Ben Nadel

Recent Blog Comments By Ben Nadel

• It's OK To Be Super Explicit In Your Data Access Method Names

  Posted on Jun 20, 2022 at 1:25 PM

  @Ian, Yes, thank you so much for your patience in hand-holding through to this realization. Much appreciated 🙌... read more »

• It's OK To Be Super Explicit In Your Data Access Method Names

  Posted on Jun 20, 2022 at 12:09 PM

  @Ian, Ooooooh! I see what you're saying now - the VALUES() function is for the value I was going to insert , not the value that was already in the row . That's the part that wasn't clicking for me. For whatever reason, my brain just was not getting that from the documentation.... read more »

• Adding jreExtract() To Pluck Captured Groups Using Regular Expressions In ColdFusion

  Posted on Jun 20, 2022 at 11:59 AM

  @Aaron, Patterns are everywhere once you get the "RegEx bug" 🤩 though, I will admit that Regular Expressions aren't always the answer - a lot of the time it depends on your wiggle-room for "correctness" vs. complexity. Often times, it's easy(ier) to make a pattern ... read more »

• Using The OWASP Java HTML Sanitizer In Lucee CFML 5.3.7.48 To Sanitize HTML Input And Prevent XSS Attacks

  Posted on Jun 20, 2022 at 9:47 AM

  @Lionel, +1 on the Lucee community being super responsive on the Dev-forums. That's been my experience as well. Also +1 on the documentation sometimes being a little lacking (though I feel bad because I know it's open-source and I could technically help 😨). Sounds like fun stuff that you'... read more »

• It's OK To Be Super Explicit In Your Data Access Method Names

  Posted on Jun 20, 2022 at 9:43 AM

  @Ian, Sorry, I promise that I'm not being purposefully obtuse here. But, I appear to be able to refer to the existing row values even without that function. Meaning, in my example in the post, I have: ON DUPLICATE KEY UPDATE id = LAST_INSERT_ID( id ) ... where the id is from th... read more »

• Using Password4j And The BCrypt, SCrypt, And Argon2 Password Hashing Algorithms In Lucee CFML 5.3.7.47

  Posted on Jun 20, 2022 at 9:34 AM

  @David, Oh very cool! And yeah, Password4j is a great library! It makes working with the various algorithms super easy. Amazing job!... read more »

• Using The OWASP Java HTML Sanitizer In Lucee CFML 5.3.7.48 To Sanitize HTML Input And Prevent XSS Attacks

  Posted on Jun 18, 2022 at 9:54 AM

  @Lionel, Also, for what's it's worth, I had mentioned James Moberg using jSoup and here's what he responded with on Twitter: In the past, I had tried to use OWASP in a CF project, but an older version was used by Adobe & I didn't want to wait to see if they'd update it (since ... read more »

• It's OK To Be Super Explicit In Your Data Access Method Names

  Posted on Jun 18, 2022 at 9:45 AM

  @Ian, Yes, this is MySQL. It's funny, so I've actually read through the MySQL documentation on the ON DUPLICATE KEY UPDATE , and I've seen the VALUES() stuff, and I swear I've just never really understood what it was doing. Even just now, as I was about to write this comment, I went and... read more »

• ColdFusion Alive, Episode 113: Adobe ColdFusion And Lucee CFML Roundtable

  Posted on Jun 17, 2022 at 1:43 PM

  We had so much fun on Ep. 113, we decided to have another go at it: https://www.bennadel.com/blog/4284-coldfusion-alive-episode-115-adobe-coldfusion-and-lucee-cfml-roundtable-part-ii.htm... read more »

• It's OK To Be Super Explicit In Your Data Access Method Names

  Posted on Jun 17, 2022 at 9:55 AM

  @Dave, Don't even get me started about icons 😜 I spent like 3-hours the other day trying to make an icon in Sketch. At work, all our icons have a 1.5px stroke, which makes it super hard to design since all the paths needs to start on a .5px location. I feel like that, alone, is a deci... read more »

• It's OK To Be Super Explicit In Your Data Access Method Names

  Posted on Jun 15, 2022 at 9:53 AM

  @Dave, Agreed, Upsert is a great word - I learned that from the MongoDB API. Naming things is hard. And, the funny thing is, sometimes it's deceptively hard! Like, you'll name something and feel good about it; and then, only over time do you realize that you failed to capture what it actua... read more »

• A Relational Database Table To Prevent Double Form-Submissions In ColdFusion

  Posted on Jun 13, 2022 at 7:07 PM

  @Chris, That's more-or-less the approach I am taking today. Inside my submit handler, it looks like this(ish): function processForm() { if ( vm.isProcessing ) { return; } vm.isProcessing = true; // .... rest of processing logic .... } So, I guess I'm not technically disabling ... read more »

• Replacing jQuery (110kb) With Umbrella JS (8kb)

  Posted on Jun 12, 2022 at 10:17 AM

  @Hexydec, Very interesting - it's neat how you broke out all of the individual methods. Kind of like how Lodash refactored all of its architecture to allow for individual import calls. Classy approach 👍... read more »

• A Relational Database Table To Prevent Double Form-Submissions In ColdFusion

  Posted on Jun 12, 2022 at 10:12 AM

  @Adam, I think if I were to use the CSRF token (Cross-Site Request Forgery token for other readers) I would have to cycle the token after I used it. Normally, I allows the CSRF token to remain static, and then cycle it after login and other critical actions like changing the password. But,... read more »

• Using The LaunchDarkly Feature Flag Java SDK With Lucee CFML 5.3.8.201

  Posted on Jun 10, 2022 at 2:02 PM

  @Alex, One minor point, you might run into a small security issue. the JavaLoader.cfc needs access to the ColdFusion internal libs in order to run. This is a checkbox in the ColdFusion Admin: https://www.bennadel.com/blog/3699-javaloader-needs-access-to-internal-coldfusion-java-compone... read more »

• Using The LaunchDarkly Feature Flag Java SDK With Lucee CFML 5.3.8.201

  Posted on Jun 10, 2022 at 2:01 PM

  @Alex, Thank you for the kind words 😊 Always happy to help out in whatever way I can.... read more »

• Using The LaunchDarkly Feature Flag Java SDK With Lucee CFML 5.3.8.201

  Posted on Jun 10, 2022 at 1:51 PM

  @Alex, In an Adobe ColdFusion context, I use the Java Loader component. It's a user-space project: https://github.com/markmandel/JavaLoader It's basically the same thing - you give it an Array of .jar files and then you can create isolated instances of classes provided by those ... read more »

• A Relational Database Table To Prevent Double Form-Submissions In ColdFusion

  Posted on Jun 10, 2022 at 1:07 PM

  @Dan, The only caveat that I would add to that is that, in this case, the form token can be submitted more than once as long as the form doesn't get processed successfully. Meaning, the "single use" characteristic is only fully applied if the form is submitted without error. ... read more »

• Looking At Different Click-To-Edit Implementations In Angular 9.1.12

  Posted on Jun 10, 2022 at 11:24 AM

  @RaTech, In Approach 3, the "edit form" component is not intended for general re-use - it is wholly owned by the parent interface. It's only factored-out for a better separation of concerns. So, if you needed to change the button styles or text, you would just edit the componen... read more »

• Working Code Podcast - Episode 78: User Experience (UX) Guard Rails

  Posted on Jun 10, 2022 at 11:17 AM

  In this episode, one of the things that Adam and I discuss is the use of a GUID (Globally Unique ID) to help prevent accidental, double form-submissions. After the recording, I kept thinking about this approach and I wondered if I could just create a separate database table specifically for ... read more »