64 Bit ColdFusion with 32 Bit Open Office

If you’re running a 64 bit ColdFusion installation and want to use cfdocument to convert Word, Excel, or PowerPoint files to PDF you may encounter an issue with an incompatibility between the 64 bit dll for ColdFusion and the 32 bit dll for Open Office. Java can’t load and run them both to work together. The good news is that there is a workaround for this issue. You’re going to need to: Download the latest version of Open Office from openoffice.org to your server and install it (you can use the default locations during the installation). Download the Non Sucking Service Manager (NSSM) from nssm.cc and simply save it into a convenient folder – no installation needed. You will then create […]

ColdFusion Error: Truncated class file

I was getting an oddly unhelpful error message when working on some ColdFusion development. Code that I knew ran okay on our development server was having an issue when setting it up to run on my local server. The error simply read “Truncated class file”. It turned out that the settings in the ColdFusion administrator had the component files setup to cache – which you don’t want on a development server where they are frequently changing. So, under Server Settings > Caching I unchecked the Save class files checkbox and used the buttons to clear the cache and everything was working again. Why was this breaking, probably a result of switching between branches in git and / or a file […]

Test and deploy HAProxy Config

We faced a problem that we thought could use an automated strategy; our HAProxy configuration files were getting larger and more complicated and more prone to a small error resulting in the service not restarting appropriately. We currently use Buddy.Works to manage some of our code deployments and we’ve found a relatively simple way to accomplish this. We created a new repository, commited our base HAProxy configuration, setup our pipeline to grab the official haproxy docker instance and run the following: groupadd haproxy && useradd -g haproxy haproxy mkdir -p /etc/ssl/private/ cp dummy.pem /etc/ssl/private/dummy.pem cp haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg haproxy -c -f /usr/local/etc/haproxy/haproxy.cfg This will create and add the appropriate user/group that our HAProxy runs under, copies over a dummy certificate to […]

Updating Git Remotes in Tower for Mac

We recently made the switch to using a new software as a service build and deployment tool. During that switch we needed to change over our Git repositories to the new remote URLs. I am using Tower for Mac and couldn’t find a way to make the switch via the app. It simply doesn’t handle custom server authentication well. Here is what I did to get things working again. Open Terminal or iTerm2 if you have it installed Navigate to the folder with your website files in it In my case it was my Sites folder and then picking the correct sub folder Once there you can run: git remote -v This will show you the current remote server URLs […]

Nest Protect and Thermostat Integration Needed

I’m at that ten year mark when I need to replace all the smoke detectors in my house. I’m looking at the items on the market and in reviewing the Nest Protect I noticed a huge missed opportunity. I have a Nest Thermostat and love it. However, one shortcoming it has it that the temperature can vary a lot between where it is placed and the other rooms in the house. I have to put a smoke detector in almost every room to be up to code. If those also had a temperature sensor and could communicate to the thermostat then I could easily adjust or set rules when the bedroom is too hot or cold compared to the kitchen […]

Tower, Git, Springloops, Xcode and Authentication Errors

I installed an update to XCode and subsequently found I could not connect to git repositories on Springloops using Tower on macOS Sierra (that’s a nice pile of software). I was getting Authentication errors in Tower when trying to reach the repository. After trying a bunch of things to reconnect and getting rather frustrated by the whole thing I finally found that I need to agree to the XCode license again in order to use git. To do so open up Terminal and type: sudo xcodebuild -license Then hit space a bunch to get to the bottom of the license. Once you do you’ll be prompted to type the word agree. Once you do that quit Tower and start it […]

Docs Onsite Updates

We’ve added a few new features to Docs Onsite. Docs Onsite is the document and project management system that we’ve developed. We’ve been really pleased to see how it has worked for other client based companies who need to manage large quantities of documents with clear, simple, auditable access controls and logging. It is also how we manage our internal tasks, calendars, files, time tracking (which exports to QuickBooks for billing), support tickets, and bug tracking. The latest features are small looking updates, but are both very useful. We’ve added tagging to the Tasks, with color coding. This has really helped make it easy to quickly filter the task list to a related group of tasks. We’ve also integrated a […]

ColdFusion SQL Security

It’s common when working on a web application to interact with a database to read, insert, update, or delete data. In doing so you must take care when using variables in your SQL. The input may be coming from a search form or passed in the URL, but wherever it comes from there is a risk of SQL Injection, Cross Site Scripting or other attacks on your system. ColdFusion provides a few helpful tools for preventing people from executing malicious SQL queries or executing JavaScript injected into your database. One is the cfqueryparam tag. Assuming we set first_name = “Kevin” This would look something like this SELECT u.first_name, u.last_name FROM users u WHERE u.first_name = <cfqueryparam cfsqltype=”CF_SQL_VARCHAR” value=”#first_name#”> This will […]

Stopping Exchange 2016 Same Domain Spam Spoofing

We recently converted over to using Exchange 2016 for our internal email hosting and we were immediately buried in spam. Initially we enabled the exchange built-in spam protection and it just wasn’t cutting it. We expanded out and got ourselves BitDefender Exchange Protection which promptly dropped our spam rate almost overnight. However, we were still getting emails from our own domain @infinitewebdesign.com. The best places we found to combat this involved removing the permission: ms-exch-smtp-accept-authoritative-domain-sender in the active directory for the receive connectors. This, thankfully, allowed BitDefender to at least classify them as spam, but we were still able to be spoofed. A simple telnet to our server like so: >telnet <server_ip_here> 25 >EHLO >MAIL FROM: test@<domain_here> >RCPT TO: someone@<domain_here> […]

A Quick Note on XMLSearch.

For a long time, we have considered the use of XMLSearch slow compared to working through an xml object as a standard ColdFusion structure. However, recently we have discovered that XMLSearch is actually comparable in speed to the structured approach and it was just our way of using it that was causing the slowdowns. It turns out that that we were using the “//” XPath operator at the beginning of our calls to XMLSearch regardless of where the XMLDoc object that we were supplying was pointing to.  This would cause the search function to go to the root of the document and search the whole tree.   Removing the “//” operator from the XPath portion of the call forces ColdFusion […]