Validation of URL parameters

1

I would like opinions on an issue, maybe even simple, just to find out more ways to do this. The situation is as follows:

NOTE: I use in this example .NET Framework 4.0 with a lot of Javascript, I only use Code-Behind to get the QueryStrings and store them in input hidden's , the whole business rule is done in a web service (.amx).

01- You send an id = 1 to an edit page by clicking the link.

< a href="http://site/editar.aspx?IdPessoa=1" >Editar< /a >

02- In the edit.aspx page through Code-Behind you play in input hidden ( txtIdPessoa ):

this.txtIdPessoa.Value = (Request.QueryString["IdPessoa"] ?? string.Empty).Trim();

03- On this page edit.aspx you have the other fields for editing the person. After the person fills in all the fields it will save, done through jquery ajax , sending the values to a ( SalvarDados() ) method of a web service : p>

$("#btnSalvar").click(function(){
        $.ajax({
            type: "POST",
            url: "http://site/WebService1.asmx/SalvarDados",
            data: "{'idpessoa':'" + $("#txtIdPessoa").val() + "','nome':'" + $("#txtNomePessoa").val()  + "'}",
            contentType: "application/json; charset=utf-8",
            dataType: "json",
            success: function (resposta) {
        alert("Sucesso");
            },
            error: function (xhr, msg, e) {
        alert("Erro");
            }
        });
});

04- But you can make a mock there, if before clicking save you enter in the url the code below:

javascript:$("#txtIdPessoa").val("2");

05- When saving, you are going to edit to another person, Id = 2 , the question is how to store this IdPessoa , without it being changed in this way? How do you use it?

06- There are validations on the client and the server, here I just posted in a simple way, the problem is that this script does not refresh on the page.

    
asked by anonymous 19.10.2015 / 14:36

1 answer

1

1 - I would use GUID instead of INT, this would only solve all problems.

2 - If you save in session or ViewState, the user can not change in the Client.

Session ["Person Id] = Request.QueryString [" Person Id "];

3 - Pass the SESSION value and not the Hidden input.

4 - If you are in Session / ViewState, you can not change it.

5 - I do not understand

6 - I did not quite understand.

    
19.10.2015 / 15:04