| Author |
 Topic Search  Topic Options
|
shteeble 
Newbie
Joined: 13 January 2005
Status: Offline
Points: 4
|
 Post Options
 Thanks(0)
 Quote  Reply
 Topic: Sending the text to the Database
Posted: 13 January 2005 at 8:00am |
Hi I m working with access and i m having a problem to send the text i wrote to the DB
i m doing
INSERT INTO
but the problem is that the text i m trying to insert has " ' and it makes the problem.
who can i insert the text to a DB?
|
 |
dj air
Senior Member
Joined: 05 April 2002
Location: United Kingdom
Status: Offline
Points: 3627
|
Post Options
Thanks(0)
Quote Reply
Posted: 13 January 2005 at 9:01am |
|
if you show us the SQL statement/Update SQL we can may be able to tell you want might be wrong.
|
|
shteeble
Newbie
Joined: 13 January 2005
Status: Offline
Points: 4
|
Post Options
Thanks(0)
Quote Reply
Posted: 13 January 2005 at 10:01am |
message = Request.Form("message")
and then i try to insert it into the DB
like this
MySql = "insert into table (theText) VALUES ('" & message & "');"
the problem is that in the attribute message i have this:
<div align="center">
<div style="width:760">
<br><a href="http://www.walla.com" onclick="this.style.behavior='url(#default#homepage)';this.s etHomePage('http://www.walla.com/');"><img src=http://www.walla.com/i/wu/l/en/v/home/logo.me.big.gif width=287 height=82 border=0></a><br><br><br>
<form name=mainform autocomplete="off" action="http://friends.walla.com/" method="post">
<input type=hidden name=w value="/@login.commit">
<input type=hidden name=ReturnURL value="http://mail.walla.com">
<div id=gSignIn>
<table width=760 class="wtable wp-login"><tr>
<td width=10 nowrap></td>
<td class=w3 nowrap>User Name:</td><td><input tabindex=1 type=text name=username></td>
<td width=10 nowrap></td>
<td class=w3>Password:</td><td><input tabindex=2 type=password name=password></td>
<td><button type=submit>Sign In >></button></td>
<td width=100% align=right><a href="http://friends.walla.com/?w=/@hint" class=w2>Forgot your password?</a></td>
<td width=10 nowrap></td>
</tr></table>
When i try to insert it i have a problem were i have " or ' or #
Like here :
<div align="center">
well who can i insert it?
|
|
dj air
Senior Member
Joined: 05 April 2002
Location: United Kingdom
Status: Offline
Points: 3627
|
Post Options
Thanks(0)
Quote Reply
Posted: 13 January 2005 at 10:07am |
|
if the data you are entering into the Database holds / has values like
#,',", then you need to do form validation to change those values into
html Equilavents.
as those and other charecters can mess up a SQL. as they are also used with SQL statemts.
|
|
shteeble
Newbie
Joined: 13 January 2005
Status: Offline
Points: 4
|
Post Options
Thanks(0)
Quote Reply
Posted: 13 January 2005 at 12:16pm |
ok i get it
and i know this is what i need to do
but what i m asking is is:
if here in this forum u use the Web Wiz Rich Text Editor
and u post a massage it is inserted in to the db
them means u do this validation some were
if that is so then i will like to get this functions
and use them
do u have them?
|
|
dj air
Senior Member
Joined: 05 April 2002
Location: United Kingdom
Status: Offline
Points: 3627
|
Post Options
Thanks(0)
Quote Reply
Posted: 13 January 2005 at 12:20pm |
|
if you copy the functions from the forum (get those fikes)
then once you set the veriable message do formatSQL, etc on it. and then submit to the database.
depending on the out put when taken out of the database at the other
end (idea)... you may need to reformat them, using forumcodes and
decodeString functions., take a look at the forum coding on the
post_message.asp and forum_posts.asp they both have the encodeing and
decoding of messages. this is also in V7.9 RTE
|
|
shteeble
Newbie
Joined: 13 January 2005
Status: Offline
Points: 4
|
Post Options
Thanks(0)
Quote Reply
Posted: 13 January 2005 at 1:06pm |
I cant find them in the post_message.asp and forum_posts.asp
can u writ it here?
and where do u see them in the V7.9 RTE?
|
|
dj air
Senior Member
Joined: 05 April 2002
Location: United Kingdom
Status: Offline
Points: 3627
|
Post Options
Thanks(0)
Quote Reply
Posted: 13 January 2005 at 2:07pm |
include functions_filters.asp i belive within the functions folder
and to
format code for the DB, before entry use
'Check the message for malicious HTML code
Message = checkHTML(Message)
'Strip long text strings from message
Message = removeLongText(Message)
|
and when bringing in the code from the Database include functions_format_post.asp from the functions folder.
the sxection that sorts the post is
'If the post contains a quote or code block then format it
If InStr(1, strMessage,
"[ QUOTE=", 1) > 0 AND InStr(1, strMessage, "[ /QUOTE]", 1) > 0
Then strMessage = formatUserQuote(strMessage)
If InStr(1, strMessage,
"[ QUOTE]", 1) > 0 AND InStr(1, strMessage, "[/QUOTE]", 1) > 0
Then strMessage = formatQuote(strMessage)
If InStr(1, strMessage, "[ CODE]",
1) > 0 AND InStr(1, strMessage, "[ /CODE]", 1) > 0 Then strMessage
= formatCode(strMessage)
'If the post contains a flash link then format it
If blnFlashFiles Then
If InStr(1,
strMessage, "[ FLASH", 1) > 0 AND InStr(1, strMessage, "[ /FLASH]", 1)
> 0 Then strMessage = formatFlash(strMessage)
If InStr(1,
strAuthorSignature, " [FLASH", 1) > 0 AND InStr(1,
strAuthorSignature, "[ /FLASH]", 1) > 0 Then strAuthorSignature =
formatFlash(strAuthorSignature)
End If
'If the message has been edited parse the 'edited by' XML into HTML for the post
If InStr(1, strMessage, "<
edited>", 1) Then strMessage = editedXMLParser(strMessage)
'Call the function to highlight search words if coming froma search page
If strSearchKeywords <> ""
Then strMessage = searchHighlighter(strMessage, sarySearchWord)
'If the user wants there signature shown then attach it to the message
If rsPost("Show_signature") AND
strAuthorSignature <> "" Then strMessage = strMessage &
"<!-- Signature --><br /><br
/>__________________<br />" & strAuthorSignature &
"<!-- Signature -->"
|
for bring ing it in, there isn't much if any that is changed.
in insertion to the database you will alos have to include the file
that has formatSQLInput . its one of the forum filkes within the
functions folder.
Edited by dj air - 13 January 2005 at 2:09pm
|
|
Sending the text to the Database