RE: Cfqueryparam bug and finding it globally.
Been there done, that. ;-) -Original Message- From: Jochem van Dieten [mailto:[EMAIL PROTECTED] Sent: Thursday, January 15, 2004 8:36 AM To: CF-Talk Subject: Re: Cfqueryparam bug and finding it globally. Bryan F. Hogan wrote: > Hi all, I wrote a directory spider that recursively finds all pages on > my server in all sites that have the cfqueryparam bug with using > functions in the value attributes value. Just update your server: http://www.macromedia.com/support/coldfusion/ts/documents/quotes_hotfix. htm Jochem -- I don't get it immigrants don't work and steal our jobs - Loesje _ [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
Re: Cfqueryparam bug and finding it globally.
Bryan F. Hogan wrote: > Hi all, I wrote a directory spider that recursively finds all pages on > my server in all sites that have the cfqueryparam bug with using > functions in the value attributes value. Just update your server: http://www.macromedia.com/support/coldfusion/ts/documents/quotes_hotfix.htm Jochem -- I don't get it immigrants don't work and steal our jobs - Loesje [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
RE: Cfqueryparam bug and finding it globally.
Thanks Jochem! Works Perfectly! [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
Re: Cfqueryparam bug and finding it globally.
Bryan F. Hogan wrote: > Hi all, I wrote a directory spider that recursively finds all pages on > my server in all sites that have the cfqueryparam bug with using > functions in the value attributes value. > > What I want to do is be able to determine the line number of the > offending cfqueryparam tag. Does anyone have any thoughts? Loop over the template using something like: ListContains(page, REReplaceNoCase(page,".*(]*value=""[^""]*\([^""]*""[^>]*>).*","\1"), chr(13)) Jochem -- I don't get it immigrants don't work and steal our jobs - Loesje [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
Re: Cfqueryparam bug and finding it globally.
On Wednesday 07 Jan 2004 16:38 pm, Jamie Jackson wrote: > Look into grep on unix, findstr on windows. Finstr's regex isn't as > good as unix's, Though there are many ways to get GNU grep onto Win32. -- Tom Chiverton Advanced ColdFusion Programmer Tel: +44(0)1749 834997 email: [EMAIL PROTECTED] BlueFinger Limited Underwood Business Park Wookey Hole Road, WELLS. BA5 1AF Tel: +44 (0)1749 834900 Fax: +44 (0)1749 834901 web: www.bluefinger.com Company Reg No: 4209395 Registered Office: 2 Temple Back East, Temple Quay, BRISTOL. BS1 6EG. *** This E-mail contains confidential information for the addressee only. If you are not the intended recipient, please notify us immediately. You should not use, disclose, distribute or copy this communication if received in error. No binding contract will result from this e-mail until such time as a written document is signed on behalf of the company. BlueFinger Limited cannot accept responsibility for the completeness or accuracy of this message as it has been transmitted over public networks.*** [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
RE: Cfqueryparam bug and finding it globally.
er, studio 5 DRE -Original Message- From: Andre Turrettini [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 07, 2004 10:01 AM To: CF-Talk Subject: RE: Cfqueryparam bug and finding it globally. In cf5, you can do a search and then save it as a text file. Right click on your search and say save as. Then you could loop that list in coldfusion, do a cffile on that file, do a substring to the position given in the text file, then count the chr13s that occur in that substring. I think that would give you the line no. DRE -Original Message- From: Bryan F. Hogan [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 07, 2004 9:52 AM To: CF-Talk Subject: RE: Cfqueryparam bug and finding it globally. Interesting, I'll look into it. Thanks -Original Message- From: Jamie Jackson [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 07, 2004 11:38 AM To: CF-Talk Subject: Re: Cfqueryparam bug and finding it globally. Look into grep on unix, findstr on windows. Finstr's regex isn't as good as unix's, of course, so you may want to pipe the results of findstr to a file, and use some CF regex on that. _ _ [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
RE: Cfqueryparam bug and finding it globally.
In cf5, you can do a search and then save it as a text file. Right click on your search and say save as. Then you could loop that list in coldfusion, do a cffile on that file, do a substring to the position given in the text file, then count the chr13s that occur in that substring. I think that would give you the line no. DRE -Original Message- From: Bryan F. Hogan [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 07, 2004 9:52 AM To: CF-Talk Subject: RE: Cfqueryparam bug and finding it globally. Interesting, I'll look into it. Thanks -Original Message- From: Jamie Jackson [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 07, 2004 11:38 AM To: CF-Talk Subject: Re: Cfqueryparam bug and finding it globally. Look into grep on unix, findstr on windows. Finstr's regex isn't as good as unix's, of course, so you may want to pipe the results of findstr to a file, and use some CF regex on that. _ [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
Re: Cfqueryparam bug and finding it globally.
hI use PreserveSingleQuotes() anyways due to SQL Serverguess I'm GTG ;-) Bryan Stevenson B.Comm. VP & Director of E-Commerce Development Electric Edge Systems Group Inc. t. 250.920.8830 e. [EMAIL PROTECTED] - Macromedia Associate Partner www.macromedia.com - Vancouver Island ColdFusion Users Group Founder & Director www.cfug-vancouverisland.com - Original Message - From: Bryan F. Hogan To: CF-Talk Sent: Wednesday, January 07, 2004 8:51 AM Subject: RE: Cfqueryparam bug and finding it globally. Using functions inside the cfqueryparams that have the value of cf_sql_varchar, cf_sql_longvarchar causes single quotes to double up. -Original Message- From: Bryan Stevenson [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 07, 2004 11:20 AM To: CF-Talk Subject: Re: Cfqueryparam bug and finding it globally. Not sure how to go after the line numbersbut what's the bug? [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
RE: Cfqueryparam bug and finding it globally.
Interesting, I'll look into it. Thanks -Original Message- From: Jamie Jackson [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 07, 2004 11:38 AM To: CF-Talk Subject: Re: Cfqueryparam bug and finding it globally. Look into grep on unix, findstr on windows. Finstr's regex isn't as good as unix's, of course, so you may want to pipe the results of findstr to a file, and use some CF regex on that. [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
RE: Cfqueryparam bug and finding it globally.
Nice. ;) -Original Message- From: stas [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 07, 2004 11:28 AM To: CF-Talk Subject: Re: Cfqueryparam bug and finding it globally. Just a thought, but you could probably look at MX's Code Analyzer in the CFMX Administrator, if it isn't encrypted or some kind of Java CFX. [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
RE: Cfqueryparam bug and finding it globally.
I'll try that. Thanks -Original Message- From: Mike Townend [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 07, 2004 11:24 AM To: CF-Talk Subject: RE: Cfqueryparam bug and finding it globally. if you are using homesite, then you could do a find in files and point it to the root directory and include subdirs? [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
RE: Cfqueryparam bug and finding it globally.
Using functions inside the cfqueryparams that have the value of cf_sql_varchar, cf_sql_longvarchar causes single quotes to double up. -Original Message- From: Bryan Stevenson [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 07, 2004 11:20 AM To: CF-Talk Subject: Re: Cfqueryparam bug and finding it globally. Not sure how to go after the line numbersbut what's the bug? [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
Re: Cfqueryparam bug and finding it globally.
Look into grep on unix, findstr on windows. Finstr's regex isn't as good as unix's, of course, so you may want to pipe the results of findstr to a file, and use some CF regex on that. Jamie On Wed, 7 Jan 2004 11:15:42 -0500, "Bryan F. Hogan" <[EMAIL PROTECTED]> wrote: >Hi all, I wrote a directory spider that recursively finds all pages on >my server in all sites that have the cfqueryparam bug with using >functions in the value attributes value. > >What I want to do is be able to determine the line number of the >offending cfqueryparam tag. Does anyone have any thoughts? > >It doesn't have to be a CF solution another solution is fine also. > >I want to find the line numbers of all cfqueryparams that have a >function in the value attribute. > >Thanks >Bryan > > > [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
Re: Cfqueryparam bug and finding it globally.
Just a thought, but you could probably look at MX's Code Analyzer in the CFMX Administrator, if it isn't encrypted or some kind of Java CFX. - Original Message - From: Bryan F. Hogan To: CF-Talk Sent: Wednesday, January 07, 2004 11:15 AM Subject: Cfqueryparam bug and finding it globally. Hi all, I wrote a directory spider that recursively finds all pages on my server in all sites that have the cfqueryparam bug with using functions in the value attributes value. What I want to do is be able to determine the line number of the offending cfqueryparam tag. Does anyone have any thoughts? It doesn't have to be a CF solution another solution is fine also. I want to find the line numbers of all cfqueryparams that have a function in the value attribute. Thanks Bryan [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
RE: Cfqueryparam bug and finding it globally.
if you are using homesite, then you could do a find in files and point it to the root directory and include subdirs? HTH -Original Message- From: Bryan F. Hogan [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 7, 2004 16:16 To: CF-Talk Subject: Cfqueryparam bug and finding it globally. Hi all, I wrote a directory spider that recursively finds all pages on my server in all sites that have the cfqueryparam bug with using functions in the value attributes value. What I want to do is be able to determine the line number of the offending cfqueryparam tag. Does anyone have any thoughts? It doesn't have to be a CF solution another solution is fine also. I want to find the line numbers of all cfqueryparams that have a function in the value attribute. Thanks Bryan _ [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
Re: Cfqueryparam bug and finding it globally.
