Hi, I'm trying to select an element based on its href within a table of records. I have two links for each record: 'reorder=+' and 'reorder=-' If I use a[href*=reorder] both elements are recognised successfully, however if I try to differentiate between the two, nothing happens eg: a[href*=reorder\=\+] Is there a way around th...
I've written some Ruby code to inspect ZIP-files as part of an internal company process. The way we usually launch this code is from a web browser. When you click to download the file, you select "open with" and specify the full path to a small batch file. This one-line batch file looks like this: \\mathworks\public\Matthew_Simoneau\...
Hi everyone, I am trying to replace the backslash (escape) character in a Javascript string literal. I need to replace it with a double backslash so that I can then do a redirect: var newpath = 'file:///C:\funstuff\buildtools\viewer.html'.replace(/\\/g,"\\"); window.location = newpath; However, it seems to have no result. I don't...
I have a script that records files with UTF8 encoded names. However the script's encoding / environment wasn't set up right, and it just recoded the raw bytes. I now have lots of lines in the file like this: .../My\ Folders/My\ r\303\266m/... So there are spaces in the filenames with \ and UTF8 encoded stuff like \303\266 (which is ö...
Users on my site can post news items. But right now, it's all honor system as far as HTML goes. function postNewsItem($subject, $body, $userid){ $time = time(); $subject = mysql_real_escape_string($subject); $body = mysql_real_escape_string($body); $q = "INSERT INTO news (subject, body, userid) VALUES ('$subject', '$body', '$use...
When I try to search a string starting with the slash / character in vi, the cursor jumps to the next search result from the previous search. However, I'd like to find the literal slash character. How can this be done? ...
I'm using a clearsilver variable as a parameter to a javascript function, from an href. Like this: <a href="javascript:foo('<?cs var: js_escape(bar) ?>');"><span> This works great, until the cs variable contains quotes. Anyone have experience with this? Is there some ordering of escaping that will work for this, or do I need to find ...
I have a PHP program that uses a Bash script to convert a pdf. However if the filename contains spaces it is not passed through the bash script correctly. How do you escape filenames with spaces within a bash script? Do you have to do something special to quote the filename for the "OUTFILE" variable? Bash script: #!/bin/bash INFI...
For displaying the character & in a button as text, i am using && I would like to display the string % in another one button but the &% does not work. So how can i display the char % By using this btn5.Text = "%" the percentage symbol is not displayed at all! ...
I'm writing a Bash script in which I am running a perl script which requires flags that have double quotes in them. Running the script normally, you would run $ perl script.pl -flag="something" -anotherflag="somethingelse" In my script, I'm using variables in these flags, but would like to preserve the doublequotes, so I have somethin...
I am just learning about escaping things and started reading about how it could be risky to use $_SERVER['HTTP_HOST'] due to XSS attacks. I came up with this and was wondering if I could get some feedback on my attempt. htmlspecialchars( filter_var( $_SERVER[ 'HTTP_HOST' ], FILTER_SANITIZE_URL ), ENT_QUOTES, 'UTF-8' ) Does it...
What's the best way to make psycopg2 pass parameterized queries to PostgreSQL? I don't want to write my own escpaing mechanisms or adapters and the psycopg2 source code and examples are difficult to read in a web browser. If I need to switch to something like PyGreSQL or another python pg adapter, that's fine with me. I just want simple...
If I had a string with escaped commas like so: a,b,{c\,d\,e},f,g How might I use awk to parse that into the following items? a b {c\,d\,e} f g ...
I am templatizing my php.ini using PHP. I have a script to set up a development environment by generating httpd.conf, apachectl, and php.ini from templates using a CLI PHP script. Unfortunately there are literal <? and <?php strings in php.ini (in a comment). Is it possible to escape those somehow so php doesn't interpret them as normal ...
Hi, I have a user form. If the user types in a string with ' or " as part of it I have no problem. The form is submitted and saved correctly to the DB. My problem is when I reload the page (all entries can be modified and are loaded into a list in the jsp before being displayed). On loading the page I get an error saying: missing )...
In the code HTML+Script below, an event handler is attached after page load using setAttribute(...). The event hander is passed an argument which is read dynamically too. the event hander is attached successfully ( verified by a getAttribute(...) However, the handler does not fire. What is wrong with the snippet below? <HTML> <...
I'm doing something like following to transfer value from PHP to javascript: var str = '<?php echo $v; ?>'; If there is no "'" in $v, it'll just be fine. But in case there is "'" in $v, obviously error will be reported. So far I've only used mysql_real_escape, which is not applicable now. ...
Hi all. I've been grappling with the fraught area of escaping user (text) input for web pages. The ultimate goal is to have user input displayed and stored exactly as typed in, without breaking anything. To that end I have been using the following test string : '"$%^&()+=-£{}[]/n/<>\@~;|,.?#:!&``"' It seems to work we...
I have a Rails Builder template: # in app/views/foos/index.xml.builder: xml.Module do |mod| ... mod.Content :type => 'url', :href => foos_url(:bar => 'baz', :yoo => 'hoo') end (It creates the XML for an OpenSocial Module file, but that's not important.) The problem is that the rendered XML lo...
I tried a search and replace across all files in a directory as follows: /usr/bin/perl -p -i -e "s/Else/Else FILE_WRITE(\"C:\\TestDir\\mes.txt","Message received");/g" *.scr That is replace all occurence of Else with "Else FILE_WRITE(\"C:\TestDir\mes_.txt","Message received");" But the replacement is seen to be as follow...