I'm getting into a problem that seems to be circular ...

I need to use height values from a database to display in text fields and 
in built name/value pairs in URLs ... the problem is that the single and 
double quotes are interpreted by the browser as HTML code rather than 
data. It seems like I've always had to develop some kind of nasty work-
around for this problem whenever it has come up in the past.

An example: if the database value is 5'8" ... a text field will show 5 ... 
when I look at the source the rest of the value ('8") is there but is 
ignored by the browser as being invalid HTML. Roughly the same thing 
happens with URLs.

ASP code:
Response.Write("<tr><td>Ch. <b>height</b>: " & TRIM(objRS2("Height")) 
& "</td><td><b>to</b>: " & "<INPUT value='" & TRIM(objRS("Height")) & "' 
type='text' name='Height' class='DSSInput' size='25' maxlength='25'>" 
& "</td><td><a class='sub_navigation' href='ALPHA_opsPMC.asp?GEN=" & TRIM
(objRS("GEN")) & "&Height=" & TRIM(objRS("Height")) & "'>S</a></td></tr>")

Result in HTML:
<tr><td>Ch. <b>height</b>: 5'11</td><td><b>to</b>: <INPUT value='5'8"' 
type='text' name='Height' class='DSSInput' size='25' 
maxlength='25'></td><td><a class='sub_navigation' href='ALPHA_opsPMC.asp?
GEN=00002&Height=5'8"'>S</a></td></tr>


Does anyone know of a definitive way to deal with this that isn't a work-
around, but is instead "The Right Way."

Thanks in advance
Chip

Hi Chip,

You'll need to encode your data using the HTMLEncode method of the Server 
object. This will "translate" your text into real HTML values, like " 
instead of the " symbol.

     Response.Write(Server.HTMLEncode("5'8"""))

This will print 5'8" on screen (I used two " to be able to print one) but 
if you look at the source, you'll see this:

     5'8"

The " displays as a " but it's not interpreted by the browser as a ".

HtH

Imar




At 03:32 PM 10/12/2002 +0000, you wrote:
>I'm getting into a problem that seems to be circular ...
>
>I need to use height values from a database to display in text fields and
>in built name/value pairs in URLs ... the problem is that the single and
>double quotes are interpreted by the browser as HTML code rather than
>data. It seems like I've always had to develop some kind of nasty work-
>around for this problem whenever it has come up in the past.
>
>An example: if the database value is 5'8" ... a text field will show 5 ...
>when I look at the source the rest of the value ('8") is there but is
>ignored by the browser as being invalid HTML. Roughly the same thing
>happens with URLs.
>
>ASP code:
>Response.Write("<tr><td>Ch. <b>height</b>: " & TRIM(objRS2("Height"))
>& "</td><td><b>to</b>: " & "<INPUT value='" & TRIM(objRS("Height")) & "'
>type='text' name='Height' class='DSSInput' size='25' maxlength='25'>"
>& "</td><td><a class='sub_navigation' href='ALPHA_opsPMC.asp?GEN=" & TRIM
>(objRS("GEN")) & "&Height=" & TRIM(objRS("Height")) & "'>S</a></td></tr>")
>
>Result in HTML:
><tr><td>Ch. <b>height</b>: 5'11</td><td><b>to</b>: <INPUT value='5'8"'
>type='text' name='Height' class='DSSInput' size='25'
>maxlength='25'></td><td><a class='sub_navigation' href='ALPHA_opsPMC.asp?
>GEN=00002&Height=5'8"'>S</a></td></tr>
>
>
>Does anyone know of a definitive way to deal with this that isn't a work-
>around, but is instead "The Right Way."
>
>Thanks in advance
>Chip

Hi Imar,

Thanks for your help ... (IF I'm using everything correctly) ... this 
works in every siutation except where a text field or url are involved ... 
it seems like the browser is applying a special set of rules for single 
and double quotes in these tags.

Anyone else have a solution?

Chip

> Hi Chip,

You'll need to encode your data using the HTMLEncode method of the Server 
object. This will "translate" your text into real HTML values, like " 
instead of the " symbol.

     Response.Write(Server.HTMLEncode("5'8"""))

This will print 5'8" on screen (I used two " to be able to print one) but 
if you look at the source, you'll see this:

     5'8"

The " displays as a " but it's not interpreted by the browser as a ".

