With all the chatter about recently SQL injections attacks, I thought I'd try and whip up a regex I could use in Eclipse/CFEclipse to find <cfquery> tags that have exposed variables (strings wrapped in #...#) that don't use the <cfqueryparam /> tag.
Well I'm far from a regex master, here's what I came up with:
The query does not explicitly check for the token <cfqueryparam, but instead checks to make sure that CF variables are preceded with the string value="—which is the attribute used in <cfqueryparam />.
The query isn't perfect and may pick up occasional false positives, but from my testing it seems to work pretty well. If you have some improvements to the regex, make sure to post a comment and I'll update the post with the most recent version.
I was just looking over the song list announced for Rock Band 2 and the inclusion of Dream Theater really caught my eye. While I would have picked a song different from Panic Attack, I'm giddy to see Dream Theater show up in a game like this.
Some other song that caught my eye were:
For a complete song list, see Gizmodo's coverage of Rock Band 2.
[UPDATED: Friday, April 17, 2009 at 10:27:41 AM]
Two great posts by Mike Henke and John Whish over the past week cover some really important keyboard shortcuts for Eclipse & CFEclipse. They cover the gamut of some of my favorites (like CTRL+SHIFT+R) and some ones I always forget about (such as CTRL+DEL and CTRL+BACKSPACE.) These are definitely shortcuts you should be memorizing to make you work more efficient.
In CFEclipse, most of your standard shortcuts for formatting (i.e. [CTRL]+[B] = strong) work as well. Learning keyboard shortcuts can really speed up your development process, so I recommend trying to learn one or two a week and introduce them into your coding habits.
The Pencil Project looks like a pretty interesting tool for sketching out and prototyping a site design. It's based on XUL engine in Firefox 3 and looks to be a pretty impressive little open source application. From the Pencil Project website:
The Pencil Project's unique mission is to build a free and opensource tool for making diagrams and GUI prototyping that everyone can use.
- Built-in stencils for diagraming and prototyping
- Multi-page document with background page
- On-screen text editing with rich-text supports
- PNG rasterizing
- Undo/redo supports
- Installing user-defined stencils
- Standard drawing operations: aligning, z-ordering, scaling, rotating...
- Adding external objects
- And much more...
Pencil will always be free as it is released under the GPL version 2 and is available for virtually all platforms that Firefox 3 can run. The first version of Pencil is tested against GNU/Linux 2.6 with GTK+, Windows XP and Windows Vista.
Make sure to check out the quick tour/screenshots of the application.
Adam Lehman mentioned this the other day on a mailing list (and now has blogged about the CF 8 EULA change); the ColdFusion license changed in v8.01 and it now allows you to have a copy of CF installed for a warm backup server.
2.3 Backup and Disaster Recovery. Licensee may make and install a reasonable number of copies of the Software (ColdFusion) for backup and archival purposes and use such copies solely in the event that the primary copy has failed or is destroyed, but in no event may Licensee use such copies concurrently with Production Software or Development Software. Licensee may also install copies of the Software in a Disaster Recovery Environment for use solely in disaster recovery and not for production, development, evaluation or testing purposes other than to ensure that the Software is capable of replacing the primary usage of the Software is case of disaster.
This is great news for smaller shops that want to have a warm/hot backup server that they can easily push live if their production server runs into hardware problems.