 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / General / February 2008Thoughts on Passing Information to Another Page
I'm finally getting the hang of ASP.NET. But one thing I still struggle with is when I want to open a page and pass that page some information. Here are some choices I have: 1. Pass it as a query string. This works for some tasks. But for other tasks, this is neither private nor safe from being modified by casual users. 2. Use PreviousPage. This also works for some tasks. But when the data to be passed is not really part of the page, then this model seems to break down. 3. Set a Session variable. This is both private and secure and works well. However, it's a little awkward to "clean up" and using this technique regularly would result in a bunch of memory being wasted for each session unless you had a clean way to delete those variables after they were used. I'm just curious if others have found a better approach. I'm starting to think about using ViewState in the previous page and then using PreviousPage to access that ViewState. Assuming that's possible, that approach is both private and secure as well as "self-cleaning". I'd need to think about it some more to decide how much I like that. Thanks.  SignatureJonathan Wood SoftCircuits Programming http://www.softcircuits.com FYI - Using ViewState is neither private or secure. The hash that Microsoft uses to code (not encrypt) the ViewState string is well-known and there are many tools available to decode the string. If you need a secure way of passing the data you could use the encryption classes in .NET to encrypt the data you want to pass and then pass it using any of the methods below. Don't forget about the most robust solution, passing the data to a database and then retrieving it later. -Scott > I'm finally getting the hang of ASP.NET. > [quoted text clipped - 21 lines] > > Thanks. Scott, > FYI - Using ViewState is neither private or secure. > > The hash that Microsoft uses to code (not encrypt) the ViewState string is > well-known and there are many tools available to decode the string. Yes, good point. Is it just base64? > If you need a secure way of passing the data you could use the encryption > classes in .NET to encrypt the data you want to pass and then pass it > using any of the methods below. I'm so far relatively unfamilier with these. If there's a way to checksum the data to prevent trying to decrypt something that the user just typed in, that would definitely be something to explore. > Don't forget about the most robust solution, passing the data to a > database and then retrieving it later. Right. But that's not really more secure than setting a Session variable, is it? Thanks. SignatureJonathan Wood SoftCircuits Programming http://www.softcircuits.com Session is efficient and doesn't use a lot of memory if you don't store complex objects. It's also easy to remove a session item after you are done with it, so I cannot say I agree with your statements. However I have successfully used compressed cookies (compressed via LZMA / 7ZIP) as an alternative to Session. -- Peter Site: http://www.eggheadcafe.com UnBlog: http://petesbloggerama.blogspot.com MetaFinder: http://www.blogmetafinder.com > I'm finally getting the hang of ASP.NET. > [quoted text clipped - 19 lines] > > Thanks. It's easy to remove a session item, but with complex code, it's even easier to have paths that fail to remove it. I don't yet know enough to use cookies to pass information or judge how efficient/secure it is. Thanks. SignatureJonathan Wood SoftCircuits Programming http://www.softcircuits.com > Session is efficient and doesn't use a lot of memory if you don't store > complex objects. It's also easy to remove a session item after you are [quoted text clipped - 38 lines] >> >> Thanks. another way...maybe Context.Items Example: ------------------- Dim Context As HttpContext Context = HttpContext.Current Context.Items.Add("miEjemplo", "UnEjemplo") Server.Transfer("Pagina2.aspx") another page... Pagina2.aspx Dim Context As HttpContext Context = HttpContext.Current If Context.Items.Contains("miEjemplo") Then Me.lblTest.Text = CType(Context.Items("miEjemplo").ToString, ... Links: ---------------- HttpContext http://msdn2.microsoft.com/es-es/library/system.web.httpcontext.aspx Passing values from a page to another by means of the Context object http://www.devx.com/vb2themax/Tip/18847 State management with Context.Items in ASP.NET http://www.csse.monash.edu.au/courseware/cse2030/2004/state.html ______________________ Jose A. Fernandez blog: http://geeks.ms/blogs/fernandezja > It's easy to remove a session item, but with complex code, it's even easier > to have paths that fail to remove it. [quoted text clipped - 55 lines] > >> SoftCircuits Programming > >>http://www.softcircuits.com Interesting. I'm looking into this. Thanks. SignatureJonathan Wood SoftCircuits Programming http://www.softcircuits.com > another way...maybe Context.Items > [quoted text clipped - 93 lines] >> >> SoftCircuits Programming >> >>http://www.softcircuits.com Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.