeEQJrsgCfR5nOE8vtxMj+PZLLim4GUIPI/mYAn2Hk
iacc+HOazuS3mA+jxE63BbXa
=E//I
-END PGP SIGNATURE-


~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CF Source Code?

2001-02-16 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Okay...  This thread is kinda going south anyways, so perhaps I can
add my two cents without anyone thinking I'm outta line...

Has anyone ever thought of creating a Windows Scripting Engine that
could handle CF code?  Basically, that would allow you to execute CFM
code in ASP pages on any WinNT/Win2K box without needing ColdFusion
installed.  Seems like it could be nice if done right, but

Any good C++ coders out there with a few months worth of free time
they're looking to burn? ;-)

Best regards,
Zac Bedell

> -Original Message-
> From: Billy Cravens [mailto:[EMAIL PROTECTED]]
> Sent: Friday, February 16, 2001 1:27 PM
> To: CF-Talk
> Subject: Re: CF Source Code?
> 
> 
> I hope your senior project doesn't require uniqueness, otherwise,
> you may have been beaten to the punch:
> 
> http://www.cfadvisor.com/api-shl/engine.cfm?ArticleID=34104&De
> partmentID=1
> 
> -- 
> Billy Cravens
> HR Web Development, Sabre
> [EMAIL PROTECTED]
> 
> Ruslan Sivak wrote:
> > 
> > I'm planning to develop the core of CF in Java for my 
> Senior Project class
> > in college.  I know that CF is a commercial product, and 
> finding the source
> > code would be next to impossible, so can anyone suggest 
> what direction I
> > should look to find out the CF internals?  Are there any 
> good books on
> > writing interpreters?  Are there books that explain the CF 
> internals?  Any
> > other comments?
> > 
> > Ruslan Sivak
> > Technologist
> >
>
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Win2K and SQL Server 7.0 quest

2001-02-16 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> -Original Message-
> From: Phoeun Pha [mailto:[EMAIL PROTECTED]]
> Sent: Friday, February 16, 2001 12:16 PM
> To: CF-Talk
> Subject: RE: Win2K and SQL Server 7.0 quest
> 
> 
> what are SP's for, and are they free?

SP == Service Pack.  I.E. a whole bunch of bugfixes & what not all
rolled into one neat package for installation.

They are free, and they're available from Microsoft's site.  For
Win2k SP's, your best bet is just to use the Windows Update utility. 
You can also download then from somewhere under
http://www.microsoft.com/windows2000/.  The current Win2k SP is SP1.

For SQL Server 7.0, the current is SP3.  That can be downloaded from
somewhere under http://www.microsoft.com/sqlserver/.

Service Pack releases from Microsoft are always cumulative, so it
doesn't matter if you've installed all the service packs in order. 
If you skipped a couple , that's fine.  Just installed the latest
service pack that's available at the time, and you'll be sure to have
all the latest patches.  

For Win2k, you can find out what (if any) service pack you have
installed by right-clicking on My Computer & choosing Properties.  

For SQL Server, it's a little more tricky.  You need to execute
"SELECT @@VERSION" against any database.  You'll get output something
like this:
Microsoft SQL Server  7.00 - 7.00.961 (Intel X86) 
Oct 24 2000 18:39:12 
Copyright (c) 1988-1998 Microsoft Corporation
Standard Edition on Windows NT 5.0 (Build 2195: )

The version number (7.00.961) reflects the service pack.  To the best
of my knowledge, the .961 means service pack 3, but I could well be
wrong on that.  If you look in Microsoft's Knowledge Base, there's an
article that lists what build numbers equate to the various service
packs.

Hope that's helpful...

Best regards,
Zac Bedell


-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOo1mdqvhLS1aWPxeEQLQ6wCfYbjyhlpOpcXw7/C2WAapVV/tAqoAn3xJ
D8ESTbJZiilEi+ERoaEdw+ok
=AcsT
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Upload module

2001-02-15 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

How about this:  Wrap the CFFILE call in a CFTRY block.  Catch the
error & deal with it if necessary, otherwise the code will just work
as it should.

Best regards,
Zac Bedell

> -Original Message-
> From: MJS @ Four Eyes [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, February 15, 2001 11:24 AM
> To: CF-Talk
> Subject: Upload module
> 
> 
> Hi, 
> 
> 
> I'm trying to create a universal upload moduleso that you 
> can have as
> many uploads on a form as you want and name them whatever you 
> want.
>  
> it all works great, unless the person doesn't upload 
> something then I get
> the:
>  
> Error processing CFFILE 
> 
> No data was received in the uploaded file '\.' Saving empty 
> (zero-length)
> files is prohibitted. Please make sure you specified the 
> correct file. 
> 
> 
> 
> this is because when it check the loop and tries to upload 
> off the form
> field...the field is empty.  I cannot seem to check the value 
> of the field
> in the loop, because at that point it is still a field name, 
> not a field
> value.  The CFFile converts it into a value itself
> 
>  
> 
> Help please...
> 
>  
> called via
>  
>UploadFields="ProductionImage,ProductionClip"
>   Accept="image/jpeg,image/gif,image/pjpeg,image/jpg"
>   nameconflict="Overwrite"
>   
> SavePath="D:\FOUREYES\WEBDEV\foureyesweb.com\bombo\Uploads\Pro
> ductions\"
>   dbtype="odbc"
>   DSN="Bombo"
>   Table="Productions"
>   RecordID_Name="ProductionID"
>   RecordID="43">
>  
> The module is as follows: (including fusedoc!)
>  
>  
> 
> Point: 
> 1) mod_upload_file.cfm will then loop through attributes:uploads
> and  
>  run a CFFile Uploading to the attribute SavePath
> 
> 2) It will then run a query on a Database (DSN) and Table (table)
> on a RecordID and field Name to
>  insert/update the file name for this upload
> 
> 
> Attributes IN:  Type = is this an Insert, Update (Remeber 
> this is Mod_upload
> not Mod_delete!!!)
> This will determine which queryis being used
>
> UploadFields = Array for all files to be uploaded
> This is the form fileds that contain the files
> sample Uploads="Image1, Image2, Clip3"
> 
> Accept = what type of file are we allowed to accept for this
> field 
>  sample accept="image/jpeg,image/gif,image/pjpeg,image/jpg"
> 
> nameconflict = what to do when there is a name conflict
>  accepted values = Error , Skip, Overwrite, MakeUnique
> 
> SavePath the path for the files to be saved to
> sample
> SavePath="D:\FOUREYES\WEBDEV\foureyesweb.com\bombo\Uploads\Pro
> ductions\"
> 
> DBTYPE = Type of Database (ex.ODBC)
> 
> DSN = the DB that the query should use
> sample DSN = "Bombo"
> 
> Table = the table the query should use
> Table="Productions"
> 
> RecordID_Name = the field name in the table of the 
> primary key record ID
> 
> RecordID = the Primary key number that the query should update
> 
>  
> Output:   Nothing: this module only writes to a database
> 
> >
> 
> 
> 
>  
> 
>  
> 
> 
> 
>  
>  
> 
> 
> 
> 
>filefield="#UploadField#"
>destination="#attributes.SavePath#"
>nameconflict="#attributes.nameconflict#"
>accept="#attributes.Accept#">
>   
>
> dbtype="#attributes.dbtype#">
> UPDATE #attributes.Table#
> SET #UploadField# = '#file.serverfile#'
> WHERE #attributes.RecordID_Name# = #attributes.RecordID#
>
>  
> 
>  
>  
>  
> 
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOow/lavhLS1aWPxeEQLKnACfeEDpjPcRezFvAmuEE7WgTKFK/ZAAoOG4
2Xyb4aRg7plC6ay5MOHRfWqL
=zICR
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: W2K vs. NT

2001-02-07 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> Any advantages/disadvantages with NT 4 vs. Win 2000? Please
> consider  I'm a novice when it come to Windows. I've learned enough
> NT to keep  my CF/Web server running almost 
> constantly. 

> Will I have to learn a bunch of new stuff to keep 2000 going? 

A little...  A lot of the admin stuff is done differently, but you
can pick it up pretty quickly.

> Is 2000 stable? 

"Like a rock."  (Please don't sue me, G.M)

> I'm doing pretty good with NT sp5 
> and don't want to bite off more than I can chew. The SQL machine
> will  be for SQL Server only! 

If you're only using SP5 (as opposed to SP6) for your web server,
then you might be using the various FuseBox URL faking techniques. 
Those don't work on NT4 SP6 or Win2k.  That's not an issue if this is
just a SQL box, but do keep that fact in mind...

> The only other software I'd install is some 
> defrag stuff and a client for my Retrospect backup.

You won't need to install defrag w/ Win2k -- it comes with it.  Tho a
SQL only box shouldn't get fragmented -- SQL Server creates big
contiguous files & works with in them for everything it does.  I
doubt your drive would get fragmented at all if it's dedicated SQL.


On the whole, I'm fairly certain you'll enjoy Win2k.  It's
performance is stellar for us.  We've only got one box left to
upgrade, and it's going soon!


Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOoGfyKvhLS1aWPxeEQIw1gCeP0VxL8lkF5AColTMfxaCd4nOEfwAni4d
STbIz6ubFIVd9OVIbp95Cpek
=BpC3
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Windows 2000 Professional and CF Server 4.0.1

2001-01-31 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

4.0.1 works great provided it was there before Win2k.  If you do NT4,
CF, then upgrade to Win2k, you should be okay.

Basically 4.0.1 works fine under 2k, but the installer is brain dead.
 Rather than patch the installer, Allaire would rather you run out &
spend  on their new version.  Big surprise...

I've got a machine running 4.0.1 w/ Win2k Server w/ no problems what
so ever.

Best regards,
Zac Bedell

> -Original Message-
> From: Jim McAtee [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 31, 2001 12:38 PM
> To: CF-Talk
> Subject: Re: Windows 2000 Professional and CF Server 4.0.1
> 
> 
> - Original Message -
> From: "Aidan Whitehall" <[EMAIL PROTECTED]>
> To: "CF-Talk" <[EMAIL PROTECTED]>
> Sent: Wednesday, January 31, 2001 7:09 AM
> Subject: RE: Windows 2000 Professional and CF Server 4.0.1
> 
> 
> > > Allaire does not support anything less than cf4.5 on a WIN2K
> > > box. 
> >
> > OK, thanks.
> 
> 
> I'd still be interested in whether anyone's got a stable 
> workaround.  In
> general, Allaire support isn't something I use.  I'm warming 
> up to Windows
> 2000 - Windows 2000 Pro on workstations is great - now we're 
> getting ready
> to take the plunge with our servers.  CF 4.5, however, is 
> something I don't
> need.  I've still got it in a shrink-wrapped box from when we had a
> subscription.  Way too many issues for me to want to deal with it.
> 
> Jim
> 
> 
>
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

Flush Template Cache

2001-01-30 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hello all!

Apologies in advance if this had been answered before, but...

Does anyone know if there's a tag or function (documented or not)
that will force CF to flush it's template cache when you're using the
Trusted Cache option?

We like to keep the cache on for performance, but we have a couple of
outside developers who need to flush the cache without having access
to the CF Administrator.

Any help much appreciated!

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA+AwUBOnbhdKvhLS1aWPxeEQL70ACXXvmSe7QYJjHNk0NO4zR4VyPVKACg+nEG
4re+0rKj7MwO5C9XjMNIDsk=
=fp4a
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: SQL Server Licensing Woes

2001-01-30 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

The last time I read the full SQL 7 license agreement, I found a
little loophole.  They fixed it in the SQL 2000 agreement, but if
you're only using 7, maybe this could help you.

I am *not* a lawyer.  I am a coder.  That said, my
grasp of the English language is automatically suspect.  Before
betting the farm on this, you probably ought to have a lawyer check
it out...

The way the 7.0 license was stated, it *looks* like you need either
the ICL, OR one CAL per concurrent access TO THE SQL SERVER.

Since CF is automatically limited to no more concurrent access than
it has threads (set in the CF Administrator), you should only need
that many CALs.  Alternately, I *think* you can limit the number of
concurrent DB accesses per data source in the Administrator as well.

I know that in the SQL 2000 license, they specifically said you can't
do that anymore, but the SQL 7 license seems to allow it.

It would probably be wise to grab and ICL if you can get one, but you
*may* not need one.  

Anyone else who's recently read the full SQL 7 license care to
confirm/deny this?  I may well be on crack...

Best regards,
Zac Bedell

> -Original Message-
> From: Dave Watts [mailto:[EMAIL PROTECTED]]
> Sent: Monday, January 29, 2001 8:19 PM
> To: CF-Talk
> Subject: RE: SQL Server Licensing Woes
> 
> 
> > Actually if you are using a WebServer to connect to the SQL 
> > Server you do not need an Internet Connector License. Internet 
> > Connector Licenses are for users from the internet connecting 
> > directly to the SQL Server as in many Win32 apps that were 
> > developed. Attached is the link to this information. I was 
> > advised of this by the Microsoft Licensing Center. You would 
> > need a CAL for every WebServer that will connect to the SQL 
> > Server and any other device from the internet that would be 
> > accessing the resources of the SQL Server.
> > 
> > http://www.microsoft.com/SQL/productinfo/70pricing.htm
> 
> Uh, there are a couple of problems here.
> 
> First, according to the SQL 7 pricing info in your link, if 
> you allow access
> to SQL Server through a web server, you would need to either get
> the Internet Connector License, or purchase a CAL for each 
> concurrent user,
> depending on whether the users of the application are "internal" or
> "public":

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOnbjbKvhLS1aWPxeEQIzAwCgvkfOXFTQC5EP5j+z6kORHTwSGZ8AoJiA
MHjDVjUcrZMcOQMpENPvvbSC
=dzga
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: custom CFERROR pages, what's your solution?

2001-01-26 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Under CF 4.5.x, you can set the CFERROR type to Exception and then
execute CF Code in your error pages.  Under 4.0, you're SOL...

I used to make the CFERROR page a page that did an HTTP meta refresh
to another CF page passing all the error parameters in the URL.  That
way the second CF page can handle the errors in some intelligent
mannor.  It was a kludge, but it (sorta) worked...

Best regards,
Zac Bedell

> -Original Message-
> From: Mike Amburn [mailto:[EMAIL PROTECTED]]
> Sent: Friday, January 26, 2001 1:23 PM
> To: CF-Talk
> Subject: custom CFERROR pages, what's your solution?
> 
> 
> using CFERROR, you can create a custom error page. however, you
> can't perform any CF logic within that page. if you had to include 
> some logic,
> the only method i can think of is to capture the error data in form
> inputs and use javascript to submit the form to another page that
> included the CF.
>  
> has anyone else thought of a (better) method where you can use
> CFERROR but also present a page that uses CF logic?
>  
> -mike
> 
>
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CyberCash built-in at CF 4.5

2001-01-26 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

No such luck.  4.5 doesn't have any built in CyberCash functionality.
 You still have to use the CFX_CyberCash tag (which does a fine job).
 It's on Allaire's tag gallery if you don't already have it.

Best regards,
Zac Bedell

> -Original Message-
> From: Cecilia Lam [mailto:[EMAIL PROTECTED]]
> Sent: Friday, January 26, 2001 11:27 AM
> To: CF-Talk
> Subject: CyberCash built-in at CF 4.5
> 
> 
> Hi,
> 
> This is a question regarding CyberCash transaction.  We are 
> using Win NT, CF
> server 4.0 and CyberCash 3.2 for our online transaction.  We 
> are upgrading
> our system to Win 200, CF 4.5 and I was told that CF 4.5 now has
> the CyberCash function built-in.  I had been searching for more 
> information on
> this issue and could not find any.  Have anyone heard of this 
> function?
> Does anyone know what is the function name?  Or how could 
> someone implement
> that in CF 4.5?  Any information is appreciated.

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOnG5IKvhLS1aWPxeEQJM7QCgwNSb2m9TxC0QbrKHL0OFHrrb4t0AniDV
Z26bIHIrrX6I0ZAdmcno7jIB
=cPSj
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CFLOCK for 4.0.1 AND 4.5.1

2001-01-23 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> > I don't think Allaire would cut their own throats by being
> > > that backwards incompatible;
> >
> > Actually...  There is deep red arterial blood pouring from the
> > Allaire's severed jugular  They did indeed do something
> > stupid by making 4.5 locking not work on 4.0 AND making 4.0 
> locking not work
> > on a 4.5 server w/ full checking or automatic read locking
> > enabled. 
> 
> So don't turn on full checking or automatic read locking.
> 
> Patient: "Doc, it hurts when I do this"
> Doctor: "Then don't to that."

Ummm...  Okay..  So what would you propose doing if your web host has
full checking or auto read locking turned on for their servers?  As a
host, I require that it be on for all of our servers because if it's
NOT, it's really easy for someone to start accessing unlocked shared
memory and bring your entire CF server down in a hurry.  Not a pretty
thought on a multi-homed box, neh?

> 
> Seriously, it's not anything to get your panties in a wad 
> over.  It's the
> developer's job to be familiar with the tool they are using.  If a
> requirement for the project is that it's got to run on 4.0, 
> then don't use
> 4.5 only features...

I'd say I'm exceptionally familiar with the tool I'm using.  The
problem is that if I want to create a general purpose CF app that
would run on 4.0 or 4.5, either I develop two separate copies or I'm
S.O.L.  

It just seems to me that a more sensible solution could have been
developed.  Especially since this wasn't even a full version upgrade.
 If I go from version x.0 of a product to version y.0 of a product,
then I'd expect some various little ugly things that would require
fixing.  But to go from x.0 to x.5 and have show-stopping code
incompatibilities is kinda lame IM(NS)HO...

And it's especially a pain in the bum when I have to upgrade our web
server's CF Version and manually fix all the code on it for the new
locking scheme...

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOm3/+qvhLS1aWPxeEQJ9RACfXXleBfbMUfPTJ7yGdNj0tZTUDD4AoIal
2HQeOqSJx05Qc27eLoMOkm2x
=sLB4
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CFLOCK for 4.0.1 AND 4.5.1

2001-01-23 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

>The scope="" is optional as you can use the same locking 
> syntax as in
> 4.0, ie. named locks (scope and name are mutually exclusive 
> though, so don't
> try both).
> 
> I don't think Allaire would cut their own throats by being 
> that backwards incompatible; 

Actually...  There is deep red arterial blood pouring from the
Allaire's severred jugular  They did indeed do something stupid
by making 4.5 locking not work on 4.0 AND making 4.0 locking not work
on a 4.5 server w/ full checking or automatic read locking enabled. 
Vis:

On my 4.0 server, this code:




dies with:
Just in time compilation error
An unknown attribute 'scope' has been encountered at document
position (1:9) to (1:13) while processing tag CFLOCK. This tag can
only take the following attributes: 
NAME
THROWONTIMEOUT
TIMEOUT
TYPE

> 
> So a cflock like this:
> 
> 
> 
>Should work the exact same in CF4.0x and 4.5.x, if it 
> isn't I think I'd
> contact Allaire on the issue.
> 

That will indeed work on 4.5 *IF* the server has no lock checking. 
It *won't* work if the server has auto read locking or full checking
enabled.

It sucks, but alas, that's the way it is  May Allaire/Macromedia
NOT do anything so nasty to us when 5.0 comes out...

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOm2XkavhLS1aWPxeEQKgxACg7JxAP5WRP4Q/oj/zjto0Lyuz+sQAnR0g
3pMwirKGGcHAjaXOefT3RnsT
=wAuL
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Why doe my cfscript if statement fail?

2001-01-22 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> Hi There,
> 
> I'm trying to find why this if condition keeps getting 
> evaluated as true
> when it shouldn't.  I've traced through the debugger to track 
> the value of
> the if condition and even though the record count condition 
> comes up as 0
> when I put a watch on it, it still executes.  
> I added a CFOUTPUT between the query and the  and it
> always returns a 0 on the page too.
> 
> 
> 
>   select distinct system_type from uv_system_all
>   where system_type='NT'
> 
> 
> #Check_NT.RecordCount#
> 
>  
>   if (Check_NT.RecordCount gt 0 is "TRUE")
> More Code deleted...

The if stament is trying to compare the boolean value from GT
comparison with the string "TRUE".

(Check_NT.RecordCount gt 0) will always equal either 0 or 1.
"TRUE" will always equal "TRUE".

"TRUE" will never be equal to either 1 or 0.

Your if should look like this instead:
if (Check_NT.RecordCount gt 0)

or even:
if (Check_NT.RecordCount)

since in CF a 0 means false and anything that isn't 0 is true.

Hope that helps.

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOmxzhqvhLS1aWPxeEQJzIgCg8OPwrH3yPKJM3W4aPsdARIaThygAnAnU
4dNmN1JBMygUuRaCKjxVz3ma
=GMZs
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CFHTTP with session variables

2001-01-18 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

That depends on the type of page you're calling.  If it's a CFM page,
just make sure you grab the CFID / CFTOKEN value that the server
sends to you and pass it back to the server with each call.  You'll
probably have to use the CFHTTP.ResponseHeader collection to get the
Set-Cookie headers.  Parsing could be a bit of fun, but it shouldn't
be too painful...

If it's ASP, you'll have to grab the ASPSESSION (or something to that
effect) cookie and pass it back to the server each time.

If it's something else, you'll have to figure out what cookie / URL
parameters make up their session management scheme and behave as the
server assumes a browser will.

A recording proxy server would probably help immensely if you have to
figure out their session management.  That would let you see cookies
as they're set, etc.  There's a good one called Stretch from Kestral
(http://www.kestral.com.au).  It's on the basic side, but it's free
and it will let you see WTF is going on...

