cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

Page security, please help

CFmonger
Participant ,
May 20, 2008 May 20, 2008
Hello;
I am trying to come up with a script that will lock you out of a page if you do not use the proper criteria. It is a search for a site, and I set it up right now so that if you try and get to the result page without using a form, it gives you a message and a new search box. This works fine.

What happens now is if you preform a search and it comes back with lets say 9 records, I have the next / previous set to allow 3 per page, when you click next it comes back and gives the message I set you to get if you didn't use a form button.

How do I make this security tag work with both the next previous and using a form button?

(If I don't lock it down like this, and you access the page directly, you get errors, so I need to make the user use the page the way I set it.)

This is my script:

<cfif NOT isDefined('form.submit')>
You get this telling to to try again
<cfelse>
this runs the cod on the page
</cfif>

The link I am trying to allow to pass this uses this:

http://www.mysite.com/result.cfm?startRow=4

What can I add to this script to make both of these senarios pass?

Thank you.

CFmonger
TOPICS
Advanced techniques
2.9K
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Kronin555
Advocate , May 22, 2008 May 22, 2008
Scrap the "put it in the session" idea. Go back to your original code.

Put <cfparam> tags at the top of the page your search form posts to.
Put a cfparam for the URL variables that get submitted when you do next/previous. Setup defaults.
Put a cfparam for all form fields from your search form. Setup defaults.

Now, you should be able to go directly to that page and it shouldn't throw an error. Why? because, you provided defaults for all the variables that page is expecting. Simple. No session. ...
Translate
replies 29 Replies 29
latest latest Jump to latest reply
CFmonger
Participant ,
May 22, 2008 May 22, 2008
In Response To Kronin555
I have one last question.

I got it working using these 2 paramiters:

<cfparam name="FORM.criteria" default="0" type="string">
<cfparam name="URL.criteria" default="" type="string">

1. do I need any more? and are these done correctly?
2. Now that i use these there is 2 lines of code not workin:
<cfoutput> Search Results:#Criteria#</cfoutput>
and this:
<cfform action="result.cfm" method="post">
<cfinput type="text" name="criteria" value="#Criteria#" id="criteria" size="30" class="search_input">
--- submit button ---
</cfform>

the value doesn't stay either.
when I click the next button, these 2 lines are disbaled. How would I fix that?
3. when I hit previous, it messes with the page layout. Makes cells with results bigger and distorts the page a little.
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Newsgroup_User
LEGEND ,
May 22, 2008 May 22, 2008
In Response To Kronin555
i would probably cfparam like this:
<cfparam name="url.criteria" default="">
<cfparam name="form.criteria" default="#url.criteria#">

as for the other errors - you are not scoping your CRITERIA variable: it
should be probably #form.criteria# in your case.


Azadi Saryev
Sabai-dee.com
http://www.sabai-dee.com/
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
CFmonger
Participant ,
May 22, 2008 May 22, 2008
In Response To Newsgroup_User
Thank you, the cfparam works nice that you posted, I saw I didn't scope my variables before you posted and fixed it, but now when you hit next it goes away. How would I make it stay? do a

<cfif isDefined ('#FORM.criteria#')>
<cfoutput> Search Results:#FORM.criteria#</cfoutput>
<cfelse>
<cfoutput> Search Results:#URL.criteria#</cfoutput>
</cfif>
or is there a better way?
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Newsgroup_User
LEGEND ,
May 22, 2008 May 22, 2008
LATEST
In Response To Newsgroup_User
well, this has been a very long thread, with lots of bits of code
posted... hard to keep track of current state of affairs.
can you re-state what the current problem is? and post relevant code
that does not work as expected/throws errors?

how is your pagination set up? do the prev/next links re-submit your
form or just pass parameters in url? if the latter, make sure you pass
ALL required parameters in the url: criteria, page, etc etc...

the FORM scope variables will only be available on the page the form
submits to and only if the form has been submitted.
thus the cfparams will work on first access to the results page, when
the search form has been submitted to it, but will both evaluate to ""
on click of prev/next link if you are not re-submitting the form with
those links...

does this make sense?

Azadi Saryev
Sabai-dee.com
http://www.sabai-dee.com/
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Newsgroup_User
LEGEND ,
May 22, 2008 May 22, 2008
In Response To Newsgroup_User
CFmonger wrote:
> I have done all that, the search works, I am at the enhancing the innerface and
> I can't get the next / prev to work. I use it on regular querys and it works
> fine. But it will not work on this, I have been trying all types of senarios
> and it all errors.
>
> What do I need to do to fix this code and make it work?
>


Well what is the code as it stands now and what are the errors. I find
that 9 out of 10 times the error messages point me right to the error.

Of course the 1 out of 10 times it has occasionally been a doozy.
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices