Ensuring the security of your ColdFusion environment is crucial, and by adhering to simple rules, you can significantly enhance its robustness. Here are some key practices to follow: Use Supported Versions: Always make sure to use a ColdFusion version supported by Adobe. Regularly update both ColdFusion and Java to benefit from the latest security patches and improvements. Utilize cfqueryparam: Protect your applications from SQL injection attacks by consistently using cfqueryparam in your queries. Despite these fundamental security measures, it’s essential […]
When working on migration projects to ColdFusion 2023, one of the most common updates is to bulk replace instances of ‘cf_sql_int’ with ‘cf_sql_integer’. In some projects, data validation for variables may have been overlooked, such as using float data or commas in numeric values. To address these issues comprehensively, we can employ custom tags like ‘cf_query’ and ‘cf_queryparam’ to handle required conversions and data validation. An excellent reference for this approach is Adam Cameron’s 2012 article on ‘Custom tags: nesting’: […]
In my recent work on migrating older projects to ColdFusion 2023, I encountered the need to recreate the functionality of the deprecated CFMENU tag. Although I hadn’t used CFMENU before, adapting to the new environment prompted me to develop a solution using custom tags. I propose creating two custom tags to replicate the required functionality. Let’s refer to Adobe’s documentation for CFMENU as an example: https://helpx.adobe.com/coldfusion/cfml-reference/coldfusion-tags/tags-m-o/cfmenu.html We need to create 2 Custom tags: Menu.cfm: <cfsetting enablecfoutputonly=”Yes”> <cfparam name = “Caller.oldstatus” […]
Last time, most of my work involved migrating sites from pretty old versions of ColdFusion, mainly versions 9 or 10, to ColdFusion 2023. Despite the fact that the sites were created by different developers, the task was relatively straightforward. In most cases, we simply needed to correct ‘cfsql’ types in ‘cfqueryparam’. For instance, we could perform a bulk replace to change ‘cf_sql_int’ to ‘cf_sql_integer’. The process becomes more complicated when dealing with issues related to reserved words, especially when they […]
Recently, during the migration of one of our sites to ColdFusion 2023, an unexpected error cropped up, causing around 30% of bulk emails to go undelivered. When attempting to resend these emails, a peculiar pattern emerged – the same percentage of undelivered emails persisted, but with different recipients. In our ColdFusion server, we meticulously configured mail server settings. However, for our transactional emails, we leverage MailSender, which operates through its own SMTP server and can seamlessly integrate with the cfmail […]
If you need to find the passwords for ColdFusion 9 datasources, here is code to do that (though you must know the CF Admin password in order to run it).
Very often, we need to dump value of variable when we develop the new functionality or trying to find an error.
We definitely don’t need to show the dump for everyone.
I believe it will be very helpful to add IP attribute to cfdump.
In the modern world it’s hard to create a good product without integrating it with third party services. One of the most popular services in the business world today is Zoom. I’d like to share some of the experience my team and I have had working with the Zoom API. Hope you enjoy the read and its helpful!