Best regards,
Zac Bedell

> -Original Message-
> From: Don Kiggins [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, January 18, 2001 12:00 AM
> To: CF-Talk
> Subject: CFHTTP with session variables
> 
> 
> Hi.
> 
> I have a page which uses CFHTTP to pull in another page.  The page
> that I am pulling in has a session variable.  My question...  Is
> there any way that I can keep that session variable the same as I
> surf
> through the pages?
> 
> --
> Don Kiggins
> WebGlo Design
> 
> 
>
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Netscape 4.04

2001-01-16 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Sorry to extend a finished thread, but

Does anyone else see the irony of version "four-oh-four" of a browser
having unusual bugs?  Maybe they should have skipped to 4.05.  Kinda
like they skip the 13th floor in hotels

Again, apologies for the waste of time/bandwidth.  Just felt the need
to add my two cents...

Regards,
Zac Bedell

> -Original Message-
> From: Robert Orlini [mailto:[EMAIL PROTECTED]]
> Sent: Monday, January 15, 2001 2:56 PM
> To: CF-Talk
> Subject: RE: Netscape 4.04
> 
> 
> Hello Adrian,
> 
> It works great - thank you!
> 
> Robert O.
> 
> >-Original Message-
> >From: Adrian J. Moreno [mailto:[EMAIL PROTECTED]]
> >Sent: Monday, January 15, 2001 12:48 PM
> >To: CF-Talk
> >Subject: Re: Netscape 4.04
> >
> >
> >Robert,
> >
> >the Javascript that James Maltby sent is just that - Javascript. 
> >It was just generated by DreamWeaver, but useable

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOmSOGqvhLS1aWPxeEQLvxACglyhXQiJEep/uKSAogE5l1JJqcfgAn1EQ
ek1PDA3aiXFtlNJTE/bsjHfL
=cDF2
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CFerror and its

2001-01-12 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Check out the docs for CFError.  CF code doesn't execute in the page
specified for a CFError tag.  It's assumed that if you're already in
an error situation, running more code might not be the best idea.  I
dunno how valid that is, but that's what the docs say...

There's a limited set of replacement values you can use in the error
page.  Like I said  Read The Fine Manual to find out more...

Best regards,
Zac Bedell

> -Original Message-
> From: Andres [mailto:[EMAIL PROTECTED]]
> Sent: Friday, January 12, 2001 9:57 AM
> To: CF-Talk
> Subject: CFerror and its
> 
> The problem is that when a validation error occurs, the error 
> page appears fine, but the CF inside the error template is 
> not executed... it shown as if it was a regular html page 
> with all the cf showing.
> 
> can someone tell me why this is happening and how i can correct the
> problem??

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOl8gMKvhLS1aWPxeEQKvDACgmfkauxVTu0bOeQaPMBcg52A1R1QAnRG5
4jEST6vDxLyNgWSHuVx35bpI
=1GCC
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: HTTPS setup

2001-01-11 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> > We do have other sites on the same IP, but none of them use SSL.
> > That shouldn't
> > matter, should it? The default site if you go in by IP is a
> > different site, but
> > that's only for port 80, so I guess its irrelevant.
> 
> Is it possible for you to try making the SSL site the one with no
> host header requirement? If so, I would be interested to know if 
> that solved it.
> 
> I think that when you make the request 
> https://www.whatever.com to your
> site, since the host header gets ignored for https, your 
> server looks for
> the file on the default site.
> 
> Follow? I'm kind of speculating here I guess...


That's exactly the answer.  SSL and host headers don't mix, period...

If you have an SSL site, it needs its own IP address.

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOl4zfqvhLS1aWPxeEQLZfACgolQEzOghulAn/4Gk3n7g8Ta0UA0AoPGX
Rm3JErjwde+ySwpazu8gaLdx
=lx1Z
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: The +.htr bug strikes again

2001-01-11 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> Plus, most hackers worth their mice will delete your logs.

Or hit you from an unsecured webproxy server in Timbuktu, so even if
you get a logged IP, good luck getting the "Local Authorities" to
give you any info about where they were REALLY coming from.

Regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOl4y7KvhLS1aWPxeEQJPtwCeKrBT0BiK5p7vmnzK6AtxyE5ycyIAoMhr
RrCGUQOsnMQxstJ3X+CbbKyw
=0wJ6
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: image root resolving

2001-01-11 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Assuming your webroot is pointing at c:\inetpub\wwwroot\ (IE
http://www.yoursite.com/index.cfm is really
c:\inetpub\wwwroot\index.cfm), then you don't need to do anything to
do what you want.  

/images will be /images no matter what.  Now...  images without the
slash will get you a relative path, but /images (with the leading
slash) will always get files from c:\inetpub\wwwroot\images\.

Best regards,
Zac Bedell

> -Original Message-
> From: Greg Wolfinger [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, January 11, 2001 10:35 AM
> To: CF-Talk
> Subject: image root resolving
> 
> 
> Hey Guys:
> 
> I was wondering if there is a way to insert the server path 
> (e.g. c:\inetpub\wwwroot\images) to just be /images.  I need 
> it to be able to resolve the image path even if its deep into 
> a directory stucture such as the user is in 
> /blocks/category/index.cfm, the images will resolve up to the 
> /images folder.  Understand?? I'm not good at explaining.
> 
> --=@ greg @=--
> 
> 
>
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CFContent question....

2001-01-11 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

CFContent works fine in sp6a.  You can't do the URL faking thing
anymore, but that was a bug that was fixed & never should have worked
in the first place.

SP6 broke both CFContent and the URL thing.  SP6a fixed CFContent,
but not the URL thing.  Since the two issues were very closely
connected when 6 came out, there was a lot of confusion about what
was broken in what release.

As long as you don't do the URL fake thing, then SP6a is quite safe
to upgrade for CF.

FYI:  Win2k (any SP) is the same deal -- CFContent is good, fake URLs
are bad.

Best regards,
Zac Bedell

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, January 11, 2001 9:44 AM
> To: CF-Talk
> Subject: CFContent question
> 
> 
> 
> I have searched the archive but can not seem to find the 
> answer to this
> exact question...
> 
> Did NT 4.0 SP 6a fix the problem with CFCONTENT?  I know 6 
> broke it... but
> did 6a actually FIX it?
> 
> Thanks.
> 
> Vance Duke
> Cold Fusion Application Developer
> i2 Technologies
> (469) 357-4729
> 
> 
> 
>
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Is networksolutions behind with zone changes?

2001-01-11 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> We've been trying to get some domain record changes completed
> through networksolutions and they haven't taken effect over the
> last 
> couple days.
> We've sent the request form a couple times. Last batch of 
> changes we made several weeks ago went through same day.
> 
> Anybody else notice this problem or is it just us?

It's not just you.  The last week or so, NSI's been slower than
molasses in well...  January. ;-)

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOl3SV6vhLS1aWPxeEQLgggCeKsrGW4B8Kj+cBR//nvsbj8Eh7LUAoKnm
WbhTQR8XP7FIcmr/zAP29ooa
=g5pb
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CFHEADER

2001-01-08 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Just a guess...  Try replacing attachment with inline in the CFHEADER
value.  That might convince the browser to display the PDF instead of
saving it, but it would still allow the proper filename to come
through if the user did decide to save it by hand.

Hope that helps,
Zac Bedell

> -Original Message-
> From: Peter Benoit [mailto:[EMAIL PROTECTED]]
> Sent: Monday, January 08, 2001 1:34 PM
> To: CF-Talk
> Subject: CFHEADER
> 
> 
> It seems the following won't work, well in at least IE5.5.  
> 
>  VALUE="attachment;filename=#attributes.fname#">
> 
> 
> It instead opens the page up for download instead of the 
> file.  So lets say
> I have peter.pdf as my attributes.fname and download.cfm is 
> the page the
> above code is on.  And lets say that it's called from index.cfm. 
> Well index.htm appears in the download file box, not peter.pdf.  
> It seems to work
> ok in Netscape, so I can't believe I'm the only one having 
> this problem.
> I've seen similar looking code on the Allaire site, but it's still
> not working.  Can anyone help with this?
> 
> 
>
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CFX CyberCash Question....

2001-01-05 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

As someone else mentioned, you need to take the mailto:[EMAIL PROTECTED]]
> Sent: Friday, January 05, 2001 4:27 AM
> To: CF-Talk
> Subject: CFX CyberCash Question
> 
> 
> Ok Basically I am trying to get this darn tag to work, yet I 
> am using the "Test" modes that are supposed to be used with 
> real testing data, yet I still get an error back "faliure-hard"  
> is there anything that I am doing wrong
> 
> 
>  VERSION="3.2"
> CCPS_HOST="http://cr.cybercash.com/cgi-bin/"
> CYBERCASH_ID="test-mck"
> MERCHANT_KEY="key-test-mck"
> MO_ORDER_ID="1234567890"
> MO_VERSION="3.2.0.2"
> MO_PRICE="usd 12.34"
> CPI_CARD_NUMBER="4111"
> CPI_CARD_EXP="01/99"
> CPI_CARD_NAME="John Doe"
>  CPI_CARD_ADDRESS="11th Street"
>  CPI_CARD_CITY="Seattle"
>  CPI_CARD_STATE="WA"
>  CPI_CARD_ZIP="98119"
>  CPI_CARD_COUNTRY="USA"
> OutputPOPQuery="pop"
> >
> 
> 
> 
> 
>
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CFLOCATION, CF401, Weird...

2000-12-28 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> You've probably figured this out already, but the cause of this
> could be a  tag with content greater than 1024 
> characters, positioned above a  tag.  This is a bad
> combination ... cflocation writes to the http headers, and
> cfhtmlhead writes to the HTML head, somehow these two are running
> into each
> other.
> 
> How to fix?  If you've ever got stuff that needs to go in the HTML
> head that is long text, don't use  ... and also try to
> position the logic in your page so that any cflocations are taken
> care of as soon as possible.

Alas... There's no CFHTMLHEAD in this page, and the CFLOCATION should
be the first tag on the page that's actually going to emit any
output.  The rest is all if's, set's, queries, etc.

I finally got a chance to mess around w/ a recoding proxy on this
issue.  I still don't have any answers, and it's even weirder, but...
Here's what's up:

* CF appears to be doing everything properly.
* When I run the CFLOCATION version through the recording proxy, it
works properly.  
* When I connect directly to the server, then the CFLOCATION version
fails only on IE (I'm using 5.00.3103.1000).  It works fine with
Netscape 6.

Weird, no?

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOkt8Y6vhLS1aWPxeEQJxTgCgzLgY8cxL4NmU4H19OFwW5fQUFwMAoPSA
9ajnLYRt9pH8ivPZLEVEtG/e
=evjg
-END PGP SIGNATURE-

~ Paid Sponsorship ~
Get Your Own Dedicated Win2K Server!  Instant Activation for $99/month w/Free 
Setup from SoloServer  PIII600 / 128 MB RAM / 20 GB HD / 24/7/365 Tech Support 
 Visit SoloServer, https://secure.irides.com/clientsetup.cfm.

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Script Kiddies

2000-12-26 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> i guess you find nothing humorous about watching a highly 
> paid, professional , who is too arrogant of his own abilities 
> to keep up on his knowledge, get his ass handed to him by a 
> 12 year old. :)
> Socially redeeming value or not, they are the future, not 
> beacuse they have tried to learn to hack, but beacuse they 
> are taking time to learn, that must be worth something.
> Today's script kiddie is tomorrows professional, that is if 
> you don't have them taken out and shot, as you would plainly 
> like to have them handled :)

And as a former script kiddie, now CTO of my company, I think I can
second that one...

There's more than one kind of hacker, too.  You have the antisocial
type who just want to destroy; and you have the kind that finds
exploits and then NOTIFIES the victim of their vulnerability rather
than exploiting the vulnerability to do harm or publicizing it for
others to use.  We could use a whole lot more of the second kind...  

Best regards,
Zachary Bedell
CTO, Adirondack Technologies, Inc.

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
Comment: Please use PGP!

iQA/AwUBOkkXvqvhLS1aWPxeEQK1zwCg9YrKY+GtnnkkMHSnmu/meyZLViYAoPpG
6Qcu2loRYkMolPKMfmkkJlz/
=g/Do
-END PGP SIGNATURE-

~ Paid Sponsorship ~
Get Your Own Dedicated Win2K Server!  Instant Activation for $99/month w/Free Setup 
from SoloServer  PIII600 / 128 MB RAM / 20 GB HD / 24/7/365 Tech Support  Visit 
SoloServer, https://secure.irides.com/clientsetup.cfm.

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

CFLOCATION, CF401, Weird...

2000-12-26 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I'm having some weirdness with CFLOCATION on CF 4.0.1.  I can't see
any way that this isn't a bug / limitation in something, but I was
wondering if others might have the clue that I lack.

If I do this, the page request hangs indefinitely:





If I do this, it "works":



Hang on a sec...




Now granted that the URL I'm producing will be rather on the long
side, is there any size limitation in CFLOCATION or in the HTTP
protocol redirect functionality?

I'm out of ideas...  This workaround does the job, but it's still
kind of obnoxious...

Thanks in advance,
Zac Bedell 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOkjpTqvhLS1aWPxeEQKcwQCeNSCwyXGB0S1jFEherQHbNNplB8kAoPFY
nTYMA9Hve/CTnOTxfRLQIq4u
=z/OQ
-END PGP SIGNATURE-

~ Paid Sponsorship ~
Get Your Own Dedicated Win2K Server!  Instant Activation for $99/month w/Free Setup 
from SoloServer  PIII600 / 128 MB RAM / 20 GB HD / 24/7/365 Tech Support  Visit 
SoloServer, https://secure.irides.com/clientsetup.cfm.

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: [Compress HTML output]

2000-12-24 Thread Zachary Bedell


> The overhead is most likely on the cache file writes 
> and cache reads. You just gave me an idea for a work 
> around that could be better and faster than all the 
> options we have just discussed. With both ISAPI and 
> CFX, the system has to compress each and every single 
> page output as it is a new one. Might as well store the 
> compress data into the db using CFX_GZip and serve it out
> of the database. This way, not only do we save CPU time 
> we also save I/O overhead. Serving from the database is 
> much more efficient (ram and cpu wise) in the long run 
> than reading from the filesystem. So we only compress
> it once every so minutes or hours.

Hmmm...  Very interesting...

I was considering decrupting CFCACHE and using this bit of code in there.
Using the DB instead...  That has some promise...  I may have a project to
play with

Why cache DB queries when you can cache the entire page result that was
based on the query, right?

My only concern is that CF seems to be very unfriendly to binary data.  I
wonder if there is any way that you could get the binary GZIP data back out
of the DB and serve it to the browser without needing to save it to a
temporary file and use CFCONTENT to send it out.  If that does indeed pose a
problem, then perhaps hacking up CFCACHE might be the only solution.

> > > With IIS 4.0 you need the recource kit which contains the
> > > isapi compression filters.
> >
> > A  Now this I did not know...  I must give this a try...
> 
> Look for compFilt.dll and gzlip.dll and deflate.dll

Will do.  Thanks!

Best regards,
Zac Bedell

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: [Compress HTML output]

2000-12-24 Thread Zachary Bedell


> Ok I understand what has been done the 
> only thing I see as a problem is that
> the tag is writing a file. Now without 
> locking or without a unique name
> something bad is bound to happen. And 
> once you put locking on the writing of
> files there is gonna be a slowdown. 

The filename for the tempfiles is based on a call to CreateUUID().  If
that's not giving you a unique filename, then you have much, MUCH bigger
problems to worry about...  There are two files created, and it looks a
little something like this:







You can't get too much more unique than that.

> I don't see this as a good solution for
> large webservers with a lot of users. Maybe 
> on an extranet where everything is semi 
> controlled or on an intranet, but I don't 
> think on a regular webserver this is a good idea.

I've got an 800,000ish user session per month site running it quite nicely
for the past three days (almost four days as I write this...).  No
hiccoughs, no user complaints.  In fact...  I don't even think the users
have noticed anything other than the speed increase (we have had two or
three comments on that).  Granted...  This isn't the type of thing you'd
want to run on Microsoft.com, but if you have a moderate load site and
enough extra processor to throw at it (we have both), then you can really
save some bandwidth, if that's something you need to do.  If you've got quad
T3's coming out of your server, don't waste your time with this tag.  But if
bandwidth is getting a little tight lately, this *might* be something to at
least give a try.  It's easy enough to implement and easy enough to remove
if it does cause problems.


In our case, we have a sh'load of server to throw at this app, but bandwidth
is a bit limited at this point in time.  The compression is really helping.

AND...  The server based add-on that Xing Li mentioned looks even better.
If we were running IIS 5, I would have installed that compression option in
a heart beat.  Now that I know IIS 4 has the same ability w/ a little added
software from MS, I'm going to be implementing it next week.


Best regards,
Zac Bedell

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: [Compress HTML output]

2000-12-24 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> Could you please explain how this compression works. 
> I keep seeing this as it is being compressed and 
> decompressed at the server, or is it being compressed 
> at the server and decompressed at the client.

After CF is done creating all of the various HTML that will be sent
out to clients, this tag grabs all the content and GZips it on the
server side.  The GZipped data is sent to the client where the client
automatically GUnzips it and displays it to the user normally.  The
human at the browser shouldn't even know anything unusual has
happened.  

As far as I know, all of the HTTP/1.1 browsers support gzip encoding.
 In any case, there's an Accept-Encoding header that browsers send if
they're capable of compression.  This tag checks to see if gzip is
one of the supported compression types.  If it is, the tag does its
thing.  If not, the HTML is sent uncompressed for clients that don't
know how to decompress it.

Using GZip level 9 compression, it's not unusual to see compression
ratios of 5 to 10 times.  Note that this does NOT work for any pages
that use CFCONTENT with a file attribute.  In those cases, the file
from CFCONTENT is sent out without any compression, and this tag
never even executes (since CF stops executing the page after the
CFCONTENT tag is done).

The web server based (as opposed to this CF Server based) solution is
a little different, tho it accomplishes the same thing.  I would
imagine that in those cases, CFCONTENT results would also be
compressed.  I still haven't hand a chance to play with that, but it
should be interesting.

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOkZBsKvhLS1aWPxeEQKlqgCg5QV9XWloUHiSxAgcdlnT0O4UY0YAoOqS
ZB/d+E31i/1KPu2pSgt5gK85
=XB79
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: [Compress HTML output]

2000-12-24 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> Not sure if this has been talked about in detail but with the 
> interest in dynamic html compression I will throw my two cents in.

And donations of this sort are *always* appreciated!  Thanks! ;-) 

> Why use a cfx tag with coldfusion to compress html output 
> when you can use IIS 5.0's builtin gzip/deflate compressors? 

We're stuck on WinNT4 for various reasons, so using IIS compression
wasn't an option for us.  Also, for non-IIS users, this CFX version
should still do the trick even if their webserver doesn't support
compression.

> I bet the cfx/cf overhead is much higher and not suitable 
> for high volume situations. 

It's been running like a champ for us over the last three days on a
moderately high volume site.  I can't imagine that the CFX overhead
would be that much higher than ISAPI overhead.  CFX_GZip is a good
multi-threaded tag...


> With IIS 4.0 you need the recource kit which contains the 
> isapi compression filters.

A  Now this I did not know...  I must give this a try...

> 
> By default, you can set IIS to do a "application" level, not 
> "static" level compression, which would compress dynamic 
> content. Go to the "services" tab of the server in the mmc. 
> However, and by default, the dynamic compression only applies 
> ...

Very interesting...  I will most certainly try this.  Thanks for the
pointer!

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOkYVcKvhLS1aWPxeEQLBawCdFX8/Cx8ZLwFJk2h0u8vHZvxn2IIAoNXC
/aYrqpaVDexfyCoWzqU8BwOP
=9yi3
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: [Compress HTML output]

2000-12-22 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Okay...  I think the tag is done.  I made a few more changes (see
below).

I also figured out how to automagically compress all the pages in
your site w/ one little change.

Here's what I did find:
In the Application.cfm, I put this code:







Note that you could omit the OnRequestEnd line if you don't use that
file OR you could put it into a try block if you're not sure
they're'll be an OnRequestEnd like:


Also note that the above, if dropped at the end of your
application.cfm would ignore any & all output that was actually
generated by your app.cfm.  That's what I wanted in my case.  If
you're outputting stuff in your app.cfm that you need, then you
should do something like:









We get anywhere from 2 to 10 times compression, and our customers are
already commenting on the speed increase.  The system's processors
are of course working a little harder now, but that means they're
floating at 10% instead of at 4%.  Whoopee!



Here's the tag for people's perusal.  If you find any glaring errors
or have general suggestions, please share them with me.  If I don't
hear anything, I'll post this in the tag gallery some time next week.

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOkObpqvhLS1aWPxeEQJAcwCaAlXKaaZrAK4UDYzvMZ/pVaT/wTUAoOuF
sdj1jvSQDab6aH6Q4TV9xQHZ
=3LEC
-END PGP SIGNATURE-

GZipPage.cfm: (This will probably be looped by your mail reader/server.)
=-=-=-=-=-=-=




































~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: ThisTag.GeneratedContent

2000-12-22 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> > Is there an equivalent to a custom tag's
> > "ThisTag.GeneratedContent" variable for the base executing page? 
>
> To the best of my knowledge, there is no way to retrieve this 
> generated content from within the scope of the request itself. 

Answer Found!  Sort of

I found a bit of a kludge that accomplishes what I need with a minor
amount of hacking...  Vis:

My basic goal here was to run a custom tag over the entire contents
of a page request.  I was hoping to do something like:

OnRequestEnd.cfm:
=



#Content#


Here's what I did find:
In the Application.cfm, I put this code:







Note that you could omit the OnRequestEnd line if you don't use that
file OR you could put it into a try block if you're not sure they'll
be an OnRequestEnd like:


Also note that the above, if dropped at the end of your
application.cfm would ignore any & all output that was actually
generated by your app.cfm.  That's what I wanted in my case.  If
you're outputting stuff in your app.cfm that you need, then you
should do something like:









This whole thread of course links into the compression of HTML output
thread elsewhere in this list.  I've managed to setup a little tag
that GZIP's all of our page content for browsers that can handle GZIP
encoding.  We get anywhere from 2 to 10 times compression, and our
customers are already commenting on the speed increase.  The system's
processors are of course working a little harder now, but that means
they're floating at 10% instead of at 4%.  Whoopee!



Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOkObMKvhLS1aWPxeEQIXSQCcD5tqlYkGzgrNN4EGvMxBZBDG1zIAoMHy
nq2e9OSwdbZsF41TNdEhJmDS
=ZZbS
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Alternatives to Coding Username and Password in Application.c fm

2000-12-21 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Here's a trick that "should" make you more or less immune to .htr,
::$DATA or other similar source exploits.  

Since all of these bugs allow you to access the unprocessed contents
of script files within your webroot, the secret is to store your
dirty little secrets *outside* of the webroot.

Vis:

Your webroot is at d:\INetPub\WWWRoot\, and you have application.cfm
there.  To protect your (for instance) database passwords, make your
application.cfm look something like this:

Application.cfm:

blah
blah




blah
blah
blah

Now you need to go into the CF administrator and create a mapping for
/DirtyLittleSecrets/ that points to (for example)
D:\INetPub\YoullNeverGuessThis\InAMillion\Years\.

Now you can store all of your secret little bits outside of the
webroot.  If another source code vulnerability shows up (they run
about once a month, don't they?.), you'll already be safe since
all the script kiddies can see is your harmless cfinclude lines.

We take this one step further and put ALL of our code outside the
webroot.  We have a rather large and ever growing code base that's
shared among several of our hosted sites.  All the sites have access
to their own servers' roots for updating various basic HTML stuff,
but they are NOT allowed to see the CF code (as they're leasing, not
purchasing it).  By keeping everything outside the webroot, all of
the CFM page become one line: .  It makes adding a new site
nice & easy (just copy the stubs over), and it make updates and
enhancements to the codebase a breeze as we only update in one place.
 We do have to manually copy stubs to all the sites when we add new
files to the codebase.

One thing I've been trying to find:  Some way to remove the need for
the stubs.  It would be nice if you could get application.cfm to fire
even if the cfm page didn't exist, but alas that isn't the case.  If
anyone has any insights on how to make that happen, I would simple
love you for them! ;-)

Best regards, 
Zac Bedell

- -Original Message-
From: Jeffry Houser [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 21, 2000 8:23 PM
To: CF-Talk
Subject: Alternatives to Coding Username and Password in
Application.cfm



  With all this talk of the '+.htr' bug...

   What are alternatives to hard-coding in the username and password
in a
query?

   The first alternative is to code them as variables in the
application.cfm.
Although,
if the above '.htr' bug is present, that doesn't make the app any
more secure.

  Can we put them in the datasource?  I know I could never get that
working with

SQL Server 7 and NT 4.0 Workstation.  If I hard-coded the username
and password
it worked, if it was in the datasource it didn't.  I have seen it
working on
other
machines in this manner, so presumably I had some config bug in the
workstation.

This manner seems more secure than the previous one.

  Are their other alternatives?  And if so, what?


-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOkLUA6vhLS1aWPxeEQLwUACgx8x8s0hseclqZQQ7l8o6t8wLPCEAoOCx
JUYHbGX7IJHwri8TH2iMR34d
=Px/2
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: The +.htr bug strikes again

2000-12-21 Thread Zachary Bedell


> Someone should probably make an official "checklist" 
> to run through when you setup a CF server.

How about these additions to said checklist:

In addition to removing the .htr mapping, also remove the mappings for any
other extensions that you won't be using on that server.  

Like: 
htw -- unless you're using the WebHits highligher
ida, idq, htr, idc -- unless you're using old-style Index Server access
asp, cer, cdx, asa -- unless you're also hosting ASP apps on that server
shtm, shtml, stm -- unless you're using Server Side Include files
printer -- WTF is this and why did IIS install it for Win2k?

You could probably also yank the dbm extension unless you have REALLY old CF
code lying around.

Basically your goal is to DISABLE any functionality of your server that
you're not currently using.  The less junk you have running on the server,
the less chance someone will find a bug in part of the server you didn't
even know was there.

Granted, there's a fine and arcane art to disabling just the right things
without breaking any part of your server.  You'd be best to play on a
production server that you can afford to trash & reinstall a few times if
need be.  Certainly, though, deleting extensions for file types not used in
your sites (or your customer's sites for webhosts) is completely safe and a
good idea in general.

Best regards,
Zac Bedell


~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: [Compress HTML output]

2000-12-20 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Thanks for the reminder on that one!  I was going to do that...  I
even had RFC 2616 on my desk to look up how to do that, and I
completely forgot...

I've actually got some "real work" to do today (darn clients 
always interrupting my fun!), but once I get that taken care of, I'll
integrate the various suggestions on this & see if I can turn it into
a real tag

Thanks again to everyone for the tips & pointers!

Best regards,
Zac Bedell

> -Original Message-
> From: Orlando Correa (ITSC) [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, December 20, 2000 5:55 AM
> To: CF-Talk
> Subject: RE: [Compress HTML output]
> 
> 
> 
> Just check the cgi.http_accept_encoding for the existance of 
> "gzip"
> 
> 
>listcontainsnocase(cgi.http_accept_encoding,"gzip")>
> 
>   
> 
>   
> 
>   
> 
> 
> -Original Message-
> From: Peter Stolz [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, December 19, 2000 8:30 PM
> To: CF-Talk
> Subject: RE: [Compress HTML output]
> 
> 
> This is great!
> One question though:
> The servlet version checks for the ACCEPT_ENCODING request 
> header before it
> does the actual encoding.
> I don't know of a way to do this in CF. Any ideas?
> 
> P.
> 
> 
> -Original Message-
> From: Orlando Correa (ITSC) [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, December 19, 2000 9:58 AM
> To: CF-Talk
> Subject: RE: [Compress HTML output]
> 
> 
> Hey Zach...
> 
> After some testing... I implemented your code to test compression
> of a particularly large html file with some encouraging results...
> The
> uncompressed page was 165K and took 391 milliseconds to excute. 
> The compressed page is 20K with an added server overhead of around
> 375K milliseconds... The savings in download time for the html, in 
> this case,
> warrent further explortion of compressing certain "heavy" pages
> (87.8% compression on level 7).  Thanks dude!  Pretty slick.
> 
> I've hacked on your code a bit to test it in our development 
> enviornment...
> 
> 
>   
> 
> 
> 
>   
>   
>default="#RandRange(1,1000)#"> 
>   
> 
>   
>   
> 
>   
> 
>  action="LIST">
> 
> 
> 
>  
> 
> 
> 
> 
>   
> 
>   
> 
> 
>   
>"#dir_compress##listlast(cgi.script_name,"/")#_#Attributes.Uni
> que#_#RandRang
> e(1,100)#.out">
>"#dir_compress##listlast(cgi.script_name,"/")#_#Attributes.Uni
> que#_#RandRang
> e(1,100)#.in">
> 
>
>   
>   
>   
>   
> 
>   
>OutFile="#GZippedFile#"
> level="#Attributes.Level#">
>   
> 
>   
>   
>   
>type="text/html"> 
> 
> -Original Message-
> From: Zachary Bedell [mailto:[EMAIL PROTECTED]]
> Sent: Monday, December 18, 2000 2:20 PM
> To: CF-Talk
> Subject: RE: [Compress HTML output]
> 
> 
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> > compression is a web server issue NOT CF.
> 
> That's true, but it doesn't mean you can't do it in CF...
> 
> Below is a custom tag that will do just that, provided you have
> CFX_GZip installed (freely downloadable from the tag gallery).
> 
> I'm not sure whether the savings in bandwidth is worth the
> additional processor power (anyone wanna run tests?), but it's
> still nifty...  
> 
> One place this would really be a savings:  If you already use
> CFCACHE, you should be able to modify the CFCache tag to also do
> compression before it saves a file.  That way you only need to
> compress the file once, and you get the processor savings of
> CFCache AND the bandwidth savings of compression.
> 
> I'll probably post this tag to the tag gallery once I beat on it
> for a little longer.  In the meantime, enjoy...
> 
> -BEGIN PGP SIGNATURE-
> Version: PGPfreeware 6.5.8 for non-commercial use
> <http://www.pgp.com> Comment: Please use PGP!
> 
> iQA/AwUBOj5/Z6vhLS1aWPxeEQKSRwCg+iRBf/fA8Y72IbopUMF0kM6NEkkAnj+k
> wwQDQrb5RkIfgaFn1TRaW8Ub
> =4/Jb
> -END PGP SIGNATURE-
> 
> 
> 
>   
>   
>default="#RandRange(1,1000)#">
> 
>   
>"c:\Temp\Compress\#Cgi.Script_Name#_#Attributes.Unique#_#RandR
> ange(1,100
> 
> )#.out">
>"c:\Temp\Compress#Cgi.Script_Name#_#Attributes.Unique#_#RandRa
> nge(1,1000
> 000)
> #.in">
> 
>   
>   
>   
> 
>   
>OutFile="#GZippedFile#" level="#Attributes.Level#">
>   
> 
>   
>   
>   
>type="text/html">
> 
>
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

ThisTag.GeneratedContent

2000-12-19 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

This seems like a really dumb question, but I can't seem to find a
definitive answer anywhere...

Is there an equivalent to a custom tag's "ThisTag.GeneratedContent"
variable for the base executing page?  I know CF buffers all HTML
output until the end of the page execution, and part of this buffer
is made available to custom tags through ThisTag.GenerateContent.  I
need that same functionality in the base template so that I can
access the generated HTML in OnRequestEnd.cfm completely
independently of any custom tags.

Anybody have any ideas?  I'll probably kick myself when I see the
answer...

Thanks in advance,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOj+1t6vhLS1aWPxeEQK0kACfajVDcrDPoDbCpu0oZ68ZcYYpKAgAn2yp
aDA+KcgSVIGDq8eU/vcyIUSJ
=YWBA
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: [Compress HTML output]

2000-12-18 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> compression is a web server issue NOT CF. 

That's true, but it doesn't mean you can't do it in CF...

Below is a custom tag that will do just that, provided you have
CFX_GZip installed (freely downloadable from the tag gallery).

I'm not sure whether the savings in bandwidth is worth the additional
processor power (anyone wanna run tests?), but it's still nifty...

One place this would really be a savings:  If you already use
CFCACHE, you should be able to modify the CFCache tag to also do
compression before it saves a file.  That way you only need to
compress the file once, and you get the processor savings of CFCache
AND the bandwidth savings of compression.

I'll probably post this tag to the tag gallery once I beat on it for
a little longer.  In the meantime, enjoy...

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOj5/Z6vhLS1aWPxeEQKSRwCg+iRBf/fA8Y72IbopUMF0kM6NEkkAnj+k
wwQDQrb5RkIfgaFn1TRaW8Ub
=4/Jb
-END PGP SIGNATURE-

























~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: creating an url return string

2000-12-18 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

In the calling page, before you redirect to the authentication pages,
setup returnURL like so:



Now returnURL will contain anything that was passed after the
question mark.

Hope that helps,
Zac Bedell

- -Original Message-
From: Greg Wolfinger [mailto:[EMAIL PROTECTED]]
Sent: Monday, December 18, 2000 11:21 AM
To: CF-Talk
Subject: creating an url return string


Hey Guys:

I have an application that lets you browse a message board, however
if you would like to post a response you need to log-in (in you arn't
already).  After you log-in, it takes a parameter passed through the
url called returnURL and sends the user after the authentication to
that url.  The problem is that the returnURL has multiple parameters
to it sometimes (e.g.
returnURL=/message/index.cfm?action=submit-response&message_id=foo&ref
URL=/foo/index.cfm)

How can I return the user to that page keeping in tact all of the URL
parameters?

thanx,

greg
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Purging CDATA and CGLOBAL

2000-12-18 Thread Zachary Bedell

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

As another poster mentioned, CFEXEC is the magic behind CDATA
purging.  

Additionally, I wouldn't recommend anyone running the query listed
below to manually change or delete the client data stores.  We tried
doing that for a while in a scheme to detect multiple logins, but at
least on CF 4.0.1, the server was destabilized by running those
queries.  

With the DELETEs to CDATA in our code, the server had to be restarted
once every few days.  Just commenting out that code made the server
completely stable.

I dunno how 4.5.x would react to that code, but 4.0.x didn't like it
at all...

Best regards,
Zac Bedell

- -Original Message-
From: Greg Saunders [mailto:[EMAIL PROTECTED]]
Sent: Sunday, December 17, 2000 8:06 AM
To: CF-Talk
Subject: Re: Purging CDATA and CGLOBAL

This makes sense, but isn't CF supposed to do something like this 
automatically if you check the "Purge data for clients that remain 
unvisited..." box when you set up the client data source?  As far as
we can 
tell, this check box has no affect.  When should client data actually
be 
purged?

Thanks,

Gregory M. Saunders, Ph.D.
Technical Director
Cognitive Arts Corporation  (http://www.cognitivearts.com)
1840 Oak Avenue, 4th Floor
Evanston, IL 60201-5914

At 10:33 AM 12/14/2000 +, you wrote:

> > What would prevent this functionality from working?
> >
> > If this functionality is not working what would be the safest way
> > to 
>remove
> > the obsolete data? (Older than 1 day.)
>
>I use the following in my Application.cfm which checks and logs out
>a user after 15 minutes:
>
>
> DBTYPE="ODBC">
> DELETE FROM CData
> WHERE CFID = '#Cookie.CFID#:#Cookie.CFTOKEN#'
> 
>   
> 
>
>Will Luke
>www.localbounty.com

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 
Comment: Please use PGP!

iQA/AwUBOj4wc6vhLS1aWPxeEQI6IgCg6s+dtEe/komMhuOxsa6VS7rMG18AoODw
y2UtrU1aDmlgZTxo6QcqD3sd
=MIlG
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: cfcrypt

2000-12-14 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Download the demo of 4.0.1 server from Allaire.  

In any case, there's no difference between the two programs.  They
both produce the exact same (easily decrypted) output.

Best regards,
Zac Bedell


Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

> -Original Message-
> From: Joseph Thompson [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, December 13, 2000 4:18 PM
> To: CF-Talk
> Subject: cfcrypt
> 
> 
> I have the copy of cfencode.exe that came with CF 4.5, but I 
> would like a
> copy of the "original" cfcrypt.exe if that is possible?
> 
> Any one know where I can get one?

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOjk2OqvhLS1aWPxeEQKRZACg4ka/lxbK2CuEmmreus3SPow1Ql8AnA6A
QM9DxDG0EXTQdIHEw607x8SX
=KGqz
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CF4.5.1 SP2.

2000-12-14 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> I am still experiencing huge memory leaks but I notice it is from
> Inetinfo.exe and NOT CF.  There is no doubt in my mind the CF is
> the culprit, but how in the world does Allaire put out this lousy 
> of a product
> update?  This is reminiscent of Microsoft.  If anyone from Allaire,
> especially their QA team is listening: GET ON THE BALL AND DO 
> YOUR JOBS.

If indeed Inetinfo is the leaking process, then chances are it's
Allaire's CFML.dll that's the culprit.  That runs inprocess w/ IIS
and calls out to the CFServer.exe process.  I've never quite
understood why Allaire felt a need to program their server out of
process, but

Perhaps the Allaire folks could look into that for you?

One other (remote) possibility that might help you:  If you can
afford to bring your server down for a few minutes, stop IIS and CF. 
Copy the CFML.dll in c:\cfusion\bin to cfml_451sp2.dll.  Then put a
copy of CFML.dll from CF version 4.0.1 in there in its place.  Even a
copy from the demo of 4.0.1 should do if you don't have the full copy
around.  Restart IIS and CF and see what happens.

There's a chance that might not work at all, but I seem to remember
reading once that it could help in some cases.

Best regards,
Zac Bedell
 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOjk18avhLS1aWPxeEQK86gCgiY9p/cXlsshgJ/YpDf0BfIlS07AAni/7
WX7o5S+kv5P+e9pS08ERvkjk
=CI9F
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Assembler.....

2000-12-05 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

>Lately I wuz thinking of picking up an extra language to add 
> to my long list
> >of the ones I currently know ;) As most people know you can 
> develop custom
> >COM, CORBA, CFX & other types of add-ons using alot of 
> different languages
> >like C++, VB, Java etc. etc.
> >
> >What I am wondering is if anyone out there knows if I can 
> create COM or CFX
> >extensions through assembly/assembler language. I know its a 
> pretty old
> >language but its also pretty efficient. If anyone has 
> anything to comment
> >about this, please do ;) I will be one extremely greatful person.

I wouldn't call assembly an old language...  When you think about it,
it's THE language.  Everything else you write in comes down to
assembly in the end (or at least one step below -- the processor's
machine code).

As for writing COM (or windows apps in general) in assembly...  It is
most definitely possible.  Having two or three consecutive root
canals would be a WHOLE lot more fun in my opinion, but it's
doable...  You'd need to become intimately familiar with the various
data structures and calling methods of COM and of the Windows PE EXE
format.  The folks at Bleem! did it for their Sony PlayStation
emulator -- it's an entire Windows application stored in a single
800KB EXE file written in assembler.  It's just very difficult.

Chance are for your applications, writing your COM in assembly would
be a waste of time.  The overhead of the COM conventions would still
be there.  Whether it's written in assembler or VB, you still need to
go through all of the motions to support COM.  And given that you'll
presumably be accessing your nice assembly COM from ColdFusion 
Let's say that CF isn't the most optimized piece of software out
there, so you'd really be wasting your time.  Any little bit of speed
you might gain from assembler would be overshaddowed from the various
lags introduced by an HTTP application server.

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOi0i2KvhLS1aWPxeEQIVdgCcDzS5wOXvyLmXO0WS4bqpBilRKMcAnRVB
9X1StCD+vLZxrvo58tSbD8Fk
=sTdY
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: normalization problem?

2000-12-04 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> It returns an "out of memory/resource" error;
> "Error Diagnostic Information Error occurred for unknown cause."

First of all... That error is most likely a sign of larger problems. 
Perhaps problems w/ memory leaks & other such garbage similar to what
the folks in the "CF SP2 + Win2k/Memory Leaks" thread are seeing.  I
wish you luck hammering those problems out...

Now for your query...  Since you're running MS SQL, you have  very
easy options:

SELECT TOP 5 prize.value, draw.drawdate, 
  contest.contest_name, contest_type.contest_type, 
  state.state
FROM state, prize, draw, contest_type, contest, company
WHERE prize.draw_id = draw.draw_id 
AND draw.contest_id = contest.contest_id 
AND contest_type.contest_type_id = contest.contest_type_id
AND contest.company_id = company.company_id
AND company.state_id = state.state_id
ORDER BY prize.value DESC



You may need to mess around w/ the fields you're bringing back to
make SQL happy, but the TOP keyword should make things quite a bit
easier...  Check the MS SQL Books Online for more info on the TOP
keyword.

Best regards,
Zac Bedell
 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOivfn6vhLS1aWPxeEQI0YgCghCcJ/RS4eUfvx+lIt/OFsuGeeoIAn00m
FzYObcUQzfnsHi6/XPdm3rLJ
=L5EE
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CF Does not like MSSQL7 @@ROWCOUNT

2000-12-04 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, December 03, 2000 1:08 AM
> To: CF-Talk
> Subject: Re: CF Does not like MSSQL7 @@ROWCOUNT
> 
> 
> > Except he's not looking for the identity, but the count.  Setting
> > nocount on kinda kills that...
> 
> no. set nocount has no effect on @@ROWCOUNT.

And *that* is one of those little annoying details I wish I'd known a
*long* time ago

Thanks for straightening me out on that, and sorry for any
confusion...

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOivDBavhLS1aWPxeEQKVYQCfazzIchjbaVR2qJRaVFm1OFBUWKcAnRAA
X7vDXZB8Vs0VxFO+zkDrS5wF
=rWvS
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CF SP2 + Win2k/Memory Leaks

2000-12-04 Thread Zachary Bedell

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Could I just add one niggling little detail to this thread?  I know
it's a small thing, but...

If ever someone's having a problem with Microsoft SQL Server 7.0 (and
I presume 2000 is the same), asking if they're using ODBC or OLE/DB
is rather moot.  

SQL Server's internal API *is* OLE/DB.  Even if you're using ODBC to
access it, the ODBC driver just translates your calls to OLE/DB and
passes them on to the SQL Server.

So...  Without a doubt, OLE/DB is preferred over ODBC when using
Microsoft SQL Server, and changing to ODBC won't make any appreciable
difference *unless* ColdFusion OLE/DB implementation is massively
screwed up.  And I'll leave that point up for debate...

