Validating data in ColdFusion 9

Thursday September 24, 2009 1:01 PM
Tags: ColdFusion
Word Count: 700

ColdFusion 9 is brining some awesome new features and right near the top for me are implicit getters / setters. Writing these can be tedious and straight up boring but soon enough that will be a thing of the past. On top of that they have adding some validation features to these properties. Two new attributes have been added to the property tag, validate and validateparams. Rupesh Kumar has a great write up on this over on his blog but here is the short version.
Possible values of validate are.

  • string
  • boolean
  • integer
  • numeric
  • date
  • time
  • creditcard: A 13-16 digit number conforming to the mod10 algorithm.
  • email: A valid e-mail address.
  • eurodate: A date-time value. Any date part must be in the format dd/mm/yy. The format can use /, -, or . characters as delimiters.
  • regex: Matches input against pattern specified in validateparams.
  • ssn: A U.S. social security number.
  • telephone: A standard U.S. telephone number.
  • UUID: A Home Universally Unique Identifier, formatted 'XXXXXXXX-XXXX-XXXX-XXXXXXXXXXXXXXX', where 'X' is a hexadecimal number.
  • guid: A Universally Unique Identifier of the form "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" where 'X' is a hexadecimal number
  • zipcode: U.S., 5- or 9-digit format ZIP codes
ValidateParams are expressed using implicit struct notation and can contain the following values.
  • min: Minimum value if 'validate' is integer/numeric
  • max: Maximum value if the 'validate' is integer/numeric
  • minLength: Minimum length of the string if the 'validate' is string
  • maxLength: Maximum length of the string if the 'validate' is string
  • pattern: regex expression if the validator specified in 'validate' attribute is regex

This is a quick example of a user component using some of the new validation.

This seemed like exactly what I wanted, an easy way to validate data. A closer look at how it actually works though left me wanting more. This will do exactly what it says and validate the data but this is how it's done. To show how this works we will create an instance of our user component and try to set our first name property The requirement for our first name was that it should be at least 2 characters long. I was thinking that it would somehow trap these errors but instead when I ran the example I saw the following error on screen.

The length of the string, 1 character(s), must be greater than or equal to 2 character(s).
While this is nice I don't really think I could use in a real application because its not a nice way of informing the user of what went wrong. This was the base of a new project I have been working on that I hope to share with you soon.

Comments (25)
Print
Send
del.icio.us
Digg It!
1510 Views

Comments

#1 Posted By: Brian Carr Posted On: 9/24/09 2:04 PM
Agreed - seems like the implementation of @validate and @validateParams is about 50% there - an excellent idea (and use of annotations), but not entirely useful in its current state. I'm definitely interested in your new project to enhance this functionality and will be downloading the code in short order.
#2 Posted By: Ben Nadel Posted On: 9/24/09 2:09 PM
I also, cannot for the life of me, figure out how to actually use the pattern for a regex validation. You can use the most basic validateparams, but most regex notations seem to cause an error:

validateparams="{ pattern=a{1,5} }"

... throws a syntax.

Honestly, the way they did the validateparams is junky. They should just have used the same method that CFParam does where tehse exist as optional attributes.
#3 Posted By: Dan Vega Posted On: 9/24/09 2:10 PM |
Author Comment
Thanks Brian! I would love to hear your thoughts on it. It's still real new but I think the base is there for a real simple and useful validation package.
#4 Posted By: Dan Vega Posted On: 9/24/09 2:12 PM |
Author Comment
I wonder if its working like the isValid pattern works.

pattern: A JavaScript regular expression that the parameter must match; used only for regex or regular_expression validation.
#5 Posted By: Micky Dionisio Posted On: 9/24/09 2:14 PM
Dan-

This is a fantastic idea. At a glance, the out of the box validation offers quite a lot and coupled with the validationParams keeps it simple and straight forward (goodbye all manual custom if's i have to create in boiler plate validation utility objects). On top of that you've got it working using annotations which makes this entire thing killer.

I see that all validators extend IValidator so its kosher for us to possibly create our own?

Excellent work man - will definitely look out for future releases.

-Micky
#6 Posted By: Raymond Camden Posted On: 9/24/09 2:20 PM
Hey Ben, does your code work if you create the args as a struct before the cfpoperty tag? Or perhaps create the regex as a string called myregex, and pass that to the params?
#7 Posted By: Mike Chandler Posted On: 9/24/09 2:21 PM
This is cool. Perfect timing too. I'm starting a new project on Quicksilver. I'll see if I can implement and provide feedback. Thanks much Dan!
#8 Posted By: Raymond Camden Posted On: 9/24/09 2:22 PM
Sorry - my comment makes no sense really.
#9 Posted By: Ben Nadel Posted On: 9/24/09 2:40 PM
@Ray,

I have tried what I think you are saying and it throws an error that the value must be static.
#10 Posted By: Dan Vega Posted On: 9/24/09 2:41 PM |
Author Comment
The docs say it must be an implicit struct. I wonder if you need to escape anything (\\) like the brackets.
#11 Posted By: Ben Nadel Posted On: 9/24/09 2:47 PM
I tried escaping with a single slash "\" and that didn't work. Double-slash didn't occur to me.
#12 Posted By: Dan Vega Posted On: 9/24/09 2:49 PM |
Author Comment
You are regex master I am just taking stabs in the dark at this point :)
#13 Posted By: Ben Nadel Posted On: 9/24/09 2:50 PM
Where's Rupesh? He needs to jump in a karate-chop the situation :)
#14 Posted By: Brian Carr Posted On: 9/24/09 2:53 PM
I've wrestled with this very issue in the past and unless there's some juicy piece of obscure documentation floating around out there that indicates otherwise - Annotations in CF only accept string literals as values, no variable references (complex objects or otherwise).

If that's not the case, then please someone speak up and show us the light!

My guess is that the 'implicit struct' is being converted under the covers by CF specific and exclusive only to @validateParams.
#15 Posted By: Henry Ho Posted On: 9/24/09 2:58 PM
At first I like the feature, but the exception type it throws is too hard to catch!
#16 Posted By: Bob Silverberg Posted On: 9/24/09 3:01 PM
Hey Dan. This sounds like exactly what I was trying to accomplish with my validation framework, with the only difference being that my validation metadata is currently in xml files, while you want to use property annotations.

I designed ValidateThis to allow for different metadata implementations, and I know that this is something that some developers will be keen on (even if I am not myself), so I was planning on adding that feature (validation metadata via property annotations) in a future release. Because of the design it will be a simple matter of adding one new component.

As I believe the goals of these projects are identical, if you see any value in collaborating on this effort, rather than creating an additional project that accomplishes the same thing, I'd be keen to discuss that.
#17 Posted By: Dan Vega Posted On: 9/24/09 10:32 PM |
Author Comment
@Henry - I was the same as you.

@Bob - I already have the project created and running but I think sharing ideas on the best approach to solving the problem is a great idea. I will pull down your framework again this weekend and take a look at it.
#18 Posted By: Bob Silverberg Posted On: 9/24/09 11:28 PM
Sounds good. It's all open source, right? So we can steal each other's ideas. ;-)
#19 Posted By: Dan Vega Posted On: 9/24/09 11:30 PM |
Author Comment
HA! Yes it's actually up now http://hyrule.riaforge.org/ and by steal you of course mean innovate each others ideas right? :)
#20 Posted By: Raymond Camden Posted On: 9/25/09 8:57 AM
As an OS developer, all this "steal" talk bothers. I've never stolen anything for any of my projects.

Now pardon me while I move away from that ominous looking storm cloud that just appeared.
#21 Posted By: Dan Vega Posted On: 9/25/09 9:02 AM |
Author Comment
Innovate Ray - Borrowing ideas for the good of society! That's how I sleep at night :)
#22 Posted By: Bob Silverberg Posted On: 9/25/09 10:21 AM
@Ray: I'm surprised by your comment. I would have thought that it was obvious from my comment, including the wink, that is was a lighthearted joke. By definition it's impossible to steal something from an open source project (one of these ones anyway) as it's all freely available for the taking. It would be like saying "I stole a free sample at Costco today".

And while you say that you've "never stolen anything for any of my projects", I would say the same is true of me, but I wouldn't hesitate to say that I've "taken" ideas and in fact code from other OS projects. I think that that is part of the philosophy of OSS. Not just to produce a piece of software that is free and available, but also to put out code that is free and available to be extracted and used in other projects.

So yes, I agree that stealing is wrong, and perhaps should not be a term used in this context, but I think that taking is perfectly fine, and in fact is encouraged.
#23 Posted By: Raymond Camden Posted On: 9/25/09 10:23 AM
Um dude.... chill. I was joking. The last paragraph about the storm cloud? You know - the whole thing of saying a big lie and getting struck down by God. It was a joke - nothing more.
#24 Posted By: Bob Silverberg Posted On: 9/25/09 10:30 AM
But you left off the wink! How was I to know? That storm cloud thing went right over my head. Perhaps I need more than 4 hours of sleep a night.
#25 Posted By: Ben Nadel Posted On: 9/25/09 12:50 PM
I agree with Bob, this conversation needs at least 4 - NO, 5 more emoticons for it to be interpreted correctly :P


Post Your Comment

Leave this field empty







Show Captcha

If you subscribe, any new posts to this thread will be sent to your email address.

Copyright © 2007 Dan Vega | BlogCFC was created by Raymond Camden. This blog is running version 5.8.001.