p2p.wrox.com Forums

Need to download code?

View our list of code downloads.


  Return to Index  

aspdotnet_website_programming thread: Opinions on Querystring, Cookies, or Session Object for use in passing page parameters


Message #1 by "Kirk Gomez" <hed2hed@c...> on Tue, 21 May 2002 05:27:06
A philosophical question...

Are there any strong opinions out there on whether to use Querystrings, 
Cookies, and/or the Session Object to pass arguments and parameters 
between pages?

I have been using querystrings but the disadvantage to those are they can 
be easily accessed, changed, and refreshed by client users.

Just wanted to collect thoughts on using Cookies and the Session Object as 
alternative solutions.

Kirk Gomez
hed2hed@c...
Message #2 by "Mike Gale" <info@d...> on Tue, 21 May 2002 16:35:57 +1200
I tend to go for HTTP-POST where I can, and HTTP-GET where I'm forced
to.

I've never used cookies for this.  (They could be switched off, it's an
effort to find statistics on how many users are left in the dark, how do
you handle the guy with cookies completely off? and what happens if some
virus... scare creates a wave of "cookies off".)

In your proposed solution.  How do you get data into the Session
Variable or Cookie from your page?  

Mike Gale, Decision Engineering (NZ) Ltd.

A philosophical question...

Are there any strong opinions out there on whether to use Querystrings, 
Cookies, and/or the Session Object to pass arguments and parameters 
between pages?

I have been using querystrings but the disadvantage to those are they
can 
be easily accessed, changed, and refreshed by client users.

Just wanted to collect thoughts on using Cookies and the Session Object
as 
alternative solutions.

Kirk Gomez
hed2hed@c...

Message #3 by "Minh T. Nguyen" <nguyentriminh@y...> on Mon, 20 May 2002 21:57:31 -0700
Kirk,

I am doing it all with Session objects, because

* prevents users to change it
* die when the sessions die
* no need to play with URL (querystring)
* quick and easy access.

Minh.

-----Original Message-----
From: Kirk Gomez [mailto:hed2hed@c...] 
Sent: Tuesday, May 21, 2002 5:27 AM
To: Website Programming with ASP.NET
Subject: [aspdotnet_website_programming] Opinions on Querystring,
Cookies, or Session Object for use in passing page parameters


A philosophical question...

Are there any strong opinions out there on whether to use Querystrings, 
Cookies, and/or the Session Object to pass arguments and parameters 
between pages?

I have been using querystrings but the disadvantage to those are they
can 
be easily accessed, changed, and refreshed by client users.

Just wanted to collect thoughts on using Cookies and the Session Object
as 
alternative solutions.

Kirk Gomez
hed2hed@c...

Message #4 by "Kirk Gomez" <hed2hed@c...> on Tue, 21 May 2002 07:44:32 -0500
RE: "How do you get data into the session variable or cookie from your
page?"

Mike,

It's a two step process.  The calling page first sets either the cookie or
session object variables then redirects to the page.  To make it consistent
I have created an object for my application that contains methods for
redirecting to all pages within the system.  I never use
"Response.Redirect()" directly in code-behinds themselves.  Only these
function calls are used in code-behinds (in case I change the way I want to
implement passing arguments).  These methods accept the appropriate
arguments and set the variables appropriately before redirecting to the new
page.

Each called page then checks for the arguments in the Page_Load event
handler, just like you would an HTTP-GET/POST, and pulls the appropriate
data.

According to Minh Nguyen, he avoids the HTTP-POST/GET and uses the Session
object to pass information.

Thanks for your input.  It sounds that I definitely need to avoid Cookies.
The debate sounds like I need to focus on HTTP-GET/POST vs. the use of the
Session Object.

Kirk Gomez
hed2hed@c...

 -----Original Message-----
From: 	Mike Gale [mailto:info@d...]
Sent:	Monday, May 20, 2002 11:36 PM
To:	Website Programming with ASP.NET
Subject:	[aspdotnet_website_programming] RE: Opinions on Querystring,
Cookies, or Session Object for use in passing page parameters

I tend to go for HTTP-POST where I can, and HTTP-GET where I'm forced
to.

I've never used cookies for this.  (They could be switched off, it's an
effort to find statistics on how many users are left in the dark, how do
you handle the guy with cookies completely off? and what happens if some
virus... scare creates a wave of "cookies off".)

In your proposed solution.  How do you get data into the Session
Variable or Cookie from your page?

Mike Gale, Decision Engineering (NZ) Ltd.

A philosophical question...

Are there any strong opinions out there on whether to use Querystrings,
Cookies, and/or the Session Object to pass arguments and parameters
between pages?

I have been using querystrings but the disadvantage to those are they
can
be easily accessed, changed, and refreshed by client users.

Just wanted to collect thoughts on using Cookies and the Session Object
as
alternative solutions.

Kirk Gomez
hed2hed@c...



Message #5 by Feduke Cntr Charles R <FedukeCR@m...> on Tue, 21 May 2002 09:02:14 -0400
Kirk,

	I strongly recommend you use HTTP POST (Request.Form) whenever
possible.  QueryString is good when the parameters that are passed really
don't matter; this gives a knowledgeable user the ability to quickly jump
around in the system and bookmark specific configured pages.  Cookies are
pretty much out of the question except for retaining settings; there are
three better alternatives for passing information across HTTP.

	Finally you should store large amounts of data in the Session object
rather than letting them go into the ViewState (which is part of HTTP POST
when you use a web form).

HTH,
- Chuck

-----Original Message-----
From: Kirk Gomez [mailto:hed2hed@c...]
Sent: Tuesday, May 21, 2002 1:27 AM
To: Website Programming with ASP.NET
Subject: [aspdotnet_website_programming] Opinions on Querystring,
Cookies, or Session Object for use in passing page parameters


A philosophical question...

Are there any strong opinions out there on whether to use Querystrings, 
Cookies, and/or the Session Object to pass arguments and parameters 
between pages?

I have been using querystrings but the disadvantage to those are they can 
be easily accessed, changed, and refreshed by client users.

Just wanted to collect thoughts on using Cookies and the Session Object as 
alternative solutions.

Kirk Gomez
hed2hed@c...
Message #6 by "Mike Gale" <info@d...> on Wed, 22 May 2002 09:13:01 +1200
Hi Kirk,

My thought was the Client (browser) Server interaction.

The browser communicates with the server usually over HTTP.  It must use
a GET or POST before values can be set in Session variables!

[ASP.NET may hide this from you but that is what is happening under the
skin, looking at source code (on the browser) you see something like

<form name="Form1" method="post" action="Whatever.aspx" id="Form1">
<input type="hidden" name="__VIEWSTATE" value="..." />

In the above case you are using POST.]

On the issue of distributing information gathered from one page, session
state will often be the right choice, though application state sometimes
fits the bill.  If you want to persist that data across sessions cookies
save you the effort and space of a database in the back end, if you need
to save the data yourself cookies still have a place in easily
identifying your client without making him work.  (If some-one has
cookies off they will need to re-enter passwords etc. treat it as their
choice and don't spend time agonising about it!)

Each technique has it's merits, when you face a design a good answer is
usually obvious.

Mike Gale, Decision Engineering (NZ) Ltd.

PS.  There are other ways for Browsers to communicate (WDDX, SOAP etc.)
but these do not apply on the average page.

RE: "How do you get data into the session variable or cookie from your
page?"

Mike,

It's a two step process.  The calling page first sets either the cookie
or
session object variables then redirects to the page.  To make it
consistent
I have created an object for my application that contains methods for
redirecting to all pages within the system.  I never use
"Response.Redirect()" directly in code-behinds themselves.  Only these
function calls are used in code-behinds (in case I change the way I want
to
implement passing arguments).  These methods accept the appropriate
arguments and set the variables appropriately before redirecting to the
new
page.

Each called page then checks for the arguments in the Page_Load event
handler, just like you would an HTTP-GET/POST, and pulls the appropriate
data.

According to Minh Nguyen, he avoids the HTTP-POST/GET and uses the
Session
object to pass information.

Thanks for your input.  It sounds that I definitely need to avoid
Cookies.
The debate sounds like I need to focus on HTTP-GET/POST vs. the use of
the
Session Object.

Kirk Gomez
hed2hed@c...

 -----Original Message-----
From: 	Mike Gale [mailto:info@d...]
Sent:	Monday, May 20, 2002 11:36 PM
To:	Website Programming with ASP.NET
Subject:	[aspdotnet_website_programming] RE: Opinions on
Querystring,
Cookies, or Session Object for use in passing page parameters

I tend to go for HTTP-POST where I can, and HTTP-GET where I'm forced
to.

I've never used cookies for this.  (They could be switched off, it's an
effort to find statistics on how many users are left in the dark, how do
you handle the guy with cookies completely off? and what happens if some
virus... scare creates a wave of "cookies off".)

In your proposed solution.  How do you get data into the Session
Variable or Cookie from your page?

Mike Gale, Decision Engineering (NZ) Ltd.

A philosophical question...

Are there any strong opinions out there on whether to use Querystrings,
Cookies, and/or the Session Object to pass arguments and parameters
between pages?

I have been using querystrings but the disadvantage to those are they
can
be easily accessed, changed, and refreshed by client users.

Just wanted to collect thoughts on using Cookies and the Session Object
as
alternative solutions.

Kirk Gomez
hed2hed@c...






  Return to Index