CFParam for Integer or Empty String

by Pete Freitag

I use the cfparam tag a lot in a view as a way to assert that a variable is of a specific type. For example if I want to make sure that someID is an integer, you can use something like this:

<cfparam name="someID" type="integer" default="0">

That works great for integers that are required, but what if we are dealing with a integer from a DB column that could be NULL now when that is passed in it would be an empty string, and that doesn't pass the integer type test. Since there is not an integer or empty string type you can use the regex type:

<cfparam name="someID" type="regex" pattern="^[0-9]*$">

The Fixinator Code Security Scanner for ColdFusion & CFML is an easy to use security tool that every CF developer can use. It can also easily integrate into CI for automatic scanning on every commit.