HttpUtility.UrlDecode Help

Posted on 2006-04-18
Last Modified: 2007-11-27
I have a content page that I administer to add content to pages for my web site.  I am using the HttpUtility.UrlDecode so that I can enter html into the textbox to add styles.  This is working fine, but I have not added to the admin page a datagrid so that I can edit these fields.  Now I'm getting the Potential Danger error message.  I'm not sure why this works for the insert function and not the update function.  In the update function I am dynamically creating a textbox for the fields to be edited so I must not be applying this to the variable correctly.  Here's my code:

Sub SubmitContent(s As Object, e As EventArgs)
      objCmd = New OleDbCommand("INSERT INTO Content(content, ministryID) VALUES (@content, @ministryID)", objConn)
                objCmd.Parameters.Add("@content", HttpUtility.UrlDecode(txtcontent.Text))
      objCmd.Parameters.Add("@ministryID", ddlMinistry.SelectedItem.Value)  
End Sub

Sub dg_Update(s As Object, e As DataGridCommandEventArgs)
      Dim intcontentID As Integer
      Dim strcontent As String
      intcontentID = dgcontent.DataKeys(e.Item.ItemIndex)
      strcontent = CType(e.Item.FindControl("txtcontent"), TextBox).Text      
      strCmd = "UPDATE Content SET content=@content WHERE contentID=@contentID"
      objCmd = New OleDbCommand(strCmd, objConn)
      objCmd.Parameters.Add("@content", HttpUtility.UrlDecode(strcontent))
      objCmd.Parameters.Add("@contentID", intcontentID)
      dgcontent.EditItemIndex = -1
End Sub


<script type="text/javascript">
function URLEncode(arg)
      // The Javascript escape and unescape functions do not correspond
      // with what browsers actually do...
      var SAFECHARS = "0123456789" +                              // Numeric
                              "ABCDEFGHIJKLMNOPQRSTUVWXYZ" +      // Alphabetic
                              "abcdefghijklmnopqrstuvwxyz" +
                              "-_.!~*'()";                              // RFC2396 Mark characters
      var HEX = "0123456789ABCDEF";

      var plaintext = arg;//document.URLForm.F1.value;
      var encoded = "";
      for (var i = 0; i < plaintext.length; i++ ) {
            var ch = plaintext.charAt(i);
          if (ch == " ") {
                encoded += "+";                        // x-www-urlencoded, rather than %20
            } else if (SAFECHARS.indexOf(ch) != -1) {
                encoded += ch;
            } else {
                var charCode = ch.charCodeAt(0);
                  if (charCode > 255) {
                      alert( "Unicode Character '"
                        + ch
                        + "' cannot be encoded using standard URL encoding.\n" +
                                  "(URL encoding only supports 8-bit characters.)\n" +
                                      "A space (+) will be substituted." );
                        encoded += "+";
                  } else {
                        encoded += "%";
                        encoded += HEX.charAt((charCode >> 4) & 0xF);
                        encoded += HEX.charAt(charCode & 0xF);
      } // for

      //document.URLForm.F2.value = encoded;
      return encoded;//false;
Question by:azyet24
    LVL 33

    Accepted Solution

    Did you know you can turn off the "Potential dangerious ...." error message by adding ValidateRequest="False" to the <%@ Page %> Directive?

    Author Comment

    No I didn't, thanks!

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Sometimes in DotNetNuke module development you want to swap controls within the same module definition.  In doing this DNN (somewhat annoyingly) swaps the Skin and Container definitions to the default admin selections.  To get around this you need t…
    I recently went through the process of creating a Calendar Control of events with the basis of using a database to keep track of the dates that are selectable, one requirement was to have the selected date pop-up in a simple lightbox.  At first this…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now