Hello all,
I'm trying to screen out "bad stuff" sent to my scripts in the form fields and
I know there has to be a better way to do it than this:
<cfif lcase(form.First_Name) CONTAINS 'http'
OR lcase(form.First_Name) CONTAINS 'script'
OR lcase(form.First_Name) CONTAINS 'img'
OR lcase(form.Last_Name) CONTAINS 'http'
OR lcase(form.Last_Name) CONTAINS 'script'
OR lcase(form.Last_Name) CONTAINS 'img'
OR lcase(form.email) CONTAINS 'http'
OR lcase(form.email) CONTAINS 'script'
OR lcase(form.email) CONTAINS 'img'
OR lcase(form.comments) CONTAINS 'http'
OR lcase(form.comments) CONTAINS 'script'
OR lcase(form.comments) CONTAINS 'img'>
(do not process)
<cfelse>
(process)
</cfif>
There must be an easier way to check multiple fields to see if they contain any
of a list of character strings. I've looked through the LIST functions and
they seem to do the opposite (look whether a string is contained in a list).
Any suggestions?
thanks much,
Julie
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to
date
Get the Free Trial
http://ad.doubleclick.net/clk;203748912;27390454;j
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:312431
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
