Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

getting value from request object

 
Alex Kravets
Ranch Hand
Posts: 476
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I send a string to my JSP page that looks like this: 'Black & White'. The page is called from another page thru JavaScript function:


In my JSP page I get the parameter item, but when I print it out I see it as just word black: "Black "

What should I do to get the whole string "Black & White" ?

thanks,
Alex
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65223
95
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Did you look at the HTML sent to the page? You will see that the string is there as expected.

The & character is an introducer for HTML entities and as such is being interpreted by the browser. And since you aren't giving it a legal entity, it's barfing on it.

The best solution is to be sure that any strings on your JSP are HTML-escaped. The easiest way to do this is to use the JSTL <cut> tag to emit the strings; it will automatically escape the characters as necessary.

To do it by hand (not recommended), you would replace the & character with its escaped equivalent &amp;
[ April 26, 2005: Message edited by: Bear Bibeault ]
 
Alex Kravets
Ranch Hand
Posts: 476
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
thanks Bear.
But, I don't have JSTL installed on this machine and the string with "&" later on is used in SQL query, so I am not sure if 'Black & White' will be ok in the query. Is there a solution to that?
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
'&' is a control character in a querystring.
Also, empty spaces are not allowed.

However you do it (JSTL's cut or c:url are two good ways) you will need to escape those characters if you want to use them in a URL Query String.



[obnoxious smilies]
[ April 26, 2005: Message edited by: Ben Souther ]
 
Alex Kravets
Ranch Hand
Posts: 476
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
But what about SQL query? If I escape '&', once in the query string, I need to bring it back to its normal representation. And what do I do if I don't have JSTL? Parse it manually? But Bear said it's not a good idea.
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You're not passing a full SQL statement in a querystring parameter, I hope.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65223
95
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
don't have JSTL installed on this machine


No time like the present! You're either going to have to do that or come up with your own solution such as your own custom tag or bean. Or do something crufty like hard-code it.

Why not take the standardized road?

string with "&" later on is used in SQL query


You're not really doing SQL queries directly on the JSP, are you?

Even if so, that's why performing the transform upon display (rather than hard-coding it) is the proper thing to do -- the original string remains unchanged.
 
Alex Kravets
Ranch Hand
Posts: 476
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So you want to tell me that JSTL will let's say "encode' incoming string and when I need to use it in my SQL query it will "decode" back to "normal state"?
And no I am doing SQL in JSP. I have a bean that I send my SQLs to and it returns a Collection.
 
Alex Kravets
Ranch Hand
Posts: 476
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


Yes, thanks Ben I looked at URLEncoder, but not sure how I would use it if I prepare and send my URL string thru JavaScript.
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here.
Put this hideous JSP on your machine and run it.
It should be enough to get you going.

You don't need to unescape the querystring.
getParameter does that for you.



For the record, I agree with Bear, if you're going to do scripting in a JSP, take the time to install JSTL. This will, at least, standardize it.

Also, are you passing SQL Statements via query string parameters?
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65223
95
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
URLDecoder will not help HTML-escape the string -- it will URL-endcode the string which is a different animal.

when I need to use it in my SQL query it will "decode" back to "normal state"?


No, the original string is untouched. Let's say for example you have the string in a scoped variable named myString in request scope. To showe it on the page, you'd write:



which will properly encode it for output. The original string in the scoped variable remains the same. You can use it for whatever you wish elsewhere on the page.
[ April 26, 2005: Message edited by: Bear Bibeault ]
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I believe the problem (at least the intial one) that he's having is that he's trying to send an unencoded string as a query string parameter.


He may also run into trouble trying to display the value.
[ April 26, 2005: Message edited by: Ben Souther ]
 
Alex Kravets
Ranch Hand
Posts: 476
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Exectly
I don't use a JSP to prepare link for page execution, I do it in JavaScript and thus cannot use URLEncoder. And using <c ut> I don't think will help since I have to not only display it but use it as a parameter for my DB select function.
[ April 26, 2005: Message edited by: Alex Kravets ]
 
Shailesh Chandra
Ranch Hand
Posts: 1082
Java Oracle Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator


Since it is javascript function I am wondering if javascript's escape method could be used to escape & , here is the url for the details of escape/unescape ,but URL works on IE only
http://www.yuki-onna.co.uk/html/encode.html it doesn't work on my firefox

Shailesh
[ April 26, 2005: Message edited by: Shailesh Chandra ]
 
Ben Souther
Sheriff
Posts: 13411
Firefox Browser Redhat VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm sure plenty of people have published Javascript encode/unencode functions.
Try a Google search to see if you can find a good one.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65223
95
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
using <cut> I don't think will help since I have to not only display it but use it as a parameter for my DB select function.


One more time: use of <cut> will affect only the display of the string and will not change the original string so that it can be used for any other purpose elsewhere on the page.

Perhaps it's time to show us how you are using the string on the page so we can figure out where the disconnect is.
[ April 26, 2005: Message edited by: Bear Bibeault ]
 
Alex Kravets
Ranch Hand
Posts: 476
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I will, thanks a lot for your help guys!
 
Alex Kravets
Ranch Hand
Posts: 476
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

One more time: use of <c ut> will affect only the display of the string and will not change the original string so that it can be used for any other purpose elsewhere on the page.

Yes I got it Bear. Typed witout thinking first.
All I need to do now is encode my string in JavaScript before sending and I should be fine.
[ April 26, 2005: Message edited by: Alex Kravets ]
 
Alex Kravets
Ranch Hand
Posts: 476
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OK got it.
Found a nice example of url encoding via javascript at http://www.blooberry.com/indexdot/html/topics/urlencoding.htm
I encode url on javascript side before sending and use URLDecoder to decode the string when time to send it to DB object.

Thanks again everybody!
 
Shailesh Chandra
Ranch Hand
Posts: 1082
Java Oracle Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
nice to know that it is working, but still I am wondering if you tried with javascript's inbuilt function of esacepe and if you escape a URL before sending you need not to unescape it on next page
document.getElementById('favList').src=escape("favorites/addToFavorites.jsp?item=" + item);

Thanks for the link

[Edited]
I tried the link but it is not converting &

Shailesh
[ April 26, 2005: Message edited by: Shailesh Chandra ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic