RE: index.cfm being hacked

Hi Mike, This sounds like something we dealt with a while back with some help from Mark Kruger and the folks at CFDynamics. You can see the relevant posts here: http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:59164 http://www.coldfusionmuse.com/index.cfm/2009/4/16/iframe.insertio

Re: index.cfm being hacked

did you inform your hosting provider about the issue? it could very well be that the whole server is compromised, not just your client's site... and since it is shared hosting, it can also very well be that another hosted website is the culprit, not yours. it sounds to me like the attacker has

RE: index.cfm being hacked

Mike, That's a temporary situation :) I would start by plugging holes - SQL injection for example. Mark A. Kruger, MCSE, CFG (402) 408-3733 ext 105 Skype: markakruger www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Mike Little [mailto:m...@nzsolution

Re: index.cfm being hacked

and interestingly enough having all the hidden url's does not seem to effect the google rankings. if anything, google ranks all the spam keywords more highly than any other actual content on the website. ~| Order the Adobe Col

Re: index.cfm being hacked

You could run it through hackmycf.com to see what's reported. You might have a vulnerability in CF itself that is being exploited. On Mon, Nov 15, 2010 at 8:55 PM, Mike Little wrote: > > it's a very simple page really. static info, and a javascript animated banner. > >>What kind of stuff is on

Re: index.cfm being hacked

thanks mark, i am not sure this is what is happening though. http://www.earnersblog.com/wordpress-hacked/ - this is exactly what is happening to this site. it is not wordpress however, just a very basic cf site. mike ~| Order

RE: cfscript based components formatting

No annotations in the comments was mentioned to be slower than using the other way. Regards, Andrew Scott http://www.andyscott.id.au/ > -Original Message- > From: Raymond Camden [mailto:rcam...@gmail.com] > Sent: Tuesday, 16 November 2010 2:56 PM > To: cf-talk > Subject: Re: cfscript bas

Re: index.cfm being hacked

it's a very simple page really. static info, and a javascript animated banner. >What kind of stuff is on the page? Forms? Database access? Does it >use URL parameters? We'll need to know what's on the page to really >help you out. > > >> ~

RE: index.cfm being hacked

Mike, This sounds like one I battled a year ago for a customer. http://www.coldfusionmuse.com/index.cfm/2009/4/16/iframe.insertion.hack http://www.coldfusionmuse.com/index.cfm/2009/9/18/script.insertion.attack.ve ctor Perhaps these posts will help. Mark A. Kruger, MCSE, CFG (402) 408-3733

Re: index.cfm being hacked

What kind of stuff is on the page? Forms? Database access? Does it use URL parameters? We'll need to know what's on the page to really help you out. On Mon, Nov 15, 2010 at 8:45 PM, Mike Little wrote: > > hi guys, > > for the last few weeks one of my clients websites is being hacked. current

Re: cfscript based components formatting

I would assume _any_ metadata would make parsing the CFC slower. So this: is slower than However - I'd question if it was _significantly_ slower. My guess would be no. I'd imagine the 'slower' one would be <1ms slower probably. On Mon, Nov 15, 2010 at 9:01 PM, Andrew Scott wrote: > > Don'

index.cfm being hacked

hi guys, for the last few weeks one of my clients websites is being hacked. currently hosted on a shared server at hostek. the index.cfm is in the root and appears to be the only templated affected. basically they are appending a long list of url's in a hidden div to the existing code. we im

RE: cfscript based components formatting

Don't do that to me Sean, I was actually quoting something you said on something similar to this some months ago. Are you saying there isn't now? Regards, Andrew Scott http://www.andyscott.id.au/ > -Original Message- > From: Sean Corfield [mailto:seancorfi...@gmail.com] > Sent: Tuesday

RE: Homesite on Windows 7

It's a better UI design... why was it abandoned I wonder... not just adobe or MM either. Mark A. Kruger, MCSE, CFG (402) 408-3733 ext 105 Skype: markakruger www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Michael Grant [mailto:mgr...@modus.bz] Sent: M

Re: Homesite on Windows 7

I agree 100%. That's one thing I loved about CFStu/Homesite. The folder pane and the file pane. On Mon, Nov 15, 2010 at 9:21 PM, Mark A. Kruger wrote: > > Why do modern editors put the files and folders in the same window as a bit > tree... it's very challenging to work with complex file organiz

RE: Homesite on Windows 7

Why do modern editors put the files and folders in the same window as a bit tree... it's very challenging to work with complex file organizations. Mark A. Kruger, MCSE, CFG (402) 408-3733 ext 105 Skype: markakruger www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message

