Re: RE: FW: RE: Quotation Hell
Adrian this is how i used htmleditformat INSERT INTO sometable (somecol) > VALUES ('#form.field#') I was only experiencing problems when filling the input box with data that contained double quotes and the data was cutting off at the first instance of the quotesquotes - Original Message - From: "Adrian Lynch" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Friday, June 14, 2002 6:24 AM Subject: RE: RE: FW: RE: Quotation Hell > Sorry for bringing this back up, but I don't think you've understood one of > the points I was trying to make. > > It may be the way I'm doing it, so let me know if it is. > > I have a form which the user gets to fill in, they put into a type="text"... > A quote: "To be or not to be" > > now in my insert statement I have... > INSERT INTO sometable (somecol) > VALUES ('#htmlEditFormat(form.field)#') > > which translates to.. > INSERT INTO sometable (somecol) > VALUES ('A quote: "To be or not to be"') > > this isn't what you see in the debugging on the page, but it is what gets > put into the DB, view the source to see. > > So what was once 29 chars, has become 39 characters. So if your DB isn't > expecting these extra characters it won't work. > > If you do make sure the db can take the extra chars, then you still have the > problem with using functions like Left(), try it on the above example and > you'll see that taking the first 11 characters will return "A quote: > &q"(without the quotes :O) which isn't what you want. > > Like I said above, if I'm doing this all wrong let me know. Granted using > htmlEditFormat() over my method of replacing all qoutes is easier (is it > faster though if all you're replace is quotes?) but I don't see how you'd > get around the problems I've highlighted above. > > Ade > > > I can burn cds using Adaptec EasyCD Creator and can convert MP3s to normal > audio > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: 13 June 2002 21:51 > To: CF-Talk > Subject: Re: RE: FW: RE: Quotation Hell > > > Thank you James. > > It still amazes me that loads of people don't use HTMLEditFormat(). > Nothing like seeing lots of pages break simply because of people > entering quotes. > > - Original Message - > From: James Ang <[EMAIL PROTECTED]> > Date: Thursday, June 13, 2002 12:52 pm > Subject: RE: FW: RE: Quotation Hell > > > HTMLEditFormat() is the least used and least understood function > > in CFML > > amongst most CF developers. > > > > That said, let me explain and alleviate your fears. > > > > First, if you have time, read the RFC for HTML 2.0: > > http://www.ietf.org/rfc/rfc1866.txt > > > > Reading the RFC will clue you in that any tag attribute's value > > will be > > stored in the browser memory with escaped characters like: > < > > " & translated to their actual literal values: > < " & > > > > And when the form submits, the actual literal values in the browser's > > memory will be encoded depending on the form's method. For both > > GET and > > POST operations, these literals: > < " & will be converted to: %3e %3c > > %22 %26 > > > > When the ColdFusion Server receives these form values (GET or POST), > > these values %3e %3c %22 %26 will be converted back to: > < " & > > > > Hence, when you access your form variables: URL.blah or FORM.blah, the > > values would be what the user see's in the his/her browser's form > > fields. > > > > The caveat to all of this is UNICODE characters. In IE (not sure in > > Netscape), Unicode characters outside of the ASCII range gets encoded > > into this format before submission (and before METHOD encoding): > > &#; > > This is then sent as (after METHOD encoding): %26%23%3b > > > > I have verified this with a packet listener in a controlled > > environment.:) > > > > In CF 4.x.x (I have not verified CF5 or MX), %26%23%3b is > > translatedback to &#; > > > > Hence when you access the form variables: URL.blah or FORM.blah, the > > value would be: &#; > > > > (Note: & to %26 conversion may be wrong. It could be: & to & to > > %26amp%3b. I can't remember, but it is all good. The translation is > > always kosher with a HTML 2.0 or better compliant browser and server. > > :)) > > > > The &am
Re: RE: FW: RE: Quotation Hell
value="#htmlEditFormat(left(string, 20))#" -Justin Scott, Lead Developer Sceiron Internet Services, Inc. http://www.sceiron.com - Original Message - From: "Adrian Lynch" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Friday, June 14, 2002 6:49 AM Subject: RE: RE: FW: RE: Quotation Hell > Cheers, I thought I might be doing it wrong, but what about using the Left() > function on your output, I don't see a way around this? > > Ade > > -Original Message- > From: Justin Scott [mailto:[EMAIL PROTECTED]] > Sent: 14 June 2002 11:40 > To: CF-Talk > Subject: Re: RE: FW: RE: Quotation Hell > > > > I have a form which the user gets to fill in, they put into a > type="text"... > > A quote: "To be or not to be" > > > > now in my insert statement I have... > > INSERT INTO sometable (somecol) > > VALUES ('#htmlEditFormat(form.field)#') > > > > which translates to.. > > INSERT INTO sometable (somecol) > > VALUES ('A quote: "To be or not to be"') > > > > this isn't what you see in the debugging on the page, but it is what gets > > put into the DB, view the source to see. > > Why would you encode the string as it goes into the database? CF will take > care of escaping any single quotes for you, so you shouldn't have to encode > the string to avoid errors here. The only place htmlEditFormat() should be > used in this setup would be on the form where they enter the string to begin > with (as part of the value="", assuming you wrap around the form if there is > an error), or the same way on an editing page, etc.. > > Yes, your point that it makes the string longer is valid, but it shouldn't > be an issue if you use it as it was intended. > > -Justin Scott, Lead Developer > Sceiron Internet Services, Inc. > http://www.sceiron.com > > > > __ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: RE: FW: RE: Quotation Hell
Actually I do, I was nesting them the wrong way :OS Ade -Original Message- From: Adrian Lynch [mailto:[EMAIL PROTECTED]] Sent: 14 June 2002 11:50 To: CF-Talk Subject: RE: RE: FW: RE: Quotation Hell Cheers, I thought I might be doing it wrong, but what about using the Left() function on your output, I don't see a way around this? Ade -Original Message- From: Justin Scott [mailto:[EMAIL PROTECTED]] Sent: 14 June 2002 11:40 To: CF-Talk Subject: Re: RE: FW: RE: Quotation Hell > I have a form which the user gets to fill in, they put into a type="text"... > A quote: "To be or not to be" > > now in my insert statement I have... > INSERT INTO sometable (somecol) > VALUES ('#htmlEditFormat(form.field)#') > > which translates to.. > INSERT INTO sometable (somecol) > VALUES ('A quote: "To be or not to be"') > > this isn't what you see in the debugging on the page, but it is what gets > put into the DB, view the source to see. Why would you encode the string as it goes into the database? CF will take care of escaping any single quotes for you, so you shouldn't have to encode the string to avoid errors here. The only place htmlEditFormat() should be used in this setup would be on the form where they enter the string to begin with (as part of the value="", assuming you wrap around the form if there is an error), or the same way on an editing page, etc.. Yes, your point that it makes the string longer is valid, but it shouldn't be an issue if you use it as it was intended. -Justin Scott, Lead Developer Sceiron Internet Services, Inc. http://www.sceiron.com __ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: RE: FW: RE: Quotation Hell
Cheers, I thought I might be doing it wrong, but what about using the Left() function on your output, I don't see a way around this? Ade -Original Message- From: Justin Scott [mailto:[EMAIL PROTECTED]] Sent: 14 June 2002 11:40 To: CF-Talk Subject: Re: RE: FW: RE: Quotation Hell > I have a form which the user gets to fill in, they put into a type="text"... > A quote: "To be or not to be" > > now in my insert statement I have... > INSERT INTO sometable (somecol) > VALUES ('#htmlEditFormat(form.field)#') > > which translates to.. > INSERT INTO sometable (somecol) > VALUES ('A quote: "To be or not to be"') > > this isn't what you see in the debugging on the page, but it is what gets > put into the DB, view the source to see. Why would you encode the string as it goes into the database? CF will take care of escaping any single quotes for you, so you shouldn't have to encode the string to avoid errors here. The only place htmlEditFormat() should be used in this setup would be on the form where they enter the string to begin with (as part of the value="", assuming you wrap around the form if there is an error), or the same way on an editing page, etc.. Yes, your point that it makes the string longer is valid, but it shouldn't be an issue if you use it as it was intended. -Justin Scott, Lead Developer Sceiron Internet Services, Inc. http://www.sceiron.com __ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: RE: FW: RE: Quotation Hell
> I have a form which the user gets to fill in, they put into a type="text"... > A quote: "To be or not to be" > > now in my insert statement I have... > INSERT INTO sometable (somecol) > VALUES ('#htmlEditFormat(form.field)#') > > which translates to.. > INSERT INTO sometable (somecol) > VALUES ('A quote: "To be or not to be"') > > this isn't what you see in the debugging on the page, but it is what gets > put into the DB, view the source to see. Why would you encode the string as it goes into the database? CF will take care of escaping any single quotes for you, so you shouldn't have to encode the string to avoid errors here. The only place htmlEditFormat() should be used in this setup would be on the form where they enter the string to begin with (as part of the value="", assuming you wrap around the form if there is an error), or the same way on an editing page, etc.. Yes, your point that it makes the string longer is valid, but it shouldn't be an issue if you use it as it was intended. -Justin Scott, Lead Developer Sceiron Internet Services, Inc. http://www.sceiron.com __ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: RE: FW: RE: Quotation Hell
