Email field validation in Coldfusion - forms

I'm a very new to Coldfusion scripting. I need to validate an Email field on a form, so that the Email field accepts "...#waldorf.edu" email address from prospective applicants ONLY. All other email addresses should be an error. I have this code right now, but it doesn't validate the domain unfortunately.
<tr bgcolor="##ffffff">
<td valign="top" class="style13"><strong>Email</strong><br />
<font size="2">(Must be Waldorf faculty member. <strong>Use "waldorf.edu" email address only.)</strong></font></td>
<td valign="top"><font color="##FF0000">*</font>
<cfinput type="text" Name="email" Message="Please input a valid Waldorf Email Address, ex.: you#waldorf.edu." validate="email" required="yes" value="#appinfo.email#" size="40"> </td>
</tr>
Thank you for your help!
Controller:
<cfcomponent name="fellowsapp" output="false">
<cfscript>
function init(fw) { variables.fw = fw; }
</cfscript>
<cffunction name="validate" access="public" returntype="array" output="false">
<cfargument name="rc" type="struct" />
<cfargument name="form" type="struct" />
<cfset var errors = arrayNew(1) />
<cfset var thisError = structNew() />
<!--- Email --->
<cfif form.Email eq ''>
<cfset thisError.field = "Email" />
<cfset thisError.type = "error" />
<cfset thisError.message = "Email is required" />
<cfset arrayAppend(errors,duplicate(thisError)) />
</cfif>

If the requirement is to only allow #waldorf.edu email addresses, simply take away the option for the user to enter that part of the address. Make it obvious to the user. Something like this:
<cfinput name="email"
required="yes"
message = "Please enter an email address"
>#waldorf.edu
If you want to enhance this on the form page, you can add some javascript that strips away the #character and everything after it.
In your controller, use a regular expression to ensure that the submitted value contains only characters that are valid for #waldorf.edu email addresses.

Related

Recaptcha replaces Formmail's "email" (From) field with my server address. Without Recaptcha, From field works fine. Why?

I've been using Tectite Formmail.php for many years. Finally added Recaptcha ver 2 (Invisible mode). It works okay, except that it messes with the derive_fields email string. Without Captcha, the results email's From field properly contains the name and email address of the person who filled out my form, that is a value derived from "realname" and "email".
e.g., Ralph Waldo <rwaldoexample#gmail.com
When I enable ReCaptcha, the results email's From field undesirably shows my hosting account username and server address:
e.g., *username#1a2b3c45.prod.phx1.example.net
If I revert the form to a standard tag and disable Recaptcha (by nulling the $REQUIRE_CAPTCHA and $RECAPTCHA_PRIVATE_KEY values as in code shown below), I get the desired From contents as I used to. This behavior is the same for Formmail v 9.15 and 9.19.
If this is standard procedure for Recaptcha, it seems undocumented. If not, what's the fix?
SNIPPETS, PER REQUEST:
In web page header:
<!-- CAPTCHA Ver2 Invisible -->
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<script>
function onSubmit(token) {
document.getElementById("Contact_Form").submit();
}
</script>
<!-- end CAPTCHA -->
In web page HTML
<form id="Contact_Form" action="https://www.example.com/formmail.php" method="post" name="Formtype 1">
<input name="good_url" value="https://www.example.com/tnxpg.html" type="hidden" />
<INPUT NAME="subject" TYPE="hidden" VALUE="~~FORM RECEIVED - Main mail form">
<!-- OTHER INFO TO APPEAR IN EMAIL -->
<input type="hidden" name="form_version" value="Visitor used Main Form">
<input type="hidden" name="mail_options" value="FromAddr=formmssg1#example.com" />
<!-- DON'T CHANGE THE FOLLOWING ... EXCEPT put actual field names after equals signs. -->
<!-- this derives (creates) "email" and "realname" special fields from the input fields -->
<input type="hidden" name="derive_fields" value="email=EmailAddr,realname=FullName" />
<!-- DON'T CHANGE THE FOLLOWING! -->
<!-- this excludes the "email" and "realname" special fields from the body of the email you receive -->
<input type="hidden" name="mail_options" value="Exclude=email;realname" >
<input name="env_report" value="REMOTE_HOST,REMOTE_ADDR,HTTP_USER_AGENT,AUTH_TYPE,REMOTE_USER" type="hidden" />
* * *
<input type="hidden" name="derive_fields" value="imgverify=g-recaptcha-response" />
<!-- with this simple Submit tag and the private key removed from Formmail.php, results email From is correct -->
<!--
<input type="submit" value=" Send message ">
-->
<input type="submit" value=" Send Message " class="g-recaptcha" data-callback="onSubmit" data-sitekey="PublicKeyGoesHere" / >
In formmail.php:
/* Help: http://www.tectite.com/fmdoc/require_captcha.php */
//// DO NOT USE CAPTCHA
//// $REQUIRE_CAPTCHA = ""; /* set to a message string if your forms */
//// USE CAPTCHA
$REQUIRE_CAPTCHA = "Confirm you are not a robot.";
/* set to a message string if your forms must provide a CAPTCHA string*/
/* Help: http://www.tectite.com/fmdoc/recaptcha_private_key.php */
//// DO NOT USE CAPTCHA
//$RECAPTCHA_PRIVATE_KEY = "";
//// USE CAPTCHA
$RECAPTCHA_PRIVATE_KEY = "myprivatekeygoeshere";
This is unusual behaviour.
I suspect there's a syntax error in your HTML and that's causing the damage to the form submission.
You should validate your HTML at https://validator.w3.org/

