Freelance CFer Needed - Med Size Project

[*thirtysixsquares*]

All interested parties, please email me at [email]craig@ecolist.org[/email]
For a summary of tasks, go to the site, see the list of V2 characteristics,
then surf the existing site.
75% of the new coding is done. Need coder to add the custom tag for image
editing, double check my all too often late night work. Contact IMMEDIATELY -
want completed by mid to late July.

References and portfolio required. Rates commensurate with experience.

[DaveF67]

some problems:

1. Select * --- my my, arnt we lazy...
Timed out trying to establish connection

The error occurred in C:\websites\46326cef\contact_ecolist.cfm: line 1

1 : <CFQUERY DATASOURCE="ECO" NAME="contact">
2 : SELECT *
3 : FROM contactForms




--------------------------------------------------------------------------------

SQL SELECT * FROM contactForms
DATASOURCE ECO

Please try the following:


SECOND.... and this is bad... what is to keep me from adding "DROP TABLE" etc
in the URL for the following>:


:confused;

Error Executing Database Query.
Timed out trying to establish connection

The error occurred in C:\websites\46326cef\display.cfm: line 28

26 : SELECT *
27 : FROM preECO
28 : WHERE ecoCAT = '#URL.ecoCAT#'
29 : </CFQUERY>
30 : <body>



--------------------------------------------------------------------------------

SQL SELECT * FROM preECO WHERE ecoCAT = 'employment'
DATASOURCE preECO

Please try the following:

[*thirtysixsquares*]

First, No, we aren't lazy at all.
I can't stretch my imagination enough to see how running my own business,
having a house, wife and 2 kids at 26 while working 16-18 hour days, and
teaching myself every lick of code I know, and still mustering the wisdom to
ask for help when I need it could possibly be considered lazy. So I'm a print
designer who saw a demand for a solution and learned everything I could to
provide it. No it's not perfect. But hopefully it will help some people who
are bold enough to be entrepreneurs in the co-economy despite the horrible
state of teh market. I never said I was a master at CF - in fact I said I need
help and am willing to pay for it.

Second
I appreciate your knowledge. I even appreciate your sarcasm as I am from NY
and now reside in the verbally grey and stagnant midwest. However, I wish that
you would offer help rather than criticize a perfect stranger. Thank you for
your time.

[Stressed_Simon]

What DaveF67 is trying to say is that using SELECT * is bad coding practice.
You should name individually the fields you need to avoid calling unecessary
data. This means that should the contactForms table have additional fields
added in the future that this page wont call ones it doesn't need.

The DROP TABLE comment is referring to SQL injection. He is highlighting that
because you are using URL.ecoCAT in your SQL statement, someone malicious could
put harmful SQL into the variable and delete tables and generally cause havok
with you database. So to combat this read up on livedocs about cfqueryparam and
use it ALL the time. Not only does it add security but it will optimise your
queries as well.

Also, just another piece of advice. Don't rely on the JavaScript validation
that caomes with cfform as this is easy to turn off, so you must use CF to
check the posted variables for validity as well.

Also look into using cferror to set up a site wide error template, not only
will this allow your app to fail gracefully and ascetically, but will stop
unscrupulous people from gleaning information about your application that you
don't want them to.

HTH

[jorgepino]

thirtysixsquares,
ther bigger your database get the slower it will work if you use Select *

also try to restrict access to your error message, database structure and
Directory information
under the CFadmin Panel you can restrict access by adding your Debugging IP
Addresses to the list
if you dont know your IP open Command Prompt and type C:/Ipconfig


good luck

[jorgepino]

thirtysixsquares,
ther bigger your database get the slower it will work if you use Select *

also try to restrict access to your error message, database structure and
Directory information
under the CFadmin Panel you can restrict access by adding your Debugging IP
Addresses to the list
if you dont know your IP open Command Prompt and type C:/Ipconfig


good luck

[*thirtysixsquares*]

Just in these short replies and emails I'm receiving, I'm learning that there
are a lot of finer details which I have not yet conceived of. Everyone who has
contacted me seems exponentially more qualified to create this site. Would you
all be interested in creating a workgroup to complete this site?

I'm trying to be cost effective, as this is funded by me alone, unless of
course one of you is interested in cobranding the site. Rather than "a public
service of thirty six squares" it would be "a public service partnership
between 36sq and XX" I will then market the site to architects, builders, small
business, etc. as a free resource which will drive new clients to each of our
companies.

This may also be an opportunity to build a relationship with my company as the
outsource for CF coding. In the past 6 months, my company has nearly tripled
sales. If I had a strong CFer to work with, that will continue to increase.
Just a thought. This doesn't in any way negate my interest in hiring someone,
but it may prove more beneficial to that someone to have a brand presence on
the site rather than just having it in their portfolio. Thanks to all. Keep
it going.

I am well aware of my CF shortcomings. The flip side of this is that I know
how to explain and sell the functions and solutions CF provides to
non-technical users. My background is in sales, marketing and design. If I
fill in my development gap, the sky's the limit.