Thanks Michael,
Daryl Fullerton,
Managing Partner,
BizNet Solutions,
Allaire Premier Partner (Ireland)
133 - 137 Lisburn Road
Belfast
BT9 7AG
N.Ireland
Direct +44 (0) 28 9022 7888
Tel +44 (0) 028 9022 3224
Fax +44 (0) 028 9022 3223
[EMAIL PROTECTED]
Http://www.BizNet-Solutions.com
[EMAIL
Hi,
can anyone suggest alternate creditcard payment system, as one of my client cant
get me a Merchant accunt information.
my problem scene is that the user should get registered only if the user
provides a valid creditcard number and the amount gets creditited to my bank
account .
i have
What does everyone else do when you have the logs and IP of
the culprit?
If I'm bored I'll mail abuse@domain and their upstream provider.
Never had anything comeback from doing that, so usualy I dont bother
anymore.
~~
Structure your
use it. I simply find the attacking IP(s) and drop their packets. Of
A proper DoS will use random faked IP's in the packets.
In which case you can do... err... nothing.
~~
Structure your ColdFusion code with Fusebox. Get the official book at
PIII Dual 522 Mz, 1GB RAM, a bunch of Access databases, CF 4.51 SP2,
IMail, O'Reilly Website Pro 3.
I restart the CF services daily and reboot once a month. Never a
problem except for an occasional cfserver.exe Doc Watson error which
doesn't seem to affect anything.
--
Bud Schneehagen -
I never have had to reboot the server in anger the services etc.. have
only ever been restarted on a OS update.
~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ:
I reported someone to his IT department (dummy was hacking from work!) and
got an immediate response.
JoAnn A. Schlosser
Consultant
Association Management Software
Grant Thornton LLP
Washington, D. C.
703.837.4428
-Original Message-
From: Thomas Chiverton [mailto:[EMAIL PROTECTED]]
Using the url 'xxx.cfm?show=23;%20DROP%20TABLE%20MyStuff'
I attempted to drop my table and it failed. Why didn't it drop the table?
Either I've done something to prevent it that I'm unaware of or I used
invalid
syntax.
---
[Microsoft][ODBC Microsoft Access Driver]
Let us see the query where you used the url.show parameter. Also as an aid,
turn on debugging in cf and grab the actual generated query to see what you
db actually saw
- Original Message -
From: Bosky, Dave [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Sent: Monday, August 13, 2001
SELECT myitem, myphoto
FROM mystuff
WHERE Show=#URL.Show#
-Original Message-
From: Don Vawter [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 13, 2001 9:12 AM
To: CF-Talk
Subject: Re: Hacking CF Web Sites and Applications
Let us see the query where you used the url.show parameter.
In your select statement if you wrapped you where whatever = 23 in single
quotes, or in a val() statement either of those would keep that from
happening. Which is a good thing.
-Original Message-
From: Bosky, Dave [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 13, 2001 9:02 AM
To:
I might be wrong, but I don't think you can issue multiple SQL commands to Access in
this way.
-Andy
-Original Message-
From: Bosky, Dave [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 13, 2001 9:25 AM
To: CF-Talk
Subject: RE: Hacking CF Web Sites and Applications
SELECT
Hi Vikram,
We use Worldpay http://www.worldpay.com. They process the credit card
numbers online. If the payment fails for whatever reason you are redirected
to one page, if its successful you are directed to another, and particular
details like address and email etc are passed through as form
That's what I was thinking.
~Dave
-Original Message-
From: Andrew Tyrone [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 13, 2001 9:34 AM
To: CF-Talk
Subject: RE: Hacking CF Web Sites and Applications
I might be wrong, but I don't think you can issue multiple SQL commands to
Access
Is or has anyone used Definitive Web Solutions for ColdFusion hosting
http://www.dwsgroup.com http://www.dwsgroup.com/ If so any comments? We
have a client looking to use them and asking for our opinion.
Kind Regards - Mike Brunt
Tel: 562.790.8631
Instant Messaging Handles: -
AIM (AOL):
We've tried this with Oracle as well, and it does not work. This would
leave a major hole in a lot of apps if this did work.
