I'm doing a site in coldfusion8/mysql 5.0.88 with the front end in Jquery Mobile. I'm also using the photoswipe.js plugin, which allows images to be zoomed and browsed in a separate view layer.
To setup photoswipeable images, I need to output
<cfoutput>
<a class="swipeMe" rel="external" href="#variables.imageSrc#">
<img src="#variables.imageSrc#" class="adaptImg ui-li-thumb" />
</a>
</cfoutput>
The problem is imageSrc is supplied by users, so I have to grab/validate/resize the image before displaying it AND I need the path of the image for the photoswipe-link.
I have been fiddling with this for a while and came up with the following solution:
// read img from user specs
<cfimage name="myImage" source="#bildpfad##bilddateiname#" action="read" />
<cfif IsImage(myImage) is true>
// resize
<cfscript>
ImageSetAntialiasing(myImage,"on");
variables.breite = 400;
ImageScaleToFit(myImage, variables.breite,"", "highestPerformance");
</cfscript>
// write to xml, so I can get the path
<cfxml variable="imageXml">
<cfimage quality=".5" action="writetobrowser" source="#myImage#" class="adaptImg ui-li-thumb"/
</cfxml>
<cfset variables.imageSrc = imageXml.xmlRoot.xmlAttributes.src>
// output
<cfoutput>
<a class="swipeMe" rel="external" href="#variables.imageSrc#">#imageXml#</a>
</cfoutput>
</cfif>
While this works it pretty much stalls the application and memory seems to leak as well, because I'm loosing more and more memory as I'm running this.
Question:
Is there any obvious problem with the above code causing memory leaks? I imagin the images are being written to some sort of temporary directory (CFFileservelet?) and stay there for a while blocking my memory. If so, what would be alternative approaches to handling this in an image search?
Thanks!
Why not just create a /tmp folder on your server, and write the manipulated images there, like:
<cfset newImageName=CreateUUID()&".jpg">
<cfimage action="write" destination="/tmp/#newImageName#" source="#myImage#">
Then you can use it:
<cfoutput>
<a class="swipeMe" rel="external" href="/tmp/#newImageName#"><img src="/tmp/#newImageName#" class="..."></a>
</cfoutput>
Sample scheduled task to delete temp files:
<cfdirectory action="LIST" directory="#expandpath('tmp/')#" name="tempfiles" filter="*.jpg">
<cfloop query="tempfiles">
<cfif dateadd('h',24,dateLastModified) lt now()>
<cffile action="DELETE" file="#expandpath('tmp/')##name#">
</cfif>
</cfloop>
Related
I have
<form action="?#cgi.query_string#" method="post" ...
The cgi.query_string comes in with an indefinite number of variables. I tried using
<form action="?#EncodeForURL(cgi.query_string)#" method="post" ...
Should I be doing any kind of escaping?
You are using method="POST" in your form tag. So you're trying to have a page with both a query string (URL scope) and a form body (FORM scope), correct?
I'm not sure that's best practice or even allowed by some browsers (I read elsewhere they'll strip query strings on POST actions).
The best solution might be to make the action either GET or POST, and loop through the query string making each item a hidden input?
<cfloop list="#CGI.query_string#" delimiters="&" index="i">
<input
type='hidden'
name='#listFirst(i, "=")#'
value='#listLast(i, "=")#'
/>
</cfloop>
As you say, you can't do this. Your specific question was whether you should do any escaping. The answer to that is "yes" and the location is going to be on the backend, parsing the query string.
<cfoutput>
<form action='?#CGI.query_string#' method='POST' class='form-horizontal bordered-group' role='form' id='test'>
<input
class='form-control'
type='text'
name='formvar'
/>
<input
class="btn btn-primary btn-lg btn-block"
type="submit"
value="Submit"
/>
</form>
</cfoutput>
Will submit a form to the same page, with the FORM scope present, the URL scope present, and the CGI.query_string defined. The CGI.query_string will have url formatting (%20 for space, etc). The FORM and URL scopes will already be decoded (%20 converted to space, etc).
It seems the crux of your question is really about security and sanitization. In which case you'll want to examine encodeForHTML() (Adobe Docs for encodeForHTML()).
Obviously, this isn't 100% foolproof, since I don't know the details of your code and what you do with the input. But those sanitization functions should be a good start.
So very generally, if you use the URL scope, use encodeForHTML(), and if you use #CGI.query_string#, it will be URL-encoded.
I am using liferay search container to display tables data. In one of the field, I need to display the HTML code as given. My question is How to Display html code in browser. My code is as follows.
<liferay-ui:search-container-column-text property="question" name="Question" />
You could do something like this:
<liferay-ui:search-container-column-text name="Question" >
<div class="question"><%= nameOfTheObjectInCollection.getQuestion() %></div>
</liferay-ui:search-container-column-text>
I have many domains (www.vf1.com, www.vf2.com, www.vf3.com etc) which all point to my main domain (www.vf.com). How do I do a 301 redirect from these other domains to my main domain?
So if someone hits www.vf1.com/news/1234 they should get redirected to www.vf.com/news/1234
I also have domains such as images.vf.com, css.vf.com and js.vf.com that I don't need redirecting
I'm using ColdFusion 8 on IIS (but I don't have access to IIS at the moment)
I tried the below on a URL such as http://www.festivalreviews.co.uk/latest/news/14500 but it gets redirected to http://www.virtualfestivals.com/index.cfm
<cfif cgi.http_host IS 'www.festivalreviews.co.uk'>
<cfset jjURL = 'http://www.virtualfestivals.com' & CGI.PATH_INFO>
<cfheader statuscode="301" statustext="Moved Permanently">
<cfheader name="Location" value="#jjURL#">
</cfif>
Thanks
I agree with Adam, if possible, this would probably be better handled using your web server. Having said that, I have had to do similar things in the past with ColdFusion. When I need to rebuild URLs I typically use different CGI variables than what you tried. See if this works for you.
<cfif CGI.SERVER_NAME IS 'www.festivalreviews.co.uk'>
<cfset jjURL = 'http://www.virtualfestivals.com' & CGI.SCRIPT_NAME>
<cfif CGI.QUERY_STRING NEQ ''>
<cfset jjURL = jjURL & '?' & CGI.QUERY_STRING>
</cfif>
<cfheader statuscode="301" statustext="Moved Permanently">
<cfheader name="Location" value="#jjURL#">
</cfif>
CGI.SERVER_NAME - Server's hostname, DNS alias, or IP address
CGI.SCRIPT_NAME - Virtual path to the script that is executing
CGI.QUERY_STRING - Query information that follows the ? in the URL that referenced this script
You can read more about the CGI variables in the documentation here.
Since ColdFusion 8, I use <cflocation> (because CF8 added the statusCode attribute) for these kinds of redirects.
<cfif CGI.SERVER_NAME EQ 'www.festivalreviews.co.uk'>
<cfset jjURL = 'http://www.virtualfestivals.com' & CGI.SCRIPT_NAME>
<cfif CGI.QUERY_STRING NEQ ''>
<cfset jjURL = jjURL & '?' & CGI.QUERY_STRING>
</cfif>
<cflocation url="#jjURL#" addtoken="no" statuscode="301">
</cfif>
<cflocation> documentation: https://wikidocs.adobe.com/wiki/display/coldfusionen/cflocation
I'm exporting from ColdFusion 9 to Excel and I want to set the page orientation and scaling so the exported excel document fits to page and prints landscape. How to accomplish this?
Edit with solution:
Thanks for the assistance. The page-orientation setting worked as advertised.
I used the following hack to get it to fit to page width.
This page contains documentation on the various settings that are possible:
http://msdn.microsoft.com/en-us/library/Aa155477%28office.10%29.aspx
<cfheader name="Content-disposition" value="attachment;filename=export.xls">
<cfcontent type="application/application/vnd.ms-excel">
<!---
mso-page-orientation:landscape causes the exported excel spreadsheet to be printed landscape.
Setting Scale=45 causes the printout to fit to page width for me.
Per the documentation, I should be able to set
<x:Print><x:FitWidth>1</x:FitWidth><x:FitHeight>32767</x:FitHeight><x:ValidPrinterInfo/></x:Print>
but it doesn't want to work.
The width and height appear correctly in the Page Setup dialog, but the 'Adjust to' scale size
radio button remains selected instead of the 'Fit to' one page wide by 32767 tall radio button.
