escaping characters

M

Mike P

I need to put the following code within a <% %> block :

response.write "<tr>" &_
"<td bgcolor=eeeeee><a href=""company.asp?company=rs("companyKey")" &
"orderby=name"">"&naym&"</a></td>"


How do I escape the characters " etc?
 
R

Ray Costanzo [MVP]

Well, one way would be to not response.write it, but do:

%>
<td bgcolor=eeeeee><a
href="company.asp?company=<%=rs("companyKey")%>&orderby=name"><%=naym%></a></td>
%<

Or, if you would like to keep it as is, you already have the " escaped, in
VBScript. In VBScript, you use "" where you want ", as you have it.

Response.Write "<tr>" & _
"<td bgcolor=eeeeee><a href=""company.asp?company=" & rs("companyKey")
& "&orderby=name"">" & naym & "</a></td>"


A few things to note.

You forgot the & before "orderby=name". That would have given a company
value of TheCompanyKeyorderby=name

Use spaces between your ampersands and variable names. If you don't, you'll
play hell trying to figure out why

<%
Dim h1
h1 = "john"
Response.Write "His name is "&h1
%>

doesn't work.

Ray at work
 
E

Egbert Nierop \(MVP for IIS\)

Mike P said:
I need to put the following code within a <% %> block :

response.write "<tr>" &_
"<td bgcolor=eeeeee><a href=""company.asp?company=rs("companyKey")" &
"orderby=name"">"&naym&"</a></td>"


How do I escape the characters " etc?
Click to expand...

Have you tried this?

"<td bgcolor=eeeeee><a href=""company.asp?company="
Response.write server.htmlencode(rs("companyKey"))

etc...
 
E

Evertjan.

Egbert Nierop (MVP for IIS) wrote on 29 mrt 2006 in
microsoft.public.inetserver.asp.general:
Have you tried this?

"<td bgcolor=eeeeee><a href=""company.asp?company="
Response.write server.htmlencode(rs("companyKey"))

etc...
Click to expand...

Or:

%><tr><td bgcolor='eeeeee'>
<a href='company.asp?company=<%=rs("companyKey")%>&orderby=name'>
<%=naym%></a></td><%
 
E

Egbert Nierop \(MVP for IIS\)

Evertjan. said:
Egbert Nierop (MVP for IIS) wrote on 29 mrt 2006 in
microsoft.public.inetserver.asp.general:


Or:

%><tr><td bgcolor='eeeeee'>
<a href='company.asp?company=<%=rs("companyKey")%>&orderby=name'>
<%=naym%></a></td><%
Click to expand...

Sorry Evertjan, this does not escape characters!

Open for instance localstart.asp (at your default wwwroot on XP) and modify
this paragraph

<ul class="clsEntryText">
<li>Set up a personal Web server<%="&""><"%><% response.write
"&""><"%>
<li>Share information within your team
<li>Access databases
<li>Develop an enterprise intranet
<li>Develop applications for the Web.
</ul>

As you open the output with notepad, no encoding has been performed!
However, if you use <li>Set up a personal Web server<%=
Server.HtmlEncode("&""><")%><% Response.Write Server.HtmlEncode("&""><") %>
The output of the line with 'illegal HTML chars' is now as this
<li>Set up a personal Web server&amp;&quot;&gt;&lt;&amp;&quot;&gt;&lt;

The output is fixed. At least, that is how I understood the question of the
O.P.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

escaping characters 1
Sort by number of characters 1
Updating Inventory using First In First out(FIFO) 1
Need help with <rowspan> in an HTML table 1
Getting extra blank rows from appending HTML..? 2
Pythen question 0
Only one table shows up with the information 2
Please help me with this question. 5

Members online

Total: 2,588 (members: 1, guests: 2,587)
Robots: 176

Forum statistics

Threads
474,143
Messages
2,570,822
Members
47,368
Latest member
michaelsmithh

Latest Threads

Top