How many people can say they broke a bone while at a seemingly harmless intellectual conference of web developers?

Anyone?

Well I can! The goofballs at Webapper got a pallet of styrofoam plates and bought out the city's supply of whip cream.

<cfimpersonation celeb="Willem Dafoe">
THERE WAS A FIRE FIGHT!!
</cfimpersonation>

It was chaos in the parking lot. A few pies in, I realized my ring was gone and stopped the action to search. I can barely get the ring off with soap and water, yet it was off in a flash with whip cream. Praise Jesus, a gentleman in an XKCD shirt found it. Then while running around in slippery flip flops, I rebroke my toe, at least it feels that way. I guess technically I didn't BREAK a bone at CFUnited, but I'm sure, the way it hurts now, I "rebroke" it at the same spot it broke seven weeks ago.

A dozen guys and one girl, smashing pies into each others' faces, shirts, hair, ears... oh the humanity! Then when supplies were dwindling, we kamikazed the onlookers, using the whip cream on our bodies to attack them. I must say I love whip cream when applied to ice cream or a strawberries and cream frapaccino from Starbucks. But when there are 8 or 10 whip cream covered people in an elevator, the smell is less than awesome.

Day 3! I changed my schedule a few times, what a rebel. And I left my wallet (with room key) in my room. Luckily the hotel security wasn't very good and I just had to say I left my key in my room and they gave me another. Sadly I wasn't too impressed with the sessions I attended today. I didn't attend the "Flex 3 for CF Developers" session (the Flex 2 incarnation was by far my favorite from last year).

[More]

Messy sandwiches for lunch.

[More]

I have three pages of notes, I'm so proud of myself! Granted, the notes are in 4x6 notepad, but still, go me.

From Ben Forta and Adam Lehman's opening Adobe keynote, the most exciting bit of news is that Hibernate will be built into ColdFusion 9.

[More]

No free interweb in the hotel, for the lose! I'm amazed by the people here at CFUnited. There are so many familiar faces and far fewer familiar names, heh. I suppose all the user groups and Adobe events I've gone to, a fair number of faces stuck in my brain. Luckily everyone has name badges on. Last night, Ray Camden hosted a discussion on Sci Fi at the hotel. It was a lot of talk about Battlestar Galatica and Lost and other shows I don't watch. But a bit before I left, we went around the room and everyone said what book they're currently reading and what they'd recommend. I suppose it was natural, based on the topic and the sort of people it would attract, but everyone in the room was in the middle of some sci fi, fantasy, or mystery book. Or they had the lame "I have kids" excuse. Kids, for the lose! I said I'm reading the Indiana Jones book, hoping it'll be better than the bad movie. Me saying the IJ movie was bad was very much ignored, heh. Michael Dinowitz (of House of Fusion) reads comic books for a living! What a job! But the people here are all lots of fun. The lunch line is brutal and the cans of regular Coke disappear faster than [insert appropriate analogy for "super fast"]. But wish they had Pepsi products. Mountain Deeeeeeew!

This time next week, I'll be sitting in the Adobe opening keynote at CFUnited. When my manager told me he was sending me again this year, I was excited and looking forward to it. Then my WoW guild announced plans for a BBQ in Toronto next weekend. That would have been even more fun, to meet the people I've been "hanging out with" for a year. But oh well! I've signed up for some great sessions at CFUnited. Lots of OO, ColdSpring and frameworks, unit testing, automation, and data security.

[More]

As promised, here are my pictures from CFUnited. I found the large concentration of Chevy Chase Banks funny. If I'm the only one that got a chuckle out of that, oh well. It's a shame that my few hours of sightseeing happened while it was gloomy and close to dark.

CFUnited Gallery

Getting so very tired. My flight's in another 7 hours, can't wait to get home and crash. While packing up my stuff this morning, I really wish I brought a large suitcase. I acquired so much swag, I now will have to check another backpack.

Flex 2 for ColdFusion Developers (Jeff Tapper)

This session was good enough the first time that I decided to repeat it. RemoteClass in Flex must match the cfcomponent's alias attribute

Integrating ColdFusion and Spry (Andrew Powell)

Spry = AJAX framework
ServiceCapture "the single best tool for developing web applications"
can filter non/destructively, sort
Spry has state awareness (loading/error/ready)
Can use a regular expression and conditionally display different content
CF can... Generate XML and JSON content, be an application proxy, create and populate widgets.
SQL Server can generate queries in XML (add "FOR XML AUTO" to the end of the SQL query), but there is not root tag, use sqlXMLToCFXML() (on cflib) to convert it
Can auto reload data on an interval (dashboards, stock ticker)
Do not use Spry if
-you need the back button, it breaks it
-need to bookmark specific points or deep linking
-server can't handle the extra load
New in CF8
-CF8 has strong focus on AJAX
-De/serialize JSON
-cfsprydataset, create a Spry-enabled page without writing a line of JS

ColdFusion and LiveCycle Integration (Tom Jordahl)

I've been bamboozled! This was supposed to be Flex Data Services, not LiveCycle. Tom was wired, he drank a 16oz can of Monster energy drink before speaking, so he was all over the place. I had no clue what LiveCycle is in advanced and the session was geared for people that do. Well a while into the session, I realized that apparently Flex Data Services IS LiveCycle Data Services, I didn't catch when the name was changed. The examples shown were neat, like a chat-esque application that can take in messages from the Flex app or a ColdFusion page, neat. It requires access to the CF administrator to set up the event gateways needed for the CF side. But with CF8 having the whole admin available through an API, and being able to make multiple admin accounts, this shouldn't be a problem. I certainly hope Crystal Tech upgrades to CF8 soon after it's released.

