You should be able to restrict tags by setting up a security sandbox, from
the CF admin panel...
Taco Fleur
Blog
http://www.tacofleur.com/index/blog/
Methodology http://www.tacofleur.com/index/methodology/
Tell me and I will forget
Show me and I will remember
Teach me and I will learn
-Or
Michael does not filter posts based on language. Saying words associated
with various parts of the human body are legal for the list but may be
bounced by individual members own security software.
> What a bunch of... (I'm thinking of a properly descriptive word right now
that Michael's filters wo
How about just wrapping CFDirectory inside a custom CFC/custom tag? That is
the 1st thing that comes to my mind.
TK
-Original Message-
From: cfhelp [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 17, 2004 8:48 PM
To: CF-Talk
Subject: Security - Tag restrictions
I have multip
Why not run it via the mapping?
template="/myapp/err/global.cfm"
mailto="[EMAIL PROTECTED]">
> -Original Message-
> From: Jim McAtee [mailto:[EMAIL PROTECTED]
> Sent: 17 February 2004 22:11
> To: CF-Talk
> Subject: CF5 Error Handler Form
>
>
> In a particular applica
In a particular application I'd like to have a global error handler, ideally
set within application.cfm. My directory structure is something like the
following, with application.cfm located in /myapp/:
/
/myapp/
/myapp/subdirectory1/
/myapp/subdirectory2/
/myapp/err/
template="err/glob
I have multiple clients on the server that use CFDirectory, but it allows
them the ability to look at the whole server. Is there a way to restrict the
ability of CFDirectory, CFcontent, CFFILE and other tags like without
disabling them?
Rick
---
Outgoing mail is certified Virus Free.
Checked by
Anyone else have an idea of what the correct syntax is
BZaccheo
On 2/17/04 12:48 PM, "Butch Zaccheo" <[EMAIL PROTECTED]> wrote:
> Hi Rob,
>
> XmlTransform was my feeble attempt at formatting the ³verify_info²
> variable... Do you know the correct way?
>
> BZaccheo
>
> On 2/17/04 12:39 PM,
Barney wrote:
>Something more colorful?
I'd need at least two mirrors and a spotlight to know for sure :D
--Matt--
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
Stuart Kidd wrote:
> Actually Bret, I've given that code all a try and it works a treat,
> thanks so much! :-) And fixed the back button issue too!
>
Glad I could help!
-Bret
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
Yep, I think you have it. Also make sure that if your ISP allows your
domain name to be accessed without the "www." portion, you include that
as a catch, i.e.:
I do believe that CGI.SERVER_NAME is the correct server variable,
although I have been wrong before. :-)
Also, if you have trouble w
yes, i can GUARANTEE that.
how about $100 pay via paypal? Talk is cheap.
Once again, I am using oracle 8i.
Max() like count() is a group function.
Determines the largest value in a column.
Nick Han
>>> [EMAIL PROTECTED] 02/17/04 04:21PM >>>
> huh? this statement, select max(date_modified) fr
Actually Bret, I've given that code all a try and it works a treat,
thanks so much! :-) And fixed the back button issue too!
-Original Message-
From: bret [mailto:[EMAIL PROTECTED]
Sent: 17 February 2004 23:30
To: CF-Talk
Subject: Re: Reroute problem and "Google Search Me Please!"
Computer?
Nose?
Belly button?
Something more colorful?
Red socks?
> -Original Message-
> From: Matt Robertson [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, February 17, 2004 4:27 PM
> To: CF-Talk
> Subject: Re: OT: Ok, now I've seen it all
>
> from the article:
>
> "The security proble
Hi Bret,
I like that idea, thanks.
Is this what you mean?
TEMPLATE="/index_stuartkidd.cfm">
TEM
from the article:
"The security problem is a known issue that the Redmond, Washington-based vendor discovered internally before and fixed in IE 6.0, according to the statement."
I guess an IE5 patch was out of the question.
Microsoft: Security is Job 1.
What a bunch of... (I'm thinking of a
Thanks everyone. The weird thing is, that's what I thought, and I went to MM and searched and somehow got to a page that listed "flash remoting components" for $99. I was very confused and jumped to the conclusion that they were charging for it with mx2k4. Sorry MM, I'll stop cursing your name n
> huh? this statement, select max(date_modified) from estates,
> will never return more than one record.
>
> Therefore, using '=' is correct.
