CF Summit West in Las VegasAt Resorts World - New venue!!! Sep 30 - Oct 1st for the Conference
Oct 2nd for the Certification
https://cfsummit.adobeevents.com/Pricing
$99 for the Session Pass right now.
Coupon code might be in your email if you are a previous attendee for even better pricing
$199 for the Professional Pass - include Certification Training on the 2nd of Oct.
https://cfsummit.adobeevents.com/register/registration/select Call for Speakers is Open!!!
https://cfsummit.adobeevents.com/speaker-application/ Accommodations
Resorts World
3000 S Las Vegas Blvd,
Las Vegas, NV, United States, Nevada
Looking for accommodations?
We've secured exclusive, low room rates of $105 + taxes/day especially for our attendees! Easy and hassle-free booking is just a click away.
Secure your spot now to make the most of your trip with comfortable and affordable accommodations
Ortus - Workshop - TBA
ITB 2025 More conferencesNeed more conferences, this site has a huge list of conferences for almost any language/community.
https://confs.tech/Blogs, Posts, and Videos of the Week5/1/24 - Blog - Robert Zendher - KISDigital - Tidying up HTML with jSoup: Part DeuxThe output of commandbox-ssg has always been something that makes my OCD tingle. When build generates a site, templates are rendered in steps: first the view gets rendered, the next step is to render the page layout around the view, and finally the layout is applied. Due to how things are processed the indentation is "chunky" and the rendering process will also generate blank when processing the CFML templates.
The output is not bad, it just is not great. The Solution: jSoup
https://kisdigital.com/posts/2024/04/tidying-up-html-with-jsoup-part-deux5/3/24 - Blog - Robert Zendher - KISDigital - The Law of Unintended ConsequencesI was feeling pretty good about myself when I managed to post-process commandbox-ssg HTML output using jSoup. The downside, as I learned after the fact, non-HTML files were still getting the same treatment. By default jSoup uses an HTML parser and will wrap the output in html and body tags if they do not exist in the input html. Needless to say, that does not bode well when your sitemap.xml or an RSS feed is wrapped in HTML tags.
https://kisdigital.com/posts/2024/05/the-law-of-unintended-consequences5/8/24 - Blog - Harsh Jaiswal & Rahul Maini - Hacking Apple - SQL Injection to Remote Code ExecutionIn our last blog post, we delved into the inner workings of Lucee and took a look at the source code of Masa/Mura CMS, and the vastness of the potential attack surface struck us. It became evident that investing time in understanding the code could pay off. After dedicating a week to our exploration, we stumbled upon several entry points for exploitation, including a critical SQL injection flaw that we were able to exploit within Apple's Book Travel portal.
In this blog post, we aim to share our insights and experiences, detailing how we identified the vulnerability sink, linked it back to its source, and leveraged the SQL injection to achieve Remote Code Execution (RCE).
https://blog.projectdiscovery.io/hacking-apple-with-sql-injection/
5/6/24 - Blog - Ben Nadel - Where Does Serialization / Deserialization Belong In A Database Access Workflow?A ColdFusion web application is composed of a series of nested abstractions. Each abstraction layer hides some level of private detail and exposes data for public consumption. For most of the work that I do, the exposed data is one dimensional. But, on occasion, I need to store complex object structures. As a simple example, I might have a MySQL table with a JSON column. Which means that each record that I read from said database table contains both normal data and serialized data. Which begs the question: where in the data access workflow should the embedded serialized data (JSON) be deserialized?
https://www.bennadel.com/blog/4649-where-does-serialization-deserialization-belong-in-a-database-access-workflow.htm5/12/24 - Blog - Ben Nadel - Experimenting With SQLite JDBC Connections In Lucee CFMLAlthough SQLite has been around for almost 25-years, it seems to be having a moment. In the past year or two, I've heard many people discuss the power of embedding SQLite databases within an application. I've never looked at SQLite before; and, I don't think it necessarily makes sense in the context of a ColdFusion web application; but, as a fun exploration, I wanted to see if I could get ColdFusion to connect to a SQLite database.
https://www.bennadel.com/blog/4653-experimenting-with-sqlite-jdbc-connections-in-lucee-cfml.htm5/13/24 - Blog - Ben Nadel - Creating On-The-Fly Datasource Connections In Lucee CFMLIn yesterday's post on connecting to SQLite databases using JDBC in Lucee CFML, I was creating and consuming a new, user-specific datasource on every page request. In order to do this, I made use of a technique that I only just learned about from the CommandBox Book written by Ortus Solutions. Apparently, in Lucee CFML, you can provide the CFQuery datasource attribute as a struct instead of a string.
https://www.bennadel.com/blog/4654-creating-on-the-fly-datasource-connections-in-lucee-cfml.htm5/14/24 - Blog - Ben Nadel - Creating In-Memory SQLite Databases Using JDBC In Lucee CFMLIn my first look at connecting to SQLite databases using JDBC in Lucee CFML, I was creating physical database files and synchronizing them between my Docker container and my host machine. But, in an experimentation context, there may not be any need to persist the database state across container restarts. In such a context, I could have used SQLite's in-memory database mode to explore the SQLite space without having to worry about persisting data to disk.
https://www.bennadel.com/blog/4655-creating-in-memory-sqlite-databases-using-jdbc-in-lucee-cfml.htm5/18/24 - Blog - Ben Nadel - Experimenting With Low-Level SQLite Access In Lucee CFMLIn my first look at accessing SQLite databases in ColdFusion, I was using a Lucee CFML specific feature that allows for creating on-the-fly datasources in the CFQuery tag. As a follow-up experiment, I wanted to see if I could use lower-level Java methods—in the java.sql package—in order to access SQLite without having to rely on Lucee-only features.
https://www.bennadel.com/blog/4657-experimenting-with-low-level-sqlite-access-in-lucee-cfml.htm
5/17/2024 - Blog - Robert Zendher - KISDigital - Setting up your first BoxLang ServerIt is easy to get started working with BoxLang, but I thought I would put together a quick post on how to get started with a development server. The first step is to setup your webroot.
https://kisdigital.com/posts/2024/05/setting-up-your-first-boxlang-serverCFML JobsSeveral positions available on
https://www.getcfmljobs.com/Listing over 126 ColdFusion positions from 79 companies across 53 locations in 5 Countries.
3 new jobs listed in the last few weeks
Full-Time — AWS and ColdFusion Full Stack DeveloperGuidehouse
New York, NY, United States
Posted May 01
https://www.getcfmljobs.com/jobs/index.cfm/united-states/ColdFusion-FullStack-AWSDev-NY/11638Full-Time — Cold Fusion Developer IPRECISE SOFTWARE SOLUTIONS INCORPORATED
Remote
Posted May 09
https://www.getcfmljobs.com/jobs/index.cfm/united-states/Remote-ColdFusion-Developer-I/11639Full-Time — Senior Web Developer ColdFusionRegal Medical Group
Northridge, CA, United States
Posted May 17
https://www.getcfmljobs.com/jobs/index.cfm/united-states/Sr-WebDev-ColdFusion-Northridge-CA/11640Other Job Links
There is a jobs channel in the CFML slack team, and in the Box team slack now too
ForgeBox Module of the Week
commandbox-boxlangStart a BoxLang server using CommandBox 6!
box install commandbox-boxlang
box server start cfengine=boxlang javaVersion=openjdk_21
https://forgebox.io/view/commandbox-boxlangVS Code Hint, Tip, and Trick of the Week
BoxLangAn extension for the development of BoxLang.
At a glance