The release candidate for the next version of QueryParam Scanner is
available on GitHub.
So what's changed?
Well it now runs on FW/1 rather than Fusebox, and the UI has a new
theme - the previous gold/beige is gone, and in its place is a theme based on a
"new" logo which I've actually had sitting around for several years. There's CSS
used that will require a modern browser - FF4 and IE9 both work, but no
guarantees for anything older.
Functionality-wise there's a couple of fixes: an error is now thrown when a
directory doesn't exist (previous behaviour was to return 0 matches in 0 files),
and the IDs returned in data structures are now content-based hashes (previously
they were ever-changing UUIDs). Oh, and the IDs are now displayed with the HTML
results, in preparation for future functionality that'll potentially use them.
A new experimental (i.e. buggy) feature has been added to seperate the query
code into SELECT/FROM/WHERE/etc parts, when returning data structures. This may
help with post-processing the data, but has known flaws so use with care.
(The existing ORDER BY functionality has also been marked as experimental to
similarly indicate that it's not perfect.)
There's a minor change in that relative paths are officially not supported -
the UI always stated absolute paths or mappings were required, but there was
ugly code in place to try and make relative paths work too - that code has been
removed. If you used relative paths before, you need to resolve them before
passing to qpscanner.
Changed: Switched to FW/1 and removed unnecessary files.
Changed: New logo and front-end UI.
Removed: Dropped unofficial relative path support.
Added: Experimental ability to separate query code into segments
Fixed: IDs now use content-based SHA hashes, not random UUIDs.
Fixed: Throw error when path does not exist, instead of zero results.
Supports: ColdFusion 9/10 and Railo 3.3/4.0/4.1
That's it for now. There are several new features planned to make qpscanner
faster, more flexible and more useful, but you'll have to wait for a future
release for those.
As ever, if you have any feedback, feature requests, or find any bugs, then
please go ahead and get in touch via the GitHub issue tracker.
I will be speaking at this year's Scotch on the Rocks conference.
My presentation is on the subject of getting help when you are stuck
and how to describe your issue in a way that makes it easier for others to help
All developers have times when they need help, but it's not always easy to ask
for (particularly when all you want is to get past a tricky problem, not have
long tangental discussions). Having spent a lot of time both seeking and
offering help, I hope to shed some light on the quickest ways to find solutions
and effective methods for framing your issues so that fellow developers can
understand what you need.
The talk will be aimed at developers of any level who want help with getting help.
Scotch on the Rocks is Europe's longest running conference catering for CFML
developers, having been held most years since 2005. This year it takes place on
the 6th and 7th of June at the Hilton Edinburgh Grosvenor hotel and
covers a wide variety of topics on different aspects of web development
- so whether you're looking to learn new techniques and technologies or you
want to network and socialise with other programmers, Scotch on the Rocks is the
conference for you.
Hurry up and book your tickets before they sell out!
Earlier this week I promoted the release candidate for 0.7.5 of QueryParam Scanner
to full release.
For anyone unaware, QueryParam Scanner is a simple tool for identifying
unparameterised variables in CFML queries (which may indicate a potential SQL
This version has a handful of bug fixes and code cleanups, resulting in faster
more accurate scanning than previous versions, plus the addition of JSON output
format, giving a more lightweight option if used in scripted processes.
For further details on these, see the previous RC article; other than
a couple of trivial fixes and a new readme, nothing has changed since that.
To download the latest version, you can either clone the git repo, or
grab it as a zip archive from the GitHub tags page.
For any feedback, problems, or questions, please use the issue tracker.
If you're using a cPanel-powered Apache server, there's a chance it
may not be setup in the best way.
The same issue might manifest itself in two ways: confusing error messages and
ignored htaccess directives.
In both cases, the solution is to use the ErrorDocument directive.
Find out more.
Today was the 1st June, and that means it's Regex Day again!
This annual event was started four years ago by Ben Nadel to celebrate this wonderful (yet often misunderstood) technology, and as usual Ben is running a fun regex competition, with prizes, on his blog.
If that's not enough regex goodness for you, here's a couple of projects you should know about.
For CFML developers, there's cfRegex a replacement regex implemenation providing more power and functionality than CFML's native functions, whilst being easier to work with.
Whatever your level of regex skill, both of these tools are definitely worth checking out.