JQuery 自动完成调用中的撇号
下面的代码在搜索任何不包含撇号的名称时有效。当您尝试查找名字中带有撇号的人时,它会失败(返回错误)。我怎样才能找到带有撇号的人?
function autoComplete() {
$(document).ready(function () {
$(".AutoCompleteClass").autocomplete({
source: function (request, response) {
$.ajax({
url: "/Service/NomineeWebService.asmx/GetMatchingActiveDirectoryUsers",
data: "{ 'SearchCharacters': '" + request.term + "' }",
dataType: "json",
type: "POST",
contentType: "application/json; charset=utf-8",
dataFilter: function (data) { return data; },
success: function (data) {
response($.map(data.d, function (item) {
return {
id: item.NomineeUserName,
value: item.NomineeLastNameFirstName + " - " + item.NomineeDomainAndUserName,
data: item
}
}))
},
error: function (XMLHttpRequest, textStatus, errorThrown) {
alert(textStatus);
}
});
},
delay: 150,
minLength: 3,
select: function (event, ui) {
$('.SelectedUserNameWrapper input[type=hidden]').val(ui.item.id);
}
});
});
$('#AutoCompleteTextBox').keypress(function (event) {
if (event.which == '13') {
alert('test');
$('#AutoCompleteButton').click();
}
The code below works when searching for any name that does not contain an apostrophe. When you attempt to find someone with an apostrophe in their name it fails (returns error). How can I allow to find people with apostrophes?
function autoComplete() {
$(document).ready(function () {
$(".AutoCompleteClass").autocomplete({
source: function (request, response) {
$.ajax({
url: "/Service/NomineeWebService.asmx/GetMatchingActiveDirectoryUsers",
data: "{ 'SearchCharacters': '" + request.term + "' }",
dataType: "json",
type: "POST",
contentType: "application/json; charset=utf-8",
dataFilter: function (data) { return data; },
success: function (data) {
response($.map(data.d, function (item) {
return {
id: item.NomineeUserName,
value: item.NomineeLastNameFirstName + " - " + item.NomineeDomainAndUserName,
data: item
}
}))
},
error: function (XMLHttpRequest, textStatus, errorThrown) {
alert(textStatus);
}
});
},
delay: 150,
minLength: 3,
select: function (event, ui) {
$('.SelectedUserNameWrapper input[type=hidden]').val(ui.item.id);
}
});
});
$('#AutoCompleteTextBox').keypress(function (event) {
if (event.which == '13') {
alert('test');
$('#AutoCompleteButton').click();
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我找到了这个问题的解决方案,我们应该用转义字符替换所有“'”。代码如下所示
I found resolution to this issue, we should replace all "'" with escape characters. Code looks like below
听起来单引号(在您的输入中)可能需要在用于查询数据库之前进行转义。尝试用这样的内容替换 AJAX 调用的“数据”部分:
我的 jQuery 语法可能有点不对劲,但希望这能传达我想说的内容。
如果这样做的话,您可能会在以后的其他特殊字符中遇到这个问题。
注意: 额外的单引号是 mySQL 和 SQL Server 中单引号的“转义字符”。您没有提到您正在使用什么 RDBMS,所以它对您来说可能会有所不同。
强制:您可能知道这一点,但希望您没有将“request.term”值与服务器端的 SQL 查询连接起来。这会让你容易受到 SQL 注入 =)
It sounds likely that the single-quotes (in your input) need to be escaped before being used to query the database. Try replacing the "data" portion of your AJAX call with something like this:
My jQuery syntax might be a little off, but hopefully that conveys what I'm trying to say.
If that does it, you might run into this problem with other special characters too down the road.
Note: An extra single quote is the "escape character" for single quotes in mySQL and SQL Server. You didn't mention what RDBMS you're using, so it might be different for you.
Obligatory: You probably know this, but hopefully you're not concatenating that "request.term" value with an SQL query on the server-side. That would make you vulnerable to SQL Injection =)
有点奇怪,但我最终做了这样的替换: request.term.replace("'", "%27")
然后在我的网络服务上,我拦截并替换回使用撇号:
SearchCharacters = SearchCharacters.Replace("%27", "'");
并将其传递给我的数据库调用。
这有效。它是自动完成插件或 jquery 中的东西。既然这有效,我将使用它并继续前进。
感谢您的所有建议。顺便说一句,所有的逃避对我都不起作用......
再次感谢......
Kind of quirky, but I ended up doing the replace like this: request.term.replace("'", "%27")
Then on my web service, I intercept and replace back to using the apostrophe:
SearchCharacters = SearchCharacters.Replace("%27", "'");
and pass that to my database call.
This works. It is something in the autocomplete plugin or jquery stuff. Since this works, I will use it and move on.
Thanks for all the suggestions. By the way, none of the escaping worked for me...
Thanks again...