tag:blogger.com,1999:blog-70788705351196978362024-03-05T23:58:55.682+00:00Gary's GambitGary Fenton is an IT Consultant and thought it was high time he had his own blog instead of tagging his own opinions onto everyone elses blog! :-)Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.comBlogger30125tag:blogger.com,1999:blog-7078870535119697836.post-63422232289801647032017-02-06T20:00:00.001+00:002017-02-06T20:00:13.564+00:00Adobe whacks prices up by 60%<p>Adobe have written to their Creative Cloud customers announcing a price hike. This is no ordinary increase based on inflation. Some people say their subscription will go up by 60%. My own licence will increase by 57% which is pretty outrageous. Currently I pay £38.11 per month which, from my renewal date later in the year, will rocket to £59.99.</p> <p>The explanation from Adobe firmly blames currency fluctuations. The British Pound, however, has not collapsed against the US Dollar by 57% as Adobe think we’re stupid enough to accept. One Pound during 2015 was worth an average of $1.50 which dropped slowly during the first half of 2016 to about $1.45. At the end of June when just over half of British voters decided to leave the EU (Brexit) the Pound dropped and since then has averaged at around $1.25. It <em>should</em> improve once the deals to make Brexit happen have been disclosed and approved.</p> <p>So the Pound has lost 14% of its value since June 2016 and Adobe believes this can honestly justify a 57% increase in their subscription fee to compensate for the currency fluctuation? That’s what most people would call over-compensating. </p> <p>Some would say Adobe are taking advantage of loyal customers who have locked their skill set in to Adobe products. That might feel true and Adobe want you to believe it, but there are other good products out there which are similar and it’s only a matter of practice to get used to a different interface. The tools are similar, but most importantly your creativity and understanding of digital content creation is <strong>100% transferrable</strong>.</p> <p>There’s been a lot of noise recently about <a href="https://affinity.serif.com" target="_blank">Affinity</a> Photo and Affinity Designer from Serif. Reviews have been very positive as professional alternatives to Photoshop and Illustrator, but the best news is the cost. Just £48.99 each and – wait for it – NO SUBSCRIPTION! Yes, it’s yours to keep forever. Remember those glorious days when you only had to pay for software once rather than monthly for the rest of your life? It gets better because work has started on Affinity Publisher, an alternative to InDesign.</p> <p>If you use Photoshop, Illustrator and InDesign then you might be spending around £720 per year on a Creative Cloud subscription. That’s £2,160 over a 3 year period. Instead the 3 Affinity alternatives will set you back less than £150 for use during those 3 years or the next 300 years. Even if you bought an upgrade after 2 years at full price it would only have cost you £300 at the end of the same 3 year period in this example. Currently updates to Affinity Photo and Designer are free and are available on both Mac and Windows.</p> <p>Of course there are alternatives to Dreamweaver, Premiere, and Acrobat Pro that operate under the more reasonable “buy once, keep forever” model. I’ll explore those another time, hopefully before my Adobe subscription is catapulted skywards by 57%.</p>Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com0tag:blogger.com,1999:blog-7078870535119697836.post-61684136345591626322014-09-12T00:12:00.001+01:002014-09-12T00:12:49.380+01:00CFScript v2 – go vote for it!<p>CFScript is an inconsistent mess. Some statements take the form of functions while tags like cfloop are still named as cfloop in cfscript rather than just loop. Take a look at this:</p> <p>cfloop(from=1, to=10, index=1){ <br />     //stuff <br />} </p> <p>Huh? Why shouldn’t a more JavaScript-like syntax be used rather than trying to replicate the tag’s BASIC-like syntax as literally as possible. It’s like trying to fit a square shape through a triangular hole. Sure, if you bang it enough it might go through, but it’s messy and you know it’s wrong.</p> <p>No new developer should have to learn this conflicting, inconsistent, scripting language. It should be trashed but retain 100% backward compatibility.</p> <p>How? Adam Cameron raised some <a href="http://blog.adamcameron.me/2014/08/example-of-thoughtlessness-of-generic.html" target="_blank">inconsistencies of cfscript</a> in his blog and without much thinking <a href="http://blog.adamcameron.me/2014/08/example-of-thoughtlessness-of-generic.html#comment-1567638936" target="_blank">I suggested something simple</a> to allow a new, clean scripting language to be used without having to throw away legacy code:</p> <p><cfscript version=2> <br />      // new code goes here <br /></cfscript></p> <p>When the CFML engine sees that version 2 is stated a new interpreter kicks in to compile it to Java. Obviously if version 1 is stated, or nothing at all, the legacy interpreter is used.</p> <p><strong>This feature suggestion has been added to Adobe’s bugbase. </strong><a href="https://bugbase.adobe.com/index.cfm?event=bug&id=3822362" target="_blank"><strong>Please go and vote for it!</strong></a></p> <p>Adam picked up on my moment of clarity and <a href="http://blog.adamcameron.me/2014/09/cfscript-20.html" target="_blank">blogged again with some great feedback</a> from the CFML community.</p> <p>V2 implemented this way will guarantee backward compatibility and wipe the slate clean to attract newcomers to CF and utilise it based on what they know from a more elegant, universal syntax such as JavaScript. Tagged based scripting and CFScript v1 are both a non-starter for newcomers who want to start a programming career. It's time Adobe think of the future, stop adding poorly implemented features that no one wants to use (cfclient?) and go back to the drawing board and get the language right without having to throw the baby out with the bath water. </p> <p><a href="https://bugbase.adobe.com/index.cfm?event=bug&id=3822362" target="_blank">Go vote now.</a> You’ll need an Adobe ID to log in before you can vote.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com0tag:blogger.com,1999:blog-7078870535119697836.post-89673140991245031132014-07-05T15:56:00.001+01:002014-07-05T15:56:29.590+01:00Twitter the Twit – When short URLs are longer<p>Twitter is being a bit of a twit. I was tweeting a link to a very short domain and Twitter thought it would be a good idea to use its automatic URL shortener which in fact produced a <strong>longer</strong> URL! How dumb is that?</p> <p>I typed in <a href="http://owl.uk">http://owl.uk</a> which is 13 characters and Twitter replaced it with <a title="http://t.co/jLQcgAzbqX" href="http://t.co/jLQcgAzbqX">http://t.co/jLQcgAzbqX</a> which is 22 characters. That’s 9 characters longer. What a waste when you’re only give 140 chars in a message.</p> <p>The problem occurs in Twitter’s web client and also TweetDeck and I imagine most tweeting apps that don’t do a simple sanity check asking itself “is the URL the user types in shorter than the URL I can replace it with?”</p> <p>I tried to contact Twitter to point this out to them but there’s no obvious contact information on their website. I was going a little crazy searching.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com0tag:blogger.com,1999:blog-7078870535119697836.post-27695298672853392252013-07-07T01:56:00.001+01:002013-07-07T11:15:06.503+01:00Adobe CC – that really means Continuous Cost<p><img style="float: right; margin: 2px 0px 0px 8px; display: inline" align="right" src="http://zapt3.staticworld.net/images/article/2013/05/creativecloud_totem_5in_300ppi-100035582-large.png" width="187" height="187" />Adobe have moved all their big products over to a new licence called Creative Cloud that means customers will no longer own their own copy of the software. You have to rent it now, therefore the “CC” brand has a special meaning to Adobe’s senior management – Continuous Cost. Photoshop, Dreamweaver, InDesign, Illustrator and many other favourites of creative professionals and hobbyists must be rented from now on. Worse, <a href="#dw">ColdFusion support for Dreamweaver</a> has been ejected.</p> <p>So what’s the big deal and the bottom line with the new licencing model?</p> <ul> <li>Pay a monthly fee to rent a product </li> <li>If you stop paying the software will stop working (that’s why Adobe connects their software to the cloud) </li> <li>It’s much more expensive for people who don’t normally buy an upgrade each year </li> <li>If you don’t like Adobe’s new way of doing business then tough, it’s Cloud or nothing from now on </li> <li>If you’re a small business and fall on hard times you must choose between buying food and electricity or your monthly Adobe licencing bill. If you choose the former then your Adobe software stops working and you can’t do any work at all. </li> <li>For students, you too must find money to pay Adobe every month. </li> </ul> <h3>Example Pricing</h3> <p>Single product monthly cost = £17.58 x 12 months = £210.96 per year.