Re: Slightly OT: VBScript / ASP question

Bill Appledorf ( (no email) )
Mon, 11 May 1998 10:26:03 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Previous message: Network Operations: "Re: Multi-link card"
Next message: Lawrence Watkins Work: "Re: Slightly OT: VBScript / ASP question"
Maybe in reply to: Danny Sinang: "Slightly OT: VBScript / ASP question"
Next in thread: Lawrence Watkins Work: "Re: Slightly OT: VBScript / ASP question"

>>One user discovered that my ASP script would generate an error if someone
>>uses a single quotation marks in any of the input fields.

An inelegant solution to double quotes in input strings:

<SCRIPT LANGUAGE="JavaScript" RUNAT="SERVER">
//==================================================
//
// removeQuotes
//
//==================================================
function removeQuotes (str)
{
var temp = ""
var i

for (i = 0; i < str.length; i++)
{
ch = str.charAt(i)
if (ch != "\"")
{
temp = temp + ch
}
}
return temp
}
</SCRIPT>

An inelegant solution to all the characters that mess up URL's and SQL
statements:

<%
'==================================================
'
' RemoveBadCharacters
'
'==================================================
Function RemoveBadCharacters (ByVal str)
Dim temp1
Dim temp2
temp1 = Replace (str, "'", "`") ' single quote
temp2 = Replace (temp1, "|", "") ' OR
temp1 = Replace (temp2, "&", "") ' ampersand
temp2 = Replace (temp1, "+", "") ' plus
temp1 = Replace (temp2, "?", "") ' question mark
temp2 = removeQuotes(temp1) ' double quote
RemoveBadCharacters = temp2
End Function
%>

Bill Appledorf
billappledorf@usa.net
- - - - - - - - - - - - - - - - - - - - - -

Previous message: Network Operations: "Re: Multi-link card"
Next message: Lawrence Watkins Work: "Re: Slightly OT: VBScript / ASP question"
Maybe in reply to: Danny Sinang: "Slightly OT: VBScript / ASP question"
Next in thread: Lawrence Watkins Work: "Re: Slightly OT: VBScript / ASP question"