This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cffunction name="getRemoteAddress" output="false" access="public" returntype="string" hint="Identify the remote user IP address"> | |
<cfset var pc = getHTTPRequestData().headers /> | |
<cfset var arrIP = "" /> | |
<cfif structKeyExists(pc, "X-Forwarded-For") AND len(pc["X-Forwarded-For"])> | |
<!--- the x-forwarded-for header sometimes includes values that are too long like "172.27.156.64, 67.98.222.16". The regexp picks out just the matches. http://support.f5.com/kb/en-us/solutions/public/12000/200/sol12264.html ---> | |
<cfset arrIP = reMatch('\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b', pc["X-Forwarded-For"]) /> | |
<cfif arrayLen(arrIP)> | |
<cfreturn arrIP[1] /> | |
<cfelse> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
component accessors=true { | |
property name="userService"; | |
property name="user_id" default="0"; | |
property name="first_name" default=""; | |
property name="last_name" default=""; | |
property name="email" default=""; | |
function init() { | |
return this; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet | |
# based on the RSnake original http://ha.ckers.org/xss.html | |
# Retrieved on 2013-11-20 | |
# Much of this wildly obsolete | |
# | |
# XSS Locator 2 | |
'';!--"<XSS>=&{()} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<cfscript> | |
struct function hashPasswordPBKDF2 (required string password, numeric iterations = 10000, numeric saltByteLength = 8) { | |
if (iterations < 100000) { | |
throw(message="Iterations must be greater than or equal to 100000"); | |
} | |
if (saltbytelength < 8) { | |
throw(message="SaltByteLength must be greater than or equal to 8"); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var params = { | |
fieldName = { value = stringVariable, cfsqltype = "CF_SQL_VARCHAR" }, | |
otherFieldName = { value = otherVariable, cfsqltype = "CF_SQL_VARCHAR" } | |
}; | |
var sql = "INSERT INTO theTable( | |
fieldName, | |
otherFieldName) VALUES ( | |
:fieldName, | |
:otherFieldName)" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* @hint Removes whitespace from HTML code | |
Originally authored by Jordan Clark (JordanClark@telus.net) | |
*/ | |
public string function compressHtml( | |
required string html, | |
numeric level = 2 | |
){ | |
local.response = this.trim(arguments.html); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
"Severity","ThreadID","Date","Time","Application","Message" | |
"Information","XNIO-2 task-11","04/30/17","21:10:35",,"/Users/jonclausen/Sites/ortus/commandbox-engines/workbench/ACF11/Engine/WEB-INF/cfusion/logs/application.log initialized" | |
"Information","XNIO-2 task-11","04/30/17","21:10:35",,"Session rotated successfully." | |
"Information","XNIO-2 task-3","04/30/17","21:17:03",,"Session rotated successfully." | |
"Error","XNIO-2 task-1","07/26/17","00:57:01",,"Error thrown by site-wide exception handler:" | |
"Error","XNIO-2 task-1","07/26/17","00:57:01",,"The Security service is not available.This exception is usually caused by service startup failure. Check your server configuration. The specific sequence of files included or processed is: /root/serverHome/CFIDE/administrator/templates/secure_profile_error.cfm'' " | |
"Error","XNIO-2 task-1","07/26/17","00:57:01",,"The Security service is not available.This exception is usually caused by service startup failure. Check your server configuration. The specific sequence of file |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-- Word and Character Count service for Mac OS X | |
-- Adds a Word and Character Count option to the text selection context menu | |
-- Use Automator to create a new service, then select the Run AppleScript action. Make | |
-- sure the service is set to receive "text", at the top of the window. Paste in this code | |
-- and save as "Word and Character Count". Now switch to a new app, select some text, | |
-- right-click, go to Services, and find the new option. | |
-- Copyright 2015, Noah Slater <nslater@apache.org> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* @hint Parses an Amazon Resource Name (ARN) and returns its component parts as an object. | |
* This follows the general format of ARNs outlined by Amazon (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html), but does not fully account for all possible formats | |
* Derived from https://gist.github.com/gene1wood/5299969edc4ef21d8efcfea52158dd40 | |
*/ | |
public struct function parseArn( required string arn ) { | |
var elements = arn.listToArray( ':', true ); | |
var result = { | |
'original' : arn, | |
'arn' : elements[1], |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!--- NOTE: This technique is not 100% accurate because some DNS servers don't allow MX queries or may be slow to respond, | |
but this will identify addresses that are potentially bad or suspicious. ---> | |
<!--- some elements are incorporated from @pfreitag's post here: https://www.petefreitag.com/item/487.cfm ---> | |
<cfscript> | |
public boolean function isEmailDomainValid( required string email, string dnsServer = '8.8.8.8', numeric timeout = 2000, numeric retries = 1 ){ | |
var mxRecords = []; | |
var emailDomain = email.listLast( '@' ).trim(); | |
if ( !isValid( 'email', email ) ) | |
return false; |
OlderNewer