Stillnet Studios

When I migrated our Mura site to our new IIS7 servers, one problem I noticed is that the Mura 404 handler was no longer showing. Instead the default IIS 404 page was displaying.

This problem doesn’t only apply to Mura, it will crop up with framework or code that uses the onMissingTemplate handler. The fix is easy. Edit the web.config file in the webroot, look for an httpErrors tag. It might look like this:

You need to add existingResponse="PassThrough" to it. If that element is missing completely, just add it with the necessary attribute.

Fixed!

A few weeks ago, the people at CFWheels announced a contest to get people to try out CFWheels. To enter the contest all you need to do is build a version of litepost in CFWheels. If you haven’t heard of litepost, its a simple blogging app thats been used to demonstrate different ColdFusion frameworks. Really all you need from the litepost project is the database. Then just build some CRUD for the users, entries, comments, etc. I’ve been wanting to learn more about this framework for a while so I thought this contest would be a good excuse to check it out. The top 3 winners get Amazon gift cards.

So far I’ve found this to be a pretty neat framework. I see a lot of similarity to Rails. The documentation is very good. The plugins are pretty neat, you just drop a zip file into your plugins directory and you can start using that plugin.

To start I downloaded cfwheels and setup my database. I installed the scaffolding plugin and used that to generate my CRUD views, models and controllers. Already I had the basics working! I tried creating/listing/editing users and it worked great.
Continue reading ‘Trying out the CFWheels framework’ »

A friend asked me for some help the other day. At the place he works at they use IIS on their production servers, but each developer works locally using Apache. Why use different webservers for production and development? He said they do it because its easier to develop locally with Apache. My guess is its easier because you can run multiple sites at once with Apache. With IIS on a desktop machine you can only run one site at a time. I do the exact same thing at my job, actually.

Anyway, once in a while this causes issues. In this case, there was code on the server that required a username and password in order to access the page. The security was done at the web server level, aka “HTTP authentication”, which causes your browser to prompt you for a username and password. These credentials then get sent along in the request headers (its actually a little more complicated than that but I won’t get into that here). After authenticating, the username is available to ColdFusion as a CGI variable – CGI.REMOTE_USER.

When using IIS, that value is also available as CGI.AUTH_USER. In all CGI variable specs I could find, they all reference REMOTE_USER, not AUTH_USER, I’m not sure when AUTH_USER started to be used. Anyway, this ColdFusion code running on the IIS server would look to the CGI.AUTH_USER variable and display some things differently depending on who the user was.

This posed a problem when trying to run this code locally under apache. The CGI.AUTH_USER variable did exist, but it was always blank. One could change the code to use the more multi-platform friendly “REMOTE_USER”, but sometimes there are hurdles to changing existing code.

But there is a way to mimic the behavior of IIS, by copying the REMOTE_USER value into AUTH_USER. Its only three simple lines but it took me quite a while to figure this out.

RewriteEngine on
RewriteCond %{REMOTE_USER} (.*)
RewriteRule .* - [E=AUTH_USER:%1]

You’ll need to have mod_rewrite enabled of course. Usually all you need to do is uncomment a line that looks like this in httpd.conf:

LoadModule rewrite_module modules/mod_rewrite.so

The three magic lines can go into the httpd.conf file, or you could place them in a .htaccess file in the directory you’re working in.

Today a coworker asked me if I knew how to recover a deleted file in CFEclipse. He had accidentally deleted it before putting into his source control. Since he had been working on this file recently, there is a way to recover it.

By default Eclipse keeps a local history of the files you work on. From within Eclipse, right click on a file and select Team->Show Local History.

From here you will get a list of revisions, generally one is made each time you save the file. You can open a revision, or even use a built in diff tool to compare it to your current version.

But in this case we had no current version to even right click on to start the process. So we simply created a new, empty file in the same location as the old one. Then we were able to right click on it and pull up the history.

This local history is stored under your workspace in workspace\.metadata\.plugins\org.eclipse.core.resources\.history, but its not easy to manually browse. There any many directories and the files in those directories are given nonsense file names. Much easier to stick with the Eclipse interface.

Keep in mind that if you haven’t edited the file in a while there may not be any history to go to.

The other day I had the need to align some data in an html cfgrid. There are some alignment attributes of the cfgriditem tag, but they do not work in html grids. I tried wrapping the data in a span tag with some css aligning it, but that didn’t work either.

But there is a way. When CF8 generates the grid it writes out CSS ids and classes that you can use to style the grid. For example to right align the 5th column you can use this:

.x-grid-td-5 {text-align:right;}

The number you need to use in the class name does not always match up with the column. Sometimes I had to use .x-grid-td-8 to reference the 6th column for example. I think the number increments for each cfgrid item, even if you have display=no.

If you have more than one cfgrid on your page and only want to align the nth column in one of them, you can wrap the cfgird in a div with an ID so you can reference only that grid in your CSS.

