You are on page 1of 66

ASP.

NET
Unit-I
1)Getting Setup :
ASP.NET is a server-side Web application framework designed for Web
development to produce dynamic Web pages. It was developed by Microsoft to
allow programmers to build dynamic web sites, web applications and web
services.
How Dose Asp.net Fit.in
Asp.net is a part of the .net framework new computing platform
From Microsoft optimized for creating Application that
Are highly distributed across the internet.
What is .net Framework
.net is Microsoft name dor a platform for xml web service
.xml is a standard way for developing mark-up language that can describe any
kind of data or functionality.
What ate Active Server Page
Active server pages (asp) is the name Microsoft uses for a
Technology that is Convenient for Building Dynamic web page.
Dynamic Web Page Contain Content that may Change from Second to second
based on the data & Condition that may Change as Time progresses.

2) What is ASP.NET
ASP.NET is a server-side Web application framework designed for Web
development to produce dynamic Web pages. It was developed by Microsoft to
allow programmers to build dynamic web sites, web applications and web
services.
ASP.NET is a development framework for building web pages and web sites
with HTML, CSS, JavaScript and server scripting.
ASP.NET supports three different development models:
Web Pages, MVC (Model View Controller), and Web Forms:

3)Setting up for ASP.NET


Step-1: Go To Control Panel -> Programs
Step-2:Then Click Turn Windows Features On and Off .
Step-3: A Small Window Will Open In Then Click Internet Information

Services Check Box.


Step-4: Then Click World Wide Services Then Click Plus Button Then Click
Application Development Features Then Click Plus Button Then Click ASP
Check Box.
Step-5: Then Go to Control Panel Then Go to All Control Panel Items Then
Click Administrative Tools.
Step-6: Then a Small Window Will Open in that Click Directory Browsing.
Step-7: Then Click The Enable Button To Enable The Directory Browsing.
Step-8: Then Open Any Web Browser Type http://localhost/ in Your URL
Box.
Step-9: Now Your IIS is activated in your system.
Step-10: now open Your Control panel In that Click Administrative Tool then
Click Internet Information Services (IIS) Manager then Click the server name
(Computer name) then Click site then Right Click Default Website then Click
add Virtual Directory then Enter Alice name and the path of the asp program
then press ok.
Step-11: Now open any browser and type http://localhost/ (with your alice
name)
Example: http://localhost/hari

4) The development environment


In ASP.Net, you can accomplish an include that appears on
every page by creating a Master Page. Then, you basically inherit from that
page everywhere that you want its contents to appear.
Example: with one Master Page, you can accomplish the same thing as you
could do with two includes -- the Master Page could have both a header and a
footer.
However, you can take Master Pages much further if you wish. For example, the
universal navigation is often included on a Master Page -- the horizontal menu
at the top and/or a vertical menu on the left. Basically anything you want to
show on many pages.
Also, you can include common server-side code in the Master Page codebehind, such as authentication.
Step 1: Select the Tools->External Tools menu option in VS or Visual Web
Developer. This will allow you to configure and add new menu items to your
Tools menu.

Step 2: Click the Add button to add a new external tool menu item. Name it
Webserver on Port 8010 (or anything else you want).
Step 3: For the Command textbox setting enter this value:
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WebDev.WebServer.EX
E (note: this point to the web-server that VS usually automatically runs).
Step 4: For the Arguments textbox setting enter this value: /port:8010 /path:$
(ProjectDir) (or any port you like)
Step 5: Select the Use Output Window checkbox (this will prevent the
command-shell window from popping up.
Once you hit apply and ok you will now have a new menu item in your Tools
menu called WebServer on Port 8010. You can now select any web project in
your solution and then choose this menu option to launch a web-server that has
a root site on port 8010 (or whatever other port you want) for the project. You
can then connect to this site in a browser by simply saying
http://localhost:8010/. All root based references will work fine.
Step 6: The last step is to configure your web project to automatically reference
this web-server when you run or debug a site instead of launching the built-in
web-server itself. To-do this, select your web-project in the solution explorer,
right click and select property pages. Select the start options setting on the
left, and under server change the radio button value from the default (which is
use built-in webserver) to instead be Use custom server. Then set the Base
URL value to be: http://localhost:8010/

5)ASP & ASP.NET.


Active Server Pages (ASP), also known as Classic ASP or ASP Classic,
was Microsoft's first server-side script engine for dynamically generated web
pages. Initially released as an add-on to Internet Information Services (IIS) via
the Windows NT 4.0 Option Pack , it was subsequently included as a free
component of Windows Server. ASP.NET, first released in January 2002, has
superseded ASP.
ASP.NET is a server-side Web application framework designed for Web
development to produce dynamic Web pages. It was developed by Microsoft to

allow programmers to build dynamic web sites, web applications and web
services.
The most important difference between ASP and ASP.Net is that ASP
uses interpreted VBScript or JScript, and ASP.net uses any .Net language
(including VB.Net, C#, J#, etc.) compiled.
ASP 3.0 left all its code in the front of the application. There was no way
for a programmer to "hide" the sensitive code which he or she may not
want anybody to see. The fact that the code was interpreted also slowed
performance. ASP.NET allows the programmer to create dynamic link
libraries containing the sensitive code. This may be a disadvantage from
an open-source perspective but compiling code into dll's greatly improves
performance.
ASP is mostly written using VB Script and HTML intermixed.
Presentation and business logic is intermixed while ASP.NET can be
written in several .NET compliant languages such as C# or VB.NET.
ASP has maximum of 4 built in classes like Request, Response, Session
and Application whereas ASP.NET using .NET framework classes which
has more than 2000 in built classes.
ASP does not have any server based components whereas ASP.NET
offers several server based components like Button, TextBox etc. and
event driven processing can be done at server.
ASP doesn't support Page level transactions whereas ASP.NET supports
Page level transactions.
ASP.NET offers web development for mobile devices which alters the
content type (wml or chtml etc.) based on the device.
ASP.NET allows separation of business and presentation logic because
the code need not be included directly in the *.aspx page.
ASP.NET uses languages which are fully object oriented languages like
C# and also supports cross language support.
ASP.NET offers support for Web Services and rich data structures like
DataSet which allows disconnected data processing.

6)An overview ASP.NET Programming Languages.


Classic ASP - Active Server Pages
Active Server Pages (ASP), also known as Classic ASP, was introduced
in 1998 as Microsoft's first server side scripting engine.
ASP is a technology that enables scripts in web pages to be executed by an
Internet server.
ASP pages have the file extension .asp, and are normally written in VBScript.
ASP.NET Programming Languages
Visual Basic (VB.NET)
C# (Pronounced C sharp)
An ASP.NET page is restricted to code written in a single programming
language. Currently, ASP.NET supports Visual Basic, C#, and J#. The default
language is Visual Basic, but any other language can be declared as the
default language for the page by placing a directive at the top of the page,
such as the following:
<%@Page Language="C#"%>
The language can also be declared in a <script language = > block, as in
the example provided in Code Blocks in ASP.NET. If different languages are
declared in separate script blocks on the same page, an error will be raised.
Although only one language can be used on a single page, any user controls
that you use on a page can be written in different languages, including Visual
C++. This allows applications to take advantage of function libraries in
different languages.
Visual Basic Scripting Edition (VBScript) is not supported, but VBScript
syntax is very similar to Visual Basic 2005 syntax, so any required changes
to existing code should be minor.

7) Programming Basics: Basics of Programming


1. Application Program Requirement

2.
3.
4.
5.

Object Oriented Programming


Processing Data
Writing Pseudocode
Exception Handling

8)Program Flow

9) Effective Coding Techniques


1. How to get rich UI controls with the CodePlex AJAX Toolkit
Visual Studio's built-in Ajax controls are fairly rudimentary. But
CodePlex has a rich set of 40 Ajax controls available for free.
2. How to highlight validation errors
After performing input validation, you might want to position the cursor
to the input control that generated the validation error, highlighting the values in
that control. Using the document objects select method, I select and highlight
the contents of the TextBox named TextBox1:
document.getElementById('TextBox1').select();
3. How to set the default focus to a control
Another handy technique is setting a given control on a web page to
have the focus when a user first opens the page. Using the forms DefaultFocus
property, I set the focus to a TextBox control named TextBox1:
<form id="form1" DefaultFocus="TextBox1" runat="server"></form>
4. How to set a web page's default button
Sometimes you need a specific button to handle the events when a user
presses Enter. To set the default button on a web page, use the forms
DefaultButton property. Here I set a default button, Button1, for form1:
<form id="form1" DefaultButton="Button1" runat="server"></form>
5. How to display a blank item on the DropDownList
The DropDownList control lets users select friendly display values.
But by default, when the control is databound it displays the value of the first
item from the database. To display a blank item instead, add a value to the Items
collection with an empty string in the Text property. Then set the

