Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 221
  • Last Modified:

A problem with "quotes" in my text field

Experts,

I've got to put a page together that allows the user to edit some descriptions. All is well until one of those descriptions includes a quote. For example 12" table. When that particular item is listed, all that shows up in the text field is "12".

The reason being is that the text field script looks like this...

<input type="text" size="45" name="Description" value="<% response.write RSResult("Description") %>">

As soon as the browser encounters the value where it reads 12" it perceives the quote after 12 as the end of the value. What can I do to ensure that the entire description (12" Conference Table) as opposed to a mere fragment (12) is displayed in my text field?
0
brucegust
Asked:
brucegust
  • 2
  • 2
  • 2
  • +1
1 Solution
 
nonubikCommented:
You need to parse all the " and replace them with %22
0
 
nonubikCommented:
E.g.: 12%22 Conference Table
0
 
_iskywalker_Commented:
<input type="text" size="45" name="Description" value="<% response.write RSResult("Description") %>">
you have a strange field here:
 value="<% response.write RSResult("Description") %>">
i think a normal browser would parse like this:
value="<% response.write RSResult("
better would be if you change the out " for ' like
 value='<% response.write RSResult("Description") %>'>
maybe it works then, but if not see the comments above, since if you one " the next " will close the "input"
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
softplusCommented:
or another way:
<input type="text" size="45" name="Description" value="<% replace(response.write RSResult("Description"),"""", "%22") %>">

jskywalker: The single-quote doesn't matter, it's ASP-Code, i.e. interpreted on the server, not on the browser.

John
0
 
CyberSwineCommented:
I believe you will have a similar problems with the % character as well. If I remember this right you should replace "%" with "%%". Replacing """" with "%22" would have to be done afterward, or the "%22" would become "%%22", which will look like %22, not a doublequote char. So, modifying softplus' example to include this yields:

<input type="text" size="45" name="Description" value="<% replace(replace(response.write RSResult("Description"), "%", "%%"),"""", "%22") %>">

0
 
softplusCommented:
Looking at my comment, I should hit my head , sorry :)
<input type="text" size="45" name="Description" value="<%=replace(RSResult("Description"),"""", "%22") %>">
or CyberSwines
<input type="text" size="45" name="Description" value="<%=replace(replace(RSResult("Description"), "%", "%%"),"""", "%22") %>">

he he, putting Replace around Response.Write ...
0
 
CyberSwineCommented:
You and me both. Sometimes I just don't pay attention to the actual code :D
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now