http://www.cfblogs.com CFBlogs.com is the place to go for ColdFusion-related Blogs and Jobs Thu, 24 Jul 2008 15:58:08 GMT http://www.firemoss.com/post.cfm/joe-rinehart-joins-broadchoice-inc I'm proud to announce that I am now a Systems Architect for Broadchoice, Inc. I'm a direct report to Sean Corfield, and the (impressive) list of technical coworkers includes names like Raymond Camden and Nicolas Lierman. At CFUnited 2008, Sean and Ray took a group of us out to lunch - little did I know that the three hours there would pale in comparison to the duration of the full interview, which consisted of attending the Broadchoice Global Developer Meetup '08. Ending my independent consultancy through Firemoss was a hard decision to make, but Broadchoice made an offer I couldn't refuse. In my new role, I'll be: Working with an engineering team that's second to none in the ColdFusion community Working for a management team and board of directors including the likes of Sergio Zyman and Larry Blair Designing and implementing a game-changing product in the world of marketing Exploring new integrations of ColdFusion with Java and open-source Java frameworks Having a ton of fun. My initial project will be working with Nicolas to produce a behavior analytics and modelling RIA. It's going to be a challenge, as I'll have to tool the existing Transfer / ColdSpring / Model-Glue applications to record user events while simultaneously providing a high-performance service tier that will feed the (destined to be beautifully designed) RIA that Nicolas will be implementing.   Thu, 24 Jul 2008 14:45:21 GMT http://www.firemoss.com/post.cfm/joe-rinehart-joins-broadchoice-inc http://www.bennadel.com/index.cfm?dax=blog:1297.view This last week marks the sixth month anniversary of my time at Epicenter Consulting. For those of you who don't know, I left my position as CTO at Nylon Technology back in January to partner with Clark Valberg and create Epicenter Consulting . It was not an easy decision to make; I had been at Nylon for close to 5 years and had seen it grow from a 3 developer shop that he ... Read More » Thu, 24 Jul 2008 14:05:03 GMT http://www.bennadel.com/index.cfm?dax=blog:1297.view http://www.firemoss.com/post.cfm/firemoss-goodbye-farewell-amen This is the first of two blog entries about a major change in my professional life. Originally, I was going to make one entry, but I felt Firemoss deserved its own. In November 2006, I left Booz Allen Hamilton with the intent of launching an independent consultancy. It's been successful, I've never regretted the decision, and Firemoss has been one of the most enjoyable ventures of my life. I have, however, decided to move on (more on that later). Firemoss, LLC will continue to exist as a legal entity, but I will no longer be doing freelance work on an active basis. For Firemoss Customers First, thank you. I've worked with great people and teams over the past two years on some amazing projects. However, I'll no longer be available for project work. For Those Seeking ColdFusion / Flex Consulting I'll still be doing a bit of architectural consulting from time to time, but I'm not actively seeking engagements that aren't reviews or short-term high-level architectural engagements. For Model-Glue The new path I'm taking promises to mean good things for Model-Glue. Thu, 24 Jul 2008 13:55:23 GMT http://www.firemoss.com/post.cfm/firemoss-goodbye-farewell-amen http://www.forta.com/blog/index.cfm/2008/7/24/Presenting-A-MAX-MegaLab We'll be debuting a new session format at MAX North America this year, the MegaLab. I'll be presenting one, a getting-started crash-course session on LiveCycle Data Services and BlazeDS entitled "Getting Started with LiveCycle Data Services" on Monday, November 17, 2:00 pm - 3:30 pm. I've posted details on the official MAX blog. This one is expected to sell out pretty quickly, so if you want to take part, sign up now! Thu, 24 Jul 2008 13:55:03 GMT http://www.forta.com/blog/index.cfm/2008/7/24/Presenting-A-MAX-MegaLab http://www.edwardbeckett.com/Blog/index.cfm/2008/7/23/Florida-SEO-187-Dave-Naylor--187-Twitter-Back-Link-Trick If you are wanting to get a nice back link from Twitter, Dave Naylor recently exposed a way to get a do follow link from Twitter - If you're reading this, you might just want to open up another browser tab and do it while you're here ... I don't think this opportunity is going to be around for too long. Here's the deal. The "More Info URL" area in the account settings page for twitter offers a link for whatever web site you have ... But, the link is a NoFollow link which doesn't give you any PageRank ... if your twitter page even has any at all ... Mine does not ... (Florida_SEO). So, if you take a look at the Bio information ... You can insert your URL in there, and get a Do Follow back link ... for now ... That's it. Thu, 24 Jul 2008 04:20:20 GMT http://www.edwardbeckett.com/Blog/index.cfm/2008/7/23/Florida-SEO-187-Dave-Naylor--187-Twitter-Back-Link-Trick http://www.edwardbeckett.com/Blog/index.cfm/2008/7/23/Florida-SEO-187-Dave-Naylor--187-Twitter-Back-Link-Trick If you are wanting to get a nice back link from Twitter, Dave Naylor recently exposed a way to get a do follow link from Twitter - If you're reading this, you might just want to open up another browser tab and do it while you're here ... I don't think this opportunity is going to be around for too long. Here's the deal. The "More Info URL" area in the account settings page for twitter offers a link for whatever web site you have ... But, the link is a NoFollow link which doesn't give you any PageRank ... if your twitter page even has any at all ... Mine does not ... (Florida_SEO). So, if you take a look at the Bio information ... you can insert your URL in there and get a Do Follow back link ... for now ... That's it. Thu, 24 Jul 2008 04:15:25 GMT http://www.edwardbeckett.com/Blog/index.cfm/2008/7/23/Florida-SEO-187-Dave-Naylor--187-Twitter-Back-Link-Trick http://www.bennadel.com/index.cfm?dax=blog:1296.view The latest OOPhoto application can be experienced here . The OOPhoto code for this post can be seen here . So this morning, I took OOPhoto, my latest attempt at learning object oriented programming (OOP) in ColdFusion, and converted it from a CFM-based f ... Read More » Thu, 24 Jul 2008 01:30:14 GMT http://www.bennadel.com/index.cfm?dax=blog:1296.view http://feeds.feedburner.com/~r/TheByteStopsHere/rss/~3/344011370/dealing-with-difficult-people I'm blessed at my current workplace. I wouldn't classify anyone I work with as even close to being diffcult. But this has not always been the case. In a conversation with a friend and fellow CF'er (name withheld), he mentioned how his team has members who are VERY difficult to deal with. I remembered a lot of my training on team dynamics, and thought to put together a lot of what I've learned over the years and what's available on the web regarding this subject in hopes that it may help people. Please don't take any of these items as a comprehensive list. They are general guidelines, and not every one applies to every situation. Some in fact may be wrong advice for your situation. Tread carefully. Remember your goal, and feel free to state it. For example, "Remember, we're both working to make this portion of the product easier for our customers." This draws attention to the goal, and helps to throw attention away from any issues that may exist between you two. In other words, your issues are not the subject, the customer and the product is. Also, it shows you two share something, and that is a commitment to the product and the customer, and you're not as alienated and different from each other as you might feel. Feel free to agree with the other person as well, instead of sending signals saying "NO" and showing your displeasure through verbal or physical cues. If things get heated, you get mired down into semantics, or there is some sort of stalemate, feel free to keep using #1. At the same, not everything must be decided in one meeting, feel free to adjourn and revisit in a few hours. Give people breaks; they might feel threatened, and both time, and re-iterating common goals helps. Use selective language: Don't say "You said", "you thought." Instead use "we" to draw away any blame, and say, "one alternative proposal is" or "it was mentioned" without naming names or calling people out. It makes them feel included, and not targeted at the same time. Some people are sensitive, and a slight change in language goes a long way. I had many difficult professors in school. One professor decided to give me a D in a class, because he felt our group project was not up to par. For some reason, he had issues with me. I didn't want to speculate why. But I made my case via email, that in fact, I had to do most of the preparation and work for the group, and the issues I dealt with, and in comparison with all the other groups, ours was in the top 3 based on what I saw. The professor didn't bite (maybe he was having a bad day when we presented?). I could tell there was something on his side (some idea, pre-conceived notion, or bias?) that was affecting my grade, so I said in my last email: "You know what, why don't we discuss this in person. Are you still keeping your office hours?" Next thing I knew, he emailed me that he would give me a B instead. What happened? I "called" him (in poke Wed, 23 Jul 2008 23:10:32 GMT http://feeds.feedburner.com/~r/TheByteStopsHere/rss/~3/344011370/dealing-with-difficult-people http://coldfusion.sys-con.com/read/605634.htm Red Hat CTO Brian Stevens, Citrix CTO Simon Crosby, Egenera CTO Pete Manca, Allen Stewart, Group Manager, Windows Virtualization at Microsoft, and Brian Duckering, Sr. Director of Products and Alliances at Symantec were the top industry executives who joined Jeremy Geelan in the 4th Floor Reuters Studio overlooking Times Square for a special SYS-CON.TV 'Virtualization Power Panel' recorded on June 22, 2008, the day before the opening of SYS-CON's 3rd International Virtualization Conference & Expo - which was held 23-24 June 2008 in New York City. Wed, 23 Jul 2008 22:45:13 GMT http://coldfusion.sys-con.com/read/605634.htm http://www.mattwoodward.com/blog/index.cfm?event=showEntry&entryId=AC643524-AC37-4FD7-BF9D96C4938379E8 I posted this before but just so everyone's aware, I didn't intentionally blacklist anyone from contacting me via Google Talk. :-) The issue is that when I quit using Gmail I erased all my contacts once I had exported them, and apparently that remove... Wed, 23 Jul 2008 19:35:37 GMT http://www.mattwoodward.com/blog/index.cfm?event=showEntry&entryId=AC643524-AC37-4FD7-BF9D96C4938379E8 http://www.forta.com/blog/index.cfm/2008/7/23/Lyndacom-Releases-New-AIR-For-Flex-Developers-Course Lynda.com has release a new course by David Gassner entitled AIR for Flex Developers. This course looks at how Flex Builder 3 and the Flex 3 framework can be used to build cross-system desktop applications with Adobe AIR, and covers every point of integration with the host operating system, including working with the local file system, creating and maintaining local databases, and managing native windows and menus. Wed, 23 Jul 2008 19:30:03 GMT http://www.forta.com/blog/index.cfm/2008/7/23/Lyndacom-Releases-New-AIR-For-Flex-Developers-Course http://www.forta.com/blog/index.cfm/2008/7/23/Hacker-Webzine-Recommends-Use-Of-CFQUERYPARAM I've been debating posting this for the past few days. But, as it does not really disclose anything more than has been publicly discussed as of late (on this blog and elsewhere), and as it actually makes useful suggestions pertaining to securing ColdFusion (specifically from SQL injection attacks), here goes ... Last week 0x000000 # The Hacker Webzine posted an entry entitled Attacking ColdFusion. The post primarily describes SQL injection attacks, and explains the danger inherent in not using <CFQUERYPARAM>, and also shows the right way to use the tag. It also notes: The cfqueryparam is generally secure because it utilizes a prepared statement, that is always binded as a string, which in term is nearly not exploitable. But, many ColdFusion applications do not use the cfqueryparam mainly because developers do not know about this, and also because this feature came only in to being, with later versions of ColdFusion. I strongly recommend that you read this post, if for no other reason then to reinforce the reality that this risk is publicly known and being exploited, and to remind yourself (and your managers, coworkers, clients, etc.) that you must address this potential vulnerability immediately! The 0x000000 post was also referred to yesterday by ScanSafe STAT Blog in an entry which notes that monitoring in recent days indicates that ColdFusion is now the target of an attack that had been previously targeting SQL Server powered ASP sites. Wed, 23 Jul 2008 18:35:03 GMT http://www.forta.com/blog/index.cfm/2008/7/23/Hacker-Webzine-Recommends-Use-Of-CFQUERYPARAM http://www.remotesynthesis.com/post.cfm/coldfusion-9-what-we-know-so-far Since I got the obligatory pricing rant out of the way (well, ok, it was more complicated than that), I figured it was time to focus on the features we have already heard about regarding ColdFusion 9 (codenamed Centaur). Most of what we know so far was revealed during this year's CFUnited Adobe Keynote, though a couple items were made public during the extremely brief cf.Objective() Adobe Keynote. Let me start by saying that I think everything we have learned leads me to believe that the ColdFusion team is on the right track. Of course a lot rides on the actual implementation of the features, but all signs are pointing in a very positive direction. Also, keep in mind that, as they say, these are only plans and plans can change (as in, while these features are likely there are no guarantees).CFML Advisory BoardThis was briefly introduced at cf.Objective(), though the actual details were released at CFUnited (and Ben Forta wrote about it at length). Though it isn't a "feature" of CF9 per se, it is an important driver of the product's development and a sign that Adobe continues its trend towards more openness and cooperation. Members include Sean Corfield, Ben Forta, Sanjeev Kumar, Gert Franz, Ray Camden and Rob Brooks-Bilson among others. As you may notice, only two of these names directly represent Adobe and one even represents an alternative CFML engine. In my opinion, this shows a level of long-term commitment to the langauge (as opposed to simply the product) that we have not seen previously and I applaud Adobe and the ColdFusion team for it (given that Adobe has the most to potentially lose by such openness, particularly with competitors).Free for Educational UseI don't really have to say more than, "Its about time!" This is another one that isn't exactly a feature but will still play a large part in the future viability of ColdFusion/CFML. We probably won't see the positive effects from this for years but we need to start somewhere bringing new talent to language, and this is the right place to start.ORM via HibernateIt slightly shocked me to hear via Adam's post that this feature wasn't a big hit in early SyncDev meetings (though not totally surprised which relates to why I am hesitant about over-weighting non-coding manager opinions). Personally, I think this is a no-brainer for ColdFusion. Hibernate is the de facto standard for ORM and has become more prevalant over the years, so utilizing it in ColdFusion simply makes sense for a product that bills itself for rapid a Wed, 23 Jul 2008 17:55:10 GMT http://www.remotesynthesis.com/post.cfm/coldfusion-9-what-we-know-so-far http://feeds.feedburner.com/~r/UsefulConcept/~3/343750303/24-HR-Reading-Marathon A friend of mine has created a fun event to promote reading.  It is a read-a-thon! Independent bookstores across the country are invited to have a 24-hour reading marathon this October.  It started last year at a local bookstore and has taken off this year to include many other bookstores across the country.  In fact they are now getting some media attention, which is pretty darn cool. [More] Wed, 23 Jul 2008 17:25:20 GMT http://feeds.feedburner.com/~r/UsefulConcept/~3/343750303/24-HR-Reading-Marathon http://feeds.feedburner.com/~r/UsefulConcept/~3/343640562/Four-Day-Work-Week-Hazaa A few weeks back I blogged on the idea of our company going to a four day work week.  