Home/ Questions/Q 6362955
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T23:58:27+00:00

I am using ColdFusion 9. I can’t find a means to successfully output a

  • 0

I am using ColdFusion 9.

I can’t find a means to successfully output a single quote into a text field.

I create form fields using a CFSCRIPT user defined function. (I’ve minimized the options for the sake of simplicity for this example.)

When my output contains a single quote, the text field gets totally screwed up, be sure to run the example and view the HTML. I have tried using PreserveSingleQuotes() every conceivable way possible. 

// USE EITHER STRING
MyString = "This string works fine.";
MyString = "This single quote's the problem!";
writeOutput(createInputBox(MyString));

// CREATE TEXT INPUT
function createInputBox(Value) {
    LOCAL.Properties = " value='#preserveSingleQuotes(ARGUMENTS.Value)#'";
    LOCAL.Item = "<input size='50' type='text' #LOCAL.Properties# />";
    return LOCAL.Item;
}

Do you know of a solution?
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
ANSWER

Get rid of the preserveSingleQuotes() function, as it does nothing outside of a SQL block. (Thanks Adam!).

LOCAL.Properties = " value='#ARGUMENTS.Value#'";

Then, get rid of the single quotes and replaced with escaped double quotes:

LOCAL.Properties = " value=""#ARGUMENTS.Value#""";

This will still choke on strings like this though:

MyString = "This is my F#@'''""$":""ing  problem!";

So, add the htmlEditFormat() function like this:

LOCAL.Properties = " value=""#htmlEditFormat(ARGUMENTS.Value)#""";

Thanks for the help!!!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    A single quote should not give you a problem in an attribute value in HTML, unless:
    * you’re not quoting the attribute values, eg:

    <input value=#myvar#>

    The solution here is to quote your attributes, eg:

    <input value="#myvar#">

    or
    * you are quoting your attributes, but are using single quotes :

    <input value='#myVar#'>

    Will end up being:

    <input value='value with a ' in it'>

    This – of course is invalid mark-up: the browser sees the value as ‘value with a ‘, and the rest of it is just garbage.

    If you need to do this:
    * switch to using double-quote delimiters
    * use htmlEditFormat() around your variable value (this will escape embedded double-quotes).

    To troubleshoot this sort of thing, ALWAYS look at the HTML source. This will help you work out what’s going on.

    NB: to everyone mentioning preserveSingleQuote(): this function does NOTHING outside of a CFQUERY block. So it’s not going to help here.

    • 0