And to think...  I was planning on getting up early this morning to
run an upgrade to CF 4.5.1 SP2...  Glad I slept in instead...

Best regards,
Zac Bedell

Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

> -Original Message-
> From: Nick McClure [mailto:[EMAIL PROTECTED]]
> Sent: Monday, December 04, 2000 10:05 AM
> To: CF-Talk
> Subject: RE: CF SP2 + Win2k/Memory Leaks
> 
> 
> Have you tried using OLEDB instead of ODBC?
> 
> >
> >At 03:29 PM 12/4/00 +0100, you wrote:
> > >I had this issue on an Access 2000/CFserver 4.5.1sp1 
> machine running MDAC
> > >2.6. Reverting to MDAC 2.5.1 solved the issue for us there.
> > >
> > >We're having the same problem on a NT4,sp5 SQL7.0 setup.
> > >
> > >A little experimenting this morning shows that running  a 
> query  with a
> > >large result set moved memory to swap file and just hung there.
> > >I'm beginning to suspect that there are memory allocation 
> issues with CF4.51.
> > >Perhaps the solution is to turn off all caching.
> > >
> > >It hardly seems appropriate that one needs to kill key 
> advantages on CF in
> > >order to maintain some measure of stability.

Amen, brother!  Preach it!.  *grin*

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOivAxKvhLS1aWPxeEQLpgACbBo2TQ/vtWpH6NUk6HVzSm1KjuMcAnRQZ
VKdzQ+89/Jc37avasUI6n7uU
=qKwO
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: CF Does not like MSSQL7 @@ROWCOUNT

2000-12-01 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Except he's not looking for the identity, but the count.  Setting
nocount on kinda kills that...

 
> We ran into this once before and according to Allaire when 
> CFQUERY evaluates
> a multi statement argument it waits for the SQL server to respond
> and specifically looks for the text 'X Rows Returned'  Once 
> CFQUERY sees this
> statement it stops evaluating any additional information 
> returned.  A work
> around would be to use a NOCOUNT and also wrap your queries in SQL
> TRANSACTION.  So some example syntax would be:
> 
> SET NOCOUNT ON  (Turns off Record Count Dialog)
> BEGIN TRANSACTION   (Begins a Transaction)
> INSERT INTO SomeTable (SomeField) VALUES ('SomeValue')
> SELECT @@IDENTITY AS NewID
> COMMIT TRANSACTION  (ends a Transaction)
> SET NOCOUNT OFF (Important as this is a system state and
> would remain set)

The transactions aren't necessary here.

This should be:
SET NOCOUNT ON  (Turns off Record Count Dialog)
INSERT INTO SomeTable (SomeField) VALUES ('SomeValue')
SELECT @@IDENTITY AS NewID
SET NOCOUNT OFF (Important as this is a system state and
would

That works to get the identity.

As for getting the count, that's a little nastier...

Maybe something like:



SELECT Count(CSVTemp.Inv_ID) as RowsAffected,
CSVTemp.DIR
FROM Images_INVPROJECT_CSVTempTable as CSVTemp
WHERE (Doc_Type = 'I')

SET NOCOUNT ON
INSERT INTO [Images_Invoice_Index]
(Invoice_ID, DirPath)

SELECT CSVTemp.Inv_ID,
CSVTemp.DIR
FROM Images_INVPROJECT_CSVTempTable as CSVTemp
WHERE (Doc_Type = 'I')
SET NOCOUNT OFF


Potential problems there are:
1) You're running the SELECT twice, so that's a performance hit
2) If someone runs another query that changes
Images_INVPROJECT_CSVTempTable in between the two queries, you might
be in trouble.  I'm not sure whether wrapping that in a transaction
would help or not, but you could try it...

If your database will be accessed only by ColdFusion pages, then
wrapping all cfquerys that change Images_INVPROJECT_CSVTempTable in a
CFLOCK might help.  Just speculating, tho...

> 
> Hope that helps

Ditto...

Best regards,
Zac Bedell

> - Original Message -
> From: "Rif Kiamil" <[EMAIL PROTECTED]>
> To: "CF-Talk" <[EMAIL PROTECTED]>
> Sent: Friday, December 01, 2000 6:31 AM
> Subject: CF Does not like MSSQL7 @@ROWCOUNT
> 
> 
> > Dear All
> >
> > I have the flowing CF Code
> >
> > --- START -
> >
> > 
> >
> > 
> > INSERT INTO [Images_Invoice_Index]
> > (Invoice_ID, DirPath)
> >
> > SELECT CSVTemp.Inv_ID,
> > CSVTemp.DIR
> >
> > FROM Images_INVPROJECT_CSVTempTable as CSVTemp
> >
> > WHERE (Doc_Type = 'I')
> >
> > SELECT @@ROWCOUNT as RowsAffected
> > 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOif3GavhLS1aWPxeEQKh9gCfYlpiJiF0+pp2+5HYeupf1uilD/YAoLSK
9BqUFskiw1VfaprSsmjvw0wx
=6oHo
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: GetTicketCount() - where and when

2000-12-01 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

GetTickCount is just a number.  It's fairly meaningless on its own. 
I think it's the number of milliseconds since the server was started
or something...

It becomes useful when you have two calls to it:





That took #TotalTime#ms.

Is it not nifty?

Best regards,
Zac Bedell


Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

Please include original message in any replies -- I get a 
lot of email every day, and I have a REALLY bad memory... 
So I don't always remember everything that was said.  
Thanks!





> -Original Message-
> From: Eric Fickes [mailto:[EMAIL PROTECTED]]
> Sent: Friday, December 01, 2000 12:26 PM
> To: CF-Talk
> Subject: GetTicketCount() - where and when
> 
> 
> Hello all,
> 
> I'm trying to trim some fat off my code, and I came across 
> GetTickCount()
> and had a few questions after reading the definition from my CF
> book.  
> 
> Definition:
> Returns a millisecond clock counter that can be used for 
> timing sections of
> CFML code or any other aspects of page processing.
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOifxlKvhLS1aWPxeEQIXxwCbBAXeL+QbR/5uEtJjY3o/NemYnlcAniQe
OCfHYYYTxWDbOB57Bfn1HFB3
=pYLx
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Java and CF

2000-12-01 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> Allaire has annonced that CF 6 will be 
> entirely written in
> Java on the back end, with CF Tags actually being translated 
> into JSP Code
> and then passed to a servlet engine, all on the back-end.

My only question:  What kind of crack is Allaire smoking, and where
can the rest of us get some?

Good grief!  What would possess an otherwise intelligent programmer
to write a server in Java?  An app server should be small, concise,
FAST, and super optimized for the system it's running on.  Java
misses the boat on all of those criteria.

Am I the only remaining programmer who hasn't jumped on the Java
bandwagon?  I mean... Java's great for certain tasks -- namely those
where speed isn't much of an issue but cross platform functionality
is.  That's certainly not the case for an application server with
thousands of concurrent accesses.  There is no WAY a Java server can
out perform a *well* *written* C++ server.  I wish Allaire would
spend their time fixing & optimizing the C++ codebase instead of
scraping it and rewriting in Java.

I can say this for sure:  If CF ever goes to a Java backend, I'm
moving to PHP...

Regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOifGG6vhLS1aWPxeEQIxUgCfeNvX00zujxBvXIjNp0wmG59Dx4YAn2Bf
rQHpED2YoaBv5q2SXO2+GYxE
=TK9q
-END PGP SIGNATURE-

~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: IP Address blocking

2000-11-30 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

You might be able to use the HTTP Referer of the request to determine
whether to show the page or not.  We use a similar thing to prevent
direct linking to image content on our site -- we use CF to serve
images via CFCONTENT.  The page checks the referer before serving the
image.  If the referer is from our server, the user sees the image
and never knows anything is out of the ordinary.  If the referer is
missing or is from another site, they get a "You've been bad" kind of
image served to them instead.  That image just has text that explains
bandwidth theft and asks the user to report the site they clicked
from to us.

Here's slightly abridged code:



















This should be even easier if you're only serving HTML files from
those links.  Something like the following stuck at the top of the
protected pages should suffice:

You don't belong here!



Hope that's helpful.

Best regards,
Zac Bedell


Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

Please include original message in any replies -- I get a 
lot of email every day, and I have a REALLY bad memory... 
So I don't always remember everything that was said.  
Thanks!





> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 30, 2000 1:28 AM
> To: CF-Talk
> Subject: IP Address blocking
> 
> 
> I have  a unique problem. I know how to keep folks from linking to
> my  pages on my server, but I allow others to also post pages to my
> web  servers.  Their pages contain links to places I don't want 
> folks going to.
> So, I could prevent them from writing their pages on my server, or
> I could search out and mangle such links. However, is there yet a
> sneakier way to let them do their thing, but I make it 
> "non-responsive"
> when it gets clicked on?  Or could I redirect it to some other
> site? What is the best way to proceed. /spe
> 
> ~~
> Structure your ColdFusion code with Fusebox. Get the official 
> book at http://www.fusionauthority.com/bkinfo.cfm
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOiaM8avhLS1aWPxeEQKZZQCgu3dwOMTdDSPyfncspXevjsFxT6cAoOYF
zjb25p1JJb3HfbaekyZ+FHFP
=Z64M
-END PGP SIGNATURE-
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: SQL 7.0 Question

2000-11-30 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> 
> DELETE * from auction_records where auction_id='#id#' and 
> userid='#userid#'
> 
> 
> Here is the error:
> 
> ODBC Error Code = 37000 (Syntax error or access violation)
> [Microsoft][ODBC SQL Server Driver][SQL Server]Line 1: 
> Incorrect syntax near '*'.
> 
> Is * not the correct syntax for All is SQL 7.0?

In SQL, a DELETE statement inherently means to delete all columns. 
The * is redundant since there's no way to specify the columns you
want to delete in a DELETE statement.  Access probably ignored it;
but to the best of my knowledge, that isn't technically correct SQL. 
SQL Server is kicking it out for that reason.  The statement should
be:

DELETE FROM auction_records 
WHERE auction_id='#id#' 
AND userid='#userid#'

(Caps of course are not important, but I like all my SQL keywords
capped for readability...)

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOiaLNqvhLS1aWPxeEQLKKwCfVxX/QJ39/4OgI79p2wFVIlpTQb8AoLWn
jE5qpxzPrhXBcyht8P6yRCl1
=XpCU
-END PGP SIGNATURE-
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Printing mailing labels in a browser -- Joy... :-O

2000-11-27 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I managed something decent for an in-house only project.  The labels
were UPC stick-ons for inventory.  

Since the format of the label was fixed, all we needed to do was fill
in the blanks with ColdFusion.  I used MSWord to design the label,
then exported it to RTF.  The ColdFusion variables were dumped into
the rich text to fill in the blanks.  

When the user clicks on the 'Print Labels' link, the RTF file opens
up in the browser, but the MSWord plugin steps in to render the RTF. 
Everything is exactly positioned, so the user just hits Print in IE
and MSWord does all the dirty work.

Very nifty, but it requires that MS Word be installed on all clients.
 Failing that, PDF is probably your best bet, but that's a lot less
programmer-friendly...

Best regards,
Zac Bedell

Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

Please include original message in any replies -- I get a 
lot of email every day, and I have a REALLY bad memory... 
So I don't always remember everything that was said.  
Thanks!





> -Original Message-
> From: Adrian Cesana [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, November 22, 2000 12:25 PM
> To: CF-Talk
> Subject: RE: Printing mailing labels in a browser -- Joy... :-O
> 
> 
> I had the same challenge recently.  Printing 4 up labels was 
> not really too
> bad as long as the label was NOT completely filled edge to 
> edge, you need a
> little buffer area. Anything more than 4 up was tough.  We ended up
> scrapping the idea for another non-label method which worked well.
> 
> If I had to do it again I would definitely look into pdf.
> 
> -Adrian
> 
> 
> 
> Subject: RE: Printing mailing labels in a browser -- Joy... :-O
> 
> 
> 
> 
> ~~
> Structure your ColdFusion code with Fusebox. Get the official 
> book at http://www.fusionauthority.com/bkinfo.cfm
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOiLN36vhLS1aWPxeEQJRagCg62/w9W/UCCRKF0pCePVt4/sTmlYAoPAZ
5Ae2D1wHnmXj5X3/wQblALJl
=x/mm
-END PGP SIGNATURE-
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

MS SQL 7, CF4.5.x, nvarchar, and LOTS of PCode errors. SQL Guru's please help!

2000-11-21 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hello all!

It's recently come to my attention that ColdFusion is not entirely
happy about dealing with Unicode characters from MS SQL server.  

It seems as tho CF 4.0.1 can handle nvarchar's in CFQUERY's, but dies
with Unicode in CFSTOREDPROC's.  At least according to a CF-Talk post
from the archives (not verified by myself).  It would also seem that
CF 4.5.1 chokes and turns blue on any kind of Unicode anywhere.

I had problems converting to 4.5.1 several months ago, and tho
Allaire's tech support never mentioned any problem with nvarchar's
even after 4 or 5 hours on the phone, there were indeed nvarchar's in
the database in question.  I have a hunch that might have been the
root of my problems.

That said, I'm hoping to make another attempt at upgrading to CF
4.5.1 / Win2k.  My beloved baby (a *very* stable, *very* profitable
server) must unfortunately be moved off-site for better bandwidth,
and I'd REALLY like to have Win2k on that box so I can TermServe in
if necessary, etc.  I'm more than a little apprehensive at trying
this again seeing as last time cost us a week of downtime, but 
It's a necessary evil I'm afraid.

Now that I have something to go on regarding fixing the numerous
PCode and other completely whacked out errors we received from our
last update attempt, I *think* converting all of the ntext & nvarchar
fields in our databases may allow CF 4.5.whatever to run without (or
with fewer) problems.  I am however left with a few questions that I
hope some kind soul(s) could answer for me.


The Burning Questions (as in if I don't get these answered, my boss
is gonna burn me at the stake...):

1) Can anyone confirm or deny that CF 4.5.x is unable to handle
Unicode text from an MS SQL 7 database?  If anyone else has had the
same problems we had (ridiculous PCode errors, server hangs, etc.)
after moving from CF 4.0.1 to CF 4.5.x against an MS SQL 7 database
w/ lots of nvarchar fields, I'd love to hear about your pain. 
Likewise, if anyone is running a reasonably high volume site on CF
4.5.1 against MS SQL 7 with lots of nvarchar's WITHOUT any problems,
I'd love to hear about that too.  If anyone would simply like to
reply off list to me ([EMAIL PROTECTED]) with their configuration
and their success or failure, I'd be happy to summarize the results
and post said summary for the list's benefit.

2a) Assuming that my nvarchar's are indeed the source of my trouble
(o/~ Nobody knows the troubles I've seen... ~\o), then I'm stuck with
several very large, very sensitive, very I'm-dead-if-I-screw-this-up
kind of databases on my hands.  And of course, said databases have
TONs of potentially ColdFusion offending Unicode fields.  Going
through all of the DB's and changing nvarchar to varchar in
Enterprise Manager doesn't sound like my idea of a fun or employment
preserving task.  Especially since EM (in it's infinite wisdom)
attempts to truncate the field length to 50 every time you change
from nvarchar to varchar.  All I need to do is mess *one* of those up
by saving the table without resetting the proper field length, and
I'll only *wish* I was a dead man.  

2b) So...  Are there any utilities, SQL scripts, scrolls of magical
spells, etc. out there that can go through a database and change all
fields from one datatype to another without changing the field
length?  Has anyone else in my unfortunate position been compelled to
write such a beast?  It sounds technically simple (look in sysobjects
for all user tables, get their description w/ sp_help, then construct
an ALTER TABLE statement to properly change the field types, rejoice
and enjoy much cf_beer), but my brain is a little too fried (This
is your brain on CF.  Any questions?) to produce such a miraculous
bit of code at the moment.  So can anyone help me out?

Your help, suggestions, sympathy, and (at worst case) job offers
would be much appreciated!

Best regards,
Zac Bedell


Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

Please include original message in any replies -- I get a 
lot of email every day, and I have a REALLY bad memory... 
So I don't always remember everything that was said.  
Thanks!




-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOhrVwKvhLS1aWPxeEQJ9qwCglHIC1YU1ZSv70Il8AEwB2rxx0E8AoJvO
/x3Xkkb4//MNYgtm6vKYj8NI
=bcVy
-END PGP SIGNATURE-
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: amusing studio error msg

2000-11-21 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Sounds rather on par for CFStudio... 

As for the attachment, it's just as well you didn't send it -- CFTalk
doesn't support attachments.  All we'd see is a BIG mess of MIME
garbage at the end of your post.  Granted those of us so inclined
could de-MIME the post by hand & have a peak, but...  In general,
don't try to send attachments through CFTalk.

And good luck with Studio

Best regards,
Zac Bedell


Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

Please include original message in any replies -- I get a 
lot of email every day, and I have a REALLY bad memory... 
So I don't always remember everything that was said.  
Thanks!





> -Original Message-
> From: Bruce Heerssen [mailto:[EMAIL PROTECTED]]
> Sent: Monday, November 20, 2000 6:06 PM
> To: CF-Talk
> Subject: amusing studio error msg
> 
> 
> After using the FTP utility in CF Studio, I received the 
> following error:
> 
> 
> Remote Server Operation Failure:
> 
> Success
> 
> 
> The files uploaded fine.
> 
> I'm using CF Studio 4.5.2. Anyone out there seen this before? 
> I took a screen
> shot, but since I don't have any good imaging software on 
> this box the file
> weighs in at 640k. For that reason I decided not to attach it 
> to this post. Feel
> free to contact me directly if you'd like to see it.
> 
> Seems kind of funny that an error message would tell me that 
> everything is fine.
> 
> Bruce Heerssen
> Software Engineer
> Visual Bridge, Inc.
> http://www.iecommerce.net
> (713) 350-8321 ext. 8358
> 
> ~~
> Structure your ColdFusion code with Fusebox. Get the official 
> book at http://www.fusionauthority.com/bkinfo.cfm
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOhqwUavhLS1aWPxeEQKBPwCeICezSeFagcp+kgHURyXDivgLGMQAoMMJ
XZtAbIQSeGxVMcRoB/15UBfo
=8SJg
-END PGP SIGNATURE-
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: How to prevent BACK and FORWARD button from clicked?

2000-11-17 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

>I have created a critical web based application which is not
>  allowed the user to press BACK and FORWARD button in order to 
> prevent 
> data integrity.
> 
> How do we disable the BACK button using CF, instead of using 
> Javascript history.back() ?
> 
> Another way is using session struct to record each template ID.
> 
> Can we implement more efficient way to do it?
> Thanks in advance.

The short answer is that you can't disable the back button and that
your code is flawed if it requires you to do so.

Basically, disabling or messing with basic browser functionality is a
dirty trick that ticks off most websurfers.  It's not something I'd
even think about doing.

If you still feel an overwhelming need to tick off your customers,
then have a look at:
http://www.4guysfromrolla.com/webtech/111500-1.shtml

Honestly, you'd be much better off altering your code so that it's
back button friendly.  You need to make sure that every page you
present to your user CAN be reloaded without causing any problems. 
The way to do that is to move any processing or data storage off the
pages you send to your users.  

Here's one way:
Say you have a series of steps the user has to go through.  Let's
call them Step1.cfm through Step12.cfm.  If you have Step1.cfm submit
to Step2.cfm, then there would have to be processing code in
Step2.cfm that could be messed up by hitting BACK.  

If you instead have Step1.cfm submit to Step1Proc.cfm, do all of your
processing, then CFLOCATION to Step2.cfm, then all of your processing
was handled off the page that the user can see.  At that point, your
user could sit and reload Step2.cfm all day without any problems.

If in addition to all of that, you make sure that any processing on
your Proc pages is reentrant (for lack of a better term), your users
could backup at any point with no problems.  By reentrant, I mean
that any actions you do should be able to be repeated without
problems.  Either update temporary DB entries or use Session
variables, then commit the whole mess at the end of the process. 
THEN if you make Steps 2 through 12 check to see if the temporary
table or sessions vars are present, you could even make those pages
say something like "Sorry, you can't come back," after the final
commit process is completed.

Hope that's helpful.

Best regards,
Zac Bedell



Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

Please include original message in any replies -- I get a 
lot of email every day, and I have a REALLY bad memory... 
So I don't always remember everything that was said.  
Thanks!

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOhV4WavhLS1aWPxeEQJ6ugCgugTyoFomHWg/mLJ1kXoUWroyg3QAnjCe
4enup45j2Dqz6kZxe0zuJln2
=hPAu
-END PGP SIGNATURE-
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: SQL Server Licesning

2000-11-17 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Actually, the standard edition is quite fine for most website tasks.

For a comparison of the different editions, check out:
http://www.microsoft.com/sql/productinfo/sqlcompdata.htm

Basically the difference between Enterprise & Standard is that
Standard can't do clustering, can't do server failover, and a few
other heavy features.  You'd certainly want them if you were starting
the next EBay or Amazon, but for general site hosting, Standard
should definately get the job done.

I'll definately agree with you that per CPU licensing is a crock,
tho...

