XML AND apostrophe

Siu wrote:

My problem is that the value that I search can have an a postrophe and that
could generate an error. Here a sempliefied code:

XmlDocument xmlDoc = new XmlDocument();
xmlDoc.Load(XML_FILENAME);
XmlNode node =
xmlDoc.SelectSingleNode("/REGGROUPS/CLIENT/REGPATCH/COMMENT[.='"+strComment+"']");

The variable strComment can contain an apostrophe and that generates an
error. How can I avoid that?

xmlDoc.SelectSingleNode("/REGGROUPS/CLIENT/REGPATCH/COMMENT[.=\"" +
strComment + "\"]")
should do.

--

Martin Honnen
http://JavaScript.FAQTs.com/

Thank you Martin, it works.

"Martin Honnen" wrote:

Siu wrote:

My problem is that the value that I search can have an a postrophe and that
could generate an error. Here a sempliefied code:

XmlDocument xmlDoc = new XmlDocument();
xmlDoc.Load(XML_FILENAME);
XmlNode node =
xmlDoc.SelectSingleNode("/REGGROUPS/CLIENT/REGPATCH/COMMENT[.='"+strComment+"']");

The variable strComment can contain an apostrophe and that generates an
error. How can I avoid that?

xmlDoc.SelectSingleNode("/REGGROUPS/CLIENT/REGPATCH/COMMENT[.=\"" +
strComment + "\"]")
should do.

--

Martin Honnen
http://JavaScript.FAQTs.com/

Hi,

I am having a similar problem to above but the suggested solution does not
fixe the issue.

I am using the following code to calculate a value:
objNavigator.Evaluate("sum(//ALLCASHISSUEDDETAIL[ACIDSTANDARDCURRENCYID = '"
+ strCurrencyID + "' and ACIDSECURITYNAME = \"" + strShareClass +
"\"]/ACIDAMOUNTISSUED)")

When strShareClass has an apostrope I receive the following error:
System.Xml.XPath.XPathException:
'sum(//NOTALLCASHISSUEDDETAIL[NACIDSTANDARDCURRENCYID = 'EUR' and
NACIDSECURITYNAME = "Ordinary&", Euro 1.27"]/NACIDAMOUNTISSUED)' has an
invalid token.

I have tried replacing the "\" with "apos:" but the xpath does not extract
the correct value then?

Lastbuilders

"Siu" wrote:

Thank you Martin, it works.

"Martin Honnen" wrote:

Siu wrote:

My problem is that the value that I search can have an a postrophe and that
could generate an error. Here a sempliefied code:
>
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.Load(XML_FILENAME);
XmlNode node =
xmlDoc.SelectSingleNode("/REGGROUPS/CLIENT/REGPATCH/COMMENT[.='"+strComment+"']");
>
The variable strComment can contain an apostrophe and that generates an
error. How can I avoid that?

xmlDoc.SelectSingleNode("/REGGROUPS/CLIENT/REGPATCH/COMMENT[.=\"" +
strComment + "\"]")
should do.

--

Martin Honnen
http://JavaScript.FAQTs.com/

* Baz wrote in microsoft.public.dotnet.xml:

>I am having a similar problem to above but the suggested solution does not
fixe the issue.

I am using the following code to calculate a value:
objNavigator.Evaluate("sum(//ALLCASHISSUEDDETAIL[ACIDSTANDARDCURRENCYID = '"
+ strCurrencyID + "' and ACIDSECURITYNAME = \"" + strShareClass +
"\"]/ACIDAMOUNTISSUED)")

When strShareClass has an apostrope I receive the following error:
System.Xml.XPath.XPathException:
'sum(//NOTALLCASHISSUEDDETAIL[NACIDSTANDARDCURRENCYID = 'EUR' and
NACIDSECURITYNAME = "Ordinary&", Euro 1.27"]/NACIDAMOUNTISSUED)' has an
invalid token.

I have tried replacing the "\" with "apos:" but the xpath does not extract
the correct value then?

