[CLOSED] How to escape HTML characters in report data
We have a number of reports that pull user comment fields from the database, and being that they're comments, they can have any text the user chose to put in. A recent example is a user put in a comment for some email addresses they copied from a mail program, so the data looked something like this:
<fred.worker@company.com> Fred Worker; <sally.admin@company.com> Sally Admin
The problem is that when running the report with comments like this, in HTML format the email just doesn't show, and in Excel, you get an error about unreadable content, then it tries to repair it, and the result is a mess of an unusable report.
In both cases, it's because the HTML or the XML (in the case of Excel output) reads it as an element, not as text, which also leads me to believe that someone could put script elements in their comments that would be executed when the report is run, which I'm not exactly afraid of since this is an internal system, but still, I can't believe there wouldn't be a way of HTML escaping a field at will.
I searched the forums, but only found stuff recommending using CTRAN or STRREP to replace individual characters, but that's an unworkable solution because we don't necessarily know what the characters will be, and again, we have a number of reports and a number of these types of comments fields.This message has been edited. Last edited by: J.Hines,
"There is no limit to what you can achieve ... if you don’t care who gets the credit." Roger Abbott
August 05, 2015, 05:04 PM
Francis Mariani
Interesting that these two functions, XMLENCOD and XMLDECOD are not specified in the WebFOCUS 8 documentation - "Nothing found." in the WebFOCUS Release 8.0 Version 08 documents.
Francis
Give me code, or give me retirement. In FOCUS since 1991
Production: WF 7.7.05M, Dev Studio, BID, MRE, WebSphere, DB2 / Test: WF 8.1.05M, App Studio, BI Portal, Report Caster, jQuery, HighCharts, Apache Tomcat, MS SQL Server
August 05, 2015, 05:12 PM
dhagen
quote:
Originally posted by Francis Mariani: Interesting that these two functions, XMLENCOD and XMLDECOD are not specified in the WebFOCUS 8 documentation - "Nothing found." in the WebFOCUS Release 8.0 Version 08 documents.
Embrace the GUI! It's all in there (well, in the meta-data tool in the DMC at least). The doc will catch up eventually.
"There is no limit to what you can achieve ... if you don’t care who gets the credit." Roger Abbott
August 05, 2015, 06:20 PM
Waz
Another Gem found.
Waz...
Prod:
WebFOCUS 7.6.10/8.1.04
Upgrade:
WebFOCUS 8.2.07
OS:
Linux
Outputs:
HTML, PDF, Excel, PPT
In Focus since 1984
Pity the lost knowledge of an old programmer!
August 06, 2015, 04:16 AM
Tony A
Make a note that the parameters for XMLENCOD are incomplete. They should be -
Thanks dhagen, that's helpful, but is this then on a field-by-field basis that I'd have to add a define to every report? I was hoping there'd be a setting for either the entire report or, even better, something that could be done in the master file once.
