[thelist] CF -- scrubbing special characters

Joshua Olson joshua at waetech.com
Mon Sep 9 16:15:00 CDT 2002


----- Original Message -----
From: "rudy" <r937 at interlog.com>
Subject: [thelist] CF -- scrubbing special characters


> i've tried searching the archives but got nowhere fast
>
> wasn't there a thread recently about how to replace special characters in
a
> form field using coldfusion?

Rudy,

I use a CustomTag for this sort of thing:

<cfsilent>

<cfif thistag.ExecutionMode IS "End">
  <cfif Len(Trim(thistag.GeneratedContent))>
    <cfparam name="attributes.maxlength" default="0">
    <cfparam name="request.bad_chars" default="">
    <cfparam name="request.good_chars" default="">
    <cfif NOT Len(request.bad_chars)>
    <cfloop index="i" from="127" to="255">
      <cfset request.bad_chars = ListAppend(request.bad_chars, Chr(i))>
      <cfset request.good_chars = ListAppend(request.good_chars, "&##" &
NumberFormat(i, '0000') & ";")>
    </cfloop>
    </cfif>
    <cfif Val(attributes.maxlength)>
      <cfset thistag.GeneratedContent = Left(thistag.GeneratedContent,
Val(attributes.maxlength))>
    </cfif>
    <cfset thistag.GeneratedContent =
"'#Trim(ReplaceList(thistag.GeneratedContent, request.bad_chars,
request.good_chars))#'">
  <cfelse>
    <cfset thistag.GeneratedContent = "NULL">
  </cfif>
</cfif>
</cfsilent>

I typically use it in queries, such as:

INSERT INTO myTable
(value1, value2)
VALUES
(<cf_qs>#form.field1#</cf_qs>, <cf_qs maxlength="100">#form.field2#</cf_qs>)

Perhaps this could be changed to accommodate your friends code.

-joshua




More information about the thelist mailing list