Welcome, Ernie — WebCoPilot 2.0 Onboarding Guide

What Is This Project?

WebCoPilot 2.0 is a ColdFusion-based CMS/marketplace platform originally built circa 2000. It powers a network of community shopping websites (think early Amazon marketplace meets local community directories). Each site has a storefront, event calendar, ad marketplace, and member portal. This specific installation runs mensprayerbreakfast.com — a men's prayer breakfast community site.

The system has been under active modernization since mid-2025, focusing on:

1. Security — SQL injection hardening (~1,100 injection points across ~425 files)
2. ColdFusion 2023 compatibility — removing deprecated tags (cflayout, cftooltip, cfdiv, cfajaximport)
3. Bootstrap 5 UI modernization — replacing legacy tables/framesets/ActiveX with BS5 cards, DataTables, responsive layouts
4. Delete infrastructure — converting hard DELETEs to soft-delete with UnDelete/HardDelete workflow
5. Email masking — Alias system to hide email addresses from URLs and admin displays
6. Local cart — replacing dead external checkout (secure.ntwrk.net) with local AJAX cart module
7. Chapter network — multi-tenant provisioning for church chapters across cities

Your Key Reference Files

Read copilot-instructions.md first. Everything else is supplementary.

Tech Stack At a Glance

Git Repos

SQL Server Access (PowerShell)

Import-Module SqlServer
Invoke-Sqlcmd -ServerInstance "sql-2016" -Username "sa" -Password "Gfyse2013" `
  -Database "Mensprayerbreakfast_com" -TrustServerCertificate -Query "SELECT ..."

Architecture: How Pages Work

The Widget System

Pages aren't flat HTML files — they're assembled from Layout Pages containing Widgets arranged in Columns.

Request → bsPage.cfm → queries Layout_Pages → calls <cf_Widget_Handler> per column
                              ↓
                     queries Widgets table → loops each widget
                              ↓
                     <cfswitch> on Widget_Name → renders "HTML", "Page", "DynamicInclude",
                                                 "Gallery", "Calendar", "AdSpace", etc. (100+ types)

• Layout_Pages table — defines columns (1-3), widths, color scheme, page name, owner
• Widgets table — each widget instance: which page, column, sort order, content
• Colors table — color themes referenced by layout pages
• Widget_Handler.cfm (8,400+ lines) — the rendering engine, largest file in the system

The Custom Tags

Called as <cf_tagname> → maps to tagname.cfm in CustomTags\NewTags\. Key ones:

• <cf_Widget_Handler> — renders all widgets
• <cf_Widget_Header> / <cf_Widget_Header2> — edit toolbar per widget
• <cf_status> — 4-letter PLHA status indicator (Private/Locked/Hidden/Active)
• <cf_ChangeLog> — audit trail for content edits
• <cf_CopyTheme> — clones color themes for new users
• <cf_mergeVars> — merge field variable replacement

The Five Patterns You Must Know

1. Soft-Delete Convention (NEVER hard delete)

Every table has its own "deleted" value:

Normal delete → UPDATE SET active_col = deleted_value  (soft-delete)
Un-delete    → UPDATE SET active_col = 1               (restore)
Hard delete  → DELETE WHERE active_col = deleted_value  (only removes soft-deleted records)

NEVER use BIT columns for active/status. Always TINYINT. BIT breaks soft-delete values >1 and Query-of-Query filtering.

2. The Gold Standard Admin Page

Every admin search page follows this template:

Dark header bar (#1a1a2e) → Toolbar card → Results card with DataTable

DataTable column order (MANDATORY):

Checkbox | ...data columns... | Actions | Status/✓ | ID

Action buttons use .act pill classes (7 colors, text-only, 7pt font):

• .act-edit (grey) — Edit, Crop
• .act-del (red) — Delete, Remove
• .act-view (blue) — View, Preview, Gallery
• .act-link (teal) — Links, Events, LoginAs
• .act-add (green) — Activate, Front
• .act-copy (amber) — Copy, Linkset
• .act-wgt (purple) — Widget

3. Security: cfqueryparam Everywhere

Every SQL parameter MUST use cfqueryparam. No raw variable interpolation in queries.

