I am having the following issue:
I am using an application that allows users to concatenate text to build a URL that passes parameters to an ASP page via GET method, i.e. something like:
http://myhostname/process.asp?param1=value1¶m2=value2
Problem is value1 and value2 can contain the ampersand symbol, which is not interpreted as a text character.
The most popular solution to this issue is to encode the URL, which is not an option for me because I cannot modify the program that builds the URL. I can modify the process.asp page, but not the program that concatenates the text fields and builds the URL.
Things I've tried to search for are:
How to encode a URL using javascript directly in the browser
How to change IIS default behaviour when reading an &
Alternative ways to pass parameters, i.e. something like passing them as a single string of characters separated with pipes
Hope you can give me some guidance.
You can read the entire query string and parse it yourself, like this:
q = Request.QueryString
a = Split(q, "=")
i = 1
For Each s In a
If i mod 2 = 0 Then
If InStr(s, "&") <> InStrRev(s, "&") Then
Response.Write "Value: " & Left(s, InStrRev(s, "&") - 1) & "<br/>"
hidingParam = Right(s, Len(s) - InStrRev(s, "&"))
Response.Write "PAramName: " & hidingParam & "<br/>"
i = i + 1
Else
Response.Write "Value: " & s & "<br/>"
End If
Else
Response.Write "PAramName: " & s & "<br/>"
End If
i = i + 1
Next
Result:
URL: ...?Q=abc&def&P=123 produces
PAramName: Q Value: abc&def PAramName: P Value: 123
Note that this is less than robust. I am only illustrating my idea. I didn't test with no &.
It also doens't handle multiple "=" characters (if that's a possiblity as well).
If there are 2 (or more) ampersands in-between the equals, then only the last one is a parameter separator. So, using your URL above, and assuming that value1 = "abc&def", and value2 = "123", then the URL will look like:
http://myhostname/process.asp?param1=abc&def¶m2=123
Notice there's 2 ampersands in-between the 2 equals. The last one will be your parameter separator, the rest are part of the value. And any ampersands after the last equals are also part of the value.
You'll have to dissect the incoming URL and apply the appropriate logic.
Related
Everytime I add CharW(34) to a string it adds two "" symbols
Example:
text = "Hello," + Char(34) + "World" + Char(34)
Result of text
"Hello,""World"""
How can I just add one " symbol?
e.g Ideal result would be:
"Hello,"World""
I have also tried:
text = "Hello,""World"""
But I still get the double " Symbols
Furthermore. Adding a CharW(39), which is a ' symbol only produces one?
e.g
text = "Hello," + Char(39) + "World" + Char(39)
Result
"Hello,'World'"
Why is this only behaving abnormally for double quotes? and how can I add just ONE rather than two?
Assuming you meant the old Chr function rather than Char (which is a type).It does not add two quotation mark characters. It only adds one. If you output the string to the screen or a file, you would see that it only adds one. The Visual Studio debugger, however, displays the VB-string-literal representation of the value rather than the raw string value itself. Since the way to escape a double-quote character in a string is to put two in a row, that's the way it displays it. For instance, your code:
text = "Hello," + Chr(34) + "World" + Chr(34)
Can also be written more simply as:
text = "Hello,""World"""
So, the debugger is just displaying it in that VB syntax, just as in C#, the debugger would display the value as "Hello, \"World\"".
The text doesn't really have double quotes in it. The debugger is quoting the text so that it appears as it would in your source code. If you were to do this same thing in C#, embedded new lines are displayed using it's source code formatting.
Instead of using the debugger's output, you can add a statement in your source to display the value in the debug window.
Diagnostics.Debug.WriteLine(text)
This should only show the single set of quotes.
Well it's Very eazy
just use this : ControlChars.Quote
"Hello, " & ControlChars.Quote & "World" & ControlChars.Quote
I have the first password from a text box:
pwtextbox = TextBox2.Text
and the other one I am reading from a DB Table:
pwdatabase = SQLdr("pw")
I've tried to compare them using '=', StrComp, and strings.compare and they always, no matter what, come as different
While SQLdr.Read() 'While Data is Present
pwdatabase = SQLdr("pw") 'pwdatabase is equal db entry
Response.Write(pwtextbox & "=" & pwdatabase & "?<br>") 'is mickey=mickey?
If StrComp(pwtextbox, pwdatabase) = 0 Then
Response.Write("login successful")
Response.Write(pwdatabase & "is the pass")
Else
Response.Write("wrong password. ")
Response.Write(TextBox2.Text & " is the wrong pass. the right password is " & pwdatabase)
End If
End While
the onscreen display outputs as follow:
mickey=mickey?
wrong password.
mickey is the wrong password. the right password is mickey.
I can't seem to understand!
especially when I see on the screen that the two strings are identical, I still get this false positive...
can you see what I'm missing?
I have a string that at any point may or may not contain one or more / characters. I'd like to be able to create a new string based on this string. The new string would include every character after the very last / in the original string.
Sounds like you're wanting the file name from a URL. In any case, it's the same function. The key is using the InStrRev function to find the first / char, but starting from the right. Here's the function:
Function GetFilename(URL)
Dim I
I = InStrRev(URL, "/")
If I > 0 Then
GetFilename = Mid(URL, I + 1)
Else
GetFilename = URL
End If
End Function
Split it up into parts and get the last part:
a = split("my/string/thing", "/")
wscript.echo a(ubound(a))
note: Not safe when the string is empty.
