How do you track templates calls in ColdFusion? - coldfusion

How do you track template path in ColdFusion?
I.E.
I have the following folder and file structure
index.cfm
<cfset ArrayAppend(request.Trace, '/')>
<cfdump var=#request.trace#>
foo
index.cfm
<cfset ArrayAppend(request.Trace, '/foo/')>
<cfinclude template='../'>
bar
index.cfm
ArrayAppend(request.Trace,'/foo/bar/')>
<cfinclude template='../'>
When I call foo/bar/index.cfm,
request.Trace equals:
'/foo/bar/'
'/foo/'
'/'
How could I do this without specifically declaring each folder name?

Have a look at:
expandPath(".")
getBaseTemplatePath()
getCurrentTemplatePath()
CGI.CF_TEMPLATE_PATH
CGI.PATH_TRANSLATED
CGI.SCRIPT_NAME
If you want the template stack trace, use this:
<cfset templateTrace = []>
<cfset tagTrace = createObject("java","java.lang.Exception").init().TagContext>
<cfloop array="#tagTrace#" index="tagInfo">
<cfset templateTrace.add(tagInfo.Template)>
</cfloop>
<cfdump var="#templateTrace#">
This will output all templates passed up to this call.

Not ideal but this worked for me.
<cfset currentFile = GetCurrentTemplatePath()>
<cfset currentDir = GetDirectoryFromPath(currentFile)>
<cfset webroot = expandPath("/")>
<cfset m_Trace = Replace(currentDir, webroot , '\')>
<cfset ArrayAppend (request.Trace, m_Trace )>

Related

Using Microsoft DPAPI with Coldfusion

I'm in the process of decrypting Chrome's cookie information for a particular website. I can read the data from the file using the SQLLite DB object successfully. The next step is to decrypt the encrypted data.
I've managed to find two Java executables JDPAPI & windpapi4j allowing me to use the Microsoft Data Protection API (MS DPAPI) in Java.
I've loaded both the JAR files in the lib folder and can see their methods as shown below.
I'm trying to pass the encrypted_value of the cookie to the unprotectData and unprotect methods of the Java objects but getting the following error for both of them.
Code:
<cfset a_sqlite = createObject( 'java', 'org.sqlite.JDBC' )>
<cfset WinDPAPI = createObject('java','com.github.windpapi4j.WinDPAPI') />
<cfset jdpapi = createObject('java','net.sourceforge.jdpapi.DataProtector') />
<cfdump var="#WinDPAPI#" label="WinDPAPI">
<cfdump var="#jdpapi#" label="jdpapi">
<!--- <cfdump var="#a_sqlite#"> --->
<cfset a_prop = createObject( 'java', 'java.util.Properties' )>
<cfset db_filename = 'C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\cookies'>
<cfset a_conn = a_sqlite.connect( 'jdbc:sqlite:' & db_filename, a_prop.init() )>
<!--- <cfdump var="#a_conn#"> --->
<cfset a_statement = a_conn.createStatement()>
<cfset a_res = a_statement.executeQuery("select * from cookies where host_key like '%ggas%';")>
<!--- <cfdump var="#a_res#"> --->
<cfloop condition="#a_res.next()#" >
<cfoutput>#a_res.getString("host_key")# = #a_res.getString("name")#</cfoutput><br>
<!--- <cfset encrypted_string = "#a_res.getString("encrypted_value")#"> --->
<cfdump var="#WinDPAPI.unprotectData(a_res.getString("encrypted_value"))#">
<cfdump var="#jdpapi.unprotect(toBinary(toBase64(a_res.getString("encrypted_value"))))#">
<!--- <cffile action="write" file="#expandPath(".")#\output.txt" output="#jdpapi.unprotect(toBinary(toBase64(a_res.getString("encrypted_value"))))#" addnewline="true"> --->
</cfloop>
I believe its something to do with the byte[] input type but not sure how to go about it. Any pointers would be helpful.

Invalid Component Definition

I'm having an issue in the logs I cannot replicate on the browser. I'm getting hundreds of these per day
invalid component definition, can't find component [cfc.udf]
The cfc are stored in a cfc folder one level above the app. This is so that many apps can use the same cfc.
Folder structure:
---- cfc
--------- udf.cfc
---- myApp
--------- application.cfc
In the application.cfc, I'm using application-specific mappings because this is set on a lot of different load-balanced-servers in production as well as a QA environment and local testing environment and keeping them all synced would be difficult.
At onRequestStart, I have a function that restarts the application every 5 minutes. It was supplied by a consultant. I suspect that this is the culprit because the logs show these errors coming in at exactly 5 minute intervals
<cfcomponent>
<cfset This.name = "myApp">
<cfset This.Sessionmanagement=true>
<cfset This.Sessiontimeout="#createtimespan(0,0,30,0)#">
<cfset this.mappings['/cfc'] = ExpandPath('../cfc')>
<cffunction name="onApplicationStart">
<cfset Application.udf = createObject("component", "cfc.udf").init()>
</cffunction>
<cffunction name="onRequestStart">
<cfset appRefreshMinutes = 5>
<cfif Not IsDefined("Application.refreshTime")>
<cfset currentMinute = Minute(Now())>
<cfset Application.refreshTime = DateAdd("n", -(currentMinute MOD appRefreshMinutes)+appRefreshMinutes, Now())>
<cfset Application.refreshTime = DateAdd("s", -(Second(Application.refreshTime)), Application.refreshTime)>
</cfif>
<cfif Now() GTE Application.refreshTime Or IsDefined("URL.reload")>
<cflock name="ApplicationInit" type="exclusive" timeout="5" throwontimeout="false">
<cfif Now() GTE Application.refreshTime Or IsDefined("URL.reload")>
<cfset OnApplicationStart()>
<cfset Application.refreshTime = DateAdd("n", appRefreshMinutes, Application.refreshTime)>
</cfif>
</cflock>
</cfif>
</cffunction>
</cfcomponent>
Promoted from the comments
Have you tried using a mapping name other than /cfc? Like:
<cfset this.mappings['/somethingelse'] = ExpandPath('../cfc')>
so that you can then call it like:
<cfset Application.udf = createObject("component", "somethingelse.udf").init()>
Maybe it just looks odd to me or maybe that is causing your issue (cfc being a reserved word or somehow getting special treatment in this case).

Application.CFC variable not available

In application.cfc I am defining a variable which must be available throughout a session.
<cfcomponent>
<cfset this.applicationTimeout = createTimeSpan(0,4,0,0)>
<cfset this.sessionManagement = true>
<cfset this.setClientCookies = true>
<cfset this.sessionTimeout = createTimeSpan(0,0,90,0)>
<cfset this.setdomaincookies = true>
<cfset this.myVar = "Hello">
</cfcomponent>
I tried several approaches to get the myVar in .cfm but to no avail.
Approach 1: <cfoutput>#myVar#</cfoutput>
Approach 2: <cfoutput>#session.myVar#</cfoutput>
Approach 3: <cfoutput>#application.myVar#</cfoutput>
Any help would be appreciated.
You're confusing the placement of Application.cfc's this-scoped settings with your own application-scoped variables.
Take a look at Ben Nadel's Application.cfc tutorial.
You basically want to put application.myVar in OnApplicationStart():
<cfcomponent>
<cfset this.applicationTimeout = createTimeSpan(0,4,0,0)>
<cfset this.sessionManagement = true>
<cfset this.setClientCookies = true>
<cfset this.sessionTimeout = createTimeSpan(0,0,90,0)>
<cfset this.setdomaincookies = true>
<cffunction name="OnApplicationStart">
<cfset application.myVar = "Hello">
</cffunction>
</cfcomponent>
Then you should be able to reference it in your application as application.myVar.

How to inherit from another Application.cfc

I have a test application structured like so:
Application.cfc
ApplicationProxy.cfc
index.cfm
sub_app/
Application.cfc
index.cfm
and I want my sub app to inherit all variables and events from the top level Application.cfc.
I have read and implemented Sean Corfield's ApplicationProxy method for extending an Application component but I can't get it to work as when I visit sub_app/index.cfm I get this error:
Could not find the ColdFusion Component or Interface ApplicationProxy.
From the error I can only guess that the application is looking in the wrong place, how do I correct this?
Application.cfc:
<cfcomponent name="Application" output="true">
<cfset THIS.name = "testAppA">
<cfset THIS.sessionManagement="Yes">
<cfset THIS.applicationTimeout = createTimeSpan(0,0,10,0)>
<cfset THIS.sessionTimeout = createtimespan(0,0,10,0)>
<cfset THIS.clientManagement = true>
<cfset THIS.clientStorage = "cookie">
<cfset THIS.loginStorage = "cookie">
<cfset THIS.setDomainCookies = false>
<cfset THIS.setClientCookies = true>
<cfset THIS.scriptProtect = true>
<cfset THIS.secureJSON = true>
<cffunction name="onApplicationStart" returntype="void">
<cfset APPLICATION.name = "testAppA">
<cfset APPLICATION.test = "test var">
</cffunction>
<cffunction name="onSessionStart" returntype="void">
<cfset SESSION.loggedIn = 1>
</cffunction>
</cfcomponent>
ApplicationProxy:
<cfcomponent name="ApplicationProxy" extends="Application">
</cfcomponent>
index.cfm:
Sub app
sub_app/Application.cfc:
<cfcomponent extends="ApplicationProxy" output="true">
<!---
Uses parent Application settings
--->
</cfcomponent>
sub_app/index.cfm:
Parent app
<cfdump var="#Application#">
Best way to do is create ApplicationProxy.cfc file with all function you need to inherit and then extends in Application.cfc wherever needed. I am using this method since long time and no issue face with this approach.

