Why does ColdFusion consider the value “7+” to be a valid integer value and how can I confirm that it is not?

Question

Why does ColdFusion consider the value “7+” to be a valid integer value and how can I confirm that it is not?

I have a form for user input quantity. The form has client-side validation to ensure that the value is an integer and within a given range. The action page has server-side validation to ensure that it is an integer and greater than zero.

However, one type of value passes the test and raises INSERT / UPDATE queries to throw exceptions. This value is an integer with a plus sign - i.e. "7+" or "12+".

When this value is entered, a ColdFusion-generated JavaScript check raises a JavaScript error:

_CF_checkformAddToCart = function(_CF_this) { //reset on submit _CF_error_exists = false; _CF_error_messages = new Array(); _CF_error_fields = new Object(); _CF_FirstErrorField = null; //form element itemQuantity 'INTEGER' validation checks if (!_CF_checkinteger(_CF_this['itemQuantity'].value, false)) { _CF_onError(_CF_this, "itemQuantity", _CF_this['itemQuantity'].value, "Error on itemQuantity, please enter an integer value for quantity that is not greater than 500"); _CF_error_exists = true; } //form element itemQuantity 'RANGE' validation checks if (!_CF_checkrange(_CF_this['itemQuantity'].value, 0.0,500.0, false)) { _CF_onError(_CF_this, "itemQuantity", _CF_this['itemQuantity'].value, "Error on itemQuantity, please enter an integer value for quantity that is not greater than 500"); _CF_error_exists = true; } }

As soon as I cancel the pop-up error message, it will go to the action page, where I [try to] check the value like this:

 <cfif IsValid("integer", form.itemQuantity) AND form.itemQuantity GT 0> <cfquery> INSERT ....

However, if you try this ...

 <cfset x = Int("7+") />

... ColdFusion gives an error message.

Is it an integer or not ColdFusion ???

How can I get around this and check the form input correctly?

+4

coldfusion validation forms textinput

Eric Belair Nov 02 '11 at 21:41

source share

3 answers

Yisroel · Answer 1 · 2011-11-02T21:47:21+0000

isNumeric(form.itemQuantity) will return false for "7+", so to fully confirm your input as int, you can do this

 <cfif isNumeric(form.itemQuantity) and IsValid("integer", form.itemQuantity) AND form.itemQuantity GT 0>

Dale fraser · Answer 2 · 2011-11-03T04:22:44+0000

Due to the strange and beautiful nature, ColdFusion becomes impartial. He does not know what type of data you are working with, and he is trying to guess.

His assessment that 7+ is valid. The validation built into ColdFusion contains many assumptions and assumptions.

My recommendation would be to not use it and write your own validation procedures that can be extended to do whatever you need.

for instance

User enters

2075

Whether it is valid or invalid. Well, if you have your own verification that you can solve, you can say that it is whole and remote, or you can say that they cannot do it.

This is a small investment advance that will pay off in the long run.

Eric Belair · Answer 3 · 2011-11-02T21:47:50+0000

Turns out I can use LSParseNumber () to convert it to a real integer. So now I am testing a real integer and then reloading it with LSParseNumber () before trying to insert any database inserts:

 <cfset addItemQty = 0 /> <cfif IsValid("integer", Trim(form.itemQuantity))> <cfset addItemQty = LSParseNumber(Trim(form.itemQuantity)) /> </cfif>

I think I will have to rebuild client-side validation on the client side in order to validate correctly.

Why does ColdFusion consider the value “7+” to be a valid integer value and how can I confirm that it is not?

More articles: