Greetings: Our users have a textarea that will hold client notes and are saved to the database upon submit. From time to time they will cut and paste text from MS word. There are certain characters such as a dash and quote that will be encoded by the form as … and – . These codes get stored in the DB as well and I would prefere if they did not. Is there anything I can do to prevent this? Do I have to filter all my data before going to the database? ** I already filter out (using struts tag) '<', '>', '"', and '&'. So if turn filtering on, I get “ on the page, and If turn filtering off, I get correct rendering but I runt he risk of HTML format code that I don't want. Any help would be appreciated.
posted 18 years ago
Looking at my post, I see that I tried to Express the codes “ and … and they rendered and it my be hard to read my post. Bottom line is I don't want HTML entity codes in my database. Sorry for the confusion.
Hey Jeff, I guess you want to write text from a HTML-input-field, type="text", to a MySQL or PostgreSQL database. As far as I know you have to scan the String object for these characters and parse them to HTML-entities. At least the " and ', because they are field limiting elements in MySQL and the most other RDBMS based on SQL. This works fine if you just want to save the data. If you also want to read it from the database and display it on a JSP you will get in trouble because of the > and <. To make it brief: Parse ' and " when you write to the database. Parse < and > when you read from the database and you want to display text as HTML. Greetings Gerd
<a href="http://www.brainsandbytes.de" target="_blank" rel="nofollow">Brains and Bytes</a> − eTechnology- and Marketing-Services