- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
No, you're not. You're just four times more arrogant and you are able to get some makshift, hack'n'slash website-like entity running four times faster. Funny, I've never ever been asked to do that. Have you?
On the other hand, I have to find and fix bugs in large pieces of unknown code (over 100k lines), refactor or optimize these apps and so on. (That means well over million lines if you are foolish enough to embed your code into your html files. Remember MVC?)
But I'm not saying do not use ColdFusion. Use it, be happy with it. It's good for me, because this way I'm sure I'll never have to work with your code. Few worse things are there in software maintenance than working with a coder who takes marketing bullshit and trendy TLA's for granted
Admin
Does that mean 23 different insert statements?
Does that mean the name is stored in 23 different tables?
Can't wait to see that database *ahem* design
Admin
Hello, I'm a Mac.
Admin
Well, you're familiar with the technical details of the system. No one else would ever be able to actually figure that out on their own.
Admin
For your information, I have over 10 years of experience, and an MS in Computer Science. I know asm, C, C++, Java, Perl, and to a lesser extent many other programming languages. I just prefer working with ColdFusion. Maybe it's all that time I spent hacking C applications, and debugging bad pointer references, that I just prefer a language that makes my job easier and lets me focus on application architecture instead of the nitty gritty details.
Admin
<font face="Verdana" size="2">Simple way to handle the Irish:
Private Function CleanForSQL(val As String) As String
CleanForSQL = Replace(val, "'", "''")
End Function</font>
Admin
Visual basic syntax ... good god the goggles they do NOTHIN'
captcha: clueless ... fitting!
Admin
Jeez - 4 pages of platform war crap all due to this one comment. Yeah, the best way to fix this bug is to move your whole app to another platform. Thanks, Russ.
--YY
Admin
dont' cofuse bad use of a language, with a bad language you imbecile
ever heard of an analogy? apparently not... my notion that you're 13 is reinforced again!
Make up your mind - either CF automatically escapes single quotes, or it doesn't... how about make up your mind! I've heard it both ways on here.. oh btw THAT'S NOT NECCESARILY DESIREABLE! but nevermind that - the programming language munging with your data automatically is just spiffy! absolutely spiffy - that means people who know less about things can use the language, and that's just spiffy. not
to your knowledge, and based your assertion that "CF doesn't translate well"
guess what nimrod? i've PORTED CF apps to PHP apps! Translation is trivial!
Admin
There haven't been any lisp WTFs either. Clearly it's a suitable language for web development.
Admin
or everyone should stop using the crap php is, the crap cf is, the crap jsp is, the crap perl is...
and use rails... and let it do /everything/ for you. :-D
captcha: billgates
WTF!
Admin
All stored procedures should be in the series of DDL scripts that create the database, makes version control a snap. Using them for all queries is not worth the inflexibility and duplication it creates in the rest of the code. With a good object relational mapping layer in the application (ActiveRecord, Hibernate, etc.), most of that code is redundnant. Using stored procedures to occaisonally to perform expensive set based operations in the database is worth it...and finally- I have seen plenty of stored procedures that are vulnerable to SQL injection attacks- particularly those involved in ad hoc queries...
Admin
We do use MVC, and our code is very easy to follow and debug. We also use OOP and separate layers for data and business logic.
I can't say the same about ASP(.NET).
The point is, ColdFusion makes your life easier, I don't know why you have 100k lines in one file, but obviously your app is not well designed. I've never had a need to have a large CF file other then some CFC in our data layer.
Admin
In that case I would like to point to a current CF WTF here
Admin
Well, you're not exactly stopping *script injection* with your method, so you've got that to worry about. To write secure web applications, you need to validate all input to be sure it's of the proper type and in-range, escape scripting characters (replacing with HTML entities or codes), and use some method of SQL injection prevention (escaping quotes, etc).
And you also really need to escape output before it is rendered into HTML, just in case you or another developer missed validating/escaping input somewhere. Of course you must add logic to prevent double-escaping, or allowing only those HTML codes you want to allow while excliding <SCRIPT> and <OBJECT> tags, for example.
ColdFusion does almost none of that automatically; few "off the shelf" escaping functions that I've seen handle that correctly for every business case. The solution is to write your own, or modify a freely available function.
CAPTCHA: chocobot
Admin
Hilarious.
Agreed. All good programmers know assembly!! let another flame war begin...
Admin
Haha, what a great fun we miss. Alex, we demand more Lisp wtf's. ML is also welcome.
Admin
you did say ever your arrogant ass. that MS in CS doesn't mean you're intelligent, it just means you can read. I know plenty of people with their degrees in CS who are absolutely brainless imbeciles who couldn't code a good application to save their life - I inherited a 200k+line php codebases from one!
PHP can be easily mixed in with HTML as well.. why do you think all code-only php pages start and end with < ? and ? > respectively?
