Load ColdFusion values from Form scope when name includes hyphen/dash - coldfusion

We're upgrading to Google's reCaptcha and it adds a field with name "g-recaptcha-response" to the form during submit. We them need to verify the response to Google with code like this:
<cfhttp url="https://www.google.com/recaptcha/api/siteverify" method="post" result="captchaResult">
<cfhttpparam type="formfield" name="secret" value="SECRET">
<cfhttpparam type="formfield" name="response" value="#Form.g-recaptcha-response#">
<cfhttpparam type="formfield" name="remoteip" value="#CGI.REMOTE_ADDR#">
</cfhttp>
However, the #Form.g-recaptcha-response# gives Element G is undefined in FORM.
Is there another way to reference Form scope to allow hyphens?

That will give you an error if the form variable doesn't exist. Try this instead:
<CFSET Form.Response = "">
<CFIF StructKeyExists(Form, "g-recaptcha-response")>
<CFSET Form.Response = form["g-recaptcha-response"]>
</CFIF>
I wrote a reCAPTCHA v2 UDF yesterday. I wanted to support sToken so I could use the same API key on multiple websites.
http://gist.github.com/JamoCA/c4e83ca402bd6175a1d7

Just found a solution:
<cfhttpparam type="formfield" name="response" value="#Form["g-recaptcha-response"]#">

Related

Google Drive API with ColdFusion

I started to work on Google Drive API with ColdFusion and I am stuck to upload the file using ColdFusion. I have done with the registration of new project, getting client and client secret and I am successfully able to get the accessToken but somehow I am not able to upload the file on the google drive.
Here is the code to get the code and accesstoken
<cfoutput>
<cfset request.oauthSettings = {
scope = "https://www.googleapis.com/auth/drive", client_id = "clientid",
client_secret = "clientsecret",
redirect_uri = "link"}
/>
<!--- create login url --->
<cfset loginURL = "https://accounts.google.com/o/oauth2/auth?scope="
& request.oauthSettings["scope"]
& "&redirect_uri=" & request.oauthSettings["redirect_uri"]
& "&response_type=code&client_id=" & request.oauthSettings["client_id"]
& "&access_type=offline"
/>
Login with Google account that has access to analytics
<cfif isDefined("URL.code") AND URL.code NEQ "access_denied">
<cfhttp url="#arguments.gaOauthUrl#" method="post">
<cfhttpparam name="code" type="formField" value="#arguments.code#">
<cfhttpparam name="client_id" type="formField" value="clientid">
<cfhttpparam name="client_secret" type="formField" value="clientsecret">
<cfhttpparam name="redirect_uri" type="formField" value="link">
<cfhttpparam name="grant_type" type="formField" value="authorization_code">
</cfhttp>
</cfif>
</cfoutput>
I am using the following code to upload the file, I know I have to pass some more parameters to make it correct but I don't know what are that parameters.
<cfhttp url="https://www.googleapis.com/upload/drive/v2/files?uploadType=media" method="post">
<cfhttpparam name="Content-Type" type="formField" value="text/plain">
<cfhttpparam name="Authorization" type="formField" value="#session.ga_accessToken#">
</cfhttp>
I am trying to find out in the google docs but no luck; there is no documentation for ColdFusion. Please let me know the other parameters if someone has some clue about this area.
You aren't setting the Authorization header correctly. It should be
Authorization: Bearer ya29.AHES6ZRosLBEnyGGH9EysIrAB7Z

Need Help for ColdFusion SessionToken and AIM for Authorize.net

I am trying to solve a problem that occurs with Authorize.net. The SessionToken is generated while in test mode through a test account. Now, a new SessionToken is generated each time the form is previewed through the test account or the actual account.
A hidden input field is shown each time when the form is accessed in preview mode. I have generated a hidden input field on my form by using a toBase64() string combined from the x_login and the x_tran_key. The output is this:
<INPUT TYPE="HIDDEN" NAME="SessionToken" ID="SessionToken" VALUE="TXpOSFRUWXpXbk40VjNSeg==TlRsU2JqaHFOM2RLZFd0RU5VdzJadz09">
in the forms hidden input field for SessionToken as you can see above.
When generating my own SessionToken for processing, the error shown after trying to process the https://test.authorize.net/gateway/transact.dll shows this:
(46) Your session has expired or does not exist. You must log in again
to continue working.
The only way for the form to actually work is after grabbing the SessionToken code from the form in preview mode. For example: Go to Account --> Settings --> Payment Form --> Preview --> and viewing and copying the code from view frame source. It looks like this:
<INPUT TYPE="HIDDEN" NAME="SessionToken" ID="SessionToken" VALUE="jMsCez2DId$VvgF4s4Hbjbe$Uv6WnJh8cEKBD5HqTUEqlHoRBebKZ07bp4RZdpwOPnGabB3pbcWFppJCph7dg6HjQeroJvlay6mQm5ocjkZPq44uT4nqeg2zWhX13b7Blp$qN7ZDzQ5HF1abfukJTQAA,jMsCez2DId$VvgF4s4Hbjbe$Uv6WnJh8cEKBD5HqTUEqlHoRBebKZ07bp4RZdpwOPnGabB3pbcWFppJCph7dg6HjQeroJvlay6mQm5ocjkZPq44uT4nqeg2zWhX13b7Blp$qN7ZDzQ5HF1abfukJTQAA">
Finally, if I use the value:
jMsCez2DId$VvgF4s4Hbjbe$Uv6WnJh8cEKBD5HqTUEqlHoRBebKZ07bp4RZdpwOPnGabB3pbcWFppJCph7dg6HjQeroJvlay6mQm5ocjkZPq44uT4nqeg2zWhX13b7Blp$qN7ZDzQ5HF1abfukJTQAA
as the SessionToken as:
<cfset SessionToken = 'jMsCez2DId$VvgF4s4Hbjbe$Uv6WnJh8cEKBD5HqTUEqlHoRBebKZ07bp4RZdpwOPnGabB3pbcWFppJCph7dg6HjQeroJvlay6mQm5ocjkZPq44uT4nqeg2zWhX13b7Blp$qN7ZDzQ5HF1abfukJTQAA'>
and process the form it works. But it only works one time for the current session if signed into the Test Account.
All help is appreciated of course. This is the last part to the code I need and just can not figure out how to make it work. I need to fetch the response for the SessionToken to populate the SessionToken hidden field input on the form.
I am not using the CFHTTP method because the form is on the website and when the payment form loads the SessionToken is needed. Meaning that the submit/sending... button on the form is submitted it then processes the payment and displays the receipt.
If you download the Coldfusion sample code from Authorize.net you will notice you do not need a SessionToken. See below:
Source: http://developer.authorize.net/downloads/samplecode/
<cfhttp method="Post" url="https://test.authorize.net/gateway/transact.dll">
<!--- the API Login ID and Transaction Key must be replaced with valid values --->
<cfhttpparam type="Formfield" name="x_login" value="API_LOGIN_ID">
<cfhttpparam type="Formfield" name="x_tran_key" value="TRANSACTION_KEY">
<cfhttpparam type="Formfield" name="x_delim_data" value="TRUE">
<cfhttpparam type="Formfield" name="x_delim_char" value="|">
<cfhttpparam type="Formfield" name="x_relay_response" value="FALSE">
<cfhttpparam type="Formfield" name="x_type" value="AUTH_CAPTURE">
<cfhttpparam type="Formfield" name="x_method" value="CC">
<cfhttpparam type="Formfield" name="x_card_num" value="4111111111111111">
<cfhttpparam type="Formfield" name="x_exp_date" value="0115">
<cfhttpparam type="Formfield" name="x_amount" value="19.99">
<cfhttpparam type="Formfield" name="x_description" value="Sample Transaction">
<cfhttpparam type="Formfield" name="x_first_name" value="John">
<cfhttpparam type="Formfield" name="x_last_name" value="Doe">
<cfhttpparam type="Formfield" name="x_address" value="1234 Street">
<cfhttpparam type="Formfield" name="x_state" value="WA">
<cfhttpparam type="Formfield" name="x_zip" value="98004">
<!--- Additional fields can be added here as outlined in the AIM integration
guide at: http://developer.authorize.net --->
<!--- The following fields show an example of how to include line item details, they are commented out by default.
<cfhttpparam type="Formfield" name="x_line_item" value="item1<|>golf balls<|><|>2<|>18.95<|>Y">
<cfhttpparam type="Formfield" name="x_line_item" value="item2<|>golf bag<|>Wilson golf carry bag, red<|>1<|>39.99<|>Y">
<cfhttpparam type="Formfield" name="x_line_item" value="item3<|>book<|>Golf for Dummies<|>1<|>21.99<|>Y">
--->
</cfhttp>
Hope this helps.

Consuming Salesforce WSDL via Coldfusion Issue

Ive been given a class file from another group of SFDC developers that work in a separate instance that generates a SOAP based WSDL. I have imported that class file and generated the WSDL in our instance. The webservice is very basic, it just returns a set of values (in XML of course) and doesn't require any arguments to retrieve those values.
Just to test that the WSDL is working Ive downloaded the WSDL from our instance to my local PC and put it into SOAPUI and successfully returned the set of values.
NOW ONTO THE ISSUE - CONSUMING VIA THE URL
Im using Coldfusion's CFHTTP, so I have two CFHTTP calls, the first is to the login of our instance which returns a valid session ID. This session ID is used in my second call which is below:
<!--- token from from first cfhttp --->
<cfset variables.access_token_node = xmlSearch(XMLContent, "//*[name()='sessionId']") />
<cfset variables.access_token = variables.access_token_node[1].xmlText>
<cfset variables.wsdl_url2 = "https://cs12.salesforce.com/services/wsdl/class/WS_FAKE_WSDL">
<cfset packet = CreateObject("java", "java.lang.StringBuffer") />
<cfset packet.append('<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ws="http://soap.sforce.com/schemas/class/WS_FAKE_WSDL">') />
<cfset packet.append('<soapenv:Header>') />
<cfset packet.append('<ws:SessionHeader>') />
<cfset packet.append('<ws:sessionId>#variables.access_token#</ws:sessionId>') />
<cfset packet.append('</ws:SessionHeader>') />
<cfset packet.append('</soapenv:Header>') />
<cfset packet.append('<soapenv:Body>') />
<cfset packet.append('<ws:DescribesObjectFields/>') />
<cfset packet.append('</soapenv:Body>') />
<cfset packet.append('</soapenv:Envelope>') />
<cfhttp method="post" url="#variables.wsdl_url2#" result="findResponse2">
<cfhttpparam type="HEADER" name="Accept" value="application/soap+xml, application/xml, multipart/related, text/*">
<cfhttpparam type="HEADER" name="ACCEPT-ENCODING" value="application/soap+xml">
<cfhttpparam type="HEADER" name="CONNECTION" value="Keep-Alive">
<cfhttpparam type="HEADER" name="SOAPAction" value="dummy">
<cfhttpparam type="HEADER" name="Content-Type" value="text/xml; charset=utf-8">
<cfhttpparam type="HEADER" name="Must-Understand" value="1">
<cfhttpparam type="Header" name="Content-Length" value="#len(trim(packet.ToString()))#">
<cfhttpparam type="body" value="#packet.ToString()#" encoded="yes">
</cfhttp>
Below is what I am receiving from the WSDL..that code just takes me back to the login screen. With a Session ID I would assume I wouldn't need to log back in, correct?
All advice is appreciated.
You appear to be sending your APi call to the URL of the WSDL file, this is not the correct URL, you should be sending it to the service address that's detailed within the WSDL file, see the soap:address element in the service element at the bottom of the WSDL.