HtH

Imar




At 03:32 PM 10/12/2002 +0000, you wrote:
>I'm getting into a problem that seems to be circular ...
>
>I need to use height values from a database to display in text fields and
>in built name/value pairs in URLs ... the problem is that the single and
>double quotes are interpreted by the browser as HTML code rather than
>data. It seems like I've always had to develop some kind of nasty work-
>around for this problem whenever it has come up in the past.
>
>An example: if the database value is 5'8" ... a text field will show 5 ...
>when I look at the source the rest of the value ('8") is there but is
>ignored by the browser as being invalid HTML. Roughly the same thing
>happens with URLs.
>
>ASP code:
>Response.Write("<tr><td>Ch. <b>height</b>: " & TRIM(objRS2("Height"))
>& "</td><td><b>to</b>: " & "<INPUT value='" & TRIM(objRS("Height")) & "'
>type='text' name='Height' class='DSSInput' size='25' maxlength='25'>"
>& "</td><td><a class='sub_navigation' href='ALPHA_opsPMC.asp?GEN=" & TRIM
>(objRS("GEN")) & "&Height=" & TRIM(objRS("Height")) & "'>S</a></td></tr>")
>
>Result in HTML:
><tr><td>Ch. <b>height</b>: 5'11</td><td><b>to</b>: <INPUT value='5'8"'
>type='text' name='Height' class='DSSInput' size='25'
>maxlength='25'></td><td><a class='sub_navigation' href='ALPHA_opsPMC.asp?
>GEN=00002&Height=5'8"'>S</a></td></tr>
>
>
>Does anyone know of a definitive way to deal with this that isn't a work-
>around, but is instead "The Right Way."
>
>Thanks in advance
>Chip

Follow up ...

I kept playing with the Server.HTMLEncode solution and "tricked" it into 
working for the text field (still can't get the url part to work) ... 
below is the ASP code that doesn't work and the code that works ... (it's 
very subtle but note the absence of single quotes in the "<INPUT 
VALUE= ... attribute of the code that worked ... in other words poorly 
formed HTML!)

Non working ASP code
Response.Write("<tr><td>Ch. <b>height</b>: " & TRIM(objRS2("Height")) 
& "</td><td><b>to</b>: " & "<INPUT value='" & Server.HTMLEncode(TRIM(objRS
("Height"))) & "' type='text' name='Height' class='DSSInput' size='25' 
maxlength='25'>" & "</td><td><a class='sub_navigation' 
href='ALPHA_opsPMC.asp?GEN=" & TRIM(objRS("GEN")) & "&Height=" & 
Server.HTMLEncode(TRIM(objRS("Height"))) & "'>S</a></td></tr>")

Working ASP code:
Response.Write("<tr><td>Ch. <b>height</b>: " & TRIM(objRS2("Height")) 
& "</td><td><b>to</b>: " & "<INPUT value=" & Server.HTMLEncode(TRIM(objRS
("Height"))) & " type='text' name='Height' class='DSSInput' size='25' 
maxlength='25'>" & "</td><td><a class='sub_navigation' 
href='ALPHA_opsPMC.asp?GEN=" & TRIM(objRS("GEN")) & "&Height=" & 
Server.HTMLEncode(TRIM(objRS("Height"))) & "'>S</a></td></tr>")


It still feels like there should be a way to do this without "tricking" 
the browser. Does anyone have a definitive, 100% Grade A, "this is the way 
it's supposed to be done" ... solution ... AND I've still got the URL part 
of the problem to solve.

Chip

> Hi Imar,

> Thanks for your help ... (IF I'm using everything correctly) ... this 
w> orks in every siutation except where a text field or url are 
involved ... 
i> t seems like the browser is applying a special set of rules for single 
a> nd double quotes in these tags.

> Anyone else have a solution?

> Chip

> > Hi Chip,

> You'll need to encode your data using the HTMLEncode method of the 
Server 
o> bject. This will "translate" your text into real HTML values, like 
&quot; 
i> nstead of the " symbol.

>      Response.Write(Server.HTMLEncode("5'8"""))

> This will print 5'8" on screen (I used two " to be able to print one) 
but 
i> f you look at the source, you'll see this:

>      5'8&quot;

> The &quot; displays as a " but it's not interpreted by the browser as 
a ".

> HtH

> Imar

> 

> 
A> t 03:32 PM 10/12/2002 +0000, you wrote:
>> I'm getting into a problem that seems to be circular ...
>> 
>> I need to use height values from a database to display in text fields 
and
>> in built name/value pairs in URLs ... the problem is that the single and
>> double quotes are interpreted by the browser as HTML code rather than
>> data. It seems like I've always had to develop some kind of nasty work-
>> around for this problem whenever it has come up in the past.
>> 
>> An example: if the database value is 5'8" ... a text field will show 
5 ...
>> when I look at the source the rest of the value ('8") is there but is
>> ignored by the browser as being invalid HTML. Roughly the same thing
>> happens with URLs.
>> 
>> ASP code:
>> Response.Write("<tr><td>Ch. <b>height</b>: " & TRIM(objRS2("Height"))
>> & "</td><td><b>to</b>: " & "<INPUT value='" & TRIM(objRS("Height")) & "'
>> type='text' name='Height' class='DSSInput' size='25' maxlength='25'>"
>> & "</td><td><a class='sub_navigation' href='ALPHA_opsPMC.asp?GEN=" & 
TRIM
>> (objRS("GEN")) & "&Height=" & TRIM(objRS("Height")) 
& "'>S</a></td></tr>")
>> 
>> Result in HTML:
>> <tr><td>Ch. <b>height</b>: 5'11</td><td><b>to</b>: <INPUT value='5'8"'
>> type='text' name='Height' class='DSSInput' size='25'
>> maxlength='25'></td><td><a class='sub_navigation' 
href='ALPHA_opsPMC.asp?
>> GEN=00002&Height=5'8"'>S</a></td></tr>
>> 
>> 
>> Does anyone know of a definitive way to deal with this that isn't a 
work-
>> around, but is instead "The Right Way."
>> 
>> Thanks in advance
>> Chip

> 

Under what circumstances does this occur? What kind of characters are you 
storing in an URL. Why are you storing a " in your  URLs?
Can you post some code for this behavior?

Cheers,

Imar





At 05:08 PM 10/12/2002 +0000, you wrote:
>Hi Imar,
>
>Thanks for your help ... (IF I'm using everything correctly) ... this
>works in every siutation except where a text field or url are involved ...
>it seems like the browser is applying a special set of rules for single
>and double quotes in these tags.
>
>Anyone else have a solution?
>
>Chip

Hi again Imar,

What I'm doing is letting users or administrators modify user personal 
information .. height, weight, etc. stored in a SQL server database. When 
is comes to modifying the height field, I have been having the problems 
that we are discussing ... the solution I've come up with based on your 
earlier suggestion ... is to leave out the quote marks that would normally 
be part of a well formed tag ... if I do that, then the Server.HTMLEncode 
solution works.

Doesn't work example:
<INPUT TYPE="Text" VALUE="Server.HTMLEncode(ASP CODE)" NAME="something">

Does work example:
<INPUT TYPE="Text" VALUE=Server.HTMLEncode(ASP CODE) NAME="something">

Notice that all I did to make it work was to leave out the normal quotes 
in the VALUE element of the tag that are part of a basic well formed HTML. 
A similar tratement of the <A> tag solved its problem as well.

I know IE is forgiving regarding well formed HTML and not so well formed 
HTML, but that may (should) end someday. Anyway, for now it works, thanks 
for your help.

Chip


> Under what circumstances does this occur? What kind of characters are 
you 
storing in an URL. Why are you storing a " in your  URLs?
Can you post some code for this behavior?

Cheers,

Imar





At 05:08 PM 10/12/2002 +0000, you wrote:
>Hi Imar,
>
>Thanks for your help ... (IF I'm using everything correctly) ... this
>works in every siutation except where a text field or url are involved ...
>it seems like the browser is applying a special set of rules for single
>and double quotes in these tags.
>
>Anyone else have a solution?
>
>Chip

Hi Chip,

I still don't quite get it. What exactly is the content of "ASP CODE"? Can
you explain / describe "doesn't work"?
Under normal circumstances, this should work, I'd say. Leaving out the
attribute quotes isn't indeed the way to go: apart from that it simply is
not correct, it can also cause other problems.
Here's how it should work:

    Dim aString
    aString = "That's a string with a double ""."

You'd want this to display in the browser as:

    That's a string with a double ".

To accomplish this, you'd use this:

    Response.Write("<input type=""text"" value=""" &
    Server.HTMLEncode(aString) & """ name=""something"">")
In the browser (visually) this would show:

    That's a string with a double ".

inside the text box.

The source, however, would read:

    <input type="text" value="That's a string with a double &quot;."
    name="something">
So I just don't understannd (read: can't believe) that it "doesn't work"

Imar



> Hi again Imar,
>
> What I'm doing is letting users or administrators modify user personal
> information .. height, weight, etc. stored in a SQL server database.
> When  is comes to modifying the height field, I have been having the
> problems  that we are discussing ... the solution I've come up with
> based on your  earlier suggestion ... is to leave out the quote marks
> that would normally  be part of a well formed tag ... if I do that,
> then the Server.HTMLEncode  solution works.
>
> Doesn't work example:
> <INPUT TYPE="Text" VALUE="Server.HTMLEncode(ASP CODE)"
> NAME="something">
>
> Does work example:
> <INPUT TYPE="Text" VALUE=Server.HTMLEncode(ASP CODE) NAME="something">
>
> Notice that all I did to make it work was to leave out the normal
> quotes  in the VALUE element of the tag that are part of a basic well
> formed HTML.  A similar tratement of the <A> tag solved its problem as
> well.
>
> I know IE is forgiving regarding well formed HTML and not so well
> formed  HTML, but that may (should) end someday. Anyway, for now it
> works, thanks  for your help.
>
> Chip
>