How can a Script be passed through a TextArea into a Form? | ansaurus

tags:

views:

26

answers:

1

Q:

How can a Script be passed through a TextArea into a Form?

I need to make a form with a Text Area that accepts lines of script, any kind of script be it javascript, css, html, vbscript, whatever. How can the script be passed to a form post?

EDIT: How can this script be modified so it can be inserted into a Database? Specifically SQL Server 2005

+1 A:

T.J. Crowder 2010-04-08 16:06:19

That is true however in the process of saving this information to a database, it being a script is causing all sorts of havok with the SQL Statement. That's what I really need help with.

William Calleja 2010-04-08 16:16:39

@William: It sounds as though you're not pre-processing the text correctly, which has all sorts of implications, not least making the app susceptible to SQL injection attacks: http://en.wikipedia.org/wiki/Sql_injection, http://imgs.xkcd.com/comics/exploits_of_a_mom.png The solution is the same for script as for other text, use a parameterized statement when doing your SQL insert/update (whatever those look like in your environment; for instance, in Java you might use `java.sql.PreparedStatement`). If you search for "SQL Injection" on SO (or generally) you'll find tutorials about it.

T.J. Crowder 2010-04-08 16:20:04

Thanks a lot T.J. I really wasn't giving sql injection any though tat all.

William Calleja 2010-04-09 09:53:45

@William: Glad that helped!

T.J. Crowder 2010-04-09 13:46:58

related questions

What JavaScript patterns do you use most?

Javascript events

What style do you use for creating an "class" in JavaScript?

Graphing JavaScript Library

What's the difference in closure style

Getting the text from a drop-down box

How to specify javascript to run when ModalPopupExtender is shown

Length of Javascript Associative Array

How Do I Post and then redirect to an external URL from ASP.Net?

How to set up a CSS switcher in ASP.NET

Wrapping lists into columns

Javascript keyboard events primer? (or rather: help me with my custom dropdown)

Http Auth in a Firefox 3 bookmarklet

Best Debugging Tools for JavaScript/xulrunner Development

How can I turn a string of HTML into a DOM object in a Firefox extension?

Call ASP.NET Function From Javascript?

Javascript troubleshooting tools in IE

MAC addresses in JavaScript

Capturing TAB key in text box

CSS Background Color in Javascript

How can I make the browser see CSS and Javascript changes?

Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?

ASP .Net Custom Client-Side Validation

What JavaScript library would you choose for a new project and why?

Detecting font in JavaScript