I have just pushed an update of QueryParam Scanner to GitHub, containing
This update is on the rc0.7.5 branch, and it'd be nice if people could
take it for a spin and make sure there are no issues with it. (There is a
zip download for anyone without git.)
The visible changes which you might notice are:
- Added JSON output format, giving an alternative to XML for anyone using
qpscanner in a scripted process.
- Added variable for number of potential risk files, and improved related
wording in HTML output.
- Fixed bug where identical queries were causing incorrect line numbers.
- Fixed bug where query names were not being detected.
- Fixed bug where blank lines were incorrectly removed.
However, there are also significant under-the-hood changes. I removed my
obsolete "Java Regex Utils" library (replacing it with the object part of
cfRegex), and made a number of little code clean-ups.
A result of these changes is that qpscanner rc0.7.5 appears to be almost twice
as fast as previous versions.
If you have any feedback, please feel free to contact me via GitHub,
and similarly if you find any bugs then please raise them on the issue tracker.
It's been over two and a half years since my last "why railo" post, and -
despite Railo "only" being 0.3 versions on - there's
been a lot of improvements!
In fact, because it's been so long, a few of the things here are not new with
v3.3 (though they are all new since the previous article),
but are still great features that deserve mentioning!
Read on to find out what my ten favourite new feature are.
If you've ever looked at the CFML related articles on Wikipedia, you can't fail
to have noticed that, especially when compared to other programming articles,
they're not very good.
When somebody puts "coldfusion" or "cfml" into Google, they will almost
certainly see the respective Wikipedia pages amongst the top three results, but
when they follow those links they're unlikely to get a very good impression!
Not only could both these pages themselves benefit significantly from being
cleaned up and improved, but there are only a few frameworks and tools that even
have pages, and most of what does exist are very unencyclopaedic stubs. And this
doesn't even consider the generic programming pages that often don't even mention CFML.
Take a look at the CFML category page
- does that category contain everything you would expect an encyclopaedia to
cover about CFML? Check the pages for the frameworks you are familiar with - do
they go into the level of detail you would expect, and tell you everything you'd
want to know if you were entirely new to CFML?
If you agree that the CFML presence on Wikipedia can and should be improved,
and it's up to the CFML community to do it, then
read on to find out how you can help fix it.
The cfRegex project is two things. Firstly, it is a complete regex implementation
for CFML, providing more functionality, flexibility, features and power than the
existing CFML RE functions. Secondly, it is a drive to encourage people to
properly learn and make use of regex.
Regex is a very flexible language for matching patterns within text, and it has
the power to greatly simplify certain programming tasks. However, it can also be
intimidating to people not experienced with it.
This problem can be compounded by the relatively limited support for regex in
CFML, which often means code is written that is more complex than should be
cfRegex helps to address both these problems. It provides a number of functions
and features that help to reduce the amount of code which programmers have to
write, whilst also helping to make their code clearer and easier to understand.
In addition, the project provides documentation, not just for its own features,
but also for regex itself, helping people to understand exactly what their
expressions are matching, and how to get the most out of regex.
Whilst cfRegex is still at a relatively early stage, it is currently usable, and
if you're a fan of regex it is certainly worth checking out.
It currently runs on CF 9.0.1, OpenBD 2.0, Railo 3.2 and later.
(Support for CF8 and others will be considered if enough people need it.)
The documentation should tell you everything you need to know about using it,
but if not then get it touch and say what's missing so it can be fixed!
If you get stuck, there's a mailing list where you can receive answers to any
problems or questions you have.
It's 1st June 2010 today, and that means we're celebrating for the third time the annual International Regular Expressions Day.
Ben Nadel kicked off this event two years ago, in order to promote the use of Regex, especially amongst those who might consider them something scary and obscure.
As before, Ben is running a contest, this year's prizes being some O'Reily Regex books and IIS Mod-Rewrite Pro licenses.
Entry to the competition requires writing some code, and the deadline is today, so if you're interested then hurry up and
read Ben's blog entry to find out more.
Happy Regex Day!