- •Preface
- •Who Should Read This Book
- •Organization and Presentation
- •Contacting the Authors
- •Acknowledgments
- •Contents
- •Introduction
- •Why Microsoft .NET?
- •The Microsoft .NET Architecture
- •Internet Standards
- •The Evolution of ASP
- •The Benefits of ASP.NET
- •What Is .NET?
- •.NET Experiences
- •.NET Clients
- •.NET Services
- •.NET Servers
- •Review
- •Quiz Yourself
- •Installation Requirements
- •Installing ASP.NET and ADO.NET
- •Installing the .NET Framework SDK
- •Testing Your Installation
- •Support for .NET
- •Review
- •Quiz Yourself
- •Designing a Database
- •Normalization of Data
- •Security Considerations
- •Review
- •Quiz Yourself
- •Creating a Database
- •Creating SQL Server Tables
- •Creating a View
- •Creating a Stored Procedure
- •Creating a Trigger
- •Review
- •Quiz Yourself
- •INSERT Statements
- •DELETE Statements
- •UPDATE Statements
- •SELECT Statements
- •Review
- •Quiz Yourself
- •The XML Design Specs
- •The Structure of XML Documents
- •XML Syntax
- •XML and the .NET Framework
- •Review
- •Quiz Yourself
- •ASP.NET Events
- •Page Directives
- •Namespaces
- •Choosing a Language
- •Review
- •Quiz Yourself
- •Introducing HTML Controls
- •Using HTML controls
- •How HTML controls work
- •Intrinsic HTML controls
- •HTML Control Events
- •The Page_OnLoad event
- •Custom event handlers
- •Review
- •Quiz Yourself
- •Intrinsic Controls
- •Using intrinsic controls
- •Handling intrinsic Web control events
- •List Controls
- •Rich Controls
- •Review
- •Quiz Yourself
- •Creating a User Control
- •Adding User Control Properties
- •Writing Custom Control Methods
- •Implementing User Control Events
- •Review
- •Quiz Yourself
- •Common Aspects of Validation Controls
- •Display property
- •Type Property
- •Operator Property
- •Using Validation Controls
- •RequiredFieldValidator
- •RegularExpressionValidator
- •CompareValidator
- •RangeValidator
- •CustomValidator
- •ValidationSummaryx
- •Review
- •Quiz Yourself
- •Maintaining State Out of Process for Scalability
- •No More Cookies but Plenty of Milk!
- •Out of Process State Management
- •Review
- •Quiz Yourself
- •Introducing the Key Security Mechanisms
- •Web.config and Security
- •Special identities
- •Using request types to limit access
- •New Tricks for Forms-based Authentication
- •Using the Passport Authentication Provider
- •Review
- •Quiz Yourself
- •ASP.NET Updates to the ASP Response Model
- •Caching with ASP.NET
- •Page Output Caching
- •Absolute cache expiration
- •Sliding cache expiration
- •Fragment Caching
- •Page Data Caching
- •Expiration
- •File and Key Dependency and Scavenging
- •Review
- •Quiz Yourself
- •A Brief History of Microsoft Data Access
- •Differences between ADO and ADO.NET
- •Transmission formats
- •Connected versus disconnected datasets
- •COM marshaling versus text-based data transmission
- •Variant versus strongly typed data
- •Data schema
- •ADO.NET Managed Provider Versus SQL Managed Provider
- •Review
- •Quiz Yourself
- •Review
- •Quiz Yourself
- •Creating a Connection
- •Opening a Connection
- •Using Transactions
- •Review
- •Quiz Yourself
- •Building a Command
- •Connection property
- •CommandText property
- •CommandType property
- •CommandTimeout property
- •Appending parameters
- •Executing a Command
- •ExecuteNonQuery method
- •Prepare method
- •ExecuteReader method
- •Review
- •Quiz Yourself
- •Introducing DataReaders
- •Using DataReader Properties
- •Item property
- •FieldCount property
- •IsClosed property
- •RecordsAffected property
- •Using DataReader Methods
- •Read method
- •GetValue method
- •Get[Data Type] methods
- •GetOrdinal method
- •GetName method
- •Close method
- •Review
- •Quiz Yourself
- •Constructing a DataAdapter Object
- •SelectCommand property
- •UpdateCommand, DeleteCommand, and InsertCommand properties
- •Fill method
- •Update method
- •Dispose method
- •Using DataSet Objects
- •DataSetName property
- •CaseSensitive property
- •Review
- •Quiz Yourself
- •Constructing a DataSet
- •Tables property
- •TablesCollection Object
- •Count property
- •Item property
- •Contains method
- •CanRemove method
- •Remove method
- •Add method
- •DataTable Objects
- •CaseSensitive property
- •ChildRelations property
- •Columns property
- •Constraints property
- •DataSet property
- •DefaultView property
- •ParentRelations property
- •PrimaryKey property
- •Rows property
- •Dispose method
- •NewRow method
- •Review
- •Quiz Yourself
- •What Is Data Binding?
- •Binding to Arrays and Extended Object Types
- •Binding to Database Data
- •Binding to XML
- •TreeView Control
- •Implement the TreeView server control
- •Review
- •Quiz Yourself
- •DataGrid Control Basics
- •Binding a set of data to a DataGrid control
- •Formatting the output of a DataGrid control
- •Master/Detail Relationships with the DataGrid Control
- •Populating the Master control
- •Filtering the detail listing
- •Review
- •QUIZ YOURSELF
- •Updating Your Data
- •Handling the OnEditCommand Event
- •Handling the OnCancelCommand Event
- •Handling the OnUpdateCommand Event
- •Checking that the user input has been validated
- •Executing the update process
- •Deleting Data with the OnDeleteCommand Event
- •Sorting Columns with the DataGrid Control
- •Review
- •Quiz Yourself
- •What Is Data Shaping?
- •Why Shape Your Data?
- •DataSet Object
- •Shaping Data with the Relations Method
- •Review
- •Quiz Yourself
- •OLEDBError Object Description
- •OLEDBError Object Properties
- •OLEDBError Object Methods
- •OLEDBException Properties
- •Writing Errors to the Event Log
- •Review
- •Quiz Yourself
- •Introducing SOAP
- •Accessing Remote Data with SOAP
- •SOAP Discovery (DISCO)
- •Web Service Description Language (WSDL)
- •Using SOAP with ASP.NET
- •Review
- •Quiz Yourself
- •Developing a Web Service
- •Consuming a Web Service
- •Review
- •Quiz Yourself
- •ASP and ASP.NET Compatibility
- •Scripting language limitations
- •Rendering HTML page elements
- •Using script blocks
- •Syntax differences and language modifications
- •Running ASP Pages under Microsoft.NET
- •Using VB6 Components with ASP.NET
- •Review
- •Quiz Yourself
- •Preparing a Migration Path
- •ADO and ADO.NET Compatibility
- •Running ADO under ASP.NET
- •Early Binding ADO COM Objects in ASP.NET
- •Review
- •Quiz Yourself
- •Answers to Part Reviews
- •Friday Evening Review Answers
- •Saturday Morning Review Answers
- •Saturday Afternoon Review Answers
- •Saturday Evening Review Answers
- •Sunday Morning Review Answers
- •Sunday Afternoon Review Answers
- •What’s on the CD-ROM
- •System Requirements
- •Using the CD with Windows
- •What’s on the CD
- •The Software Directory
- •Troubleshooting
- •ADO.NET Class Descriptions
- •Coding Differences in ASP and ASP.NET
- •Retrieving a Table from a Database
- •Displaying a Table from a Database
- •Variable Declarations
- •Statements
- •Comments
- •Indexed Property Access
- •Using Arrays
- •Initializing Variables
- •If Statements
- •Case Statements
- •For Loops
- •While Loops
- •String Concatenation
- •Error Handling
- •Conversion of Variable Types
- •Index
Session 11—Validating User Input |
111 |
To bind these functions to the Web form, you simply insert a CustomValidator control and set two new properties ClientValidationFunction and OnServerValidate.
In the previous example we have decided to use a server-side function as part of our validation, and set the OnServerValidate property equal to the server-side function ValidateSubscriptionServer. We also have enabled a client-side function, by setting the ClientValidationFunction property equal to the client side function,
ValidateSubscriptionClient.
ValidationSummaryx
The last control that is useful for validation is the ValidationSummary control. This control provides you with the option of listing all of the validation errors in a consolidated list for the user, rather than displaying each error message next to the field where the error actually occurred. To use the control, simply plug a ValidationSummary control somewhere on the page your user is likely to reference when reviewing problems with validation:
<ASP:VALIDATIONSUMMARY
ID=”valSummary”
SHOWMESSAGEBOX=”False”
DISPLAYMODE=”List”
HEADERTEXT=”Please correct the following errors.” SHOWSUMMARY=”True”
RUNAT=”SERVER”>
</ASP:VALIDATIONSUMMARY>
The control will automatically display all relevant validation errors in a consolidated area on the page. If you do not want the individual control errors to display, you will need
to set each validation control ErrorMessage property to an empty string. Setting the ShowSummary property to False, will prevent the display of each control’s error message. Instead, only the content of the HeaderText property will be shown.
In addition, you can choose to display error messages in a pop-up message box by setting the ShowMessageBox property of the ValidationSummary control to True. Be aware that this will only work properly when used in Internet Explorer 4.0 or higher.
