ColdFusion 9 64-bit JRun connector

I saw a LinkedIn post recently that someone was looking for the ColdFusion 9 64-bit JRun connector, and that it was not found where they were looking for it. I have a copy saved, so here it is if you need it.

ColdFusion 9 64-bit JRun connector

What I Learned Today: AJAX saves IE's ass yet again...

Today's installment of "Why IE Sucks" goes as follows:

A form has an electronic signature capability. The eSign form opens in a popup window via window.open(). The form has server side code that checks for a valid referring page via CGI.HTTP_REFERER. If a proper referring page is found, display the form. If not, block access.

Easy and simple. And IE won't allow it to work.

Unlike all other browsers tested, IE doesn't pass the parent window's URL in the HTTP_REFERER value. It passes nothing. Why? No idea. But this required a new solution to the problem.

AJAX to the rescue.

JavaScript has no problems getting the URL of the parent window via window.opener.location.href. So here are the changes made.

  1. Everything inside the BODY tag of the eSign form is pulled from the form page. This leaves a skeleton HTML file in place when the page is opened.
  2. On the page load, jQuery makes an AJAX call to a remote function, and passes along the value of window.opener.location.href in a POST.
  3. The remote function has server-side code that can compare the passed referring URL to a list of accepted access points. If one is found, the HTML of the form (taken from the eSign form) is sent back. If not, an access denied message is sent back.
  4. The success call of the AJAX function writes the returned HTML to the BODY tag.

This is cross-browser, and secure in that people have no access to the list of accepted access points since it's all server side. Makes hacking this difficult at best.

Suck on it, IE.

Some example snippets below.

view plain print about
1<!DOCTYPE HTML>
2<html>
3    <head>
4        <title>Electronic Signature Form</title>
5        <InvalidTag charset="utf-8">
6        <InvalidTag content="text/html;charset=utf-8" http-equiv="Content-Type">
7        <InvalidTag content="utf-8" http-equiv="encoding">
8        <link href="styles.css" rel="stylesheet" type="text/css">
9        <InvalidTag type="text/javascript" src="jquery-1.7.1.min.js"></script>
10        <InvalidTag type="text/javascript" src="eSign.eSign-form.js"></script>
11    </head>
12    <body class="popup">
13    </body>
14</html>

view plain print about
1$(document).ready(function(){
2    // AJAX global setup options
3    $.ajaxSetup({
4        cache: false,
5        dataType: "json"
6    });
7    // get the form
8    $.ajax({
9        async: false,
10        type: "POST",
11        url: "components/remote.cfc?method=geteSignForm&returnformat=json",
12        data: {
13            referer: window.opener.location.href
14        },
15        success: function(response){
16                $('body.popup').html(response.responseText);
17        },
18        error:function(xhr,err){
19            alert("readyState: "+xhr.readyState+"\nstatus: "+xhr.status);
20            alert("responseText: "+xhr.responseText);
21        }
22    });
23});

view plain print about
1<cffunction name="geteSignForm" output="false" access="remote" returntype="string" hint="gets the eSign form">
2    <cfargument name="referer" type="string" required="true" />
3    <cfif (findnocase('access/point/1/',arguments.referer)) or (findnocase('access/point/2/',arguments.referer))>
4        <cfsavecontent variable="local.formHTML">
5            [eSign form HTML here]
6        </cfsavecontent>
7    <cfelse>
8        <cfset local.formHTML = '<h1>You are not authorized to view this page.</h1>' />

9    </cfif>
10    <cfreturn local.formHTML />
11</cffunction>

What I Learned Today: IE and Cached AJAX requests

Ran into an issue today that all developers using jQuery and AJAX should be aware of.

IE, as a rule, will try and cache all GET requests as much as possible. This includes AJAX requests. So if you absolutely need the freshest data from an AJAX call each time, add cache: false to your $.ajax() arguments. You can do this in each individual call, or you can set it up globally for all $.ajax() calls on a page using $.ajaxSetup(). Not sure if $.ajaxSetup() will cover $.get() calls as well, have not tried it.

Relevant blog post: http://stackoverflow.com/questions/4303829/how-to-prevent-a-jquery-ajax-request-from-caching-in-internet-explorer

This is an IE-only issue. Exists on all versions up through 11.

What I Learned Today: ColdFusion has a rounding problem

File this one under "frustration" or "confusing".

It seems that our beloved ColdFusion rounds numbers with repeating decimals for you when doing division, even when you don't want it to. Consider the following equations:

view plain print about
160 / 55                        = 1.0909090909
240 / 55                        = 0.7272727273
31.0909090909 / 0.7272727273        = 1.4999999999
4(60 / 55) / (40 / 55)                = 1.5

The last line is what CF9 displays. Terrible.

