Detecting SQL Injection with ScriptProtect

coldfusion databases It occurred to me this morning that ScriptProtect can be a handy feature for globally catching a few forms of SQL Injection Attacks

WARNING - just like its inability to protect against all forms of XSS attacks this solution DOES NOT protect you from all SQL Injection attacks.

This entry was:

ScriptProtect in ColdFusion MX 7 not a catch all

coldfusion ColdFusion MX 7 has a new feature that lets you "lets you protect one or more variable scopes from cross site scripting (XSS) attacks". It can be turned on in the cfapplication tag using the scriptProtect attribute, or in the ColdFusion Administrator as a global setting.

This entry was:

Linux getting the shaft in ColdFusion 7

coldfusion I was just looking at the Linux system requirements for ColdFusion MX 7. For supported linux operating systems, it lists:

Red Hat Enterprise Linux AS & ES 2.1 or 3.0

SuSE Linux Enterprise Server 8.x

TurboLinux 8 Server (Japanese only)

In 6.

This entry was:

CFFUNCTION and CFARGUMENT don't support new types in ColdFusion 7

coldfusion One thing I just realized today - that is a bummer, is that the new types supported by cfparam, and IsValid (eg integer, email, zipcode) in ColdFusion 7 are not supported by the returntype attribute in CFFUNCTION, and not supported in the type attribute of CFARGUMENT. Whats up with that?

This entry was:


coldfusion After a long break in my series of the little enhancements in ColdFusion MX 7 (CFMX 7 Little Things), I am back today with another article, this time with the Hash function.

In versions of ColdFusion prior to 7, the Hash function used the MD5 algorithm to generate hash values.

This entry was:

Forta's ColdFusion MX 7 Books on Sale

books coldfusion Ben Forta's ColdFusion MX 7 books are now available for pre-order from Amazon.

This entry was:

Strong Encryption Technote shows undocumented features

coldfusion Macromedia has just released a technote entitled: Strong Encryption in ColdFusion MX 7. It has lots of information useful to anyone planning to work with these features. In addition I noticed mention of two undocumented arguments in the Encrypt() and Decrypt() functions.

This entry was:

CFTIMER - Little things in ColdFusion 7

coldfusion I am digging the new cftimer tag in ColdFusion MX 7.

In previous versions when you want to time how long something takes, you would do something like this:

<cfset tick = GetTickCount()>

run your code here...

This entry was:

cfdirectory adds recursive support - Little Things in CFMX 7

coldfusion I know I have written recursive custom tags, and functions (more than once) to solve this problem in the past, but now you can just add a simple recurse="true" to your cfdirectory tags in ColdFusion MX 7.0

<cfdirectory action="list" directory="#ExpandPath(".

This entry was:

IsValid - CFMX 7 Little Things

coldfusion ColdFusion MX 7 added a new function called IsValid. The IsValid function performs data validation just like the CFPARAM tag, and supports all the new data types in cfparam (see my previous post) as well.

This entry was:

ColdFusion 7 Strong Encryption

coldfusion ColdFusion MX 7 adds strong encryption support to the Encrypt and Decrypt functions. In addition to the legacy algorithm used in Encrypt, and Decrypt - ColdFusion MX 7 now makes it incredibly easy to use AES, Blowfish, DES, and Triple DES encryption.

This entry was:

CFPARAM - New Features in CFMX 7

coldfusion ColdFusion MX 7 is packed with lots of little new features, that are, well killer! I am starting a series on my blog called Little Things that Kill that will expose some of these killer new features and subtle improvements. And yes, the name is inspired by Bush (the band).

This entry was:

ColdFusion MX 7 on Mac OS X

coldfusion apple If your installing CFMX 7 on Mac OS X and getting hung up on "Starting Graphing..." then you need to add a property to your JVM Arguments. Add -Djava.awt.headless=true in your JMC Server - Settings - JVM Settings - VM Arguments.

This entry was:

ColdFusion 7 Tags and Functions added to

coldfusion I have added support for new functions and tags in ColdFusion MX 7.0 to the site, as well as multiple version support. So now if you want cfdocs.

This entry was:


did you hack my cf?