If the user enters a floating point value, it is rounded to an integer. Does not do any rounding of floating point values. You can specify one or both of the boundaries separated by a space. Note Adding a validation rule to a field does not make it a required field.
The following procedure creates a simple form for entering a start date and a salary. It uses hidden fields to ensure that you enter data and that the data is in the right format. This example illustrates another concept that might seem surprising. You can use the same CFML page as both a form page and its action page.
Because the only action is to display the values of the two variables that you enter, the action is on the same page as the form. Using a single page for both the form and action provides the opportunity to illustrate the use of the IsDefined function to check that data exists. This way, the form does not show any results until you submit the input. To validate the data that users enter in the insert form: Create a new page in ColdFusion Studio.
Enter the following text: View the file in your browser, omit a field or enter invalid data, and click the Submit button. When the user submits the form, ColdFusion scans the form fields to find any validation rules you specified. The rules are then used to analyze the user's input.
If any of the input rules are violated, ColdFusion sends an error message to the user that explains the problem. The user then must go back to the form, correct the problem. ColdFusion does not accept form submission until the user enters the entire form correctly.
Reviewing the code The following table describes the code and its function: If there is no input, display the error information "You must enter a start date. If the input is not valid, display the error information "Enter a valid date as the start date. If there is no input, display the error information "You must enter a salary. If it is not valid, display the error information "The salary must be a number.
Make it exactly 16 characters wide. Make it exactly ten characters wide. They are not defined until you submit the form, so they do not appear on the initial form.
Use the DateFormat function to display the start date in the default date format. Use the DollarFormat function to display the salary with a dollar sign and commas. Checking query parameters with cfqueryparam You can use the cfqueryparam tag to validate SQL query parameters. The cfqueryparam tag validates the data as follows: If the value does not match the data type, the tag returns an error message. If the database driver does not support bind parameters, the tag just uses the parameter value in the query string.
The cfqueryparam tag can also validate parameter value length and its number of decimal places. Note The cfqueryparam tag allows you to specify SQL parameters in queries.
It improves performance, maintenance, and security of data queries by improving server-side caching for Oracle databases, supporting updating of long text fields from a SQL statement, and preventing a malicious user from attaching multiple SQL statements to a SQL statement substitution variable. The cfqueryparam tag can have any of several additional advantages, depending on the database system and Web server software that you are using: Some database management systems, including some Oracle releases, limit the size of query text fields to 4K bytes.
By using cfqueryparam you can overcome this limitation. Using cfqueryparam can speed database processing by using bind parameters. To see what happens when you use invalid data, substitute a text string such as "test" for the integer 12 in the cfset statement.
Note that this example uses the cfsnippets database that is provided with ColdFusion, not the CompanyInfo database used in most of this book.