Chr (9), Chr (10), Chr (13), Chr (32), Chr (34) Explain _asp basics

Source: Internet
Author: User
Tags chr control characters trim
Chr (9), Chr (10), Chr (13), Chr (32), Chr (34)
All About ASCII code table: [Url]http://www.asciitable.com/[/url]
Chr (13) is a carriage return
CHR (10) is a newline character.
Chr (32) is a spaces
9\34 is tab, not OK?
Here are some of the columns shown
Special space characters
In ASP programming, we often use the trim (Rtrim,ltrim) function to remove some of the data at the beginning and end of the space, the author recently wrote an ASP chat room, with the following section of code:
<% Dim Name,title
Name=trim (Request.Form ("name"))
Password=trim (Request.Form ("password"))
If Name= "" or password= "" then Response.Redirect "Error.asp?error=name&name=null"
Mydsn= "Dsn=test;uid=test;pwd=test"
Set Cn=server.createobject ("Adodb.connection")
Cn.open MyDSN
Sql= "INSERT into Test (Name,title) VALUES (' &name&" ', ' "&password&") "
Cn.execute (SQL)
Cn.close%>
The author used the Trim function to remove the beginning and end of the space, in general, this program executes very normal, but later I found someone unexpectedly can use a space to come in, meaning that the user's name is completely blank, But the author tried to use the space, but no matter can not pass (that is, the program monitored out), the beginning and end of the space are trimmed function to remove, even if there are spaces in the middle, the author needs to use a function of the middle of the space to remove, because the author uses the SQL database records under the user information, So I suspect he used something else so that the system can not see, so go to the record of the user data SQL database (I used this method to see the user with line breaks), but I still see the database to change the user's data is also a space, Does this mean that the user used a means to bypass my username and password monitoring??? I can't find a bug in the program. So can only ask the user, fortunately this user readily told the author, the original is "alt+255", hold down the ALT key and then press the keypad "2", "5", "5" will produce a more special things "space" Characters (the concept of the author is not quite clear, this is a control character, in some editors can see word2000, there should be other control characters), this space character is different from the traditional press SPACEBAR generated characters, its ASC code is 255, The traditional space type of the ASC code is the 32,trim function can only understand the ASC code 32 code and remove, so there appears a space user situation! In response to this situation, I designed the following two functions to remove this "space" character:
function Xuankong (str)
Dim result
Dim j
J=len (str)
Result= ""
Dim i
For i = 1 to J
Select Case Mid (str,i,1)
Case "<"
Result=result+ "<"
Case ">"
result=result+ ">"
Case Chr (34)
result=result+ "" "
Case "&"
result=result+ "&" The above code converts some HTML tags
Case Chr (255) ' Prevents special spaces
Result=result
Case Chr (13) ' prevents return characters
Result=result+ ""
Case Chr (10) ' prevent line breaks
Result=result+ ""
Case Else
Result=result+mid (str,i,1)
End Select
Next
Xuankong=result
End Function
Then use this function in your ASP program, such as:
Name=xuankong (Trim (Request.Form ("name"))
Because the value of the character 0-z ASC code is 48-122, you can use the following methods to monitor:
Dim j
J=len (Trim (Request.Form ("name"))
For i= 1 to J
If ASC (Mid (name,i,1)) >122 or ASC (Mid (name,i,1)) <48 Then response ... Redirect "Error.asp?"
Error=special "
Next
 
Although this "space" has not been found to damage the program's problems, but it can be disruptive, or good defense, but this space also has a benefit, if you have to use the Internet password, hehe ... I'm afraid not a few people can see it! All I see is space, but it's not ... I'm not familiar with PHP and JSP, so I don't know if this problem exists in either of these things.
Neweguo 2006-1-12 01:55 AM
How to read a space
How to read a space
We often have to dynamically display the content from the file in the Web page, if you write a chat room or a forum program, the content of each speaker must first exist in a text file, and then displayed on the page. But the control that lets users enter content on a Web page is a text box. When the contents of a text box are displayed on a Web page, you cannot display a character like a space or a newline, which means there is no paragraph. To display a paragraph on a Web page, you must insert an HTML flag in the space that we enter the text, the newline character entered prompt to display the characters, see the example below.
If the page is a chat room screen, we enter the content in the text box, click "Submit" can be on the page to display our content, the text box named Text1, we use the following method can be very clever to display text wrapping and space function.
<%
......
......
Str=request.querystring ("Text1")
Str=replace (str, CHR (32), "")
' Replace the space with the &AMP;NBSP sign
Str=replace (str, vbCrLf, "<br>")
' Change the carriage return line break to <br> sign
Response.Write Str
......
......
%>
After the above code, we will change the text in the return line to the browser can recognize the <br> line label, and the space for &nbsp space mark. where Chr (32) represents a space, vbCrLf indicates a carriage return line break.
Neweguo 2006-1-12 01:55 AM
Chr (13) is a carriage return
(
Example: Replace all return characters with <br/>
#Replace (foo, Chr (), "<br/>", "All") #
)
CHR (10) is a newline character.
All About ASCII code table: [Url]http://www.asciitable.com./[/url]
<cfscript>
/**
* An enhanced version of the article paragraph formatting function
* use) to replace the tab, support multiple systems
* Rewrite and Multios support by Nathan Dintenfas.
*
* @param string the string to format. (Required)
* @return Returns a string.
* @author Ben Forta ([Email]ben@forta.com[/email])
* @version 3, June 26, 2002
*/
function Paragrap1hformat2 (str) {
The "I" Windows style into Unix style
str = replace (STR,CHR (&AMP;CHR), Chr (a), "all");
Now make Macintosh style to Unix style
str = replace (STR,CHR), Chr (a), "all");
Now fix tabs
str = replace (STR,CHR (9), "", "all");
Now return the text formatted in HTML
Return replace (STR,CHR (a), "<br/>", "all");
}
</cfscript>

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.