[thelist] XSL: Finding apostrophes

[Jason Bauer]

At 08:46 PM 1/24/02 +0000, you wrote:
>That substring-before has its ' decoded to an apostrophe before XPath
>gets a look in, so that's just the same as writing three apostrophes. I
>believe XPath strings can be delimited with double-quotes though, so you
>could write:
>
>   <xsl:value-of select="substring-before(.,&quot;'&quot;)" />

Thanks!! This works like a charm, why didn't I think of that? ;-)

>But, since you seem to building a URL, surely you don't need to escape
>apostrophes? The "turn apostrophe into double-apostrophe" sequence should
>happen on the code that receives a URL like -
>
>   search.xsql?name=fish'n'chips
>
>(if the above URL goes wrong, you've got real problems, of the
>"foo'; DROP TABLE something;" variety.)

You would think so, but no, it must be an XSQL bug, because that type of
value doesn't work correctly. When I write a URL like
search.xsql?name=Jerry O'Donnel, the page returns an SQL error because of
the '. But, when I write search.xsql?name=Jerry O''Donnel (notice, two
apostrophes) it works exactly like it should...

Either way, your solution above works great, thanks for the help!


---
Jason Bauer
jbauer at mtu.edu
Michigan Tech Fund
Web Site Coordinator
http://www.mtf.mtu.edu/