Trying to find absolute string using REFind - coldfusion

We have list of reserved keyword that we don't want our clients to be able to use in out system. So we perform a search using REFind.
Here is the code:
<cfset reservedKeywords = "stop,end,quit,cancel,help,test">
<cfset foundArray = REFind("(?i)(" & ListChangeDelims(reservedKeywords, "|") & ")"
, form.keyword, 1, true)>
<cfif foundArray.pos[1] gt 0>
<cfoutput>
<script language="JavaScript">
alert('Keyword "#mid(form.keyword, foundArray.pos[1], foundArray.len[1])#" has been reserved.');
history.go(-1);
</script>
</cfoutput>
<cfabort>
</cfif>
So everything works great.... but we do run into a problem when a keyword is searched that has one of the reserved word IN the keyword. So if "Blended" is submitted, it will be flagged as having the reserved word "end".
Is there a way to perform an absolute search where it takes into account the whole keyword?
I've been trying to edit and play around with the code but just can't get it to work.
Any suggestions would be greatly appreciated.
Thank you!

Use listFindNoCase() instead of REFind().
The way you are currently checking is if one of the elements in the list matches form.keyword - which is why 'blended' gets tagged as 'reserved' when it shouldn't - however, you should be checking if form.keyword matches any items in the list - a subtle, but important, distinction.
reservedWords = "stop,end,quit,cancel,help,test";
reservedWordUsed = listFindNoCase( reservedWords, form.keyword );
if( reserveWordUsed ){
// do the JS stuff here
}

Related

Extract URL from SCRIPT portion of HTML Code with RegEx

I have one URL which is inside a <script> tag and I need to extract that URL:
Using ReMatchNoCase(), I can find the script and place it in an array.
<SCRIPT LANGUAGE="JavaScript" > //alert("a chance stuff"); document.location.href="https://mypage.cfm"; </SCRIPT>
To extract the URL, I am using the following code
<cfset ulink = reMatchNoCase("<SCRIPT.*?>.*?</SCRIPT>", data)>
<cfset link = Replacenocase(Replace(listLast(ulink[1],'='),'"','','ALL'),';</script>','','all')>
This works, but is there a cleaner way to do this?
Because ReFind/NoCase() is not designed to return the actual substring, this is about as simple as you're going to get.
<cfset data='<SCRIPT LANGUAGE="JavaScript" > //alert("a chance stuff"); document.location.href="https://mypage.cfm"; </SCRIPT>'>
<cfset ulink = reMatchNoCase("<SCRIPT.*?>.*?</SCRIPT>", data)>
<cfset link = Rematchnocase("http[^""']*",ulink[1])>
<cfoutput>#link[1]#</cfoutput>
Which is a little simpler than what you're doing. Alternatively you could use Mid(ulink[1]...) but with subexpressions from a ReFindNoCase(), but it is also no simpler.
The regular expression I use to match the URL is very generic, but it should easily do for the task. It simply captures everything until it finds a quote or apostrophe.
I did also think of this
<cfset data='<SCRIPT LANGUAGE="JavaScript" > //alert("a chance stuff"); document.location.href="https://mypage.cfm"; </SCRIPT>'>
<cfset ulink = rereplacenocase(data,"[\s\S]*?(<script.*?>[\s\S]*?(http[^""']*)[\s\S]*?</script>)[\s\S]*","\2","ALL")>
<cfoutput>#ulink#</cfoutput>
which is possibly better, but it is so much nastier to read and is less reliable for dealing with multiple <script> tags if that should arise.
Personally, I'd go with the first route. With RegEx, sometimes the "lazier" you try to be, the shakier the whole thing becomes. It's best to define the best pattern you can to attain your goal and in ColdFusion, I believe the first route is the best route.
You can do the following:
<cfset data = '<SCRIPT LANGUAGE="JavaScript" > //alert("a chance stuff"); document.location.href="https://mypage.cfm"; </SCRIPT>' />
<cfset start = REFindNoCase("<script[^>]*>", data) />
<cfset match = REMatchNoCase("https?://[^'""]*(?=.*</script>)(?!.*<script>)", mid(data, start, len(data) - start + 1)) />
In the second line I am finding the position of the <script> open tag (even though not absolutely necessary for this particular piece of data). In the 3rd line I find any URLs within the <script> tag. I use positive lookahead to make sure that there is a </script> end tag following, and negative lookahead to make sure there is not another <script> tag.

is there a way to add some spacing to cfmail type=text emails in Coldfusion when using variables only?

I'm a little in awe on how my first Cfmails are looking.
Problem is, I'm using variables for both text and content and I would still like to have some sort of spacing.
For example, if I have:
<cfprocessingdirective suppresswhitespace="No">
<cfmail
TO="#Local.User.email#"
FROM="..."
SERVER="..."
USERNAME="..."
PASSWORD="..."
WRAPTEXT="80"
SUBJECT="#tx_automailer_register_subject# - #Local.User.Comp#">
#tx_automailer_default_hello#
#tx_automailer_register_info#
#tx_automailer_register_iln#: #Local.User.iln#
#tx_firma#: #Local.User.firma#
#tx_ansprechpartner#: #Local.User.ansprechpartner#
#tx_adresse#: #Local.User.adresse#
#tx_plz#: #Local.User.plz#
#tx_ort#: #Local.User.ort#
...
The only place this looks nice is my cfc :-) In the mail itself everything is going bazooka.
Question:
Is there a way to space this? I have also tried to space according to length of variables, but this also does not really do any good and I'm not really keen on doing math for this...
Thanks for help!
The only option may be to post process the content. Build up the pretty content in a cfsavecontent, then run through cleanup function.
<cfprocessingdirective suppresswhitespace="No">
<cfsavecontent variable="message">
#tx_automailer_default_hello#
#tx_automailer_register_info#
#tx_automailer_register_iln#: #Local.User.iln#
#tx_firma#: #Local.User.firma#
#tx_ansprechpartner#: #Local.User.ansprechpartner#
#tx_adresse#: #Local.User.adresse#
#tx_plz#: #Local.User.plz#
#tx_ort#: #Local.User.ort#
</cfsavecontent>
<cfmail
TO="#Local.User.email#"
FROM="..."
SERVER="..."
USERNAME="..."
PASSWORD="..."
WRAPTEXT="80"
SUBJECT="#tx_automailer_register_subject# - #Local.User.Comp#"
>#cleanupTextMessage(message)#</cfmail>
<cffunction name="cleanupTextMessage" output="false">
<cfargument name="content" />
<!--- remove whitespace at beginning of each line --->
<cfset arguments.content = reReplace(arguments.content, "^\s+", "", "all") />
<!--- replace any multiple whitespace characters with one space --->
<cfset arguments.content = reReplace(arguments.content, "\s+", " ", "all") />
<cfreturn arguments.content />
</cffunction>
You might actually be able to nest the cfsavecontent inside cfmail, or create a custom tag that does savecontent and function actions.
Note: I was answering under the assumption the question was "how to make code look good without affecting the resulting text message". If you were trying to do something different with the resulting text output let me know.
You can use HTML To do it by adding the TYPE="html" to your cfmail attributes. Then put in a "pre" tag if you want that sysprint type look. as in
<pre>
#tx_automailer_default_hello#
#tx_automailer_register_info#
....
</pre>
Or you could add a table as in:
<table
<tr>
<td>#tx_automailer_default_hello#</td>
</tr>
<tr><td>
#tx_automailer_register_info#
</td>
If you want to stick with plain text you need to make sure you have tabs/spaces counted correctly and that none of your lines is longer than 80 chars (or they will wrap..without a beat too).
If you're set on plaintext email and are confident that the recipient will be using a fixed-width font, you can use lJustify() to align your text and pad with spaces.
Left justifies characters in a string of a specified length.
#lJustify(tx_automailer_register_iln & ":",32)# #lJustify(Local.User.iln,25)#
#lJustify(tx_firma & ":",32)# #lJustify(Local.User.firma,25)#
#lJustify(tx_ansprechpartner & ":",32)# #lJustify(Local.User.ansprechpartner,25)#
#lJustify(tx_adresse & ":",32)# #lJustify(Local.User.adresse,25)#
#lJustify(tx_plz & ":",32)# #lJustify(Local.User.plz,25)#
#lJustify(tx_ort & ":",32)# #lJustify(Local.User.ort,25)#

How to determine if a full name has a space in it?

