Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 514
  • Last Modified:

How to use Request.QueryString with dynamic variables ?

HI

A web catalog uses local variables in order to filter and index products but sometimes would be necessary create dynamically values using a query string like: catalog.aspx?var1=val1&var2=val2...., and sometimes just will be: catalog.aspx (without any query string)

How could I implement dynamic variables in order to avoid errors in case they doesn´t exist ?

Thanks.
0
dimensionav
Asked:
dimensionav
  • 3
  • 2
1 Solution
 
David H.H.LeeCommented:
Hi dimensionav,
>>..How could I implement dynamic variables in order to avoid errors in case they doesn´t exist ?
It sound like pre-caution step to avoid any malicious input from user during the application accessing the dynamic variables that created. How is your existing code flow look like and any errors that return at the moment during the missing of dynamic variable's existances?
0
 
dimensionavAuthor Commented:
HI

I have the attached code at the very top of script area but when there´s nothing to get from query string, I got an error: REQUEST NOT AVAILABLE IN THIS CONTEXT.

And as you said, how to protect from malicious code?
Thanks.
    Dim GetIdCategoria As String = (Request.QueryString("idcategoria")).Trim
    Dim GetIdSubcategoria As String = (Request.QueryString("subcategoria")).Trim
    Dim GetBusqueda As String = (Request.QueryString("busqueda")).Trim

Open in new window

0
 
David H.H.LeeCommented:
Hi dimensionav,
You can write a custom function to cater this malicious input, you can enhance it on your need.
eg:
Dim GetIdCategoria As String = GetQueryParams(Request.QueryString("idcategoria"))

 Function GetQueryParams(ByVal str As String, Optional ByVal strBlank As String = "") As String
        Dim s As String = strBlank
        If Not String.IsNullOrEmpty(str) Then
            s = str.ToString.Trim
        End If

        Return s
    End Function
0
Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

 
dimensionavAuthor Commented:
if the form doesn´t receive any query string variable the code is still giving the same error.
I have tried to call the file as catalogo.aspx

Thanks.
0
 
David H.H.LeeCommented:
Hi dimensionav,
The posted code is working fine under test site. Do you apply it under any CMS application?
Try check if this article helps:
http://cosier.wordpress.com/2008/02/15/request-is-not-available-in-this-context-request-not-available-at-application_start-in-iis7/
0
 
ajollyCommented:
try this:
Dim GetIdCategoria As String =""
If Not IsNothing Request.QueryString("idcategoria") then
    GetIdCategoria = Request.QueryString("idcategoria")
End If

Open in new window

0

Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now