the problem is, what happens if they put a single quote in the text field?
>oi Brad!! >ummmmm <input type=hidden value='#wddx#' > <--------- single quote it? >-- >Critz >Certified Adv. ColdFusion Developer >Crit[s2k] - <CF_ChannelOP Network="Efnet" Channel="ColdFusion"> >------------------------------------ >Friday, April 26, 2002, 10:18:41 AM, you wrote: BR> I know this has been asked before, but I can't find it anywhere. BR> I have a textarea that allows users to type a bunch of text. When BR> submitted, the form variables serialized to wddx and put in a hidden field BR> for the next form. BR> The problem is that if the user enters characters like double quotes, the BR> browser thinks the hidden form field ends at the double quotes and displays BR> the rest of the packet. BR> What function do I need to use to "make it safe" while passing it in a BR> hidden field and then "make it normal" when I input the info into the BR> database? BR> I've tried xmlFormat(), but it didn't work (I may not be using it BR> correctly). BR> -Brad BR> ______________________________________________________________________ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
