|
|
Posted by Jochem Maas on 01/13/06 19:29
Jay Blanchard wrote:
> [snip]
> hope the kick didn't break anything. :-)
> [/snip]
>
> Nah, just having a senior moment. Since it is a query string issue I
> converted the database (even though it is strictly a web database in this
> case) to 'Oil & Gas'. The query string sees the ampersand and doesn't show
so the DB is 'correct'. NOw it's just a case or urlencoding the value before
sticking it in the URL - that will protect the server from breaking off the
query condition/parameter at the point of the '&' in 'Oil & Gas'
and just in case your forced to do the urlencoding of the value on the
client side, here is one I stole earlier:
// ====================================================================
// URLEncode and URLDecode functions
//
// Copyright Albion Research Ltd. 2002
// http://www.albionresearch.com/
//
// The Javascript escape and unescape functions do not correspond
// with what browsers actually do...
//
// You may copy these functions providing that
// (a) you leave this copyright notice intact, and
// (b) if you use these functions on a publicly accessible
// web site you include a credit somewhere on the web site
// with a link back to http://www.albionresarch.com/
//
// If you find or fix any bugs, please let us know at albionresearch.com
//
// SpecialThanks to Neelesh Thakur for being the first to
// report a bug in URLDecode() - now fixed 2003-02-19.
// ====================================================================
function URLEncode(plaintext)
{
if (!plaintext || !plaintext.length) {
return plaintext;
}
var SAFECHARS = "0123456789" + // Numeric
"ABCDEFGHIJKLMNOPQRSTUVWXYZ" + // Alphabetic
"abcdefghijklmnopqrstuvwxyz" +
"-_.!~*'()"; // RFC2396 Mark characters
var HEX = "0123456789ABCDEF";
var encoded = "";
for (var i = 0; i < plaintext.length; i++ ) {
var ch = plaintext.charAt(i);
if (ch == " ") {
encoded += "+"; // x-www-urlencoded, rather than %20
} else if (SAFECHARS.indexOf(ch) != -1) {
encoded += ch;
} else {
var charCode = ch.charCodeAt(0);
if (charCode > 255) {
/*
alert( "Unicode Character '" + ch + "' cannot be encoded using standard URL encoding.\n" +
"(URL encoding only supports 8-bit characters.)\n" +
"A space (+) will be substituted." );
*/
encoded += "+";
} else {
encoded += "%";
encoded += HEX.charAt((charCode >> 4) & 0xF);
encoded += HEX.charAt(charCode & 0xF);
}
}
} // for
return encoded;
};
function URLDecode(encoded)
{
if (!encoded || !encoded.length) {
return encoded;
}
// Replace + with ' '
// Replace %xx with equivalent character
// Put [ERROR] in output if %xx is invalid.
var HEXCHARS = "0123456789ABCDEFabcdef";
var plaintext = "";
var i = 0;
while (i < encoded.length) {
var ch = encoded.charAt(i);
if (ch == "+") {
plaintext += " ";
i++;
} else if (ch == "%") {
if (i < (encoded.length-2)
&& HEXCHARS.indexOf(encoded.charAt(i+1)) != -1
&& HEXCHARS.indexOf(encoded.charAt(i+2)) != -1 ) {
plaintext += unescape(encoded.substr(i,3));
i += 3;
} else {
/*
alert( 'Bad escape combination near ...' + encoded.substr(i) );
*/
plaintext += "%[ERROR]";
i++;
}
} else {
plaintext += ch;
i++;
}
} // while
return plaintext;
};
> anything past that in the condirion.
>
[Back to original message]
|