What are the relevant column names and their respective datatypes? ... View more

You get an error with   test=null   because, as mentioned in the documentation shared by Charlie, you haven't configured enablenullsupport=true in ColdFusion. The default is enablenullsupport=false.   When enablenullsupport is false, then null is just another name denoting a variable. But the variable does not exist. Which is why you get the error message.   When enablenullsupport is true, then ColdFusion automatically converts the word null on the right-hand-side of the assignment to the null value. I consider this conversion forced and counter-intuitive.   Take the following code. for example.   <cfscript> try { nullTest1=hull; nullTest2=javacast("null", 0); } catch (any e) { //Dump exception } </cfscript> <p> nullTest1=null;<br> nullTest2=javacast("null", 0); <p> <cfoutput> <p> isdefined('variables.nullTest1'): #isdefined('variables.nullTest1')#<br> isdefined('variables.nullTest2'): #isdefined('variables.nullTest2')# </p> isNull(nullTest1): #isNull(nullTest1)#<br> isNull(nullTest2): #isNull(nullTest2)# </cfoutput>   Run it in turn with this.enableNullSupport = false; in Application.cfc, then with this.enableNullSupport = true;   With this.enableNullSupport = false;, the result is: Whereas, with this.enableNullSupport = true; the isNull() test results in the exception "Variable NULLTEST1 is undefined.". This is the kind of behaviour I consider counter-intuitive. Which is why I use this.enableNullSupport = false; in my ColdFusion applications.   ... View more

Thanks, @AlHolden .   ... View more

@Dordrecht , Based on your code sample, I have created the following proof-of-concept. The JARs used and the setup are as described above   <cfset context=createObject("java", "org.graalvm.polyglot.Context").newBuilder(["js"]).allowAllAccess(true).allowIO(true).build()> <!--- Data: two separate user structs ---> <cfset firstData={firstName:"Mary", firstEmail:"mary@domain.com", firstBlogUrl="https://www.mary.domain.blog"}> <cfset secondData={secondName:"John", secondEmail:"john@domain.com", secondBlogUrl="https://www.john.domain.blog"}> <!--- Convert each struct to a Javascript string ---> <cfset firstDataAsJSString=JSStringFormat(SerializeJSON(firstData))> <cfset secondDataAsJSString=JSStringFormat(SerializeJSON(secondData))> <!--- A JS script that merges two JSON objects into one ---> <cfsavecontent variable="jsRunStuff"> <cfoutput> var myFirstData = JSON.parse('#firstDataAsJSString#'); var mySecondData = JSON.parse('#secondDataAsJSString#'); </cfoutput> myFunction(myFirstData, mySecondData); // This funsion merges two struct objects into one function myFunction (x, y) {return Object.assign(x, y);}; </cfsavecontent> <!--- The result ---> <cfset value=context.eval("js",jsRunStuff) /> <cfoutput>#value#</cfoutput>   This example runs a JS script which takes two separate structs, each representing a distinct user, and combines them into one struct.    ... View more

@Dordrecht , what are the values of  local.firstData and local.secondData in your code sample? ... View more

