QASP.

NET State Management:State management is the process by which you maintain state and
page information over multiple requests for the same or different pages. As is true for any HTTP-
based technology, Web Forms pages are stateless, which means that they do not automatically
indicate whether the requests in a sequence are all from the same client or even whether a single
browser instance is still actively viewing a page or site.

i)Client-Side State Management Options:Storing page information using client-side options doesn't
use server resources. These options typically have minimal security but fast server performance
because the demand on server resources is modest.

*View state:Web Forms pages provide the ViewState property as a built-in structure for
automatically retaining values between multiple requests for the same page. View state is
maintained as a hidden field in the page. Advantages:No server resources are required,Simple
implementation,Enhanced security features .Disadvantages:Performance considerations,Device
limitations ,Potential security risks.

*Control state:The ASP.NET page framework provides the ControlState property as way to store
custom control data between server trips. For example, if you have written a custom control that has
different tabs showing different information, in order for that control to work as expected, the
control needs to know which tab is selected between round trips.ad:No server resources are
required,Reliability ,Versatility. dis:some programming is required

*Hidden fields:You can store page-specific information in a hidden field on your page as a way of
maintaining the state of your page. If you use hidden fields, it is best to store only small amounts of
frequently changed data on the client. ad:No server resources are required,Simple
implementation ,Widespread support . dis:Potential security risks ,Storage limitations ,Performance
considerations ,Simple storage architecture .

*Cookies:Cookies are useful for storing small amounts of frequently changed information on the
client. The information is sent with the request to the server. ad:Configurable expiration rules,No
server resources are required,Simplicity,Data persistence. dis:Potential security risks,User-configured
refusal,Size limitations

*Query strings:A query string is information that is appended to the end of a page URL.You can use a
query string to submit data back to your page or to another page through the URL. Query strings
provide a simple but limited way of maintaining some state information.ad:Simple
implementation ,Widespread support,No server resources are required. dis:Limited
capacity ,Potential security risks

ii)Server-Side State Management Options:

Server-side options for storing page information typically have higher security than client-side
options, but they can use more Web server resources, which can lead to scalability issues when the
size of the information store is large.

*Application state:ASP.NET provides application state via the HttpApplicationState class as a

method of storing global application-specific information that is visible to the entire application.
Application-state variables are, in effect, global variables for an ASP.NET application. ad:Simple
implementation,Application scope. dis:Limited durability of data,Resource requirements

*Session state:ASP.NET provides a session state, which is available as the HttpSessionState class, as
a method of storing session-specific information that is visible only within the session. ASP.NET
session state identifies requests from the same browser during a limited time window as a session,
and provides the ability to persist variable values for the duration of that
session.ad:Extensibility ,Cookieless support ,Platform scalability ,Data persistence

*Profile properties:ASP.NET provides a feature called profile properties, which allows you to store
user-specific data. It is similar to session state, except that unlike session state, the profile data is not
lost when a user's session expires. The profile properties feature uses an ASP.NET profile, which is
stored in a persistent format and associated with an individual user. The ASP.NET profile allows you
to easily manage user information without requiring you to create and maintain your own
database.ad:Extensibility ,Platform scalability ,Data persistence. dis:Data maintenance ,Additional
configuration requirements,Performance considerations

*Database support:In some cases, you might want to use database support to maintain state on
your Web site. Typically, database support is used in conjunction with cookies or session state.
ad:Widespread support,Robustness and data integrity,Storage capacity ,Security . dis:Performance
considerations,Complexity

QNavigation control in ASP.NET:*SiteMapPath*Menu Control*TreeView

QASP.NET validation controls validate the user input data to ensure that useless, unauthenticated,
or contradictory data don't get stored.

*RequiredFieldValidator:The RequiredFieldValidator control ensures that the required field is not

empty. It is generally tied to a text box to force input into the text box. Properties:
ControlToValidate,Initial value, Text .Example:
<asp:TextBox ID="txtName" runat="server"> </asp:TextBox>
<asp:RequiredFieldValidator ID="rfvName" runat="server"
ErrorMessage="Please enter Name" ControlToValidate="txtName">
</asp:RequiredFieldValidator>

*RangeValidator:The RangeValidator control verifies that the input value falls within a
predetermined range. Properties: ControlToValidate,Maximum value:-

Eample:Age bt 18 to 30
<asp:TextBox ID="txtName" runat="server"> </asp:TextBox>
<asp:RequiredFieldValidator ID="rfvName" runat="server"
ErrorMessage="Please enter Name" ControlToValidate="txtName">
</asp:RequiredFieldValidator>

*CompareValidator:The CompareValidator control compares a value in one control with a fixed

value or a value in another control. Properties: Equal,Greater than, GreaterThanEqual, LessThan,
LessThanEqual .Examle: Password same or not
Password <asp:TextBox ID="txtPass" runat="server"> </asp:TextBox>
Confirm <asp:TextBox ID="txtPassRe" runat="server"> </asp:TextBox>
<asp:CompareValidator ID="cvPass" runat="server" ErrorMessage="Password
should match" ControlToValidate="txtPass" ControlToCompare="txtPassRe"
Operator="Equal">
</asp:CompareValidator>
*RegularExpressionValidator:The RegularExpressionValidator allows validating the input text by
matching against a pattern of a regular expression. The regular expression is set in the
ValidationExpression property.

