ColdFusion-Talk Roundup#3
by Kay Smoljak
Noteworthy threads from the famous ColdFusion-Talk (CF-Talk) List on House of Fusion for the Week of April 11 - April 18, 2008
CFFORM binding (April 4, 2008)
Thread: cfForm binding text field, visible to checkbox
Paul Ihrig had a requirement for a custom Flash cfform binding. He was able to find a partial solution on the ASFusion web site, and Sonny Savage was able to supply code for the next portion, calculating the result of the field on the fly. As of the weekend, Paul was still looking to solve another piece of the puzzle: finding the length of the input characters.
Error handler template path in a cluster (April 11, 2008)
Thread: ColdFusion 8 Admin error handler URLGeorge Lu was experiencing a problem in a clustered setup where a custom site-wide error handler template was not found by the ColdFusion Administrator in one of the instances. Rex was able to quickly pinpoint the problem – the path being referring to for the error handler was a ColdFusion mapping that had not been set up on all instances.
Refreshing cached web services (April 15, 2008)
Thread: Forcing a CFC to refreshLes Mizzell was frustrated by ColdFusion's caching when working with CFCs, and was wondering if there was a way he could refresh them manually when he made changes. First, several contributors clarified that the issue was not the CFCs themselves, but the web service stubs that were being cached, and questioned Les' development environment, which he explained to be an unfortunate requirement of the project. Brian Kotek listed two potential solutions: using the refreshWSDL flag in ColdFusion 8, or cycling the cached web service from the ColdFusion Administrator. James Holmes added a third option: calling an (unsupported) service factory method using Java.
Creating an Excel spreadsheet and valid expression syntax (April 15, 2008)
Thread: query2excelRichard White was having a problem with a CFX custom tag for creating an Excel spreadsheet from a query. Alan Rother suggested trying Ben Nadel's POI CFC, while other listers attempted to work out if there was a problem with the expression syntax that Richard was using. Richard's solution was to manually add an extra row to the recordset before feeding it into the CFX tag call, but a side conversation on valid expressions within pound signs was interesting, with Josh Nathanson clarifying behavior which many developers may not be aware of.
CFSCRIPT loop, CFLOOP and var scoping variables (April 15, 2008)
Thread: <cfscript> loop versus <cfloop>Jason Durham was having an issue with some code and wanted to know if his CFSCRIPT "for" loop was functionally equivalent to his CFLOOP code. Dominic Watson and Patrick Santora both offered syntax advice on how to rewrite the loops to return the same result, but it was finally determined that Jason's original problem was actually due to a particular variable not being var scoped – a good reminder for all developers
Prevent Cross-Site scripting (April 17, 2008)
Thread: Prevent Cross Site scriptingJacob wanted to know if a particular code sample – which checked a string for certain special characters and character strings – would be effective at stopping cross-site scripting attacks on his application. Brad Wood clarified what a cross-site scripting attack typically involves, and provided samples of how HTMLEditFormat() function could be used to better effect. Dave Watts briefly explained why the original approach was not sufficient, and suggested storing all original input strings and escaping unsafe characters when using or displaying them – which sparked a debate on the merits of sanitizing data before or after storage. Most thread participants agreed that due to the wide range of potential input and output methods and different issues involved with each, it was safer to store the original data, as entered, and sanitize it when required for output.
Kay is an all-round web developer who has been developing with ColdFusion since 2000. She runs Clever Starfish with her partner Dave and several very demanding cats, and sits on the committee of the Australian Web Industry Association. She is a regular writer for Fusion Authority and the Fusion Authority Quarterly Update, and a ColdFusion blogger on Sitepoint.com.
Latest ColdFusion Talk (CF-Talk)
- New CF8 vulnerability
- Using iText with CFML for PDF forms
- (ot) Authorize net down Anyone get through support yet?
- PHP MD5 Crypt equivalent in ColdFusion?
- How to clean out HTML from a CFDIV?
- problems in doing a redirect - can someone assist
- AJAX
- Regex wrapping div tags round img tags
- Cleaner way to retrieve a value from an XML node (XML-RPC)
- EBay API issues
Latest ColdFusion Jobs (CF-Jobs)
- ColdFusion Developer - Truckee, CA
- Mid-to-Senior Coldfusion Developer - Boston (Repost with contact info)
- Mid-to-Senior Level Coldfusion Developer
- Senior ColdFusion Position in New York City
- Cold Fusion developer wanted for remote work
- ColdFusion Developer - Boston, MA
- Senior ColdFusion Developer with Extensive Project Management Skills and Proven SEO Track Record Available
- Twin Cities Short Term Contracts
- ColdFusion Developer available to work remotely - 10 yrs experience & Good rates
- Sr Coldfusion Team Lead - Hawthorne, CA only
