tna | email messageHi everyone!
Question for you...
I've written several scenarios where the end user needs to enter data into a textarea (descriptions, messges etc) which becomes part of a form. End users often put apostrophe's and carrige returns in the textarea... however, when the code i write is submitted to the database, it generates an sql command from the page that sent the action.
Client Side:
<form action="somepage.asp" method="post">
<input type="text" name="emailaddress">
<textarea cols="20" rows="5" name="comments"></textarea>
</form>
On code submission...
sql="insert into tableName (email,comments) values ('" & request.form("emailaddress") & "','" & request.form("comments") & "');"
db.execute(sql)
Now, when strange people put carrige returns, it stuffs up the string and therefore produces an error, and to make matters worse if it did recognise a carrige return, it wouldn't be displayed on HTML output. Apostrophes are even worse - they signify the end of a variable in the SQL sentance
Can anyone help me and figure out a new way of writing to the DB?
THANKS!
1  9160 
tna | email messageTo deal with the apostrophes, double them up. Example:
Function SafeIn(s)
SafeIn = Replace(s, "'", "''")
End Function
sEmail = Request.Form("emailaddress")
sVal = Request.Form("comments")
sql="insert into tableName (email,comments) values ('" SafeIn(sEmail) &
"','" SafeIn(sComments) & "');"
To deal with carriage returns, let them be. They are being inserted into
your database and being returned just fine, as you'd see in a view source.
When you pull the values out, replace vbCrLf with <BR>. Example:
Function SafeOut(s)
SafeOut = Replace(s, vbCrLf, "<br>")
End Function
sVal = yourRecordset.Fields.Item(0).Value
Response.Write SafeOut(sVal)
You may want to also replace " with " in your "safeOut" function.
Ray at home
"tna | timothy gardiner" <ti*@timgardiner.id.au> wrote in message
news:3f***********************@news.optusnet.com.a u...
Hi everyone!
Question for you...
I've written several scenarios where the end user needs to enter data into a
textarea (descriptions, messges etc) which becomes part of a form. End users
often put apostrophe's and carrige returns in the textarea... however, when
the code i write is submitted to the database, it generates an sql command
from the page that sent the action.
Client Side:
<form action="somepage.asp" method="post">
<input type="text" name="emailaddress">
<textarea cols="20" rows="5" name="comments"></textarea>
</form>
On code submission...
sql="insert into tableName (email,comments) values ('" &
request.form("emailaddress") & "','" & request.form("comments") & "');"
db.execute(sql)
Now, when strange people put carrige returns, it stuffs up the string and
therefore produces an error, and to make matters worse if it did recognise a
carrige return, it wouldn't be displayed on HTML output. Apostrophes are
even worse - they signify the end of a variable in the SQL sentance
Can anyone help me and figure out a new way of writing to the DB?
THANKS!
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Les Paul |
last post by:
I'm trying to design an HTML page that can edit itself. In essence, it's
just like a Wiki page, but my own very simple version. It's a page full
of plain old HTML content, and then at the bottom,...
|
by: wperry1 |
last post by:
I am writing a small database utility to catalog all of my favorite
ASM/JS/VBS... functions and scripts on an asp page. Everything is going
smoothly except for one thing that I can't quite seem to...
|
by: Sheldon Glickler |
last post by:
I use Dreamweaver as my development IDE.
When I create a textarea, put stuff in, save it to the database, and recall
it to the textarea later, it alway comes up with what looks like a large tab...
|
by: Jen |
last post by:
Hi. I have this problem that I think should be easy but have been struggling
with this for days.
I have a list based on a recordset from a database. This list consists of
records meeting a certain...
|
by: MikeK |
last post by:
Ok, I've been noodling with this for several days now and I'm starting
to go crazy. Does Apple's Safari browser support drag events on
Textarea elements? The few specs and docs I've found seem to...
|
by: Sandy Tipper |
last post by:
I have never had a textarea content change, in any browser.
On several different projects.
With javascript enabled (other stuff works.)
I have read lots, and everyone says it should work.
Can...
|
by: Petyr David |
last post by:
I've seen a few ideas - figured I'd run it up the flagpole and see if
anyone saluted
Thanks in advance
|
by: EnjoyNews |
last post by:
Hi
I have a little probelm.
I tranfer som data from input fields to a div so you can see how a profil
will look as you type in your data.
I just put this in my input field:...
|
by: Ross |
last post by:
When I sometimes want to debug something on a browser without a firebug
console, I have been using a textarea to which I can print stuff.
So my HTML calls my big script file, and further down in...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
