Solved

Coldfusion Error

Posted on 2014-02-23
12
330 Views
Last Modified: 2014-02-24
Hi,
 
 I am getting "Element ITEMNO is undefined in FORM. " error on my coldfusion page.

 First, I use CFGRID to display records in flash. When the user clicks any record/row in the grid, I display the contetns of each field and let the user change it. When the user clicks [Save Change] button, I try to update the change(s), but that is where the error occurs.
 Please see WORD doc for details.

Thanks.
CFCode.doc
0
Comment
Question by:sglee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
12 Comments
 
LVL 4

Accepted Solution

by:
Rodrigo Munera earned 500 total points
ID: 39881538
Is all the code in your ms word document on one file? or is it spread in different .cfm files? what's the data flow? the screenshots and the code don't seem to correspond.

What's the workflow?

The most glaring error I can see is that your cfparam names are not in the form scope.

a simple fix of your code would be to turn your <cfparam name="itemNo" default=""> into <cfparam name="form.itemNo" default="">

You'll have to do that with all your cfparam tags to get the page to execute without issues.
0
 
LVL 4

Expert Comment

by:Rodrigo Munera
ID: 39881554
Also you have two separate forms,

The first form has all your form data (cfform posting to menu.cfm) and your second form (form posting to AdminItemUpdate.cfm) has your submit button and your ID and cfgridID in a hidden field. So when you hit submit, you're only submitting the second form.

You should put all your input elements into one form with all the elements your want to submit. Otherwise you're not going to pass all the data to the action page.
0
 

Author Comment

by:sglee
ID: 39881562
Sorry about not being clear. Here is the order.
AdminMenu.cfm  : Main menu.
AdminBrowseFolder.cfm :  CFGRID to display records in the inventory table.
AdminItemDetails.cfm?cfgridkey=14   : User selected 14th row to edit contents.
AdminItemUpdate.cfm : update the record with change(s).

Since I added "form.column_name" like <cfparam name="form.itemNo" default="">, those errors were gone. Also replaced     WHERE   ID = <cfqueryparam value="#cfgridkey#" cfsqltype="cf_sql_integer"> with WHERE   ID = cfgridkey.

Now I am getting this error:
Error Executing Database Query.  
[Macromedia][SequeLink JDBC Driver][ODBC Socket][Microsoft][ODBC Microsoft Access Driver] Syntax error in UPDATE statement.  

So I am going to chekc the syntax of my query:
      <CFQUERY NAME="UpdateRecord" DATASOURCE="WhatsThePoint">
              UPDATE       Inventory
            SET            ItemNo = '#Form.ItemNo#',
                        Title = '#Form.Title#',
                        CategoryID = #Form.CategoryID#,
                        DesignerID = #Form.DesignerID#,
                        Status = #Form.Status#,
                        Description = '#Form.Description#',
                        ListPrice = #Form.ListPrice#,
                        SalePrice = #Form.SalePrice#,
                        Size = '#Form.Size#',
                        MeshCount = #Form.MeshCount#,
                        Qty = #Form.Qty#,
                        Size = '#Form.Size#',
                        PictureFileName = '#Form.PictureFileName#',
                        PicturePath = '#Form.PicturePath#'
    WHERE   ID = cfgridkey
      </CFQUERY>
0
The Orion Papers

Are you interested in becoming an AWS Certified Solutions Architect?

Discover a new interactive way of training for the exam.

 

Author Comment

by:sglee
ID: 39881571
Well, the above CFquery did not work even with one field "ItemNo". So I took out the entire CFQuery and put in the following for troubleshooting:
 <CFOUTPUT>
ITEM NO: #Form.ItemNo#
</CFOUTPUT>

and no data was displayed, not even the heading "ITEM NO".

Is there a way that I can simply use
<cfupdate datasource="DSN_Name" tablename="Inventory">  ?
0
 
LVL 4

Expert Comment

by:Rodrigo Munera
ID: 39881574
See my second message, fixing the params will get rid of your CF errors but it will not make sure you're getting the data from your form page to your query update statement.

The way HTML forms work is that whatever you put between <form> and </form> will get sent in to the action page. (<cfform> renders as <form> in the actual page), so if you have <cfform> <data1 /> </cfform> and then another form <form> <data2 /> <input type="submit"></form>, once you hit that submit button, you will only get the <data2 /> sent to your action page. While you won't have any coldfusion (syntax) errors because you initialized the form data with cfparams, it doesn't guarantee that the <data1 /> you want to submit will make it to your update statement.

On another note, having your update statement using open SQL items like:

ItemNo = '#Form.ItemNo#'

Opens your code to SQL injection attack, you should always sanitize your database inputs using <cfqueryparam> tags so your data is protected (also data validation code would be helpful to make sure you're not sending bad data to your database).
0
 

Author Comment

by:sglee
ID: 39881579
Here is the code as it is and it does not update the data at all. I don't think it is passing any data either.
CFCode2.doc
0
 
LVL 4

Expert Comment

by:Rodrigo Munera
ID: 39881582
A short note about your question about using cfupdate:

Yes, you can but be careful on how you use it and where you implement it (can be abused by hackers if you don't set it up properly.

There's a good article on the subject here: http://cfmlblog.adamcameron.me/2012/07/are-cfinsert-and-cfupdate-as-bad-as.html
0
 
LVL 4

Expert Comment

by:Rodrigo Munera
ID: 39881594
Your form code posts form data fine to the action page.

To see what data is being posted from the form, you can dump the form scope at the beginning of the action page by using <cfdump var="#form#"> (before the cfparams)

Also, you probably don't want to just blindly cfparam all your variables, otherwise you may get a database table row with blank values if you're not careful. Validate your input from your forms before you allow your action page to update your database.
0
 

Author Comment

by:sglee
ID: 39881595
CF DumpIt passes no data.
0
 
LVL 4

Expert Comment

by:Rodrigo Munera
ID: 39881603
Your form fields are being passed, it's just that you have set the text to white so you can't see the values, if data was not being passed, you wouldn't get the form fields defined as they are on your dump.

Also if no data was being passed for a field, the dump would say "[empty string]", it wouldn't just be blank

If you use ctrl+a, you'll see the text being passed.

Screenshot of Form posted to itself and form scope cfdumped
0
 

Author Comment

by:sglee
ID: 39881631
With Contrl-A, I was able to see data passed. Why CFGridKey failed to make it?
0
 
LVL 4

Expert Comment

by:Rodrigo Munera
ID: 39881651
Look at the source code on your browser of AdminItemDetails.cfm

Look at the hidden input. It's probably blank.

Where is your cfgridkey coming from? If your cfgridkey is in your URL query, you should scope it correctly in your form like so:

<input type="hidden" name="cfgridkey" value="#URL.cfgridkey#" />
0

Featured Post

Raise the IQ of Your IT Alerts

From IT major incidents to manufacturing line slowdowns, every business process generates insights that need to reach the people required to take action. You need a platform that integrates with your business tools to create fully enabled DevOps toolchains.

You need xMatters.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PROBLEM: How to add your own buttons to the bottom toolbar with paging info ( result count ). While creating a cfgrid, I ran into an issue where I wanted to embed my own custom buttons where the default ones ( insert / delete / etc… ) are for aes…
This is an updated version of a post made on my blog over 3 years ago. It is unfortunately, still very relevant as we continue to see both SQLi (SQL injection) and XSS (cross site scripting) attacks hitting some of the most recognizable website and …
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question