coldfusionfw1commandboxcoldfusion-2018

Avoid cgi shared scope


I have a lot of FW/1 controllers which can perform differing functions based on whether the request is a get or post. I have a lot of code that looks like this

if (cgi.request_method == "post")   {

I recently installed Commandbox's CodeChecker CLI and I turned it loose on my controllers. I am getting warnings like:

Don't use shared scope variables in a CFC | Standards | Severity: 4
  Avoid using shared scope variables from within a CFC as it breaks encapsulation.
  Users//jamesmohler/Sites/ColdFusion/P.../messagesController.cfc:13

I have gone back to the FW/1 Reference Manual , and I have noted that it has a function called getCGIRequestMethod()

Question

Have I been testing for POST wrongly all along? What exactly am I being encouraged to avoid?


Solution

  • Short answer

    I have replaced

     if (cgi.request_method == "post")   {
    

    with

     if (framework.getCGIRequestMethod() == "post")   {
    

    Long answer

    FW/1 does tap into other CGI variables, but does not expose them. So there are no similar functions I can tap into.

    FW/1 copies the data into

    request._fw1 = {
       cgiScriptName = CGI.SCRIPT_NAME,
       cgiPathInfo = CGI.PATH_INFO,
       cgiRequestMethod = CGI.REQUEST_METHOD,
       ...
    

    Which begs the question of request. scope is better than cgi. scope. I hereby submit it does not because both happen at the time of the processing request. Using cgi. might break encasulation, but I don't think pushing in variables via FW/1's rc. scope desirable. I also don't want to modify FW/1 to capture all cgi variables.