Thanks for the hint. Could you please describe in full how you solved it using permissions? That will certainly help a fellow developer in future. ... View more

I am unable to reproduce what you describe. I copied the CFC and XML in the above example from the test directory to a directory outside the project. I then created a new test page in the test directory as follows:   <!--- testpage2.cfm ---> <cfform name="mycfform"> <cfselect name="state" bind="cfc:dotted.relative.path.from.root.to.cfc.located.in.new.dir.getstates()" bindonload="true" > </cfselect> <cfselect name="city" bind="cfc:dotted.relative.path.from.root.to.cfc.located.in.new.dir.getcities({state})"> </cfselect> </cfform>   When I launch testpage2.cfm in the browser, it works as expected.   Can you please share the errors that you get? Can you also share the contents of your jvm.config file?    ... View more

Hi @cf_isfun , Thank you for your last explanation. I now, for the first time, completely undertand what the issue is. I shall now look into it with this new knowledge. ... View more

Hi @Dordrecht , My pleasure! Thank you for testing the proof of concept and for sharing your feedback. ... View more

Does any of your code use CFML functions associated with encryption, such as encrypt(), decrypt(), hash(), and so on? ... View more

Your instincts are correct. The CFMX_COMPAT flag has been removed in ColdFusion 2025.   However, as I said, I don't yet see the link between bind and CFMX_COMPAT encryption. If you've found a link, can you please let me know.   I have been able to test the following cfc-bind application, without using the CFMX_COMPAT flag. It works as expected.   Try it yourself. Place all 3 files within the same directory. Then launch testpage.cfm in a browser.   The functionality is simple. When you click on a state, you automatically get a select-list of cities from that state.     <!--- CityState.cfc ---> <cfcomponent> <cffunction name="getXmlData" output="false" returntype="xml" access="private"> <cfset var xmlData = ""> <cffile action="read" file="#expandpath('.')#\states.xml" variable="xmlData"> <cfset xmlData = XmlParse(xmlData)> <cfreturn xmlData> </cffunction> <cffunction name="getStates" access="remote" returntype="array"> <cfset var state = arraynew(2)> <cfset var xmlData = getXmlData()> <cfset var numStates = 0> <cfset numStates = ArrayLen(xmlData.states.XmlChildren)> <cfset state[1][1] = ""> <cfset state[1][2] = "== State =="> <cfloop from="1" to="#numStates#" index="j"> <cfset state[j+1][1] = ltrim(xmlData.states.state[j].XmlAttributes.abr)> <cfset state[j+1][2] = ltrim(xmlData.states.state[j].name.xmlText)> </cfloop> <cfreturn state> </cffunction> <cffunction name="getCities" access="remote" returntype="array"> <cfargument name="state" required="yes"> <cfset var city = arraynew(2)> <cfset var xmlData = getXmlData()> <cfset var numStates = 0> <cfset var numCities = 0> <cftry> <cfset numStates = ArrayLen(xmlData.states.XmlChildren)> <cfset city[1][1] = ""> <cfset city[1][2] = "== City =="> <cfloop from="1" to="#numStates#" index="j"> <cfif xmlData.states.state[j].XmlAttributes.abr eq state> <cfset numCities = ArrayLen(xmlData.states.state[j].cities.XmlChildren)> <cfloop from="1" to="#numCities#" index="k"> <cfset city[k+1][1] =ltrim(xmlData.states.state[j].cities.city[k].XmlAttributes.name)> <cfset city[k+1][2] = ltrim(xmlData.states.state[j].cities.city[k].XmlAttributes.name)> </cfloop> <cfbreak> </cfif> </cfloop> <cfcatch type="any"> <cfdump var="#cfcatch#"> </cfcatch> </cftry> <cfreturn city> </cffunction> </cfcomponent>     states.xml <states> <state abr="NJ"> <name>New Jersey</name> <cities> <city name="Edison" /> <city name="Rahway" /> <city name="Atlantic City" /> <city name="Hoboken" /> <city name="Jersey City" /> <city name="Newark" /> <city name="Trenton" /> <city name="Union City" /> </cities> </state> <state abr="CA"> <name>California</name> <cities> <city name="Anaheim" /> <city name="Beverly Hills" /> <city name="Elk Grove" /> <city name="Fairfield" /> <city name="Fremont" /> <city name="Indian Wells" /> <city name="Long Beach" /> </cities> </state> <state abr="ME"> <name>Maine</name> <cities> <city name="Augusta" /> </cities> </state> <state abr="MA"> <name>Massachusetts</name> <cities> <city name="Boston" /> <city name="Cambridge" /> </cities> </state> </states>     <!--- testpage.cfm ---> <cfform name="mycfform"> <cfselect name="state" bind="cfc:citystate.getstates()" bindonload="true" > </cfselect> <cfselect name="city" bind="cfc:citystate.getcities({state})"> </cfselect> </cfform>     ... View more

Thanks for the extra information. So far, I cannot yet see any connection with encryption. However, one thing needs to be clarified.    The flag to be used is not Encryption - = -Dcoldfusion.encryption.useCFMX_COMPATAsDefault . It is either -Dcoldfusion.encryption.useCFMX_COMPATAsDefault=true if you wish to use CFMX_COMPAT as the default encryption, or else, -Dcoldfusion.encryption.useCFMX_COMPATAsDefault=false if you don't.   That flag is to be added as one of the attributes of the java.args property in jvm.config. When the flag is not added, then ColdFusion defaults to the flag's default value, which is false.   So, set the flag as described here. Then restart ColdFusion, and see whether the problem disappears.   In any case, can you share the contents of your jvm.config file?     ... View more

Thanks for sharing that, @LarryRamp . ... View more

In my proposal, the application does not create the file tempDataFile.cfm. In other words, the application does not write a file to the Operating System.   TempDataFile.cfm is just a template, like any other CFM within the application. It contains the query code and data. ... View more

Bkbk, ...You're not saying he can "just do a cfoutput in a cfsavecontent to execute the cfml coming in as a variable", as his original examples tried to do, are you?  Again that doesn't work, which started the whole discussion. By @Charlie Arehart Charlie, it is not possible for me to say because there have been various versions of what is actually coming from the database.  @paul_8809 can resolve this by showing us the exact, raw varchar data that is coming in from the database.    Once we know that, we will then know which string functions to use (in tempDataFile.cfm) to convert the data into suitable form. ... View more

To clarify, in my last post,  tempDataFile.cfm is a new CFM file, representing the query data. ... View more

Hi @LarryRamp , glad to hear that you solved it. Could you please share your solution with the rest of the forum? It will certainly help someone somewhere. ... View more

Good point, @kazu98296633 . Writing to the file system can sometimes incur an even higher performance cost than reading from or writing to the database. Let alone the double whammy of reading from the database and then writing to the file system.   @paul_8809 , Sure, creating a temp file provides a solution. That helps because it gets the show moving again. But I really cannot see any justification for creating a temp file.   In fact, if you remove the file-write from your code, you will get essentially the same result. With much less cost to performance. 🙂    Here is your code again, in this new light   <!--- current page: Include containing the data ---> <cfsavecontent variable="emailBody"> <cfinclude template="/relative/path/to/tempDataFile.cfm> </cfsavecontent>     <!--- tempDataFile.cfm: evaluate and output the data ---> <!--- Query database for html ---> <cfset vData = qEmailTemplate.data> <cfoutput>#vData#</cfoutput>       ... View more

No worries. Other useful references:  https://helpx.adobe.com/coldfusion/deprecated-features.html (look for "cfscript support for script-based CFCs"); https://community.adobe.com/t5/coldfusion-discussions/cfscript-deprecation-question/td-p/12602244 (see the table in Priyank's post for the list of script-based CFCs affected). ... View more

Use cfhttp() instead. For example   <cfscript> cfhttp(url="http://www.adobe.com", result="res"); writedump(res); </cfscript>   ... View more

Indeed, with no intervening cfsavecontent necessary. 🙂  If that works for you, then that's fine. Due respect goes to working code; optimization comes later. So hats-off to you.   Nevertheless, I have one advice before this closes. I would avoid storing ColdFusion code in this way in the database. It is not just bad practice. It is up there among the biggest no-nos in software. For good reason.   Here are just 4 of the draw-backs of storing code like that in the database:   It violates "separation of concerns", one of the cornerstones of software design. Business logic should stay in files on the application server, not in the database. Storing code in the database mixes logic and data. This makes future updates of the code more complex.  It creates maintainability issues, as you've just discovered. Debugging database-stored code is usually harder because of the need to convert between two different environments. Code readability is reduced. As a result, understanding and maintaining the code becomes more difficult. 3. It has impact on performance. Queries are expensive in terms of CPU resources. Fetching code from a database slows execution. In addition to that, parsing and running the dynamic code adds unnecessary overhead. 4. It incurs a security risk.  Storing executable code in the database can lead to code injection attacks. An attacker could either insert malicious ColdFusion code into the data and compromise the server, or use the data to spoof the server.. There is a ready solution. It is very simple, yet very powerful, and answers each and every one of the 4 points above: keep the code logic in a CFM or CFC file.  Accessing files is much faster, more efficient and safer than querying a database for code. ... View more

From the information you have provided so far, it is difficult to say what's to be done. What is your ColdFusion version and update level? Is it possible for you to share some code with the forum? ... View more

