| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.misc -> Re: users using &, ", ', and other chars in input fields
Michael Hill wrote:
> I have a general question about how people generally tend to deal with
> users data that they enter.
>
> As an example users enter double quotes in a text field surrounding a
> specific piece of text they want to hi-lite and then it barfs during the
> oracle insert step because the string is not properly delimited.
>
> Another example is where the ampersand causes trouble when used on an
> xml page so provisions are made to insert it into the table using the
> ascii equavalent & . But the field is only 25 characters so when a
> string with 25 characters that has an ampersand is being input and we
> change the ampersand to the ascii equavalent we now have more then 25
> characters and update fails beacuse we have too many characters. We
> could truncate them before the insert, or we could write some code to
> deal with them onthe client.
>
> Others copy and paste from word documents into a text field and in it
> there are hidden formatting fields like bullets.
>
> The users barf and complain about the application, but what we have here
> is bad data.
>
> How do most handle these?
>
> Mike
The TRANSLATE function.
-- Daniel Morgan http://www.outreach.washington.edu/ext/certificates/oad/oad_crs.asp http://www.outreach.washington.edu/ext/certificates/aoa/aoa_crs.asp damorgan_at_x.washington.edu (replace 'x' with a 'u' to reply)Received on Thu Jan 29 2004 - 18:24:14 CST
 |
 |