[thelist] Re: Adjusting strings for SQL

Anthony Baratta Anthony at Baratta.com
Mon Jul 14 13:14:15 CDT 2003


At 08:11 AM 7/14/2003, Casey Crookston wrote:

>I actually solved the first problem that I asked about (see below.) But it
>turns out that was not the root of the problem.  I understand that, when
>using an HTML form, you must use double quotes in the value statement if you
>don't want data after an apostrophe to be dropped.  But, when you are
>wrapping all HTML in response.write, how is this done?


response.write "<input type='hidden' name='block' value=' " & _
                Server.HTMLEncode(varString) & " '>

Note: vsrString must contain data or the function will through an error. 
You can fix that by encapsulating the Server.HTMLEncode in an ASP function.

''''''''''''''''''''''''''''''''''''''''''''''''''
'' HTMLData Function
'' Required Info Passed to Function:
''      varDataLine
''''''''''''''''''''''''''''''''''''''''''''''''''
Function HTMLData(varDataLine)
     if not(varDataLine = "") then
         varDataLine = Server.HTMLEncode(varDataLine)
     end if
     HTMLData = varDataLine
End Function

-- 
Anthony Baratta
President
Keyboard Jockeys

"Conformity is the refuge of the unimaginative."



More information about the thelist mailing list