Re: cfscript based components formatting

On Mon, Nov 15, 2010 at 2:58 PM, Andrew Scott wrote: > Method one, there is a performance hit when using notations. Is there? Why so? (it doesn't affect my position that comments should never change the semantics of code - although, as noted by Ray, the example given only affects metadata so it

MVC Services & Gateways

Wondering if these checks belong in a gateway, I'll keep it simple: Assuming I want my service to update a user object only if there's no user using the username or email provided by the submitted form. UserService.cfc public void function updateUser(username,password,email){ var userid = 0; use

Re: Where to put your code

On Mon, Nov 15, 2010 at 2:13 PM, Paul Alkema wrote: > Does anyone out there have any written coding standards or coding > documentation that they would be willing to share? I would be interested in > seeing what other development teams use as far as coding standards. Here's what my team develope

Re: Homesite on Windows 7

IIRC, the CF8 Extensions for Eclipse comes with a File Explorer view. Also Aptana (and CFB) has a File Explorer. CF8 Extensions (and CFB) also provides RDS support for databases, files and a Service browser . The CF8 Extensions are a bit dodgy in the database view. When you click on a database it

Re: Homesite on Windows 7

It's when you are creating a new file it kicks back an error. You have to instead create the file first then fill it with content and save. It's just a PITA more than anything else. On Mon, Nov 15, 2010 at 5:35 PM, Jason Fisher wrote: > > Works fine for me, on Windows 7 64-bit Home Premium. I

Re: AWS and CF

> > We are very close to releasing a set of ColdFusion 9.01 instances for EC2. > Most excellent. We've got Ubuntu and > Windows flavors in many different sizes -- including the new ultra-cheap > micro instances ($4.50/month). > Can I put in a request for a Centos AMI (or some other Redhat clone

Re: cfscript based components formatting

Thanks for the advice. I like method one. On Mon, Nov 15, 2010 at 5:58 PM, Andrew Scott wrote: > > Method one, there is a performance hit when using notations. > > Regards, > Andrew Scott > http://www.andyscott.id.au/ > > > > -Original Message- > > From: John Allen [mailto:johnfal...@gma

RE: AWS and CF

Sweet, thanks for the update. What would be cool, would be an interface to the AWS Ec2 API. To do things like create a new instance on demand, reboot an instance, and get a list of running instances (among other things). Brook -Original Message- From: Adrocknaphobia [mailto:adrocknapho

RE: cfscript based components formatting

Method one, there is a performance hit when using notations. Regards, Andrew Scott http://www.andyscott.id.au/ > -Original Message- > From: John Allen [mailto:johnfal...@gmail.com] > Sent: Tuesday, 16 November 2010 5:16 AM > To: cf-talk > Subject: cfscript based components formatting >

Re: cfscript based components formatting

I agree too - although in this case the comments just impact metadata. displayname/description/hint are only used in auto-display. On Mon, Nov 15, 2010 at 4:42 PM, Charlie Griefer wrote: > > /* This is me agreeing */ > > I agree! > > On Mon, Nov 15, 2010 at 3:35 PM, Matt Quackenbush wrote: > >>

Re: Where to put your code

Well, I've been using frameworks since Fusebox 2 came out, so I still tend to follow generic CF framework conventions, if you can call them that. * display a message, a menu, or data: dsp.user.cfm, and depending on the framework, all displays probably go in a /views subfolder; th

Re: cfscript based components formatting

/* This is me agreeing */ I agree! On Mon, Nov 15, 2010 at 3:35 PM, Matt Quackenbush wrote: > > No comments driving behavior! :-) > > > ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anth

Re: cfscript based components formatting

No comments driving behavior! :-) ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/

Re: Homesite on Windows 7

Works fine for me, on Windows 7 64-bit Home Premium. I still use HomeSite for most of my editing. What problem is it giving you when you try to save? On 11/15/2010 11:53 AM, Rick Colman wrote: > I STILL like homesite because it is file based - NOT projects. I don't > do projects ... > > Any

Re: AWS and CF

sounds gr8, look forward to seeing it in action. On Mon, Nov 15, 2010 at 8:23 PM, Adrocknaphobia wrote: > > AWS = Amazon Web Services -- a collection of cloud-based services, of which > S3 is just one. There are actually over 20 different services under the AWS > umbrella. ColdFusion 9.01 ships

Re: cfscript based components formatting

I go with the first route as Sean Corfield has made what I consider to be a very excellent point, which is that comments should never have effect on the executing code. Comments are for documentation only. Judah On Mon, Nov 15, 2010 at 10:15 AM, John Allen wrote: > > Hey CFer’s > > > This might

Re: Homesite on Windows 7

cfbuilder does allow you to work with files directly and not create projects btw. It took me ages to drag myself away from homesite to cfeclipse, and I did miss some features, but I think cfbuilder pretty much has it all now. On Mon, Nov 15, 2010 at 9:40 PM, Michael Grant wrote: > > I never did

Re: AWS and CF

AWS = Amazon Web Services -- a collection of cloud-based services, of which S3 is just one. There are actually over 20 different services under the AWS umbrella. ColdFusion 9.01 ships w/ native support for S3 (the file storage service). We (Adobe) did test various instances of ColdFusion 9 runnin

RE: Where to put your code

Thanks for your feedback. You make some good points. Does anyone out there have any written coding standards or coding documentation that they would be willing to share? I would be interested in seeing what other development teams use as far as coding standards.

cfscript based components formatting

Hey CFer’s This might be a silly question: how are you all formatting your cfcsript based cfc’s? Using annotations or defining the attributes in the method itself? EG: // methodOne *public* boolean *function* foo() displayname="I am Foo" description="I return a boolean value.

Re: Where to put your code

I agree that coding standards help. I am disagreeing with the ones you are proposing and your use of the word "ideal." For example, I don't think the main use case of a cfinclude is to break up large pages into smaller chunks. I think custom tags can contain complex code. If all application logic,

Re: Homesite on Windows 7

I never did. I have always used and loved homesite (CFStudio) and was horrified when I had to switch. However since my switch to Aptana about three months ago I've really grown to like it. It's got a lot of homesite-like features and is just an all-round good editor in my opinion. No RDS tab, but

Homesite on Windows 7

I STILL like homesite because it is file based - NOT projects. I don't do projects ... Anyways, did anyone ever solve the problem where HomeSite will not do a "save as" in Windows 7? I know there is a work around (file - create here - copy & paste - save) but it is still a pain. TNX. Rick.

RE: CF 9.01 S3:// not working

Thanks guys, sadly, I think this was 'user error' and I was testing on the wrong server (without 9.0.1!!). Sorry for the noise. Just FYI, Brook -Original Message- From: Raymond Camden [mailto:rcam...@gmail.com] Sent: November-14-10 6:12 PM To: cf-talk Subject: Re: CF 9.01 S3:// not wo

Re: Homesite Comment Command (please read before replying)

Ding ding ding! We have a winner! Greg On Mon, Nov 15, 2010 at 8:42 AM, Justin Scott wrote: > > > I am requesting a way, any way to possibly create a > > keyboard shortcut within Homesite to let me create a > > HTML comment in my pages. > > On Homesite+ 5.5, go to the Options menu, then Custom

RE: Homesite Comment Command (please read before replying)

> I am requesting a way, any way to possibly create a > keyboard shortcut within Homesite to let me create a > HTML comment in my pages. On Homesite+ 5.5, go to the Options menu, then Customize, then the Keyboard Shortcuts tab. There should be an option on the list for "HTML Comment". On mine it

RE: Getting AD logged in user

I had to make the changes in this article in order to have auto login work in Firefox: http://sivel.net/2007/05/firefox-ntlm-sso/ Deb -Original Message- From: Mahcsig [mailto:mahc...@mahcsig.com] Sent: Monday, November 15, 2010 9:15 AM To: cf-talk Subject: Re: Getting AD logged in user

Re: Getting AD logged in user

I have the same thing going on my intranet, I have the login file authentication set like this: anonymous - off integrated windows auth - on digest - off basic - on .net - off domain - local domain name realm - can be any text with this setup IE and Chrome auto login, Firefox still always asks t

RE: Where to put your code

I think that when working on a team of programmers that are all working on the same applications or the same website that it's important to have a programming standard or a guide. I think this goes with any language be it web or desktop applications. I think that it's ok for programmers to have th

RE: Homesite Comment Command

> I Homesite 5+ in CFML Basic the ---> > Where can I change that to output: as W3C doesn't validate with the > 3 dashes? You Homesite is probably set-up as a CF Editor and that is a CF comment. If it's used on a CF page the comment won't be output in the HTML, thus no W3C problem. Robert

Re: Working with cfqueryparam

It probably shouldn't be used for columns that don't allow null values. On Sun, Nov 14, 2010 at 11:52 AM, David Moore wrote: > > > Should this be written in on every cfqueryparam as a failsafe or should > other steps be taken so that is not needed? > cribe.cfm