Sessions or Cookies - Best Practice

Question

Hi all,

What is best to use to pass information from one page to another? Session or Cookies and why? Also is there a "best practice" for this?

Thank you in advance.

Answer 1

To pass information to from one page to another you should use the viewstate ( http://msdn.microsoft.com/en-us/library/ms972976.aspx )

Sessions are used to keep user information alive for a while on your web site. When the user visits your site again within a pre defined time frame, he still has his settings saved (or like in fora, stay logged in, user settings,...). Do note this has a time limitation

Cookies are used to create a little bit of information (maximum 4069 kb i think) on the user's PC. This is not such a good idea, if the users changes the information in the cookie behind your back (because it's a simple txt-file), it might harm your web site or cause unexpected behaviour.

A viewstate can be transfered between pages within a session, is send back and forth to the server with every call (so you can always get a value stored in the viewstate) and the viewstate lives as long as the session (or if you don't have a session, for as long as the user is connected to you web site). Do note that if the viewstate becomes to big, you web site might become slow and unresponsive as the viewstate is send forth and back every time the user makes a request.

---

Dimitri C. - Please mark the replies as answers if they help! Thanks.

Answer 2

Hi,

Although this question is not related to this forum....

I have a little correction regarding ViewState. A ViewState lives with in a page. Suppose you want to maintain the value of a variable between postbacks in a page you can use ViewState. What are the information that you put in ViewState are stored as hidden fields in that page.

So if you move to some other page you won't get the data.

Since the ViewState information are stored in the page, storing lot of information makes the page huge and takes lot of time to transmit in the network.

Session can stays for a configured time duration, for ViewState there is no time duration it stays still you stay in a page.

One more point I have to add, Cookies and ViewState are client-side storage mechanisms the data is stored in the client machine. So.. not safe. While Session is a server side storage mechanism.

Regards
Dnana

Answer 3

The best practice is to ask questions about ASP.NET at the ASP.NET Forums at http://forums.asp.net/ .

Answer 4

The best practice is to ask questions about ASP.NET at the ASP.NET Forums at http://forums.asp.net/ .

General discussion and questions regarding Visual C# -- including best practices on developing with C# in VS, documentation, setup, and samples.

Answer 5

This is pretty inaccurate. The ViewState is the normal way in which controls on the page such as the textboxes, listboxs, checkboxs and things like that remember their state between callbacks on a page. So if a page has a textbox with the word "hello" in it and a button, when the page is requested, the "hello" is sent in the textbox and is also stored encrypted in the viewstate. When the user clicks the button, the value in the textbox and viewstate are posted back to the server and this allows the textbox to determine whether the user changed the value.

The Session is stored entirely on the server and is normally used for storing state on the server about the user currently using the website and any cached data being used by them.

Cookies are a mechanism of instucting the browser to save a set of key-value pairs on the client machine which will be returned to the server with every request to the same domain. This is used in ASP.NET by default to hold the session id for the ASP.NET session.

When deciding where to store something, you should think about the purpose of the data, the size, and the expected lifetime.
If it is a simple piece of data which will be needed only while they are using the current page, then the viewstate is a good option.
If it is a more complex piece of data or needs to survive for the duration of their logon session, such as a copy of a userprofile object or maybe just their userid from your database, then this is normally session data.
If the data is simple and wanted for more longterm or even potentially permanently, say for a few days or a month or longer, then a cookie is a good option. If you want long term storage of more complex or sizable data, then you may want to save that server side to a database or file, and then save its location or identifier to a cookie on the client machine.

---

HTH Ciaran http://wannabedeveloper.spaces.live.com

Answer 6

I just want to pass some information from textboxes of the previous page to create a printer-friendly web page. Thats all I want to do. Which is the best technique to use for this?

Answer 7

Session/Cookies all are specific to ASP.NET, not C#.

Answer 8

Session/Cookies all are specific to ASP.NET, not C#.

You can use them in C#.

Answer 9

Not without ASP.NET

Answer 10

Use the Session or QueryString. You can howere make Print friendly pages with CSS rather than needing a new page. You can make style sheets which you link for the media=print and they will be applied when printing a page. Then you can make things look nice for printing with that stylesheet
See
http://webdesign.about.com/cs/css/a/aa042103a.htm
for an example

---

HTH Ciaran http://wannabedeveloper.spaces.live.com