When using numberformat(), it took me giving it a mask of 15 places to get it to show 1.499999999999998, If I dropped it to 14 places, it showed 1.50000000000000.

This makes CF unusable for exact math.

JavaScript, on the other hand, does no such rounding. It gives you the divided number as-is, no rounding.

Bad Adobe.

Last Night On Twitter...

This is not one of my normal posts, be forewarned.

Last night, my alma mater (Appalachian State) lost a football game to an inferior team. That's not an opinion, it's a fact backed up by the game stats. But upsets happen (hello, we were part of one of the biggest ones in college football) and while it certainly was a black eye for us in the sports arena, that was all it was limited to.

Then the actions of a teenage girl made it an embarrassment in the real world.

The school we lost to, North Carolina A&T, is an HBCU (Historically Black College or University). This girl, a freshman at ASU, fired off what can only be described with one term: a hateful racist tweet.

There is no excusing the actions of this girl. It was an inexcusable thing to do. As an alumnus and booster of ASU, I was completely embarassed that I had any kind of connection to her. I even called her out on Twitter.

As the night went on, I decided to follow the reaction to this. It was, as you'd expect, not pretty. A lot of anger was thrown out by A&T supporters, and rightfully so.

But then it started to turn ugly, as I feared it might. At first most of the attack on her was limited to calling her out for the racist tweet. Within hours of this, it looks like she deleted her Twitter account.

But people found her on Instagram, and there is where it got really ugly. Almost every one of her photos were bombarded with comments calling her out for being a racist. And then it went into attacking her family on photos that had them in it. And then it crossed the line.

This girl had, stupidly in my opinion, posted her phone number on one of her social media accounts. They found it, and reposted it out for people to "go get her". Then I read comments that completely crossed the line.

"Your life is over [expletive]!"

"I know [her hometown] like the back of my hand."

"we gonna hunt you down"

At this point the line had been crossed. Instagram has a nice feature where you can report comments for a variety of things, including harassment. I reported the most egregious ones (including the repostings of her phone number, and they were immediately taken down. Good for you, Instagram. Nicely built feature to protect people, even if it is ultimately from themselves.

So here is my final thoughts on this. What this girl did was unforgivable. It also is a teachable moment, and I hope that the events of last night gave her a real slap in the face (figuratively) of just how wrong that was. On the flip side, I frankly hope she is safe. Responding to hate with hate (especially towards a teenage girl) does not solve anything.

What I Learned Today: Addendum to running CF9 and CF10 together

Before any of this makes sense, you need to understand the contents of these blog entries:

Co-existence of ColdFusion9 and ColdFusion10 using Apache web server

ColdFusion 9 and ColdFusion 10 Together - Behind Apache HTTP Server

Optional: Installing ColdFusion 10 under MAMP Pro 2 on OS X Lion

My setup is MAMP PRO on OSX Mountain Lion. A few things I had to do to make this work:

  1. Do NOT install the built in web server on port 8500. Go through and configure the MAMP PRO server in the install. You will have to redo it again using the wsconfig utility afterwards, but setting it up on port 8500 never allowed this to work.
  2. Configure your CF9 virtual hosts to have the CF9 JRun settings in the "Customized virtual hosts general settings" section for each host.
  3. Manually edit your httpd.conf template in MAMP PRO for CF10, but only add these lines:

    LoadModule jk_module "/Applications/ColdFusion10/config/wsconfig/1/mod_jk.so" JkWorkersFile "/Applications/ColdFusion10/config/wsconfig/1/workers.properties" JkShmFile "/Applications/ColdFusion10/config/wsconfig/1/jk_shm"

    Do not put in this line:

    Include "/Users/rob/Library/Application Support/appsolute/MAMP PRO/mod_jk.conf"

  4. In each CF10 virtual host, put the remainder of the lines found in mod_jk.conf into the "Customized virtual hosts general settings" section for each host. Do NOT put the lines added in the previous step into the virtual host settings, Apache will not start.

Once I had this figured out, I was able to get it all to work!

On Frameworks, and their Evangelists

Let me start this entry with a clear statement.

I have no problem with frameworks, as a rule. If asked to use one for a project, I would do so without complaint. But if given a choice, I will use my own time-tested processes instead.

Okay, now onto the rest of the entry.

Last night I got into a twitter discussion with someone who is clearly an evangelist of CFML frameworks. His position is that anyone not using a framework is, in his exact words, "crazy". I greatly differ with that opinion, and it broke down pretty quickly when he was confronted with someone with a dissenting opinion. I offered him to contact me outside of Twitter to continue, but he has not responded. So consider this my response.

