Escape input

Discussion in 'Java' started by francan00@yahoo.com, Sep 30, 2008.

  1. Guest

    I have a Form input field in my JSP:
    --------------------------------------------------------------------------------
    <input type="text" value="<%= NameClass.getInfo() %>" />
    ---------------------------------------------------------------------------

    How do I make sure this data is escaped correctly to be able to show
    quotes and apostrophes. I tried slash in front (name=\"nickname\" and
    it didnt work.

    I dont have JSF,Struts, JSTL, StringEscapeUtils (from Apache commons)
    due to restrictions on my Tomcat 4.1.27 container.

    Is there something I can use or please advise best way to handle this?
     
    , Sep 30, 2008
    #1
    1. Advertising

  2. Wojtek Guest

    wrote :
    > I have a Form input field in my JSP:
    > --------------------------------------------------------------------------------
    > <input type="text" value="<%= NameClass.getInfo() %>" />
    > ---------------------------------------------------------------------------
    >
    > How do I make sure this data is escaped correctly to be able to show
    > quotes and apostrophes. I tried slash in front (name=\"nickname\" and
    > it didnt work.
    >
    > I dont have JSF,Struts, JSTL, StringEscapeUtils (from Apache commons)
    > due to restrictions on my Tomcat 4.1.27 container.
    >
    > Is there something I can use or please advise best way to handle this?


    NameClass.getInfo() will need to escape the characters as it passes
    back a value. Single quotes don't matter, but double quotes can be
    "escaped" by using $quot;

    BTW, is NameClass.getInfo() static?

    --
    Wojtek :)
     
    Wojtek, Sep 30, 2008
    #2
    1. Advertising

  3. Guest

    On Sep 30, 9:38 am, Wojtek <> wrote:
    > wrote :
    >
    > >  I have a Form input field in my JSP:
    > > ---------------------------------------------------------------------------­-----
    > > <input  type="text" value="<%= NameClass.getInfo() %>" />
    > > ---------------------------------------------------------------------------

    >
    > > How do I make sure this data is escaped correctly to be able to show
    > > quotes and apostrophes. I tried slash in front (name=\"nickname\" and
    > > it didnt work.

    >
    > > I dont have JSF,Struts, JSTL, StringEscapeUtils (from Apache commons)
    > > due to restrictions on my Tomcat 4.1.27 container.

    >
    > > Is there something I can use or please advise best way to handle this?

    >
    > NameClass.getInfo() will need to escape the characters as it passes
    > back a value. Single quotes don't matter, but double quotes can be
    > "escaped" by using $quot;
    >
    > BTW, is NameClass.getInfo() static?
    >
    > --
    > Wojtek :)


    Thanks Wojtek,

    Yes NameClass.getInfo is a Class variable (static).
    I solved issue by creating Utility Class to escape quotes, apostrophes
    and html start and end tags.
     
    , Sep 30, 2008
    #3
  4. Daniel Pitts Guest

    wrote:
    > I have a Form input field in my JSP:
    > --------------------------------------------------------------------------------
    > <input type="text" value="<%= NameClass.getInfo() %>" />
    > ---------------------------------------------------------------------------
    >
    > How do I make sure this data is escaped correctly to be able to show
    > quotes and apostrophes. I tried slash in front (name=\"nickname\" and
    > it didnt work.
    >
    > I dont have JSF,Struts, JSTL, StringEscapeUtils (from Apache commons)
    > due to restrictions on my Tomcat 4.1.27 container.
    >
    > Is there something I can use or please advise best way to handle this?

    You will either need to upgrade your container to a modern one, add the
    Apache commons library, or write your own method that escapes the data.

    Using JSTL is by far the simplest approach.

    --
    Daniel Pitts' Tech Blog: <http://virtualinfinity.net/wordpress/>
     
    Daniel Pitts, Oct 4, 2008
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Weng Tianxiang
    Replies:
    12
    Views:
    1,709
  2. slomo
    Replies:
    5
    Views:
    1,625
    Duncan Booth
    Dec 2, 2007
  3. Replies:
    0
    Views:
    357
  4. Martin
    Replies:
    2
    Views:
    155
    Bob Showalter
    Jun 27, 2007
  5. Ivan Marsh

    How do I escape form input values, C style?

    Ivan Marsh, Apr 13, 2005, in forum: Javascript
    Replies:
    3
    Views:
    149
Loading...

Share This Page