pf » Archives for May, 2005

Jacques Marneweck has posted a subversion pre-commit hook that will reject any commit attempt with a commit message less than 10 characters long.

This is handy if you have developers that like to leave blank commit messages.

According to the W3C the next version of XHTML - is going to "last call real soon now". Steven Pemberton the Chair of the W3C Working Group has posted a presentation on XHTML2 on the W3C web site. The presentation shows some cool new features in XHTML 2...

Array's and Structures (structures in CF are called hashtables, or associative arrays) are two very different data structures. There is some confusion about how arrays work in CF, and from what I can understand they are based on native java arrays.

During the dot com boom - fancy Aeron chairs, desks made of lego's, and cool titles such as spider man were all the rage for web developers with funding.

The folks at del.icio.

Following Bruce Schneier's lead I created a page listing the 100 most recent comments on my blog.



I may also add an RSS feed for recent comments, would anyone find that handy?

I recently did this:

<cfoutput query="#queryName#"> ... </cfoutput>

Can you spot the error?

I think that is probably a very common mistake - here's the error message you get in ColdFusion MX 6.

Since implementing tags on my blog I have noticed that they are much more powerful than categories. Here's why:

You find related items by searching for mutual tags between items. That's how I show you related posts on my blog.

I'm working on a function to strip HTML, but preserve things like paragraph spacing. In removing HTML tags, sometimes you end up with lots of blank lines...

It occurred to me this morning that ScriptProtect can be a handy feature for globally protecting against SQL Injection Attacks

DISCLAIMER - just like its inability to protect against all forms of XSS attacks this solution may not protect you from all SQL Injection attacks.

ColdFusion MX 7 has a new feature that lets you "lets you protect one or more variable scopes from cross site scripting (XSS) attacks". It can be turned on in the cfapplication tag using the scriptProtect attribute, or in the ColdFusion Administrator as a global setting.

Seth Godin has a great post called The persistence of really bad ideas, in which he rants about how web developers always seam to use select boxes for picking states and countries:

There are fifty states. This is a problem.

I posted a follow up to an article that appeared in MarketingSherpa called: RSS in Reality: Not a Replacement for Email - Metrics & Best Practices on our our company blog. MarketingSherpa often has some interesting articles, though I'm told this is not the first time they have been way off base.

It is often stated that CFLOCATION does a client side redirect. This means that it sends back some HTTP headers telling your browser to request a different location. This is done with a 302 (Moved Temporarily) HTTP status code, and the Location header.

Today must be database day for me...

A question on my local CFUG mailing list asks how to remove duplicate values from two different tables:

I have 2 tables that store email addresses. One table is for newsletters and

the other is for registration to our site.

Cameron Childress pointed out the allowMultiQueries setting in the MySQL JDBC driver on the CFGURU list. It is set to false by default to protect you from SQL Injection attacks.

I'm working on a web security presentation, and I was curious to know if PHP supported prepared statements. It looks like as of PHP 5 they do support it with the new mysqli object (mysqli replaces the mysql class with support for mysql 4.

I have probably seen this logo a several times in the past, but it stuck out last time I saw it. It says: This product contains no CFCs which deplete the ozone layer.

Jakob Nielsen has recently published an article titled: Mental Models For Search Are Getting Firmer. The article basically states that if your sites search functionality behaves different from Google, that users will get confused.

You can make the close X show-up on a widget by holding down Command and Alt/Option. This is sometimes easier than hitting the + button.

The Javalobby has a great article called Eclipse: Managing Multiple Eclipse Installations that shows you how you can keep one plugins directory and have it work for multiple eclipse installs.

Since I do a lot of Java 1.5 development, I have to use Eclipse 3.

Courier New is the standard monospace fixed width font used by programmers. If your looking to try something new, I just found a list of fonts for programmers. Right now I'm trying out Bitstream Vera Sans Mono.

Yahoo! Research labs has something they call the Tech Buzz Game, it's a make believe stock market for technology trends.

After hearing a lot about grease monkey I finally got around to installing it and playing with it, and it's pretty cool!.

What is greasemonkey?

It's simply a firefox extension that allows you to run JavaScript User Scripts when the current page matches a URL pattern specified.

I found a site that has some good security tips for web developers. It mentions one type of attack that doesn't get much attention - called Cross Site Request Forgery (CSRF).

I know that my visitors represent a very niche portion of the internet - but I have noticed that the number of Mac users on this web site has spiked this month.

In January of 2005 4.3% of my visitors were on Mac's, so far in May of 2005 12.4% are Mac users.

Jason Fried of 37Signals writes about some of the potential problems that Google Web Accelerator can cause in your web applications, due to the use of Prefetching within the product.

The accelerator scours a page and prefetches the content behind each link.

I just published an article called: Using Subversion build hooks to send a findbugs report email.

I just noticed that the ParagraphFormat tag is not XHTML safe. It inserts unclosed <P> tags for line breaks. I posted a comment on the live docs about this, so hopefully they will add an optional argument to have it generate XHTML output.

I have had Mac OSX 10.4 Tiger for 3 days, and I have already released my first Dashboard Widget called Dash Shopper - Amazon Product Search Dashboard Widget.

The widget supports multiple locales US, UK, Canada, Germany, France, and Japan.

There was a thread recently on the CFGURU mailing list about the merits of the various tweaks that CFML developers use to gain a few extra milliseconds.

Mac OS X 10.4 Tiger was just delivered to my office from Amazon. I'm pretty impressed, I ordered it with Free Shipping, got a $35 rebate, and it was only 2 business days later than if I ordered direct from Apple.

Note that if you plan to use Dreamweaver, FreeHand, or Contribute on Mac OS X 10.4, Tiger, there are some known issues that Macromedia has posted. Dreamweaver has about 11 compatibility issues though none of them look to be too serious.

Apple has released Java 1.5 as a manual download with no plans to release J2SE 5.0 for earlier releases of Mac OS X. Which I guess means that its not going to show up in Software Update for quite some time. Additionally applications requiring J2SE 5.0 / JDK 1.5 must explicitly request version 1.5.

Found this on del.icio.us/popular: The first (and only) time traveler convention will be held at MIT on May 7.

Check out the FAQ its pretty funny - it appears to be organized by a MIT student.