Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users
Course Of The Month
Become a Premium Member and unlock a new, free course in leading technologies each month.
Solved
CFX problem
Posted on 2002-05-03
Hi everybody,
System:
Coldfusion 5.0 (Linux)
Apache
I'm writing a CFX tag to securly retrieve passwords for our users. In order to confirm their identity i need the CFX to workout what directory the calling template is in (i have a UNIX library that uses the getUID() call) - but WITHOUT the user entering the template.
The only option i have come up with so far is using a CFML tag that uses getCurrentTemplatePath() (or whatever its called :) and then it calls the CFX. The down side of this is that you can decompile CFML tags very easily.
Points will go to the first viable solution other than the one above.
GR.
System:
Coldfusion 5.0 (Linux)
Apache
I'm writing a CFX tag to securly retrieve passwords for our users. In order to confirm their identity i need the CFX to workout what directory the calling template is in (i have a UNIX library that uses the getUID() call) - but WITHOUT the user entering the template.
The only option i have come up with so far is using a CFML tag that uses getCurrentTemplatePath() (or whatever its called :) and then it calls the CFX. The down side of this is that you can decompile CFML tags very easily.
Points will go to the first viable solution other than the one above.
GR.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
2
-
2
4 Comments
GetDirectoryFromPath(GetTe
You can pass the above as a parameter to the CFX from the calling page.
Or just set it as a variable in your application.cfm and you are done!
Jimmy
You can pass the above as a parameter to the CFX from the calling page.
Or just set it as a variable in your application.cfm and you are done!
Jimmy
Jimmy,
trying to avoid passing in a parameter, as user could call the resulting CFX with a string and then retrieve another users password.
GR.
trying to avoid passing in a parameter, as user could call the resulting CFX with a string and then retrieve another users password.
GR.
Well thats avoidable.
1)Encrypt the parameter and Send, then decrypt in CFX.
2) Pass Another Parameter and if that is passes only then CFX will run. e.g. "Hideme=Yes"
Jimmy
1)Encrypt the parameter and Send, then decrypt in CFX.
2) Pass Another Parameter and if that is passes only then CFX will run. e.g. "Hideme=Yes"
Jimmy
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Lease-to-own eliminates the expenditure of hardware replacement and allows you to pay off the server over time. Usually, this is much cheaper than leasing servers. Think of lease-to-own as credit without interest.
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
- Web Development
- Ransomware
- Cybersecurity
- Security
- Monitis
- Web Servers
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar.
Int…
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month7 days, 7 hours left to enroll
622 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.