Derrick Rapley Maryland CFUG October 8, 2002.

Slides:



Advertisements
Similar presentations
Tutorial 6 Creating a Web Form
Advertisements

Chapter 31 Basic Form-Processing Techniques JavaServer Pages By Xue Bai.
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
Maintenance Modifying the data –Add records –Delete records –Update records Modifying the design –Add fields into tables –Remove fields from a table –Change.
Server-Side vs. Client-Side Scripting Languages
Lecture-5 Though SQL is the natural language of the DBA, it suffers from various inherent disadvantages, when used as a conventional programming language.
DT211/3 Internet Application Development JSP: Processing User input.
Fast Track to ColdFusion 9. Getting Started with ColdFusion Understanding Dynamic Web Pages ColdFusion Benchmark Introducing the ColdFusion Language Introducing.
Forms for the Web Tom Muck Introduction Forms are a way to pass name/value pairs to the serverForms are a way to pass name/value pairs.
Form Handling, Validation and Functions. Form Handling Forms are a graphical user interfaces (GUIs) that enables the interaction between users and servers.
1 Forms for the Web Tom Muck
Microsoft Office 2003: Advanced 1 ADVANCED MICROSOFT ACCESS Lesson 7 – Modifying Table Design.
8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.
JavaScript Form Validation
Lecture Note 3: ASP Syntax.  ASP Syntax  ASP Syntax ASP Code is Browser-Independent. You cannot view the ASP source code by selecting "View source"
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.
Form Validation-Client and Server Verifying your visitors form submissions Jon Brundage  CF developer/Section 508/web accessibility 
.NET Validation Controls MacDonald Ch. 8 MIS 324 MIS 324 Professor Sandvig Professor Sandvig.
Validation Controls. Validation Server Controls These are a special type of Web server control. They significantly reduce some of the work involved in.
© 2008 The McGraw-Hill Companies, Inc. All rights reserved. ACCESS 2007 M I C R O S O F T ® THE PROFESSIONAL APPROACH S E R I E S Lesson 4 – Creating New.
CSCI 6962: Server-side Design and Programming JDBC Database Programming.
The Art of Debugging Shlomy Gantz 02/13/01MDCFUG.
WaveMaker Visual AJAX Studio 4.0 Training Advanced Editor properties and Events.
(CPSC620) Sanjay Tibile Vinay Deore. Agenda  Database and SQL  What is SQL Injection?  Types  Example of attack  Prevention  References.
CSCI 6962: Server-side Design and Programming Validation Tools in Java Server Faces.
Advanced Web Forms with Databases Programming Right from the Start with Visual Basic.NET 1/e 13.
League Tracking System LTS09 Simply the easiest way to organize and track your league!
 Maintains the Instrument Database  Generates the Calibration Schedules  Maintains Calibration Records  Provides Facility to enter All types of.
Robinson_CIS_285_2005 HTML FORMS CIS 285 Winter_2005 Instructor: Mary Robinson.
Chapter 7 Advanced SQL Database Systems: Design, Implementation, and Management, Sixth Edition, Rob and Coronel.
CEN Software V&V Spring 2002 Testing Application Forms © , Dr. E.L. Jones.
Multi-Part Requests/ Parent & Child Service Items.
Chapter 8 Cookies And Security JavaScript, Third Edition.
CMPS 211 JavaScript Topic 1 JavaScript Syntax. 2Outline Goals and Objectives Goals and Objectives Chapter Headlines Chapter Headlines Introduction Introduction.
Creating Dynamic Web Pages Using PHP and MySQL CS 320.
Web Scripting [PHP] CIS166AE Wednesdays 6:00pm – 9:50pm Rob Loy.
PowerBuilder Online Courses - by Prasad Bodepudi
Extending HTML CPSC 120 Principles of Computer Science April 9, 2012.
Improving Database Performance Derrick Rapley
Application.cfm tips and Tricks Michael Smith President TeraTech, Inc ColdFusion, database & VB custom development and training.
SQL INJECTIONS Presented By: Eloy Viteri. What is SQL Injection An SQL injection attack is executed when a web page allows users to enter text into a.
Sumanth M Ganesh B CPSC 620.  SQL Injection attacks allow a malicious individual to execute arbitrary SQL code on your server  The attack could involve.
8 1 Chapter 8 Advanced SQL Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.
By Sean Rose and Erik Hazzard.  SQL Injection is a technique that exploits security weaknesses of the database layer of an application in order to gain.
JSTL The JavaServer Pages Standard Tag Library (JSTL) is a collection of useful JSP tags which encapsulates core functionality common to many JSP applications.
HTML Forms. Slide 2 Forms (Introduction) The purpose of input forms Organizing forms with a and Using different element types to get user input A brief.
CSCI 6962: Server-side Design and Programming JSF DataTables and Shopping Carts.
PHP Error Handling & Reporting. Error Handling Never allow a default error message or error number returned by the mysql_error() and mysql_errno() functions.
Using Derrick Rapley Maryland CFUG January 8, 2002.
AS Level ICT Data entry: Creating validation checks.
©SoftMooreSlide 1 Introduction to HTML: Forms ©SoftMooreSlide 2 Forms Forms provide a simple mechanism for collecting user data and submitting it to.
8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.
ASP-2-1 SERVER AND CLIENT SIDE SCRITPING Colorado Technical University IT420 Tim Peterson.
Learning OmniServer Webinar Series Webinar #2: OmniServer: Understanding Protocols Presenter: Kevin Rutherford.
Stored Procedures / Session 4/ 1 of 41 Session 4 Module 7: Introducing stored procedures Module 8: More about stored procedures.
Text INTRODUCTION TO ASP.NET. InterComm Campaign Guidelines CONFIDENTIAL Simply Server side language Simplified page development model Modular, well-factored,
Reports Oracle Subledger Accounting. Objectives After completing this lesson, you should be able to: Generate Subledger Accounting reports using Oracle.
Error Handling Michael Smith President TeraTech, Inc ColdFusion, Database & VB custom development
Unit 4 Working with data. Form Element HTML forms are used to pass data to a server. A form can contain input elements like text fields, checkboxes, radio-buttons,
Cool CF Debugging Shlomy Gantz 07/29/01CF_ODYSSEY.
DAY 20: ACCESS CHAPTERS 5, 6, 7 Larry Reaves October 28,
PHP Training at GoLogica in Bangalore
Web Programming– UFCFB Lecture 17
MIS Professor Sandvig MIS 324 Professor Sandvig
Displaying Form Validation Info
ISC440: Web Programming 2 Server-side Scripting PHP 3
For Loops October 12, 2017.
JavaScript Form Validation
Presentation transcript:

Derrick Rapley Maryland CFUG October 8, 2002

Agenda What is cf_datavalidate? Why use server-side validation? How to use cf_datavalidate Syntax Displaying Error Messages Using Custom Validation

What is cf_datavalidate? cf_datavalidate is a custom tag that performs server-side data validation Requires use of child tag cf_dataValidateItem Easy to use Minimizes the amount of code needed to perform validation Keeps track of error messages Handle custom validation

Why use server-side validation? To prevent potential malicious attacks To prevent bad data from being entered into the database Client side validation is useless when JavaScript is turned off. (including CFFORM)

cf_datavalidate cf_datavalidate is the parent tag Must have end tag Requires two parameters 1. OUTPUT (required) – the variable you want the error messages stored in 2. TYPE (optional) – the type of variable for OUTPUT, QUERY or STRUCTURE (default is QUERY)

cf_dataValidateItem Must be encapsulated by cf_datavalidate Parameters vary upon the TYPE of validation TYPE and MESSAGE are required for all Types

cf_dataValidateItem - Types Required Numeric SimpleValue LenLT LenGT Range Compare Space Repex 3of4 Date DateCompare DateRange DateGT DateLT

Displaying Errors Depends on the specified TYPE in the parent tag cf_datavalidate 2 ways to display the error messages 1. Query – loop through the query of messages 2. Structure – Re-display the form and show the error message associated with each field (a little more advanced and requires some form manipulation)

Displaying Errors - Query The error messages are placed in a query that you can loop through #qryErrors.message# <cfabort

Displaying Errors - Structure Requires form manipulation Form needs to be included in the template that does the validation The parameter FORMFIELD is required in the child tag

Including Custom Validation Include the custom scenario inside cf_datavalidate

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.