You might also want to prepare any text for SQL inserting if that's the final destination for the form data. I have a UDF that does that for me. I'm sure it's not the best method, but it prevents data from having ' or even " which can mess up input type=text form fields later. It was written a very long time ago, and now that I think about it it should probably be a rereplace and include other characters.
function formIn(string) { if (len(trim(string))) return trim(replace(replace(string,'"',""","all"),"'","''","all")); else return " "; } Mik At 08:20 AM 3/6/2007, Will Tomlinson wrote: >I noticed I forgot to put my trim()'s in my form inputs for an admin area, and >dreaded coding them all in. Cause there's lotsa forms. > >So I did this up and it seems to work well: > ><!--- Output dirty fields ---> > <cfloop list="#FORM.fieldnames#" index="thisfield"> > <cfoutput>#FORM[thisfield]#</cfoutput><br /> > </cfloop> > <!--- Clean all formfields ---> > <cfloop list="#FORM.fieldnames#" index="thisfield"> > <cfset FORM[thisfield] = Trim(FORM[thisfield])> > </cfloop> > <!--- Output clean fields ---> > <cfloop list="#FORM.fieldnames#" index="thisfield"> > <cfoutput>#FORM[thisfield]#</cfoutput><br /> > </cfloop> > <cfabort> > >I can run that right before my inserts, and bingo, done! I guess you could >turn it into a cfc, send in the form, send it back out cleaned, maybe do more >types of cleaning than just trim(). > >Anyway, thought I'd share. It seems quite a bit easier than coding in the >trim()s. I've tried to think of some gotchas and none come to mind. > >Will > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:271709 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4