1 / 50

ASP.NET Programming with C# and SQL Server First Edition

ASP.NET Programming with C# and SQL Server First Edition. Chapter 9 Maintaining State Information. Objectives. In this chapter, you will: Save state information with query strings, hidden form fields, and post back Save state information with cookies

tadita
Download Presentation

ASP.NET Programming with C# and SQL Server First Edition

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ASP.NET Programming with C# and SQL Server First Edition Chapter 9 Maintaining State Information

  2. Objectives In this chapter, you will: • Save state information with query strings, hidden form fields, and post back • Save state information with cookies • Save state information with the Session state, Application state, and Profiles ASP.NET Programming with C# and SQL Server, First Edition

  3. Introduction • The Web was not originally designed to store information about a user’s visit to a Web site • Today, storing user information is an important capability for ease of use ASP.NET Programming with C# and SQL Server, First Edition

  4. Understanding State Information • Hypertext Transfer protocol (HTTP) manages hypertext links for navigating Web pages • State information: information about individual visits to a Web site • HTTP was originally designed to be stateless, with no persistent data about a visit to a Web site • This design hampered interactivity and limited personalization ASP.NET Programming with C# and SQL Server, First Edition

  5. Understanding State Information (cont’d.) • State information allows a server to: • Customize Web pages based on user preferences • Temporarily store information for a user • Allow a user to create bookmarks for returning to specific locations within a Web site • Provide shopping carts that store order information • Store user IDs and passwords • Use counters to keep track of how many times a user has visited a site ASP.NET Programming with C# and SQL Server, First Edition

  6. Understanding State Information (cont’d.) • Sample application: Skyward Aviation Web site • Implements frequent flyer login functionality • Tracks information about the user’s entire visit • Stores user profile in a table named FrequentFlyers, which is in a database named SkywardAviation • Three basic tools for maintaining state: • Query strings • Hidden form fields • Post back and view state functionality of Web server controls ASP.NET Programming with C# and SQL Server, First Edition

  7. Understanding State Information (cont’d.) Figure 9-1 Skyward Aviation Web site flow ASP.NET Programming with C# and SQL Server, First Edition

  8. Figure 9-2 Skyward Aviation home page ASP.NET Programming with C# and SQL Server, First Edition

  9. Understanding State Information (cont’d.) Figure 9-3 FrequentFlyers table fields ASP.NET Programming with C# and SQL Server, First Edition

  10. Query Strings • Query strings are a quick way to pass data from one Web page to another • Add a question mark (?) after a URL with the query string • Query string consists of name=value pairs, separated by an ampersand (&) • This is the same functionality that occurs when using a form with method=“get” • Use the QueryString collection in the receiving page to access the query string • The query string is visible to users and is not secure ASP.NET Programming with C# and SQL Server, First Edition

  11. Hidden Form Fields • A hidden form field is not displayed on a Web browser • Can be used to temporarily store data • Use <input type=“hidden”> to create a hidden form field • name and value are the only attributes available • Post back maintains view state by assigning form values to a hidden form field named __VIEWSTATE • Hidden form field values can be seen by opening a Web page’s source code in the browser ASP.NET Programming with C# and SQL Server, First Edition

  12. Saving State with Post Back • Post back and view state functionality in ASP.NET makes state preservation easier and more robust • MultiView control: used to hide and display areas of a page that are defined by a View control • Used to simulate a multipage form • View control: acts as a container for text, markup, and other controls • Only one View control within a MultiView control can be displayed at a given time • The data on the form fields is preserved during post back operations ASP.NET Programming with C# and SQL Server, First Edition

  13. Saving State with Post Back (cont’d.) • To move between views within a MultiView control, add a button to each View control • Set the CommandName attribute to control the view to display • CommandName attribute values: • NextView: displays the next View control • PrevView: displays the previous View control • SwitchViewByID: displays the View control with the matching ID value in the CommandArgument attribute • SwitchViewByIndex: displays a View control based on its index number ASP.NET Programming with C# and SQL Server, First Edition

  14. Figure 9-4 Pages of a multipage form ASP.NET Programming with C# and SQL Server, First Edition

  15. Saving State with Post Back (cont’d.) • Use the Page_LoadComplete() event handler to display information that was gathered on preceding pages • ActiveViewIndex: indicates which view is active • Value of -1 means no view is active ASP.NET Programming with C# and SQL Server, First Edition

  16. Figure 9-5 Final page of the frequent flyer enrollment form ASP.NET Programming with C# and SQL Server, First Edition

  17. Figure 9-6 Account Profile page ASP.NET Programming with C# and SQL Server, First Edition

  18. Simulating Multipage Forms with the Wizard Web Server Control • Wizard Web server control: creates a multistep wizard-style interface for gathering user input • Used to hide and display areas of a page • Automate navigation • Syntax: <asp:Wizard ID=“id” runat=“server”> • <asp:WizardSteps> element: a container for <asp:WizardStep> elements that represent each step in the wizard • Title attribute in each step is used to generate navigation links ASP.NET Programming with C# and SQL Server, First Edition

