Reputation: 121
Weird ID variables in ASPX website
I am hoping to take data from an ASPX site and use it on my own. I am a PHP developer and am used to having nice ID variables posted back to the server. Then I can just form the url with the ID I want, parse the html and I am good to go.
The ID variable for this site was :33ED6E44C6F8D71AA7F00641C0650842 but now it is 276D4D104D1E4E342BAF6C7DC20DCB6A. I thought it was the GUID from the database but can it be if it is changing? Perhaps it is hashed or encrypted using the session_State variable (according to a developer i asked)?
Does anyone have any ideas on how this ID variable works? I am not going to post the website but was hoping that ID variable would be enough to learn more. I know that isn't much information but any help would be greatly appreciated.
Thank you!
EDIT** this is the source of the form
<body>
<form name="form1" method="post" action="details.aspx?id=2E8ECBC20B98DDF6033848ACD889A9F0&lang=fr" id="form1">
Upvotes: 0
Views: 95
Answers (2)
Reputation: 5618
As far as I know, a session is considered active as long as requests continue to be made with the same SessionID value. If the time between requests for a particular session exceeds the specified time-out value in minutes, the session is considered expired. Requests made with an expired SessionID value result in a new session and a new ID. This ID is actually a cryptographically unique ID, but I'm not sure if it is hashed or encrypted using the session_State variable.
EDIT:
According to your last question
Do you know if there is any common way to do this? Any sort of built in .net hashing function?
Well, SessionID's are created in the SessionStateModule. To extend the session state under ASP.NET you will need to write your own HTTP module and replace the SessionStateModule in the machine.config. The SessionStateModule is the module which provides all the session state functionality for ASP.NET. The SessionStateModule is sealed so you cannot extend it. Perhaps they are trying to tell us something? You can replace it; however, there is'nt any documentation other than how to create a HTTP module to help you accomplish this task. Unless you have a really really good argument for rolling your own sessionid, I would stick with what has been provided for you.
Upvotes: 1
Reputation: 4394
Here are some information about the ID tag you might find useful:
http://www.asp.net/web-forms/tutorials/master-pages/control-id-naming-in-content-pages-cs
Upvotes: 1
Related Questions
- Unable to add records into database due to output.inserted id error
- My ID field is getting a value when it shouldn't be
- Why Identifier Expected?
- generate seemingly random unique numeric ID in SQL Server
- What are these IDs I always see in ASP.NET webapps
- Incorrect Syntax Near 'ID'
- Where is the erroneous "Id" coming from?
- Referencing ids unknown at compile time
- Problem with writing IDs to DB
- ID not recognized in .ascx page