Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Quots within quots? 2

Status
Not open for further replies.
Ayac

Ayac

Programmer
Nov 10, 2000
141
HU
Hi all,

I have a problem here and I do not see a good way to fix it yet. I created a search engine and it has a form where you can type your search words. When you submit your search, you got a list of results. Now that is fine, but I want a link on that page that takes you back to the form so you can modify your search terms with your values already filled in. I do not want to use the JavaScript history back-on thing (there can be multiple pages hit by the time the user wants to go back).

Everything works fine until someone types double quots in there (then the content disappears). Just because the fact <input type="text" value="<%=something%>">. If I use single quots, then it handles doubles fine, but then it messes up the singles. If someone types them mixed up, then the data will chopped.

Do you know how could I display those values without breaking the form?

 
Sort by date Sort by votes
use the HTML entity &quot; for display
Code: 
value='<% = replace(something,""","&quot;")%>'>


Chris.

Indifference will be the downfall of mankind, but who cares?
A website that proves the cobblers kids adage.
Nightclub counting systems

So long, and thanks for all the fish.
 
Upvote 0 Downvote
use Server.HTMLEncode() when putting your value into the textbox

like <input type="text" name="blah" value="<%=Server.HTMLEncode(Request("SearchString"))%>">

this will also handle other issues with pissible chars that might interfere with your search, this does a translation for the HTML portion but on submit it's treated as if the user directly typed what's in there

[thumbsup2]DreX
aKa - Robert
 
Upvote 0 Downvote
The only thing I would mention here that I would use this instead of the first one:

value='<% = replace(something,chr(34),"&quot;")%>'>

because ASP freaks out if he sees """ in a row.

Thanks for both of you!

I never thought that such things would work within a form field... well, I can always learn something...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

penguinspeaks
  • Locked
  • Question
write HTML code within ASP line
Replies
1
Views
778
xwb
xwb
axLW
  • Locked
  • Question
Identify string within array item
Replies
12
Views
420
axLW
axLW
SarahMH
  • Locked
  • Question
Capture record id from table array within hyperlink address 1
Replies
2
Views
134
SarahMH
SarahMH
Onoru
  • Locked
  • Question
How do i upload a file from within asp
Replies
2
Views
72
vicvirk
vicvirk
wvdba
  • Locked
  • Question
is it possible to call a subroutine within an asp page?
Replies
3
Views
99
DotNetBlocks
DotNetBlocks

Part and Inventory Search

Sponsor

Back
Top