Howdy folks,

I have an Access Memo field that I would like folks to be able to type ANY 
information/characters into, and be able to write that data onto an asp 
page...  Everything works right now except for when folks enter the " or & 
charaters... then when I call the data, it messes up the html...

For example, the HTML output part of my "output.asp" page looks like this:

<P>blah blah blah blah
<UL>
<%=Request("Comments")%>
</UL>

Comments being the Memo field that the data is entered into on the other 
form. 

My problem is this:

A user right now can input the following text (into the form), no problem: 
<LI>Thing 1<LI>Thing 2<LI>Thing 3
and the resulting "output.asp" page is a nice little list

But if they input this: <LI>Thing 1 & Thing 2<LI>Thing 3
the resulting "output.asp" page becomes REALLY wierd... the same goes for 
when a user inputs this: <LI>Thing "1"<LI>Thing "2"<LI>"3"

The output is crazy - im not a talented enough writer to describe the 
problem... All I'm hoping for, is that when a user enters some data into 
this form, I would love it if there is a way to make sure that the 
database doesnt care what characters are put in, and that when the user 
inputs some html tags, that those will be written to the page much like a 
response.write command... sorry that this is so long... i'll love it if 
someone can decipher my awful writing...

Thanks a bundle!

Darin See

This has nothing to do with the database.

The problem is entirely based on how the *browser* is rendering the
information sent back to it.

You can either enclose the entire record in:

<pre></pre>

tags so that the browser will intepret what is sent back as literal text.
Alternatively, it seems you want to embed HTML into your record data. If so,
you need to tell your users how to enter HTML properly...
(for example a & is displayed by entered &amp; and a " is displayed by
entering &quot; etc - they will also need to make sure that they close all
tags properly - for example if you are using a HTML 4 Strict DocType, then
you need to close your <li> tags.)

Check out:
http://validator.w3.org

You enter your URL or upload your page, and it tells you all the problems
with the HTML in your page.

Cheers
Ken

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
----- Original Message -----
From: "Darin See" <darinsee@h...>
To: "Access ASP" <access_asp@p...>
Sent: Thursday, October 17, 2002 1:15 AM
Subject: [access_asp] entering " & and more characters into the db


:
: Howdy folks,
:
: I have an Access Memo field that I would like folks to be able to type ANY
: information/characters into, and be able to write that data onto an asp
: page...  Everything works right now except for when folks enter the " or &
: charaters... then when I call the data, it messes up the html...
:
: For example, the HTML output part of my "output.asp" page looks like this:
:
: <P>blah blah blah blah
: <UL>
: <%=Request("Comments")%>
: </UL>
:
: Comments being the Memo field that the data is entered into on the other
: form.
:
: My problem is this:
:
: A user right now can input the following text (into the form), no problem:
: <LI>Thing 1<LI>Thing 2<LI>Thing 3
: and the resulting "output.asp" page is a nice little list
:
: But if they input this: <LI>Thing 1 & Thing 2<LI>Thing 3
: the resulting "output.asp" page becomes REALLY wierd... the same goes for
: when a user inputs this: <LI>Thing "1"<LI>Thing "2"<LI>"3"
:
: The output is crazy - im not a talented enough writer to describe the
: problem... All I'm hoping for, is that when a user enters some data into
: this form, I would love it if there is a way to make sure that the
: database doesnt care what characters are put in, and that when the user
: inputs some html tags, that those will be written to the page much like a
: response.write command... sorry that this is so long... i'll love it if
: someone can decipher my awful writing...
:
: Thanks a bundle!
:
: Darin See
:
:

Mr. Ken - do you get paid for all these great pearls? You should.

The <PRE></PRE> tag solution seems like the likely one for me, as I forgot 
to mention (sorry!) that folks are entering those characters correctly - & 
is entered &amp; etc... and we still ran into the same problem as if they 
had entered & with &.

I don't know what a <PRE> tag does, but im going to read up on it right 
now...

Sincerely, many thanks for all the smarts!!!

Darin See



> This has nothing to do with the database.

The problem is entirely based on how the *browser* is rendering the
information sent back to it.

You can either enclose the entire record in:

<pre></pre>

tags so that the browser will intepret what is sent back as literal text.
Alternatively, it seems you want to embed HTML into your record data. If 
so,
you need to tell your users how to enter HTML properly...
(for example a & is displayed by entered &amp; and a " is displayed by
entering &quot; etc - they will also need to make sure that they close all
tags properly - for example if you are using a HTML 4 Strict DocType, then
you need to close your <li> tags.)

Check out:
http://validator.w3.org

You enter your URL or upload your page, and it tells you all the problems
with the HTML in your page.

