Archive for the ‘ColdFusion’ Category

Last week, I did loose a lot of time in what should have been a quick ColdFusion hack. My colleagues and I were just trying to set up a web service-based solution for a simple problem: they had a JavaScript page that needed a bit of data for which I already had the code in ColdFusion. So I created a new directory in an existing application, whipped up the required code in ‘index.cfm‘ to return a bit of JSON and tested the result from my browser… only to get an “Error 500 - Application index.cfm could not be found“.

Weird, heh? The required file was there, so why could CF11 not find it? Adding an ‘Application.cfm‘ did not help, neither did repackaging the code in a CFC. On CF8, on the other hand, everything worked as expected. So what was going on?

It took some time, but I did find the explanation: CF11 reserves the directory name ‘api’ for special treatment, so you can’t use it like any other directory name – and of course that was the name I had chosen! Adam Tuttle described the situation nicely in 2015:

Funny you should mention that the issue is inside an /api folder. I’m trying to track down the same problem, except I’m directly accessing an index.cfm (sort of — onRequest intercepts the request and redirects to CFCs as appropriate — it’s a Taffy API) and I’ve found that renaming the folder from /api to … literally anything else… works fine. It’s almost as if something in CF has special meaning at /api, like the special /rest mapping does.

Indeed, renaming my directory solved the problem – too bad it took me so long to find the cause. On to the next problem!

PS. Adam Tuttle has more to say on the subject, but his post on the subject has disappeared: the URL ‘http://fusiongrokker.com/post/coldfusion-11-sometimes-chokes-on-api‘ no longer points to the relevant text, but is redirected to another blog also belonging to Adam Tuttle. There, unfortunately, the post is NOT available. I won’t call this a case of linkrot, but it’s not good either. Luckily, the Wayback Machine has a copy of the page, including a few comments…

Read Full Post »

I just spent yesterday afternoon debugging a somewhat older ColdFusion+JavaScript application: some of the administration functions were not working. A partial explanation for my time spent on the issues is that the application was developed in the days of Internet Explorer 5. We’re still running IE6 on a substantial number of the several thousand PC’s in use in the company… in combination with an older version of Chrome. So refactoring the JavaScript code (to make it work in both browsers) was part of the ‘fun‘.

In the end, the real cause of the core problem I encountered was to be found in a few SQL statements that I had neglected to check out, wrongly assuming they had been working in the past. The reason they continued to slip under the radar was simple: the original developer had managed to “hide” that SQL code in a <cftry> statement with an empty <cfcatch>. So there was nothing in the logs, of course.

From the OWASP website

From the OWASP website

Finding the root cause reinforced a lesson I had learned a long time ago: only catch exceptions if you’re going to do something serious and meaningful with them. No, swallowing them whole isn’t meaningful. OWASP summarizes: “Swallowing exceptions is considered bad practice, because the ignored exception may lead the application to an unexpected failure, at a point in the code that bears no apparent relation to the source of the problem“.

This story teaches a second lesson as well. In the future, I will scan code for exception swallowing situations before I start debugging – that could have saved me a lot of time today!

Read Full Post »

Ray Camden wrote about the CF log file enhancements in CF9 a few years ago: “CF901: Logging enhancements“; among other things, he explained the possibility of disabling and enabling logging into particular log files. This is supposed to work in exactly the same manner in CF11. Since then this theme wasn’t discussed much. That’s too bad, because I have a strange problem in CF11, and there are no clues to find on the internet.

Here’s my situation:  I accidentally disabled a custom log file for a Scheduled task, and now I can’t find a way to re-enable this log. I tried hijacking the “disable” link by replacing it with “enable”, but that did not work – not even after a restart of ColdFusion.

I needed some time to figure out that I could go on with my work again by renaming the .cfm file as well as the log file, but that does not really count as a solution. So all advice to get this specific log back to work will be appreciated!

Read Full Post »

Wednesday evening I attended the first meeting of the CFML UserGroup Belgium, which met at the Brussels Adobe offices. The ColdFusion User Group mentioned a few times on this blog in the past clearly is no more, but Guust is taking over the initiative (not the site, unfortunately).

Elisha Dvorak (Solution Consultant, Adobe) gave us a brief overview of what’s new in ColdFusion 2016. She also explained what the API Manager does and how it fits in the CF2016 solution. In short: the API Manager is a separate product, that comes free with the Enterprise Edition of CF2016. It’s not tied in one way or another to ColdFusion, but is offered since Adobe notices that CF is used to develop and run web services (SOAP as well as REST), and the API Manager helps control access to those services.


As an aside: Adobe is still looking for speakers at the CF SUMMIT in October 2016 in Las Vegas – they will pay your hotel and entrance fee to the conference. Just contact Elisha for details and suggestions!

Guust Nieuwenhuis, organiser of the meeting, then presented a brief overview of Bootstrap 4. After him came Damien Bruyndonckx, creator of the video courses on learning ColdFusion, that are currently available for free on the Adobe website.

Last but not least came Peter De Ranter, managing director of a software development company called Prosteps. He demoed Tilroy, an online POS that handles more than just sales, and which includes a webshop – that’s why Peter talked about “omnichannel“. What interested most attendees, of course, were the underlying technologies. As it turned out, Tilroy is a combination of a frontend running on a CFML engine, a Node.js-based dispatcher/controller/threading engine, and many dozens of Java microservices. The main database is stored in MongoDB, and everything runs on the Amazon cloud infrastructure. An impressive architecture, that probably wasn’t all too easy to set up, since the main focus of the product (apart from its features) is “performance”. And because of that need for speed, Tilroy uses just the Coldbox framework in combination with Bootstrap in the frontend – other frameworks were deemed too slow. Similarly, MongoDB turns out to be a lot faster than SQL Server when searching through hundreds of millions of “rows”.

All in all, I was glad to have assisted at this session – I learned a lot. Let’s see what comes up next time!

Read Full Post »

Somewhere around the start of 2008, I added the ‘varscoper‘ tool to my toolkit at work. If you don’t know this tool: ‘varscoper‘ will read your CFML code and indicate which undeclared local variables are left in your components and functions, waiting to inflict unexpected bugs and bad performance on your application. If you want to know why undeclared local variables can be so bad, start by reading Mike Schierberls thoughts on this subject – he’s the original author of the tool.

Thanks to a tip from Christopher Wigginton on cfml.slack.com, I was able to update my 2008 ‘varscoper‘ copy to version 1.4 of 2015. You’ll find the latest version on GitHub. This version still runs on CF8, but is already equipped to handle higher versions on Adobe CF as well – well, up to CF11 (and I’m not sure CF 2016 will be adding much new stuff that impacts ‘varscoper‘).

While integrating and testing the new version I stumbled upon a few small bugs in the file display code. First of all, ‘fileDisplay.cfm‘ never shows the two first characters of the first line of a file; secondly, it never shows the last line of the file either.

As a quick fix, I solved these problems with some extra “padding” to the file contents, like so:

        <cffile action="read" file="#URL.fileName#" variable="fileContent" />
        <cfset fileContent = "  " & fileContent & Chr( 13 ) & Chr( 10 ) />

But in fact, a good solution requires a bit of a change to the basic algorithm used in this code. You see, this code will only work correctly if and when used on files that use Windows-style end-of-line markers (i.e. “carriage return” CR + “line feed” LF). The number two in the term ‘lastLineStart + 2‘ of the line that outputs the code refers to the combined length of CR and LF, and thus disregards the optional character of the CR in the earlier ‘REFind‘ call. So there is still room for improvement (unless, like mine, your ColdFusion world is limited to Windows servers)…

Read Full Post »

Currently at work, my main project consist of the migration of all our ColdFusion (intranet) applications from CF9 to CF11. And that includes a migration from Windows 2003 to Windows 2012.

I’ll spare you the details of how I struggled to get Adobe CF11 up and running: let’s just say that the server I was assigned to was not a pristine, default Windows 2012 – and that turned out to be a major hurdle. But I managed to get CF up and running, with a little help from our server administrators. So now it’s a matter of testing all the apps in a new environment, all the while debugging the effects of the small and large differences between the old and new server configurations.

What I want to note here is, above all things, a few small actions on the server that make my life a lot easier. By the way, I’m assuming that you only have a single Apache Connector for all your CF applications. All paths given are relative to your ColdFusion root folder.

First of all, when installing ColdFusion hotfixes from Adobe, it is always a good idea to check whether or not the Apache Connector requires upgrading or reconfiguration. For a maximum of information on this subject, check out Charlie Arehart’s “CF911: Why/when you MUST update the web server connector for ColdFusion 10/11 and may have missed it”. Since I’m working on Windows, I have to remember to use “config/wsconfig.exe” (but that means two CF service restarts) or “cfusion/connectors/bin/Upgrade_all_connectors.bat” after stopping IIS and CF. It is above all essential to run either command as Administrator, or it won’t work!

Another good thing to know is that CF11 Hotfix 7 includes a modification of the connector to control whether or not IIS should replace error messages with its own (sometimes irrelevant) error pages. The IIS pages are the default, but they are easily replaced by changing the value of key “iis_skip_custom_errors_enable” to “true” in the file “config\wsconfig\1\isapi_redirect.properties”. Easy and useful, especially when you’re testing in different browsers on multiple client platforms.

Now all that’s missing in this context, is a tool to pick up the hotfix files from Adobe and store them in a simple HTTP update site where our intranet servers (without Internet connection, of course) can pick them up. I know – or at least, I assume – that I’m not the first one to deal with this situation, but I haven’t (yet) found such a script or application…

Read Full Post »

I have been using CFEclipse for many years. Is it the most complete and the best CFML editor in the world? No, probably not. But at work I am obliged to use Eclipse, and I prefer a somewhat lesser but sufficient solution in a single tool over switching from one tool to another. That’s why CFEclipse is on my list of favourite Eclipse plugins.
Today I tried updating my ageing plugins with the latest, only to find out that there is no way to install the latest “stable” version of CFEclipse through the standard Eclipse mechanism. The problem is known in the GitHub CFEclipse repository in 2014: Eclipse reports an “unsatisfied dependency on bundle org.eclipse.search [3.9.0,4.0.0)“. Unfortunately, until today no real action has been taken to redress the situation. At first sight it looks like a silly typo (did you notice the closing parenthesis that should be a square bracket?)…

I have no experience with the development of Eclipse plugins, and I don’t have the time to study the subject – but how hard can it be to correct this bug? In an active project, this would have been solved a year ago. Is CFEclipse really dying? Is there a better way to develop in CFML using Eclipse? Or is this just an example of a small open-source project that’s left to die when its creator leaves?

Read Full Post »

Older Posts »