1

我正在尝试向我的 cfgrid 添加搜索功能。但我得到一个“元素名称在 FORM 中未定义。错误”。第一次加载页面时,它会显示网格。但是在我按下搜索按钮后,就会出现错误。这是代码:

 <form name="DropDown" method="post">
    <!--- query DB for the first drop down list --->
    <cfquery name="Getprocedures" datasource="caselogs">
        SELECT distinct procedures.procedure_name, procedures.procedure_id 
        FROM case_logs inner join procedures 
                     on procedures.procedure_id=case_logs.procedure_id
        WHERE case_logs.trainee_id=#form.name#
    </cfquery>


    <cfform action="#cgi.script_name#" method="post"> 
        <select name="Ddl_form" size="1">
        <cfoutput query="Getprocedures">
            <option value="#procedure_id#" <cfif isDefined('form.Ddl_form')> <cfif form.Ddl_form eq "#procedure_id#">selected</cfif> </cfif>> #procedure_name#</option>
        </cfoutput>
        </select>

        Status 
        <select name="Ddl_status" size="1">
            <option value="P"<cfif isDefined('form.Ddl_status')> <cfif form.Ddl_status eq "P">selected</cfif> </cfif>>In Progress</option>
            <option value="S"<cfif isDefined('form.Ddl_status')> <cfif form.Ddl_status eq "S">selected</cfif> </cfif>>Submitted</option>
            <option value="R"<cfif isDefined('form.Ddl_status')> <cfif form.Ddl_status eq "R">selected</cfif> </cfif>>Reviewed</option>
            <option value="-1" <cfif isDefined('form.Ddl_status')> <cfif form.Ddl_status eq "-1">selected   </cfif> </cfif>>All</option>
        </select>
        <input type="submit" name="search" value="Search">
    </cfform>

    <cfif isdefined('form.search')>
          <cfquery name="qGetBooks" datasource="caselogs">
                 SELECT CASE_LOGS.performed_dt,CASE_LOGS.submitted_dt,procedures.procedure_name,hospitals.hospital_code,case_logs.status 
                 FROM  case_logs
                        inner join procedures on procedures.procedure_id = case_logs.procedure_id
                        inner join hospitals on hospitals.hospital_id = case_logs.hospital_id
                 WHERE case_logs.trainee_id=2 and case_logs.status='#Form.Ddl_status#' and case_logs.procedure_id=#FORM.Ddl_form#
       </cfquery>
   <cfelse>
          <cfquery name="qGetBooks" datasource="caselogs">
                 SELECT CASE_LOGS.performed_dt,CASE_LOGS.submitted_dt,procedures.procedure_name,hospitals.hospital_code,case_logs.status 
                 FROM   case_logs
                        inner join procedures on procedures.procedure_id = case_logs.procedure_id
                        inner join hospitals on hospitals.hospital_id = case_logs.hospital_id
                 WHERE  case_logs.trainee_id=2 and case_logs.status='P' 
          </cfquery>
   </cfif>  

   <cfform name="gridform"> 
          <cfgrid name="BooksGrid" 
                 format="HTML" 
                 selectmode="row"
                 query="qGetBooks" 
                 title="Students"
                 insert="true"
                 insertbutton="Insert Book"
                 width="500">
              <cfgridcolumn name="performed_dt" header="DatePerformed" />
              <cfgridcolumn name="submitted_dt" header="SubmitedDate" />
              <cfgridcolumn name="procedure_name" header="Procedure" />
              <cfgridcolumn name="hospital_code" header="Hospital" />
              <cfgridcolumn name="status" header="Status" />
          </cfgrid> 
   </cfform>

这是错误:

The error occurred in C:/ColdFusion10/cfusion/wwwroot/Caselogs/Trainee/caselogs.cfm: line     10

   8 :     select distinct procedures.procedure_name, procedures.procedure_id from case_logs 
  9 :     inner join procedures on procedures.procedure_id=case_logs.procedure_id
 10 :      where case_logs.trainee_id=#form.name#
 11 :   </cfquery>
 12 : 
4

2 回答 2

4

您需要cfparam该表单字段,或者除非表单已提交,否则不要运行搜索。页面首次加载时,该FORM.NAME字段不存在,因为表单尚未提交。尝试这个:

<cfparam name="FORM.name" default="0" />
<cfset FORM.Name = Val(FORM.Name) />

这将确保该FORM.name值存在,并且它是一个数值。您还应该cfqueryparam在您的 SQL 语句中使用以确保您没有任何 SQL 注入漏洞。

于 2012-07-25T12:27:50.937 回答
1

在您的搜索中,您没有传递 name 元素,只需将其作为隐藏元素添加到搜索表单中:

<input type="hidden" name="name" value="#form.name#">
于 2012-08-24T01:02:16.007 回答