├── index.cfm ├── .gitignore ├── Application.cfc ├── install ├── readme.txt ├── license.html └── intro.html ├── handlers ├── varScoper.cfc └── cfbuilder.cfm ├── properties.xml ├── displayDump.cfm ├── license.txt ├── ide_config.xml ├── fileDisplay.cfm ├── displayCSV.cfm ├── varScoperDisplay.cfm ├── displayXML.cfm ├── readme.txt ├── displayUnit.cfm ├── displayScreen.cfm ├── varScoper.cfm ├── testCaseCFC.cfc └── varScoper.cfc /index.cfm: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .project 2 | .settings/ 3 | settings.xml 4 | -------------------------------------------------------------------------------- /Application.cfc: -------------------------------------------------------------------------------- 1 | 2 | 3 | -------------------------------------------------------------------------------- /install/readme.txt: -------------------------------------------------------------------------------- 1 | To install into CF Builder, Navigate to Eclipse Preferences - ColdFusion/Extensions 2 | 3 | Click on Import and select the parent folder where you extracted varscoper.zip -------------------------------------------------------------------------------- /handlers/varScoper.cfc: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | -------------------------------------------------------------------------------- /properties.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | -------------------------------------------------------------------------------- /displayDump.cfm: -------------------------------------------------------------------------------- 1 | 2 |
3 | #scoperFileName#

4 | 5 | 6 | 7 |

8 | 9 | -------------------------------------------------------------------------------- /license.txt: -------------------------------------------------------------------------------- 1 | LICENSE 2 | Copyright 2006 Mike Schierberl 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. -------------------------------------------------------------------------------- /install/license.html: -------------------------------------------------------------------------------- 1 | 
 2 | LICENSE 
 3 | Copyright 2006 Mike Schierberl
 4 | 
 5 | Licensed under the Apache License, Version 2.0 (the "License");
 6 | you may not use this file except in compliance with the License.
 7 | You may obtain a copy of the License at
 8 | 
 9 |    http://www.apache.org/licenses/LICENSE-2.0
10 | 
11 | Unless required by applicable law or agreed to in writing, software
12 | distributed under the License is distributed on an "AS IS" BASIS,
13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | See the License for the specific language governing permissions and
15 | limitations under the License.
16 |
-------------------------------------------------------------------------------- /ide_config.xml: -------------------------------------------------------------------------------- 1 | 2 | varScoper 3 | Mike Schierberl 4 | 1.0 5 | mike@schierberl.com 6 | intro.html 7 | 1.30 8 | license.html 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | -------------------------------------------------------------------------------- /install/intro.html: -------------------------------------------------------------------------------- 1 | 3 | 4 | 5 | varScoper 6 | 7 | 23 | 24 |

varScoper

25 |

26 | varScoper is a code scanning tool that can be used to identify variables that are not explicitly scoped to be local or global to a ColdFusion function. 27 |

28 |

29 | By default, variables created within a ColdFusion function are global to the component or .cfm file and not local to the function. Variables that exist outside of their intended scope can cause unintended thread safety issues. varScoper will help you identify these variables in your code. 30 |

31 | 32 | 33 | -------------------------------------------------------------------------------- /fileDisplay.cfm: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 

