I have a model like this:
<cfcomponent extends="Model">
<cffunction name="init">
</cffunction>
<cffunction name="config">
...
</cffunction>
<cffunction name="getLogsEncuestas">
<cfreturn ...>
</cffunction>
I am creating the getLogsEncuestas method, but every time I made a change on it, I have to restart PC in order to updates get done.
I am using a CFWheels inside a ColdFusion server. I have tried to use wheels reload inside box command line and change the environment to development.
Any idea of how to reload model methods without restart server?
Thanks for your help!
It's been a long time since I did anything with CFWheels, but /?reload=true is what I used in the past. Have you tried this yet?
Related
For extra security on my pages I use HTTP_REFERER within a cfif statement as a check on all my pages to make sure there are no successful direct attacks on any given page.
I am using a cfc file in an Authorize.net post. I do not use cfc or any other plug-ins or apps on my site so this is a first.
I would like to use an cfif statement in the cfc with the pages that call it listed in the cfif statement and if not a listed page, cfabort the page.
<cfhttpparam name="referer" type="cgi" value="#CGI.HTTP_REFERER#">
I have a small CF9 app, no database involved. In the configuration I need to store a network password which one of the functions needs, but I don't want to have it stored in the Application.cfc (for example) in human readable form.
What's the best way of storing/reading the password?
Step 1: On a web page that is not going into production, run:
<cfoutput>#hash('My_pa55w0rd')#</cfoutput>
That will show a hash of the password.
Step 2: On a web page that is going into production, add the hash to a variable such as application.pass_hash . Verify against pass_hash as needed.
<cfif hash(form.password) EQ application.pass_hash>
<p>Successful login!</p>
</cfif>
I am using railo server 4.1 and also installed the extension provider for spreadsheet support (http://www.andyjarrett.co.uk/RailoExtensionProvider/ExtensionProvider.cfc). But I can't able to read the spreadsheet using cfspreadsheet Am I missing something? or else provide any alternate solution.
The following is the error produced when i run a cfm page with cfspreadsheet tag in it
<cfspreadsheet action="read" src="#expandPath('..\')#/TEST.xls" query="res">
<cfdump var="#res#" />
The application keeps the daily reports in a shared path. Our application generates the URL linking it to the excels like
http://application/ExcelTask/Index.cfm?type=Report&fileName=Report_Mar2014.xlsx
with the cfm code as
<cfif FileExists("#filePath#")>
<cfheader name="Content-Disposition" value="inline; filename=""#URL.fileName#""">
<cfcontent type="application/vnd.ms-excel" file="#filePath#">
</cfif>
What we have found out if the users are aware of our directory structure the cfm files can be downloaded using the URL injection like
http://application/ExcelTask/Index.cfm?type=../ExcelTask&fileName=Index.cfm
I can add a condition to only allow files of type xls and xlsx only but that looks like a Plan B.
Any ideas how to restrict the folder access?
Use basic data sanitization skills to both clean and validate your URL.type and URL.filename.
some replaceAll code to eliminate ../, or
try isValid("regex", some regex pattern...)
You can also validate against the session whether the current logged in user has the write to view/download the file for extra protection.
I have a CF9 project set up with a multi-tiered directory structure. At the root level I have the live production site with its Application.cfc. It contains a number of variables that are bound to a 'debugMode' flag--so in the case of the production site, this flag is set to false.
In a subdirectory of the production site, I have a folder containing a testing version of the site. This has its own Application.cfc with debugMode set to true. Other than this flag and changes that we are testing, it's identical to the production Application.cfc.
There haven't been any problems with this UNTIL we added logic for resetting Application.cfc in order to see our changes without waiting for the timeout (which we have set to 30 minutes).
To accomplish this, we added this block to the 'OnRequestStart' function in Application.cfc (it is present on both production and testing versions):
<cfif StructKeyExists( URL, "reset" )>
<!--- Reset application and session. --->
<cfset THIS.OnApplicationStart() />
<cfset THIS.OnSessionStart() />
</cfif>
This initially appeared to work fine. If we add '?reset' to the url for any page on the testing version, changes made Application.cfc are reflected immediately, but we quickly discovered a nasty side effect: calling reset on the testing version ALSO changes our production site to use the testing version of Application.cfc, thereby mightily fubaring everything.
Running the '?reset' logic on the production site fixed this problem, but then caused all the testing pages to use the production Application.cfc instead of the testing version. Waiting for the Application.cfcs to time out and refresh automatically made no difference, so now our test environment is messed up.
Any insight into what's going on or what to do would be greatly appreciated as we are fairly stumped. Is this simply a poor architecture? We inherited it and are now quite accustomed to this structure, so so a quick fix would be preferred, but I'm open to suggestions.
Thanks.
The issue is most likely that the two application.cfc files specify the same application name.
So, they are, in essence, the same application.
So, whether you trigger the refresh from the "Test" site or the "Live" site, its resetting the same application, then re-instantiating the variables from whatever version you issued the reset from.
You need to set the application name for the "Test" application to something different then the live application.
For Test:
<!--- For the "Test" Application --->
<cfset this.name = "TESTApplication">
For Live:
<!--- For the "Live" Application --->
<cfset this.name = "Application">