Solved

How do i integrate server side validation for this one

Posted on 2004-08-04
9
203 Views
Last Modified: 2013-12-24
Hi  I moved this post from another area to this.  I'll have the other one deleted

Please help me perform a server side validation for this INSERT to my db

<cfquery datasource="mydatasource">
     INSERT INTO tCommPeople(CommTitle,
               CommLast,
               CommFirst,
               CommMI,
               Gender,
               Ethnicity,
                                                TelNo,
                                                DateJoin,
                                                RegionNo)

     VALUES('#Trim(Form.CommTitle)#',         <!---Text box--->
        '#Trim(Form.CommLast)#',            
        '#Trim(Form.CommFirst)#',
        '#Trim(Form.CommMI)#',        
        '#Trim(Form.Gender)#',                 <!---select box--->
        '#Trim(Form.Ethnicity)#',               <!---select box--->
                   '#Trim(Form.TelNo)#,    <!---text box for telephone (123) 456-7899 --->
                   '#Trim(Form.DateJoin)#,    <!---text box for mm/dd/yyyy --->
        '#Trim(Form.RegionNo)#')      <!---select box--->
     </cfquery>

I don't know how to integrate a server side validation here.  Please Help.


Thank you.
0
Comment
Question by:mdbbound
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
9 Comments
 
LVL 17

Accepted Solution

by:
anandkp earned 250 total points
ID: 11718951
u cld use a similar logic for ur remaining values in the query

<cfquery datasource="mydatasource">
     INSERT INTO tCommPeople(CommTitle,
               CommLast,
               CommFirst,
               CommMI,
               Gender,
               Ethnicity,
               TelNo,
               DateJoin,
               RegionNo)

     VALUES(<CFQUERYPARAM CFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE="#Trim(Form.CommTitle)#">,         <!---Text box--->
        '#Trim(Form.CommLast)#',            
        '#Trim(Form.CommFirst)#',
        '#Trim(Form.CommMI)#',        
        '#Trim(Form.Gender)#',                 <!---select box--->
        '#Trim(Form.Ethnicity)#',               <!---select box--->
                   '#Trim(Form.TelNo)#,    <!---text box for telephone (123) 456-7899 --->
                   '#Trim(Form.DateJoin)#,    <!---text box for mm/dd/yyyy --->
        '#Trim(Form.RegionNo)#')      <!---select box--->
     </cfquery>

the QueryParam shld take care of it ... if ur looking for something else - let us know
PS : the datatypes to be used wld be CF_SQL_NUMERIC / CF_SQL_DATE / CF_SQL_VARCHAR & u shld be thru
thou not so sure abt teh Tel No
0
 
LVL 15

Assisted Solution

by:danrosenthal
danrosenthal earned 250 total points
ID: 11719097
I would do the validation like this (I don't know your exact requirements, but for example say that CommTitle cannot be blank and Gender must be either 'M' or 'F')...

<CFSET error_msg = "">

<!--- BEGIN VALIDATION --->
<CFIF NOT LEN(Form.CommTitle)>
  <CFSET error_msg = error_msg & "Title is required<BR>">
</CFIF>
<CFIF NOT LISTFIND("M,F",Form.Gender)>
  <CFSET error_msg = error_msg & "Gender must be either 'M' or 'F'<BR>">
</CFIF>

<CFIF LEN(error_msg)>
<!--- VALIDATION FAILED, SHOW ERROR MESSAGE --->
Please fix the following errors:<BR>
<CFOUTPUT>#error_msg#</CFOUTPUT>
<CFELSE>
<!--- VALIDATION PASSED, INSERT DATA --->
(Do insert here)
</CFIF>
0
 

Author Comment

by:mdbbound
ID: 11719916
Anandkp


VALUES(<CFQUERYPARAM CFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE="#Trim(Form.CommTitle)#">,        

Can you please explain this part:

="#YesNoFormat(Not Trim(Form.CommTitle))#"

And also, is this how i should do it:

VALUES(<CFQUERYPARAM CFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE="#Trim(Form.CommTitle)#">,<!---Text box--->

(<CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommLast))#" VALUE='#Trim(Form.CommLast)#'>,          
(<CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommFirst))#" VALUE='#Trim(Form.CommFirst)#'>,
(<CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommMI))#" VALUE='#Trim(Form.CommMI)#'>,        
(<CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommGender))#" VALUE='#Trim(Form.Gender)#'>,  <!---select box--->
(<CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE= '#Trim(Form.Ethnicity)#'>,    <!---select box--->
(<CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE='#Trim(Form.TelNo)#>,    <!---text box for telephone (123) 456-7899 --->
(<CFQUERYPARAMCFSQLTYPE="CF_SQL_DATE" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE= #Trim(Form.DateJoin)#>,    <!---text box for mm/dd/yyyy --->
(< CFQUERYPARAMCFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE='#Trim(Form.RegionNo)#'>)      <!---select box--->
</cfquery>

Please, I just want to make sure i understand it right.

Thank you

0
Business Impact of IT Communications

What are the business impacts of how well businesses communicate during an IT incident? Targeting, speed, and transparency all matter. Find out more in this infographic.

 

Author Comment

by:mdbbound
ID: 11719983
Hello dan

if for example in the select box, if it is not selected or null, will it go back to the FORM page?

And also, sorry i don't get this part:

<CFSET error_msg = "">

<CFIF LEN(error_msg)>
<!--- VALIDATION FAILED, SHOW ERROR MESSAGE --->
Please fix the following errors:<BR>
<CFOUTPUT>#error_msg#</CFOUTPUT

Please explain when and what happens.

Thanks
0
 
LVL 15

Assisted Solution

by:danrosenthal
danrosenthal earned 250 total points
ID: 11721649
if for example in the select box, if it is not selected or null, will it go back to the FORM page?
-- This is up to you, I would recommend that.

And also, sorry i don't get this part:
<CFSET error_msg = "">
etc...
--- You are setting a variable which you are writing error information to, if at the end of your validation IF statements you have not written to that variable at all, then there were 0 validation errors, otherwise you will display the validation errors to the user and NOT process the form.



0
 
LVL 17

Assisted Solution

by:anandkp
anandkp earned 250 total points
ID: 11723264
Hi mdbbound,

when u use CFQueryParam - u can specify if u wanna updte with the VALUE or NULL. i'll explain ... when u write this
(<CFQUERYPARAM CFSQLTYPE="CF_SQL_VARCHAR" NULL="#YesNoFormat(Not Trim(Form.CommTitle))#" VALUE="#Trim(Form.CommTitle)#">
it says the datatype is varchar & the value = #Trim(Form.CommTitle)#
now abt NULL="#YesNoFormat(Not Trim(Form.CommTitle))#"  - this wld decide if the value submitted is null or not - if its null ... then it wld update with NULL & not that value.
this way ur insert statement wld never fail ...

YesNoFormat() wld retrun either Yes/No ... & if u specify NULL=Yes - then the value never gets inserted ... its only when NULL=No - thats when the value gets inserted in the query.

hope that didnt confuse u :)

ur code looks ok - just that teh selectbox values [if are numeric - u'll need to change the cfsqltype]

this wld work for all form controls ... but for specifying the telformat - u'll just need to set the code check [given above by dan & then use it in <CFQueryParam ... >]

I assumed that u have ur javascripts taking care of ur form - & ur query is in trycatch - so incase a exception occurs - u cld redirect teh user back to the form - asking him to fill it again :)

K'Rgds
Anand
0
 

Author Comment

by:mdbbound
ID: 11723667
Anandkp,

That was an excellent explanation.  You know, i'd like to understand the way things work so i can use the theory in the future.  I really like to learn and be able to share in the future.

Once my project is over, I will have time to look for post and try to answer at least the easy once.

Thanks
0
 

Author Comment

by:mdbbound
ID: 11723678
I also want to thank danrosenthal for the solution and explanation.  

Excellent!

0
 
LVL 17

Expert Comment

by:anandkp
ID: 11723805
Its nice to know that u take time in learning & not just getting things done ... keep up the good spirit & i am sure u wld be able to help a lot on people on EE once ur thru with ur project.

Cheers
Anand :)
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In our day to day coding, how many times have we come across a necessity to check whether a URL is a broken link or not? For those of you that answered countless and are using ColdFusion like myself, then this article is for you.  It will show yo…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question