SI
SI
discoversearch

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor.  We ask that you disable ad blocking while on Silicon Investor in the best interests of our community.  If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.
SI - Site Forums : Silicon Investor - Welcome New SI Members! -- Ignore unavailable to you. Want to Upgrade?

To: Jeffrey S. Mitchell who wrote (21549)10/9/2004 9:26:56 AM
From: rkral  Respond to of 32873
 
Jeffrey, re "In other words, go back to using HTMLEncode but enclose the value in double, not single, quotes (like in my original example)."

That's the best solution IMO too, as it covers all the HTML special characters -- even possible future ones, I suspect. Good find on the list of characters.

Ron



To: Jeffrey S. Mitchell who wrote (21549)10/9/2004 10:43:06 AM
From: SI Dave  Read Replies (2) | Respond to of 32873
 
Thanks, Jeff. That's a solution that will work, even if it's a little "ugly" from a coding point of view since all of the HTML is the output of response.write():

response.write("<td><input name='field' value=""" & HTMLEncode(rs("field")) & """></td>")


The issue I was running into was the embedded apostrophes and quotes colliding with the ASP delimiters. The other symbols <&> were not a problem per se, since they were delimited... unless an apostrophe/quote was also present that broke the ASP script.

Once this gets applied to my_account, we can also turn on the feature to let users change their alias.


HomeMailHotSubjectMarksPeopleMarksKeepersSettings
Terms Of UseContact UsCopyright/IP PolicyPrivacy PolicyAbout UsFAQAdvertise on SI
© 2025 Knight Sac Media.  Data provided by Twelve Data, Alpha Vantage, and CityFALCON News