ASP Encode/Decode Functions

Functions for performing URL encoding and deconding of text as well as URL encoding and decoding for text passed in the querystring.

URL Encode
URL Decode

HTML Encode
HTML Decode

Server.URLEncode

Used for encoding data that will be passed via a querystring variable. A querystring variable is anything following the question mark (?) in the URL (location) field of your browser. You create querystring variables when you perform a redirect or build a hyperlink to another page on your site.
<a href="page2.asp?name=Joe+Schmoe">here</a>
<%
Response.Redirect "page2.asp?ID=3"
%>
In the example above, the hyperlink contains a variable named "name" which has a value of "Joe Schmoe" (the space is encoded as "+") In the Response.Redirect statement, we have a querystring variabled named "ID" with a value of 3. To perform a URL encode on a variable (for purposes of passing this variable to another page) use the following:
<a href="page2.asp?name=<%= Server.URLEncode(sName) %>">
here</a>
<%
Response.Redirect "page2.asp?ID=" &_
    Server.URLEncode(nID)
%>

URLDecode

For some reason, Microsoft did not include a URL decode function with Active Server Pages. Most likely, this was because the decoding of querystring variables is done automatically for you when you access the querystring object:

<%= Request.QueryString("name") %>

For those of you who are desperately in need of this function:

' -----------------------------------------
' URL decode to retrieve the original value

Function URLDecode(sConvert)
    Dim aSplit
    Dim sOutput
    Dim I
    If IsNull(sConvert) Then
       URLDecode = ""
       Exit Function
    End If

    ' convert all pluses to spaces
    sOutput = REPLACE(sConvert, "+", " ")

    ' next convert %hexdigits to the character
    aSplit = Split(sOutput, "%")

    If IsArray(aSplit) Then
      sOutput = aSplit(0)
      For I = 0 to UBound(aSplit) - 1
        sOutput = sOutput & _
          Chr("&H" & Left(aSplit(i + 1), 2)) &_
          Right(aSplit(i + 1), Len(aSplit(i + 1)) - 2)
      Next
    End If

    URLDecode = sOutput
End Function

Server.HTMLEncode

This useful built-in function is very useful for encoding text that should be displayed in a form input. By "form input" we mean a web form control such as a text input, select or textarea control.

You may have noticed that certain characters cause the HTML on your web form to be interpretted incorrectly. Specifically, the HTML tag characters "<" and ">" can have this effect as well as the quote character (") which is used to encapsulate values.
<input type="text" value="<%= Server.HTMLEncode(sValue) %>">

<textarea name="sample" width=38 height=10>
<%= Server.HTMLEncode(sValue) %>
</textarea>
This simple value shows you how easy it is to safely include any value within a web form control.

HTMLDecode

Just like with the URLDecode function described previously, Microsoft, in its infinite wisdom decided not to include an HTMLDecode function with their Server component. It is a relatively simple matter to decode this test data (although I haven't had a need to do this so far.) For completeness sake, here is an HTMLDecode function you may use:
Function HTMLDecode(sText)
    Dim I
    sText = Replace(sText, "&quot;", Chr(34))
    sText = Replace(sText, "&lt;"  , Chr(60))
    sText = Replace(sText, "&gt;"  , Chr(62))
    sText = Replace(sText, "&amp;" , Chr(38))
    sText = Replace(sText, "&nbsp;", Chr(32))
    For I = 1 to 255
        sText = Replace(sText, "&#" & I & ";", Chr(I))
    Next
    HTMLDecode = sText
End Function

ASP Nuke CMS
Free Open Source
Content Manager

GoSwap Auctions
Buy, Sell
No Fees!

| | |

"Never trust a computer you can't throw out a window."

- Steve Wozniak


			Home \| Latest News \| Contribute \| F.A.Q. \| Account \| Scripts \| About