Non-persisted Cookies vs Session vs Context vs URL Parameters

[PGO01]

I'm learning web development and I'm a bit confused on the best way to hold information across pages.

Firstly, what is the point of a non-persistent cookie (One that has no expiry date and therefore does not get written to disk)? What I mean is, why not use the session or context?

Why do we use url parameters when this can also be done in the session/context?

Lastly, are the session and context 2 different things? If they are what are the benefits/differences of using one over the other to store info, such as logged in user name / id, etc?

Much appreciated.

 

[jmeckley]

there are many containers you can use with web development. each has it's own purpose. here are the common ones.

application
session
cache
context
form
query string (url params)
cookies

application: a single instance container. good for storing objects which are global in nature, which should be very few if any.

session: unique to each user and lasts across multiple requests. a session ends when a user either explicitly logs out or there is no activity for a period of time. after which a new session begins.

cache: shared by all users and will release objects based on specific cache settings. settings can vary from item to item within cache. you shouldn't depend on an item being in cache since it can be released at any time.

context: objects stored in context are available for the life of the request and response.

form: values submitted using a POST request like submitting a form.

query string (url params): values submitted using a GET request.

cookies: stored on the client machine. has an expiration which you can control.

asp.net also contains a contains called param which is part of the request. this is an aggregation of form, query string and cookies. it's useful as a shortcut when you don't care where the value comes from.

if you are just getting into web development I would highly recommend you not waist your time with webforms. this is the default html engine built on top of asp.net. instead I would focus your efforts into the concept of model-view-controller. there are 2 main frameworks: MS MVC and Castle Monorail. FUBU MVC is gaining ground, but still in it's infancy.

I hope this gets you started. it's by no means a complete or thorough synopsis, rather a general introduction. with this information you should be able to find more details on the web.



Jason Meckley
Programmer
Specialty Bakers, Inc.

faq855-7190
faq732-7259

 

[PGO01]

OK thanks for the advice - MS MVC looks interesting I will try it out.

Just to clarify, would you use the session to pass, say, sensitive information like a user id from 1 page to another?

 

[jbenson001]

A session is fine, you can also use an encrypted querystring value as well.

 

[jmeckley]

user id is a special case as you can integrate the user identity into the IPrinciple and IIdentity interfaces which are part of the http context.

Jason Meckley
Programmer
Specialty Bakers, Inc.

faq855-7190
faq732-7259