 8 | 
 9 | 
10 | 
11 | 
12 | 
13 | 				
14 | 				
15 | 					
16 | 				
17 | 					
18 | 					
19 | 				
20 | 				
21 | 
22 | 				
23 | 				
24 | 					
25 | 					
26 | 				
27 | 
28 | 				#totalLines#: #HTMLEditFormat(mid(fileContent,lastLineStart + 2,lineFeedArray.POS[1] -lastLineStart))#
29 | 				
30 | 				
31 | 					
32 | 				
33 | 
34 | 				
35 | 				
36 | 			
37 | 
38 |
39 | 40 | 41 | -------------------------------------------------------------------------------- /displayCSV.cfm: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | -------------------------------------------------------------------------------- /varScoperDisplay.cfm: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | No file or directory exists for the path specified (#htmlEditFormat(scoperFileName)#) 59 | 60 | 61 | There was a parsing error with one of the functions - the function did not have a name, exiting processing 62 | 63 | 64 | 65 | 66 | 67 | -------------------------------------------------------------------------------- /displayXML.cfm: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | #currentFileName#(#totalUnscopedVariables# unscoped variables) 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | #tempUnscopedArray[unscopedIdx].VariableName# 29 | 30 | #tempUnscopedArray[unscopedIdx].LineNumber# 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | " /> 52 | 53 | #xmlPacket# 54 | 55 | 56 | 57 | 58 | 59 | -------------------------------------------------------------------------------- /readme.txt: -------------------------------------------------------------------------------- 1 | LICENSE 2 | Copyright 2006 Mike Schierberl 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | 16 | 17 | varScoper 18 | Project Homepage: 19 | http://www.schierberl.com/varscoper 20 | 21 | 22 | Installation Instructions: 23 | Extract all files to a publicly accesible directory on your CFMX 6 or 7 server. 24 | Navigate to index.cfm or varscoper.cfm and enter the absolute or relative 25 | path to the template or directory that you would like to check. 26 | 27 | History 28 | -v1.3 29 | -CF Builder Extension Support 30 | -Recognizes var statements anywhere in a function (CF9) 31 | -Issues (13,14,15,16,17,18,19,20,21,23,25,26,27,28,30,31,32) Fixed 32 | -Open BD/Railo Supported 33 | -CFScript comments parsed correctly 34 | -v1.2 35 | -Significant improvements to cfscript parsing engine 36 | -Issues (6,7,8,9,10,11) fixed 37 | -Ability to exclude files/folders using properties.xml (only when parsing a folder) 38 | -Ability to identify tags with "multiple personalities" i.e. cffeed/cfprocparam that can have different behaviors for output variables based on params 39 | -More agressive var scope checking (newly identified scenarios that were missed before) 40 | -Addition of unit testing suite 41 | -v1.12 42 | -added new tags to the parsing engine 43 | -added XML output support 44 | -fixed some bugs related to directory parsing in CF6 45 | -v1.1 46 | -added support for cfscript 47 | -v1.0 48 | -initial release 49 | -cf tag support 50 | -Find unscoped variables created with a cfset within a cffunction 51 | -Find unscoped variables created with cftags (cfloop, cfquery, etc) 52 | -Report line numbers and link directly to the line in the file 53 | -Output to screen or csv 54 | 55 | 56 | 57 | 58 | 59 | 60 | Features: 61 | -Identifies unscoped variables within cffunctions 62 | -can return line numbers of functions/variables 63 | 64 | Known Limitations: 65 | 66 | -(fixed 1.13) Returns false positive when variables are set within a comments block 67 | -(fixed 1.13) If you don't scope an argument value, and then reference that value it 68 | will "technically" return a false positive... 69 | 70 | 71 | instead of... 72 | 73 | 74 | Future TODOs: 75 | -(fixed 1.13) create a library of all cf tags that can create variables 76 | -(fixed 1.13) cfscript 77 | -(fixed 1.13) ignore things in comments (May need to use lookbehind? Not supported in CF as far as I know) 78 | -Integration with cfeclipse 79 | 80 | How can I help? 81 | -I need help extending the testCaseCFC file. If you come across false positives (or negatives) 82 | within your code, please send me a snippet so I can add it to the testCaseCFC 83 | -I need help finding all cftags that create variables (cfloop, cfquery, etc) 84 | I'm sure there are some corner cases out there, I'd like to compile a comprehensive list. 85 | -Send all requests for help or suggestions to mike@schierberl.com 86 | 87 | 88 | 89 | -------------------------------------------------------------------------------- /displayUnit.cfm: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 |
14 | #scoperFileName#

15 | NOTE: If a false positive and negative case are contained in the same function it may report success 16 | 17 |
18 |
19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 75 | 81 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | #htmlIdx# 99 | 100 | 101 | #htmlIdx# 102 | 103 |
43 | #scoperFileName# 44 |
55 | 56 | #htmlEditFormat("#currentFunction#")# 57 | 58 | 66 | 67 | FAIL 68 | 69 | FAIL 70 | 71 | 72 | PASS 73 | 74 | 76 | 77 | #scopedCount# expected - #found# found 78 |   79 | 80 | 82 | 83 | #hintStruct[currentFunction]# 84 |   85 | 86 |
104 | 105 | -------------------------------------------------------------------------------- /displayScreen.cfm: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 |
34 | #currentFileName# (#totalUnscopedVariables# unscoped variables) 35 |
46 | 47 | 48 | 49 | 50 | show corrective code 51 | 52 | 53 | #htmlEditFormat("")# 54 | 55 | 56 | line: #scoperResults[scoperIdx].LineNumber# 57 | 58 | 59 | 60 | 61 |
#tempUnscopedArray[unscopedIdx].VariableName# 90 | line: #tempUnscopedArray[unscopedIdx].LineNumber# 91 | 92 | #htmlEditFormat(left(tempUnscopedArray[unscopedIdx].VariableContext,100))#


103 | 104 | 105 | #replaceNoCase(varScoperDetails, "${allLines}", allLines, "ALL")# 106 | 107 | 108 | 109 | 110 | -------------------------------------------------------------------------------- /handlers/cfbuilder.cfm: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 27 | 28 | 29 | varScoper 30 | 31 | 89 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 |
138 | #fileIdx# - #totalUnscopedVariables# unscoped variabless 139 |
148 | 149 | 150 | 151 | 152 | show corrective code 153 | 154 | 155 | 156 | #scoperResults[scoperIdx].functionName# 157 | 158 | 159 |
#tempUnscopedArray[unscopedIdx].VariableName# 188 | line: #tempUnscopedArray[unscopedIdx].LineNumber# 189 | 190 | #htmlEditFormat(left(tempUnscopedArray[unscopedIdx].VariableContext,100))#


201 | 202 | 203 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 |

214 | Processed #arrayLen(files)# files in #end-start#ms. 215 |

216 | 217 | 218 | 219 | 220 | 221 | 222 | 223 | 224 | 225 | 226 | 227 | 228 | 229 | 230 | 231 | 232 | 233 | 235 | Found #totalCount# unscoped variables in #arrayLen(files)# files 236 |

237 | #responseContent# 238 | ]]> 239 | 240 | 241 | 242 | 243 | 244 | -------------------------------------------------------------------------------- /varScoper.cfm: -------------------------------------------------------------------------------- 1 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 152 | varscoper 153 | 154 | 155 | 156 | 157 | 158 |
> 159 | absolute path: 160 | 161 | 162 | 163 |
164 | output: 165 | checked> screen 166 | checked> csv 167 | checked> xml 168 | checked> unit test 169 | checked> dump (debug) 170 |
171 | checked> show duplicates (useful if some setters are in comments) 172 | 173 |
174 | 175 | checked> include sub-folders
176 | 177 | checked> parse cfscript. note: this will NOT return correct line numbers 178 | 179 |
180 | 181 | 182 | 183 | 184 | function CSVFormat(col){ 185 | /* Look for quotes */ 186 | if (Find("""", col)) { 187 | return_string = """" & Replace(col, """", """""", "All") & """"; 188 | } //if 189 | /* Look for spaces */ 190 | else if (Find(" ", col)) { 191 | return_string = """" & col & """"; 192 | } //else if 193 | /* Look for commans */ 194 | else if (Find(",", col)) { 195 | return_string = """" & col & """"; 196 | } //else if 197 | else { 198 | return_string = col; 199 | } //else 200 | return return_String; 201 | } 202 | 203 | newLine = Chr(13)&Chr(10); 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216 | 217 | 218 |

Processed 1 file and #variables.totalMethods# cffunctions in #directoryEnd-directoryStart#ms 219 | 220 | 221 | 222 | 223 | 224 | 225 | 226 | 227 | 228 | 229 | 230 | 231 | 232 | 233 | 234 | 235 | 236 | 237 | 238 |