Regards,
Zac Bedell

> That ain't quite correct. I think if you want to do anything 
> beyond limited
> SQL, you'll end up needing the $20K/cpu Enterprise Edition of 
> SQL, which is
> comparable to Oracle.
> 
> Either way, I think $20K/cpu is a miserable ripoff. In our 
> instance, I have
> a quad-processor SQL box, but the processors are 200mhz. Why 
> should I pay
> $80K for a license when a single-CPU 1ghz box would perform 
> so much better,
> and cost only $20K in licensing?
> 
> Moral? Per-CPU licensing is flawed.
> 
> Alan McCollough
> Web Programmer
> Allaire Certified ColdFusion Developer
> Alaska Native Medical Center
> 
> > -Original Message-
> > From:   Zachary Bedell [SMTP:[EMAIL PROTECTED]]
> > Sent:   Friday, November 17, 2000 6:48 AM
> > To: CF-Talk
> > Subject:RE: SQL Server Licesning
> > 
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> > 
> > Well...  Looks like M$ has changed their licensing strategy
> > again, but...  Looking at the info from
> > http://www.microsoft.com/sql/productinfo/pricing.htm, you're
> > looking at $5000 per processor for unlimited user licenses.  Not 
> bad compared
> > to Oracle  Also not bad considering the Internet Connector
> > License (which doesn't appear to exist anymore) used to go for
> > $20,000.
> > 
> > For more (accurate...) information, check out the SQL Server
> > website - -- it's very nice.
> > 
> > Best regards,
> > Zac Bedell
> > 
> > 
> > > -Original Message-
> > > From: Paul Mone [mailto:[EMAIL PROTECTED]]
> > > Sent: Thursday, November 16, 2000 2:45 PM
> > > To: CF-Talk
> > > Subject: RE: SQL Server Licesning
> > > 
> > > 
> > > Any idea how much that runs?
> > > 
> > > -Original Message-
> > > From: Neil Clark [mailto:[EMAIL PROTECTED]]
> > > Sent: Thursday, November 16, 2000 3:12 AM
> > > To: CF-Talk
> > > Subject: RE: SQL Server Licesning
> > > 
> > > 
> > > yep you can get an unlimited internet connectivity license.

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOhVytqvhLS1aWPxeEQLaMgCg7TyexQlBJ22Y9rA778EBjNItudgAnjJt
aec4NyL3t3Ujh1AgifMWrJXa
=FhWT
-END PGP SIGNATURE-
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: SQL Server Licesning

2000-11-17 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> It seems to me that, for CF users, SQL7 is a much better buy.
> 
> In CF Administrator, you can limit the number of worker threads 
> (simultaneous connections) to 5, for example.  This means at 
> most 5 CF 
> users can use SQL7 at the same time.  No Internet Connector 
> License needed, 
> just 5 CALS.
> 
> Total cost for SQL7 plus 5 CALs is $1000 or so (less on eBay).
> 
> Not sure if this is available for SQL Server 2000 (although I 
> see CALs are).
> 

Um  Nice try, but that's illegal.  M$'s licensing states that if
you are using SQL server for a webserver, you NEED the internet
connector license OR an unlimited client license.  CF Server is
considered multiplexing middleware, and there's a specific section in
the licensing about that.  You *can't* get around it by limiting the
number of worker threads.  And besides...  Using only 5 workers on
any reasonably powered server would be crippling it -- you want
between 4 and 6 thread per processor if my memory serves...

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOhVwQavhLS1aWPxeEQLXfQCgtH/i9pfMclVd9UgL5uLasWfKXzMAoMHl
UzURVVWms4vRjNhlJUaYNpVP
=AJr0
-END PGP SIGNATURE-
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: SQL Server Licesning

2000-11-17 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Well...  Looks like M$ has changed their licensing strategy again,
but...  Looking at the info from
http://www.microsoft.com/sql/productinfo/pricing.htm, you're looking
at $5000 per processor for unlimited user licenses.  Not bad compared
to Oracle  Also not bad considering the Internet Connector
License (which doesn't appear to exist anymore) used to go for
$20,000.

For more (accurate...) information, check out the SQL Server website
- -- it's very nice.

Best regards,
Zac Bedell


Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

Please include original message in any replies -- I get a 
lot of email every day, and I have a REALLY bad memory... 
So I don't always remember everything that was said.  
Thanks!





> -Original Message-
> From: Paul Mone [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 16, 2000 2:45 PM
> To: CF-Talk
> Subject: RE: SQL Server Licesning
> 
> 
> Any idea how much that runs?
> 
> -Original Message-
> From: Neil Clark [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 16, 2000 3:12 AM
> To: CF-Talk
> Subject: RE: SQL Server Licesning
> 
> 
> yep you can get an unlimited internet connectivity license.
> 
>  Neil Clark
> Senior Web Applications Engineer
> mcb digital
> Tel. +44 (0)20 8941 3232
> Tel. +44 (0)20 8408 8131 [Direct]
> http://www.mcbdigital.com
> --->
> 
> 
> 
> --
> --
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> Unsubscribe: 
> http://www.houseoffusion.com/index.cfm?sidebar=lists or send a
> message with 'unsubscribe' in the body to 
> [EMAIL PROTECTED]
> 
> --
> --
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> Unsubscribe: 
> http://www.houseoffusion.com/index.cfm?sidebar=lists or send 
> a message with 'unsubscribe' in the body to 
> [EMAIL PROTECTED]
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOhVTTKvhLS1aWPxeEQIYWACfZYofoZOPMtWZMB1nMsSSbmrELicAoMiS
6PMNmbTTxcr9Zo/Q2WMzNMv6
=Dx55
-END PGP SIGNATURE-
~~
Structure your ColdFusion code with Fusebox. Get the official book at 
http://www.fusionauthority.com/bkinfo.cfm

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: BULK INSERT Problem

2000-11-14 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> "BULK INSERT"; Is that a SQL Server only thing?
> I could really use that... but I'm using Sybase on Linux 
> which has a command line tool (BCP) but I never heard of a 
> SQL statement to do bulk inserts.

It's definately an MS-SQL extension.  I dunno what other RDBMS's out
there also have it, but it's certainly not ANSI SQL.

Good luck finding a functional alternative!

Best regards,
Zac Bedell


Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

Please include original message in any replies -- I get a 
lot of email every day, and I have a REALLY bad memory... 
So I don't always remember everything that was said.  
Thanks!

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOhGey6vhLS1aWPxeEQJvWQCgqcDVttCVyghpeb1kQGFghrJW7vIAni3P
95ow1jjf6ll1mpkzko2AWbEW
=ewmq
-END PGP SIGNATURE-

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

RE: BULK INSERT Problem

2000-11-14 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> The BULK INSERT is not carried out if I CFINCLUDE the 
> following into a 
> template:
> 

One idea occurs to me.  Try making the CR/LF in ROWTERMINATOR
explicit instead of relying on CF to stick one in there.

Like so:



BULK INSERT MarketUpdate
FROM 'D:\website\htdocs\stockgolf\htdocs\data\eod.txt'
WITH
(
FIELDTERMINATOR=',',
ROWTERMINATOR='#Chr(13)##Chr(10)#'
)

 
> But THE SAME Bulk Insert as above works if I do it from Query 
> Analyzer.
> 
> Any suggestions would be appreciated.

Not tested, but I have a hunch that should do the trick.

The only other thing I can think of is a permissions thing on the
eod.txt file, but I think the CF/LF is the more likely culprit.

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOhFenqvhLS1aWPxeEQJ0mACgi72VBz1QBebNASilHluMyOouwFEAn1Nq
mnJcp+qQ7KzSgXUlwqkGD12X
=kEXw
-END PGP SIGNATURE-

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

RE: Best Practices

2000-11-10 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1



I might hazard a guess as to why the Java engine appears to be
running faster than the C++ engine: the C++ engine has been a piece
of junk since it was released.  I've no doubt that Allaire could get
a Java based engine to run faster than the current CF engine.  If
they took the time to write a well optimized C++ engine, I suspect it
would be much, MUCH faster.  

Compare the speed of something like PHP to CF.  On a high level, PHP
is doing exactly what CF does : open a file, parse the language to
PCode, execute it, then return the results.  That's what the Java
engine will do as well, parsing to Java bytecode in that case.  Yet
even tho PHP & CF need to accomplish the same basic set of tasks, PHP
can do the same thing MUCH faster than CF.  

The reason?  PHP was written by coders who took pride in their work &
made the best server they possibly knew how.  CF was written by
coders who may well have possessed the same if not superior abilities
but who were being driven by a marketing division that wanted the
product out yesterday.  The result is a poorly written product that
even after 5-odd upgrades, service packs, or whatever Allaire chooses
to call them STILL has a huge number of functional flaws and serious
speed & efficiency issues.

My apologies to whoever originally said this (and I believe someone
on list either said it or uses it as his email sig, but...) "A
product is only late once, but it can suck forever."  I wish that
Allaire would take those words to heart, as I'm getting tired of
working around their bugs AND my bugs to get a site working...


Okay...  My apologies for the on-list core dump.  Am I the only one
who's long past fed up w/ Allaire's business practices?  Without a
doubt they have a great product which makes my job (on the whole)
easier.  It's just that they seem to consistently rush things out the
door without sufficient testing.  At this point, I feel like a beta
tester even when I'm opening a shrink wrapped final product.  As it
is, I'm stuck using 4.0.1 because 4.5.x can't remain stable while
running my code; and Allaire's tech support hasn't got a clue why... 
Very frustrating seeing as the same code runs on NT4 / CF4.0.1 with
complete perfection and only requires a server reboot once every two
months or so...

Best regards,
Zac Bedell

Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

Please include original message in any replies -- I get a 
lot of email every day, and I have a REALLY bad memory... 
So I don't always remember everything that was said.  
Thanks!





> -Original Message-
> From: David E. Crawford [mailto:[EMAIL PROTECTED]]
> Sent: Friday, November 10, 2000 4:42 PM
> To: CF-Talk
> Subject: Re: Best Practices
> 
> 
> > That's all great, and I am looking forward to these improvements.
> > However It's hard to believe that a Java engine will be 
> faster than a C++
> engine.
> >
> > (The Java interpreter itself is written in C++. C++ is 
> compiled directly
> to machine code. Think about it)
> >
> 
> Well, at least in theory, the demonstration during the 
> general assembly
> seems to prove that the Java-based engine is faster.  Keep in 
> mind that this
> is server side java which has had a great deal of 
> optimization attention
> paid to it.

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOgxx+KvhLS1aWPxeEQKG5QCfYs5mIS6aEa5LDPmVs8E3TCXFYvEAnjt8
huYj0zImvygkz08XYOEJyucQ
=8SrH
-END PGP SIGNATURE-

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

RE: CF Client Data Corruption Under Load?

2000-11-09 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1



It's probably not client corruption you're looking at.  It's probably
more than one user sharing the CFTOKEN and CFID values.

It's possible that two (or more) browsers could share the same
CFID:CFTOKEN.  It *shouldn't* happen, but flaws in the way CF handles
these tokens allows it to happen under certain circumstances.  

CFID:CFTOKEN can be passed in the QueryString, in forms, or via
cookies.  It's fairly easy for someone to accidently cut&paste a URL
to someone else which includes their CFID:CFTOKEN in the URL.  Now
when the second user goes to the page w/ the CFID:CFTOKEN of the
other user, CF will send back a cookie to the second user which
permanently places the first user's CFID:CFTOKEN into the second
user's cookie store.  Now you've got two users using the same
CFID:CFTOKEN and essentially sharing one CF Session.

When would CFID:CFTOKEN be in the URL to be copied & pasted?  If you
use CFLOCATION anywhere in your site and you didn't put the
addtoken="No" parameter in the tag, then every CFLOCATION call will
append the CFID:CFTOKEN to the URL.

We had that exact problem when one of our admins accidently pasted a
URL into our What's New database.  Now every member who clicked on
the link from the What's New page assumed the session of the admin. 
And since there were so many people accessing the site under the same
session, the session never timed out.  We had people accessing our
entire site for free with Admin rights.  It was a MESS

We were fortunate in this case in that only one CFID:CFTOKEN had been
shared, and we knew what they were.  So...  To clean things out we
added a few lines to our application.cfm that checked for that
CFID:CFTOKEN.  If it found them, it deleted the user's CFID & CFTOKEN
cookies and redirected them to the home page w/ no CFID or CFTOKEN in
the URL.  At that point, the CF server would assign a new
CFID:CFTOKEN to the user.   We also stopped the CF server and
manually deleted everything out of our client store database just to
be sure.  

It took us a *long* time to track that one down, and we still
occassionally have people coming back w/ old links to that
CFID:CFTOKEN.  We went through our entire codebase and made sure that
every CFLOCATION now has addtoken="No".  We also added code to our
news admin pages and any other place where a URL might be entered
that strips off any CFID or CFTOKEN from the URL.

Best regards,
Zac Bedell


Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

Please include original message in any replies -- I get a 
lot of email every day, and I have a REALLY bad memory... 
So I don't always remember everything that was said.  
Thanks!





> -Original Message-
> From: Xing Li [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 02, 2000 6:04 AM
> To: CF-Talk
> Subject: CF Client Data Corruption Under Load?
> 
> 
> Just recently people have been logging in but then 
> inadvertantly with other
> user's account. Basically, if you attempt to login as "joe" you
> might instead be recognized as "david" once you have passed the 
> authentication.
> All user verification are through client variables. I have 
> yet to reproduce
> this on my own but the reports have been so frequent I can no
> longer discount this as chance. Has any of you experienced a
> similar problem?  
> 
> Setup:
> 
> W2K Advanced Server with CF 4.5.1SP1 and SQL 2000 as the backend.
> 
> This is a pretty serious problem on my end and I would 
> appreciate any help.
> 
> Xing
> 
> --
> --
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> Unsubscribe: 
> http://www.houseoffusion.com/index.cfm?sidebar=lists or send 
> a message with 'unsubscribe' in the body to 
> [EMAIL PROTECTED]
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOgrHvKvhLS1aWPxeEQLLXgCgpfSbCUyONGvUSQUvLzp1TA7vYP8An3VM
W/C+XPsl8TYicBjYtZcfqIui
=y9sQ
-END PGP SIGNATURE-

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

RE: CFID-CFTOKEN Confusion (newbie)

2000-11-09 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Actually, it is entirely possible that two (or more) browsers could
share the same CFID:CFTOKEN.  It *shouldn't* happen, but flaws in the
way CF handles these tokens allows it to happen under certain
circumstances.  

CFID:CFTOKEN can be passed in the QueryString, in forms, or via
cookies.  It's fairly easy for someone to accidently cut&paste a URL
to someone else which includes their CFID:CFTOKEN in the URL.  Now
when the second user goes to the page w/ the CFID:CFTOKEN of the
other user, CF will send back a cookie to the second user which
permanently places the first user's CFID:CFTOKEN into the second
user's cookie store.  Now you've got two users using the same
CFID:CFTOKEN and essentially sharing one CF Session.

When would CFID:CFTOKEN be in the URL to be copied & pasted?  If you
user CFLOCATION anywhere in your site and you didn't put the
addtoken="No" parameter in the tag, then every CFLOCATION call will
append the CFID:CFTOKEN to the URL.

We had that exact problem when one of our admins accidently pasted a
URL into our What's New database.  Now every member who clicked on
the link from the What's New page assumed the session of the admin. 
And since there were so many people accessing the site under the same
session, the session never timed out.  We had people accessing our
entire site for free with Admin rights.  It was a MESS

Best regards,
Zac Bedell


Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

Please include original message in any replies -- I get a 
lot of email every day, and I have a REALLY bad memory... 
So I don't always remember everything that was said.  
Thanks!





> -Original Message-
> From: Aidan Whitehall [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, November 08, 2000 1:13 PM
> To: CF-Talk
> Subject: RE: CFID-CFTOKEN Confusion (newbie)
> 
> 
> > is it possible that two (or more) users have the same
> > cfid&cftoken ? 
> > Wich is the best way to identify a (unique) user session ?
> 
> No. It's safe to assume that every user is assigned (and
> subsequently returns) a unique CFID and CFTOKEN combination.
> 
> In fact, if you use session variables, ColdFusion makes exactly
> that assumption and uses the CFID/CFTOKEN pair sent by the browser 
> to marry up
> browser requests with session variables previously set on the
> server.  
> 
> 
> 
> -- 
> Aidan Whitehall <[EMAIL PROTECTED]>
> Netshopper UK Ltd
> Advanced Web Solutions & Services
> 
> http://www.netshopperuk.com/
> Telephone +44 (01744) 648650
> Fax +44 (01744) 648651
> --
> --
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> Unsubscribe: 
http://www.houseoffusion.com/index.cfm?sidebar=lists or send a
message with 'unsubscribe' in the body to
[EMAIL PROTECTED]

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOgrGBqvhLS1aWPxeEQKcHQCfXoAfmVbW/nlCyH65s6N5fjQxEWkAniZp
qVOPvatye12gQPtglCJGq6NQ
=2wBg
-END PGP SIGNATURE-

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

RE: launching executables on client machines

2000-11-09 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> It's is possible to do this using Java or a ActiveX, but 
> there are many
> security concerns.
> 
> Justin MacCarthy
> Irish CF Head
> 
> > >
> > > Is there an easy way to launch an executable on the client's 
> > computer? What I
> > > want to do is have the user click on a link in their browser
> > which will launch


ActiveX *can* launch an exe.  A Java applet can NOT.  A Java
application CAN, but an application can't run in a browser -- only
applets run in browsers.

Not to be high & mighty or anything, but  If you're looking to
launch an exe on a user's computer, then you're either looking at the
wrong strategy, OR you're looking at something that really shouldn't
be implemented in a web browser...

In any case, you could cook up a little ActiveX control in Visual
Basic in under an hour if you know VB

Best regards,
Zac Bedell


Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

Please include original message in any replies -- I get a 
lot of email every day, and I have a REALLY bad memory... 
So I don't always remember everything that was said.  
Thanks!

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOgrEbavhLS1aWPxeEQIaEwCfXvSzBVKaL0J/ZiyglInYPCL9Ug4AoJ1R
HnD2L99gE/Of0ugzlWNZv7P8
=ITYU
-END PGP SIGNATURE-

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

RE: Remote DB Alteration

2000-11-08 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Here's a question:  Why use a datasource at all?  You can access MS
Access databases directly using OLE/DB, then you don't need to use a
datasource.  You'd have to change your code around, but it seems
worth it.  Here's how it would work:

In your application.cfm, do something like:


Then in your CFQuery blocks do:


Now when you need to change databases, just upload it as MyDB2.mdb,
change the application.cfm to point to the new data, and keep going. 
Very nice & easy...

Also, odds are you could use more than one database without your host
charging you for another datasource.

Best regards,
Zac Bedell


Zachary S. Bedell,
Chief Technology Officer,
Adirondack Technologies, Inc.

Please include original message in any replies -- I get a 
lot of email every day, and I have a REALLY bad memory... 
So I don't always remember everything that was said.  
Thanks!





> -Original Message-
> From: Guy J. McDowell [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, November 08, 2000 11:15 AM
> To: CF-Talk
> Subject: Remote DB Alteration 
> 
> 
> Hello CF'ers
> 
> Situation:
> Database and sites hosted externally, site created internally.
> Currently if any changes to the datasource's structure are made
> they are made locally and then uploaded to the host, who has to
> shut off the CFServer and restart it. This requires scheduling a
> time and is unacceptable. Also, the uploaded datasource may
> corrupt/overwrite the data as it is not up to date. Employer will
> not spring for extra
> datasources to be hosted. ( multiple applications and domains, one
> datasource, yay! ;) )
> 
> Goal:
> To be able to add tables to the datasource without scheduling a
> shutdown and uploading entire datasource.
> 
> Resources:
> MS Access 97
> CF 4.5
> CuteFTP
> Budget =$0
> 
> Is this possible? Please direct me to resources that will show me
> how.  
> 
> Also, anyone know what the 20 or so CFML tags supported by
> CFExpress are?
> 
> Yours In Conservation,
> 
> Guy J. McDowell,
> Webmaster
> The Ontario Federation of Anglers & Hunters
> E-mail: [EMAIL PROTECTED]
> Phone: (705) 748-6324 ext. 262
> 
> P.S. You may want to check out the fresh new look of www.OFAH.org
> Launched 1st November 2000.
> Don't forget our other great sites:
> www.AuctionForWildlife.com - Your chance to make your bid for
> conservation.
> www.EcoEd.org - an online adventure for kids in grades 1 through 8.
> www.HuntingDog.org - Celebrating our Hunting Dog Heritage.
> www.AHTV.com - Your online companion to the Angler and Hunter
> Television show.
> www.OHEP.net -  Where to find out and learn about the Ontario
> Hunter Education Program.
> 
> 
> 
> --
> --
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> Unsubscribe: 
http://www.houseoffusion.com/index.cfm?sidebar=lists or send a
message with 'unsubscribe' in the body to
[EMAIL PROTECTED]

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOgmJf6vhLS1aWPxeEQLwLgCgi6zwghDm0soeDBmwpRIrj8BJhl4AoPC2
b0yzMCKhohB9mi/vrNSJ56VP
=EhgJ
-END PGP SIGNATURE-

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

RE: Potential problems with CF Express Server

2000-11-08 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> Yes. This is exactly what I'm talking about. They want to be 
> cheap and use 
> CF Express, and I of course don't want that.
> 
> I need to convince these folks that CF Express is NOT the way 
> to go for 
> hosting a large ecommerce site.
> 
> What good (realistic) reasons can I give them to go to the Pro
> server?  

Just out of curiosity...  How much are these folks paying you, and
will you be paid up front or are you actually going to have to bill
these tight wads & hope to get your money out of them?...

My advice would be drop them before it's too late and you have hours
of code written & nothing to show for it...

But as for a solution for them...  If they're that adamant about not
paying for a server, how about ASP, PHP, or Perl even?  CF Express
really is a useless product.  I find it hard to believe you'll be
able to code anything useful for it.

In any case, good luck!  Believe me, I feel your pain!

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOgl0EqvhLS1aWPxeEQKc2gCffBh7Fpuyw/Ld3pgM5qd/m8HN+XAAmwVj
LENXBXxG+rFlVGbyQDPhUcJ/
=89Xe
-END PGP SIGNATURE-

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

RE: Paranoid programming...

2000-11-03 Thread Zachary Bedell


> some level at which you trust your software & hardware.  If you can't
> trust your own code,

It's not a matter of trusting code - it's a matter of not trusting hostile
programmers...

Then...  I hate to say it, friend, but you really are screwed  If there
are individuals who meet the following:
1) They have access to your source.
2) They have access to execute their own code on the same server.
3) The have any desire to see what's in the database in question.

It is impossible for you to prevent them from getting in given your
situation.  There's just no way.  You can certainly obfuscate to your
heart's content & make it more difficult, but there is literally nothing you
can do to prevent them from getting at your data.  Even scenarios that store
the DB password off server won't work -- your hostile programmers can get
the code that retrieves that password, they can execute that code for
themselves, and they now have the password.

If the security of the data in question is indeed that important to you
and/or your clients, bosses, etc., then you need another computer.  Setup
another CF machine that access the database and to which your hostile
programmers will have no access.  There's literally nothing else that will
work.  If you're into false senses of security, then you can certainly make
things look nice & secure, but you can't do a thing to stop your programmers
from getting at whatever they want to get at.  I mentioned trusting software
& hardware above, but I did forget to mention the one thing you REALLY need
to be able to trust -- your programmers.  If you can't trust the people that
write your code, then you certainly can't trust the code they write, ya
know?

Sorry to bear bad tidings, but...  Reality has a way of asserting itself at
times. 

Best regards,
Zac Bedell

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

RE: Paranoid programming...

2000-11-02 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> >The database itself is sensitive enough that the owner does 
> not want the
> >userid and password put into the ColdFusion admin area either...
> 
> I'm curious, why do you consider the ColdFusion admin area 
> insecure? Is
> there a way the password can be discovered once its put there?

Any DB passwords entered in the CF Admin pages are stored encrypted
in the registry (or the CF registry file in the case of UN*X).  It's
technically possible to decrypt that password once it's stored there
if you know the password that CF uses to encrypt it in the first
place.

BUT since that section of your registry or the registry file should
be secured to admin access only, then only admins (which shall be
presumed to already know the password) could access the encrypted
password in the first place.


To respond to the original poster's questions:

I'm afraid you're being a little too paranoid for your own good.  No
matter how you structure things, at some point, the CF Server must
have an unencrypted copy of the DB password to send off to the DB
Server.  It's gotta be stored somewhere.  You can certainly encrypt
it when you store it, but the CF code has to be able to decrypt that
password in order to use it.  There really isn't any way to get
around the fact that the password must be in cleartext at some point
for CF to use it.  

Now...  You mentioned:
>However, because of the gateway issue, hard coding the userid and
>password into the cfm files is out - the cfm files are in general
>accessible by someone browsing the directories. 

I'm not sure who you're worried about browsing your directories. 
General web users can't see your CF source code (assuming your server
is configured correctly.  And if it's not, then you've got way bigger
issues to worry about, no?...).  The only folks that can see your CF
source are those that have direct telnet, ftp, or physical access to
the box.  And of those, only users that have been granted access to
the web directory can actually see the files in question.  Assuming
you've set your file system security settings properly (IE root, your
backup user, and the account that the webserver runs as should be the
only ones w/ access to those files), then no one important can see
that source anyways.

I gather that the security of your data is quite important to you,
and that's certainly understandable.  Unfortunately, there has to be
some level at which you trust your software & hardware.  If you can't
trust your own code, then there's really nothing you can do to make
yourself feel secure.  There are certainly an unlimited ways to
obfuscate things and make it more difficult for a would-be hacker to
get at your data, but it's not likely that you'll be able to stop a
dedicated attacker who has access to your source code.

That said, here's what I'd do given your situation:
1) Create a CF virtual root in the CF Administrator that points to
somewhere outside of the webserver's root (I'm assuming UN*X CF can
still do this).  Example:  If your webserver root is /home/www/, then
make a directory like /home/ReallySecretStuff/ (you might not want to
use *that* file name... ;-) and store the password files in there. 
If you've called that CF root "DBPass", then you can gain access to
files in there within CF template by using 

The benefit of using a virtual CF root is that if someone gains
source access to CFM's in your webroot through some sort of server
software exploit (::$DATA, +.htr, etc., etc), they can't get at
the files outside of your webroot (at least not with any exploits
I've seen to date).  That way they might see the name of the file
with your passwords, but chances are really slim they'd be able to
get to them.

2) Your password file itself is nothing more than a little CF
template w/ a couple of CFSets.  Something like:




You could certainly employ some basic encryption here, but it would
just be obfuscation.  You might slow down an attacker, but chances
are you won't stop them. 

I would use CFENCODE to encrypt that CF template. Again, that's not
terribly secure, but it will prevent a casual browser of your server
from accidentally seeing your passwords.

3) In your actual CFM's, do:


SELECT ...


That's about it  I'll stress just one more time that this is NOT
100% secure, and that someone who REALLY wants your data WILL GET
your data no matter what you do.  This does provide what I think is a
reasonable measure of security & difficulty so that your average
luser with nothing better to do will likely take a hike before he
gets into your data.

If you'd care to get any other details on any part of that, feel free
to ask.



Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOgHCEavhLS1aWPxeEQIhyQCfV1YHqMb7C5w7QopKL/+3ClQuEhIAn2SB
pwunhPbaqlW7xx+bm4FCmiUm
=KXcz
-END PGP SIGNATURE-

RE: File Vs Database?????????

2000-10-31 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> Though I didn't originate this, thanks for the advice. I was going
> to pose the question today regarding using text in a database
> versus just having CF include a .htm file of the text by way of 
> referencing the file
> name in the db.
> 
> If I could pose a slightly different question (I assume 
> you're somewhat
> familiar with Access 2K), how significant is the storage 
> overhead for a
> memo field storing text versus that text in a .htm file? Assuming
> the size of the text is roughly that of a newsletter or magazine
> article.  

Well.  That depends (depends on what?...)

I'd need to know a bit more about the site to make a judgment call on
this one, but here's what I'd keep in mind:

If you're not already using a database, and you have no need for one
elsewhere on the site, then files might be better.  It all depends on
the quantity of articles you're looking at tho.  If you're already
using a DB, then I'd say you might as well go ahead & use it.

As far as how much overhead a memo field entails...  For the most
part, a DB hit is a DB hit, performance-wise.  If you hit the DB &
bring back two characters, it's really not a whole lot less load that
hitting the DB and bringing back a few K.  The overhead of setting up
the DB connection, firing off the query, and waiting for the response
is where all of your lag comes in.  The actual transfer of data from
OLEDB/ODBC is a fairly minor part of the time involved.  Since you
plan to store filenames in the database anyways, I think you'll find
faster access just getting the content from the DB.  You've already
paid the price of a database lookup, so you might as well get *all*
of the data and not bother with a second trip to the disk to get the
content from a separate file.  And that's not to mention wasted disk
space from all those HTML files.

Now...  Depending on how your news will be obtained and/or modified,
there could be some good arguments for a file based solution.  If
humans need to cull the news and potentially edit it, then individual
files might be easier -- especially if your HTML folks like FrontPage
or similar file based editors.  If you're just going to grab the news
from another site & dump it into the DB site unseen, then I don't see
much benefit to using individual files.

Another benefit of using the DB:  If you have a bunch of RAM
available and/or you don't have too many articles that would be in
your active set, then you could cache the DB queries that retrieve
the articles.  That way, once an article is retrieved once, it should
be held in memory & served out fairly quickly for the rest of the
viewers.

Again, tho... Everything depends on the quantities of articles,
viewers, and general server resources.  If you're expecting a fair
number of users and have a moderate to small number of articles, then
I think storing the text in the DB & using query caching will result
in the best performance.  YMMV, of course...

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOf7wAqvhLS1aWPxeEQLVBwCgyFAao2/hIrZ80USKGy05X217xvwAmgM+
FndtiV7tATjyFOAzodaVXuQ2
=XvMN
-END PGP SIGNATURE-

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

RE: File Vs Database?????????

2000-10-31 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> I am making a small web application where  in a
> candidate will be able to write his test on the web 
> once he applies for a post.So i am making an on-line
> test paper.
> Since no huge data storage is required, so i want to
> develop this application purely file based..i mean i
> dont want to use database n i have designed the
> application  also using files in such a way that it is
> scalable.I am using CFHTtP tag to convert the data in
> the files into query variables.
> But now what i want to know 
> 1> Is this the better way?

Not a chance

> 2> Will this improve the speed as no database
> connection is required? 

Also, not a chance...

> 3> how much the performance will be effected postive
> or negative way? 

Given the number of problems that various folks have had with CFHTTP,
and also given the overhead & complexity in having the CFServer make
another HTTP request to itself, wait for data to be received, parsing
the text into a query, and sending it back to calling CFM as a
query..  I don't think there's any way in heaven, heck, or earth
that you will gain any performance.  It would certainly *work*, but
there's no way it would scale as well as using a database -- even MS
Access!

Is there any particular reason you *don't* want to use a database? 
Other than any perceived performance hit, I can't think of any
reasons; and using CFHTTP as you described certainly wouldn't improve
performance over using a database.


> Well i hope the experienced developers here will share
> their experiences.
> 
> Actually i want to know which is better ,database or
> file system? for developing a small application.
> Plz share ur views with me on advantges n
> disadvantages of using of each one of them.

There really aren't a whole lot of advantages to using the file
system as you described instead of a database.  The only possible
situation where the file system would be better is if your host
absolutely prohibits you from using a database OR if you don't have
MS Access, but that's fairly reasonably priced software IMHO.  If you
can afford CFServer, then MS Access should be pocket change 
Granted, Access has a learning curve, but you should be able to pick
up the basics in a couple of days if you don't already know how to
use it.

Negatives for using the file system include:
* MUCH slower
* Not scaleable
* Much more storage required -- depending on the file 
  system, each "entry" could use anywhere from 
  8-32K of storage even if the data stored is only 
  one byte!

In short, use a database.  They're really not all that bad...

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOf7biKvhLS1aWPxeEQLMbACgyUFUGQt6ZYXNvwf42C787Z6w17AAoNdX
vCIsqbBPltLpWW/xOGBnFFfh
=a0yo
-END PGP SIGNATURE-

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

RE: locking with IsDefined

2000-10-18 Thread Zachary Bedell


That's wrong alright...  Reads AND writes both need to be locked.  CF uses
advisory locking only, so unless you TELL CFAS that you're about to read a
particular scope, it has no way of knowing whether to allow or deny write
locks on said scope.  ALWAYS, ALWAYS, A-L-W-A-Y-S!!! lock all READS AND
WRITES to session, application, and server scopes.

The only exception to that is if you've set your 4.5.1+ server to do
automatic read locking.  ONLY THEN can you afford to NOT lock reads because
CFAS will do it automagically for you.

Best regards,
Zac Bedell

-Original Message-
From: John McKown [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 17, 2000 6:47 PM
To: CF-Talk
Subject: RE: locking with IsDefined


I may be wrong, but my understanding is that reads do not need a lock,
only writes.

John McKown, VP Business Services
Delaware.Net, Inc.
30 Old Rudnick Lane, Suite 200 Dover, DE 19901
email: [EMAIL PROTECTED]
phone: 302-736-5515
fax: 302-736-5945
icq: 1495432



> -Original Message-
> From: sebastian palmigiani [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, October 17, 2000 5:45 PM
> To: CF-Talk
> Subject: locking with IsDefined
>
>
> When testing for the existence of a session variable such as:
>
> IsDefined("Session.Login")
>
> do you need to use a  around it?
>
> -
> Sebastian
>
> --
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf
_talk or send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body.



Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a
message with 'unsubscribe' in the body to [EMAIL PROTECTED]

Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists or send a message 
with 'unsubscribe' in the body to [EMAIL PROTECTED]

RE: Client Variables Question

2000-10-12 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

NONONONONONONO!!  DON'T DO THAT!!!

If you mess w/ ColdFusion's client variable database, ColdFusion gets
VERY ticked off at you.  It will start leaking memory, crashing, and
doing all sort of other anti-social things to get even with you.  (At
least it did when I tried something like this on our 4.0.1 server.)

The client variable store is CF's sacred property.  Don't mess with
it!

If you're willing to use cookies as the storage location (which has
its drawbacks, but...), you could just use COOKIE.VariableName
instead of Client.VariableName.  When you set your cookies, just send
them w/ a 2 hour expiration time in CFCOOKIE.  Just keep in mind that
you're going to be sending the entire contents of any cookies you set
back & forth w/ each HTTP request.  Keep them nice & short.  

Even better, use a DB to store your client variables.  Then you can
use Client.LastVisit to decide whether to use or to reset the client
variables before you use them.  You should also set a short client
variable expiration time in the CF Administrator to clean any old
data out of your DB every day or so.

Best regards,
Zac Bedell
> -Original Message-
> From: Doyle, Mike [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, October 12, 2000 2:44 PM
> To: CF-Talk
> Subject: RE: Client Variables Question
> 
> 
> If you save your client variables in a db, then I surmise you 
> could create a
> scheduled task w/in Administrator to sweep out 'old' client 
> variables...
> 
> Just a quick thought.
> 
> 
> Is there a way to set an experation on client variabes in the
> application.cfm file similar to a session timeout.  What 
> would I do if I
> only want the client variables to persist for say 2 hours 
> using cookies as
> the clientstorage.
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOeYKLAraVoMWBwRBEQLkLgCgoOW3ZUWW1+DruoEyP1Oo8h1RhtIAmgOt
bDu0akWbF8or7MATLfZkdhy/
=iGCh
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Possible ip address conflict btwn CF and Lyris

2000-10-12 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Check to make sure that none of your virtual servers in IIS have
their IP address set as "All Unassigned."  That would make port 80 on
the default IP of the box unavailable for Lyris.  CF itself shouldn't
bind to any incoming ports.

Best regards,
Zac Bedell



> -Original Message-
> From: Cameron Childress [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, October 12, 2000 1:17 PM
> To: CF-Talk
> Subject: RE: Possible ip address conflict btwn CF and Lyris
> 
> 
> > We are wondering if CF somehow gets bound to the default ip 
> address of
> > the box in such a way that it disallows other requests to 
> that address
> > on port 80.
> 
> It's much more likely that IIS is causing the conflict, not 
> CF.  If you can
> switch to a non-standard port for Lyris (like :8080), your 
> problem will
> probably go away.
> 
> -Cameron
> 
> 
> Cameron Childress
> ElliptIQ Inc.
> p.770.460.7277.232
> f.770.460.0963
> 
> --
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_tal
k or send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body.

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOeYGxgraVoMWBwRBEQKutQCg14rDjGqjjWtHP6/UVPnijUz+gicAn1uu
Ez2OhzHgmvl0lTxQiOcSIWrv
=wwbF
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Software downloads on a client site w/ "vanishing URLs"

2000-10-12 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Another option would be to store (in your DB) an email, password, and
download count.  Then you can allow that customer to download the
file a reasonable amount of times before the password stops working. 
You could also add a date retriction to allow them to download it x
times in y days.

Best regards,
Zac Bedell

> -Original Message-
> From: Kevin Langevin [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, October 12, 2000 2:02 PM
> To: CF-Talk
> Subject: RE: Software downloads on a client site w/ "vanishing
> URLs"  
> 
> 
> THat's my thinking, as well.  I'd just like to restrict the access
> to someone who's paid.  I may just set it up with an 
> email/randomly generated
> password pair, and store the combo in a table of paid 
> customers.  Need to
> think about this a bit more.
> 
> 
> -Kev
> 
> 
> > -Original Message-
> > From: Warrick, Mark [mailto:[EMAIL PROTECTED]]
> > Sent: Thursday, October 12, 2000 1:45 PM
> > To: CF-Talk
> > Subject: RE: Software downloads on a client site w/ "vanishing
> > URLs" 
> >
> >
> > Are you also concerned that a user might give away their username
> > and password if you were to put that file somewhere protected?
> >
> > If not, then you could put the downloadables below the web root,
> > call them with CFCONTENT, and only allow access to files from
> > customer's who paid for that particular software.
> >
> > If you ARE worried about people passing out username/password
> > combos, then you can restrict the time limit for downloading to
> > like a day or something like that.  But regardless of what you
> > do, if someone really wants to share that program they're going
> > to do it no matter what you try to do to prevent it.
> >
> > ---mark
> >
> >
> > --
> > Mark Warrick
> > Phone: (714) 547-5386
> > Efax.com Fax: (801) 730-7289
> > Personal Email: [EMAIL PROTECTED]
> > Personal URL: http://www.warrick.net
> > Business Email: [EMAIL PROTECTED]
> > Business URL: http://www.fusioneers.com
> > ICQ: 346566
> > --
> >
> >
> > > -Original Message-
> > > From: Kevin Langevin [mailto:[EMAIL PROTECTED]]
> > > Sent: Thursday, October 12, 2000 6:50 AM
> > > To: CF-Talk
> > > Subject: Software downloads on a client site w/ "vanishing
> > > URLs" 
> > >
> > >
> > > I sent this out yesterday, but I replied to some other message,
> > and didn't
> > > change the subject, so I'm reposting under a unique 
> subject in case that
> > > thread had been dying out.
> > >
> > > I need to enable software downloads on a client site, for 
> customers who
> > > purchase access to them.  I'm wondering if anyone has built
> > functionality
> > > into a shopping cart to allow this using "vanishing URL"
> > > methods? 
> > >  I'm using
> > > Mary Jo's CFWebStore (which rocks, by the way...) but 
> that's one feature
> > > that I need which isn't built in.
> > >
> > > 
> > > -Kev
> > > 
> > >
> > > > -Original Message-
> > > > From: Robert Forsyth [mailto:[EMAIL PROTECTED]]
> > > > Sent: Wednesday, October 11, 2000 5:40 PM
> > > > To: CF-Talk
> > > > Subject: Help with Anchor Tag
> > > >
> > > >
> > > > I have a query that spits out the last 10 feedbacks on a
> > > > particular news story
> > > >
> > > > when they click on the summary, I open a new window to show
> > > > all feedback and set the page position from the calling link
> > > > on the parent's page.  Of course, it does not work... here's 
> the snippet
> > > > from the calling page:
> > > >
> > > > 
> > > >  > > > 
> href="javascript:pop_window('feedback.cfm?a=2&i=#news.idnum#&h=#tr
> > > > 
> im(news.headline)#&##035;#messageid#')">#trim(summary)# > 
> > > > 
> > > >
> > > > which results in a url that is:
> > > >
> > > > 
> > > >
> > > > '1510' is the record messageid
> > > >
> > > > on the feedback.cfm page... I query all the the 
> feedback for this
> > > > story and add a  anchor in the output:
> > > >
> > > > 
> > > >
> > > >
> > > > But when the feedback.cfm loads, it does not jump to the
> > > > anchor location.  Viewing the source shows that everything 
> looks ok.  Is
> > > > it possible to have a anchor-jump inside a dynamic url??
> > > >
> > > > thanks for the help!
> > > >
> > > > Robert Forsyth
> > > > Director of Web Operations
> > > > Irides, LLC
> > > > Phone: 202-364-7831
> > > >   Fax: 202-364-2481
> > > >
> > > > 
> --
> > > > 
> > > > Archives:
> > > > http://www.mail-archive.com/cf-talk@houseoffusion.com/ To
> > > > Unsubscribe visit
> > > http://www.houseoffusion.com/index.cfm?sidebar=sts&body=sts/cf_t
> > > al 
> > k or send
> > a message to [EMAIL PROTECTED] with 
> 'unsubscribe' in the
> > body.
> >
> > --
> > 
> > Archives: http://www.mail-archive.com/cf-talk@houseo

RE: Query assignment... copy or reference?

2000-10-06 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

To the best of my memory, it's by reference.

And I'll second your comment about the CFDOCs.  It would be nice if
they'd document whether things were byref or bycopy rather than
leaving it up to the programmer to guess...

Best regards,
Zac Bedell

> -Original Message-
> From: Peter Theobald [mailto:[EMAIL PROTECTED]]
> Sent: Friday, October 06, 2000 12:51 PM
> To: CF-Talk
> Subject: Query assignment... copy or reference?
> 
> 
> When I assign a query variable to another query variable, 
> does it make a copy or use a reference (pointer)?
> 
> Specifically I have the following in a module:
> 
> I take the name of a query as an argument, and I want to use 
> that query:
> 
> 
> 
> Is this making a copy of all the data, or just a reference to 
> the original?
> 
> 
> (BTW, why is it that none of the CF books discuss queries as 
> a data type? It is a perfectly valid data type to use as you 
> need even if it has nothing to do with a database. It has 
> it's own strengths and weaknesses distinct from structures.)
> 
> --
> -
> Peter Theobald, Chief Technology Officer
> LiquidStreaming http://www.liquidstreaming.com
> [EMAIL PROTECTED]
> Phone 1.212.545.1232 x204 Fax 1.212.545.0938
> 
> --
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit 
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=list
> s/cf_talk or send a message to 
> [EMAIL PROTECTED] with 'unsubscribe' in the body.
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOd4HMwraVoMWBwRBEQIazQCgqTHSYuEIiTeKUPnpv3E2iaO0beQAn378
ujDLd6wLharXRa7/TYb6Fzd4
=US20
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

More for the wish list (Was: )

2000-10-06 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

May I just say, "Amen to that!"

