3
3P
I had a situation where I couldn't use the session-id, which would have
been concatenated at the end of a session custom object name that needed
to be passed around from page to page. The reason I couldn't use the
session-id is another story, and I don't want to get into it.
And my solution was to ToString() a Guid and concatenated the GUID to
session custom object name. So the application started up on a certain
page when doing a creation of user information, and it started-up on
certain page when maintenance was being done to the existing user
information.
The original GUID assigned had to be passed from page to page to
construct the session object name for the custom object to set/get
session object.
How I did it was the two pages that were used for create/maint would
initially get a new GUID at page-load !postback. It would save the
string Guid to a hidden field, which was on all the pages for this
application. As each page did a redirect to another page, the GUID was
taken from the hidden field and passed on the URL.
The pages would determine at their page-load if it was a postback or
not. It was not a postback (redirect from another page), the page would
querystring for the GUID on the URL and save it to its hidden field for
the GUID. If it was a postback then, the page would go to the hidden
field to get the GUID, because the URL no-longer had the GUID on the URL
on postback. In either case, I always had the initial GUID that was
trapped on my two start pages to be passed around to the other pages to
construct the session variable name to get/set.
Even if the page timed-out, the GUID was not lost as the page kept GUID
using a hidden field state.
If one is not inclined to use a base page to hold Session-ID, one could
use what I have talked about to trap the Session-ID and pass it around
and not loose it.
I'm not sure how is that different than storing that GUID in session.
If session times out You will still loose that hidden field GUID because
You will be
redirected to login page.
And what if someone gives someone else link with his GUID in it? Will that
other person
steal the object? Or will they concurently use same object? What when
someone changes
the GUID in address by accident?