I'm trying to capture comments from a textarea field to add to a
database but I cannot figure out how to deal with escaping the data.
<form action="review.rhtml" method="post">
<input type="hidden" name="date" value="<%=today%>">
<label for="comment">Your Comment:</label>
<br>
<textarea name="comment" cols="60" rows="5"></textarea>
<p><input type="submit" value="Submit Review"></p>
</form>
Is there something I can do to "<%=comment%>" to handle '' "" etc.
I'm trying to capture comments from a textarea field to add to a
database but I cannot figure out how to deal with escaping the data.
<form action="review.rhtml" method="post">
<input type="hidden" name="date" value="<%=today%>">
<label for="comment">Your Comment:</label>
<br>
<textarea name="comment" cols="60" rows="5"></textarea>
<p><input type="submit" value="Submit Review"></p>
</form>
Is there something I can do to "<%=comment%>" to handle '' "" etc.
Many thanks any help is appreciated
You can escape characters in several different ways. The CGI class is handy here, too. Example follows:
It there is some string in particular you are looking for, you can search for it with include?, and so on, using the String class, see docs here: http://www.ruby-doc.org/core/classes/String.html
It there is some string in particular you are looking for, you can
search for it with include?, and so on, using the String class, see docs
here: class String - RDoc Documentation
Did you have a more specific problem in mind?
Casimir Pohjanraito
Casimir
Thanks for the tips. You gave me enough of a hint to to solve most of
the problem. There still seems to be a problem with characters like %