Paul Alkema

Discussions on Web Development and Security

Paul Alkema

Entries Tagged as ColdFusion

Reset Coldfusion Administrator Password

April 19, 2010 · 45 Comments

Sorry hackers, this is not a tutorial on how to hack into someone's Coldfusion administrator that isn't yours. In order to do this, you need access to the Coldfusion server files. Now if you have access to those and your a hacker, well I think the servers administrator has more to worry about than you just changing the Coldfusion administrator password.

Warning!! Once the password has been changed, there's not changing it back to what the previous password was, so make sure you have permission to do this before doing it.

Now that I've warned you, Here's how you do it!

  1. Locate neo-security.xml This file should be located in your lib folder.
    IE; C:/coldfusion8/lib/neo-security.xml
  2. Open file and locate
            <var name="admin.security.enabled">
            <boolean value="true" />
        </var>
  3. Change from boolean value="true" to boolean value="false".
  4. Save file and exit
  5. Restart Coldfusion services
  6. Go to the Coldfusion administrator. It should be unlocked.
  7. Expand "security", select "CF Admin Password".
  8. Check the check box for the "Use a ColdFusion Administration password". This will enable the password requirement.
  9. Enter new password twice and hit "Submit Changes".

45 CommentsTags: ColdFusion

Querying Query of Queries

April 09, 2010 · 1 Comment

ColdFusion have a build in function that allowed you to query structures. A query, in case you don't know is a structure. Basically this can be done by creating a query or structure, then by writing a query but instead of defining a datasource, you define a dbtype which should be set to "query". Then instead of using the name of the table you use the name of the structure that you're trying to query. The reason you would want to do this, is because if you pull a lot of data that relates to a loop normally you would do a query inside the loop, but using QoQ you can create one query above the loop, then while looping use QoQ to query the query that is above the loop. This will increase performance greatly.

EXAMPLE
<!--- THE QUERY --->
<cfquery name="Dude" datasource="#request.maindatasource#">
SELECT dude
FROM iod_dudes
WHERE dudeStatus = 'Awesome'
</cfquery>

<!--- THE QUERY OF QUERIES --->
<cfquery name="dudeQoQ" dbtype="query">
SELECT Dude
FROM Dude
WHERE dudeStatus2 = 'Really Awesome'
</cfquery>

<!--- QUERYING THE QUERY OF QUERIES --->
<cfquery name="dudeQtQoQ" dbtype="query">
SELECT Dude
FROM dudeQoQ
WHERE DudesName = 'Paul Alkema'
</cfquery>

1 CommentTags: ColdFusion