If you’ve used the new CF8 UI features to create tabs, you may have run into an issue when you have a lot of them. By default the tabs will not wrap. Take this snippet of code for example. I’ve added a red border on this 300 pixel div so you can see the tabs won’t wrap inside of it:

<div style="font-family: arial; width: 300px; border: 1px solid red;">
<cflayout type="tab" name="myTabs">
  <cflayoutarea name="january" title="January 2009">
     <p>January</p>
  </cflayoutarea>
  <cflayoutarea name="february" title="February 2009">
     <p>February</p>
  </cflayoutarea>
  <cflayoutarea name="march" title="March 2009">
     <p>March</p>
  </cflayoutarea>
  <cflayoutarea name="april" title="April 2009">
     <p>April</p>
  </cflayoutarea>
</cflayout>
</div>

Imagine that 300 pixel div is your normal content area – it could be a table or just the width of your browser. Take a look at what it produces in your browser:

In ColdFusion 8 (this might change in CF9?) the tabs generated by cflayout are table data cells. It would be pretty hard to cause table data cells to wrap within a set of <tr></tr> tags wouldn’t you think? It actually is possible though. If you add this snippet of CSS:

<style type="text/css">
.x-tabs-strip tr {display:block}
.x-tabs-strip td {display:block; float:left}
.x-tabs-strip .on .x-tabs-inner {padding-bottom:4px}
</style>

You’ll see the tabs now look like this:

If you want to force the tabs to be a specific width, add one more line:
<style type="text/css">
.x-tabs-strip tr {display:block}
.x-tabs-strip td {display:block; float:left}
.x-tabs-strip .on .x-tabs-inner {padding-bottom:4px}
.x-tabs-wrap table {width:400px}
</style>

In most JavaScript frameworks tabs are done using list elements (<li> tags) inside an unordered list (<ul> tag). This approach is much more flexible. It will be interesting to see what changes are made to the html generated by the layout tags in ColdFusion9.

Update 1/4/2010 – The method described above does NOT work in CF9. The tabs generated in CF9 are done using a much newer version of EXT. They are no longer based on table data cells, instead they use list items ( <li> tags), like most tab implementations. Use this CSS to wrap the tabs in CF9.

One of the new features I am excited to see in ColdFusion 9 is support for anonymous arrays. I’ve used these before in PHP, Perl, and other languages, and I’m glad to see them added to ColdFusion.

I blogged about this issue in 2007. I was trying to add a column to an existing array that I knew only had one row. QueryAddColumn() accepts an array of values to add to an existing query – one element for each row. So I only needed an array with one element. So I thought I could use CF8’s new inline array syntax and just pass it in like this:

<cfset QueryAddColumn(existingQuery,
                     "newColName",
                     "varchar",
                     ["single new value"])>

This would throw an error in CF8, but works just fine in CF9!

By the way this also works just fine in the current version of Railo.

Did you know there is a “format” attribute for the cfdump tag? The default format is html, but you can also pass in a format of “text”. I’ve found this useful for putting data structures into plain text emails, logs files, and other things.

For example, this code:

<cfset tmp.fname = "John">
<cfset tmp.lname = "Smith">
<cfset tmp.age   = 26>
<cfset tmp.city  = "Omaha">
<cfset tmp.state = "Nebraska">
<cfdump var="#tmp#" format="text">

Produces this output:

struct
AGE: 26
CITY: Omaha
FNAME: John
LNAME: Smith
STATE: Nebraska

It works for complex structures, too:

<cfset tmp.person1.fname = "John">
<cfset tmp.person1.lname = "Smith">
<cfset tmp.person1.age   = 26>
<cfset tmp.person1.city  = "Omaha">
<cfset tmp.person1.state = "Nebraska">
<cfset tmp.person1.pets  = ['Fluffy','Mr. Jingles','Bambi']>

<cfset tmp.person2.fname = "Mary">
<cfset tmp.person2.lname = "Doogan">
<cfset tmp.person2.age   = 32>
<cfset tmp.person2.city  = "Kansas City">
<cfset tmp.person2.state = "Missouri">
<cfset tmp.person2.pets  = []>
<cfdump var="#tmp#" format="text">

Produces this output:

Struct
PERSON2 Struct
	AGE number 32 
	LNAME string Doogan 
	PETS Array
	STATE string Missouri 
	CITY string Kansas City 
	FNAME string Mary 

PERSON1 Struct
	AGE number 26 
	LNAME string Smith 
	PETS Array
		1 string Fluffy 
		2 string Mr. Jingles 
		3 string Bambi 
	STATE string Nebraska 
	CITY string Omaha 
	FNAME string John

Railo also supports the “format” attribute, but BlueDragon does not. In fact Railo supports a bunch of interesting attributes to the cfdump tag.

There have been some attacks recently against ColdFusion servers that allow users to upload files. This is a common feature on many sites – uploading your profile photo, classified ad pictures, etc. Here is my take on handling file uploads securely.

First, make sure you are not uploading files directly into your webroot. For example if you store your user’s profile photos in /images/profilePhotos, don’t upload your file right into there. You need to put it somewhere safe first and verify that it really is an image file. Adding accept=”image/jpeg” to your cffile tag doesn’t save you here either. There are attacks where the mime type is spoofed, making ColdFusion think an image file is being uploaded, when really its a .cfm file.

So, you need to place the file somewhere outside your webroot. A convenient place to use is your server’s temp directory. You can get the path to a temp directory by calling the built-in getTempDirectory() function. For example:
Continue reading ‘Secure image uploading with ColdFusion’ »

If you are developing a ColdFusion application, or even just a stand alone CFC that you plan to distribute, you might want to make sure it runs on all three major CFML engines – Adobe ColdFusion, Railo, and Open BlueDragon. It can be tedious to always copy code around between your three test sites, but there is an easier way. You can have the same code base run through all three CFML engines at once.

There are a few caveats: Continue reading ‘Running your CFML code through Railo, OpenBD, and Adobe CF all at once’ »