-----------------------------------------------------------
New Message on MumbaiUserGroup
-----------------------------------------------------------
From: Swapnil_B1
Message 1 in Discussion
View State
As you all might have already noticed, if a user clicks a button to submit an
ASP.NET page, the page retains all its values and settings. For example, if you
modify the text on a label and the user clicks a button, the modified text is
still displayed when the page reappears. This happens because ASP.NET has a
client-side state management technique built in: ViewState.
The ViewState property provides a dictionary object for retaining values
between multiple requests for the same page. When an ASP.NET page is processed,
the current state of the page and controls is hashed into a string and saved in
the page as a hidden field. If the data is too long for a single field (as
specified in the MaxPageStateField-Length property), then ASP.NET performs view
state chunking to split it across multiple hidden fields. The following code
sample demonstrates how view state adds data as a hidden form within a Web
pages HTML:
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE"
value="/wEPDwUKMTIxNDIyOTM0Mg9kFgICAw9kFgICAQ8PFgIeBFRleHQFEzQvNS8yMDA2IDE6Mzc6MTEgUE1kZGROWHn/rt75XF/pMGnqjqHlH66cdw=="
/>
View state chunking is new in ASP.NET 2.0.
The sections that follow describe how to encrypt view state data, disable view
state data, and add custom values to the view state.
Encrypting View State Data
You can enable view state encryption to make it more difficult for attackers
and malicious users to directly read view state information. This adds
processing overhead to your Web server; however, it is necessary if you plan to
store confidential information in the view state. To configure view state
encryption for an application, set the <pages viewStateEncryptionMode>
attribute to Always in your Web.config file, as the following example shows:
<configuration>
<system.web>
<pages viewStateEncryptionMode="Always"/>
</system.web>
</configuration>
Alternatively, you can enable view state encryption for a specific page by
setting the value in the page directive, as the following sample demonstrates:
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs"
Inherits="_Default" ViewStateEncryptionMode="Always"%>
Because ViewState supports encryption, it is the most secure method of
client-side state management. Encrypted ViewState is secure enough for most
security requirements; however, it is always more secure to store data on the
server.
Disabling ViewState Data
View state is enabled by default for every control, including Label controls,
which you might never change. Unfortunately, view state adds overhead to
ASP.NET forms. If you do not need to use view state, you should disable it by
setting the EnableViewState property for each Web control to False. This
reduces server processing time and decreases page size.
Reading and Writing Custom ViewState Data
You can also add and retrieve custom values with ViewState. If you have a value
that youd like to keep track of while the user is visiting a single ASP.NET
Web page, adding a custom value to ViewState is the most efficient and secure
way to do that. However, ViewState is lost if the user visits a different Web
page, so it is useful only for temporarily storing values.
The following code demonstrates how to determine whether the time of the last
visit was recorded in ViewState, how to display the value in a Label control
named Label1, and then to set the value using the current time. To use this
code, create a form with a Label control named Label1 and a Button control:
' Check if ViewState object exists, and display it if it does
If (Me.ViewState("lastVisit") IsNot Nothing) Then
Label1.Text = CType(Me.ViewState("lastVisit"), String)
Else
Label1.Text = "lastVisit ViewState not defined!"
End If
' Define the ViewState object for the next page view
Me.ViewState.Add("lastVisit", DateTime.Now.ToString())
While cookies must be strings, you can store a wide variety of serializable
objects in ViewState. The following example stores a DateTime object in
ViewState without converting it to a string and also uses a different technique
for adding a ViewState value:
' Check if ViewState object exists, and display it if it does
If (Me.ViewState("lastVisit") IsNot Nothing) Then
Dim lastVisit As DateTime = CType(Me.ViewState("lastVisit"), DateTime)
Label1.Text = lastVisit.ToString()
Else
Label1.Text = "lastVisit ViewState not defined!"
End If
' Define the ViewState object for the next page
Me.ViewState("lastVisit") = DateTime.Now
Swapnil (Swaps)
http://swapsnet.spaces.live.com/
-----------------------------------------------------------
To stop getting this e-mail, or change how often it arrives, go to your E-mail
Settings.
http://groups.msn.com/MumbaiUserGroup/_emailsettings.msnw
Need help? If you've forgotten your password, please go to Passport Member
Services.
http://groups.msn.com/_passportredir.msnw?ppmprop=help
For other questions or feedback, go to our Contact Us page.
http://groups.msn.com/contact
If you do not want to receive future e-mail from this MSN group, or if you
received this message by mistake, please click the "Remove" link below. On the
pre-addressed e-mail message that opens, simply click "Send". Your e-mail
address will be deleted from this group's mailing list.
mailto:[EMAIL PROTECTED]
