Hi, You're sending an unencoded string (which happens to be in JSON format) as part of your parameters string, which is meant to be URL- encoded data. A # sign is the least of your problems. ;-) You'll want to encode that with JavaScript's encodeURIComponent function[1].
Somewhat OT, but as of 1.6 (at least), the preferred way to provide options to Ajax.Request is as an object. If you give it a string, that string will be converted to an object, and then later converted back into a string. Yes, really. :-) Also, String has a toJSON function you can use instead of JSON.stringify (not that it matters). So: entry = encodeURIComponent($('busCalForm').serialize(true).toJSON()); new Ajax.Request( "modules/buscal/processes/saveBooking.php", { parameters: { year: year, recnum: busmstr_id, json: entry }, onSuccess: busCal.gotEntry.bind(this), onFailure: busCal.gotFailure.bind(this) }); > How can I effectively escape an entire form, without > having to get the value and escape them individually? Is there a > command I'm missing? That's not quite what your code is doing; you're sending the form fields as a JSON-encoded string in a parameter called "json". If you just want to send the form fields, and you don't need them to arrive at the other end as a JSON string, there's a *much* shorter way: Form#request[2]. Assuming that your form element has the saveBooking.php as its action attribute: $('busCalForm').request({ parameters: { year: year, recnum: busmstr_id }, onSuccess: busCal.gotEntry.bind(this), onFailure: busCal.gotFailure.bind(this) }); The form fields will no longer be JSON-ified (but will be properly URL- encoded), they'll arrive as individual parameters on the request. If the form field doesn't have saveBooking.php as its action and you can't change that, the Ajax.Request can still be simplified: params = $('busCalForm').serialize(true); params.year = year; params.recnum = busmstr_id; new Ajax.Request( "modules/buscal/processes/saveBooking.php", { parameters: params, onSuccess: busCal.gotEntry.bind(this), onFailure: busCal.gotFailure.bind(this) }); [1] https://developer.mozilla.org/en/Core_JavaScript_1.5_Reference/Global_Functions/encodeURIComponent [2] http://prototypejs.org/api/form/request HTH, -- T.J. Crowder tj / crowder software / com Independent Software Engineer, consulting services available On Jul 30, 8:27 pm, infringer <infrin...@gmail.com> wrote: > I have a form, I've been doing this in javascript: > > entry = $('busCalForm').serialize(true); > entry = JSON.stringify(entry); > new Ajax.Request("modules/buscal/processes/saveBooking.php", { > parameters: "year=" + year + "&recnum=" + busmstr_id + "&json=" + > entry, > onSuccess: busCal.gotEntry.bind(this), > onFailure: busCal.gotFailure.bind(this) > }); > > But i have a user that has typed a # in one of the fields, and the > script dies. How can I effectively escape an entire form, without > having to get the value and escape them individually? Is there a > command I'm missing? > > -David --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Prototype & script.aculo.us" group. To post to this group, send email to prototype-scriptaculous@googlegroups.com To unsubscribe from this group, send email to prototype-scriptaculous+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/prototype-scriptaculous?hl=en -~----------~----~----~----~------~----~------~--~---