ci ho imbroccato...funziona. risolve gli escape. per i dati in input sottopone il contenuto del textbox ad escape, per i dati in output naturalmente fa l'unescape...
classe TextBox
classe utilscodice:Imports System Imports System.Web Imports System.Web.UI Imports System.Web.UI.WebControls Namespace Common.WebControls Public Class TextBox ' classe TextBox che implementa ' i controlli necessari sui valori di INPUT Inherits System.Web.UI.WebControls.TextBox Private m_escapedText As String Public Property escapedText() As String Get Return m_escapedText End Get Set(ByVal Value As String) m_escapedText = Value End Set End Property Public Overrides Property Text() As String Get If (Me.escapedText Is Nothing) Then ' primo get dopo salvataggio Me.escapedText = Utils.Utils.escapeInputVal(MyBase.Text) Return MyBase.Text Else ' secondo get dopo salvataggio Return Me.escapedText End If End Get Set(ByVal Value As String) Me.escapedText = Value MyBase.Text = Utils.Utils.unescapeOutputVal(Value) End Set End Property End Class End Namespace
codice:Namespace Common.Utils Public Class Utils Public Shared Function getTimeStamp() As String Return System.DateTime.Now.ToString("ddMMyyyyhhmmss") End Function Public Shared Function escapeInputVal(ByVal s As String) As String ' tolgo l'apice singolo che generea errore SQL s = s.Replace("'", "''") Return s End Function Public Shared Function unescapeOutputVal(ByVal s As String) As String ' riconverto i caratteri sottposti ad escape s = s.Replace("''", "'") Return s End Function End Class End Namespace
ciao grassie!!!
Rispondi quotando