Sorcerer's Tower

Entries tagged "software"

Software, in terms of this blog, is articles involving released software (as opposed to projects in development or techiques for developing).

Found 27 entries tagged with "software", displaying entries 6..11.

View entries: 1..5 6..10 11..15 16..20 21..25 26..27

QueryParam Scanner v0.7.5 Released

Earlier this week I promoted the release candidate for 0.7.5 of QueryParam Scanner to full release.

For anyone unaware, QueryParam Scanner is a simple tool for identifying unparameterised variables in CFML queries (which may indicate a potential SQL injection risk).

This version has a handful of bug fixes and code cleanups, resulting in faster more accurate scanning than previous versions, plus the addition of JSON output format, giving a more lightweight option if used in scripted processes.

For further details on these, see the previous RC article; other than a couple of trivial fixes and a new readme, nothing has changed since that.

To download the latest version, you can either clone the git repo, or grab it as a zip archive from the GitHub tags page.

For any feedback, problems, or questions, please use the issue tracker.

QueryParam Scanner 0.7.5 Release Candidate

I have just pushed an update of QueryParam Scanner to GitHub, containing various improvements.

This update is on the rc0.7.5 branch, and it'd be nice if people could take it for a spin and make sure there are no issues with it. (There is a zip download for anyone without git.)

The visible changes which you might notice are:

However, there are also significant under-the-hood changes. I removed my obsolete "Java Regex Utils" library (replacing it with the object part of cfRegex), and made a number of little code clean-ups.

A result of these changes is that qpscanner rc0.7.5 appears to be almost twice as fast as previous versions.

If you have any feedback, please feel free to contact me via GitHub, and similarly if you find any bugs then please raise them on the issue tracker.

Why Railo 3.3?

It's been over two and a half years since my last "why railo" post, and - despite Railo "only" being 0.3 versions on - there's been a lot of improvements!

In fact, because it's been so long, a few of the things here are not new with v3.3 (though they are all new since the previous article), but are still great features that deserve mentioning!

Read on to find out what my ten favourite new feature are.

Introducing the cfRegex Project!

The cfRegex project is two things. Firstly, it is a complete regex implementation for CFML, providing more functionality, flexibility, features and power than the existing CFML RE functions. Secondly, it is a drive to encourage people to properly learn and make use of regex.

Regex is a very flexible language for matching patterns within text, and it has the power to greatly simplify certain programming tasks. However, it can also be intimidating to people not experienced with it.

This problem can be compounded by the relatively limited support for regex in CFML, which often means code is written that is more complex than should be necessary.

cfRegex helps to address both these problems. It provides a number of functions and features that help to reduce the amount of code which programmers have to write, whilst also helping to make their code clearer and easier to understand. In addition, the project provides documentation, not just for its own features, but also for regex itself, helping people to understand exactly what their expressions are matching, and how to get the most out of regex.

Whilst cfRegex is still at a relatively early stage, it is currently usable, and if you're a fan of regex it is certainly worth checking out.

It currently runs on CF 9.0.1, OpenBD 2.0, Railo 3.2 and later.
(Support for CF8 and others will be considered if enough people need it.)

The documentation should tell you everything you need to know about using it, but if not then get it touch and say what's missing so it can be fixed!

If you get stuck, there's a mailing list where you can receive answers to any problems or questions you have.

Railo: Still Awesome!

It's nearly a year on from my last Railo blog post so it is well overdue that I write another - just in case there is anyone still sitting on the fence, unsure if they should use Railo - or indeed, anyone who might be unaware of Railo's very existance!


So to start with, a quick summary of what Railo is:

Find out why Railo is the perfect choice for your next development project.