Solved

How do I get CF Server to ignore the double quotes within strings and variables.

Posted on 2002-07-17
12
148 Views
Last Modified: 2013-12-24
my problem is simple I have a comapany name that contains ""in it how do I get the server to ignore those.

right now it is cutting the name out at the first instance of ".

example

cfset company = "my job "athome"">

at the output it only displays

MY job.....



its probly real simple
0
Comment
Question by:jriver12
  • 4
  • 4
  • 2
  • +2
12 Comments
 
LVL 3

Expert Comment

by:SewellM
Comment Utility
You can escape the "'s.
<cfset company = "my job ""athome""">

Michael
0
 
LVL 5

Expert Comment

by:CFXPERT
Comment Utility
or use single quotes like this

<cfset company='my job "athome"'>

This would work also
0
 

Author Comment

by:jriver12
Comment Utility
so if I was passing the company variable thru the url from a form, would I pass it like
?company='#form.company"'&anothervariable=#another#??



0
 
LVL 17

Accepted Solution

by:
anandkp earned 50 total points
Comment Utility
Hi there,

The bost possible solution would be - replacing all ur doubel quotes ["] with 2 single quotes ['']

since they appear same in display - it works fine.

try it & let me know.

K'Rgds
Anand
0
 

Author Comment

by:jriver12
Comment Utility
I think I need to rephrase.

I am not setting a variable that contains something"something"Somethingelse

the user elects to use "" within letsay the company name.

how do I get cf to  escape the doublequotes so the entire content of the variableshows
0
 
LVL 5

Expert Comment

by:CFXPERT
Comment Utility
If its in the database as lets say:

"myCompany"

then CF should output it just the same.
<cfquery name="myQuery" dataasource="whatever">
sleect companyName
from companies
</cfquery>

<cfoutput query="myQuery">
#companyName#<br>
</cfoutput>

This should be no problem.  The only time you should have problems with single or double quotes is when you do an insert or update.

Are you displaying a the company name just from a posted form or from an SQL query?

Can you post all of your code?
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 17

Expert Comment

by:anandkp
Comment Utility
Hi again,
I understand that u r not setting a variable.

but when u try & display this data containing double quotes [as inserted in DB] - it gives u a problem right.

so wehn u display this data use -

#Replace(data,'"',"''",'All')#

u can use this to display ur data - without ne-erros & it will be printed as if its double quotes - though its acutally 2 single quotes.

===========================================================

u could also have another way to work around this ...

ie in ur application.cfm file - set a variblae called
<cfset doublequote = '"'>

Now every time u insert data in ur data base use

replace(data,'"','##doubleQuotes##','all')

what this would do - is insert data in ur table as - lets say
anand#doublequotes#s [instead of anand"s]

but when u display this variable as it is on ne-page.

this value would be displayed as anand"s - as #doublequotes# is initialised in UR application file.

Hope this helps out
else let me know

K'Rgds
Anand
0
 

Author Comment

by:jriver12
Comment Utility
This is getting even weirder.

when I output my data containing "" in the variable like
Mr.Ts "house"

when I output it like this
<cfoutput>#mrtsvariable#</cfoutput>
it displays Mr.Ts "house" thats great.

now when I display the same variable in this manner
<cfoutput><input type="text" name="textline" value='#mrtsvariable#'>

it displays like this in the field:
Mr.ts
hence cutting off the "house" part.

any suggestions.....
0
 
LVL 17

Expert Comment

by:anandkp
Comment Utility
Hi there,

I told u replace ur Double quote with 2 single quotes & then display ur value in textbox as
ie ur variable becomes - Mr.Ts ''house''

<input type="text" name="textline" value="#mrtsvariable#">

there u go - it gets displayed competely without getting cut.

==========================================================

abt ur q's it b'cos - when displaying there r no quotes surrounding the variable - but when u display it in a text box - u have it enclosed in the quotes of the value attribute of the input box.

hope that makes things clear ....

K'Rgds
Anand

0
 
LVL 2

Expert Comment

by:hammond_david
Comment Utility
Hi, there.

How you deal with a variable that may contain quotes depends on where you're using it, and Cold Fusion has functions specifically designed to do what you need.  If you are putting the variable in the query string of a url, use the URLEncodedFormat function:

?company=#URLEncodedFormat(form.company)#&anothervariable=#URLEncodedFormat(another)#

If you want to display the value in an input form field, use the HTMLEditFormat function, which will also guard against someone using html code:

<input type="text" name="textline" value="#HTMLEditFormat(mrtsvariable)#">

0
 
LVL 17

Expert Comment

by:anandkp
Comment Utility
Hi David,

I have tried using HTMLEditFormat - but this dosent help in escaping the single & double quotes present within the string.

thats why i came up with the replace function ...

ne-ways,

K'Rgds
Anand
0
 

Author Comment

by:jriver12
Comment Utility
thanks yall. :^)
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

Most ColdFusion developers get confused between the CFSet, Duplicate, and Structcopy methods of copying a Structure, especially which one to use when. This Article will explain the differences in the approaches with examples; therefore, after readin…
Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now