I already use session variable in my project to set a session timeout when
the user doesn't do anything for 10 minutes.
When I call other pages, I often use parameters in HREF link.
I was wondering if it was better to pass parameter from page to page as
session variable instead of doing it in HREF link?
Thx for the hint ! 2 2475
The first part of your message is very confusing to me, as Sessions time out
all by themselves. However, I can help you with your other question. When I call other pages, I often use parameters in HREF link.
I was wondering if it was better to pass parameter from page to page as session variable instead of doing it in HREF link?
You have a couple of issues here. When you pass data via URL, you are
exposing it to the user, which can be a security risk, so one consideration
is how sensitive the data is. If it's not sensitive, you're fine, as long as
you make sure that the user can't create a parameterized URL that would
cause some problem. One of the advantages of using QueryString parameters is
that the user can bookmark a dynamic page, as the bookmark will have the
parameters in it.
As for Sessions, they can be problematic as well, since they time out after
a certain interval of inactivity. As long as you make sure to handle this
eventuality, Session is fine.
--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
"+The_Taco+" <do***********@dessausoprin.com> wrote in message
news:eZ*************@TK2MSFTNGP12.phx.gbl... I already use session variable in my project to set a session timeout when the user doesn't do anything for 10 minutes.
When I call other pages, I often use parameters in HREF link.
I was wondering if it was better to pass parameter from page to page as session variable instead of doing it in HREF link?
Thx for the hint !
I think he means that he is using session as a crewd way to timeout a user
by setting session.timeout = 10 and checking for it on each postback.
--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here... http://tinyurl.com/3he3b
"Kevin Spencer" <ke***@takempis.com> wrote in message
news:%2******************@TK2MSFTNGP10.phx.gbl... The first part of your message is very confusing to me, as Sessions time
out all by themselves. However, I can help you with your other question.
When I call other pages, I often use parameters in HREF link.
I was wondering if it was better to pass parameter from page to page as session variable instead of doing it in HREF link? You have a couple of issues here. When you pass data via URL, you are exposing it to the user, which can be a security risk, so one
consideration is how sensitive the data is. If it's not sensitive, you're fine, as long
as you make sure that the user can't create a parameterized URL that would cause some problem. One of the advantages of using QueryString parameters
is that the user can bookmark a dynamic page, as the bookmark will have the parameters in it.
As for Sessions, they can be problematic as well, since they time out
after a certain interval of inactivity. As long as you make sure to handle this eventuality, Session is fine.
-- HTH, Kevin Spencer .Net Developer Microsoft MVP Big things are made up of lots of little things.
"+The_Taco+" <do***********@dessausoprin.com> wrote in message news:eZ*************@TK2MSFTNGP12.phx.gbl... I already use session variable in my project to set a session timeout
when the user doesn't do anything for 10 minutes.
When I call other pages, I often use parameters in HREF link.
I was wondering if it was better to pass parameter from page to page as session variable instead of doing it in HREF link?
Thx for the hint !
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Darrell Blake |
last post by:
I'm trying to use sessions to allow people to log into my site. The problem
is that sometimes it works and sometimes it doesn't! As far as I'm aware my
script is fine (hence why it works sometimes)...
|
by: Paul |
last post by:
Hmmm, didn't seem to work. I have set session.use_cookies = 1 and
session.use_trans_sid = 1 in my php.ini file. Index.php contains:...
|
by: Martien van Wanrooij |
last post by:
Some time ago I already posted a question about a site that consists of
several pages where the visitor, on every page can answer one or two
questions in order to fill out an intake for for an...
|
by: Damien |
last post by:
Hi to all,
I'm currently re-designing our intranet : nice and lean CSS2, cleaned-up
PHP 4.3.7, better-normalized MySQL ;o). So I've started using the
$_SESSION variable instead of register_globals...
|
by: Lee Moore |
last post by:
I have some user controls defined that represent a common header and footer
for a particular site. the footer contains links with querystring parameters
based on session variables. The problem is,...
|
by: helloroger |
last post by:
Hi folks
I'm new to php an currently trying to insall my first php-Session. I've
written the following code which uses the 2 variables cat and langua,
but somehow they are not correctly...
|
by: aroraamit81 |
last post by:
Hi,
I am facing a trouble. I have some Session variables in my code and
somehow my session variables are getting mixed up with other users.
For example User A has access to 10 companies and...
|
by: Vyoma |
last post by:
This is quite a bit of problem I am facing, and I cannot point exactly
where I am going wrong. I have been lurking around at several forums
with regard to login and user authentication scripts and...
|
by: sheldonlg |
last post by:
Something weird is happening here. I inherited some code that looks
like what is shown below. The problem is that when menu1.php is
included, the session variables are not known in homepage.php. ...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
| |