[thelist] What can break a form? (ASP)
Ken Schaefer
Ken at adOpenStatic.com
Sat Apr 9 00:27:10 CDT 2005
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
: From: thelist-bounces at lists.evolt.org [mailto:thelist-
: bounces at lists.evolt.org] On Behalf Of Rob Smith
: Subject: [thelist] What can break a form? (ASP)
:
: I thought I had caught all the apostrophes in my
: form processing, and even when I did catch them all,
: the form still went through.
:
: My Canadian colleague loves to use special characters
: in forms; my new best friend. Aside from the apostrophe,
: what other special characters can break
: a form in ASP.
:
: When replace(request.form("field"),"'","''") stops working,
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Single quotes (') do not "break" forms. The only thing that they "break" is
SQL statements that you're building on-the-fly. Why? Because ' are used as
data delimiters in SQL statements. Nothing to do with HTTP/posted data,
nothing to do with ASP. Only has relevance in your database.
Cheers
Ken
--
www.adOpenStatic.com/cs/blogs/ken/
More information about the thelist
mailing list