Passing data between pages?

  • Thread starter Thread starter Smokey Grindle
  • Start date Start date
S

Smokey Grindle

For a website that has users logged into it using sessions, its it best to
pass data between pages in session variables or through query strings?
 
My preference is to use Server.Transfer and HTTPContext.Items to pass data
between pages, and I am willing to live with out-of-sync URL. I minimize the
use of session to absolute mininal for resource conservation reason. I do
not use query string ask I don't like people hacking with the query strings.
If I were to use query string I would encrypt it.
 
It depends on what data you are passing, how much data you are passing and
how that data will be used.

If the data needs to be secured or there will be more than 1K of data, then
QueryStrings are out. On the other hand, sessions (if not used right) can
be costly to the server and in web farm environments won't work.

The most secure and robust way is to store the data in a database.
 
Here's another nice, simple way to pass values from one page to another:
(VB.NET code)

'Add data to the context object before transferring
Context.Items("myParameter") = x
Server.Transfer("handle_error.aspx ")

Then, in handle_error.aspx.aspx:

'Grab data from the context property
Dim x as Integer = CType(Context.Items("myParameter"),Integer)

Of course there are a number of ways to pass values from one page to another
besides the querystring there are cookies, session, context, saving to a
temporary table in the database between each page, etc.
You'll have to decide which technique is best for your application.

Here are more good articles on the subject:
http://SteveOrr.net/faq/PassValues.aspx
http://www.aspalliance.com/kenc/passval.aspx
http://msdn.microsoft.com/msdnmag/issues/03/04/ASPNETUserState/default.aspx
 
well for example I need to pass this set of information from page to page
which may different pages may change the information..

Folder (path on a hierachy of data currently on, string under 200 chars)
MessageID (ID of node in the folder, Int64)
ActionGUID (Unique ID of last action performed)

besides that, not much else will be there...
 
That's the point of asking whats the best method of doing this, I'm trying
to get rid of query strings, I just dont know how best to handle it
 
Well, if you see my first response, I mentioned that if security is an
issue, QueryStrings are out.
 
Back
Top