Using Session variable is the best way
Cookies may be disabled on users browser.
also Hidden fields are not a great way of transferring data as the data cannot be hidden unless encrypted.