Wasn't sure this posted the first time, apologies if this winds up a
double-post...
To the best of my knowledge, struts does NOT handle this. I have faced this
issue, as I'm sure many have. Here's the code I use to solve it... This is
simply a static method of a Helpers class I reuse throughout most of my
projects... I don't for a second claim it is the best answer, but it does work
for me...
/**
* This method makes a string "safe" for use in JScript. That means that
* aspostrophes, quotes and hard linebreaks are replaced with the
* corresponding escape sequences. This is important because many strings
* passed back to the GUI are inserted into JScript string. If the text
* that is inserted contains quotes, apostrophes or line breaks, it will
* almost certainly break the JScript code. This method should be called on
* any string going back to the GUI. This method also trims the string.
*
* @param inString is the string to make "safe"
* @return A string with escape sequences
*/
public static String jsSafeString(String inString) {
if (inString != null) {
// Trivial rejection: If a quick indexOf doesn't find any quotes,
// apostrophes or carriage return/linefeeds, no need to do the rest
// of the work
if (inString.indexOf("'") == -1 && inString.indexOf("\"") == -1 &&
inString.indexOf("\r") == -1 && inString.indexOf("\n") == -1) {
return inString; // Just return the string as-is in this case
} else { // Must have found at least one of those characters...
// If there are carriage return/linefeeds in the output data, convert
them to \r\n
// Note that the following commented line was the original, preffered
method of doing this,
// but the replaceAll() method of String is apparently new to JDK 1.4,
and since the
// server this was originally run on was only at JDK 1.3.1, the
following kludge was
// used in place of the replaceAll() method. If this is ever run on a
server at level
// 1.4 or higher, this whole mess should probably be deleted and the
following commented
// line should be activated instead...
// return workString.replaceAll("\r\n", "\\\\r\\\\n"));
String workString = inString.trim();
StringBuffer outString = new StringBuffer(workString.length() *
2);
byte[] workStringBytes = workString.getBytes(); // Get byte
array based on input string
// Begin scanning the byte array looking for "unsafe" data to escape
int i = 0;
while (i < workStringBytes.length) {
if (workStringBytes[i] == '\r' && workStringBytes[i + 1] == '\n') {
// Carriage Return + Linefeed
outString.append("\\r\\n"); // Append the correct escape sequence
i = i + 2; // Move two bytes forward in the source array
} else if (workStringBytes[i] == '\'' && (i == 0 || (i > 0 &&
workStringBytes[i-1] != 92))) { // Apostrophe that isn't already escaped
outString.append("\\'"); // Append the correct escape sequence
i = i + 1; // Move to the next byte in the source array
} else if (workStringBytes[i] == '\"' && (i == 0 || (i > 0 &&
workStringBytes[i-1] != 92))) { // Quotation Mark that isn't already escaped
outString.append("\\\""); // Append the correct escape sequence
i = i + 1; // Move to the next byte in the source array
} else if (workStringBytes[i] == '\\' && (i == 0 || (i > 0 &&
workStringBytes[i-1] != 92))) { // Backslash that isn't already escaped
outString.append("\\\\"); // Append the correct escape sequence
i = i + 1; // Move to the next byte in the source array
} else { // Any other chaacter
// Or if it's not carriage return/linefeed, just append the actual
byte and move on...
outString.append((char)workStringBytes[i]);
i = i + 1; // Move to the next byte in the source array
}
}
// All done, return the final string
return outString.toString().trim();
}
} else { // inString was NULL
return "";
}
} // End safeString()
--
Frank W. Zammetti
Founder and Chief Software Architect
Omnytex Technologies
http://www.omnytex.com
On Wed, January 5, 2005 11:12 am, Krishna Mohan Radhakrishnan said:
>
> Hi all,
> This is a javascript function that is being called when a button called
> "Update" is pressed.
>
> Now if the planTitle or verbalDescription has got any apostrophe(') then
> it is throwing up a javascrit error that ) is expected.
>
> Does not struts handle these type of characters like ',",/ etc.
>
> Does anybody has a solution to the problem?
>
> Regards,
> Krishna Mohan R
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