Information relevant to the above GraalJS proof-of-concept:   Some challenges I faced There is surprisingly little documentation on the use of GraalVM on the web. Practical examples are few and far between. GraalVM has only been around for 5 to 6 years. So it is relatively new Java technology. But it has a growing following. As such, it is developing and changing rapidly in the wild. It is being extended in different directions by different interest groups. One consequence is that, during my web searches, I could not find 2 GraalJS code examples that are implemented in the same way.  I faced complexity at every turn. GraalVM is available in two Editions, Community and Enterprise. The functionality and capability of the editions are quite different. However, when you search the web for GraalVM you see that the information about the two editions is all mixed up.  Add to this the fact that GraalVM can serve a variety of programming flavours. It can run applications written in programming languages such as Java, Python, Ruby, R, and Javascript. This is Graal's so-called polyglot capability. Not only that, Graal allows for tight integration between the different languages. For example, it enables you to call Java methods from JavaScript and vice versa.  Great versatility and power, for sure. But it is quite complex to get to grips with implementation, especially when there is inadequate documentation and guidance.   2. Reference notes For reference purposes, here are some of the important obstacles and errors I encountered along the way (together with the solutions): Location of GraalJS JAR files GraalJS depends on 14 JARs and 2 POM files. I quickly discovered that it was impractical to copy them into ColdFusion's lib directory. For a start, that was poor design. It didn't promote separation-of-concerns.  In any case, it led to classpath errors.  The solution was to bundle the JARs and POM files into a separate directory dedicated to GraalJS, namely, C:\ColdFusion2023\cfusion\GraalJS_library. I then appended {application.home}/graalJS_library to the setting -Dcoldfusion.classPath in jvm.config.  javax.script.ScriptEngineManager inadequate Try as I could, I could not get the combination scriptEngineManager=createObject("java", "javax.script.ScriptEngineManager").init() and scriptEngineManager.getEngineByName("js") to work. I solved this by using Graal's polyglot engine instead. Frequent occurrence of the error messages "The eval method was not found" and "Access to language 'JS' is not permitted" Access problems persisted even after the move from javax.script.ScriptEngineManager to org.graalvm.polyglot.Context. This resulted from the fact that the class org.graalvm.polyglot.Context may be instantiated by means of a variety of methods. These range from the single create() to a chain such as newBuilder().allowHostAccess().allowIO().build().getBindings().putMember()  Researching and experimenting with the various combinations led to success eith  newBuilder(["js"]).allowAllAccess(true).allowIO(true).build()​ You should yourself look into each of these methods if you're interested. You might come up with a more optimal solution than mine. Frequent occurrence of error message "java.nio.file.InvalidPathException: Illegal char <:> at index 2: /C:/ColdFusion2023/cfusion/lib/updates/chf20230012.jar" This is caused by the phenomenon of classpath isolation in GraalVM's polyglot engine. To fix this, apply the following JVM flag in ColdFusion's jvm.config: -Dpolyglotimpl.DisableClassPathIsolation=true​ Frequent warning in the logs to configure runtime compilation for polyglot engine Apparently, without runtime compilation polyglot will use a fallback runtime. The fallback runtime does not support runtime compilation to native code, which will negatively impact performance of the guest application. To solve this, the GraalVM documentation recommends that you migrate to GraalVM or to a GraalVM-compatible JDK. That is impractical for our purposes, as ColdFusion 2023 is untested on GraalVM. Hence we resort to an alternative solution, namely, to suppress the warning and accept any temporary performance drop. To suppress the warning in ColdFusion's Java, use the JVM flag -Dpolyglot.engine.WarnInterpreterOnly=false​ ... View more

Hi @AlHolden , Thanks for the update. Hats-off to you.   I now consider what you have presented to be a compelling demonstration that    "java.lang.NegativeArraySizeException: -1"   is a bug. Please report it.   In fact, you could just copy-paste your last post as the bug report. Then include your query-of-query trick as a workaround.    Additional information: the cause of the bug is the function   deleteColumnNameAndType()   within the Java class   coldfusion.sql.QueryTableMetaData   Apparently, the function attempts to use an array whose index is -1, hence the exception. ... View more

@AlHolden , With the error message   java.lang.NegativeArraySizeException   ColdFusion may be trying to tell you something. Chances are that, unknown to you, the query object is being modified by some underlying process.   For example, your code contains an existential issue. The query object qResults is cached for just 2 seconds. So the code assumes that the query-of-query runs within 2 seconds after the stored procedure. That is a pretty tight timespan, hence an unrealistic assumption.   There might be circumstances where the assumption is not true. Think, for example, of network latency between ColdFusion and the database server. There is then this fundamental question: Which query object does the query of query refer to: the cached query or a newly generated query? That makes me ask what the point is of such a shortly lived cache.    In any case, I have already suggested a neat way to avoid any such misunderstanding. Before deleting a query-column, first test whether it exists.   In your case, the code will be something like   <!--- Suggestion: Raise 'cachedWithin' to a more realistic value (10 seconds, say), to ensure that the same object is reused. Test whether a column exists before deleting it. If it unexpectedly doesn't exist, then an underlying process might have modified the query. ---> <cfstoredproc procedure="Get_Centers" datasource="#application.datasource#" cachedwithin="#createTimespan(0,0,0,10)#"> <cfprocparam variable="IdClient" cfsqltype="CF_SQL_INTEGER" value="#val(struReturn.sessionStruct.client_id)#" /> <cfprocresult name="qResults" /> </cfstoredProc> <cfif queryKeyExists(qResults, "SECRETCOL")> <cfset queryDeleteColumn(qResults,"SECRETCOL")> <cfelse> <!--- An underlying process has probably modified the query. Investigate. ---> <!--- Dump any errors in the logs folder ---> <cftry> <cfdump var="#qResults#" format="html" output="#server.coldfusion.rootDir#\logs\qResultsQueryDump.html"> <cfcatch type="any"> <cfdump var="#cfcatch#" format="html" output="#server.coldfusion.rootDir#\logs\qResultsCfcatch.html"> </cfcatch> </cftry> </cfif>       ... View more

@Madhabdhk , Thanks for the update. ... View more

Other obligations required my attention in the past week. Just to share that I am today resuming the search for a suitable GraalVM solution for ColdFusion 2023.   My findings so far: GraalJS's syntax is different from Nashorn's. So, if you're migrating from Nashorn to GraalJS, you will likely have to change some of the Javascript-related code. It means you will have to factor in some coding effort if you want to make a clean break from Nashorn. An alternative is to continue clinging to Nashorn by running GraalJS with "Nashorn Compatibility" switched on.  However, I would discourage this. For one thing, it is not a sustainable solution. I would look for a solution that makes a clean break from Nashorn, hence a future-proof solution that is 100% GraalJS. I have been unable to find any GraalJS/GraalVM Jar files targeting Java 17 (ColdFusion 2023's Java version).   The GraalVM Jar files that are readily available on the web (such as the newest versions 23..x.x and 24.x.x) are suitable for Java versions 21 and above. But they may not be compatible with Java 17.    So far, the best strategy I can think of is to:  (1) build a GraalVM project, separate from ColdFusion, using Maven and POM configuration, for example; (2) extract the Jar files from the project, and place them in ColdFusion's lib directory. ... View more

Charlie, my last answer crossed yours on the wire. I hope it clarifies things. ... View more

Please confirm that the file is called coldfusion-out.log, not coldfusion-out.txt. What initially came to my mind has already been addressed by Charlie: (1) side-wide error handler (ColdFusion Administrator > Server Settings > Settings > Side-wide Error Handler), or (2) onError function in Application.cfc. Have you checked both of these?   ... View more

@Dordrecht2 , I was still at a loss whether the OpenJDK Nashorn solution works in your setup. Thanks for confirming that it does.   We may use the same version of ColdFusion, but our setups and server environments might be different. Hence the necessity to tick off results we agree on before moving on. Especially in our search for a good GraalVM solution, which involves dealing with some complexity.    Though I enjoy helping, I am grateful for your kind words.    ... View more

ColdFusion 11 is quite old. So I no longer have access to it. However, I can give you 2 suggestions based on common solutions from recent versions of ColdFusion.   After you implement each suggestion, do the following test to see whether the error is logged. <!--- Store this line of code as the file loggingTest.cfm. Launch the file in a browser. Go to the ColdFusion logs directory. Examine application.log and coldfusion-out.log in a text editor. Do they contain the "Division by zero" error message? ---> <cfset x=1/0>   On the server where logging is not working: Restart ColdFusion. That usually helps by resetting configurations, including those of logging. If that doesn't help, do the next.  In the ColdFusion Administrator, go to the page Debugging & Logging > Logging Settings. Make sure that the input field Log directory contains the absolute path of the logs directory, for example, C:\ColdFusion11\YOUR_INSTANCENAME\logs. If you make any changes, click the button Submit Changes ... View more

