derrick rapley [email protected] maryland cfug october 8, 2002
TRANSCRIPT
Agenda What is cf_datavalidate? Why use server-side validation? How to use cf_datavalidate
Syntax Displaying Error Messages Using Custom Validation
What is cf_datavalidate? cf_datavalidate is a custom tag that performs
server-side data validation Requires use of child tag cf_dataValidateItem Easy to use Minimizes the amount of code needed to perform
validation Keeps track of error messages Handle custom validation
Why use server-side validation? To prevent potential malicious attacks To prevent bad data from being entered
into the database Client side validation is useless when
JavaScript is turned off. (including CFFORM)
cf_datavalidate cf_datavalidate is the parent tag Must have end tag Requires two parameters
1. OUTPUT (required) – the variable you want the error messages stored in
2. TYPE (optional) – the type of variable for OUTPUT, QUERY or STRUCTURE (default is QUERY)
<cf_datavalidate output="qryErrors" type="structure"><cf_dataValidateItem>
</cf_datavalidate>
cf_dataValidateItem Must be encapsulated by cf_datavalidate<cf_dataValidate output="qryErrors">
<cf_dataValidateItem type="required" value=“#form.FirstName#" message=“First Name is required">
</cf_dataValidate>
Parameters vary upon the TYPE of validation
TYPE and MESSAGE are required for all Types
cf_dataValidateItem - Types Required Numeric SimpleValue LenLT LenGT Range Compare Email
Space Repex 3of4 Date DateCompare DateRange DateGT DateLT
Displaying Errors Depends on the specified TYPE in the
parent tag cf_datavalidate 2 ways to display the error messages
1. Query – loop through the query of messages
2. Structure – Re-display the form and show the error message associated with each field (a little more advanced and requires some form manipulation)
Displaying Errors - Query The error messages are placed in a query that you
can loop through<cf_dataValidate output=“qryErrors” type =“query”>
<cf_dataValidateItem type="required" value=“#form.FirstName#” message=“First Name is required">
</cf_dataValidate>
<cfif qryErrors.RecordCount>
<cfoutput query=“qryErrors”>
#qryErrors.message#<br>
</cfoutput>
<cfabort
</cfif>
Displaying Errors - Structure Requires form manipulation Form needs to be included in the template
that does the validation The parameter FORMFIELD is required in
the child tag <cf_dataValidateItem><cf_dataValidate output=“qryErrors” type =“structure”>
<cf_dataValidateItem type="required" value=“#form.FirstName#” message=“First Name is required“ formfield=“FirstName”>
</cf_dataValidate>
Including Custom Validation Include the custom scenario inside
cf_datavalidate<cf_dataValidate output=“qryErrors” type =“query”>
<cf_dataValidateItem type="required" value=“#form.FirstName#” message=“First Name is required">
<cfif form.company NEQ “ACME Anvils”>
<cf_dataValidateItem type=“custom” message=“Custom Error”>
</cfif>
</cf_dataValidate>