gsr
12/25/2023, 11:59 PM<cfset var filePath = request.uploadbackground>
<cfset back_fileServer = filePath & "\" & formfields.backImage>
<cffile action="upload" filefield="formfields.backImage" destination="#back_fileServer#" nameconflict="makeunique">
and error i am getting is: Error! Something went wrong The form field formfields.backImage did not contain a file.
verified path existsgsr
12/25/2023, 11:59 PMgsr
12/28/2023, 3:06 PMMike Vierow
12/29/2023, 9:02 PMcfloop(query=myQuery, group='myColumn') { cfloop() { writeOutput('I see #x# records in this group'); }}
Travis Walters
12/31/2023, 8:59 PM<!--- Perform Schema Name SQL Injection Check --->
<cfset LOCAL.mySchema = REReplace(LOCAL.relationship["schema"], "[^0-9a-zA-Z_]", "", "ALL")>
<!--- Perform Table Name SQL Injection Check --->
<cfset LOCAL.table = REReplace(LOCAL.table, "[^0-9a-zA-Z_]", "", "ALL")>
<cfquery datasource="#APPLICATION.dsnName#" name="LOCAL.dataCountQuery">
SELECT COUNT(*) AS data_count
FROM #LOCAL.table#
WHERE #LOCAL.mySchema# = <cfqueryparam value="#LOCAL.formData[LOCAL.relationship.ref_schema]#" cfsqltype="CF_SQL_INTEGER">
</cfquery>
The security code analyzer is barking about #LOCAL.table# for example
The table name comes from a JSON configuration file so I know the code is safe
The analyzer is just giving me a warning because I am using REReplace against the LOCAL.table variable
Anyway to get rid of the warning for future scans?Travis Walters
12/31/2023, 9:02 PM<cfinclude template="#ARGUMENTS.jsonFile#">
It is a relative path and file name against the website root directory for a dynamic json configuration file
Is there an actual security risk here? If not, how to get rid of this warning for future scans?gsr
01/02/2024, 3:22 PMBrian
01/04/2024, 3:25 PMnickg
01/04/2024, 8:26 PMNick
01/18/2024, 10:03 PMinvoke()
method, and it seems to be working great.
targetCFCInstance = wirebox.getInstance( "Utils" );
response = invoke( targetCFCInstance, methodName, requestData );
In 20 years of developing in CF, I've never had a need for invoke()
. Can anyone confirm it's safe/supported/etc. and there's not a better solution? It reminds me a bit of evaluate()
, which has long been discouraged in favor of bracket notation.gsr
01/21/2024, 7:20 PMselect* from errors
WHERE etime BETWEEN '2024-01-21 19:17:44.0' AND '2023-12-22 19:17:44.0'
i am getting 0 records, while date is stored in the format of 2024-01-16 17:23:26.000
how can i have this fix in QoQ, i can't use the date functionNick
01/24/2024, 4:42 PM{
"thirdPartyApi": {
"url": "xyz",
"key": "123"
}
}
https://trycf.com/gist/71e5346e340ff0dd326346130c775883/acf2023?theme=monokaiAhmad Kaddour
01/30/2024, 5:38 AMAndras Nagy
02/13/2024, 3:24 AMCristobal
02/13/2024, 11:32 AMCristobal
02/13/2024, 11:36 AMGVJustDOIT
02/14/2024, 5:24 PMBranch Target Offset Too Large for Short
Does anyone face this issue? Could you please provide suggestions to resolve?aliaspooryorik
aliaspooryorik
Axel Kola
02/19/2024, 6:53 AMaliaspooryorik
Axel Kola
02/19/2024, 10:32 AMTravis Walters
02/25/2024, 7:54 PMgsr
03/03/2024, 6:11 PMarvi tej
03/11/2024, 11:10 PMepipko
03/12/2024, 4:42 PM<cfloop *query*="q1">
<cftry>
<cfinclude template="1">
<cfcatch *type*="any">
<cfdump *var*=#cfcatch#>
!!! How do I go back up to iterate through the loop !!!
</cfcatch>
</cftry>
<cfinclude template="2">
<cfinclude template="3">
</cfloop>
arvi tej
03/14/2024, 12:04 AMNick
03/14/2024, 5:17 PM<?xml version="1.0" encoding="utf-8"?>
<soap12:Envelope xmlns:xsi="<http://www.w3.org/2001/XMLSchema-instance>" xmlns:xsd="<http://www.w3.org/2001/XMLSchema>" xmlns:soap12="<http://www.w3.org/2003/05/soap-envelope>">
<soap12:Body>
<DoAction>
<Person>Person name</Person>
<Phone>555-123-4567</Phone>
</DoAction>
</soap12:Body>
</soap12:Envelope>
molluskorg
03/19/2024, 2:17 PMAndras Nagy
04/04/2024, 5:30 AM