The DisplayMode property can be set to List, BulletList, or SingleParagraph to modify the manner in which the list of errors is handled.
REVIEW
With the use of these controls, you should now be able to eliminate a tremendous amount of clientand server-side validation code previously required when developing ASP pages. Additionally, the ability to construct your own clientand server-side validation controls should provide you with all the flexibility you need to handle 90 percent of your business requirements.
112 |
Saturday Afternoon |
QUIZ YOURSELF
1.When constructing a custom control with custom client-side validation, what client-side language and version should you utilize? (See “Common Aspects of Validation Controls.”)
2.What standard ASP.NET validation controls can be combined to perform a value type and value range check on a text field? (See “CompareValidator” and “RangeValidator.”)
3.What are the performance impacts of including <%@ Page ClientTarget = “DownLevel” %> in pages with validation controls? (See “Common Aspects of
Validation Controls.”)
S E S S I O N
12
Maintaining State in ASP.NET
Session Checklist
Understanding the differences between in-process and out-of-process state maintenance
Implementing ASP State Server or using SQL Server for state maintenance
Using cookies in user state maintenance
In this session, we will cover the key innovations in state maintenance available in ASP.NET, and demonstrate how these innovations will enable you as a developer to take advantage of the latest in state management to support highly scalable and redundant
Web applications.
In ASP.NET, we have optional configuration settings that enable us to select the type of state maintenance we perform, but still allow us to use the familiar methods of state variable access from ASP. In fact, we will not have to change our legacy code to take advantage of the ASP.NET enhancements over ASP with regards to state maintenance. The key differences lie in the way session state management is handled. In ASP, sessions are by default stored
in process, which creates significant headaches for developers who develop Web sites that become extremely popular. As the number of users balloon, it becomes apparent that all of those session values used for personalization and customization are killing application
performance — and that the possible remedies are limited and costly. In ASP.NET, most if not all of these issues are now very nicely handled using out-of-process state management.
Maintaining State Out of Process for Scalability
In this section, you’ll learn how the previously mentioned improvements can be of tremendous help to developers who are implementing applications that require a high degree of scalability.
114 |
Saturday Afternoon |
In ASP, a Session object is created and maintained on the Web server from which the page is initiated. In a Web page (for example, somepage.asp) running on server Foo, the embedded ASP code:
<% Session(“MyFavoriteBeach”) = “Trestles” %>
will cause the variable MyFavoriteBeach to be stored in the memory of server Foo. This variable and all others created during the user session are persisted across multiple Web pages. If you need to retrieve the user’s favorite beach, you could simply use the embedded ASP code, for example:
<% =Session(“MyFavoriteBeach”) %>
One problem with this approach is that if server Foo crashes or otherwise goes down, all session information is lost, never to be recovered. A second problem with this approach is that it is extremely difficult to share session values with other ASP pages running on other servers. The third problem with the old Session object is that it requires the user’s browser to support client-side cookies.
Tip
For more information on Windows Load Balancing Services, review Microsoft’s WLBS Overview at http://www.microsoft.com/ntserver/ ntserverenterprise/exec/feature/wlbs/default.asp or to get information on Network Load Balancing clusters review http://www.microsoft.com/ windows2000/en/advanced/help/using.htm?id=492.
All of these factors create massive headaches for ASP developers attempting to build applications that will scale efficiently and support application redundancy, load balancing, and clustering effectively. You are forced to try software solutions such as Windows Load Balancing Services (WLBS), Network Load Balancing clusters or hardware solutions such as Cisco LocalDirector. Unfortunately, these solutions are really designed to handle request-based load balancing where maintaining state on the application server is not a requirement. When you need to use session-based load balancing and store state on the application server, you have to take tremendous performance hits with WLBS by turning on the Affinity option, or if using LocalDirector you have to implement the sticky command which has the same effect — huge performance degradation. In other words, if you modify either LocalDirector or the WLBS to use session-based load balancing, then the benefits of request-based load balancing are eliminated. These options slow the system down by requiring them to maintain a user-to-server mapping and perform a lookup upon each request. It also decreases your ability to provide fault tolerance.
The result of these solutions is like buying a Ferrari and then limiting it to drive around town in stop-and-go traffic at 20 mph, rather than allowing it up on the interstate where it could fly!
The only other way developers can support session maintenance in a Web farm scenario is to do a ton of custom coding, use a back-end database, and then retrieve the session information through the use of cookies; or hidden-form data; or by URL munging the data.
With ASP.NET, Microsoft has gone to great lengths to ease this burden and make our lives as developers much, much simpler! We now have built-in out-of-process and in-process methods to handle state maintenance in ASP.NET, as well as a choice of using client-side cookies or munging the session id.