Solved

Double quotes not showing up in textbox

Posted on 2006-10-30
3
660 Views
Last Modified: 2012-08-14
I have a textbox that a user can type in anything.  If the user uses double quotes it save it fine.  When the page is brought up again anything past the double quotes is missing.  It is saved in the DB but is not shown in the textbox.  I created a hidden field and when I view source everything is there but when I change the hidden field to a textbox everything past the double quotes is missing.  Why is this and how do I prevent it from happening?
0
Comment
Question by:huerita37
3 Comments
 
LVL 51

Assisted Solution

by:Ryan Chong
Ryan Chong earned 100 total points
ID: 17839421
try use server.HTMLEncode function to encode the characters? try like:

<input name="co_name" type="text" id="co_name" value="<%=server.HTMLEncode("" & rs("co_name"))%>" size="54" maxlength="100">
0
 

Author Comment

by:huerita37
ID: 17839463
That worked but why do you need to do that?
0
 
LVL 25

Accepted Solution

by:
Lee Savidge earned 150 total points
ID: 17840814
Hi,

The reason it worked is because the double quote character is a string delimiter in HTML. So when ASP displays the double quotes it renders it as the actual character rather than encoding it. So, for example, you have this string in a tex box:

Bob says "hi"!

You save it, everythnig is good. When the code is read back from the database it is displayed in the text box. The HTML code will receive this:

<input name="co_name" type="text" id="co_name" value="Bob says "hi"!" size="54" maxlength="100">

So, the value attribute has an oipening double quote and the string starts displaying. The string ends when it receives the second double quote. In this example, the second double quote is just before the bit that says hi. This means the string in the attribute is "Bob says " and anything afterwards is ignored which is what you're experiencing. To cure this problem you need to escape the string delimiter characters inside the text string so that the 2 double quote in my example aren't treated as string delimiters, rather they are treated as characters in the string. This is why you use the server.HTMLEncode function. What this does is covert the string within the value attribute into "safe" HTML. In this example the string is converted to:

Bob says &quot;hi&quot;!

the &quot; is what replaces the 2 double quotes. These are the HTML character codes for the double quote character. This means that when the browser renders the string, the opening double quote begins things. The string the writes to the screen, but when the browser sees the &quot; it displays a double quote and doesn't delimit the string. The string ccontinues displaying and does the same or the second &quot;. It continues until it hits the final double quote at the end of the string. This means that your string displays correctly and the browser has done it's job and everyone is happy. See http://windowssdk.msdn.microsoft.com/en-us/library/ms525347.aspx for more info. There are also HTMLDecode, URLEncode and URLDecode functions that encode and decode things for different reasons.

Regards,

Lee
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello, all! I just recently started using Microsoft's IIS 7.5 within Windows 7, as I just downloaded and installed the 90 day trial of Windows 7. (Got to love Microsoft for allowing 90 days) The main reason for downloading and testing Windows 7 is t…
I would like to start this tip/trick by saying Thank You, to all who said that this could not be done, as it forced me to make sure that it could be accomplished. :) To start, I want to make sure everyone understands the importance of utilizing p…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question