Coldfusion Monkeys

I found it incredulous that when I searched for “monkey” in Google, not only is on the 1st page, but it has two *different* links on the 1st page! I realized I was signed into Google+. I signed out and re-searched. The site is no where in the top 10 pages (though is somehow on page 8?).

I am not sure how Google is deciding this. I have “remember web history” turned off on my Google account. Could it be using the information from my contacts in Google+ circles? Many of the people are Coldfusion people. Its the only thing I can think of, unless Google is breaking the rules and using my web history anyway. Anyone have any ideas on this?

Google you try hard, but personalizing my search for funny monkey photos by filtering on Coldfusion? That just isn’t smart. Some things do go together -like chocolate and peanutbutter- but Coldfusion and monkeys do not. …Prove me wrong people, prove me wrong!

Timeout can't be negative wsdl error in Coldfusion

I got an error in Coldfusion today that I had never seen before:

timeout can't be negative

The error occurred when making a call to a webservice. The webservice call was working fine yesterday. I did some Googling but didn’t have much luck in determining why this was happening suddenly.

I traced back over the previous day trying to figure out what I had changed. There was a query that kept timing out, so I had experimented with changing the query timeout setting under the advanced datasource options in cfadmin. Its the only timeout setting I knew of, so I changed it back to its default value of 0. Suddenly my webservice call worked again!

I tried to repeat the error by setting the config back to how it was. But was unable to get the call to fail again.

Re: Coldfusion Strong Encryption: 256bit and higher

Original Article

I’ve put together what I believe is the Java equivalent of CF’s GenerateSecretKey, Encrypt, and Decrypt functions. Unfortunately these encrypt and decrypt functions still do not work in CF7 so there must be something else besides the US_export_policy.jar & local_policy.jar files that would need to be upgraded in order to allow for strong encryption to work in CF7.

I’ve posted the code below in hopes that someone will tell me I’ve made a mistake and that we could get this to work in CF7.

The code is based on this article from Sun.




UPDATE: Per Jason Dean’s comment: for this to work in CF7 you need to use a different library. The strong encryption library for CF7 can be downloaded here.

Coldfusion Strong Encryption: 256bit and higher

This does not get enough attention.

Out of the box Coldfusion does not have strong encryption and will not generate keys higher than 128 bits. You must upgrade the underlying Java library in order to gain access to strong encryption. Currently the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6 download is located here. Download the file, decompress it, and then replace the existing US_export_policy.jar & local_policy.jar files from your Coldfusion install with the ones that you’ve just downloaded. After restarting Coldfusion you will be able to use the GenerateSecretKey function to create keys stronger than 128 bits.

This has been tested to work with CF8 & CF9.

Replacing the files did not cause errors in CF7, but in CF7 the GenerateSecretKey function only takes one argument which is the encryption algorithm and does not allow for a key length to be specified. Perhaps those of you who know java will be able to access the underlying encryption library directly and still get it to work in CF7?

UPDATE: I tried this and it still seems to not work.

UPDATE: Per Jason Dean’s comment below: for this to work in CF7 you need to use a different library. The strong encryption library for CF7 can be downloaded here.

Coldfusion's Evaluate()

Today I was going through an application turned over by a contractor and I began noticing that evaluate() was used frequently through out the code.

I thought by now we’d all know that using Coldfusion’s evaluate() function should be avoided. Evaluate() is a performance hit and is an indication of sloppy code. It may be possible that there are situations where it is unavoidable, but in my experience if you are considering to use evaluate() to solve a problem its a red flag that there is a better solution if you just think a little longer.


evaluate() example:


With Structures it is easy to avoid using evaluate() as you can dynamically create the struct key such as:



evaluate() example:


Queries are not much different than structures. The trick is that you’ll need to explicitly define the current row. This is something that is normally implicit.


Function Calls

Dynamically declaring function calls is a neat trick. The example code is a very (very) basic generic getter function, perhaps utilized within onMissingMethod(). Given any string it will try to call a getter function for that property. There is no other syntax to create this call. But using evaluate() should be a red flag. When you get into a situation such as this you should really ask yourself why you are organizing your code this way.

Perhaps you could forgo building a named function for each property and restructure your generic getter function to work like this:

or possibly even simpler as:

You should definitely be asking yourself why you would call a generic getter function if you built named getter functions. (Maybe you’ve made the methods private?) This is a simple example, but either way evaluate() is most often a sign of a larger coding problem.

AnythingToXML in Mura CMS

Brian Rinaldi over at contacted me today and told me something that got me pretty excited. Evidently Mura CMS uses my AnythingToXML as part of its core requirements. I had to download Mura and see for myself; it does!

From the stats on RIAforge I can see that a few people have downloaded AnythingToXML but I never know if it worked out for them. Its great to see something that you built to get you out of a jam taking on a life of its own and helping other people out.

I have yet to work on a project using Mura, but from what I hear its a great content management system and is developer friendly. Hopefully I’ll get a chance to work with it soon.

AnythingToXML and XMLToAnything Updates

I spent some time updating AnythingToXML last month with a feature that allows for type hinting. I was trying to avoid this, but XMLToAnything really can not be made smart enough to know that something was once an array with only one element in it. Instead it will interpret it as a Coldfusion struct. Since XMLToAnything was written to reverse XML created with AnythingToXML I added the type hinting to the XML generation. If there is no type hinting it will still work as before and attempt a best-guess on what the XML should become.

Coldfusion’s Missing Huffman code table entry error Round 3

If you’ve been following along I’ve been trying to track down why some JPGs create errors when using CFIMAGE but most JPGs do not.

The work around I posted previously still did not work for some JPGs.

Looking back at the error reports I received a co-worker and I noticed that most of the errors came internationally from one locale. When we contacted that office we discovered that they were using MS Paint to edit and save their JPGs before uploading them. Switching them over to using MS Office Picture Manager to save the images made everything upload correctly.

I’m not sure if the bug is with MS Paint, Coldfusion, or the underlying Java, but if you’ve done everything and still are getting an error when working with images in Coldfusion (or Java?) then checking the source of your images may be be helpful in debugging.

Did anyone find MS Paint to be the root of their JPG image problems?

Coldfusion’s Missing Huffman code table entry error Redux


Updating Coldfusion with the newest patch did not work. We are still seeing the “Missing Huffman” error in production. This occurs a few times a day. I’m now attempting to use the work-around posted in the Adobe Thread on the issue.

Below is my version of the work around:

			newImageName =  createUUID() & ".jpg";
			// create a file object representing the path to the saved image
			outFile = createObject("java", "").init( arguments.destination_path );

			// extract the underlying BufferedImage from your CF image object
			bi = ImageGetBufferedImage(myImage);

			ImageIO = createObject("java", "javax.imageio.ImageIO");
			// use ImageIO (instead of cfimage) to physically save the image to disk
			ImageIO.write( bi, "jpeg", outFile );