Not sure how to go after the line numbersbut what's the bug? Bryan Stevenson B.Comm. VP & Director of E-Commerce Development Electric Edge Systems Group Inc. t. 250.920.8830 e. [EMAIL PROTECTED] - Macromedia Associate Partner www.macromedia.com - Vancouver Island ColdFusion Users Group Founder & Director www.cfug-vancouverisland.com - Original Message - From: Bryan F. Hogan To: CF-Talk Sent: Wednesday, January 07, 2004 8:15 AM Subject: Cfqueryparam bug and finding it globally. Hi all, I wrote a directory spider that recursively finds all pages on my server in all sites that have the cfqueryparam bug with using functions in the value attributes value. What I want to do is be able to determine the line number of the offending cfqueryparam tag. Does anyone have any thoughts? It doesn't have to be a CF solution another solution is fine also. I want to find the line numbers of all cfqueryparams that have a function in the value attribute. Thanks Bryan [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
RE: CFQUERYPARAM bug?
but shouldn't the carriage return and tab preceding the "AND" be honored as spaces? - j james curran technical director nylon technology [EMAIL PROTECTED] 212-691-1134 -Original Message- From: Mark A. Kruger - CFG [mailto:[EMAIL PROTECTED] Sent: Friday, November 07, 2003 5:53 PM To: CF-Talk Subject: RE: CFQUERYPARAM bug? I'd wager that syntactically you would be stringing your variables together with your keywords as in "WHERE the_id=?AND the_other_id=? no space between the q-mark and the "AND". keywords are always delimited by spaces. When the driver does the "prepare" task it sees a bind placeholder abutting a keyword and throws an error. -Mark -Original Message- From: Jim Curran [mailto:[EMAIL PROTECTED] Sent: Friday, November 07, 2003 4:31 PM To: CF-Talk Subject: CFQUERYPARAM bug? Hey All, Just figured i'd see if anyone else has insight on this: Using 6.1 and MSSQL Server SELECT * FROM table WHERE the_id = cfsqltype="CF_SQL_INTEGER"> AND the_other_id = cfsqltype="CF_SQL_INTEGER"> If i have *no* space after the first queryparam and before the return, I get an "invalid datatype conversion" Seems as if the cfqueryparam does not apply spacing and the carrage return and tab characters are lost preceding the AND... It's simple to prevent... But wanted to see if I should post this to MACR or let it be.. - j james curran technical director nylon technology [EMAIL PROTECTED] 212-691-1134 _ [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
Re: CFQUERYPARAM bug?
Jim Curran wrote: > > Using 6.1 and MSSQL Server > > > SELECT * > FROM table > WHERE the_id = > cfsqltype="CF_SQL_INTEGER"> > AND the_other_id = > cfsqltype="CF_SQL_INTEGER"> > > > If i have *no* space after the first queryparam and before the return, I get > an "invalid datatype conversion" > > Seems as if the cfqueryparam does not apply spacing and the carrage return > and tab characters are lost preceding the AND... > > It's simple to prevent... But wanted to see if I should post this to MACR or > let it be.. Please post it to Macromedia, it might help somebody in the the future who does not recognize the issue directly. Jochem -- Who needs virtual reality if you can just dream? - Loesje [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
RE: CFQUERYPARAM bug?
I'd wager that syntactically you would be stringing your variables together with your keywords as in "WHERE the_id=?AND the_other_id=? no space between the q-mark and the "AND". keywords are always delimited by spaces. When the driver does the "prepare" task it sees a bind placeholder abutting a keyword and throws an error. -Mark -Original Message- From: Jim Curran [mailto:[EMAIL PROTECTED] Sent: Friday, November 07, 2003 4:31 PM To: CF-Talk Subject: CFQUERYPARAM bug? Hey All, Just figured i'd see if anyone else has insight on this: Using 6.1 and MSSQL Server SELECT * FROM table WHERE the_id = cfsqltype="CF_SQL_INTEGER"> AND the_other_id = cfsqltype="CF_SQL_INTEGER"> If i have *no* space after the first queryparam and before the return, I get an "invalid datatype conversion" Seems as if the cfqueryparam does not apply spacing and the carrage return and tab characters are lost preceding the AND... It's simple to prevent... But wanted to see if I should post this to MACR or let it be.. - j james curran technical director nylon technology [EMAIL PROTECTED] 212-691-1134 [Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
