You must Sign In to post a response.
  • Category: ASP.NET

    How to encode the Querystring?

    Hello,

    How to encode the Querystring?

    Thanks and Regards,
  • #324248
    You can use either base64 or DES encryption method

    to encrypt the Querystring

    Regards,
    M.Venkatesan.

    For Interview Question and Answers:
    http://dotnet-interview-qa.blogspot.com

    http://venkatdotnetexperiments.wordpress.com

  • #324249
    Hi

    ASP Encode/Decode Functions
    Methods for encoding and deconding text in various formats.

    URL Encode
    URL Decode
    HTML Encode
    HTML Decode


    Server.URLEncode
    Used for encoding data that will be passed via a querystring variable. A querystring variable is anything following the question mark (?) in the URL (location) field of your browser. You create querystring variables when you perform a redirect or build a hyperlink to another page on your site.

    <a href="page2.asp?name=Joe+Schmoe">here</a>
    <%
    Response.Redirect "page2.asp?ID=3"
    %>In the example above, the hyperlink contains a variable named "name" which has a value of "Joe Schmoe" (the space is encoded as "+") In the Response.Redirect statement, we have a querystring variabled named "ID" with a value of 3. To perform a URL encode on a variable (for purposes of passing this variable to another page) use the following:

    <a href="page2.asp?name=<%= Server.URLEncode(sName) %>">
    here</a>
    <%
    Response.Redirect "page2.asp?ID=" &_
    Server.URLEncode(nID)
    %>URLDecode
    For some reason, Microsoft did not include a URL decode function with Active Server Pages. Most likely, this was because the decoding of querystring variables is done automatically for you when you access the querystring object:

    <%= Request.QueryString("name") %>
    For those of you who are desperately in need of this function:

    ' -----------------------------------------
    ' URL decode to retrieve the original value

    Function URLDecode(sConvert)
    Dim aSplit
    Dim sOutput
    Dim I
    If IsNull(sConvert) Then
    URLDecode = ""
    Exit Function
    End If

    ' convert all pluses to spaces
    sOutput = REPLACE(sConvert, "+", " ")

    ' next convert %hexdigits to the character
    aSplit = Split(sOutput, "%")

    If IsArray(aSplit) Then
    sOutput = aSplit(0)
    For I = 0 to UBound(aSplit) - 1
    sOutput = sOutput & _
    Chr("&H" & Left(aSplit(i + 1), 2)) &_
    Right(aSplit(i + 1), Len(aSplit(i + 1)) - 2)
    Next
    End If

    URLDecode = sOutput
    End Function


    Thanks & Regards!
    Syed Shakeer Hussain

  • #324252
    hi,
    http://www.aspnut.com/reference/encoding.asp
    http://sharepoint.microsoft.com/blogs/LevelOrange/Lists/Posts/Post.aspx?ID=24
    www.velocityreviews.com/forums/t74587-query-string-encodingdecoding.html
    www.experts-exchange.com/Programming/Languages/.NET/ASP.NET/Q_21837114.html


    i hope this may help u

    G.Rajan
    Happy New Year

  • #324253
    Hi,

    Try like this:



    Dim redirectUrl As String = ""
    If Request.QueryString("utype") = "staff" Then
    redirectUrl = "~/staff/Default.aspx"
    Else
    redirectUrl = "~/Default.aspx"
    End If

    If email <> "" Then redirectUrl += "?email=" + email
    Response.Redirect(redirectUrl)



    Regards,
    Pradeep Y

    Regards,
    Pradeep Iyer

  • #324255
    The example code is really rather simple
    <% @Page Language="JScript" CodePage="1252" EnableSessionState="false"%><% var key, args : NameValueCollection
    args = Request.QueryString
    for (key=0; key < args.AllKeys.Length; key++
    { var keys : String
    keys = args.AllKeys[key]
    var val = Request.QueryString.GetValues (keys)
    Response.Write ("<pre>"+keys+": "+val+"\n<pre>type: "+typeof (val)+"\n")
    Response.Write (val.Length+" "+typeof(val)+"\n")
    if (val.Length > 0
    { var i : int
    for (i = 0; i < val.Length; i++
    Response.Write ("\t"+i+" "+val(i)+"\n")

    Response.Write ("</pre>\n");

    Response.Write (Request.QueryString+"<br>\n")
    %

    I tweaked it from the original to use GetValues() as you suggested, which works fine for multiple values. All the page does is output the individual query string values that were passed into it

    The important parts of the demonstration, though are these
    1) note that the page *does* declare a codepage explicitly (not that it seems to matter) to windows-1252, which, if it were like asp, would/should be the default codepage anyway

    2) queries that will demonstrate all of the problems in asp.net
    (a little background: ñ = %f1 (latin-1, windows-1252 encoding) = %c3%b1 (utf-8 encoding) = %u00f1 (MS mutant utf-16 syntax
    http://localhost/qs.aspx?query=a%f1
    http://localhost/qs.aspx?query=a%c3%b1
    http://localhost/qs.aspx?query=a%u00f1

    The first url encodes the querystring año in the declared codepage of the program. In the output, you'll see that the ñ just gets vaporized (i.e. declared invalid on parsing). Problem #1 is that asp.net is not using the page's declared codepage for interpretation

    The second url encodes the same query in utf-8. This page will show you that, despite the declared codepage, asp.net is going to read the querystring as a utf-8 encoding (at least it reads it properly). But this url also demonstrates problem #4 at the end with the Response.Write (Request.QueryString+"<br>\n");. It does *not* output the same value you got in. Instead it outputs mutant encoding. This is inconsistent with asp, where Request.QueryString will give you the raw bytes as you got them (without interpretation) but I suppose arguably consistent with serializing a NameValueCollection, post-interpretation. I'm feeling generous today, so I can acknowledge that if you put the same values into a string array and then tried to write out the .toString() of the array, you'd probably get the same result as asp.net currently produces. But it is still a deviation from asp. As I also said, I suppose I can grab the rawUrl property and to a split on the '?'

    The third url encodes the same query with the MS mutant utf-16 encoding, which, despite the declared codepage, asp.net reads just fine. This url only demonstrates that it will read utf-16 mutant no matter what your codepage is. Point #4 is not exactly demonstrated by this since getting MS mutant utf-16 out happens to be what you put in, in this instance. Even a broken clock is right twice a day, I guess

  • #324330
    Hi,

    check this link

    http://nayyeri.net/blog/how-to-encrypt-query-string-parameters-in-asp.net/

    regards,
    deepika



    Thanks & Regards,
    Deepika - Sr. Editor
    Webmaster, GujaratSpider
    http://angeldeeps.blogspot.com/
    "Experience is the name everyone gives to his mistakes"


  • This thread is locked for new responses. Please post your comments and questions as a separate thread.
    If required, refer to the URL of this page in your new post.