On 15/06/2013 2:49 AM, Dave Watts wrote:
>
> You must upload the file to a directory that is not web-accessible and
> cannot execute code.
>
Would you consider the CF temp directory to be safe?
Some hosting companies have the webroot folder one below the top of the
client's user space so an upl
Excellent... it's always those vendors eh? :)
Mark Kruger - CFG
CF Webtools
www.cfwebtools.com
www.coldfusionmuse.com
O: 402.932.3318
E: mkru...@cfwebtools.com
Skype: markakruger
-Original Message-
From: Paul Vernon [mailto:paul.ver...@web-architect.co.uk]
Sent: Friday, June 14, 2013 1
> Question: If I have a browse for a user to try an upload of a JPG only file
> and use CFIMAGE to resize and then convert it to a PNG so I can add it to a
> demo slide show for the user to preview, have I eliminated any possible
> safety issues?
You must upload the file to a directory that is no
If you upload the file to something out of web root then you should be
safe. Never upload to webroot. Ever.
On Fri, Jun 14, 2013 at 10:59 AM, Terry Troxel wrote:
>
> Question: If I have a browse for a user to try an upload of a JPG only file
> and use CFIMAGE to resize and then convert it to a
+1 for FusionReactor. It Rocks
Steve 'Cutter' Blades
Adobe Community Professional
Adobe Certified Expert
Advanced Macromedia ColdFusion MX 7 Developer
http://cutterscrossing.com
Co-Author "Learning Ext JS 3.2" Packt Publishing 2010
https://www.packtpub.com/learning-ext-js-3-2-for-b
FYII, FusionReactor would have shown you that right away as you would have
seen all the web service requests running.
On Fri, Jun 14, 2013 at 4:04 PM, Paul Vernon <
paul.ver...@web-architect.co.uk> wrote:
>
> Just to round this off. It seems I've solved the issue today. Thankfully.
>
> It turn
Question: If I have a browse for a user to try an upload of a JPG only file
and use CFIMAGE to resize and then convert it to a PNG so I can add it to a
demo slide show for the user to preview, have I eliminated any possible
safety issues?
Terry
~~
Just to round this off. It seems I've solved the issue today. Thankfully.
It turns out one of the ATS vendors has been posting jobs en-masse
repeatedly at a rate of a few thousand per minute. There are only 4,500 jobs
but they're repeatedly posting the same jobs over and over and over again
all t
On Thu, Jun 13, 2013 at 7:49 PM, Paul Vernon wrote:
> The sites already make extensive use of NOLOCK hints especially around the
> job search functions.
>
If you have control over the database server the easiest way to solve most
database locking issues when your usage pattern is read-mostly is
9 matches
Mail list logo
