This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!--- 20230505 Inspired by on https://github.com/JayIsPainting/CFML_HIBP but returns a numeric value (for use with APIs) | |
GIST: https://gist.github.com/JamoCA/328157ed2caf3c2887ef5cfc1e9d46e3 | |
---> | |
<cffunction name="getPasswordBreachCount" returntype="numeric" output="no" access="public" hint="Checks supplied password against HaveIBeenPwnd Passwortd APIv2 and returns number of breachs."> | |
<cfargument name="pwd" type="string" required="true"> | |
<cfset local.passwordHash = hash(arguments.pwd, "SHA")> | |
<cfset local.prefix = left(hash(arguments.pwd, "SHA"), 5)> | |
<cfset local.passMatch = right(local.passwordHash, len(local.passwordHash)-5)> | |
<cfhttp url="https://api.pwnedpasswords.com/range/#local.prefix#" method="get" useragent="CFML_PwnChk" result="local.cfhttp" getasbinary="never"></cfhttp> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!--- 20230428 https://stackoverflow.com/questions/76120058/removing-unicode-invalid-characters-from-string | |
Try this at TryCF.com | |
---> | |
<cfoutput> | |
<cfset k = "E�l�e�c�t�r�o�n�i�c"> | |
<div><b>original:</b> #k#</div> | |
<cfset k2 = rereplace(k, "[^\x20-\x7E]", "", "ALL")> | |
<div><b>rereplace:</b> #k2#</div> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cfscript> | |
/* 2023-03-21 by James Moberg (SunStar Media) | |
Sanitize email and generate a unique integer hash using java hashCode & ColdFusion/CFML. | |
GIST: https://gist.github.com/JamoCA/b02a8e86f8f082b28ecb494d910e092d | |
BLOG: https://dev.to/gamesover/generate-sanitized-email-hash-as-integer-4n3e | |
TWEET: https://twitter.com/gamesover/status/1638213875853307904 | |
*/ | |
public numeric function generateEmailHashCode(required string email) hint="I sanitize email and generate a unique integer hash using java hashCode" { | |
local.d = javacast("string", listlast(trim(arguments.email), "@")); | |
local.u = javacast("string", trim(listfirst(trim(arguments.email), "@"))); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<rewrite> | |
<rule name="Block CFClient exploit" stopProcessing="true" enabled="true"> | |
<match url=".*" /> | |
<conditions logicalGrouping="MatchAll" trackAllCaptures="false"> | |
<add input="{QUERY_STRING}" pattern=".?" /> | |
<add input="{UrlDecode:{QUERY_STRING}}" pattern="_cfclient" /> | |
</conditions> | |
<action type="CustomResponse" statusCode="403" statusReason="A potentially dangerous QueryString value was detected from the client." statusDescription="The URL contains potentially unsafe characters." /> | |
<!-- ... or use statusCode="404" for "File not found" --> | |
<!-- <action type="Rewrite" url="/doesnotexist.htm" /> ... to be processed by missing 404 file handler --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Amazon Web Services Signature 4 Utility for ColdFusion | |
* Version Date: 2016-04-12 (Alpha) | |
* | |
* Copyright 2016 Leigh (blog: cfsearching.blogspot.com; Twitter: @cfSearching; Github: @Leigh-) | |
* Original: https://gist.github.com/Leigh-/a2798584b79fd9072605a4cc7ff60df4 | |
* | |
* Requirements: Adobe ColdFusion 10+ | |
* AWS Signature 4 specifications: http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html | |
* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cfscript> | |
/* 2023-02-27 queryReturnRow() by SunStar Media https://www.sunstarmedia.com/ | |
Requires CF2016+ or Lucee | |
Inspired by https://cflib.org/udf/queryGetRow & https://docs.lucee.org/reference/functions/queryrowdata.html | |
GIST: https://gist.github.com/JamoCA/f18c868fcb2d8f23b797f9c7b2ee93e9 | |
TWEET: https://twitter.com/gamesover/status/1630291299097260032 | |
- Renamed function to something unique because queryGetRow() is a BIF (as of CF11) | |
- Updated to retain column order by default (using an ordered struct) | |
- Option to set key case (original/lower/upper) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cfscript> | |
// 2023-02-09 Add Stripe Processing Fee to Charge (ColdFusion / CFML) | |
// https://support.stripe.com/questions/passing-the-stripe-fee-on-to-customers | |
// The amounts are calculated based on the US Stripe fee of 2.9% + $0.30 per transaction | |
numeric function addProcessingFeeToAmount(required numeric amount, numeric fixedFee=0.30, numeric percentageFee=0.029) hint="I add a processing fee to a charge amount" { | |
return javacast("double", numberformat((arguments. Amount + arguments.fixedFee)/(1 - arguments.percentageFee), '0.00')); | |
} | |
newCharge = addProcessingFeeToAmount(1000); // 1030.18 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cfscript> | |
// borrowed from https://gist.github.com/aviflax/725761/5887c83a695cd0d7a9be70c9c41c08e59c6611a6 | |
// 2023-01-24 Rewritten in cfscript; Updated to use isxml/isxmldoc; Works w/CF10+, but not Lucee CFML. | |
// Tweet: https://twitter.com/gamesover/status/1617969485855752192 | |
string function prettyXml(required any xml) hint="I convert valid XML (string or object) to a pretty-print XML string" { | |
if (isxml(arguments.xml)){ | |
local.xmlstring = createobject("java", "java.io.StringReader").init(javacast("string", arguments.xml)); | |
local.document = createobject("java", "org.jdom.input.SAXBuilder").init().build(local.xmlstring); | |
} else if (isxmldoc(arguments.xml)){ | |
local.document = createobject("java", "org.jdom.input.DOMBuilder").init().build(arguments.xml); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
component | |
output = false | |
hint = "I instrument a given ColdFusion component." | |
{ | |
/* | |
2023-01-18 ColdFusion 2016 compatible version of Ben Nadel's Instrumenter.CFC | |
https://www.bennadel.com/blog/4390-dynamically-instrumenting-coldfusion-component-methods-with-gettickcount-to-locate-performance-bottlenecks.htm | |
https://gist.github.com/bennadel/2dac819075dfce0d9b993f8ea343707c#file-instrumenter-cfc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cfscript> | |
/* 2023-01-16 https://twitter.com/PR0GRAMMERHUM0R/status/1615061348928339968 https://www.reddit.com/r/programmerhumor/comments/10dh6x1 | |
/* It's real code: https://github.com/MinBZK/woo-besluit-broncode-digid-app/blob/ad2737c4a039d5ca76633b81e9d4f3f9370549e4/Source/DigiD.iOS/Services/NFCService.cs#L182 * | |
/* Updated to accept either decimal or integer values. Try it at https://www.trycf.com/ */ | |
string function progressBar(required numeric percentage=0, fill="&##9608;", empty="&##9618;"){ | |
if (arguments.percentage lt 0 || arguments.percentage gt 100){ | |
local.p = 0; | |
} else if ( arguments.percentage gt 1 && arguments.percentage lt 100){ | |
local.p = int(arguments.percentage / 10); | |
} else { |