Today is a good day to code

ColdFusion “Scorpio” Possible New Features

Posted: December 31st, 1969 | Author: | Filed under: ColdFusion, Programming, Uncategorized | Tags: , | No Comments »

ColdFusion “Scorpio” Possible New Features

Picture of Irv Owens Web DeveloperOver on Ben Forta's blog, www.forta.com, he has a discussion running about new features for ColdFusion MX 8. One of the things he suggests is tighter integration with Microsoft Exchange. I think that would be very cool, but I'd agree with some of the readers over there that some type of iCal support would be sweet along with the ability to interact with a mail server using IMAP.

I'd like to use the Exchange interaction to allow my applications to use the events for a particular user as a trigger, for example, if a user had an event set up for a particular meeting room using a custom ColdFusion meeting booking system, the server could see if that room were still free about two hours before the meeting and if it weren't, it would send an email to all the meeting participants, in the Outlook format, to reschedule the event or change its location.

That's a really simple way to use it, and I'm sure there are others, but it would be helpful. I would like to see IMAP support so that I wouldn't have to actually pull down a user's mail in order to display it using the cfpop tag. It would be nice to have a customizable mail interface.

What I would really be interested in was an optional built in framework of some type, and upgraded SESSION management. While I don't mind having to use cflock whenever I am using SESSIONs, it would be really cool if I didn't have to use it. I also think that it would make development much easier for those who don't read up as much as I do, fail to use cflock, and end up with large applications with SESSION breakdowns. It might be cool to have another type of shared scope for objects that would automatically check to see if there were an instance of the object. If there was, then the system would use that instance unless told not to. If there were no instance, it would load a new instance from the disk.

Wow, I thought I had no real opinion about the upcoming version of ColdFusion, and that I was pretty happy about its current level of functionality, but I guess there are a couple of suggestions that I could make. More support for Mach-ii and other frameworks via a system level plug-in would be nice. Perhaps if they were more integrated into the application server, they could allow more convention-over-configuration like rails.


Preventing Comment Spam With Spamhaus in ColdFusion and Java

Posted: December 31st, 1969 | Author: | Filed under: ColdFusion, Programming | Tags: , , , , | 3 Comments »

Preventing Comment Spam With Spamhaus in ColdFusion and Java

Recently I turned comments on again for my blog, but I started getting hammered with spam comments so I looked into trying to figure out how to stop spammers.

Most people rely on some type of image based spam prevention. This is probably performance wise the best solution, the problem is when people with poor eyesight come in, or actual people come to spam your site. This solution doesn’t prevent that scenario.

A client of mine got me to look into SPF for protecting everyone else from someone masquerading as us. That somehow led me to spamhaus again. I had always thought of using them for spam filtering, but what I didn’t know is that you can use them for web submission protection. On the site, I learned that implementing their blacklist filtering is really easy to implement. Basically the way they work is that you supply part of your visitor, whether they are sending an email on port 25 or whether they are visiting on port 80, since Spamhaus includes their web site on their black list, if someone is sending spam mail, they will return for an http request.

Basically you have to send a request over to Spamhaus’ zen DNS server. If it returns a value, then they are a spammer, or at least they are listed at Spamhaus as a spammer. The method you use is you reverse the bytes of the IP address, for example if the IP address is 2.3.4.5 then you would send a DNS request over to Spamhaus like 5.4.3.2.zen.spamhaus.org. For Java and ColdFusion, I use InetAddress, but there are methods in every language to perform these tasks.

To do this in ColdFusion you could use code that looks like this:


<cfset address = CGI.REMOTE_ADDR />

<cfset addressArr = listToArray(address,".") />

<cfset newArray = ArrayNew(1) />

<cfset newArray[1] = addressArr[4] />

<cfset newArray[2] = addressArr[3] />

<cfset newArray[3] = addressArr[2] />

<cfset newArray[4] = addressArr[1] />

<cftry>

<cfset inet = CreateObject("java", "java.net.InetAddress") />

<cfset inet = inet.getByName(arrayToList(newArray,".") & ".zen.spamhaus.org") />

<cset hostName = inet.getHostName() />

<cfif hostName NEQ "">

<cfreturn />

</cfif>

<cfcatch type="any">

<!-- do nothing -->

</cfcatch>

</cftry>

To explain, in the first line you are starting a cftry / cfcatch block. The reason for this is if the visitor’s server is clean, it will throw an error because it won’t be able to get a response. However, if it doesn’t throw an error, it will be able to complete.

So the way this code works is that it takes the visitor’s IP address, splits it into an array, copies it into a new array, and then reconstitutes it into the IP address string but backwards.

It then creates an instance of InetAddress and calls the getByName method passing in the created address and waits for a response. If it doesn’t get one, it does nothing. If it does get one, and the result is something that isn’t an empty string, such as 127.0.0.2, it will return and not allow whatever it is protecting to be executed.

If you are using Java the code could look like this:

try{

InetAddress inet = new InetAddress();

inet = inet.getByName(backwardsip.zen.spamhaus.org);

// this should return an IP, but it really doesn’t matter what it

// returns

String hostName = inet.getHostName();

// this is just to catch a possible error

if(hostName.length() > 0){

System.out.println(‘Visitor is dirty’);

return;

}

}catch(Exception e){

System.out.println(‘Visitor is clean’);

}

So far this is proving to be a good way to check for bad commentors. The problem is that if you are a high-traffic site, Spamhaus will want to charge you for the use of their static list. If you are a high-traffic site, you would want it anyway for performance reasons. I think the cost may be worth it though in hassle.


Ruby on Rails

Posted: December 31st, 1969 | Author: | Filed under: ColdFusion, Programming, Uncategorized | Tags: , | No Comments »

Ruby on Rails

Picture of Irv Owens Web DeveloperI'm definately suffering from infatuation with another web development language. I'm hesitant to call it love yet because I have been burned so many times before, but I think I love Ruby on Rails on first sight.

For a fully object oriented framework, Ruby on Rails is downright easy. Easier than easy. It also sports a very clean syntax similar to Python in its readability, and the fact that it does almost all database stuff for you is killer. I can see excellent applications for Ruby in prototypes, and perhaps web applications. I still think it needs to be used in enterprise, but it is holding up under some pretty heavy loads right now. I'll be working with it more in the coming days and weeks, as I am very curious as to how it will compare with ColdFusion.

For years I have thought that ColdFusion couldn't be beat for “Rapid Application Development.” But here is an application plus framework that beats it as far as time to market, but also does it in a completely OO way. I have been working to develop my own framework for a couple of days now, and I think that I'll start trying to mimic Rails' functionality for ColdFusion. But the reflection, etc… I don't know if I am up to the task of that.

The other nagging question about Ruby on Rails is how customizable it is as far as if you really want to get down to the nitty gritty. It does a lot of cool high-level stuff for you as far as the database interaction is concerned, but as far as delivering views that comply with XHTML Strict, and ECMA Script standards, I don't know. If I find myself having to rebuild all of the views from scratch it wouldn't be too bad, but I'd rather not.

One other really nice thing out of the many nice things about Ruby on Rails is that it creates nice search engine safe URLs for you, from the start. It truly seems that this language was made to be the web developer's language. It is so young now that to compare it to ColdFusion is almost heresy, but I find myself doing it.

Ruby on Rails


MySpace.com Switches From ColdFusion to Blue Dragon

Posted: December 31st, 1969 | Author: | Filed under: ColdFusion, Microsoft, Programming, Uncategorized | Tags: , , | 1 Comment »

MySpace.com Switches From ColdFusion to Blue Dragon

Picture of Irv Owens Web DeveloperWhen MySpace decided to stop using ColdFusion recently, many ColdFusion developers felt somewhat betrayed by the change. Many even suggested that it wasn't the best engineered solution. By that they were hinting that by using fusebox, no one has said which version, and ColdFusion 4.5 / 5 they weren't working with the best that Macromedia had to offer.

