ListView QueryString Security

I've a ListView with HyperLink where I pass the orderID. I'm worried that query string is security risk given that end user can modify it.

Could you please suggest any other options I can take? It's a ListView and looks like i dont have much options..

This is what I'm doing at the moment at ListView:

<asp:HyperLink ID="HyperLink1" runat="server" 
   NavigateUrl='<%#"~/OrderDetail.aspx?ordid=" + 
   Eval("OrderId")%>'><%# Eval("OrderID") %></asp:H开发者_Python百科yperLink> 

Regards

I suggest using cryptography here ...

Refer to Query string encryption for ASP.NET

I guess you could decode/decrypt the info that you pass using query string but usually you can add some checks in the target page before you use the information from the query string to prevent bad things from happening. Checks like, is the info valid; does the user have privilege to access this info, etc.

You could use a Session variable to store the value and then use that in place of a QueryString.

Secondly if you use a QueryStringthen it would be better to encrypt it. Take a look here to see how it can be done: Query string encryption for ASP.NET