Sorry for bringing this back up, but I don't think you've understood one of the points I was trying to make. It may be the way I'm doing it, so let me know if it is. I have a form which the user gets to fill in, they put into a mailto:[EMAIL PROTECTED]] Sent: 13 June 2002 21:51 To: CF-Talk Subject: Re: RE: FW: RE: Quotation Hell Thank you James. It still amazes me that loads of people don't use HTMLEditFormat(). Nothing like seeing lots of pages break simply because of people entering quotes. - Original Message - From: James Ang <[EMAIL PROTECTED]> Date: Thursday, June 13, 2002 12:52 pm Subject: RE: FW: RE: Quotation Hell > HTMLEditFormat() is the least used and least understood function > in CFML > amongst most CF developers. > > That said, let me explain and alleviate your fears. > > First, if you have time, read the RFC for HTML 2.0: > http://www.ietf.org/rfc/rfc1866.txt > > Reading the RFC will clue you in that any tag attribute's value > will be > stored in the browser memory with escaped characters like: > < > " & translated to their actual literal values: > < " & > > And when the form submits, the actual literal values in the browser's > memory will be encoded depending on the form's method. For both > GET and > POST operations, these literals: > < " & will be converted to: %3e %3c > %22 %26 > > When the ColdFusion Server receives these form values (GET or POST), > these values %3e %3c %22 %26 will be converted back to: > < " & > > Hence, when you access your form variables: URL.blah or FORM.blah, the > values would be what the user see's in the his/her browser's form > fields. > > The caveat to all of this is UNICODE characters. In IE (not sure in > Netscape), Unicode characters outside of the ASCII range gets encoded > into this format before submission (and before METHOD encoding): > &#; > This is then sent as (after METHOD encoding): %26%23%3b > > I have verified this with a packet listener in a controlled > environment.:) > > In CF 4.x.x (I have not verified CF5 or MX), %26%23%3b is > translatedback to &#; > > Hence when you access the form variables: URL.blah or FORM.blah, the > value would be: &#; > > (Note: & to %26 conversion may be wrong. It could be: & to & to > %26amp%3b. I can't remember, but it is all good. The translation is > always kosher with a HTML 2.0 or better compliant browser and server. > :)) > > The &#; issue is something you all are worried about. BUT, for the > purpose of quotation marks, greater/lesser-than signs, and ampersands, > you don't have to worry about them at all with HTMLEditFormat(). > > You should ALWAYS use HTMLEditFormat(). All other solutions ARE > hackneyed. To fix the problem of &#; escaped unicode > characters, use > this workaround: > > function smf_HTMLEditFormat(I_str) { >return REReplaceNoCase(HTMLEditFormat(I_str, -1), > "&(##?[[:alnum:]]+);", "&\1;", "ALL"); > } > > Hence, even if you stored the data in the DB as: &#;, when you > givethe browser: &#;, the browser will take care of presenting the > equivalent Unicode character. If it doesn't, it is not a HTML 4.0 > compliant browser. :P > > I have a good feeling that CF5/MX actually translated the encoded > characters to unicode characters. :P No empirical data to prove it > though. :P > > Alright. That's my take on this issue. :) > > > James Ang > Senior Programmer > MedSeek, Inc. > [EMAIL PROTECTED] > > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Thursday, June 13, 2002 10:48 AM > To: CF-Talk > Subject: Re: FW: RE: Quotation Hell > > > Just jumping in briefly to explain what I did to get around " and > ' in > our > apps. Going into the database would be fine (using > perserveSingleQuotes() and whatever 'escape' character we could > use that > > the database recognizes), it's pulling out and displaying again > that > became a problem. > > So, when we're displaying to the end user... " & ' became ", > etc so > > that it wouldn't break the form fields, etc. Going back into the > database via 'save changes' button, the " apparently becomes > a " > again going back in... thus, we were able to maintain the > 'original' > user-submitted value. > > One thing I hate about certain forum software (a
Re: RE: Quotation Hell
> One thing you might notice with htmlEditFormat(), is that you still have the > problem of extra characters, " still becomes ", and if that's what you > put in you DB and you then use Left(), you have a problem if it chops it, > and you still need to make sure your DB is not going to be expecting more > than it gets. > > Now if I'm wrong about this someone please tell me, or is this hackneyed > too? I think you'll find those entities like " will be translated when the form is submitted. i.e. Form.MyField won't have them, just regular quotes etc. Cool bananas huh?! __ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: RE: FW: RE: Quotation Hell