You cannot use ' in the .Evaluate(...) method, it does not know any
such character references. In XPath, you have to enclose string literals
in either a pair of 's or a pair of "s. In your example above you use "s
so strShareClass must not contain another ". There are five ways around
the problem:

1. If you know strShareClass will never contain ', use ' instead.

2. If you know strShareClass will never contain both ' and " at the
same time, pick the delimiter accordingly when building the ex-
pression.

3. Declare a variable like $quot and replace all occurences of "
in strShareClass by $quot; I am not sure how to do that in .NET,
it might not be possible.

4. Build the string inside the expression using concat(...). As an
example, if you have a string <<< foo " ' bar >>>, the expression
might look like ... = concat("foo ", '"', " ' bar ");

5. Add the searched for string to a special attribute, element, etc.
in the document and specify that in the expression, for example,
... = /root/@tmp-strShareClass-search-string; this is the worst of
the options.

If 3. is not possible in .NET, I recommend to write a function for 4.
and use it whenever you build XPath expressions using user-defined
values.
--
Björn Höhrmann · mailto:bj****@hoehrmann.de · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/

Thanks for the suggestions Bjoern.

As the user can enter any characters options one and two would not suit.
Option 4 would get very inefficient if users entered multiple quotes so I am
going to look into option 3 though it may not be supported.

My preferred option would be to use a custom context and override the sum
function and pass in the variables escaping as appropriate but I have not
found any pointers on how to implement this on MSDN.

My other solution would be to remove the strShareClass from the select and
only limit by Currency which will never have quotations or apostrophes.

Baz

"Bjoern Hoehrmann" wrote:

* Baz wrote in microsoft.public.dotnet.xml:

I am having a similar problem to above but the suggested solution does not
fixe the issue.

I am using the following code to calculate a value:
objNavigator.Evaluate("sum(//ALLCASHISSUEDDETAIL[ACIDSTANDARDCURRENCYID = '"
+ strCurrencyID + "' and ACIDSECURITYNAME = \"" + strShareClass +
"\"]/ACIDAMOUNTISSUED)")

When strShareClass has an apostrope I receive the following error:
System.Xml.XPath.XPathException:
'sum(//NOTALLCASHISSUEDDETAIL[NACIDSTANDARDCURRENCYID = 'EUR' and
NACIDSECURITYNAME = "Ordinary&", Euro 1.27"]/NACIDAMOUNTISSUED)' has an
invalid token.

I have tried replacing the "\" with "apos:" but the xpath does not extract
the correct value then?

You cannot use &apos; in the .Evaluate(...) method, it does not know any
such character references. In XPath, you have to enclose string literals
in either a pair of 's or a pair of "s. In your example above you use "s
so strShareClass must not contain another ". There are five ways around
the problem:

1. If you know strShareClass will never contain ', use ' instead.

2. If you know strShareClass will never contain both ' and " at the
same time, pick the delimiter accordingly when building the ex-
pression.

3. Declare a variable like $quot and replace all occurences of "
in strShareClass by $quot; I am not sure how to do that in .NET,
it might not be possible.

4. Build the string inside the expression using concat(...). As an
example, if you have a string <<< foo " ' bar >>>, the expression
might look like ... = concat("foo ", '"', " ' bar ");

5. Add the searched for string to a special attribute, element, etc.
in the document and specify that in the expression, for example,
... = /root/@tmp-strShareClass-search-string; this is the worst of
the options.

If 3. is not possible in .NET, I recommend to write a function for 4.
and use it whenever you build XPath expressions using user-defined
values.
--
Björn Höhrmann · mailto:bj****@hoehrmann.de · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/

Baz wrote:

My preferred option would be to use a custom context and override the sum
function and pass in the variables escaping as appropriate but I have not
found any pointers on how to implement this on MSDN.

This <http://msdn.microsoft.com/msdnmag/issues/03/02/XMLFiles/article
has an example of implementing IXsltContextFunction and XsltContext.

--

Martin Honnen --- MVP XML
http://JavaScript.FAQTs.com/

* Baz wrote in microsoft.public.dotnet.xml:

>As the user can enter any characters options one and two would not suit.
Option 4 would get very inefficient if users entered multiple quotes so I am
going to look into option 3 though it may not be supported.

