I've been looking for it for a while. I found it a week back by accident, but didn't need to use it then. It's a function that escapes SQL strings so that if there is a ' in the string it will escape it for you. I can remeber the name of it.
View RepliesI need function that parses string, and splits it if it is longer than predefined number of characters.
View Replies View RelatedI working on a ASP project (usually I'm a PHP guy) and I wanted to encode a string to make it safe for a SQL insert. Is there a function built into ASP for that or do I just need to replace single quotes?
View Replies View Relatedthe problem is in database the name of customer displays like
%mike O' lee but user want to see name like mike O lee.
How can i do it in asp script.
I'm having a problem finding/using an escape character with this ASP/JScript application I'm creating. Basically I have text sometimes that has apostrophes or double quotations in them, but they won't be INSERTED unless I manually take them out.
Ex: INSERT INTO tbl1 (vendor,reason) VALUES (81,"This is only a test, but there is an apostrophe and it's only going to make things worse.")
That apostrophe in "it's" is kiling everything. I've used the replace method to change it to " ' ", but that STILL doesn't work. I can't find MS SQL's ESCAPE CHARACTER. I've tried several directions of the backslash, but no luck.
I am trying to only have a link show if there is a certin value in the DB. This is what I am trying:
<% if (rsWelcome.Fields.Item("access_level").Value) = "admin" then
response.Write("| - <a href="sps_main.asp">Sales Training Support </a>-")
end if %>
BUT... this is the error I get:
Expected ')'
/sta/topnav_test.asp, line 9 response.Write("| - <a href="sps_main.asp">Sales Training Support </a>-") How do I use quotes in a "response" and have the app server ignore them??
I've a problem reading querystring parameters that are 'uri encoded'. Anyone
has a solution for this?
To reproduce the problem, create a classic ASP containing the following code:
-----------------------
<p>Value sent via querystring: <%=
Server.HTMLEncode(Request.QueryString("value")) %></p>
<input id="input" />
<button id="submit" onclick="window.location.assign('Test.asp?value=' +
encodeURIComponent(input.value));">submit</button>
-----------------------
Now, enter the value "Dré" and submit. The page will show the value "Dré",
but I except Request.QueryString("value") to return the original value, i.e.
"Dré".
I'm still having trouble getting some of my data being returned properly when people use quotes. (ex ProjectName contents being - the "primary" project - The double quotes are the main issue. I am using a function for the single quote and it seems to have resolved the issue.
Code:
Term = trim (Term)
if Term <> "" then
Term = Replace (Term, chr (39), chr (39) & chr (39))
end if
If Term <> "" then
I use this just when passing strings from a form. I tried altering it and using chr (34) for a double quote but it didn't work.
Is it possible to escape asp tags so i can add em to another variable like this:
text = "<% downloads="&cats&" %>"
When chucking data in cookie you cannot use certain characters in this example ‘ : ‘ . To get around this you use escape and unescape. Trying to use the escape as such:
Response.Cookies("Lines")("URL4") = escape("http://www.ASP101.com")
Gives the following result:
URL4=http%3A//www.ASP101.com
Which I don't think does anything to help. So using it like this:
Response.Cookies("Lines")("URL4") = "escape(http://www.ASP101.com)"
Gives the following result:
URL4=escape(http://www.ASP101.com)
Which is the correct result apart from the ‘escape' actually appearing.
im tryin to do this:
response.write("<body topmargin='0' leftmargin='0' onLoad='window.resize('" & width & "', '" & height & "')'>")
i need to run it like this though:
response.write("<body topmargin='0' leftmargin='0' onLoad="window.resize('" & width & "', '" & height & "')">")
in php i can replace it like onLoad = "window.resize
is there something like that in asp?
is escape char in asp script and how we can encode the url in asp script?
View Replies View RelatedHere's the line I need to insert into an ASP page.
<script Language="JavaScript" src="/blarg.js"></script></head>
Right now it throws off the asp include with the quotes.
Info
DB: Oracle(9i), where I generate query strings programatically and send them to the DB server.
I have rtfm'd and googled this extensively, but I have not found how to properly esacape the ampersand character in an oracle query (I'm NOT using the SQL+ command line interface).
Oracle uses the & character to denote a variable substitution, and unfortunately one of the fields I must query has data that contains the & character. I need to know how to escape the & character in my query strings so that Oracle will treat it as a string literal. Code:
I have a 'memo' form field being entered into an access database.If people put in characters other then text (Quotes, operators, etc) then I get an insert error:
----
User Input: oh let's see - a va
Error:
[Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression ''oh let's see - a va', 'No additional comments submitted')'.
----
Is there a way to get this into the database? In php, I would simply use the function 'addslashes()' (escaping the string) - is there a similar function in ASP or am I doing something else wrong?
I am inserting records into an Access table using the OleDbCommand class. The insert values come from a basic web form with text boxes. If the values contain ' or " it creates a problem. What is the proper way to escape these characters? Surely there's a built-in function for it somewhere.
View Replies View RelatedIn a string what is the character I should use to represent an enter?
View Replies View Relatedi am retrieving a record from the database, I am trying to place the value of the FULLNAME field in a textbox on a Form, the Problem is that it only displays half of the name leaving out the stuff that comes after a SPACE.
Example:
adors("fullname").value <--- Actual Value is John Smith
but it only displays John
Code:
<INPUT id=text1 readonly name=txtfullname value=<%=adors("fullname").value%>>
but if I try to just response.write it anywhere on the page then it displays the entire name.
I have 2 SQL strings:
SELECT *
FROM NK_editie " & MM_whereConst & " " & whereClause & "
ORDER BY editie desc
And
SELECT *
FROM NK_editie INNER JOIN NK_edities ON NK_editie.editieid = NK_edities.ID
ORDER BY editie desc
Now I want to combine those 2 to one string.
I have problems to set it up in working order.
My tryout:
SELECT *
FROM NK_editie INNER JOIN NK_edities ON NK_editie.editieid = NK_edities.ID &
" & MM_whereConst & " " & whereClause & "
ORDER BY editie desc
It shows al the records which are joined, only the second string " & MM_whereConst & " " & whereClause & " is not working.
I found out a really nice way to keep things on the same page is for any processing page to add on a "?<something>=<something>"
and then just check to see what the something is equal to, and the number represents what you want the front page to show.
However, this <something> shows up on the url listing in a browser. Is there anyway to .. encode it so no one can see it? Like a encode/decode function?
I'm building a forum, and right now i'm creating the ability to edit posts. As part of this i want to add the usual "Edited by UserName on Date" line at the bottom, but am having problems doing so.
The problems seems to do with formatting the text in the variable with <span>s using stylesheets, or if there are " and ' markes in the post proper (which I can't seemt to remove with Replace). Here's my code:
if i had a string which looked like this :
,apple, orange, grape, tomatoes
how do i remove the first character[,] from the string using the trim() function?
I am developing a website and it's going fine, but i've heard that you shouldn't have your database in the wwwroot, it should be outside/above that.
I've done this (i'm using Dreamweaver MX) so I moved the db, fixed my odbc/dsn, connection string etc, but when I upload now I get this error.
Microsoft JET Database Engineerror '80004005'
'C:Program FilesEnsimSiteDatawebpplianceconfdomainsInet pubwwwrootTesting_SiteDatabasesTesting_Website _DataSource.mdb' is not a valid path. Make sure that the path name is spelled correctly and that you are connected to the server on which the file resides. /Testing_Site/default.asp, line 8
This is line 8: Recordset1.ActiveConnection = MM_TestingConnection_STRING
Is there something that I have missed. It was ok when it was in the wwwroot.
i am having a problem with comparing two strings. I am taking
in the parameter rs("Company") and if this is empty i want to put some
text in there. I am testing it with an empty Company field and comparing
it like so:
temp1=rs("Company")
temp2=StrComp(temp1,NULL)
I have also tried it with
temp2=StrComp(temp1,"")
but each time i get nothing returned. Is there some rule about comparing a
string with an empty string?
I am using ASP to connect to a simple database to retreive information and also to imput information.What I need is a simple dns connection string syntax to connect and query data.
View Replies View RelatedI have a search function on my site, and what happens at them moment is the user fills in a text box with their search string, and clicks submit. The search page takes their string, and splits it up where it sees " ".
All fairly simple, what I'd like is to allow the user to enter text in speechmarks, so the script would search for a couple of words together, as well as being able to search for every individual word...
Everyone confused yet?!
e.g If the user enters Dev Shed Forums , then the search would look for every occurance of the strings "Dev", "Shed" and "Forums"
What I want is for the user to be able to enter "Dev Shed" Forums, and the search will look for "Dev Shed" and "Forums"...
I have a list of dates in a sql database that are input as varchar like this 042999
How do I insert / in between the date/month and year
so this 042999 will appear like this 04/29/99
if i've two strings like:Code:
dim pic_name=replace(Request.Form("pic_name"),"'","''")
dim pic_path="pro-details/PICs/"
how could i merge the two strings to get the complete pic-path
< input type=text name="PageTitle" id="PageTitle"
value="<%=strPageTitle%>" >
How do I "escape" any quotes, accidental carriage returns etc that are
contained within strPageTitle? Do I have to use a series of replace()
functions, or is there a cunning way that makes it OK?
(Using escape(strPageTitle) fills the box with % signs...)
I have 2 string
str1="John"
str2="Smith"
I need to join them and then i need to get 6 characters from the left
so here is my code
str3=str1&str2
str4=Left(str3, 6)
I need to see the output as johnsm
but it gives the output as john
I am storing some strings via asp.net in my dbase. The string looks like this:
Well, that`s just a simple level 100 quiz aiming to imprint ""standard random number generators are not really random"" program to those who still lack it. What will produce the following C# snippet? ‘ ....
Now I am reading these values via ASP and need to print them out.
Unfortunaly it does not UnCode the string back so that I can show it to the user. I know I could use the replace function but I wont replace all chars, there are many from this type. What can I do?
I was wondering how do you compare variables that contain text strings in ASP.When I use the following If. Then statement:
If Rs("StyleNo") <> arrStyleNo(aCount) Then
I always get the following error when I try to browse the page:
Error Type:
(0x80020009)
Exception occurred.
I'm trying to see if a certain string matches a predefined string so I've tried:
--------------
If txtCondition3 = "NO THEFT COVER unless client claim free and occupied
prems for 3 yrs" Then
response.write "1st condition"
Else
response.write "2nd condition"
End If
--------------
But I'm getting neither response.