Identifying a Coldfusion / SQL database

I am trying to pick my way through a client's web site which they had developed for them a few years ago. The design firm has now gone out of business.

I'm ok with PHP but unfamiliar with Coldfusion. I'm looking at the code and things seem straightforward enough but there's a few issues I just can't understand and I'd like some help please.

There is an area of the site that requires a login. I've seen references to the following variable but just can't find where its set:

Also, in the hunt for clues, I looked at a simple web page and found that it somehow knows the client's name without finding it in an include (unless I'm missing something!):

<cfinclude template="includeHeaderHome.cfm">

<!--- OUTPUT --->
<div id="content" align="left">
	<div class="contentColumn1">
		<p class="contentHeading">Welcome</p>
		<p>This the ***client name*** administrator. Use the menu above to navigate around the site.</p>
		<!--- MESSAGES --->
		<cfif isDefined("URL.message")>
			<cfif URL.message EQ "editParam">
				<p>Thank you for editing the parameters, you should now thoroughly test the site.</p>
		<cfif IsDefined ('SESSION.userAccess.idUser')>
			<p>You are currently logged in as '<a href="user.cfm?action=edit&idUser=<cfoutput>#SESSION.userAccess.idUser[1]#</cfoutput>"><cfoutput>#SESSION.userAccess.nameUser[1]#</cfoutput></a>'.</p>
		If you have any queries use the help panel if available or contact your <a href="mailto:<cfoutput>#getParam.siteAdmin#</cfoutput>">system administrator</a>.

<cfinclude template="includeFooter.cfm">

Open in new window

<cfinclude template="includeNav.cfm">
	<table class="navStyle" border="0" cellpadding="0" cellspacing="0" width="960">
			<td width="67"><a href="home.cfm">Home</a></td>
			<td width="127"><a href="param.cfm">Site Parameters</a></td>
			<td width="100"><a href="file.cfm">File Transfer</a></td>
			<td align="right" colspan="5"><span class="contentHighlight">Main</span></td>

Open in new window

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "">
<html xmlns="">
<cfprocessingdirective pageEncoding="utf-8">

	<link href="css/admin.css" rel="stylesheet" type="text/css" />
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<meta name="keywords" content="<cfoutput>#getParam.siteKeywords#</cfoutput>" />

	<table width="100%"  border="0" cellspacing="0" cellpadding="0">
			<td align="center">
				<div id="container">
					<div id="nav" align="left">
						<div id="navTitle">
							<a href="home.cfm"><img src="gfx/EMDDLogo.gif" alt="EMDD Logo" border="0" /></a>
						<br />
						<table class="navStyle" border="0" cellpadding="0" cellspacing="0" width="960">
								<td width="60"><a href="home.cfm">Main</a></td>
								<td width="80"><a href="content.cfm">Content</a></td>
								<td width="93"><a href="broadcast.cfm">Broadcast</a></td>
								<td width="66"><a href="user.cfm">Users</a></td>
								<td width="100"><cfif isDefined ('SESSION.userAccess.idUser')><a href="login.cfm?action=logout">Logout</a><cfelse><a href="login.cfm?action=login">Login</a></cfif></td>
								<td align="right"><a href="../index.cfm" target="_blank">View Site</a></td>
								<td align="right" width="59"><span class="dropStyle">Help</span></td>

Open in new window

<!-- FOOTER -->
					<div id="footer" align="right"><cfoutput>#dateFormat(now(),'dd MMM yyyy')#</cfoutput> v0.7</div>


Open in new window

Maybe this page might be a simple example that someone could explain for me please? How does the page know what the client's name is in order to put it in the Title tag of the HTML?

Any help is appreciated!
Who is Participating?
edz_pgtConnect With a Mentor Author Commented:
Sorry for not getting back this post sooner.

In the end I discovered that a domain administrator isn't automatically a user on an SQL database. Managed to get back in after re-enabling an old username that was originally an administrator of the database.
Mainly check for application.cfm file in the root folder of your website..
in the application.cfm file you may find the line which says <cfset mainDataSource="******" >. what ever is in the right side of the operator is the datasource value.

in coldfusion database connection is usually done through cfadmin sections and not like as it is in PHP..
You can access CF administrator through url like
Once you login, on the left hand side there will be a menu. The second list in the menu contains "Data Sources" link. click on it, will open a page. In this page you will see datasource name..

Now you check the value of mainDataSource variable in the list of datasources in the admin page... click on it, you will get databse details...
  CF                      PHP
cfinclude  === include()
isDefined === isset()
cfif === if()

for  more help on CF..check this.
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

edz_pgtAuthor Commented:
Thanks for your information so far! :)

I've found application.cfm which contains an include of config.cfm containing:

<cfparam name="mainDataSource" default="xxxxxxxxxxx">
(where the xxxxxxxxxxxxx is the database name)

This system is hosted on a Plesk sever and I can't see any URLs that look like the one you quoted:

There is no directory called "cfide".

However, in Plesk there is a Coldfusion DSN icon. In there, there is a DSN with the same name quoted in the include parameter but when I click it, I get this error:
There is no file or directory with name [dbFile]

Any ideas?
you have to check with your site owner (or administrator) on how to access CF admin section.

<cfparam name="mainDataSource" default="xxxxxxxxxxx">
(where the xxxxxxxxxxxxx is the database name)
xxxxxxxxxx above is the datasource name and not the database name.. You have to check in the CF administrations section to find out which database they are using and the database name.
edz_pgtAuthor Commented:
OK - the site administrator is no longer available so we either have to scrap the whole web site or we have to figure it out ourselves.

What can you tell me about the CF admin section? I'm wondering if I could find it in another directory? What might I be looking for? What files would I expect to see in there?
edz_pgtAuthor Commented:
Actually, even if I find this database, will I ever be able to decode or recreate an administrator login for it?
ansudhindraConnect With a Mentor Commented:
is this site hosted on a shared server?

If you install CF on your local machine, then you will find out what is there in the CF admin section.
for localhost http://localhost:8500/cfide/administrator/index.cfm
which is password protected.

if it is hosted in the third party sever then ask the help of the service provider for CF admin section, they will be able to let you know.
> There is no directory called "cfide"

The admin section under CFIDE isn't always available on prod sites for security reasons.  What version of CF are you using? If you don't know, create a blank .cfm script and dump the server scope. The version is there.

<cfdump var="#server#">
edz_pgtAuthor Commented:
Hi _agx_,

The product version is:

PRODUCTVERSION       8,0,1,195765
_agx_Connect With a Mentor Commented:
I don't know anything about Plesk. So maybe there's an easier way but ..
If you have access to the physical files on the server, you could find out the database name from the config files. Dsn info is stored in XML files.  The default location for CF8 is  c:\coldfusion8\lib\neo-datasource.xml  (yours may differ).  

Locate that file, open it and search for your datasource name ie "xxxxxxxxxxxxx". The settings will vary by database and driver type. But for example an MySQL datasource on my test machine has settings like these. The database name and IP is in the jdbc URL


<var name="MyDatasourceName">
<struct type="coldfusion.server.ConfigMap">
<var name="NAME">
<var name="url">

Open in new window

edz_pgtAuthor Commented:
Thanks for helping. :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.