Coldfusion: specific action after selecting an option in select

I have following code:
<cfif session.language is ("DE")>
<cfset bl=ValueList(getContent.G,",")>
<cfelseif session.language is ("FR")>
<cfset bl=ValueList(getContent.H,",")>
<cfelseif session.language is ("EN")>
<cfset bl=ValueList(getContent.I,",")>
</cfif>
<cfset tags = sizes />
<cfset bltags = bl />
<cfset tagArray = arrayNew(1) />
<cfset tagArrayDATA = arrayNew(1) />
<cfloop list="#tags#" index="tag" delimiters=",">
<cfif not ArrayFindNoCase(tagArray,tag)>
<cfset arrayAppend(tagArray, tag) />
</cfif>
</cfloop>
<cfloop list="#bltags#" index="tag" delimiters=",">
<cfif not ArrayFindNoCase(tagArrayDATA,tag)>
<cfset arrayAppend(tagArrayDATA, tag) />
</cfif>
</cfloop>
<cfoutput>
<cfif isdefined("tagArray") AND arraylen(tagArray) GT 1>
<form name="frmsize" id="frmsize" action="/index.cfm?showusage" method="post">
<cfif isdefined("tagArray") AND arraylen(tagArray) GT 1>
<div>
<select name="valuesize">
<option value="">Choose your option</option>
<cfloop from="1" to="#arraylen(tagArray)#" index="i">
<option value="#tagArray[i]#">#tagArray[i]#
<cftry>
#tagArrayDATA[i]#
<cfcatch>
</cfcatch>
</cftry>
</option>
</cfloop>
</select>
</div>
</cfif>
</form>
</cfif>
</cfoutput>
My goal is to send a value from tagArrayDATA[i] via link.
It should look like that:
<form name="frmsize" id="frmsize" action="/index.cfm?showusage&valueArrayData="#tagArrayDATA[i]#" method="post">
I don't know how to manage that because the cfloop is below the action attribute of the form.
You can't really do what you are trying to do with server side code alone as far as I can tell. But you have a couple of options. One easy one is to just Javascript to update the action when the select is changed.
The other option is to put both values in the select and parse on the end.
<cfloop from="1" to="#arraylen(tagArray)#" index="i">
<option value="#tagArray[i]#-#tagArrayDATA[i]#">
#tagArray[i]# #tagArrayDATA[i]#
</option>
</cfloop>
Then when you are parsing the data just do:
<cfset data = listToArray(FORM.valuesize,'-') />
<!-- data[1] will be the selected value of #tagArray[i]# -->
<!-- data[2] will be the selected value of #tagArrayData[i]# -->
<!-- This assumes the - will never be actually in the data, you could use a different separator -->
My guess is they are both strings and this should work, though I have no idea why you have a try/catch in the select part of your code, probably look at a better way of doing that. If you really need that, I would clean it up as.
<cfloop from="1" to="#arraylen(tagArray)#" index="i">
<cfset data = '' />
<cftry>
<cfset data = tagArrayData[i] />
<cfcatch></cfcatch>
</cftry>
<option value="#tagArray[i]#-#data#">
#tagArray[i]# #data#
</option>
</cfloop>
Though if you are processing the data on the other end, I would make sure all the data is either in the FORM or the URL scopes but not mix. I would be pissed to have to parse some form data in the FORM scope and other data in the URL scope.

ColdFusion form: how to refer to a selection from a binding?

I am not sure if I am thinking about this correctly. I am still new to ColdFusion. I am creating a form which uses binding for the user to select a category and then a specific service. The code for the binding works great. The problem is that now I need to pull some additional information from the service to refer to another field. For example, if the service selected has a "Y" under additional info needed. A field will show that additional information is needed (this field is not changeable)
Originally I thought I could do something like regenerate the same query I did to pull the list of services and just refer to the service type that is selected. Yet I keep getting an error that the field is not defined. Here is the code that I am trying to make it work.
UPDATED: I got it to work I changed the code below the only problem is that I can not get the "Y" to display I get [object Object] instead. Any advice on how to display the text with use of cfinput?
CFC:
<!--- Get array of Catagory Description types --->
<cffunction name="cat_description" access="remote" returnType="array">
<!--- Define variables --->
<cfset var data="">
<cfset var result=ArrayNew(2)>
<cfset var i=0>
<!--- Get data --->
<cfquery name="getServiceCat" datasource="Some Database">
select distinct 2 AS SortBy, CATG_NAME
from some table
UNION
select 1 AS SortBy, '' AS CATG_NAME
from Some table
order by SortBy
</cfquery>
<!--- Convert results to array--->
<cfloop index="i" from="1" to="#getServiceCat.recordcount#">
<cfset result[i][1]=getServiceCat.CATG_NAME[i]>
<cfset result[i][2]=getServiceCat.CATG_NAME[i]>
</cfloop>
<!--- And return it --->
<cfreturn result>
</cffunction>
<!--- Get Service Type by Cat description type --->
<cffunction name="getServiceType2" access="remote" returnType="array">
<cfargument name="CATG_NAME" type="string" required="true">
<cfset var data="">
<cfset var result=ArrayNew(2)>
<cfset var i=0>
<cfquery name="getServiceType2" datasource="Some Database">
select 1 AS SortBy, '' AS SRTY_BNR, '' AS SRTY_NAME
from Some table
UNION
select distinct 2 AS SortBy, SRTY_NBR, SRTY_NAME
from Some Table
where CATG_NAME = <cfqueryparam value="#ARGUMENTS.CATG_NAME#"
cfsqltype="cf_sql_varchar">
order by SortBy
</cfquery>
<cfloop index="i" from="1" to="#getServiceType2.recordcount#">
<cfset result[i][1]=getServiceType2.SRTY_NAME[i]>
<cfset result[i][2]=getServiceType2.SRTY_NAME[i]>
</cfloop>
<cfreturn result>
</cffunction>
<!---Updated below table into CFC to pull information depending on what is pulled
from category and service type--->
<cffunction name="getLR" access="remote" returnType="query">
<cfargument name="SRTY_NAME" type="string" required="true">
<cfset var data="">
<!---Query to get "Y"--->
<cfquery name="lr_required" datasource="Some Datebase">
select distinct LAB_REL_NTFN_FLAG
from some table
where SRTY_NAME = <cfqueryparam value="#ARGUMENTS.SRTY_NAME#"
cfsqltype="cf_sql_varchar">
</cfquery>
<cfreturn lr_required>
</cffunction>
Here is the code within the form:
<TR id="serv_ty" style="display: inline;">
<td align="left" nowrap><label>Service Type:</label></td>
<td>Select Category:
<cfselect name="catdesc"
bind="cfc:servicetype2.cat_description()"
bindonload="true"/><br />
</td>
</TR>
<tr id="serv_ty2" style="display: inline;">
<td></td>
<td>Select Service:
<cfselect name="service_type"
bind="cfc:servicetype2.getServiceType2({catdesc})"
bindonload="false"/>
</td>
</tr>
This is the form code to use the bind which works but will not display the DATA:
<tr id="lr_verify" style="display: inline;">
<td></td>
<td>Additional Info Reuired:
<cfinput
name="lr_needed"
bind="cfc:servicetype2.getLR({service_type})"
bindonload="no"
disabled="disabled"
display="LAB_REL_NTFN_FLAG"/></td>
</tr>
Any advice on how to get it to display or if I should use a different CF statement with the bind to get the correct display. Thanks in advnace for your help on this.

