Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 293
  • Last Modified:

Prevent Form Data Loss in ASP.NET on Application Error

Hi.

I was wondering what is the best (and most secure) way to prevent a user from losing all of their entered form data if an application error (unhandled exception) occurs when they submit the form on an ASP.Net page.  I try to handle errors as much as possible in the page, but sometimes there are a few bugs I didn't catch or a server error outside my control.  I am using custom error pages, and if an unhandled exception occurs, the user loses all data entered on a form (even if they use the browsers back button).

Thanks.
0
DJDoug
Asked:
DJDoug
  • 2
1 Solution
 
naveenkohliCommented:
If there is an exception thrown from your page, then there is no way to retrieve the data from error page. What you can do is... before you do any thing with the data, store every piece of data in Session at the load time. And when you are done with processing, in pre render get rid of all data in session (for that page). You may have to make use of state engine for session or external DB support because exception may end up cleaning up your session. And if user comes back and the session was not cleared in PreRender that means he ran into some trouble and load the information from stored session.
0
 
DJDougAuthor Commented:
If I am understanding correctly:

OnLoad --> Store Data in Session using state engine or external DB support.
OnPreRender --> Clear session.

So, on the OnLoad event, I would first check to see if the session had been cleared before storing the data.  If it had not been cleared, then I would load the data from the Session.

OK, what happens if the User closes the browser?  (Such as in the case the error is not immediately fixed.  Some forms are quite long.)  Could I apply this same concept by writing to an encrypted cookie?  Or, if the web form is for an authenticated user, I guess I could write to a temp db based on the user?

I'll increase the points for a good code sample (prefer VB.Net) or article.
0
 
naveenkohliCommented:
The same concept should still work...
If user is moving from page to page on your system, then you can add logic to each page and making sure that it first clears the previous session variables and then starting the new save.
If you use Response.Redirect to go to new page, then catch ThreadAbortException throw by Redirect method. This exception is not an error. It is framework's way of indicating that it is aborting the current thread.

So if user closed the browser, that means they never wen to next page. So state will exist in DB (session). So you can load it when they come back.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now