Solved

encoding querystrings

Posted on 2001-06-20
7
391 Views
Last Modified: 2012-08-13
Whats the best way to encode a URL with a querystring, eg
in my asp code create a hyperlink:
<a href="view_details.asp?action=123&my_var=test">TEXT</a>
so the querystring is encoded, and the values aren't so obvious.
Just clarifying also that simple replace function can be used in the next page to decode eg
REPLACE(string,"%0D%0A",vbCrLf)
0
Comment
Question by:louise_8
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 10

Expert Comment

by:makerp
ID: 6209564
enc_string = Server.URLEncode(string)

is the proper way, this deals with spaces and the like. my_var should definatly be encoded as its text and the user may enter illegal chars that need encoding, i always run strings through URLEncode to be safe. they are automaticaly decoded
0
 

Author Comment

by:louise_8
ID: 6209664
makerp,
Thansk for your comment, one question though, instead of encoding the string first, how could I achieve this in a href
eg
<%response.write "<a href=view_details.asp?action=123&test="&varPage_title)>")TEST</a>"%>
where would I include the Server.URLEncode, everytime I paste it in, I get either a syntax error or an incomplete querystring, I wish to include it in this line rather than encoding the string separately
Thanks
0
 
LVL 10

Expert Comment

by:makerp
ID: 6209700
Response.Write("<A HREF="&Server.URLEncode("view_details.asp?action=123&test="&varPage_title")&">TEST</A>")
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:louise_8
ID: 6209760
thanks

Can I just confirm that this is a good enough way to hide values being sent to pages or is there a better way, ie if we had a value 456, that could relate to a db value or something critical is there a simple yet efficient way to encode the URL, or is URLEncode the only way to achieve this without writing an encode function within the script, this should be my last query.
0
 
LVL 10

Accepted Solution

by:
makerp earned 40 total points
ID: 6209870
no, this will encode values in the correct way for HTTP. if you want to garble numbers etc then you will have to use some cypher algorithm and then de-cypher at the receving end. the best way to pass data like this is in hidden fields but this requires you to submit a form, this may/may not be a problem depending if your passing data on the href which you currently are.

theres no easy bullet proof way to do this
0
 

Author Comment

by:louise_8
ID: 6209886
Thanks for your help makerp
0
 
LVL 10

Expert Comment

by:makerp
ID: 6209898
glad to help, have a nice day :)
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Pass through dll 2 99
return false must be hit after calling certain command 10 45
Display field if column exists 7 35
Hide and Unhide Table 6 27
Hello, all! I just recently started using Microsoft's IIS 7.5 within Windows 7, as I just downloaded and installed the 90 day trial of Windows 7. (Got to love Microsoft for allowing 90 days) The main reason for downloading and testing Windows 7 is t…
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question