New Atlanta claims in their press release that using the exact same code, MySpace was able to reduce their CPU usage by 50% under heavy load. They also claim that this result could not be duplicated with ColdFusion MX. I believe both of these claims. Most ColdFusion developers are loathe to admit it, but Microsoft has a pretty good thing going with C# right now. The ASP.net framework is decent, it performs extremely well in every test I have seen, so I am not suprised that by using ADO.net and ASP.net they were seeing gains like this. The biggest problem with any scripting or programming language comes down to the drivers when using an external resource. Web development is no different. When your database connection pool reaches it's limit, it just can't create any more connections and requests get queued. There is no way around this except to get better database drivers. I have seen JDBC fail miserably time and time again, especially with SQL Server 2000 in this area. One of the biggest causes of that 100% CPU utilization seems to be in the JDBC driver when the database doesn't respond in a timely fashion. I don't know what causes it, but it happens when I am working with a complicated dataset. It isn't even that the memory usage is too high and the server is thrashing, the CPU just goes to max and starts refusing connections. The only solution to this is to kill and restart the JRun instance. After that it behaves well again until it crashes.

In all fariness to Java / J2EE, I have only experienced these issues while working with ColdFusion Enterprise on Windows based systems, this doesn't seem to happen on Linux, at least in my experience. Since MySpace was so heavily invested in both ColdFusion and Windows hardware, I guess they had no choice but to use New Atlanta's Blue Dragon. Still, what most programmers have to realize is that at the end of the day, it is the tool that delivers the best that will be used. No matter what we feel about Microsoft, ASP.net is fast and stable in it's newest iteration. One of the advantages to ASP.net is that it automatically fixes it's memory leaks. This is something that Macromedia desperately needs to build into JRun. ColdFusion is sometimes slow and is often buggy when dealing with some of it's advanced features. Experienced CF developers know how to deal with most of this so it doesn't come into play very often, and I'd bet that with higher quality Microsoft SQL Server JDBC drivers, and the application of good design patterns and reusable CFCs they could have gotten better results out of the CFMX server. But as the CEO of New Atlanta said in his blog, to rewrite all the code to take advantage of components, invocation, and var typed variables is beside the point. They made the decision that would best serve their business. If their code was reusable or not is immaterial after the fact.

Still, I find ColdFusion's performance to be reasonable. I wouldn't call JSP / ColdFusion a speed demon any day, with light load, PHP blows it away with 10 users on it, but once you scale that up to 100,000 users concurrently, then Java starts to shine. Since Microsoft shamelessly copied Java with C# and improved on it, it is no suprise that ASP.net performs as well as it does since it has native OS support in Windows Server. No one uses ColdFusion because it is the fastest from the execution standpoint, they use it because it is the fastest language to develop in.

Another interesting point would be if Microsoft were to acquire New Atlanta in order to integrate ColdFusion support directly into IIS. This would give Macromedia / Adobe some competition and force them to fix some of the issues they have let languish in CF. It wouldn't be too suprising a move since they are seriously evaluating building PHP support directly into IIS. I'll bet that it wasn't even that tough for New Atlanta to port their J2EE version of ColdFusion over to ASP.net due to it's support for C# and Microsoft's Java source to C# source conversion tools. It, of course required some optimization, I'm sure, but I'll bet it is smokin'. Maybe I'll download it and try it.

New Atlanta
New Atlanta CEO's blog
House of Fusion MySpace Conversion Discussion


Google Sitemaps

Posted: December 31st, 1969 | Author: | Filed under: ColdFusion, Google, Programming, Uncategorized | Tags: , , | No Comments »

Google Sitemaps

Picture of Irv Owens Web DeveloperAnother couple of projects I started working on was getting a properly configured robots.txt, going, and to use Google sitemaps. If you have a gmail account, and you are a publisher, this is a very easy way to make sure Google crawls your site properly, and knows about all your links. One of the things I have noticed about the googlebot is that it frequently hits my homepage, but it would always only index the blogs that were directly linked to from that page. It would almost never go all the way through my site to get to the oldest articles.