I don't think there is anything inefficient about #4. The expression
might become a little bit longer, but parsing it evaluating the concat
function is something a modern computer can do millions of times per
second. It seems http://support.microsoft.com/kb/324462 you can do #3
though.
--
Björn Höhrmann · mailto:bj****@hoehrmann.de · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/

Hi Bjoern\Martin,

Thanks for the Pointers.

I wrote a sumfunction similar to that shown on MSDN. Here is the code in
case anyone finds it useful. No warranties gaurantees etc.

private class SumFunction : IXsltContextFunction
{
public const string Namespace = "CRO";
public const string FunctionName = "sum";

private System.Xml.XPath.XPathResultType[] m_argTypes =
new System.Xml.XPath.XPathResultType[] {
System.Xml.XPath.XPathResultType.Number};

#region IXsltContextFunction Members

public System.Xml.XPath.XPathResultType[] ArgTypes
{
get
{
return m_argTypes;
}
}

private double GetNumberFromInvokeArgument(object arg)
{
double dblValue = 0;
double dblOut = 0;
if (arg is XPathNodeIterator)
{
XPathNodeIterator i = (XPathNodeIterator)arg;
XPathNavigator navigator = i.Current;

while (i.MoveNext())
{
if(double.TryParse(i.Current.Value, out dblOut))
{
dblValue += dblOut;
}
else
{
throw new ArgumentException("sum() function
only supports number values");
}
}
}
else
{
throw new ArgumentException("sum() only supports node
path");
}

return dblValue;
}

public object Invoke(XsltContext xsltContext, object[] args,
System.Xml.XPath.XPathNavigator docContext)
{
if (args.Length == 0)
{
throw new ArgumentException("sum() needs at least one
argument ");
}

double argument1 = GetNumberFromInvokeArgument(args[0]);

return argument1;
}

public int Maxargs
{
get { return 1; }
}

public int Minargs
{
get { return 1; }
}

public System.Xml.XPath.XPathResultType ReturnType
{
get { return System.Xml.XPath.XPathResultType.Number; }
}

#endregion
}

Herer is the calling code

XPathExpression expr1 =
objNavigator.Compile("CRO:sum(//NOTALLCASHISSUEDDETAIL[NACIDSTANDARDCURRENCYID = $CurrencyId and NACIDSECURITYNAME = $SecurityName]/NACIDAMOUNTISSUED)");
XPathExpression expr2 =
objNavigator.Compile("CRO:sum(//ALLCASHISSUEDDETAIL[ACIDSTANDARDCURRENCYID =
$CurrencyId and ACIDSECURITYNAME = $SecurityName]/ACIDAMOUNTISSUED)");
CustomContext xsltContextAuthorisedShareClass = new
CustomContext((NameTable)objXML.NameTable);
xsltContextAuthorisedShareClass.AddParam("Security Name",
strShareClass);
xsltContextAuthorisedShareClass.AddParam("Currency Id",
strCurrencyID);
xsltContextAuthorisedShareClass.AddParam("ParValue ",
dblParValue.ToString());
xsltContextAuthorisedShareClass.AddNamespace("GCM" ,
"GCM");
expr1.SetContext(xsltContextAuthorisedShareClass);
expr2.SetContext(xsltContextAuthorisedShareClass);
dblAmt2 = (double)objNavigator.Evaluate(expr1);
dblAmt3 = (double)objNavigator.Evaluate(expr2);

Baz

"Bjoern Hoehrmann" wrote:

* Baz wrote in microsoft.public.dotnet.xml:

As the user can enter any characters options one and two would not suit.
Option 4 would get very inefficient if users entered multiple quotes so I am
going to look into option 3 though it may not be supported.

I don't think there is anything inefficient about #4. The expression
might become a little bit longer, but parsing it evaluating the concat
function is something a modern computer can do millions of times per
second. It seems http://support.microsoft.com/kb/324462 you can do #3
though.
--
Björn Höhrmann · mailto:bj****@hoehrmann.de · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/