I M.Sc.

(CS)
Distributed Technologies

Unit IV
Advanced Features of ASP.NET

1. What are the Advanced Features of ASP.NET?

 ASP.Net is an exciting server side technology used for developing web based applications

 It uses the namespaces, classes and methods provided by the .NET Framework

 There are the following features of the ASP.NET

o MasterPage

o Data Control

o Themes and control

o Navigation Control

o New Server Control

 Master Page:

o is use to define common structure and interface elements for any website

▪ such as a page header, footer or navigation bar, in a common location

o can shared many different pages within the web site

 Data Control

o Data access can possible by using the new data-bound and data source controls

o New data source controls to represent different data backend, such as SQL, business
objects, and XML

o New data-bound controls for rendering common UI for data, such as grids, details, and
formview

 Themes and control:

o Theme to control the appearance of both the HTML elements and ASP.NET controls
that appear in a page

o A Theme folder can contain a variety of different types of files, including images and
text files

o Also can organize the contents of a Theme folder by adding multiple subfolders to a
Theme folder

o There are the most important types of files in a Theme:

 ▪ Skin files

▪ Cascading style sheet files

o A Theme can contain one or more Skin files

▪ A Skin enable to modify any of the proprieties of an ASP.net control that have
an effect on its appearance

 Navigation control:

o Provide a common UI for navigating between pages in our website, such as

▪ Treeview

▪ Menus

▪ SiteMapPath

 New server control:

o Server controls are tags that are understood by the server

o There are three kinds of server controls:

▪ HTML Server Controls - Traditional HTML tags

▪ Web Server Controls – New ASP.NET tags

▪ Validation Server Controls – For Input validation

o That enables powerful declarative support for data access

▪ Login security

▪ Wizard navigation

▪ Image generation

▪ Menus

▪ Tree views

▪ Portals

▪ And more
 Security in ASP.NET

2. Discuss ASP.NET Security Features.

➢ Security Feature in ASP.NET 2.0

 Security is an important attribute of any ASP.NET application

 The authentication and authorization of users and resistance against the malicious attacks are
important tasks in web applications

 ASP.NET 2.0 introduced a new membership and role management service that provides both
authentication and authorization services and management of users who access our application
without building any tables or writing any code

➢ Security Model

 ASP.NET 2.0 provides two providers in new security model

o Membership Provider

o Role Provider

➢ Membership Provider:

 The extensible Membership provider framework can register and authenticate new users

 Membership provider uses Microsoft SQL Server as the back-end store

 This abstract class derived from ProviderBase class

 There are two Membership providers

o SqlMembership Provider:

▪ stores Membership information in a SQL Server database

▪ can also create custom Membership provider using any OLEDB DataSource or
XML DataSource

o AccessMembership Provider:

▪ stores Membership information in Access database

➢ Role Provider:

 Role Provider are used to manage user roles like creating new roles for users

➢ The SqlMembership Provider support several provider specific attributes

o ApplicationName:

▪ Need to host multiple applications on the same Web server

 ▪ Can use this property to isolate the users who are associated with the different
applications

o ConnectionStringName:

▪ The name of a database connection string defined in the ConnectionStrings

section of the Web Configuration file

o Description:

▪ A description of the provider definition

o EnablePasswordReset:

▪ When true, users can reset their password to a randomly generated password

o EnablePasswordRetrieval:

▪ When true, user passwords can be retrieved from the Membership provider

o PasswordFormat:

▪ This property has three possible values:

• Clear

• Encrypted

• Hashed

▪ When passwords are hashed, the original passwords cannot be retrieved from the
Membership provider

o RequiresQuestionAndAnswer:

▪ When true, the user must answer a password retrieval question before the user
password can be reset or retrieved

o RequiresUniqueEmail:

▪ When true, a unique e-mail address must be associated with each user
3. Explain in detail the Different Login and Password Server Controls:

 Different Login and Password server controls are :

o Login

o LoginStatus

o LoginName

o ChangePassword

o PasswordRecovery

o LoginView

o CreateUserWizard

➢ Login Server Control:

 The Login server control display standard login interface for user authentication

 The login control can be used as a standalone control on a main and home page or can use it
on a dedicated login page

Source Code (default.aspx):

<form id="form1" runat="server">
<asp:Login ID="Login1" runat="server">
</asp:Login>
</form> Login control as default.asp page listing

Design Page: Log In

User Name

Password

Remember me next time

Log In

Login control properties:

▪ FailureText: used to control the content and appearance of the text that is
displayed when a login attempt fails

▪ CreateUserUrl: used to create links to registration page to create user

▪ PasswordRecoveryUrl: used to create links to password recovery page

▪ VisibleWhenLoggedIn: enable to automatically hide the Login control when the

user is already authenticated
 ▪ DestinationPageUrl: sets the name of the page that the user will be redirected to
after logging in.

