Passed value in ASP Pages

Passed value in ASP Pages

• Dan Burnip

  The solution to your problem is quite simple once you know where to look. All variables passed in on the URL (also called the query string) can be retrieved from the QueryString property on the Request object. This is very similar to how it's done in Java.

  The exact line of code you need to do your task is

  pageStatus=Integer.Parse(Request.QueryString.Get("pageStatus"));

  
  
  

• Cheryl Marland

  Use the ampersand '&' to separate values in your url so in your case you'd have something like

  http://www.yourdomain.com/yourpage.aspx pageStatus=somevalue&userID=anotherValue

  Be careful when using variables passed in on the URL. If the right checks aren't put in place, someone can use them to compromise your application's security.

  Well let me clarify that. It will be easier for someone to use them to compromise your app's security.

  
  
  

• Tim Jarvis

  Allan_M wrote:

  I am new to programming web based applications so I spoke to my coworkers about this security issue, and yes, we will be using sessions to store user information instead. Oh, and FYI, you are the second person to advise me to use C# rather than J#. It was my coworker's decision to use J#. I'm not sure why, but I will ask him about it next meeting. I appreciate all your help Mike, thank you.

  Again that's why I come here to help my fellow developer get past the hurdles that I've overcome (through trial and error mostly).

  Also, if you need help getting your application off the ground, I may know a consultant who can provide assistance in that regard as well

  
  
  

• Zeke19801980

  I will try the &. And thank you very much about the security warning. I never thought of that. I will have to think about security now before I run into problems in the future. Thanks Mike!
  

• ampersandz

  I am new to programming web based applications so I spoke to my coworkers about this security issue, and yes, we will be using sessions to store user information instead. Oh, and FYI, you are the second person to advise me to use C# rather than J#. It was my coworker's decision to use J#. I'm not sure why, but I will ask him about it next meeting. I appreciate all your help Mike, thank you.
  
  

• Drakkaris

  Thank you for the response. I got my page working. Now how would I write in the URL multiple values I am passing pageStatus, and say, I want to pass a second value, userID
  

• koulbassa

  Also if you're migrating from Java, I'd recommend C# over J#. J# was intended to help people to migrate programs written in Visual J++ to .Net.

  C# is very close in syntax to Java. It even has a similar API to that of java. For instance, to write to the console in Java you say

  system.Out.println("Hello World");

  In C#, the code is

  System.Console.WriteLine("Hello World");

  
  
  

• Packerfan

  Anytime. Actually passing data in the header is insecure too, it's just more difficult for someone to casually pass in parameters and values.

  For instance, if someone happens to find out the userid of say an administrator on your web app, they can simply pass in that user id and have the access of an administrator without the proper precautions.

  One thing I'd suggest is linking a user to a session on successful login and using the session to store any security related information.

  If you'd like to discuss more with me send an email.

  Michael

  
  
  
• Passed value in ASP Pages