Pass value between pages for state mantain - asp.net

how to Transfer values from one page to another page in asp.net ?
is there any latest technique other than state management techniques in asp.net?
how? thank you!!!!!

You have several options when passing data from one page to another:
Use query string
Use HttpPost
Use Session State
Use Public Properties
Use Control Info
This sample from the MSDN shows all these in action.

Can you please explain what you mean by "other than state management techniques"?
You can use query string as well.
Can you please check Communication between pages for more details.

Related

SignalR : create own id factory

I know that in previous versions of signalR I have ability to manage connectionId values using IConnectionIdFactory or IConnectionIdGenerator. Now for this purpose HubPipelineModule exists but I have no idea how to use.Can anybody share link or provide simple example? Thanks.
You can't choose a connection id (that interface has been long removed from SignalR) but you can associate a UserId with one or more connections using an IUserIdProvider (by default it'll use the current' user name).
This sample shows how you register and author one of these:
https://github.com/DamianEdwards/SignalR-2.x-demo/blob/master/SignalR2x/Web/Startup.cs#L17
https://github.com/DamianEdwards/SignalR-2.x-demo/blob/master/SignalR2x/Web/Startup.cs#L28

Create Common Database Object

I have written SQL Server class and which contains all methods for insert, update, delete, execute stored procedure.
Now I have created a object of this class on Default page load and using class methods
to implement database operations.
Now if i am on second page and want to do database operation. I need to again create the database object.
Is there any way that can i only create it initially and use on other pages ?
You can look into Singleton pattern.
Click here for the MSDN article on it
ASP .NET solves many of these issues with the help of User Controls.
by using user control you can do code re usability
so you should go for user control
bellow link help you to create user control
http://www.codeproject.com/Articles/1739/User-controls-in-ASP-NET

avoid sql inject by query string in asp.net

I programed an application with asp.net and use "respons.redirect" in some pages, like this:
Response.Redirect(string.Format("~/*****/****.aspx?ID={0}", ID));
as user execute this cod he will redirect to correct page and every thing is fine .he can see this redirect link in his browser address :
http://localhost:1852/Jornal/Editor/ReviewerEmail.aspx?ID=1030
Now if he changes the ID manually and the ID is correct he can access the other data without any permission. how can i avoid this problem?(I wont use session)
please help me
If the ID needs to be public and no access control can solve the problem.
then i would suggest that you add a second parameter that is a hash of that Id.
Tampering with the ID parameter will cause a missmatch between ID and hash
http://msdn.microsoft.com/en-us/library/system.security.cryptography.sha256.aspx
you cold also change your ID parameter to a less 'guessable' id, like a GUID
You need to use access control.
Whenever you display any data, you need to check whether the currently-logged-in user has access to that data.
Obviously, you also need to track the currently-logged-in user, in a way that will prevent attackers from being able to claim they are someone else..
To do that, use ASP.Net's built-in membership system.

asp.net MVC3: Trimming all HTTP POST data

I need to do trim to all HTTP POST data submitted by users through web forms. Having done googling, apparently there is no in-built functionality in asp.net to trim all HTTP POST data.
The closest that I can get is what is described here: ASP.NET MVC: Best way to trim strings after data entry. Should I create a custom model binder?
Unfortunately it doesn't work on nested ViewModels (ViewModel with property with type of other ViewModel).
What is the best way to achieve this? I don't want to do property.Trim() on every properties in all ViewModel. Thank you.
One option is to define your own IValueProvider. I would start by inheriting from NameValueCollectionValueProvider to make a TrimmedNameValueCollectionValueProvider in which you trim the results as you pull them out. Then you would defined a TrimmedFormValueProvider that passes in controllerContext.HttpContext.Request.Form as the collection.

How to create a unique web page address in ASP.NET

Is there a standard way to create unique web page address in ASP.NET? I'm sending surveys to customers and will be including a link to the web page. For example:
http://www.mysurveypages.foo/survey/UniqueID
I would then customize the survey based on who I sent it to. I know it can be done by passing in a unique parameter to a page but I curious about doing it this way.
You can use Routing to map your url structure onto a particular page and parameter collection. Essentially, it allows you to convert parts of the url into url parameters for your page. This works in standard WebForms and is the basis upon which MVC chooses the appropriate controller/action signature to invoke.
Yup like dcp said GUID is a reasonable solution http://mywebsite.com/survey.aspx?ID=GUID
Suppose you are going to sent the survey to a list of users.
List<User> users = GetSurveyUsers();
foreach(User u in users)
{
Guid guid = Guid.NewGuid();
//Then store the user-guid pair into DB or XML...
}
The simplest solution would seem to be making UniqueID an incrementing field that can be used to get the appropriate user information out of the database. You could use numbers, or a Guid, or some alpha-numeric value, it really doesn't matter.
If you go with ASP.Net MVC then it is quite easy to map the Url (like the one you specified) to a controller action which gets the ID passed in as a parameter. Otherwise you will probably want to look into some sort of Url rewriting to make sure the Url can be nice and pretty.
A GUID approach is safest, if you're able to store it somewhere. If not you could use some existing unique data (e.g. customer id or email address) either directly (but be careful about leaking sensitive data) or hashed (but need to consider collisions).

Resources