I use this code to insert into form when there is the possibility that a session will expires, e.g. when users are writing a weblog. When the session expires the user is logged out and there is the possiblity that he'll lose all the text he has written.
So in the form where the user is writing his text I add this this the form
<%= Util.GetIdentityInput(pid) %>
This will give me a hidden input box, with his identity encrypted(pid == person Id), so if the session has expired I can retrieve what user id he was using and log him back in.
The code is pretty simple, after the encryption I need to replace any " with "e; since this is an input box and " are not allowed. The UrlEncode is simply for browser compatability.
public static string GetIdentityInput(int pid) {
return "<input name=\"EventAccess\" value=\"" + HttpContext.Current.Server.UrlEncode(Encrypt.EncryptPassword(pid.ToString())).Replace("\"", ""e;") + "\" type=\"hidden\" />";
}
By doing this users never loses their text because of logout.