I would. Knock up a quick example param myInput ""
form input text myInput value="#FORM.myInput#" submit /form Submit Hella"Cool and it should drop the Cool. Try it with HTMLEditFormat() on as many browsers as you can and chances are it'll be consistent on all of them. Ade -----Original Message----- From: Mike Chabot [mailto:[EMAIL PROTECTED] Sent: 03 March 2005 20:10 To: CF-Talk Subject: Re: Troublesome or Dangerous Form Submission Characters for SQL Thanks for the tip about the double quotes. I am concerned that some people who enter & in the text field will see the five character HTML-safe equivalent when they go to edit the value because of the HtmlEditFormat function. IE 6 does not seem to have this problem. Are there any browsers that display the contents of the value attribute literally, instead of properly interpreting the HTML-safe code? Similarily, when I submit a field who's value attribute equals an expanded HTML-safe code, CF receives the interpreted, single-character, value (actually %26 for & if you look at the headers). Are there any browsers that do not do this? As a general rule, should I wrap HtmlEditFormat around all form field values. For example: <input type=text value="#HtmlEditFormat(form.fieldname)#">. Thank you, Mike Chabot On Thu, 3 Mar 2005 19:09:02 -0000, Adrian Lynch <[EMAIL PROTECTED]> wrote: > Nothing if you're using queryparam/SPs, however on pulling the data back out > double quotes may cause you trouble in text inputs(or single quotes if > that's how you delimit your attributes in HTML). > > Use HTMLEditFormat() to solve the problem with double quotes. > Ade -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 266.6.0 - Release Date: 02/03/2005 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:197403 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54