Dean,

Thank you. I went to get code snippets to prove that HTMLEditFormat was not being used on the insert. It isn't but I did find the real problem when I went to grab the code...

The action page takes the submitted form variables and calls the component to do some minor calculations and the insert/update/delete as necessary. No special editing is done here other than making sure the data is properly formatted.

However, I realized that javascript is the culprit. The form page is dynamic in that it allows you to any number of items, select from a pre-existing list, enter your own item manually, and change the order on the fly (The sequence of entries is important.) The javascript copies all entries from the <INPUT>'s to a table displayed to the user. It then clears the <INPUT> to use for the next item.

When the user submits the form, the onSubmit function is called which uses javascript to concatenate all of the entries into a list which it then stores in a hidden <input> element. (The list is later processed in the component.) However, because javascript is copying from inside a table using the innerHTML property instead of a value property, it is copying the HTML equivalents, not the original values. These HTML equivalents are where I am getting my special characters transformed to escape codes.

I'll end up fixing this by adding a few regex functions to my code before processing either in the onSubmit function or in the CFC.

(Just FYI, I concatenate my lists with a CHR(10) which is a ascii value (Line Feed) that can not be entered into a browser. This in turn allows the end user to type any symbol without fear of them screwing up my list separator.)

Thanks again,
Frank

On 05/15/2010 04:04 PM, Dean H. Saxe wrote:
Someone is calling htmleditformat() on the insert...

-dhs

--
Dean H. Saxe
"A true conservationist is a person who knows that the world is not given by his 
fathers, but borrowed from his children."  -- John James Audubon




On May 15, 2010, at 10:01 AM, Frank Moorman wrote:

All,

I was wondering if someone could help me track down a bug...

I am using Coldfusion 7 with MySQL 5.1.  Every query in the application is 
using<CFQUERYPARAM>  and I am not sure if this is important to this particular 
issue, but Global Script Protection is enabled on the server.

My problem is this, a user enters an ampersand into a form field. The field gets stored in the database 
with "&amp;" replacing every "&".

When I read the data from the table for display to a web browser I output it using HTMLEditFormat to 
produce standards compliant pages. However, this takes the data and changes it to "&amp;amp;" 
displaying "&amp;" in the web browser.

I need to display "&" to the users without the "amp;" I know that I could remove all of the HTMLEditFormats 
and that will work, but in my mind that is not the problem and I would prefer to fix the real issue and not just the symptom. I 
would like to get actual"&" 's on the table not"&amp;".  I also thought of using triggers to stop the 
issue but to me that also is just treating the symptom.

Does anyone know what is actually causing this behavior so that I can actually 
fix it at the source?

Thanks,
Frank


-------------------------------------------------------------
To unsubscribe from this list, manage your profile @ 
http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------





-------------------------------------------------------------
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=gin.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------






-------------------------------------------------------------
To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform

For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------



Reply via email to