After some discussions and deliberations we have decided to make the move. Starting August 1st we will be focused on a Monday - Thursday schedule with someone monitoring the support email on Fridays. [More] Wed, 23 Jul 2008 15:20:25 GMT http://feeds.feedburner.com/~r/UsefulConcept/~3/343640562/Four-Day-Work-Week-Hazaa http://www.henke.ws/machblog/index.cfm?event=showEntry&entryId=507194DB%2D19B9%2DBA51%2DEE8603D1A1DDABF0 I did a quick search for good examples of the Show Annotations feature in Eclipse but didn't find any so I figured I would post some.  I also checked Eclipse's documentation and found none.  The closest I came was a post by Jim Crumb. Star... Wed, 23 Jul 2008 15:05:20 GMT http://www.henke.ws/machblog/index.cfm?event=showEntry&entryId=507194DB%2D19B9%2DBA51%2DEE8603D1A1DDABF0 http://www.remotesynthesis.com/post.cfm/good-enough-to-touch-apps-for-the-ipod-touch Many times the iPod Touch feels like the secret, illegitimate brother of the iPhone - not the least of which is that we have now been forced to pay a rather high price for two software updates over a short period. For obvious reasons, the iPhone and its new 3G version have garnered most of the attention of the press and, apparently, Apple. The thing is, although the iPhone and iPod Touch look and behave almost identically, they have some significant differences that mean that everything good for the iPhone is not necessarily so for the Touch. For instance, the first major update (which was a pricey $20) included email which, in my opinion, isn't terribly useful on the Touch. Why? Well, the Touch is only connected via WiFi and, generally speaking, when you have WiFi available you generally have a laptop or desktop available to check you email in a quicker and easier manner.My point here isn't to complain about the Touch or the cost of the updates (though I could go on). My goal is actually that the latest update (at a more reasonable but still unnecessary $10) does bring some exciting new features to the Touch, specifically via the App Store. Nonetheless, most apps in the app store focus on the iPhone and are better suited for that product. Thus, I am starting a series of posts that will review Apps Store apps specifically with the iPod Touch in mind. My prmary criteria are as follows:1) Doesn't require an "always on" connection (since the Touch is only WiFi)2) Can be done without audio (with the exception of music stuff) because the Touch has no external speakerThe latter criteria will be weighted to a lesser extent and will be considered differently for music apps but the former is the primary differentiator. I will favor free apps since I don't want to invest a lot of money into this, but I will review any paid apps I may purchase. My first review, which I hope to post tomorrow, will cover the Remote application by Apple. I am also inviting anyone who would like to either guest post or recommend an application to be reviewed to go ahead and do so by contacting me via the comments. Wed, 23 Jul 2008 14:55:11 GMT http://www.remotesynthesis.com/post.cfm/good-enough-to-touch-apps-for-the-ipod-touch http://feeds.feedburner.com/~r/UsefulConcept/~3/343586707/Flex-Camp--upcoming-conference This is a quick reminder/FYI for you Flex folks.  Nick Kwiatkowski is putting on a great Flex Camp in Michigan next week.  The price can't be beat ($40 for 2 days).  If you are anywhere in the area you should make it your goal to attend.  If your not in the area you should try to get a cheap flight since the conference is so inexpensive. The conference is limited to only 150 people so be sure to get a ticket ASAP before they sell out. Wed, 23 Jul 2008 14:15:24 GMT http://feeds.feedburner.com/~r/UsefulConcept/~3/343586707/Flex-Camp--upcoming-conference http://www.anujgakhar.com/2008/07/23/coldfusion-string-is-a-java-string/ ColdFusion strings are Java Strings internally, which means they are an Object of class “java.lang.String” . In this post, I will try and use some of these Java String functions that can be applied directly to a ColdFusion string variable. I understand that most of these have been discussed in bits and pieces all over [...] Wed, 23 Jul 2008 13:35:02 GMT http://www.anujgakhar.com/2008/07/23/coldfusion-string-is-a-java-string/ http://feeds.feedburner.com/~r/UsefulConcept/~3/343538264/Flex-Camp This is a quick reminder/FYI for you Flex folks.  Nick Kwiatkowski is putting on a great Flex Camp in Michigan next week.  The price can't be beat ($40 for 2 days).  If you are anywhere in the area you should make it your goal to attend.  If your not in the area you should try to get a cheap flight since the conference is so inexpensive. The conference is limited to only 150 people so be sure to get a ticket ASAP before they sell out. [More] Wed, 23 Jul 2008 13:15:26 GMT http://feeds.feedburner.com/~r/UsefulConcept/~3/343538264/Flex-Camp http://www.akbarsait.com/blog/index.cfm/2008/7/23/Chennai-CFUG-July-Meeting-CF-Software-Architecture-for-Web-20 Chennai ColdFusion User Group Next Meeting is on July 25, 2008 and will discuss about CF Software Architecture for Web 2.0. In this session Simon Free will discuss how best to architect your CF code so that it can be easily extended to be used with the default CF8 AJAX features, as well as Flex and Lifecycle. Simon will take a simple application and see what steps you must take to extend it to work in these technologies. This will be an online