AppendDataBoundItems property of the DropDownList to True. This inserts the


blank value into the DropDownList when it's initially displayed.
6. How to turn off the display of non-visual controls
When youre using data binding or many non-visual Ajax controls, the
designer can get cluttered. To toggle off the display of ASP.NET non-visual
controls, use Ctrl+Shift+N.
7. How to get your connection string
When developing ASP.NET applications, you can choose where to
store your applications connection string. The best place is almost always in the
web.config file. The web.config file is in XML format and the appSettings key
can hold multiple connections strings. Below, I use the appSetting key to store
connection information:
<appSettings><addkey="MyConnectionString"value="server=MyServer;uid=M
yUsername;pwd=MyPassword;database=MyDB" /></appSettings>
To use the values from the web.config file in your applications, include the
System.Configuration namespace in your code and use the
ConfigurationManager object:
SqlConnectioncn = new
SqlConnection(ConfigurationManager.ConnectionStrings\\
["MyConnectionString"\\].ConnectionString);
10)Designing Applications.
Security:
When designing your ASP.NET application, think about security,
especially the type of authentication that will be used (Forms, Windows, or
Passport), and how sensitive information is stored (username and password). A
good reference is Building Secure ASP.NET Applications: Authentication,
Authorization, and Secure Communication, available in the ASP.NET SDK.
Scalability
It is possible to combine HTML and script on a single page as with
previous versions of ASP.NET (called a single-file page) but for all but the
simplest pages, the code-behind model should be used. With code-behind, the
ASP.NET executable code is placed in a separately compiled DLL, called the
code-behind class file, and the .aspx page contains only HTML and ASP.NET
server controls. Code-behind design is much more scalable and is much easier

to maintain. See the topic titled Introduction to Web Forms Pages in the
ASP.NET SDK.
Converting ASP Applications to ASP.NET Applications
Please see the articles titled Migrating ASP Pages to ASP.NET and Microsoft
.NET/COM Migration and Interoperability in the ASP.NET SDK.
Converting ISAPI Applications to .NET HTTP Modules
HTTP Modules are equivalent to ISAPI filters. They enter the
execution pipeline before any handler sees the request and just after all handlers
have done their work. HTTP Handlers are equivalent to ISAPI extensions.
HTTP module classes must inherit the IHTTPModule interface. HTTP handlers
must inherit IHttpHandler. IIS executes an ISAPI filter by calling the
HttpFilterProc() method in the filter. ASP.NET executes code in a module in
response to an event in the execution pipeline such as Application_OnStart,
Session_OnStart or Session_OnEnd. When IIS issues a request to ASP.NET,
ASP.NET examines the <HTTPMODULES> and <HTTPHANDLERS> section
of all configuration files that apply to the application in order to find modules
and handlers that apply to the file name extension (.aspx, for example). If
modules or handlers are found, the request is routed to the appropriate code.

Unit-II
1)How Dynamic Website Applications work
(http://www.acunetix.com/websitesecurity/webapplications/)
A dynamic website contains information that changes, depending on the
viewer of the site, the time of the day, the time zone, the native language of the
country the viewer is in or many other factors.
A dynamic web site can contain client-side scripting or server-side
scripting to generate the changing content, or a combination of both scripting
types. These sites also include HTML programming for the basic structure. The
client-side or server-side scripting takes care of the guts of the site.
The three-layered web application model. The first layer is normally a
web browser or the user interface; the second layer is the dynamic content
generation technology tool such as Java servlets (JSP) or Active Server Pages
(ASP), and the third layer is the database containing content (e.g., news) and

customer data (e.g., usernames and passwords, social security numbers and
credit card details).
How the initial request is triggered by the user through the browser over
the Internet to the web application server. The web application accesses the
databases servers to perform the requested task updating and retrieving the
information lying within the database. The web application then presents the
information to the user through the browser.

Web Security Issues


Despite their advantages, web applications do raise a number
of security concerns stemming from improper coding. Serious weaknesses or
vulnerabilities, allow hackers to gain direct and public access to databases in
order to churn sensitive data. Many of these databases contain valuable
information (e.g., personal and financial details) making them a frequent target
of hackers. Although such acts of vandalism as defacing corporate websites are
still commonplace, nowadays, hackers prefer gaining access to the sensitive
data residing on the database server because of the immense pay-offs in selling
the data.
In the framework described above, it is easy to see how a hacker can quickly
access the data residing on the database through a dose of creativity and, with

luck, negligence or human error, leading to vulnerabilities in the web


applications.
As stated, websites depend on databases to deliver the required information to
visitors. If web applications are not secure, i.e., vulnerable to, at least one of the
various forms of hacking techniques, then your entire database of sensitive
information is at serious risk.
Some hackers, for example, may maliciously inject code within vulnerable web
applications to trick users and redirect them towards phishing sites. This
technique is called Cross-Site Scripting and may be used even though the web
servers and database engine contain no vulnerability themselves.
Websites and related web applications must be available 24 hours a day, 7
days a week, to provide the required service to customers, employees,
suppliers and other stakeholders.
Firewalls and SSL provide no protection against web application hacking,
simply because access to the website has to be made public All modern
database systems (e.g. Microsoft SQL Server, Oracle and MySQL) may
be accessed through specific ports (e.g., port 80 and 443) and anyone can
attempt direct connections to the databases effectively bypassing the
security mechanisms used by the operating system. These ports remain
open to allow communication with legitimate traffic and therefore
constitute a major vulnerability.
Web applications often have direct access to backend data such as
customer databases and, hence, control valuable data and are much more
difficult to secure. Those that do not have access will have some form of
script that allows data capture and transmission. If a hacker becomes
aware of weaknesses in such a script, he may easily reroute unwitting
traffic to another location and illegitimately hive off personal details.
Most web applications are custom-made and, therefore, involve a lesser
degree of testing than off-the-shelf software. Consequently, custom
applications are more susceptible to attack

2) Processing ASP.NET with Visual basic.NET:


Visual Basic .NET (VB.NET) is an object-oriented computer
programming language that can be viewed as an evolution of the classic Visual
Basic (VB), implemented on the .NET Framework. Microsoft currently supplies
two main editions of IDEs for developing in Visual Basic: Microsoft Visual
Studio 2012, which is commercial software and Visual Basic Express Edition.
The command-line compiler, VBC.EXE, is installed as part of the .NET
Framework SDK.
How ASP.NET Web Pages are Processed
The Browser Makes an HTTP Request for an ASP.NET Web
Page

The entire process begins with a Web browser making a request


for an ASP.
The Web Server Receives the HTTP Request
The sole task of a Web server is to accept incoming HTTP
requests and to return the requested resource in an HTTP
response. The 4Guys Web server runs Microsoft's Internet
Information Services (IIS) Web server. The first things IIS does
when a request comes in is decide how to handle the request.
Its decision is based upon the requested file's extension. For
example, if the requested file has the .asp extension, IIS will
route the request to be handled by asp.dll.
Examining the ASP.NET Engine
An initial request for
http://aspnet.4guysfromrolla.com/articles/011404.aspx will reach IIS and
then be routed to the ASP.NET engine, but what happens next?
The ASP.NET engine is often referred to as the ASP.NET HTTP
pipeline, because the incoming request passes through a
variable number of HTTP modules on its way to an HTTP
handler.
Generating the Output
The final step is for the suitable HTTP handler to generate the appropriate
output. This output, then, is passed back through the HTTP modules and then
back to IIS, which then sends it back to the client that initiated the request. (If
the client was a Web browser, the Web browser would receive this HTML and
display it.)

3)VB.NET Programming Language Structures


Structure of a Visual Basic Program
A Visual Basic program is built up from standard building
blocks. A solution comprises one or more projects. A project in turn can contain
one or more assemblies. Each assembly is compiled from one or more source
files. A source file provides the definition and implementation of classes,
structures, modules, and interfaces, which ultimately contain all your code.

For more information about these building blocks of a Visual Basic program,
see Solution and Project Basics and Assemblies and the Global Assembly Cache
(C# and Visual Basic).
File-Level Programming Elements
When you start a project or file and open the code editor, you
see some code already in place and in the correct order. Any code that you write
should follow the following sequence:
1. Option statements
2. Imports statements
3. Namespace statements and namespace-level elements
If you enter statements in a different order, compilation errors can result.
A program can also contain conditional compilation statements. You can
intersperse these in the source file among the statements of the preceding
sequence.
Option Statements
Option statements establish ground rules for subsequent code, helping
prevent syntax and logic errors. The Option Explicit Statement (Visual Basic)
ensures that all variables are declared and spelled correctly, which reduces
debugging time. The Option Strict Statement helps to minimize logic errors and
data loss that can occur when you work between variables of different data
types. The Option Compare Statement specifies the way strings are compared to
each other, based on either their Binary or Text values.
Imports Statements
You can include an Imports Statement (.NET Namespace and Type) to
import names defined outside your project. An Imports statement allows your
code to refer to classes and other types defined within the imported namespace,
without having to qualify them. You can use as many Imports statements as
appropriate. For more information, see References and the Imports Statement
(Visual Basic).
Namespace Statements

Namespaces help you organize and classify your programming


elements for ease of grouping and accessing. You use the Namespace Statement
to classify the following statements within a particular namespace. For more
information, see Namespaces in Visual Basic.

