Solved

Field that has HTML displays the code instead of the text in html

Posted on 2016-09-12
16
51 Views
Last Modified: 2016-09-12
I have an ASP page which displays 'notes'.  This notes were saved in HTML in the DB. Like :  Hello I am <strong> Joe Doe</strong>
When I display the field on the ASP page it shows as  Hello I am <strong> Joe Doe</strong>
Instead of making the name 'blank'  like:    Hello I am  Joe Doe

How can I display the text correctly and not the code 'behind'  it ?
0
Comment
Question by:amucinobluedot
  • 7
  • 4
  • 3
  • +1
16 Comments
 
LVL 82

Expert Comment

by:hielo
ID: 41794312
It sounds like you are escaping the HTML before you send it to the browser.  How are you emitting that text onto the browser?
0
 

Author Comment

by:amucinobluedot
ID: 41794328
I am using a stored procedure. Attached is the code for that page.  

This is the portion of the SP that selects the notes that are displayed:

  STUFF( (SELECT Comments + ' | ' 
                             FROM casecomments b
                              WHERE  b.caseid = a.id
                             ORDER BY lastupdate
                             FOR XML PATH('')) , 
                            1, 0, '') AS casenotes,

Open in new window

code.txt
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 41794354
Try:

Response.Write "Hello I am <strong> Joe Doe</strong>"

That should output the bold in that string
0
 
LVL 82

Expert Comment

by:hielo
ID: 41794399
In XML the less than, greater than, and ampersand characters have "special meaning", so they would need to be escaped if you wanted them as part of the data.  Your query has a "FOR XML" clause, so most likely  it is escaping the less and greater than symbols contained in the Comments field.

Try changing:
<%=(report_results.Fields.Item("casenotes").Value)%>

Open in new window


to:
<%= Replace(Replace(Replace(report_results.Fields.Item("casenotes").Value, "&lt;","<"),"gt;",">"),"<script","") %>

Open in new window

0
 
LVL 51

Accepted Solution

by:
Julian Hansen earned 250 total points
ID: 41794403
Sounds like your data is encoded in the database which means you have to decode it before sending to the browser
Example
Function HTMLDecode(html)
    html = Replace(html, "&quot;", Chr(34))
    html = Replace(html, "&lt;"  , Chr(60))
    html = Replace(html, "&gt;"  , Chr(62))
    html = Replace(html, "&amp;" , Chr(38))
    html = Replace(html, "&nbsp;", Chr(32))
    HTMLDecode = html
End Function

dim s
s = "&lt;strong&gt;Jon Doe&lt;/strong&gt;"
Response.Write HTMLDecode(s)
%>	

Open in new window

0
 

Author Comment

by:amucinobluedot
ID: 41794405
I got this error:

Microsoft VBScript runtime error '800a005e'

Invalid use of Null: 'Replace'

/bluedot/Intranet/reports/rp_all_01_results.asp, line 408
0
 

Author Comment

by:amucinobluedot
ID: 41794417
Julian,

How do I apply that function and I got this error:

Microsoft VBScript runtime error '800a005e'

Invalid use of Null: 'Replace'

/bluedot/includes/bdot/scripts.asp, line 428 

Open in new window


This is on the script's first line.  Some of the fields are null some have data.

I am trying to display the content with:

<%=HTMLDecode(report_results.Fields.Item("casenotes").Value)%>
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 41794424
sorry my last answer was incomplete, try this if only your code isn't encoded when you save it.

Response.Write Server.HTMLEncode( "Hello I am <strong> Joe Doe</strong>" )

If the data IS encoded, you'll have to manually decode it using the clean function I gave you awhile back
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:amucinobluedot
ID: 41794442
Big Monty:  I tried using the code we have to 'clean' (using in the other post) but the text still looks the same:


G-28, I-129 emailed to amucino'23@demo.com as PDF by Attorney Name. | &lt;p&gt;tseefe&lt;/p&gt; | &lt;p&gt;Please make sure you add comments to this case visible to both&lt;/p&gt; | &lt;p&gt;Add comments to this case here one visible indv not and low&lt;/p&gt; | &lt;p&gt;test&lt;/p&gt; | &lt;p&gt;test 2&lt;/p&gt; |
0
 
LVL 82

Expert Comment

by:hielo
ID: 41794443
If the field contains nulls, then use:
<%
If NOT IsNull(report_results.Fields.Item("casenotes").Value) Then
Response.Write( Replace(Replace(Replace(report_results.Fields.Item("casenotes").Value, "&lt;","<"),"gt;",">"),"<script","") )
End If
%>

Open in new window

0
 

Author Comment

by:amucinobluedot
ID: 41794451
Tried the above and still got error:

Microsoft VBScript runtime error '800a005e'

Invalid use of Null: 'Replace'

/bluedot/Intranet/reports/rp_all_01_results.asp, line 411

I also tried:

If NOT IsNull(report_results.Fields.Item("casenotes").Value) Then
HTMLDecode(report_results.Fields.Item("casenotes").Value)

and got the same above error.
0
 
LVL 82

Assisted Solution

by:hielo
hielo earned 250 total points
ID: 41794456
Regarding Julian's function do a null check within the HTMLDecode
Function HTMLDecode(html)
    HTMLDecode=""
   If NOT IsNull(html) Then
    html = Replace(html, "&quot;", Chr(34))
    html = Replace(html, "&lt;"  , Chr(60))
    html = Replace(html, "&gt;"  , Chr(62))
    html = Replace(html, "&amp;" , Chr(38))
    html = Replace(html, "&nbsp;", Chr(32))
    HTMLDecode = html
  End If
End Function

<%=HTMLDecode(report_results.Fields.Item("casenotes").Value)%>

Open in new window

0
 

Author Comment

by:amucinobluedot
ID: 41794458
PERFECT !  That addition worked. Thank you everyone!  I will go ahead and share the points I hope thats ok with everyone.
0
 

Author Closing Comment

by:amucinobluedot
ID: 41794461
Thank you !
0
 
LVL 51

Expert Comment

by:Julian Hansen
ID: 41794493
How are you trying to apply it - what does your code look like?
You can see the code above working here
0
 
LVL 51

Expert Comment

by:Julian Hansen
ID: 41794504
You are welcome.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Use these top 10 tips to master the art of email signature design. Create an email signature design that will easily wow recipients, promote your brand and highlight your professionalism.
This article demonstrates how to create a simple responsive confirmation dialog with Ok and Cancel buttons using HTML, CSS, jQuery and Promises
In this tutorial viewers will learn how to embed videos in a webpage using HTML5. Ensure your DOCTYPE declaration is set to HTML5: "<!DOCTYPE html>": Use the <video> tag to insert a video. Define the src as the URL of your video; this is similar to …
The viewer will learn how to dynamically set the form action using jQuery.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now