[Opensource] getField() returning "(E)" for data fiel d as "()"

Bradley McGill BMcGill at copyright.com.au
Thu Jun 20 16:19:53 PDT 2002 

All fields when retrieved from a DBOBject are encoded so that special
characters dont have special meanings to a web browser. For example if you
had a data field that read "<script>alert("hello world")</script>" and you
displayed that in a browser, it would execute the script. However if you
encode it, the <>(" charcaters would be encoded and so the browser would not
interpret them, but display them as the actual characters. This is for
security and correctness.
Interstingly if the status of the row is NEW then it is encoded, something
to do with filters i remember. 
The way we got around this (after a fair amount of work) was to add some new
methods to get the field either encoded or not encoded, or to specify which
encoding to use, for example, if you are building a plain text email with
the data fields, you want to use "rawfilter" but for a webpage or html email
you want to use "standardfilter".
We placed these in an extension class of secureddbobject. 

Hope this all helps.

Regards
Brad McGill

Here are the methods


  public synchronized String getField(String fieldName, boolean encoded)
throws Exception {
      if (encoded) {
          return getFieldEncoded(fieldName);
      } else {
          return getFieldNotEncoded(fieldName);
      }   
  }
      
  public synchronized String getField(String fieldName, String encoding)
throws Exception {
     String currentEncoding = getFieldEncoding(fieldName); 
     setFieldEncoding(fieldName,encoding);
     String returnValue = getFieldEncoded(fieldName);
     setFieldEncoding(fieldName,currentEncoding);
     return returnValue;
  }
        
  public void setFieldEncoding(String fieldName, String encoding) throws
Exception {
     DBField oneField = getDBField(fieldName);
     oneField.setFilterMethod(encoding);
  }
  
  public String getFieldEncoding(String fieldName) throws Exception {
     DBField oneField = getDBField(fieldName);
     return oneField.getFilterMethod();
  }
  
  public synchronized String getFieldEncoded(String fieldName) throws
DBException {

    String status = getStatus();
    setStatus("CURRENT");
    String returnValue = getField(fieldName);
    setStatus(status);
    
    return returnValue;
    
}

  public synchronized String getFieldNotEncoded(String fieldName) throws
DBException {

    String status = getStatus();
    setStatus("NEW");
    String returnValue = getField(fieldName);
    setStatus(status);
    
    return returnValue;
    
}


-----Original Message-----
From: Dinesh sampangi [mailto:dineshbsam at yahoo.com]
Sent: Thursday, 20 June 2002 5:47 PM
To: opensource at jcorporate.com
Subject: [Opensource] getField() returning "&#40;E&#41;" for data field
as "()"


hi All,
   The getfield() method on DBOject is returning
"&#40;E&#41;" instead of "(E)". The output is shown
below which is using getField() method on  a DBObject.

Policy Type --------****"Personal Mediclaim"
Agency Code -0--->"National - Ghatkopar&#40;E&#41;
Div"

>>instead of

Agency Code -0--->"National - Ghatkopar(E)Div"

can anybody explain me why this is happenning.

regards
Dinesh B Sampangi

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com
_______________________________________________
Opensource mailing list
Opensource at jcorporate.com
http://mail.jcorporate.com/mailman/listinfo/opensource
Archives: http://mail.jcorporate.com/pipermail/opensource/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.jcorporate.com/pipermail/opensource/attachments/20020621/4dd3cf83/attachment-0002.htm

More information about the Opensource mailing list