Thank you James. It still amazes me that loads of people don't use HTMLEditFormat(). Nothing like seeing lots of pages break simply because of people entering quotes. - Original Message - From: James Ang <[EMAIL PROTECTED]> Date: Thursday, June 13, 2002 12:52 pm Subject: RE: FW: RE: Quotation Hell > HTMLEditFormat() is the least used and least understood function > in CFML > amongst most CF developers. > > That said, let me explain and alleviate your fears. > > First, if you have time, read the RFC for HTML 2.0: > http://www.ietf.org/rfc/rfc1866.txt > > Reading the RFC will clue you in that any tag attribute's value > will be > stored in the browser memory with escaped characters like: > < > " & translated to their actual literal values: > < " & > > And when the form submits, the actual literal values in the browser's > memory will be encoded depending on the form's method. For both > GET and > POST operations, these literals: > < " & will be converted to: %3e %3c > %22 %26 > > When the ColdFusion Server receives these form values (GET or POST), > these values %3e %3c %22 %26 will be converted back to: > < " & > > Hence, when you access your form variables: URL.blah or FORM.blah, the > values would be what the user see's in the his/her browser's form > fields. > > The caveat to all of this is UNICODE characters. In IE (not sure in > Netscape), Unicode characters outside of the ASCII range gets encoded > into this format before submission (and before METHOD encoding): > &#; > This is then sent as (after METHOD encoding): %26%23%3b > > I have verified this with a packet listener in a controlled > environment.:) > > In CF 4.x.x (I have not verified CF5 or MX), %26%23%3b is > translatedback to &#; > > Hence when you access the form variables: URL.blah or FORM.blah, the > value would be: &#; > > (Note: & to %26 conversion may be wrong. It could be: & to & to > %26amp%3b. I can't remember, but it is all good. The translation is > always kosher with a HTML 2.0 or better compliant browser and server. > :)) > > The &#; issue is something you all are worried about. BUT, for the > purpose of quotation marks, greater/lesser-than signs, and ampersands, > you don't have to worry about them at all with HTMLEditFormat(). > > You should ALWAYS use HTMLEditFormat(). All other solutions ARE > hackneyed. To fix the problem of &#; escaped unicode > characters, use > this workaround: > > function smf_HTMLEditFormat(I_str) { >return REReplaceNoCase(HTMLEditFormat(I_str, -1), > "&(##?[[:alnum:]]+);", "&\1;", "ALL"); > } > > Hence, even if you stored the data in the DB as: &#;, when you > givethe browser: &#;, the browser will take care of presenting the > equivalent Unicode character. If it doesn't, it is not a HTML 4.0 > compliant browser. :P > > I have a good feeling that CF5/MX actually translated the encoded > characters to unicode characters. :P No empirical data to prove it > though. :P > > Alright. That's my take on this issue. :) > > > James Ang > Senior Programmer > MedSeek, Inc. > [EMAIL PROTECTED] > > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Thursday, June 13, 2002 10:48 AM > To: CF-Talk > Subject: Re: FW: RE: Quotation Hell > > > Just jumping in briefly to explain what I did to get around " and > ' in > our > apps. Going into the database would be fine (using > perserveSingleQuotes() and whatever 'escape' character we could > use that > > the database recognizes), it's pulling out and displaying again > that > became a problem. > > So, when we're displaying to the end user... " & ' became ", > etc so > > that it wouldn't break the form fields, etc. Going back into the > database via 'save changes' button, the " apparently becomes > a " > again going back in... thus, we were able to maintain the > 'original' > user-submitted value. > > One thing I hate about certain forum software (and, I won't say which) > is > that what you submitted isn't what's always returned to the user when > they > want to edit. I griped about it, but was told that it's faster to do > the > 'translation' of things before shoving it into the db. They > failed to > recognize something -- I don't ca
RE: FW: RE: Quotation Hell
