Stillnet Studios

A while back I had to implement a captcha on a client’s site. The site owner wanted a simple small captcha (that ruled out reCAPTCHA). We decided to try the new captcha features of ColdFusion8. What you may not realize is that the new captcha feature does not provide the whole captcha system, instead it merely can create captcha images. Its up to you how you implement your captcha system.

Before I get to far just let me state for the record that I hate captchas and will be happy when they are looked upon like we look at the <blink> tag now. So you don’t need to leave comments telling me how I shouldn’t be using a captcha in the first place. The client specifically wanted this feature at this point in time.

I’ve seen some approaches that place the clear text value of the captcha in a hidden field. Then when the form is submitted they compare that value against what the user had typed in. I don’t feel this way is very secure. It will stop simple bots, but you need to guard against more than just that. Sometimes spammers code their bots to work against a specific site. If they find your hidden clear text captcha value, they will easily grab it and use it to submit your form. If this is a simple contact form then you might not have much to worry about, but if its a “send to a friend” feature - watch out, those are high value targets.

Encrypting the hidden value doesn’t help much either. That adds one more step to what the spammer needs to do. They will have to manually read one of your captcha images - then they have the clear text and encrypted values to your captcha system. Now they can just submit that encrypted/plain text pair over and over again to your form.
(more…)

I came across a web hosting company that not only offers Railo 3.1 but has a free 60 day trial. So if you wanted to give Railo a whirl on something other than your own local machine, here is a simple way to do it. The free trial account comes with 100mb of space and 1GB of transfer, and a MySQL database so it seems pretty usable. You’ll have PHP and Ruby on Rails enabled in your account, too.

If you didn’t know, Railo has a separate Server administrator and one or more Web Administrators. This means Railo is ideally suited for CFML hosting since you get your very own administrator where you can setup datasources, mappings, etc.

The site is http://alurium.com

The Founder is Peter Amiri, here is his blog http://blog.amiri.net and on twitter: @peteramiri

Peter told me that you don’t need a credit card for the free trial, either.

If you’ve ran into this error when consuming a web service in Open BlueDragon, this may help you. Here is what my error looked like:
(more…)

When trying to create a Verity collection on a freshly setup ColdFusion8 installation today I received this error:

Unable to create collection MyCollection.
An error occurred while creating the collection: com.verity.api.administration.ConfigurationException: Failed to retrieve style path. (-6044)

Turns out the Verity installation did not complete correctly. I could tell by looking in the {cf-root}/verity/verity-install.log file. This problem is fixed by simply uninstalling and reinstalling verity.

In the {cf-root}/verity directory you’ll find a script named uninstall-verity.sh (on linux) or uninstall-verity.bat (on windows). Just run that and then run the install-verity.* file and you should be back in business.

I was installing ColdFusion 7.02 on a client’s CentOS 5.2 Linux server the other day and received an error when running the installer. Note that this OS is NOT supported by Adobe for this version of ColdFusion. This is a fairly old version of CF being installed on a pretty current version of CentOS. The error was:

[root@server tmp]# ./coldfusion-702-linux.bin
Preparing to install...
Extracting the JRE from the installer archive...
Unpacking the JRE...
Extracting the installation resources from the installer archive...
Configuring the installer for this system's environment...
awk: error while loading shared libraries: libdl.so.2: cannot open shared object file: No such file or directory
dirname: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
/bin/ls: error while loading shared libraries: librt.so.1: cannot open shared object file: No such file or directory
basename: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
dirname: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
basename: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
Launching installer
grep: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
/tmp/install.dir.3348/Linux/resource/jre/bin/java: error while loading shared libraries: libpthread.so.0: cannot open shared object file: No such file or directory

There is a hard coded value in the installer thats causing things to get messed up. Fixing this is fairly easy, you can modify the installer like this:

cp coldfusion-702-linux.bin coldfusion-702-linux.bin.backup
cat coldfusion-702-linux.bin.backup | sed "s/export LD_ASSUME/#xport LD_ASSUME/" > coldfusion-702-linux.bin

That comments out the offending line in all places in the installation script.

More discussion on this here:
http://www.billmitchell.org/coldfusion/centos5/mx7_apache.php
http://www.talkingtree.com/blog/index.cfm/2006/12/6/Running-ColdFusion-MX-7-on-Fedora-Core-6-Linux

You will probably run into more issues installing CF7 on this version of CentOS but it can be done. I also had to upgrade the connector to work with Apache 2.2 (when CF7 came out the connector was designed to run on Apache 2.0). The Adobe KB article that discusses this is here: http://kb.adobe.com/selfservice/viewContent.do?externalId=8001e97&sliceId=1. Their example didn’t quite work for me because its defaulting to the version of Java thats on your OS, which won’t work unless its a Sun 1.4.2x version. So I just used the JRE that is bundled with ColdFusion to install the new connector:

