Category Archives: Coding

Discussing topics related to coding of your site, various scripts, and security issues.

Retrieve Last Record Inserted – Coldfusion

This post highlights an old method to retrieve last record. Coldfusion has changed a lot since then.  Keep searching.


If you are a developer, there is no doubt that you have the need to retrieve the last record of a database insert without requiring another input from the end user.  You want your user experience to appear as fluid as possible and an unnecessary multiple page submit does not accomplish that.

If you have a record that you will be inserting and need the ID of that just inserted record, your code will depend upon the database that you use.  I will cover two of the most common DB’s used, MSSQL and MySQL.

Retrieve last record inserted (ID) if using Microsoft SQL Server (MSSQL):

I won’t go deep into the how and why, what I am looking to do is provide a basis for you to get over this little stumbling block.  When using MSSQL, you can accomplish the task within your record insert query.  I am assuming that you know the basics about inserting data using CF Query.  I am also using <cfqueryparam> to protect my queries from hacks and to require particular datatypes. This has nothing to do with the key retrieval, it is just good practice.

Continue reading

Apostrophe Issues in an Update Query

Coldfusion Code Tip…

When things are frustrating, and have a simple solution, I like to share.

When you are a doing a data update, you will often have a text field in a form that will bring an apostrophe with it. For example, if I am collecting business information, I could have a visitor enter their company name. The name might be Amy’s Gems. If I do a sloppy insert statement like the one below, the query will fail.
<cfquery datasource="#application.dsn#">
UPDATE customers
SET companyName='#form.companyName#'
WHERE id=#recordID#
</cfquery>

If you are allowing your users to update or insert their own data, this will error out (with IIS and MS SQL DB running CF8) when your user includes an apostrophe in the field.

You can avoid this by enclosing your values in a cfqueryparam. In fact, getting into the habit of using cfqueryparam in every instance will be a much more secure method and will reduce your exposure to malicious attacks such as a SQL injection hack.

The above query would now look like…
<cfquery datasource="#application.dsn#">
UPDATE customers
SET companyName=<cfqueryparam value="#form.companyName#" cfsqltype="cf_sql_varchar">
WHERE id=<cfqueryparam value="#recordID#" cfsqltype="cf_sql_integer">
</cfquery>

Happy coding. This simple fix might keep someone from pulling their hair out. You can avoid all kinds of cfreplace and cfset statements and end up with an app that is more secure.

htaccess rewrite at GoDaddy fix

If you are having an issue with a mod rewrite not working at GoDaddy, be careful with the case used in your .htaccess file.

Here is an example of a non-www mod rewrite rule that should work. Check the case of ‘RewriteEngine….’. Be sure that it is a lower case ‘r’ (for example: rewriteEngine).

This is the kind of simple issue that will have you pulling your hair out. It took me a bit to figure it out. This issue is not a global one. GoDaddy does just fine with upper case naming on some servers, not the case on others.

# Used for the non-www redirect
rewriteEngine on
rewriteCond %{HTTP_HOST} !^www..*
rewriteCond %{HTTP_HOST} !^$
rewriteCond %{HTTP_HOST} ^([^.]*).(com)
rewriteRule ^.*$ http://www.%1.%2%{REQUEST_URI} [R=permanent,L]

301 Redirect – Apache

I would consider this one of the first steps that you should take when establishing a new web site. If you are searching for “301 redirect” you probably already know why. Here is a simple .htaccess file that you can use to do the redirect.  You will also find this referred to as a “mod rewrite”

  1. Create a new file in your favorite editing program. Notepad is an easy choice.
  2. Paste the following:
    Options +FollowSymLinks
    RewriteEngine on
    RewriteCond %{HTTP_HOST} ^yoursitenamehere.com [NC]
    RewriteRule ^(.*)$ http://www.yoursitenamehere.com/$1 [L,R=301]
  3. Save the file as .htaccess
  4. Upload to your server
  5. Test by going to yoursitenamehere.com. This should redirect you to the URL www.yoursitenamehere.co
  6. Check the server header response to be safe. Should return “HTTP/1.1 301 Moved Permanently”

If you are using a web design program like Dreamweaver, it might tell you that it can’t find a valid editor for this extension (it doesn’t have one). Simply right click on the file and select “open using Dreamweaver”. You can also open/edit, in notepad.

If you are on a windows host, you can view the following method to handle an ISAPI rewrite using IIS.

Use the Label Tag on Your Radio Buttons

If you are a self taught programmer, you might have learned the basic programming skills and jumped right in. It might be Coldfusion, PHP, or ASP. Whatever your flavor, there are some basic HTML functions that we sometimes forget or didn’t even know about. When coding a form, I never considered the use of the <label> tag. Thanks to Joe Danziger, I will now.

I was reading through some post’s on Joe’s Blog this morning and came across a short post regarding the <label> tag. Have you ever wondered why you can click on the word next to a radio button in certain forms and the button will select? Well, the <label> tag controls that function. As Joe puts it:

Why should we be forced to click a tiny little circle when we should be able to click the actual text for that choice?

True. It all comes down to useability. There are a ton of tiny tips and tricks whether it be in HTML, or your programming language of choice, that make for a better experience for the user. One tip on its own might not have much of an impact, but when you apply many usability tips during the same user experience, you visitor should browse away feeling like you have your act together.

All that you need to do is to include the ID element to your radio button form code.

<input type=“radio” name=“buttonName” id=“button1″ />

For the text that is associated with the button, reference the ID in your <label>.

<label for=“button1″>Whatever the choice is for Button 1</label>

Here is a radio button group so that you can see them in use.


Here is the code for the above:

<input type=”radio” name=”buttonName” id=”button1″ /><label for=”button1″>Whatever the choice is for Button 1</label>

<input type=”radio” name=”buttonName” id=”button2″ /><label for=”button2″>Whatever the choice is for Button 2</label>

Ajax Examples Anyone?

If you have wanted to go a little further on your site and haven’t yet integrated any “Web 2.0″ functions (I know, cliche’) take a look at this.

http://www.miniajax.com/index.htm

The mini ajax site offers some great code samples and examples. There are some techniquest that can be integrated by anyone who has a little bit of code knowledge. So, if you have wanted to play around with Ajax, or Prototype or Script.aculo.us, take a look.

When integrating these ‘cool’ functions, ask yourself if they are really necessary, or if they make the user experience better. Consider whether you are doing it to just ‘do it’ or if they really serve a purpose for your site visitors. There are always trade offs. BTW: According to someone who Brett Tabke knows within a major ISP, this whole Web 2.0 thing is for the female demographic. I feel that is is more site specific than that, but if your site caters to the female demo, perhaps you should consider working with some of these scripts to see how your users react.

Good luck and have fun!

Canonical Issues on Windows

If you are looking to make sure your site is as optimized for search as it can be, you have probably been told to do a redirect from your non-www domain to your www domain. This is not too difficult when you are hosted on Linux, but can be a little more tricky when you are on a Windows based hosting plan. Even more troubling if you are on shared Windows hosting. Here is a quick how to if you are leasing a Windows based server and have IIS access.

The method below will do the redirect without any additional software such as ISAPI Rewrite. I am not saying you shouldn’t purchase and install ISAPI Rewrite. I am just looking to provide an install free method.

I will use example.com as the domain name in the how to. Obviously this is where your site name needs to go. This will allow requests for http://example.com/mydirectory/detail.cfm?myid=555 to be 301 redirected to http://www.example.com/mydirectory/detail.cfm?myid=555.
Continue reading

Mod Rewrite Wizard

Don’t people in the SEO world always talk about link bait?  This mod rewrite tool is just that.  I have used it a number of times and found it be useful, although limited in some ways.

This is for those who aren’t experts with Regular Expressions and Mod Rewrite.  It is a wizard that allows you to enter your own URL along with some other parameters and the tool will spit out the rule to use in your .htaccess file.

http://www.mod-rewrite-wizard.com/