Hello dear I have a login form where users enter their username and password, and they are then redirected to another page 2. The information of the logged in user is shown in the page 2. The problem is that the value of query string in url is shown as ID number which can be easily changed by the user. But I want the query string value should either not be changeable or should be encrypted. Page1 login cod : protected void ButtonpersonLogin_Click(object sender, EventArgs e) { string ErrorMessage = ""; string id, FullName = ""; try { if (TextPersonusername.Text == "".Trim() || TextPersonpassword.Text == "".Trim()) { Label1.Visible = true; Label1.Text = "Invalid username or password"; } con.Open(); SqlCommand cmd = new SqlCommand("Sp_loginPerson", con); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@Person_UserName", TextPersonusername.Text.Trim()); cmd.Parameters.AddWithValue("@Person_Password", TextPersonpassword.Text.Trim()); SqlDataReader dr; dr = cmd.ExecuteReader(); dr.Read(); id = dr.GetValue(0).ToString(); FullName = dr.GetValue(1).ToString(); dr.Close(); con.Close(); HttpCookie c_id = new HttpCookie("id"); HttpCookie c_fullname = new HttpCookie("FullName"); c_id.Value = id; c_fullname.Value = FullName; Response.Cookies.Add(c_id); Response.Cookies.Add(c_fullname); if (id != " ") { Session["Person_TB"] = TextPersonusername; Response.Redirect("~/ManagePersons.aspx?id=" + id); } } catch (Exception eee) { ErrorMessage = eee.Message; ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script>alert(‘" + ErrorMessage + "’)</script>"); } Page 2 cod : string strcmd = "Select Person_Name from Person_TB where Person_ID=@iid"; SqlCommand cmd = new SqlCommand(strcmd, con); cmd.Parameters.Clear(); con.Open(); cmd.Parameters.AddWithValue("@iid", Request.QueryString["id"]); SqlDataReader dr; dr = cmd.ExecuteReader(); while (dr.Read()) { LabelpersWelcom.Text = "Welcome Dear"; LabelWEduPerson.Text = dr["Person_Name"].ToString(); } con.Close();//-----
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)