meeting and you can find more information about meeting at CFUG India. Wed, 23 Jul 2008 09:30:00 GMT http://www.akbarsait.com/blog/index.cfm/2008/7/23/Chennai-CFUG-July-Meeting-CF-Software-Architecture-for-Web-20 http://www.edwardbeckett.com/Blog/index.cfm/2008/7/22/Florida-SEO-187-CFC-Problem-187-Solved In my last post, I was ranting about a frustrating situation with CFC's on shared hosting over at HostMySite. Several months ago, I installed a rather cool CFC that only had a life span of three days - it worked fine - then all of a sudden - it stopped working. A few weeks ago the same scenario took place - I installed a component on another one of my CF sites, SEO Master List - It ran fine for three weeks and the all of a sudden - it stopped working. After many hours of confusion with the guys over at HostMySite, it turns out that occasionally during server resets the security permissions are changed. I really don't know whether there's someone to blame for it, but at least I know the why of it if not the how. So, if you have a CF site on shared hosting over at HMS and find your CFC's stop working and your pretty certain that they should be, make sure to take a look at the security settings - That's it. Wed, 23 Jul 2008 03:40:16 GMT http://www.edwardbeckett.com/Blog/index.cfm/2008/7/22/Florida-SEO-187-CFC-Problem-187-Solved http://blog.simb.net/2008/07/22/mike-thrasher-presents-a-harry-and-the-potters-no-show/ Last night my wife and I got a sitter for 5 hours so that we could head to north portland and see the Harry and the Potters show at the Wonder Ballroom. If you didn’t know it, my wife is a HUGE Harry Potter fan and going to the Harry and the Potters concert [...] Tue, 22 Jul 2008 21:45:33 GMT http://blog.simb.net/2008/07/22/mike-thrasher-presents-a-harry-and-the-potters-no-show/ http://www.coldfusionmuse.com/index.cfm/2008/7/22/email-is-taunting-me I just received the following message in my inbox with the subject of "Message Removed": A message has been removed from this mailbox by an entity other than this program, probably by a virus scanner. This message is a replacement for the missing message. Now maybe I've been getting these all along and this is just the first time one of them made it through my filters - but come on... what kind of a replacement is this? In the words of Captain Jack Sparrow, "Well that's just maddeningly unhelpful". It boggles my mind that some programmer somewhere actually dreamed up this message. "Uh... We had a message here. We are not sure what it was. We aren't sure what happened to it either (although it was obviously not our fault). We only know it's missing - and rather than leave it out of your already crowded inbox, we just thought we would give you this friendly note as a replacement. There's nothing really you can do about it, but perhaps you can sit there wondering for 90 seconds or so..." It's kind of like the dozens of times I've asked for a girl's number and received it, but when I called it later it was disconnected - or worse, it was the lady who gives out the time or maybe the Chinese take-away. Have you ever tried to get a date from the guy who answers the phone at the Chinese take-away? It's humiliating. Tue, 22 Jul 2008 19:50:13 GMT http://www.coldfusionmuse.com/index.cfm/2008/7/22/email-is-taunting-me http://cfsilence.com/blog/client/index.cfm/2008/7/22/How-Many-Domain-Names-Are-You-Holding-Hostage I realize this is kinda pointless, but I logged into my GoDaddy account today for something and took a look at my domain names whilst I was in there. Of the 9 domains I own, I'm only actively using 4 of them. The others were either snagged up for a bright idea that I had at one point, dead sites or domains that I fully intend to use at some point. How many do you own that you're doing nothing with, and why? Tue, 22 Jul 2008 18:35:35 GMT http://cfsilence.com/blog/client/index.cfm/2008/7/22/How-Many-Domain-Names-Are-You-Holding-Hostage http://www.remotesynthesis.com/post.cfm/coldfusion-open-source-update-july-22-2008 Five new projects and three updates this week plus no less than nine Transfer related posts...eesh. Sorry this post is a little late but I was sick once again. I wish I could say that it was due to a weekend of heavy partying but alas I haven't partied that hard in many, many years. This week was a busy week, with some very interesting new projects. In particular, Razuna is another in a growing number of POSS projects in ColdFusion and sounds interesting. New Releases and Updates New Project: cfUniForm cfUniForm New Release - v2.1 Matt Quackenbush updated his forms custom tag library. cfUniForm Now on RIAForge Matt Quackenbush has posted his Uni-Form markup forms library to RIAForge. New Project: CFXL Modify Excel Spreadsheets! CFXL Released to RIAForge ColdFusion product manager, Jason Delmore, released this project that lets you programatically modify Excel spreadsheets on-the-fly and stream the changes to the browser. New Project: Razuna Razuna 1.0 released SixSigns has released version 1.0 of their digital asset management system which was once a commercial product. The system also includes an integrated CMS. New Project: Shade Initial Release Ryan Wood has released what he describes as a "state machine (or workflow) engine for ColdFusion business objects." New Project: Vimeo ColdFusion wrapper Vimeo ColdFusion wrapper Raymond Camden has wrapped the Vimeo API. ColdBox ColdBox 2.6.0 Final Release is now available. Luis Majano posts that version 2.6.0 is final and available. A full list of new features is available in the What's New Guide. ColdFire newschuyl: ColdFire Update for FF 3.0.1 Nathan Mische posts an update for compatibility with all FireFox 3.0.