SQL INsertion problem

**=?Utf-8?B?TWlzYmFoIEFyZWZpbg==?=** · Feb 14 '08, 07:35 AM

RE: SQL INsertion problem

to convert html to escape sequences you need to encode/decode it you can use
Server.HtmlEnco de and Server.HtmlDeco de functions

--
Misbah Arefin

"Lars" wrote:

Hi
>
I have the following problem. I want to add the following text in a FormView
for adding links easaly to the database I have on my homepage. But I get an
error about possible string insertion. When enter the string from the ID
every thing goes fine. If I view the field in a DataLost it outputs as the
HTML code I want but when I use a FormView or DetailsView I get the HTML
code written on the screen. What am I doing wrong, how do I insert SQL
commands to a database and then select them and print them out as HTML code
in the outprinted aspx file at the client and not HTML code in the browser.
>
I do use Parameterised values. Some how I must make sure to convert the
illegal characters to HTML excape sequences and then back again. How is this
done?
>
Here's the string I want to use
>
<p align="center"> <a
href="http://www.rosoft.se/private/music/lrband/eget/100_Funky_12.mp 3">100_Funky_12 .mp3</a></p>
>
Yours
Lars
>
BTW
It's my own music.
>
>
>
>
>

**Lars** · Feb 14 '08, 02:25 PM

Re: SQL Insertion problem

Hi

When I think about it the problem is probably not ASP.NET. I would guess the
problem is defandant of the SQL Database. In this case SQL Express. Does any
one know how to add escape characters to SQL fields in SQL Express. Similar
to what you do in C/C++ as "This is a string with double quotes \" backsladh
\\ and line feed \n".

Can I write a Jaca Script function that converts this and then call that
function in stead of Eval("HTM")?

Lars

"Misbah Arefin" <MisbahArefin@d iscussions.micr osoft.comskrev i meddelandet
news:03CB8629-BE01-44AC-948E-D5BD1E28992A@mi crosoft.com...

to convert html to escape sequences you need to encode/decode it you can
use
Server.HtmlEnco de and Server.HtmlDeco de functions
>
--
Misbah Arefin
>
>
>
"Lars" wrote:
>

>Hi
>>
>I have the following problem. I want to add the following text in a
>FormView
>for adding links easaly to the database I have on my homepage. But I get
>an
>error about possible string insertion. When enter the string from the ID
>every thing goes fine. If I view the field in a DataLost it outputs as
>the
>HTML code I want but when I use a FormView or DetailsView I get the HTML
>code written on the screen. What am I doing wrong, how do I insert SQL
>commands to a database and then select them and print them out as HTML
>code
>in the outprinted aspx file at the client and not HTML code in the
>browser.
>>
>I do use Parameterised values. Some how I must make sure to convert the
>illegal characters to HTML excape sequences and then back again. How is
>this
>done?
>>
>Here's the string I want to use
>>
><p align="center"> <a
>href="http://www.rosoft.se/private/music/lrband/eget/100_Funky_12.mp 3">100_Funky_12 .mp3</a></p>
>>
>Yours
>Lars
>>
>BTW
>It's my own music.
>>
>>
>>
>>
>>

SQL INsertion problem

SQL INsertion problem

Comment

Comment