I would view the source to see if the subsequent form edit has line breaks.
If not this would indicate the data is not being saved as it was entered.
You could also copy and paste the data out of the database into notepad or
something, to see how the data is actually being stored.
On Mar 8, 2015
I don't know if this specifically a CF question so sorry if it is
considered OT.
I have an admin section of the site that lets the owner add and edit
items/products. I am having an issue with the description field where the
newline/enter key input is being lost when editing an entry.
To give mo
I have a form with a file upload and a CFGRID. When submitted the following
error occurs:
Exception in The submitted cfgrid form field is corrupt
This works with CF10 Update 13. When we upgraded to Update 14 this error
started occurring
(sorry in advance is this is a double post)
I've got a form layout with a header on top that includes a cfinput using
autosuggest, then below that a cflayout type="tab". The drop down produced by
the autosuggest normally appears fine unless the cflayoutarea contains a
cfgrid
a text box on a form using
> cftextarea, which uses FCKeditor that came with CF8. When I try to
> populate a PDF form using cfpdfform/cfpdfformparam the embedded HTML shows
> as plain text.
>
>
> For example: If I input "This is bold", the pdf form output shows
> "
We are using Cold Fusion 8. I created a text box on a form using cftextarea,
which uses FCKeditor that came with CF8. When I try to populate a PDF form
using cfpdfform/cfpdfformparam the embedded HTML shows as plain text.
For example: If I input "This is bold", the pdf form ou
t; Other page PDF's are working fine in this application, so I removed
> various sections from the non-PDF-able page to see what specific part of
> the page might be causing the issue. The page contains an html form, and it
> turned out that if I removed one of the form controls -
page PDF's are working fine in this application, so I removed various
sections from the non-PDF-able page to see what specific part of the page might
be causing the issue. The page contains an html form, and it turned out that if
I removed one of the form controls -- a form input of type &quo
That . Sounds like a very handy new feature of html5'
One less thing to code
Regards
Russ Michaels
www.michaels.me.uk
www.cfmldeveloper.com - Free CFML hosting for developers
www.cfsearch.com - CF search engine
On 22 May 2013 01:41, "Chester Austin" wrote:
>
> It sounds like the browser's built
Sorry if this is a repost. I'm not sure if the form is submitting.
It sounds like the browser's built in validation is kicking in. Try it with a
different browser and you would most likely get different results. Get rid of
the "required" attribute in your input field
It sounds like the browser's built in validation is kicking in. Try it with a
different browser and you would most likely get different results. Get rid of
the "required" attribute in your input fields and it should work like it used
to. Unless you want the browser to handle some of the vali
As Justin mentioned, if the page was recently changed to an html 5 doctype
setting required to any value evaluates to true. Try remove the required
attribute completely. You can also add novalidate to the form tag.
On Tue, May 21, 2013 at 6:41 PM, Russ Michaels wrote:
>
> are you
re="no" doesn't make the field optional, its mere presence will
make the field required). The "required" attribute wasn't valid in
previous versions of HTML, so if you're passing it within a direct
or other form tag it would have been previously ignored by the
b
are you using CFFORM or just FORM ?
On Tue, May 21, 2013 at 11:37 PM, Matt Quackenbush wrote:
>
> Link(s)?
>
> CF cannot do anything on the client side (i.e. in the browser). JavaScript
> is required for any validation to take place on the client side. Without
> seeing
gt;
> I have a very old site that has a basic form. All of a sudden, the form is
> requiring all form form fields to be filled out? The form is a basic action=, and I've got "required="no" on the fields.
>
> What's interesting is that the validation results ar
Hey everyone,
I have a very old site that has a basic form. All of a sudden, the form is
requiring all form form fields to be filled out? The form is a basic http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk
Thanks Ray, I got it working now! It's in the neo_runtime.xml file.
Appreciate the help as always :)
Matt
ColdFusion will block a form post with too many form fields. In CF10, you
can go into the Admin and tweak the # (default is 100), in CF9 I believe it
is some XML file. Will try to
Thanks Craig, That's exactly what it was.
http://helpx.adobe.com/coldfusion/release-note/coldfusion-9-0-update-2.html
I'm trying to fix a page that was working at one time and now I'm getting
some odd beha
ColdFusion will block a form post with too many form fields. In CF10, you
can go into the Admin and tweak the # (default is 100), in CF9 I believe it
is some XML file. Will try to grab that doc for you.
On Thu, May 2, 2013 at 12:57 PM, Matthew S Blatchley wrote:
>
> I'm trying to
Boom:
http://stackoverflow.com/questions/15182567/coldfusion-9-html-form-500-internal-server-error
On Thu, May 2, 2013 at 1:19 PM, Raymond Camden wrote:
> ColdFusion will block a form post with too many form fields. In CF10, you
> can go into the Admin and tweak the # (default is 100),
I'm trying to fix a page that was working at one time and now I'm getting
some odd behavior.
The form is pretty large and has well over 100 fields. When I submit the
form I get an 500 error in IE.
In Firefox, the form posts to a blank page and Firebug throws this error in
the con
e
value.
Think of it as a selection of States for the US.
When the user selects a state, a query should be run that will then fill in
the rest of the form.
The remainder of the form of the does have other select drop downs that
should have a specific dropdown selected from the query that was retu
e username check on the server side, after
they submit the form, because javascript can be pretty easily bypassed, or
errors like this can cause it to not validate on the client side.
Another thing, you've written a lot of jQuery to be hardcoding an onChange
event on your html input elemen
There anyone that can assist me in this?
> I've been trying for some time trying to get various examples that
> I've found online how to do this, but none seem to do any checking
> after I leave the input field that contains the username to be checked.
> I'll first post the link to my work in
I've been trying for some time trying to get various examples that I've found
online how to do this, but none seem to do any checking after I leave the input
field that contains the username to be checked. I'll first post the link to my
work in progress and then post my code to my .cfm and .cfc
l for such a simple task. However, I could figure
out how to do in the client side.
Regards,
Jaime
On 2/19/2013 4:43 PM, Jaime Muniz wrote:
> I have a form in which I want to copy a field using bind like this:
>
>
>
> This works great except what I would really like to do is su
I have a form in which I want to copy a field using bind like this:
This works great except what I would really like to do is subtract 1
form the bind value.
I searched Google and found post that suggested this:
But that doesn't seem to work.
I tried various other scenarios withou
Al, I see values like this all of the time.
In most cases, I'll see values like -1, -1' or 1' for input fields. I use a
custom function to scan all form vars and if there is a match... I typically
ban the IP address for a period of time. You'll *likely* find a pattern to
t
> Anyone else seeing a lot of form submissions with -1 or 1 as the name?
Yup - I get that sometimes.
Or, an attempt to enter the same web or email address entered into EVERY
field.
and I'm still getting weird *something* errors sent to me from a
site that look like:
mypate.cf
I added another filter today...
I have always checked all form submissions for the bad keywords but I
noticed that many of the attacks seem to start with them entering 1
or -1 as the first and or last name. Probably too lazy to put more
keystrokes in when they are setting up the script.
So now
who's doing what you described:
>
>"If they read in the form page and then submit it using a script for
>many days without re-reading the original form it will appear to the
>server that they took days to fill."
>
>Would the same
What would be an appropriate length of time for a session variable
for a hacker who's doing what you described:
"If they read in the form page and then submit it using a script for
many days without re-reading the original form it will appear to the
server that they took days to fil
If they read in the form page and then submit it using a script for
many days without re-reading the original form, it will appear to the
server that they took days to fill. So testing for more than a few
hours should be good...
sessions might work but they should expire quickly... then if
> You have to be careful not to interfere with normal donations.
> When I fill out forms using chrome, chrome fills in my name, address
> and phone number. It might take me only 15 seconds to fill out my
> donation form..
Yes, I've thought about that. There's some sec
You have to be careful not to interfere with normal donations.
When I fill out forms using chrome, chrome fills in my name, address
and phone number. It might take me only 15 seconds to fill out my
donation form..
You can determine if he bypasses your form by setting a cookie on the
form
one out there.
>
> May have to write my own.
>
> Your blog is running CF ?
>
>
>
> -Original Message-
> From: Raymond Camden [mailto:raymondcam...@gmail.com]
> Sent: Monday, February 11, 2013 11:46 AM
> To: cf-talk
> Subject: Re: Problem with Hackers
o: cf-talk
Subject: Re: Problem with Hackers on Donation form through Authorize.net
As an FYI, my blog never had a lot of spam, but it was pretty regular. When
I started using CFFP, it dropped dramatically. I can't even remember my last
spam comment.
On Mon, Feb 11, 2013 at 10:43 AM, Rick
>> I wonder if the hacker can still submit the form with JavaScript turned
off?
>> How would I go about determining just what the hacker's process is?
At a base level they can copy your form page to their local server then
manipulate the form submitting it to your cfc direc
rhaps the hacker has
just moved on to another target for awhile.
When (not if...) it starts up again, I'm going to try the javascript timing
function, timing when a form element is first clicked and making sure it takes
at least 2 minutes until the form is submitted, or I'll fail the
>> Part of the verification in the processing can be reliant upon something
>> executing in JavaScript and being passed in with the form submission.
While I do not disagree with your statements anything that is part of the
form data that can be generated by JavaScript can be submi
Thanks, Dennis!
-Original Message-
From: UXB [mailto:denn...@uxbinternet.com]
Sent: Tuesday, February 12, 2013 5:31 PM
To: cf-talk
Subject: RE: Problem with Hackers on Donation form through Authorize.net
>> button for my form is just a regular button that triggers an AJAX
>&
Thanks for the feedback, Justin...
-Original Message-
From: Justin Scott [mailto:leviat...@darktech.org]
Sent: Tuesday, February 12, 2013 6:01 PM
To: cf-talk
Subject: Re: Problem with Hackers on Donation form through Authorize.net
> Forget the form page the bots/humans are not e
> Forget the form page the bots/humans are not even seeing it they are
> attacking your processing cfc directly. Your protection has to be server
> side since any JavaScript on the form page is ignored. They are
> submitting form data directly to your CFC processing page.
>> button for my form is just a regular button that triggers an AJAX
>> function that sends the data to a CFC for further processing and then
submission
Forget the form page the bots/humans are not even seeing it they are
attacking your processing cfc directly. Your protection has
>>If so, this won't work because I don't use an actual button with
a type of "submit". The "submit" button for my form is just a regular
button that triggers an AJAX function that sends the data to a CFC
for further processing and then submission in the CFC t
ubject: Re: Problem with Hackers on Donation form through Authorize.net
> We had another run of someone trying yesterday.. I detected it on
> the 3rd attmept (all of which failed).. then he (or she) tried about
> 30 more times where I just sent the fake failure notice without
> letting
All of my attempts over the last couple of months
have been under 2 minutes apart.
It takes a lot longer than that to fill out the donation form.
I think I'm going to try a timing function to determine
the time of the first click of the form and the click of the
submit button, and if the
> We had another run of someone trying yesterday.. I detected it on
> the 3rd attmept (all of which failed).. then he (or she) tried about
> 30 more times where I just sent the fake failure notice without
> letting it hit the credit card processor.
I like this approach on two fronts. First it
Your right we do routinely get real donations from a few
places like Puerto Rico and Mexico (which both happen to be part of
north america)... as well as most of Europe and Japan. We actually
got real donations from China and even Nigeria so we can't block any
coutry outright.
So I
Good morning everyone,
That verification solution will also work with screen readers making it
possible for disabled Web surfers to use that form. Good going although
CFFormProtect would eliminate the captcha all together.
Peter Donahue
- Original Message -
From: "Al Mu
Another good thought! Thanks!
-Original Message-
From: Byron Mann [mailto:byronos...@gmail.com]
Sent: Tuesday, February 12, 2013 1:57 AM
To: cf-talk
Subject: Re: Problem with Hackers on Donation form through Authorize.net
A fairly inexpensive and easy to implement fraud screening
Looks interesting. IP-based blocking may be a good way to go
for my donation form.
-Original Message-
From: Al Musella, DPM [mailto:muse...@virtualtrials.com]
Sent: Tuesday, February 12, 2013 12:07 AM
To: cf-talk
Subject: Re: Problem with Hackers on Donation form through Authorize.net
On 2/12/2013 12:06 PM, Al Musella, DPM wrote:
>
> I came across an interesting way to get the country from the IP
> address.. http://www.mximize.com/getting-country-by-ip-based-on-geolite
> I might set this up and block non North American IPs...
i would check w/your client first. not everybody ou
ySite.com
On Feb 11, 2013 11:13 AM, "Rick Faircloth" wrote:
>
> Hi, guys...
>
> I'm been running my first eCommerce setup with a donation
> page/form using Authorize.net.
>
> Things have been running fine, excepts for spammers using
> the donation form to f
I came across an interesting way to get the country from the IP
address.. http://www.mximize.com/getting-country-by-ip-based-on-geolite
I might set this up and block non North American IPs...
At 04:43 PM 2/11/2013, Les Mizzell wrote:
>One site of mine for a dance company used to get a ton of s
Boy was that a stupid, not-thought-out approach!
I was so focused on separating the spamming humans from
the spamming bots, I came up with a solution that wouldn't
let human or bot submit a form, whether the human was a
legitimate donor, or not!
Duh! (It's been a long day... tim
One site of mine for a dance company used to get a ton of spam through
contact forms. Everybody hated CAPTCHA, so I put a simple question with
radio button choices:
A cow goes?
a. quack
b. woof
c. moo
d. chirp
VERY low tech, but believe it or not, we've not gotten a single piece of
bot spam s
al Message-
From: Al Musella, DPM [mailto:muse...@virtualtrials.com]
Sent: Monday, February 11, 2013 4:32 PM
To: cf-talk
Subject: RE: Problem with Hackers on Donation form through Authorize.net
I have just gone through this... A big problem is that the
owner complains and the credit card compa
I have just gone through this... A big problem is that the
owner complains and the credit card company charges you a penalty
and if many get through they can dump you.
At first, I banned the IP address when someone tried 3 times
unsuccessfuly. That worked for about a day then they would co
On Mon, Feb 11, 2013 at 1:45 PM, Rick Faircloth wrote:
>
> After more unsuccessful testing, I'm assuming that the form
> button at the end of the form needs to be an actual button with
> a type of "submit" to work with CFFormProtect?
>
>
Not as far as I know. I
After more unsuccessful testing, I'm assuming that the form
button at the end of the form needs to be an actual button with
a type of "submit" to work with CFFormProtect?
If so, this won't work because I don't use an actual button with
a type of "submit". The
oes CFFormProtect actually submit a form? I haven't parsed through
> the code, yet, but I'm trying to determine if it just runs some tests
> for validation or does it continue on to submit the form.
>
> The form and processing I've code is quite extensive and involves jQuery
Thanks for the feedback, Ray, Dave...
Does CFFormProtect actually submit a form? I haven't parsed through
the code, yet, but I'm trying to determine if it just runs some tests
for validation or does it continue on to submit the form.
The form and processing I've code is quit
t; To: cf-talk
> Subject: Re: Problem with Hackers on Donation form through Authorize.net
>
>
> > I realize that if someone is hiring cheap human labor for $1
> > per day to sit and enter form info, that I can't stop that,
> > but if it is bots doing the spamming, will m
AM
To: cf-talk
Subject: Re: Problem with Hackers on Donation form through Authorize.net
> I realize that if someone is hiring cheap human labor for $1
> per day to sit and enter form info, that I can't stop that,
> but if it is bots doing the spamming, will making CF captcha
> mo
> I realize that if someone is hiring cheap human labor for $1
> per day to sit and enter form info, that I can't stop that,
> but if it is bots doing the spamming, will making CF captcha
> more difficult to read have a good chance of stopping the bots,
> or do I need to ge
Hi, guys...
I'm been running my first eCommerce setup with a donation
page/form using Authorize.net.
Things have been running fine, excepts for spammers using
the donation form to find legitmate CC numbers so they could
abuse the card in other ways.
I've assumed, up to this point
If you add a "name" attribute to your submit button:
then when the form is submitted, there will be a corresponding "submit"
key added to the form scope. Then, as others have suggested, wrap your
query in:
//Your query here
Again, as the others have stated, this
during your logic to action something on the page validate it in some
slight way.
EG.
TAKE SOME ACTION
On Tue, Jan 15, 2013 at 1:44 PM, Matt Quackenbush wrote:
>
> You are running the insert query each time you load the page. Remove your
> s on the form fields, and wrap the qu
u load the page. Remove your
> s on the form fields, and wrap the query in an .
>
>
>
>
>
> HTH
>
>
> On Tue, Jan 15, 2013 at 2:34 PM, B Griffith wrote:
>
>>
>> Hello All,
>>
>> I appreciate everyone's help on my other posts and t
Fellas,
Thank you very much! It worked like a charm. And I'm taking your suggestion
re: data scrubbing/validation, I have a CF8 book that will hopefully shed a
little light on that subject.
I only just noticed there is a "ColdFusion Newbie" forum here and that is
probably where my posts/iss
>
The FORM structure itself always exists. So the check needs to be on one of the
individual fields, or you could check whether it is non-empty like Matt
suggested.
As an aside, once you get this solved you should read up cfqueryparam too.
Among other things it helps protect against
You are running the insert query each time you load the page. Remove your
s on the form fields, and wrap the query in an .
HTH
On Tue, Jan 15, 2013 at 2:34 PM, B Griffith wrote:
>
> Hello All,
>
> I appreciate everyone's help on my other posts and think I'm com
Oops- forgot that you had CFPARAMs for all the variables. You'd need to
remove those with the conditional.
-Original Message-
From: Dave Jemison [mailto:djemi...@vinesse.com]
Sent: Tuesday, January 15, 2013 12:46 PM
To: 'cf-talk@houseoffusion.com'
Subject: RE: form-pos
the query to only fire if the form has been
submitted:
INSERT INTO DONOR
(first,last,flag,supe,phone) VALUES
('#form.first#','#form.last#','#form.flag#','#form.supe#','#form.phone#')
Additionally, you need to do some data scrubbing be
the other
> five which you see in the code below and are probably pretty
> self-explanatory. I have tried creating an empty structure called 'form'
> before applying the code and finally settled on a block of
> statements to set the vars to a default. I can't see a way
hich you see in
the code below and are probably pretty self-explanatory. I have tried creating
an empty structure called 'form' before applying the code and finally settled
on a block of statements to set the vars to a default. I can't see a
way around this because NOT doing so ca
y are in separate form fields, then it is still sent as a list.
>If they are in the same field then ou could use space as the delimiter
>
>Regards
>Russ Michaels
>www.michaels.me.uk
>www.cfmldeveloper.com - Free CFML hosting for developers
>www.cfsearch.com - CF search engine
>On
If they are in separate form fields, then it is still sent as a list.
If they are in the same field then ou could use space as the delimiter
Regards
Russ Michaels
www.michaels.me.uk
www.cfmldeveloper.com - Free CFML hosting for developers
www.cfsearch.com - CF search engine
On Dec 24, 2012 3:26
That's fairly straight forward to extract and handle the data. Only tricky bit
is if the person entering the data doesn't put a comma at the end of a line.
I may just stick with excel spreadsheet imports.
>Its just a list of values so you can cfloop over them.
>
>Regards
>Russ Michaels
>www.mic
import multiple firstname, lastname,
> email from a form text field. Its for an email application for end users to
> enter multiple subscribers. i.e. form field content:
>
> John, Doe, j...@doe.com
> Mary, Doe, m...@doe.com
> Roofus, Doofus, roo...@doofus.com
>
> I'm using an e
Does anyone know of a good way to import multiple firstname, lastname, email
from a form text field. Its for an email application for end users to enter
multiple subscribers. i.e. form field content:
John, Doe, j...@doe.com
Mary, Doe, m...@doe.com
Roofus, Doofus, roo...@doofus.com
I'm
-
> > Datum: Sat, 8 Dec 2012 16:54:57 +
> > Von: Russ Michaels
> > An: cf-talk
> > Betreff: Re: Client.Loginname does not work for login form
>
> >
> > I think it may be because you are dping a.cflocation, so the cookie is
> not
> > being set.
&g
menon over and over.
> I give ColdFusion one more day, then I switch to Ruby for the rest of my
> life.
>
>
>
> Original-Nachricht
> > Datum: Sat, 8 Dec 2012 16:54:57 +
> > Von: Russ Michaels
> > An: cf-talk
> > Betreff: Re: Client.
of my
> life.