* versions. PDFUtils, ColdFire, BlogCFC Software Updates (before I go - go) Raymond Camden updated several of his projects including XMP support in pdfUtils and checked an update of Blog Tue, 22 Jul 2008 17:45:05 GMT http://www.remotesynthesis.com/post.cfm/coldfusion-open-source-update-july-22-2008 http://feeds.feedburner.com/~r/UsefulConcept/~3/342737326/Prius-Left-Running-All-Night--Result So I am sure many of my blog readers are wondering: Just what would happen if I left my Prius running all night?  Would it kill my battery?  Would my cart just auto shut off at some point?  Would it explode?  Would it make annoying noises and embarrass me in front of my neighbors? [More] Tue, 22 Jul 2008 17:25:20 GMT http://feeds.feedburner.com/~r/UsefulConcept/~3/342737326/Prius-Left-Running-All-Night--Result http://blog.simb.net/2008/07/22/vulnerability-fixed-security-issues-remain/ I completely missed any news of this vulnerability in OpenSSH. But I was scanning along today and saw a reference to this description of the issue. It appears that a vulnerability was entered into the OpenSSH code inside the debian distribution. Now I don’t directly use any debian based linux distros, but that [...] Tue, 22 Jul 2008 15:05:28 GMT http://blog.simb.net/2008/07/22/vulnerability-fixed-security-issues-remain/ http://www.forta.com/blog/index.cfm/2008/7/22/For-Goodness-Sake-Use-CFQUERYPARAM-Already The use of <CFQUERYPARAM> as a means to enhance the security of ColdFusion applciations (and also deliver a side benefit of improved performance) has long been advocated. But, judging by the number of sites that have been compromised by a recent spate of SQL injection attacks (that may in fact be targeting .cfm pages specifically), many have yet to apply this simple and effective enhancement. I've discussed this subject repeatedly over the years. But, it's critical enough that I want to highlight a post I made 2 1/2 years ago entitled SQL Injection Attacks, Easy To Prevent, But Apparently Still Ignored. Tue, 22 Jul 2008 13:55:04 GMT http://www.forta.com/blog/index.cfm/2008/7/22/For-Goodness-Sake-Use-CFQUERYPARAM-Already http://www.anujgakhar.com/2008/07/22/forcing-svn-comments-with-tortoisesvn/ One of my earlier posts about forcing SVN comments talks about doing a pre-commit hook on SVN before every commit is made. The problem with that is, it needs to be done on the SVN server and not always you’ve got access to that. But as a developer you can force yourself to always comment [...] Tue, 22 Jul 2008 13:45:02 GMT http://www.anujgakhar.com/2008/07/22/forcing-svn-comments-with-tortoisesvn/ http://www.mattwoodward.com/blog/index.cfm?event=showEntry&entryId=00099F15-9A56-4BB8-AC81F9787F2EA79D The way I learn things best is to jump in and do it, so that's what I decided to do with my switch from ColdFusion 8 to Open BlueDragon running on Tomcat 6. It was incredibly easy to set up and after I tweaked the JVM memory allocation, it's running ... Tue, 22 Jul 2008 11:25:34 GMT http://www.mattwoodward.com/blog/index.cfm?event=showEntry&entryId=00099F15-9A56-4BB8-AC81F9787F2EA79D http://www.coldfusionmuse.com/index.cfm/2008/7/21/query-string-with-cfqueryparam If you have been following the muse the last few days you will know that I've had my shoulder to the wheel helping customers and fellow developers sort through making changes to their site to protect against a particularly malicious SQL Injection attack (read about the details here). Some of the folks who have contacted me are dealing with extra problems because their code uses string concatenation to build dynamic SQL strings. So the question has been asked a few times, "How do I go about building an SQL string with CFQUERYPARAMs in it?" Unfortunately, if you have chosen this approach it's going to be difficult to help you without seriously refactoring your code. Here's a few tips that can help, and one approach that might get you most of the way there. [More] Tue, 22 Jul 2008 03:35:16 GMT http://www.coldfusionmuse.com/index.cfm/2008/7/21/query-string-with-cfqueryparam http://www.bennadel.com/index.cfm?dax=blog:1295.view The latest OOPhoto application can be experienced here . The OOPhoto code for this post can be seen here . As a next step in my OOPhoto application, Peter Bell and I thought it would be a good next step ... Read More » Tue, 22 Jul 2008 01:55:04 GMT http://www.bennadel.com/index.cfm?dax=blog:1295.view http://feeds.feedburner.com/~r/TheByteStopsHere/rss/~3/341863337/classic-development-project-mistakes A co-worker sent me this, and it is worth reading. I remember seeing "Classic Mistakes Enumerated" before, but reading it again really helps you keep perspective. Read more @ http://www.stevemcconnell.com/rdenum.htm.   Mon, 21 Jul 2008 20:25:33 GMT http://feeds.feedburner.com/~r/TheByteStopsHere/rss/~3/341863337/classic-development-project-mistakes http://feeds.feedburner.com/~r/TheByteStopsHere/rss/~3/341845481/forget-google-use-scroogle The Web has been a buzz lately regarding Google Privacy Policies (or lack there of). People have been recommending Scroogle. I looked at it, and found that it features the following advantages: No Ads! Anonymous Searching (logs are deleted weekly) SSL Encryption Browser Search Plugins It works, its fast, and its clean. No reason to use Google now. Read more @ http://en.wikipedia.org/wiki/Scroogle. Add Scroogle to your list of Browser Search Engines @ http://mycroft.mozdev.org/search-engines.html?name=scroogle. Mon, 21 Jul 2008 20:05:29 GMT http://feeds.feedburner.com/~r/TheByteStopsHere/rss/~3/341845481/forget-google-use-scroogle http://feeds.feedburner.com/~r/TheByteStopsHere/rss/~3/341816542/how-adobe-scales-connectnow An eWeek article outlines how Adobe uses Terracotta's in-memory data solution to help scale ConnectNow. Its a very interesting read. Find out more @ http://www.eweek.com/index2.php?option=content&task=view&id=48894&pop=1&hide_ads=1&page=0&hide_js=1. Mon, 21 Jul 2008 19:25:35 GMT http://feeds.feedburner.com/~r/TheByteStopsHere/rss/~3/341816542/how-adobe-scales-connectnow http://feeds.feedburner.com/~r/jeremiahx/~3/341766752/ So this may come off as a rant but it really isn’t. Yes it was inspired by 2 frustrating sign-up processes in a row and most rants start off that way but I promise it will have an educational twinge to it. So last night I was signing up for something and I filled out their [...] Mon, 21 Jul 2008 18:20:18 GMT http://feeds.feedburner.com/~r/jeremiahx/~3/341766752/ http://www.henke.ws/machblog/index.cfm?event=showEntry&entryId=46C1B220%2D19B9%2DBA51%2DEE425872EBD8629A Next NECFUG meeting: July 22nd - Axel Jensen will be talking about the development process. More details to come. ---- Should be interesting.  Axel is very passionate about Flex and ColdFusion.  I heard the initial outline ... Mon, 21 Jul 2008 17:55:32 GMT http://www.henke.ws/machblog/index.cfm?event=showEntry&entryId=46C1B220%2D19B9%2DBA51%2DEE425872EBD8629A http://www.mattwoodward.com/blog/index.cfm?event=showEntry&entryId=60A6ACEB-87F9-4FE2-8FB270F0CEF494EA A friend of mine declared (sarcastically) this "Windows Appreciation Day" so I thought I'd share my latest "oh how I love Windows" thought. I love when I'm remoted into a Windows server and I get the "Updating your computer ... Mon, 21 Jul 2008 16:40:36 GMT http://www.mattwoodward.com/blog/index.cfm?event=showEntry&entryId=60A6ACEB-87F9-4FE2-8FB270F0CEF494EA http://www.coldfusionmuse.com/index.cfm/2008/7/21/SQL-injection-using-order-by So... you have diligently added CFQUERYPARAM to every input variable. Your database is secure and safe from SQL Injection - right? Well... maybe not. Did you remember to account for the ORDER BY Clause? Let me explain. [More] Mon, 21 Jul 2008 15:55:14 GMT http://www.coldfusionmuse.com/index.cfm/2008/7/21/SQL-injection-using-order-by http://www.forta.com/blog/index.cfm/2008/7/21/LCDS-26-Released LiveCycle Data Services 2.6 (aka LiveCycle Data Services ES Update 1 has been released. Release notes have also been posted. Mon, 21 Jul 2008 15:15:09 GMT http://www.forta.com/blog/index.cfm/2008/7/21/LCDS-26-Released http://www.bennadel.com/index.cfm?dax=blog:1294.view I just got off the phone with Chase Bank . I haven't called them in a long time because overall my service has been really good. I don't know when they updated their telephone service, but this was so ridiculous that I needed say something. First of all, they want you so SAY all of your commands. I don't know if the number of people in this world who own rotary phones or who don't have fingers just sky-rocketed, but I can't imagine that ... Read More » Mon, 21 Jul 2008 15:10:09 GMT http://www.bennadel.com/index.cfm?dax=blog:1294.view http://www.mattwoodward.com/blog/index.cfm?event=showEntry&entryId=AAD14D83-85B0-43CC-9396D2D5884F9A78 Don't worry, I'm not going to announce every single time I move a site to OpenBD, but in this case I ran into a couple of interesting issues when I moved the ColdFusion Weekly site over to OpenBD from ColdFusion 8 that I thought I'd share. The first... Mon, 21 Jul 2008 14:55:33 GMT http://www.mattwoodward.com/blog/index.cfm?event=showEntry&entryId=AAD14D83-85B0-43CC-9396D2D5884F9A78 http://www.bennadel.com/index.cfm?dax=blog:1293.view The latest OOPhoto application can be experienced here . The OOPhoto code for this post can be seen here . Last week, I quickly coded the procedural version of OOPhoto , my ... Read More » Mon, 21 Jul 2008 13:35:03 GMT http://www.bennadel.com/index.cfm?dax=blog:1293.view http://www.forta.com/blog/index.cfm/2008/7/21/Speaking-At-FlexCamp-In-Lansing I just confirmed that I'll be speaking at the upcoming FlexCamp on the Michigan State University campus in East Lansing on July 30th. I plan to present an opening session on Flex, AIR, Data Services, and more. For more details and registration information, see the FlexCamp site. Mon, 21 Jul 2008 13:15:03 GMT http://www.forta.com/blog/index.cfm/2008/7/21/Speaking-At-FlexCamp-In-Lansing http://www.coldfusionjedi.com/index.cfm/2008/7/20/Goodbye-for-a-while-and-some-quick-media-reviews So I've been more than a little quiet this week and I apologize for that. I'm currently sitting at SFO waiting for my 12:30 AM flight back home. Tuesday my family and I are heading out for my first real vacation in close to two years. I'll be back on the 29th but I doubt I'll have any entries between then and now. I've got Ben covering RIAForge while I'm gone. Please understand if it takes me a bit longer (like, oh, 7 days) to respond to email. This weekend has been more than a little exhaustive. We had 3 days of developer and business meetings at Broadchoice, and while I'm tired as heck, I can't describe the level of enthusiasm I have