Link to home
Start Free TrialLog in
Avatar of Coast Line
Coast LineFlag for Canada

asked on

Error iin the Coldfusion Site

I have one site which is giving me constant error in the page!

the Error code is: Invalid data 783ChromeHTML\Shell\Open\Command for CFSQLTYPE CF_SQL_NUMERIC.

i am getting it continously, if this is some kind of hacing, can anyone guide me or provide me some help in that regards
Avatar of gdemaria
gdemaria
Flag of United States of America image


Do you have a cfqueryparam  statement in that area?
Or a function you're calling where you pass a value?

The variable in the value is not a number and needs to be.

Can you show the code in that area where the error is?


Avatar of Coast Line

ASKER

i am using cfquery everywhere in my page,m but whay it is apssing like this
i do not know

is someone tampering with url

If the variable is EMPTY, it is not a number and will throw the error

One way to fix it is to wrap val() around the variable you use in the cfqueryparam


   <cfqueryparam cfsqltype="CF_SQL_NUMERIC" value="#val(form.theNumber)#">

but it will still throuw an error and email will come to me again

Are you saying that you put in val() and it still throws an error?

Can you show the rest of the error, which shows which line it is on
and then show the code around that line ?

Here is what i get!

Detail      [empty string]
ErrorCode      n/a
Message      Invalid data 157ChromeHTML\Shell\Open\Command for CFSQLTYPE CF_SQL_NUMERIC.
NativeErrorCode      0
SQLState      n/a


Why do I have to ask you the same question more than once?

Did you put in the val() ?

Can you show the code around that area..

no i did not used val, ok here it is:

 WHERE
    request_ID = <cfqueryparam cfsqltype="cf_sql_numeric" value="#arguments.ID#">
ASKER CERTIFIED SOLUTION
Avatar of gdemaria
gdemaria
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
k its late here, i will try

but my question there are many such calls in thispag, all will need val and extra handling, and whenever user tries to pass something irrelavant to the url, it will throw an error and email me the same time


 cfqueryparam  tests to see if the VALUE is of that type.

 Unfortunately, cfqueryparam does not consider EMPTY (null)  to be a  NUMBER.

 So cfqueryparam will throw an error if the value is empty.  It seems this is the problem.  That arguments.ID is empty.

But, if you feel that the ID passed into your function should never be empty (null) then, you need to fix why it is empty and you will not have a problem.  

However, if it can be empty, then you need to handle it.   The two ways I showed above are commonly used to handle if the Value of cfqueryparam is empty.

Yes, in time that your value of cfqueryparam might be empty, you need to handle it in one of these ways, or there are a couple others...


WHERE
    request_ID = <cfqueryparam cfsqltype="cf_sql_numeric" value="#arguments.ID#">


You are passing the argument ID to a function, check before passing the ID as argument to function call that it is NOT NULL...