Storing User-id In Session Variable?
Aug 30, 2010
When a use is logged in (Through open-id) we are creating a session variable named "UID" and storing the unique user-id in it. Later we are checking the session to see if the user is logged in. I think this is not the right way, but I could not force the team to change this, as I cannot show how this implementation can be cracked. why (If yes) this implementation is bad?
View 3 Replies
Similar Messages:
Mar 16, 2010
Im storing the user details in a session variable(session["userid"]) while login.
[Code]....
Im using the session variables in other forms ,there im checking the session variable using the following code.
[Code]....
In this form im having 'export to excel ' button.When i click this button session variable becomes empty and redirected to the login page.(Im having this problem in IE only but in FF it works fine).
View 2 Replies
Dec 17, 2010
I am creating a website that allows users to login to their gameserver remotely and send / receive commands. The connection happens via an UDP socket and requires simply the IP of the gameserver, and a password.
On my website, users can add servers to their accounts, where the server IP and password are stored in a database. Then they can connect to any of their servers, which creates a new Socket object and connects to it using the IP and password of that server.
This Socket object, embedded in an object that also stores the server IP and password, is stored in a Session variable when the user connects, and is retrieved on every page. For example, there's a page where the user can view a list of the players on the server (and kick/ban them), a page with server settings, a page with messages, etc. All these pages require the Socket connection to get their information (they send a certain command and parse the response). When I need to send a command via the socket, I need to send the password of the server each time (otherwise it does not work). My question now is: how secure is this? The password of a server is sensitive information*, but I am storing it in a session variable and sending it (using the Send command of the Socket object) to the server.
i think the Session variable is stored on memory on the server, so I don't think so, but I'm really unsure about these kind of things and I'd like to be certain that my website is secure. Well, I think it will never be 100% secure but I want it to be at least not worth the effort for someone to hack the password. If it takes a lot of trouble then people wouldn't bother, but I don't want to find out that people's passwords are being thrown out on the street (so to speak) and that my website is completely insecure...
View 6 Replies
Oct 28, 2010
I am storing Datatable in Session variable in my project. Is it good practise to do so? The datatable has 20 fields and can run into 1000+ records. Will it hamper my application performance?
View 11 Replies
Mar 2, 2010
I'm building a web system and various clients will have alternate text for default instances throughout the site. One place is the main nav but there are others. The default may be "project" but they may want to call it "event".I'm heading down the road of calling all the terminology settings (there's a list of about 15) and creating an ArrayList that has the id and either the default or their replacement as the items in the ArrayList.I've also got a enum key list called TermKey that has the defaults and the corresponding ID number.
Throughout the code I'll reference TermKey.Project and then do one of these things that I see as options.
1-pull the text from the session (if the client has set it to "event" then the text "event" will be waiting for the call there)2-pull the text from the database every time I need it.3-pull the client's list each time a page loads.Some thoughts on the impact each way or if there is a best practice for
View 5 Replies
Feb 24, 2010
Consider my dataTable contains 10,000 rows and i want to know the pitfall of storing datatable in a session variable... I want to use it until a new row has been added...What type of session mode should i use?
View 4 Replies
Oct 27, 2010
I have heard alot about sql injection and how it is normally caused. Mostly sql injection in my opinion is caused through search boxes. Now my question is quite simple. Is it advisable to store the search keyword in a session variable to prevent sql injection? I don't want to expose the keyword through the querystring as it is prone to attacks. So in short there is no harm in using session variables to store the keyword right?
View 6 Replies
Oct 18, 2010
I have a gridview and a checkbox. I am able to pass the checkbox id to a textbox in the same page. This is then passed as a session variable. However, when I place an option to page and select the checkbox items in the next page, the session variable resets.Please see below code, how do I store "all checkbox" throughout all paging and store it in the session page?
[Code]....
Behind code VB:
[Code]....
[Code]....
[Code]....