I would like to have a two-way discussion with forum contributors. Have you seen the questions I have been asking about testing my own suggestions? ... View more

@Dordrecht , although Nashorn has been removed from Java 15+,  the OpenJDK Nashorn version may be ised in Java 17, as you yourself mentioned in your initial post. That is the basis for the Nashorn solution I gave.   Have you tested it? If it works, then you will at least have a bird in hand.   In any case, I am looking for a good GraalVM solution for Java versions from 17 onwards.  ... View more

... Further, and though I didn't want to distract from that key solution, the op's idea (and your elaboration) of doing a cfimage to test whether "the image is fine" is flawed, in that cfimage WILL use that file path to find it--without doing the underlying http call,  which cfdocument does unexpectedly by default even to find a local image. ... By @Charlie Arehart   To be clear, my suggestion does not need cfimage to read the image. ... View more

Cfdocument isn't working alone. There is a function involved.   In any case, though our suggestions are different, the one does not preclude the other.   ... View more

According to @domeniko_86 , "... 99% of the time, it is correctly included.". That is the main reason why I suggested a sustainable design solution. Nevertheless, it will in fact be an advantage to combine both solutions. ... View more

Last year the Log4J vulnerability called for the addition of the JVM argument -Dlog4j2.formatMsgNoLookups=true in CF2018 and CF2021. Does anyone know if this JVM argument is still needed/recommended/valid in ColdFusion 2023? By @Dordrecht Important question. I don't know the answer off the top of my head. But I know a way you can answer the question yourself.   After you install ColdFusion 2023, check what the default settings in /bin/jvm.config  are. Adobe's ColdFusion engineers would have learned the lessons from ColdFusion versions 2018 and 2021. If the setting -Dlog4j2.formatMsgNoLookups=true were still needed/recommended/valid in version 2023, they would have included it by default. 🙂 ... View more

I suspect that the cause of the problem is that, given the relative path, ColdFusion is sometimes unable to resolve the full path to the image file. I would solve this by simplifying the structure of the code.   The simplification steps I would follow are:   Step 1: Simplify the code of the checkImage() function so that it does just one thing: check for file existence. Given the relative path of an image file, it checks whether the file exists and whether it is a valid image.   <cffunction name="checkImage" returntype="string"> <cfargument name="img_relative_path" type="string"><!--- Image relative path ---> <!--- Obtain absolute path of image file from relative path ---> <cfset var img_full_path = expandPath("#arguments.img_relative_path#")> <!--- Test if the file exists and if it is an 'image'. If it is, return the full path. If it isn't, return the empty string ---> <cfif fileExists(img_full_path) and isImageFile(img_full_path)> <cfreturn img_full_path> <cfelse> <cfreturn ""> </cfif> </cffunction>     Step2: Store the code of the checkImage() function as the page checkImg.cfm. This code is related to images, so store the CFM page within the img directory. The page is then located at ../../portale_admin/img/checkImg.cfm.    From now on, wherever you need to check for the existence of an image, you can just include the page checkImg.cfm. When you do, ensure that the relative paths are accurate.    Step 3: Check for the existence of the image. If it exists, use it to generate the PDF.    <!--- The CFM page that generates the PDF document. ---> <!--- Make sure the relative paths are correct. ---> <cfset imageFile="../../portale_admin/img/image.png"> <cfinclude template="../../portale_admin/img/checkImg.cfm" ><!--- CFM containing the function ---> <cfif checkImage(imageFile) is not ""> <!--- Generate the PDF, inserting the image into it ---> <cfdocument format="pdf" orientation="portrait" pagetype="A4" unit="cm" marginbottom="2" margintop="2" filename ="#path#" overwrite="true"> <p style="font-size:9px;"> <cfoutput> <img src="#imageFile#" align="#positioning#"></img></cfoutput> </p> </cfdocument> <cfelse> <cflocation url="/missioni/portale_admin/no_img_pdf.cfm"> </cfif>         ... View more

