QueryString in asp.net
Points to remember about query strings
1. Querystrings are name/value collection pairs
2. Using querystrings, is a very comman way to send data from one webform to another.
3. Query strings are appended to the page URL.
4. ?(Question Mark), indicates the beginning of a query string and it's value.
5. It is possible to use more than one query string. The first query string is specified using the ?(question mark). Subsequent query strings can be appended to the URL using the &(ampersand) symbol.
6. There is a limit on the Query string length. Hence, Query strings cannot be used to send very long data.
7. Query strings are visible to the user, hence should not be used to send sensitive information, unless encrypted.
8. To read the query string value, use Request object's QueryString property.
9. &(ampersand) is used to concatenate query strings, so if you want to send &, as value for the query string there are 2 ways, as shown below
Using Server.UrlEncode() method
Response.Redirect("WebForm2.aspx?UserName=" + Server.UrlEncode(txtName.Text) +
"&UserEmail=" + Server.UrlEncode(txtEmail.Text));
Or
&(ampersand) is encoded as %26, so use, Replace() function to replace & with %26
Response.Redirect("WebForm2.aspx?UserName=" + txtName.Text.Replace("&", "%26") +
"&UserEmail=" + txtEmail.Text.Replace("&", "%26"));
WebForm1.aspx HTML: We want to send Name and Email, that user enters on WebForm1.aspx to WebForm2.aspx using query strings.
<div style="font-family: Arial">
<table>
<tr>
<td colspan="2">
<h1>
This is WebForm1</h1>
</td>
</tr>
<tr>
<td>
<b>Name</b>
</td>
<td>
:<asp:TextBox ID="txtName" runat="server">
</asp:TextBox>
</td>
</tr>
<tr>
<td>
<b>Email</b>
</td>
<td>
:<asp:TextBox ID="txtEmail" runat="server">
</asp:TextBox>
</td>
</tr>
<tr>
<td colspan="2">
<asp:Button ID="btnSendData" runat="server"
Text="Go to WebForm2" onclick="btnSendData_Click" />
</td>
</tr>
</table>
</div>
WebForm1.aspx.cs
protected void btnSendData_Click(object sender, EventArgs e)
{
//Using Server.UrlEncode to encode &(ampersand)
//Response.Redirect("WebForm2.aspx?UserName=" + Server.UrlEncode(txtName.Text) +
// "&UserEmail=" + Server.UrlEncode(txtEmail.Text));
//Using String.Replace() function to replace &(ampersand) with %26
Response.Redirect("WebForm2.aspx?UserName=" + txtName.Text.Replace("&", "%26") +
"&UserEmail=" + txtEmail.Text.Replace("&", "%26"));
}
WebForm2.aspx HTML:
<div style="font-family: Arial">
<table>
<tr>
<td colspan="2">
<h1>This is WebForm2</h1>
</td>
</tr>
<tr>
<td>
<b>Name</b>
</td>
<td>
:<asp:Label ID="lblName" runat="server">
</asp:Label>
</td>
</tr>
<tr>
<td>
<b>Email</b>
</td>
<td>
:<asp:Label ID="lblEmail" runat="server">
</asp:Label>
</td>
</tr>
</table>
</div>
WebForm2.aspx.cs Code:
protected void Page_Load(object sender, EventArgs e)
{
// Read the QueryString values
lblName.Text = Request.QueryString["UserName"];
lblEmail.Text = Request.QueryString["UserEmail"];
}
1. Querystrings are name/value collection pairs
2. Using querystrings, is a very comman way to send data from one webform to another.
3. Query strings are appended to the page URL.
4. ?(Question Mark), indicates the beginning of a query string and it's value.
5. It is possible to use more than one query string. The first query string is specified using the ?(question mark). Subsequent query strings can be appended to the URL using the &(ampersand) symbol.
6. There is a limit on the Query string length. Hence, Query strings cannot be used to send very long data.
7. Query strings are visible to the user, hence should not be used to send sensitive information, unless encrypted.
8. To read the query string value, use Request object's QueryString property.
9. &(ampersand) is used to concatenate query strings, so if you want to send &, as value for the query string there are 2 ways, as shown below
Using Server.UrlEncode() method
Response.Redirect("WebForm2.aspx?UserName=" + Server.UrlEncode(txtName.Text) +
"&UserEmail=" + Server.UrlEncode(txtEmail.Text));
Or
&(ampersand) is encoded as %26, so use, Replace() function to replace & with %26
Response.Redirect("WebForm2.aspx?UserName=" + txtName.Text.Replace("&", "%26") +
"&UserEmail=" + txtEmail.Text.Replace("&", "%26"));
WebForm1.aspx HTML: We want to send Name and Email, that user enters on WebForm1.aspx to WebForm2.aspx using query strings.
<div style="font-family: Arial">
<table>
<tr>
<td colspan="2">
<h1>
This is WebForm1</h1>
</td>
</tr>
<tr>
<td>
<b>Name</b>
</td>
<td>
:<asp:TextBox ID="txtName" runat="server">
</asp:TextBox>
</td>
</tr>
<tr>
<td>
<b>Email</b>
</td>
<td>
:<asp:TextBox ID="txtEmail" runat="server">
</asp:TextBox>
</td>
</tr>
<tr>
<td colspan="2">
<asp:Button ID="btnSendData" runat="server"
Text="Go to WebForm2" onclick="btnSendData_Click" />
</td>
</tr>
</table>
</div>
WebForm1.aspx.cs
protected void btnSendData_Click(object sender, EventArgs e)
{
//Using Server.UrlEncode to encode &(ampersand)
//Response.Redirect("WebForm2.aspx?UserName=" + Server.UrlEncode(txtName.Text) +
// "&UserEmail=" + Server.UrlEncode(txtEmail.Text));
//Using String.Replace() function to replace &(ampersand) with %26
Response.Redirect("WebForm2.aspx?UserName=" + txtName.Text.Replace("&", "%26") +
"&UserEmail=" + txtEmail.Text.Replace("&", "%26"));
}
WebForm2.aspx HTML:
<div style="font-family: Arial">
<table>
<tr>
<td colspan="2">
<h1>This is WebForm2</h1>
</td>
</tr>
<tr>
<td>
<b>Name</b>
</td>
<td>
:<asp:Label ID="lblName" runat="server">
</asp:Label>
</td>
</tr>
<tr>
<td>
<b>Email</b>
</td>
<td>
:<asp:Label ID="lblEmail" runat="server">
</asp:Label>
</td>
</tr>
</table>
</div>
WebForm2.aspx.cs Code:
protected void Page_Load(object sender, EventArgs e)
{
// Read the QueryString values
lblName.Text = Request.QueryString["UserName"];
lblEmail.Text = Request.QueryString["UserEmail"];
}