> I need to protect our database from user-inputted data in FORM & > URL variables. This involves retrofitting some code, too. > > The question is whether to use Val() or IsNumeric to prevent > non-numeric characters from being inserted/updated to the > database. I know this is an individual choice based on your own > need, but I'm curious what others use. > > Val() or IsNumeric?
It all depends on whether you want only numeric or to take the numeric value on the front If you have the string "1 High Street" Val() will return "1" IsNumeric() will return "No" If you have a pure number, Val() will return the number and isNumeric() will return "Yes" It's "Horses for courses" really Philip Arnold Director Certified ColdFusion Developer ASP Multimedia Limited T: +44 (0)20 8680 1133 "Websites for the real world" ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. ********************************************************************** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