Can you GUARANTEE that?
If 2 records are modified at exactly the same time, it'll return more
than one record, which will break the "="
[Todays Threads]
Hi Jeremy,
FYI, BlueDragon very nicely addresses both the technical and licensing
issues you raise. Again, if you're interested I can have someone from our
sales and/or technical staff contact you with details.
Vince Bonfanti
New Atlanta Communications, LLC
http://www.newatlanta.com
-Ori
Hi Nathan,
We're currently working with several clients to deliver CFML applications on
CD using BlueDragon. So, yes, it's technically possible, and you'll find our
pricing to be quite flexible to suit your needs.
If you'd like, I can have someone from our sales and/or technical staff
contact
Flash Remoting is actually a server technology. There is some client code necessary to enable the magic, but the only real requirement is that you have a server with Flash Remoting support. If you're running CFMX, then you can do remoting out-of-the-box.
If you get an error that the file could n
Leaked Windows Code Opens IE Hole
The vulnerability allows an attacker gain control over a user's computer
by using a specially crafted *bitmap* file. When loaded using IE 5, the
file will trigger an overflow error and allow the attacker to run
arbitrary code on a victim's machine, according to a
Did you install the flash remoting components? If you look under help and
it does not say "Welcome to Flash Remoting" then you did not... you can get
them at mm, I think they are free.
Brook
At 03:50 PM 2/17/2004, you wrote:
>Can flash remoting be done in Flash MX 2004 Standard or do you need t
Peter Tilbrook wrote:
>I think you need to install the MyODBC drivers:
Nope. Thats only for pre-MX CF. He says he's using 6.1.
Interesting that this comes up, as I'm experiencing it now. On my main dev box I cannot get any -- previously working -- mySQL dsn's to verify either. With two shinin
Yeah, you're outta luck with '04 Standard. And even if you buy Pro, there's
still a million things that are "better" than in MX regarding data
interaction. Of course, "better" means "takes a shitton of ActionScript to
do, instead of a line or two in MX". Oh, and by the way, I'm bitter.
Cheers,
Thanks, Rob.
Don
>What Dave said - and Web services are perfect for that kind of thing,
>but you can do it with form variables and url variables if you have too
>- just watch for size limits and getting wack characters.
>
>
>On Tue, 2004-02-17 at 12:52, Chunshen Li wrote:
>>
[Todays Threads]
[
That's good to know, thanks. Dave.
>> Another, sort of related one, I've used CFHTTP post method
>> to send data to remote site before (years ago) successfully,
>> how different(supposedly tough) it might be for posting XML
>> content to a remote a site?
>
>It shouldn't be tough with CF5 or CFMX
Can flash remoting be done in Flash MX 2004 Standard or do you need to buy Professional? I tried including the netservices.as at the top of my action script and I get an error that it can't be found. I've tried searching macromedia, but it shows the flash remoting components to cost money and I s
huh? this statement, select max(date_modified) from estates, will never return more than one record.
Therefore, using '=' is correct.
Nick Han
>>> [EMAIL PROTECTED] 02/17/04 01:37PM >>>
Daniel,
See the discussion from the orinigal post why this approach is not a good idea.
As your database grow
I think you need to install the MyODBC drivers:
http://www.mysql.com/downloads/api-myodbc.html
Peter Tilbrook
Transitional Services - Enterprise eSolutions
Centrelink (http://www.centrelink.gov.au)
2 Faulding Street
Symonston ACT 2609
Tel: (02) 62115927
Those values should be good enough to connect, as long as your MySQL server
is configured to allow you in. I suspect that's the problem. Connect to
MySQL with the 'mysql' command-line client and issue this command
(substituting your info, of course):
grant select,insert,update,delete on .* to @'
Hi,
I am trying to connect to a MySQL database using CFMX and I cannot get the
connection to verify. Could someone who has connected to MySQL, please let me
know what fields in the MX admin are absolutly required to set up the
datasource correctly. This is one of my dev boxes and I have been a
Hey Stuart-
Why not do a cfswitch based on the CGI.SERVER_NAME variable? That way
it's on the server side and not dependent on _javascript_. In addition,
you don't have to deal with the back button madness if you CFINCLUDE the
pages you wish to act as the homepages instead of redirecting to the
One bit of immidiate feedback - I'd move the to the top of the
tag so that all those lines of comments don't come out as whitespace.
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
Hi guys,
I have a whole bunch of sites pointed at my domain which is hosted on a
server in the good ol' USA.
I have this _javascript_ which is below:
// Script prepared by KNF & Associates http://www.knfa.net
// If you use this script please ke
I just put together a custom tag for the greater good of the community... If
anybody has a free 5 minutes, try it out and let me know if you think it
could be useful. I'll add it to the developer's exchange and give it a
better URL if any of you like it...
Jon
http://www.jonathanblock.com/pineapp
Fair enough. I wanted to show that you *could* pull the top 5 or 10 records in
oracle. Funny how Oracle pseudocolumns work sometimes.
> Jeremy, I didn't use the rownum example because in the given scenario,
> using rownum may not give you the latest mod date record from the all
> records in the
BTW, BlueDragon as of 6.1 beta 2 now has built-in full-text search and
indexing via Lucene as well as HTTP spidering.
-Matt
On Feb 17, 2004, at 5:01 PM, Jamie Jackson wrote:
> I've pretty much decided to bite the bullet and fall back on Verity
> for spidered indexing, despite its inability to
Daniel,
See the discussion from the orinigal post why this approach is not a good idea.
As your database grows, your application will slow to a grinding hault, even when you
cache qurries. Better to use the database to to the work
Use the following query
select * from estates where featured = 1
What Dave said - and Web services are perfect for that kind of thing,
but you can do it with form variables and url variables if you have too
- just watch for size limits and getting wack characters.
On Tue, 2004-02-17 at 12:52, Chunshen Li wrote:
> Thanks, Rob. Another, sort of related one, I've
http://www.wiki.org/
Shawn
-Original Message-
From: Lofback, Chris [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 17, 2004 10:20 AM
To: CF-Talk
Subject: RE: CFML/ASP equivalents
Me too. I did find bits and pieces here and there but nothing
comprehensive. It seems like someone wo
> Another, sort of related one, I've used CFHTTP post method
> to send data to remote site before (years ago) successfully,
> how different(supposedly tough) it might be for posting XML
> content to a remote a site?
It shouldn't be tough with CF5 or CFMX - just use the CFHTTPPARAM tag with
TYPE=
I have a structure stored in the session scope that I convert to a WDDX
package, the structure does not contain any arrays, just simple values.
When I cfdump the structure it all looks fine, but when I dump it after its
converted to WDDX it says there are arrays in the structure??
The structure
I've pretty much decided to bite the bullet and fall back on Verity
for spidered indexing, despite its inability to natively parse DOCs
and PDFs.
Now, I'm wondering what strategies people are using to feed the text
versions of DOCs/PDFs to the spider.
The following seems like the best option to m
I just applied the patch to one of my servers and it didn't see to make
any difference. For those of you that have the patch, I am curious if
there is any difference between the following two snippets of code.
foo = "";
bar = foo.getClass().forName("java.lang.String");
bar = bar.newInstance(
Thanks, Rob. Another, sort of related one, I've used CFHTTP post method to
send data to remote site before (years ago) successfully, how different(supposedly
tough) it might be for posting XML content to a remote a site?
Regards,
Don
>> > Rob, I do appreciate your help. The following link see
Not a troll at all, but rather unclear writing on my part.
I wasn't refering to application-level security, I meant something like
this:
This won't prevent someone using getPageContext().forward() to call a fuse,
even though that fuse would be inaccessible on a URL because of the code
above.
Hi Dave,
While I had already read those links, they were indeed among the most
helpful. However, it's still hard to prethink pitfalls associated with
Lucene/CFMX spidering just going by these tutorials. Therefore, in
order to eliminate a lot of the unknown, I'm going to avoid Lucene for
the time b
Probably because your e-mail address contains the word "lick". (<[EMAIL PROTECTED]>) LOL.
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
> > Rob, I do appreciate your help. The following link seems working,
> > http://68.32.61.40/ccbn/PressReleaseList.cfm
> > its subsequent/child one seems not,
> > for instance, http://68.32.61.40/ccbn/PressReleaseText.
> > cfm?releaseID=309866
Nice they look good :)
> >
> > I'm not sure I like
> You might point out that you can easily, unwittingly create security holes
> with just CF! For example, if you use unfiltered data from a form or a URL
> within a CFQUERY tag, that data could contain code which your database
> server will execute.
Yes, they're aware of this. But, I think they're
Dave Watts said:
> You must have missed this the first time, Matt.
But your prediction regarding who is interested was quite correct :-)
Jochem
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
My own fault, did not / could not concentrate.
> Rob, I do appreciate your help. The following link seems working,
> http://68.32.61.40/ccbn/PressReleaseList.cfm
> its subsequent/child one seems not,
> for instance, http://68.32.61.40/ccbn/PressReleaseText.
> cfm?releaseID=309866
>
> I'm not su
You must have missed this the first time, Matt.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
phone: 202-797-5496
fax: 202-797-5444
-Original Message-
From: Dave Watts [mailto:[EMAIL PROTECTED]
Sent: Wednesday, 28 January, 2004 14:56
To: CF-Talk
Subject: sandbox security & J
Rob, I do appreciate your help. The following link seems working,
http://68.32.61.40/ccbn/PressReleaseList.cfm
its subsequent/child one seems not,
for instance, http://68.32.61.40/ccbn/PressReleaseText.cfm?releaseID=309866
I'm not sure I like to deal with XSLT.
Thanks.
Don
P.S. I think I've po
Matt Liotta said:
>> You mean you have already found a workaround for Maromedia's fix?
>
> I am not aware of this fix. Care you to share some information? I be
> happy to see if it is exploitable.
http://www.macromedia.com/devnet/security/security_zone/mpsb04-01.html
Jochem
[Todays Threads]
[T
> Okay, so if I put the redirect in a session variable, now
> does it seem reasonably safe to use?
Yes, it does seem that way to me.
> And, if I'm entirely honest, I think the server admins
> are worried that developers will unwittingly open up
> security holes, so instead of helping to educat
And people say that Oracle is better than SQL Server?
I do TOP quite a lot, so it'd be annoying to have to bury my query in a
sub-query that is "unnecessary"
> Intuitively, you would think so, but it doesn't work that
> way. The sql engine would do the rownum first and then apply
> the order-b
We're building a new server on a Dell box running RedHat 9 (2.4.20-8smp) and
Apache 2.0.40. This will be a multi-project/staged environment so I thought
to try and follow the "Installing and Configuring ColdFusion MX 6.1 Multiple
Instances with IIS and Apache Virtual Hosts" article on Macromedi
On Tue, 2004-02-17 at 12:47, Deanna Schneider wrote:
> And, if I'm entirely honest, I think the server admins are worried that
> developers will unwittingly open up security holes, so instead of helping to
> educate the developers as to what is safe and not safe, prefer to take the
> "safest" route
what about
"all")>
listLast(myDate, "/"))>
#dateFormat(myDate, "dd/mm/yy")# #timeFormat(myTime, "hh:mm tt")#
Taco Fleur
Blog
http://www.tacofleur.com/index/blog/
Methodology http://www.tacofleur.com/index/methodology/
Tell me and I will forget
Show me and I will remember
Teach me and I
*sigh*
> If you are hard coding the page to redirect to, when not then hard code it
on the form processing page instead of on the form itself? That would
remove one security issue altogether - you would now need to modify the
processing page to redirect somewhere else.
>
Because the idea is to h
Hi Rob,
XmlTransform was my feeble attempt at formatting the ³verify_info²
variable... Do you know the correct way?
BZaccheo
On 2/17/04 12:39 PM, "Rob Rohan" <[EMAIL PROTECTED]> wrote:
> On Tue, 2004-02-17 at 10:41, Butch Zaccheo wrote:
>> >
>> >
>> >
>> >
>> value="#len(tostring(instateme
Right, I understand that. I didn't say it was resourceful and I
wouldn't personally do it, but not knowing oracle, that was the best
suggestion I could come up with.
John Burns
-Original Message-
From: Philip Arnold [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 17, 2004 3:12 PM
To:
Okay, so if I put the redirect in a session variable, now does it seem
reasonably safe to use?
And, if I'm entirely honest, I think the server admins are worried that
developers will unwittingly open up security holes, so instead of helping to
educate the developers as to what is safe and not safe
Intuitively, you would think so, but it doesn't work that way. The sql engine would do the rownum first and then apply the order-by clause after.
So if you do this, select * from users where rownum >=10 and last_name='SMITH' order by last_name, first_name, you might not get exactly what you exp
On Tue, 2004-02-17 at 10:41, Butch Zaccheo wrote:
>
>
>
>
>
> merchantuserpassowrd", xmlString)#">
>
>
I have not done much with SOAP, but the xmlTransform() function expects
an xml document and an xsl(t) document - you are passing it 2 xml
documents.
--
Vale,
Rob
Luxuria immodica ins
> Yeah, sure would, because it all happens in the
> J2EE server. It also is probably possible to
> request .CFM files that are protected against
> access with code in Application.cfm, since I
> don't think Application.cfm runs on a .forward().
> This is a VERY common means of security in Fusebox
>
If you are hard coding the page to redirect to, when not then hard code it on the form processing page instead of on the form itself? That would remove one security issue altogether - you would now need to modify the processing page to redirect somewhere else.
My thoughts.
Shawn
-Origin
On Oracle:
SELECT * FROM (
SELECT myfield
FROM mytable
ORDER BY date_modified
)
WHERE ROWNUM = 1
Steve,
What db do you use?
> -Original Message-
> From: Nick Han [mailto:[EMAIL PROTECTED]
> Sent: dinsdag 17 februari 2004 20:58
> To: CF-Talk
> Subject: Re:query help...
>
> Jeremy, I di
It is run. Before I sent my original email I confirmed it. At least on
CFMX-NON-J2EE.
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
Hi,
I was wondering if anyone has heard of a Cold Fusion Based User Survey Tool/Form Generator that is robust enough to have a user fill out a survey online. It would need to be able to be dynamic so that based on an answer to the question, it will display a different question next. One of the a
Hi,
I was wondering if anyone has heard of a Cold Fusion Based User Survey Tool/Form Generator that is robust enough to have a user fill out a survey online. It would need to be able to be dynamic so that based on an answer to the question, it will display a different question next. One of the a
> This is just a snippet. The form itself doesn't allow the
> user to enter the redirect, it's entered by the developer
> in a hidden field, though I suppose if someone wanted to
> hack it they easily could.
Yes, this is exactly what I'm talking about. Any data that comes from the
browser canno
> Jeremy, I didn't use the rownum example because in the given
> scenario, using rownum may not give you the latest mod date
> record from the all records in the table.
Won't it give you the first record if you specify an ORDER BY?
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsu
> Well, if you do top 1 you would not want dates desc or the
> first one would be the newest (right?).
Oops, I mis-read, the desc was in there as I thought he wanted the
newest
> Other than that, you
> could just return the whole query (if there's no sort of top
> syntax for your DB it'll w
Yeah, sure would, because it all happens in the J2EE server. It also is
probably possible to request .CFM files that are protected against access
with code in Application.cfm, since I don't think Application.cfm runs on a
.forward(). This is a VERY common means of security in Fusebox
applications
I am not sure what the problem is - could you restate the problem in
another way?
On Tue, 2004-02-17 at 10:49, Chunshen Li wrote:
> The "transformed" page display now is fine. And I'm now looking at the starting XSL file,
> part of it reads (looks a function within the given XSL file):
>
>
Indeed
-Matt
On Feb 17, 2004, at 2:56 PM, Raymond Camden wrote:
> Ah, so you are saying that if the directory is protected in IIS, but
> not in
> CF, then this method would get around it?
>
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
> You mean you have already found a workaround for Maromedia's fix?
>
I am not aware of this fix. Care you to share some information? I be
happy to see if it is exploitable.
-Matt
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
> Ah, so you are saying that if the directory is protected in
> IIS, but not in CF, then this method would get around it?
I think it would; it's my understanding that using
GetPageContext().forward() is analogous to Server.Transfer in "classic" ASP,
which doesn't create an additional HTTP request
> Well, actually, there is a potential problem with your code snippet,
> although it's not really specific to the use of Java. You're taking input
> from a form and simply using it without validating it first. What would
> happen if the user specified an invalid value for form.redirect?
Hi Dave,
T
Jeremy, I didn't use the rownum example because in the given scenario, using rownum may not give you the latest mod date record from the all records in the table.
Nick Han
>>> [EMAIL PROTECTED] 02/17/04 10:28AM >>>
Nick,
FYI in oracle the "top" select is handled by the ROWNUM pseudocolumn...
i.
Ah, so you are saying that if the directory is protected in IIS, but not in
CF, then this method would get around it?
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
> Anyway, I did not interprete "accidentally append debug
> output when serving XML documents via CF" as that one needs
> to turn off debugging when doing XML stuff for turn on
> debugging for development is pretty standard, I can't seem to
> align "standard" and "accidentally" together.
There
Thanks, Rob, at the moment, probably I'm not in a desirable state to do debugging (forgetting simple things like view source code).
The "transformed" page display now is fine. And I'm now looking at the starting XSL file,
part of it reads (looks a function within the given XSL file):
> Okay, here's an example. I'm trying to test doing a form post
> to the secure side, setting some session variables, and doing
> a redirect back to the nonsecure side. I wanted to try doing
> it with the following line of code (thinking that maybe a
> serverside redirect would bypass the pop u
> No, I don't think so. If you know the path to the admin pages, you
> would
> just enter it! This is only a threat if your admin pages are not
> secured.
>
Not true. Possibly the security exists at request time as opposed to
execute time. In other words, it may be possible to execute a page y
Matt Liotta said:
> Well considering that 80% of all enterprises use Java for their web
> applications I suspect that your server administrators just aren't
> aware of the correct security procedures. Certainly that would
> appear to be true considering they disabled cfobject, but Java
> objects c
Thanks John, that did it. =)
- Original Message -
From: Burns, John
To: CF-Talk
Sent: Tuesday, February 17, 2004 2:30 PM
Subject: RE: query help...
Well, if you do top 1 you would not want dates desc or the first one
would be the newest (right?). Other than that, you coul
Hi All,
I not familiar with XML or SOAP, so I could use a little help. I need to submit a complex variable to SOAP and I'm not sure what the correct syntax is. I am using a script I pulled from macromedia's website. Can anyone give me some pointers? I'm even willing to pay for some consultation ti
The only way your admin pages are exposed is if you're going directly to the
templates with getPageContext().forward(), and the pages provide no security
to prevent unauthorized access. This is potentially the case if all the
security stuff is taken care of in "wrapper" files.
Of course, the expl
Well, if you do top 1 you would not want dates desc or the first one
would be the newest (right?). Other than that, you could just return
the whole query (if there's no sort of top syntax for your DB it'll
work, even though it's not very resourceful) and just do
query="blah" startrow="1" maxrows=
>
> getPageContext().forward(form.redirect);
>
>
> Here's their concern:
> The Java snippet that you have concerns me. While I
> understand its purpose, it exposes a potential threat. For
> example, if I knew the relative path to your admin pages, I
> could call a change password ut
Okay, here's an example. I'm trying to test doing a form post to the secure
side, setting some session variables, and doing a redirect back to the
nonsecure side. I wanted to try doing it with the following line of code
(thinking that maybe a serverside redirect would bypass the pop up warning
abou
Nick,
FYI in oracle the "top" select is handled by the ROWNUM pseudocolumn...
i.e. SELECT myfield FROM mytable WHERE ROWNUM<=10;
Jeremy Brodie
Edgewater Technology
web: http://www.edgewater.com
phone:(703) 815-2500
email: [EMAIL PROTECTED]
> In oracle, there is no 'top' select. In the scenari
Do a view source on the pages you sent (if you use IE you might have to
use mozilla / firebird to test)
those file need to be only the xsl file and the xml file - can have any
extra stuff - no spaces at the beginning not nothing. Try doing that
first. See some of the other posts in the thread on h
I think this has been the closest yet... but still no work. =(
- Original Message -
From: Philip Arnold
To: CF-Talk
Sent: Tuesday, February 17, 2004 2:04 PM
Subject: RE: query help...
select top 1 *
from estates
where featured = 1
Order by date_modified desc
> Fro
Take a look at www.egrabber.com
Thanks, Mark
_
From: Ben Densmore [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 17, 2004 1:56 PM
To: CF-Talk
Subject: Custom Tag for importing into ACT?
Does anyone know if there are any custom tags for importing some info
from a form into ACT? I've
Hi all,
I'm building a membership and library app with CFMX and SQL 2000. My client
wants to have a local copy on their laptop (win XP) to use during their
monthly meetings to track membership attendance and library check-outs/ins.
Then, they want to return to their office and synchronize the
mem
OK that sounds like a good solution but how do I select the first record of a query ?
- Original Message -
From: Burns, John
To: CF-Talk
Sent: Tuesday, February 17, 2004 1:53 PM
Subject: RE: query help...
Why not select them ordered by date_modified and then just use the fir
1 - 100 of 199 matches
Mail list logo