I've got three current projects that I had to implement a browser
redirect kludge to display some sort of status to the user while a
credit card processes.  It would be SO nice to be able to flush the
output a la ASP.  Or better yet...  Have a choice like PHP...

(And the wish list grows longer)

Regards,
Zac Bedell

> -Original Message-
> From: Ed Toon [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, October 05, 2000 11:00 PM
> To: CF-Talk
> Subject: RE: 
> 
> 
> > I suspect that this multiple pass to the output stream is 
> partially at
> fault
> > of why CF cannot flush the output while it is produced, the 
> way ASP does
> it,
> > sending chunks of output while process is still pending.  
> It needs the
> whole
> > string first.
> 
> If this is the case, it'd be neat if I could just build a 
> string, flush it
> out and go about my business...
> 
> 
> 
> 
>  
> Ed
> 
> --
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit 
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=list
> s/cf_talk or send a message to 
> [EMAIL PROTECTED] with 'unsubscribe' in the body.
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOd3zHAraVoMWBwRBEQL9pACfcjvgY8uiV3alG4zgVBU3JChrS3MAnRyK
1fPHG0MBsLVvsIPyCHKWNZDs
=LbPE
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Kinda OT : Java based file uploader

2000-10-06 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> I want a (nearly) free java applet that I can put on a page 
> that will pop up a file
> requester when a button is clicked and upload the file chosen (with
> progress bar/something) to a (not necesarily) CF template on site.
> 
> Preferably the applet would invoke some javascript function with
> appropriate attributes when the upload is complete so that 
> page content
> (say an image) could be updated right before the users eyes.
> 
> I looked into writing this myself, and indeed had a prototype
> (which didn't actually transfer stuff) running in applet viewer 
> before I realised
> that to get it working everywhere I would have to fork out to get a
> certificate to sign the classes so that a file requester 
> could be opened
> in a browser.
> 
> Anybody know if such a beast exists ?

To the best of my knowledge, a Java *applet* can not read or write
any files on the client's hard disk.  That's a security thing,
otherwise...  Well I'm sure you can see the nasty security
implications of a webpage being able to read or write users'
files  A Java application could do what you seek, but that can't
be embedded in a browser.

We ran into the same problem going in the oposite direction -- our
users want to batch download files from our site.  We've started
implmenting it as an ActiveX component in VB.  It's not cross
platform, or course, but as far as I know, it's the only way to
access users' file systems.

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOd3hNQraVoMWBwRBEQKlngCdE7Yd6L/0o8NCkAR3GhS55EFqQC0AoJK2
sWto7DinuxAlhPTLtWm6Uujx
=DZPY
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: SQL Server

2000-10-05 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

text.  Max storage per field is in the gigabytes.

Tho you might get away w/ varchar fields as the max varchar is 8000
chars vs. Access' meager 255 chars.  Varchar is easier to deal with
for various reasons, so if you're under 8k, use the varchar instead
of text.

Best regards,
Zac Bedell

> -Original Message-
> From: Andy Peterson [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, October 05, 2000 2:16 PM
> To: CF-Talk
> Subject: OT: SQL Server
> 
> 
> Hi,
> 
> Can anyone tell me what the equivalent of a MS Access "memo" 
> field is in SQL
> Server 7.0?
> 
> TIA,
> Andy
> 
> 
> --
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit 
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=list
> s/cf_talk or send a message to 
> [EMAIL PROTECTED] with 'unsubscribe' in the body.
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOdzkkAraVoMWBwRBEQJPhgCgxPQxa+emGMnsvbWsJYnn7kxzi/8AoIZt
GZY3wt2NZdSTyeDGpYNQjiM9
=mEZE
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE:

2000-10-05 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Something like this:











You could potentially figure out the title for the page from a DB
query or other operation and add it into the heading after you've
sent out the ... bit.

A pratical example:  You're displaying pages results and you want the
title to be something like:
YourSiteHere -- Displaying X to y of Z results

Chances are you might have to send out your page header before you
know the counts of items, so CFHTMLHEAD saves you there:


It's also useful for sticking JavaScript into the  section
after the fact.

Best regards,
Zac Bedell

> -Original Message-
> From: wpdd [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, October 05, 2000 1:40 PM
> To: CF-Talk
> Subject: 
> 
> 
> Does anyone examples of good uses for this tag ?
> --
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit 
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=list
> s/cf_talk or send a message to 
> [EMAIL PROTECTED] with 'unsubscribe' in the body.
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOdzNyAraVoMWBwRBEQKOdgCg9Dt0i8BEIFA6R7HAhF/aGiDefCoAoIT5
HD6WCiOhxtTfDEqx1dDqB//U
=WfKG
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: TO ALL: Request for ColdFusion SP2 Input

2000-10-05 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> -Original Message-
> From: Peter Theobald [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, October 05, 2000 1:36 PM
> To: CF-Talk
> Subject: RE: TO ALL: Request for ColdFusion SP2 Input
> 
> 
> Here's one:
> 
> I'd like positional parameters to modules. It would make 
> calling a module so much more concise. And I'd like that to 
> extend to CF's built in tags too. For example:
> 
>   instead of  template="mytag.cfm"> 
> And while we're at it, I often have dozens of one variable 
> outputs that are made too wordy by the syntax: 
> #var#. I'd like to see an alternate 


That sounds like a nifty idea, but I suspect it would be rather
unpleasant to implement and somewhat confusing to call (just what
order SHOULD the params be passed in?).

Perhaps an alternate method to get essentially the same functionality
would be to expose ALL of the functionality currently handled by tags
as functions.  That would make  blocks far more powerful as
well.

And while we're talking about ...  How about just aliasing
 and  to  respectively.  Sure it looks
like PHP, but it's easier to deal with...

Not that I would expect any of *that* to happen in a service pack
release.  They're features I'd like to have (especially the
functionalized tags), but I'd rather the coders concentrate on
squishing the bugs in SP2 rather than adding tons of new features...

Regards,
Zac Bedell


-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOdzMjQraVoMWBwRBEQIb6ACeONxuqAiVCFqDbNJUUfEvmERhZCYAoMp9
S/hg0dvcG8aQpn59dDd9YwYC
=NAga
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Slightly Off-Topic: Credit Card Wackyness

2000-10-05 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Your college definately has a merchant account then.  One more
question for you:  Do you need to take live online authorizations, or
could you simply get the card numbers & forward them to the
accounting office for manual entry?  I suspect that sending the
numbers to the accounting office would make everything far simpler &
easier.  If you're expecting a thousand payments a day, then that's
probably not the route to go, but  It would be a ton easier than
setting up & dealing w/ CyberCash.

You will need to check w/ your bank to make sure they'd allow that. 
You'd also need to make sure everything is stored encrypted &
accessable only by appropriate people.

Hope that's helpful.

Best regards,
Zac Bedell

> -Original Message-
> From: Willy Ray [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, October 05, 2000 11:31 AM
> To: CF-Talk
> Subject: RE: Slightly Off-Topic: Credit Card Wackyness
> 
> 
> Well, I'm at a small college.  I'd like the students to be 
> able to pay tuition, fees, etc. w/ their creditcards over the 
> website.  The accounting office has a swiper unit that they 
> use at the cashiers window.  Would that be a "Merchant 
> Account?"  Do I need to figure out with them how that works, 
> then talk to the people that they have that through?
> 
> >>> [EMAIL PROTECTED] 10/5/00 8:38:50 AM >>>
> 
> *** PGP Signature Status: good
> *** Signer: Zachary S. Bedell <[EMAIL PROTECTED]> 
> *** Signed: 10/5/2000 10:38:50 AM
> *** Verified: 10/5/2000 12:03:45 PM
> *** BEGIN PGP VERIFIED MESSAGE ***
> 
> > Alright, so I got the SSL working, and I'm pleased with that, 
> > now my head is spinning with the possibility of credit card 
> > usage on my little higher-educational website (I'm tired of 
> > doing job boards, admissions applications).  I have no idea 
> > what I need in order to do this.  Do I need some credit card 
> > hardware?  Some sort of networkable swiper box?  Can I do it 
> > with just cold fusion and an I.P. address?  Babe in the 
> > woods, here, people.
> 
> Oh boy... Here's a question w/ no easy answer...
> 
> There's about a million & one ways you can do credit card
> processing.  
> 
> First question:  Do you have a merchant account with a bank, or do
> you think you can get one easily (IE: established company w/ good
> credit rating & in good standing w/ the bank)?
> 
> If the answer to that is NO, then you'll need to user one of the
> various services that provide full credit card billing w/o the user
> needing a merchant account.  I'm not sure whether you're selling
> site access (or other intangibles) or if you're selling a product,
> but
> that would affect your choice of processors.  This type of
> processor will charge you a mint for their services, but they might
> be your
> only choice if you can't get a merchant account.  They also usually
> add additional fraud detection systems which are EXCEEDINGLY useful
> for membership-type sales.  Some places to start looking:
> www.ibill.com, www.ccbill.com, and a sh'load of others I can't
> think of off the top of my head.  IBILL has been our best bet for a
> while now.  We DO have a merchant account, but the reduction in
> fraud w/ IBILL's fraud detection and negative database has MORE
> than made up for the 15% cut they take for their service.
> 
> If you do have or can get a merchant account, you'll likely want to
> look at processing the cards through your own account.  That way,
> you'll probably end up paying minimal fees (3-5%) and perhaps a
> small per-transaction fee ($.10 - $.35 per charge).  
> 
> Now...  Simply having a merchant account doesn't magically get you
> Internet CC billing (bummer...).  You'll need some software to pull
> it off...  CyberCash seems to be a popular choice.  Depending on
> your bank, the CyberCash transactions fees might be covered for
> you,
> leaving you only the 3-5% bank cut.  Our bank covers the CyberCash
> fees for us.
> 
> That said, I haven't been too thrilled w/ CyberCash personally. 
> I'm especially displeased w/ the ColdFusion options for accessing
> the
> CyberCash servers.  On CyberCash's side, Address Verification
> Services (AVS) are frequently unavailable even for cards that I
> *know* support AVS.  That makes it tougher to control fraud.
> 
> As for the ColdFusion software, it's kind of a mess...  CyberCash
> doesn't actually supply CF tags or anything of the sort.  They give
> you a COM object, but the amount of supporting code to drive the
> COM is pretty heavy.  That code is available in Perl, C, or ASP,
> but not CF.  Porting it would NOT be fun...  There are a number of
> CyberCash tags available from third parties.  Allaire & ONCR both
> make tags.  Allaire's only does authorizations, not batch
> settlements, and it's not thread safe (CFLOCK is a MUST!).  Version
> 3 of the ONCR tag seems to leak memory during auths, but it does
> handle batch decently.  It WILL occasionally crash however.  That
> leaves your batch in

RE: Encryption in CF

2000-10-05 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Shroom is running some sort of CGI interface to the command line
decryptor (which is available for DL from that site).  There IS a CFX
custom tag available.  You need to look high & low for it, but it
exists & works nicely.   Just stick a little recursive CFDIRECTORY
tag around that, and you have instant decryption of an entire source
tree.  Very nifty...

Do be aware that the temp files that shroom creates aren't secured,
so any tags you decrypt using shroom are very easily retrieved by
anyone else who visits the site.  Don't use shroom to decrypt
anything with national security value  The command line tool
works nicely when you need to decrypt stuff privately.

Best regards,
Zac Bedell

> -Original Message-
> From: Kevin Schmidt [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, October 04, 2000 5:02 PM
> To: CF-Talk
> Subject: Re: Encryption in CF
> 
> 
> I did that but I am curious as to what it is running on the 
> code...it it a
> custom tag???etc???
> - Original Message -
> From: "John Bowering" <[EMAIL PROTECTED]>
> To: "CF-Talk" <[EMAIL PROTECTED]>
> Sent: Wednesday, October 04, 2000 2:22 PM
> Subject: RE: Encryption in CF
> 
> 
> > the easiest way is to upload an encrypted template, and the 
> site displays
> > source code.
> >
> > -Original Message-
> > From: Kevin Schmidt [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, October 04, 2000 3:22 PM
> > To: CF-Talk
> > Subject: Re: Encryption in CF
> >
> >
> > I visited the site.  How does it work??
> > - Original Message -
> > From: "John Bowering" <[EMAIL PROTECTED]>
> > To: "CF-Talk" <[EMAIL PROTECTED]>
> > Sent: Wednesday, October 04, 2000 12:28 PM
> > Subject: RE: Encryption in CF
> >
> >
> > > not safe
> > >
> > > http://shroom.dv8.org/cfd/
> > >
> > >
> > >
> > >
> > > -Original Message-
> > > From: Kevin Schmidt [mailto:[EMAIL PROTECTED]]
> > > Sent: Wednesday, October 04, 2000 1:53 PM
> > > To: CF-Talk
> > > Subject: Encryption in CF
> > >
> > >
> > > This is a multi-part message in MIME format.
> > >
> > > --=_NextPart_000_13F1_01C02E02.05D48540
> > > Content-Type: text/plain;
> > > charset="iso-8859-1"
> > > Content-Transfer-Encoding: quoted-printable
> > >
> > > How safe is the encryption in CF.  Are there ways to 
> unecrypt encrypted
> =
> > > CF files? Known exploits?
> > >
> > > Thanks,
> > >
> > > Kevin Schmidt
> > > Internet Services Director
> > > PWB Integrated Marketing and Communications
> > > Office: 734.995.5000
> > > Mobile: 734.649.4843
> > >
> > >
> > > --=_NextPart_000_13F1_01C02E02.05D48540
> > > Content-Type: text/html;
> > > charset="iso-8859-1"
> > > Content-Transfer-Encoding: quoted-printable
> > >
> > > 
> > > 
> > >  > > http-equiv=3DContent-Type>
> > > 
> > > 
> > > 
> > > 
> > > How safe is the 
> encryption in CF. 
> =
> > > Are there=20
> > > ways to unecrypt encrypted CF files? Known
> > > exploits?  
> > > Thanks,
> > >  
> > > Kevin 
> SchmidtInternet Services =
> > > DirectorPWB=20
> > > Integrated Marketing and CommunicationsOffice: =
> > > 734.995.5000Mobile:=20
> > > 734.649.4843
> > >
> > > --=_NextPart_000_13F1_01C02E02.05D48540--
> > >
> >
> > 
> --
> 
> > --
> > > --
> > > Archives:
> > > http://www.mail-archive.com/cf-talk@houseoffusion.com/ To
> > > Unsubscribe visit
> > > 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_tal
k
or
> > send a message to [EMAIL PROTECTED] with
> > 'unsubscribe' 
in
> > the body.
> >
>
> 
> -- 
> > Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> > To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_t
> alk or send a message to [EMAIL PROTECTED] with
> 'unsubscribe' in the body.
> >
>
> 
> -- 
- --
> --
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_t
> alk or send a message to [EMAIL PROTECTED] with
> 'unsubscribe' in the body.
>
> 
> -- 
- 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_tal
k or
send a message to [EMAIL PROTECTED] with
'unsubscribe' in
the body.
>

- --
- 
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_tal
k or send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body.

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOdy

RE: Slightly Off-Topic: Credit Card Wackyness

2000-10-05 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> Alright, so I got the SSL working, and I'm pleased with that, 
> now my head is spinning with the possibility of credit card 
> usage on my little higher-educational website (I'm tired of 
> doing job boards, admissions applications).  I have no idea 
> what I need in order to do this.  Do I need some credit card 
> hardware?  Some sort of networkable swiper box?  Can I do it 
> with just cold fusion and an I.P. address?  Babe in the 
> woods, here, people.

Oh boy... Here's a question w/ no easy answer...

There's about a million & one ways you can do credit card processing.

First question:  Do you have a merchant account with a bank, or do
you think you can get one easily (IE: established company w/ good
credit rating & in good standing w/ the bank)?

If the answer to that is NO, then you'll need to user one of the
various services that provide full credit card billing w/o the user
needing a merchant account.  I'm not sure whether you're selling site
access (or other intangibles) or if you're selling a product, but
that would affect your choice of processors.  This type of processor
will charge you a mint for their services, but they might be your
only choice if you can't get a merchant account.  They also usually
add additional fraud detection systems which are EXCEEDINGLY useful
for membership-type sales.  Some places to start looking:
www.ibill.com, www.ccbill.com, and a sh'load of others I can't think
of off the top of my head.  IBILL has been our best bet for a while
now.  We DO have a merchant account, but the reduction in fraud w/
IBILL's fraud detection and negative database has MORE than made up
for the 15% cut they take for their service.

If you do have or can get a merchant account, you'll likely want to
look at processing the cards through your own account.  That way,
you'll probably end up paying minimal fees (3-5%) and perhaps a small
per-transaction fee ($.10 - $.35 per charge).  

Now...  Simply having a merchant account doesn't magically get you
Internet CC billing (bummer...).  You'll need some software to pull
it off...  CyberCash seems to be a popular choice.  Depending on your
bank, the CyberCash transactions fees might be covered for you,
leaving you only the 3-5% bank cut.  Our bank covers the CyberCash
fees for us.

That said, I haven't been too thrilled w/ CyberCash personally.  I'm
especially displeased w/ the ColdFusion options for accessing the
CyberCash servers.  On CyberCash's side, Address Verification
Services (AVS) are frequently unavailable even for cards that I
*know* support AVS.  That makes it tougher to control fraud.

As for the ColdFusion software, it's kind of a mess...  CyberCash
doesn't actually supply CF tags or anything of the sort.  They give
you a COM object, but the amount of supporting code to drive the COM
is pretty heavy.  That code is available in Perl, C, or ASP, but not
CF.  Porting it would NOT be fun...  There are a number of CyberCash
tags available from third parties.  Allaire & ONCR both make tags. 
Allaire's only does authorizations, not batch settlements, and it's
not thread safe (CFLOCK is a MUST!).  Version 3 of the ONCR tag seems
to leak memory during auths, but it does handle batch decently.  It
WILL occasionally crash however.  That leaves your batch in an
unknown state & requires much manual intervention & cursing to
straighten things up.  That happens perhaps once every two months or
so.  ONCR does have a version 4 available of their tag which they
claim is much better.  I'd give it a try if not for the $ticker
$hock

Even with all those caveats against CyberCash, I feel it's the best
solution available if you have a merchant account.  I'd certainly be
interested in others' experiences with other processor software, tho!

Hope that was at least helpful.  I can provide more detailed
information about either IBILL or CyberCash when you decide which
route you're going to take.

Best regards,
Zac Bedell


-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOdySegraVoMWBwRBEQIllgCg2B+4utyhed9PcotSMtd/Vc1jJSMAn2CQ
VsZNko+pMHbaMUetIiGNiTeG
=5Pfl
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: ColdFusion SP2

2000-10-03 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I certainly agree that Allaire should make CF more international
friendly, even tho I'm in the US myself...

To answer your question about the separate functions for US & the
rest of the world:  The NON-Locale specific functions (without the
LS) are a lot faster.  Allaire wrote optimized versions of the
functions that assume US settings & work a lot faster.  The LS
versions of the functions have to figure out the locale they're in
before they can start doing any useful work.  That could certainly be
fixed, but...  That's the reason for the two sets of functions.

Best regards,
Zac Bedell

> -Original Message-
> From: Steve Martin [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, October 03, 2000 10:55 AM
> To: CF-Talk
> Subject: RE: ColdFusion SP2
> 
> 
> I concur, CF server always assumes English (US) as the default
> locale irrespective of OS settings which means that all us
> Europeans 
> have to ensure
> that we use the locale specific settings to ensure that our dates
> are treated appropriately. This can be a real pain as it's a 
> common stumbling
> block for most CF newbies. It would be nice to be able to set 
> once and for
> all the locale in one place and have CF treat all dates 
> correspondingly from
> then on. On the same note, something which has always bugged 
> me is why do we
> need to have separate date functions for the US than for the 
> rest of the
> world (ParseDateTime() and LSParseDateTime() )? Surely one 
> set of functions
> would suffice which are all locale specific. Similarly why do we
> have DollarFormat() and LSCurrencyFormat() when the latter is 
> quite capable of
> supporting the former?
> 
> Steve
> 
> > -Original Message-
> > From: Aidan Whitehall [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, October 03, 2000 13:37
> > To: CF-Talk
> > Subject: ColdFusion SP2
> >
> >
> > Don't know if this applies to the SP2, but how about being 
> able to set the
> > Locale in ColdFusion Administrator or it being able to find 
> out how the
> > dates are formatted at the OS level?
> >
> > I've just realised a scheduled event set up this morning 
> wasn't being
> > triggered because the default value of 10/03/2000 in the 
> Start Date field
> > was (to us Europeans) 10th March, not the 3rd of October.
> >
> > Being miles away (metaphorically), I didn't twig and change 
> the date.
> > Result: no scheduled event till the penny dropped.
> >
> >
> >
> > --
> > Aidan Whitehall <[EMAIL PROTECTED]>
> > Netshopper UK Ltd
> > Advanced Web Solutions & Services
> >
> > http://www.netshopperuk.com/
> > Telephone +44 (01744) 648650
> > Fax +44 (01744) 648651
> > --
> > 
> > Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> > To Unsubscribe visit
> > http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf
> > _talk or send a message to [EMAIL PROTECTED] with
> > 'unsubscribe' in the body.
> >
> 
> --
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_tal
k or send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body.

