When adding database derived information to a querystring, there is
always the possibility of badly derived data. One of the common
problems is the inclusion of the single apostrophy in the data.
To prevent this causing a javascript error on the page, the data needs
to be encoded with the server.urlencode( ) command.
For example:
onClick="window.open('/model.asp?model=<%=
Server.URLEncode(objRS("product_model"))','model','width=480,height=420,resizable=yes,scrollbars=1');return
false;"
| |
This article viewed: 2541 times |
Back |
Copyright © 2004-2009 Janet Systems Ltd.