Advanced CFEclipse (Mark Drew)

Dreamweaver for noobs to heroes
HomeSite for heroes
CFEclipse for heroes to gurus
Snippet trigger text, type the text and hit apple+j

I couldn't come all the way to our great country's capital without doing some sightseeing. Sessions were out at 5:30 yesterda, I got back to my hotel at 6 and took a shuttle to the metro station at 7. Map in hand, I found the White House (it's big, hard to miss) and the Washington Monument (also big). From the Washington Monument, I glanced west and saw the Lincoln Memorial "right over there", so I started walking. It might be the heat or humidity, but I've had a hard time breathing outside here. I can believe that DC has a lot more pollution than I'm used to in Detroit, could be that too. I walked and walked and got to the WWII Memorial. That was amazing. It seems that everything in DC is very large and impressive. After exploring the WWII Memorial, I started back on my trek to Lincoln, who didn't look that far away. The direct walkway down the reflecting pool is currently closed for maintenance, so I took a winding, scenic path through the woods. A long time later, I finally got to Lincoln, sweating and dehydrated. I paid my respects and read the Gettysburg address. There are vendors all around and almost ran to refreshments building. I got the most ridiculous hot dog ever. Hot dog on a toasted bun... with cheddar cheese, chili, relish, and coleslaw. Half of it fell out while I was eating it. With the daylight fading, I had to hurry up my sightseeing. I walked through the Vietnam Memorial. That's overwhelming, so many names. Finally, I visited the Military Nurses Memorial and rushed back to the Metro. I snapped a lot more pictures on the way back, but honestly, don't know what a lot of the buildings were.

Next time in the area, I have to see the Changing of the Guard, Korean and WWI Memorial, the National Archives... Ideally I'd be through during the day time so I could actually see the stuff.

Managing CF projects start to finish (Shlomy Gantz)

Get all resources set up in advance (bug tracker, SVC)
Storyboarding, wireframes, and prototypes
Personas and scenarios
Simplied documentation, like a wiki
What does "success" mean to the finished product
-Common mistakes
Assuming you understand the client, they understand you, or that they won't change their mind
-Plan
Write down everything, communication protocols, risks, test plans, backup and recovery plan
-Iron triangle, fast, cheap, or everything you want, pick two
-Common mistakes in planning
Too much detail
Not enough detail
Project and product summaries need to be written plainly
Clients don't read/react to: UML, diagrams, specs
Clients DO read/react to: screenshots, prototypes
Project plans in constant flux
Record ANTI-requirements, things you don't want people to do
-Waterfall, suited for massive projects because there is so much design time in the beginning, but smaller projects are more fluid and specs will change more often
-Rapid Application Design (RAD), iterative development, cutting the project into mini projects, but reduces some features
-Rational Unified Process (RUP), very well organized, but meant for larger development teams
-Extreme Programming, pair programming, continuous process, test driven development, values communication, simplicity, feedback, courage, and respect, efficiency
-Agile, continuous conversation between developer and client, providing software rather than documentation
-FLiP, Fusebox Lifecycle Process
Project site to manage documents, issues
Put in comments before writing any CF code -Meetings, must have agenda sent in advanced, enforced start and end time, one person to write and communicate notes
-Buy vs build
-Automate build and deployment, with ant

ColdFusion Application Security (Adam Wayne Lehman)

OWASP - monitors security holes in the web and publishes the top 10

10 - failure to restrict URL access,create an access control, matrix, mapping to every url and function, don't secure only the presentation layer
9 - insecure communications, use ssl after the user is logged in
8 - insecure storage, protect sensitive information, encrypt data, hash() (password), encrypt() (credit card)
7 - broken authentication and session management getting around authentication or hijacking someone's session enforce complexity in passwords, limit login attempts when changing password, always be sure to require the old password, never send the password in clear text through email
6 - information leakage and improper error handling error messages must include a meaningful information for users, can have diagnostic info to the site admin, but NEVER have it show code or tables to the user
5 - cross site request forgery, using your session on the next site you use, only use POST method
4 - insecure direct object reference, URL and form parameters, verify authorizations, like be sure that editUser.cfm can only edit yourself
3 - malicious file execution running files uploaded by the user
2 - injection flaws, SQL injection is a big one, use cfqueryparam, validate data types, attack on the app backend, user CF sandboxes to lock down any functionality that you're not using
1 - cross site scripting, attack on other users, two types of it, stored and reflective, this.scriptProtect = [none | all | comma-delimited list of scope] HTMLTrans() on cflib

Older hacks:
Denial of services, make smaller sessions, minimize database calls, cfc creation, error handlers (like if it sends an email)

Flex Charting Explained (Rob Rusher)

Two types of charts, polar and cartesian
4 layers of a chart, axes, annotations, data, and background
SeriesInterpolate, SeriesSlide, SeriesZoom
best practice: use mx:CaresianChart, rather than specifying BarChart, etc
http://demo.quietlyscheming.com/ChartSampler/app.html
dataTipFunction, HitData type, can use a string (rendered into HTML) to be displayed.

The Fundamentals of Good Usability (Doug Ward)

Looking at bad websites is always fun

Real life objects have a known effect when they're not done properly, like you know when a door didn't close all the way. Computers, not so much.
Cognitive friction is "the resistance encountered by a human intellect when it engages with a complex system or rules that change as the problem changes". Maybe a button moves on the page, or the admin screen is totally different than the rest of the app.
Implementation model, product is designed based on the underlying technology.
Solutions is to make things user-centric
Using conventions (keyboard, hyperlink styling)
No one reads happy text
Good page structure, like how a newspaper is laid out, it's what people are used to
Visited websites with obvious problems