devxlogo

Use Server.HTMLEncode for strings stored in a database

Use Server.HTMLEncode for strings stored in a database

Why Trust Us

If your ASP pages display strings stored in database fields, you should always process the strings with the Server.HTMLEncode method, otherwise the string won’t be displayed correctly in the user’s browser if it contains characters that have a special meaning to HTML, such as the quote (“), the less-than (<) and greater-than (>) symbols, the ampersand symbol (&), and any character whose ANSI code is larger than 127.

Here’s an example of how you should use the Server.HTMLEncode method:

Dim rs Set rs = Server.CreateObject("ADODB.Recordset")rs.Open "products", "DSN=mydb"' display the product name on the first lineResponse.Write rs("product_name") & "<BR>"' the Description field might contain special charsResponse.Write Server.HTMLEncode(rs("product_description"))

See also  Professionalism Starts in Your Inbox: Keys to Presenting Your Best Self in Email
devxblackblue

About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist

Charlie Frank

Charlie has over a decade of experience in website administration and technology management. As the site admin, he oversees all technical aspects of running a high-traffic online platform, ensuring optimal performance, security, and user experience.
View Author
Show More