</p> <p>Upgrade from CS3+ to latest Cloud version = £8.78 x 12 months = £105.36 for first year only. For the second year onwards the price reverts to the full cost of £210/year or whatever it is at the time.</p> <p>If you’re one of those people who religiously bought every upgrade for the desktop product then you might not experience a price increase moving to the new licencing model (you get every upgrade when you rent from the cloud). But if you only bought an upgrade when a must-have features has been added, say every other year, then you will be paying nearly double what you previously paid just to use the product on a day-to-day basis.</p> <p>As usual, UK and European customers pay a premium over US customers. The respective monthly prices are $19.99 (£13.42) and $9.99 (£6.70). So an upgrade for the first year costs £25 more for the first year and £50 more for each subsequent year. That’s a 25% premium for not living in the USA. How is that justified if all the software is provided from the cloud. Do European customers drain 25% more resources from Adobe than US customers? The cloud downloads are probably hosted in the US but even if they were in Europe the hosting costs wouldn’t be different enough to warrant charging £50 extra for a single annual download!</p> <p>If you need to use at least 3 Adobe products then you can get better value from their full suite. For £46.88 per month (£562/year) you’ll have access to every Adobe product they make. It’s unlikely you’ll use even half the 24 products that are included, and even if you did you’ll have to keep paying £562/year forever if you want to access your Photoshop, Illustrator, or Premier files any time in the future.</p> <p>I used Premier a lot 10 years ago and if I needed to access the project files I can load them up using my old copy that I still own. But if the Cloud licence had started 10 years ago I would suddenly have to start paying a lot of money again just to load up one of my old files. Think about it. Anything you create with Adobe CC and save in one of Adobe’s native file formats can’t be accessed again in the future if you’re not paying monthly to rent the software back. If you want it just for one month only so you can look at or convert your files, you’ll need to pay a greater premium of nearly double the price!</p> <h3>Adobe Not Listening</h3> <p>Adobe’s Photoshop blog has a post called “<a href="http://blogs.adobe.com/photoshopdotcom/2013/05/creative-cloud-were-listening.html" target="_blank">Creative Cloud – we’re listening</a>” with over 300 comments that Adobe have not listened to. And we say American’s can’t do irony? <img class="wlEmoticon wlEmoticon-winkingsmile" style="border-top-style: none; border-left-style: none; border-bottom-style: none; border-right-style: none" alt="Winking smile" src="http://lh5.ggpht.com/-ZCs52EL0s4Y/Udi8p-7ZSII/AAAAAAAAAEM/oLKO8gLIs9k/wlEmoticon-winkingsmile%25255B2%25255D.png?imgmax=800" /> One comment tests whether Adobe are listening by writing “Wait, they don’t even moderate these comments? F**K, S**T, B*LLS?” There are no asterisks in the original. I wonder how many more weeks it will remain there, unread and unmoderated by Adobe.</p> <h3>Alternative Software</h3> <p>So what can we creative people do about it? Complain to Adobe? Ha-ha, don’t waste your breath. Adobe did a Van Gough to themselves years ago. Start to look at alternative software. Adobe aren’t the only players in the market. I admit most of their software is excellent and people will roll their eyes at the thought of having to learn to become proficient with alternative software. But there’s a lot of other good products out there that will save you money and send a clear message to Adobe’s greedy owners.</p> <p><a href="http://lifehacker.com/5976725/build-your-own-adobe-creative-suite-with-free-and-cheap-software" target="_blank">Lifehacker has an article</a> suggesting which software you can download for free or for less for each of Adobe’s main products.</p> <p>Mac owners should check out <a href="http://gigaom.com/2013/04/06/how-to-build-your-own-adobe-creative-suite-with-cheaper-mac-app-alternatives/" target="_blank">Gigaom’s article</a> on cheaper alternatives.</p> <p>A useful site is alternativeto.net that lists potential alternatives to all sorts of software such as <a href="http://alternativeto.net/software/adobe-photoshop/" target="_blank">Photoshop</a>, <a href="http://alternativeto.net/software/adobe-illustrator/" target="_blank">Illustrator</a>, <a href="http://alternativeto.net/software/adobe-indesign/" target="_blank">Indesign</a>, <a href="http://alternativeto.net/software/adobe-dreamweaver/" target="_blank">Dreamweaver</a> and anything else you can think of. You can filter by OS and type of licence (commercial or free). Obviously not everything listed is good, or even satisfactory if you’re used to the Adobe version, but some options might come close if given a chance.</p> <h3><a id="dw" name="dw">Dreamweaver CC Degraded</a></h3> <p>If the licence issue wasn’t enough to give developers unwanted headaches, then you might be gutted to hear that support for ColdFusion and .NET has been ripped out of Dreamweaver CC. Only PHP support remains. You’d think Adobe would retain support for their own server-side language. This has infuriated creative web designers who like the visual strengths of Dreamweaver to design and maintain their sites while incorporating CFML code. The alternative Adobe product, CF Builder, is not on par with Dreamweaver when it comes to HTML design tools. There is a glimmer of hope. I heard that DW CC will let you manually add the .cfm and .cfc file types back and will still syntax highlight CFML and provide auto-complete code hints.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com2tag:blogger.com,1999:blog-7078870535119697836.post-76211095841636747512012-12-18T03:26:00.001+00:002012-12-18T03:27:52.157+00:00Adobe release details of next 2 ColdFusion releases<p>Since Adobe acquired ColdFusion from Macromedia in 2005 they’ve been pretty tight lipped about future releases. There’s always been speculation about the future of the product, but Adobe have just shown the first signs that they’re changing their ways and giving ColdFusion developers a really big boost.</p> <p>What has triggered this change at Adobe? Maybe because their accountants noticed the last quarter was the most successful for ColdFusion since 2008? “More of that please!” I hear them shout from the top of the tower! :-)</p> <p>First off ColdFusion “Splendor” (that’s its code name for version 11) will be released in 2013 followed relatively quickly by “Dazzle” a year later. Adobe have committed to faster development cycles and lots of new features:</p> <ul> <li>Streamlined mobile application development</li> <li>Revamped and new PDF functions (at last, yay!)</li> <li>Easy social media integration for Enterprise</li> <li>Improved installation and deployment</li> <li>Enterprise performance & scalability</li> <li>Responsive multi screen content (erm, that’s client-side stuff)</li> <li>Social analytics</li> <li>Enterprise video portal (whatever that is?)</li> </ul> <p>Read all of Adobe’s <a href="http://blogs.coldfusion.com/post.cfm/coldfusion-news-initiatives-and-updates-from-adobe">announcements about CF at their blog</a> and checkout the <a href="http://blogs.coldfusion.com/assets/content/roadmap/ColdFusion%20RoadMap.pdf">roadmap PDF</a> too.</p> <p>Well done Adobe, no one expected to hear so much about the next release, yet alone the release after that as well!</p> <p><img style="border-bottom-style: none; border-left-style: none; border-top-style: none; border-right-style: none" class="wlEmoticon wlEmoticon-smile" alt="Smile" src="http://lh3.ggpht.com/-eUKXDna5sxA/UM_iZl3lZ4I/AAAAAAAAAC0/DKH7Tv5Qfqc/wlEmoticon-smile%25255B2%25255D.png?imgmax=800" /></p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com0tag:blogger.com,1999:blog-7078870535119697836.post-49796458495606161292011-05-05T20:08:00.001+01:002011-05-05T20:08:52.936+01:00Buying online from Slow-dobe<p>Here are some observations and tips for buying software direct from Adobe.com and a warning.</p> <ol> <li>Don’t expect to download your newly purchased software on the same day you bought it. Adobe are very slow to release your product’s serial number. Imagine someone working in a tiny room somewhere in India printing out orders, using a ladder to stack them, as his grandmother slowly keys in serial numbers into another computer. The pair have been doing it for years and like it that way; they think their customers must be patient and wait their turn.</li> <li>For UK consumers it’s cheaper to order a boxed copy than to go for the download-only option. Go figure that one out!</li> <li>The US price is much cheaper than the UK price, but that’s no surprise. It won’t let you buy from the US store unless you register a valid US postal address. (I’m not sure if it would reject a credit card registered in the UK, but you could try using PayPal.)