Here is the code from the component that I am using to generate the sitemaps file. I modified the code originally avaliable at ColdFusion based Google Sitemap Creator. It is a .cfc so it should be pretty plug and play. Of course I will change the sensitive details about my site…








http://www.owensperformance.com/index.cfm
#theDatetime#
always 1.0


http://www.owensperformance.com/resume.cfm
#theDatetime#
monthly 0.9


http://www.owensperformance.com/aboutus.cfm
#theDatetime#
monthly 0.3


http://www.owensperformance.com/blog.cfm
#theDatetime#
daily 0.8






http://www.owensperformance.com/blog_content.cfm?
articleid=#urlString.articleid#

#theDatetime#
never 0.7





file=”#ExpandPath('../sitemap.xml')#”
output=”#theXml#” nameconflict=”overwrite”>
Google Sitemaps Overview


Whirlwinds of Code and Forming Design Patterns

Posted: December 31st, 1969 | Author: | Filed under: ColdFusion, Microsoft, Programming, Uncategorized | Tags: , , | No Comments »

Whirlwinds of Code and Forming Design Patterns

Picture of Irv Owens Web DeveloperOne of the biggest issues with understanding object oriented programming is getting over its associated terminology. Most developers whether they realize it or not have formed design patterns, and use them all the time. If an established developer were to look at their code, they would often see that their application was broken down into data access and storage components, display components, and the logic that allows them to successfully communicate. When asked to bring a system from one application to another, they can usually do it with little to no modification. This is the idea behind design patterns.

In an interview yesterday I realized that I had better take a more aggressive look at design patterns. Understanding the terminology may be tough, but it is an excellent way to communicate an application's business needs, especially using UML, as well as getting down to the lowest level of describing the objects that will comprise your frameworks. I have always tried to get a firm handle on design patterns, but they have largely eluded me. I have understood simple systems like breaking your code into well defined model-view-controller layers, and using messaging to communicate between layers, but I have never really been able to understand the more advanced concepts. In the interview I noticed that I was designing with some object oriented concepts by using Fusebox, even if I didn't know what to call them, but ignoring some of the more specific ones.

Programming is often like the game Dark Cloud for the PlayStation 2. For those who haven't played the game, it is a role playing game in which the player travels around their world trying to re-assemble their world, which was scattered by an evil genie. The player is provided a weapon which is pretty weak to start with, and by travelling around the world, they can gain objects which make their weapon stronger. When they get enough objects, they can merge their objects permanently into the weapon, increasing its effectiveness. They then begin the process anew, adding objects to the newly enhanced weapon until they can merge it again. When you have better weaponry, the player can gain pieces of their world more quickly and can assemble more complex worlds in shorter time. It is like this with programming. Often I feel as though code is whirling around me and once I have that “aha!” moment it merges and becomes something solid for me that enables me to take the next step. Building large applications has caused me to develop different frameworks or APIs for me to use. For example, most of my applications require search, so I have developed a pretty thorough search framework, made up of components, that can be moved with little modification. I wouldn't have known that it was that, but it is.

Today, or last night rather, I had one of those “aha!” moments, the moments we all write software for. I was finally able to put names to some of what I was doing. Now that I am beginning to understand, I can see why it would be hard for experienced object oriented developers to explain to procedural developers how to do OO design. You just begin to think differently. I can see about ten areas in which I can improve my search API / framework to make it more portable. The hardest part is finding the dragon, slaying it is easy. In other words, associating design patterns to what you are doing is hard, once you can put names to faces so to speak, the rest is simple. For a while I could never understand why people were so excited about Microsoft enabling the use of C# in SQL Server 2005. But now I can see, you can create an entire data access framework all on the database server, abstracting the underlying database and its queries from the application. It would be possible, in a web application, to completely separate the model from the controller and view layers. This has huge benefits in code maintenance because you could have any number of applications using the data access framework through web services.

What really dragged it together for me was why Java was so tough. I realized that it was tough because my mostly procedural mind was trying to write a program thinking about what each class should do instead of things like what does this class know about itself, what is it's purpose. How do the methods inside it work to help it achieve its purpose. In short I was trying to write a simple program, instead of thinking about a toolset to help me achieve my goal. With Java, you have to diagram, you have to chart or you will just get lost. Even objective-c makes more sense, with over-riding the init method for objects. These things didn't make sense before, but now I am getting it. I still have a long way to go, but I think I'll start working with Mach II, even if there is a performance hit. That is a little more OO than Fusebox, but Fusebox is a great foundation for it.

All that being said, there are still some instances where you can go too far with data encapsulization. For example if you had a table that had contact information in it. You wouldn't want to return each row, create a struct out of it, then set an iterator method to go through each struct, then each element of the structs, at least not in ColdFusion. Iterating over a query is something that the built-in elements of ColdFusion do fairly well anyway so building frameworks to disassemble a query object, then re-assemble it as a bunch of structs is probably an un-necessary layer of complexity for most applications. So like anything else, discretion is required. Now I'm ready to tackle the UML book and hopefully figure out how to use that nifty ID3 tag reader framework for Objective-C that I downloaded a while back and couldn't quite figure out how to use. I've got Macintosh applications that need to be developed.

Here are a few of the sites that helped me get to the “aha!” moment.
Macromedia exerpt from 'Design Patterns'
ColdFusion object factories, the Composition CFC
Introduction to the Mach-II framework


Flash Forms in ColdFusion MX 7

Posted: December 31st, 1969 | Author: | Filed under: ColdFusion, JavaScript, Programming, Uncategorized | Tags: , , , | No Comments »

Flash Forms in ColdFusion MX 7

Picture of Irv Owens Web DeveloperOne of the coolest things in the not-so-new-anymore ColdFusion MX 7 release is the ability to use Flex and ColdFusion tags to generate Flash components without having to design them. One of the perennial headaches for a web developer has been the difficulty in creating self-validating forms, and grid components that could take the stress of sorting off of the web or database servers.

I am not really too into screenshots so I will just show you a sample of the new flash forms. I am not sure if they validate or not, but they are definately cool. The built in forms validation is excellent also, it is handled completely on the client. If you press the submit button without entering any text in the you must enter some text field, it will show you the error. The binding is sweet too, you can bind one item to another in a form. If you notice, when entering text in the top box, you will see the bottom box mirroring it.
Flash Form Example

That is sweet for many different reasons, here is the code behind it:

<cfform name="code" action="http://www.owensperformance.com/test/formExample.cfm" method="post" format="flash" height="600" width="639" preloader="true" timeout="100" preservedata="yes">

<cfformgroup type="tabnavigator">

<cfformgroup type="page" label="Text Entry">

<cfformitem type="text">Enter Some Text

<cfinput name="aninput" type="text" required="yes" message="You must enter some text" />

<cfformitem type="text">Bound to the Above Text Box

<cfinput name="bound_input" type="text" bind="{aninput.text}" />

<cfformitem type="text">A Text Area

<cftextarea name="moreText" value="Some More Text" />

</cfformgroup>

<cfformgroup type="page" label="Grid Component">

<cfgrid name="myGrid" width="624" height="350" query="theQuery" format="flash" align="absmiddle">

<cfgridcolumn name="title" header="Title" />

<cfgridcolumn name="dateEntered" header="Title" />

</cfgrid>

</cfformgroup>

</cfformgroup>

<cfinput name="Submit" value="Submit" type="submit" />

</cfform>

Another really cool item is the cfgrid component. It is a fully featured flash grid that can show any number of objects. I am toying with the idea of implenting it on my search page, using javascript to show and hide the results, but that seems like overkill. I would show one to you in action, but you’ll just have to settle for the code.

This will create a nice grid component that handles sorting for you. It will draw its data from the query myQuery. Each column will pull from the field in the database according to its name. For example the date column will get its data from #myQuery.date#. The others will get their data similarly. I don’t know why I didn’t use flash forms before. They are certainly cool. You can bind to the data in the columns so you could have a field that would allow you to edit the currently selected field in the database. This is extremely handy in creating sensible and usable forms. I hope this helps, some java application servers don’t support flash forms, in fact I am not certain that this one will. However I’ll try, if it doesn’t work, at least the code may be helpful.