<!--- WRONG --->
WHERE ID = #url.ID#

<!--- RIGHT --->
WHERE ID = <cfqueryparam value="#url.ID#" cfsqltype="cf_sql_integer">

For ORDER BY direction, use whitelist validation (can't parameterize):

<cfset _dir = ListFindNoCase("ASC,DESC", url.dir) ? url.dir : "ASC">

4. Ownership Model (Two FK Patterns)

Most ownership uses Email_Username (string FK): Layout_Pages.Owner, Pages.Owner, Links.Owner, Colors.Owner, Calendar.Username, Widgets.Username

Products and Orders use Sponsor.ID (integer FK): Products.Owner, Orders.Owner

Workgroup = comma-delimited list of usernames a user can see/manage. Admin1 workgroup contains ALLBOX (sees everyone).

5. Alias System (Email Masking)

Email_Username is the internal FK (NOT changed). Alias is a display-friendly identifier shown in URLs and admin columns instead of the raw email.

URL resolution: if url.owner matches an Alias, it's translated to Email_Username before any query runs.

What's Been Done (Summary of ~20 Sessions)

Security (completed)

• SQL injection hardening: ~1,100 injection points fixed across ~425 files
• All Admin/*.cfm files fully parameterized
• All Members/*.cfm files fully parameterized
• All Modules/ directories (72+ findings) parameterized
• Core customer-facing pages (Product_Details, CatTemp*, bsPage, CPage) parameterized
• Dynamic table names: whitelisted where possible, documented where not

CF2023 Compatibility (completed)

• All <cflayout> / <cflayoutarea> → BS5 nav-pills + tab-pane
• All <cftooltip> → title attribute (~20 files)
• All <cfajaximport> removed (~8 files)
• <cfdiv> → <div>
• ColdFusion.Window.create → BS5 modal
• ColdFusion.Layout.selectTab → removed (BS5 handles tabs natively)

Admin Pages Modernized to Gold Standard (~40 pages)

• Events, ProductEvents, Sponsors, Filters, LayoutPages (template-quality reference pages)
• All WebStore pages (Products, Orders, Categories, AdSpace)
• All member management (Members search, Customers, Headings, Colors, Classifieds)
• ServiceCenter, Galleries, TroubleTickets, Configuration modules
• Login page (BS5 centered card with dark gradient)
• Admin frame (BS5 sidebar + iframe replacing legacy frameset)

E-Commerce (completed)

• Local checkout module (AjaxCart) replacing dead secure.ntwrk.net
• All secure.ntwrk.net references → #cartpath# (~20 files)
• Orders management with soft-delete, cascading to Orders_Products + OrdersHistory
• Invoice rendering with multi-seller support

Members Portal (completed)

• BS5 shell rewrite (navbar, login, stylesheet, footer)
• Member dashboard (dsp_home.cfm) with gallery cards, social stats
• Social profile (dsp_profile.cfm) with follow/unfollow
• File Manager (dirlist.cfm) with HTML5 drag-drop upload, DataTables, trash system
• Deferred gallery commit — upload → rename → Save to Gallery (just implemented)

Chapter Network (completed)

• Chapter provisioning flow (8 entities from template)
• Public chapter directory with Google Maps pins
• ChapterDirectory widget type

Active/Recent Work

File Manager (Members/dirlist.cfm) — Just Finished

The file manager now uses a deferred commit workflow:

1. Upload → files on disk + tn200/tn1280 thumbnails. NO database write.
2. Rename / Bulk Rename → works on disk only. Uncommitted files shown with amber NEW badge.
3. Save to Gallery → green button scans directory, INSERTs new files to global_Images, soft-deletes orphaned records, rebuilds Gallery_ImageList.

Files Still Pending Modernization

• Global_Subscribers_search.cfm — DELETE targets wrong table
• Image.cfc end-to-end verification — 5 CF2023 fixes applied but not browser-tested

How to Navigate

Coding Conventions Checklist

Before writing any code, verify:

• Using cfqueryparam on every SQL parameter
• Using TINYINT (not BIT) for active/status columns
• Soft-delete, never hard DELETE for primary delete action
• ## for literal # inside <cfoutput> (hex colors, etc.)
• Explicit variable scoping: url.ID, form.Name, Client.Email_Username
• .act pill buttons for table row actions (7 classes by task type, not label)
• Column order: Checkbox | Data | Actions | Status | ID
• server="ntwrk.sendio.com" on every <cfmail> tag
• No Email column — it's Email_Username (login AND email)
• Alias for display/URLs, Email_Username for internal FK
• Create backup (_OLD.cfm) before rewriting any file
• Commit + push both repos after changes

The copilot-instructions.md file is the single source of truth. Updated every session.
Check _session_changelog.txt for decision history.

Welcome aboard, Ernie. 🛠️