469,595 Members | 2,236 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,595 developers. It's quick & easy.

Session variable VS HREF parameters...

I already use session variable in my project to set a session timeout when
the user doesn't do anything for 10 minutes.

When I call other pages, I often use parameters in HREF link.

I was wondering if it was better to pass parameter from page to page as
session variable instead of doing it in HREF link?

Thx for the hint !
Nov 18 '05 #1
2 2334
The first part of your message is very confusing to me, as Sessions time out
all by themselves. However, I can help you with your other question.
When I call other pages, I often use parameters in HREF link.

I was wondering if it was better to pass parameter from page to page as
session variable instead of doing it in HREF link?
You have a couple of issues here. When you pass data via URL, you are
exposing it to the user, which can be a security risk, so one consideration
is how sensitive the data is. If it's not sensitive, you're fine, as long as
you make sure that the user can't create a parameterized URL that would
cause some problem. One of the advantages of using QueryString parameters is
that the user can bookmark a dynamic page, as the bookmark will have the
parameters in it.

As for Sessions, they can be problematic as well, since they time out after
a certain interval of inactivity. As long as you make sure to handle this
eventuality, Session is fine.

--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
"+The_Taco+" <do***********@dessausoprin.com> wrote in message
news:eZ*************@TK2MSFTNGP12.phx.gbl... I already use session variable in my project to set a session timeout when
the user doesn't do anything for 10 minutes.

When I call other pages, I often use parameters in HREF link.

I was wondering if it was better to pass parameter from page to page as
session variable instead of doing it in HREF link?

Thx for the hint !

Nov 18 '05 #2
I think he means that he is using session as a crewd way to timeout a user
by setting session.timeout = 10 and checking for it on each postback.

--
Regards,
Alvin Bruney [ASP.NET MVP]
Got tidbits? Get it here...
http://tinyurl.com/3he3b
"Kevin Spencer" <ke***@takempis.com> wrote in message
news:%2******************@TK2MSFTNGP10.phx.gbl...
The first part of your message is very confusing to me, as Sessions time out all by themselves. However, I can help you with your other question.
When I call other pages, I often use parameters in HREF link.

I was wondering if it was better to pass parameter from page to page as
session variable instead of doing it in HREF link?
You have a couple of issues here. When you pass data via URL, you are
exposing it to the user, which can be a security risk, so one

consideration is how sensitive the data is. If it's not sensitive, you're fine, as long as you make sure that the user can't create a parameterized URL that would
cause some problem. One of the advantages of using QueryString parameters is that the user can bookmark a dynamic page, as the bookmark will have the
parameters in it.

As for Sessions, they can be problematic as well, since they time out after a certain interval of inactivity. As long as you make sure to handle this
eventuality, Session is fine.

--
HTH,
Kevin Spencer
.Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
"+The_Taco+" <do***********@dessausoprin.com> wrote in message
news:eZ*************@TK2MSFTNGP12.phx.gbl...
I already use session variable in my project to set a session timeout when the user doesn't do anything for 10 minutes.

When I call other pages, I often use parameters in HREF link.

I was wondering if it was better to pass parameter from page to page as
session variable instead of doing it in HREF link?

Thx for the hint !


Nov 18 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

reply views Thread by Darrell Blake | last post: by
1 post views Thread by Paul | last post: by
5 posts views Thread by Martien van Wanrooij | last post: by
2 posts views Thread by Damien | last post: by
3 posts views Thread by Lee Moore | last post: by
1 post views Thread by helloroger | last post: by
14 posts views Thread by aroraamit81 | last post: by
10 posts views Thread by sheldonlg | last post: by
reply views Thread by suresh191 | last post: by
4 posts views Thread by guiromero | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.