View 4 Replies
Jun 4, 2010
i m developing an application in .NET mvc2. i m using aspnetMembershipProvider for User registration and related activities. i need some custom information about user that i stored in a separate table (sysUser for example) and linked it to aspnetUser table through foreign key. after Login i need to fetch user's credentials from sysUser table and push it to the session. For this Account controller's Logon method seemed best to me and i pasted following code in my Logon ActionResult
[Code]....
The code is working perfectly for me and put my desired information in the session but the thing is that if a user selects Remember me and on his next visit he won't have to Log in and i would not find my desired information in the Session. where should i put my code that stores the user information in the session.
View 1 Replies
Jul 28, 2010
I'm working with an asp.net application that stores most data in a database and not session. I'm wondering of the pros and cons of each and which is the better way to go. For example, you have a pretty busy site and instead of storing user specific variables in session, there is a DB table called user data and it can store all user specific data that can be accessed from any page by querying the database. Which is the better way to go, session or database?
View 4 Replies
Nov 25, 2010
When I first implemented forms authentication I consulted an article that told me to store the user's custom IPrincipal object in the cache. Is this wrong? Should I have stored it in the session?
View 1 Replies
Dec 18, 2010
How can I use session variable to display user information after authenticated login like Address: 37, kings Road. Position: Secretary base on User ID
View 2 Replies
Nov 22, 2010
Currently in an .aspx file, I am storing a value (filename that was created in that session) in an hidden text box. When the user clicks on the "Print" labeled Hyperlink control, it opens the file that was stored in the hidden text box control. But when the user goes to different screen (in the same session), I loose the filename value that is stored in the hidden text box control. So I would like to store the filename variable in a session variable. So that if the user leaves this .aspx file and comes back to this .aspx file I can load the value into the hidden text box from the session variable.
View 11 Replies
Apr 8, 2016
I am getting two identical errors message when I view my Web page in my browser:
Valid User Session Variable Not Found: System.NullReferenceException for this line:
Code:
Response.Write(Session("ValidUser").ToString & "<br />") <----------
and the same error for this line:
Code:
Response.Write(Session("strEmail").ToString) <-----------
This is the code in that page:
Code:
Protected Sub Page_Load(sender As Object, e As System.EventArgs) Handles Me.Load
Try
Response.Write(Session("ValidUser").ToString & "<br />")
Catch ex As System.Exception
Response.Write("Valid User Session Variable Not Found: " & ex.ToString & "<br />")
End Try
[Code] .....
This the page that users are redirected to after logging on and, after verifying their credentials at the log-on stage, should show 'Hello DonaldDuck@Disney.com, Welcome to my website'.
Do these errors mean that the user cannot be validated in the database?
View 9 Replies
Feb 16, 2010
I have dropdown and I have to bind that dropdown on the basis of user login so that when the page load the drop down should show only one item on the basis of user login and i may have use that dropdown item as a search parameter.I have a objectdatasource named TblFltReg having one of the fields named "Owner" which is the SectionId.
There is a table named TblSections having "SectionId" and "Description".User can be selected in a Session variable.I have another table "Users" having "UserName", "UProfile", "SectionId".Actually I dont know how can I get SectionId from Users table into Session variable.So I have two tasks: one to get SectionId into Session Variable and another is to show dropdown item on the basis of User login.Hope you understand.
How can I perform that task?
View 4 Replies
Aug 13, 2010
I have a LoginName1, LoginView and Login Status on my Master Page. Whenever a user logs himself in, the LoginName1 displays (as for example):
Welcome omarakhtar
Now the only thing I want is how to store this omarakhtar into some variable? Kindly, let me know.
View 1 Replies
Oct 22, 2010
I wanted a formatted text to be converted into unformatted text in the UI . for that I did the following
String strInput;
String strOutput;
strInput = txtEditorAnswer.Text;
strOutput = Regex.Replace(strInput, "<[^>]*>", String.Empty).Trim();
txtEditorAnswer.Text = strOutput;
txtEditorAnswer.Text = Server.HtmlEncode(txtEditorAnswer.Text);
but as it changes the value in the Database also, so its creating a problem for future. Now I need to change the text after being inserted into the database.
View 1 Replies
Mar 7, 2011
I am having one doubt regarding the use of static variable in Asp.net pages.I am having one page say UserDetails.aspx.In this page, I have one static variable to store some data specific to a user. So, will this ?
public partial class UserDetails
{
static int numberOfReviews=0;
[code]...
View 5 Replies
Aug 25, 2010
I would like to store a collection of strings in the web.config. This collection would vary in size over time. I would like to be able to pull all of the strings in the collection into an array or collection in code. (.Net 4, asp.net)
i.e.
<customCodes>
<VendorCode vendorName="Name1" code="1234567891234567891324567987ddd" isActive="true"/>
<VendorCode vendorName="Name2" code="1sadfsadf1234567891324567987ddd" isActive="true" />
<VendorCode vendorName="Name3" code="123456789dfadfdsaf3324567987d32" isActive="true"/>
</customCodes>
I could use appsettings with the strings all in one value but I would like to seperate it out for organizational reasons. Not using the key/value pair complicates things a bit. I am now getting a message that states "you can't have duplicate elements in a section"
View 2 Replies
Dec 9, 2010
can we grab a global variable or Session or View State variable in the javascript or using jquery?
View 2 Replies
May 17, 2010
I have a web application which uses a session variable to store the logged in userid. If no user is logged in, of course this variable will be empty and the contents displayed on my website are meant for guests. If there is a user logged in, the user specific controls/access/links will then be a displayed.
I am now having issues with my hosting where on shared application pool, the worker recycle is triggered every 90 minutes, this will clear sessions causing all my users to be logged out. I opted for a dedicated application pool, which got worse because I am only allocated 50MB memory limit and if this is reached, the worker recycle is triggered and I lose my sessions again. I have tried as much as possible optimization techniques, e.g. dispose where possible, close connections, disable viewstate for static controls etc but my memory per instance keeps building up from page to page without any signs of improvement. I don't use loops nor store huge objects like bitmaps etc but my sessions are now gone even faster than 90 minutes in shared application pool before.
I have considered using SQL Session State but there isn't a simple guide on using this with MySQL. I am getting desperate and considering using a public variable, a string as a replacement to store logged in user id instead of in a session variable. I am pretty sure this will solve my issue with sessions being recycled but are there any negative consequences of doing this? One problem I can think of is if the user closes the browser, the system will never know that the user is now logged out and this public variable should be nothing. In this scenario, will the GC eventually clear this abandoned public variable.
View 10 Replies
Dec 2, 2010
What would be the proper syntax in ASP.NEt 3.5 C# to assign a TextBox value to a temporary or session variable to be manipulated (added, subtracted, multiplied, divided) at different points in the application? I want to add a decimal number to this variable in almost every instance as well.
View 3 Replies
Jul 8, 2010
How do I store an Eval in a variable or use the value of the Eval in an if statement?
View 5 Replies
Mar 19, 2013
i m having 4 radio buttons on default2.aspx page on the same page i m using a database it's columns are uname and status whenever the user clicks on the radiobutton the status of that name should increment by 1(counter variable).
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
[code]....
View 1 Replies
May 25, 2010
I have the dataset. in this i am having total 20 tables with huge amount of data..I want use this data over all the page..so where i can keep this data..
before i used viewstate but the viewstate data is render to page every postback ..so this time the page size is increasing(interanlly viewstate is rendered to page)..so performence wise it was very slow..
Now i change my logic insted of viewstate to i used Globel Dataset on Page Level.. now the performence wise better than viewstate..
i used Like shared dsControls as Dataset at top of the page..so every time i use this dataset..
my quesation is session is better or Globel variable is better way use in my situavation..
View 3 Replies