Mary,
I think val() is what you are looking for. If it is a not a number it
just returns 0.
-J.J.
On Wed, Apr 18, 2012 at 1:58 PM, Mary Jo Sminkey <mary...@cfwebstore.com> wrote:
>
> I'm curious if anyone has run into this and has a better solution.
>
> I have a site with a variety of search fields. One of these fields allows for
> a search string...if string value, it searches matching description/text
> fields. If an integer, it matches the primary key value. Pretty
> straightforward. The problem is that I haven't found a really reliable way in
> CF to make sure that the integer is indeed a DB-safe integer, so hack
> attempts constantly cause errors to get thrown. isNumeric() lets way too much
> stuff through. So I switched to isValid("integer") which did a little better.
> But it seems to still allow stuff like commas and even currency symbols,
> passing them through as a valid integer. LSParseNumber will fix the commas,
> but it throws errors for the currency symbol. So I've had to resort to using
> a RegEx to strip out any non-numeric stuff. Does this seem odd to anyone
> else? I would think there would be some way these functions would work to
> prevent passing invalid data to a cfsqlparam with type cf_sql_integer but I
> couldn't find a way that didn't allow something illegal through.
>
> FYI, I believe this is a CF8 server, so maybe this kind of issue has been
> corrected?
>
> Mary Jo
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:350779
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
