ASP.NET

baasopchoppySecurity

Nov 5, 2013 (3 years and 7 months ago)

129 views

Web programming

(ASP, Java)

Amarsanaa .G

School of Information Technology

National University of Mongolia

ASP .NET

National University of Mongolia

2

“Classic” ASP

Successes


Simple procedural programming model


Access to COM Objects


ADO


File system object


No compiling, just save


Support for multiple scripting languages


Mix HTML and code


VBscript


leverage Visual Basic skills

National University of Mongolia

3

What is the ASP.NET?


ASP.NET

is Microsoft's latest technology for
building web
-
based applications and services


ASP.NET

is a successor to Active Server Pages
(ASP) that draws on the power of the .NET
Framework development platform and the Visual
Studio .NET developer toolset.


To better understand ASP.NET, it is important to
understand some key concepts of the .NET
development platform.


National University of Mongolia

4

Introduction to .NET

The .NET Framework and Visual Studio .NET

Base Class Library

Common Language Specification

Common Language Runtime

ADO.NET: Data and XML

Visual Basic
®

C++

C#

Visual Studio .NET

ASP.NET: Web Services

and Web Forms

JScript
®



Windows

Forms

National University of Mongolia

5

Introduction to .NET

ASP.NET

Base Class Library

Common Language Specification

Common Language Runtime

ADO.NET: Data and XML

Visual Studio.NET

ASP.NET: Web Services

and Web Forms

Windows

Forms

Visual Basic
®

C++

C#

JScript
®



National University of Mongolia

6

ASP.NET

Architecture

ASPX

.ASPX

Web development

National University of Mongolia

7

ASP.NET

Architecture

.ASPX

Compiled

Client first request

National University of Mongolia

8

ASP.NET

Architecture

.ASPX

Compiled

Next request

Runtime Compilation

ASPX

File

Request

ASPX

Engine

Parse

Gen’d

Page

Class


Generate

Response

Request

Instantiate

Response

Code
-

behind

class


Page

DLL

Instantiate,
Process and
Render

Compile

National University of Mongolia

11

Overview


Originally Active Server Pages (ASP)


ASP.NET


Successor of ASP


Different paradigm (.NET Framework)


Topics


Stateless web paradigm


Code behind pages


Response and Request objects


Session and Application variables

National University of Mongolia

12

Stateless web paradigm


Client may return to any page at any time
in any state


State information is posted during each
page request (?xxxxx=xxxxx)


ASP.NET web controls automatically
repost their own state to maintain the
ViewState of the page

National University of Mongolia

13

Code behind pages


Binds HTML page to a code file written in a .NET
language


HTML page is encapsulated in a
System.Web.UI.Page class


Events such as Page_Load may be handled


All ASP.NET controls can be used as regular
.NET objects


Scripts in HTML page may call code behind
functions


Everything will eventually end up as HTML

National University of Mongolia

14

Separation of code from content

Developers and designers can work independently



<Tags>

code

Single file

form1.asp

<Tags>

Separate files

WebForm1.aspx

code

WebForm1.aspx.cs

National University of Mongolia

15

Page development

Page_Load

List1_SelectedIndexChanged

Button1_Click

Page_Unload

Page is loaded, control hierarchy initialized

Control hierarchy is rendered

Page is disposed

Control events

1. Change Events

2. Action Events

National University of Mongolia

16

ASP.NET Web Applications


Global ASAX


Application_Start


Application_End


Session_Start


Session_End


Session


Application


National University of Mongolia

17

Response and Request objects


Response


Represents the client browser


Response.Redirect(
“http://www.microsoft.com”
)


Response.Cookies[“UserName”] = “Bob”


Request


Represents the server


Request.PhysicalApplicationPath


UserName = (String)Request.Cookies[
“UserName”
]

National University of Mongolia

18

Session and Application variables


Session variables


Hashtable
-
style collection of name
-
value pairs


Remembered until the client closes the browser (or the
session timeout expires


default 20 minutes)


Only for one client


Session[“ValidUser”] = true


Application variables


Hashtable
-
style collection of name
-
value pairs


Always remembered


For all clients


Application[“NumClients”] = NumClients + 1



National University of Mongolia

19

ASP.NET Pages: Key Concepts


Server controls


Encapsulate UI generation, user interaction


Fire events for state changes


Page execution is “staged”, not linear


Page fires events for phases of processing


Init, Load, Render, Unload, etc


Event handler code


Handles events raised by controls, page


Can be located in
-
line, or in separate file or DLL


National University of Mongolia

20

ASP.NET Server Controls


Server controls encapsulate behavior


Declarative, tag with
runat="server"


Generate HTML that is sent to the client


Can support multiple client types


DHTML, HTML 3.2, WML, etc.


Process input sent from client


Bind to data in Forms collection


Fire events for notifications



National University of Mongolia

21

ASP.NET Server Controls


Allow look and feel to be customized


Template properties specify UI elements


Templates are UI fragments (Header, Item, etc)


Are stateless on the server


Controls can store needed state in “ViewState”


ViewState travels with the page or URL


National University of Mongolia

22

ASP.NET

Features


ASPX, ASP


side by side


Simplified programming model


Simplified deployment


Better performance


Caching


Security


Powerful controls


National University of Mongolia

23

ASP.NET

Features


Simplified browser support


Simplified form validation


Code behind pages


More powerful data access


Web services


Better session management

National University of Mongolia

24

ASP.NET

Features


No DLL locking


No DLL registration


Simplified configuration


Pagelets

National University of Mongolia

25

Server Controls

Simplify Common Tasks


Simplify common tasks


Forms


Tables


Data display


Calendar


Ad rotator


Server
-
side programming model


Automatic browser compatibility


Less code, less complexity


Extensible


National University of Mongolia

26

Server Controls

HTML and Server Controls

<div
id
="MyDiv"
runat
="server"/>

<asp:TextBox
id
="txtUserName"
runat
="Server"/>

<asp:button type="submit"
OnClick
="SubmitBtn_Click"
runat
="server"/>



ID



uniquely identifies control


Runat



enables server
-
side processing


OnClick


identifies server
-
side event handler

National University of Mongolia

27

Server Controls

Forms

<script language="C#" runat=server>


void SubmitBtn_Click(Object sender, EventArgs e) {


Response.Write (“Hello” + txtUserName.Text);

}


</script>



PostBack


Server
-
side object automatically populated from client
-
side controls

National University of Mongolia

28

Server Controls

Browser Support


Targets client on the fly


<asp:textbox ForeColor=“red”/>


Style


Font



Validation


Client
-
side


Server
-
side

National University of Mongolia

29

Server Controls

Validation


Without code


Required field


Within range


Two fields equal (password)


Regular expressions


Validation error messages


With code, but simplified


Custom validation

National University of Mongolia

30

Data Controls


Bind to many data sources


Collections


Array


HashTable


ADO.NET


DataReader


DataSet


XML

National University of Mongolia

31

Data Controls

ADO.NET


Connection


Command


DataReader


DataSet


DataAdapter


DataView

National University of Mongolia

32

Data Controls

ADO.NET

Authors

Connection

Database

DataAdapter

DataSet

Select … from Authors

Authors

National University of Mongolia

33

Data Controls

ADO.NET

Publishers

Connection

Database

DataAdapter

DataSet

Select … from
Publishers

Authors

Publishers

National University of Mongolia

34

Data Controls

ADO.NET

DataSet

Authors

Publishers

DataView

DataGrid

DataList

Repeater

National University of Mongolia

35

ASP.NET Web Applications

web.config


Site configuration file


Like an .INI file for your site


XML format


Extensible


Some settings


Security


Session


Localization


Tracing


Debugging

National University of Mongolia

36

Configuration


Stored in XML file in directory with pages


web.config


Contains all ASP.NET settings


Authentication, compile options,

custom error pages, etc.


Allows adding Application settings


DSN, etc.


Extensible


Can extend with custom configuration data

National University of Mongolia

38

ASP.NET Web Applications

Session Variables


Store state information


No longer require cookies


Share between servers


<sessionState

mode=“StateServer“

stateConnectionString="tcpip=127.0.0.1:42424"

sqlConnectionString="data source=127.0.0.1;user
id=sa;password="

cookieless="false"

timeout="20"

/>

National University of Mongolia

39

Create Web application

National University of Mongolia

40

PC Magazine Nile Application Test

2400

1200

1600

800

400

2800

2000

Pages Served per Second

8 CPU

4 CPU

2 CPU

Microsoft

ASP

Microsoft

ASP.NET

1989

1154

2781

330

748

637

National University of Mongolia

41

ASP.NET Community Sites


123aspx.com


DotNetJunkies


ASPFree.com


ASPNG.com


ASP Today


ASPAlliance


4GuysFromRolla.com


ASPWorkshops.com


411ASP.NET Directory


ASPObjects.com


angryCoder.com


DotNetExperts.com


SuperExpert.com


Big
-
Boys.com


Dot NET Books


Dot NET Wire


Wintellect


DeepTraining.com


DevX.com


DevelopersDex.com


ASPX101.net


ASP 101


ASP Wire


ASP Watch


DevTrain (de)


CShrp.net


scGlossary


DotNetDan.com


DotNetGerman.com

(de)


ASP Magazine (fr)


GASP (fr)


PortalVB.com (sp)


asp.net PRO


Spinneret.co.uk


Innerhost.com


c2i.fr (fr)


FuzzySoftware.com


Programmers Heaven


QA.com/NET


WiseOwl.com


BartonSphere.net


DevASP.net


FreeDotNet.com


OrcsWeb.com


EraServer.net


Bipin Joshi.com


ASPSmith.com


RegXLib.com


Alentus.com


ASPCN.com (cn)