Consuming a webservice code simplification

UPDATED CODE TO LATEST ITERATION
The following function consumes a webservice that returns address details based on zip code (CEP). I'm using this function to parse the xml and populate an empty query with the address details. I would like to know if there is a more elegant way to achieve the same result. It seems to be a waste to create an empty query and populate it...
Any ideas could my method be modified or the code factored/simplified?
<!--- ****** ACTION: getAddress (consumes web-service to retrieve address details) --->
<cffunction name="getAddress" access="remote" returntype="any" output="false">
<!--- Defaults: strcep (cep (Brazilian zip-code) string webservice would look for), search result returned from webservice --->
<cfargument name="cep" type="string" default="00000000">
<cfset var searchResult = "">
<cfset var nodes = "">
<cfset var cfhttp = "">
<cfset var stateid = 0>
<cfset var tmp = structNew()>
<!--- Validate cep string --->
<cfif IsNumeric(arguments.cep) AND Len(arguments.cep) EQ 8>
<cftry>
<!--- Consume webservice --->
<cfhttp method="get" url="http://www.bronzebusiness.com.br/webservices/wscep.asmx/cep?strcep=#arguments.cep#"></cfhttp>
<cfset searchResult = xmlparse(cfhttp.FileContent)>
<cfset nodes = xmlSearch(searchResult, "//tbCEP")>
<!--- If result insert address data into session struct --->
<cfif arrayLen(nodes)>
<cfset tmp.streetType = nodes[1].logradouro.XmlText>
<cfset tmp.streetName = nodes[1].nome.XmlText>
<cfset tmp.area = nodes[1].bairro.XmlText>
<cfset tmp.city = nodes[1].cidade.XmlText>
<cfset tmp.state = nodes[1].uf.XmlText>
<cfset tmp.cep = arguments.cep>
<!--- Get state id and add to struct --->
<cfset stateid = model("state").findOneByStateInitials(tmp.state)>
<cfset tmp.stateid = stateid.id>
<cfreturn tmp>
</cfif>
<!--- Display error if any --->
<cfcatch type="any">
<cfoutput>
<h3>Sorry, but there was an error.</h3>
<p>#cfcatch.message#</p>
</cfoutput>
</cfcatch>
</cftry>
</cfif>
</cffunction>
<!--- ****** END ACTION getAddress --->
The calling code:
<!--- Get address data based on CEP --->
<cfset session.addressData = getAddress(cep=params.newMember.cep)>
I can't test this because I don't have an example XML file / CEP to test with, but here is a minor rewrite that addresses four things:
Instead of using cfparam and some strange "params" structure, you should pass the CEP into the function as an argument.
The function shouldn't directly modify session data. Instead, you should return the result and let the calling code assign it to the session (or wherever else it might be needed). I'll show this in a 2nd code example.
Cache the xml result per CEP -- assuming this doesn't change often. (You'll have to improve it further if you want time-based manual cache invalidation, but I can help add that if necessary)
Don't use StructInsert. It's not necessary and you're just writing it the long way for the sake of writing it the long way. There is no benefit.
Again, this isn't tested, but hopefully it's helpful:
<cffunction name="getAddress" access="remote" returntype="any" output="false">
<cfargument name="cep" type="string" default="00000000" /><!--- (cep (Brazilian zip-code) string webservice would look for) --->
<cfset var searchResult = "">
<cfset var nodes = "">
<cfset var cfhttp = "">
<cfset var stateid = 0 />
<cfset var tmp = structNew()>
<!--- Validate cep string --->
<cfif IsNumeric(arguments.cep) AND Len(arguments.cep) EQ 8>
<cfif not structKeyExists(application.cepCache, arguments.cep)><!--- or cache is expired: you'd have to figure this part out --->
<!--- Consume webservice --->
<cftry>
<cfhttp method="get" url="http://www.bronzebusiness.com.br/webservices/wscep.asmx/cep?strcep=#arguments.cep#" />
<cfset searchResult = xmlparse(cfhttp.FileContent)>
<cfset nodes = xmlSearch(searchResult, "//tbCEP")>
<!--- If result insert address data into session struct --->
<cfif arrayLen(nodes)>
<cfset tmp.streetType = nodes[1].logradouro.XmlText />
<cfset tmp.streetName = nodes[1].nome.XmlText />
<cfset tmp.area = nodes[1].bairro.XmlText />
<cfset tmp.city = nodes[1].cidade.XmlText />
<cfset tmp.state = nodes[1].uf.XmlText />
<cfset tmp.cep = arguments.cep />
<!--- Get state id and add to struct --->
<cfset stateid = model("state").findOneByStateInitials(session.addressData.state)>
<cfset tmp.stateid = stateid.id />
</cfif>
<cfreturn duplicate(tmp) />
<!--- Display error if any --->
<cfcatch type="any">
<h3>Sorry, but there was an error.</h3>
<p>#cfcatch.message#</p>
</cfcatch>
</cftry>
<cfelse>
<!--- cache exists and is not expired, so use it --->
<cfreturn duplicate(application.cepCache[arguments.cep]) />
</cfif>
</cfif>
<!---
<!--- Redirect to page two of the sign up process --->
<cfset redirectTo(controller="assine", action="perfil")>
--->
</cffunction>
Notice that I commented out the redirect you had at the end. That's because with my function, you'll be returning a value, and the redirect should be done after that, like so:
<cfset session.addressData = getAddress("some-CEP-value") />
<cfset redirectTo(controller="assine", action="perfil")>
If you're going to leave out the caching (As you say in a comment you will), then here is a version that makes no attempt at caching:
<cffunction name="getAddress" access="remote" returntype="any" output="false">
<cfargument name="cep" type="string" default="00000000" /><!--- (cep (Brazilian zip-code) string webservice would look for) --->
<cfset var searchResult = "">
<cfset var nodes = "">
<cfset var cfhttp = "">
<cfset var stateid = 0 />
<cfset var tmp = structNew()>
<!--- Validate cep string --->
<cfif IsNumeric(arguments.cep) AND Len(arguments.cep) EQ 8>
<!--- Consume webservice --->
<cftry>
<cfhttp method="get" url="http://www.bronzebusiness.com.br/webservices/wscep.asmx/cep?strcep=#arguments.cep#" />
<cfset searchResult = xmlparse(cfhttp.FileContent)>
<cfset nodes = xmlSearch(searchResult, "//tbCEP")>
<!--- If result insert address data into session struct --->
<cfif arrayLen(nodes)>
<cfset tmp.streetType = nodes[1].logradouro.XmlText />
<cfset tmp.streetName = nodes[1].nome.XmlText />
<cfset tmp.area = nodes[1].bairro.XmlText />
<cfset tmp.city = nodes[1].cidade.XmlText />
<cfset tmp.state = nodes[1].uf.XmlText />
<cfset tmp.cep = arguments.cep />
<!--- Get state id and add to struct --->
<cfset stateid = model("state").findOneByStateInitials(session.addressData.state)>
<cfset tmp.stateid = stateid.id />
</cfif>
<cfreturn duplicate(tmp) />
<!--- Display error if any --->
<cfcatch type="any">
<h3>Sorry, but there was an error.</h3>
<p>#cfcatch.message#</p>
</cfcatch>
</cftry>
</cfif>
<!---
<!--- Redirect to page two of the sign up process --->
<cfset redirectTo(controller="assine", action="perfil")>
--->
</cffunction>
Note that I did leave in the use of duplicate(). What this does is return a duplicate of the object (in this case, the struct). This is much more important when you start to work on applications where you're passing complex values into and out of functions over and over again. Using duplicate() causes things to be passed by value instead of by reference. It may not bite you in this case, but it's a good habit to get into.
I would also still use the function argument and return a value -- but it's arguable that this is my personal preference. In a way it is. I believe that a function should be fully encapsulated; a total "black box". You give it some input and it gives you back some output. It should not modify anything outside of itself. (Again, just my opinion.)
So assuming you're using this function as part of a larger multi-step process, you should still use it the same way I've described above. The only difference is that you're setting the session variable outside of the function body. Just as previously:
<cfset session.addressData = getAddress("some-CEP-value") />
<cfset redirectTo(controller="assine", action="perfil")>
That looks pretty straightforward. CF doesn't (yet?) have any magical XML-to-Query functions, but that would be pretty cool. If you wanted, you could probably write up an XSL transform to go from XML to WDDX so that you could use the cfwddx tag ... but that's probably putting the cart before the horse.
You need to move your arrayLen() if block into the try block. As it stands, if the cfhttp tag throws an error, the nodes variable will be a string and not an array, thus causing the arrayLen() to throw another error.
Minor nitpick: I wouldn't add a row to the query until inside the arrayLen() block. That way, the calling code can check recordCount to see if the result was a success.
Beyond that ... that's pretty much how it's done.