Html encoding before Process httpRequest

Html encoding before Process httpRequest

sarooptrivedisarooptrivedi Posts: 62Questions: 19Answers: 2
edited October 23 in Free community support

In my database I store the data with html encoding Test&Test. The actual value is Test&Test.

While I search the Test& then it is return the value on Process but when I add Test&Tthen Process not return any value.

The query is Select [Name] FROM [V_Test] WHERE ([Name] like '%Test&T%' WHERE (1=1) ORDER BY [ID] desc OFFSET 0 ROWS FETCH NEXT 25 ROWS ONLY

Is that any way we can manipulate the search value and pass the '%Test&T%' ?
Link to test case:
Debugger code (debug.datatables.net):
Error messages shown:
Description of problem:

This question has an accepted answers - jump to answer

Answers

  • kthorngrenkthorngren Posts: 21,336Questions: 26Answers: 4,951

    I'm guessing you have server side processing enabled. Are you typing Test&T into the global search input or into a column search input? If using a column search input you could replace & with &amp before executing the column().search().

    If this doesn't help then please provide more information of how you are performing the search.

    Kevin

  • sarooptrivedisarooptrivedi Posts: 62Questions: 19Answers: 2
    edited October 24

    Yes. I am working on server side. But I am using search builder and global search. Search is part of http request form collection in .net.
    I have one option that I do html encoding inside sql view. But it is affecting query performance.

  • allanallan Posts: 63,498Questions: 1Answers: 10,471 Site admin
    Answer ✓

    If you store the data HTML encoded, and the search is being done against the database, you'd need to HTML encode the search term as well. Can you not just do that before you perform the search?

    Allan

  • sarooptrivedisarooptrivedi Posts: 62Questions: 19Answers: 2

    Figure out encode the HTML form before request submit to the Datatables.net for process.

      Dictionary<string, StringValues> dictValues = new Dictionary<string, StringValues>();
          foreach (var f in Request.Form)
          {
              if (f.Key.Contains("search[value]") || (f.Key.StartsWith("searchBuilder[criteria]") && f.Key.Contains("[value")))
              {
                  dictValues.Add(f.Key, HttpUtility.HtmlEncode(f.Value));
              }
              else
              {
                  dictValues.Add(f.Key,f.Value);
              }
          }
          var fc = new FormCollection(dictValues);
          Request.Form = fc;
    
Sign In or Register to comment.