Web Software Architecture and Engineering – Life on the Bleeding Edge

Archive for October, 2009

Major Flaw in CF9 – May Break Code!

As part of our upgrade to CF9, we started doing regression testing on our local boxes. My co-worker Joseph Lamoree found and blogged about a flaw he found in CF9 that brought our app to a halt. Serious, no joke.
Here is the issue in some detail. If you want to take a look at a MXUnit Test Case, then head over to Joseph’s blog on Posterous for more details as well.
I have two files, local.cfm and local.cfc.

Local.cfm has the following:



Local.cfc has the following:



When running this on CF8, I get the following output:

When running this on CF9, I get the following output:

First off, CF9 is killing firstName and lastName. It seems when
setting local to a Struct return from a function to start off, those
values are quickly killed.

Why is this a big issue? Well, in frameworks like Mach II, you can
start with:



What we see is that we have to do a structAppend, appending local to
the values we want from the function…  

Seems to me that any cfset local = is being ignored more or less. That is why:



If you dump this, it behaves like the 2nd line never happened. It
shows the value for local.x. But this way, any function call to set
values to local also get ignored. I think if the programming ignored
the structNew(), but “appended” values from other functions instead of
ignoring, this would everyone happy.


Must Read: Teaching CS @ Universities – Great Article

Joel Spolsky writes an excellent article/blog entry called “Capstone projects and time management”. Its about a topic I’m very passionate about, and that is the teaching of Computer Science or Computer Information Systems at universities.Great read.
Read more @ http://www.joelonsoftware.com/items/2009/10/26.html.

UCLA Study: The Internet Is Altering Our Brains

Fascinating article. Read more @ http://www.foxnews.com/printer_friendly_story/0,3566,568576,00.html.

Hilarious Video – A Day at the Office


Blocking Traffic from China – Thoughts Needed

I’ve been reading my logs more thoroughly for the past few data and I see a lot of bad traffic. Couple that with CFFormProtect, which tends to block SPAM posts dozens of times per day. Most of the traffic is coming from China unfortunately.
Now looking at my Google Analytics, I do think there is some legitimate traffic from China. For my work, on the other hand, we blocked ALL traffic from China, since we don’t do business there and see no need for traffic from there.
However, as a blogger, what do I do? What can I do to conserve server resources without kicking out what may be legitimate readers? What have you done? Any thoughts or advice would be appreciated.

CF9 Doesn't Like Mango Blog

Well, I upgraded my server to CF9, and there were both some immediate and subtle hiccups working with the latest build of Mango Blog. I’ve mentioned some of these in the forums, but here they are.
First, the site would not run. I got: “Error: Object of type class java.lang.String cannot be used as an array”. I narrowed down the issue to: “cfset to = arraylen(linkCategories)”
The issue was inside agsmangoextrasLinkCategories.cfm on Line 14. I basically put the code inside a catch/try and on error set “to” to 0. Not sure if its accurate, but it work, the site load.
This sparked my curiousity. I cleared the error and ran through some basic stuff. The cfformprotect plugin threw an error. This one I’m not 100% certain is CF9 related, or just an error related to the code there.
This one threw: “Element RAWDATA.COMMENT_NAME is undefined in DATA. ”
Going further, I ran CF9’s Code Analyzer, and found a whole bunch of stuff.

The first and the last one are especially interesting. ArrayFind is a reserved name and “location” as well.
I’m sure there is more!

ColdFusion 9 – 50% OFF

Ok, now that I’ve got your attention, this is how I calculate the savings.
We have dev (besides each developers local environment), staging, and UAT environments for code before they hit production.
Before, we would have to buy CF Entrprise for Dev, Stage, UAT, and our Prod Boxes. But guess what, with ColdFusion 9 has some great EULA changes as highlighted by Terry Ryan.
So besides the fact, that if I had a duplicate of my prod environment for disaster recovery purposes, I could use my prod licenses on those boxes, I can now share my prod licenses with “development, testing, staging” servers.
It 99% clear, and another post by Terry tries to clarify. From what I can tell, I no longer have to buy extra licenses for servers that don’t get much hits.
This is one of those things I brought up during with Adam Lehman a while back, and glad to see it implemented with CF 9. Woo-hoo!