Blog

I will have the privilege of attending ColdFusion Camp 2008 in Munich, Germany next month. Not only attending but of course speaking about ColdBox. This is my first European event and I am truly excited about the opportunity to attend and present. Get ready Munich!!

What: ColdFusion Camp 2008

When: November 27th from 9am to 6pm

Where: Conference center Orbis, Oberschleißheim

Price: 35 Euros!

You can find more details at http://www.cfug.de

CFunited have launched a few days ago a call for speakers and topics for CFUnited 2009. So please head over there and submit your topics, make your voice be heard.

This is just an announcement that ColdBox, finally has their own official blog. This blog has been populated with tons of information to help in ColdBox Development and stay up to date with all the releases. This blog will be authored by all of Team ColdBox. So expect great things out of it.

We had a great time last weekend in Dallas in our first ever ColdBox Training Seminar. Here you can find all of our pictures of this seminar: http://flickr.com/groups/coldbox/pool/.

Again, if you would like to suggest your city for next February's seminar. Please do so here.

Russ Johnson of Team ColdBox has released the first public version of Skweegee. Of course, powered by ColdBox. So please get your hands on this incredible tracking software.

Thanks Russ!!

I am incredibly glad to announce that our first ColdBox Training Seminar finished yesterday in Dallas, Texas. I want to personally thank and congratulate the attendees for their hospitality and being great students. Even though they had to mess with the teacher and disable my mouse for 10 minutes, its ok!! It was super fun.

Anyways, we are already starting to revise content and plan our next seminar for February of 2009. So if you would like to suggest your city as a candidate for the next ColdBox Training Seminar, please do so here. The advanced course is still in development and hopefully will be available by mid 2009.

We have created a Flickr group for ColdBox at http://www.flickr.com/groups/coldbox where we will be posting pictures of this seminar. We also have great video testimonials and fun stuff that we will be posting soon. So stay tuned, below are some samples.

Again, thank you so much guys and we will see you soon.

PS: Don't forget to mention your city of choice for the next seminar

Jason Dean has started a very nice, concise and well documented tutorial series on using ColdBox. I have added his series to the ColdBox wiki also. This is a great resource, so keep up the good work Jason!!

I am recently building a simple mock factory for cf7 (unfortunately I can't use coldmock, no cf8 goodness). One hurdle I was missing, is how to know which method I am currently executing in order to make a return look. Well, or good old friend java to the rescue. This is totally undocumented and please tread with care:

stack = CreateObject("java","java.lang.Exception").init().getStackTrace();

//loop over our stacktrace

for(x=1;x lte ArrayLen(stack);x=x+1){

if( findnocase( getMetdata(this).path, stack[x] ) ){

foundLine = stack[x];

break;

}

}

//cleanup our line

runningFunction = replacenocase(listlast(foundline.getClassName(),"$","func",""));

There you go!! That parses out the inner class name (your method) out of the compiled cf class that coldfusion created for you. I can now do my lookup against it.

I have been doing some string buffer testing and wanted to take advantage of using the new class StringBuilder that was implemented in jdk 1.5. I am running cf8 with jdk 1.5 and 1.6 and decided to do some tests with it. I found out that calling buffer.length() on a cf instance running on jdk 1.6 would fail but a call to the same length method on jdk 1.5 does not. Go Figure!!

Would this be a bug on the Adobe cf java proxy? It seems to me, because the same tests on Railowork (even faster to say the least)!!

To reproduce this error, just try this below:

The string is #myBuffer.toString()#

The length is #myBuffer.length()#

The error that Adobe CF produces is that the method length() does not exist. The only workaround for this is by lengthing the string produced, but it will definitely be slower than a direct length call:

Length: #myBuffer.toString().length()#

Due to the huge spur in SQL injection attacks, Sana Ullah has done some great work on some .htaccess rules to protect against such injections. They have been committed to the ColdBox SVN, but we are also sharing here. Please note that all the rules are for ColdBox SES, so make sure to update accordingly.

RewriteEngine on

#SQL Injection Protection --Read More www.cybercrime.gov

#Please use these rules if below words does not conflict with your friendly-urls. You may modify accordingly

RewriteRule ^.*EXEC\(@.*$ /notfound.htm [L,F,NC]

RewriteRule ^.*CAST\(.*$ /notfound.htm [L,F,NC]

RewriteRule ^.*DECLARE.*$ /notfound.htm [L,F,NC]

RewriteRule ^.*DECLARE%20.*$ /notfound.htm [L,F,NC]

RewriteRule ^.*NVARCHAR.*$ /notfound.htm [L,F,NC]

RewriteRule ^.*sp_password.*$ /notfound.htm [L,F,NC]

RewriteRule ^.*%20xp_.*$ /notfound.htm [L,F,NC]

#Ignore images and this would be last rule --if the condition matched

RewriteRule ^/(.*\.(png|gif|jpg|bmp)) /$1 [L,PT,NC]

#Ignore CSS or JS files and this would be last rule --if the condition matched

RewriteRule ^/(.*\.(css|js)) /$1 [L,PT,NC]

#Ignore txt/doc/pdf/xls files and this would be last rule --if the condition matched

RewriteRule ^/(.*\.(txt|pdf|doc|xls)) /$1 [L,PT,NC]

RewriteRule ^$ index.cfm [QSA]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule ^(.*)$ index.cfm/%{REQUEST_URI} [QSA,L]