Solved

convert double quotes to single quotes

Posted on 2006-06-20
14
576 Views
Last Modified: 2012-08-13
Hi,
I have a comments field on my form and I am using asp.net with vb  How can I make sure the following things happen when the user enters into the comments field
Convert double quotes to single quote.
 'Need to check to make sure it does not have a tab or line feed or carriage return character in this field
0
Comment
Question by:PNKJ
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +2
14 Comments
 
LVL 2

Accepted Solution

by:
cwile earned 250 total points
ID: 16945772
Replacing " with '
Replace(COMMENTSFIELDNAME, Chr(34), Chr(33))

Replacing tab with nothing
Replace(COMMENTSFIELDNAME, Chr(9), "")

Replacing return with nothing
Replace(COMMENTSFIELDNAME, Chr(13), "")



That should do the trick for you.
0
 
LVL 10

Expert Comment

by:jagadeesh_motamarri
ID: 16945779
----the best option would be converting them using string manipulations.

Say >> .replace() - for - Convert double quotes to single quote.


____Jags
0
 

Author Comment

by:PNKJ
ID: 16945907
Should we add on key press event
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 10

Expert Comment

by:jagadeesh_motamarri
ID: 16945982
u can either do it on the client side (using javascript ) before the sending the date or on server side(using java or .net class) after submitting the form.
0
 

Author Comment

by:PNKJ
ID: 16946009
Thanks can u please give an example of client side code
0
 
LVL 20

Expert Comment

by:alainbryden
ID: 16946249
Private Sub YourField_KeyPress(Index As Integer, KeyAscii As Integer)
     Select Case KeyAscii
               Case 34: KeyAscii = 33      '    " converted into '
               Case 9, 13: KeyAscii = 0    '    Tab and Carriage Return supressed
     End Select
End Sub

This will make the change immediate when they type in your form.
0
 

Author Comment

by:PNKJ
ID: 16946354
Thanks Alainbryden is this a client side code?
0
 
LVL 20

Expert Comment

by:alainbryden
ID: 16946400
Yes it is.

Whatever textbox/field they are entering their data in, you replace "YourField" with that text box's name. It's a build in function for all fields, so it will just work, and intercept all keys that are typed.

That code belongs in the code of whatever form your field is in.
0
 
LVL 5

Expert Comment

by:lostcarpark
ID: 16947006
Just one word of caution. Client side validation is great, but make sure you also validate on the server. Anything that happens on the client side can be tampered with. If you don't also validate on the server, an attacker could send text containing quotes to close the string and then insert their own SQL to gain control of your database. Client side is great for user experience,but always back it up with rock solid server code.

Best of luck,

James
0
 
LVL 20

Expert Comment

by:alainbryden
ID: 16947619
In that case, on the server side you can also say something as easy as:

If ( inStr(strIncoming, chr$(34)) +  inStr(strIncoming, vbNewLine) + inStr(strIncoming, vbTab) > 0 then
     'Reject the Incoming string, because it's been tampered with.

(if any of the inStr functions return a value greater than 0, then the total will be greater than 0, and that's an indication that the client side protection has been bypassed somehow)
0
 
LVL 5

Expert Comment

by:lostcarpark
ID: 16949791
You should bear in mind that not all browsers support client side scripting, and some users could be behind strict corportate firewalls that strip out a lot of client-side code. Don't assume that because the string submitted contains disallowed characters that the user is deliberately trying to circumvent your validation. The best strategy is to try to validate on the client side, but if that doesn't work, degrade gracefully to server side validation. The neatest approach is to present the form back to the user with a message saying what's wrong.
0
 

Author Comment

by:PNKJ
ID: 16950359
Hello  alainbryden

I tried using this syntax but I get javascript error for } bracket
Private Sub YourField_KeyPress(Index As Integer, KeyAscii As Integer)
     Select Case KeyAscii
               Case 34: KeyAscii = 33      '    " converted into '
               Case 9, 13: KeyAscii = 0    '    Tab and Carriage Return supressed
     End Select
End Sub
my field name is textbox_comments . Should I write a javascript function that will be called on key _press event of textbox_comments. I am using asp.net
0
 
LVL 20

Expert Comment

by:alainbryden
ID: 16951260
Javascript?!?!?!?!

You said you were doing this in visual basic! What I gave you, and what everyone else gave you, is visual basic code. you are on a WAY different page if you're using Javascript.

Javascript is way way differnt.

You do need do make a key_press event but then you need to intercept what key was pressed, and unless that's build in like in visual basic, you can't just intercept the key and change it the way you can in visual basic. You should have realized how different the syntax is for everyone. In Java it would be something more like.

Private void textbox_comments_key_Press(Int Index, Int KeyAscii)
{
     switch(KeyAscii)
     {
               Case 34: KeyAscii = 33;  break;    //    " converted into '
               Case 9: KeyAscii = 0; break;        //Supress tab
               Case 13: KeyAscii = 0; break;      //Supress return
     }
}

But like I said, that won't work unless you find a way to send the function KeyAscii.
0
 
LVL 20

Expert Comment

by:alainbryden
ID: 16970586
rough, I spent a lot of time on this thread.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ejb wildfly example 2 75
ejb message driven bean mdb creation steps 2 37
incorrect syntax near the order by 10 60
sed/awk/tail: how to read 3'de last line 4 46
Whether you've completed a degree in computer sciences or you're a self-taught programmer, writing your first lines of code in the real world is always a challenge. Here are some of the most common pitfalls for new programmers.
Although it can be difficult to imagine, someday your child will have a career of his or her own. He or she will likely start a family, buy a home and start having their own children. So, while being a kid is still extremely important, it’s also …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question