I'm thrilled to report that Ben Forta is visiting the Twin Cities again as part of the Adobe worldwide user group tour for the upcoming versions of ColdFusion and Flex. I got the official word a few weeks ago and have been head down in planning mode ever since. Figuring attendance will bust down the doors at Easel Solutions, we needed a bigger venue, so I made a bunch of calls, sent emails, and even visited one potential location. In the end we choose the University of St. Thomas, St. Paul Campus and I think it is going to work out great.

I want to thank the TCCFUG's co-manager, Ben Ellefson, for major work on the event registration website. It's now live and I urge you to get this on your calendar and register now. This is one user group meeting you will not want to miss, plus you'll be fed and could win an IPod touch to boot.

Hope to see you there!

Today I wanted to find an easy way to put a status update into my Twitter account using ColdFusion. I went searching the API docs, and found this page.

http://apiwiki.twitter.com/Libraries

Unfortunately, there are no CF examples listed, boo! However, there are some for Java, so I continued my search in that direction. Eventually I found this JSP taglib, and decided to give it a "Twirl" :)

http://www.servletsuite.com/servlets/twittertag.htm

To use any JSP taglib, you simply drop the .jar file into your /webroot/WEB-INF/lib/ directory. I believe it also requires the Enterprise edition of ColdFusion. A good article that fully explains their usage was done by Charlie Arehart back in May 2002.

After copying the file, you must then restart ColdFusion. This is a must or you will get an error when attempting to import the library.

That's it, I was now ready to test a Twitter post. Here is the sample code I used that will put a new status message in my Twitter account. I saved this in a file twitter.cfm, then browsed to the page on my local machine as http://localhost/twitter.cfm

Upon success, an XML dataset is returned in the "result" variable. If you cfdump it, looks like this.

If you fail to restart CF, you will see this TagExtraInfo error message:

This is not the best solution if you are in a shared hosting environment, as they may not install the twittertag.jar file for you. I'm curious what other methods developers have found to accomplish status posts to Twitter.

Yesterday I was working on porting some PHP code into ColdFusion. The PHP code was using a function called long2ip(), and I researched this PHP Manual website to learn more about it. I needed this function in CF, but couldn't find it at cflib or anywhere else doing a few Google searches. The closest I came was this blog post by Brandon Purcell, which got me started in the right direction. I learned from what Brandon wrote, along with the comments input by Gabriel Malca (if the function doesn't exist) at the PHP Manual site and came up with the logic for my CF version of the function. After I had this working, I figured I better implement the opposite conversion function as well, so I also created ip2long(). Again I found a user comment for when the function doesn't exist to base my function's logic. I submitted these to cflib.org today, so look for them soon.

Examples:
long2ip(3401190660) = 202.186.13.4
ip2long(202.186.13.4) = 3401190660

Here is the code for UDFs below:

Back in Oct 2005, SysCon published an article I wrote in CFDJ magazine. Unfortunately, the Webmonkey.com tutorial I originally based my article on has been removed by Wired. I contacted them and hopefully they'll dig it up and repost it under their new wiki site. In the meantime, here is a link to the CFC file zipfinder.cfc used in that article.

One more note... if you make use of my code examples from the CFDJ article, please write your queries using cfqueryparam, which I should have done in the first place.

We have a great meeting planned for both intermediate as well as brand new CF developers. This meeting is Wednesday, Nov 5th at Easel Training.

Room 1) Kurt Wiersma - BlazeDS
Have you ever wondered what BlazeDS is and what it can do? If so this session is for you. We will cover how you can install BlazeDS inside of CF and how CF can communicate with BlazeDS to make Flex applications get real time messages from ColdFusion.

Room 2) Jason Dean - New Developer Breakout Session
This break out session will be an informal meeting for new developers and for developers who are new to CFML. Bring your questions or just learn the basics of ColdFusion.

Both topics will be presented simultaneously in different rooms. Learn more at colderfusion.com

Just got back from the BFusion/BFlex conference and wanted to summarize my weekend. I joined a few local CF developers and we drove 11+ hours to Bloomington, Indiana to attend this FREE 2-day conference put on by some of the Adobe User Groups in conjunction with Indiana University.

Day 1 was ColdFusion focused, and I was in the Intermediate Track. We spent a full day of hands on training learning about the Mach II framework. This was my first formal exposure to a framework and it was great to get a recap of OO principles and see them in action.

Day 2 was Flex focused and I was in the Beginner Track. We started building a basic photo gallery application following the actual Adobe Flex course materials. I only stayed until noon as we had to get back on the road for the long drive home. Plus, I had a similar training back in April at the local Flex Camp in Minneapolis, so I don't think I missed too much.

Highlights of the trip:
- good intro to Mach II, hope to start using it on a small app at work
- my 2nd exposure to Flex, I really need to put this into a work app soon!
- met some new CFers and had a good time at The Upland Brewery restaraunt
- got started on Twitter and now following over 20 others
- scored tons of swag for giveaways at CFUG (CF tag posters, Fusion Authority frameworks issue, Flex Authority first issue, etc)
- won a new book: ColdFusion 8 Developer Tutorial
- arrived there and back home safely as we covered approx 1400 miles by car

I've started working with a new client over the past couple of weeks. Ken Wolfbauer and Kathi Wolfbauer of Seal Guard Systems who approached me to help with their HTML and SEO. We have been working together in their great showroom in Blaine, MN. I've suggested that they move their site under ColdFusion. I'm looking forward to working with Ken and Kathi to promote their products and services on the Internet, including Milgard fiberglass windows and Metro steel roofing. Hopefully I'll convince Kathi to start using ColdFusion so we can take their website to the next level.

If you have a ColdFusion page that contains a form with text inputs or uses URL params, make sure you are not vulnerable to a XSS attack. I'm quite novice at this myself, but learning more about it recently.

Here are some inputs to try in your forms or URL param values, if they echo the value back to the user after the page submits/reloads. This is often done on forms with server side validation when 1 or more errors are found, you preserve the fields already typed by the user and give them an error message to try again.

The solution is to wrap any value that echos back on the page in HtmlEditFormat(). For example:

Even Ray Camden's blog.cfc is vulnerable. To see what I mean, follow these steps:

1) Click here to the contact page

2) Enter the following in the Name field:

3) Click the Send Your Comments button

If you get an error page like this, and are scratching your head as to why, it's probably an infinite loop in your CFML code. The error I had was this, and sure enough, I had an out of control loop.

Here is a code snippet that makes the ColdFusion processing "sleep" for the specified number of milliseconds. This works on ColdFusion MX 6 and above, which can expose the Java language from within CFML.

ColdFusion 8 introduced a new sleep() function. The above code and the new function are explained in more detail in this ColdFusion Cookbook article.