Hey guys, I'm not very familiar with asp.net (Doing this in c#) or session cookies for that matter, just the basics. Trying to store a list of items in a session cookie, then when needed, pull those items back out as a list to then use them in a MS SQL select query.
e.g. I create a list object, I add to it via url parameters (as they browse and add them), then I save the list in a session cookie...
List<string> itemNames = new List<string> {};
...
itemNames.Add(Request.QueryString["itemID"]);
...
Session["myItems"] = itemNames;
now I have a list of objects in a cookie i'm assuming?
I later on get that cookie back into a public string via the code behind...
class...{
public List<string> names { get; set; }
{
protected void Page_Load(object sender, EventArgs e)
{
List<string> names = (List<string>)Session["myItems"];
}
}
}
...Not sure if those two ideas work to be honest
I am familiar with how to get a url parameter and make an SQL call through SqlDataSource...
<asp:SqlDataSource
ID="itemsDS"
runat="server"
DataSourceMode="DataReader"
ConnectionString="<%$ ConnectionStrings:myDBname%>"
SelectCommand="SELECT * FROM table WHERE itemID=@itemID">
<SelectParameters>
<asp:QueryStringParameter Name="itemID" DbType="" Direction="Input" QueryStringField="itemID" DefaultValue="" ConvertEmptyStringToNull="True" />
</SelectParameters>
</asp:SqlDataSource>
, but how can I set up multiple variables using my list of objects? e.g.
SelectCommand="SELECT * FROM table WHERE itemID=names[0] OR itemID=names[1] OR itemID=names[2]">
I plan to clean the url parameter beforehand to prevent code injection. Any ideas are much appreciated!
