<%@LANGUAGE="JScript" %> <% // Write a user entered value into the HTML page safely. function writeSafeValue( sName ) { var sValue; sValue = "" + Request.QueryString( sName ) + ""; try { if( typeof( sValue ) == "string" ) { if( sValue != "undefined" ) { // Do net let the user attempt to input HTML Code or // SSI (Server Side Include) directives. sValue = sValue.replace( //g, ">" ); sValue = sValue.replace( /\"/g, """ ); } else { sValue = ""; } } } catch( e ) { // Catch and display any errors that occur. Response.Write( "writeValue( "" + sName + "" ) ERROR " + e.number + ": " + e.description + " - sValue: " + sValue ); sValue = ""; } Response.Write( sValue ); } %> Untitled 1
First Name:
">
Last Name:
">
Phone:
("> ) - "> - ">
Email:
">
Subject:
"/>
> > > "> "> "> ">