• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

C# transferring data through session variables

A

AgentZap

Senior member
Is it possible to send an entire class to another web page using
session variables? Alternately, what is the most efficient way of transferring all the contents of a form to another form using session variables. It would contain sensitive info so I wouldn't want it in the URL.

I can't do:
Session["Name"] = theClass;

because it can't convert an object to a class.

I can transfer single values using something like this:

//in the originating page
Session["Name"] = theClass.UserID;
Response.Redirect("MemberRegistrationResult.aspx");

//in the receiving page
newMember.UserID = Session["Name"].ToString();
userIdResult.Text = newMember.UserID.ToString();


But I need to know how to send all the values contained in my class
over. Thanks for your help.
 
Just put the whole class in the session and cast it back when you take it out. Just be careful about null references and bad casts and such (your current code will crash if some visits the receiving page without first visiting the originating page). I'm a c# newb, but the "as" keyword is good for this. It tries a cast and returns null if the value was null or of the wrong type.

As for doing form transferring, you can do it via a POST and then pull the data out of the post variables on the recieving page. That's only slightly more secure than in the url though. I'm not sure if you can transfer view state across pages, but if so, it would give you a convenient way to encrypt the data as it passes through the client. It'd be about the same hassle as session variables but could save server memory if you're concerned about that.
 
Yup.

You can stick anything you like into a session variable - class, struct, whatever. Once in the session variable that object can be accessed by any page in your application.

So you just do:

Session ["myClass"] = theClass;

to save the object

and

theClass = (myClassType) Session["myClass"];

to retrieve it.

ViewState is a bit like Session, but is only accessible to the same page that created it, and it stores the information that changes with each view of the page (e.g. form data).

Personally, I find the viewstate rather useless (the data it stores is generally data that is already on the page anyway - so you're just duplicating the dynamic parts of your page, except in a highly inefficient way) and you can only store serializable objects in it. Most of my ASP.NET pages have the viewstate disabled for this reason (occasionally, I will use viewstate, as it's more efficient then using dozens of hidden fields).

The Session variable is also more secure, as the contents are never sent to the client, nor can the client manipulate them (in the way that forms and viewstate can be manipulated).
 
Thanks! You helped me figure out what I was doing wrong.

In the receiving page I forgot to typecast the Session

In the receiving page I had:
theClass = Session["myClass"];

Instead of:
theClass = (myClassType) Session["myClass"];

I am going to try this out when I get home to make sure, but I think that will do the trick.
 
Originally posted by: Mark R
theClass = (myClassType) Session["myClass"];
Click to expand...
Could be my lack of understanding, but as I was mentioning above, isn't this better as:
theClass = Session["myClass"] as myClassType;
So as to avoid bad casts? Of course nothing will happen if you never screw up...
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top