Central Alabama ColdFusion User Group - 2010
Employment
- Browse "Local Sites" and ask individuals at a site near you how they found their job. Help us keep this list current.
- Look for the word "employment" below and in other archives. Let us know when you learn of opportunities you don't need.
- Or, simply contact the group managers.
3 June 2010 Meeting
CALL FOR TOPICS!!! E-mail Marty or Don - see the end of the home page.
6 May 2010 Meeting
Has ColdFusion Gotten Too Big?
Yes
One of the virtues of ColdFusion was that it hid details that could otherwise be misused and would have to be debugged. As ColdFusion has gotten larger and larger, the bulk of it has shifted from a declarative language to an object-oriented language, and much of the simplicity has been lost. It used to be that it almost served as its own pseudocode. You could show a functional the raw code, and the commands would be quickly understandable; only the functions would require explanation. Now, the trend is to write code that isn't self-documenting (to put it mildly). Since most of the cost of programming is in maintenance, not initial production, this is a sad trend.
No
As users demand more features, the language has grown to accommodate them. For example, many cross-site scripting attacks use scripts to send users's currently active cookies to a different site. A cookie's HTTPOnly attribute could stop this, but this attribute could not be set in older versions of ColdFusion except by using a custom header to create the cookie: not a simple process. CF9 permits it to be set through the CFCOOKIE tag just as for other attributes. Newer versions of ColdFusion support image manipulation directly instead of forcing programmers to switch languages to do this. The language has grown, but programmers can use (or misuse) its features as they wish. Complaining about language growth is rather like complaining like receiving an extra tool set for Christmas. Sure, you can get most jobs done with the tools on hand, but the new tools won't make it harder and may make the job easier as you get used to them.
8 April 2010 Meeting
Life Balance
Programming is fun, and you often get paid you it. However, it shouldn't be all you do. Remember the song in which the person telling the story speaks of getting up at night to work on a song while his love wishes he'd come back to bed. He says he'll be right back, but he keeps on working. Programming can be that seductive and just as destructive to relationships if we let it go that far.
Just as some forums have a separate section for all the off-topic stuff, we wrestled with life. One of us is dating again after the death of his wife. Another is preparing with his wife to welcome a new baby.
A couple of quotes (researched later) reflected our mood. Carl Sandburg reminds us: "Time is the coin of your life. It is the only coin you have, and only you can determine how it will be spent. Be careful lest you let other people spend it for you." [multiple sources] When we work to prioritize our lives, we have to consciously set aside time for those we love and refuse to say "yes" to every opportunity that comes our way. We can't help everyone, and we can't do everything, but we can build up treasure that moths and rust won't corrupt and no one can take from us. [Matthew 6:19-20] Programming is a great thing, but it isn't everything and isn't even the main thing.
4 March 2010 Meeting
Employment
Whether starting a new job or grateful to have a job, this dominated our thoughts. Especially in this area, ColdFusion work that pays well can be tough to come by. Most of the work in Central Alabama centers around government employment (car companies excluded) that favors anything Microsoft wants to sell. Moonlighting runs the risk of endless requirement changes disguised as bug fixes. You have to have a certain level of formality to protect both parties. "Lord, give me a job of work to do.... That's all I want, that's all I ask of you." -- Tom Paxton.
4 February 2010 Meeting
Risk!
Just because you can imagine it doesn't mean you should do it. We explored business forms, the Payment Card Industry (PCI) Data Security Standard (DSS), and some Open Web Application Security Project (OWASP) cautions.
Business Forms
How do you know that an individual who comes to your site is authorized to represent a business? How do you know that the business exists? How do you gain a sense of how reliable the business is? How do you satisfy a purchase order? We reviewed Internet-capable versions of answers to these questions normally handled through paper forms or personal interaction.
PCI DSS
Cheap, shared hosts are fine for some purposes, but when you start accepting credit cards, support requirements increase dramatically. You can dodge some of this by having the payment gateway accept the card information directly from the customer, but whatever path you take has an impact on the user experience.
OWASP
The OWASP top 10 critical risks should be required reading for every developer. They change periodically based on impact and on real-world exploitation. A real eye-opener since 2007 is cross-site request forgery (CSRF). Any site your customer browses while his session at your site is still active can pretend to be your customer and will be able to use your customer's credentials (cookies, etc) to do it.
7 January 2010 Meeting
IDEs
It's time to stop relying on Wordpad and nimble fingers. We reviewed several IDEs but settled on Eclipse.
Disk Space
For Marty, the toughest part was moving 45 Gigabytes of family photos to external storage to make room for an IDE.