tracker issue : CF-3039968

select a category, or use search below
(searches all categories and all time range)
Title:

Bug 79876:(Watson Migration Closure)Summary: CFGRID gets confused by semi-colons

| View in Tracker

Status/Resolution/Reason: Closed/Won't Fix/

Reporter/Name(from Bugbase): Adam Cameron / Adam Cameron (Adam Cameron)

Created: 09/10/2009

Components: CFForm, Flash

Versions: 9.0

Failure Type: Unspecified

Found In Build/Fixed In Build: 0000 /

Priority/Frequency: Minor / Unknown

Locale/System: English / Win All

Vote Count: 4

Problem:

Summary: CFGRID gets confused by semi-colons. I spotted this on the Adobe forums (http://forums.adobe.com/message/2238462), and have checked that it's still bung in CF9 (GMC release).Run the attached code, and see the error after submitting the grid.
Method:

Code from http://forums.adobe.com/message/2238462

<CFSET myQuery = QueryNew("ticket_id,description")>
<CFSET temp = QueryAddRow(myQuery)>
<CFSET QuerySetCell(myQuery,"ticket_id","1")>
<CFSET QuerySetCell(myQuery,"description","a;")>
<CFSET temp = QueryAddRow(myQuery)>
<CFSET QuerySetCell(myQuery,"ticket_id","2")>
<CFSET QuerySetCell(myQuery,"description","a;b")>

<cfdump var="#myQuery#">

<CFFORM NAME="test" ACTION="#cgi.SCRIPT_NAME#">
	<CFGRID NAME="testGrid" QUERY="myQuery" SELECTMODE="ROW" FORMAT="FLASH" />
	<CFINPUT TYPE="submit" NAME="submit">
</CFFORM>
Result:

    The web site you are accessing has experienced an unexpected error.Please contact the website administrator.The following information is meant for the website developer for debugging purposes.Error Occurred While Processing RequestThe submitted cfgrid form field is corrupt (name: __CFGRID__TEST__TESTGRID value: __CFGRID__COLUMN__=CFGRIDROWINDEX; __CFGRID__DATA__=2;__CFGRID__COLUMN__=ticket_id; __CFGRID__DATA__=2;__CFGRID__COLUMN__=description; __CFGRID__DATA__=a;b;) ColdFusion cannot determine the line of the template that caused this error. This is often caused by an error in the exception handling subsystem.Resources:    * Check the ColdFusion documentation to verify that you are using the correct syntax.    * Search the Knowledge Base to find a solution to your problem.Browser   Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2 (.NET CLR 3.5.30729)Remote Address   127.0.0.1Referrer   http://shared.local/cf/cfml/tags/forms/grid/forumBug.cfmDate/Time   10-Sep-09 06:50 PMStack Tracecoldfusion.filter.GridFieldProcessor$CorruptGridFieldException: The submitted cfgrid form field is corrupt (name: __CFGRID__TEST__TESTGRID value: __CFGRID__COLUMN__=CFGRIDROWINDEX; __CFGRID__DATA__=2;__CFGRID__COLUMN__=ticket_id; __CFGRID__DATA__=2;__CFGRID__COLUMN__=description; __CFGRID__DATA__=a;b;)coldfusion.filter.GridFieldProcessor$CorruptGridFieldException: The submitted cfgrid form field is corrupt (name: __CFGRID__TEST__TESTGRID value: __CFGRID__COLUMN__=CFGRIDROWINDEX; __CFGRID__DATA__=2;__CFGRID__COLUMN__=ticket_id; __CFGRID__DATA__=2;__CFGRID__COLUMN__=description; __CFGRID__DATA__=a;b;)at coldfusion.filter.GridFieldProcessor.decode(GridFieldProcessor.java:244)at coldfusion.filter.FormScope.processSpecialFields(FormScope.java:568)at coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:316)at coldfusion.filter.MonitoringFilter.invoke(MonitoringFilter.java:40)at coldfusion.filter.PathFilter.invoke(PathFilter.java:87)at coldfusion.filter.LicenseFilter.invoke(LicenseFilter.java:27)at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:70)at coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersistenceFilter.java:28)at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38)at coldfusion.filter.NoCacheFilter.invoke(NoCacheFilter.java:46)at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38)at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22)at coldfusion.filter.CachingFilter.invoke(CachingFilter.java:53)at coldfusion.filter.RequestThrottleFilter.invoke(RequestThrottleFilter.java:126)at coldfusion.CfmServlet.service(CfmServlet.java:200)at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:89)at jrun.servlet.FilterChain.doFilter(FilterChain.java:86)at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:42)at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46)at jrun.servlet.FilterChain.doFilter(FilterChain.java:94)at jrun.servlet.FilterChain.service(FilterChain.java:101)at jrun.servlet.ServletInvoker.invoke(ServletInvoker.java:106)at jrun.servlet.JRunInvokerChain.invokeNext(JRunInvokerChain.java:42)at jrun.servlet.JRunRequestDispatcher.invoke(JRunRequestDispatcher.java:286)at jrun.servlet.ServletEngineService.dispatch(ServletEngineService.java:543)at jrun.servlet.jrpp.JRunProxyService.invokeRunnable(JRunProxyService.java:203)at jrunx.scheduler.ThreadPool$ThreadThrottle.invokeRunnable(ThreadPool.java:428)at jrunx.scheduler.WorkerThread.run(WorkerThread.java:66)

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	3039968

External Customer Info:
External Company:  
External Customer Name: Adam Cameron
External Customer Email: 17EB1A7649DA54C7992015A9
External Test Config: 09/10/2009

Attachments:

Comments:

This bug has been voted..
Vote by External U.
22885 | November 10, 2011 07:03:14 PM GMT
Having to cleanse grid data in the query to work around this is laborious. Please address.q
Vote by External U.
22886 | November 10, 2011 07:03:15 PM GMT
This and other semi-colon related issues seem to have been introduced with ColdFusion 8 as an attempt to be more secure against SQL injection attacks and not fixed in ColdFusion 9 either.
Vote by External U.
22887 | November 10, 2011 07:03:16 PM GMT
When querying from a database a record that contains a semicolon and displaying it on a cfgrid, if you select that row and try to submit or do anything with it then you will get an error (....submitted cfgrid form field is corrupt ....).
Vote by External U.
22888 | November 10, 2011 07:03:17 PM GMT