-Original Message-
From: Bosky, Dave [SMTP:[EMAIL PROTECTED]]
Sent: 13 August 2001 14:44
To: CF-Talk
Subject:RE: Hacking CF Web Sites and
With the above facts in place wouldn't be possible to, on
your server (i.e. the thing that's being attacked) :-
a) add an association for .ida to point to the coldfusion
engine.
b) create a default.ida in which one captures the remote
address of the system trying to do the exploit.
Well, I just had my question answered. Oracle stored
procedures do not return result sets. So, to get multiple
records out of Oracle stored procs, you have to have the
stored proc return an array of records and then have CF parse
the array.
This used to be true, with CF 4.0.1, but is no
Instead on cfhttp do a net send xxx.xxx.xxx.xxx Your machine is infected
with code red.
Rich
-Original Message-
From: Dave Watts [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 13, 2001 11:15 AM
To: CF-Talk
Subject: RE: Total Fix For Code Red
With the above facts in place
Or is this totally unethical - love to hear your thoughts
I think that it would be wrong to compromise someone else's
system, even for ostensibly good goals.
Agreed, but what would be the harm of generating an email to webmaster@...,
admin@, and support@... with a link to the patch and
What person in their right mind would click a link they got from an email telling them
their server is compromised? Remember, I said right mind. Think of all the
malicious attacks that could be propagated in this way.
-Original Message-
From: C. Hatton Humphrey [mailto:[EMAIL
Or is this totally unethical - love to hear your thoughts
I think that it would be wrong to compromise someone else's
system, even for ostensibly good goals.
Agreed, but what would be the harm of generating an email to
webmaster@..., admin@, and support@... with a link to the
Again, I agree... the question was not, would people do this. That's why
I suggested including a link to the official download of the patch (maybe I
left out the word official there, so I apologies). The latter suggestion, a
link to an automatic fix, was added in as an afterthought since the
For some reason the code below lists the last file in the listing as a
directory even though it is a file?
Try it out. Make sure you have some text files in your root directory.
cfparam name=dir default=d:\
cfoutput
CFDIRECTORY ACTION=LIST DIRECTORY=#dir# NAME=test
cfset testCount = 0
Come join us in Atlanta for 60 hours of advanced, intensive ColdFusion 5
training and the most challenging 5 days you've ever spent churning code.
The Advanced Bootcamp for ColdFusion 5, Database, and Javascript covers
these subjects at the advanced level, and will give you the opportunity to
Good Morning,
I had read somewhere awhile back that there was a way for someone to 'view
CF source code' from a browser. I want to know if this is true and if so, is
there anyway to protect against that?
Thanks
Sal
~~
Structure your ColdFusion
try this..
cfparam name=dir default=d:\
cfoutput
CFDIRECTORY ACTION=LIST DIRECTORY=#dir# NAME=test
cfset testCount = 0
cfset temp =
cfloop query=test
cfif type eq Dir and not ( name is . or name is .. )
cfset temp = listappend(temp,#name#)
cfset testCount =
append +.htr to the end of a cfm url
like index.cfm+.htr
I think, it's an IIS security hole tht wa patched about a year ago now, just
make sure you have the latest patches and you'll be fine.
-Original Message-
From: S R [mailto:[EMAIL PROTECTED]]
Sent: 13 August 2001 16:39
To: CF-Talk
True...
However, identification of the type of attack and from regular sources
(even Class-C's) makes this a simple fix. Works quite well. We've had
great success with it. I'm sure we are blocking a few IP's that don't
deserve it. When (and if) we are ever told about them, we'll handle
them.
Hello S,
nt5
http://www.microsoft.com/WINDOWS2000/downloads/critical/q267559/default.asp
nt4
http://www.microsoft.com/NTServer/nts/downloads/critical/q267559/default.asp
--
Critter, MMCP
Certified ColdFusion Developer
Crit[s2k] - CF_ChannelOP Network=Efnet Channel=ColdFusion
Append ?mode=debug to the URL.
See tech note 17767.
Fix by restricing debug output in the administrator to 127.0.0.1 only.
someone to 'view
CF source code' from a browser. I want to know if this is
true and if so, is
there anyway to protect against that?
That's it!
Thanks a million Craig!
At 04:49 PM 8/13/01 +0100, you wrote:
try this..
cfparam name=dir default=d:\
cfoutput
CFDIRECTORY ACTION=LIST DIRECTORY=#dir# NAME=test
cfset testCount = 0
cfset temp =
cfloop query=test
cfif type eq Dir and not ( name is . or name is .. )
As Server admin:
I would agree with Dave. If someone installed an upgrade on my server with
out my blessing, I would be very irate. Plus, I would have no proof of what
else they installed on the server. Back door?? User account?
