I'm sending a value (id) from javascript like this:
__doPostBack('',id)
and at the server side I get it like this:
var id = Request["__EVENTARGUMENT"];
the problem is that sometimes other controls also do stuff and the var id also get's value but not with the value I sent, but some control did.
how do I send this value separately so that in var id only the value that I sent using js can be.
One way to hack this I guess is to concat some token prefix like myId_ with id instead of just id as parameter, and parse id back in ASP.NET
Related
I am trying to pass a value to a box on an ASPX page. How can this be done? For example, the following page.
http://irth.digsafelynewyork.com/IRTHOneCall/Ticket/PositiveResponse/PositiveResponse.aspx?ID=
It appears as though it will allow passing the ticket id at the end of the URL, however it will not work.
What you are trying to do is passing a value using the query string. Like in your URL, you are passing a value using query string parameter "ID".
In yoru aspx page, you can read this value using Request object and then assign this value to textbox.
string ticketId = Request.QueryString["ID"].ToString();
Textbox1.Text = ticketId;
The documentation about Client ID states that it must be a UUID
Example usage: cid=35009a79-1a05-49d7-b876-2b884d0f825b
But when looking at the calls that analytics.js is issuing, I see that the value has another format:
cid:714937391.1406537193
What are those values? and how are they generated? Can I use the same value if I want to append events to that session from a different application?
Is the Client ID used as the session identifier?
The documentation is a bit misleading. The client ID doesn't technically need to be a UUID hash in that format. It's merely suggesting that format to help people avoid generating duplicate client IDs by accident.
The format of the client ID in analytics.js is a randomly generated 31-bit integer followed by a dot (".") followed by the current time in seconds.
If you wanted to generate a client ID in this format yourself (for whatever reason) you could do something like the following:
var cid = Math.floor(Math.random() * 0x7FFFFFFF) + "." + Math.floor(Date.now() / 1000);
To answer your other question, yes, you can use the same client ID in a server-side Measurement Protocol hit as you find in the cookie generated by analytics.js and the sessions will be linked.
Furthermore, if you wanted to make sure your server-side hits were as closely linked to your client-side hit as possible, you should also use the User Agent and IP override fields, which are new to the measurement protocol. If you don't, then all the geo data for your server-side hits will look like it came from wherever your server is located.
UPDATE
Also, in case it's not clear how to get the client ID from JavaScript, here's what the documentation recommends:
ga(function(tracker) {
var clientId = tracker.get('clientId');
});
Note that it recommends not reading the data directly from the cookie.
url:http://localhost:51806/fair/PersonPage/personalPages.aspx?idCompany=1338006699#Site/AboutAs
request["idCompany"];
this code return null
how can get value idCompany
EDIT
Request.UrlReferrer.Query
this return ?idCompany=1338006699
this Request.UrlReferrer.Query.Split('=')[1] return 1338006699
but i think this way does not good way
#Site/AboutAs is a tab aboutAs in full tab component
Try this instead:
string id = Page.PreviousPage.Request.QueryString["idComapny"];
If no luck then your method of splitting is the best you can achieve, as you're trying to read the query string of the referrer page.
One work around though is to store the value in that previous page.
To do this, store the value of Request["idComapny"] in the previous page, where it should be available, in Session then you can read the Session value in any other page.
We have some error reporting code that, when an unhandled exception occurs, we send everything over in an email to our groups. This is great except if an unhandled exception occurs on a page with a password field then it's sent over as plain text.
Is there a way to iterate through Request.Form and figure out which item(s) are passwords? This is done at a low level so we can't look for specific controls.
Naturally, we could check to see what type the input box is but I'm not sure if that's the cleanest way. Advice?
Use a whitelist of field names that you want to email.
There could be hundreds of field names that get POSTed to your server. And password isn't the only field that is sensitive. Depending on your application, there could be other things that should be treated with a little respect.
So, make a list of field names that will assist in you in debugging. These are typically unique identifiers / database keys and such. If you have any parameter names in this list, you can include it in the email.
I've suggested a different solution earlier, but I thought you were going to handle this on the client side. Following your comments I now understand that you need to take care of this on the server side. There may be a way for you to do it, which is not really elegant, but it should work:
Add to all pages a script that collects all password field names into a new client-generated field, like so:
function collectPasswordFields() {
var inputs = document.getElementsByTagName('input'), list = [];
for (var i = 0; i < inputs.length; ++i)
if (inputs[i].type == 'password') list.push(inputs[i].name);
var field = document.createElement('input');
field.name = '__password_fields';
field.value = list.join(',');
document.getElementsByTagName('form')[0].appendChild(field);
}
Then intercept the additional field in the server-side error handler, and remove the named fields from the email.
Can something like this work for you?
The cleanest way is to check the type attribute of the input element.
The HTML5 specification has this to say about input type=password:
The input element with a type attribute whose value is "password" represents a one-line plain-text edit control for entering a password.
Data type: Text with no line breaks (sensitive information)
Control type: Text field that obscures data entry
This is a mandatory requirement from all User Agent implmentations, and it has been so since HTML 2. So this is indeed the cleanest way to do what you want.
If you want to do it on the client side (you talked about sending the data to the server) then it is relatively easy:
function hidePasswords() {
var inputs = document.getElementsByTagName('input');
for (var i = 0; i < inputs.length; ++i)
if (inputs[i].type == 'password') input[i].value = '*****';
}
As Jerome already pointed out in the comments, just keep track of the names of your password input fields and filter them before sending the error/exception report. This is the best solution as the type of the input field is not submitted.
A few solutions, though I'm not sure how bright any of them is:
1) Maintain in the page a List of input control IDs that are passwords, pass this list to the exception handler with the expectation to ignore these fields.
2) Keep a resource file in the website that lists a page name, a field id and have the exception handler check against this resource file (may not work if the exception is related to the ResourceManager)
3) Keep a database table as with idea 2. Same problems exist.
I'm creating a time sheet for work to learn more about asp and making database connections I am also using this time to prepare for my next C# and database design class which start on Wednesday. I'd like to know how I can get data from default.aspx and display it in timesheetdisplay.aspx, and I would also like to know how I can make it so the person doesn't have to enter the full id "100000111" as it appears in the database just the last 3.
<asp:TextBox id="xBadgeTextBox" runat="server" width="100px"></asp:TextBox>
As far as passing data between pages you can pass it via QueryString, Session variables, or by persisting it to some sort of data store such as a Database. In the situation above I would look at passing via Querystring parameter. Be sure that if you do do this that you validate the data on the new page to ensure its safety and validity before using it (think SQL Injection Attack).
How to: Pass Values Between ASP.NET Web Pages
As far as your second question goes I would say that this could be handled on the server side if you are sure that the last 3 digits will always be unique. Or were you looking to prompt the user entering data similar to Google? If so look at the AutoComplete Extender in the AJAX Control Toolkit or look at doing something similar in JQuery.
If you're redirecting from page to page, consider using the Server.Transfer("timesheetdisplay.aspx", true) method when navigating away from your default.aspx page. Note the second parameter, true, which will persist all ViewState and QueryString data across from page to page.
I would generate a unique key, store the value you are transfering in the users session, redirect the user and include the key in the query string, grab the key, and then get the value. Something like this:
//---On Default---
var value = "can be a single string or even a complext object...";
var keyName = Guid.NewGuid().ToString();
HttpContext.Current.Session[keyName] = value;
HttpContext.Current.Response.Redirect("timesheetdisplay.aspx?SID=" + keyName);
//---On TimeSheet---
var getKeyName = HttpContext.Current.Request.QueryString["sid"].ToString();
var myValue = HttpContext.Current.Session[keyName];
To get the id from a partial ID I would do it just like Muhammad Akhtar said:
select * From yourtable where id like '%111'