i f I request a queryString
?where=here%20I'am

and I want to fill a input with it

<input type='text' name="where" value='<%=request:queryString("iwhere")%>' readonly />

i get only here I

how can I get here I'am ?

thank you

Hmm... that shouldn't happen like that.
Possibly it has something todo with you using request:querystring instead of request.querystring and iwhere instead of where?

I would use double quotes in place of single quotes. I'm not sure if that is personal preference, but I seem to remember it being more standard. Whatever :)

More importantly, use server.htmlencode() to make sure your quotation marks don't affect the actual html.

<input type="text" name="where" value="<%=server.htmlencode(request.queryString("iwhere"))%>" readonly />

Doh! I see where you are going with this now...I just got up :)..
Yeah like arnyinc said ditch the single qoutes + htmlencode ;)...

ok arnyinc and Mhtml ! I'll try
thank you

Yup... what they said. Also, there's no reason to "ugly" your HTML by using a combination of single/double quotes. You can comment out double quotes in ASP strings like so, if you're writing HTML from ASP:

Response.Write("This is a ""string"".")

However for your particular question I would try it like this:

<input type="text" name="where" value="<%= Request.QueryString("where")%>" readonly="true" />

Since you're using XHMTL syntax, I would definitely give the readonly attribute a value. ;-)

thanks for the readonly = true !!! ;-))

I don't get it

here is my queryString

any.asp?where=I%20do'nt%20get%20it

if I do

<%=request.QueryString("where")%> it works

if I do

<input type='text' name="textElem" value='<%=server.htmlencode(request.QueryString("where"))%>' readonly='true' />

it does not work, I only get : I do

same thing if I do first a :

replace(request.QueryString("where"),"'","''")

<%=replace(session("where"),"'", "'")%>

it works !

thank you !

use double quotes as arnyinc and whammy said...

<input type="text" name="textElem" value="<%=server.htmlencode(request.QueryString("where"))%>" readonly="true" />

no it does't work

but in my last post the second ' was a # 39 ;
and it works

hhmm, it should work. can you post the generated html?

oh no matter ! I have tried this server.htmlEncode and I dont get it
I just replace the quote by the #equivalent and it works at once

it is an old asp application for a customer, and I have not worked wih it asp 3 since nearlly 2 years

all is much more easy with asp net

thank you !!

It's not only double quotes that can mess your html. if the value contains other special characters like >, it will mess your code. for example you have this script without server.htmlencode and the value contains the character >

<input type="text" name="where" value="<%= Request.QueryString("where")%>" readonly="true" />

sample generated output would be:

<input type="text" name="where" value="blah>" readonly="true" />

the > in the value will close the input tag.

so you have to change it to &lt;

server.htmlencode just does that. you don't have to manually do a replace for every special character. that's why i insist you use server.htmlencode.

try this sample demo:

<%
str = "~!@#$%^&*()-_+={}[]\|"":';<>,.?/`"
%>
<input size="50" value="<%=server.htmlencode(str)%>">

if you execute it and view the generated html source, it would look like:

<input size="50" value="~!@#$%^&amp;*()-_+={}[]\|&quot;:';&lt;&gt;,.?/`">

yes in your case it works

but with

session("x") = "don't"

<input size="50" value="<%=server.htmlencode(session("x"))%>">

it doesn't work

Originally posted by angiras
yes in your case it works

but with

session("x") = "don't"

<input size="50" value="<%=server.htmlencode(session("x"))%>">

it doesn't work

Don't know what you did but when I tried the code above in a very simple page it worked perfectly.

There may be something else interfering somehow, what does a view-source at the browser show as the output?

you are right ! alone it works :-(((

ok don't worry , I must have a vakue somewhere .....
teh code source shoes do and not don't

I must read again all the code

thank you ......