Use Server.HTMLEncode for strings stored in a database

Use Server.HTMLEncode for strings stored in a database

If your ASP pages display strings stored in database fields, you should always process the strings with the Server.HTMLEncode method, otherwise the string won’t be displayed correctly in the user’s browser if it contains characters that have a special meaning to HTML, such as the quote (“), the less-than (<) and greater-than (>) symbols, the ampersand symbol (&), and any character whose ANSI code is larger than 127.

Here’s an example of how you should use the Server.HTMLEncode method:

Dim rs Set rs = Server.CreateObject("ADODB.Recordset")rs.Open "products", "DSN=mydb"' display the product name on the first lineResponse.Write rs("product_name") & "<BR>"' the Description field might contain special charsResponse.Write Server.HTMLEncode(rs("product_description"))

Share the Post:
data observability

Data Observability Explained

Data is the lifeblood of any successful business, as it is the driving force behind critical decision-making, insight generation, and strategic development. However, due to its intricate nature, ensuring the

Heading photo, Metadata.

What is Metadata?

What is metadata? Well, It’s an odd concept to wrap your head around. Metadata is essentially the secondary layer of data that tracks details about the “regular” data. The regular