cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

Checking if values exist in the database

Guest
Mar 16, 2011 Mar 16, 2011

Hi,

I have problem with the values that are not in the database.

I have a form and there are two types of users:normal and the Admins.

If the user is normal user, he cannot access anyone else entries from the database. But the Admin can access all the entries.

I have done a check to so that the normal user can access only his entries:

<cfif NOT session.Admin AND process.addedBy NEQ #session.AccountID# >
             <cflocation url="main.cfm" addtoken="no">
         <cfelse>

<!--- rest of the form--->

By these, a normal useer cannot access any entries other than his own.

But  for admin, a admin can access all the entries but not the entries that  are not in the database. The query related to these form is:

<cfquery name="xx" datasource="yy">
             Select entryid, addedBy, deletedBy,processedBy
             From yy
             where entryid = #URL.entryid# AND processedBy IS NULL AND deletedBy IS NULL
                 <cfif NOT session.Admin> AND addedBy = #Session.AccountID#
                  </cfif>
Thus both users can access the  respective entries, but when the Admin enters a entryid in the URL not  existing in the database, it doesn't take the page back to main page  rather it shows the form.

Thus my question is how to avoid the values not in the database.

Thanks for the Help.

Vijayvijay77.

1.2K
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Owainnorth
Guide , Mar 17, 2011 Mar 17, 2011

Well, if you want to check it found it, why not just use RECORDCOUNT? That's kinda what it's there for.

<cfquery name="myquery">

  SELECT stuff

</cfquery>

<cfif myquery.recordcount neq 1 >

  <cflocation url="/finger.cfm" />

</cfif>

Translate
replies 10 Replies 10
latest latest Jump to latest reply
Dan_Bracuk
LEGEND ,
Mar 16, 2011 Mar 16, 2011

Give the admin a better option than entering id values into a url.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Owainnorth
Guide ,
Mar 17, 2011 Mar 17, 2011
In Response To Dan_Bracuk

Give the admin a better option than entering id values into a url.

Almost as if someone needs to invent...say...user interfaces?

Dan's spot on. You should be protecting *against* people tampering with the url, not making it a required part of your system. You need some kind of page which lists your entries, with a link to each edit/view page.

That way if someone does tamper with the url they won't be surprised if they get an error.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Mar 17, 2011 Mar 17, 2011
In Response To Owainnorth

Hi,

Thanks for the replies. I really appreciate it.

I have blocked normal users other than admin to access entries other than their entries.

The  only issue I am having is if the admin changes the entryid in the URL  to something which is not valid or not in the database, the page is  redirecting to the initial form page. I just want it to redirect the  page to main page, showing all the entries. For which I have to create a  condition [I guess], to check for the values which are not valid or not  in the database.

For example:

http://forums.adobe.com/post!reply.jspa?message=3551690

In  these URL if I change the message number to 3551691, and suppose I am  the admin, and the message 3551691, doesn't exist int the database, it  should redirect me to some other page, thats all I want.

I hope my explanation is clear now. Thanks for your valuable suggestions.

Vijayvijay77.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Owainnorth
Guide ,
Mar 17, 2011 Mar 17, 2011
In Response To Deleted User

Well, if you want to check it found it, why not just use RECORDCOUNT? That's kinda what it's there for.

<cfquery name="myquery">

  SELECT stuff

</cfquery>

<cfif myquery.recordcount neq 1 >

  <cflocation url="/finger.cfm" />

</cfif>

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Mar 17, 2011 Mar 17, 2011
In Response To Owainnorth

Can you please explain how do I use queryname.RecordCount to not show the entry which is not in the database. Sorry, but I am really confused.

Thanks for your suggestions.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Mar 17, 2011 Mar 17, 2011
In Response To Owainnorth

Queryname.RecordCount is not workin. I am using it in the same format as mentioned:

<cfif myquery.recordcount neq 1 >

  <cflocation url="/finger.cfm" />

</cfif>

Can you please help me out here, If I am on the wrong path.

Vijayvijay77.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Owainnorth
Guide ,
Mar 17, 2011 Mar 17, 2011
In Response To Deleted User

With all due respect, I really think you need to go away and get a better understanding of ColdFusion before you continue with this project. It's apparent you're missing some fairly large chunks of fundamental knowledge on the subject, certainly for an application on the scale it appears you're trying to create.

I appreciate that's probably not what you're after, but there's only so long we can keep explaining things to you.

O.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Mar 17, 2011 Mar 17, 2011
In Response To Owainnorth

Thanks you for your suggestions, the RecordCount thing worked.

The deadline was getting into my head, I guess. But as far I am concern, I have certain grip of the subject, just that, sometimes things dont click or right things doesn't make any sense, those are these days.

By the way, thanks for all the suggestions and feedback. I really appreciate your time and pateince with me.

Thank You!!

Vijayvijay77.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Dan_Bracuk
LEGEND ,
Mar 17, 2011 Mar 17, 2011
In Response To Deleted User

My favourite troubleshooting technique is to look at the data.  For if/else logic, it goes like this:

if something

yes

else

no, and show me all relevent data

abort

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Mar 17, 2011 Mar 17, 2011
LATEST
In Response To Dan_Bracuk

Thank you all for your suggestions and feedback.I really appreciate it.

Vijayvijay77.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices