locked
How to get rid of HTML Entities in an Alertbox RRS feed

  • Question

  • User2103134756 posted

    I'm using JavaScript here but this is the closest forum to the subject that I could post in. I have small script I dynamically attach to a delete linkbutton on a gridview. It confirms the deletion. In the alert box, the name field is shown. Normally this works fine unless I have an apostrophe or an ampersand. When that's the case, I get the '&' and ''  instead of the characters. I was using the e.Row.Cells[col_num].Text.ToString(); but got blank text in the name field so I switched to casting a label with FindControl. That got the name but I still have the same problem when an '&' is in the name and when an apostrophe is present, the alertbox doesn't appear and there's a postback so the record gets deleted without confirmation. Found a number of ways on various sites but none of them work. This is in the RowDataBound event for the gridview.

    Label lbl = (Label)e.Row.Cells[1].FindControl("lblArtistName");
    string recordName = lbl.Text;
     
    //gets the delete cell for the button 
    deleteCell = e.Row.Cells[ARTISTS_DELETE_COL];
    
    //get linkbutton control
    lbDelete = (LinkButton)deleteCell.Controls[1];
    
    //if it's there, add the javascript and 
    //change the style and button back to enabled
    if (lbDelete != null)
    {
    	//Adds the javascript attribute that confirms a delete.
    	lbDelete.Attributes.Add("onClick", "return deleteConfirm('" + recordName + "');");
    	lbDelete.ControlStyle.CssClass = "GvCmd";
    	lbDelete.Enabled = true;
    }

    Saturday, July 13, 2019 10:19 PM

All replies

  • User2103134756 posted

    Somehow some lines got switched around and I was adding the attribute prior to binding the gridview so the changes were being overwritten. That's why after a save there was no javascript. But the problem with the html entities, the reason for the post is still there. I've tried encode/decode and encodeURI/decodeURI but it still doesn't work.

    Sunday, July 14, 2019 8:55 PM
  • User-474980206 posted

    the onclick is an html attribute. an & inside should render as &, so that:

      <button type="button" onclick="alert('John &amp; Sons')">click me</button>
    
    will alert "John & Sons". I haven't used webforms in years, but perhaps you are getting double encoding.

    Sunday, July 14, 2019 11:12 PM
  • User839733648 posted

    Hi oneillj,

    To get rid of HTML Entities in an Alertbox, you could use the code like following :

    var encoded = "This is &ads'afddf;' string";
    var decoded = $("<div/>").html(encoded).text();

    Reference: https://stackoverflow.com/questions/14937169/html-entities-in-a-javascript-alert 

    Here is a demo I've created and hope it will be helpful to you.

    .aspx

    <!DOCTYPE html>
    
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head runat="server">
        <title></title>
        <script src="https://code.jquery.com/jquery-3.3.1.min.js"></script>
        <script>
            function deleteConfirm(ename) {
                var ename = $("<div/>").html(ename).text();
                var result = confirm("Are you sure you want to delete " + ename);
                if (result) {
                    return true;
                }
                else {
                    return false;
                }
            }
        </script>
    </head>
    <body>
        <form id="form1" runat="server">
            <asp:GridView ID="GridView1" runat="server" AutoGenerateColumns="False" DataKeyNames="Eid" OnRowDataBound="GridView1_RowDataBound">
                <Columns>
                    <asp:BoundField DataField="Eid" HeaderText="Eid" />
                    <asp:BoundField DataField="Ename" HeaderText="Ename" />
                    <asp:BoundField DataField="age" HeaderText="age" />
                    <asp:BoundField DataField="sex" HeaderText="sex" />
                    <asp:TemplateField>
                        <ItemTemplate>
                            <asp:LinkButton ID="LinkButton1" runat="server" >Delete</asp:LinkButton>
                        </ItemTemplate>
                    </asp:TemplateField>
                </Columns>
            </asp:GridView>
        </form>
    </body>
    </html>

    code-behind.

            protected void Page_Load(object sender, EventArgs e)
            {
                if (!IsPostBack)
                {
                    BindData();
                }
            }
            string constr = ConfigurationManager.ConnectionStrings["EmployeeManagementConnectionString"].ConnectionString;
            private void BindData()
            {
                SqlConnection con = new SqlConnection(constr);
                string myquery = "SELECT * FROM tb_info";
                SqlCommand cmd = new SqlCommand(myquery, con);
                con.Open();
                SqlDataAdapter sda = new SqlDataAdapter(cmd);
                DataSet ds = new DataSet();
                sda.Fill(ds);
                con.Close();
                GridView1.DataSource = ds;
                GridView1.DataBind();
            }
    
            protected void GridView1_RowDataBound(object sender, GridViewRowEventArgs e)
            {
                if (e.Row.RowType == DataControlRowType.DataRow)
                {
                    string ename = e.Row.Cells[1].Text;
                    LinkButton lnkBtn = (LinkButton)e.Row.FindControl("LinkButton1");
                    lnkBtn.Attributes.Add("onclick", "return deleteConfirm('" + ename + "')");
                }
            }

    result:

    Best Regards,

    Jenifer

    Monday, July 15, 2019 8:27 AM