> fool-proof check for numeric values, like using the IsNumeric(...) function
.. To clarify, IsNumeric() is NOT fool-proof. But it is better than using an <cfif variable EQ ""> check alone.
Main Topics
Browse All TopicsHi I have a strange error occurring regularly in my logs.
Here is a copy of the error
"Error","jrpp-130","09/11/
I have a page that requires a parameter such as
select record
from table
where id=1
I have set the code up so that there is always a default value, and it should never be blank, and then I further protected the page by adding...
<cfparam name = id default = "">
<cfif id eq "">
<cfabort>
</cfif>
That code is placed before the query so that it wont run the query if there is no value, however I still get the error persistently showing up in the logs. I'm guessing its some kind of spider or something. Is there anything I can do so it will abort the page processing so it wont keep adding this error in my logs?
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
I'll give that a try and hopefully it deters whatever machine keeps pinging me.
I had tried using the <cfqueryparam value="#val(id)#" cfsqltype="cf_sql_integer"
Do you know why this would happen?
One of the fields in the data table was a numeric field it was 139,000 and when all the records are pulled for display they all displayed fine except the numeric value of 139,000 was being displayed as some crazy number like 4,432,343,145
All the other fields were coming out fine on the page but that numeric field was messed up by using that <cfqueryparam value="#val(id)#" cfsqltype="cf_sql_integer"
That is very odd. I have never heard of using cfqueryparam in the WHERE effecting the display of the values in the SELECT list. It sounds like some weird conversion is happening somewhere. Like the integer MAX or something.
If you can post the db type, table schema (with exact data type) and the exact code used (both query and output), I can try reproduce it.
Ok well I am not sure if that will work yet, but I havent had any pings since using the isNumeric function... We shall see, the other issue I brought up at the end is an entirely different issue. I should ask it in another question, but I will consider the original question solved for now... Thanks!
> I'm not real familiar with what the diff is between say int(10) or int(11) or what purpose autosign has?
I do not use it much, but supposedly the (10) and (11) are used to indicate a display width, which is described as:
"... display width may be used by applications to display integer values having a width less than the
width specified for the column by left-padding them with spaces. ... Whether it is used or not is up
to the application.) "
What is more important is the signed/unsigned part. "Signed" means the values have a positive + or - negative sign, like +250 or -55. Signed/unsigned determines the range of numbers a column can contain.
http://dev.mysql.com/doc/r
- Signed integer columns only allow values between the range: -2147483648 (min) to 2147483647 (max).
- Unsigned integer columns only accept only values between the range: 0 (min) to 4294967295 (max)
Hm... I may have been right about hitting some sort of conversion error. If your column is "unsigned", and the value is too big, perhaps CF and/or the db driver is choking on the conversion ... I am not sure why "139,000" would cause that error, but it is possible a larger value might ...
A tangential reference...
http://www.talendforge.org
Weird.
1) Are you sure it is the number "139,000" (ie one hundred thirty nine thousand)?
2) Also, that value is contained in a different column than the one you're querying in the WHERE clause right? Because I tried it with MySQL 5.0.67 and had no problems.
3) It is not a cached query is it?
4) What driver are you using in your CF8 DSN?
Using cfmx 7 and had to use a funky driver cause of a bug it has with mysql 5.0
The number is 139,000 for sure and that value it shows is not anywhere else in the table, let alone the record itself. I'm not gonna beat myself up over this issue right now though... I do appreciate the extra help on it though and I'll return to it when I can, but for now I got bigger fish to fry. I have to ask another question relating to mysql - coldfusion... Going to open a new issue. Thanks!!
Business Accounts
Answer for Membership
by: _agx_Posted on 2009-09-11 at 17:04:03ID: 25314431
> <cfif id eq "">
>
That only checks if the id is equal to an empty string. It still allows other non-numeric values like a space character, letters, etc.. You need a more fool-proof check for numeric values, like using the IsNumeric(...) function.
<cfif NOT IsNumeric(id)>
<cfabort>
</cfif>
You could also back that up with with the VAL(...) function. That would convert any non-numeric values to 0 (which is typically not a valid "ID" in most systems).
<!--- variable scope: url, form, ... ? ---->
select record
from table
where id= <cfqueryparam value="#val(id)#" cfsqltype="cf_sql_integer"