</li> <li>If you are a business you can sometimes get a better price by going to Adobe’s Business Store – even taking VAT into account. This store also has the download and boxed options at the same price.</li> <li>Adobe’s website is slooooow. The product pages are slow, the store is slow and the licensing site is slow. I hope the public don’t think this is a reflection of ColdFusion. They may get loads of traffic but that’s no excuse. They may be the market leaders and pretty much have a captive audience for many types of product but that’s no excuse either to be complacent.</li> <li>If you think you can side step Adobe and buy from a reseller then think again. Downloads and the release of serial numbers for certain products (especially upgrades) must go through Adobe.</li> <li>It’s been this bad for as long as I can remember. You should plan to make your purchase as early as possible, don’t leave it to the last minute.</li> </ol> <p>I’ve just bought Dreamweaver in case you’re wondering. Previously I bought ColdFusion several times.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com6tag:blogger.com,1999:blog-7078870535119697836.post-79826812644532892212011-02-18T22:16:00.001+00:002011-02-18T22:16:29.423+00:00Genius Tech That Blew My Mind This Week<p>I stumbled upon two things this week that blew my mind. The first is a Xbox Kinect “hacker” who writes his own software to fully exploit Microsoft’s amazing hardware add-on. (Yes, I know it’s a few months old but you may not have seen it.) First check out this video. Keep in mind the Kinect is sitting stationary on his desk.</p> <div style="padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; display: inline; float: none; padding-top: 0px" id="scid:5737277B-5D6D-4f48-ABFC-DD9C333F4C5D:ac7b3d9c-141d-4484-870b-7fb8da7bddd9" class="wlWriterEditableSmartContent"><div id="10c0bb6d-fdd2-4773-a656-c4d7662da0e2" style="margin: 0px; padding: 0px; display: inline;"><div><a href="http://www.youtube.com/watch?v=7QrnwoO1-8A" target="_new"><img src="http://lh6.ggpht.com/_6lC_k5CzsBQ/TV7vuBYLPNI/AAAAAAAAACk/G9OcSflW13M/videoea2c3e0c9407%5B40%5D.jpg?imgmax=800" style="border-style: none" galleryimg="no" onload="var downlevelDiv = document.getElementById('10c0bb6d-fdd2-4773-a656-c4d7662da0e2'); downlevelDiv.innerHTML = "<div><object width=\"448\" height=\"252\"><param name=\"movie\" value=\"http://www.youtube.com/v/7QrnwoO1-8A?hl=en&hd=1\"><\/param><embed src=\"http://www.youtube.com/v/7QrnwoO1-8A?hl=en&hd=1\" type=\"application/x-shockwave-flash\" width=\"448\" height=\"252\"><\/embed><\/object><\/div>";" alt=""></a></div></div><div style="width:448px;clear:both;font-size:.8em">Genius video manipulation in 3D</div></div> <p>A couple of months later he’s discovered how to link 2 Kinects together. What you will see is video from two stationary Kinect cameras. They do not move.</p> <div style="padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; display: inline; float: none; padding-top: 0px" id="scid:5737277B-5D6D-4f48-ABFC-DD9C333F4C5D:b9fcf8e6-412f-4db8-bd31-452ddcec54ef" class="wlWriterEditableSmartContent"><div id="3be733dd-9791-4bdb-9f50-ac78ad5ad648" style="margin: 0px; padding: 0px; display: inline;"><div><a href="http://www.youtube.com/user/okreylos#p/u/3/5-w7UXCAUJE" target="_new"><img src="http://lh5.ggpht.com/_6lC_k5CzsBQ/TV7vus7YIxI/AAAAAAAAACo/mzRVp_Hw3OA/video70cd184b944a%5B31%5D.jpg?imgmax=800" style="border-style: none" galleryimg="no" onload="var downlevelDiv = document.getElementById('3be733dd-9791-4bdb-9f50-ac78ad5ad648'); downlevelDiv.innerHTML = "<div><object width=\"448\" height=\"252\"><param name=\"movie\" value=\"http://www.youtube.com/v/5-w7UXCAUJE?hl=en&hd=1\"><\/param><embed src=\"http://www.youtube.com/v/5-w7UXCAUJE?hl=en&hd=1\" type=\"application/x-shockwave-flash\" width=\"448\" height=\"252\"><\/embed><\/object><\/div>";" alt=""></a></div></div><div style="width:448px;clear:both;font-size:.8em">Super genius manipulation in 3D space with 2 Kinects</div></div> <p>Taking this to the next level but with practical gaming in mind, look at what he did with a Kinect set up in two remote locations, a network connection between him and his colleague, a Doom 3 map and lots of clever code.</p> <div style="padding-bottom: 0px; margin: 0px; padding-left: 0px; padding-right: 0px; display: inline; float: none; padding-top: 0px" id="scid:5737277B-5D6D-4f48-ABFC-DD9C333F4C5D:2649e585-c44d-4c96-82ea-740022e150a0" class="wlWriterEditableSmartContent"><div id="141556f8-bdd7-44ba-a9a4-ffaa6420db11" style="margin: 0px; padding: 0px; display: inline;"><div><a href="http://www.youtube.com/user/okreylos#p/u/0/BOTItUNg6dc" target="_new"><img src="http://lh6.ggpht.com/_6lC_k5CzsBQ/TV7vvO_7KaI/AAAAAAAAACs/wXQLFOPImZc/videoe01a54fe75f5%5B22%5D.jpg?imgmax=800" style="border-style: none" galleryimg="no" onload="var downlevelDiv = document.getElementById('141556f8-bdd7-44ba-a9a4-ffaa6420db11'); downlevelDiv.innerHTML = "<div><object width=\"448\" height=\"252\"><param name=\"movie\" value=\"http://www.youtube.com/v/BOTItUNg6dc?hl=en&hd=1\"><\/param><embed src=\"http://www.youtube.com/v/BOTItUNg6dc?hl=en&hd=1\" type=\"application/x-shockwave-flash\" width=\"448\" height=\"252\"><\/embed><\/object><\/div>";" alt=""></a></div></div><div style="width:448px;clear:both;font-size:.8em">Augmented virtual reality taken to a new level across a network</div></div> <p>Lastly, I was really impressed to see that a radio controlled hummingbird has been invented that uses nothing but wing-flapping to propel itself and behave remarkably like the real thing. It’s only 19 grams in weight (0.7oz) but can carry a camera to transmit live video back to its base.</p> <p>The video of it <a href="http://www.newscientist.com/blogs/onepercent/2011/02/hummingbird-uav-flies-by-flapp.html">flying in action is at NewScientist.com</a></p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com0tag:blogger.com,1999:blog-7078870535119697836.post-87494316343684060302010-08-16T23:24:00.001+01:002010-08-16T23:26:00.629+01:00Critical CF hotfix must be applied pronto!<p>Adobe released a <a href="http://www.adobe.com/support/security/bulletins/apsb10-18.html">security hotfix</a> on 10th August 2010 and classed it as “important”. However, if security is even moderately important to your ColdFusion server, the file system, database and network then you must think of this hotfix as CRITICAL. Just to clarify, this is <strong><font color="#ffff00">CRITICAL</font></strong>. An HP <a href="http://h30507.www3.hp.com/t5/Following-the-White-Rabbit-A/Adobe-ColdFusion-s-Directory-Traversal-Disaster/ba-p/81964">security expert</a> has blogged about it and It also caught the eye of <a href="http://www.theregister.co.uk/2010/08/16/adobe_coldfusion_vuln/">The Register</a>.</p> <p>Hackers have proven how easy it is to use a vulnerability in CF 7, 8 and 9 to gain access to the CF Administrator. Code to perform the hack has been made freely available (which I won’t directly link to, but others have). <a href="https://twitter.com/mckt_/status/21165493064">Mike Bailey</a> tweeted “It works and it’s scary.” Someone else chimed in and showed how you don’t even need to hack the Administrator’s password by using a cheeky bit of JavaScript.</p> <p>Why is this really bad? Well, once you have access to CF Admin you can run scheduled tasks to access the OS. Someone has kindly(?) written an <a href="http://www.gnucitizen.org/blog/coldfusion-directory-traversal-faq-cve-2010-2861/">FAQ explaining how it works</a> and why it’s so bad.</p> <p>Now that the world knows how to hack it, everyone running CF must now patch their server. Adobe need to hammer home the seriousness of this problem and how critical the hotfix is. “Important” doesn’t stress it enough.</p> <p>If you have already made the “administrator” directory inaccessible to the Internet or IP protected it then you should be safe, but it’s a good idea to still apply this critical <a href="http://www.adobe.com/support/security/bulletins/apsb10-18.html">hotfix</a>.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com0tag:blogger.com,1999:blog-7078870535119697836.post-36592368430951503842010-08-11T22:39:00.001+01:002010-08-11T22:39:52.739+01:00SP1 Joy for Windows 7 and Server 2008 R2<p>My main issue with Windows 7 and Server 2008 R2 was the removal of the otherwise simple feature of restoring open folders after a reboot. Currently Windows restores the folders in a random cascaded position forcing you to tidy up your desktop every time you boot up. It appears that through pressure from many users Microsoft have listened. Yay!</p> <p>SP1, to be released in early 2011, will restore this much missed feature that was present in XP and Server 2003. From the documentation:</p> <p><font color="#ffff00">“SP1 changes the behavior of the ‘Restore previous folders at logon’ function available in the Folder Options Explorer dialog. Prior to SP1, previous folders would be restored in a cascaded position based on the location of the most recently active folder. That behavior changes in SP1 so that all folders are restored to their previous positions.”</font></p> <p>Forget dynamic memory and RemoteFX, this is what I’m missing! :-)</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com0tag:blogger.com,1999:blog-7078870535119697836.post-14263401908205360262010-05-29T21:28:00.002+01:002010-05-29T21:43:33.403+01:00ColdFusion Bugtracker Bug<div>How does one submit a bug about a bug submitting tool? Below, the ColdFusion Bugtracker after completing a 2 page form.</div> <div> <br /></div> <a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhtKFsImapnc0e7iqOG5cFadlgKmrpXQzZ8IuWODE9xzarL8bhuIdMchq32EZ1p9KETvBDNRHBBtZHnCppbuhFY0ZMfxSzxh3XC7gaje2ALqY5XUYvy33roFzM4_2qq8cizE4AUntoLY_4/s1600/cfbugtrackerbug.jpg"><img style="text-align: center; margin: 0px auto 10px; width: 400px; display: block; height: 339px; cursor: hand" id="BLOGGER_PHOTO_ID_5476791894600392450" border="0" alt="" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhtKFsImapnc0e7iqOG5cFadlgKmrpXQzZ8IuWODE9xzarL8bhuIdMchq32EZ1p9KETvBDNRHBBtZHnCppbuhFY0ZMfxSzxh3XC7gaje2ALqY5XUYvy33roFzM4_2qq8cizE4AUntoLY_4/s400/cfbugtrackerbug.jpg" /></a> <br /> <div>I tried this twice, logging in again the second time just to make sure I was logged in. Booo. Now I have 2 bugs to report to Adobe!</div> <div> <br /></div> <div> <br /></div> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com0tag:blogger.com,1999:blog-7078870535119697836.post-77863697818635537312010-05-27T00:35:00.001+01:002010-05-27T00:35:58.803+01:00Sessions never expire bug in ColdFusion 8.01<p>A couple of times a year I’ve encountered a strange problem in our ColdFusion servers where sessions mount up and aren’t removed after they should have expired. Just today we had 100’s of sessions left in memory with all of the session scope variables still there at the end of the day, hours after they should have been deleted. Automated session housekeeping ceased to be.</p> <p>Two other symptoms drew my attention to the above problem which must surely be related. Emails stopped being sent, the spool directory filled up without any cfmail files leaving. And from the website CF sporadically threw the error “The session is invalid” which was temporarily resolved by closing the browser and logging into the app again.</p> <p>Restarting the CF services doesn’t resolve the situation because the service refuses to stop if asked politely. A full reboot is the only way to restore normality with confidence.</p> <p>You’re probably thinking what good is it complaining now because 8.01 isn’t the current release and we should upgrade to 9.x. Well how do we know that 9.x has fixed this problem? Are Adobe aware of the issue? We could run a 30 day trial of 9.x on a test server but we’d have to run it for at least 6 months with a constant load to mimic our production server keeping in mind the rare appearance of the bug.</p> <p>If you have encountered this problem before or know how to fix it then please let me know.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com3tag:blogger.com,1999:blog-7078870535119697836.post-89574160238460910872010-05-25T17:38:00.001+01:002010-05-25T17:38:18.624+01:00Windows 2008 Hyper-V / VSS / Backup Bug Part III<p>Good news! We’ve been issued by Microsoft with a public release of the hotfix KB982210, as it will be known. The fix will only work on 2008 R2 and not with any previous releases of the OS.</p> <p>So how does the fix work? First let me explain the problem more clearly than in previous blog entries. Whenever a device is attached to Windows the Plug & Play Manager creates an entry for that device in the registry. If it’s a USB device, for example, and you unplug it then its entry will remain in the registry so when it’s plugged back in the computer will recognise it and any settings that have previously been set up for it. The same is true for snapshots created by VSS, the Volume Snapshot Service. A snapshot is treated like a device so one a new snapshot is created so too is a registry entry for the device.</p> <p>Now here’s the problem. The registry entries are not removed – ever. While many users will never have a problem with that there are a number of power users who generate 1000’s of snapshots over a short period of time. For example, in our case where we use Windows Server Backup (WSB) with a backup schedule set to every 30 minutes which includes backing up 14 VHDs used by several VMs on Hyper-V. VSS will create 14 snapshots (one for each VHD) every time a backup is run. That’s 14 snapshots every 30 minutes. That’s 672 a day and over 20,000 per month. See how quickly they mount up and none of the device entries in the registry are being removed.</p> <p>Severe problems manifest when the host server is rebooted and the registry is processed, analysing tens of thousands of devices, causing the server to look as if it has hung. It freezes for 2 or 3 hours, possibly more if I had let the server carry on taking more backups.</p> <p>The registry key you need to check in Windows 2008 R2 is: <br /><font color="#ffff00"><strong>HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\STORAGE\Volume</strong></font></p> <p>There should be 10 to 50 entries in there for a normal healthy machine, depending on how many devices you have attached. On our server we had 28,000 entries!</p> <h3>Now, how does the fix work?</h3> <p>The new hotfix from Microsoft makes a change to the Plug & Play Manager that adds a timestamp (or a tombstone date as they prefer to call it) for each new snapshot device that’s created. This means Windows is now aware of exactly when a snapshot was created and can make a decision to fully remove the device’s entry from the registry after a certain period of time. I’m not sure how long it waits but from our experience it can be counted in minutes rather than days or weeks.</p> <p>So well done to Microsoft for creating a smart solution to a critical problem. It took a massive amount of effort to get our case brought to the attention of the right person. Before that I had spent weeks working with a Microsoft support team in India by phone and remote desktop trying to explain what the problem was (and no, the problem will not be resolved by re-installing Windows, thank you!). It wasn’t until a Premiere Support case was opened and a Microsoft account manager from the UK got involved who contacted the right technical person that we started to make rapid progress. Microsoft had been aware of the technical issue for a while but our case seemed to have given them the incentive to fully investigate it. And we are grateful that we were finally listened to and some very expensive new servers can finally be put into service.</p> <h3>Cleaning up the registry</h3> <p>The only problem that remains is for other people experiencing this. You need to clean up your registry before applying the hotfix otherwise the freezing symptom will persist. To do this you need a tool from Microsoft called devnodeclean. Sadly this is not available anywhere on the Internet to download based on my Google and Bing searches. Microsoft should be able to email you a copy if you open a support case with them and refer them to KB982210 and this blog entry for good measure. Run devnodeclean without any switches at first to see what it makes of your registry, then use the /r switch to force it to remove the unwanted devices from the registry.</p> <p>Next you may need to compact your registry if it has become huge, anything over 50MB I would say. Ours peaked at over 450MB. The “system” hive (found in C:\Windows\System32\config\) can be compacted using regchk using the switches /l /c /r /v. Again, chkreg is only available by request from Microsoft and was in fact developed to repair the registry in Windows 2000 but amazingly still works for 2008 R2. Please note that regchk cannot compact a live “system” file. You need to back up your system settings first and run chkreg on a <strong>restored copy</strong> of the “system” file (restore it to a new folder somewhere else). Then boot up from the Windows setup DVD and enter the recovery console. Rename “system” to “system.old” and copy the compacted system file into the config directory. Then reboot into Windows.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com15tag:blogger.com,1999:blog-7078870535119697836.post-84506080754223253822010-04-10T01:46:00.001+01:002010-04-10T01:46:38.950+01:00Nasty Bite From the Apple<p>Apple have gone bonkers. They have changed their developers license to make sure that Flash can’t run on iphone, itouch and ipad devices. Do they really have it in for Adobe Flash or are they just trying to hide the possibility that they’re going to launch their own software in competition to Flash, or maybe their devices will run really slowly if they were to support Flash?</p> <p>Considering that Flash is on 98% of all desktop computers and most of the best or most visited websites use Flash this is very strange behaviour exhibited by Apple.</p> <p>But you know what, I don’t care! Why? Because I don’t own any Apple kit. I never have done and I’m not sure if I ever will. You see, Apple produce fashionable portable devices and I’m not one to follow fashion, especially if it looks far better than it actually performs as far as features are concerned. (I admit the UI is good but the rest of the world is catching up – seen Windows 7 Mobile?) And denying i(pod|pad|touch) users the ability to tap into Flash is denying them a fair bit of functionality. But do the users really care? Probably not since millions of people have already spoken with their wallets.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com3tag:blogger.com,1999:blog-7078870535119697836.post-25254609212448714232010-04-02T11:10:00.001+01:002010-04-02T11:10:07.800+01:00Windows 2008 Hyper-V or Volume Shadow Copy Bug Part II<p>Following on from the <a href="http://garysgambit.blogspot.com/2010/03/2008-server-freeze-hyper-v-or-volume.html">problem I blogged about a couple of weeks ago</a>, this is definitely a bug in Windows. From what we’ve been told it’s an inheritary, built-in limitation with VSS that prevents it from cleaning up after itself once 9,999 snapshots have been created. Therefore it only manifests if your server has created that many snapshots, so the explanation goes.</p> <p>Now, not many people run snapshots frequently enough to encounter the problem but since our servers are running a backup every 30 minutes and there are 14 VHDs connected to Hyper-V we would run into the problem in just 15 days. That’s the explanation we were given but that doesn’t explain why after cleaning up the registry using devnodeclean and chkreg the registry will immediately start to bloat during the next backup. Hmmm. And we encountered symptoms (freezing) only after the first week – that’s less than 9999 snapshots. Hmm.</p> <p>I’m hoping the engineers investigating this can come up with a permanent fix very soon.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com0tag:blogger.com,1999:blog-7078870535119697836.post-74541490049462195302010-03-15T12:13:00.001+00:002010-04-02T10:36:57.942+01:002008 Server Freeze, Hyper-V or Volume Shadow Copy Bug?<p>We have been scratching our heads over a very strange problem for the last 4 weeks which causes two new servers to lock up for up to 2 hours after logging on after a reboot. They’re running Windows 2008 R2 with Hyper-V and Windows Server Backup roles installed.</p> <p>After trying plenty of ideas to eliminate the problem it was pointed out to us by a Microsoft support guy that our System hive file was 343MB in size. It’s only supposed to be 15 to 20MB. I exported it as an ASCII file from regedit and opened it in Notepad. I counted <strong>24,000</strong> entries for VSS Snapshot devices! When Windows boots it tries to process 24,000 devices which causes it to choke killing the server for two hours – although the VMs limp on underneath and the host responds to pings but both the remote and local console is completely frozen.</p> <p>Example registry entry:</p> <p><font color="#ffff00" face="Courier">[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DE2F}\0349] <br />"InfPath"="volsnap.inf" <br />"InfSection"="volume_snapshot_install" <br />"InfSectionExt"=".NTAMD64" <br />"ProviderName"="Microsoft" <br />"DriverDateData"=hex:00,80,8c,a3,c5,94,c6,01 <br />"DriverDate"="6-21-2006" <br />"DriverVersion"="6.1.7600.16385" <br />"MatchingDeviceId"="storage\\volumesnapshot" <br />"DriverDesc"="Generic volume shadow copy"</font></p> <p>Trying to delete the snapshots using vssadmin from the command prompt threw this error: “<font color="#ffff00">Error: Snapshots were found, but they were outside of your allowed context.  Try removing them with the backup application which created them.</font>”</p> <p>So the question is what is causing 1000’s of VSS (volume shadow copy) snapshots to be created? A clue was found in the system event log when Windows Server Backups runs: “<font color="#ffff00">Failed to delete the shadow copy (VSS snapshot) set with id '1A1938A0-1590-4BF4-8173-20DF5FD69E36' in the running virtual machine 'MGT01': Unspecified error (0x80004005). (Virtual machine ID A3F941F1-ED7F-48E9-9CD7-CB7C28A6604A)</font>”</p> <p>We’re using Windows Server Backup (WSB) to take incremental backups every 30 minutes for a bare metal restore of the host and its Virtual Machines. That’s 48 backups a day of 14 VHDs for 42 days that the servers have been running for. Do the maths and that comes to 28,000 VSS snapshots. Taking into account that some backups failed to run and we stopped backups for a few hours here and there, this tallies with the 24,000 devices I counted in the registry. Bingo!</p> <p>So the bottom line is that the VSS writer creates a snapshot for each VHD at backup time but for some reason isn’t deleting the entries from the registry, although it is deleting the actual snapshots otherwise we’d have run out of disk space by now. Everything points to a bug in either the VSS writer or perhaps WSB or Hyper-V. They’re so tightly integrated during the backup process it’s hard to say which of the 3 is the culprit.</p> <p>Since this problem is reoccurring on <strong><u>two</u></strong> new servers from Dell we are sure this isn’t a one-off freak incident. There is only <a href="http://social.technet.microsoft.com/Forums/en-US/winserverhyperv/thread/07f406c8-678e-4609-b535-7dc2073ecaa0">1 other similar incident</a> reported on the web and that was a year ago on a HP server using BackupExec with the Hyper-V aware option. I’m waiting for Microsoft to get back to me, although I’ve been warned that even if they admit it’s a bug it could take a long time to produce a fix. We’d love to know why 1000’s of people who use Hyper-V and take frequent backups aren’t experiencing the same problem. There is no other software installed on the host apart from standard Dell drivers. Weird!</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com15tag:blogger.com,1999:blog-7078870535119697836.post-38498612962720818352009-11-06T02:18:00.001+00:002009-11-06T02:23:09.067+00:00CF Admin SQL injection flaw<p><a href="http://www.mischefamily.com/nathan/index.cfm/2009/11/5/SQL-Injection-Consideration">Nathan Mische has blogged</a> about a surprising ‘flaw’ in the ColdFusion Administrator that’s supposed to allow you to disable SQL commands coming from CF such as delete, drop, alter, update, etc. Apparently this is ineffective against multi-line SQL injection attacks – the most common sort of injection.</p> <p>Perhaps ‘flaw’ is the wrong word, but these settings do lead you to believe that any sql with delete, drop, etc in it would be prevented from being sent to the database.</p> <p>The bottom line is to always use cfqueryparam or stored procedures and sanitise user input from forms and urls. Don’t trust users – assume they’re all up to no good! ;-)</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com1tag:blogger.com,1999:blog-7078870535119697836.post-55166422036605818022009-10-06T12:30:00.001+01:002009-10-06T19:56:32.457+01:00ColdFusion 9 is out. Upgrade? Not this time.<p>After nearly a year of alpha and beta testing the latest release has hit the streets. It’s available to download as a 30 day trial or as a free developer edition (limited to 2 IP addresses as per usual). The <a href="http://www.adobe.com/products/coldfusion/features/">new features</a> are listed on the Adobe site.</p> <p>The <a href="http://www.terrenceryan.com/blog/post.cfm/coldfusion-9-eula-changes">license has changed for the better</a> which allows you to run the full version of CF on your development and test environments for free providing you’ve bought a new CF9 license for your production environment. Therefore if you were previously limiting your dev and test systems to 2 pesky IPs you can lift that restriction, but the new license only applies to CF9, it cannot be retrospectively applied if you own CF8 and earlier editions. Well done Adobe!</p> <p>The question everyone is asking is shall I upgrade our existing servers to CF9? I made the decision a while ago to skip this edition. You have to ask yourself what business benefits it will bring to the table and if that will enhance your apps sufficiently to pay for itself. Here’s my take on the new features. Obviously it’s different for every app and every business, but needless to say <strong><font color="#ffff00">our new apps being launched in the months to come will be using CF9</font></strong>, but our existing ones will not.