Processed #variables.totalFiles# files and #variables.totalMethods# cffunctions in #directoryEnd-directoryStart#ms 239 | 240 | No file or directory exists for the path specified (#htmlEditFormat(url.filePath)#) 241 | 242 | 243 | 244 | 245 | 246 | 247 | 248 | 249 | #request.allCSVData# 250 | 251 | 252 | 253 | 254 | 255 | 256 | 257 | 258 | 259 | 260 | 261 | 262 | 263 | -------------------------------------------------------------------------------- /testCaseCFC.cfc: -------------------------------------------------------------------------------- 1 | 2 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | Test case for var scoper 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | stItem['dc:date'] = ""; 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | return 0; 59 | var user_agent = ''; 60 | var os = "Mac"; 61 | if (findNoCase("68",user_agent)) 62 | os = os & " 68k"; 63 | else if (findNoCase("os x",user_agent)) 64 | os = os & " OSX"; 65 | else if (findNoCase("ppc",user_agent)) 66 | os = os & " PPC"; 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | switch(arguments.dbtype){ 84 | case "postgresql": 85 | { 86 | if (Len(arguments.stDefault)) sql = sql & "; ALTER TABLE #application.dbowner##arguments.typename# ALTER COLUMN #arguments.srcColumn# set default '#stDefault#'; UPDATE #application.dbowner##arguments.typename# SET #arguments.srcColumn# = '#stDefault#'"; 87 | break; 88 | } 89 | case "mysql": 90 | { 91 | if (arguments.bNull) sql = sql & "NULL"; 92 | 93 | else sql = sql & "NOT NULL"; 94 | 95 | if (Len(arguments.stDefault) OR NOT arguments.bNull) sql = sql & " DEFAULT '#stDefault#'"; 96 | break; 97 | } 98 | } 99 | 100 | 101 | 102 | 103 | 104 | 105 | 106 | 107 | 108 | /** 109 | * Compares two lists and returns the elements that do not appear in both lists. 110 | */ 111 | 112 | var delimiters = ","; 113 | 114 | delimiters = arguments[3]; 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | Test case for var scoper 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | 164 | 165 | //init fields 166 | local.fieldcount = 0; 167 | local.searchstring = ""; 168 | local.startBracketCount = 0; 169 | local.endBracketCount = 0; 170 | searchportion = Find('"', Mid(local.searchTerm, local.counter, Len(local.searchTerm))) - 1; 171 | 172 | 173 | 174 | 175 | 176 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | var myvar = ""; 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216 | 217 | 218 | 219 | 220 | 221 | 222 | 223 | 224 | 225 | 226 | 227 | 228 | 229 | var correctSimpleVar4 = "" ; 230 | correctSimpleVar4 = ""; 231 | var correctSimpleVar3 = ""; 232 | 233 | 234 | 235 | 236 | 237 | 238 | 239 | 240 | 241 | 242 | 243 | 244 | 245 | 246 | 247 | 248 | 249 | 250 | 251 | 252 | 253 | 254 | 255 | 256 | 257 | 258 | 259 | 260 | 261 | 262 | local.DefaultFormat = variables.chartConfig.getChartFormat(); // can be: flash, png, jpg 263 | local.MaxCategories = variables.chartConfig.getMaxCategories(); // maximum number of x-axis categories 264 | local.Format=variables.chartConfig.getChartFormat( arguments.ChartData.format ); 265 | local.SeriesPlacement = variables.ChartConfig.getSeriesPlacement(); // can be: cluster, stacked, percent 266 | local.ChartWidth = variables.chartConfig.getChartWidth(); // integer width in px 267 | local.ChartHeight = variables.chartConfig.getChartHeight(); // integer