State Management in ASP.NET

transcript

ASP.NETState management

1Shyam N. Chawda 9374928879

Shyam N. Chawda 9374928879

Welcome my dear students2

IsPostBack Property

Page class’s property , which you can use to detect whether the page has already been post back to server.

True/False

True – Yes 2nd time

For View Effects

Take Dropdown and Add items in the form load Take Button

What is State management?

HTTP protocol is a stateless protocol.

Web server does not have any idea about the requests from where they coming

On each request web pages are created and destroyed.

A new instance of the Web page class is created each time the page is posted to the server.

All information associated with the page and the controls on the page would be lost with each round trip.

So, how do we make web pages which will remember about the user ?

Client-Based

Server-Based

Client-Based

Client side

Server-Based

Server side

Application state

DatabaseSession state

Client Side state management

Query String

For understand it you must aware about Request and Response object

Response Object

You can use this class to inject text into the page, jump to other page etc.

Redirect

Request Object

Provides access to the current page request, including the request headers, cookies, query string, and so on.

IsSecureConnection

Checks to see whether you are communicating via an HTTPS secure protocol or not.

Request Object

Request.Browser.Browser

Request.QueryString()

Query string

Information that is appended to the end of a page URL.

You can use a query string to submit data back to your page or to another page through the URL.

Query strings provide a simple but limited way to maintain state information.

Query string

For example in first page you collect information about your client, name and use this information in your second page.

Take 2 forms Take 1 textbox and one button

Response.Redirect("Page2.aspx?Name=" & TextBox1.TextRequest.QueryString("Name")

Query string

Response.redirect(“Formname?” & qry); Response.redirect(“Formname?name=” & value);

Query string

Advantages

No server resources are required Widespread support Almost all browsers and client devices support using query strings to pass values.

Simple implementation

Query string

Disadvantages

Potential security risks

The information in the query string is directly visible to the user via the browser's user interface.

Limited capacity Some browsers and client devices impose a 2083-character limit on the length of URLs.

More than one Query string

Using & Dim str As String str = "PageRequest.aspx?Name=" & TextBox1.Text & "&" & "Lname=" & TextBox2.Text

View State

View State is used to remember controls state when page is posted back to server.

You can store page-specific information

View State

The view state is implemented with a hidden form field called _VIEWSTATE, which is automatically created in every Web page.

When page is created on web sever this hidden control is populate with state of the controls and when page is posted back to server this information is retrieved and assigned to controls.

View State24

View State

Go View Source

Each control on a Web Forms page has a ViewState property.

Take example of DropdownList

Set Property EnableViewState=True

Take also one button

View State

<%@ Page Language="VB" EnableViewState="false" AutoEventWireup="false" CodeFile="frmViewState.aspx.vb" Inherits="frmViewState" %>

By default true.

So, even if it’s all the controls has set the property Enableviewstate=True but they are not working.

View State

Take 2 Buttons and 1 TextBoxTake one variable before all the coding

Assign that variable in one button click and display in the textbox

Click and 2nd button and write the same logic.

View State

no = 5

ViewState("No") = no

TextBox1.Text = ViewState ("No")

So,Moral of the story about ViewState

EnableViewState property for each control

EnableviewState attribute of the @Page (Page directive)

View source _ViewState

Store value using ViewState(Key)

View State

Advantages

No server resources are required

Simple implementation View state does not require any custom programming to use. It is on by default to maintain state data on controls.

View State

Enhanced security features

The values in view state are hashed, compressed, and encoded for Unicode implementations, which provides more security than using hidden fields.

View State

Disadvantages

Performance considerations

Storing large values can cause the page to slow down when users display it and when they post it.

This is especially relevant for mobile devices, where bandwidth is often a limitation.

View State

Device limitations

Mobile devices might not have the memory capacity to store a large amount of view-state data.

Hidden Fields

You can store page-specific information.

This control is not visible when the application is viewed in the browser.

Storage area for page specific.

You must submit your pages to the server using the HTTP POST method

Hidden Fields

Does not render in a Web browser.

However, you can set the properties of the hidden field.

A hidden field stores a single variable in its value property and must be explicitly added to the page.

Hidden Fields

Advantages

Widespread support

Almost all browsers and client devices support forms with hidden fields.

Hidden Fields

Hidden fields are standard HTML controls that require no complex programming logic.

Hidden Fields

Disadvantages

The information in the hidden field can be seen if the page output source is viewed directly, creating a potential security issue.

Encrypt and decrypt the contents of a hidden field, but doing so requires extra coding and overhead.

Hidden Fields

Because hidden fields are stored in the page itself, storing large values can cause the page to slow

Storage limitations

If the amount of data in a hidden field becomes very large, some proxies and firewalls will prevent access to the page that contains them.

Cookies

A Cookie is a small text file that the browser creates and stores on the hard drive of your machine.

Cookie is just one or more pieces of information stored as text strings.

Cookies

Cookies are useful for storing small amounts of frequently changed information on the client.

The cookie contains information the Web application can read whenever the user visits the site.

Cookies are associated with a Web site, not with a specific page, so the browser and server will exchange cookie information.

Cookies

Good example

1. A site conducting a poll might use a cookie simply as a Boolean value to indicate whether a user's browser has already participated in voting so that the user cannot vote twice.

2. Ebay assigns you an ID

Cookies

Good example

1. A site conducting a poll might use a cookie simply as a Boolean value to indicate whether a user's browser has already participated in voting so that the user cannot vote twice.

2. Ebay assigns you an ID

Cookies

Cookies can either be temporary or persistent.

When creating a cookie, you specify a Name and Value.

Each cookie must have a unique name.

You can also set a cookie's date and time expiration.

Cookies

If you do not set the cookie's expiration, the cookie is created but it is not stored on the user's hard disk.

Sets - Cookies

Dim aCookie As New HttpCookie("lastVisit") aCookie.Values("Name") = txtName.Text aCookie.Values("Dt") = DateTime.Now.ToString aCookie.Expires = DateTime.Now.AddDays(1) Response.Cookies.Add(aCookie)

Gets - Cookies

If Not Request.Cookies("lastVisit") Is Nothing Then txtNameR.Text =

Request.Cookies("lastVisit").Values("Name").ToStringtxtDateR.Text =

Request.Cookies("lastVisit").Values("Dt").ToStringEnd if

Cookies

Advantages

Simplicity

The cookie is a lightweight, text-based structure.

Cookies

Advantages

Data persistence

Although the durability of the cookie on a client computer is subject to cookie expiration processes on the client and user intervention, cookies are generally the most durable form of data persistence on the client.

Cookies

Disadvantages

Size limitations

Most browsers place a 4096-byte limit on the size of a cookie, although support for 8192-byte

Cookies

User-configured refusal

Some users disable their browser or client device's ability to receive cookies, thereby limiting this functionality.

Cookies

Users can manipulate cookies on their computer, which can potentially cause a security risk or cause the application that is dependent on the cookie to fail.

What is State Management?

Server-Based

Application stateSession stateDatabase

Application State

Storing application wide-specific information such as objects and variables.

All information stored in the application state is shared among all the pages of the Web application by using the HttpApplicationState class.

Application State

The ideal data to insert into application state variables is data that is shared by multiple sessions and does not change often.

Application State

Goto Global.asax

Find Counter : Session_Start

Application(“Cnt”)= Application(“Cnt”)= +1

Application State

Application("Message") = "Welcome to the LJ” Application("Cnt") = 0 Sub Session_Start(ByVal sender As Object, ByVal e As EventArgs) Application("Cnt") = Application("Cnt") + 1

Application State

Advantages

Simple implementation Application state is easy to use

Application State

Application scope

Because application state is accessible to all pages in an application, storing information in application state can mean keeping only a single copy of the information

Application State

Disadvantages

Limited durability of data

Because global data that is stored in application state is volatile, it will be lost if the Web server process containing it is destroyed, such as from a server crash, upgrade, or shutdown.

Application State

Resource requirements

Application state requires server memory, which can affect the performance of the server as well as the scalability of the application.

Session State

Use when you are storing short-lived information that is specific to an individual session and security is an issue.

Do not store large quantities of information in session state.

Session State

Session("FirstName") = FirstNameTextBox.Text Session("LastName") = LastNameTextBox.Text

Each active ASP.NET session is identified and tracked using a 120-bit.$

SessionID values are generated using an algorithm

Session State

The scope of session state is limited to the current browser session.

If different users are accessing a Web application, each will have a different session state.

Create Login Form

Session State

The scope of session state is limited to the current browser session.

If different users are accessing a Web application, each will have a different session state.

Create Login Form

Session State

Advantages

Data persistence

Data placed in session-state variables can be preserved through Internet Information Services (IIS) restarts and worker-process restarts without losing session data because the data is stored in another process space.

Session State

Cookieless support

Session state works with browsers that do not support HTTP cookies, although session state is most commonly used with cookies to provide user identification facilities to a Web application.

Session State

Cookieless support

Session state works with browsers that do not support HTTP cookies, although session state is most commonly used with cookies to provide user identification facilities to a Web application.

Session State

Disadvantage

Session-state variables stay in memory until they are either removed or replaced.

Database

Database enables you to store large amount of information pertaining to state in your Web application.

Sometimes users continually query the database by using the unique ID, you can save it in the database for use across multiple request for the pages in your site.

Database

Advantages

Security

Access to databases requires rigorous authentication and authorization.

Database

Storage capacity

You can store as much information as you like in a database.

Data persistence

Database information can be stored as long as you like, and it is not subject to the availability of the Web server.

Database

Disadvantage

Complexity

Using a database to support state management requires that the hardware and software configurations be more complex.

Thanks

State Management in ASP.NET

Documents