简体繁体 English

使用隐藏字段是个好主意？（ASP.NET，C＃）

[英]using hidden fields a good idea? (ASP.NET, C#)

原文 2011-04-06 15:33:30 4 7 c#/ asp.net/ hiddenfield

In an application, I draw some data from a database which will be used by several methods. 在一个应用程序中，我从数据库中提取了一些数据，这些数据将被多种方法使用。 Is it a good idea to write the data to hidden fields when first drawn or should I draw the data again when needed? 在第一次绘制数据时将数据写入隐藏字段是个好主意吗？还是在需要时重新绘制数据？

7 个解决方案

It depends what you are trying to save or hold. 这取决于您要保存或保留的内容。

Privacy 隐私
If the data needs more security then don't save it in hidden fields. 如果数据需要更高的安全性，请不要将其保存在隐藏字段中。
Size 尺寸
If the data is small then its fine else hidden field is not efficient way. 如果数据很小，那么很好，否则隐藏字段不是有效的方法。

It depends on what the data is and how you're going to use it. 这取决于数据是什么以及如何使用它。

What kind of data is it? 它是什么样的数据？

If it's data that should be secured, such as PHI or other, never store it this way. 如果是应保护的数据（例如PHI或其他），请不要以这种方式存储。 Use session state. 使用会话状态。 Otherwise, go to the next question below. 否则，请转到下面的下一个问题。

Where will you use it? 您将在哪里使用它？

If it's used in the code behind, use viewstate or session state. 如果在后面的代码中使用了它，请使用viewstate或session state。 If you plan to consume it using jquery or javascript and it doesn't need to be secured, a hidden field is fine. 如果您打算使用jquery或javascript来使用它，并且不需要对其进行保护，则可以使用隐藏字段。

I say it depends on your need for security. 我说这取决于您对安全性的需求。 Remember hidden fields are client-side and therefore editable by the end user. 请记住，隐藏字段是客户端的，因此最终用户可以编辑。

If these fields are going to be posted back or used for anything more sensitive than a bit of interaction, then it may be safer to grab it from the database each time. 如果这些字段将被回发或用于比交互更敏感的事情，那么每次从数据库中获取它可能会更安全。

如果您指的是私有字段，那么可以，只要使用该方法的所有方法的数据都是相同的，那就是个好主意。

This depends, I suppose, on a couple of factors that would include, but not be limited to: 我想这取决于几个因素，这些因素包括但不限于：

How often does the data change? 数据多久更改一次？
How often will you need to hit the DB if always getting the data afresh? 如果总是重新获取数据，您将需要多长时间访问一次数据库？
How sensitive is the data being retrieved? 检索的数据有多敏感？
How much data is being retrieved? 正在检索多少数据？
So on and so forth... 等等等等...

For the most part, the decision is purely down to circumstance; 在大多数情况下，决定完全取决于具体情况。 and we don't necessarily have the circumstantial information. 并且我们不一定需要有关环境的信息。

Hidden field means you send those data to the client and the client uploads the data back to you on submit. 隐藏字段表示您将这些数据发送给客户端，并且客户端在提交时将数据上传回给您。 It may be a security or a performance problem. 这可能是安全性或性能问题。 But it all depends on your scenario. 但这全取决于您的情况。

You may want to rather use a Session 您可能想使用Session

Or Caching 或缓存

It is usually a good idea to have single source of truth, the 'master' for your data. 通常，最好有单一的事实来源，即数据的“主人”。 Now you may want to replicate this data for performance reasons, but until you need it, you shouldn't. 现在，出于性能原因，您可能要复制此数据，但是除非需要，否则不要这样做。