Home/ Questions/Q 3958112
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-20T02:34:19+00:00

Hi I am currently learning .net and am building my first real website using

  • 0

Hi I am currently learning .net and am building my first real website using .net.

I was just wondering if people considered it ok to use the generated membership UserId in the query string? and also to use this as a foreign key in a database to link relevant information to this user?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Why do you need it in a querystring? It is provided by…

    If HttpContext.Current.User.Identity.IsAuthenticated Then
    Dim user As MembershipUser = Membership.GetUser()
    Dim guid as Guid= DirectCast(user.ProviderUserKey, Guid)
End If

    I wouldn’t display such sensitive data users even if this wouldn’t cause security issues, but simply because an application looks unsafe if everybody can see more than he needs to see. You could store it temporarily in the Session to pass it from page 1 to page2.

    If you want to save the UserID as foreignkey its possible to use the uniqueid provided by the MembershipProvider.

    If you want to use an integer instead(readability, less disk space), you have to create a table(aspnet_UserID) that maps the guid to your int-ID in a one-to-one relationship. Create also a trigger for inserts and deletes on the aspnet_Users-table, for example:

    CREATE TRIGGER [dbo].[trgCreateUserID] ON [dbo].[aspnet_Users]
FOR INSERT
AS

INSERT INTO dbo.aspnet_UserId(fiUser)
    SELECT UserID FROM inserted

    and

    CREATE TRIGGER [dbo].[trDeleteUserID] ON [dbo].[aspnet_Users]
FOR DELETE
AS

DELETE FROM dbo.aspnet_UserId 
    WHERE fiUser IN(SELECT UserID FROM DELETED)
    • 0