escaping

jQuery, escape characters when selecting by href

Hi, I'm trying to select an element based on its href within a table of records. I have two links for each record: 'reorder=+' and 'reorder=-' If I use a[href*=reorder] both elements are recognised successfully, however if I try to differentiate between the two, nothing happens eg: a[href*=reorder\=\+] Is there a way around th...

How do I make Firefox open a file with an ampersand in the filename?

I've written some Ruby code to inspect ZIP-files as part of an internal company process. The way we usually launch this code is from a web browser. When you click to download the file, you select "open with" and specify the full path to a small batch file. This one-line batch file looks like this: \\mathworks\public\Matthew_Simoneau\...

Javascript - Replacing the escape character in a string literal

Hi everyone, I am trying to replace the backslash (escape) character in a Javascript string literal. I need to replace it with a double backslash so that I can then do a redirect: var newpath = 'file:///C:\funstuff\buildtools\viewer.html'.replace(/\\/g,"\\"); window.location = newpath; However, it seems to have no result. I don't...

How do I reverse escape backslash ecodings like "\ " and "\303\266" in bash?

I have a script that records files with UTF8 encoded names. However the script's encoding / environment wasn't set up right, and it just recoded the raw bytes. I now have lots of lines in the file like this: .../My\ Folders/My\ r\303\266m/... So there are spaces in the filenames with \ and UTF8 encoded stuff like \303\266 (which is ö...

PHP: Allow users to make posts with certain tags

Users on my site can post news items. But right now, it's all honor system as far as HTML goes. function postNewsItem($subject, $body, $userid){ $time = time(); $subject = mysql_real_escape_string($subject); $body = mysql_real_escape_string($body); $q = "INSERT INTO news (subject, body, userid) VALUES ('$subject', '$body', '$use...

How can I escape the slash character in vi?

When I try to search a string starting with the slash / character in vi, the cursor jumps to the next search result from the previous search. However, I'd like to find the literal slash character. How can this be done? ...

Escaping a clearsilver variable for use as a javascript parameter from an href.

I'm using a clearsilver variable as a parameter to a javascript function, from an href. Like this: <a href="javascript:foo('<?cs var: js_escape(bar) ?>');"><span> This works great, until the cs variable contains quotes. Anyone have experience with this? Is there some ordering of escaping that will work for this, or do I need to find ...

Bash / PHP quoting command line argument

I have a PHP program that uses a Bash script to convert a pdf. However if the filename contains spaces it is not passed through the bash script correctly. How do you escape filenames with spaces within a bash script? Do you have to do something special to quote the filename for the "OUTFILE" variable? Bash script: #!/bin/bash INFI...

Escape character in VB.NET

For displaying the character & in a button as text, i am using && I would like to display the string % in another one button but the &% does not work. So how can i display the char % By using this btn5.Text = "%" the percentage symbol is not displayed at all! ...

Literal quotes in flags for a command in a bash script

I'm writing a Bash script in which I am running a perl script which requires flags that have double quotes in them. Running the script normally, you would run $ perl script.pl -flag="something" -anotherflag="somethingelse" In my script, I'm using variables in these flags, but would like to preserve the doublequotes, so I have somethin...

PHP $_SERVER['HTTP_HOST'] escaping, does this look acceptable?

I am just learning about escaping things and started reading about how it could be risky to use $_SERVER['HTTP_HOST'] due to XSS attacks. I came up with this and was wondering if I could get some feedback on my attempt. htmlspecialchars( filter_var( $_SERVER[ 'HTTP_HOST' ], FILTER_SANITIZE_URL ), ENT_QUOTES, 'UTF-8' ) Does it...

Parameterized queries with psycopg2 / Python DB-API and PostgreSQL

What's the best way to make psycopg2 pass parameterized queries to PostgreSQL? I don't want to write my own escpaing mechanisms or adapters and the psycopg2 source code and examples are difficult to read in a web browser. If I need to switch to something like PyGreSQL or another python pg adapter, that's fine with me. I just want simple...

Ignoring escaped delimiters (commas) with awk?

If I had a string with escaped commas like so: a,b,{c\,d\,e},f,g How might I use awk to parse that into the following items? a b {c\,d\,e} f g ...

Escaping a literal <?php and <? in a PHP script

I am templatizing my php.ini using PHP. I have a script to set up a development environment by generating httpd.conf, apachectl, and php.ini from templates using a CLI PHP script. Unfortunately there are literal <? and <?php strings in php.ini (in a comment). Is it possible to escape those somehow so php doesn't interpret them as normal ...

How to escape apostrophe or quotes on a JSP ( used by javascript )

Hi, I have a user form. If the user types in a string with ' or " as part of it I have no problem. The form is submitted and saved correctly to the DB. My problem is when I reload the page (all entries can be modified and are loaded into a list in the jsp before being displayed). On loading the page I get an error saying: missing )...

How to pass/escape an argument to an event handler attached using javascript?

In the code HTML+Script below, an event handler is attached after page load using setAttribute(...). The event hander is passed an argument which is read dynamically too. the event hander is attached successfully ( verified by a getAttribute(...) However, the handler does not fire. What is wrong with the snippet below? <HTML> <...

How to escape only "'" in PHP?

I'm doing something like following to transfer value from PHP to javascript: var str = '<?php echo $v; ?>'; If there is no "'" in $v, it'll just be fine. But in case there is "'" in $v, obviously error will be reported. So far I've only used mysql_real_escape, which is not applicable now. ...

Ultimate Website Testing String

Hi all. I've been grappling with the fraught area of escaping user (text) input for web pages. The ultimate goal is to have user input displayed and stored exactly as typed in, without breaking anything. To that end I have been using the following test string : '"$%^&()+=-£{}[]/n/<>\@~;|,.?#:!&amp;``&quot;&#39; It seems to work we...

How do I prevent a Builder template from escaping a URL in an attribute value?

I have a Rails Builder template: # in app/views/foos/index.xml.builder: xml.Module do |mod| ... mod.Content :type => 'url', :href => foos_url(:bar => 'baz', :yoo => 'hoo') end (It creates the XML for an OpenSocial Module file, but that's not important.) The problem is that the rendered XML lo...

Why are my backslashes disappearing in my Perl one-liner?

I tried a search and replace across all files in a directory as follows: /usr/bin/perl -p -i -e "s/Else/Else FILE_WRITE(\"C:\\TestDir\\mes.txt","Message received");/g" *.scr That is replace all occurence of Else with "Else FILE_WRITE(\"C:\TestDir\mes_.txt","Message received");" But the replacement is seen to be as follow...