Just got back from the BFusion/BFlex conference and wanted to summarize my weekend. I joined a few local CF developers and we drove 11+ hours to Bloomington, Indiana to attend this FREE 2-day conference put on by some of the Adobe User Groups in conjunction with Indiana University.

Day 1 was ColdFusion focused, and I was in the Intermediate Track. We spent a full day of hands on training learning about the Mach II framework. This was my first formal exposure to a framework and it was great to get a recap of OO principles and see them in action.

Day 2 was Flex focused and I was in the Beginner Track. We started building a basic photo gallery application following the actual Adobe Flex course materials. I only stayed until noon as we had to get back on the road for the long drive home. Plus, I had a similar training back in April at the local Flex Camp in Minneapolis, so I don't think I missed too much.

Highlights of the trip:
- good intro to Mach II, hope to start using it on a small app at work
- my 2nd exposure to Flex, I really need to put this into a work app soon!
- met some new CFers and had a good time at The Upland Brewery restaraunt
- got started on Twitter and now following over 20 others
- scored tons of swag for giveaways at CFUG (CF tag posters, Fusion Authority frameworks issue, Flex Authority first issue, etc)
- won a new book: ColdFusion 8 Developer Tutorial
- arrived there and back home safely as we covered approx 1400 miles by car

I've started working with a new client over the past couple of weeks. Ken Wolfbauer and Kathi Wolfbauer of Seal Guard Systems who approached me to help with their HTML and SEO. We have been working together in their great showroom in Blaine, MN. I've suggested that they move their site under ColdFusion. I'm looking forward to working with Ken and Kathi to promote their products and services on the Internet, including Milgard fiberglass windows and Metro steel roofing. Hopefully I'll convince Kathi to start using ColdFusion so we can take their website to the next level.

If you have a ColdFusion page that contains a form with text inputs or uses URL params, make sure you are not vulnerable to a XSS attack. I'm quite novice at this myself, but learning more about it recently.

Here are some inputs to try in your forms or URL param values, if they echo the value back to the user after the page submits/reloads. This is often done on forms with server side validation when 1 or more errors are found, you preserve the fields already typed by the user and give them an error message to try again.

The solution is to wrap any value that echos back on the page in HtmlEditFormat(). For example:

Even Ray Camden's blog.cfc is vulnerable. To see what I mean, follow these steps:

1) Click here to the contact page

2) Enter the following in the Name field:

3) Click the Send Your Comments button

If you get an error page like this, and are scratching your head as to why, it's probably an infinite loop in your CFML code. The error I had was this, and sure enough, I had an out of control loop.

Here is a code snippet that makes the ColdFusion processing "sleep" for the specified number of milliseconds. This works on ColdFusion MX 6 and above, which can expose the Java language from within CFML.

ColdFusion 8 introduced a new sleep() function. The above code and the new function are explained in more detail in this ColdFusion Cookbook article.

I've been working on a small project at work to allow a user to click a link from an event registration confirmation email, which will open a .ics file in the browser. This special file is in the iCalendar format, and is recognized by MS Outlook, Mozilla Sunbird, and other calendaring tools. It creates an entry in your calendar, with a 30 minute reminder alert, to help you remember to attend the webinar event you registered for. I learned from the vCal() function on cflib.org, and will be submitting my new iCalUS() UDF soon. But here is the code now, as it takes some time to get verified for inclusion on the CFLib.org site.

Download the code in a zip file.

I wrote the function to work in the U.S. and account for daylight savings time. Hopefully developers outside the U.S. can adapt this code to fit their timezones accordingly. Here is the code used for the test submission form and cfcontent/cfheader tags for the following demo.

Here is a demo of this in action.

-- Update 4/10/08: I submitted the UDF to cflib.org today. Hopefully Ray will post it soon. --

I had a project where we had a graphics library, and a bunch of zip files were placed in a directory. The zip files contained 1 or more images packaged up. It was mostly used for product shots to show views of front, back, left, or right. Each zip file could have an associated thumbnail preview image. The files followed a special naming convention, with file names in a format of: SUBJ_DESC_VIEW_FORMAT_TYPE.zip. I used a RegEx (regular expression), as well as the Find() function to parse the file name.

SUBJ is the subject, and should describe the file, and helps order the files alphabetically in the directory.

DESC is the description, such as: LOGO, Model, Version-3, etc. (hint: you can lengthen the description with up to 3 dashes -'s)

VIEW is optional, and can be either: Ft (front), Rt (right), Lt (left), or Bk (back)

FORMAT can be either: PPT, PRINT, or WEB

TYPE is optional, and can be either: EPS, JPG, TIF

A thumbnail preview can be used, and must be named: SUBJ_DESC_VIEW_thumb.gif (or .jpg). If VIEW was used for the zip file name, it must also be used in the thumbnail file name.

Example zip file: UTM_1100D_Ft_PRINT_EPS.zip

Example thumb file: UTM_1100D_Ft_thumb.gif

Here was the code I used to parse the file name and display a friendly version without dashes to the user.

Example zip file: UTM_Model-1100D-Silver_Ft_PRINT_EPS.zip

The user would see: Model 1100D Silver (Front view) (EPS High-Res)

Last week on our CFUG's technical email list, a question was asked by @cosmic: I have created a dynamically generated XML based off of the contents of a directory using CFDIRECTORY. The problem I am having is that when it outputs the XML it doesn't put the files in the correct order that I want. It sorts them as 1.jpg, 10.jpg, 11.jpg,12.jpg, 13.jpg, 14.jpg, 15.jpg ,16.jpg, 17.jpg,18.jpg, 19.jpg, 2.jpg, 20.jpg and so on. I want them to sort as 1.jpg ,2.jpg, 3.jpg, 4.jpg, 5.jpg, 6.jpg. The only fix I have run into is to add zeros on to the beginning of the files 01.jpg, 02.jpg. Is there a way around this so I don't have to add zero to my 1,000 files?

An answer was quickly given by @lockjw: Use QueryAddColumn to add a sorting column the the CFDIRECTORY result. Parse the file name to get the numeric value - put that into the new column. Use query of query to output results, sorting on the newly added column.

However, @cosmic was still stuck and asked for some code. So I did what @lockjw explained, but with a directory of 14 text files named 1.txt thru 14.txt. It worked great...

It took some struggles with datasource setup with my new hosting provider gisol.com, but I'm finally up and running. I found a bug along the way. In the "blog.ini.cfm" file, there cannot be any whitespace after the value for "dsn=". Apparently, I had a space, and it kept throwing a Data source not found error. Ray needs to trim this value and avoid an easy gotcha for a newbie installer.

I'll probably add some CF related posts I made in the past few years on my personal blog www.pullis.org/blog and backdate them accordingly.

A client of mine needed a solution to bulk import CSV files of affiliate coupon data into his database. I found a great blog by Ben Nadel who covered the exact topic I was looking for: CSVToArray() ColdFusion UDF For Parsing CSV Data / Files

After I implemented Ben's function, we were able to import 1000 records in about 1.6 seconds. Not bad, considering it used to take him hours of time to manually input the coupons one at a time.

Thanks Ben (and Steven Levithan who helped improve the RegEx)