[Sonic]

Ok, let's see if i can describe this problem clearly. [page 1] I have a form. [page 2] displays the contents of the form in html and stores the values of the form in HIDDEN form fields. [page 3] processes the form values by inserting them into a db.
The problem is that if i don't put value="" then entries with more than two words don't get stored properly in the hidden fields.

i.e.

<INPUT type="hidden" id=entry name=entry value=<%=Request("entry")%>>

becomes

<INPUT type="hidden" id=entry name=entry value=This is the submitted entry>

and everything after 'This' is dropped.

So i use "'s

i.e.

<INPUT type="hidden" id=entry name=entry value="<%=Request("entry")%>">

becomes

<INPUT type="hidden" id=entry name=entry value="This is the submitted entry">

And that works fine EXCEPT when the form value contains a "

so I end up with:

<INPUT type="hidden" id=entry name=entry value="So she said, "hey!" and then left">

and when this value is passed to [page 3] it only passes: "So she said, " and drops the rest.

I'm filtering ' already with this function:

Function CleanSQL(strng)
Dim regExp, retVal, repStr
repStr = "'"
set regExp = new RegExp
regExp.Pattern = "'"
regExp.IgnoreCase = true
regExp.Global = true
retVal = regExp.Replace(strng, repStr)
CleanSQL = retVal
End Function

But when i try to filter " by replacing
regExp.Pattern = "'"
with
regExp.Pattern = """

I get this error:

Error Type:
Microsoft VBScript compilation (0x800A0409)
Unterminated string constant
submit.asp, line 29, column 21
regExp.Pattern = """

so if any of you know the escape character for " in asp, or know of a better way i should be doing this, i would GREATLY appreciate it. . . i may even name my first born after you ;)

[objekt404]

well, if you want to but one set of qoutes in another, one should be " & the next nested set should be ' (correct me if i'm wrong, i'm new to this ASP too.)  i think the the escape (ASCII) for " is #34, ' is #39 (try 'em; i'm gettin' it outta an XML book, but ASCII is ASCII).

my problem is writing XML data to a server, but i'll post something more specific here once i'm sure i've located the problem.

[Sonic]

i think you're missing the point.

normally, ' causes asp to comment out what follows on the same line, so to look for ' you have to let asp know that it is not a comment tag. you need to escape the ' s normal function. you do this by preceeding it with a

so asp looks for the ' instead of commenting out everything after it in:

regExp.Pattern = "'"

unfortunately though, does not appear to escape the " s normal function because:

regExp.Pattern = """

does not work.

help?

[objekt404]

sorry, i thought that asp would ignore ' nested inside of ".

oh well, hoped the ASCII helped.

[Sentry]

Try
<%=Replace(Request("entry"), """", "&quot;")%>

(Edited by Sentry at 6:06 pm on July 23, 2001)