The URL link below will open a new Google mail window. The problem I have is that Google replaces all the plus (+) signs in the email body with blank space. It looks like it only happens with the + sign. How can I remedy this? (I am working on a ASP.NET web page.)
https://mail.google.com/mail?view=cm&tf=0&to=someemail#somedomain.com&su=some subject&body=Hi there+Hello there
(In the body email, "Hi there+Hello there" will show up as "Hi there Hello there")
The + character has a special meaning in [the query segment of] a URL => it means whitespace: . If you want to use the literal + sign there, you need to URL encode it to %2b:
body=Hi+there%2bHello+there
Here's an example of how you could properly generate URLs in .NET:
var uriBuilder = new UriBuilder("https://mail.google.com/mail");
var values = HttpUtility.ParseQueryString(string.Empty);
values["view"] = "cm";
values["tf"] = "0";
values["to"] = "someemail#somedomain.com";
values["su"] = "some subject";
values["body"] = "Hi there+Hello there";
uriBuilder.Query = values.ToString();
Console.WriteLine(uriBuilder.ToString());
The result:
https://mail.google.com:443/mail?view=cm&tf=0&to=someemail%40somedomain.com&su=some+subject&body=Hi+there%2bHello+there
If you want a plus + symbol in the body you have to encode it as 2B.
For example:
Try this
In order to encode a + value using JavaScript, you can use the encodeURIComponent function.
Example:
var url = "+11";
var encoded_url = encodeURIComponent(url);
console.log(encoded_url)
It's safer to always percent-encode all characters except those defined as "unreserved" in RFC-3986.
unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"
So, percent-encode the plus character and other special characters.
The problem that you are having with pluses is because, according to RFC-1866 (HTML 2.0 specification), paragraph 8.2.1. subparagraph 1., "The form field names and values are escaped: space characters are replaced by `+', and then reserved characters are escaped"). This way of encoding form data is also given in later HTML specifications, look for relevant paragraphs about application/x-www-form-urlencoded.
Just to add this to the list:
Uri.EscapeUriString("Hi there+Hello there") // Hi%20there+Hello%20there
Uri.EscapeDataString("Hi there+Hello there") // Hi%20there%2BHello%20there
See https://stackoverflow.com/a/34189188/98491
Usually you want to use EscapeDataString which does it right.
Generally if you use .NET API's - new Uri("someproto:with+plus").LocalPath or AbsolutePath will keep plus character in URL. (Same "someproto:with+plus" string)
but Uri.EscapeDataString("with+plus") will escape plus character and will produce "with%2Bplus".
Just to be consistent I would recommend to always escape plus character to "%2B" and use it everywhere - then no need to guess who thinks and what about your plus character.
I'm not sure why from escaped character '+' decoding would produce space character ' ' - but apparently it's the issue with some of components.
Now it seems like a really simple question and I may just be being thick, but what I'm trying to achieve is basically print an array to screen in the following format:
Item 1, Item 2, Item 3, Item 4
Although I say to screen, as that was the best way I could describe it, I'm actually writing it to the page inside some Javascript.
The way I'm currently going about writing it out is as follows:
for each b in theDates
Response.Write("'" + b.CallDate + "',")
next
But obviously that returns a string of Item 1, Item 2, Item 3, Item 4,.
Is there a simple way of getting rid of the last comma or am I going about this completely wrong?
You could use String.Join method. Not sure about VB but something like that:
Response.Write(String.Join(", ", theDates.Select(Function(n) "'" & n.CallDate & "'").ToArray()))
Try String.Join (documentation). My VB is rusty, but hopefully you can read this C#:
var datesInQuotes = theDates.Select(date => "'" + date.CallDate + "'");
Response.Write(String.Join(", ", datesInQuotes));
As others have said, String.Join is what you want in this case.
More generically: you've got to either detect when you're at the the last element and not append a comma, or detect when you're at the first element and not prepend a comma.
Typically it's easier to detect when you're at the first, so:
dim firstDone as bool = false
for each b in theDates
if firstDone then Response.Write (",")
Response.Write("'" + b.CallDate + "'")
firstDone = true
next
(Excuse my rusty vb)
There's no need to String.join this.
st="'"
for each b in theDates
Response.Write(st + b.CallDate + "'")
st=", '"
next
No, you aren't wrong - totally.
Loop through theDates and put the data into a string.
After you are done looping, remove the last comma:
myString.Remove(myString.Length - 1, 1);
Response.Write(myString)
A side note: You really shouldn't output to the screen with Response.Write. You should set the text of a server control as your output. A label is perfectly fine. You will notice that your text won't appear where you think it will if you don't.
You could write the comma in front of each item except the first one.
I would recommend to do just as you were doing, and then use the Response.Remove(s.Length-1, 1)
In C#:
for (int i = 0; i < theDates.Length; i++)
{
if (i > 0)
{
Response.Write(",");
}
Response.Write(theDates[i]);
}
all too complicated. Keep it simple
dim st as string ="'"
for each b in theDates
Response.Write(st + b.CallDate + "'")
st=", '"
next
response.write (st.TrimEnd(New Char() {" ", ","})