STATE MANAGEMENT.  Web Applications are based on stateless HTTP protocol which does not retain any information about user requests  The concept of state.

Slides:



Advertisements
Similar presentations
Maintaining State Between the Client and Server Internet Programming Using VBScript and JavaScript 9.
Advertisements

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
CIS 451: ASP Sessions and Applications Dr. Ralph D. Westfall January, 2009.
Servlets and a little bit of Web Services Russell Beale.
XP Tutorial 9 New Perspectives on JavaScript, Comprehensive1 Working with Cookies Managing Data in a Web Site Using JavaScript Cookies.
Client State Management & Application Security  Client State Management  Concept  ASP Examples  Application Security  Database Based Approach 
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
Using Session Control in PHP tMyn1 Using Session Control in PHP HTTP is a stateless protocol, which means that the protocol has no built-in way of maintaining.
Session Management A290/A590, Fall /25/2014.
CSE 154 LECTURE 13: SESSIONS. Expiration / persistent cookies setcookie("name", "value", expiration); PHP $expireTime = time() + 60*60*24*7; # 1 week.
Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.
Reading Data in Web Pages tMyn1 Reading Data in Web Pages A very common application of PHP is to have an HTML form gather information from a website's.
Open Source Server Side Scripting ECA 236 Open Source Server Side Scripting Cookies & Sessions.
CHAPTER 12 COOKIES AND SESSIONS. INTRO HTTP is a stateless technology Each page rendered by a browser is unrelated to other pages – even if they are from.
Comp2513 Forms and CGI Server Applications Daniel L. Silver, Ph.D.
CSC 2720 Building Web Applications Cookies, URL-Rewriting, Hidden Fields and Session Management.
IT533 Lectures Session Management in ASP.NET. Session Tracking 2 Personalization Personalization makes it possible for e-businesses to communicate effectively.
JavaScript, Fourth Edition
Advanced Web Forms with Databases Programming Right from the Start with Visual Basic.NET 1/e 13.
Session 10: Managing State. Overview State Management Types of State Management Server-Side State Management Client-Side State Management The Global.asax.
© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 Managing State.
State Management. What is State management Why State management ViewState QueryString Cookies.
CSE 154 LECTURE 12: COOKIES. Including files: include include("filename"); PHP include("header.html"); include("shared-code.php"); PHP inserts the entire.
Chapter 8 Cookies And Security JavaScript, Third Edition.
Maintaining State MacDonald Ch. 9 MIS 324 MIS 324 Professor Sandvig Professor Sandvig.
Lecture 8 – Cookies & Sessions SFDV3011 – Advanced Web Development 1.
1 Maryland ColdFusion User Group Session Management December 2001 Michael Schuler
Chapter 6 Server-side Programming: Java Servlets
Cookies Web Browser and Server use HTTP protocol to communicate and HTTP is a stateless protocol. But for a commercial website it is required to maintain.
Dr. Azeddine Chikh IS444: Modern tools for applications development.
Christopher M. Pascucci Basic Structural Concepts of.NET Managing State & Scope.
ASP.NET State Management. Slide 2 Lecture Overview Client state management options Cookies Server state management options Application state Session state.
PHP Workshop ‹#› Maintaining State in PHP Part II - Sessions.
Session and Cookie Management in.Net Sandeep Kiran Shiva UIN:
SessionsPHPApril 2010 : [‹#›] Maintaining State in PHP Part II - Sessions.
® IBM Software Group © 2007 IBM Corporation Best Practices for Session Management
Maintaining Application State MIS3502: Application Integration and Evaluation Paul Weinberg Presentation by David Schuff.
CSCI 6962: Server-side Design and Programming Java Server Faces Scoping and Session Handling.
The Problem of State. We will look at… Sometimes web development is just plain weird! Internet / World Wide Web Aspects of their operation The role of.
Saving State on the WWW. The Issue  Connections on the WWW are stateless  Every time a link is followed is like the first time to the server — it has.
Sessions and Cookies State Management, Cookies, Sessions, Hidden Fields SoftUni Team Technical Trainers Software University
CIS 451: Cookies Dr. Ralph D. Westfall February, 2009.
8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.
1 State and Session Management HTTP is a stateless protocol – it has no memory of prior connections and cannot distinguish one request from another. The.
ITM © Port,Kazman 1 ITM 352 Cookies. ITM © Port,Kazman 2 Problem… r How do you identify a particular user when they visit your site (or any.
Unit-6 Handling Sessions and Cookies. Concept of Session Session values are store in server side not in user’s machine. A session is available as long.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
COOKIES AND SESSIONS.
PHP: Further Skills 02 By Trevor Adams. Topics covered Persistence What is it? Why do we need it? Basic Persistence Hidden form fields Query strings Cookies.
Unit 4 Working with data. Form Element HTML forms are used to pass data to a server. A form can contain input elements like text fields, checkboxes, radio-buttons,
ASP.NET State Management Overview Prepared By Manish Kumar Aery(IM66) Department of computer Application IET Bhaddal (Ropar)
111 State Management Beginning ASP.NET in C# and VB Chapter 4 Pages
Fundamentals of Web DevelopmentRandy Connolly and Ricardo HoarFundamentals of Web DevelopmentRandy Connolly and Ricardo Hoar Fundamentals of Web DevelopmentRandy.
© Copyright 2012 Hidaya Trust (Pakistan) ● A Non-Profit Organization ● / www,histpk.org Hidaya Institute of Science & Technology
Managing State Chapter 13.
State Management.
Internet Programming Chapter 9: State Management in ASP.NET
19.10 Using Cookies A cookie is a piece of information that’s stored by a server in a text file on a client’s computer to maintain information about.
Maintaining State in PHP Part II - Sessions
Open Source Programming
Session management.
State management & Master Pages in asp.net
HTML5 and Local Storage.
ASP.NET 4.0 State Management Improvements – Deep Dive
Maintaining State in PHP Part II - Sessions
Building ASP.NET Applications
Web Programming Language
CSc 337 Lecture 27: Cookies.
CSc 337 Lecture 25: Cookies.
Presentation transcript:

STATE MANAGEMENT

 Web Applications are based on stateless HTTP protocol which does not retain any information about user requests  The concept of state management, when applied to a Web application, refers to the application's capability to remember the values a user enters across multiple pages, or screens.  Developers use state management techniques to store information between separate page requests. State Management options can be divided into two categories : Client-Side State Management Server-Side State Management

Client - Side State Management Client- side ViewstateCookiesQueryString Hidden Fields

Server - Side State Management Session State Application State Server Side

VIEWSTATE  This is the default method that the page uses to preserve page and control property values between round trips.  View State can be used to store state information for a single user  It stores information submitted through form and works between requests of the same page  The values written in the server control is passed as a variable to an HTML hidden input field _VIEWSTATE.  Each web page and the controls on the page have the EnableViewState property  The view state is implemented with a hidden form field called _VIEWSTATE, which is automatically created in every web page  We can store data in the VIEWSTATE(“Any Name”)

ADVANTAGES :  Simple for page level data  Enhanced security features,like it can be encoded and compressed.  No server resources are required  Simple implementation DISADVANTAGES :  Performance Consideration : Makes a page heavy as it consumes more memory  Potential security risks

 Can be used to store page specific information  Can be used to store small amount of data  A hidden field stores a single variable in its value property and must be explicitly added to the page  Do not store any information in a hidden field that is sensitive or that your application relies on to work properly ADVANTAGES :  No server resources are required  Widespread Support  Simple implementation HIDDEN FIELDS

DISADVANTAGES :  Performance Considerations  Potential security risks  Storage Limitations

 Query strings are usually used to send information from one page to another page. They are passed along with URL in clear text.  Most browsers impose a limit of 255 characters on URL length. We can only pass smaller amounts of data using query strings.  For eg. In fist page you collect information about your client, her name and last name and use this information in your second page  One choice is using QueryString property of Request object ADVANTAGES :  No server resources are required  Simple implementation  Widespread Support QUERYSTRING

DISADVANTAGES :  Limited Capacity : Most browsers impose a limit of 255 characters on URL length. We can only pass smaller amounts of data using query strings.  Potential security risks

COOKIES  A Cookie is a small piece of data that is saved in the client web browser  The Cookie is saved either in the memory of the web browser or as a text file in the file system of the client  Cookies can be temporary (with specific expiration times and dates) or persistent  Cookies are used to identify a user, to store state information, preferences of the user  Cookies are saved on client machine and when the browser requests a page, it sends the information in the cookie along with the request information  The server can read the cookie and extract its value  Cookies should be used only to store non-sensitive data

How does Cookies Mechanism works?  The mechanism of cookies is simple. When a client request a web page from a server the first request isn't containing a cookie  The server identify that the client has no cookie and generate one  Then the server sends the cookie to the client and from now on then client will send the cookie in every request and the server will send the cookie in every response

COOKIES LIMITATIONS  Most browsers support cookies of up to 4096 bytes. This limitation makes the cookies a way to store only small amount of data  Total 20 cookies can be used on a single website; if you exceed this browser will delete older cookies.  The user can set the browser to disable cookies and therefore you can’t trust cookies and you always have to check if the browser enables cookies

Creating / Writing Cookies There are many ways to create cookies : Way 1 (by using HttpCookies class) : Dim aCookie As New HttpCookie("UserName") aCookie.Value = TxtName.Text aCookie.Expires = DateTime.Now.AddDays(-1) Response.Cookies.Add(aCookie) Way 2 (by using Response directly) : Response.Cookies("UserName”).Value = TxtName.Text Response.Cookies(“UserName”).Expires = DateTime.Now.AddDays(-1)

Reading/Getting Cookies To read a cookie value from the client use the Request.Cookies property Eg: (1)If Not Request.Cookies(“UserName”) IsNothing Then Response.Write(Request.Cookies(“UserName”).value) End If (2) If Not Request.Cookies(“UserName”) IsNothing Then Dim aCookie As HttpCookie = Request.Cookies(“UserName”) Response.Write(aCookie.value) End If

Set Expire Date  If you do not set the cookie’s expiration, the cookie is created but it is not stored on the user’s hard disk  Instead the cookie is maintained as part of the user’s session information. When the user close the browser, the cookie is discarded  Response.Cookies(“UserName”).Expires = DateTime.Now.AddDays(1) Delete Cookies  In order to delete a saved cookie you need to use the expires property and pass a past expiration date  There is no way to delete a cookie otherwise  Response.Cookies(“UserName”).Expires = DateTime.Now.AddDays(-1)

Server - Side State Management

SESSIONS  A Session is the time for which a particular user interacts with a web application  Every Client that uses the application will have separate sessions  During a session the unique identity of the user is maintained internally  ASP.NET session state provides a place to store values that will persist across page requests  Values stored in session are stored on the server and will remain in memory until they are explicitly removed or until the session expires

What’s the use of sessions?  Sessions helps to preserve data across successive accesses  These can be done on a per user basis, via. the use of session objects  Session objects gives us the power to preserve user preferences and other user information when browsing a web application  When a user visits the site and a session is started, the computer generates a unique ID for that user, which is used to keep track of each user sessions Syntax: Store Value : Session(“KeyName”) = value Eg: Session(“Name”) = “ASP.NET” Fetch Value : Variable_Name = Session(“KeyName”) Eg: Dim nm as String nm = Session(“Name”)

Session-State Modes  InProc - (The Default) Session state exists within the process the web is using  StateServer - Session data is sent to the configured stateServer service  SqlServer - Session data is stored in the configured SQL Server database By default the session will be created within the same process that your website runs in(InProc) This is controlled by a setting in the web.config file

Commonly used session methods/properties - Method/PropertiesUsage Session.Abandon()removes the session and all items that it contains Session.Clear()removes all items from the session Session.RemoveAll()removes all items from the session Session.Remove(“item_name”)removes the item that was stored under the name “item_name” Session.TimeoutIf a user does not request a page of the asp.net application within certain minutes then the session expires Session.SessionIDGet the session ID read only property of a session for the current session

Sessions without Cookies  By default, ASP.NET uses cookies to store session IDs and keep track of users  If the browser doesn't support cookies ASP.NET uses the process known as cookie munging, in which at the end of each link, ASP.NET tracks on an encoded version of the sessionID  When a user clicks a link, ASP.NET grabs that string, decodes it, and passes it to the page the user is requesting.

APPLICATION STATE  ASP.NET allows you to save values using Application state, a global storage mechanism that is accessible from all pages in the web application  Application state is stored in the Application key/value dictionary  Application state is a great place to store information that is not user- specific  By storing it in the Application state, all pages can access data from a single location in memory, rather than keeping separate copies of the data  Data stored in the Application object is not permanent and is lost any time the application is restarted

 ASP.NET provides three events that enable you to initialize Application variables(free resources when the application shut down) and respond to Application errors: 1.Application_Start : raised when the application starts. This is the perfect place to initialize Application variables 2.Application_End : Raised when an application shuts down. Use this to free application resources and perform logging 3.Application_Error : Raised when an unhandled error occurs. Use this to perform error logging

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.