First of all, it would help if you made it clear exactly what your first problem is. Whenever the most detailed statement of what went wrong is "it does not work", then you haven't given enough information.
I'm going to guess that you see nothing from your "c:out". This is because you've created a scriptlet variable named "book", but you haven't put it in a form that the JSTL can use. The JSTL only uses "scoped variables", being attributes placed into the page, request, session, or application scopes (actually just hashtables associated with each scope). In this case, you probably just want to put it in the page context, using the "page" implicit object (PageContext class). Your second problem is not using the "escapeXml" attribute of "c:out". Set it to "true" to avoid escaping the xml-sensitive characters. You should read the JSTL specification for detailed information about this. -----Original Message----- From: Stephen Riek [mailto:[EMAIL PROTECTED]] Sent: Monday, February 03, 2003 9:52 PM To: [EMAIL PROTECTED] Subject: Escaping quotes in form fields - c:out doesn't see my variable Sorry for such an easy question but I must be misunderstanding the fundamental usage of the JSTL. How do I get JSTL to output a string which has been formatted to escape special characters, so that it is safe to put in a form field ? I have tried the following but it does not work- <input name="title" value="<c:out value="${book.getTitle()}"/>"> where 'book' is an instance of a Javabean which I have created within a JSP scriptlet like this, <% Book book = new Book(request.getParameter("BookId")); book.retrieveValues(); %> As you can see, I do NOT use JSTL's database tags for querying databases since I have already wrapped all that functionality and business logic inside my Javabeans (in this case, the "Book" class). However, it seems that the JSTL <c:out> tag is unable to see my variable 'book' if I instantiate it in this way, am I correct ? I only want to use the <c:out> tag in order to escape any characters (such as ", ', &, \, >) which may upset my input tag. Is this overkill or should I use a simple search/replace instead ? I hope the solution will work with double-byte characters too. Thank you for bearing with me, Stephen. --------------------------------- With Yahoo! Mail you can get a bigger mailbox -- choose a size that fits your needs --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]