Prop:

\d : it takes value zero to nine,\D: Other than [0->9],\w : [a->z][A->Z][0->9],\s : space

\S: other value except space,{Length}:{min ,max,[ ] : choice of given character

( ) : group of validator,| : OR

We can use special characters which are given below:

* : 0 -> more numeric value,+ : 1 : more numeric value,? : 0(min) or 1 (max)

Example: valid email or not:

<asp:TextBox ID="txtEmail" runat="server"> </asp:TextBox>
<asp:RegularExpressionValidator ID="revEmail" runat="server"
ErrorMessage="Invalid Email" ControlToValidate="txtEmail"
ValidationExpression="\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*">
</asp:RegularExpressionValidator>
*CustomValidator:The CustomValidator control allows writing application specific custom validation
routines for both the client side and the server side validation.*The client side validation is
accomplished through the ClientValidationFunction property. It should be written in a scripting
language, such as JavaScript or VBScript, which the browser can understand.*The server side
validation routine must be called from the control's ServerValidate event handler. It should be
written in any .Net language, like C# or VB.Net.syntax

<asp:CustomValidator ID="CustomValidator1" runat="server"

ClientValidationFunction=.cvf_func. ErrorMessage="CustomValidator">

</asp:CustomValidator>

*ValidationSummary:The ValidationSummary control does not perform any validation but shows a
summary of all errors in the page. The summary displays the values of the ErrorMessage property of
all validation controls that failed validation.The following two mutually inclusive properties list out
the error message:

ShowSummary : shows the error messages in specified format.

ShowMessageBox : shows the error messages in a separate window.

Properties: DisplayMode,Forecolor,HeaderText.syntax

<asp:ValidationSummary ID="ValidationSummary1" runat="server"

DisplayMode = "BulletList" ShowSummary = "true" HeaderText="Errors:" />

*Validation Groups

Complex pages have different groups of information provided in different panels. In such situation, a
need might arise for performing validation separately for separate group. This kind of situation is
handled using validation groups.
Qdata binding:The ability of a control to bind to a single data element, such as a value in a column in
a dataset table. Simple data binding is the type of binding typical for controls such as a TextBox
control or Label control, which are controls that typically only display a single value.

QASP.NET Web Forms Server Controls:ASP.NET provides web forms controls that are used to create
HTML components. These controls are categories as server and client based.

*Button:It is used to create a button.

*Label:It is used to display text on the HTML page.

*LinkButton:It is used to create a button that looks similar to the hyperlink.

*Button: Use to create a button.

*Drop down list:create a drop down list.*List box*Checkbox*Radio button*Image*Calendar.

QASP.NET tracing enables you to follow a page's execution path, display diagnostic information at
run time, and debug your application. ASP.NET tracing can be integrated with system-level tracing to
provide multiple levels of tracing output in distributed and multi-tier applications.

QCaching is a technique of storing frequently used data/information in memory, so that, when the
same data/information is needed next time, it could be directly retrieved from the memory instead
of being generated by the application.Caching is extremely important for performance boosting in
ASP.NET.

QTypes of caching

*Output catching:Output cache stores a copy of the finally rendered HTML pages or part of pages
sent to the client.

*Data caching: Data caching means caching data from a data source.

*Object caching:Object caching is caching the objects on a page, such as data-bound controls.

* Class catching:Web pages or web services are compiled into a page class in the assembly, when
run for the first time. Then the assembly is cached in the server.

*Configuration catching:Application wide configuration information is stored in a configuration file.

QError handling in ASP.NET has three aspects:

*Tracing - tracing the program execution at page level or application level.

*Error handling - handling standard errors or custom errors at page level or application level.

*Debugging - stepping through the program, setting break points to analyze the code

Although ASP.NET can detect all runtime errors, still some subtle errors may still be there. Observing
the errors by tracing is meant for the developers, not for the users.

Hence, to intercept such occurrence, you can add error handing settings in the web.config file of the
application. It is application-wide error handling.

eg:
<configuration>

<system.web>

<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">

<error statusCode="403" redirect="NoAccess.htm" />

<error statusCode="404" redirect="FileNotFound.htm" />

</customErrors>

</system.web>

<configuration>

QASP.NET security works in conjunction with Internet Information Services (IIS) security and
includes authentication and authorization services to implement the ASP.NET security model.
ASP.NET also includes a role-based security feature that you can implement for both Windows and
non-Windows user accounts.