You _can_ mix them, I highly recommend you avoid it and if I was teaching a web development class I would mark off points any anyone who did.
Business logic and interface should NEVER be mixed for the sake of maintainability( and sanity).
Infact when I got where I am at our frameworks display code was mixed html/php, I made a fork of the framework with my own lightweight templating system and various other tweaks I wanted.
Occasionally it makes the code harder to understand (when doing complex nested tables), but in general it produces much more clean, easy to maintain, easy to debug, code.
um.....
PHP:
<html><head><title>You're stupid</title></head><body>
PHP Says: < ?= $_GET['message'] ? >
</body></html>
you could make that page say anything you want via the get var message - for example foopage.php?message=You're+a+facking+moron
Admin
People who post like this (about any language), please stop. You're making my brain hurt. If you disagree, please know what you're talking about instead of regurgitating flamebait opinions you heard on Usenet six years ago. Otherwise, feel free to deny us the pleasure of reading your witty commentary.
In PHP (or any language, really), you should be using a database abstraction layer with parameterized queries, not functions like mysql_escape_string(). PHP even has one built in: PDO.
Anyway, I'm not a big fan of ColdFusion. Among the things I dislike:
Admin
Damn, you really are an obnoxious troll aren't you? Why exactly are ASP.NET tags any more 'special' than your beloved CFML tags? And if you can't see how powerful ASP.NET is from that code snippet (clue: there are both databinding and evaluation constructs in there), then I pity you.
Admin
why? have you ever actually used it?
Admin
It's called MVC, dude, yet another TLA.
Scrolling through 500 times 20k of html to find 3 lines of buggy code is not what I call readability. This must be my fault, however.
Admin
you _could_ be using a db abstraction layer with parameterized queries - if you can afford the additional overhead and have any chance of possibly switching db server type. using mysql_escape_string directly is less overhead
Admin
if we're thinking of the same MVC - I HATE IT one of our new programmers came in and designed a new framework using MVC.. and it's a freaking ton of bricks just to get a little application up and running your "hello world" page it in.. it's massive lossage that I refuse to use (hence my fork of our old framework with my customizations)
creating 5 different classes just to display one page and having to do all kinds of funky inserts into a "MVC tree" that spans multiple tables is not my idea of usability
Admin
Is that why MySpace is so horribly slow, hard to use, and an all around shitty website?
God that website sucks hard. As someone else said, I wouldn't use that site as a promotional tool for ColdFusion.
Admin
Ooohh.. databinding and evaluationg constructs... that sounds like a bunch of MS bullshit.
For one thing, my code snippet is 192 characters and yours is 476 characters, or about 2.5 times larger.
My code is a lot easier to read, and it probably runs faster too. I would run some tests, but that would require installing ASP.NET, which would required installing IIS, and I have enough security bugs on my machine just from running windows.
Admin
Don't you mean :
D''oh!
Admin
Admin
Well of course it sucks hard now... they're trying to convert it to ASP.NET.
Admin
This sounds like MVC gone really bad. IMO the ideal solution is one in which Web Designers can muss with the html and css to get the pixel perfect view, while the backend guys can mess with all the business logic. Being able to bundle pieces into reusable components is also nice.
I like the way JSF is heading. I think my prefered framework is Tapestry, although I don't think it'll be ready for production till version 5 (mainly due to lack of backward compatability). Overall you need to chose the tool that fits the problem.
<font size="12">There is no golden hammer</font>
Admin
why would they do that if ColdFusion is so fricking great?
Admin
With perl/Mason and abusing our hardware with OO goodness.
% foreach ( @{Account->query} ) {
<% $_->getFullName %> <% $_->getUsername %><br />
% }
getFullName is a just a convenience function to merge first and last names into a string.
I also fixed your break tag for you.
Once you get past the ugliness, perl is just too much fun.
Admin
Admin
Admin
"It has not much use outside the web world"... Or in it
Name one... c#, java, ROR.. Read some good things about turbo gears in last months VSJ... need any more?
I think that these not only come close to, but surpass cold fusion in every possible way.
Captcha: paula
Admin
... Oh theres a quote button... mayby there shouldnt be a "reply" button at the top of every post.
Admin
Hating MVC is an obvious sign you've never ever seen it actually working.
Nobody forces you to use 5 classes per page. No matter how much the initial overhead may seem with a single-page "app" (we've agreed nobody needs those on a regular basis, haven't we?) it diminishes when you have many pages. Code can be broken down to readable pieces that can be traversed with one single click in sensible IDE's, you have automatic refactoring tools and so on.
But really, I'm not tryinh to convince you that you're wrong. Do what you want. Don't be surprised though if you're laughed at by anyone outside the CF "community". (I bet this increases cohesion of your community, so it might as well be beneficial for you.)
Admin
I think you're confused. I dont' think the person hating MVC uses CF. We use MVC in CF very happily and our code is very easy to read.
I love MVC, even though it's a pain to initially set up.
Admin
..all the way to the bank.
nice
Admin
<font color="#ee82ee">Do you wanna get high? Don't forget to bring a towel.</font><script>
<!-- function ss(w,id){window.status=w;return true;} function cs(){window.status='';} function clk(url,oi,cad,ct,cd,sg){if(document.images){var e = window.encodeURIComponent ? encodeURIComponent : escape;var u="";var oi_param="";var cad_param="";if (url) u="&url="+e(url.replace(/#.*/,"")).replace(/\+/g,"%2B");if (oi) oi_param="&oi="+e(oi);if (cad) cad_param="&cad="+e(cad);new Image().src="/url?sa=T"+oi_param+cad_param+"&ct="+e(ct)+"&cd="+e(cd)+u+"&ei=woXrRJHYDsuYYbvetZ8I"+sg;}return true;} var bdg = 0;function sb() {bdg = 1;}function ga(o,e) {if (document.getElementById) {var a = o.id.substring(1); var p = "", r = "", t, f, h;var g = e.target;if (g) { t = g.id;f = g.parentNode;if (f) {p = f.id;h = f.parentNode;if (h)r = h.id;}} else {h = e.srcElement;f = h.parentNode;if (f)p = f.id;t = h.id;}if (t==a || p==a || r==a)return true;document.getElementById(a).href += "&ct=b" + (bdg ? "d" : "g");bdg = 0;top.location.href=document.getElementById(a).href}} function anbc(id) {if (document && document.getElementById) {var o = document.getElementById(id);if (o && o.href) {document.location = o.href;}}}//--> </script>Admin
That's really funny .... and I haven't read any good new novels in Latin recently either.
Admin
And of course using the grid view gives you some really nice and quick ways to update/add/delete data with not muh more code than is present!
Admin
<font size="5">I</font> wonder if Whiskey and Tango are in there too?
Admin
Easy. Ruby on Rails
Admin
... And filled with tossers
Admin
Consider looking at Ruby on Rails. As far as rapid prototyping goes, it has some very slick looking abilities. I've only tried Rails once, and was impressed with it -- though at the time, I knew zero Ruby andthus had NO clue how to alter it to fit my wants, hehe.
Now, however, I've been coding a small bit in Ruby, and am more confident. Ruby itself is a VERY nice language, and Rails builds on that. I am sure that there are things that CF can do that Ruby on Rails can't... however, that doesn't mean that RoR isn't a good tool. =)
After trying to grok Struts, I'm even more impressed with Rails than I normally would be.
Admin
True data layer abstraction means that your application could knows nothing at all about the underlying data layer. Putting all your queries into several classes is certainly a way of organizing your data access code, but it is not a true abstraction. If the data layer were truly abstracted, then no changes would need to be made to any application code at all when a table name or structure changes.
Searching and replacing a table name in two files is better than searching and replacing a table name in 30 files. But if limiting the number of files that need to be edited when a table name changes is the definition of abstraction, then why not just dump all data access code into one file?
Unfortunately, no data abstraction library along the lines of Hibernate exists for ColdFusion, nor will such a library likely ever exist. If your application requires only simple database access (i.e. mostly simple SELECT statements with an occasional UPDATE), then ColdFusion will probably do the trick. But anything involving complicated business and transaction logic is probaby better handled with a different platform.
Admin
Hmm, 220 replies to something like this, I wonder how that could have happened.
... reads comments ...
Oh, I should have guessed. A programmer flame war.
Admin
hehe so true... so much passion about things that don't really matter... geeks will be geeks...
Admin
The IRS has processed more than a billion tax dollars the last three years. Seems like you know as much about basic arithmetic as you do about web "programming".
It's BASIC to you, but yes, ColdFusion escapes single quotes in all queries wherever it's appropriate, no matter what. It obtains the necessary information of where the single quotes are actually intended to be part of a string and where not by measuring the ethereal waves that emanate from the developer's brain (or whatever else it is that resides in his skull). It also wipes the developer's butt after each bathroom session, and sends his better half a flower bouquet on Valentine's Day should he forget to do so.
In fact, CF is so simple and user-friendly that even the greatest fool can use it. And now don't you feel addressed!
Others did find some, but that's probably only because they knew how to use the Search function. Braggarts!
Nowhere did biziclop say that all of the code was in one file. Which clearly disproves Kazan's hypothesis that an MS in CS proves the presence of reading skills.
Near the start of the thread, you tried to promote CF by noting that myspace uses it. Now you're saying that myspace actually switches to ASP.NET and that their code was "crappy" anyway. You're really one hell of a self-parody!
By now, everyone should have figured out that you don't need RAD so much as a LART treatment.