All geek questions in one place

Check if the form field is defined with a variable in the name

I have an interesting problem here ...

<cfloop from="1" to="#form.countField#" index="i">
<cfif isdefined('form["semester#i#"]')>
  <cfquery name = "insertCourses" datasource="cas_evaluation">
  INSERT INTO courses (faculty, semester, course, students, hours, team_taught, first_time, ec_dl, online, course_revision )
  VALUES ( '#form.name#', '#form['semester#i#']#', '#form['course#i#']#', '#form['numstudents#i#']#', '#form['hours#i#']#', '#form['team#i#']#', '#form['firsttime#i#']#', '#form['ec_dl#i#']#', '#form['online#i#']#', '#form['revision#i#']#')
  </cfquery>
 </cfif>
</cfloop>

Basically, I have some dynamic fields that you can add or remove. (These are the lines of the btw fields ...) How did I encode it ... if the user deletes the line in the middle ... (they delete line 2, but lines 1 and 3 remain ...), this causes problems because the loop is looking for it but it clearly does not exist. So I tried to check if one of the fields was defined ... but he doesn’t like the syntax of the variable isdefined .. :(

any suggestions?

+3
source share
3 answers

I do not quite understand the question. So this is not working?

<cfif isdefined('form["semester#i#"]')>

Using

<cfif structKeyExists(form, "semester#i#")>

cfparam isDefined . :

<cfif isdefined('form.semester#i#')>

, , .

+9

. structKeyList (form), .

+2

Also, make sure you use cfqueryparam to escape your sql variables. The code you currently have is filled with sql input holes. This code should work and be safe.

<cfloop from="1" to="#form.countField#" index="i">
  <cfif structKeyExists(form, 'semester#i#')>
    <cfquery name = "insertCourses" datasource="cas_evaluation">
      INSERT INTO courses
        (faculty, semester, course, students, hours, team_taught, first_time, ec_dl, online, course_revision)
      VALUES
        ( <cfqueryparam cfsqltype='cf_sql_varchar' value='#form.name#' />
        , <cfqueryparam cfsqltype='cf_sql_varchar' value='#form['semester#i#']#' />
        , <cfqueryparam cfsqltype='cf_sql_varchar' value='#form['course#i#']#' />
        , <cfqueryparam cfsqltype='cf_sql_varchar' value='#form['numstudents#i#']#' />
        , <cfqueryparam cfsqltype='cf_sql_varchar' value='#form['hours#i#']#' />
        , <cfqueryparam cfsqltype='cf_sql_varchar' value='#form['team#i#']#' />
        , <cfqueryparam cfsqltype='cf_sql_varchar' value='#form['firsttime#i#']#' />
        , <cfqueryparam cfsqltype='cf_sql_varchar' value='#form['ec_dl#i#']#' />
        , <cfqueryparam cfsqltype='cf_sql_varchar' value='#form['online#i#']#' />
        , <cfqueryparam cfsqltype='cf_sql_varchar' value='#form['revision#i#']#' />
        );
    </cfquery>
  </cfif>
</cfloop>
0
source

Source: https://habr.com/ru/post/1759938/

More articles:


All Articles