➢ LoginStatus Server Control:

 This control enables user to click a link to Login or Logout of web application

 This controls displays one of two links

Source code:
<form id="form1" runat="server">
<asp:LoginStatus ID="LoginStatus1" runat="server" />
</form>

➢ LoginName Server Control:

 Display the username of the authenticated user

Source code:
<form id="form1" runat="server">
<asp:LoginName ID="LoginName1" runat="server" />
</form>

➢ ChangePassword Server Control:

 Enables user to change their passwords

 This control displays textboxes for entering the original password and entering a new
password

Design Page (default.aspx)

Change Your Password

Password

New Password

Confirm New Password

The Confirm New Password must match the New Password entry

Change Password Cancel

Source code:
<form id="form1" runat="server">
<asp:ChangePassword ID="ChangePassword1" runat="server">
</asp:ChangePassword>
</form>

➢ PasswordRecovery Server Control

  This control can be used to retrieve (recovery) password for the user

Design Page for PasswordRecovery control

Forget Your Password?

Enter your UserName to receive your Password.
User Name

Submit

Source code:
<form id="form1" runat="server">
<asp:PasswordRecovery ID="PasswordRecovery1" runat="server">
</asp:PasswordRecovery>
</form>

➢ LoginView Server Control:

 Can be used to display different content depending on the role of the current user

Source code:
<form id="form1" runat="server">
<asp:LoginView ID="LoginView1" runat="server">
</asp:LoginView>
</form>

➢ CreateUserWizard Server Control:

 Enables to create a Standard User Registration Page

 Used to allow users to create a new user entry in the membership system

Design Page for the CreateUserWizard control

Sign Up For Your New Account

User Name

Password

Confirm Password

E-mail
Security Question
Security Answer

The Password and Confirmation Password must match.

Create User
 Source code:

<form id="form1" runat="server">

<asp:CreateUserWizard ID="CreateUserWizard1" runat="server">
<WizardSteps>
<asp:CreateUserWizardStep ID="CreateUserWizardStep1" runat="server">
</asp:CreateUserWizardStep>
<asp:CompleteWizardStep ID="CompleteWizardStep1" runat="server">
</asp:CompleteWizardStep>
</WizardSteps>
</asp:CreateUserWizard>
</form>

Example Program for the Login Control:

Source Code:
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Default.aspx.vb" Inherits="_Default"
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<asp:Login ID="Login1" runat="server" Height="239px" Width="595px">
</asp:Login>
</form>
</body>
</html>

View Code:

Imports System.Data
Imports System.Data.SqlClient
Partial Class _Default
Inherits System.Web.UI.Page
Dim con As New SqlConnection
Dim ad As New SqlDataAdapter
Dim ds As New DataSet
Protected Sub Login1_Authenticate(ByVal sender As Object, ByVal e As
System.Web.UI.WebControls.AuthenticateEventArgs) Handles Login1.Authenticate
con = New SqlConnection
con.ConnectionString = "Datasource"
con.Open()
ad = New SqlDataAdapter("select * from test Name='" & Login1.UserName & "' and No=" &
Login1.Password, con)
ds = New DataSet
ad.Fill(ds)
If ds.Tables(0).Rows.Count > 0 Then
Response.Write("You are authenticate user")
Else
 Response.Write("Incorrect user")
End If
End Sub
End Class
 State Management in ASP.NET

4. What purposes of the State Management?

 Statement is the process by which we maintain state and page information over multiple
requests for the same or different pages

➢ Types of State Management:

 There are Two types of State Management

1. Client-Side State Management

2. Server-Side State Management

1. Client-Side State Management:

 This stores information on the client’s computer by embedding the information into a web
page, a Uniform Resource Locator (URL) or a cookie

 This techniques available to store the state information at the client end are listed below:

a. View State

b. Control State

c. Hidden Fields

d. Cookies

e. Query Strings

a. View State

▪ Uses view state to track the values in the controls

▪ This property provides dictionary object for retaining values between multiple
request for the same page

▪ When the page is processed, the current state of the page and controls is hashed
into a string and saved in the page as a hidden field

▪ It is used by the Asp.net page framework to automatically save the values of the
page and of each control just prior to rendering to the page

▪ We can store values in view state as well. The following example shows how
to store a value in the view state

ViewState(“color”)=”red”
 b. Control State

▪ To store control-state data in order for a control to work properly the control
state is used

▪ That requires ViewState to work properly we should use control-state to ensure

other developers don’t break our control by disabling view state

▪ The ControlState property allows we to persist property information that is

specific to a control and cannot be turned off like the ViewState property

c. Hidden Fields

▪ Like View State

▪ Hidden fields store data in an HTML form without displaying it in the user’s
browser

▪ The data is available only when the form is processed

d. Cookies

▪ A cookie is a small amount of data that is store a value in the user’s browser
that the browser sends with every page request to the same server