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOdn1QgraVoMWBwRBEQKnhwCfcsUeGmLv3IBfIo4dGnJP6yZmn0MAoLos
hWiMusXpDM+8tBlLMm+LD7wL
=YiXB
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: ColdFusion SP2 -install issues

2000-09-28 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> I don't remember if SP1 worked this way or not, but my 
> biggest request would be for EVERY new version of CF - 
> be able to be installed  without having installed a 
> previous version.


Can I say AMEN to that?!  It seems like some versions of CFAS are
happy if you just have a previous serial number, but others wanted to
see a full application installed.  Proof of ownership by providing a
serial number seems quite sufficient.

Given the incompatibilities introduced by installing certain versions
of CFAS, I think it's unreasonable that you need to install an older
version and increase your potential for problems.  ESPECIALLY when
you consider that certain versions of CFAS are know to mess up the
MDAC installations on Win2k.  It's really inexcusable...  I didn't
pay for a software subscription to beat my head against the wall
every time I try to install the software...


Sorry...  I feel better now...

Regards,
Zac Bedell



-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOdNe6QraVoMWBwRBEQLkaACfXZy+LmLMLEz7rfgFACrYGd4/P7cAoNiE
RPL9nymRnlc0EqhY0lJuGnAG
=zDPe
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Post form data in (to) CF

2000-09-26 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> >One thing that immediately jumps out at me is your POST line. 
> >HTTP spec doesn't include the entire URL in the POST, only the
> >path info. So this:
> >   POST http://xyz.xyz.com/1.cfm HTTP/1.0
> >should actually be:
> >   POST /1.cfm HTTP/1.0
> >   Host: xyz.xyz.com
> 
> do you know of a resource for something like this? I would 
> like to verify 
> my GET requests also

Try RFC 2616.  That's the HTTP/1.1 spec, so you can't get much more
definitive than that.  It's a bit of a tome (200ish pages), but if
you're writing even a simple HTTP agent, it's really required
reading.  It also points out more information on assorted other
resources like MIME & URL encoding.

That RFC can be found at http://www.ietf.org/rfc/rfc2616.txt.
 
> >There's no Content-Type header in your request.  Try adding:
> >Content-type: application/x-www-form-urlencoded
> 
> bingo. I added that (even with all my other oops), and it 
> worked. thanks :)

You're quite welcome!

> >Your POST data isn't URL encoded.  For the body of your HTTP
> >request, try:
> >date_id=2000%2D09%2D21
> 
> I will actually be receiving the data encoded already. Thanks 
> for pointing this out though..

OK.  That's definitely one thing that will give CF indigestion... 
(*burp!*)
 
> >I think among those three things, you should be able to get a
> >successful POST.  CF is a far more picky beast than Perl is,
> >unfortunately...
> 
> I am much more use to PERL (and PHP now) when CF. At least I 
> know what is going on in them :)

*nods*  In general, CF is just picky.  As long as you follow the RFC,
you should be okay.  

BE AWARE, however that CF disregards the RFC itself in a few spots. 
Namely it doesn't use CR/LF to delimit all of its headers as it
should.  Tags like CFContent, CFHeader, or anything else that
manipulate the returned headers sometimes use an LF only; even tho
the RFC specifies that CF/LF is REQUIRED.  That's something to be
aware of if you'll be parsing returns from CF.

Best regards,
Zac Bedell


-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOdDC1wraVoMWBwRBEQK0lACg9shhG9aSMw+NJY8bOUZn3fHFc14An3rf
sOg86DMHQ1qA8RM5E5QGCtFg
=xDxF
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Cheap CF Hosting FOUND

2000-09-26 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> >http://www.v-domains.com/
> >9.95 per month includes CF.
> Did you notice that if you want a database at all you have to go up
> to $19.95 a month though.

Ugh! Says who?  Just use direct OLEDB access, and you don't need them
to setup a DSN at all.  Just upload your Access DB and use a CFQuery
line like this:



SQL...


I know this might be a little off the edge of the list charter, and I
hate to blow my own horn, but...

We host for $29.95 a month if anyone's interested.  That includes FTP
access, 5 email accounts, unlimited email forwarding, MS FrontPage 2k
support, ASP, CFM, your own IP address (none of that host header
garbage I've seen a lot of other hosts using lately), and some
assorted other goodies.  We don't charge extra for DB access unless
you need a DSN or SQL server or something.  

AND, if you email me, I get back to you within the day if at all
possible.  And you can even call me on the telephone & get a live
person (namely me) if you need it.

I won't post contact info on the list, but if you wanted to email
directly, I can give info to anyone who's interested.

My apologies in advance if anyone's offended by the more or less
blatant commercial plug, but...  It seems relevant to this thread.

Best regards,
Zac Bedell
<[EMAIL PROTECTED]>
http://www.adirondack.net

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOdDA8QraVoMWBwRBEQLyjQCfRtmEWbCqxmSe3ocN9vYP5z8dF2sAnjN9
UC4zhlx5Mug12Ht6Du0alg/Z
=Agzq
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Post form data in (to) CF

2000-09-26 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

One thing that immediately jumps out at me is your POST line.  HTTP
spec doesn't include the entire URL in the POST, only the path info. 
So this:
  POST http://xyz.xyz.com/1.cfm HTTP/1.0
should actually be:
  POST /1.cfm HTTP/1.0
  Host: xyz.xyz.com

You can include the hostname in a host header if need be (depending
on how your server is setup, that might be required).  The POST
should only include the path, tho.

Other possible gotchas: 

There's no Content-Type header in your request.  Try adding:
Content-type: application/x-www-form-urlencoded

Your POST data isn't URL encoded.  For the body of your HTTP request,
try:
date_id=2000%2D09%2D21 

I think among those three things, you should be able to get a
successful POST.  CF is a far more picky beast than Perl is,
unfortunately...

Best regards, and good luck!
Zac Bedell

> -Original Message-
> From: Benji Spencer [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 26, 2000 10:27 AM
> To: CF-Talk
> Subject: Post form data in (to) CF
> 
> 
> I am working on a project where I need to construct the actual HTTP
>  request. I have run into a roadblock with CFM form pages though.
> Does  anyone know how CF handles form data in a post? CF seems to
> be 
> expecting/seeing things different then a CGI script.
> here are a couple of examples as to what I am doing as well as
> there  unexplainable results.
> 
> 1.1) my test PERL script (just displays the post data)
> 
> [/opt/cgi-bin]% cat 2.pl
> #!/usr/local/bin/perl
> use CGI;
> $query=new CGI;
> 
> print $query->header;
> print $query->param('date_id');
> 
> 1.2) The request to that script
> [~]$ telnet xyz 80
> Trying xxx.xxx.xxx.xxx...
> Connected to xyz.xyz.com.
> Escape character is '^]'.
> POST http://xyz.xyz.com/cgi-bin/2.pl HTTP/1.0
> Content-Length: 18
> 
> date_id=2000-09-21
> HTTP/1.1 200 OK
> Date: Tue, 26 Sep 2000 14:08:58 GMT
> Server: xx
> Last-Modified: Tue, 26 Sep 2000 13:45:57 GMT
> Cache-Control: no-cache
> Connection: close
> Content-Type: text/html
> 
> 2000-09-21Connection closed by foreign host.
> 
> 
> 2.1) the CFM page
>  #form.date_id#
> 
> 
> 2.2) The request to the CF page
> [~]$ telnet xyz 80
> Trying xxx.xxx.xxx.xxx...
> Connected to xyz.xyz.com.
> Escape character is '^]'.
> POST http://xyz.xyz.com/1.cfm HTTP/1.0
> Content-Length: 18
> 
> date_id=2000-09-21
> HTTP/1.1 200 OK
> Date: Tue, 26 Sep 2000 14:21:53 GMT
> Server: 
> Page-Completion-Status: Normal
> Page-Completion-Status: Abnormal
> Connection: close
> Content-Type: text/html

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOdC1QQraVoMWBwRBEQJyUQCffLlooluOzEFL801WYHDdSMcTqfoAn36E
fRXJTakEeCjMqP8NJx/pj+OQ
=gPFG
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Decrypt cold fusion files

2000-09-25 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I do love the head-in-sand solution to the CFDecrypter problem... 
It's not like it's tough to find.  Any developer who uses CF's
encryption and expects his code to be secure is REALLY delusional...

An on-line tool, windows, and linux binaries are available at
http://shroom.dv8.org/cfd/.

There... The secret's out.  Decrypting CF Files is pathetically easy.
 If you want secure, CFCRYPT/CFENCODE is *not* the answer...

Best regards,
Zac Bedell

> -Original Message-
> From: Mark Warrick [mailto:[EMAIL PROTECTED]]
> Sent: Friday, September 22, 2000 8:06 PM
> To: CF-Talk
> Subject: RE: Decrypt cold fusion files
> 
> 
> N
> 
> NOO!!   
> 
> I think it would generally be illegal to decrypt templates 
> unless of course it's your own work, in which case you can 
> have Allaire decrypt them for you.
> 
> Or you can find the CFDECRYPT program.  Sorry no hints 
> available for that solution.
> 
> 
> --
> Mark Warrick
> Phone: (714) 547-5386
> Efax.com Fax: (801) 730-7289
> Personal Email: [EMAIL PROTECTED]
> Personal URL: http://www.warrick.net 
> Business Email: [EMAIL PROTECTED]
> Business URL: http://www.fusioneers.com
> ICQ: 346566
> --
> 
> 
> > -Original Message-
> > From: Sree@bigbuzz [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, September 22, 2000 2:42 PM
> > To: CF-Talk
> > Subject: Decrypt cold fusion files
> > 
> > 
> > This is a multi-part message in MIME format.
> > 
> > --=_NextPart_000_0011_01C024B4.0006E920
> > Content-Type: text/plain;
> > charset="iso-8859-1"
> > Content-Transfer-Encoding: quoted-printable
> > 
> > HI,
> > Is there a way to decrypt coldfusion files.
> > 
> > 
> > THanks
> > Sree
> > 
> > --=_NextPart_000_0011_01C024B4.0006E920
> > Content-Type: text/html;
> > charset="iso-8859-1"
> > Content-Transfer-Encoding: quoted-printable
> > 
> > 
> > 
> >  > http-equiv=3DContent-Type>
> > 
> > 
> > 
> > 
> > HI,
> > Is there a way to decrypt 
> coldfusion=20
> > files.
> >  
> >  
> > THanks
> > Sree
> > 
> > --=_NextPart_000_0011_01C024B4.0006E920--
> > 
> > --
> > 
> > Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> > To Unsubscribe visit 
> > http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf
> _talk or send a message to [EMAIL PROTECTED] 
> with 'unsubscribe' in the body.
> 
> --
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit 
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=list
s/cf_talk or send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body.

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOc+iOwraVoMWBwRBEQKjfQCgzJ7MZVYklDEkgvhz1OALpBLlUsEAoI6b
T51VEGF+655n+5Be867MC1Zb
=eGiH
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Crazy idea?

2000-09-22 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Oh my GAWD!  I'd LOVE open source CF.  Wouldn't surprise me if
Allaire has half a dozen software patents on various parts of it,
tho...

At least with an open source solution, bugs might get fixed in less
than six months time  And it's not like Allaire support is worth
a darn anyways...

Granted, it's a bit out of my league to code it.  Maybe it could be
done as a language plugin for the Zend engine? (See Zend.com)

It might be a crazy idea, but it's also a very good one...

Regards,
Zac Bedell

> -Original Message-
> From: Juan Andres Alvarez Valenzuela [mailto:[EMAIL PROTECTED]]
> Sent: Friday, September 22, 2000 11:46 AM
> To: CF-Talk
> Subject: Crazy idea?
> 
> 
> any topic about a Coldfusion Open source ? 
> what about CFML especs ? any ideas ?
> 
> is it a crazy idea to have a GNU Coldfusion servers ? 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOcuFnAraVoMWBwRBEQKu7gCfc1HQMzPO03vbogqp06EndqJ5n+8AoM47
n0DcZJrVB9QJLhlgrOcd+3bf
=6Ja7
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: ASP or Coldfusion?

2000-09-22 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> It takes much longer to develop a site with ASP than CF 

That depends on the site...  I'm a procedural programmer of many
years, so ASP comes faster to me than CF does.  I can still code
anything in either language, but I'm more comfortable with ASP's
approch than w/ CF's.   Speed is really a matter of personal skill &
preference.  I don't think you can label one or the other as faster
to develop in.  It depends on the coder...

> and you cannnot port your site from NT to UNIX 
> whereas you can with CF if neccessary

Sure you can!  Try ChilisoftASP.  It runs on AIX, HP-UX, Linux,
OS/390, and Solaris.  And it's cheaper than CF Server... 
(www.chilisoft.com)


> In conclusion they are both good tools - I came 
> from an ASP background but my preference lies 
> slightly towards CF for most tasks - it really 
> is a superb tool.

Amen to that!  Use what works best for you...

Best regards,
Zac Bedell

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOctq8AraVoMWBwRBEQLgUwCgyVF2I3/fDGM9aP3Qf7KM3nryBeUAoOkd
VEPWw2MAttTrUm9G2vuip+0b
=/Sdg
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: SQL Max Size

2000-09-22 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> What is the max size of text that I can insert into an 
> SQL database and is there a way to make an unlimited 
> size available? What I am trying to do is insert word 
> document converted to html(2000 so they are huge) to make
> a database of procedures here at work. They can be 
> pretty huge, so the database has to be able to handle 
> anything.

I assume you mean MS SQL Server 7.0?

If so, making the field type 'text' should give you something like
several gigs per field.  If you make them 'varchar', you're limited
to 8000 chars.

If I recall right, CF needs to be gently tweaked to enable large text
retrieval.  Out-of-box, I think it's limited to 65536 chars.  Don't
quote me on that, tho...

In any case, making the field type 'text' will give you essentially
unlimited storage (up to available drive space).  If it's an issue,
and you need to know the exact size limit, I can look it up for you. 
I'm just too lazy to go get the book off the shelf & look right
now...  Suffice to say it's a LOT.

Best regards,
Zac Bedell


-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOctpWAraVoMWBwRBEQKs1gCfd1nA+uOjhyFIJIH0e1x7Z74cAaIAn390
VsCvR6QBr5LFJ5viEZdb8L6p
=VKOJ
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: ASP or Coldfusion?

2000-09-22 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Quite honestly, for a few thousand hits a week, you could code it in
QBasic and still have speed to spare  I've had good & bad luck
scaling applications with both CF and ASP.  Alot seems to depend on
how the server software was put together (IE was versions of various
things & how they were installed).  The rest depends on how the code
is written.  If you write good robust code, it really doesn't matter
whether you use ASP or ColdFusion.  If you know one or the other, use
it. 

Another deciding factor is cost -- if you don't already own CF
Server, then ASP will be your cheapest route.

I've got a million hit a month site running fine on ColdFusion
(4.0.1, NT4 SP6, dual P2-400, 384MB, SQL Server 7), and I've got a
couple thousand hit a month site running like crap on ColdFusion. 
The million hit site was coded personally by me, and I know for
certain that ALL locking and other stability issues were handled
correctly.  The other site was coded by hired trained-monkies, and it
needs to be rebooted once a day...  I've got similar success  &
failure stories on ASP.  Basically, the quality of the coding is more
important than whether it's ASP or CF.  

Now on the other hand, CF 4.5.1 KILLED both of the aforementioned CF
sites, so the CF version might have something to do with things 
Version 4.0.1 seems good for us.  4.5 & 4.5.1 completely choked.  I
haven't had the guts to try 4.5.1 SP1 yet

Hope that was helpful.

Best regards,
Zac Bedell

> -Original Message-
> From: Dean Alexandrou [mailto:[EMAIL PROTECTED]]
> Sent: Friday, September 22, 2000 10:01 AM
> To: CF-Talk
> Subject: ASP or Coldfusion?
> 
> 
> I am not sure what tool to use to develop quite a major site. 
> I have heard
> that while coldfusion is good for small sites, ASP is more 
> robust, and would
> cope better with a large site that has to deal with a few 
> thousand hits a
> week.
> 
> 
> --
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit 
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=list
> s/cf_talk or send a message to 
> [EMAIL PROTECTED] with 'unsubscribe' in the body.
> 

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOctoLAraVoMWBwRBEQJNAQCg+vWhFmb5WvIlYLhyUfcEJ9unjwYAoIX3
Jvwa5uUVLu24z5fLbghp27xd
=AcJy
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Cocatenation

2000-09-21 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1



Regards,
Zac Bedell

> -Original Message-
> From: Christopher S Martin [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 21, 2000 4:34 PM
> To: CF-Talk
> Subject: Cocatenation
> 
> 
> How do I concatenate three strings?
> 
> I want to cocatenate two variable name, with AND.  I tried :
> 
>  cfset someString = Evaluate("StartDate" & AND & "EndDate")
> 
> as well as:
> 
> Evaluate("StartDate" & DE(AND & "EndDate")
> 
> BUt niether of the worked.  I would like to use someString as 
> a where clause
> in a query, so it should output the values stored in some 
> string.  WHat
> should I do?
> 
> Thanks,
> 
> Chris Martin
> [EMAIL PROTECTED]
> www.fsenablers.com
> www.fslink.com
> 
> --
> 
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit 
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=list
s/cf_talk or send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body.

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOcp3wgraVoMWBwRBEQLUbwCgu//Plkos2uOM1bDZV3CIZRwrZSQAoLDw
MhWdoORuciyM4/VPSHZRfqcZ
=p1aN
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Single Quotes - Double Quotes ARGH!

2000-09-21 Thread Zachary Bedell


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Unless I'm completely mistaken, CF handles single quotes
automatically, without PreserveSingleQuotes.

An example:



INSERT INTO TABLE (ID, String)
VALUES (42, '#String#')


Your debugging output for that should show an sql string of:
INSERT INTO TABLE (ID, String)
VALUES (42, 'That''s a single quote...')

Your single quotes have been automatically escaped as two single
quotes (as they should be), and they'll go into the database exactly
as they should -- as one single quote.

If you put PreserveSingleQuotes around the string in the CFQUERY,
then the SQL String would look like:
INSERT INTO TABLE (ID, String)
VALUES (42, 'That's a single quote...')

That would cause an error since your string ends after That, and you
have a random bunch of text hanging out after it.

Am I completely missing your question?

Best regards,
Zac Bedell

> -Original Message-
> From: Jake Hileman [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 21, 2000 11:59 AM
> To: CF-Talk
> Subject: Re: Single Quotes - Double Quotes ARGH!
> 
> 
> I'm still waiting for an answer to this question also! :)  
> Don't forget when
> you select, you'll have to use it also.  :)
> 
> Jake
> 
> - Original Message -
> From: "Peter Theobald" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, July 26, 2000 4:03 PM
> Subject: Single Quotes - Double Quotes ARGH!
> 
> 
> > --=_14561452==_.ALT
> > Content-Type: text/plain; charset="us-ascii"
> >
> > In several CFQUERYs on many pages I am updating several 
> tables. Very often
> these text fields have apostrophes or double-quotes in them. 
> If I surround
> the fields with single quotes, then CF escapes them by 
> doubling them. They
> actually go into the database doubled. If I surround the 
> fields with double
> quotes, then CF cuts them off when it sees the first double-quote.
> >
> > I cant believe my only option is to surround every single 
> field in every
> single update on every single page with 
> PreserveSingleQuotes(). That would
> be several hundred PreserveSingleQuotes()...
> >
> > What is the common practice for handling this? The 
> apostrophe is a common
> character in English text...
> >
> >
> >
> > 
> --
> 
> -
> > Peter Theobald, Chief Technology Officer
> > LiquidStreaming http://www.liquidstreaming.com
> > [EMAIL PROTECTED]
> > Phone 1.212.545.1232 Fax 1.212.679.8032
> >
> > --=_14561452==_.ALT
> > Content-Type: text/html; charset="us-ascii"
> >
> > 
> > In several CFQUERYs on many pages I am updating
> > several tables. Very often these text fields have apostrophes or 
> double-quotes in
> > them. If I surround the fields with single quotes, then CF 
> escapes them
> > by doubling them. They actually go into the database doubled. If
> > I surround the fields with double quotes, then CF cuts them 
> off when it
> > sees the first double-quote.
> > 
> > I cant believe my only option is to surround every single 
> field in every
> > single update on every single page with PreserveSingleQuotes().
> > That would be several hundred PreserveSingleQuotes()...
> > 
> > What is the common practice for handling this? The 
> apostrophe is a common
> > character in English text...
> > 
> > 
> >
> > 
> > 
> --
> 
> -
> > Peter Theobald, Chief Technology Officer
> > LiquidStreaming
> > http://www.liquidstreaming.com/"
> eudora="autourl"> color="#FF">http://www.liquidstreaming.com
> > [EMAIL PROTECTED]
> > Phone 1.212.545.1232 Fax 1.212.679.8032
> > 
> >
> > --=_14561452==_.ALT--
> >
> > 
> --
> 
> 
> > Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> > To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=list
s/cf_talk or
send a message to [EMAIL PROTECTED] with
'unsubscribe' in
the body.
>

- --
- 
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_tal
k or send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body.

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.8 for non-commercial use 

iQA/AwUBOco3/graVoMWBwRBEQJEtgCgjjzpKoUC/+H6KMeM0tYJvOSfPoMAoME4
xMOYrAMqeL9+tXey15fBMLu3
=cBmI
-END PGP SIGNATURE-
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

1 2 3 >

1 - 100 of 220 matches

Mail list logo