0

我有一个单独的页面,我使用 Server.HTMLEncode 功能对用户在 TextBox 上的 HTMLEditorExtender 内输入的 HTML 进行编码。

我正在尝试将此 HTML 插入到转发器中,如下所示:

<asp:Repeater id="articleList" runat="server">
    <ItemTemplate>
        <div class="itemtemplate">

        <h2><%#Container.DataItem("Title")%></h2>

        <h5>Category:</h5> <%#Container.DataItem("Category")%><br />
        <%#Container.DataItem("decodedHTML")%>
        <%#Container.DataItem("UserName")%>
        <%#Container.DataItem("DateOfPost")%>
    </div>
    </ItemTemplate>
    <AlternatingItemTemplate>
    <div class="altitemtemplate">
     <h2><%#Container.DataItem("Title")%></h2>

        <h5>Category:</h5> <%#Container.DataItem("Category")%><br />
        <%#Container.DataItem("decodedHTML")%>
        <%#Container.DataItem("UserName")%>
        <%#Container.DataItem("DateOfPost")%>
    </div>
    </AlternatingItemTemplate>
    </asp:Repeater>

而我背后的代码:

Sub displayArticles()
    Dim conn As New OleDb.OleDbConnection(ConfigurationManager.ConnectionStrings("BookMeetConnString").ConnectionString)
    conn.Open()
    Dim cmd As New OleDbCommand("SELECT * FROM [UserArticles] ORDER BY DateOfPost DESC", conn)
    Dim inputString As String = "HTMLBody"
    Dim decodedHTML As String = Server.HtmlDecode(inputString)
    articleList.DataSource = cmd.ExecuteReader()
    articleList.DataBind()
    conn.Close()
End Sub

“HTMLBody”是我的数据库中包含编码 HTML 的字段的名称。

不幸的是,我收到了错误

"IndexOutOfRangeException was unhandled by user code".

这里显然有一个问题,在我的 Container.DataItem 语句中引用字符串 decodedHTML,那么我做错了什么?

编辑:来自对 html 进行编码的其他页面的代码:

    Protected Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click

        If String.IsNullOrEmpty(TextBox1.Text) Then
        ErrorMessage.Visible = True
        ErrorMessage.Text = "Your submission is blank. Please write your article first"
        Else
            Dim oleDbConn As New OleDb.OleDbConnection(ConfigurationManager.ConnectionStrings("BookMeetConnString").ConnectionString)
            Dim SqlString As String = "Insert into UserArticles(Title,Category,UserName,DateOfPost,HTMLPost) Values (@f1,@f2,@f3,@f4,@f5)"
            Dim HTMLEncode As String = Server.HtmlEncode(TextBox1.Text)
            Dim cmd As OleDbCommand = New OleDbCommand(SqlString, oleDbConn)
            cmd.CommandType = CommandType.Text
            cmd.Parameters.AddWithValue("@f1", ArticleTitle.Text)
            cmd.Parameters.AddWithValue("@f2", CategoryDropDown.SelectedValue)
            cmd.Parameters.AddWithValue("@f3", User.Identity.Name)
            cmd.Parameters.AddWithValue("@f4", DateTime.Now.Date)
            cmd.Parameters.AddWithValue("@f5", HTMLEncode)
            oleDbConn.Open()
            cmd.ExecuteNonQuery()
            TextBox1.Text = Nothing
            ArticleTitle.Text = Nothing
            CategoryDropDown.ClearSelection()
        End If
End Sub
4

1 回答 1

1

从外观上看,它decodedHTML只是您在代码中创建的字符串。这不能通过您的 .aspx 页面访问。

您应该能够将您的 .aspx 标记更新为;

<%#Server.HtmlDecode(Container.DataItem("[COLUMN_NAME"))%>

其中 [COLUMN_NAME] 是保存编码 html 值的实际表列。

于 2013-05-02T11:59:16.320 回答