Thanks guys, sure there's other ways to FIX the number, but that wasn't exactly
my question. I just find it weird that isValid("integer") would consider
$123,123 as a valid integer value....such that I have to fix it in the first
place! That sure wouldn't pass in another language, and yes, I know this is not
a strongly typed language. I just find it frustrating, that this function
doesn't seem to perform what it's intended to so I have to add additional logic
to see if what was entered really was an integer or not.
Justin...you're right about huge numbers passing too...I think that was
actually why I switched from isNumeric() which allowed those through to the
isValid() function which doesn't.
Mary Jo
>> I would think there would be some way these functions would
>> work to prevent passing invalid data to a cfsqlparam with type
>> cf_sql_integer but I couldn't find a way that didn't allow something
>> illegal through.
>
>If I know a variable is supposed to be an integer (usually a primary
>key), I will do:
>
><cfparam name="url.id" default="0">
><cfset url.id = abs(val(trim(url.id)))>
>
>This will force the value to a positive integer or zero. If you just
>want to test the variable to see which search type should be
>triggered:
>
><cfif abs(val(trim(url.id))) eq url.id)>
> <!--- Is positive integer --->
><cfelse>
> <!--- Not so much --->
></cfif>
>
>If people are entering values that could include dollar signs and
>commas that need to be considered, a regex to remove non-numeric
>characters (expect perhaps a period) would probably be the better
>choice, or at least a replaceList() to remove the commonly used but
>undesired characters before passing it through a sanitizer.
>
>At one point (years ago) Google was hitting pages and throwing very
>large numbers into some integer URL variables which caused an
>out-of-range error and I even added a min() function with the
>resulting "sanitized" value and 2000000000 as the parameters to keep
>the value in range, though I haven't seen that for a while, but
>something to keep in mind if you see an error like that come up.
>
>
>-Justin
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:350781
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