</p> <ul> <li><strong>cfspreadsheet</strong>: Let’s you read from Excel files and update them too. Good if you work with xls files. I can see benefits for intranet apps. Previously to create xls files you had to create data as an HTML table but CF8 was unable to read or update existing Excel created files. <br /></li> <li><strong>Word to PDF</strong>: I really like this conversion facility but it does not officially support Office 2007 or 2010 docx files which is somewhat of an oversight. However, it will make a reasonable attempt at converting them but chokes on the more elaborate docx files <a href="http://cfsearching.blogspot.com/2009/07/cf9-beta-convert-doc-files-to-pdf-if.html">as explained in this blog</a>. OpenOffice needs to be installed for this feature to work. (While OpenOffice is free I’m not comfortable installing a bloaty desktop app onto production servers) <br /></li> <li><strong>ColdFusion as a service</strong>: Access CF features such as cfhart, cfdocument, cfimages, etc, as a web service. Perfect for offloading tasks to other servers or opening up CF features to .NET or PHP apps. <br /></li> <li><strong>Adobe AIR database synchronisation</strong>: If you’re into AIR this sounds like a useful addition. <br /></li> <li><strong>Virtual file system</strong>: Save files to RAM as if it were an ordinary hard drive. Good if you have a load of files that need to be regularly written to or read from or if your network drives are already a bottleneck for performance. Don’t forget all files in the virtual file system are wiped when the server is rebooted or crashes. <br /></li> <li><strong>Integration with CF Builder</strong>: If you’ve tried the beta of Builder (the new IDE from Adobe) then it will work better if you have CF9. I don’t like Builder. Sorry. I wish they had enhanced Dreamweaver instead because I also need access to design tools as well as coding tools, plus DW has a very good GUI. <br /></li> <li><strong>ORM</strong>: It sounds clever – CF will interface with your database without having to write a single line of SQL. Admittedly I haven’t got into this too deeply but I fail to see how it can write SQL as intelligently as a human or work with the many complexities of our stored procedures and data intricacies. I like to know exactly what’s happening at the CF<>SQL layer so ORM would worry me. Maybe ORM is for non-enterprise apps and RAD? I’m sure someone will enlighten me. <br /></li> <li><strong>New AJAX controls</strong>: I have a real problem  with this. Why are Adobe wasting their time adding a CF layer for JavaScript when the JavaScript library becomes outdated within a matter of months? If developers use a highly flexible JavaScript framework such as jQuery (which is really easy to learn and oh so sexy) then they can always keep their apps up to date with the latest features instead of having to wait a year or two for the next CF update (which also updates the built-in Ext JS library). jQuery is less bloaty and give developers much finer control over ajaxy things, ready-to-go menus, slick UI panels and interactive data tables etc. <br /></li> <li><strong>SharePoint integration</strong>: This is fantastic if your business or client uses SharePoint. It makes it so much easier for CF apps to take part or become the hub of new SharePoint apps. My biggest client has made a massive move to SharePoint which would have got me excited if they hadn’t banished all non-Microsoft technology from their organisation. Doh. <br /></li> <li><strong>Server Manager</strong>: Administrate multiple CF servers from a central console. Very useful if you have a large server farm or regularly tinker with the Administrator on a couple of servers. Definitely good for rolling out new CF servers. Otherwise <a href="http://www.merlinmanager.com/">check out Merlin</a>, an AIR based administrator for managing multiple servers running CF 7, 8 or 9. <br /></li> <li><strong>Enhanced Flash Remoting</strong>: Never used Flash Remoting or Flex, I am not a Flash developer as I find using DHTML/jQuery fast and effective for enhancing the user experience, but obviously this is welcomed by those who use Flash Remoting. (I wonder what percentage of CF developers do use it?) <br /></li> <li><strong>Speed enhancements</strong>: Other blogs have run tests to show that CF9 is faster than CF8. So if your current server is under strain maybe you can buy it some breathing room by upgrading? But realistically, new server hardware may be cheaper than a CF upgrade and if your server is 3+ years old a new Intel 55xx based server could quadruple your server’s speed and/or capacity. (We’re going down the hardware upgrade route) <br /></li> <li><strong>64 bit Edition for CF Standard:</strong> Yay! <br /></li> <li><strong>Cache enhancements:</strong> The popular Ehcache technology is now integrated into CF. Rob Brooks-Bilson talks about this in detail over 4 blog entries so I’ll leave him to explain since he’s done such a fantastic job. <a href="http://www.brooks-bilson.com/blogs/rob/index.cfm/2009/7/21/Caching-Enhancements-in-ColdFusion-9--Part-1-Why-Cache">Part 1</a>. <a href="http://www.brooks-bilson.com/blogs/rob/index.cfm/2009/7/29/Caching-Enhancements-in-ColdFusion-9--Part-2-Caching-Granularity">Part 2</a>. <a href="http://www.brooks-bilson.com/blogs/rob/index.cfm/2009/9/3/Caching-Enhancements-in-ColdFusion-9--Part-3-Caching-Architectures">Part 3</a>. <a href="http://www.brooks-bilson.com/blogs/rob/index.cfm/2009/9/21/Caching-Enhancements-in-ColdFusion-9--Part-4-Caching-Strategies--Eviction-Policies">Part 4</a>.</li> </ul> <p>Finally, Adobe have produced a <a href="http://www.adobe.com/products/coldfusion/pdfs/cf9_feature_comparison_matrix_ue.pdf">useful product matrix</a> showing the differences between CF7, 8 and 9 for both Standard and Enterprise editions of each version.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com7tag:blogger.com,1999:blog-7078870535119697836.post-37198795966742923422009-09-27T12:36:00.001+01:002009-09-27T12:36:19.147+01:00Validity – flexible jQuery form validation<p>I was looking for a form validation plugin for jQuery that offers enough flexibility to hook in to my own rather complex forms and existing JavaScript. After auditioning several plugins I came across <a href="http://validity.thatscaptaintoyou.com/">Validity</a> which has seriously impressed me.</p> <p>Validity, by Wyatt Allen, offers the key following features:</p> <ol> <li>Built-in validators for email, number, url, date, range, length, etc. </li> <li>Equal(), distinct(), sum(), etc, methods for advance validation. </li> <li>Use jQuery selectors to create rules for which fields to validate and compare. </li> <li>Easily extendable using your own regular expressions or js functions. </li> <li>Fully chainable validation. e.g. $("#lastname").require().minLength(2).maxLength(40).nonHtml(); </li> <li>Optionally provide your own validation error messages. </li> <li>Multiple validation error display modes: Creates neat arrowed validation messages by each field with an error, or Modal mode, or Summary mode, or create your own! e.g. javascript text based alert, or outline error fields in red, or display errors at top of page, etc. </li> <li>Automatically picks up the name of each form field or use a friendly name with the title attribute. e.g. <input type=”text” id=”firstname” title=”First Name”> </li> <li>Validity can intercept the submit button or be called when you want it to (if you use ajax for example). </li> <li>Only 9KB in size </li> </ol> <p>Some example uses:</p> <p><font color="#ffff00">$("#title").require().minLength(25).maxLength(250);</font> <br />The title field is required, min char length is 25 and max length is 250.</p> <p><font color="#ffff00">$("#duration").require().match("integer").range(1,400); <br /></font>The duration field is required, must be an integer, and numbers from 1 to 400.</p> <p><font color="#ffff00">$("#email,#email_confirm").require().match('email').maxLength(70).equal("Email addresses do not match");</font> <br />Applies to both the email and email confirmation fields, both required, must be a valid email address up to 70 chars, and must be equal to each other. My own error message will be shown if they are not equal.</p> <p><font color="#ffff00">$("#postcode").require().match(/^([a-z][a-z]?\d\d? ?\d[a-z][a-z])$/i,"Postcode is invalid");</font> <br />The postcode field is required and must match my own regex for UK postcode validation and will display my own message if it’s invalid.</p> <p>Here’s the <a href="http://validity.thatscaptaintoyou.com/Demos/">documentation with a couple of little demos</a>. The <a href="http://validity.thatscaptaintoyou.com/">home page is here</a> and you can <a href="http://code.google.com/p/validity/downloads/list">download the plugin from Google Code</a>.</p> <p>Well done Wyatt, this is a brilliantly thought out plugin leaving ample room for developers to customise their own validators, messages, and display rendering. Perfect! :-)</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com2tag:blogger.com,1999:blog-7078870535119697836.post-71516227142280605242009-09-06T14:35:00.002+01:002009-10-07T19:31:24.990+01:00Windows 7 Annoyances & Backups<p>Up until now Windows 7 was just running on my laptop, a non-critical machine I use to run presentations on. Now that the final code is available to developers and my shiny new Intel SSD “G2” drive has arrived I thought it was a perfect opportunity to upgrade my main desktop PC to Windows 7.