<cfqueryparam null=true> not ignoring sqltype

Description

Upgraded to 5.3.3.62 yesterday (default null behaviour) and started getting errors on a standard type of <cfqueryparam value="#form.max_age#" null="#isEmpty(form.max_age)#" sqltype="tinyint" maxlength="2"> edit query which has never caused issues before. My understanding is that null=true should essentially cause it to read as <cfqueryparam null=true> and ignore value (and sqltype), but it seems that behaviour has changed and the sqltype is actually being checked? I have searched the open issues but can't find any mention of this. Am I misunderstanding something? I have removed sqltype="tinyint" to 'fix' the issue, but don't really like removing that. I can of course rewrite this to have a different cfqueryparam in case of empty values, but thought this was the entire point of null=true.

Environment

None

Activity

Show:
Sam Daams
December 5, 2019, 8:47 AM

While great this particular issue tied to maxlength is fixed, does this also fix the much bigger bug where when inputting any kind of financial data (decimal) the maxlength field is wrong due to how it’s converting the number prior to counting the characters? I’ve had to change existing code in about 100 places (basically removing maxlength, which should be a useful tool and I thought recommend use for all?) to still allow users to input important financial data because maxlength is totally broken and counting spaces and commas where they don’t exist. These are just my use cases, but I’d imagine all these bugs (and potentially others around maxlength) are tied to the ‘fix’ for this ticket: Which interestingly enough the reporting user also mentions is “probably not the desirable way to convert values”. I’m all for making things match ACF, but it should not happen at the expense of security (ACF handles the maxlength and decimal just fine, so as it is now, making the prior case compatible broke a much more important compatibility imo).

Michael Offner
May 1, 2020, 2:46 PM

can you please answer that question

Pothys - MitrahSoft
May 4, 2020, 8:39 AM

,
I hope, for the issue what are you mentioned above, it was fixed in 5.3.5.47-SNAPSHOT onwards. So, could you please check and report here back.

Michael Offner
May 29, 2020, 3:48 PM

?

Sam Daams
June 3, 2020, 10:17 AM

Sorry, I haven’t had a chance to check this yet due to Covid disruptions, but doing some dev work from Friday on and will revert then.

Assignee

Michael Offner

Reporter

Sam Daams

Priority

New

Fix versions

None

Affects versions

Configure