Need to fill form textbox with value from recordset

I have an edit page that populates a form from a recordset. One of the values has a quote symbol (")in it and it stops the entire value from displaying in the text box. Here is some code:

mSQL1 = "SELECT * FROM purchasing WHERE m_id = '" & Request.querystring("id") & "'"
Set rs1 = connectstr.Execute(mSQL1)

response.write rs1("m_comments")
response.write rs1("m_material")

<form name="edit" method="post" action="request_edit_submit.asp?id=<%Response.Write rs1("m_id")%>">

<p><label for="txtMaterial">Material: </label><input type="text" name="txtMaterial" id="txtMaterial" value="<% = rs1("m_material") %>"><span style="margin-left:10px; color: red;">*This field is required</span></p>
<p><label for="txtComments">Comments: </label><textarea style="margin-left:15px;" name="txtComments" id="txtComments" cols="45" rows="5" ><% = rs1("m_comments") %></textarea></p>
<p> <input type="submit" class="nomargin" name="submit" id="submit" value="Edit Request"></p>


Open in new window

So lets say the value in both the comments and the material is 1/2" steel. At the top of the page the response.write will display 1/2" steel twice. That is correct. But in the form the material textbox will display 1/2 and the comments will display 1/2" steel. Why does an input type="text" cut off the data but a  textarea not? How do I stop this from happening.
Robert FrancisDirector of Continuous ImprovementAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Shaun KlineLead Software EngineerCommented:
Because the value property starts and ends with a quotation mark, HTML sees the quotation mark from for data and "ends" the value property at that point. You can correct this issue by using Server.HTMLEncode(<Your data here>)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.