开发者

ASP.NET: Using Request["param"] versus using Request.QueryString["param"] or Request.Form["param"]

When accessing a form or query string value from code-behind in ASP.NET, what are the pros and cons of using, say:

// short way
string p = Request["param"];

instead of:

// long way
string p = Request.QueryString["param"]; // if it's in the query string or
string p = Request.Form["param"];        // for posted form values

I've thought about this many times, and come up with:

Short way:

  • Shorter (more readable, easier for newbies to remember, etc)

Long way:

  • No problems if there are a form value and query string value with same name (though that's not usually an issue)
  • Someone reading the code late开发者_运维问答r knows whether to look in URLs or form elements to find the source of the data (probably the most important point)

.

So what other advantages/disadvantages are there to each approach?


the param collection includes all (4) collections:

  1. Query-string parameters
  2. Form fields
  3. Cookies
  4. Server variables

you can debate that searching in the combined collection is slower than looking into a specific one, but it is negligible to make a difference


The long way is better because:

  • It makes it easier (when reading the code later) to find where the value is coming from (improving readability)

  • It's marginally faster (though this usually isn't significant, and only applies to first access)

In ASP.NET (as well as the equivalent concept in PHP), I always use what you are calling the "long form." I do so out of the principle that I want to know exactly from where my input values are coming, so that I am ensuring that they get to my application the way I expect. So, it's for input validation and security that I prefer the longer way. Plus, as you suggest, I think the maintainability is worth a few extra keystrokes.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