| State Management and Web Application |
| |
| Client-Side State Management Options |
| |
| Client side state management option involves storing information either in a Web page or on a Client computer. Client-side management offers a better performance, as it reduces the load on the server. Disadvantage of Client side state management is that only limited data can be stored and these options typically have least security. The client-side state management options supported in ASP.NET are the following: |
| |
⢠View state
⢠Hidden fields
⢠Control state
⢠Query strings
⢠Cookies |
| |
| View state |
| |
| The main use of view state is for controls to retain their state across post-backs. You can use view state to store your own page-specific values across round trips when the page posts back to itself. One of the most important is the ability of ViewState to support structured data. This means that control values are maintainable across page postbacks. |
| |
| The view state is implemented with a hidden form field called _VIEWSTATE, which is automatically created in every Web page. The view state of a Web page or a control consists of the cumulative property values of the page or the control. To preserve these values across stateless HTTP requests, Web pages and controls in ASP.NET use an instance of the StateBag class. The ViewState property of both Web page and the controls on the Web page is enabled by default. |
| |
| Example: |
| |
//use a keyvalue pair to save an object to viewstate.
ViewState["anystringName"] = stringName; |
| |
//Then to retrieve viewstate you have to convert to the object type
string Getstring;
Getstring= (string)ViewState["anystringName"]; |
| |
//to save information
ViewState.Add(âViewStateStr?,?ViewState Value?);
//to retrieve information
string GetValue=ViewState[âViewStateStr?]; |
| |
| Advantages of using view state are: |
| |
⢠The values in view state are stored in a standard HTML format as part of a Web page. So, no Web server resource is needed to maintain it.
⢠The view state can be easily implemented by just setting EnableViewState property of a Web page and server controls.
⢠The values in view state are hashed, compressed and encrypted for Unicode implementations. So values in ViewState more secure than values in hidden fields. |
| |
| Disadvantages of using view state are: |
| |
⢠As the view state is stored in the page itself, storing large amount of values can cause the page to slow down when users display it and when they post it.
⢠It is device specific, as mobile devices might have less memory capacity to store a large amount of view-state value.
⢠Although the ViewState data is encrypted in a hashed format, but still it can be hacked easily. |
| |
| Hidden Fields |
| |
| Hidden fields are not visible on the web browser, but you can see both the hidden field and its value in the view source. The content of a hidden field is sent in the HTTP Form collection alongside with the values or other controls when a page is submitted to the server. Page.IsPostBack returns false, when the page loads for the first time. Thatâs why, the text Hidden Value will not be displayed. |
| |
| Note: To use hidden fields, the page must be submitted to the server using the HTTP POST method instead of requesting the page using the page URL. You cannot take benefit of hidden fields if a page is processed in response to a link or the HTTP GET method. |
| |
//To Declare Hidden Field
protected System.Web.UI.HtmlControls.HtmlInputHidden Hiddenfield1;
//To set a value
Hiddenfield1.Value=?This is hidden field?;
//to retrieve a value
string strValue= Hiddenfield1.Value; |
| |
| Advantages of using Hidden Form fields |
| |
⢠No Web server or Web browser resource is needed as the hidden field can store page-specific information.
⢠The hidden field can be implemented easily in web form page. |
| |
| Limitations in using Hidden form fields |
| |
⢠As you can see the hidden field information, so hidden fields are less secure.
⢠The hidden field does not support more than a single value field to store information.
⢠The hidden fields are stored in a page. So, this slow down the processing of the page.
⢠Increases the size of HTML contents on the page. |
| |
| Control state |
| |
| In Asp.Net 2.0, ControlState property is a way to store custom control data between server trips. The ControlState property allows you to persist property information that is definite to a control and cannot be turned off like the ViewState property. It helps you to store control-state data in order for a control to work properly. Control state cannot be turned off, like view state, therefore it provides a more reliable way to store control-state data. |
| |
| Advantages of using control state are: |
| |
⢠No Web server or Web browser resource is needed as control state is stored in hidden fields on the page by default.
⢠Control state is a more reliable method for managing the state of controls, as it cannot be turned off like view state. |
| |
| Disadvantage of using control state are: |
| |
| ⢠To fully make use of control state, you must write code to save and load control state and hence it required some programming. |
| |
| Query Strings |
| |
| A query string is information that is added to the ending of a page URL. A query string provides an easy way to pass information from one page to another. it In it's simplest form it is an URL containing a question mark (?), followed by a key value pair. To make sure that query string values are available during page processing, you must submit the page by using the HTTP Get method. |
| |
| A URL with query strings may look like this: |
| |
| http://www.mywebpage.com/mytestpage.aspx? Price=20& Qty=10. |
| |
| When
mytestpage.aspx is being requested, the category and product information can be
obtained by using the following codes: |
| |
string Price, Qty;
Price =Request.QueryString[âPrice?];
Qty=Request. QueryString [âQty?]; |
| |
| Advantages of using query strings are: |
| |
⢠No server resource is needed to process a query string as query string is contained in the HTTP request for a specific URL.
⢠Nearly all browsers support using query strings to pass values.
⢠It is easy to implement. |
| |
| Disadvantages of using query strings are: |
| |
⢠No security is provided as the information in the query string is directly visible to the user via the browser's user interface. A user can bookmark the URL or send the URL to other users, thereby passing the information in the query string along with it. If you are concerned about any sensitive data in the query string, consider using hidden fields in a form that uses POST instead of using query strings.
⢠Using query strings, a limit to the amount of information can be passed from one page to another as most browsers support up to 2083-characters of URL.
⢠There is no means to remember the information in a querystring after the user leaves the page. |
| |
| Cookies |
| |
| A cookie is used to store small piece of information which reside on the client's computer. A cookie contains page-specific information that a Web server sends to a client along with page output. Cookies are used for sending page-specific information as HTTP is a stateless protocol and cannot indicate whether page requests are coming from the same or different clients. The cookies can be used to keep track of each user who accessed a Web page across an HTTP connection. |
| |
| The Cookies can be of following types: |
| |
⢠Temporary cookie: Temporary cookie is also well-known as session cookies as it exist in the memory of a browser. When the browser is closed, all session cookies added to the browser are lost.
⢠Persistent cookie: A persistent cookie is stored as a text file in the file system of the client computer. |
| |
| Example: |
| |
HttpCookie mycooky=new HttpCookie ("cookyname","Hello eBIZ");
mycookie.Expires =System.Convert .ToDateTime ("any_date");
Response.Cookies.Add (mycooky);
HttpCookie mycookvar;
mycookvar =Request.Cookies .Get ("cookyname");
Response.Write ("Cooky :" + mycookvar.Name + "<br>");
Response.Write ("Expiration : " + mycookvar.Expires + "<br>"); |
| |
| Advantages of using cookies are: |
| |
⢠Cookies expire property to automatically expire the cookie after a certain time. A cookie can either expire when the browser session ends or exists for ever on the client computer
⢠No server resource is needed to process as the cookie is stored on the client and read by the server after a post.
⢠The cookie is a text-based structure with simple key-value pairs. So, it is easy to implement cookies.
⢠Cookies are the most long-lasting form of data persistence on the client. |
| |
| Disadvantages of using cookies are: |
| |
⢠Users can disable cookies in their browsers
⢠The cookieâs size limited by browser approximately 4kb to 8kb
⢠Structured data cannot be stored in cookies.
⢠Insecure for sensitive information in cookies |
| |
|
| |