I have spent the majority of my 15 years using CFML not using frameworks. The last 8 years I have been part of a team that has put together a very solid set of coding standards for our development team, with a few rules (backend work in components, putting stored variables in the proper location for their intent, etc.) and with that we have turned out multiple applications for the Department of Education that are stable, fast, promote code reuse, and scalable. The biggest proof in our processes are that when new developers join our team, there is little in the way of a learning curve to do things "our way".

In my free time, I have tried out three different frameworks: FW/1, Fusebox, and Mach-II. All were fine. None of them wowed me in any way that made me think I should propose getting away from our processes and use a framework instead. A framework is an organization tool, nothing more and nothing less. It defines rules for how one must code. It sets up boundaries. It may even limit creative freedom (that's just a gut feeling on my part). They are useful, especially for a disorganized team or a junior level developer making their way into the CFML world.

It is not, however, the end-all, be all. I have seen both sides of this argument, and in the end I say what I have always said: It doesn't matter what tools you use to code, only one thing matters - the people developing the code. A great developer not only knows what can be done, they also must know when the right time to use it is. There are great developers that use frameworks religiously. There are also great developers that do not.

Now for the bigger issue at hand. Frameworks biggest problem right now is their supporters. These people range from supporters to evangelists to outright zealots. And the problem with them is that most of them get belligerent when you don't fall into complete agreement with them. Their weapon of choice is to attack or put down people once they realize the person they are talking to doesn't fall in line with them. And that's sad. It also builds a level of resentment that is unnecessary.

So here's a tip to them: if you want to convince people to come to your side of thinking, use logic instead of putdowns. And realize that what works well for you is not going to work well for everyone, and that's okay. In the end, there will always be a human element to software design and that means that there is no one right way to do things. That's a GOOD thing, too.

Quick Hits - A Possibly Handy Guide - CFSPREADSHEET fill colors

Lately I have been using CFSPREADSHEET on work projects. I love the tag and the associated functions. But one thing has been missing from all the associated documentation I can find.

What exactly are the colors you can use for text and fill?

CFSPREADSHEET uses the colors from the org.apache.poi.hssf.util.HSSFColor class, and Adobe and others are nice enough to provide a list of the names. But when I want to pick a color, I like to, you know, SEE the colors!

So, as a help to myself (and maybe some others), I whipped together a spreadsheet with each of the colors available for use. If you find it useful, great!

The download is available here.

What I Learned Today - Getting around AdBlock Plus

I was making small edits to my blog, adding 2 banners to my site for my hosting company and for CFBloggers. They were basic IMG tags, nothing special. But the one for Hostek was not showing up in Firefox when I was testing the changes out. For the life of me I had no idea what was going on, Firebug was showing it to be hidden, and some weirdly named class being attached to it.

After a bit, I ran across a post on HTML Forums that showed me the culprit - AdBlock Plus.

Seems that AdBlock did not like the way the banner image was named (ht_460x68.gif). Specifically the "_460x68" part was being caught (I saw this in the filtering information from teh AdBlock Plus toolbar button). So a quick change of the banner filename, and problem solved!

Verity, OS X, and VirtualBox

This is a follow up entry to one I wrote about using Verity when your CF runs on OS X.

Recently, I changed my virtualization engine from VMware Fusion to VirtualBox. The lone downside to this I have had is that, unlike VMWare, VirtualBox does not allow you to access files on the guest OS (Win7 for me) from the host (OS X). This made my setup for using Verity unusable.

But, as times of need often tend to do, it birthed a new way of doing this. Probably a better one all told. I now host all of the collections and the files they index locally in OS X, and the Verity K2 server on Win7 reads and manipulated them from there. This allows Time Machine to back up these files, which is a plus.

Here are the changes I had to make to make this happen.

  1. Delete the soft link for /opt/coldfusion in OS X, and create a physical directory in its' place.
  2. Copy the collections and documents from Win7 into /opt/coldfusion
  3. In VirtualBox, create a Full Access, Auto-Mounted Shared Folder to /opt/coldfusion. Restart the guest OS for it to take effect.
  4. In Win7, delete the physical folder C:\opt\coldfusion, and replace it with a soft link to \\vboxsvr\coldfusion\. I used the open source Directory Linker tool to do it.
  5. In CF Admin on OS X, update the IP address of the Verity K2 server to the new guest IP (if neccesary).
  6. Purge the existing collections, and re-index.

That's it!

More Entries