I've got a page set up for CFERROR TYPE="request" that displays an online
form, asking the user to enter briefly what happened and submit the form.
Several error variables are included as hidden form fields, including
error.Diagnostics. I've noticed that error.Diagnostics often has apostrophes
and quotation marks in it.
Therefore, if you have VALUE="#error.Diagnostics#" or
VALUE='#error.Diagnostics#' as a hidden field, the values can get truncated
when the browser finds a matching " or '. Also, what's been chopped off can
be displayed in the browser.
I wanted to suggest to Allaire that they escape high ASCII characters using
the respective character entities in error.Diagnostics, but I'm starting to
think this isn't a workable solution (being able to use functions in CF4.0.1
CFERROR pages might be a help). I think you can in 4.5 (is that right?) but
my host only has 4.0.1.
Alternatively, would asking Allaire to leave out apostrophes and quotation
marks from error.Diagnostics be feasible? I think sometimes ODBC errors that
get embedded might also have them.
Does anyone have a solution?
Thanks
--
Aidan Whitehall <[EMAIL PROTECTED]>
Netshopper UK Ltd
Advanced Web Solutions & Services
http://www.netshopperuk.com/
Telephone +44 (01744) 648650
Fax +44 (01744) 648651
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
