Yes, thats a helpful function ... I was looking at :
http://jakarta.apache.org/taglibs/doc/string-doc/string-1.0.1/ index.html
to see if i can find a good tag library to use ... havent found one that i could use yet. Am hoping that someone on the list has pointers to some standard function or taglib.
Thanks.
On Friday, August 1, 2003, at 02:57 AM, Steph Richardson wrote:
I assume any html type tags that may be included in the text, you would want rendered as visible HTML tags in the browser. So use a
HTML encoding method. There doesn't seem to be a JRE standard for this, so something like this will do it :
public static String HTMLEncode( String unenc )
{
final String[] tokens = new String[] {"<", ">", "\"", "'"};
final String[] replacement = new String[] {"<", ">", """, "'"};
StringBuffer sb = new StringBuffer(unenc); for(int i = 0; i<tokens.length; i++) { int idx = 0; while((idx = sb.indexOf(tokens[i], idx)) != -1) sb.replace(idx, idx + tokens[i].length(), replacement[i]); } return sb.toString(); }
-----Original Message----- From: Mufaddal Khumri [mailto:[EMAIL PROTECTED] Sent: Thursday, July 31, 2003 4:51 AM To: Tomcat Users List Subject: Suggestions ?
Hi,
Am using tomcat 4.1.24.
Have a XYZ.jsp with a form on it take data from the user. Once the user
clicks submit the data is stored in the database and the data that the
user entered is shown to him on ABC.jsp.
The problem is that the user can enter anything in the text field and
text area of the form on XYZ.jsp. For example in the description text
area he or she might enter - text, an http url, maybe html tags etc.
Now when i grab this data from the form and store it to the databse it
works fine, but when i grab the data from the database and render it on
ABC.jsp it gets messed up because the html tags in the data interfere
with the html of the page. Is there a way in tomcat escape such
characters or are there java methods that i could use to pass this
string through that would do the escaping for me ?
Thanks.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
