Hi,
I am using the code below:
Contact=Trim(str(RS.Fields("SchoolContact")))
I tried the full str.HTMLEncode() method before I posted the
question, and the results seem to be the same- I am still getting the
same result, in that the text trailing after ' (apostrophe) are
truncated. It's curious bcause if I type the text in the input text
box and submit it, all special characters are inserted/updated into
the database.
On another topic, I've added a couple of Validators- they seem to
work- and prevent the update and write the error on screen. However,
the values on the page are lost. I want the screen to have the values
maintained, and the postback clears the input text boxes and stops the
values from being re-rendered:
if page.isPostback() then
txtName=page.RF("Name2")
txtPhone=page.RF("Phone2")
txtEmail=page.RF("Email2")
SSLBool = page.RFHas("ChkAddSchool")
SiteID = "SiteCode='" & page.QS("SiteCode") & "'"
set v = new Validator
if Len(txtName) >10 then
v.add "contactname", "contact name is too long, you fool!"
End If
if v then
updated = db.update("RegForm", array("ContactPhone",
txtPhone,"SchoolContact", txtName, "ContactEmail", txtEmail,
"SchoolLevelLANA", SSLBool), SiteID)
response.redirect("confirmationSLL.htm")
else
str.write(v.getErrorSummary("<ul>", "</ul>", "<li>", "</li>"))
end if
else
... this is the original page render code before postback .
I've reviewed the validator API, but it's presented as a fragment- any
suggestions of where and how to place code that will
keep the values, or prevent them from being cleared. One of the major
issues I have with ASP is that you can not set the value of an element
such as an input text box, so even if I stored the values in session
or other means, I can't use them. Thanks for your advice walking me
through this. I have been able to make almost all of it work due to
your help.
On Jun 24, 9:19 pm, Michal Gabrukiewicz <
mga...@gmail.com> wrote:
> yes there is..
> every output you display to the user should go through the str.HTMLEncode()
> method ... there is a short form which allows you to do it just with
> str("bob's value")
>
> in an input field like that then
>
> <input type="text" value="<%= str("bob's value") %>">
>
> if you want to remember the own value on postback then probably the
> following helps you too:
>
> <input type="text" name="firstname" value="<%= str(page.RF("firstname"))
> %>">
>