[thelist] CF: No IsDefined()?
Frank
framar at interlog.com
Thu Sep 13 18:10:17 CDT 2001
><cfparam name="form.SubmitButton" default="">
><cfif FindNoCase("*******", form.SubmitButton)>
> .. whatever
></cfif>
> The added benefit is that you are now sure that the
> request came off a submittal AND you know that the
> button clicked had the correct "value".
I get by your explanation that the added benefits are the icing on the cake.
If I understand correctly, the idea is that by initializing the
variable, and then testing something specific against it, because we
know it exists, contributes to a more robust and secure app. The
reason why is that it might prevent someone from somehow mangling URL
or POST data, and that because we have to test for something more
than the existence, it adds to security. Is this correct?
--
Some are born great. Some achieve greatness.
Both are excellent contacts to keep in your Rolodex.
-- Bob Patterson.
Frank Marion Framar Studios
frank at framarstudios.com http://www.framarstudios.com
More information about the thelist
mailing list