Skip to main content

ColdFusion 10: CFFILE - Specifying file content in the tag body

Prior to ColdFusion 10, to write or append to a file one had to specify the file content in the output attribute of CFFILE tag. In ColdFusion 10, you can specify the file content in the body of the cffile tag. In cases where the file content is specified in body as well as in the output attribute, the output attribute would be ignored.

Example:

<!--- output attribute will be ignored here ---> <cffile action="write" file="#expandPath("./files/employees.txt")#" output="cffile content"> <?xml version='1.0' encoding='UTF-8'?> <employees> <id = "1"> <firstname>Sagar</firstname> <lastname>Ganatra</lastname> </id> </employees> </cffile>


As observed, the output attribute would be ignored when the file content is specified in the tag body. The above example is also applicable when the action attribute is set to append. This enhancement makes it easy to write any data to a file without having to use the CFSAVECONTENT tag and a temporary variable.

Another important thing to note here is that the output attribute is now optional when action is write\append. However, it is a mandatory attribute when the closing CFFILE tag is not specified:


<!--- Output attribute is mandatory when the closing tag is not specified ---> <cffile action="write" file="#expandPath("./files/employees.txt")#" output="No body" >

Labels:

Comments

  1. rolandMarch 2, 2012 at 3:19 AM

    This is certainly a nice enhancement, however, does it actually validate that the *content* of the file matches the mim type, or is it simply checking the value of the mime-type header that is sent by the client?  Simply checking the value of the mime-type header without validating the content of the file doesn't really add much security, since it's easy to fake that header.

    ReplyDelete
  2. Sagar GanatraMarch 2, 2012 at 9:13 AM

    @ec42b1f555169f2e36a71b3bf2249187 did you see this post: 
    http://www.sagarganatra.com/2012/03/coldfusion-10-cffile-restricting-file.html. Now you can validate the content when you upload a file to the server.

    ReplyDelete

Post a Comment

Popular posts from this blog

How to use the APP_INITIALIZER token to hook into the Angular bootstrap process

I've been building applications using Angular as a framework of choice for more than a year and this post is not about another React vs Angular or the quirks of each framework. Honestly, I like Angular and every day I discover something new which makes development easier and makes me look like a guy who built something very complex in a matter of hours which would've taken a long time to put the correct architecture in place if I had chosen a different framework. The first thing that I learned in Angular is the use of the APP_INITIALIZER token.
Post a Comment
Read more

On GraphQL and building an application using React Apollo

When I visualize building an application, I would think of using React and Redux on the front-end which talks to a set of RESTful services built with Node and Hapi (or Express). However, over a period of time, I've realized that this approach does not scale well when you add new features to the front-end. For example, consider a page that displays user information along with courses that a user has enrolled in. At a later point, you decide to add a section that displays popular book titles that one can view and purchase. If every entity is considered as a microservice then to get data from three different microservices would require three http  requests to be sent by the front-end app. The performance of the app would degrade with the increase in the number of http requests. I read about GraphQL and knew that it is an ideal way of building an app and I need not look forward to anything else. The GraphQL layer can be viewed as a facade which sits on top of your RESTful services o...
Post a Comment
Read more

Using MobX to manage application state in a React application

I have been writing applications using React and Redux for quite some time now and thought of trying other state management solutions out there. It's not that I have faced any issues with Redux; however, I wanted to explore other approaches to state management. I recently came across MobX  and thought of giving it a try. The library uses the premise of  `Observables` to tie the application state with the view layer (React). It's also an implementation of the Flux pattern wherein it uses multiple stores to save the application state; each store referring to a particular entity. Redux, on the other hand, uses a single store with top-level state variables referring to various entities.
Post a Comment
Read more