Just read a chapter in Beginning ASP.NET 3.5 in C# 2008. These are the things I need to remember for myself in a small summary. If you want more information, buy the book!

View State

Uses a hidden field that ASP.NET automatically inserts in the final, rendered HTML of a web page. Web Controls use this, but your web page code can add bits of data directly to the view state.
The ViewState property of the page is an instance of the StateBag collection class. The StateBag is a dictionary collection, which means every item is stored in a seperate “slot” using a unique string name.
Making your View State Secure can be done in two ways. You can make it tamperproof by instructing ASP.NET to use a hash code (which is generated with a cryptographic key). If you have a web farm you need to configure the different servers to use the same key! Besides this you can also enable view state encryption (imposes a performance penalty).
Retaining Member Variables: Basic principle is to save all member variables to view state when the Page.PreRender event occurs and retrieve them when the Page.Load event occurs. !You cannot store view state information in an event handler fot the Page.Unload event. Though your code will not cause an error, the information will not be stored in view state, because the final HTML page output is already rendered.

Cross-Page Posting

One page can send the user to another page, complete with all the information for that page. Uses a property named PostBackUrl, which is defined by the IButtonControl. This technique is a potential minefield and can lead to pages that are tightly coupled to others.

The Query String

Pass information using a query string in the URL.  Advantage is lightweight. Some limitations are:

  • Limited to simple strings
  • Information clearly visible to the user and http sniffers
  • The user can alter the query string
  • browsers impose limit on the length of the URL

Cookies

Cookies are small files that are created on the client’s hard drive. They work transparently without the user being aware that information needs to be stored. You retrieve cookies from the Request object, and you set cookies using the Response object. Other ASP.NET features also use cookies (like session state and forms security).

Session State

Allows you to store any type of data in memory on the server. The information is protected, because it is never transmitted to the client, and it’s uniquely bound to a specific session. Every client that accesses the application has a different session and a distinct collection of information.

Session Tracking is done using a unique 120-bit identifier. This ID is the only piece of session-related information that is transmitted between the web server and the client. The client can present the appropriate session ID with each request in two ways: using cookies or using modified URL’s.

A careless use of session state is one of the most common reasons that a web appliation can’t scale to serve a large number of clients. Sometimes a better approach is to use caching!

There are different modes of Session State namely InProc (default), Off, StateServer, SQLServer and Custom.

Application State

Allows you to store global objects that can be accessed by any client. Application state is rarely used because its two most common uses have been replaced by easier, more efficient methods:

  • web.config
  • ASP.NET cache
pixel State Management ASP.NET 3.5
No TweetBacks yet. (Be the first to Tweet this post)