height in px 268 | local.SeriesArray = arguments.ChartData.SeriesArray; 269 | local.ScaleFrom = arguments.ChartData.ScaleFrom; // numerical value or empty string for auto scaling 270 | local.ScaleTo = arguments.ChartData.ScaleTo; // numerical value or empty string for auto scaling 271 | local.ChartStyleType=arguments.ChartData.chartStyleType; 272 | local.showLegend=arguments.ChartData.showLegend; 273 | local.LabelFormat=arguments.ChartData.LabelFormat; 274 | local.ChartStyle=arguments.ChartData.ChartStyle; 275 | local.SortXAxis=arguments.ChartData.SortXAxis; 276 | if( fileExists( expandPath(variables.chartConfig.getDefaultChartStylePath() & local.ChartStyle ) ) IS false){ 277 | local.ChartStyle = variables.chartConfig.getDefaultChartStyle(); 278 | } 279 | 280 | 281 | 282 | 283 | 284 | 285 | 286 | var correctSimpleVar5 = ""; //comments after var 287 | 288 | // var withinComments = ""; 289 | /* var withincomments2 = ""; */ 290 | /* 291 | var withincomments3 = ""; /* 292 | */ 293 | 294 | 295 | 296 | 297 | 298 | 299 | withinComments = "foo"; 300 | withinComments2 = "foo"; 301 | withinComments3 = "foo"; 302 | 303 | 304 | 305 | 306 | 307 | /* 308 | 309 | */ 310 | 311 | var row = 1; 312 | 313 | row = ''; 314 | 315 | 316 | 317 | 318 | 319 | 320 | /* 321 | 322 | /* 323 | */ 324 | 325 | var row = 1; 326 | 327 | /* 328 | unscoped = ''; 329 | /* 330 | */ 331 | row = ''; 332 | 333 | 334 | 335 | 336 | 337 | 338 | 339 | 340 | 341 | 342 | 343 | 344 | 345 | SELECT email 346 | FROM emails 347 | 348 | 349 | 350 | 351 | 352 | 353 | 354 | 355 | 356 | 357 | 358 | 359 | 360 | SELECT email 361 | FROM emails 362 | 363 | 364 | 365 | 366 | 367 | 368 | 369 | 370 | 371 | 372 | 373 | 374 | 375 | 376 | 377 | 378 | 379 | 380 | 381 | 386 | 387 | 393 | 394 | 395 | 396 | 397 | 398 | 399 | 400 | 401 | 402 | 403 | 404 | 405 | 406 | 407 | 408 | 409 | 410 | 411 | 412 | 413 | 414 | 415 | 416 | var testVar = true; 417 | 418 | return 0; 419 | 420 | //This does not work: says ") testVar" is not scoped. 421 | if (testVar EQ "true") 422 | testVar = false; 423 | else 424 | testVar = true; 425 | 426 | //This does validate correctly. 427 | if (testVar EQ "true") { 428 | testVar = false; 429 | } 430 | else { 431 | testVar = true; 432 | } 433 | 434 | 435 | 436 | 437 | 438 | 439 | 440 | 441 | 442 | 443 | 444 | 445 | 446 | 447 | return newStruct(ok="false", errorMessage="!", sValidationMsg="#getCaseString(attr)#", 448 | field="#stResult.fieldname#", rules="#stRules#", result="#stResult#"); 449 | 450 | 451 | 452 | 453 | 454 | 455 | 456 | 457 | 458 | 459 | 460 | 461 | 462 | 463 | 464 | 465 | 466 | 467 | 468 | 469 | 470 | 471 | 472 | 473 | 474 | 475 | 476 | someFunction(); 477 | 478 | 479 | 480 | 481 | 482 | 483 | ---> 484 | 485 | 486 | 487 | 488 | 489 | 490 | 491 | 492 | 493 | 494 | 495 | 496 | var table = ''; 497 | return 0; 498 | return table & "." & object.getPropertyByName(arguments.condition.getProperty()).getColumn() & " = '" & arguments.condition.getValue() & "'"; 499 | 500 | 501 | 502 | 503 | 504 | 505 | var aScopedArray1 = arrayNew(1); 506 | var aScopedArray2 = arrayNew(1); 507 | 508 | return 0; 509 | 510 | aScopedArray1[1] = "Hello World"; 511 | aScopedArray2[1] = 1; 512 | 513 | aScopedArray1[aScopedArray2[1] + 1] = "Foobar"; 514 | 515 | 516 | 517 | 518 | 519 | var sScoped = ""; 520 | return 0; 521 | sScoped = "&quotedString=value"; 522 | 523 | 524 | 525 | 526 | 527 | 528 | var LOCAL = StructNew(); 529 | return 0; 530 | 531 | LOCAL.CSS[ "background-color" ] = ""; 532 | 533 | 534 | 535 | 536 | 537 | 538 | var sFileName = ""; 539 | var stReturn = ""; 540 | return 0; 541 | 542 | if (variables.oFileSystem.checkFilePath(sDestination&sFileName)) 543 | sFileName = variables.oFileSystem.getAlternativeFileName(sDestination,sFileName); 544 | if (Compare(stUploadedFile.ServerFile,sFileName)) { 545 | stReturn.bFileRenamed = true; 546 | } 547 | 548 | 549 | 550 | 551 | 552 | 553 | 554 | var length = len("//data"); 555 | return 1; 556 | for (i=1; i lte ArrayLen(arrTables);i=i+1) {}; 557 | 558 | 559 | 560 | 561 | 562 | var iMail = find("@", ''); 563 | var notallowed = " ;:!$%/()=?*"; 564 | return 0; 565 | 566 | 567 | 568 | 569 | 570 | 571 | 572 | url[getUrlPageIndicator()] = urlPageNo; 573 | proper[getUrlPageIndicator()] = urlPageNo; 574 | unscoped[getUrlPageIndicator()] = urlPageNo; 575 | 576 | 577 | 578 | 579 | 580 | 581 | 582 | 583 | 584 | 585 | 586 | 587 | 588 | 589 | 590 | 591 | 592 | 593 | 594 | 595 | 596 | 598 | 599 | 600 | 601 | 602 | 603 | 604 | 605 | 606 | 607 | 608 | 609 | 610 | 611 | 612 | 613 | 614 | 615 | 617 | 618 | 620 | 621 | 622 | 623 | 624 | 625 | 626 | 627 | 628 | 629 | 630 | 631 | 632 | 633 | 634 | 635 | 636 | 637 | 638 | 639 | 640 | 642 | 643 | 644 | 645 | 646 | 647 | 648 | 649 | 650 | 651 | 652 | 653 | 654 | 655 | 656 | 657 | 658 | 659 | 660 | 661 | 662 | 663 | 664 | 665 | 666 | 667 | 668 | 669 | 670 | 671 | 672 | 673 | 674 | 675 | 676 | 677 | 678 | 679 | 680 | 681 | 682 | 683 | 684 | 685 | 686 | 687 | 688 | 689 | 690 | 691 | 692 | 693 | 694 | 695 | 696 | 697 | 698 | 699 | 700 | 701 | 702 | 703 | 704 | 705 | 706 | 707 | 708 | 709 | 710 | 711 | 712 | 713 | 714 | 715 | 716 | 717 | 718 | 719 | 720 | 721 | 722 | 723 | 724 | 725 | 726 | 727 | 728 | 729 | 730 | 731 | 732 | 737 | 738 | 739 | 740 | 741 | 742 | 743 | 744 | 745 | 746 | var correctSimpleVar ="bar"; 747 | VAR correctSimpleVar2 = ""; 748 | vAr correctSimpleVar3 ="bar"; 749 | var correctSimpleVar4 = ""; 750 | var correctSimpleVar5 = ""; //comments after var 751 | 752 | 753 | 754 | 755 | 756 | correctSimpleVar ="bar"; 757 | correctSimpleVar2 = ""; 758 | correctSimpleVar3 ="bar"; 759 | correctSimpleVar4 = ''; 760 | correctSimpleVar4 761 | = 762 | "" 763 | ; 764 | correctSimpleVar5 = "b l a" ; //comments 765 | 766 | unscopedSimpleVar ="bar"; 767 | unscopedSimpleVar2 = ""; 768 | unscopedSimpleVar3 ="bar"; 769 | unscopedSimpleVar4 770 | = 771 | "" 772 | ; 773 | 774 | 775 | 776 | 777 | 778 | 779 | 780 | 781 | var correctStruct = structNew(); 782 | var correctLoop = ""; 783 | 784 | var stFile = ""; 785 | var sFileName = ""; 786 | var rowData = ""; 787 | var foo4 = ""; 788 | 789 | 790 | 791 | 792 | 793 | 794 | correctStruct.test = "" 795 | ; 796 | 797 | for(correctLoop=1;correctLoop LTE 10; correctLoop=correctLoop+1) correctSimpleVar = correctLoop; 798 | 799 | for ( correctLoop=1;correctLoop LTE 10; correctLoop=correctLoop+1) correctSimpleVar = correctLoop;for(correctLoop=1;correctLoop LTE 10; correctLoop=correctLoop+1) correctSimpleVar = correctLoop; 800 | 801 | for (unscopedLoop=1;unscopedLoop LTE 10; unscopedLoop=unscopedLoop+1) unscopedSimpleVar = unscopedLoop; 802 | 803 | for (correctLoop = someFunction();correctLoop LTE 10; correctLoop = correctLoop+1) ; 804 | 805 | 806 | unscopedStruct.test = "" 807 | ; 808 | 809 | 810 | 811 | 812 | 813 | 814 | 815 | 816 | var stFile_ok = ''; 817 | var sFileName_ok = ''; 818 | var rowdata2_ok = ''; 819 | 820 | 821 | 822 | 823 | 824 | 825 | stFile = variables.related_ID; 826 | stFile_ok["#variables.sRelatedField#"] = variables.related_ID; 827 | 828 | // replace special characters 829 | sFileName = variables.oFileSystem.checkFileName(stUploadedFile.ClientFile); 830 | sFileName_ok = variables.oFileSystem.checkFileName(stUploadedFile.ClientFile); 831 | 832 | rowdata2[fieldElement.XmlAttributes["name"]] = fieldElement.XmlAttributes["value"]; 833 | rowdata2_ok[fieldElement.XmlAttributes["name"]] = fieldElement.XmlAttributes["value"]; 834 | 835 | "dynamic.st#I18n#" = structNew(); 836 | 837 | variables.logger.writelog('Access Denied for 838 | #sFacade.getUserBean().getEmailAddress()# @ #cgi.remote_addr# to event=#arguments.event.getValue("requestedEvent")#', "ERROR"); 839 | 840 | 841 | 842 | 843 | variables.Logger.logDebug("looking in NDS server #ndsServer# as #ndsUser# for cn=#arguments.username#"); 844 | 845 | 846 | 847 | 848 | 849 | 850 | var arr = ""; 851 | var startRow = ""; 852 | var newStruct = structNew(); 853 | 854 | 855 | 856 | 857 | arr[1] = foo; 858 | 859 | if (1 EQ 1) 860 | startRow = 1; 861 | else 862 | startRow = 2; 863 | 864 | if (len(sFileext)) 865 | sNewFilename = sNewFilename & "." & sFileext; 866 | 867 | if ( Find( '.', prefix ) eq 1 ) 868 | prefix = RemoveChars( prefix, 1, 1 ); 869 | 870 | if (structKeyExists(newStruct, prefix) AND structKeyExists(newStruct, prefix)) 871 | "request.st#listLast(sBundle, "\/")#" = prefix; 872 | else 873 | "request.st#listLast(sBundle, "\/")#" = prefix; 874 | 875 | 876 | CheckMimeType(mimetype_ID=qFile.mimetype_ID); 877 | 878 | unscoped3.unscoped.foo["i"] = ""; 879 | unscoped10.unscoped.foo['i'] = ""; 880 | unscoped4.unscoped.foo["#i#"] = ""; 881 | 882 | 883 | 884 | 885 | 886 | 887 | var currentMode=''; // loop index 888 | var currentKeyword=''; // loop index 889 | var tmpQuery=''; // temp query holder 890 | var ReturnStruct=structnew(); 891 | var stUploadedFile=''; 892 | 893 | return 0; 894 | 895 | ReturnStruct.Query=''; 896 | ReturnStruct.TotRows=''; 897 | currentMode = ''; 898 | stUploadedFile = variables.oFileSystem.uploadFile(arguments.sFormField,variables.sTempPath,"*/* "); 899 | 900 | 901 | 902 | 903 | 904 | 905 | -------------------------------------------------------------------------------- /varScoper.cfc: -------------------------------------------------------------------------------- 1 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 103 | 105 | 107 | 109 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 139 | 140 | 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 157 | 158 | 159 | 160 | 161 | 162 | 163 | ",fileParseText,currentPositionInFile,true)> 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | 172 | 173 | 174 | 175 | 176 | 177 | 178 | 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | 196 | 197 | 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | 213 | 214 | 215 | 216 | 217 | 218 | 219 | 220 | 221 | 222 | 223 | 224 | 225 | 226 | 227 | 228 | 229 | 230 | 231 | 232 | 233 | 234 | 235 | 236 | 237 | 238 | 239 | 240 | 241 | 242 | 243 | 244 | 245 | 246 | 247 | 248 | 250 | 251 | 252 | ' /> 253 | 254 | 255 | 256 | 257 | 258 | 259 | 260 | 261 | 262 | 263 | 264 | 265 | 266 | 267 | 268 | 269 | 270 | 271 | 272 | 273 | 274 | 275 | 276 | 277 | 278 | 279 | 280 | 281 | 282 | 283 | 284 | 285 | 286 | 287 | 288 | 289 | 290 | 291 | 292 | 293 | 294 | 295 | 296 | ",arguments.stringToProcess,currentPositionVariableFind)/> 297 | 298 | 299 | 300 | ",arguments.stringToProcess, variableCFScriptStart+1)/> 301 | 302 | 303 | 304 | 305 | 306 | '), 307 | variableCFScriptEND-variableCFScriptSTART- len('') )/> 308 | 309 | 310 | 311 | 312 | 313 | 314 | 315 | 316 | 319 | 320 | 321 | 322 | 323 | 324 | 325 | 326 | 327 | ",arguments.stringToProcess,currentPositionVariableFind)> 328 | 329 | ")> 330 | 331 | 332 | 333 | 334 | 335 | 336 | 337 | 338 | 339 | 340 | 341 | 342 | 343 | 344 | 349 | 350 | 351 | 352 | 353 | 354 | 355 | 356 | 357 | 358 | 359 | 360 | 361 | 362 | 363 | 365 | 366 | 367 | 368 | 369 | ' /> 370 | 371 | 372 | 373 | 374 | 375 | 376 | 377 | 378 | 379 | 380 | 381 | 382 | 383 | 384 | 385 | 386 | 387 | 388 | 389 | 390 | 391 | 392 | 393 | 394 | 395 | 396 | 397 | 398 | 399 | 400 | 401 | 402 | 403 | 404 | 405 | 406 | 407 | 408 | 409 | 410 | 411 | 412 | 413 | 414 | 415 | 416 | 417 | 418 | 419 | 420 | 422 | 423 | 424 | 425 | 426 | 427 | 428 | 429 | 430 | 431 | 432 | 433 | 434 | 435 | 436 | 437 | 438 | 439 | 440 | 441 | 442 | 443 | 444 | 445 | 446 | 447 | 448 | 449 | 450 | 451 | 452 | 453 | 454 | 455 | 456 | 457 | 461 | 462 | 463 | 464 | 465 | 466 | 467 | 468 | 469 | 470 | 471 | 472 | 473 | 474 | 475 | 476 | 477 | 478 | 479 | 480 | 481 | 482 | 483 | 484 | 485 | 486 | 487 | 489 | 490 | 491 | 492 | 493 | 494 | 495 | 496 | 497 | 498 | 499 | 500 | 501 | 502 | 503 | 504 | 505 | 506 | 507 | 508 | 509 | 510 | 511 | 512 | 513 | 514 | 515 | 516 | 517 | 518 | 519 | 520 | 521 | 522 | 523 | 530 | 531 | 532 | 533 | 543 | 544 | 545 | 546 | 547 | 548 | 549 | 550 | 551 | 552 | 553 | 554 | 555 | 556 | 557 | 558 | 559 | 560 | 561 | 562 | 563 | 564 | 565 | 566 | 567 | 569 | 570 | 571 | 572 | 573 | ---> 574 | 575 | 576 | 577 | 578 | 579 | 580 | 581 | 582 | 583 | 584 | 585 | 586 | 587 | 588 | 589 | 590 | 591 | 592 | 593 | 594 | 595 | 596 | 597 | 599 | 600 | 601 | 602 | 603 | 604 | 605 | 606 | 607 | 608 | 609 | 610 | 611 | 612 | 613 | 614 | 615 | 616 | 617 | 618 | 619 | 620 | 621 | 623 | 624 | 625 | 626 | 627 | 628 | 629 | 630 | 631 | 632 | 633 | 634 | 635 | 636 | 637 | 638 | 639 | 640 | 641 | 642 | 643 | 644 | 645 | 646 | 647 | 648 | 649 | 650 | 652 | 653 | 654 | 655 | 656 | 657 | 658 | 659 | 660 | 661 | 662 | 663 | 664 | 665 | 666 | 667 | 668 | 669 | 670 | 671 | 672 | 673 | 674 | 675 | 676 | 677 | 678 | 679 | 680 | 681 | 682 | 683 | 684 | 685 | 687 | 688 | 689 | 690 | 691 | 692 | 693 | 694 | 695 | 696 | 697 | 698 | 699 | 700 | 701 | 702 | 703 | 704 | 705 | 706 | 707 | 708 | 709 | 710 | 711 | 712 | 713 | 714 | 715 | 716 | 717 | 718 | 719 | 720 | 721 | 722 | 723 | 724 | 725 | 726 | 727 | 728 | 729 | 730 | 731 | 732 | 733 | 734 | 735 | 736 | 737 | 738 | 740 | 741 | 742 | 743 | 744 | 745 | 746 | 747 | 748 | 749 | 750 | 751 | 752 | 754 | 755 | ---> 756 | 757 | 761 | 762 | 763 | 764 | 765 | 766 | 770 | 771 | 772 | 776 | 777 | ]+\s*return\s(.*?)+;","","all")> 778 | 779 | 780 | 781 | 782 | 784 | 785 | 786 | 787 | 788 | 790 | 791 | 792 | 793 | 795 | 796 | 797 | 798 | --------------------------------------------------------------------------------