I would regard this as a virus and the author deserving the
Try Cf_Sourcebrowser. Here is the link:
http://www.roch-cfug.org/downloads/cf_sourcebrowser.zip
Rich
-Original Message-
From: S R [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 13, 2001 11:39 AM
To: CF-Talk
Subject: view CF code
Good Morning,
I had read somewhere awhile back that
On 8/13/01, Dave Watts penned:
There would be no harm in notifying someone that his computer has been
compromised; in fact, I know quite a few people who are doing that. I'd be
reluctant to build something that could do the installation itself, though -
that's asking for trouble.
How would you
Rick OsborneI realize this is a bit off-topic, but ...
I spent a few hours last week going through logs in an attempt to analyze
how much we were affected by Code Red, even though we were never actually
vulnerable. (We have a guy here who is a patch zealot.) I was just curious
to see how many
After reading articles
http://www.allaire.com/Handlers/index.cfm?ID=21371Method=Full
and
http://www.allaire.com/Handlers/index.cfm?ID=21370Method=Full
about the cfform issues in Coldfusion 5 and installing the required jre
v1.3.0_01
another hack question. I've read Don Vawter's website on how to prevent this
type of attack. Someone told me at my work that there's an IIS patch that
prevents this. Is this true? I'm using IIS 4.0 and SQL 7.0 and SQL 2000 for
the backend. I want to go back and add these fixes to my CF pages,
Hello, i'm running a stored proc that contains two queries. if the first
query runs and does not return records, i need to run the second query. Can
anyone tell me the equivilent of recordCount in Transact-SQL? Thanks.
~~
Structure your ColdFusion
There is now a new version of Arcadia available for download. The package
simply gathers all the recent patches into the main download. So if you have
downloaded and applied the patches then there is no need to download the new
package.
As well I've added a series of snippets to the Files
Is there any way in CF to set the input type of a form field. Basically I only want
the user to be able to enter text and not HTML in a form field?
Cheers,
Chris Bohill.
~~
Structure your ColdFusion code with Fusebox. Get the official book at
another hack question. I've read Don Vawter's website on how
to prevent this type of attack. Someone told me at my work that
there's an IIS patch that prevents this. Is this true? I'm using
IIS 4.0 and SQL 7.0 and SQL 2000 for the backend. I want to go
back and add these fixes to my CF
Hello, i'm running a stored proc that contains two queries.
if the first query runs and does not return records, i need
to run the second query. Can anyone tell me the equivilent
of recordCount in Transact-SQL? Thanks.
You should be able to use @@ROWCOUNT for this.
Dave Watts, CTO, Fig
Is there any way in CF to set the input type of a form field.
Basically I only want the user to be able to enter text and
not HTML in a form field?
The short answer is not really. You can't do anything in CF to limit what
a user can put into a form field. You can, however, build server-side
If your running a SELECT statement you can include COUNT(*) as an extra
column. If you are running another SQL statement which does not return a
recordset (INSERT, DELETE, UPDATE) you can check the @@ROWCOUNT something
like:
IF @@ROWCOUNT = 0
YOUR SECOND QUERY
Cheers,
Bill
In a
First Query here
IF @@rowcount = 0
BEGIN
-- Second query here
END
--
Andrew Ewings
Project Manager
Thoughtbubble Ltd
http://www.thoughtbubble.net
--
another hack question. I've read Don Vawter's website on how to
prevent this
type of attack. Someone told me at my work that there's an IIS patch that
prevents this. Is this true? I'm using IIS 4.0 and SQL 7.0 and
SQL 2000 for
the backend. I want to go back and add these fixes to my CF
THe +.htr works on a global.asa but not on regular asp pages. What does
this actually do?
-Original Message-
From: S R [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 13, 2001 12:44 PM
To: CF-Talk
Subject: URL Hack Fix??
another hack question. I've read Don Vawter's website on how to
Darien,
Sorry to get to this late
I am also available to help out, both now and later. Just let me know...
Marwan Saidi
Webmaster
CED - Concord IS
[EMAIL PROTECTED]
407.741.8645
-Original Message-
From: Darien C. Small [mailto:[EMAIL PROTECTED]]
Sent: Sunday, August 12, 2001
Hi Craig,
Your code worked great. I'm still having trouble incorporating the code
into the DIRLIST query. It ALWAYS returns the value 8.
I need the directories in the DIRLINK query to increment so I can can check
against the previous loop (dircount1) and set the appropriate graphic for
the
I like that solution
From: Stephen Moretti [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Subject: RE: URL Hack Fix??
Date: Mon, 13 Aug 2001 18:15:36 +0100
another hack question. I've read Don Vawter's website on how to
prevent this
type of attack. Someone
@@Rowcount is overwritten as soon as you execute the next query.
So, it might be wise to do something like the following:
declare @MyRowCount int
'Your first query here'
set @MyRowCount = @@RowCount
if @MyRowCount = 0
begin
'Your second query here'
end
This is especially useful if
Really??? I use this option all the time as a (sometimes) quicker navigation
of a website.
I think your approach would be best suited to those who are doing this with
malicious intent, not for those of us who know what we are doing, and don't
intend to hack a site per se.
grins
Shawn Grover
How would you get contact information from an IP address to
notify someone?
You can do a reverse DNS lookup, then find out who's responsible for that
name. Obviously, this won't always work.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
Check it out...
http://webtechniques.com/archives/2001/09/infrrevu/
~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives:
Adam Reynolds wrote:
We've tried this with Oracle as well, and it does not work. This would
leave a major hole in a lot of apps if this did work.
Only in bad applications. And according to the docs on the Allaire
website it does work for quitesome applications.
Jochem
CF doesn't offer any automatic validation to protect HTML input, but like
Dave says, server-side tests are a MUST if you don't want to allow users'
typing to be interpreted tags. We usually have application variables named
something like goodlist and badlist and use the listReplace() function
on
And on a related note.. What are the best ways to go about ensuring that
the parameters passed are valid?
Is a simple:
cfif IsDefined(URL.id) AND IsNumeric(URL.id)
do the query
cfelse
kick someone in the keister
/cfif
sufficient, or are there more sinister things to look for? (This of
Val(URL.id) passes the value of the URL.id, unless it's non-numeric, in
which case it passes a zero. Use like so:
WHERE ID = Val(URL.id)
-Cameron
Cameron Childress
elliptIQ Inc.
p.770.460.1035.232
f.770.460.0963
--
http://www.neighborware.com
America's Leading Community
With a net send you only need the ip address and it will pop-up an alert box
on the infected machine, no reverse dns, no guessing admin emails. The only
thing is that someone has to look at the screen to see the message.
-Original Message-
From: Bud [mailto:[EMAIL PROTECTED]]
Sent:
You should ALWAYS check the validity of URL parameters. You never know if a
user is going to simply type in a URL, and not click a link in your app.
At a bare minimum, you have to make sure you have the required parameters to
prevent your page from crapping out.
For numeric values, checking to
Of course, that is:
WHERE ID = #Val(URL.id)#
*With the pound signs*
-Cameron
Cameron Childress
elliptIQ Inc.
p.770.460.1035.232
f.770.460.0963
--
http://www.neighborware.com
America's Leading Community Network Software
-Original Message-
From: Cameron
With a net send you only need the ip address and it will
pop-up an alert box on the infected machine, no reverse dns,
no guessing admin emails. The only thing is that someone has
to look at the screen to see the message.
This assumes a couple of things. First, that the target machine is
On 8/13/01, Dave Watts penned:
How would you get contact information from an IP address to
notify someone?
You can do a reverse DNS lookup, then find out who's responsible for that
name. Obviously, this won't always work.
Yeah, but 99% of the time you're just going to get an ISP on a
Yeah, but 99% of the time you're just going to get an ISP on a
reverse lookup. You certainly aren't going to get any help from
them finding out who was assigned that IP address at that time
(if dynamic) or who is assigned it permanently (if static).
That's correct, for
I have a machine that I need to change the serial number (cdkey) on (from
a pirated number to a real legit number). How can I do it without
re-installing the whole OS?
Tony Schreiber, Senior Partner Man and Machine, Limited
mailto:[EMAIL PROTECTED]
On 8/13/01, Richard Kuryk penned:
With a net send you only need the ip address and it will pop-up an alert box
on the infected machine, no reverse dns, no guessing admin emails. The only
thing is that someone has to look at the screen to see the message.
What's the syntax? I get an error that
Yes, but if they don't know they have code red and there machine is
unpatched, I would imagine the admin is some home user that got a cd from of
nt server and doesn't have a clue how to properly configure and secure there
box. So for the people that are still infected they have every service
Hello,
We've all of a sudden developed a problem with CFMAIL. Now, this could be
related to the fact that we just upgraded to 4.5 from 4.0. (Yes, we have
5.0 in house, but don't ask - it's outta my hands . . . ). Anyway, now, the
CFMAIL will send out one or two mails, then everything gets
You could automate it thru CF to loop thru your log file:
CFQUERY NAME=rs
DBTYPE=dynamic
CONNECTSTRING=Driver={Microsoft Text Driver (*.txt;
*.csv)};Dbq=c:\;Extensions=asc,csv,tab,txt;Persist Security Info=False;
SELECT clienthost from internetlog.csv
/CFQUERY
cfset crlf=chr(10) chr(13)
try looking at the registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion OR
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion OR
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows 2000\CurrentVersion
and look for something called Productkey i think
Pooh Bear
Web
Is there anything in the CFMAIL log file? I would look there first.
HTH,
Howie Hamlin - inFusion Project Manager
On-Line Data Solutions, Inc.
www.CoolFusion.com
631-737-4668 x101
inFusion Mail Server (iMS) - The Intelligent Mail Server
Join the DevCon community at www.coolfusion.com/devcon
I tried a few address using net send and they all failed.
With a net send you only need the ip address and it will
pop-up an alert box on the infected machine, no reverse dns,
no guessing admin emails. The only thing is that someone has
to look at the screen to see the message.
This
That's it? I expected it to be hashed or encrytped or something...
Yeah, there it is, ProductID...
try looking at the registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion OR
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion OR
That's it? I expected it to be hashed or encrytped or something...
Yeah, there it is, ProductID...
Note that there is another key, DigitalProductID, which contains the same
information, but within some encoding or with some extra information. I
don't know if there'll be a problem if they
Posting this for any developers in the Dallas/Forth Worth area who
aren't on the DFWCFUG mailing list. If you're not, you can subscribe at
www.DFWCFUG.org!
Our August meeting is next Tuesday, AUGUST 14, at 7:00 pm (pizza at
6:30).
Seth Bienek of Digitaris will be discussing User-Defined
Yes, but if they don't know they have code red and there machine
is unpatched, I would imagine the admin is some home user that
got a cd from of nt server and doesn't have a clue how to properly
configure and secure there box. So for the people that are still
infected they have every
This may be simple minded, but you don't need to know every word they use. A
filter that elaborate would make a site practically useless. However, most
(actually all) hacks must contain a specific syntax to initiate the security
hole. For example, the URL attacks on you followed a
Net send will only work locally unless someone has opened their world
to you and is authenticated there.
-paris
[finding the future in the past, passing the future in the present]
[connecting people, places and things]
-Original Message-
From: Dave Watts [EMAIL PROTECTED]
Date: Mon,
I did a couple of presentations on using Flash and ColdFusion together at
the San Diego CFUG a few months ago, you can download them here if you'd
like.
http://www.ninthlink.com/showcase/programming.html
---
Paul Mone
Ninthlink Consulting Group
[EMAIL PROTECTED]
http://www.ninthlink.com
Ok... that did it...
It was saving using the
CFSET Evaluate(scopeVar . func = func)
syntax that did the trick! It sure is nice not having to include the
functions in every single custom tag call...
It's interesting how ColdFusion 5.0 seems to allow these functions to be
saved in a
It's interesting how ColdFusion 5.0 seems to allow these functions to be
saved in a variable scope by referencing the functions as if they were
variables [scope.func=func]... rather than by referencing them as if they
were functions [scope.func=func() or scope.func()=func()]...
well wouldn't
Nothing in the log file. OK - we just updated ot CF5. Same problem . . .
Dave
- Original Message -
From: Howie Hamlin [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Sent: Monday, August 13, 2001 3:06 PM
Subject: Re: CFMail Problem 4.5 on NT 4 SP6
Is there anything in the CFMAIL
Josh R wrote:
This may be simple minded, but you don't need to know every word they use. A
filter that elaborate would make a site practically useless. However, most
(actually all) hacks must contain a specific syntax to initiate the security
hole. For example, the URL attacks on you
It's interesting how ColdFusion 5.0 seems to allow these
functions to be saved in a variable scope by referencing
the functions as if they were variables [scope.func=func]...
rather than by referencing them as if they were functions
[scope.func=func() or scope.func()=func()]...
We just upgraded our old ColdFusion server from 4.0 to 4.5 in preparation
for installing 5.0. Now we are getting the following error.
Error trying to create object specified in the tag.
COM error 0x800706BE. The remote procedure call failed.
Has anyone run into this problem?
There's no mail.log file in cfusion\log or is the file empty?
Regards,
Howie
- Original Message -
From: Dave Hannum [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Sent: Monday, August 13, 2001 4:12 PM
Subject: Re: CFMail Problem 4.5 on NT 4 SP6
Nothing in the log file. OK - we
it does install mdac.
- Original Message -
From: Shari Jung [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Sent: Monday, August 13, 2001 3:32 PM
Subject: Upgrade 4.0 to 4.5 - COM Objects
We just upgraded our old ColdFusion server from 4.0 to 4.5 in preparation
for installing 5.0.
What object is dying? It's possible that CF overwrote MDAC - you can
download the lastest version at
http://www.microsoft.com/data/download.htm; there's a utitlity called
Component Checker on that same page that will tell you what version you
have.
---
Billy Cravens
HR Systems, EDS
[EMAIL
Yes, after installing the CF server you should reinstall the MDAC version
2.5. Don't go up to 2.6 without installing 2.5 first.
tom
Shari Jung [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
We just upgraded our old ColdFusion server from 4.0 to 4.5 in
Do any of you an opinion on CFX_IMAP4 from http://www.advancedwebmail.com/?
Steven Lewis
ADNET Lead ColdFusion Developer
Office: 703-845-3996
Pager: 703-219-5759
~~
Structure your ColdFusion code with Fusebox. Get the official book at
Part of the next stage for Arcadia is to develop an XML based display and
syndication system.
Use of the XML display engine will be optional but the syndication system
will just run in the background creating static XML data using CFCache.
My initial thoughts are to use RSS 0.9 as the basis for
I just did a comparison stress test between the 2 servers and it looks like
4.5 was similar and in most cases beat version 5.
Anyone else run a similar test? Can you tell me about your results?
Henry Ahn
NextJump, Inc.
~~
Structure your
I made an attempt at using it about a year ago. At the time, it was a
little too buggy, but the guys seemed to be working on it pretty
hard. I would think it probably has come a long ways now.
Let me know what you think if you give it a try .
- Original Message -
From: Lewis Steven
Hi,
One of our customers will start sending us orders using XML. They
basically will post the file to a URL in our web server. Using ASP, I
can read the contents of the post using Request.BinaryRead. Is there
anything similar in ColdFusion?
Thanks in advance for your help.
Ricardo Villalobos
One of our customers will start sending us orders using XML. They
basically will post the file to a URL in our web server. Using ASP, I
can read the contents of the post using Request.BinaryRead. Is there
anything similar in ColdFusion?
You could use CFFile if it is a local asset or, perhaps
I am trying to change a field name with SQL in a Access database. I don't
quite have the right syntax with
alter products
alter product_id rename SKU
Sebastian
~~
Structure your ColdFusion code with Fusebox. Get the official book at
Read it using CFFile type=upload. You can then parse it using the
MSXML object.
---
Billy Cravens
HR Systems, EDS
[EMAIL PROTECTED]
-Original Message-
From: Zac Belado [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 13, 2001 4:57 PM
To: CF-Talk
Subject: RE: Reading an XML post
One
hmmm If you can get them to send you a WDDX file (which is just a standard
packaging DTS for XML), then you can use CFHTTP to read the file contents
into a variable, run the WDDX2CFM function to convert it into a recordset
for you, then use it as a plain jane Cold Fusion recordset.
I've done
If you have the ability to write the URL page they are posting to it
is very simple...
cfsetting EnableCFOutputOnly=Yes
cfif IsDefined(Form.XMLInput)
cftry
cf_XmlToFromStruct
action=XML2Struct input=#Form.XMLInput# output=structXMLIn
cfcatch type=any
1 - 100 of 120 matches
Mail list logo