</p> <p>It was a fresh install using the new SSD drive. It took 4 attempts before I had a stable install; the installer hung once, after one successful install the drive refused to boot up, the “repair Windows” option failed, yadda yadaa. 24 hours after it all appears to be working my fingers are still crossed.</p> <p>Now, onto the issue of this post. When I shut down my PC at night I want to carry on working where I left off the following day – at least I want all the folders to be open up at the same place. Therefore, on XP I had both these options checked in Tools/Folder Options: “Restore previous folder windows at login” and “remember each folder’s view settings”. Windows XP obeyed this command like a faithful dog, but Windows 7 doesn’t play ball. On rebooting it opens all my previous windows <strong>on top of each other</strong>, in a pile. What a mess! I then spend a minute rearranging them all, dragging them to their correct position and resizing them to how they should be. What a pain!</p> <p>Furthermore, Windows 7 forgets they layout options for each window. The option “remember each folder’s view settings” that was in XP is <strong>missing</strong> in 7! A couple of my windows list files that I frequently access so I don’t want to see the navigation pane, just the file list. I use another window for managing files so I always want the navigation pane displayed. XP obliges by 7 is so stupid it can only remember 1 folder setting and applies it to all of them, so on reboot the windows are either all with navigation panes or without, not the customised mixture that XP used to respect.</p> <p>For those reasons I find Windows 7 very frustrating. Someone suggested using hibernate or suspend instead of shutting down. That may be okay if Windows doesn’t refuse to recover from hibernation, but it shows an error on resume and reboots.</p> <p>Remembering folder views and locations is a very, very simple function for an OS but Windows 7 has taken a huge leap backwards here. It does not compute. Windows 7 has been given the memory of a goldfish.</p> <h3>Backups – Aargh!</h3> <p>I want to back up my C (boot) drive which is 80GB onto an external 200GB drive. No, it can’t do that because Windows has decided that the backup has to include my D drive which is a massive 1TB internal drive. <strong>What?</strong> I can’t back up my boot drive because Windows insists that the D drive is also included? How stupid is that. I do not want to back up my entire 1TB “D” drive, just the critical C drive.</p> <p>Admittedly I have installed non-essential apps onto the D drive such as Firefox, Visio and Dreamweaver, plus I changed the location of My Documents from the C drive to the D drives to save disk space on the precious 80GB SSD. But those files aren’t critical to restoring Windows should the need arrise.</p> <p>I’m now testing out other backup options. My key requirements are:</p> <ul> <li>Volume Shadow Copy – so open files can be backed up like Outlook’s .pst files </li> <li>Back up specific files from any of my drives without having to backup the entire drive </li> <li>Option to back up files into zip files so the backups are completely independent and not proprietary files formats. </li> <li>Additionally create an image backup of a drive (to quickly restore my boot drive onto another drive should it die) </li> <li>Incremental backups so only changes are backed up on a daily basis </li> <li>Windows 7 bit-bit compatible </li> </ul> <p><a href="http://www.educ.umu.se/~cobian/cobianbackup.htm">Cobian Backup</a> has always been perfect for file backups (it’s a brilliant free app) but sadly it’s only a 32 bit app which means it can’t do volume shadow copies on a 64 bit OS – which is what I’m now running to utilise the full 4 GB of ram in my PC.</p> <p>So I will now evaluate the following free or cheap alternatives:</p> <ol> <li><a href="http://www.acronis.co.uk/homecomputing/products/trueimage/">Acronis True Image Home 2009</a> (commercial, £40/$60, or <a href="http://www.software.co.uk/Products/Acronis_True_Image_Home_2009.html">half price here</a>) </li> <li><a href="http://www.gfi.com/backup-hm">GFI Backup Home Edition</a> (free) </li> <li><a href="http://www.macrium.com/reflectfree.asp">Macrium Reflect Free Edition</a> (free) </li> <li><a href="http://www.macrium.com/">Macrium Reflect</a> (commercial, £20/$30) </li> </ol> <p>Acronis is not yet fully Windows 7 compatible which is a shame as it has some very powerful features. GFI Backup sounds great as a file-only backup solution (it doesn’t do drive imaging, same as Cobian Backup). Macrium Reflect (commercial) does both file and disk imaging but backs up to its own proprietary file format.</p> <p>I think I may use two apps for a separate disk imaging and file backup strategy.</p>Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com6tag:blogger.com,1999:blog-7078870535119697836.post-39441179497528638192009-09-01T11:45:00.001+01:002009-09-01T11:45:22.498+01:008x ColdFusion Hot Fixes in just 2 weeks!<p>First there were <a href="http://www.adobe.com/support/security/bulletins/apsb09-12.html">7 hot fixes rolled</a> out on the same day on 17th August – all to do with security vulnerabilities. Adobe’s documentation was sparse causing problems and <a href="http://forta.com/blog/index.cfm/2009/8/17/ColdFusion-And-JRun-Security-Hotfixes-Posted">lots of questions to be raised</a> by early adaptors of the hot fixes.</p> <p>Today, 1st Sep, <a href="http://kb2.adobe.com/cps/511/cpsid_51180.html">Cumulative Hot Fix 3</a> has been released for CF 8.01 that fixes 21 new bugs as well as the fixes contained in the previous 2 cumulative hot fixes. This does <strong>not</strong> include fixes for the aforementioned 7 security vulnerabilities.</p> <p>I can’t say I’ve encountered any of the bugs listed for Hot Fix 3 and they’re not security related so we’ll put some thought into whether to deploy it or not as I’m a great believer in “if it ain’t broke, don’t fix it”. Do read through the list of fixes to see if any issues are relevant to you. Maybe some of the descriptions will explain some strange errors you’ve encountered with your apps?</p> <p>I notice there’s no fix for the <a href="http://garysgambit.blogspot.com/2009/04/cfmail-spool-bug-in-coldfusion-801.html">mail spool bug</a> I reported over a year ago.</p> <p>Now, back to the 7 security hot fixes. The original documentation was, let’s face it, terrible. But on 28th Aug Adobe updated the text to make it clear that hot fix 1876 must only be applied if you’re running Apache. Do not apply it if you’re running IIS which is what I did on a test box. Luckily I held back on applying it to the prd servers before receiving confirmation that it’s not for IIS. The test box happily accepted the hot fix anyway and doesn’t seem any the worse for it.</p> <p>Hot fix 1875 and 1878 are byte for byte absolutely identical which is really weird. Why didn’t Adobe roll them into the same hot fix instead of listing them separately and making people install two hot fix files which are the same in all but file name?</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com0tag:blogger.com,1999:blog-7078870535119697836.post-72704806570764219952009-06-30T02:15:00.001+01:002009-06-30T02:15:32.410+01:00Universal Phone Chargers for Europe<p>It’s not often that something the EU (European Union) does is so clearly a step in the right direction. So what did they do? They got the major phone manufacturers to agree to a single type of phone charger and this will be implemented in every phone by 1st January 2010. Whoo hoo!</p> <p>They went with the micro USB connector which is already a fairly well used by many phones. Being USB it can carry data as well as power, so connecting your new phone to your computer won’t require a new cable either.</p> <p>The EU wants to cut down on the number of mains chargers that are made and then chucked away. But since every new phone comes with a mains charger how will that change anything? It’s good for the consumer as we’d just need one mains charger plugged in to recharge any phone in the house. About frigging time.</p> <p>Now how about standardising electrical plugs and sockets next? I propose the British system is adopted by Europe because it’s the safest with a built-in fuse, built-in earth, and the socket’s pin holes are closed so little fingers or children poking things into the holes can’t reach the live connection. The holes are automatically opened when a plug is pushed in; the earth pin is slightly longer, it mechanically opens the live and neutral pin holes. Sometimes when I buy new electrical items it comes with 2 different cables (for Europe/UK or US/UK) and sadly one has to be thrown away. If cables were made from liquorish I wouldn’t complain.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com0tag:blogger.com,1999:blog-7078870535119697836.post-19131309976209224112009-05-22T02:05:00.001+01:002009-05-22T02:05:24.366+01:00Windows Live Messenger makes me cry<p>For years I’ve had MSN Messenger installed so I can chat with friends and family. Recently Microsoft release a new version, Windows Live Messenger 2009. (Does it hurt them too much to think of a short name I can spit out in just a couple of syllables?)</p> <p>I installed it and it crashed every single time I tried to log in. There was no facility to report the bug yet alone take out my frustration with some anonymous support guy.</p> <p>6 or 8 weeks had passed and I thought surely they have fixed the bug by now. I can’t be the only user out of a million who fell foul of the 2009 release. So I installed it again from their “Essentials” online installer and BAM! It crashed again. Aaargh!</p> <p>My attempt to defy Microsoft by uninstalling Messenger was blocked by the small fact that I couldn’t find an uninstall option anywhere on my computer. Nothing in the Start menu and nothing in Add/Remove Programs. Oh how I despise thee. For art thee friend or foe? I really do wonder sometimes.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com4tag:blogger.com,1999:blog-7078870535119697836.post-35781781893791017902009-05-07T23:41:00.001+01:002009-05-07T23:41:50.865+01:00Windows 7 RC downgraded my graphics<p>After battling through an incompatibility problem with <a href="http://www.avg.com">AVG</a> after upgrading from Vista (spit!), I was very pleased with Windows 7. It’s performance, looks and usability have all been improved.</p> <p>Windows 7 rated my graphics card (ATI X1700 built into the laptop) as 4.4 for “Graphics” which is pretty good. Then I was alerted to some updates including one for ATI graphics which was unexpected. After the update and a reboot I re-ran the performance test and was astonished that it downgraded my respectable 4.4 rating to a measly 2.1. I ran it again to check and it was the same.</p> <p>The “Gaming Graphics” rating remained at 3.3. So Windows 7 after the update reckons my card is more capable of 3D gaming that it is of moving 2D windows around the screen.</p> <p>The most annoying thing is, Microsoft removed the reporting tool from the release candidate so I can’t inform Microsoft about this problem. Like everyone else I just have to blog about RC problems instead.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com1tag:blogger.com,1999:blog-7078870535119697836.post-88453003332237401132009-05-03T11:32:00.001+01:002009-05-03T11:32:20.882+01:00Twitter drives me cuckoo<p>I had deliberately avoided using Twitter because I couldn’t understand why anyone would want to micro-blog every mundane thought or action, and even more so why would anyone want to be bombarded by other people’s mundane thoughts?</p> <p>You’ve got to get your hands dirty to fully understand some things in life so I rolled up my sleeves and set up a Twitter account and installed what looks like one of the best Twitter desktop clients, <a href="http://www.tweetdeck.com">TweetDeck</a>, which uses <a href="http://www.adobe.com/products/air/">Adobe AIR</a>.</p> <p>I became a follower of about 15 people, quite a lot  I thought at the time, until I saw that others were following 100’s of people. Only 3 of my 12 regularly tweeted, sometimes several tweets each per hour. Where do these people get the time from to stop what they’re doing and compose a 140 character thought to share with others? Perhaps they were unemployed or had a very dull office job. Not at all, they’re very busy people working in the IT world, yet they have developed a mental condition that I couldn’t fathom which had become a compulsion to tweet about what they’re doing right now, what they think about something, or where they’re about to go. (Guys, if you’re reading this then I apologise, but at least your flames will be restricted to 140 characters!!! Ha-ha-ha! ;-)</p> <p>TweetDeck interrupted my train of thought throughout the day alerting me to new tweets. About 1 a day turned out to be interesting, pointing to a URL containing something useful to my job or interesting in my capacity as a concerned citizen.</p> <p>Celebrities clearly enjoy Twitter as it gives them a platform to perform and to be adored for every waking hour in their life. And fans who live and breath their idol can relish in their activities and musings all day and every day. Stephen Fry is one of the most followed twitterers with nearly half a million people clinging to his occasionally amusing tweets. There was that incident a few months ago where he was stuck in a lift (elevator) and twittered about it from his mobile phone and drew some optimism from his followers who replied to give him support during that very long 30 minute experience, stuck in a confined space with a load of strangers who no doubt started to smell after a short while.</p> <p>My conclusion is pretty much what I expected before trying Twitter. If you didn’t have a compulsive disorder before using it then you’ll probably develop one after a week. It’s like drilling holes in your life, you’ll leak valuable time during the course of the day achieving very little by twittering or reading every tweet flashed up at you.</p> <p>I reckon Twitter will be a phase, a fashion lasting a couple of years, or it will mature into something more sensible that can be better controlled or filtered or used in applications for a genuine practical purpose. Speaking of which, there’s a <a href="http://cftwitterlib.riaforge.org/">ColdFusion Twitter library</a> that looks very good which gave me an idea of using Twitter in a constructive way for an existing application.</p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com3tag:blogger.com,1999:blog-7078870535119697836.post-81748208165996669542009-04-16T23:19:00.001+01:002009-04-16T23:23:20.352+01:003 CFML Engines, a hard choice to choose<p>With 3 great CFML engines to choose from, the choice for developers can be a painful one. Torn between <a href="http://www.adobe.com/products/coldfusion/">Adobe ColdFusion</a>, <a href="http://www.getrailo.com/">Railo 3.1</a> and <a href="http://www.openbluedragon.org/">Open BlueDragon</a>? Yeah, me too.</p> <p>The core CFML tags and functions are well supported by all 3, with mostly the bleeding edge features that separate them along with the support options if you’re concerned with needing expert help if you find a bug or quirk that becomes a showstopper.</p> <p>The other consideration is the platform you have to host the CFML engine. Adobe ColdFusion is well supported by hosting companies if you’re not hosting it yourself, but the others have limited options at the moment.</p> <p><img title="Open BlueDragon on Google Apps Engine" style="border-right: 0px; border-top: 0px; display: inline; margin-left: 0px; border-left: 0px; margin-right: 0px; border-bottom: 0px" height="188" alt="Open BlueDragon on Google Apps Engine" src="http://lh4.ggpht.com/_6lC_k5CzsBQ/Seeu1P5ER0I/AAAAAAAAACA/c2x0eLsdpVk/openbdongoogle%5B14%5D.jpg?imgmax=800" width="278" align="right" border="0" />UPDATE: I just read that OpenBD can run on the Google Apps Engine! <a href="http://vbonfanti.appspot.com/index.cfm">Live demo!</a> Look at the appserver value. (It’s not available on there yet… work in progress…)</p> <p>Most of my projects are self-hosted so I don’t care about the platform, I just need stability, easy-to-get support (free or paid-for), and a promising development roadmap.</p> <p>I’m not quite finished… each CFML engine have their own unique features. Take Railo with its CFVIDEO tag for example, for someone that could be a deciding factor. Creating YouTube sites could be as easy as pie. Open BlueDragon works natively with Amazon’s SimpleDB and can pull & push files to/from Amazon S3. ColdFusion 8 has built-in MS Exchange support (which is cool) and AJAX stuff which I don’t really care for. jQuery is the way to go. :-) But ColdFusion 9 is scheduled to be released by the end of the year and will arguably leapfrog the other two with a ton of new features.</p> <p>I haven’t been too happy with the support from Adobe when I discover bugs and their 2-year product cycle means some issues don’t get addressed for a long time, although their intermediate patches are warmly welcomed. </p> <h4>A price to pay…</h4> <p>Then there’s the pricing issue. Sure, £6000/$7500 isn’t a massive price for big companies wanting to run with CF Enterprise, but small companies or personally financed start-ups can’t chuck that sort of money into application software when it costs the same amount to purchase new server hardware and host it for 4 years. Even on the enterprise level if you need to expand a cluster and whack in an extra web server it’s £1000/$1500 for the hardware and then £6000/$7500 on top. A large organisation would still ask why it’s costing that much to pop in an extra server.</p> <p>The current economic climate has put pressure on many businesses to cancel or scale back on projects and the awful £/$ exchange rate has made CF <strong>a lot</strong> more expensive in the UK. So maybe now is the time to look closely the open source CFML engines. </p> Gary Fentonhttp://www.blogger.com/profile/02616344210671605355noreply@blogger.com3