NetTalk Central

Author Topic: Alert Message  (Read 4279 times)

Gordon Holfelder

  • Jr. Member
  • **
  • Posts: 92
    • View Profile
    • Email
Alert Message
« on: February 14, 2011, 08:59:34 AM »
Hi Bruce-

I have a stored procedure that validates the password for our application. The return from the procedure indicates the type of error that was encountered. This is then assigned to loc:Alert to display the error back to the user. There appears to be a couple of problems with this:
  • Any special characters are escaped and displayed in the message box
  • A quote or a cr/lf in the message prematurely ends the message (and leaves a hanging error in the browser)
  • If the error is to long, it is difficult to read in the browser (jquery problem?)

See the attached screen shot. ntws 5.15 c74.7900

Thanks,
Gordon

[attachment deleted by admin]
« Last Edit: February 14, 2011, 09:02:00 AM by Gordon Holfelder »

charl99

  • Full Member
  • ***
  • Posts: 185
    • View Profile
    • Email
Re: Alert Message
« Reply #1 on: February 15, 2011, 12:06:26 AM »
Gordon,

I'll make my list of special characters shorter if I were you, exlude quotes and &'s for one, maybe some more.

Btw, the message box in Clarion is also limited as to size.

Cheers
Charl

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11244
    • View Profile
Re: Alert Message
« Reply #2 on: February 15, 2011, 07:17:05 AM »
Noted Gordon - I'll check into it.

cheers
Bruce

Gordon Holfelder

  • Jr. Member
  • **
  • Posts: 92
    • View Profile
    • Email
Re: Alert Message
« Reply #3 on: February 15, 2011, 08:59:47 AM »
Hi Bruce-

Thanks for looking at this.

The point is that the processing for the message on the page has to be different than the what is sent to the Java Script. In the generated code:

     p_web.Script('alert('''&clip(loc:alert)&''');')

has the potential for generating bad code. The loc:alert is being used by us lowly programmers and in my case, I can't even guarantee what the contents of the message will contain. We have places in our system where we allow the user to define the error that is to be displayed.

As far as limiting special characters are concerned, advice noted. But what about <>? They have the same problem and I can envision using those in messages.

Regards,
Gordon

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11244
    • View Profile
Re: Alert Message
« Reply #4 on: February 15, 2011, 10:07:50 PM »
Clearly, it should handle any characters.

Cheers
Bruce

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11244
    • View Profile
Re: Alert Message
« Reply #5 on: February 17, 2011, 11:36:24 PM »
fixed in 5.16

Gordon Holfelder

  • Jr. Member
  • **
  • Posts: 92
    • View Profile
    • Email
Re: Alert Message
« Reply #6 on: February 18, 2011, 09:05:53 AM »
Thanks!