converting text in DB
Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=6123
Printed Date: 13 April 2026 at 8:49am
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com
Topic: converting text in DB
Posted By: Mattblack
Subject: converting text in DB
Date Posted: 02 October 2003 at 3:11pm
|
Hi all, Just wondering how to solve this... Im using V6.4 on my website. When people register or post, it all appears as normal, but if you look in the database then you get things like this inserted all over the place.... So when i create a page to draw certain strings and email address out of the database, i have things like that all over the page and need to get rid of it. I know its got to be something to do with the language file or something, but what is it? And what should i include on the pages that i create to stop it from happening??? Cheers Matt |
Replies:
Posted By: Gullanian
Date Posted: 02 October 2003 at 3:20pm
|
thgins like o are HTML entities which stand for potentialy hamrful symbals such as ', <, >, % etc etc. By replacing them with their HTML entity equivalent you make inputting data more secure. Its a sacrafice worth making. |
Posted By: WebWiz-Bruce
Date Posted: 02 October 2003 at 3:26pm
|
The forum code has a function to decode this. You need to run the data you pull from the database through the following function:-
------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: Mattblack
Date Posted: 03 October 2003 at 10:22am
|
ok, im good - but not THAT good. Thanks so far though How do i include that in my asp then? For example, a simple bit of code might read email addresses from it, that will obviously contain harmful characters. It would read like this....
How would i include it in the example shown? Cheers again! |
Posted By: WebWiz-Bruce
Date Posted: 03 October 2003 at 10:40am
|
If you are showing it on a web page you dn't need to remove the
encoding as they are HTML character entities so your browser will
display them as the correct characters to anyone viewing the web page. If you really must remove them then use this code:-
Put the bit in shown in red and also include the function from my last post somewhere in the same asp file. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting |
Posted By: Mattblack
Date Posted: 04 October 2003 at 5:22am
|
GOT IT! Thanks guys! ~Matt ( http://www.zeuscomputers.co.uk - www.zeuscomputers.co.uk ) |
Posted By: Detonator
Date Posted: 23 June 2005 at 6:27am
Hello all,
I came along to this page looking for information on a script that I'm working on for WW, and I was having this same problem regarding these "special" characters getting replaced by "&#nnn" entities. I understand the problem with things like <, >, %, etc. But, out of curioisity, what harm can the letter "o" (ASCII code 111) do? because this letter specifically gets replaced by o and I can't see any logic reason to do this, as it's plain a plain letter.
Thanks
|
Gullanian wrote:Posted By: dpyers
Date Posted: 23 June 2005 at 12:36pm
|
I believe Borg has included the alphabet in the decode function because
he also encodes some reserved words that could be entered in text boxes
and used as part of an sql injection attack.
------------- 
Lead me not into temptation... I know the short cut, follow me. |