Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: .NET3.0
can we send multiple value with query string if yes how ?
Posted 8-Mar-12 7:52am
Comments
Rahul Rajat Singh at 9-Mar-12 4:31am
   
are talking about sql query or url querystrings ?
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

string query = string.Format("select * from {0} where {1}='{2}'", "tblMyTable", "myColumn", 0);
 
Is that what you meant?
  Permalink  
Comments
SAKryukov at 8-Mar-12 13:15pm
   
Good, this is probably the minimal sample (not counting impractical "select * from my_table").
For the next step, parametrized query should be recommended.
My 5.
--SA
   
Impractical is in the eye of the beholder. The minimal sample matches the minimal question. :)
SAKryukov at 8-Mar-12 19:50pm
   
I'm not sure you got my comment. In other words, you sample was not absolutely minimal, but minimal among the practical ones.
 
Cheers,
--SA
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 5

Are you talking about passing multiple parameters in a query string? If you are, all you need to do is append them to the query string using the format
&key=value
Okay, that seems straightforward enough, but is it enough? Well no - the important thing to understand is that the query string is part of the URL, so this means that you need to encode your values (and not use invalid keys). .NET provides the handy HttpUtility.UrlEncode which you should use on the values to ensure that they are suitable for passing across - don't forget to decode them at the receiving end with HttpUtility.UrlDecode.
 
The question is, should you really use query strings? A query string represents a point of attack against your system. By this I mean that it is another area that "hackers" can use to target your website looking for vulnerabilities, and loopholes to exploit. There are several famous query string attacks*, so you really need to think long and hard about whether this is the appropriate mechanism for you, or whether you would be better using alternate mechanisms such as session values to operate your site. I can't answer this for you - only you know your requirements so you are best placed to judge whether or not it's appropriate.
 
*a couple of the vulnerabilities include: buffer overflow attacks, code injection.
  Permalink  
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 6

www.testwebsite.com?one=1&two=2&three=3&four=4
 
assuming you are talking about URL query strings.
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 George Jonsson 175
1 Kornfeld Eliyahu Peter 169
2 Zoltán Zörgő 139
3 PIEBALDconsult 130
4 OriginalGriff 120
0 OriginalGriff 6,165
1 DamithSL 4,658
2 Maciej Los 4,107
3 Kornfeld Eliyahu Peter 3,649
4 Sergey Alexandrovich Kryukov 3,342


Advertise | Privacy | Mobile
Web03 | 2.8.141220.1 | Last Updated 9 Mar 2012
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100