HTMLEditFormat() is the least used and least understood function in CFML amongst most CF developers. That said, let me explain and alleviate your fears. First, if you have time, read the RFC for HTML 2.0: http://www.ietf.org/rfc/rfc1866.txt Reading the RFC will clue you in that any tag attribute's value will be stored in the browser memory with escaped characters like: > < " & translated to their actual literal values: > < " & And when the form submits, the actual literal values in the browser's memory will be encoded depending on the form's method. For both GET and POST operations, these literals: > < " & will be converted to: %3e %3c %22 %26 When the ColdFusion Server receives these form values (GET or POST), these values %3e %3c %22 %26 will be converted back to: > < " & Hence, when you access your form variables: URL.blah or FORM.blah, the values would be what the user see's in the his/her browser's form fields. The caveat to all of this is UNICODE characters. In IE (not sure in Netscape), Unicode characters outside of the ASCII range gets encoded into this format before submission (and before METHOD encoding): &#; This is then sent as (after METHOD encoding): %26%23%3b I have verified this with a packet listener in a controlled environment. :) In CF 4.x.x (I have not verified CF5 or MX), %26%23%3b is translated back to &#; Hence when you access the form variables: URL.blah or FORM.blah, the value would be: &#; (Note: & to %26 conversion may be wrong. It could be: & to & to %26amp%3b. I can't remember, but it is all good. The translation is always kosher with a HTML 2.0 or better compliant browser and server. :)) The &#; issue is something you all are worried about. BUT, for the purpose of quotation marks, greater/lesser-than signs, and ampersands, you don't have to worry about them at all with HTMLEditFormat(). You should ALWAYS use HTMLEditFormat(). All other solutions ARE hackneyed. To fix the problem of &#; escaped unicode characters, use this workaround: function smf_HTMLEditFormat(I_str) { return REReplaceNoCase(HTMLEditFormat(I_str, -1), "&(##?[[:alnum:]]+);", "&\1;", "ALL"); } Hence, even if you stored the data in the DB as: &#;, when you give the browser: &#;, the browser will take care of presenting the equivalent Unicode character. If it doesn't, it is not a HTML 4.0 compliant browser. :P I have a good feeling that CF5/MX actually translated the encoded characters to unicode characters. :P No empirical data to prove it though. :P Alright. That's my take on this issue. :) James Ang Senior Programmer MedSeek, Inc. [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 13, 2002 10:48 AM To: CF-Talk Subject: Re: FW: RE: Quotation Hell Just jumping in briefly to explain what I did to get around " and ' in our apps. Going into the database would be fine (using perserveSingleQuotes() and whatever 'escape' character we could use that the database recognizes), it's pulling out and displaying again that became a problem. So, when we're displaying to the end user... " & ' became ", etc so that it wouldn't break the form fields, etc. Going back into the database via 'save changes' button, the " apparently becomes a " again going back in... thus, we were able to maintain the 'original' user-submitted value. One thing I hate about certain forum software (and, I won't say which) is that what you submitted isn't what's always returned to the user when they want to edit. I griped about it, but was told that it's faster to do the 'translation' of things before shoving it into the db. They failed to recognize something -- I don't care what it's translation is, I care about data integrity and making sure that if that's what I put in, that's what I get out when I go to edit that data blob. To this day, it's still an issue and I just quit pestering the forum maker as it's their product vs. my opinion. :P I think if you use HTMLEditFormat(), you're putting yourself into a new world of problems. Especially if the < > characters translate to something else. Not to mention, great... now you gotta worry about storage issue (especially if you're using a varchar field and not a blob-type field). ~Todd On Thu, 13 Jun 2002, Adrian Lynch wrote: > -Original Message- > From: Adrian Lynch > Sent: 13 June 2002 17:33 > To: '[EMAIL PROTECTED]' > Subject: RE: RE: Quotation Hell > > > Thats ok, you can be a jackarse all you want. I hadn't used htmlEditFor
Re: FW: RE: Quotation Hell
Just jumping in briefly to explain what I did to get around " and ' in our apps. Going into the database would be fine (using perserveSingleQuotes() and whatever 'escape' character we could use that the database recognizes), it's pulling out and displaying again that became a problem. So, when we're displaying to the end user... " & ' became ", etc so that it wouldn't break the form fields, etc. Going back into the database via 'save changes' button, the " apparently becomes a " again going back in... thus, we were able to maintain the 'original' user-submitted value. One thing I hate about certain forum software (and, I won't say which) is that what you submitted isn't what's always returned to the user when they want to edit. I griped about it, but was told that it's faster to do the 'translation' of things before shoving it into the db. They failed to recognize something -- I don't care what it's translation is, I care about data integrity and making sure that if that's what I put in, that's what I get out when I go to edit that data blob. To this day, it's still an issue and I just quit pestering the forum maker as it's their product vs. my opinion. :P I think if you use HTMLEditFormat(), you're putting yourself into a new world of problems. Especially if the < > characters translate to something else. Not to mention, great... now you gotta worry about storage issue (especially if you're using a varchar field and not a blob-type field). ~Todd On Thu, 13 Jun 2002, Adrian Lynch wrote: > -Original Message- > From: Adrian Lynch > Sent: 13 June 2002 17:33 > To: '[EMAIL PROTECTED]' > Subject: RE: RE: Quotation Hell > > > Thats ok, you can be a jackarse all you want. I hadn't used htmlEditFormat() > before, if I had, I might have suggested it. It was a case of I've got a way > around it, see if it works for you. > > One thing you might notice with htmlEditFormat(), is that you still have the > problem of extra characters, " still becomes ", and if that's what you > put in you DB and you then use Left(), you have a problem if it chops it, > and you still need to make sure your DB is not going to be expecting more > than it gets. > > Now if I'm wrong about this someone please tell me, or is this hackneyed > too? > > Ade > > -- Todd Rafferty ([EMAIL PROTECTED]) - http://www.web-rat.com/ | Team Macromedia Volunteer for ColdFusion | http://www.macromedia.com/support/forums/team_macromedia/ | http://www.flashCFM.com/ - webRat (Moderator)| http://www.ultrashock.com/ - webRat (Back-end Moderator) | __ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Quotation Hell
Have a look at my other points though, the converted string can still be messed about with -Original Message- From: Charlie [mailto:[EMAIL PROTECTED]] Sent: 13 June 2002 18:29 To: CF-Talk Subject: Re: Quotation Hell 'there is alot to learn out there and not always the time' the function htmleditformat work successfully on our pages - Original Message - From: "Kwang Suh" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Thursday, June 13, 2002 10:56 AM Subject: RE: Quotation Hell > Contrary to the other people on the list who believe this is a hard problem > to fix, it is not. > > Use HTMLEDITFORMAT. > > Like, does no one actually read documentation anymore? > > -Original Message- > From: Deanna Schneider [mailto:[EMAIL PROTECTED]] > Sent: Thursday, June 13, 2002 6:59 AM > To: CF-Talk > Subject: Quotation Hell > > > Hi Folks, > A problem has just cropped up that I've never experienced before, and I > swear I'm going insane. > > I have a regular ol' form, that's pre-populated with data from a query if > it's an edit, blank if it's an add. Suddenly, if the edit data includes > quotation marks, it's cutting the rest of the item off at the quote marks. > What the heck?!? I've never had this problem before, and I didn't change any > code. Am I nuts? > > -d > > > > Deanna Schneider > Interactive Media Developer > [EMAIL PROTECTED] > > > > __ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
FW: RE: Quotation Hell
-Original Message- From: Adrian Lynch Sent: 13 June 2002 17:33 To: '[EMAIL PROTECTED]' Subject: RE: RE: Quotation Hell Thats ok, you can be a jackarse all you want. I hadn't used htmlEditFormat() before, if I had, I might have suggested it. It was a case of I've got a way around it, see if it works for you. One thing you might notice with htmlEditFormat(), is that you still have the problem of extra characters, " still becomes ", and if that's what you put in you DB and you then use Left(), you have a problem if it chops it, and you still need to make sure your DB is not going to be expecting more than it gets. Now if I'm wrong about this someone please tell me, or is this hackneyed too? Ade -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 13 June 2002 16:55 To: [EMAIL PROTECTED] Subject: Re: RE: Quotation Hell Well, you did say that you've "yet to see a fool proof way of doing this", when in fact htmlEditFormat() fixes this problem completely. You then proposed a hackneyed (sorry, but it is) solution and then at the end admited that it probably wouldn't work. Sorry for being a jackass. - Original Message - From: Adrian Lynch <[EMAIL PROTECTED]> Date: Thursday, June 13, 2002 9:09 am Subject: RE: Quotation Hell > No one said it was hard. What's wrong with people giving different > answersto a problem? At the very least it will get people thinking > about it and you > may use these solutions for other problems you come across. I > don't think > you should ever be worried about saying some thing wrong on a list > likethis, at least you'll soon be corrected. I'd rather say > something wrong and > be told the right answer or a better solution than not say > anything at all. > > Anyway, I wouldn't dream of answering a "hard" question :OP > > Ade > > -Original Message- > From: Kwang Suh [mailto:[EMAIL PROTECTED]] > Sent: 13 June 2002 15:57 > To: CF-Talk > Subject: RE: Quotation Hell > > > Contrary to the other people on the list who believe this is a > hard problem > to fix, it is not. > > Use HTMLEDITFORMAT. > > Like, does no one actually read documentation anymore? > > -Original Message- > From: Deanna Schneider [mailto:[EMAIL PROTECTED]] > Sent: Thursday, June 13, 2002 6:59 AM > To: CF-Talk > Subject: Quotation Hell > > > Hi Folks, > A problem has just cropped up that I've never experienced before, > and I > swear I'm going insane. > > I have a regular ol' form, that's pre-populated with data from a > query if > it's an edit, blank if it's an add. Suddenly, if the edit data > includesquotation marks, it's cutting the rest of the item off at > the quote marks. > What the heck?!? I've never had this problem before, and I didn't > change any > code. Am I nuts? > > -d > > > > Deanna Schneider > Interactive Media Developer > [EMAIL PROTECTED] > > > > > __ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: Quotation Hell
'there is alot to learn out there and not always the time' the function htmleditformat work successfully on our pages - Original Message - From: "Kwang Suh" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Thursday, June 13, 2002 10:56 AM Subject: RE: Quotation Hell > Contrary to the other people on the list who believe this is a hard problem > to fix, it is not. > > Use HTMLEDITFORMAT. > > Like, does no one actually read documentation anymore? > > -Original Message- > From: Deanna Schneider [mailto:[EMAIL PROTECTED]] > Sent: Thursday, June 13, 2002 6:59 AM > To: CF-Talk > Subject: Quotation Hell > > > Hi Folks, > A problem has just cropped up that I've never experienced before, and I > swear I'm going insane. > > I have a regular ol' form, that's pre-populated with data from a query if > it's an edit, blank if it's an add. Suddenly, if the edit data includes > quotation marks, it's cutting the rest of the item off at the quote marks. > What the heck?!? I've never had this problem before, and I didn't change any > code. Am I nuts? > > -d > > > > Deanna Schneider > Interactive Media Developer > [EMAIL PROTECTED] > > > > __ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Quotation Hell
No one said it was hard. What's wrong with people giving different answers to a problem? At the very least it will get people thinking about it and you may use these solutions for other problems you come across. I don't think you should ever be worried about saying some thing wrong on a list like this, at least you'll soon be corrected. I'd rather say something wrong and be told the right answer or a better solution than not say anything at all. Anyway, I wouldn't dream of answering a "hard" question :OP Ade -Original Message- From: Kwang Suh [mailto:[EMAIL PROTECTED]] Sent: 13 June 2002 15:57 To: CF-Talk Subject: RE: Quotation Hell Contrary to the other people on the list who believe this is a hard problem to fix, it is not. Use HTMLEDITFORMAT. Like, does no one actually read documentation anymore? -Original Message- From: Deanna Schneider [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 13, 2002 6:59 AM To: CF-Talk Subject: Quotation Hell Hi Folks, A problem has just cropped up that I've never experienced before, and I swear I'm going insane. I have a regular ol' form, that's pre-populated with data from a query if it's an edit, blank if it's an add. Suddenly, if the edit data includes quotation marks, it's cutting the rest of the item off at the quote marks. What the heck?!? I've never had this problem before, and I didn't change any code. Am I nuts? -d Deanna Schneider Interactive Media Developer [EMAIL PROTECTED] __ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Quotation Hell
Contrary to the other people on the list who believe this is a hard problem to fix, it is not. Use HTMLEDITFORMAT. Like, does no one actually read documentation anymore? -Original Message- From: Deanna Schneider [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 13, 2002 6:59 AM To: CF-Talk Subject: Quotation Hell Hi Folks, A problem has just cropped up that I've never experienced before, and I swear I'm going insane. I have a regular ol' form, that's pre-populated with data from a query if it's an edit, blank if it's an add. Suddenly, if the edit data includes quotation marks, it's cutting the rest of the item off at the quote marks. What the heck?!? I've never had this problem before, and I didn't change any code. Am I nuts? -d Deanna Schneider Interactive Media Developer [EMAIL PROTECTED] __ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: Quotation Hell
This happens to the best of us. The only simple options I know of are to either use a textarea if allowing quotes is that important, or just strip out double quotes, perhaps replacing them with nothing or single quotes. >>> "Charlie" <[EMAIL PROTECTED]> 06/13/02 09:18AM >>> try using the function: htmleditformat or function : preservesinglequotes - Original Message - From: "Deanna Schneider" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Thursday, June 13, 2002 8:59 AM Subject: Quotation Hell > Hi Folks, > A problem has just cropped up that I've never experienced before, and I > swear I'm going insane. > > I have a regular ol' form, that's pre-populated with data from a query if > it's an edit, blank if it's an add. Suddenly, if the edit data includes > quotation marks, it's cutting the rest of the item off at the quote marks. > What the heck?!? I've never had this problem before, and I didn't change any > code. Am I nuts? > > -d > > > > Deanna Schneider > Interactive Media Developer > [EMAIL PROTECTED] > > > __ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Quotation Hell
One more thing, and you'll probably not want to use this method, but I like it... you could scan through the data looking for single or double qoutes, which ever you find, change the value= to the opposite. So if you find a ", use ' in the html. This falls down when you have a value with both single and doubles in. It might be worth baring in mind if you know one OR the other will be used. As for why you've never come across it, there's no reason why you should have till it reared it's ugly head! Ade -Original Message- From: Deanna Schneider [mailto:[EMAIL PROTECTED]] Sent: 13 June 2002 14:23 To: CF-Talk Subject: Re: Quotation Hell Yep. That makes sense. I wonder why in two years I've never come across this as a problem before. Ugh. -d Deanna Schneider Interactive Media Developer [EMAIL PROTECTED] __ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: Quotation Hell
Yep. That makes sense. I wonder why in two years I've never come across this as a problem before. Ugh. -d Deanna Schneider Interactive Media Developer [EMAIL PROTECTED] __ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
Re: Quotation Hell
try using the function: htmleditformat or function : preservesinglequotes - Original Message - From: "Deanna Schneider" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Thursday, June 13, 2002 8:59 AM Subject: Quotation Hell > Hi Folks, > A problem has just cropped up that I've never experienced before, and I > swear I'm going insane. > > I have a regular ol' form, that's pre-populated with data from a query if > it's an edit, blank if it's an add. Suddenly, if the edit data includes > quotation marks, it's cutting the rest of the item off at the quote marks. > What the heck?!? I've never had this problem before, and I didn't change any > code. Am I nuts? > > -d > > > > Deanna Schneider > Interactive Media Developer > [EMAIL PROTECTED] > > > __ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Quotation Hell
I've yet to see a fool proof way of doing this, depending on how much you care about the form, you could compensate for one quote over the other. If you know that the value will only ever contain a double quote, use single quotes in the html, value='whatever', or visa versa. If you're not sure what the value will be when editing, get rid of all types of quotes and replace them with the entity name, value, what ever it's called. " or " for straight down double quotes, another problem will come about when the left and right double quotes are used. If you don't care much for them strip all double quotes out and replace with ". DO the same for single qoutes and it should all be gravey. Do this stripping when you enter the values into the DB for the first time, and everytime you edit them. One problem with this is the limits you set on the input boxes and the DB, because a single character becomes five characters, namely ". So remeber to compensate for this in the DB. If at any point you use Left() to only show a small bit of the data, you may inadvertently chop the " in the middle which will then not appear correctly. I hope that makes sense. I know it did in my head :OP Ade -Original Message- From: Deanna Schneider [mailto:[EMAIL PROTECTED]] Sent: 13 June 2002 13:59 To: CF-Talk Subject: Quotation Hell Hi Folks, A problem has just cropped up that I've never experienced before, and I swear I'm going insane. I have a regular ol' form, that's pre-populated with data from a query if it's an edit, blank if it's an add. Suddenly, if the edit data includes quotation marks, it's cutting the rest of the item off at the quote marks. What the heck?!? I've never had this problem before, and I didn't change any code. Am I nuts? -d Deanna Schneider Interactive Media Developer [EMAIL PROTECTED] __ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
RE: Quotation Hell
Check the docs for #preserveSingleQuotes()#. This will help you avoid problems with quotes in SQL statements. Eric -Original Message- From: Deanna Schneider [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 13, 2002 8:59 AM To: CF-Talk Subject: Quotation Hell Hi Folks, A problem has just cropped up that I've never experienced before, and I swear I'm going insane. I have a regular ol' form, that's pre-populated with data from a query if it's an edit, blank if it's an add. Suddenly, if the edit data includes quotation marks, it's cutting the rest of the item off at the quote marks. What the heck?!? I've never had this problem before, and I didn't change any code. Am I nuts? -d Deanna Schneider Interactive Media Developer [EMAIL PROTECTED] __ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists