where in page cycle to place code?

  • Thread starter Thread starter Daves
  • Start date Start date
D

Daves

in my masterpage codebehind I want to do a final check after the content
page codebehind has been run. Where in the page cycle (in what event) could
I place this code?
 
it dpends on what your final check means. the prerender is the last chance
to add /modify any controls. page unload is called after render, so all
processing that means anything is done.

-- bruce (sqlwork.com)



| in my masterpage codebehind I want to do a final check after the content
| page codebehind has been run. Where in the page cycle (in what event)
could
| I place this code?
|
|
 
ok it's just a short code to check if user has access to the current page
and so to forward him to login page if not. The content page sets the
PageNeedsLogin property which the masterpage code checks for...
so I'd add a void Page_PreRender(...) event function, right?
 
to check access, i'd do it in the onauthenticate request event (in
global.asmx) or oninit if done at page level

-- bruce (sqlwork.com)


| ok it's just a short code to check if user has access to the current page
| and so to forward him to login page if not. The content page sets the
| PageNeedsLogin property which the masterpage code checks for...
| so I'd add a void Page_PreRender(...) event function, right?
|
| | > it dpends on what your final check means. the prerender is the last
chance
| > to add /modify any controls. page unload is called after render, so all
| > processing that means anything is done.
| >
| > -- bruce (sqlwork.com)
| >
| >
| >
| > | > | in my masterpage codebehind I want to do a final check after the
content
| > | page codebehind has been run. Where in the page cycle (in what event)
| > could
| > | I place this code?
| > |
| > |
| >
| >
|
|
 
Daves said:
ok it's just a short code to check if user has access to the current page
and so to forward him to login page if not. The content page sets the
Click to expand...
PageNeedsLogin property which the masterpage code checks for...
so I'd add a void Page_PreRender(...) event function, right?
Click to expand...

Hang on. Wouldn't you want to check permissions BEFORE you populate
the page? Not only are you throwing away a lot of effort, but you're
opening yourself up to some nice security holes too. Imagine a user
calling:

DeleteSomeRecord.aspx?recordID=1000

If you perform all your processing, and only wait until
Page_PreRender() to redirect, the page will have done its thing
already. Redirecting the user would then only stop him from seeing the
"Successfully Deleted Company #1000" message.

First order of business in Page_Load should be to do any security
checking and user redirection.

Good luck!
Jason
http://www.expatsoftware.com/
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

2.0 master pages and codebehind cycle 1
Masterpages and clientscript? 1
Common Class for masterpages 4
Checking Session value 1
Accessing Properties in masterpage from content file 8
Accessing MasterPage Properties from a usercontrol on a contentpage?? 2
Including and Executing JS and CSS from an ASPX within a Master Pa 3
<form> element in pages running under a MasterPage 2

Back
Top