Is there anything that provides the kind of support PHP's filter_var does in ColdFusion?

Question

I've found filter_var to be extremely useful in validating and sanitizing user input with PHP, but I've yet to find anything even remotely as convenient in ColdFusion (more specifically, CF8).

Obviously I can hack together something using REReplace, but that would take significantly more time to code up and would be much uglier than using the pre-defined filters available in PHP. Is there a more efficient way or do I just need to bite the bullet?

Answer 1

There are three different options available to you. Since you're attempting to manage user input, I assume you're using forms. isValid most closely mimics your functionality, allowing you to check if a value specified matches either a data type or a regular expression and returns true or false, and includes attributes by default to define a range. It does not support the ability to create a custom 'filter' beyond defining a regular expression however.

The second option would be using cfparam tags on your POST processing page, which allows you to specify the existance of a variable, test against a data type or define a regular expression, and optionally assign a default value if the variable doesn't exist. If you attempt to process a page where the field is not defined and no default value is assigned however, ColdFusion throws an error.

Finally, you can do validation by using cfform and cfinput fields on your form itself; which allows for client-side data validation for existence and types (it also supports server-side validation but it's implementation is sloppy), regular expressions, and input masking: taking user-inputted data and conforming it to a specific format (like adding dashes to phone numbers and zip codes).