HtmlEncode for all controls
in [ASP]
|
From: Bob Barrows [MVP] on 9 Apr 2008 10:54 jaja wrote: > Hello all, > I am familiar with the HtmlEncode Server method. > > I also read this : > http://msdn2.microsoft.com/en-us/library/a2a4yykt(VS.80).aspx > > My question is: If I want to encode all inputs from user, can I apply > this encoding for all "Input" fields on my site in a single action. > > Something like Input.HtmlEncodeAll() or HtmlEncodeAllInputs() etc. > > Many thanks. -- Microsoft MVP -- ASP/ASP.NET Please reply to the newsgroup. The email account listed in my From header is my spam trap, so I don't check it very often. You will get a quicker response by posting to the newsgroup.
From: Bob Barrows [MVP] on 9 Apr 2008 11:02 jaja wrote: > Hello all, > I am familiar with the HtmlEncode Server method. > > I also read this : > http://msdn2.microsoft.com/en-us/library/a2a4yykt(VS.80).aspx > > My question is: If I want to encode all inputs from user, can I apply > this encoding for all "Input" fields on my site in a single action. > > Something like Input.HtmlEncodeAll() or HtmlEncodeAllInputs() etc. > > Actually, you could write your own function and include it via SSI in all your pages: ProcedureLibrary.asp <% Sub WriteToResponse(sData, bEncode) If bEncode Then Response.Write Server.HTMLEncode(sData) Else Response.Write sData End If End Sub %> Then in your html_encode1.asp page: <!--#include file=procedureLibrary.asp--> <% dim fname fname=Request.Form("txtarea") If fname<>"" Then WriteToResponse "Hello " & fname, true WriteToResponse "!<br />",false WriteToResponse "How are you today?", false End If %> -- Microsoft MVP -- ASP/ASP.NET Please reply to the newsgroup. The email account listed in my From header is my spam trap, so I don't check it very often. You will get a quicker response by posting to the newsgroup.
From: jaja on 10 Apr 2008 02:15
On 9 ×פר××, 18:02, "Bob Barrows [MVP]" <reb01...(a)NOyahoo.SPAMcom> wrote: > jaja wrote: > > Hello all, > >  I am familiar with the HtmlEncode Server method. > > >  I also read this : > >http://msdn2.microsoft.com/en-us/library/a2a4yykt(VS.80).aspx > > >  My question is: If I want to encode all inputs from user, can I apply > > this encoding for all "Input" fields on my site in a single action. > > >  Something like Input.HtmlEncodeAll() or HtmlEncodeAllInputs() etc. > > Actually, you could write your own function and include it via SSI in > all your pages: > > ProcedureLibrary.asp > <% > Sub WriteToResponse(sData, bEncode) > If bEncode Then >   Response.Write Server.HTMLEncode(sData) > Else >   Response.Write sData > End If > End Sub > %> > > Then in your html_encode1.asp page: > > <!--#include file=procedureLibrary.asp--> > <% > dim fname > fname=Request.Form("txtarea") > If fname<>"" Then >    WriteToResponse "Hello " & fname, true >    WriteToResponse "!<br />",false >    WriteToResponse "How are you today?", false > End If > %> > > -- > Microsoft MVP -- ASP/ASP.NET > Please reply to the newsgroup. The email account listed in my From > header is my spam trap, so I don't check it very often. You will get a > quicker response by posting to the newsgroup. Thank you Bob for the nice tip. I would have hoped there will we maybe a Server object property which I will be able to set and it will do the work, but apparently there isn't. Thanks, again! |