You should move your check into the WHERE clause of the query (WHERE orgname =
'#orgname#' or orglongname ='#orgname#') and change the listfindnocase
condition to checkname.recordcount GT 0. There is no need to return the entire
record set and then convert it to a list. Get rid is the orgnamelist variable
all together. That is a waste of resources.
To be on the safe side you should also use cfqueryparam to wrap the variables
in your SQL statement to prevent SQL injection attacks.
Brian Cain
On Feb 12, 2013, at 7:25 PM, Bruce Sorge <sor...@gmail.com> wrote:
>
> Hey all,
> I have an app that is running great. User enters a code into a form field,
> and it checks the db to see if it's valid. If not they can't move on. Problem
> is that now the customer wants to be able to enter either the 2-5 character
> code OR the long name. For instance, you could enter AS or Adaptive Sports. I
> am not sure how to add this functionality into this code below as I did not
> write the query, I found it on-line and modified it for my site.
>
> JQuery:
>
> <script src="js/jquery.js" type="text/javascript"></script>
> <script type="text/javascript">
> pic1 = new Image(16, 16);
> pic1.src = "images/loader.gif";
>
> $(document).ready(function(){
>
> $("#orgname").change(function() {
>
> var usr = $("#orgname").val();
>
> if(usr.length >= 2)
> {
> $("#status").html('<img align="absmiddle" src="images/loader.gif" /> Checking
> Code...');
>
> $.ajax({
> type: "POST",
> url: "checkcode.cfm",
> data: "orgname="+ usr,
> success: function(msg){
>
> $("#status").ajaxComplete(function(event, request, settings){
>
> if(msg == 'OK')
> {
> $("#orgname").removeClass('object_error'); // if necessary
> $("#orgname").addClass("object_ok");
>
> $(this).html(' <img align="absmiddle" src="images/accepted.png" /> ');
> }
> else
> {
> $("#orgname").removeClass('object_ok'); // if necessary
> $("#orgname").addClass("object_error");
> $(this).html(msg);
>
>
> }});}});}
> else
> {
> $("#status").html('The Code should have at least 2 characters.');
> $("#orgname").removeClass('object_ok'); // if necessary
> $("#orgname").addClass("object_error");
> }});});
>
> //-->
>
> </script>
>
> Here is the check code.cfm page:
>
> <cfsetting showdebugoutput=false>
> <!--- Set the orgname to blank first --->
> <cfparam name="orgname" default="">
>
> <!--- Query the organizations table for all of the org names --->
> <cfquery name="checkName" datasource="#request.dataSource#">
> SELECT orgname, orglongname
> FROM organizations
> </cfquery>
>
> <!--- put the names into a list --->
> <cfset orgnamelist = valueList(checkname.orgname, ",")>
>
> <!--- Check the list against the name entered. If there is a match, then code
> is valid, otherwise conde is invalid --->
> <cfif listFindNoCase(orgnamelist, orgname)>
> <cfset available = '<span style="color: Green;">Code is valid.</span>'>
> <cfelse>
> <cfset available = '<span style="color: red;">The Code <b> #orgname#</b> is
> an invalid code. <br />Please re-enter your code.</span>'>
> </cfif>
> <cfoutput>#available#</cfoutput>
>
> Hopefully someone can help. The client put out a huge email blast today and
> then as an afterthought wanted the added functionality since someone already
> tried to enter the long name rather than the code as instructed.
>
> Thanks,
>
> Bruce
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:354489
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