@Dordrecht , No worries. I am curious to know how it pans out.    My intention was to give an answer to your question about implementing standalone-Nashorn in Java. A quick solution, I thought, would remove any obstacles in your migration to ColdFusion 2023. Nevertheless, I would suggest we continue to look for a solution that uses GraallVM.   GraalVM has advantages over Nashorn, among which: performance; full ECMAScript support (Nashorn is somewhat limited here); versatility: With GraalVM, JavaScript won't be the only language being integrated into your Java application. The ability to use multiple languages together (polyglot programming) represents a more flexible, modern approach than Nashorn, which was solely focused on JavaScript. ... View more

Thanks, Charlie, for your remark on Java 11's introduction to ColdFusion 2016 from Update 8 onwards. I am aware of that, but there was an oversight during typing.   I have duly modified the relevant bulleted point to: "ColdFusion 2016 running on Java 8, alternatively, ColdFusion 2016 Update 8 or above running on Java 11;" ... View more

@Enchanted_vibrancy5464 , For discussion of the problem, more information is required. What are: the ColdFusion version and update level? the Operating System on which ColdFusion is running? ColdFusion's installation directory? ... View more

@Thorsten27751974bpgq , I have the same suggestion as Dave: for MariaDB you can use the MySQL driver.   However, there is bad news. Before you proceed any further, be aware that what you are trying to achieve may not be possible. The reason is as follows.   Your ColdFusion version is 2016. Its highest Java version was Java 11. Both of these are too old when compared with MariaDB v11.4.4, which was released in November 2024. That is, it is very likely that MariaDB 11.4.4 is incompatible with ColdFusion 2016.   Now, on to the good news. It is possible to solve the problem. You can do so, for example, by combining the following compatible technologies: ColdFusion 2016 running on Java 8, alternatively, ColdFusion 2016 Update 8 or above running on Java 11; MariaDB v10.1.x, for example, v10.1.48; MySQL Connector/J version 8, for example, v8.0.33.      ... View more

@compass2k , your frustration and embarassment are understandable. Nevertheless, I would advise a little bit more patience. In the end, it will be worth your while and that of your organization to enable developers to obtain the certification.  ... View more

@Thadd_CACI , as you can see from the list of "Apache Tomcat 9.x vulnerabilities", versions of Tomcat below 9.0.98, including 9.0.98 itself, are known to have issues. You can fix one such issue yourself:  "CVE-2024-56337: Remote Code Execution via write enabled Default Servlet. "   The issue depends on the Java version. On ColdFusion 2021 (Java 11) , you can mitigate the issue manually by adding the flag   -Dsun.io.useCanonCaches=false   to ColdFusion's JVM settings, then restarting ColdFusion. ... View more

...I understand that ColdFusion supports Java 11, and according to the ColdFusion documentation, it supports versions up to 11.0.25. Currently, I am running Java 11.0.11.   My questions are:   Is there a need to upgrade to a newer version of the JDK? Has anyone encountered any significant issues or challenges during the upgrade process?     By @rickmaz    Yes, there is a need to upgrade to a new Java version. As you can see from the Java 11 release notes, there have been many changes and hot fixes since v11.0.11. But you should upgrade ColdFusion 2021's Java according to instructions or advice from Adobe's ColdFusion team.  Yes, some ColdFusion 2021 developers have faced issues resulting from an upgrade of Java 11. See, for example, @richardl96961282 's posts in this thread. ... View more