Conditional Compilation Statements


Conditional compilation statements can appear almost anywhere
in your source file. They cause parts of your code to be included or excluded at
compile time depending on certain conditions. You can also use them for
debugging your application, because conditional code runs in debugging mode
only. For more information, see Conditional Compilation in Visual Basic.
Namespace-Level Programming Elements
Classes, structures, and modules contain all the code in your
source file. They are namespace-level elements, which can appear within a
namespace or at the source file level. They hold the declarations of all other
programming elements. Interfaces, which define element signatures but provide
no implementation, also appear at module level. For more information on the
module-level elements, see the following:
Class Statement (Visual Basic)
Structure Statement
Module Statement
Interface Statement (Visual Basic)
Data elements at namespace level are enumerations and delegates.
Module-Level Programming Elements
Procedures, operators, properties, and events are the only
programming elements that can hold executable code (statements that perform
actions at run time). They are the module-level elements of your program. For
more information on the procedure-level elements, see the following:

Function Statement (Visual Basic)


Sub Statement (Visual Basic)
Declare Statement
Operator Statement
Property Statement
Event Statement
Data elements at module level are variables, constants, enumerations, and
delegates.
Procedure-Level Programming Elements
Most of the contents of procedure-level elements are executable statements,
which constitute the run-time code of your program. All executable code must
be in some procedure (Function, Sub, Operator, Get, Set, Add Handler, Remove
Handler, Raise Event). For more information, see Statements in Visual Basic.
Data elements at procedure level are limited to local variables and constants.
The Main Procedure
The Main procedure is the first code to run when your application has been
loaded. Main serves as the starting point and overall control for your
application. There are four varieties of Main:
Sub Main()
Sub Main(ByVal cmdArgs() As String)
Function Main() As Integer
Function Main(ByVal cmdArgs() As String) As Integer
The most common variety of this procedure is Sub Main(). For more
information, see Main Procedure in Visual Basic.

4) Built in ASP.NET objects & Interactivity


ASP.NET objects
The page itself is instantiated as a control object. All web forms are basically
instances of the ASP.Net Page class. The page class has the following extremely
useful properties that correspond to intrinsic objects like:
Session.
Application
Cache
Request
Response
Server
User
Trace
We will discuss each of these objects in due time. In this tutorial we will explore
the Server object, the Request object and the Response object.
The Server Object:
The Server object in Asp.Net is an instance of the
System.Web.HttpServerUtility class. The HttpServerUtility class provides
numerous properties and methods to perform various jobs.
Properties and Methods of the Server object:
The methods and properties of the HttpServerUtility class are exposed through
the intrinsic Server object provided by ASP.NET.
Property

Description

Machine Name

Name of server's computer

Script Timeout

Gets and sets the request time-out value in seconds.

The Request Object:


The request object is an instance of the System.Web.HttpRequest class. It
represents the values and properties of the HTTP request that makes the page
loading into the browser.
The information presented by this object is wrapped up by the higher level
abstractions (the web control model), however, this object helps in checking
some information like the client browser and cookies.
Properties and Methods of the Request Object:
The following table provides some noteworthy properties of the Request object:
Property

Description

AcceptTypes

Gets a string array of client-supported MIME accept


types.

ApplicationPath

Gets the ASP.NET application's virtual application root


path on the server.

Browser

Gets or sets information about the requesting client's


browser capabilities.

ContentEncoding

Gets or sets the character set of the entity-body.

ContentLength

Specifies the length, in bytes, of content sent by the client.

ContentType

Gets or sets the MIME content type of the incoming


request.

Cookies

Gets a collection of cookies sent by the client.

FilePath

Gets the virtual path of the current request.

Files

Gets the collection of files uploaded by the client, in


multipart MIME format.

Form

Gets a collection of form variables.

Headers

Gets a collection of HTTP headers.

HttpMethod

Gets the HTTP data transfer method (such as GET, POST,


or HEAD) used by the client.

InputStream

Gets the contents of the incoming HTTP entity body.

IsSecureConnecti
on

Gets a value indicating whether the HTTP connection uses


secure sockets (that is, HTTPS).

The Response Object:


The Response object represents the server's response to the client request. It is
an instance of the System.Web.HttpResponse class.
In ASP.Net, the Response object does not play a vital role in sending HTML
text to the client, because the server-side controls have nested, object oriented
methods for rendering themselves.
However, the HttpResponse object still provides some important functionalities,
like the cookie feature and the Redirect() method. The Response.Redirect()
method allows transferring the user to another page, inside as well as outside the
application. It requires a round trip.
Properties and Methods of the Response Object:
The following table provides some noteworthy properties of the Response
object:
Property

Description

Buffer

Gets or sets a value indicating whether to buffer output


and send it after the complete response is finished
processing.

Buffer Output

Gets or sets a value indicating whether to buffer output


and send it after the complete page is finished
processing.

Charset

Gets or sets the HTTP character set of the output


stream.

Content Encoding

Gets or sets the HTTP character set of the output


stream.

Content Type

Gets or sets the HTTP MIME type of the output stream.

Cookies

Gets the response cookie collection.

Expires

Gets or sets the number of minutes before a page


cached on a browser expires.

Expires Absolute

Gets or sets the absolute date and time at which to


remove cached information from the cache

Header Encoding

Gets or sets an Encoding object that represents the


encoding for the current header output stream.

Headers

Gets the collection of response headers.

IsClientConnected

Gets a value indicating whether the client is still


connected to the server.

Output

Enables output of text to the outgoing HTTP response


stream.

Output Stream

Enables binary output to the outgoing HTTP content


body.

5)The Response Object


The Response Object:
The Response object represents the server's response to the client request. It is
an instance of the System.Web.HttpResponse class.
In ASP.Net, the Response object does not play a vital role in sending HTML
text to the client, because the server-side controls have nested, object oriented
methods for rendering themselves.
However, the HttpResponse object still provides some important functionalities,
like the cookie feature and the Redirect() method. The Response. Redirect()
method allows transferring the user to another page, inside as well as outside the
application. It requires a round trip.
Properties and Methods of the Response Object:
Property

Description

Buffer

Gets or sets a value indicating whether to buffer output


and send it after the complete response is finished
processing.

Buffer Output

Gets or sets a value indicating whether to buffer output


and send it after the complete page is finished
processing.

Charset

Gets or sets the HTTP character set of the output stream.

Content Encoding

Gets or sets the HTTP character set of the output stream.

Content Type

Gets or sets the HTTP MIME type of the output stream.

Cookies

Gets the response cookie collection.

Expires

Gets or sets the number of minutes before a page cached


on a browser expires.

Expires Absolute

Gets or sets the absolute date and time at which to


remove cached information from the cache

Header Encoding

Gets or sets an Encoding object that represents the


encoding for the current header output stream.

Headers

Gets the collection of response headers.

IsClientConnected

Gets a value indicating whether the client is still


connected to the server.

Output

Enables output of text to the outgoing HTTP response


stream.

OutputStream

Enables binary output to the outgoing HTTP content


body.

RedirectLocation

Gets or sets the value of the Http Location header.

Status

Sets the Status line that is returned to the client.

StatusCode

Gets or sets the HTTP status code of the output returned


to the client.

StatusDescription

Gets or sets the HTTP status string of the output returned


to the client.

SubStatusCode

Gets or sets a value qualifying the status code of the


response.

SuppressContent

Gets or sets a value indicating whether to send HTTP


content to the client.

Method

AddHeader

Description
Adds an HTTP header to the output stream. AddHeader
is provided for compatibility with earlier versions of
ASP.

AppendCookie

Infrastructure. Adds an HTTP cookie to the intrinsic


cookie collection.

AppendHeader

Adds an HTTP header to the output stream.

AppendToLog

Adds custom log information to the Internet Information


Services (IIS) log file.

BinaryWrite

Writes a string of binary characters to the HTTP output


stream.

ClearContent

Clears all content output from the buffer stream.

Close

Closes the socket connection to a client.

End

Sends all currently buffered output to the client, stops


execution of the page, and raises the EndRequest event.

Equals(Object)

Determines whether the specified Object is equal to the


current Object

Flush

Sends all currently buffered output to the client.

GetType

Gets the Type of the current instance.

Pics

Appends a HTTP PICS-Label header to the output


stream.

Redirect(String)

Redirects a request to a new URL and specifies the new


URL.

Redirect(String,
Boolean)

Redirects a client to a new URL. Specifies the new URL


and whether execution of the current page should
terminate.

SetCookie

Updates an existing cookie in the cookie collection.

ToString

Returns a String that represents the current Object.

TransmitFile(Strin
g)

Writes the specified file directly to an HTTP response


output stream, without buffering it in memory.

Write(Char)

Writes a character to an HTTP response output stream.

Write(Object)

Writes an Object to an HTTP response stream.

Write(String)

Writes a string to an HTTP response output stream.

WriteFile(String)

Writes the contents of the specified file directly to an


HTTP response output stream as a file block.

WriteFile(String,
Boolean)

Writes the contents of the specified file directly to an


HTTP response output stream as a memory block.

Example:
The following simple example has a text box control where the user can enter
name, a button to send the information to the server and a label control to
display the URL of the client computer.
The content file:
<%@ Page Language="C#" AutoEventWireup="true"
CodeBehind="Default.aspx.cs"
Inherits="server_side._Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
Enter your name:<br />
<asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
<asp:Button ID="Button1" runat="server"

OnClick="Button1_Click" Text="Submit" />


<br />
<asp:Label ID="Label1" runat="server"/>
</div>
</form>
</body>
</html>

6)The ASP Server object.


The Server object provides access to properties and methods on the
server. Much of functionality it provides is simply functionality the web server
itself uses in the normal processing of client requests and server responses. The
syntax, properties and methods of the ASP Server object are as follows:
Syntax
Server.property|method
Properties
.
Properties

Description

ScriptTimeout

The ScriptTimeout property sets or returns the maximum


amount of time (in seconds) that the script in the page can run
before it is terminated. If you do not set a value for this
property, the default value is 90 seconds

Methods
Methods
CreateObjet

Description
The CreateObject method creates an instance of the object (a
component, application or a scripting object) and returns a
reference to it. Once instantiated, this object's properties and
methods can be used just as you can use the properties and

methods of the built-in objects that come with ASP.