I have a field that a user can input first and last name to fill out my form. Sometimes, users put on their first name and that results in empty fields in my database. PLEASE keep in mind that I cannot change this method completely because this form is part of a bigger project and it is being used by other websites of my company.
This is the part of the code that i need the validation around it. I already have a validation that ensures that the filed is not empty but I need on more to ensure that the field has two items in it separated by space.
<input name="fullname" class="fullname" type="text" value="#fullname#" maxlength="150"/>
<cfif fullname eq '' and check2 eq 'check2'>
<br /><span style="color:red">*you must enter your full name</span></cfif>
The check2 eq 'check2' is checking if the form was submitted already to ensure a user submitting their data twice.
I thought of using regular expressions to do that but unfortunately I am not very familiar with how to use regx in CF9 and the documentation online through me off a bit.
I was also thinking to use "Find" or "FindOneOF", any thoughts on that?
Also, I am trying to avoid using JQ,JS etc, so please try to keep your suggestions based on CF code IF possible.
Any help or different suggestions on how to tackle this issue will be very appreciated.
No regex is needed for this. A slightly simpler solution:
<cfset form.fullname = "Dave " />
<cfif listLen(form.fullname," ") GT 1> <!--- space-delimited list, no need for trimming or anything --->
<!--- name has more than one 'piece' -- is good --->
<cfelse>
<!--- name has only one 'piece' -- bad --->
</cfif>
You could do something like this for server side validation:
<cfscript>
TheString = "ronger ddd";
TheString = trim(TheString); // get rid of beginning and ending spaces
SpaceAt = reFind(" ", TheString); // find the index of a space
// no space found -- one word
if (SpaceAt == 0) {
FullNameHasSpace = false;
// at least one space was found -- more than one word
} else {
FullNameHasSpace = true;
}
</cfscript>
<cfoutput>
<input type="input" value="#TheString#">
<cfif FullNameHasSpace eq true>
<p>found space at position #SpaceAt#</p>
<p>Your data is good.</p>
<cfelse>
<p>Did not find a space.</p>
<p>Your data is bad.</p>
</cfif>
</cfoutput>

ColdFusion: do i need to use structKeyExists for every element of a deep struct?

