I've a problem reading querystring parameters that are 'uri encoded'. Anyone
has a solution for this?
To reproduce the problem, create a classic ASP containing the following code:
-----------------------
<p>Value sent via querystring: <%=
Server.HTMLEncode(Request.QueryString("value")) %></p>
<input id="input" />
<button id="submit" onclick="window.location.assign('Test.asp?value=' +
encodeURIComponent(input.value));">submit</button>
I working on a ASP project (usually I'm a PHP guy) and I wanted to encode a string to make it safe for a SQL insert. Is there a function built into ASP for that or do I just need to replace single quotes?
I'm having a problem finding/using an escape character with this ASP/JScript application I'm creating. Basically I have text sometimes that has apostrophes or double quotations in them, but they won't be INSERTED unless I manually take them out.
Ex: INSERT INTO tbl1 (vendor,reason) VALUES (81,"This is only a test, but there is an apostrophe and it's only going to make things worse.")
That apostrophe in "it's" is kiling everything. I've used the replace method to change it to " ' ", but that STILL doesn't work. I can't find MS SQL's ESCAPE CHARACTER. I've tried several directions of the backslash, but no luck.
I am trying to only have a link show if there is a certin value in the DB. This is what I am trying:
<% if (rsWelcome.Fields.Item("access_level").Value) = "admin" then
response.Write("| - <a href="sps_main.asp">Sales Training Support </a>-")
end if %>
BUT... this is the error I get:
Expected ')'
/sta/topnav_test.asp, line 9 response.Write("| - <a href="sps_main.asp">Sales Training Support </a>-") How do I use quotes in a "response" and have the app server ignore them??
I'm still having trouble getting some of my data being returned properly when people use quotes. (ex ProjectName contents being - the "primary" project - The double quotes are the main issue. I am using a function for the single quote and it seems to have resolved the issue.
Code:
Term = trim (Term) if Term <> "" then Term = Replace (Term, chr (39), chr (39) & chr (39)) end if If Term <> "" then
I use this just when passing strings from a form. I tried altering it and using chr (34) for a double quote but it didn't work.
When chucking data in cookie you cannot use certain characters in this example ‘ : ‘ . To get around this you use escape and unescape. Trying to use the escape as such:
I've been looking for it for a while. I found it a week back by accident, but didn't need to use it then. It's a function that escapes SQL strings so that if there is a ' in the string it will escape it for you. I can remeber the name of it.
Info DB: Oracle(9i), where I generate query strings programatically and send them to the DB server.
I have rtfm'd and googled this extensively, but I have not found how to properly esacape the ampersand character in an oracle query (I'm NOT using the SQL+ command line interface).
Oracle uses the & character to denote a variable substitution, and unfortunately one of the fields I must query has data that contains the & character. I need to know how to escape the & character in my query strings so that Oracle will treat it as a string literal. Code:
I have a 'memo' form field being entered into an access database.If people put in characters other then text (Quotes, operators, etc) then I get an insert error: ---- User Input: oh let's see - a va
Error: [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression ''oh let's see - a va', 'No additional comments submitted')'. ----
Is there a way to get this into the database? In php, I would simply use the function 'addslashes()' (escaping the string) - is there a similar function in ASP or am I doing something else wrong?
I am inserting records into an Access table using the OleDbCommand class. The insert values come from a basic web form with text boxes. If the values contain ' or " it creates a problem. What is the proper way to escape these characters? Surely there's a built-in function for it somewhere.
We use response.redirect to connect to an external web site which does not work when the "=" sign is translated to "%3B" and the ";" to "%3D". Is there a way to turn this default translation off?
