i want to send URL parameter with unreadable unique no to my preview page and after all i will again convert this value into digit value
send like
ordernow.aspx?orderid=dfdkd2323n4
Asked
Active
Viewed 84 times
0
-
Please let us know what have you tried till now – Nehal Jan 05 '16 at 11:25
-
i just send like ordernow.aspx?orderid=12 but i don't want to show 12 in my query string – Muhammad Azeem Jan 05 '16 at 11:26
-
you can use encoding like base64, or md5 and decode it back on the page you retrieve – Nehal Jan 05 '16 at 11:27
-
I find _"dfdkd2323n4"_ pretty readable. What is your goal? Why exactly do you not want to expose the number 12? It sounds like you actually need authorization, not obfuscation. And please repeat after me: _"I will not build a webshop when I don't know anything about web security"_. It's people's money you're toying with here. – CodeCaster Jan 05 '16 at 11:34
-
How about converting your orderid to a hex string? [As done here...](http://stackoverflow.com/questions/1139957/c-sharp-convert-integer-to-hex-and-back-again) – KMB Jan 05 '16 at 11:35
-
The basic strategy is to serialize your data to string using `XmlSerializer` for example, encrypt it in some way and then convert it to BASE64. StackOverflow is full of examples all three topics. Can you, perhaps, elaborate on the purpose of such "encription"? – Dmitri Trofimov Jan 05 '16 at 11:36
-
Generate a unique random string and store it alongside the original value (12) in a database table, look it up in ordernow.aspx – Alex K. Jan 05 '16 at 13:06
-
I would just encrypt the querystring on submit and decrypt it on get. I wrote a solution years ago in vb.net that works perfect. – Kami Jan 05 '16 at 14:22
-
This link might help with encryption/decryption http://www.blackbeltcoder.com/Articles/security/encrypting-query-arguments – Kami Jan 05 '16 at 14:46