Let's say i've just parsed someone else's XML document which is a response to an API request. I want to know if a value nested deep inside exists. If my API request worked, it will be in the same place every time. If my API request fails, the root of the XML is very different.
If I try <cfif structKeyExists(myStruct.level1.level2.level3, 'myTarget')> on a failed api request, I get the fatal error: Element LEVEL1.LEVEL2 is undefined in MYSTRUCT.
Of course, I could try to depend on the root level of the XML telling me of success or failure, and not looking for the result if it failed, but... barring that solution, what should i do?
Do i need to check for the existence of each level of the struct? As in:
<cfif structKeyExists(myStruct, 'level1')
and structKeyExists(myStruct.level1, 'level2')
and structKeyExists(myStruct.level1.level2, 'level3')
and structKeyExists(myStruct.level1.level2.level3, 'myTarget')>
<!--- ... --->
</cfif>
This is not a real-world problem, this is just something i've faced too many times. Please don't tell me solutions that involve changing the API or solutions like those in the third paragraph.
Thanks!
edit: i should have mentioned why i can't use isDefined() - some of the keys do not have syntactically valid names, so isDefined() throws an error, eg myStruct.level1[42].level3
XMLSearch
I would use the parsed XML document (i.e. xmlDoc) and XMLSearch:
<cfset xmlDoc = xmlParse(responseData)>
<cfset nodes = XmlSearch(xmlDoc, '/level1/level2/level3/myTarget')>
<cfif arrayLen(nodes)>
<!--- do something, you have the "nodes" array to work with too --->
</cfif>
xpath for XMLSearch() assumes the structure keys are nodes. You would need to modify accordingly if, for instance, 'myTarget' is an attribute of a node.
StructFindKey
Another way of doing this would be StructFindKey.
<cfset result = structFindKey(myStruct, "myTarget")>
<cfif arrayLen(result) AND result.path EQ "level1.level2.level3">
<!--- do something --->
</cfif>
Conclusion
Haven't tested, but I believe either will be faster than using IsDefined() or a try-catch block. Has the advantage over XMLValidate() of not needing a DTD. And, even with a DTD, the node you want may be defined as optional, so it could still validate.
You could validate the XML against a DTD to make sure the document was in the right format. XmlParse() and XmlValidate() both take a DTD as a parameter.
<cfset validateResult = XmlValidate(myXmlDocument, myDTD)>
<cfif validateResult.status>
<!--- xml is valid continue processing --->
<cfelse>
<!--- xml did not validate handle the error --->
</cfif>
Personally I wouldn't go crazy checking for every level of a 'deep' structure like this. I would presume that if the top level exists the rest of the document will be as you expect, and I'd just address the document from there.
If you wanted you could perhaps try to address the value in your struct and wrap it in a try/catch. That way you can handle any errors at any 'level' in the same way.
<cftry>
<cfset myVar = myStruct.level1.level2.level3 />
<cfcatch type="any">
<!--- Handle error --->
</cfcatch>
</cftry>
Hope that helps some.
I know I'm going to get booed off the stage here, but this is where isDefined() can save you a lot of typing:
<cfif isDefined(structKeyExists(myStruct.level1.level2.level3)>
<!--- do something --->
</cfif>
I know this is a year old, but I'm going to put in an answer here. I struggled for a good long time with this one, till I found a simple solution. If I know the structure of the XML already, a simple IsDefined works to test if the node or node attribute exists. I don't think most people know you can do this, or have tried and failed because they didn't include single quotes in the IsDefined function.
So say I grab some user xml from a web service somewhere and want to display the user's ID.
<cfhttp url="https://mycompany.com/mywebservices/getusers" username="me" password="mysecret">
<cfset userXMLDoc = XMLParse(ToString(cfhttp.FileContent).trim())>
<cfif IsDefined('userXMLDoc.Data.Record.User.XmlAttributes.id')>
<cfdump var="#userXMLDoc.Data.Record.User.XmlAttributes.id#">
<cfelse>
<cfoutput>Failed: No User ID found</cfoutput>
</cfif>

ColdFusion, Setting a POST variable

Im editing my first ColdFusion script .... I have a form which has <input type="hidden" name="name" value="1">.
On the processing page i want to take that value and set it as a POST variable so i can send it onto another page.
I know how to do it in PHP, like so
$_POST['somename'] = $_POST['name']
How would i do that in CF?
Following the idiom in your php code, you can do something like this:
<cfset form['somename'] = form['name']>
...or, if in cfscript:
form['somename'] = form['name'];
If you're concerned about the existence of the variable, you can precede the assignment with <cfparam>:
<cfparam name="form.name" default=""><!--- assuming blank ok as default --->
<cfset form['somename'] = form['name']>
...or in script:
param name='form.name' default='';
form['somename'] = form['name'];
Of course you can also wrap the assignment in a conditional:
if( structkeyexists(form,'name') ){
form.somename = form.name; // dot notation alternative to bracket syntax
}
This all begs the question of what exactly you're trying to achieve with this approach.
The ColdFusion syntax is similar. "Post" variables are available in the system structure FORM, and "Get" variables in the system structure URL. Like in PHP, values can be accessed using associative array notation. You can also use dot notation (for valid field names)
<cfset otherVariable = FORM["variableName"] >
<cfset otherVariable = FORM.variableName >
i want to take that value and set it
as a POST variable so i can send it
onto another page.
I am not quite sure what you mean there. Typically, you do not need to reassign FORM or URL values. You simply reference the variable in your code.
<cfoutput>
Go To Other Page
</cfoutput>
You can try this by checking if the post variable is set and then storing it with scope of FORM.
<cfif isdefined ("FORM.name")>
<cfset FORM.somename="#FORM.name#">
</cfif>