473,324 Members | 2,313 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,324 software developers and data experts.

Cookie to textbox?

What am I doing wrong here?

<%
UserID = Request.Cookies("emu")("UserID")
%>

<TABLE>
<TR>
<TD>UserID: <INPUT id=UserID value="<%=UserID%>"></TD>
</TR>
</TABLE>

The textbox shows <%=UserID%> and not the value.

Any ideas?

Thanks!
Jul 19 '05 #1
9 1848
<TD>UserID: <INPUT id=UserID value="<%=UserID%>"></TD>

should be

<TD>UserID: <INPUT id=UserID value=<%=UserID%>></TD>

--
Curt Christianson
Owner/Lead Developer, DF-Software
Site: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"vbMark" <no@email.com> wrote in message
news:Xn************************@130.133.1.4...
What am I doing wrong here?

<%
UserID = Request.Cookies("emu")("UserID")
%>

<TABLE>
<TR>
<TD>UserID: <INPUT id=UserID value="<%=UserID%>"></TD>
</TR>
</TABLE>

The textbox shows <%=UserID%> and not the value.

Any ideas?

Thanks!

Jul 19 '05 #2
Code looks good to me, what is the value in the cookie?

--
Manohar Kamath
Editor, .netWire
www.dotnetwire.com
"vbMark" <no@email.com> wrote in message
news:Xn************************@130.133.1.4...
What am I doing wrong here?

<%
UserID = Request.Cookies("emu")("UserID")
%>

<TABLE>
<TR>
<TD>UserID: <INPUT id=UserID value="<%=UserID%>"></TD>
</TR>
</TABLE>

The textbox shows <%=UserID%> and not the value.

Any ideas?

Thanks!

Jul 19 '05 #3
"Manohar Kamath" <mk*****@TAKETHISOUTkamath.com> wrote in
news:eb**************@TK2MSFTNGP11.phx.gbl:
Code looks good to me, what is the value in the cookie?


Sorry, it was just showing wrong in InterDev's Quick View. It works fine
when viewed in the web browser.

Thanks.
Jul 19 '05 #4
That's what I thought... Quick view is an HTML view of the page, and the
page is not "executed"

--
Manohar Kamath
Editor, .netWire
www.dotnetwire.com
"vbMark" <no@email.com> wrote in message
news:Xn************************@130.133.1.4...
"Manohar Kamath" <mk*****@TAKETHISOUTkamath.com> wrote in
news:eb**************@TK2MSFTNGP11.phx.gbl:
Code looks good to me, what is the value in the cookie?


Sorry, it was just showing wrong in InterDev's Quick View. It works fine
when viewed in the web browser.

Thanks.

Jul 19 '05 #5
Curt_C [MVP] wrote on 11 okt 2004 in
microsoft.public.inetserver.asp.general:
<TD>UserID: <INPUT id=UserID value="<%=UserID%>"></TD>

should be

<TD>UserID: <INPUT id=UserID value=<%=UserID%>></TD>


This is a bad advice as it will go wrong if UserID contains an inside space

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress,
but let us keep the discussions in the newsgroup)

Jul 19 '05 #6
If it's an ID it should never have a space in it, but yes this is true.
It looks like it wasn't even an issue anyway, user never tested in a
browser.

--
Curt Christianson
Owner/Lead Developer, DF-Software
Site: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29...
Curt_C [MVP] wrote on 11 okt 2004 in
microsoft.public.inetserver.asp.general:
<TD>UserID: <INPUT id=UserID value="<%=UserID%>"></TD>

should be

<TD>UserID: <INPUT id=UserID value=<%=UserID%>></TD>


This is a bad advice as it will go wrong if UserID contains an inside
space

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress,
but let us keep the discussions in the newsgroup)

Jul 19 '05 #7
vbMark wrote:
What am I doing wrong here?

UserID = Request.Cookies("emu")("UserID")
...
<INPUT id=UserID value="<%=UserID%>">


Never mind QuickView, two other potential problems leap to mind:

1. Storing UserID as a cookie suggests a poor security model
unless this is just a device of convenience similar to the
way the Windows login prompt stores that Login ID of the
last person to log in

2. Unless you are in complete control of the range of possible
values for UserID, it might not hurt to display it like
this:

<INPUT id=UserID value="<%=Server.HTMLEncode(UserID)%>">
--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms. Please do not contact
me directly or ask me to contact you directly for assistance. If your
question is worth asking, it's worth posting.
Jul 19 '05 #8
"Dave Anderson" <GT**********@spammotel.com> wrote in news:O$b06G#rEHA.2128
@TK2MSFTNGP10.phx.gbl:
vbMark wrote:
What am I doing wrong here?

UserID = Request.Cookies("emu")("UserID")
...
<INPUT id=UserID value="<%=UserID%>">
Never mind QuickView, two other potential problems leap to mind:

1. Storing UserID as a cookie suggests a poor security model
unless this is just a device of convenience similar to the
way the Windows login prompt stores that Login ID of the
last person to log in


This is just for our developers and testers.
2. Unless you are in complete control of the range of possible
values for UserID, it might not hurt to display it like
this:

<INPUT id=UserID value="<%=Server.HTMLEncode(UserID)%>">


Why, what does this do?

Jul 19 '05 #9
vbMark wrote:
<INPUT id=UserID value="<%=Server.HTMLEncode(UserID)%>">


Why, what does this do?


It HTMLEncodes the value, which is how you protect your HTML from being
inadvertantly broken by characters like this:

" ><&
^^^^^

Generally not a big issue for UserIDs, I agree. But if you let your users
choose their own IDs, what happens when someone chooses [The "Dude"] ? Your
subsequent HTML:

<input id="UserID" value="The "Dude"">
Know thy data.
--
Dave Anderson

Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms. Please do not contact
me directly or ask me to contact you directly for assistance. If your
question is worth asking, it's worth posting.
Jul 19 '05 #10

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
by: Chris Kennedy | last post by:
I am writing the value from a textarea input box to a cookie. Long story but when I return to the page I want to pull the value from the cookie and put it back in the textbox. When I do this all...
3
by: Ana | last post by:
I have written some code using transient cookies to send an edited essay from one html page to another. Each paragraph of the essay is saved in separate cookie. If the essay is 4 paragraphs long...
17
by: James Johnson | last post by:
Dear C#dex, I define a variable: HttpWebRequest webRequest and run the following request webRequest = WebRequest.Create(TARGET_URL) as HttpWebRequest; The webRequest object returns values...
4
by: Jason Shohet | last post by:
I'm writing a js cookie from an asp.net page. A .NET cookie won't do. Inside the js func. that writes the cookie, I do this code to see the cookie afterwards: ...
3
by: Justin Morris via DotNetMonster.com | last post by:
<asp:TextBox ID="TextBox1" runat="server" value='<%=Server.HtmlEncode (Request.Cookies("Username")("Username"))%>'/> <input name="Password" type="text" id="Password" value='<%...
3
by: Nalaka | last post by:
Hi, I have a textbox, I need to set a cookie to the value of the textbox... when textbox.Text changes. How do I do this using clientSide script (javascript) only. I do not want to post back...
3
by: StevenT | last post by:
Hello, I am trying to dynamically create a table based on the information I have in my cookie for a shopping cart. I can create it and display it and all is good. I put the contents of the...
4
by: =?Utf-8?B?YW5vb3A=?= | last post by:
hello, I am writing the Following coding for preventing Session Fixation attack in ASP.Net website, but I could not retrieve the cookie added and the value of cookie_value remains blank. ...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.