Forum Moderators: open
Sorry for being vague in the title. I did not know how to frame the question.
I have an ASP page where a user enters his personal ID and the next ASP page pulls up his records from the database.
I want to know how we can achieve the following:
if a user types in www.myurl.com/compute.asp?id=123 he should be able to see his records just as before..
i want to know how we can add that users' id at the end of url with a question mark and get his records.
thanks in advance,
kriani
Private Sub DoSomething(S As Object, E As EventArgs)
Dim url As String = "http://www.myurl.com/compute.asp?id="
Dim id As Integer = 123
Response.Redirect(url & id)
End Sub
If someone knows someone else's ID, they could pull up all the records.
Better to have a login page where they validate with some type of password.
@sgietz: im just using asp 3.0, but thanks for the idea.
@txbaker: what you said is totally right, but in my case it is not
that sensitive of information, so i guess i need not worry
(speaking of security, we have some kind of security seal
built into into the page; would that help to any extent?)
---------------------------------------------------------
here is what i have done:
i have checked for request.querystring and am able to use that value to retrieve data from the datastore, but I am having a problem with passing the values to the nextpage using response.redirect("nextpage.asp").
I read somewhere that querystring values cannot be used to pass values using response.redirect to the next page.
Is this true? if it is, is there any workaround for this?
(for temporary purposes, i have an interim page which asks users to press submit and proceed to the next page)
thanks in advance,
kriani
