[thelist] CF: No IsDefined()?

Frank framar at interlog.com
Thu Sep 13 18:10:17 CDT 2001


><cfparam name="form.SubmitButton" default="">

><cfif FindNoCase("*******", form.SubmitButton)>
>   .. whatever
></cfif>

>  The added benefit is that you are now sure that the
>  request came off a submittal AND you know that the
>  button clicked had the correct "value".


I get by your explanation that the added benefits are the icing on the cake.

  If I understand correctly, the idea is that by initializing the 
variable, and then testing something specific against it, because we 
know it exists, contributes to a more robust and secure app. The 
reason why is that it might prevent someone from somehow mangling URL 
or POST data, and that because we have to test for something more 
than the existence, it adds to security. Is this correct?
-- 


Some are born great. Some achieve greatness.
Both are excellent contacts to keep in your Rolodex.
                                   -- Bob Patterson.

Frank Marion                      Framar Studios
frank at framarstudios.com           http://www.framarstudios.com




More information about the thelist mailing list