Cheers
Ken

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
----- Original Message -----
From: "Darin See" <darinsee@h...>
To: "Access ASP" <access_asp@p...>
Sent: Thursday, October 17, 2002 1:15 AM
Subject: [access_asp] entering " & and more characters into the db


:
: Howdy folks,
:
: I have an Access Memo field that I would like folks to be able to type 
ANY
: information/characters into, and be able to write that data onto an asp
: page...  Everything works right now except for when folks enter the " or 
&
: charaters... then when I call the data, it messes up the html...
:
: For example, the HTML output part of my "output.asp" page looks like 
this:
:
: <P>blah blah blah blah
: <UL>
: <%=Request("Comments")%>
: </UL>
:
: Comments being the Memo field that the data is entered into on the other
: form.
:
: My problem is this:
:
: A user right now can input the following text (into the form), no 
problem:
: <LI>Thing 1<LI>Thing 2<LI>Thing 3
: and the resulting "output.asp" page is a nice little list
:
: But if they input this: <LI>Thing 1 & Thing 2<LI>Thing 3
: the resulting "output.asp" page becomes REALLY wierd... the same goes for
: when a user inputs this: <LI>Thing "1"<LI>Thing "2"<LI>"3"
:
: The output is crazy - im not a talented enough writer to describe the
: problem... All I'm hoping for, is that when a user enters some data into
: this form, I would love it if there is a way to make sure that the
: database doesnt care what characters are put in, and that when the user
: inputs some html tags, that those will be written to the page much like a
: response.write command... sorry that this is so long... i'll love it if
: someone can decipher my awful writing...
:
: Thanks a bundle!
:
: Darin See
:
:

Howdy again, Ken or anyone -

it seems the <PRE> tag didn't solve my problem... this is how i entered it 
into my "output.asp" page:

<PRE CLASS="text"><%=Request("Comments")%></PRE>

The pre tag fixed the crazy error that came about when a & character or 
&amp; were entered into the Comments field, but the <PRE> tag didn't fix 
the problem of the & or &amp; actually displaying in the output page.

(in fact, if the data in the Comments field is: <LI>thing 1 & thing 
2<LI>Thing 3  Then, with the <PRE> tag, I get no error, but I also get 
nothing displayed beyond the & character.  in this situation, only 
<LI>thing 1 would appear in "output.asp")

I'd be happy to provide the code i used for both the entry into the 
database or the output page if that will be necessary or helpful...

Thank you SO much,

Darin See

What type of field is "Comments"?

Cheers
Ken

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: "Darin See" <darinsee@h...>
Subject: [access_asp] Re: entering " & and more characters into the db


: Howdy again, Ken or anyone -
:
: it seems the <PRE> tag didn't solve my problem... this is how i entered it
: into my "output.asp" page:
:
: <PRE CLASS="text"><%=Request("Comments")%></PRE>
:
: The pre tag fixed the crazy error that came about when a & character or
: &amp; were entered into the Comments field, but the <PRE> tag didn't fix
: the problem of the & or &amp; actually displaying in the output page.
:
: (in fact, if the data in the Comments field is: <LI>thing 1 & thing
: 2<LI>Thing 3  Then, with the <PRE> tag, I get no error, but I also get
: nothing displayed beyond the & character.  in this situation, only
: <LI>thing 1 would appear in "output.asp")
:
: I'd be happy to provide the code i used for both the entry into the
: database or the output page if that will be necessary or helpful...
:
: Thank you SO much,
:
: Darin See

It is an Access 2000  "Memo" field

Thanks!
Darin


> What type of field is "Comments"?

Cheers
Ken

You /may/ (or maybe not) be having problems extracting all the data from the
field...

http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q200124&

Cheers
Ken

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: "Darin See" <darinsee@h...>
Subject: [access_asp] Re: entering " & and more characters into the db


:
: It is an Access 2000  "Memo" field
:
: Thanks!
: Darin
:
:
: > What type of field is "Comments"?
:
: Cheers
: Ken

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Darin,

See if this doesn't get you 90% there...  Save the following code
as TestMemo.asp, then execute it.  The text that is entered in
the textbox is encoded BEFORE it is sent to the server.
Therefore the server gets data that can be stored directly into
the Memo field of the table.  When returning the data, the server
builds a small script that has the data stuffed into an unescape
function which will decode the data when it returns to the
browser.

This code was tested using IE.  Some changes will have to be had
for NS; e.g., h.value.

Note that if a user enters HTML; i.e., "< blah >", then it has to
be valid HTML.  Quotes, "&", etc. will work just fine.

Larry Woods
l.woods, inc.


=======================================
<html>
<body>
<form name="frm" method="POST" action="TestMemo.asp">
<%
if len(request("h"))<>0 then
	response.write "received at server=" & request("h") & "<BR>"
%>
<script language="javascript">
document.writeln("Returned:<PRE>"+unescape("<%=request("h")%>")+"
</PRE>")
</script>
<%
end if
%>
<input type="hidden" name="h">
<input type="textbox" name="tb">
<input type="submit" onclick="h.value=escape(tb.value);true;"
value="Submit">
</form>
</body>
</html>
========================================


> -----Original Message-----
> From: Darin See [mailto:darinsee@h...]
> Sent: Thursday, October 17, 2002 1:16 AM
> To: Access ASP
> Subject: [access_asp] entering " & and more characters
> into the db
>
>
>
> Howdy folks,
>
> I have an Access Memo field that I would like folks to
> be able to type ANY
> information/characters into, and be able to write that
> data onto an asp
> page...  Everything works right now except for when
> folks enter the " or &
> charaters... then when I call the data, it messes up
> the html...
>
> For example, the HTML output part of my "output.asp"
> page looks like this:
>
> <P>blah blah blah blah
> <UL>
> <%=Request("Comments")%>
> </UL>
>
> Comments being the Memo field that the data is entered
> into on the other
> form.
>
> My problem is this:
>
> A user right now can input the following text (into
> the form), no problem:
> <LI>Thing 1<LI>Thing 2<LI>Thing 3
> and the resulting "output.asp" page is a nice little list
>
> But if they input this: <LI>Thing 1 & Thing 2<LI>Thing 3
> the resulting "output.asp" page becomes REALLY
> wierd... the same goes for
> when a user inputs this: <LI>Thing "1"<LI>Thing "2"<LI>"3"
>
> The output is crazy - im not a talented enough writer
> to describe the
> problem... All I'm hoping for, is that when a user
> enters some data into
> this form, I would love it if there is a way to make
> sure that the
> database doesnt care what characters are put in, and
> that when the user
> inputs some html tags, that those will be written to
> the page much like a
> response.write command... sorry that this is so
> long... i'll love it if
> someone can decipher my awful writing...
>
> Thanks a bundle!
>
> Darin See
>
>

You are a helpful bunch of folks - I will give this a try Larry, and 
report back!!

Thanks,
Darin See

Also, if you are still stuck, we should probably start again at the
beginning!

Can you more accurately describe the problem you are having? (Originally you
said the page looked weird).

For example, is some of the record data missing? or do extra characters end
up in the output? or what? If there is data missing, can you see it in
view-source, even if it is not being rendered correctly?
Can you post a screen shot of what the page looks like?

Cheers
Ken

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: "Darin See" <darinsee@h...>
Subject: [access_asp] RE: entering " & and more characters into the db


:
: You are a helpful bunch of folks - I will give this a try Larry, and
: report back!!
:
: Thanks,
: Darin See
:
:

I will do these things and more gents - I shamefacedly admit though that I 
still havent tried Larry's solution - I will try his right now... really!

Wish me luck!

Okay, i set up a test version of the forms, and a test database as well... 
If you add an rv, the last textbox is the one that gives the trouble (it 
accesses the Memo field in the db... add all you like, and use the modify 
and remove forms as well... id explain more, but thatd just be wordy, and 
this is all pretty self explanatory:

http://www.stiersrv.com/test/

Ill post the code for the pages as well, if you request which pages you 
would like... can i just copy and paste the code in here?

Thanks SO Much!

Darin See

Hi,

I added a new record, and in the last field added:

<LI>Air Conditioner <LI>CD Pla & yer <LI>AM/FM Stereo <LI>Ceiling Fans

What I suspect the problem is is the following:

a) On this page:
http://www.stiersrv.com/test/output.asp
you have links to view each record. But instead of just passing the record's
ID number you are passing *all* the record's information in the QueryString

b) You are not using Server.URLEncode() on the values you are passing, and
so illegal/reserved values such as spaces, %, &, " etc are being passed
literally, and this is messing up the querystring.

What I suggest is:
a) http://www.stiersrv.com/test/output.asp just pass the record's unique
recordID, and use that on http://www.stiersrv.com/test/detail_new.asp to get
the data from the database for display, eg on
http://www.stiersrv.com/test/output.asp you just have:

<a href="detail_new.asp?ID=1">aaaaa</a>
<a href="detail_new.asp?ID=2">bbbbb</a>

etc

OR

b) If you really want to pass all the data via the querystring then you need
to use Server.URLEncode() on the *values* you are passing, eg:

<a
href="detail_new.asp?Stock=<%=Server.URLEncode(strStock)%>&Type=<%=Server.UR
LEncode(strType)%>">aaaaa</a>

Cheers
Ken

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: "Darin See" <darinsee@h...>
Subject: [access_asp] RE: entering " & and more characters into the db


:
: Okay, i set up a test version of the forms, and a test database as well...
: If you add an rv, the last textbox is the one that gives the trouble (it
: accesses the Memo field in the db... add all you like, and use the modify
: and remove forms as well... id explain more, but thatd just be wordy, and
: this is all pretty self explanatory:
:
: http://www.stiersrv.com/test/
:
: Ill post the code for the pages as well, if you request which pages you
: would like... can i just copy and paste the code in here?
:
: Thanks SO Much!
:
: Darin See
:

Ken,

Thanks a bunch for the suggestions - I will try the recordID solution - 
that seems like the elegant one - I assume that the recordID is the 
primary key field?  dont worry, I'll figure it out... MANY MANY thanks Ken,

Cheers to you!

Darin See

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: "Darin See" <darinsee@h...>
Subject: [access_asp] RE: entering " & and more characters into the db


: Thanks a bunch for the suggestions - I will try the recordID solution - 
: that seems like the elegant one - I assume that the recordID is the 
: primary key field? 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

You assume correctly...

Cheers
Ken