In regard to my previous post on Cfdocument and SSL I stand corrected. It is definitely possible to use a "file:" protocol identifier in the image path when using Cfdocument. My problem was with the syntax. As is often the case, a helpful reader put me on the right path. Thanks to Julian Halliwell for pointing out that my problem was syntax. I was trying 2 slashes as in:
Not only is this a rock solid fix for the SSL issue (see the previous post) but it has the potential to dramatically impact the speed of your cfdocument call, especially if you using large images. We have an application that embeds fairly large photographic images. I'm guessing this will greatly increase the speed of rendering. I'll post a follow up and let you know.
This is quite possibly the neatest trick ever invented for Coldfusion - so hang on to your Cf_hat. I had nearly forgotten about it until someone on CF-Talk mentioned a problem they were having. It seems they were struggling with a CMS system where users were entering hyperlinks that were incorrectly formatted (they lacked URL encoding). The dilemma was how to fix it without requiring action from the user.Read More
Is your site vulnerable to SQL Injection Attack? How about Cross Site Scripting? Are you even sure you know enough about those 2 vulnerabiities to protect against them?
This post is a continuation of a 5 part series on security called "The Application Security Pyramid". The introduction introduced a new metaphor for dealing with security that loosely mimics Maslow's heirarchy of self-actualization. In Part I I discussed the importance of "border patrol" technology to safeguard your network. In part II I discussed internal Policing and People Policy. In Part III I discussed the importance of managing the security framework of your actual application and how it relates to it's specific environment. In this, our final post in the series, we will discuss securing your application code itself.
Here's a quick tip I learned today on CF-Talk about CFMAIL and whitespace. If you are using CFMAIL to send plain text mail but you set the "suprressWhitespace" attribute to YES it will strip out the whitspace and cause the mail to be sent without line breaks. To fix it, simply wrap your cfmail tag in a cfprocessingdirective tag, like this:
As a follow up to this Previous Post on using the @@Identify Field and it's related function "scope_identity()", it appears that it is possible to do this same thing in Access. Charlie Arehart has posted a great article with some examples titled "Select @@Identity Works in Access. Worth Exploring. Check it out.
CF Muse Reader Asks:
You suggest both client and server side should be used for validation. Just to check - I should code so that js picks up the errors first using event code or onsubmit then let server side pick up the errors on submit using cfinput validate/required etc. Or do I recode all the stuff to be event driven such as onchange etc.
If you come from the old "Coldfusion 4-5" days (in fact many or our customers are still running CF 5) then you might remember how those earlier versions handled variables with periods in the name. If you created a variable with a period in the name CF simply treated the period as if it were part of the variable name. For example, if you did the following in CF 5:
You would not have created anything more than a primitive variable named "var1.var2.var3". If you tried to use <cfdump ...> to dump out var1 it would generate an error - var1 not found. If you intended for var1 to be a structure containing a structure var2 containing a primitive var3 then you would have to rewrite the code like this:
CF Muse Reader Asks:
The first thing to decide is, do you really want to connect to the server for each change in the drop down box? The answer depends on the size and schema of the database.Read More