|
-
 Memo field pb
Hi Frank,
We are having problem with the memo field box (access + SQL server).
We would like to make a linebreak by using "<BR>" because the content of the box is printed on several lines in a html file, but it seems that's not possible (we have the error : A potentially dangerous Request.Form value was detected from the client .... ).
By simply pressing "Entry" the text goes to the line in the memo field box but not in html...
Is there a way to solve this issue ?
Thanks,
Thibaut
Here is an example with nwind.mdb:
<script language="vb" runat="server">
Sub Page_Load(Source as Object, E as EventArgs)
Dim EditAll As New Tornado.Z()
With EditAll
.dbQP= "U=627|S=12|ps=30|D=nwind.mdb|M=ty=Grid!sysindex=t rue!|ni=update,cancel|gdf=1,2|mts=-1|Q=Select * From categories order by CategoryName"
Dim EUF as string = "fi=categoryname|tag=size=20|ty=text"
EUF = EUF & ",fi=description|ty=TextArea|Tag=cols=30 rows=3"
.dbEditUpdateFlds = EUF
.dbBookMark = "categories;0"
.ASPdbNET()
End With
End Sub
</script>
-
You mean you want to enter a <BR> in the Memo text? This would trigger the security protection of URL injection and will be treated as a virus. What OS are you using? See whether there is a way to disable this security measure. Explain a bit more of what you want to do. How to illustrate the problem usingthe sample code.
FK
-
Hi Frank,
Yes exactly, we would like to insert <BR> in a Memo field (in an "add" or "update" mode), as in the following example :
"This is an example<BR>
of a simple text we<BR>
want to edit."
This text would be then inserted into html or asp code.
The "Enter" key in a Memo field has no effect when inserted in the code...
We are using Windows 2000 or Windows XP, and I did not find any possibility to disable the security protection concerning this issue...
Thanks for your help,
Thibaut
-
>>..The "Enter" key in a Memo field has no effect when inserted in the code..
Try use <Shift><Enter> to break the lines.
On the way out from field to HTML, use MagicCell to mask the CRLF to <BR> or <P>.
Also use the technique of using a CR characters in the memo and then mask them during display. This is safer and you have full control.
FK
-
Hello Frank,
We used to be able to enter a <br> ( or <b>, etc.) into the memo or text field on an update or an add to a database, so then people could make the text look formatted if we displayed the information onto a web page (our secretaries really liked this!). Now all of the sudden it seems broken, we do not know if this is behavior of Tornado or a new feature of .Net.
Is there a way to turn off this behavior in .Net in the code of the page?
We are now starting to test different versions of the Tornado dll and .Net to determine what broke this behavior.
Thanks,
Dean
-
<..> is a url injection and has nothing to do with ASP-db. ENter the real CR in the field and then use the magiccell to change it to <p> or <br> in the display. It has been alway like this.
Frank
-
Hello Frank,
This was fixed with a:
validateRequest="false"
This is a .Net behavior.
Our fault...
Thanks,
Dean
-
Be careful.. disable the validation is not recommended as you are open to JS code in input. Especially when ASP-db offers you a way to do it safely.
Frank
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote