Mary, I think val() is what you are looking for. If it is a not a number it just returns 0.
-J.J. On Wed, Apr 18, 2012 at 1:58 PM, Mary Jo Sminkey <mary...@cfwebstore.com> wrote: > > I'm curious if anyone has run into this and has a better solution. > > I have a site with a variety of search fields. One of these fields allows for > a search string...if string value, it searches matching description/text > fields. If an integer, it matches the primary key value. Pretty > straightforward. The problem is that I haven't found a really reliable way in > CF to make sure that the integer is indeed a DB-safe integer, so hack > attempts constantly cause errors to get thrown. isNumeric() lets way too much > stuff through. So I switched to isValid("integer") which did a little better. > But it seems to still allow stuff like commas and even currency symbols, > passing them through as a valid integer. LSParseNumber will fix the commas, > but it throws errors for the currency symbol. So I've had to resort to using > a RegEx to strip out any non-numeric stuff. Does this seem odd to anyone > else? I would think there would be some way these functions would work to > prevent passing invalid data to a cfsqlparam with type cf_sql_integer but I > couldn't find a way that didn't allow something illegal through. > > FYI, I believe this is a CF8 server, so maybe this kind of issue has been > corrected? > > Mary Jo > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:350779 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm