Anyone have any tips/tricks/experiences?

Going to try to learn a bit of this and just wondering who knows what.

ok hi

yea...
i cant program at all
and here u are programming in new languages every week

fu bitch

ok hi

yea...
i cant program at all
and here u are programming in new languages every week

fu bitch

it doesnt take much. once you learned c, the rest is easy. how many different types of variables can possibly exist for example? once the basics are understood, its just learning syntax, which nowadays specialized editors even help you out with.

it doesnt take much. once you learned c, the rest is easy. how many different types of variables can possibly exist for example? once the basics are understood, its just learning syntax, which nowadays specialized editors even help you out with.

Truth.

Experience with lots of languages only plays a part when you're finding the best language for a job.

rename app.vars and cookie.vars so you're stuff is secure and not publicly disclosed.

Update: I've used this language for a total of 15 minutes last night and I already like it better than PHP.

check out <cfquery> blocks. very useful. PHP > *

also, sql injection is pretty easy (see one of my recent threads) in CFM but if you know what you're doing you'll be able to code a custom method to strip evading text into literals

also, sql injection is pretty easy (see one of my recent threads) in CFM but if you know what you're doing you'll be able to code a custom method to strip evading text into literals

Just from a quick glance SQL injection attacks look trivial to prevent using cfparam and cfqueryparam.

vb6 anyone?

Just from a quick glance SQL injection attacks look trivial to prevent using cfparam and cfqueryparam.

after looking at the site's code, they weren't using that. I was able to break through. i guess it's always safe to turn off error messages then to prevent execution.

it was basically:


/*
Syntax error in string in query expression 'ljname = ""or"'.

The error occurred in D:\Hosting\nemo4\trackprocess.cfm: line 10

8 : select *
9 : from PA1
10 : where ljname = "#lcase(numtext)#"
11 :
12 : </cfquery>
*/


http://net33.us/trackprocess.cfm?numtext=&#37;22or&CFID=12124543&CFTOKEN=49495959

" or 1="1 to grab the db.

In the benchmarking testing I did a couple years back, CF performance can't compare to PHP or .NET...

I also don't really care for the tag-based syntax.

In the benchmarking testing I did a couple years back, CF performance can't compare to PHP or .NET...

I also don't really care for the tag-based syntax.

abstraction and encapsulation is good in some languages, like java, because it allows you to create objects with variables/methods and use wrapper classes. the abstraction in CFM reminds me of abstraction in Visual Basic, in the sense that it really isn't abstraction at all. thus, I don't really understand why they have a tag based syntax, when there is no real use for it. like visual basic, everything is separated into blocks of code for no apparent reason.

in java and php, abstraction and encapsulation serve a real purpose. i don't use classes in php, because honestly who does, but java it is key to it's syntax. what's the point of the tags in CFM?

what's the point of the tags in CFM?

exactly. even when using JSP and ASP, I can't stand the tag-based syntax. I prefer to do as much in back-end code as possible and use as few tags as I can.