Solved

How do i integrate server side validation for this one

Posted on 2004-08-04
9
167 Views
Last Modified: 2013-12-24
Hi  I moved this post from another area to this.  I'll have the other one deleted

Please help me perform a server side validation for this INSERT to my db

<cfquery datasource="mydatasource">
     INSERT INTO tCommPeople(CommTitle,
               CommLast,
               CommFirst,
               CommMI,
               Gender,
               Ethnicity,
                                                TelNo,
                                                DateJoin,
                                                RegionNo)

     VALUES('#Trim(Form.CommTitle)#',         <!---Text box--->
        '#Trim(Form.CommLast)#',            
        '#Trim(Form.CommFirst)#',
        '#Trim(Form.CommMI)#',        
        '#Trim(Form.Gender)#',                 <!---select box--->
        '#Trim(Form.Ethnicity)#',               <!---select box--->
                   '#Trim(Form.TelNo)#,    <!---text box for telephone (123) 456-7899 --->
                   '#Trim(Form.DateJoin)#,    <!---text box for mm/dd/yyyy --->
        '#Trim(Form.RegionNo)#')      <!---select box--->
     </cfquery>

I don't know how to integrate a server side validation here.  Please Help.


Thank you.
0
Comment
Question by:mdbbound
  • 4
  • 3
  • 2
9 Comments
 
LVL 17

Accepted Solution

by:
anandkp earned 250 total points
ID: 11718951
u cld use a similar logic for ur remaining values in the query

<cfquery datasource="mydatasource">
     INSERT INTO tCommPeople(CommTitle,
               CommLast,
               CommFirst,
               CommMI,
               Gender,
               Ethnicity,
               TelNo,
               DateJoin,
               RegionNo)

     VALUES(<CFQUERYPARAM CFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE="#Trim(Form.CommTitle)#">,         <!---Text box--->
        '#Trim(Form.CommLast)#',            
        '#Trim(Form.CommFirst)#',
        '#Trim(Form.CommMI)#',        
        '#Trim(Form.Gender)#',                 <!---select box--->
        '#Trim(Form.Ethnicity)#',               <!---select box--->
                   '#Trim(Form.TelNo)#,    <!---text box for telephone (123) 456-7899 --->
                   '#Trim(Form.DateJoin)#,    <!---text box for mm/dd/yyyy --->
        '#Trim(Form.RegionNo)#')      <!---select box--->
     </cfquery>

the QueryParam shld take care of it ... if ur looking for something else - let us know
PS : the datatypes to be used wld be CF_SQL_NUMERIC / CF_SQL_DATE / CF_SQL_VARCHAR & u shld be thru
thou not so sure abt teh Tel No
0
 
LVL 15

Assisted Solution

by:danrosenthal
danrosenthal earned 250 total points
ID: 11719097
I would do the validation like this (I don't know your exact requirements, but for example say that CommTitle cannot be blank and Gender must be either 'M' or 'F')...

<CFSET error_msg = "">

<!--- BEGIN VALIDATION --->
<CFIF NOT LEN(Form.CommTitle)>
  <CFSET error_msg = error_msg & "Title is required<BR>">
</CFIF>
<CFIF NOT LISTFIND("M,F",Form.Gender)>
  <CFSET error_msg = error_msg & "Gender must be either 'M' or 'F'<BR>">
</CFIF>

<CFIF LEN(error_msg)>
<!--- VALIDATION FAILED, SHOW ERROR MESSAGE --->
Please fix the following errors:<BR>
<CFOUTPUT>#error_msg#</CFOUTPUT>
<CFELSE>
<!--- VALIDATION PASSED, INSERT DATA --->
(Do insert here)
</CFIF>
0
 

Author Comment

by:mdbbound
ID: 11719916
Anandkp


VALUES(<CFQUERYPARAM CFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE="#Trim(Form.CommTitle)#">,        

Can you please explain this part:

="#YesNoFormat(Not Trim(Form.CommTitle))#"

And also, is this how i should do it:

VALUES(<CFQUERYPARAM CFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE="#Trim(Form.CommTitle)#">,<!---Text box--->

(<CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommLast))#" VALUE='#Trim(Form.CommLast)#'>,          
(<CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommFirst))#" VALUE='#Trim(Form.CommFirst)#'>,
(<CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommMI))#" VALUE='#Trim(Form.CommMI)#'>,        
(<CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommGender))#" VALUE='#Trim(Form.Gender)#'>,  <!---select box--->
(<CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE= '#Trim(Form.Ethnicity)#'>,    <!---select box--->
(<CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE='#Trim(Form.TelNo)#>,    <!---text box for telephone (123) 456-7899 --->
(<CFQUERYPARAMCFSQLTYPE="CF_SQL_DATE" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE= #Trim(Form.DateJoin)#>,    <!---text box for mm/dd/yyyy --->
(< CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE='#Trim(Form.RegionNo)#'>)      <!---select box--->
</cfquery>

Please, I just want to make sure i understand it right.

Thank you

0
 

Author Comment

by:mdbbound
ID: 11719983
Hello dan

if for example in the select box, if it is not selected or null, will it go back to the FORM page?

And also, sorry i don't get this part:

<CFSET error_msg = "">

<CFIF LEN(error_msg)>
<!--- VALIDATION FAILED, SHOW ERROR MESSAGE --->
Please fix the following errors:<BR>
<CFOUTPUT>#error_msg#</CFOUTPUT

Please explain when and what happens.

Thanks
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 15

Assisted Solution

by:danrosenthal
danrosenthal earned 250 total points
ID: 11721649
if for example in the select box, if it is not selected or null, will it go back to the FORM page?
-- This is up to you, I would recommend that.

And also, sorry i don't get this part:
<CFSET error_msg = "">
etc...
--- You are setting a variable which you are writing error information to, if at the end of your validation IF statements you have not written to that variable at all, then there were 0 validation errors, otherwise you will display the validation errors to the user and NOT process the form.



0
 
LVL 17

Assisted Solution

by:anandkp
anandkp earned 250 total points
ID: 11723264
Hi mdbbound,

when u use CFQueryParam - u can specify if u wanna updte with the VALUE or NULL. i'll explain ... when u write this
(<CFQUERYPARAM CFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE="#Trim(Form.CommTitle)#">
it says the datatype is varchar & the value = #Trim(Form.CommTitle)#
now abt NULL="#YesNoFormat(Not Trim(Form.CommTitle))#"  - this wld decide if the value submitted is null or not - if its null ... then it wld update with NULL & not that value.
this way ur insert statement wld never fail ...

YesNoFormat() wld retrun either Yes/No ... & if u specify NULL=Yes - then the value never gets inserted ... its only when NULL=No - thats when the value gets inserted in the query.

hope that didnt confuse u :)

ur code looks ok - just that teh selectbox values [if are numeric - u'll need to change the cfsqltype]

this wld work for all form controls ... but for specifying the telformat - u'll just need to set the code check [given above by dan & then use it in <CFQueryParam ... >]

I assumed that u have ur javascripts taking care of ur form - & ur query is in trycatch - so incase a exception occurs - u cld redirect teh user back to the form - asking him to fill it again :)

K'Rgds
Anand
0
 

Author Comment

by:mdbbound
ID: 11723667
Anandkp,

That was an excellent explanation.  You know, i'd like to understand the way things work so i can use the theory in the future.  I really like to learn and be able to share in the future.

Once my project is over, I will have time to look for post and try to answer at least the easy once.

Thanks
0
 

Author Comment

by:mdbbound
ID: 11723678
I also want to thank danrosenthal for the solution and explanation.  

Excellent!

0
 
LVL 17

Expert Comment

by:anandkp
ID: 11723805
Its nice to know that u take time in learning & not just getting things done ... keep up the good spirit & i am sure u wld be able to help a lot on people on EE once ur thru with ur project.

Cheers
Anand :)
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Join & Write a Comment

A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
Have you ever sent email via ColdFusion and thought of tracking this mail to capture the exact date and time when the message was opened ?  If yes, then this article is for you ! First we need a table user_email with columns user_id , email , sub…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now