Mark Holton
2007-May-21 23:07 UTC
Errors when passing "?" or "#" in text field to server side
Hello, I''m getting errors when I pass a "?" or a "#" to my server side code. So for instance, let''s say I''m saving a "name" and a "memo", and someone decides to include a "?" in the text of their memo. It causes an error when sent to the server side code. Is there a way, in Prototype, to make sure it passes the whole string and to not interpret pieces of the string passed in? I am passing the string in as $(''txtMemo'').value, for example. (when it''s a numeric value, and in other cases I pre-process the string on the server side to avoid SQL-injection, etc, but these two characters in particular, "?", or "#" are causing the error to occur). Many thanks for any heads up there. cheers, Mark --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Spinoffs" group. To post to this group, send email to rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-spinoffs?hl=en -~----------~----~----~----~------~----~------~--~---
Mark Holton
2007-May-21 23:09 UTC
Re: Errors when passing "?" or "#" in text field to server side
escape("*string*") ? ...wondering if there is a built-in Prototype.js way On 5/21/07, Mark Holton <holtonma-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > Hello, > > I''m getting errors when I pass a "?" or a "#" to my server side code. So > for instance, let''s say I''m saving a "name" and a "memo", and someone > decides to include a "?" in the text of their memo. It causes an error when > sent to the server side code. Is there a way, in Prototype, to make sure it > passes the whole string and to not interpret pieces of the string passed > in? I am passing the string in as $(''txtMemo'').value, for example. > > (when it''s a numeric value, and in other cases I pre-process the string on > the server side to avoid SQL-injection, etc, but these two characters in > particular, "?", or "#" are causing the error to occur). > > Many thanks for any heads up there. > cheers, > Mark--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Spinoffs" group. To post to this group, send email to rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-spinoffs?hl=en -~----------~----~----~----~------~----~------~--~---
Mark Holton
2007-May-21 23:12 UTC
Re: Errors when passing "?" or "#" in text field to server side
Is this a better js function to use?: encodeURIComponent()http://xkr.us/articles/javascript/encode-compare/ On 5/21/07, Mark Holton <holtonma-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > escape("*string*") ? > > ...wondering if there is a built-in Prototype.js way > > > > On 5/21/07, Mark Holton <holtonma-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > > Hello, > > > > I''m getting errors when I pass a "?" or a "#" to my server side code. > > So for instance, let''s say I''m saving a "name" and a "memo", and someone > > decides to include a "?" in the text of their memo. It causes an error when > > sent to the server side code. Is there a way, in Prototype, to make sure it > > passes the whole string and to not interpret pieces of the string passed > > in? I am passing the string in as $(''txtMemo'').value, for example. > > > > (when it''s a numeric value, and in other cases I pre-process the string > > on the server side to avoid SQL-injection, etc, but these two characters in > > particular, "?", or "#" are causing the error to occur). > > > > Many thanks for any heads up there. > > cheers, > > Mark > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Spinoffs" group. To post to this group, send email to rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-spinoffs?hl=en -~----------~----~----~----~------~----~------~--~---
Mark Holton
2007-May-21 23:53 UTC
Re: Errors when passing "?" or "#" in text field to server side
encodeURIComponent() works like a charm! (sorry for the thinking out loud, but sometimes it seems to help) cheers- On 5/21/07, Mark Holton <holtonma-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > Is this a better js function to use?: > encodeURIComponent()http://xkr.us/articles/javascript/encode-compare/ > > > > On 5/21/07, Mark Holton <holtonma-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > > escape("*string*") ? > > > > ...wondering if there is a built-in Prototype.js way > > > > > > > > On 5/21/07, Mark Holton < holtonma-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > > > > Hello, > > > > > > I''m getting errors when I pass a "?" or a "#" to my server side code. > > > So for instance, let''s say I''m saving a "name" and a "memo", and someone > > > decides to include a "?" in the text of their memo. It causes an error when > > > sent to the server side code. Is there a way, in Prototype, to make sure it > > > passes the whole string and to not interpret pieces of the string passed > > > in? I am passing the string in as $(''txtMemo'').value, for example. > > > > > > (when it''s a numeric value, and in other cases I pre-process the > > > string on the server side to avoid SQL-injection, etc, but these two > > > characters in particular, "?", or "#" are causing the error to occur). > > > > > > Many thanks for any heads up there. > > > cheers, > > > Mark > > > > > > >--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Spinoffs" group. To post to this group, send email to rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-spinoffs?hl=en -~----------~----~----~----~------~----~------~--~---
Richard Quadling
2007-May-22 08:08 UTC
Re: Errors when passing "?" or "#" in text field to server side
And voila! On 22/05/07, Mark Holton <holtonma-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> encodeURIComponent() works like a charm! > (sorry for the thinking out loud, but sometimes it seems to help) > cheers- > > > > On 5/21/07, Mark Holton <holtonma-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > Is this a better js function to use?: > > > > > encodeURIComponent()http://xkr.us/articles/javascript/encode-compare/ > > > > > > > > > > > > On 5/21/07, Mark Holton <holtonma-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org > wrote: > > > escape("string") ? > > > > > > ...wondering if there is a built-in Prototype.js way > > > > > > > > > > > > > > > > > > > > > > > > > > > On 5/21/07, Mark Holton < holtonma-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > > Hello, > > > > > > > > I''m getting errors when I pass a "?" or a "#" to my server side code. > So for instance, let''s say I''m saving a "name" and a "memo", and someone > decides to include a "?" in the text of their memo. It causes an error when > sent to the server side code. Is there a way, in Prototype, to make sure it > passes the whole string and to not interpret pieces of the string passed in? > I am passing the string in as $(''txtMemo'').value, for example. > > > > > > > > (when it''s a numeric value, and in other cases I pre-process the > string on the server side to avoid SQL-injection, etc, but these two > characters in particular, "?", or "#" are causing the error to occur). > > > > > > > > Many thanks for any heads up there. > > > > cheers, > > > > Mark > > > > > > > > > > > > > > >-- ----- Richard Quadling Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 "Standing on the shoulders of some very clever giants!" --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Spinoffs" group. To post to this group, send email to rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-spinoffs?hl=en -~----------~----~----~----~------~----~------~--~---