[thelist] What can break a form? (ASP)

Brian Cummiskey Brian at hondaswap.com
Fri Apr 8 14:47:56 CDT 2005


Rob Smith wrote:
> I thought I had caught all the apostrophes in my form processing, and even
> when I did catch them all, the form still went through.
> 
> My Canadian colleague loves to use special characters in forms; my new best
> friend. Aside from the apostrophe, what other special characters can break a
> form in ASP.
> 
> When replace(request.form("field"),"'","''") stops working,
> 
> Rob Smith

use escape(request.form("field"))
and unescape() as necessary.

this is escape all special characters.

another function you may be itnerested in using is the 
Server.HTMLEncode() function which will turn ">" into > and so on...


biggest problem charcters:
--
'
"
*




More information about the thelist mailing list