for my new company. It is wonderful to work in a place and feel like your the dumbest one there. So a few quick off topic notes. I just saw the new Batman flick and - I'm happy to say - the hype is not only warranted, it probably doesn't really do the film justice. Heath Ledger's Joker is the Joker. Sorry Jack. Christian Bale pulls off Batman even better, and all the supporting roles are - shoot - it's not even fair to call them supporting. Two Face is also very well done. Based on a recommendation from Sean, I tried Shazam for the iPhone. The idea behind Shazam is that it can listen to and identify music. It failed my first two tests (Claire De Lune and some Mexican rap), but then had no problem with Fluke. But here is the kicker. I'm in the hotel lobby with a friend and he asks what the name of the band was for the music playing in the background. I whip out the iPhone, run Shazam, and, well, it took tries, but it got it. What's even cooler is that it will log the match so you can pick it up later. (You get links to iTunes of course.) If you're one of those people who hate it when you hear a song and can't name it - pick this app up. (Oh, and it's free.) Mon, 21 Jul 2008 04:55:22 GMT http://www.coldfusionjedi.com/index.cfm/2008/7/20/Goodbye-for-a-while-and-some-quick-media-reviews http://www.mattwoodward.com/blog/index.cfm?event=showEntry&entryId=B9082A0E-830F-4639-B8290CE6DEE9933C A friend of mine sent me a link to an EXTREMELY interesting PDF that explains Microsoft's rather dishonest and stomach-turning approach to evangelism. (Make sure and read the PDF that's linked in the post!) Enlightening reading, and gives you the pe... Mon, 21 Jul 2008 01:00:24 GMT http://www.mattwoodward.com/blog/index.cfm?event=showEntry&entryId=B9082A0E-830F-4639-B8290CE6DEE9933C http://www.boyzoid.com/blog/index.cfm/2008/7/20/Farewell-Yankee-Stadium-I-shall-miss-thee Yesterday, I attended what will be my last game at Yankee Stadium.  For those who do not know, after this season, they will be tearing down 'The House that Ruth Built' and next season they will be playing in a new stadum right next door. First, let me say that this is kind of bittersweet for me.  As a kid, we would go to Yankee games several times a year and I have fond memories of beign there with my entire family.  But, if we are being honest, Yankee Stadium is a dump.  It outgrew its usefulness long before I even knew it existed.  I have been to baseball games at Coors Field in Denver and Camden Yards in Baltimore adn those stadiums are simply amazing. That being said, the new stadium looks like it will be absolutely astounding. As I said this was the last game I will see at Yankee Stadium, but it was also the first time my kids have seen the Yankees play a home game.  They seemed to enjoy the experience, but, what made it best was that at one point during the game, the kids were shown on the 'Jumbo-tron' at the stadium as part of what they call 'fan-cam'.  Unfortunately, I was unable to get a picture of them on the screen. All in all, it was a great day (the Yankees wound up winning in extra innings).  I got to take my kids to a place from which I have such wonderful memories and they seemed to enjoy it as much as I remember enjoying it. Here are some pictures I snapped before and during the game. These are the kids, pretty good looking if I do say so myself. Here is a picture of Joba Chamberlain throwing a 101 MPH fastball. If you look closely at the umpire, you can se the ball. Here is a picture of Brett Gardner about to get caught in a rundown.  He was trying to steal second, put the pitcher threw the ball to first base.  You can see the ball on its way. Sun, 20 Jul 2008 23:20:34 GMT http://www.boyzoid.com/blog/index.cfm/2008/7/20/Farewell-Yankee-Stadium-I-shall-miss-thee http://www.forta.com/blog/index.cfm/2008/7/20/Goodbye-Glenda-Vigoreaux-Youll-Be-Missed Glenda Vigoreaux has been part of the ColdFusion family for many years. She spoke at usergroups, was a highly regarded and requested trainer (and was the highest rated speaker at MAX one year), and was liked by all who knew her. She loved teaching, and considered motivating others her true passion. While I did not know Glenda well, our paths crossed regularly. She assisted in a hands-on session I presented at MAX and then presented that same session a year later, she attended numerous of my presentations, and we once ended up sharing a taxi to Chicago's O'Hare and suffered traffic delays and flight cancellations together, an opportunity she used to share some of her very colorful early life in Puerto Rico. Glenda was a fixture in the community, a face you expected to see and were glad when you did. But alas, no more. Glenda was found dead in her home in Glendale, AZ, last week, apparently the victim of a self-inflicted gunshot wound. She'll be missed. [Via Charlie Arehart, who has posted details on his blog]. Sun, 20 Jul 2008 17:55:03 GMT http://www.forta.com/blog/index.cfm/2008/7/20/Goodbye-Glenda-Vigoreaux-Youll-Be-Missed http://www.mattwoodward.com/blog/index.cfm?event=showEntry&entryId=B66CFC54-37ED-4839-8F382D94D3C6E9DA We previewed the new Open BlueDragon logo at CFUnited, and now you can see it--as well as a great new site design--over at openbluedragon.org. Kudos to Nitai and the folks at SixSigns for the great logo and new site design! Sun, 20 Jul 2008 13:55:20 GMT http://www.mattwoodward.com/blog/index.cfm?event=showEntry&entryId=B66CFC54-37ED-4839-8F382D94D3C6E9DA