You might also want to prepare any text for SQL inserting if that's the final
destination for the form data. I have a UDF that does that for me. I'm sure
it's not the best method, but it prevents data from having ' or even " which
can mess up input type=text form fields later. It was written a very long time
ago, and now that I think about it it should probably be a rereplace and
include other characters.
function formIn(string) {
if (len(trim(string))) return
trim(replace(replace(string,'"',""","all"),"'","''","all")); else return "
";
}
Mik
At 08:20 AM 3/6/2007, Will Tomlinson wrote:
>I noticed I forgot to put my trim()'s in my form inputs for an admin area, and
>dreaded coding them all in. Cause there's lotsa forms.
>
>So I did this up and it seems to work well:
>
><!--- Output dirty fields --->
> <cfloop list="#FORM.fieldnames#" index="thisfield">
> <cfoutput>#FORM[thisfield]#</cfoutput><br />
> </cfloop>
> <!--- Clean all formfields --->
> <cfloop list="#FORM.fieldnames#" index="thisfield">
> <cfset FORM[thisfield] = Trim(FORM[thisfield])>
> </cfloop>
> <!--- Output clean fields --->
> <cfloop list="#FORM.fieldnames#" index="thisfield">
> <cfoutput>#FORM[thisfield]#</cfoutput><br />
> </cfloop>
> <cfabort>
>
>I can run that right before my inserts, and bingo, done! I guess you could
>turn it into a cfc, send in the form, send it back out cleaned, maybe do more
>types of cleaning than just trim().
>
>Anyway, thought I'd share. It seems quite a bit easier than coding in the
>trim()s. I've tried to think of some gotchas and none come to mind.
>
>Will
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Macromedia ColdFusion MX7
Upgrade to MX7 & experience time-saving features, more productivity.
http://www.adobe.com/products/coldfusion
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:271709
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