Execute

GetLastError
HTMLEncode

MapPath
Transfer

URLEncode

The Execute method executes another .asp page without leaving


the current page. It stops the execution of the current page and
transfers control to the page specified in the URL. After that page
has finished execution, control passes back to the calling page.
The GetLastError method returns an ASPError object that
describes the error condition that occurred.
The HTMLEncode method applies HTML encoding to a
specified string. All non-legal HTML characters are converted to
their equivalent HTML entity.
The MapPath method maps a specified virtual or relative path to
a physical path on the server.
The Transfer method stops execution of the current page and
sends all current state information to another page specified in
the URL. Unlike the Execute method, execution does not resume
in the page calling the Transfer method.
The URLEncode method applies URL encoding rules to a
specified string. All characters that are not valid in an URL are
converted to their equivalent HTML entity.

Unit-III
1)Web forms & ASP.NET:
ASP.NET Web Forms
All server controls must appear within a <form> tag, and the <form> tag
must contain the runat="server" attribute. The runat="server" attribute indicates
that the form should be processed on the server. It also indicates that the
enclosed controls can be accessed by server scripts:
<form runat="server">
...HTML + server controls

</form>
Note: The form is always submitted to the page itself. If you specify an action
attribute, it is ignored. If you omit the method attribute, it will be set to
method="post" by default. Also, if you do not specify the name and id
attributes, they are automatically assigned by ASP.NET.
Note: An .aspx page can only contain ONE <form runat="server"> control!
If you select view source in an .aspx page containing a form with no name,
method, action, or id attribute specified, you will see that ASP.NET has added
these attributes to the form. It looks something like this:
<form name="_ctl0" method="post" action="page.aspx" id="_ctl0">
...some code
</form>
Submitting a Form
A form is most often submitted by clicking on a button. The Button server
control in ASP.NET has the following format:
<asp:Button id="id" text="label" OnClick="sub" runat="server" />
The id attribute defines a unique name for the button and the text attribute
assigns a label to the button. The onClick event handler specifies a named
subroutine to execute.

2)Web forms
Web form is the name Microsoft gives to specially designed asp.net
and html pages that include forms and the back end processing that support
them.
1. Programing web forms
web forms on other hand are a programing interface with objects and
properties and events act you disposal.
the stateless nature of the web
web form allow developers access to some method that presence value in
controls and asp.net contains object especially designed to provide control for
management of state as individual user session and as overall application.

2. Web form capabilities


it used to run the html program on the browser
web form structure
it contains the front and back end page logics.
the web forms code model
it breaks the overall functionality of the application into two major portions.
*) display
*) processing
3) Web form processing
it consist the cycle of request and response object.
minimizing round trips
it used to copy the data that minimize the work.
web form view state
the current status of a web forms page and it contains is called the view
state.
4) Web form and events
ordinary html events
Ordinary web pages are mad from html or xhtml both of which include
the document object module(dom).
web forms event
All the objects and events associated with ordinary html forms and controls
when you use web forms of course but there are some additional processing.
5) Creating web form event handless
coding event handling methods
<asp:button id=my button run at=server onclick=the method/>
6) Building interactive applications with vb.net
7) Solution and projection in vs.net
vs.net offers two types of containers
solutions
projection
8) Solution explorer
Solution explorer is one of the tools vb.net provides to make it easy for you
to manage your solution and projection.
9) Creating a web form
*the document property page dialog box
*adding controls to your web form

ASP.NET Configuration, Scope and State:


3) ASP.NET and configuration

The behaviour of an ASP.Net application is affected by different settings


in the configuration files:
machine.config
web.config
The machine.config file contains default and the machine-specific value for all
supported settings. The machine settings are controlled by the system
administrator and applications are generally not given access to this file.
An application however, can override the default values by creating web.config
files in its roots folder. The web.config file is a subset of the machine.config
file.
If the application contains child directories, it can define a web.config file for
each folder. Scope of each configuration file is determined in a hierarchical topdown manner.
Any web.config file can locally extend, restrict or override any settings defined
on the upper level.
Visual Studio generates a default web.config file for each project. An
application can run without a web.config file, however, you cannot debug an
application without a web.config file.
The following figure shows the Solution Explorer for the sample example used
in the web services tutorial:
In this application there are two web.config files for two projects i.e., the web
service and the web site calling the web service.
The web.config file has the configuration element as the root node. Information
inside this element is grouped into two main areas: the configuration sectionhandler declaration area, and the configuration section settings area.
The following code snippet shows the basic syntax of a configuration file:
<configuration>
<!-- Configuration section-handler declaration area. -->

<configSections>
<section name="section1" type="section1Handler" />
<section name="section2" type="section2Handler" />
</configSections>
<!-- Configuration section settings area. -->
<section1>
<s1Setting1 attribute1="attr1" />
</section1>
<section2>
<s2Setting1 attribute1="attr1" />
</section2>
<system.web>
<authentication mode="Windows" />
</system.web>
</configuration>
The Configuration Section Handler declarations:
The configuration section handlers are contained within the <configSections>
tags. Each configuration handler specifies name of a configuration section,
contained within the file, which provides some configuration data. It has the
following basic syntax:
<configSections>
<section />
<sectionGroup />
<remove />
<clear/>
</configSections>

It has the following elements:


Clear - it removes all references to inherited sections and section groups.
Remove - it removes a reference to an inherited section and section
group.
Section - it defines an association between a configuration section
handler and a configuration element.

Section group - it defines an association between a configuration section


handler and a configuration section.
The Application Settings:
The application settings allow storing application-wide name-value pairs for
read-only access. For example, you can define a custom application setting as:
<configuration>
<appSettings>
<add key="Application Name" value="MyApplication" />
</appSettings>
</configuration>
For example, you can store the name of a book and its ISBN number:
<configuration>
<appSettings>
<add key="appISBN" value="0-273-68726-3" />
<add key="appBook" value="Corporate Finance" />
</appSettings>
</configuration>
The Connection Strings:
The connection strings shows which database connection strings are available to
the website. For example:
<connectionStrings>
<add name="ASPDotNetStepByStepConnectionString"
connectionString="Provider=Microsoft.Jet.OLEDB.4.0;
Data Source=E:\\projects\datacaching\ /
datacaching\App_Data\ASPDotNetStepByStep.mdb"
providerName="System.Data.OleDb" />
<add name="booksConnectionString"
connectionString="Provider=Microsoft.Jet.OLEDB.4.0;
Data Source=C:\ \databinding\App_Data\books.mdb"
providerName="System.Data.OleDb" />
</connectionStrings>

The System. Web Element:


The system.web element specifies the root element for the ASP.NET
configuration section and contains configuration elements that configure
ASP.NET Web applications and control how the applications behave.
It holds most of the configuration elements needed to be adjusted in common
applications. The basic syntax for the element:
<system.web>
<anonymousIdentification>
<authentication>
<authorization>
<browserCaps>
<caching>
<clientTarget>
<compilation>
<customErrors>
<deployment>
<deviceFilters>
<globalization>
<healthMonitoring>
<hostingEnvironment>
<httpCookies>
<httpHandlers>
<httpModules>
<httpRuntime>
<identity>
<machineKey>
<membership>
<mobileControls>
<pages>
<processModel>
<profile>
<roleManager>
<securityPolicy>
<sessionPageState>
<sessionState>
<siteMap>
<trace>
<trust>
<urlMappings>
<webControls>

<webParts>
<webServices>
<xhtmlConformance>
</system.web>
The following table provides brief description of some of common sub elements
of the system.web element:
Anonymous Identification:
This is required to identify users who are not authenticated when authorization
is required.
Authentication:
It configures the authentication support. Basic syntax:
<authentication mode="[Windows|Forms|Passport|None]">
<forms>...</forms>
<passport/>
</authentication>
Authorization
It configures the authorization support.Basic syntax:
<authorization>
<allow .../>
<deny .../>
</authorization>
Caching:
Configures the cache settings.Basic syntax:
<caching>
<cache>...</cache>
<outputCache>...</outputCache>
<outputCacheSettings>...</outputCacheSettings>
<sqlCacheDependency>...</sqlCacheDependency>
</caching>
Custom Errors:
Defines custom error messages. Basic syntax:

<customErrors defaultRedirect="url" mode="On|Off|RemoteOnly">


<error. . ./>
</customErrors>
Deployment:
Defines configuration settings used for deployment. Basic syntax:
<deployment retail="true|false" />
Hosting Environment:
Defines configuration settings for hosting environment.Basic syntax:
<hostingEnvironment
idleTimeout="HH:MM:SS"
shadowCopyBinAssemblies="true|false"
shutdownTimeout="number"
urlMetadataSlidingExpiration="HH:MM:SS"
/>
Identity:
Configures the identity of the application. Basic syntax:
<identity impersonate="true|false"
userName="domain\username"
password="<secure password>"/>
Machine Key:
Configures keys to use for encryption and decryption of Forms authentication
cookie data.
It also allows configuring a validation key that performs message authentication
checks on view-state data and Forms authentication tickets. Basic syntax:
<machineKey
validationKey="AutoGenerate,IsolateApps" [String]
decryptionKey="AutoGenerate,IsolateApps" [String]
validation="HMACSHA256" [SHA1 | MD5 | 3DES | AES | HMACSHA256 |
HMACSHA384 | HMACSHA512 | alg:algorithm_name]
decryption="Auto" [Auto | DES | 3DES | AES | alg:algorithm_name]
/>
Membership:

This configures parameters of managing and authenticating user accounts.Basic


syntax:
<membership
defaultProvider="provider name"
userIsOnlineTimeWindow="number of minutes"
hashAlgorithmType="SHA1">
<providers>...</providers>
</membership>
Pages:
Provides page-specific configurations. Basic syntax:
<pages
asyncTimeout="number"
autoEventWireup="[True|False]"
buffer="[True|False]"
clientIDMode="[AutoID|Predictable|Static]"
compilationMode="[Always|Auto|Never]"
controlRenderingCompatibilityVersion="[3.5|4.0]"
enableEventValidation="[True|False]"
enableSessionState="[True|False|ReadOnly]"
enableViewState="[True|False]"
enableViewStateMac="[True|False]"
maintainScrollPositionOnPostBack="[True|False]"
masterPageFile="file path"
maxPageStateFieldLength="number"
pageBaseType="typename, assembly"
pageParserFilterType="string"
smartNavigation="[True|False]"
styleSheetTheme="string"
theme="string"
userControlBaseType="typename"
validateRequest="[True|False]"
viewStateEncryptionMode="[Always|Auto|Never]"
>
<controls>...</controls>
<namespaces>...</namespaces>
<tagMapping>...</tagMapping>
<ignoreDeviceFilters>...</ignoreDeviceFilters>
</pages>
Profile:

Configures user profile parameters. Basic syntax:


<profile
enabled="true|false"
inherits="fully qualified type reference"
automaticSaveEnabled="true|false"
defaultProvider="provider name">
<properties>...</properties>
<providers>...</providers>
</profile>
Role Manager:
Configures settings for user roles. Basic syntax:
<roleManager
cacheRolesInCookie="true|false"
cookieName="name"
cookiePath="/"
cookieProtection="All|Encryption|Validation|None"
cookieRequireSSL="true|false "
cookieSlidingExpiration="true|false "
cookieTimeout="number of minutes"
createPersistentCookie="true|false"
defaultProvider="provider name"
domain="cookie domain">
enabled="true|false"
maxCachedResults="maximum number of role names cached"
<providers>...</providers>
</roleManager>
Security Policy:
Configures the security policy. Basic syntax:
<securityPolicy>
<trustLevel />
</securityPolicy>
Url Mappings:
Defines the mappings for hiding the actual URL and providing a more user
friendly URL. Basic syntax:

<urlMappings enabled="true|false">
<add.../>
<clear />
<remove.../>
</urlMappings>
Web Controls:
It provides the name of shared location for client scipts. Basic syntax:
<webControls clientScriptsLocation="String" />

4) ASP.NET and state


HTTP ( Hyper Text Transfer Protocol) is a stateless protocol. When the
client disconnects from the server, the ASP.Net engine discards the page objects.
This way each web application can scale up to serve numerous requests
simultaneously without running out of server memory.
However, there need to be some technique to store the information between
requests and to retrieve it when required. This information i.e., the current value
of all the controls and variables for the current user in the current session is
called the State.
ASP.Net manages four types of state:
1. View State
2. Control State
3. Session State
4. Application State
View State:
The View State is the state of the page and all its controls. It is automatically
maintained across posts by the ASP.Net framework.
When a page is sent back to the client, the changes in the properties of the page
and its controls are determined and stored in the value of a hidden input field
named _VIEWSTATE. When the page is again post back the _VIEWSTATE
field is sent to the server with the HTTP request.

The view state could be enabled or disabled for:


The entire application - by setting the EnableViewState property in the
<pages> section of web.config file
A page - by setting the EnableViewState attribute of the Page directive,
as <%@ Page Language="C#" EnableViewState="false" %>
A control - by setting the Control.EnableViewState property.
It is implemented using a view state object defined by the StateBag class which
defines a collection of view state items. The state bag is a data structure
containing attribute/value pairs, stored as strings associated with objects.
The StateBag class has the following properties:
Properties

Description

Item(name)

The value of the view state item with the specified


name. This is the default property of the StateBag class

Count

The number of items in the view state collection

Keys

Collection of keys for all the items in the collection

Values

Collection of values for all the items in the collection

Control State:
Control state cannot be modified, accessed directly or disabled.
Session State:
When a user connects to an ASP.Net website, a new session object is created.
When session state is turned on, a new session state object is created for each
new request. This session state object becomes part of the context and it is
available through the page.

Session state is generally used for storing application data like inventory or
supplier list, or a customer record or shopping cart. It can also keep information
about the user and his preference and keep track of pending operations.
Sessions are identified and tracked with a 120-bit SessionID, which is passed
from client to server and back as cookie or a modified URL. The SessionID is
globally unique and random.
The session state object is created from the HttpSessionState class, which
defines a collection of session state items.
The HttpSessionState class has the following properties:
Properties

Description

SessionID

The unique session identifier

Item(name)

The value of the session state item with the specified name.
This is the default property of the HttpSessionState class

Count

The number of items in the session state collection

TimeOut

Gets and sets the amount of time, in minutes, allowed between


requests before the session-state provider terminates the
session.

Application State
An ASP.Net application is the collection of all web pages, code and other files
within a single virtual directory on a web server. When information is stored in
application state, it is available to all the users.
To provide for the use of application state, ASP.Net creates an application state
object for each application from the HTTPApplicationState class and stores this
object in server memory. This object is represented by class file global.asax.
Application State is mostly used to store hit counters and other statistical data,
global application data like tax rate, discount rate etc and to keep track of users
visiting the site.

The HttpApplicationState class has the following properties:


Properties

Description

Item(name)

The value of the application state item with the specified


name. This is the default property of the
HttpApplicationState class.

Count

The number of items in the application state collection.

Application state data is generally maintained by writing handlers for the


events:
Application_Start
Application_End
Application_Error
Session_Start
Session_End

5)The Application Object


A group of ASP files that work together to perform some purpose is
called an application. The Application object is used to tie these files together.
Application Object
An application on the Web may consists of several ASP files that
work together to perform some purpose. The Application object is used to tie
these files together.
The Application object is used to store and access variables from any page, just
like the Session object. The difference is that ALL users share ONE Application
object (with Sessions there is ONE Session object for EACH user).
The Application object holds information that will be used by many pages in the
application (like database connection information). The information can be

accessed from any page. The information can also be changed in one place, and
the changes will automatically be reflected on all pages.
The Application object's collections, methods, and events are described below:
Collections
Collection
Contents
StaticObjects

Description
Contains all the items appended to the application through a script
command
Contains all the objects appended to the application with the HTML
<object> tag

Methods
Method
Contents.Remove
Contents.RemoveAll()
Lock
Unlock
Events
Event
Application_OnEnd
Application_OnStart

Description
Deletes an item from the Contents collection
Deletes all items from the Contents collection
Prevents other users from modifying the variables in the
Application object
Enables other users to modify the variables in the Application
object (after it has been locked using the Lock method)
Description
Occurs when all user sessions are over, and the application ends
Occurs before the first new session is created (when the
Application object is first referenced)

6)ASP sessions
The Primary Different Between A session And An Application is that the
application is glabal while the session is local to its user variable found in the
session are accessible only by the user who started the session
Session in asp.net
Session are created in a manner similar to asp sessions using a 120-bit
string that is unique any very difficult to generate maliciously .
Enabling and Disabling asp sessions
Processing Cookies from server Consumes From Server Processing
Directive.
<%ENABLESSIONSTATE=false%>
It used to turn off Session for the Entire Application.

7) The session object:


A Session object stores information about, or change settings for a user
session.
Session Object
When you are working with an application on your computer, you open it, do
some changes and then you close it. This is much like a Session. The computer
knows who you are. It knows when you open the application and when you
close it. However, on the internet there is one problem: the web server does not
know who you are and what you do, because the HTTP address doesn't maintain
state.
ASP solves this problem by creating a unique cookie for each user. The cookie
is sent to the user's computer and it contains information that identifies the user.
This interface is called the Session object.
The Session object stores information about, or change settings for a user
session.
Variables stored in a Session object hold information about one single user, and
are available to all pages in one application. Common information stored in
session variables are name, id, and preferences. The server creates a new
Session object for each new user, and destroys the Session object when the
session expires.
The Session object's collections, properties, methods, and events are described
below:
Collections
Collection
Contents
StaticObjects
Properties
Property
CodePage

Description
Contains all the items appended to the session through a script command
Contains all the objects appended to the session with the HTML
<object> tag
Description
Specifies the character set that will be used when displaying dynamic
content

LCID

SessionID
Timeout

Sets or returns an integer that specifies a location or region. Contents like


date, time, and currency will be displayed according to that location or
region
Returns a unique id for each user. The unique id is generated by the server
Sets or returns the timeout period (in minutes) for the Session object in this
application

Methods
Method
Abandon
Contents.Remove
Contents.RemoveAll()
Events
Event
Session_OnEnd
Session_OnStart

Description
Destroys a user session
Deletes an item from the Contents collection
Deletes all items from the Contents collection

Description
Occurs when a session ends
Occurs when a session starts

Unit-IV
ASP.NET objects and components:
1)The Scripting Object Model
The Scripting Object Model
To make Web application development faster and easier, Microsoft
Visual InterDev provides the scripting object model, which simplifies Web
application development by introducing a familiar object-oriented programming
model to HTML and script programming. The model also greatly reduces the
complexity and quantity of scripting required to write applications involving
interaction between client (browser) and server.