>
>
>
> Original-Nachricht
> > Datum: Sat, 8 Dec 2012 16:54:57 +
> > Von: Russ Michaels
> > An: cf-talk
> > Betreff: Re: Client.Loginname does not work for login form
>
> >
> > I think it may be because you are dping a.cfl
t; An: cf-talk
> Betreff: Re: Client.Loginname does not work for login form
>
> I think it may be because you are dping a.cflocation, so the cookie is not
> being set.
> I would suggest using session variable instead of client variables.
>
> Regards
> R
, 2012 4:19 PM, "Thomas Eppler" wrote:
>
> Dear CF-Friends
> I am standing in front of a mystery ...
> I am using a variable Client.Loginname, which saves always the last used
> username, which I set in the username form field, so the user does not need
> to type it ag
No, it is not the browser. I checked this by giving out Client.Loginname on the
login page for testing.
Original-Nachricht
> Datum: Sat, 8 Dec 2012 16:27:47 +
> Von: Russ Michaels
> An: cf-talk
> Betreff: Re: Client.Loginname does not work for login form
Are you its not your browser caching the form?
Regards
Russ Michaels
www.michaels.me.uk
www.cfmldeveloper.com - Free CFML hosting for developers
www.cfsearch.com - CF search engine
On Dec 8, 2012 4:19 PM, "Thomas Eppler" wrote:
>
> Dear CF-Friends
> I am standing in front o
Dear CF-Friends
I am standing in front of a mystery ...
I am using a variable Client.Loginname, which saves always the last used
username, which I set in the username form field, so the user does not need to
type it again. But that variable seems not to accept the username after a
successful
> Dave said you can't have one form with multiple destinations. That isn't
> technically true. The HTML5 spec supports a formaction attribute for the
> tag that allows multiple destinations for different fields in the
> same form. For the life of me I can't imagine u
lto:rob...@austin-williams.com]
Sent: Tuesday, November 20, 2012 10:25 AM
To: cf-talk
Subject: RE: Can I create a form with several HTML5 multi-file uploads and send
to unique destinations?
I have definitely gotten around that by using loops, but I also have not been
using file sets. I've
: Raymond Camden [mailto:raymondcam...@gmail.com]
Sent: Tuesday, November 20, 2012 10:06 AM
To: cf-talk
Subject: Re: Can I create a form with several HTML5 multi-file uploads and send
to unique destinations?
I want to add two kinda OT points here.
CF9 (and earlier) has a bug with where it will
onl
I want to add two kinda OT points here.
CF9 (and earlier) has a bug with where it will
only process the first file. As far as I know there is no workaround for
this. CF10 handles it ok though.
Dave said you can't have one form with multiple destinations. That isn't
technically true.
Sent: Tuesday, November 20, 2012 9:13 AM
To: cf-talk
Subject: Re: Can I create a form with several HTML5 multi-file uploads and send
to unique destinations?
> I have a page where people need to be able to upload multiple files that go
> to different places. I can use:
>
> type="fil
but
> at least I can send it to the right place. Using action="uploadall" sends all
> the files to all the locations because I can specify
> a filefield value.
>
> Obviously I could have one form for each file set but that gets tedious for
> the end user. Any suggestions?
e. Using action="uploadall" sends all the files to all the locations
because I can specify a filefield value.
Obviously I could have one form for each file set but that gets tedious for the
end user. Any suggestions?
~
Thanks for the info, Nithya!
Rick
-Original Message-
From: Nithya K [mailto:nithyakr...@gmail.com]
Sent: Wednesday, September 12, 2012 2:09 AM
To: cf-talk
Subject: Re: Not understanding the relationship between html form values and
cfhttpparam values
In my application, I used to
In my application, I used to directly pass the form variables to another
website.
Then I found that form variables posted are not secure, as they can be
intercepted and modified.(especially in payment functions where form.amount
could be modified to 0) The variable values are secure when using
Oh, and thanks for the feedback and explanation, Dave!
Rick
-Original Message-
From: Dave Watts [mailto:dwa...@figleaf.com]
Sent: Tuesday, September 11, 2012 10:21 PM
To: cf-talk
Subject: Re: Not understanding the relationship between html form values and
cfhttpparam values
> So,
1 - 100 of 6078 matches
Mail list logo