Different validation techniques apply to different ColdFusion tags or coding environments; for example, you can use masking only in HTML and Flash format cfinput tags. Validation techniques also vary in where and when they execute; for example, on the client browser when the user submits form data, or on the server when processing data.
The following table describes the ColdFusion validation techniques:
Validation technique |
Applies to |
Where and when performed |
Description |
---|---|---|---|
mask (mask attribute) |
HTML and Flash format cfinput tags |
On the client as the user enters data |
ColdFusion generates JavaScript or ActionScript to directly control the data a user enters by specifying a pattern. For example, 999-999-9999 requires a user to enter ten digits, and automatically fills in the dash (-) separators to create a formatted telephone number. For detailed information on using masks, see Handling invalid data. |
onBlur (validateat="onBlur" attribute) |
cfinput and cftextarea tags |
On the client when the data field loses focus |
In HTML and XML format, ColdFusion generates JavaScript that runs on the browser to check whether entered data is valid and provide immediate feedback, if the entry is invalid. In Flash format, uses Flash built-in validation routines. |
onSubmit (validateat="onSubmit" attribute) |
cfinput and cftextarea tags |
On the client when the user clicks Submit |
In HTML or XML format, the validation logic is identical to onBlur validation, but the test is not done until the user submits the form. In Flash format, this validation type is identical to onBlur Validation. Flash checks do not differentiate between the two events for validation. |
onServer (validateat="onServer" attribute) |
cfinput and cftextarea tags |
On the server when ColdFusion gets the submitted form |
ColdFusion checks submitted data for validity and runs a validation error page if the data is not valid. You can use the cferror tag to specify the validation error page. |
hidden field |
All Forms, including HTML-only forms |
On the server when ColdFusion gets the submitted form |
ColdFusion uses the same validation logic as with onServer validation, but you must create additional, hidden, fields and you can use this technique with HTML tags or CFML tags. For detailed information on using hidden fields, see Validating form data using hidden fields.. |
JavaScript (onValidate =" |
cfgrid, cfinput, cfslider, cftextarea, and cftree tags in HTML and XML format forms |
On the client, when the user clicks Submit, before field-specific onSubmit validation |
ColdFusion includes the specified JavaScript function in the HTML page it sends to the browser, and the browser calls it. For detailed information on using JavaScript for validation, see Validating form input and handling errors with JavaScript.. |
IsValid function |
ColdFusion variables |
On the server, when the function executes |
ColdFusion tests the variable to determine whether it follows a specified validation rule and the function returns true or false. For more information on using the IsValid function for validation, see Validating data with the IsValid function and the cfparam tag. |
cfparam tag |
ColdFusion variables |
On the server, when the tag executes |
ColdFusion checks the specified variable. If the value does not meet the validation criteria, ColdFusion generates an expression exception. For more information on using the cfparam tag for validation, see, Validating data with the IsValid function and the cfparam tag. |
cfargument tag |
UDF and CFC function arguments |
On the server, when a function is called or invoked |
ColdFusion checks the argument value when it is passed to the function. If the value does not meet the validation criteria, ColdFusion generates an application exception. For more information on using the cfargument tag, see Writing and Calling User-Defined Functions. |