The Visual InterDev scripting object model defines a set of objects with events,
properties, and methods that you can use to create and script your application.
You can create the visual interface for your application using design-time
controls, and then write script to control the application using familiar objectoriented techniques.
The scripting object model allows you to create Web applications in much the
same way you create applications in environments such as Microsoft Visual
Basic and Microsoft Access.
The scripting object model is easiest to understand if you compare the scripting
object model with how Web applications are created using the combination of
ASP and HTML. To create a form, for example, you place HTML elements on a
page, including text boxes, list boxes, and buttons. One of the buttons is
typically a Submit button, which causes the form to be sent to the server, and
which specifies an ASP page containing server script to process the form.
Scripts on the destination page must manually examine the state submitted by
the browser, and there is no association with the object that created the state.
Advantages of the Script Object Model
The scripting object model provides these advantages:
Rapid application development using a familiar object-oriented
model. You can apply standard object-oriented techniques to developing
Web applications. Because you have to write less script and can use
simpler script, you can create applications more quickly and with fewer
errors.
Browser and platform independence. You can use the scripting object
model no matter what browsers will access your application. It works
virtually the same whether you design your applications for server script
(for maximum reach) or client script (for a better user experience, such as
less flashing and fewer round trips to the server).
Simplified forms. You can create forms by dragging design-time
controls onto a page in the same way you do in environments such as
Visual Basic, and change their appearance and behavior using properties.
You can process forms by writing standard event handlers and by calling
methods the scripting object model handles the complexities of
posting the form and dispatching to the correct form-handling logic.

Isolated application logic. You can more easily isolate your application
logic in discrete procedures including procedures on other pages
rather than mingling it with user interface and navigation elements.
State maintenance. The scripting object model provides a mechanism
for retaining the state of objects as control is transferred between the
client and server. You do not have to manually manage state in hidden
fields or session variables.
Data binding. The scripting objects can be bound to database fields so
you can use them for data-entry and data-editing forms.
Simplified page navigation. The scripting object model provides a
mechanism that allows you to navigate to another page by name rather
than specifying the URL of the target page, and that can jump directly to
any procedure on the page.
Remote scripting. You can execute server scripts from a page without
navigating off the page. As in traditional client/server applications, this
allows browser scripts to ask the server for a set of results, which can
then be used in the browser for further calculations or to alter the page
through DHTML.
Components of the Scripting Object Model
When you use the scripting object model, you work with a variety of objects.
You use the same objects whether you are writing server-based applications
(in .asp files) or pages with script that will be executed on the client browser
(.htm files).
Enabling the Scripting Object Model
Before you can use the scripting object model, you must enable it, which
constructs the scripting object model framework for the page.

2) Active Server Components and Controls

The Active Platform was Microsoft's vision of the next generation of


distributed computing. It exploits the best of the centralized programming
models as well as the best of decentralized programming. The Microsoft vision
has profound implications for the Internet (not merely for industrial-strength
client/server programming) and for the way that systems are developed and
deployed. Microsoft's model creates applications that are logically centralized
and physically decentralized. A logically centralized system can be administered
from anywhere. Such a system is conceptually simple, and when properly
tooled, is easy to manage. Physically decentralized systems can be more
efficient, fault tolerant, powerful, and scaleable.
The most striking thing about the Active Platform picture is that both sides of
the diagram are almost identical, evidently different only to the extent of system
services.
Scripting
Client-side scripting and server-side scripting have different missions in
life. Client-side scripts most often add improved user interface and data
validation (when HTML forms are used). Server-side scripts, especially in
Active Server Pages, are practically unlimited; but they are primarily used to

capture business rules and access to data (the second and third tiers in 3-tier
client/server programming).
The important thing to stress here, however, is that server-side can, if properly
implemented, create client-side scripts. One of the most important questions in
Internet development is the one that makes you choose between programming
to the broadest audience and programming for the richest on-line experience. To
the extent that you choose the former, server-side scripting is important for two
reasons:

Server-side scripts can sense the capabilities of requesting client


programs.

They can be as powerful as you, the designer, want, regardless of


how thin the client is.

For example, the thinnest client on the Internet is the one that cannot render
graphics of any kind. The ALT parameter of the IMG tag in HTML originally
was intended to help such clients interpret important parts of the screen that
they otherwise couldn't see, by describing the area in words instead of an image.
With an Active Server Page, your application can sense when such a browser
(for that's what these kinds of programs are-as opposed to Web client programs
that have more processing power) is making a request of your Web site. You can
then present such graphics-challenged browsers with whole paragraphs, not
merely short expressions, to give them as much information as possible, given
their inherent limitations.
In today's Internet, a major difference between Web clients brands is
whether they recognize ActiveX controls or not. Again, the Active Server Page
doesn't care one way or the other. If it senses the ability to interpret ActiveX
controls, it presents them; otherwise, it includes static images (or text, if
necessary).

Of far greater importance than these mundane issues is the fact that Active
Server Pages promote a new level of processing power into the Web server. It is
critical to remember that the Web server was never designed to be an
application server. It was designed to deliver HTML. This remains its primary
mission, even on the Active Platform, but with Active Server Pages, this design
constraint ceases to be a constraint at all.
The scripts that are contained in Active Server Pages, especially those
driven by Active Server components, bring virtually all the power of traditional

client/server programming to the Web server. Indeed, to the extent that Active
Server components are utilized, Active Server Pages can do things that even the
most sophisticated client/server programs can't.
Components
Components may be the single most important feature of Active Server Pages.
Their importance to ASP is understandable when you step back and see how
pervasively Microsoft has embraced components in virtually everything they
create. Everything from the Internet Explorer to Windows NT 5.0 has been
"componentized" by Microsoft engineers. Components give programmers many
advantages, including lower development time and cost, added flexibility, easier
maintenance, and most important, easy scaleability.
For the ASP development community, on the server-side, server components are
either intrinsic to the Active Server or they are user-defined. On the client-side,
ActiveX controls provide functionality similar to server components.
Active Server Components
Active Server Components basically do two things. First, they directly expose
operating system services to your Active Server Pages. Second, they
encapsulate business rules in a way that is extremely easy to program. Perhaps
even more important in the long run, Active Server Components are easy to
create. That is, by using programming tools and environments optimized to
work with the Active Platform, writing sophisticated server components is no
longer the province of the advanced programmer.
There is a truism in programming that the best programmers are users. Active
Server components will prove that not only to be true but important, as well. In
the summer of 1996, it was estimated that the number of lines of Visual Basic
code finally exceeded the number of lines of code written in COBOL, the
perennial champ. Perhaps the biggest reason Visual Basic is so prolific is that
users, not professional programmers, wrote these "extra" lines of code. Active
Server component development will bring the same ease of programming to the
Internet that Visual Basic brought to creating Windows programs.
To get a feel for what server components are and what they do, take a look at a
few of those that ship with the Active Server.
The Browser Capabilities component is the component that permits an Active
Server Page to determine what kind of browser or Web client program is
making a request. It makes this determination by looking to the User Agent
HTTP header and looking up the identified browser in the browscap.ini file. All
of the listed features of the browser are exposed as properties of the Browser
Capabilities component.
The Browser Capabilities component is a clever piece of code, but it doesn't
have anything to do with the operating system. One component that does get

closer to the OS is the TextStream component. This component relies on the


FileSystem object, which, as the name suggests, accesses low-level file I/O.
With this component, opening or creating text files in the directory system is
simple and direct. Navigating through the files' contents is equally
straightforward.
Choosing a Scripting Language
Until the advent of the Active Server, programmers spent too much time
worrying about infrastructure (e.g., programming Database Management
System (DBMS) connections) and not enough time in their core competence
(i.e., doing something useful with the recordsets fetched from the DBMS). By
bringing the system services closer to the program and abstracting these
services into server components, Active Server Pages promises productivity
gains absolutely unrivaled in the history of computing.
The other feature of Microsoft's vision for Active Server Pages is in one of
Microsoft key design goals for ActiveX Data Objects: universal access, not
universal storage. This preference to know where everything is instead of
collecting everything in one place is the natural extension of the overall mission
of Active Server Pages-to keep things logically centralized and physically
decentralized.
Active Server Pages introduced a whole new concept to web development scripting language of your choice. Before ASP came around, the web
development tools such as ColdFusion by Allaire required that you know a
proprietary scripting language (in the case of ColdFusion it is CFML). On the
other hand there was (still is) Perl, which with packages provides access to
databases and other functionality that you have come to expect from a web
development environment.
ASP provides a better way of doing things - it modularizes the web
development effort. It gives you the option of choosing your scripting language,
something most other web development tools do not offer. While there are many
scripting languages around, the two most prominent are - VBScript and
JavaScript. You can also use PerlScript, an ActiveX scripting engine available
from ActiveState Tools, Corp. that you can use for scripting your ASP pages.

Going back to VBScript and JavaScript, a common question that has been asked
is "what is the best scripting language, VBScript or JavaScript?" In reality, there
is no "better" scripting language. It all depends on what context you ask the
question. Here are some of the factors you may want to consider before settling
on one.

