Web Forms :: Storing The User Details In A Session Variable In IE
Mar 16, 2010
Im storing the user details in a session variable(session["userid"]) while login.
[Code]....
Im using the session variables in other forms ,there im checking the session variable using the following code.
[Code]....
In this form im having 'export to excel ' button.When i click this button session variable becomes empty and redirected to the login page.(Im having this problem in IE only but in FF it works fine).
When a use is logged in (Through open-id) we are creating a session variable named "UID" and storing the unique user-id in it. Later we are checking the session to see if the user is logged in. I think this is not the right way, but I could not force the team to change this, as I cannot show how this implementation can be cracked. why (If yes) this implementation is bad?
I am creating a website that allows users to login to their gameserver remotely and send / receive commands. The connection happens via an UDP socket and requires simply the IP of the gameserver, and a password.
On my website, users can add servers to their accounts, where the server IP and password are stored in a database. Then they can connect to any of their servers, which creates a new Socket object and connects to it using the IP and password of that server.
This Socket object, embedded in an object that also stores the server IP and password, is stored in a Session variable when the user connects, and is retrieved on every page. For example, there's a page where the user can view a list of the players on the server (and kick/ban them), a page with server settings, a page with messages, etc. All these pages require the Socket connection to get their information (they send a certain command and parse the response). When I need to send a command via the socket, I need to send the password of the server each time (otherwise it does not work). My question now is: how secure is this? The password of a server is sensitive information*, but I am storing it in a session variable and sending it (using the Send command of the Socket object) to the server.
i think the Session variable is stored on memory on the server, so I don't think so, but I'm really unsure about these kind of things and I'd like to be certain that my website is secure. Well, I think it will never be 100% secure but I want it to be at least not worth the effort for someone to hack the password. If it takes a lot of trouble then people wouldn't bother, but I don't want to find out that people's passwords are being thrown out on the street (so to speak) and that my website is completely insecure...
I am storing Datatable in Session variable in my project. Is it good practise to do so? The datatable has 20 fields and can run into 1000+ records. Will it hamper my application performance?
I'm building a web system and various clients will have alternate text for default instances throughout the site. One place is the main nav but there are others. The default may be "project" but they may want to call it "event".I'm heading down the road of calling all the terminology settings (there's a list of about 15) and creating an ArrayList that has the id and either the default or their replacement as the items in the ArrayList.I've also got a enum key list called TermKey that has the defaults and the corresponding ID number.
Throughout the code I'll reference TermKey.Project and then do one of these things that I see as options. 1-pull the text from the session (if the client has set it to "event" then the text "event" will be waiting for the call there)2-pull the text from the database every time I need it.3-pull the client's list each time a page loads.Some thoughts on the impact each way or if there is a best practice for
Consider my dataTable contains 10,000 rows and i want to know the pitfall of storing datatable in a session variable... I want to use it until a new row has been added...What type of session mode should i use?
I have heard alot about sql injection and how it is normally caused. Mostly sql injection in my opinion is caused through search boxes. Now my question is quite simple. Is it advisable to store the search keyword in a session variable to prevent sql injection? I don't want to expose the keyword through the querystring as it is prone to attacks. So in short there is no harm in using session variables to store the keyword right?
I have a gridview and a checkbox. I am able to pass the checkbox id to a textbox in the same page. This is then passed as a session variable. However, when I place an option to page and select the checkbox items in the next page, the session variable resets.Please see below code, how do I store "all checkbox" throughout all paging and store it in the session page?
i m developing an application in .NET mvc2. i m using aspnetMembershipProvider for User registration and related activities. i need some custom information about user that i stored in a separate table (sysUser for example) and linked it to aspnetUser table through foreign key. after Login i need to fetch user's credentials from sysUser table and push it to the session. For this Account controller's Logon method seemed best to me and i pasted following code in my Logon ActionResult
[Code]....
The code is working perfectly for me and put my desired information in the session but the thing is that if a user selects Remember me and on his next visit he won't have to Log in and i would not find my desired information in the Session. where should i put my code that stores the user information in the session.
I'm working with an asp.net application that stores most data in a database and not session. I'm wondering of the pros and cons of each and which is the better way to go. For example, you have a pretty busy site and instead of storing user specific variables in session, there is a DB table called user data and it can store all user specific data that can be accessed from any page by querying the database. Which is the better way to go, session or database?
When I first implemented forms authentication I consulted an article that told me to store the user's custom IPrincipal object in the cache. Is this wrong? Should I have stored it in the session?
I have dropdown and I have to bind that dropdown on the basis of user login so that when the page load the drop down should show only one item on the basis of user login and i may have use that dropdown item as a search parameter.I have a objectdatasource named TblFltReg having one of the fields named "Owner" which is the SectionId.
There is a table named TblSections having "SectionId" and "Description".User can be selected in a Session variable.I have another table "Users" having "UserName", "UProfile", "SectionId".Actually I dont know how can I get SectionId from Users table into Session variable.So I have two tasks: one to get SectionId into Session Variable and another is to show dropdown item on the basis of User login.Hope you understand. How can I perform that task?
I have a gridview control with a details column. I want the user to click details and it give me a pop-up showing details of the particular row. Any idea on how to do this using JQuery?? Looking for an example with code..
I am working on a site in which some pages are to be run on secured server(ie https) & some on non-secured(ie http) eg Login, User Information, etc. will be run under https & View cart, etc. are to be run on http. Now, when user chooses some products in his cart, he is prompted to enter login details. After he fills in his login detail(ie in https), he is redirected to Checkout. But here the Session doesn't picks the value and it shows Session[UserID] value null. So, rather then redirecting to Checkout it shows MyAccount page. Does anyone know how to pass Session Value from https to http.
Currently in an .aspx file, I am storing a value (filename that was created in that session) in an hidden text box. When the user clicks on the "Print" labeled Hyperlink control, it opens the file that was stored in the hidden text box control. But when the user goes to different screen (in the same session), I loose the filename value that is stored in the hidden text box control. So I would like to store the filename variable in a session variable. So that if the user leaves this .aspx file and comes back to this .aspx file I can load the value into the hidden text box from the session variable.
Code: Protected Sub Page_Load(sender As Object, e As System.EventArgs) Handles Me.Load Try Response.Write(Session("ValidUser").ToString & "<br />") Catch ex As System.Exception Response.Write("Valid User Session Variable Not Found: " & ex.ToString & "<br />") End Try
[Code] .....
This the page that users are redirected to after logging on and, after verifying their credentials at the log-on stage, should show 'Hello DonaldDuck@Disney.com, Welcome to my website'.
Do these errors mean that the user cannot be validated in the database?
but as it changes the value in the Database also, so its creating a problem for future. Now I need to change the text after being inserted into the database.
I gone through your "Display details of ASP.Net DataList Item in jQuery Dialog Modal popup on button click" Example it is very nice but i want to Display image also With the information it can display i assign image src like
Is it possible to store gridview session data after each postback. I have a gridview and a checkbox within. Each time a user clicks the checkbox, I like to store the gridview ID in a session. After browsing through various pages, I like this session datato continuously store the information up to 20mins?
How can I continously store the session variable. Say a text box and if I enter 1 click on a hyperlink (where session variable is stored) return back to the page, enter 2 click hyperlink then I should get in the session 12?
I am having one doubt regarding the use of static variable in Asp.net pages.I am having one page say UserDetails.aspx.In this page, I have one static variable to store some data specific to a user. So, will this ?
public partial class UserDetails { static int numberOfReviews=0;
(1) to maintain the state of the treeview without storing it in session or view state or
(2) I am binding the treeview control dynamically from a xml. Even if I use session state is ther any option to use it without using SelectedNodeChanged event because when u click the treeview node , first master page will postback for this event and then the child page and then again the master page will post pack (as the child page has inherited the master page). So here in this case we are posting the master page twice and it is reducing the performance.
