Декодирование HTML тегов в SQL
Данную функцию можно использовать как дополнительное средство для защиты от XSS атак (пользователю запрещено сохранять теги в тексте)
ALTER FUNCTION [dbo].[str_htmlEncode]
(
@UnEncoded as varchar(max)
)
RETURNS varchar(max)
AS
BEGIN
DECLARE @Encoded as varchar(500)
--order is important here. Replace the amp first, then the lt and gt.
--otherwise the < will become &lt;
SELECT @Encoded =
Replace(
Replace(
Replace(@UnEncoded,'&','&'),
'<', '<'),
'>', '>')
RETURN @Encoded
END
Additional
SQL. How to move to a new line in a string variable in SQL
SQL. Output HTML markup in crude form (as tags) in SQL
SQL. How to enter a date in a string in the desired format
SQL. How to use select from Storage
SQL. How to write a number in SQL in words
SQL. How to massively upload data to a Database table via CSV (Excel)
SQL-tool for creating personal accounts on the site
The essence of the approach and the history of the creation of Falcon Space
Falcon Space Platform
This is a reduction in the cost of ownership
at the expense of fewer people to support
This is a quick change
while using the program
This is a modern interface
full adaptation for mobile devices
MS SQL web applications. Affiliate program for developers and web studios
You can develop on your own or collaborate with us on Falcon Space web development using only SQL and HTML.
See examples with SQL code
Platform documentation
Component demo stand
At the stand you can see various components in action - tables, forms, modal windows, diagrams, a map, etc.
Solution demo site
Basic solutions that can be flexibly adapted for yourself - change the appearance, business logic and even the structure of the database.
Discuss the project
Ask the initial questions about the project that concern you right now. We will advise you for free and recommend the best solution.