Posted At : September 5, 2008 8:09 AM | Posted By : Dave
Related Categories: ColdFusion 8,Javascript

While working with some ajax stuff this morning I can across an interesting issue. I have a dynamic form where fields could or could not be defined based on user action. So the function that processed the form was nimble in the fact that it could account for missing fields. Well, it was supposed to be. I kept getting an error message alert that said a field did not exist. I found this strange since the try/catch should have prevented the alert. Here is a strip down of the code I was using:

Since the form field with an id of "user_eml" did not exist ColdFusion.getElementValue threw an alert that the field did not exist. The try/catch did nothing to suppress the alert. I ended up changing the code to use getElementById and the try/catch worked as expected.

Till next time,

--Dave

Comments (1) | Print | Send | del.icio.us | Linking Blogs | Digg it | 105 Views

Posted At : September 3, 2008 9:44 AM | Posted By : Dave
Related Categories: Google Chrome

If you have not heard yet Google came out with their own web browser Google Chrome. I have to say, the browser is an absolute rocket when it comes to handling JavaScript. More specifically dealing with sites written using Ajax. I did a comparison of Firefox 3 and Google Chrome in loading a cfgrid. The grid was loaded and usable in Google Chrome before the page was even rendered in Firefox.

I have not played around with it much beyond that. Hopefully in the next few days I can spend a little more time checking it out.

Till next time,

--Dave

Comments (0) | Print | Send | del.icio.us | Linking Blogs | Digg it | 277 Views

Posted At : September 2, 2008 6:45 AM | Posted By : Dave
Related Categories: ColdFusion 8

Recently I have been getting a bunch of errors emailed to me from my blog. I finally got time to look into it this past weekend and found out some interesting things. The errors were being caused by an attempted SQL injection. The injection attempts did not work thanks to CFPROCPARAM.

[More]

Comments (0) | Print | Send | del.icio.us | Linking Blogs | Digg it | 137 Views

Posted At : August 22, 2008 6:42 AM | Posted By : Dave
Related Categories: ColdFusion 8,Ubuntu

Lately I have been playing around a little with Ubuntu. The server version of the OS is very similar to the desktop version. The main difference is that there is no GUI. This can be solved by installing the Ubuntu UI. However, you can do what I did and install Webmin. It is a browser based UI that allows you to do just about everything. This is because I am CLI illiterate.

Once I got CF running I wanted to set it up so that it would auto start with the OS. Since I had Webmin this was very easy. Well, kinda, I had to figure out what the start up command would be. So after digging and then trial and error here are the steps I came up with.

[More]

Comments (3) | Print | Send | del.icio.us | Linking Blogs | Digg it | 486 Views

Posted At : August 19, 2008 8:26 AM | Posted By : Dave
Related Categories: ColdFusion 8

Yesterday I had the pleasure of fixing a site that got hit with SQL injection. The injection that was done was quite elaborate and was quite harmful. The injection managed to alter data in multiple tables. Then when the data was read out it caused havoc on the front end.

We had to write some elaborate sql to reverse the damage and try and restore the system. In the end we ended up loosing a ton of data. The damage done was so extensive that we were not able to repair everything. We could have just gone to a backup but that would have caused more issues than it solved.

Once the damage was fixed I then got to work on preventing it. Funny thing was that the prevention took seconds to implement. The problem was that the CF database user had to much rights. It took just seconds to run some update statements and reduce the rights that CF had. Once done the same injection attempt that messed it all up to begin with failed.

So, the moral of the story... 1: Make sure the person setting up the database sets rights correctly. 2: Never assume the database guy did his job. 3: Follow best practices and do your best to prevent this on the CF side.

Till next time...

--Dave

Comments (0) | Print | Send | del.icio.us | Linking Blogs | Digg it | 320 Views

Posted At : August 12, 2008 7:38 AM | Posted By : Dave
Related Categories: ColdFusion 8

I will preface this by stating you will probably not want to do this. However, I figured I would blog about it anyways as the outcome was very strange.

In a system I was working on I was attempting to reuse some code to expedite some new development. What I did was create a wrapper for an existing cfm. I used cfinclude to bring in the code we were going to reuse and then looped over it. The code that was being looped generated images for output to a browser. So instead of an image tag pointing to a .jpg for instance, it pointed to our image.cfm. I was looping this image code to generate large amounts of images in one call.

Here is the code that was doing the loop and returning an array of what was done. The image.cfm file was expecting url vars so we just set them prior to the include. We then built an array of the image path generated and the url var structure. This way the code could then loop through was was generated later.

The strange part in all this was what came out at the end in the array. Every second dimension of the array was identical. It was always the information from the last row in the query. So this leads me to believe that even though I am setting the second dimension of the array what the url struct is it does not matter. It appears to just make a reference to the url struct.

[More]

Comments (8) | Print | Send | del.icio.us | Linking Blogs | Digg it | 1348 Views

Posted At : August 5, 2008 8:24 AM | Posted By : Dave
Related Categories: ColdFusion

While doing some image work this morning with watermarking I came across this strange error:

Error Occurred While Processing Request
General CMM error517

Here is part of the stack trace:

After doing a quick search (the internet is cool huh?), I was able to find this: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6444360. This issue that I ran into is apparently a recorded bug in JAVA. The bug was reported 2 years ago and it apparently has not been corrected.

The issue is with the jpg file I was trying to use. It apparently has a corrupt color profile and java can't handle it. I did check the properties of the file and noticed that the color representation property was set to uncalibrated. I was able to open the file in Fireworks and saved it as a new file and the new file works fine.

I have not found a way around it yet. The error happened when I tried to paste a one image onto another using ImagePaste.

Till next time...

--Dave

Comments (2) | Print | Send | del.icio.us | Linking Blogs | Digg it | 255 Views