▪ The most common use of cookies is to identify a single user as he or she visits
multiple web pages

e. Query Strings

▪ A query string is information that is appended to the end of a page URL

▪ A typical query string might look like the following examples

http://www.contoso.com/listwidgets.aspx?category=basic&price=100

2. Server-Side State Management:

 To maintain state information on the server

a. Application State

▪ Is used to store and retrieve information that can be shared among all user of an
application

▪ Ex: Application(“MS”)=”welcome message”

▪ Application state information is available to all pages, regardless of which user

requests a page

b. Session State
 ▪ Used to store and retrieve information about particular sessions

▪ Session state is only maintained for browsers that support cookies

▪ Both Application state and Session state information is lost when the application restart

▪ To persist user data between application restart

c. Profile Properties

▪ To store user-specific data

▪ Is similar to session state

▪ Stored in a persistent format and associated with an individual user

▪ Profile.postalcode=textbox1.text

Mobile Application Development in ASP.NET

5. Describe the mobile application design concepts in ASP.NET.

 ASP.NET provides a mobile component which allows we to build applications for mobile
devices to access web pages

 Like cell phones, digital phones & personal digital assistants

 It is very easy for ASP.NET developer to develop mobile applications

Mobile ASP.NET page structure

 Mobile ASP.Net pages are based on the MobilePage class which exists in
System.Web.UI.MobileControls namespace

<% page Language=”VB” Inherits=”System.Web.UI.MobileControls.MobilePage”%>

 Uses on a mobile ASP.NET page come from their own namespace, we need to include that
namespace on each of our mobile ASP.Net pages

<% @ Register TagPrefix=”Mobile” Namespace=”System.Web.UI.MobileControls”

Assembly=”System.Web.Mobile” %>

Example :

<mobile:Form id=”Page1” runat=”Server”>

<mobile:label id=”Label1” runat=”Server” Text=”The text on the first page”/>
<mobile:Link id=”Link1” runat=”Server” Text=”View Next Page” NavigateUrl=”Page2”/>
</mobile:Form1>

<mobile:Form id=”Page2” runat=”Server”>

<mobile:label id=”Label2” runat=”Server” Text=”The text on the second page”/>
<mobile:Link id=”Link2” runat=”Server” Text=”View Previous Page” NavigateUrl=”Page1”/>
</mobile:Form>

Creating Web Application in ASP.NET

1. Click to open Micrsoft Visual Studio 2008

2. On the File Menu, choose New, and then choose Web Site. The New Web Site dialog box
appears

3. Under Visual Studio installed templates, select ASP.NET Web Sites

4. Click Browse. The choose Location dialog box appears

5. Location File System and LRC

6. Language Visual C#

7. Click OK button

 A Default.aspx is added in our solution

Creating Mobile Web page in Application

1. Righ-click the Default.aspx page in Solution Explorer and choose Delete

2. Click OK in the dialog box

3. Right-click the application in Solution Explorer and choose Add New Item

4. Choose Mobile Web Form under Visual Studio Installed Templates

5. Name Calculator.aspx

6. Choose Language Visual C#

7. Check place code in separate file

8. Click Add in the dialog box

Mobile Controls

1. Label Control

 To display text on an ASP.NET page

<mobile:Form id=”Form1” runat=”server” >

<mobile:Label id=”Label1” runat=”server” StyleReference=”title” Text=”Title Text style”/>
<mobile:Label id=”Label2” runat=”server” Alignment=”Center” Text=”The word”/>
</mobile:Form>

2. Link Control
  Provides, to allow the visitors to navigate to another page or another form within the
current page
<mobile:Form id=”Form1” runat=”server” >
<mobile:Label id=”Label1” runat=”server” Text=”Link Test Page”/>
<mobile:Link id=”Link1” runat=”server” Text=”click here!”
NavigateUrl=”http://www.google.com” />
<mobile:Link id=”Link2” runat=”server” Text=”or here!”
NavigateUrl=”http://www.gmail.com” Alignment=”Right”/>
</mobile:Form>

3. Call Control

 Use the Call Control to make it easier for the visitor to call the contact

<mobile:Form id=”Form1” runat=”server” >

<mobile:Label id=”Label1” runat=”server” Text=”Call Test Page”/>
<mobile:Call id=”call1” runat=”server” Text=”Call Home!” phoneNumber=”999999”
AlternateUrl=http://www.google.com AlternateFormat=”call home(0) with the number(1)”/>
</mobile:Form>

 That supports dialing phone numbers. If the visitor were to click the call control, they
would e asked to confirm that they wanted to make the call

4. Image Control

 to display a graphic on our mobile ASP.NET page

<mobile:Image id=”Image1” runat=”server” AlternateText=”Your device does not support

graphics”>
</mobile:Image>