I have a page that displays information about a person and contains a "contact me" form. I don't want anyone to know the email address of the person, that's the reason for the form. My submit button executes some code behind to send the email message.

How can I securely pass the email address?

Right now, when the person's information is displayed, I save their email address as a session variable. I then read it back in the code behind method. Is there a better way to do this? In the past I've had the action code lookup the email address, but that still means I must pass their ID number.

Suggestions?

I have a page that displays information about a person and contains a "contact me" form. I don't want anyone to know the email address of the person, that's the reason for the form. My submit button executes some code behind to send the email message.

How can I securely pass the email address?

Right now, when the person's information is displayed, I save their email address as a session variable. I then read it back in the code behind method. Is there a better way to do this? In the past I've had the action code lookup the email address, but that still means I must pass their ID number.

Suggestions?

If you are talking about a web page, don't you have to have SSL to transmit data from a browser to your webhost in a secure fashion?

It's not an SSL issue.

It comes down to finding an alternative to using a session variable or query string or a hidden field.

Since the web is stateless, if you are trying to pass information from the server to the client then back from the client to the server you'll have to have some form of state variable.

This article has been dead for over six months. Start a new discussion instead.