Skip to content

Instantly share code, notes, and snippets.

learncfinaweek

Block or report user

Report or block learncfinaweek

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View gist:4121432

In this hands on we will change our locale and update the date and time outputs to change the display based on our locale.

Functions Used: LsdateFormat, LstimeFormat, setLocale

  1. To be able to change the date and time formats based on our locale, you need to update the functions used for date and time output. Open up the /www/blogpost.cfm file in your code editor.
View gist:4121425

What is Globalization?

The process of making an application ready for global usage is globalization, or G11N (for the 11 letters between the "g" and the "n" in globalization). Globalization consists of two steps: internationalization, or I18N (for the 18 letters between the "i" and "n" in internationalization), and localization or L10N (for the 10 letters between "l" and "n" in localization—if you're sensing a pattern here, yes there is, people working in this field are particularly fond of numeronyms). The atomic units for globalization are locales. Locales are the most important piece of G11N.

Locales

Locales are languages and calendars; date, number, and currency formatting; spelling; writing system direction; etc., that are specific to a geographic region. For instance, the English (color) and date formats (month/day/year) used in Brooklyn are not exactly the same as the English (colour) and date formats (day/month/year) used in Perth.

@learncfinaweek
learncfinaweek / gist:4121420
Created Nov 20, 2012
Error Handling and Debugging - Hands On 31
View gist:4121420

In this hands on, you are going to add an Error Handling solution to the web site.

Tags Used: <cfdump>

Functions Used: include, mail

@learncfinaweek
learncfinaweek / gist:4121415
Created Nov 20, 2012
Error Handling and Debugging - Hands On 30
View gist:4121415

In this hands on, you are going to create an error and view the error information in the log files.

Tags Used: <cfoutout>

  1. To view the error information, we must first throw an error. Create a new file in the /www/ folder called throwError.cfm.
@learncfinaweek
learncfinaweek / gist:4121411
Created Nov 20, 2012
Error Handling and Debugging - Debugging
View gist:4121411

Fixing problems within your code can sometimes be very difficult. If the problem you are experiencing is an error, then the chances are it is pretty easy to fix as you already know the file and line number of the issue. If the issue you are trying to fix is that a piece of functionality is not acting as you expected, then the problem is a bit harder to resolve. There is no sure way to find these problems and fix them, but there are a few debugging methods that can often help you find the problem area.

Request Debugging Output

When trying to debug a problem within your application, it can sometimes be a very easy task or sometimes it can be a very arduous task. When an error is thrown, you often know the file and line number of the problem and you can fix it very easily. Sometimes the problem is that the application is not doing what you expected it to do and often this is a much harder problem to resolve. During these situations, the more information you have, the better. Th

@learncfinaweek
learncfinaweek / gist:4121405
Created Nov 20, 2012
Error Handling and Debugging - Error Handling
View gist:4121405

While the best efforts are made to stop errors from happening, they do happen. Sometimes the errors might be due to some bad code; other times it may be due to external resources that are out of one's control. During the development process, these errors hold valuable information that allows us to improve and fix our code, but in production environments, these errors hold information that can make our servers vulnerable to attack. It is important that as a developer you anticipate errors and gracefully handle them. Thankfully, ColdFusion offers a number of ways to trap those errors and even allow developers to react to those errors and call alternative functionality.

Understanding Errors

Error Types

@learncfinaweek
learncfinaweek / gist:4121404
Created Nov 20, 2012
Error Handling and Debugging - Error Handling
View gist:4121404

While the best efforts are made to stop errors from happening, they do happen. Sometimes the errors might be due to some bad code; other times it may be due to external resources that are out of one's control. During the development process, these errors hold valuable information that allows us to improve and fix our code, but in production environments, these errors hold information that can make our servers vulnerable to attack. It is important that as a developer you anticipate errors and gracefully handle them. Thankfully, ColdFusion offers a number of ways to trap those errors and even allow developers to react to those errors and call alternative functionality.

Understanding Errors

Error Types

@learncfinaweek
learncfinaweek / gist:4121399
Created Nov 20, 2012
Security - Hands On 29
View gist:4121399
@learncfinaweek
learncfinaweek / gist:4121394
Created Nov 20, 2012
Security - Hands On 28
View gist:4121394

In this hands on, we are going to add security to the blog comments. As this section allows users to supply data that will be stored in a database and will also be output to other users, this is a weakest point of the application.

Tags Used: <cfif>, <cfset>, <cfthrow>

Functions Used: isSimpleValue, canonicalize,

@learncfinaweek
learncfinaweek / gist:4121392
Created Nov 20, 2012
Security - ColdFusion Configuration
View gist:4121392

The previous sections focused on secure ColdFusion coding practices, but if the installation of ColdFusion is configured insecurely, all of that work is for nothing. Securing the ColdFusion Application Server requires making the OS, web server, and the ColdFusion configuration secure. For ColdFusion 9, Adobe published the Adobe ColdFusion 9 Server Lockdown Guide which covered how to properly configure ColdFusion 9 on Windows or Linux. It covered various OS settings, connecting ColdFusion to IIS or Apache, and settings within the ColdFusion Administrator.

Secure Profile

ColdFusion 10 introduced the Secure Profile that can be enabled during installation. It simplifies securing ColdFusion by applying more secure defaults to the configuration instead of having to apply them manually. Some of the settings changes are:

You can’t perform that action at this time.