google analytics, hitting it from coldfusion server cfhttp

I have used this:
Generate Google Analytics events (__utm.gif requests) serverside
and this:
http://www.garyrgilbert.com/blog/index.cfm/2008/10/21/Tracking-Digital-Content
to build a cfhttp string so that when a user hits a page it calls google analytics. I'm doing it like this because the pages I'm serving are XML pages and I can't mix javascript with xml.
My problem is that google analytics is ignoring my requests. I have activated my bucket code on a normal html server, so it thinks/knows it exists, but now when i call any of my xml server pages and make the cfhttp request from coldfusion server, it doesn't get registered.
Update:
Following Sergii advice, I have done a dump to find out what the cfhttp is doing (i was previously missing a variable which was causing it to error), i am now getting a http return of 200, though analytics is not applying the request to my account.
Update the 2nd, including code:
<cfset var_utmac='UA-myUA'> <!--- enter the new urchin code --->
<cfset var_utmhn='www.myaddress.co.uk'>
<cfset var_utmn = RandRange(10000000,99999999)>
<cfset var_cookie = RandRange(10000000,99999999)>
<cfset var_random = RandRange(1000000000,2147483647)>
<cfset var_today = now()>
<cfset var_referer = #cgi.HTTP_REFERER#>
<cfset var_uservar = 'jevans'>
<cfset var_utmp= ''>
<cfset apiname = 'listings.getlistings'>
<cfhttp method="get" url="http://www.google-analytics.com/__utm.gif">
<cfhttpparam type="url" name="utmwv" value="1" />
<cfhttpparam type="url" name="utmn" value="#var_utmn#" />
<cfhttpparam type="url" name="utmsr" value="-" />
<cfhttpparam type="url" name="utmsc" value="-" />
<cfhttpparam type="url" name="utmul" value="-" />
<cfhttpparam type="url" name="utmje" value="0" />
<cfhttpparam type="url" name="utmfl" value="-" />
<cfhttpparam type="url" name="utmdt" value="#apiName#" />
<cfhttpparam type="url" name="utmhn" value="#var_utmhn#" />
<cfhttpparam type="url" name="utmr" value="#var_referer#" />
<cfhttpparam type="url" name="utmp" value="#var_utmp#" />
<cfhttpparam type="url" name="utmac" value="#var_utmac#" />
<cfhttpparam type="url" name="utmcc" value="__utma%3D#var_cookie#.#var_random#.#var_today#.#var_today#.#var_today#.2%3B%2B__utmb%3D#var_cookie#%3B%2B__utmc%3D#var_cookie#%3B%2B__utmz%3D#var_cookie#.#var_today#.2.2.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B__utmv%3D#var_cookie#.#var_uservar#%3B" />
</cfhttp>
any thoughts?
cheers
Looking at your code, I'm guessing that you need to replace &amp's in your code with regular & symbols. You only need to escape the ampersands to validate XML documents and such. If you send them over the URL, then they may not be recognized as separators.
I would actually construct it like so:
<cfhttp method="get" url="http://www.google-analytics.com/__utm.gif">
<cfhttpparam type="url" name="utmwv" value="5.1.2" />
<cfhttpparam type="url" name="utmn" value="#var_utmn#" />
... all your other URL variables
<cfhttp>
This will make your code a little easier to read, as well as make sure that all of your variables are sent over in the property format, without needing to concatenate a huge string.
It looks like several of your parameters should be of different types. You are sending them all as URL parameters. Should, for example, the HTTP_REFERER be sent as type="CGI".
Looking at my own GA HTTP, I see that in my URL string that I have utmr=-
But the request is also sending along a CGI header for Referer: http://12robots.com/
Maybe try adding another param with type="CGI" name="HTTP_REFERER" value="#CGI.HTTP_REFERER#"
You might want to look at how it is being done in this PHP class and see if you can adapt it to your ColdFusion code. It looks like it might be more than a few URl params that need setting. It is likely that you need to better simulate a real browser to make GA think you are a real browser.
http://code.google.com/p/serversidegoogleanalytics/
Pretty sure cfset var_today = now() is wrong. GA has no idea what a ColdFusion date/time object is

Upload google docs with coldfusion

I've built a forum-like app in ColdFusion and I want to add a feature with which the users can upload files to Google Docs using their Google accounts and then other users can edit those files.
I've been using this CFC: http://cfgoogle.riaforge.org/ to retrieve Google Docs, but the upload function is currently missing. I need the upload function for the first upload of the file and then for the second part of editing it. I hope that it makes sense.
That's what I'm asking help for. I'm not that experienced with cffunctions and I was wondering if someone could give me a hand with it.
This is what I have so far:
<cffunction name="upload" access="public" returnType="any" hint="I upload the document." output="false">
<cfargument name="myFile" type="string" required="true" hint="file to upload.">
<cfset var result = "">
<cfset var service = variables.docservice>
<cfset theUrl = "https://docs.google.com/feeds/documents/private/full HTTP/1.1">
<cfhttp url="#theURL#" method="post" result="result">
<cfhttpparam type="header" name="Authorization" value="GoogleLogin auth=#getAuth(service)#">
<cfhttpparam type="header" name="Content-Length" value="81047">
<cfhttpparam type="header" name="Content-Type" value="application/msword">
<cfhttpparam type="header" name="Slug" value="#myFile#">
</cfhttp>
<cfreturn result.filecontent>
</cffunction>
But I get the following error when I output the result:
'Invalid request URI'
If someone could help me out with this one (even just show me the way), it would be mostly appreciated.
I would try to expand cfgoogle CFC with upload method using Protocol Guide for uploading.