• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 416
  • Last Modified:

encoding querystrings

Whats the best way to encode a URL with a querystring, eg
in my asp code create a hyperlink:
<a href="view_details.asp?action=123&my_var=test">TEXT</a>
so the querystring is encoded, and the values aren't so obvious.
Just clarifying also that simple replace function can be used in the next page to decode eg
REPLACE(string,"%0D%0A",vbCrLf)
0
louise_8
Asked:
louise_8
  • 4
  • 3
1 Solution
 
makerpCommented:
enc_string = Server.URLEncode(string)

is the proper way, this deals with spaces and the like. my_var should definatly be encoded as its text and the user may enter illegal chars that need encoding, i always run strings through URLEncode to be safe. they are automaticaly decoded
0
 
louise_8Author Commented:
makerp,
Thansk for your comment, one question though, instead of encoding the string first, how could I achieve this in a href
eg
<%response.write "<a href=view_details.asp?action=123&test="&varPage_title)>")TEST</a>"%>
where would I include the Server.URLEncode, everytime I paste it in, I get either a syntax error or an incomplete querystring, I wish to include it in this line rather than encoding the string separately
Thanks
0
 
makerpCommented:
Response.Write("<A HREF="&Server.URLEncode("view_details.asp?action=123&test="&varPage_title")&">TEST</A>")
0
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

 
louise_8Author Commented:
thanks

Can I just confirm that this is a good enough way to hide values being sent to pages or is there a better way, ie if we had a value 456, that could relate to a db value or something critical is there a simple yet efficient way to encode the URL, or is URLEncode the only way to achieve this without writing an encode function within the script, this should be my last query.
0
 
makerpCommented:
no, this will encode values in the correct way for HTTP. if you want to garble numbers etc then you will have to use some cypher algorithm and then de-cypher at the receving end. the best way to pass data like this is in hidden fields but this requires you to submit a form, this may/may not be a problem depending if your passing data on the href which you currently are.

theres no easy bullet proof way to do this
0
 
louise_8Author Commented:
Thanks for your help makerp
0
 
makerpCommented:
glad to help, have a nice day :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now