Ah. that makes sense. Thanks for clarifying.   As I said, your hardcoding beforehand ensures that you get the email-body directly. <cfset emailBody = "<div style=""padding:1.25em 50px;text-align:center""><a href=""<cfoutput>#application.siteroot#</cfoutput>/?utm_campaign=transactional&utm_source=emails.logo&utm_medium=email""><img src=""http://aceoftrades/images/website/logo10-180.png""></a></div>"> So there is no need for cfsavecontent. ... View more

Please look again, as there is something else. Your code uses nested <cfoutput> tags, for example, like this   <cfset vData='<a href="<cfoutput>#application.siteroot#</cfoutput>/?utm_campaign=transactional&utm_source=emails.logo&utm_medium=email"><img src="<cfoutput>#application.siteroot#/logo10-180.png"></a>'> <cfsavecontent variable="emailBody"> <cfoutput>#vData#</cfoutput> </cfsavecontent>   Nesting cfoutput tags is not good practice. Besides, if the cfsavecontent contains nothig else, then the above code contains a repetition. That is because vData and emailBody represent the same string.   I would therefore write instead   <cfset vData='<a href="<cfoutput>#application.siteroot#</cfoutput>/?utm_campaign=transactional&utm_source=emails.logo&utm_medium=email"><img src="<cfoutput>#application.siteroot#/logo10-180.png"></a>'> <cfset emailBody = vData>         ... View more

I have added comments to your bug ticket, including the link to a related bug. ... View more

I have HTML code, containing dynamic variables, stored in a database in a field named "data',. An example of raw data in that field would be: <a href="<cfoutput>#application.siteroot#</cfoutput>/?utm_campaign=transactional&utm_source=emails.logo&utm_medium=email"><img src="<cfoutput>#application.siteroot/logo10-180.png"></a>   By @paul_8809   Hi @paul_8809 , the data seems to be incorrect. The second mention of application.siteroot isn't followed by #</cfoutput>   To confirm, you could test with <cfsavecontent variable="data"> <cfoutput> <a href="#application.siteroot#/?utm_campaign=transactional&utm_source=emails.logo&utm_medium=email"><img src="#application.siteroot#/logo10-180.png"></a> </cfoutput> </cfsavecontent> ... View more

Following up on a remark I made previously, if we use knowledge from Java, then the type of the property myData is determined during compile-time. The type is Query.   Then, it would seem, the myData property defined in Extend.cfc can in fact "hide" the myData property defined in Base.cfc -- as long as the type of myData in Extend.cfc is Query.    The test follows:   testpage.cfm   <cfscript> writedump(var=new Extend(), label="Dump of Extend Instance"); </cfscript> <cfscript> writedump(var=new Base(), label="Dump of Base Instance"); </cfscript>   Base.cfc   component accessors="true" { property name="myData" type="query"; }   Extend.cfc   component accessors="true" extends="Base"{ property name="myData" type="query" default="#queryNew('id,title', 'integer,varchar')#"; }     ... View more

Thanks for the info. To confirm, it is at https://tracker.adobe.com/#/view/CF-4225717  ... View more

Oh, glad to hear. Thanks for sharing the good news. Thanks also for sharing your experience. It will certainly help someone else in future.  ... View more

Hi @paul_8809 , problem solved? ... View more

Thanks, @ericbelair . I have my doubts though.    My explanation makes sense for a strongly-typed language. But ColdFusion is weakly-typed. That hasn't changed since CF 11. Therefore, I would expect it to do type-checking at run-time. That is to say, the child component (Extend.cfc) should be able to "hide" the property MyData of the parent component (Base.cfc). In short, I now think that your code should work, just as it did in CF 11.   The Adobe ColdFusion team has definitely changed the way inheritance works. But they possibly made a mistake in the manner in which properties, accessors and mutators are inherited by child components.    Hence, on second thoughts, I would suggest that you report a bug. It will get the team to take another look.   ... View more

Good find, @kazu98296633 . Your suggestion solves a wider problem of which @paul_8809 's is a part. Namely, it removes any spaces before or after the characters "<" and ">" : <cfscript> html = "<html> < div > < p > Hi there < /p > < /div > < /html >"; htmlSpaceless = html.rereplace("\s*([<|>])\s*", "\1", "all"); writeoutput(htmlSpaceless); </cfscript>   ... View more

<cfset vHTML = "<html><body><div>This is a div.</div><div>This is a second div.</div></body></html>"> <!--- Test both versions of line-feed, and see which fits your needs. ---> <!---<cfset LF=chr(10)>---> <cfset LF="\n"> <cfset vPostmarkHTML = vHTML.replaceNoCase("<body>","#LF#<body>").replaceNoCase("<div>","#LF#<div>","all").replaceNoCase("</body>","</body>#LF#").replaceNoCase("</div>","</div>#LF#","all")> <cfoutput> <strong>vPostmarkHTML</strong><br> #vPostmarkHTML# </cfoutput> ... View more