3)More Active Server Components


AspEncrypt
AspEncrypt is an Active Server component that brings security to your
applications through encryption. With AspEncrypt, you can encrypt data, send
S/MIME-based secure mail, compute one-way hash values, generate and verify
digital signatures, issue and manage X.509 digital certificates, and more. This
component can be used in an ASP/ASP.NET or VB environment on Windows
2000/XP/2003/2008/Vista/7.
AspEncrypt Features
AspEncrypt offers a wide range of cryptographic functions:
Encrypts and decrypts text, files and binary data using strong encryption.
Supports all major symmetric-encryption algorithms: RC2, RC4, DES,
Triple-DES and AES.

Encryption keys can be random, password-derived or imported from an


external source.
Supports all major one-way hash functions: MD4, MD5, SHA and
SHA256.
Sends certificate-based secure mail (AspEmail is also needed).
Generates and validates RSA digital signatures.
Supports encryption with a public key and decryption with the
corresponding private key.
Issues and manages digital certificates.
Can be used on the server as well as a client machine.
More Active Server Components
1, More Microsoft IIS server components

Counter components- for counting anything you want to track


Page counter components- for tracking page hits
Permission checker components- for checking authorization levels
Tools component- asp tools for common function
Logging utility component- for managing log files

These components are should already be installed and ready for use when
you install IIS 5.0
2. The counter component
The counter component is single components that can be used easily
create any number of individual counters for an application.
Counter components methods
The counters component has methods for creating counters and retrieving
their values, as well as incrementing or setting values and removing counters
altogether.
Get(counter)- This method returns the current value of whatever counter
their values

Increment (counter) - this method increase the value of the specified


counter by one.
Remove (counter) - This method removes the specified counter.
Set (counter, value)-This method is sets the value of the specified counter
the value.
3. Third-Party components for asp
Many third-party components available, and one very appealing function
that several components can perform is file uploading and downloading.
Getting and installing third-party components
[It means uploading and downloading file with the various option it
gives to the user]
Active file methods and properties
Active file component has quite a few objects, properties, and
methods available, but
We are only going to cover couple of them here.
To know more see
1 Component manual

2. Graphical guide

Unit-V
1)Web services & ASP. NET
A web service is a web-based functionality accessed using the
protocols of the web to be used by the web applications. There are three aspects
of web service development:
Creating the web service
Creating a proxy
Consuming the web service
Creating the Web Sevice:
A web service is an web application which is basically a class consisting of
methods that could be used by other applications. It also follows a code-behind

architecture like the ASP.Net web pages, although it does not have an user
interface.
To understand the concept let us create a web service that will provide stock
price information. The clients can query about the name and price of a stock
based on the stock symbol. To keep this example simple, the values are
hardcoded in a two-dimensional array. This web service will have three
methods:
A defaullt HelloWorld method
A GetName Method
A GetPrice Method
Take the following steps to create the web service:
Step (1): Select File--> New --> Web Site in Visual Studio, and then select
ASP.Net Web Service.
Step (2): A web service file called Service.asmx and its code behind file,
Service.cs is created in the App_Code directory of the project.
Step (3): Change the names of the files to StockService.asmx and
StockService.cs.
Step (4): The .asmx file has simply a WebService directive on it:
<%@ WebService Language="C#"
CodeBehind="~/App_Code/StockService.cs"
Class="StockService" %>
Step (5): Open the StockService.cs file, the code generated in it is the basic
Hello World service. The default web service code behind file looks like the
following:
Step (6): Change the code behind file to add the two dimensional array of
strings for stock symbol, name and price and two web methods for getting the
stock information.
Step (7) : Running the web service application gives a web service test page,

which allows testing the service methods.


Step (8) : Click on a method name, and check whether it runs properly.
Step (9): For testing the GetName method, provide one of the stock symbols,
which are hard coded, it returns the name of the stock.
Consuming the Web Service:
For using the web service, create a web site under the same solution. This
could be done by right clicking on the Solution name in the Solution Explorer.
The web page calling the web service should have a label control to display
the returned results and two button controls one for post back and another for
calling the service.
Creating the Proxy:
A proxy is a stand-in for the web service codes. Before using the web service,
a proxy must be created. The proxy is registered with the client application.
Then the client application makes the calls to the web service as it were using
a local method.
The proxy takes the calls, wraps it in proper format and sends it as a SOAP
request to the server. SOAP stands for Simple Object Access Protocol. This
protocol is used for exchanging web service data.
When the server returns the SOAP package to the client, the proxy decodes
everything and presents it to the client application.
Before calling the web service using the btnservice_Click, a web reference
should be added to the application. This creates a proxy class transparently,
which is used by the btnservice_Click event.
protected void btnservice_Click(object sender, EventArgs e)
{
StockService proxy = new StockService();
lblmessage.Text = String.Format("Current SATYAM Price: {0}",
proxy.GetPrice("SATYAM").ToString());
}
Take the following steps for creating the proxy:
Step (1): Right click on the web application entry in the Solution Explorer and

click on 'Add Web Reference'.


Step (2): Select 'Web Services in this solution'. It returns the StockService
reference.
Step (3): Clicking on the service opens the test web page. By default the proxy
created is called 'localhost', you can rename it. Click on 'Add Reference' to add
the proxy to the client application.
Include the proxy in the code behind file by adding:
using localhost;

2) WSDL & SOAP


WSDL
WSDL is an XML-based language for describing Web services and how to
access them.
WSDL stands for Web Services Description Language
WSDL is written in XML
WSDL is an XML document
WSDL is used to describe Web services
WSDL is also used to locate Web services
WSDL is a document written in XML. The document describes a Web service.
It specifies the location of the service and the operations (or methods) the
service exposes.
SOAP
SOAP is a simple XML-based protocol to let applications exchange
information over HTTP.
Or more simply: SOAP is a protocol for accessing a Web Service.
SOAP stands for Simple Object Access Protocol
SOAP is a communication protocol

SOAP is for communication between applications


SOAP is a format for sending messages
SOAP communicates via Internet
SOAP is platform independent
SOAP is language independent
SOAP is based on XML
SOAP is simple and extensible
SOAP allows you to get around firewalls

3) Web services Background


A Web Service is a set of related methods that can be invoked
over the Internet or other network. A Web Service and its clients exchange
information using only simple and non-proprietary protocols. This means that
they can communicate with each other regardless of location, platform, or
programming language. Essentially, the Web Services protocols provide a
platform independent way to do Remote Procedure Calls (RPC).
The following table lists the principal Web Service protocols along with their
purposes and provides a brief description of each protocol:
Purpose
Description
HyperText Transfer Protocol. Basic networking protocol
HTTP
Transport
used by the Internet.
Simple Object Access Protocol. An XML-based protocol for
encoding messages sent between a Web Service method and
SOAP
Packaging a client. Encodes the arguments passed to a Web Service
method as well as any values returned by the method to the
client.
WSDL
Descriptio Web Service Description Language. An XML-based
n
protocol for describing a Web Service. A WSDL document
provides the signatures of a Web Services methods as well
as other information about the data types involved in the
Web Service. By referencing the WSDL, client code can use

UDDI

Discovery

the Web Services types and methods.


Universal Description, Discovery, and Integration. An XMLbased protocol for creating Web Service registries that
applications can use to locate Web Service descriptions.

4) ASP.NET &SQL server


SQL is a database computer language designed for the retrieval and
management of data in relational database. SQL stands for Structured Query
Language.

Microsoft Enterprise Server


Application Center 2000
BizTalk Server
Commerce Server
Content Management Server
Exchange server
Host Integration Server
Internet Security And Acceleration Server
Mobile Information Sever
Share Point Portal Server

5) Using SQL server


Setting up a SQL Server database
Set up a SQL Server database to work with This procedure assumes that
the following prerequisites have been met:
You have SQL Server installed
SQL Server service is started
You have the SQL Server JDBC driver installed.
The TCP protocol is enabled for SQL Server
The user who creates the DB table must have one of the following
permissions:
o A membership in the sysadmin fixed server role, or ownership of
the database (dbo)

Setting up a database
This section describes how to set up the SQL Server database by using the
command line tool sqlcmd, which is provided with the SQL Server installation.
You can also use a visual tool, such as SQL Server Studio Management, which
is also available for the Express version as SQL Server Studio Management
Express. See the SQL Server documentation or an SQL Server database
administrator (DBA) for more information.
To set up an SQL Server database by using the command tool sqlcmd:
1. Create a database. From the command line tool, type:
2. CREATE DATABASE jazz
GO
3. Create a user and password and change the ownership of the database.
From the command line tool, type:
4.
5.
6.
7.

CREATE LOGIN jazzDBuser


WITH PASSWORD = 'jazzDBpswd';
USE jazz;
exec sp_changedbowner 'jazzDBuser'
GO

8. Change the collation of the database. From the command line tool, type:
9. ALTER DATABASE jazz COLLATE
SQL_Latin1_General_CP437_CS_AS
GO

INSTALLING SQL SERVER


6) Using databases in ASP.NET applications
BDP.NET includes component designers to facilitate the creation of database
applications. Instead of dropping individual components on a designer,
configuring each in turn, use BDP.NET designers to rapidly create and
configure database components. The following procedure demonstrates the
major components of ASP.NET, ADO.NET, and BDP.NET at work.
Building an ASP.NET application with database components consists of four
major steps:
1 Create an ASP.NET project.

