Dealing with strings that have single and double quotes embedded

Ian's answer will work.  The replace function will help you implement it.

Where is the data coming from?

IIRC if the string with quotes is already data then you can just set that data to a variable.

How are you getting the data and how are you setting it to a variable that is causing it to truncate at the quotes.

But if you need to modify the data, that is how you would modify it.  But if that is truly your situation I see this as a bit of a chicken and egg question.  In order to modify the string it needs to be data but to get to be data you need to modify the string.

I have exactly the same problem so I'm going to add what I've determined to date.

First, there only appears to be a problem when you're dealing with text boxes.  If you working with data in a text area there is no problem.  The single or double quotes go into the database and come back out into the text area just fine.  In text areas you put the data back into the page without having to use either single or double quotes: e.g., <textarea name="TB1" ... wrap="VIRTUAL">#sProbDesc#</textarea>.

I think the problem relates to the way you have to put the info back into the text box.  Here is an example:

<input name="TB1" type="text" id="TB1" value="#sTitle#" size="100" maxlength...>

My value, "#sTitle#" is sourrounded by double quotes so you can have single quotes in the data and all is well.  If I turn it around and use '#sTitle#', then I can have double quotes in the data but not single quotes.

The answer seems simple then, just leave off the quotes around the data in the text box and all will be fine.  That's not the answer either.  It seems to work differently depending upon the data.  A simple string apprears to terminate at the first blank so you get one word back into the field.  A complex sting can create chaos acrtoss on the whole page.  

To me that fault lies with ColdFusion and the way it builds the page.  There does not seem to be a quote requirment for other things that normally come with double quotes around them like width="50", rows="2", etc.  You can leave the double quotes off of them and all works normally.  Why do you have to put either a single or double quote around the value="#sTitle#" to get a text box to work properly???  One would think that the required # # delimiters should be sufficient for ColdFusion to know where the string begins and ends.

I know that you could escape every single or double quote before you insert it into a text box value field but that would be an unreasonble requirement.  I just let DW count the number of text boxes in my system: 166 in 716 files so expecting me to go to every one of these and escape the data is unreasonable, at best.

If anyone knows a solution to this problem, I would greatly appreciate your sharing.

Thanks in advance.

:-}}}

Len 

PHRED-SE wrote: To me that fault lies with ColdFusion and the way it builds the page.  There does not seem to be a quote requirment for other things that normally come with double quotes around them like width="50", rows="2", etc.  You can leave the double quotes off of them and all works normally.  Why do you have to put either a single or double quote around the value="#sTitle#" to get a text box to work properly???  One would think that the required # # delimiters should be sufficient for ColdFusion to know where the string begins and ends.

No the problem is with HTML!  Yes the ## delimiters are sufficient for ColdFusion to know where the string begins and ends.  ColdFusion then renders the string variable into the HTML code and returns that to the web server.  The web server returns the HTML to the browser.  The browser then startes rendering the HTML and gets confused by too many conflicting quotes in its code.

Try putting this into your Dreamweaver and save it as a html file with a .htm extension and then open in your browser of choice.

<input type="text" name="badForm" value="I'm not going to play "nicely" here."/>

Tell me a way you can hand code that text control into HTML and I will tell you way to do it in ColdFusion.

I know that you could escape every single or double quote before you insert it into a text box value field but that would be an unreasonble requirement.  I just let DW count the number of text boxes in my system: 166 in 716 files so expecting me to go to every one of these and escape the data is unreasonable, at best. If anyone knows a solution to this problem, I would greatly appreciate your sharing.

Ok, I'm going to tell you anyways.

htmlEditFormat() or htmlCodeFormat() functions.  These functions takes characters like the singe and double quotes and coverts them to the character entities so that the HTML engine of your browser can tell the difference between the data and the HTML.  The former function just escapes the data, the latter function escapes the data and wraps it in <pre></pre> tags to display code nicely in a web page.

Ian,

     HTMLEditFormat works like a champ.  I'm just going to add HTMLEditFormat to those place that need to be escaped before I display them; e.g.,

<input name="TB1" type="text" id="TB1" value="#HTMLEditFormat(sTitle)#" size="100" ...>.

     Thanks for your help.

:-}

Len

PHRED-SE wrote: I'm just going to add HTMLEditFormat to those place that need to be escaped before I display them.

That's what it's for!  Don't forget to check out the whole family of output format functions.  HTMLCodeFormat(), XMLFormat() and URLEncodedFormat().