All variables in RXML 2 are accessed through entities, e.g.
By default, an entity will be HTML encoded, that is, < will be
inserted as <, > as > and & as
&. However, there are instances when that is not what you
want, for example, when inserting entities into SQL queries.
Therefore, the encoding can be controlled by applying another
encoding scheme on the entity, &scope.entity:scheme;.
<sqlquery query="SELECT * FROM db WHERE name='&form.name:mysql;'">
Available Encoding Schemes
No quoting. This is dangerous and should never be used unless you have
total control over the contents of the variable.
The default quoting, for inserting into regular HTML or RXML. Encoded
characters are &, <, >, ", '
and the null character.
For inserting variables into URLs. Encoded characters are the null character,
space, tab, the newline character, the carriage return character, %,
', ", #, &, ?, =, / and :.
Uses a subset of the URL encoding scheme. Characters & and ?
are not encoded as it would make inserting i.e. variables into
http-strings impossible. Encoded characters are the null character,
space, tab, the newline character, the carriage return character,
%, ' and ".
Uses a subset of the URL encoding scheme. Only the characters =,
,, ; and % are encoded.
For inserting into Pike strings, for use with the <pike> tag.
Encoded characters are ", \ and the newline character.
the formfeed character, the newline character, the return carriage character,
tab, \, ' and ".
For inserting into MySQL SQL queries. Encoded characters are ", '
For inserting into MySQL SQL queries in pike strings. Encoded characters
are ", ', \ and the newline character.
For inserting into SQL queries. Encoded character is '.