[thelist] XSL: Finding apostrophes

Jason Bauer jbauer at mtu.edu
Thu Jan 24 15:58:01 CST 2002

At 08:46 PM 1/24/02 +0000, you wrote:
>That substring-before has its ' decoded to an apostrophe before XPath
>gets a look in, so that's just the same as writing three apostrophes. I
>believe XPath strings can be delimited with double-quotes though, so you
>could write:
>   <xsl:value-of select="substring-before(.,&quot;'&quot;)" />

Thanks!! This works like a charm, why didn't I think of that? ;-)

>But, since you seem to building a URL, surely you don't need to escape
>apostrophes? The "turn apostrophe into double-apostrophe" sequence should
>happen on the code that receives a URL like -
>   search.xsql?name=fish'n'chips
>(if the above URL goes wrong, you've got real problems, of the
>"foo'; DROP TABLE something;" variety.)

You would think so, but no, it must be an XSQL bug, because that type of
value doesn't work correctly. When I write a URL like
search.xsql?name=Jerry O'Donnel, the page returns an SQL error because of
the '. But, when I write search.xsql?name=Jerry O''Donnel (notice, two
apostrophes) it works exactly like it should...

Either way, your solution above works great, thanks for the help!

Jason Bauer
jbauer at mtu.edu
Michigan Tech Fund
Web Site Coordinator

More information about the thelist mailing list