  19. Wizard Web Server Controls (cont’d.) Table 9-1 Common Wizard control behavior attributes ASP.NET Programming with C# and SQL Server, First Edition

  20. Wizard Web Server Controls (cont’d.) Table 9-2 WizardStep control attributes ASP.NET Programming with C# and SQL Server, First Edition

  21. Wizard Web Server Controls (cont’d.) • You can use Wizard Tasks in Design view to create the Wizard control • Styles section of a Wizard’s Properties page controls the appearance of a wizard • StepStyle: options for formatting an interim wizard step • Step box on Wizard Tasks menu allows you to change the currently displayed wizard step in Design view • Use WizardStep Collection Editor to add/remove steps ASP.NET Programming with C# and SQL Server, First Edition

  22. Wizard Web Server Controls (cont’d.) Figure 9-7 Wizard Tasks menu ASP.NET Programming with C# and SQL Server, First Edition

  23. Wizard Web Server Controls (cont’d.) Figure 9-8 WizardStep Collection Editor ASP.NET Programming with C# and SQL Server, First Edition

  24. Wizard Web Server Controls (cont’d.) • Templates are available to control the appearance of portions of a Wizard control • Templates give you greater control over the design and layout of a wizard • Templates primarily determine the text and elements to place in a specific area of the wizard • Style objects primarily determine the formatting of the text and elements • Wizard control supports events related to the navigation buttons and the changing of active steps ASP.NET Programming with C# and SQL Server, First Edition

  25. Wizard Web Server Controls (cont’d.) Table 9-3 Wizard control templates ASP.NET Programming with C# and SQL Server, First Edition

  26. Wizard Web Server Controls (cont’d.) Table 9-4 Wizard control events ASP.NET Programming with C# and SQL Server, First Edition

  27. Figure 9-9 Steps in the Fitness Survey wizard ASP.NET Programming with C# and SQL Server, First Edition

  28. Figure 9-10 Contact information page ASP.NET Programming with C# and SQL Server, First Edition

  29. Saving State Information with Cookies • Query strings and hidden form fields do not permanently maintain state information • Cookies: small text file stored on a user’s computer, containing information about the user • Cookies are sent to the Web server and are used to customize the Web page for the client • Cookies can be temporary or persistent • Temporary cookies: remain available only for the current browser session • Persistent cookies: remain available as a stored text file on the client computer ASP.NET Programming with C# and SQL Server, First Edition

  30. Creating Cookies • ASP.NET provides several ways to store cookies • Cookies[] collection of the Response object: • A mechanism for storing cookies as name=value pairs • Syntax: Response.Cookies[“cookieName].Value= “value”; • HttpCookie class: used for creating a cookie • Syntax: HttpCookie cookieName = new HttpCookie(“cookieName”); • Use the Value property to assign a value ASP.NET Programming with C# and SQL Server, First Edition

  31. Creating Cookies (cont’d.) • HttpCookie class provides greater control • Lets you treat cookies as objects • Can also store multiple name=value pairs, called subkeys, in a single cookie • Overcomes the limitation of 20 cookies per server or domain on a client system • Syntax for Cookies[] collection: Response.Cookies[“cookieName”][“subkeyName”] = “value”; • Syntax for HttpCookie class: cookieObject.Values[“subkeyName”]=“subkeyValue”; ASP.NET Programming with C# and SQL Server, First Edition

  32. Setting Cookie Expiration Dates • Use the Expires property of the cookie object to set how long it can remain on a client system • If omitted, the cookie is available only for the current browser setting • Assign a DateTime structure to the Expires property • Use the Now property and one of the Add() methods such as AddDays() or AddMonths() ASP.NET Programming with C# and SQL Server, First Edition

  33. Configuring Cookie Availability to Other Web Pages on the Server • Path property of a cookie object or Response.Cookies[] collection: specifies availability of a cookie to other Web pages on a server • By default, a cookie is available to all Web pages in the same directory • With a path specified, it is available to all Web pages in the specified path and in all subdirectories • Use a slash indicating the root directory to make it available to all directories on a server • Always place cookie programs in their own directory ASP.NET Programming with C# and SQL Server, First Edition

  34. Sharing Cookies Across a Domain • Use the Domain property of a cookie object and assign a domain to it to share the cookies across a domain • Cannot share cookies outside of a domain • Use the Domain property of the Response.Cookies[] collection to share cookies across a domain ASP.NET Programming with C# and SQL Server, First Edition

  35. Securing Cookie Transmissions • Secure Sockets Layer (SSL): used to encrypt data and transfer it across a secure Internet connection • URLs start with https instead of http • Secure property of a cookie object: indicates that it can only be transmitted across a secure Internet connection ASP.NET Programming with C# and SQL Server, First Edition

  36. Reading Cookies • When a browser requests a Web page, it sends any existing cookies for that Web site along with the request • Cookies are available in the Request.Cookies[] collection • Use the Value property to retrieve the value • Always check if the cookie exists prior to attempting to read it • NullReferenceException will result from trying to read a non-existent cookie ASP.NET Programming with C# and SQL Server, First Edition

  37. Modifying and Deleting Cookies • You cannot directly modify the value assigned to a cookie or subkey • You must overwrite the old cookie with a new cookie • To delete a cookie, set its expiration to a date in the past • Can assign a value of yesterday by passing -1 to the AddDays() method • To delete a subkey, call the Remove() method of the Values collection ASP.NET Programming with C# and SQL Server, First Edition

  38. Working with Session State, Application State, and Profiles • State information can be managed in three ways: • Session state • Application state • Profile properties ASP.NET Programming with C# and SQL Server, First Edition

  39. Storing Session Information with Session State • A Request object is instantiated when a client requests a URL and is destroyed when the URL is delivered to the client • You cannot use the same Request object with different pages in an application • Session state: stores specific client information that is available to all pages for the current ASP.NET session • SessionStateItemCollection object: stores session data ASP.NET Programming with C# and SQL Server, First Edition

  40. Storing Session Information with Session State (cont’d.) • You can access the SessionStateItemCollection object through the Session[] collection • Use the <sessionState> element in the Web.config file to configure session state • An ASP.NET session has a default life span of 20 minutes ASP.NET Programming with C# and SQL Server, First Edition

  41. Table 9-5 Common attributes of the <sessionState> element ASP.NET Programming with C# and SQL Server, First Edition

  42. Using Cookieless Sessions • By default, ASP.NET stores a session ID in a cookie on the client’s browser • If a browser does not accept cookies, ASP.NET uses cookieless sessions • Session ID is stored in a Web page’s URL • Add the cookieless attribute to the <sessionState> element to configure a Web site to use cookieless sessions • Use the AutoDetect value to use cookies if the browser accepts them or cookieless if the browser does not accept them ASP.NET Programming with C# and SQL Server, First Edition

  43. Storing Global Information with Application State • Application state: preserves information that can be shared by all clients accessing an application • Stored in an HttpApplicationState object • Accessed through the Application[] collection • Application state starts when the first client requests one of the application’s pages, and then runs until the server shuts down or is restarted or until the application is restarted • You can create your own application state variables in the Application[] collection ASP.NET Programming with C# and SQL Server, First Edition

  44. Storing Global Information with Application State (cont’d.) • Use the Remove() and RemoveAll() methods of the HttpApplicationState.Contents property to remove application state variables • Use the Lock() method of the HttpApplicationState class to prevent other clients from accessing properties of the HttpApplicationState object while it is being updated by a client • Use the UnLock() method to cancel the Lock() method ASP.NET Programming with C# and SQL Server, First Edition

  45. Storing User Information in Profiles • If an application shuts down or restarts, all data stored in the application state is lost • Profiles: automatically store and retrieve strongly typed state information to and from a SQL Server database • ASP.NET handles accessing the information for you • Profiles are much more powerful than other ASP.NET state preservation techniques ASP.NET Programming with C# and SQL Server, First Edition

  46. Storing User Information in Profiles (cont’d.) • You must perform these steps to use profiles: • Use the aspnet_regsql.exe tool to configure the aspnetdb SQL Server database used for storing profile information • Configure the connection information to the SQL Server database • Define profile properties using the <profile> element in the Web.config file • Edit the machine.config file to set the connection information • Use the <connectionStrings> element ASP.NET Programming with C# and SQL Server, First Edition

  47. Storing User Information in Profiles (cont’d.) • Add a provider name of AspNetSqlProfileProvider in the machine.config file to manage the storage of profile information • To define profile properties, add <profile> elements to the <system.web> element in the Web.config file • Specify the type attribute to assign .NET class types such as int32, System.Double, or System.String ASP.NET Programming with C# and SQL Server, First Edition

  48. Summary • State information is information about individual visits to a Web site • HTTP was originally designed to be stateless • Pass data from one Web page to another using a query string with ?, followed by name=value pairs • Hidden form fields temporarily store data to be sent to a server • MultiView Web server controls hide and display areas of a page that are defined by a View control ASP.NET Programming with C# and SQL Server, First Edition

  49. Summary (cont’d.)‏ • Wizard Web server controls create multistep interfaces for gathering user input • Cookies are small pieces of information about a user stored in text files on the user’s computer • Temporary cookies remain available only for the current browser session, while persistent cookies are stored in text files on client computers • Session state stores specific client information that is available to all pages in an ASP.NET application • Cookieless sessions store the session ID in a Web page’s URL instead of in a cookie ASP.NET Programming with C# and SQL Server, First Edition

  50. Summary (cont’d.)‏ • Use application state to preserve information to be shared by all clients accessing an application • Profiles automatically store and retrieve strongly typed state information to and from a SQL Server database ASP.NET Programming with C# and SQL Server, First Edition

More Related