/opt/coldfusionmx7/runtime/jre/bin/java -Dtrace.ci=1 -jar ../../runtime/lib/wsconfig.jar \
        -server coldfusion \
    -ws apache \
        -dir /etc/httpd/conf \
        -bin /usr/sbin/httpd \
        -script /etc/rc.d/init.d/httpd \
        -coldfusion -v

I thought that was the last hurdle but when we tried to log in to the ColdFusion administrator we got an error about “The Graphing service is not available”. The message in the log file was “Unable to initialize Graphing service: java.lang.UnsatisfiedLinkError: /opt/coldfusionmx7/runtime/jre/lib/i386/libawt.so: libXp.so.6: cannot open shared object file: No such file or directory”. This was fixed by installing the libXp library:

yum install libXp

Railo 3.1, the much anticipated open source release of the Railo CFML engine was released yesterday. I’ve been playing with it the last two evenings. So far I’m very impressed. They have an “Express” version which you can get running almost instantly. I tried that, but then opted to get it working as I would for a real site - using Tomcat and Apache. It was much easier than I thought.

The administrator is very full featured with everything you would expect - scheduled tasks, ability to create database connections to MySQL and MSSQL (among several others), and search! Railo has Apache Lucene built right in. Creating a new Lucene index is as easy as creating Verity collection in Adobe ColdFusion. The cfsearch/cfindex tags work like you would expect them to, with a few exceptions. You can even populate and search the collection right from within the administrator.

I was happy to see that you can define multiple SMTP servers. Railo will try each of them in order if any of them are unavailable.

I also really like the way Railo has done the administrator - with one global administrator (called the server administrator) and then administrators for each site (called a web administrator). I think this is going to make it much easier for hosting companies to offer CFML support.

I was trying to execute a .cfm page on a new CentOS 5.2 server and I received this error. Not all requests were erroring out, the CF Administrator was working fine as were other simple pages. But when I tried to load a page that instantiated some java objects, I got this error.

"coldfusion.jsp.CompilationFailedException: Errors reported by Java compiler: jikes: error while loading shared libraries: libstdc++.so.5: cannot open shared object file: No such file or directory

I checked to make sure libstdc++ was installed, and it was, although not version 5. I checked another one of our Linux CF8 servers, it didn’t have version 5 installed either, so I didn’t think that was the problem. I noticed the other server had some compat libs installed that I was missing though. I ran this command: yum install compat-libstdc\* which installed two RPMs: compat-libstdc++-296 and compat-libstdc++-33. Then I restarted ColdFusion, and was able to execute the page with no errors.

There may be something buggy here, or maybe I’m misunderstanding how this should work.

This code executes fine:

<cfquery name="qryListings" dbtype="query">
SELECT 1 as OrdBy, * FROM qryListings
UNION
SELECT 2 as OrdBy, * FROM qryListingsTmp
ORDER BY OrdBy
</cfquery>

But when I add a WHERE clause to the second part to filter out records that were in the first group:

<cfquery name="qryListings" dbtype="query">
SELECT 1 as OrdBy, * FROM qryListings
UNION
SELECT 2 as OrdBy, * FROM qryListingsTmp WHERE ref_num NOT IN
(#ValueList(qryListings.ref_num)#)
ORDER BY OrdBy
</cfquery>

I get a ColdFusion error about the number of columns being different between the two queries.

(more…)

I had the need to instantiate some static nested Java classes, from within ColdFusion. I was doing some searching through IMAP. The Java code I was trying to emulate went something like this:

import javax.mail.*;
import javax.mail.internet.*;
InternetAddress address = new InternetAddress();
SearchTerm toTerm = new RecipientTerm(Message.RecipientType.TO, address);
SearchTerm ccTerm = new RecipientTerm(Message.RecipientType.CC, address);
SearchTerm bccTerm = new RecipientTerm(Message.RecipientType.BCC, address);
SearchTerm[] recipientTerms = {toTerm, ccTerm, bccTerm};
SearchTerm orTerm = new OrTerm(recipientTerms);

(more…)

I ran into this issue when adding a new datetime column to an existing table in my MySQL 5 database. I did not get the error in my production environment, only the dev environment on my local machine.

I was puzzled by this error, because I thought the all zeros value basically meant a null/unknown date value. Also I wasn’t using a type TIMESTAMP, I was using a DATETIME column type, so that threw me, too. After digging through the data a little bit, I found that the values for these new columns in the production database were NULL, but the values in my dev database were ‘0000-00-00 00:00:00′. A little googling told me that the all zeros value is what happens when an invalid date is assigned to a datetime field.

I could not see any differences in the schema, so I’m not sure how this happened. But updating my dev data to be NULL where the value was ‘0000-00-00 00:00:00′ solved the problem.

The other option, if you can’t change your data, is to add these items to your connection string value in the ColdFusion Administrator for your datasource:

noDatetimeStringSync=true&zeroDateTimeBehavior=convertToNull

This tells MySQL to return a null instead of throwing an exception when one of these values is found. This is how I initially solved the problem, until I figured out that ‘0000-00-00 00:00:00′ was not a proper value.