--->
<HTML xmlns:x="urn:schemas-microsoft-com:office:excel">
<HEAD>
<STYLE>
<!--table
#page {mso-page-orientation:landscape;}
-->
</STYLE>
<!--[if gte mso 9]><xml>
<x:ExcelWorkbook>
<x:ExcelWorksheets>
<x:ExcelWorksheet>
<x:WorksheetOptions>
<x:Print>
<x:ValidPrinterInfo/>
<x:Scale>45</x:Scale>
</x:Print>
</x:WorksheetOptions>
</x:ExcelWorksheet>
</x:ExcelWorksheets>
</x:ExcelWorkbook>
</xml><![endif]-->
</HEAD>
<BODY>
<cfoutput>
<cfloop from = "1" to = "#arrayLen(reportItems)#" index = "i">
<table cellpadding="1" cellspacing="1" bgcolor="dcdcdc" width="100%" border="1">
... table contents ...
</table>
</cfloop>
</cfoutput>
</BODY>
</HTML>
IIRC there is nothing baked in. But you can tap into the underlying workbook and use a little POI magic. (Note, these print settings are applied per sheet)
<!--- get the underlying poi sheet --->
<cfset poiSheet = cfSheetObject.getWorkBook().getSheet("TheSheetName")>
<cfset ps = poiSheet.getPrintSetup()>
<cfset ps.setLandscape(true)>
<!--- fit to one page --->
<cfset ps.setFitHeight(1)>
<cfset ps.setFitWidth(1)>
You can use a trick documented on this page:
How to format an Excel workbook while streaming MIME content
Basically, you output a standard HTML table of data that you would like opened as an Excel spreadsheet. You also have to specify the mime-type for Excel, and for good measure I also like to specify the content-disposition header to prompt for a better download file name.
<cfcontent type="application/msexcel"/>
<cfheader name="content-disposition" value="attachment; filename=myFile.xls">
The key to your specific formatting question, then, is also found in that above link. You need to include a <style> block with the MS Office-specific CSS rule mso-page-orientation:landscape;. From that link:
<style>
<!--table
#page
{mso-header-data:"&CMultiplication Table\000ADate\: &D\000APage &P";
mso-page-orientation:landscape;}
br
{mso-data-placement:same-cell;}
-->
</style>
This should handle the page orientation question. One thing to note - Office 2007 and newer will warn users about differing content types when opening this file. It's simply an annoyance (that can be disabled with a registry update); everything will still work and function as needed.
I don't see any attributes to accomplish this in the cfspreadsheet tag. From adobe site:
<cfspreadsheet
action="write"
filename = "filepath"
format = "csv"
name = "text"
overwrite = "true | false"
password = "password"
query = "queryname"
sheetname = "text"
>
You may have to do that after the export in Excel using print ranges or something similar.
Let CF manage exporting the correct data, let Excel handle the formatting/printing.
I am using this code:
<div class="infobox-pair">
<div class="ibp-left">
<iframe width="105" height="350" frameborder="0" scrolling="no" style="width: 311px; height: 105px;" marginwidth="0" marginheight="0" name="infobox_flight" id="ibp-left-iframe" src="http://mywebpage.com/paris"></iframe>
</div>
<div class="ibp-right">
<iframe width="105" height="350" frameborder="0" scrolling="no" style="width: 311px; height: 105px;" marginwidth="0" marginheight="0" name="infobox_package" id="ibp-right-iframe" src="http://mywebpage.com/lisbonne"></iframe>
</div>
That is displaying into the same div two different iframes. When I display the page whatever the browser it happens that I can get the same content for both the iframes even if looking at the source code the iframe are still different (based on their src and id).
It doesn't happen 100% of the time, I have to refresh sometimes several times to see it.
Do you have any clue ?
Thanks in advance
One thing to keep in mind, when you refresh in IE and some other browsers, the browser will retain the "current" src="" value for iframe, so if you navigated around a bit in the iframes, then hit F5, the current last navigated path for each iframe is still in the iframes. Is it possible you navigated to the same page somehow?
The only reliable way to get the iframes to "Reset" back to their initial src values on a refresh(f5) is to use javascript to set their src as a part of the page load event. I recommend setting the initial src in markup to just "about:blank" and alwyas programatically change it.
This has been a long time answered but have some additional info that might help web developers.
If you have loaded iFrame 1 in the browser before, then the newly added iFrame 2 will show the same content, even after refreshing multiple times. Try hitting Ctrl + F5, or clearing your temp files in browser, this can reset the iFrame src to it's correct value.