CodeCharge Studio
search Register Login  

Visual Web Reporting

Visually create Web Reports in PHP, ASP, .NET, Java, Perl and ColdFusion.
CodeCharge.com

YesSoftware Forums -> CodeCharge Studio -> ASP

 Email with Apostrophe reject on form input

Print topic Send  topic

Author Message
Dreamcatchers


Posts: 118
Posted: 03/20/2014, 11:06 PM

I'm usig CCS 4.3 using ASP and have a form that accepts a users contact information. I noticed that if an email is email with an apostrophe I get an "invalid email" error message.

I thought this was supposed to handle this since that is a valid character for email addresses.

I am using localization for Canada-English which support charset UTF-8.

Any suggestions on getting this to accept apostrpohes?
_________________
Dream Catchers, Inc
ITIL Training and eLearning
www.itil.us.com
866-FOR-ITSM
View profile  Send private message
Dreamcatchers


Posts: 118
Posted: 03/21/2014, 9:29 PM

I figured it out using examples from others. The key is to use the built in functions of CCS. It will handle all the exceptions and filter out sql injections. Straight SQL is nice but not secure.

SQL = "INSERT INTO roster (Emp_Id, FirstName, LastName, Status, Companyname, Title, Workphone, email, Product_id, Course_date)"
SQL = SQL & "VALUES("& Connection.ToSQL(Emp_Id,ccsInteger) & ","& Connection.ToSQL(FirstName,ccsText) & "," & Connection.ToSQL(LastName,ccsText) & ","
SQL = SQL & Connection.ToSQL(Status,ccsInteger) & "," & Connection.ToSQL(CompanyName,ccsText) & "," & Connection.ToSQL(Title,ccsText) & ","
SQL = SQL & Connection.ToSQL(Workphone,ccsText) & "," & Connection.ToSQL(email,ccsText) & "," & Connection.ToSQL(Product_id,ccsInteger) & ","
SQL = SQL & Connection.ToSQL(Course_Date,ccsText) & ")"

Connection.Execute(SQL)


_________________
Dream Catchers, Inc
ITIL Training and eLearning
www.itil.us.com
866-FOR-ITSM
View profile  Send private message
eratech


Posts: 513
Posted: 03/27/2014, 1:25 AM

I agree that using the built-in functions are much easier than concatenation by hand.

I found the 'Custom Update' for Records and Editable Grids allows a nicer front-end that writing the SQL directly too, and has the advantage that it will convert most things when you upgrade. I've gotten lazier over the years and like a few pre-populated drop-down lists of columns to select and move on instead of remembering everything.

Cheers

Eric
_________________
CCS 3/4/5 ASP Classic, VB.NET, PHP
Melbourne, Victoria, Australia
View profile  Send private message

Add new topic Subscribe to topic   


These are Community Forums for users to exchange information.
If you would like to obtain technical product help please visit http://support.yessoftware.com.

PHP Reports

Visually create Web Reports in PHP, ASP, .NET, Java, Perl and ColdFusion.
CodeCharge.com

Home   |    Search   |    Members   |    Register   |    Login


Powered by UltraApps Forum created with CodeCharge Studio
Copyright 2003-2004 by UltraApps.com  and YesSoftware, Inc.