[ColdBox 3.5] Hidden Variables in RC

Communities ColdBox HMVC
1

Hello

I am a new entrant to the ColdBox world. I happened to take over an application to maintain it and posed with the following requirement. “Remove all Hidden variables from the views”. How would i do that and maintain the current functionality. Below is the sample snippet of the code cycle.

--------dspFunction-------

<cfset Event.setView(“ehFunction/vwEmpInfo”) />

-----------View------------

<input name=“event” type=“hidden” id=“event” value="#Event.getValue(“xehInfo”)#" />

--------doFunction-------

How do i remove the hidden variables and make sure the “do” handler has the rc variables(that are set in “dsp”) available ??

Thanks

Chintu

2

Can you explain what you’re trying to accomplish? What is the goal of removing hidden fields. I ask because that changes my answer :slight_smile: For instance, you could simply move the values in the hidden fields to the query string of the form post, but that wouldn’t be good if your goal was to not have that information visible in the browser. In that case, you’d need to use a persistent scope to store that data. This really has nothing to do with ColdBox.

And an unrelated note: you don’t need to have rc = event.getCollection() in your handler methods. ColdBox has been passing rc in the arguments scope for a long time now.

Thanks!

~Brad

ColdBox/CommandBox Developer Advocate
Ortus Solutions, Corp

E-mail: brad@coldbox.org
ColdBox Platform: http://www.coldbox.org
Blog: http://www.codersrevolution.com

3

Thanks Brad. The Client states that it is a security issue as users (essentially hackers) can see the data in the hidden fields and can manipulate them.

4

Ok, that’s what I wondered. In that case, the solution is the same as it would be on any CF app. You’ll need to set the data into a persistent scope like session and then retrieve it from there after the form submits. Just make sure you take care of situations like where the form may sit for a long time and the session times out.

Thanks!

~Brad

ColdBox/CommandBox Developer Advocate
Ortus Solutions, Corp

E-mail: brad@coldbox.org
ColdBox Platform: http://www.coldbox.org
Blog: http://www.codersrevolution.com