Interesting function, unfortunately is didn't work at first. I replaced the "& " for "&" (and a multitude of other thies) but still joy. as soon as there is an & in the script is seems to think it is a new variable when I try to POST.
I then thought a bit more (coffee, coffee and more coffee) and realised that I was thinking backwards. The escape sequences I used were wrong. I modified the data in the database to include the characters, modified the ASP to return the string to a browser window and checked the result and there it was.
& = %26 not &
# = %23
% = %25
: = %3A
I will now reform your function to include these additional characters. It might take a little while on large blocks of text but I am sure it is the on the right track
One strange thing that I also discovered is that the \ character is changed to / in the return from the DB.