CODEWITHSUNDEEP
coldfusionrailolucee
nikhil reddy
nikhil reddy

Reputation: 96

Unexpected results from CFQUERY and CFIF comparison

This piece of code is in production to block IP's based on usage. An email was triggered, and an insert executed, with an IP address satisfying the cfif condition. However, when I executed the query in the SQL editor, for the same IP, it returned the count as 0 (ie getNineHundredCnt.maxDownload).

This happened for only one user. It is working fine for rest of the users, with almost 1L users accessing the application daily. Can anyone help explain why it happened?

<cfquery name="getExcessiveUsageConfig" DATASOURCE="#arguments.datasrc#">
    SELECT * FROM ExcessiveUsageConfig
</cfquery>

<cfset usageLimitStruct.maxFifMinDownload = getExcessiveUsageConfig.MAXFIFMINDOWNLOAD >

<!---- This value is 900 and not changed --->
<cfquery name="getNineHundredCnt" DATASOURCE="#arguments.datasrc#">
   SELECT 
         ( select count(9)  
           from   downloads 
           where  download_time > dateadd(minute,-15,getdate()) 
           and    USER_IP = <cfqueryparam value="#remoteAddress#" cfsqltype="CF_SQL_VARCHAR">
        ) as maxDownload,
        ( select TOP 1 DATEDIFF(second, DOWNLOAD_TIME, GETDATE())  
          from   CAPTCHA 
          WHERE  USER_IP = <cfqueryparam value="#remoteAddress#" cfsqltype="CF_SQL_VARCHAR"> 
          and    Erights_sessionId = <cfqueryparam value="#arguments.erightsCookie#" cfsqltype="CF_SQL_VARCHAR">
          order by DOWNLOAD_TIME DESC
        ) as Ccheck 
</cfquery>


<cfif getNineHundredCnt.maxDownload gte usageLimitStruct.maxFifMinDownload>

   <cfquery name="checkToBlockIpExcessUsage" DATASOURCE="#arguments.dataAuthentication#">
      INSERT INTO DisabledIPs(IP,TIMEDISABLED)
      VALUES (<cfqueryparam value="#remoteAddress#" cfsqltype="CF_SQL_VARCHAR">,GETDATE())
   </cfquery>

     <cfmail from="[email protected]" to="[email protected]" subject="IP Blocked"  type="text">
     IP : #remoteAddress#
     Time : #currentTime#
     The IP has been blacklisted 
     </cfmail>

</cfif>

Upvotes: 1

Views: 127

Answers (1)

BKBK
BKBK

Reputation: 484

One possibility is that getNineHundredCnt.maxDownload is 0 and usageLimitStruct.maxFifMinDownload is 0 as well. Output the values and verify.

Upvotes: 3

Related Questions