Custom URLS for database information

How do things like google classroom do this: characters here)

When you go to that link, because of the random characters, it knows what information to show
how would I do something like that in


Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

Well, in .net you often might have grid or pick list of say hotels. When the user clicks on a hotel from that list, then you can jump/navigate to the hotel and display information. In these cases you actually want to AVOID having to use parameters in the URL. So, you can use session() to pass the value to the new web form/page.

However, often you might want to say email a link to someone else, or say send a email with a link called:

Click here for your Hotel Booking details.

So for above? What is often done is you create a table in the database. I often call it tblHotelJump or whatever. In that table you have this:

ID: (standard PK value all tables have).
CusotmerID: the PK of the customer - you might not need this, but if you using logons
            and security - then you might only want the the link to work for the given
HotelID: - PK value of hotel. This is where you can now pull the Hotel information
           from the hotel table. (or maybe the booking table ID
JumpGUID:  {3434sl%$#*}  - a random generated number or GUID is often used.
userLogonID: internal user logon ID - obtained from logon authentication system.

So, now, we can pass a URL like this:{3434sl%$#*}

So the above is now a link you can send to a user.
They click on above, and your code behind on the page load does this:

 If Not IsPostBack Then

        ' get parms
        Dim strGuid As String
        strGuid = Request.QueryString("JID")

So the above gets/grabs that parameter.
Now you code pulls that one row from the tblHotelsJump like this:

        Dim cmdSQL As New SqlCommand("SELECT * from tblHotelJump 
                    where JumpGUID = @GUID ORDER BY WhenTime DESC", GetCon())
        cmdSQL.Parameters.Add("@GUID", SqlDbType.NVarChar).Value = strGuid
        Dim rstGUID As DataTable = MyrstP(cmdSQL)

        If rstGUID.Rows.Count > 0 Then
            ' Ok, valid jump row, get Hotel information and display it.

So now we can display hotel information since we have the HotelID and can display that data record.

Now in some cases, you might see something like:

And again the code will now simply use ID 343 and pull that hotel information from the database table with ID = 343. This idea ONLY works if you don’t need security. So, say weather for a city. But you can’t and don’t want to use the actual database ID like above, since then users can type in ANY number and not just 343 in above example

In fact in the VERY early days of the internet, apparently a credit card company used a ID with customer number. if you typed in someone else customer number, then you could see their information!!! So using parameters is not appropriate for all cases. For public data, sure, it works well and makes sense. No harm done if you change the city parameter in the URL for weather.

So, that’s why a GUID or some next to impossible number to guess is often used. Now for weather in a city? Well, then that don’t matter and the WHOLE idea is to allow users to get/see the weather in any location. But for sensitive data? Then you need GUID.

And on top of the above, in that “jump table”, I also included the User ID, and thus I would not display that web page unless:
The user is logged on (so a page protected by valid logons).
The Hotel information I pulled from that jump table ALSO matches the user logon id.

So, in a lot of cases? I think the parameters in the URL is VERY ugly and messy. However, for VERY large scale web sites they often use the parameters in the URL since then their server side code does NOT have to chew up memory and resources to hold/retain/keep the session() data. But with session() then you can jump around and use URL’s without ugly parameters. So in .net we often avoid parameters, but in some cases the parameters in the URL is desired since then you can send/share that link. So for a say “click here” to view your order? Then sure, a GUID in the link may well be used. But even then, once that first page is hit with the GUID (along with above security), then any additional pages to view things about the order will not in fact require the parameters.

So paramters are easy, often used, and they reduce loads on the server side software, and as above shows, most development languages for the web have a “ready made” easy way to grab/get/use parameters in the URL. However, as noted, unless you building the next google, or say you need to send a customer a “link” to allow jumping to a particular order? Well then in .net we tend to avoid the parameters because we don’t need them most of the time and .net has a whole bunch of really cool OTHER ways to store/keep values and pass them from one web form to the next web form without having to use parameters.

But if you using a limited web scripting language, then using parms in the URL is often your only practical choice.

All methods was sourced from or, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x