I ran into an interesting problem. In our webpage a user can write their own description. We escape all text to make it easy to write (<3 shows up properly and isnt the start of a tag). This also avoids any problems with trying to inject their javascript code or hide something or do anything with html. A side effect is when a user writ...
Hi Folks, I'm trying to implement some URI encoding of filenames in my urls, but am experiencing some strange problems with uri_escape and uri_escape_utf8, where it appears to be behaving inconsistently. Using the perl command line: richard@magic-box:$ perl use URI::Escape; print uri_escape_utf8("\"quotes\"_in_a_filename.pdf"); %22quo...
Hi, I'm binding an Image control to a value set at runtime, but I want to set the FallbackValue to a resource named "checkerboard.png". As Converters aren't applied to FallbackValues I need to use the Pack notation, which leaves me with the following XAML: <Image x:Name="imgButton" Height="{Binding Path=Height}" Width="{Bindi...
I now develop websites and XML interfaces since 7 years, and never, ever came in a situation, where it was really necessary to use the > for a >. All disambiguition could so far be handled by quoting <, &, " and ' alone. Has anyone ever been in a situation (related to, e.g., SGML processing, browser issues, XSLT, ...) where you found...
Hi, I'm trying to use url_for() helper function of Symfony to get some URL's for my web application. url_for() function works well if values of get parameters are numeric. But the weird thing is that if a value of a get parameter is a string, then the next get parameter is escaped in a wrong way. For example; echo url_for("konu/index?...
Sometimes it would be useful to name variables like no programmer should name his or her variables. Of course there's some good reason for conventions and limitations on stoopid variable names, but still I'd be nice. Particularly in a language like R that is used frequently to create graphs and some labels with the graphs. Thus, some lab...
The question is fairly simple but I was not able to find an answer for hours now. What I need to do is: RewriteRule ([^#])#(.*) $1\%23$2 Which basically means I want to url escape the freaking hash sign which comes to me from an external codepiece. backslash (\) does not work to escape this sign... and please don't suggest using %23...
I am very sorry if this question has been asked before, I have searched but I am still quite unsure. With regards to the forward slash "/" when giving a RegEx to RewriteRule or RewriteCond, or anything else related to .htaccess in particular, is there a need to escape the forward slash? Here is an example of what I am trying to achieve...
On a Linux platform, I have C++ code that goes like this: // ... std::string myDir; myDir = argv[1]; // myDir is initialized using user input from the command line. std::string command; command = "mkdir " + myDir; if (system(command.c_str()) != 0) { return 1; } // continue.... Is passing user input to a system() call safe at all? ...
I normally work these things out reasonably quickly, but this one is a headache. I have a shell script that loads some info about where to connect to and how from a text file, this is done using the read command. This works. It stores the arguments to be sent onto RSync in a variable call $rsyncargs. I want to use the RSync arg -e whic...
Hello, I use Python and MySQLdb to download web pages and store them into database. The problem I have is that I can't save complicated strings into database because they are not escaped properly. Is there a function in Python I can use to escape a string for MySQL? I tried with ''' (tiple simple quotes) and """, but it didn't work. I ...
Hi everyone, I am using Zend_Form and I would like one of my elements to not escape. I have the following code, I think it should not escape but it does without fail: In form class: $btc_name = $this->createElement('text','btc_name'); $btc_name->setLabel('Company Name') ->setRequired(true) ->setAttrib('size',4...
Running Jmeter on XP, I have the following scenario: Declare the variable "ServerName" with the value 'serverNameValue' Declare the a variable "TestResultsFolder" with the value 'c:\results\${ServerName}' ... do samplers ... Have a simple data writer save result to "${TestResultsFolder}\file" Unfortunately, The data writer is saving t...
Hello everyone, I'm querying an oracle 9i database with: SELECT * FROM table WHERE column LIKE '%' || ‘someText’ || '%' ESCAPE '\'; and it fails with the error "escape character must be character string of length 1" ( ORA-01425 error), while succeeding in an oracle express 10g database. Making it a double backslash (ESCAPE '\\') solv...
I want to insert a record into MySQL that has a non-ASCII Unicode character, but I'm on a terminal that doesn't let me easily type non-ASCII characters. How do I escape a Unicode literal in MySQL's SQL syntax? ...
Using richfaces fileUpload component has some issues when displaying custom labels containing chars like ö, ä, ü ... DO_ADD=Hinzufügen <rich:fileUpload id="upload" fileUploadListener="#{controller.upload}" maxFilesQuantity="1" immediateUpload="true" allowFlash="false" acceptedTypes="csv" addControlLabel="#{msgs.DO_AD...
JavaScript allows for having unicode escape sequences in identifier names... for example: var \u0160imeVidas = "blah"; The above variable starts with the (croatian) letter Š, so that the complete name of the variable is "ŠimeVidas". Now, this is neat, but what's the point? Is there any scenario where this feature may be of any use? -...
I need to use double quotes in a string that uses the @ symbol. Using double quotes is breaking the string. I tried escaping with \, but that doesn't work. Ideas? ...
I've been working on a forum-like system, which does not allow for HTML formatting. The method I currently use is to escape HTML entities before they get inserted into the database. I've been told (in relation to XSS vulnerabilities) that I should insert the raw comment into the database, and escape HTML entities upon output. Other ques...
Is there a standard C header containing ansi escape sequences for say vt100 ? ...