Cfparam question

Explorer ,
Sep 06, 2018 Sep 06, 2018

Copy link to clipboard

Copied

Hi,

I am using cfparam in the following fashion.

<cfparam name="sort_col" default="FirstName" type="regex" pattern="((?i)FirstName|LastName|mEmail|mTelephone)">

Basically I am trying to whitelist the sort_col variable to one of these in the pattern. Later in my code values come in from a form where I set this value. My assumption was that if i tried to set it to something other than one of the values in the pattern then it would crash out. This doesnt seem to be the case though. It gets set to whatever comes in via the form. Can anyone confirm this?

Regards,

Paul

Views

535

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct Answer

Enthusiast , Sep 06, 2018 Sep 06, 2018
Hi Paul,It only executes the pattern validation on the line of code where cfparam is located. So the following will cause an error as you expect:<cfset sort_col = "Bacon"><cfparam name="sort_col" default="FirstName" type="regex" pattern="((?i)FirstName|LastName|mEmail|mTelephone)">However, this sequence will not cause an error:<cfparam name="sort_col" default="FirstName" type="regex" pattern="((?i)FirstName|LastName|mEmail|mTelephone)"><cfset sort_col = "Bacon">Because the validation only runs a...

Likes

Translate

Translate
Enthusiast ,
Sep 06, 2018 Sep 06, 2018

Copy link to clipboard

Copied

Hi Paul,

It only executes the pattern validation on the line of code where cfparam is located.

So the following will cause an error as you expect:

<cfset sort_col = "Bacon">

<cfparam name="sort_col" default="FirstName" type="regex" pattern="((?i)FirstName|LastName|mEmail|mTelephone)">

However, this sequence will not cause an error:

<cfparam name="sort_col" default="FirstName" type="regex" pattern="((?i)FirstName|LastName|mEmail|mTelephone)">

<cfset sort_col = "Bacon">

Because the validation only runs at the cfparam tag, not each time you set the variable.

--

Pete Freitag

Foundeo Inc.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Explorer ,
Sep 06, 2018 Sep 06, 2018

Copy link to clipboard

Copied

LATEST

Thanks Pete. Have gone the switch route now to do some sort of whitelisting.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines