No.
Actually you want to use HtmlEncode when writing data to Response, not
when reading data from a user
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
Thanks for the prompt reply.
I am new to web development.
It may be that I didn't clear myself well.
For example, I have the following html_encode1.as p file:
------------------------------------------------------
<%@ language="vbscr ipt"%>
<html>
<body>
<form action="html_en code1.asp" method="post">
<input type="text" name="txtbox">
<textarea name="txtarea" width=50 height=30/></textarea>
<input type="submit" value="Submit" />
</form>
<%
dim fname
fname=Request.F orm("txtarea")
fname = Server.HTMLEnco de(fname)
If fname<>"" Then
Response.Write( "Hello " & fname & "!<br />")
Response.Write( "How are you today?")
End If
%>
</body>
</html>
------------------------------------------------------
Please disregard the content. It is not the issue.
As you can see I have here 2 input controls: A TextBox and a TextArea.
On both I need to operate the HtmlEncode for security purpuses.
Now suppose I have 100 controls per page and 100 pages (I am
exaggerating of course, but just for theory prupuses).
Should I now activate HtmlEncode for each on of the controls per each
one of the pages?
Thanks again.