1 Configure database connection components and a data source.


1 Add a DataBind call.
1 Connect a DataGrid to the connection components.
Tip: For testing purposes, use the employee.gdb database included with
Interbase, if included with your version of the product.
To create an ASP.NET project
1 Choose File New ASP.NET Web Application. The New ASP.NET
Web Application dialog appears.
1 In the Name field, enter the name of your project.
1 In the Location field, use the default or enter the project path.
To change Web server settings (optional)
1 In the New ASP.NET Web Application dialog, click View Server
Options The dialog expands to show additional server options.
1 Set the various read and write attributes of the project as needed or accept
the defaults.
Tip: In most cases, the default settings will suffice.
1 Click OK. The Web Forms Designer appears.
To configure data components
1 Drag and drop a BdpDataAdapter component onto the Designer. If
necessary, select BdpDataAdapter.
1 In Object Inspector, select Configure Data Adapter. The Data
Adapter Configuration dialog appears.
1 If necessary, select the Command tab. From the Connection drop-down,
select New Connection.
1 The Borland Data Provider: Connections Editor dialog appears.
Tip: Alternatively, use Data Explorer to drag and drop a table on to the
Designer surface. Data Explorer sets the connection string automatically.

To set up a connection
1 In Borland Data Provider: Connections Editor, select the appropriate
item from the Connections list.
1 In Connection Settings, enter the Database path.
Note: If referring to a database on the local disk, prepend the path with
localhost:
. If using Interbase, for example, you would enter the path to your
Interbase database: localhost:C:\Program
Files\Borland\Interbase\Examples\Database\employee.gdb (or whatever
the actual path might be for your system).
1 Complete the UserName and Password fields for the database as needed.
1 Click Test to confirm the connection. A dialog appears confirming the
status of the connection.
1 Click OK to return to the Borland Data Provider: Connections Editor
dialog.
1 Click OK to return to the Data Adapter Configuration dialog. In the
Command tab, the areas for Tables and Columns are updated with
information from your connection.
To set a command
1 In the Select area, enter an SQL command.
Tip: For Interbase's employee.gdb database, you might enter select *
from SALES
, as an example.
1 Click the Preview Data tab.
1 Click Refresh. Column and row data appear.
1 Click the DataSet tab.
1 Confirm that New DataSet is selected.

1 Click OK. New components for DataSet and BdpConnection appear on


the Designer.
1 Select BdpDataAdapter component.
1 In Object Inspector, select the Active property drop-down and set the
value to True.
To connect a DataGrid to a DataSet
1 Drag and drop a DataGrid web control onto the Designer. If necessary,
select DataGrid.
1 In Object Inspector, select the DataSource property drop-down. Select
the DataSet component that you generated previously (the default is
DataSet1).
1 In Object Inspector, select the DataMember property drop-down. Select
the appropriate table. The DataGrid displays data from the DataSet.
To add a DataBind call
1 Use the Object Inspector drop-down to select the Web Form
(WebForm1 is the default).
1 In Object Inspector, select the Events tab.
1 Set the Load event to Page_Load.
1 In Object Inspector, double-click Page_Load. The code-behind
Designer appears, cursor in place between event handler brackets.
1 Code the DataBind call:
this.dataGrid1.DataBind();
Self.dataGrid1.DataBind();

7) ActiveX data objects


ADO can be used to access databases from your web pages.
DO is a Microsoft technology

ADO stands for ActiveX Data Objects


ADO is a Microsoft Active-X component
ADO is automatically installed with Microsoft IIS
ADO is a programming interface to access data in a database
Accessing a Database from an ASP Page
The common way to access a database from inside an ASP page is to:
1. Create an ADO connection to a database
2. Open the database connection
3. Create an ADO recordset
4. Open the recordset
5. Extract the data you need from the recordset
6. Close the recordset
7. Close the connection
ADO evolved from an earlier Microsoft data interface, Remote Data Objects
(RDO). RDO works with Microsoft's ODBC to access relational databases, but
not nonrelational databases such as IBM's ISAM and VSAM.

8) The Ado.Net Objective Model


ADO.NET is a set of computer software components that
programmers can use to access data and data services based on disconnected
DataSets and XML. It is a part of the base class library that is included with the
Microsoft .NET Framework. It is commonly used by programmers to access and
modify data stored in relational database systems, though it can also access data
in non-relational sources. ADO.NET is sometimes considered an evolution of
ActiveX Data Objects (ADO) technology, but was changed so extensively that it
can be considered an entirely new product.

9) Coding structured query language.


Structured Query Language (SQL) is a widely-used programming
language for working with relational databases. This Wikibook provides a short

description of SQL, its origins, basic concepts and components, and a lot of
examples. The book follows the specifications of the SQL:2011 standard, which
is developed by a common committee of ISO and IEC. Their publications are
not freely available. But you may want to refer to a working draft of SQL:2008,
which you can download from Whitemarsh Information Systems Corporation.
Characteristics
The tokens and syntax of SQL are oriented on English common speech to keep
the access barrier as small as possible. A SQL command like UPDATE
employee SET salary = 2000 WHERE id = 511; is not far away from the
sentence "Change employee's salary to 2000 for the one with id 511."
The next simplification is that all key words of SQL can be expressed in any
combination of upper and lower case characters someone prefers. It makes no
difference whether you write UPDATE, update, Update, UpDate or any other
combination of upper and lower case characters. The keywords are case
insensitive.
Next SQL is a descriptive language, not a procedural one. It does not predecide all aspects of the relational operations (which operation, their order, ...)
which are generated from the given SQL statement. The rDBMS has the
freedom to generate more than one execution plan from it and run this one it
thinks is the best in the given situation. Additionally the end user is freed from
all the gory details of data access, e.g.: Which one of a set of WHERE criteria
should be evaluated first if they are combined with AND?
Despite those simplifications SQL is very powerful. Especially it allows the
manipulation of a set of data records with one single statement. UPDATE
employee SET salary = salary * 1.1 WHERE salary < 2000; will affect all
employee records with an actual salary smaller than 2000: there may be
thousands of those records, only a few or even zero. And you may have
recognized that the operation is not a fixed manipulation. The wording SET
salary = salary * 1.1 leads to an increase of the salaries by 10%, which may be
120 for one employee and 150 for another one.
The designer of SQL tried to define the language elements orthogonally to each
other. Among other things that means that any language element may be used at
all positions of a statement where the result of that element may be used

directly. E.g.: If you have a function power() which takes two numbers and
returns another number, you can use this function at all places where numbers
are allowed. The following statements are syntactically correct (if you have
defined the function power() ) - and they lead to the same data records, but this
aspect is not important here.
SELECT salary FROM employee WHERE salary < 2048;
SELECT salary FROM employee WHERE salary < POWER(2, 11);
SELECT POWER(salary, 1) FROM employee WHERE salary < 2048;
Another example of orthogonality is the use of subqueries within UPDATE,
INSERT, DELETE or inside another SELECT statement.
Nevertheless SQL is not free of redundancy. Often there are a lot of choices
you can choose from to express the same situation.
SELECT salary FROM employee WHERE salary < 2048;
SELECT salary FROM employee WHERE NOT salary >= 2048;
SELECT salary FROM employee WHERE salary BETWEEN 0 AND 2047.99;
is a simple example. In complex statements you may have the choice between
joins, subqueries and the exists construct.
Fundamentals
Core SQL consists of statements. Statements consist of key words, operators,
values, names of system and user objects or functions. They are concluded by a
semicolon. In the statement SELECT salary FROM employee WHERE id <
100; the tokens SELECT, FROM and WHERE are key words. salary, employee
and id are object names, the "<" sign is an operator and "100" is a value.
The SQL standard arranges statements into 9 groups:
"The main classes of SQL-statements are:
SQL-schema statements; these may have a persistent effect on the set of
schemas.
SQL-data statements; some of these, the SQL-data change statements,
may have a persistent effect on SQL data.
SQL-transaction statements; except for the <commit statement>, these,
and the following classes, have no effects that persist when an SQLsession is terminated.

SQL-control statements.
SQL-connection statements.
SQL-session statements.
SQL-diagnostics statements.
SQL-dynamic statements.
SQL embedded exception declaration."
This detailed grouping is unusual in common speech. Usually we distinguish
between three groups:
Data Definition Language (DDL): Managing the structure of database
objects (create/drop tables, views, columns, ...)
Data Manipulation Language (DML): Managing and retrieval of data
with the statements INSERT, UPDATE, DELETE, SELECT, COMMIT
and ROLLBACK.
Data Control Language (DCL): Managing access rights.
Hint: In some publications the SELECT statement is said to build its own group
Data Query Language. This group has no other statements than SELECT.
Turing completeness
Core SQL as described above is not Turing complete. It misses conditional
branches, variables, subroutines. But the standard as well as most
implementations offers an extension to fulfill the demand for Turing
completeness. In 'Part 4: Persistent Stored Modules (SQL/PSM)' of the standard
there are definitions for IF-, CASE-, LOOP-, Assignment- and other statements.
The existing implementations of this part have different names, different syntax
and also a different scope of operation: PL/SQL in Oracle, SQL/PL in DB2,
Transact-SQL or T-SQL in MS-SQL and Sybase, PL/pgSQL in Postgres and
simply 'stored procedures' in MySQL.

REFERENCE BOOKS:

1.Dave Mercer, ASP. NET a Beginners Guide, Tata McGraw Hill Pub.
Company Ltd, 2002
2. Matt J. Couch, ASP. NET and VB. NET Web programming , Pearson
Education, 2002.
3..Kirk Allen Evans, Ashwin Kamanna, Joel Mueller, XML and ASP.NET,
Pearson
Education, 2002.

Created By

WHB
(www.whbforhelp.tk)

You might also like