Simple asp form

Trying to get a very simple classic asp form up and running on 123-reg.
123-reg provide a script to get this done but I have no idea how this script connects to the form I've made.
Here's my html:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Untitled Document</title>
</head>
<body>
<form id="form" target="_blank" action="script.asp" method="post">
Name: <input name="Name" type="text" /><br />
Customer ID: <input name="Customer ID" type="text" /><br />
Email Address: <input name="Email" type="text" /><br />
Comments:<br />
<textarea name="Comments" rows=5 cols=50></textarea>
<input type="submit" value="Submit" />
<input type="reset" value="Clear" />
</form>
</body>
</html>
And this is the simple script:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Secure Mail (ASP)</title>
</head>
<body>
<div id="container" class="index" style="padding:10px">
<br />
<br />
<h2>Secure Mail (ASP)</h2>
<br />
<%
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'To get the script for work please set the following values:
'Set the credentials for your email account to send the email from
username="MYUSERNAME" 'Insert your email account username between the double quotes
password="MYPASSWORD" 'Insert your email account password between the double quotes
'Set the from and to email addresses
sendFrom = "admin#MYURL.co.uk" 'Insert the email address you wish to send from
sendTo = "MYEMAIL" 'Insert the email address to send to in here
'DO NOT CHANGE ANY SCRIPT CODE BELOW THIS LINE.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'This script demonstrates how to send an email using asmtp
'Create a CDO.Configuration object
Set objCdoCfg = Server.CreateObject("CDO.Configuration")
'Configure the settings needed to send an email
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") ="intmail.atlas.pipex.net"
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 0
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusername") = username
objCdoCfg.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendpassword") = password
objCdoCfg.Fields.Update
'Create the email that we are going to send
Set objCdoMessage = Server.CreateObject("CDO.Message")
Set objCdoMessage.Configuration = objCdoCfg
objCdoMessage.From = sendFrom
objCdoMessage.To = sendTo
objCdoMessage.Subject = "This is a test email."
'Add the email body text
objCdoMessage.TextBody = "Email sent using ASMTP from a ASP script."
On Error Resume Next
'Send the email
objCdoMessage.Send
'Check if an exception was thrown
If Err.Number <> 0 Then
'Response.Write "<FONT color=""Red"">Error: " & Err.Description & " (" & Err.Number & ")</FONT><br/>"
Else
Response.Write "<FONT color=""Green"">The email has been sent to " & sendTo & ".</FONT>"
End If
'Dispose of the objects after we have used them
Set objCdoMessage = Nothing
Set objCdoCfg = Nothing
Set FSO = nothing
Set TextStream = Nothing
%>
</div>
</body>
</html>
I know the script works as it sends the email, however none of the information included in the HTML form seems to be included.
Don't usually work with forms so any advice would be gratefully received.
Thanks,
Dan
Nowhere in the asp are you requesting the form data to include in your email.
For example, instead of this in your asp:
sendTo = "MYEMAIL" 'Insert the email address to send to in here
You should use the email from the form:
sendTo = Request.Form("Email") 'Insert the email address to send to in here
You may want to validate the email address first:
if isEmailValid(Request.Form("Email")) = true then
'#### Send your email
else
'#### Email was invalid, give the user an error
response.write "Invalid email address"
end if
Function isEmailValid(email)
Set regEx = New RegExp
regEx.Pattern = "^\w+([-+.]\w+)*#\w+([-.]\w+)*\.\w{2,}$"
isEmailValid = regEx.Test(trim(email))
End Function
To confirm, the request.form collection uses the name="" property of the HTML form.
i.e. to include the contents of your textarea:
'Add the email body text
objCdoMessage.TextBody = "The following comment was submitted via the feedback form:" & Request.Form("Comments")

Is there an easier way to manipulate checkboxes in coldfusion?

Basically, I have stored information in a database field and I want to display it again through a form.
The original form has the same checkboxes but they are always empty. The user can check the boxes off and the values are put into the database.
Graduate Courses: Fall? Spring? Summer? Stored as a list in a column named grad. (F, M, S)
They have the option to save this lovely form as a draft. When they come back to the draft I need to display what they might have already checked.
<cfif listContains(#grad#, "F") is not 0>
<input type="checkbox" name="grad" id="grad" value = "F" checked />
<cfelse>
<input type="checkbox" name="grad" id="grad" value = "F" />
</cfif>
<cfif listContains(#grad#, "S") is not 0>
<input name="grad" type="checkbox" id="grad" value = "S" checked />
<cfelse>
<input name="grad" type="checkbox" id="grad" value = "S" />
</cfif>
<cfif listContains(#grad#, "M") is not 0>
<input name="grad" type="checkbox" id="grad" value = "M" checked />
<cfelse>
<input name="grad" type="checkbox" id="grad" value = "M" />
</cfif>
Is there an easier method to doing this with cfform code?
Just curious. :)
I do it like this, as I don't really use <cfform>:
<cfloop list="F,S,M" index="g">
<input type="checkbox" name="grad" id="grad_#g#" value="#g#" #CheckedIf(ListFind(grad, g) gt 0)# />
</cfloop>
<!--- ... --->
<cfscript>
function CheckedIf(expression) {
if (arguments.expression) return 'checked="checked"';
return "";
}
</cfscript>
But the ColdFusion docs state:
[since] ColdFusion MX: Changed the cfform tag
preserveData attribute behavior: if it
is set to True, ColdFusion checks
radio and check box values only if
their value matches the posted value
for the control.
So yes, <cfform> can help you with this. Use <cfparam name="FORM.xyz" default="foobar"> to emulate the "posted value" for normal requests.