ASP.

NET FAQ's

What is view state and use of it?

The current property settings of an ASP.NET page and those of any ASP.NET server controls
contained within the page. ASP.NET can detect when a form is requested for the first time versus
when the form is posted (sent to the server), which allows you to program accordingly.

What are user controls and custom controls?

Custom controls:
A control authored by a user or a third-party software vendor that does not belong to the .NET
Framework class library. This is a generic term that includes user controls. A custom server
control is used in Web Forms (ASP.NET pages). A custom client control is used in Windows
Forms applications.

User Controls:
In ASP.NET: A user-authored server control that enables an ASP.NET page to be re-used as a
server control. An ASP.NET user control is authored declaratively and persisted as a text file with
an .ascx extension. The ASP.NET page framework compiles a user control on the fly to a class
that derives from the System.Web.UI.UserControl class.

If none of the existing ASP.NET server controls meet the specific requirements of your applications, you

can create either a Web user control or a Web custom control that encapsulates the functionality you

need. The main difference between the two controls lies in ease of creation vs. ease of use at design time.

Web user controls are easy to make, but they can be less convenient to use in advanced scenarios. You

develop Web user controls almost exactly the same way that you develop Web Forms pages. Like Web

Forms, user controls can be created in the visual designer, they can be written with code separated from

the HTML, and they can handle execution events. However, because Web user controls are compiled

dynamically at run time they cannot be added to the Toolbox, and they are represented by a simple

placeholder glyph when added to a page. This makes Web user controls harder to use if you are

accustomed to full Visual Studio .NET design-time support, including the Properties window and Design

view previews. Also, the only way to share the user control between applications is to put a separate copy

in each application, which takes more maintenance if you make changes to the control.

Web custom controls are compiled code, which makes them easier to use but more difficult to create; Web

custom controls must be authored in code. Once you have created the control, however, you can add it to

the Toolbox and display it in a visual designer with full Properties window support and all the other design-

time features of ASP.NET server controls. In addition, you can install a single copy of the Web custom

control in the global assembly cache and share it between applications, which makes maintenance easier.

For more information see global assembly cache.

If your control has a lot of static layout, a user control might make sense. If your control is mostly

dynamically generated — for instance rows of a data-bound table, nodes of a tree view, or tabs of a tab

control — a custom control would be a better choice.

The main differences between the two types are outlined in this table:

Web user controls Web custom controls

Easier to create Harder to create

Limited support for consumers who use a Full visual design tool support for consumers
visual design tool

A separate copy of the control is required in Only a single copy of the control is required, in
each application the global assembly cache

Cannot be added to the Toolbox in Visual Can be added to the Toolbox in Visual Studio
Studio

Good for static layout Good for dynamic layout

What are the validation controls?

A set of server controls included with ASP.NET that test user input in HTML and Web server
controls for programmer-defined requirements. Validation controls perform input checking
in server code. If the user is working with a browser that supports DHTML, the validation controls
can also perform validation using client script.

What's the difference between Response.Write() and Response.Output.Write()?

The latter one allows you to write formattedoutput.

What methods are fired during the page load? Init()

When the page is instantiated, Load() - when the page is loaded into server
memory,PreRender () - the brief moment before the page is displayed to the user as
HTML, Unload() - when page finishes loading.

Where does the Web page belong in the .NET Framework class hierarchy?
System.Web.UI.Page

Where do you store the information about the user's locale?

System.Web.UI.Page.Culture

What's the difference between Codebehind="MyCode.aspx.cs" and

Src="MyCode.aspx.cs"?
CodeBehind is relevant to Visual Studio.NET only.

What's a bubbled event?

When you have a complex control, likeDataGrid, writing an event processing routine for
each object (cell, button,row, etc.) is quite tedious. The controls can bubble up
their eventhandlers, allowing the main DataGrid event handler to take care of its constituents.
Suppose you want a certain ASP.NET function executed on MouseOver over a certain button.

Where do you add an event handler?

It's the Attributesproperty, the Add function inside that property.
e.g. btnSubmit.Attributes.Add("onMouseOver","someClientCode();")

What data type does the RangeValidator control support?

Integer,String and Date.

What are the different types of caching?

Caching is a technique widely used in computing to increase performance by keeping frequently
accessed or expensive data in memory. In context of web application, caching is used to retain
the pages or data across HTTP requests and reuse them without the expense of recreating
them.ASP.NET has 3 kinds of caching strategies

Output Caching

Fragment Caching

Data Caching

CachingOutput Caching: Caches the dynamic output generated by a request. Some times it
is useful to cache the output of a website even for a minute, which will result in a
better performance. For caching the whole page the page should have OutputCache
directive.<%@ OutputCache Duration="60" VaryByParam="state" %>

Fragment Caching: Caches the portion of the page generated by the request. Some times it is
not practical to cache the entire page, in such cases we can cache a portion of page<%@
OutputCache Duration="120" VaryByParam="CategoryID;SelectedID"%>

Data Caching: Caches the objects programmatically. For data caching asp.net provides a cache
object for eg: cache["States"] = dsStates;

What do you mean by authentication and authorization?

Authentication is the process of validating a user on the credentials (username and password)
and authorization performs after authentication. After Authentication a user will be verified for
performing the various tasks, It access is limited it is known as authorization.

What are different types of directives in .NET?

@Page: Defines page-specific attributes used by the ASP.NET page parser and compiler. Can
be included only in .aspx files <%@ Page AspCompat="TRUE" language="C#" %>
@Control:Defines control-specific attributes used by the ASP.NET page parser and compiler.
Can be included only in .ascx files. <%@ Control Language="VB" EnableViewState="false" %>
@Import: Explicitly imports a namespace into a page or user control. The Import directive
cannot have more than one namespace attribute. To import multiple namespaces, use
multiple @Import directives. <% @ Import Namespace="System.web" %>
@Implements: Indicates that the current page or user control implements the specified .NET
framework interface.<%@ Implements Interface="System.Web.UI.IPostBackEventHandler" %>
@Register: Associates aliases with namespaces and class names for concise notation in
custom server control syntax.<%@ Register Tagprefix="Acme" Tagname="AdRotator"
Src="AdRotator.ascx" %>
@Assembly: Links an assembly to the current page during compilation, making all the
assembly's classes and interfaces available for use on the page. <%@ Assembly
Name="MyAssembly" %><%@ Assembly Src="MySource.vb" %>
@OutputCache: Declaratively controls the output caching policies of an ASP.NET page or a
user control contained in a page<%@ OutputCache Duration="#ofseconds" Location="Any |
Client | Downstream | Server | None" Shared="True | False" VaryByControl="controlname"
VaryByCustom="browser | customstring" VaryByHeader="headers"
VaryByParam="parametername" %>
@Reference: Declaratively indicates that another user control or page source file should
be dynamically compiled and linked against the page in which this directive is declared.

How do I debug an ASP.NET application that wasn't written with Visual Studio.NET and
that doesn't use code-behind?
Start the DbgClr debugger that comes with the .NET Framework SDK, open the file containing
the code you want to debug, and set your breakpoints. Start the ASP.NET application. Go back to
DbgClr, choose Debug Processes from the Tools menu, and select aspnet_wp.exe from the list
of processes. (If aspnet_wp.exe doesn't appear in the list,check the "Show system processes"
box.) Click the Attach button to attach to aspnet_wp.exe and begin debugging.
Be sure to enable debugging in the ASPX file before debugging it with DbgClr. You can enable
tell ASP.NET to build debug executables by placing a
<%@ Page Debug="true" %> statement at the top of an ASPX file or a <COMPILATION
debug="true" />statement in a Web.config file.

Can a user browsing my Web site read my Web.config or Global.asax files?

No. The <HTTPHANDLERS>section of Machine.config, which holds the master configuration
settings for ASP.NET, contains entries that map ASAX files, CONFIG files, and selected other file
types to an HTTP handler named HttpForbiddenHandler, which fails attempts to retrieve the
associated file. You can modify it by editing Machine.config or including an section in a local
Web.config file.

What's the difference between Page.RegisterClientScriptBlock and

Page.RegisterStartupScript?
RegisterClientScriptBlock is for returning blocks of client-side script containing functions.
RegisterStartupScript is for returning blocks of client-script not packaged in functions-in other
words, code that's to execute when the page is loaded. The latter positions script blocks near the
end of the document so elements on the page that the script interacts are loaded before the script
runs.<%@ Reference Control="MyControl.ascx" %>

Is it necessary to lock application state before accessing it?

Only if you're performing a multistep update and want the update to be treated as an
atomic operation. Here's an example:
Application.Lock ();
Application["ItemsSold"] = (int) Application["ItemsSold"] + 1;
Application["ItemsLeft"] = (int) Application["ItemsLeft"] - 1;
Application.UnLock ();
By locking application state before updating it and unlocking it afterwards, you
ensure that another request being processed on another thread doesn't read
application state at exactly the wrong time and see an inconsistent view of it. If I
update session state, should I lock it, too? Are concurrent accesses by multiple
requests executing on multiple threads a concern with session state?
Concurrent accesses aren't an issue with session state, for two reasons. One, it's
unlikely that two requests from the same user will overlap. Two, if they do overlap,
ASP.NET locks down session state during request processing so that two threads can't
touch it at once. Session state is locked down when the HttpApplication instance
that's processing the request fires an AcquireRequestState event and unlocked when
it fires a ReleaseRequestState event.

Do ASP.NET forms authentication cookies provide any protection against replay

attacks? Do they, for example, include the client's IP address or anything else that
would distinguish the real client from an attacker?
No. If an authentication cookie is stolen, it can be used by an attacker. It's up to you
to prevent this from happening by using an encrypted communications channel
(HTTPS). Authentication cookies issued as session cookies, do, however,include a
time-out valid that limits their lifetime. So a stolen session cookie can only be used
in replay attacks as long as the ticket inside the cookie is valid. The default time-out
interval is 30 minutes.You can change that by modifying the timeout attribute
accompanying the <forms> element in Machine.config or a local Web.config file.
Persistent authentication cookies do not time-out and therefore are a more serious
security threat if stolen.

How do I send e-mail from an ASP.NET application?

MailMessage message = new MailMessage ();

message.From = <email>;
message.To = <email>;
message.Subject = "Scheduled Power Outage";
message.Body = "Our servers will be down tonight.";
SmtpMail.SmtpServer = "localhost";
SmtpMail.Send (message);

MailMessage and SmtpMail are classes defined in the .NET Framework Class
Library's System.Web.Mail namespace. Due to a security change made to ASP.NET
just before it shipped, you need to set SmtpMail's SmtpServer property to "localhost"
even though "localhost" is the default. In addition, you must use the IIS configuration
applet to enable localhost (127.0.0.1) to relay messages through the local SMTP
service.

What are VSDISCO files?

VSDISCO files are DISCO files that support dynamic discovery of Web services. If you
place the following VSDISCO file in a directory on your Web server, for example, it
returns references to all ASMX and DISCO files in the host directory and any
subdirectories not noted in <exclude> elements:
<?xml version="1.0" ?>
<dynamicDiscovery
xmlns="urn:schemas-dynamicdiscovery:disco.2000-03-17">
<exclude path="_vti_cnf" />
<exclude path="_vti_pvt" />
<exclude path="_vti_log" />
<exclude path="_vti_script" />
<exclude path="_vti_txt" />
</dynamicDiscovery>

How does dynamic discovery work?

ASP.NET maps the file name extension VSDISCO to an HTTP handler that scans the
host directory and subdirectories for ASMX and DISCO files and returns a dynamically
generated DISCO document. A client who requests a VSDISCO file gets back what
appears to be a static DISCO document.
Note that VSDISCO files are disabled in the release version of ASP.NET. You can
reenable them by uncommenting the line in the <httpHandlers> section of
Machine.config that maps *.vsdisco to
System.Web.Services.Discovery.DiscoveryRequestHandler and granting the ASPNET
user account permission to read the IIS metabase. However, Microsoft is actively
discouraging the use of VSDISCO files because they could represent a threat to Web
server security.

Is it possible to prevent a browser from caching an ASPX page?

Just call SetNoStore on the HttpCachePolicy object exposed through the Response
object's Cache property, as demonstrated here:

<%@ Page Language="C#" %>

<html>
<body>
<%
Response.Cache.SetNoStore ();
Response.Write (DateTime.Now.ToLongTimeString ());
%>
</body>
</html>

SetNoStore works by returning a Cache-Control: private, no-store header in the HTTP

response. In this example, it prevents caching of a Web page that shows the current
time.

What does AspCompat="true" mean and when should I use it?

AspCompat is an aid in migrating ASP pages to ASPX pages. It defaults to false but
should be set to true in any ASPX file that creates apartment-threaded COM objects--
that is, COM objects registered ThreadingModel=Apartment. That includes all COM
objects written with Visual Basic 6.0. AspCompat should also be set to true
(regardless of threading model) if the page creates COM objects that access intrinsic
ASP objects such as Request and Response. The following directive sets AspCompat
to true:

<%@ Page AspCompat="true" %>

Setting AspCompat to true does two things. First, it makes intrinsic ASP objects
available to the COM components by placing unmanaged wrappers around the
equivalent ASP.NET objects. Second, it improves the performance of calls that the
page places to apartment- threaded COM objects by ensuring that the page (actually,
the thread that processes the request for the page) and the COM objects it creates
share an apartment. AspCompat="true" forces ASP.NET request threads into single-
threaded apartments (STAs). If those threads create COM objects marked
ThreadingModel=Apartment, then the objects are created in the same STAs as the
threads that created them. Without AspCompat="true," request threads run in a
multithreaded apartment (MTA) and each call to an STA-based COM object incurs a
performance hit when it's marshaled across apartment boundaries.

Do not set AspCompat to true if your page uses no COM objects or if it uses COM
objects that don't access ASP intrinsic objects and that are registered
ThreadingModel=Free or ThreadingModel=Both.

Explain the differences between Server-side and Client-side code?

Server side scripting means that all the script will be executed by the server and
interpreted as needed. ASP doesn't have some of the functionality like sockets,
uploading, etc. For these you have to make a custom components usually in VB or
VC++. Client side scripting means that the script will be executed immediately in
the browser such as form field validation, clock, email validation, etc. Client side
scripting is usually done in VBScript or JavaScript. Download time, browser
compatibility, and visible code - since JavaScript and VBScript code is included in the
HTML page, then anyone can see the code by viewing the page source. Also a
possible security hazards for the client computer.

What type of code (server or client) is found in a Code-Behind class?

C#

Should validation (did the user enter a real date) occur server-side or
client-side? Why?
Client-side validation because there is no need to request a server side date when
you could obtain a date from the client machine.

What are ASP.NET Web Forms? How is this technology different than what is
available though ASP?
Web Forms are the heart and soul of ASP.NET. Web Forms are the User Interface (UI)
elements that give your Web applications their look and feel. Web Forms are similar
to Windows Forms in that they provide properties, methods, and events for the
controls that are placed onto them. However, these UI elements render themselves
in the appropriate markup language required by the request, e.g. HTML. If you use
Microsoft Visual Studio .NET, you will also get the familiar drag-and-drop interface
used to create your UI for your Web application.

What is the difference between Server.Transfer and Response.Redirect?

Why would I choose one over the other?
In earlier versions of IIS, if we wanted to send a user to a new Web page, the only
option we had was Response.Redirect. While this method does accomplish our goal, it
has several important drawbacks. The biggest problem is that this method causes
each page to be treated as a separate transaction. Besides making it difficult to
maintain your transactional integrity, Response.Redirect introduces some additional
headaches. First, it prevents good encapsulation of code. Second, you lose access to
all of the properties in the Request object. Sure, there are workarounds, but they're
difficult. Finally, Response.Redirect necessitates a round trip to the client, which, on
high-volume sites, causes scalability problems.
As you might suspect, Server.Transfer fixes all of these problems. It does this by
performing the transfer on the server without requiring a roundtrip to the client.

How can you provide an alternating color scheme in a Repeater control?

AlternatingItemTemplate Like the ItemTemplate element, but rendered for every
other row (alternating items) in the Repeater control. You can specify a different
appearance for the AlternatingItemTemplate element by setting its style properties.

Which template must you provide, in order to display data in a Repeater

control?
ItemTemplate

What event handlers can I include in Global.asax?

Application_Start,Application_End, Application_AcquireRequestState,
Application_AuthenticateRequest, Application_AuthorizeRequest,
Application_BeginRequest, Application_Disposed, Application_EndRequest,
Application_Error, Application_PostRequestHandlerExecute,
Application_PreRequestHandlerExecute,
Application_PreSendRequestContent, Application_PreSendRequestHeaders,
Application_ReleaseRequestState, Application_ResolveRequestCache,
Application_UpdateRequestCache, Session_Start,Session_End
You can optionally include "On" in any of method names. For example, you can name
a BeginRequest event handler.Application_BeginRequest or
Application_OnBeginRequest.You can also include event handlers in Global.asax for
events fired by custom HTTP modules.Note that not all of the event handlers make
sense for Web Services (they're designed for ASP.NET applications in general,
whereas .NET XML Web Services are specialized instances of an ASP.NET app). For
example, the Application_AuthenticateRequest and Application_AuthorizeRequest
events are designed to be used with ASP.NET Forms authentication.

What is different b/w webconfig.xml & Machineconfig.xml

Web.config & machine.config both are configuration files.Web.config contains
settings specific to an application where as machine.config contains settings to a
computer. The Configuration system first searches settings in machine.config file &
then looks in application configuration files.Web.config, can appear in multiple
directories on an ASP.NET Web application server. Each Web.config file applies
configuration settings to its own directory and all child directories below it. There is
only Machine.config file on a web server.

If I'm developing an application that must accomodate multiple security levels

though secure login and my ASP.NET web appplication is spanned across three web-
servers (using round-robbin load balancing) what would be the best approach to
maintain login-in state for the users?
Use the state server or store the state in the database. This can be easily done
through simple setting change in the web.config.
<SESSIONSTATE
StateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1; user id=sa; password="
cookieless="false"
timeout="30"
/>

You can specify mode as “stateserver” or “sqlserver”.

Where would you use an iHTTPModule, and what are the limitations of any approach
you might take in implementing one
"One of ASP.NET's most useful features is the extensibility of the HTTP pipeline, the
path that data takes between client and server. You can use them to extend your
ASP.NET applications by adding pre- and post-processing to each HTTP request
coming into your application. For example, if you wanted custom authentication
facilities for your application, the best technique would be to intercept the request
when it comes in and process the request in a custom HTTP module.

How do you turn off cookies for one page in your site?
Since no Page Level directive is present, I am afraid that cant be done.

How do you create a permanent cookie?

Permanent cookies are available until a specified expiration date, and are stored on
the hard disk.So Set the 'Expires' property any value greater than DataTime.MinValue
with respect to the current datetime. If u want the cookie which never expires set its
Expires property equal to DateTime.maxValue.
Which method do you use to redirect the user to another page without
performing a round trip to the client?
Server.Transfer and Server.Execute

What property do you have to set to tell the grid which page to go to when
using the Pager object?
CurrentPageIndex

Should validation (did the user enter a real date) occur server-side or
client-side? Why?
It should occur both at client-side and Server side.By using expression validator
control with the specified expression ie.. the regular expression provides the facility
of only validatating the date specified is in the correct format or not. But for checking
the date where it is the real data or not should be done at the server side, by getting
the system date ranges and checking the date whether it is in between that range or
not.

What does the "EnableViewState" property do? Why would I want it on or

off?
Enable ViewState turns on the automatic state management feature that enables
server controls to re-populate their values on a round trip without requiring you to
write any code. This feature is not free however, since the state of a control is passed
to and from the server in a hidden form field. You should be aware of when ViewState
is helping you and when it is not. For example, if you are binding a control to data on
every round trip, then you do not need the control to maintain it's view state, since
you will wipe out any re-populated data in any case. ViewState is enabled for all
server controls by default. To disable it, set the EnableViewState property of the
control to false.

What is the difference between Server.Transfer and Response.Redirect?

Why would I choose one over the other?
Server.Transfer() : client is shown as it is on the requesting page only, but the all the
content is of the requested page. Data can be persist accros the pages using
Context.Item collection, which is one of the best way to transfer data from one page
to another keeping the page state alive.

Response.Dedirect() :client know the physical location (page name and query string
as well). Context.Items loses the persisitance when nevigate to destination page. In
earlier versions of IIS, if we wanted to send a user to a new Web page, the only option
we had was Response.Redirect. While this method does accomplish our goal, it has
several important drawbacks. The biggest problem is that this method causes each
page to be treated as a separate transaction. Besides making it difficult to maintain
your transactional integrity, Response.Redirect introduces some additional
headaches. First, it prevents good encapsulation of code. Second, you lose access to
all of the properties in the Request object. Sure, there are workarounds, but they're
difficult. Finally, Response.Redirect necessitates a round trip to the client, which, on
high-volume sites, causes scalability problems. As you might suspect, Server.Transfer
fixes all of these problems. It does this by performing the transfer on the server
without requiring a roundtrip to the client.

Can you give an example of when it would be appropriate to use a web

service as opposed to a non-serviced .NET component?
 • Communicating through a Firewall When building a distributed application
with 100s/1000s of users spread over multiple locations, there is always the
problem of communicating between client and server because of firewalls and
proxy servers. Exposing your middle tier components as Web Services and
invoking the directly from a Windows UI is a very valid option.
• Application Integration When integrating applications written in various
languages and running on disparate systems. Or even applications running on
the same platform that have been written by separate vendors.
• Business-to-Business Integration This is an enabler for B2B intergtation which
allows one to expose vital business processes to authorized supplier and
customers. An example would be exposing electronic ordering and invoicing,
allowing customers to send you purchase orders and suppliers to send you
invoices electronically.
• Software Reuse This takes place at multiple levels. Code Reuse at the Source
code level or binary componet-based resuse. The limiting factor here is that
you can reuse the code but not the data behind it. Webservice overcome this
limitation. A scenario could be when you are building an app that aggregates
the functionality of serveral other Applicatons. Each of these functions could
be performed by individual apps, but there is value in perhaps combining the
the multiple apps to present a unifiend view in a Portal or Intranet.
• When not to use Web Services: Single machine Applicatons When the apps are
running on the same machine and need to communicate with each other use
a native API. You also have the options of using component technologies such
as COM or .NET Componets as there is very little overhead.
• Homogeneous Applications on a LAN If you have Win32 or Winforms apps that
want to communicate to their server counterpart. It is much more efficient to
use DCOM in the case of Win32 apps and .NET Remoting in the case of .NET
Apps

Can you give an example of what might be best suited to place in the
Application_Start and Session_Start subroutines?
The Application_Start event is guaranteed to occur only once throughout the lifetime
of the application. It's a good place to initialize global variables. For example, you
might want to retrieve a list of products from a database table and place the list in
application state or the Cache object. SessionStateModule exposes both
Session_Start and Session_End events.

What are the advantages and disadvantages of viewstate?

The primary advantages of the ViewState feature in ASP.NET are:

1. Simplicity. There is no need to write possibly complex code to store form data
between page submissions.
2. Flexibility. It is possible to enable, configure, and disable ViewState on a control-by-
control basis, choosing to persist the values of some fields but not others.

There are, however a few disadvantages that are worth pointing out:

1. Does not track across pages. ViewState information does not automatically
transfer from page to page. With the session
approach, values can be stored in the session and accessed from other pages. This is
not possible with ViewState, so storing
data into the session must be done explicitly.
2. ViewState is not suitable for transferring data for back-end systems. That is, data
still has to be transferred to the back
end using some form of data object.

Describe session handling in a webfarm, how does it work and what are the
limits?
ASP.NET Session supports storing of session data in 3 ways, i] in In-Process ( in the
same memory that ASP.NET uses) , ii] out-of-process using Windows NT Service )in
separate memory from ASP.NET ) or iii] in SQL Server (persistent storage). Both the
Windows Service and SQL Server solution support a webfarm scenario where all the
web-servers can be configured to share common session state store.

1. Windows Service :
We can start this service by Start | Control Panel | Administrative Tools | Services | . In
that we service names ASP.NET State Service. We can start or stop service by
manually or configure to start automatically. Then we have to configure our
web.config file

<CONFIGURATION><configuration>
<system.web>
<SessionState
mode = “StateServer”
stateConnectionString = “tcpip=127.0.0.1:42424”
stateNetworkTimeout = “10”
sqlConnectionString=”data source = 127.0.0.1; uid=sa;pwd=”
cookieless =”Flase”
timeout= “20” />
</system.web>
</configuration> </SYSTEM.WEB>
</CONFIGURATION>
Here ASP.Net Session is directed to use Windows Service for state management on
local server (address : 127.0.0.1 is TCP/IP loop-back address). The default port is
42424. we can configure to any port but for that we have to manually edit the
registry.
Follow these simple steps
- In a webfarm make sure you have the same config file in all your web servers.
- Also make sure your objects are serializable.
- For session state to be maintained across different web servers in the webfarm, the
application path of the web-site in the IIS Metabase should be identical in all the web-
servers in the webfarm.

Which template must you provide, in order to display data in a Repeater

control?
You have to use the ItemTemplate to Display data. Syntax is as follows,
< ItemTemplate >
< div class =”rItem” >
< img src=”images/<%# Container.DataItem(“ImageURL”)%>” hspace=”10”
/>
< b > <% # Container.DataItem(“Title”)%>
< /div >
< ItemTemplate >
How can you provide an alternating color scheme in a Repeater control?
Using the AlternatintItemTemplate

What property must you set, and what method must you call in your code,
in order to bind the data from some data source to the Repeater control?
Set the DataMember property to the name of the table to bind to. (If this property is
not set, by default the first table in the dataset is used.)
DataBind method, use this method to bind data from a source to a server control.
This method is commonly used after retrieving a data set through a database query.

What method do you use to explicitly kill a user s session?

You can dump (Kill) the session yourself by calling the method Session.Abandon.

ASP.NET automatically deletes a user's Session object, dumping its contents, after it
has been idle for a configurable timeout interval. This interval, in minutes, is set in
the <SESSIONSTATE>section of the web.config file. The default is 20 minutes.

How do you turn off cookies for one page in your site?
Use Cookie.Discard property, Gets or sets the discard flag set by the server. When
true, this property instructs the client application not to save the Cookie on the user's
hard disk when a session ends.

Which two properties are on every validation control?

We have two common properties for every validation controls
1. Control to Validate,
2. Error Message.

What tags do you need to add within the asp:datagrid tags to bind columns
manually?

< asp:DataGrid id="dgCart" AutoGenerateColumns="False" CellPadding="4"

Width="448px" runat="server" >
< Columns >
< asp:ButtonColumn HeaderText="SELECT" Text="SELECT" CommandName="select"
>< /asp:ButtonColumn >
< asp:BoundColumn DataField="ProductId" HeaderText="Product ID" ><
/asp:BoundColumn >
< asp:BoundColumn DataField="ProductName" HeaderText="Product Name" ><
/asp:BoundColumn >
< asp:BoundColumn DataField="UnitPrice" HeaderText="UnitPrice" ><
/asp:BoundColumn >
< /Columns >
< /asp:DataGrid >

How do you create a permanent cookie?

Permanent cookies are the ones that are most useful. Permanent cookies are
available until a specified expiration date, and are stored on the hard disk. The
location of cookies differs with each browser, but this doesn’t matter, as this is all
handled by your browser and the server. If you want to create a permanent cookie
called Name with a value of Nigel, which expires in one month, you’d use the
following code
Response.Cookies ("Name") = "Nigel"
Response.Cookies ("Name"). Expires = DateAdd ("m", 1, Now ())
What tag do you use to add a hyperlink column to the DataGrid?
< asp:HyperLinkColumn > </ asp:HyperLinkColumn>

Which method do you use to redirect the user to another page without
performing a round trip to the client?
Server.transfer

What is the transport protocol you use to call a Web service SOAP ?
HTTP Protocol

Explain role based security ?

Role Based Security lets you identify groups of users to allow or deny based on their
role in the organization.In Windows NT and Windows XP, roles map to names used to
identify user groups. Windows defines several built-in groups, including
Administrators, Users, and Guests.To allow or deny access to certain groups of users,
add the <ROLES>element to the authorization list in your Web application's
Web.config file.e.g.
<AUTHORIZATION>< authorization >
< allow roles="Domain Name\Administrators" / > < !-- Allow Administrators in
domain. -- >
< deny users="*" / > < !-- Deny anyone else. -- >
< /authorization >

How do you register JavaScript for webcontrols ?

You can register javascript for controls using <CONTROL -name>Attribtues.
Add(scriptname,scripttext) method.

When do you set "<IDENTITY impersonate="true" />" ?

Identity is a webconfig declaration under System.web, which helps to control the
application Identity of the web applicaton. Which can be at any
level(Machine,Site,application,subdirectory,or page), attribute impersonate with
"true" as value specifies that client impersonation is used.

What are different templates available in Repeater,DataList and Datagrid ?

Templates enable one to apply complicated formatting to each of the items displayed
by a control.Repeater control supports five types of templates.HeaderTemplate
controls how the header of the repeater control is formatted.ItemTemplate controls
the formatting of each item displayed.AlternatingItemTemplate controls how
alternate items are formatted and the SeparatorTemplate displays a separator
between each item displyed.FooterTemplate is used for controlling how the footer of
the repeater control is formatted.The DataList and Datagrid supports two templates
in addition to the above five.SelectedItem Template controls how a selected item is
formatted and EditItemTemplate controls how an item selected for editing is
formatted.

What is ViewState ? and how it is managed ?

ASP.NET ViewState is a new kind of state service that developers can use to track UI
state on a per-user basis. Internally it uses an an old Web programming trick-
roundtripping state in a hidden form field and bakes it right into the page-processing
framework.It needs less code to write and maintain state in your Web-based forms.

What is web.config file ?

Web.config file is the configuration file for the Asp.net web application. There is one
web.config file for one asp.net application which configures
the particular application. Web.config file is written in XML with specific tags having
specific meanings.It includes databa which includes
connections,Session States,Error Handling,Security etc.
For example :

< configuration >

< appSettings >
< add key="ConnectionString"
value="server=localhost;uid=sa;pwd=;database=MyDB" / >
< /appSettings >
< /configuration >

What is advantage of viewstate and what are benefits?

When a form is submitted in classic ASP, all form values are cleared. Suppose you
have submitted a form with a lot of information and the server comes back with an
error. You will have to go back to the form and correct the information. You click the
back button, and what happens.......ALL form values are CLEARED, and you will have
to start all over again! The site did not maintain your ViewState.With ASP .NET, the
form reappears in the browser window together with all form values.This is because
ASP .NET maintains your ViewState. The ViewState indicates the status of the page
when submitted to the server.

What tags do you need to add within the asp:datagrid tags to bind columns
manually?
Set AutoGenerateColumns Property to false on the datagrid tag and then use
Column tag and an ASP:databound tag

< asp:DataGrid runat="server" id="ManualColumnBinding"

AutoGenerateColumns="False" >
< Columns >
< asp:BoundColumn HeaderText="Column1" DataField="Column1"/ >
< asp:BoundColumn HeaderText="Column2" DataField="Column2"/ >
< /Columns >
< /asp:DataGrid >
<asp:DataGrid id=ManualColumnBinding runat="server"
AutoGenerateColumns="False">
<COLUMNS> <asp:BoundColumn HeaderText="Column2"
DataField="Column2"></asp:BoundColumn>
</asp:DataGrid>Which property on a Combo Box do you set with a column
name, prior to setting the DataSource, to display data in the combo box?
DataTextField and DataValueField

Which control would you use if you needed to make sure the values in two
different controls matched?
CompareValidator is used to ensure that two fields are identical.

What is validationsummary server control?where it is used?.

The ValidationSummary control allows you to summarize the error messages from all
validation controls on a Web page in a single location. The summary can be displayed
as a list, a bulleted list, or a single paragraph, based on the value of the DisplayMode
property. The error message displayed in the ValidationSummary control for each
validation control on the page is specified by the ErrorMessage property of each
validation control. If the ErrorMessage property of the validation control is not set, no
error message is displayed in the ValidationSummary control for that validation
control. You can also specify a custom title in the heading section of the
ValidationSummary control by setting the HeaderText property.
You can control whether the ValidationSummary control is displayed or hidden by
setting the ShowSummary property. The summary can also be displayed in a
message box by setting the ShowMessageBox property to true.

What is the sequence of operation takes place when a page is loaded?

BeginTranaction - only if the request is transacted
Init - every time a page is processed
LoadViewState - Only on postback
ProcessPostData1 - Only on postback
Load - every time
ProcessData2 - Only on Postback
RaiseChangedEvent - Only on Postback
RaisePostBackEvent - Only on Postback
PreRender - everytime
BuildTraceTree - only if tracing is enabled
SaveViewState - every time
Render - Everytime
End Transaction - only if the request is transacted
Trace.EndRequest - only when tracing is enabled
UnloadRecursive - Every request

Difference between asp and asp.net?.

"ASP (Active Server Pages) and ASP.NET are both server side technologies for building
web sites and web applications, ASP.NET is Managed compiled code - asp is
interpreted. and ASP.net is fully Object oriented. ASP.NET has been entirely re-
architected to provide a highly productive programming experience based on the
.NET Framework, and a robust infrastructure for building reliable and scalable web
applications."

Name the validation control available in asp.net?.

RequiredField, RangeValidator,RegularExpression,Custom validator,compare Validator

What are the various ways of securing a web site that could prevent from
hacking etc .. ?
1) Authentication/Authorization
2) Encryption/Decryption
3) Maintaining web servers outside the corporate firewall. etc.,

What is the difference between in-proc and out-of-proc?

An inproc is one which runs in the same process area as that of the client giving tha
advantage of speed but the disadvantage of stability becoz if it crashes it takes the
client application also with it.Outproc is one which works outside the clients memory
thus giving stability to the client, but we have to compromise a bit on speed.

When you’re running a component within ASP.NET, what process is it

running within on Windows XP? Windows 2000? Windows 2003?
On Windows 2003 (IIS 6.0) running in native mode, the component is running within
the w3wp.exe process associated with the application pool which has been
configured for the web application containing the component.
On Windows 2003 in IIS 5.0 emulation mode, 2000, or XP, it's running within the IIS
helper process whose name I do not remember, it being quite a while since I last
used IIS 5.0.

What does aspnet_regiis -i do ?

Aspnet_regiis.exe is The ASP.NET IIS Registration tool allows an administrator or
installation program to easily update the script maps for an ASP.NET application to
point to the ASP.NET ISAPI version associated with the tool. The tool can also be used
to display the status of all installed versions of ASP. NET, register the ASP.NET version
coupled with the tool, create client-script directories, and perform other configuration
operations.

When multiple versions of the .NET Framework are executing side-by-side on a single
computer, the ASP.NET ISAPI version mapped to an ASP.NET application determines
which version of the common language runtime is used for the application.

The tool can be launched with a set of optional parameters. Option "i" Installs the
version of ASP.NET associated with Aspnet_regiis.exe and updates the script maps at
the IIS metabase root and below. Note that only applications that are currently
mapped to an earlier version of ASP.NET are affected

What is a PostBack?

The process in which a Web page sends data back to the same page on the server.

What is ViewState? How is it encoded? Is it encrypted? Who uses

ViewState?

ViewState is the mechanism ASP.NET uses to keep track of server control state values
that don't otherwise post back as part of the HTTP form. ViewState Maintains the UI
State of a Page
ViewState is base64-encoded.
It is not encrypted but it can be encrypted by setting EnableViewStatMAC="true" &
setting the machineKey validation type to 3DES. If you want to NOT maintain the
ViewState, include the directive < %@ Page EnableViewState="false" % > at the top
of an .aspx page or add the attribute EnableViewState="false" to any control.

What is the < machinekey > element and what two ASP.NET technologies is
it used for?

Configures keys to use for encryption and decryption of forms authentication cookie
data and view state data, and for verification of out-of-process session state
identification.There fore 2 ASP.Net technique in which it is used are
Encryption/Decryption & Verification

What three Session State providers are available in ASP.NET 1.1? What are
the pros and cons of each?

ASP.NET provides three distinct ways to store session data for your application: in-
process session state, out-of-process session state as a Windows service, and out-of-
process session state in a SQL Server database. Each has it advantages.
1.In-process session-state mode
Limitations:
* When using the in-process session-state mode, session-state data is lost if
aspnet_wp.exe or the application domain restarts.
* If you enable Web garden mode in the < processModel > element of the
application's Web.config file, do not use in-process session-state mode. Otherwise,
random data loss can occur.
Advantage:
* in-process session state is by far the fastest solution. If you are storing only small
amounts of volatile data in session state, it is recommended that you use the in-
process provider.

2. The State Server simply stores session state in memory when in out-of-proc mode.
In this mode the worker process talks directly to the State Server

3. SQL mode, session states are stored in a SQL Server database and the worker
process talks directly to SQL. The ASP.NET worker processes are then able to take
advantage of this simple storage service by serializing and saving (using .NET
serialization services) all objects within a client's Session collection at the end of each
Web request
Both these out-of-process solutions are useful primarily if you scale your application
across multiple processors or multiple computers, or where data cannot be lost if a
server or process is restarted.

What is the difference between HTTP-Post and HTTP-Get?

As their names imply, both HTTP GET and HTTP POST use HTTP as their underlying
protocol. Both of these methods encode request parameters as name/value pairs in
the HTTP request.
The GET method creates a query string and appends it to the script's URL on the
server that handles the request.
The POST method creates a name/value pairs that are passed in the body of the HTTP
request message.

Name and describe some HTTP Status Codes and what they express to the
requesting client.

When users try to access content on a server that is running Internet Information
Services (IIS) through HTTP or File Transfer Protocol (FTP), IIS returns a numeric code
that indicates the status of the request. This status code is recorded in the IIS log,
and it may also be displayed in the Web browser or FTP client. The status code can
indicate whether a particular request is successful or unsuccessful and can also
reveal the exact reason why a request is unsuccessful. There are 5 groups ranging
from 1xx - 5xx of http status codes exists.
101 - Switching protocols.
200 - OK. The client request has succeeded
302 - Object moved.
400 - Bad request.
500.13 - Web server is too busy.

Explain < @OutputCache% > and the usage of VaryByParam, VaryByHeader.

OutputCache is used to control the caching policies of an ASP.NET page or user

control. To cache a page @OutputCache directive should be defined as follows < %@
OutputCache Duration="100" VaryByParam="none" % >

VaryByParam: A semicolon-separated list of strings used to vary the output cache. By

default, these strings correspond to a query string value sent with GET method
attributes, or a parameter sent using the POST method. When this attribute is set to
multiple parameters, the output cache contains a different version of the requested
document for each specified parameter. Possible values include none, *, and any
valid query string or POST parameter name.

VaryByHeader: A semicolon-separated list of HTTP headers used to vary the output

cache. When this attribute is set to multiple headers, the output cache contains a
different version of the requested document for each specified header.

What is the difference between repeater over datalist and datagrid?

The Repeater class is not derived from the WebControl class, like the DataGrid and
DataList. Therefore, the Repeater lacks the stylistic properties common to both the
DataGrid and DataList. What this boils down to is that if you want to format the data
displayed in the Repeater, you must do so in the HTML markup.
The Repeater control provides the maximum amount of flexibility over the HTML
produced. Whereas the DataGrid wraps the DataSource contents in an HTML < table
>, and the DataList wraps the contents in either an HTML < table > or < span > tags
(depending on the DataList's RepeatLayout property), the Repeater adds absolutely
no HTML content other than what you explicitly specify in the templates.
While using Repeater control, If we wanted to display the employee names in a bold
font we'd have to alter the "ItemTemplate" to include an HTML bold tag, Whereas
with the DataGrid or DataList, we could have made the text appear in a bold font by
setting the control's ItemStyle-Font-Bold property to True.
The Repeater's lack of stylistic properties can drastically add to the development
time metric. For example, imagine that you decide to use the Repeater to display
data that needs to be bold, centered, and displayed in a particular font-face with a
particular background color. While all this can be specified using a few HTML tags,
these tags will quickly clutter the Repeater's templates. Such clutter makes it much
harder to change the look at a later date. Along with its increased development time,
the Repeater also lacks any built-in functionality to assist in supporting paging,
editing, or editing of data. Due to this lack of feature-support, the Repeater scores
poorly on the usability scale.

However, The Repeater's performance is slightly better than that of the DataList's,
and is more noticeably better than that of the DataGrid's. Following figure shows the
number of requests per second the Repeater could handle versus the DataGrid and
DataList

Can we handle the error and redirect to some pages using web.config?

Yes, we can do this, but to handle errors, we must know the error codes; only then we
can take the user to a proper error message page, else it may confuse the user.
CustomErrors Configuration section in web.config file:
The default configuration is:
< customErrors mode="RemoteOnly" defaultRedirect="Customerror.aspx" >
< error statusCode="404" redirect="Notfound.aspx" / >
< /customErrors >
If mode is set to Off, custom error messages will be disabled. Users will receive
detailed exception error messages.
If mode is set to On, custom error messages will be enabled.
If mode is set to RemoteOnly, then users will receive custom errors, but users
accessing the site locally will receive detailed error messages.
Add an < error > tag for each error you want to handle. The error tag will redirect the
user to the Notfound.aspx page when the site returns the 404 (Page not found) error.

[Example]

There is a page MainForm.aspx

Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs)

Handles MyBase.Load
'Put user code to initialize the page here
Dim str As System.Text.StringBuilder
str.Append("hi") ' Error Line as str is not instantiated
Response.Write(str.ToString)
End Sub

[Web.Config]

< customErrors mode="On" defaultRedirect="Error.aspx"/ >

' a simple redirect will take the user to Error.aspx [user defined] error file.

< customErrors mode="RemoteOnly" defaultRedirect="Customerror.aspx" >

< error statusCode="404" redirect="Notfound.aspx" / >
< /customErrors >
'This will take the user to NotFound.aspx defined in IIS.

How do you implement Paging in .Net?

The DataGrid provides the means to display a group of records from the data source
(for example, the first 10), and then navigate to the "page" containing the next 10
records, and so on through the data.

Using Ado.Net we can explicit control over the number of records returned from the
data source, as well as how much data is to be cached locally in the DataSet.
1.Using DataAdapter.fill method give the value of 'Maxrecords' parameter
(Note: - Don't use it because query will return all records but fill the dataset based on
value of 'maxrecords' parameter).
2.For SQL server database, combines a WHERE clause and a ORDER BY clause with
TOP predicate.
3.If Data does not change often just cache records locally in DataSet and just take
some records from the DataSet to display.

What is the difference between Server.Transfer and Response.Redirect?

Server.Transfer() : client is shown as it is on the requesting page only, but the all the
content is of the requested page. Data can be persist across the pages using
Context.Item collection, which is one of the best way to transfer data from one page
to another keeping the page state alive.
Response.Dedirect() :client knows the physical location (page name and query string
as well). Context.Items loses the persistence when navigate to destination page. In
earlier versions of IIS, if we wanted to send a user to a new Web page, the only option
we had was Response.Redirect. While this method does accomplish our goal, it has
several important drawbacks. The biggest problem is that this method causes each
page to be treated as a separate transaction. Besides making it difficult to maintain
your transactional integrity, Response.Redirect introduces some additional
headaches. First, it prevents good encapsulation of code. Second, you lose access to
all of the properties in the Request object. Sure, there are workarounds, but they're
difficult. Finally, Response.Redirect necessitates a round trip to the client, which, on
high-volume sites, causes scalability problems. As you might suspect, Server.Transfer
fixes all of these problems. It does this by performing the transfer on the server
without requiring a roundtrip to the client.
Response.Redirect sends a response to the client browser instructing it to request the
second page. This requires a round-trip to the client, and the client initiates the
Request for the second page. Server.Transfer transfers the process to the second
page without making a round-trip to the client. It also transfers the HttpContext to
the second page, enabling the second page access to all the values in the
HttpContext of the first page.

Can you create an app domain?

Yes, We can create user app domain by calling on of the following overload static
methods of the System.AppDomain class
1. Public static AppDomain CreateDomain(String friendlyName)
2. Public static AppDomain CreateDomain(String friendlyName, Evidence securityInfo)
3. Public static AppDomain CreateDomain(String friendlyName, Evidence securityInfo,
AppDomainSetup info)
4. Public static AppDomain CreateDomain(String friendlyName, Evidence securityInfo,
String appBasePath, String appRelativeSearchPath, bool shadowCopyFiles)

What are the various security methods which IIS Provides apart from .NET ?

The various security methods which IIS provides are

a) Authentication Modes
b) IP Address and Domain Name Restriction
c) DNS Lookups DNS Lookups
d) The Network ID and Subnet Mask
e) SSL

What is Web Gardening? How would using it affect a design?

The Web Garden Model

The Web garden model is configurable through the section of the machine.config file.
Notice that the section is the only configuration section that cannot be placed in an
application-specific web.config file. This means that the Web garden mode applies to
all applications running on the machine. However, by using the node in the
machine.config source, you can adapt machine-wide settings on a per-application
basis.
Two attributes in the section affect the Web garden model. They are webGarden and
cpuMask. The webGarden attribute takes a Boolean value that indicates whether or
not multiple worker processes (one per each affinitized CPU) have to be used. The
attribute is set to false by default. The cpuMask attribute stores a DWORD value
whose binary representation provides a bit mask for the CPUs that are eligible to run
the ASP.NET worker process. The default value is -1 (0xFFFFFF), which means that all
available CPUs can be used. The contents of the cpuMask attribute is ignored when
the webGarden attribute is false. The cpuMask attribute also sets an upper bound to
the number of copies of aspnet_wp.exe that are running.

Web gardening enables multiple worker processes to run at the same time. However,
you should note that all processes will have their own copy of application state, in-
process session state, ASP.NET cache, static data, and all that is needed to run
applications. When the Web garden mode is enabled, the ASP.NET ISAPI launches as
many worker processes as there are CPUs, each a full clone of the next (and each
affinitized with the corresponding CPU). To balance the workload, incoming requests
are partitioned among running processes in a round-robin manner. Worker processes
get recycled as in the single processor case. Note that ASP.NET inherits any CPU
usage restriction from the operating system and doesn't include any custom
semantics for doing this.

All in all, the Web garden model is not necessarily a big win for all applications. The
more stateful applications are, the more they risk to pay in terms of real
performance. Working data is stored in blocks of shared memory so that any changes
entered by a process are immediately visible to others. However, for the time it takes
to service a request, working data is copied in the context of the process. Each
worker process, therefore, will handle its own copy of working data, and the more
stateful the application, the higher the cost in performance. In this context, careful
and savvy application benchmarking is an absolute must.

Changes made to the section of the configuration file are effective only after IIS is
restarted. In IIS 6, Web gardening parameters are stored in the IIS metabase; the
webGarden and cpuMask attributes are ignored.

What is view state?.where it stored?.can we disable it?

The web is state-less protocol, so the page gets instantiated, executed, rendered and then
disposed on every round trip to the server. The developers code to add "statefulness" to the page
by using Server-side storage for the state or posting the page to itself. When require to persist
and read the data in control on webform, developer had to read the values and store them in
hidden variable (in the form), which were then used to restore the values. With advent of .NET
framework, ASP.NET came up with ViewState mechanism, which tracks the data values of server
controls on ASP.NET webform. In effect,ViewState can be viewed as "hidden variable managed
by ASP.NET framework!". When ASP.NET page is executed, data values from all server controls
on page are collected and encoded as single string, which then assigned to page's hidden
atrribute "< input type=hidden >", that is part of page sent to the client.

ViewState value is temporarily saved in the client's browser.ViewState can be disabled for a
single control, for an entire page orfor an entire web application. The syntax is:

Disable ViewState for control (Datagrid in this example)

< asp:datagrid EnableViewState="false" ... / >

Disable ViewState for a page, using Page directive

< %@ Page EnableViewState="False" ... % >
Disable ViewState for application through entry in web.config
< Pages EnableViewState="false" ... / >

Middletown, Connecticut, January 15, 2003 - It's been a little over a year since the .NET
platform was rolled out. The marketing juggernaut of Microsoft has ensured that everyone knows
about .NET, now the trick is getting developers to understand and harness the benefits of the
platform. One of the most powerful new tools in the .NET framework are ASP.NET's controls,
which offer considerable advantages over traditional controls.

There are five types of controls available in ASP.NET: HTML, Web, Validation, User and Custom.
All of the controls are server based. Controls are executed on the server and send HTML to the
client. This is in strict contrast to previous types of controls, which usually required some client
side considerations. Because ASP.NET controls send only HTML to the client, applications are
less reliant on the browser used to access it, making ASP.NET a more versatile development
platform.

In addition, ASP.NET controls allow programmatic, event driven access while automatically
maintaining state. Automatic state maintenance alleviates the need for the complex code required
to do so manually in traditional ASP, making your code easier to manage.

Let's take a look at the five types of controls available in ASP.NET in more detail.

HTML Controls
HTML server controls have almost a one-to-one mapping with normal HTML elements, but have a
few major differences. Unlike normal HTML elements, HTML controls support events as well as
automatic state maintenance. HTML controls are great for traditional ASP applications that are
being converted to the .NET platform because they offer a lot of what true Web Controls offer
while eliminating the need to rewrite existing code.

So, how is an HTML control created from a normal HTML element? By adding to simple attributes
to the tag: 1. runat="server" and, 2. id="UniqueName". That's it! The HTML element is now a
control and can be programmatically accessed by its id. Alternatively, the control can be dragged
onto the Web form from the toolbox. Once the control is on the form, simply right click on it and
select "Run As Server Control".

The below table highlights the code differences between an HTML element and an HTML control

Page HTML Element HTML Server Control

<INPUT type="text"
.aspx <INPUT type="text"
id="Text1" name="text1" runat="server">
Protected WithEvents Text1 As
.aspx.vb N/A
System.Web.UI.HtmlControls.htmlInputText
Web Controls
Web Controls are similar to HTML controls, but offer a richer, more consistent programming
interface and provide a wider variety of controls (i.e. Calendar, AdRotator…). Web Controls have
all the functionality that is supported in HTML controls, and also provide automatic browser
detection as well as AutoPostBack capability.

State management of Web Controls is handled by the .NET framework and is handled differently
for input and display controls. State is automatically maintained for input controls and is stored in
the HTTP header and cannot be turned off.

For the display controls such as the label, data grid, etc, the state is maintained using ViewState.
Data is stored in a hidden field named "_VIEWSTATE". State management for display controls is
optional and can therefore be turned off at the developer's discretion.

Web Controls also support AutoPostBack, which is a trip to the server. Some Web Controls
initiate AutoPostBack automatically such as the button and hyperlink, but you may want to initiate
the trip for other controls such as the dropdownlistbox. This can be done by setting the control's
AutoPostBack property to true.

The code snippet below demonstrates how to programmatically set the AutoPostBack property.
This can also be done in the design view via the property explorer.

<asp:DropDownList id="DropDowList1" AutoPostBack=True>

<asp:ListItem Value="Green">Green</asp:ListItem>
<asp:ListItem Value="Red">Red</asp:ListItem>
</asp:DropDownList>

Validation Controls
Validation Controls are a special type of Web Control that allow developers to incorporate logic to
test user input. A validation control is assigned to a single input control to validate. The controls
validate both client and server side, therefore validation will always occur even if the user is using
a down-level browser. For security reasons, the validation always occurs on the server, as it is
quite easy for the client to circumvent the client-side validation. For this reason, developers must
always check Page.IsValid before processing the client's request, otherwise invalid entries will be
permissible.

There are five validation controls available: Compare, Range, RegularExpression, Required Field,
and Custom.

User Controls
User Controls are created as Web forms pages and provide the ability to reuse code in multiple
places, which makes development and maintenance more efficient. User Controls are great for
menus, toolbars and other reusable elements.

User Controls replace the "include file" and use an .ascx file extension. There are no <HTML>,
<BODY>, or <FORM> elements, as these tags exist in the hosting page.

So how do User Controls work? First create a user control with an .ascx extension:

<%@ Control….%>

Then register the user control at the top of the .aspx page:

<%@ Register TagPrefix="myNameSpace" TagName="myUserControl"

Src="userControl1.ascx" %>
Lastly, insert the user control where it is needed:

<HTML>
<myNameSpace:myUserControl ID="mnuMain" runat="server" />
</HTML>

Custom Controls
As what is probably self-explanatory by their name, Custom Controls are controls that the
designer can create. The good news is the plumbing is already done for you. Custom Controls
are a fully compiled assembly. They can live in the GAC and are incorporated into a project by
adding them to the toolbox.

Custom controls are created using the Web Control library project. The first step is to determine
which base class the control has to be built with. This can be either System.Web.UI.Control,
Sytem.Web.UI.WebControls.WebControl, or derived from another control such as
System.Web.UI.Webcontrols.Label.

It's easy to see that ASP.NET has many control advantages over traditional ASP. The controls are
now executed on the server and the HTML is sent to the browser. The State management
program is handled by the .NET framework. As .NET continues to make inroads in the
marketplace, developers that make the time to give ASP.NET a try, will reap the benefits and soar
above the competition.

the Web form designer does not display the user control as it will appear at run time.
Instead, it shows a sort of generic control. This is a limitation of Visual Studio .NET —it
can' t display user controls in Design mode.
1. Which method do you invoke on the DataAdapter control to load your generated
dataset with data? Fill Method

2. Can you edit data in the Repeater control?

3. Which template must you provide, in order to display data in a Repeater control?
Item template

4. How can you provide an alternating color scheme in a Repeater control?

5. What property must you set, and what method must you call in your code, in
order to bind the data from some data source to the Repeater control? Source and
databind

6. What base class do all Web Forms inherit from? Page

7. What method do you use to explicitly kill a users session?

abandon
8. How do you turn off cookies for one page in your site?

9. Which two properties are on every validation control? ControlToValidate,

ErrorMessage
10. What tags do you need to add within the <asp:datagrid> tags to bind columns
manually?

<asp: BoundColumn DataField="slotTime" HeaderText=" Slot Time

"></asp:BoundColumn>
 11. How do you create a permanent cookie?
To set a permanent cookie, set an expiration date for a point in the future
12. What tag do you use to add a hyperlink column to the DataGrid?
<asp:HyperLink Column>

13. What is the standard you use to wrap up a call to a Web service

14. Which method do you use to redirect the user to another page without
performing a round trip to the client?
Server.transfer(“success.aspx”)
15. What is the transport protocol you use to call a Web service
SOAP
16. True or False: A Web service can only be written in .NET
Webservice files are essentially vb.net source files that end in an. asmx extension.

17. What does WSDL stand for? Web Service Descriptive Language

18. What property do you have to set to tell the grid which page to go to when
using the Pager object?

19. Where on the Internet would you look for Web services?

20. What tags do you need to add within the <asp:datagrid> tags to bind columns
manually?
asp: BoundColumn tag
21. Which property on a Combo Box do you set with a column name, prior to
setting the DataSource, to display data in the combo box?

22. How is a property designated as read-only? ReadOnly=”true”

23. Which control would you use if you needed to make sure the values in two
different controls matched? Compare Validator

24. True or False: To test a Web service you must create a windows application or
Web application to consume this service?
True
25. How many classes can a single .NET DLL contain? C
(a) One and only one
(b) Not more than 2
(c) Many

1. Explain the differences between Server-side and Client-side code?

Server side executes on server side and client side code executes on client side
(browser).

2. What type of code (server or client) is found in a Code-Behind

class? Server Code

3. Should validation (did the user enter a real date) occur server-side or client-side?
Why? Validation controls will identify the browser whether it will support javascript
or not. If u r browser supports java script then the validation controls work on client
side, otherwise, it works on server side.

4. What does the "EnableViewState" property do? Why would I want it on or off?

It preserves the values that are entered into the form controls and submited back to
the same page. If you want to preserve the values u can turn it on else off.

5. What is the difference between Server.Transfer and Response.Redirect? Why

would I choose one over the other? To redirect the user to another page without
performing a round trip to the client use Server.Transfer, if u want round trip to the
server use Response.redirect

6. Can you give an example of when it would be appropriate to use a web service as
opposed to a non-serviced .NET component?. If you want to access the components
from the remote server through internet use webservices.

7. Let's say I have an existing application written using Visual Studio 6 (VB 6,
InterDev 6) and this application utilizes Windows 2000 COM+ transaction services.
How would you approach migrating this application to .NET

8. Can you explain the difference between an ADO.NET Dataset and an ADO
Recordset? Connection less and connection based. Data set contains many data tables
and record set contain a single table.

9. Can you give an example of what might be best suited to place in the
Application_Start and Session_Start subroutines? Application_Start The first user
visits the start page of your Web application, Session_Start A new user visits the start
page of your application.

10. If I'm developing an application that must accomodate multiple security levels
though secure login and my ASP.NET web appplication is spanned across three web-
servers (using round-robbin load balancing) what would be the best approach to
maintain login-in state for the users?

11. What are ASP.NET Web Forms? How is this technology different than what is
available though ASP (1.0-3.0)?
12. How does VB.NET/C# achieve polymorphism?

11. Can you explain what inheritance is and an example of when you might use it?

13. How would you implement inheritance using VB.NET/C#?

14. Whats an assembly?

An assembly is a collection of types and resources that forms a logical unit of

functionality.
15. Describe the difference between inline and code behind - which is
best in a http://www.learnmsnet.com/Articles/CSharpArticles/ASP.NET/44.aspx

16. loosely coupled solution

17. Explain what a diffgram is, and a good use for one

18. Where would you use an iHTTPModule, and what are the limitations
of any

19. approach you might take in implementing one

20. What are the disadvantages of viewstate/what are the benefits

21 Describe session handling in a webfarm, how does it work and what are the >
limits

22. How would you get ASP.NET running in Apache web servers - why
would you even do this?

23. Whats MSIL, and why should my developers need an appreciation of

it if at all? MSIL is cpu independent instruction set. It has instruction for
reading,loading and calling functions.
24. In what order do the events of an ASPX page execute. As a developer is it
important to undertsand these events? Init, Load, Prerender, Unload, error, Abort
Transaction, Commit Transaction, Data Binding, disposed

25. Which method do you invoke on the DataAdapter control to load your generated
dataset with data? Fill

26. Can you edit data in the Repeater control? No

27. Which template must you provide, in order to display data in a Repeater control?
Item Template

28. How can you provide an alternating color scheme in a Repeater control?

Using Alternate Template

29. What property must you set, and what method must you call in your code, in
order to bind the data from some data source to the Repeater control?

Rep.dataSource=ds and Rep.databind()

30. What base class do all Web Forms inherit from? Page base class

31. What method do you use to explicitly kill a user’s session? Session.abandon()

32 How do you turn off cookies for one page in your site?

<%@ page Cookieless=”true” %>

33. Which two properties are on every validation control?

Enabled client script, visible, enableview state are all on

34. What tags do you need to add within the asp:datagrid tags to bind columns
manually?

35. How do you create a permanent cookie? Create persistent cookie with data is
maximum value
36. What tag do you use to add a hyperlink column to the DataGrid?

<Columns><asp:HyperLinkColumn Text="rk" HeaderText="rk"

NavigateUrl="rk.net"></asp:HyperLinkColumn></Columns>

37. What is the standard you use to wrap up a call to a Web service

38. Which method do you use to redirect the user to another page without performing
a round trip to the client? Server.transfer(“success.aspx”)

39. What is the transport protocol you use to call a Web service? SOAP

40. True or False: A Web service can only be written in .NET No

41. What does WSDL stand for? Web Services Description Language

42. What property do you have to set to tell the grid which page to go to when using
the Pager object? CurrentPageIndex

43. Where on the Internet would you look for Web services?

44. What tags do you need to add within the asp:datagrid tags to bind columns
manually.? setAutogenerate columns=”false” and <asp: BoundColumn
DataField="slotTime" HeaderText=" Slot Time >></asp:BoundColumn>

45. Which property on a Combo Box do you set with a column name, prior to setting
the DataSource, to display data in the combo box? Datasource,DataMember and
databind

46. How is a property designated as read-only? Public ReadOnly somefun(x as

integer) as integer
47. Which control would you use if you needed to make sure the values in two
different controls matched? Compare Validator control

48. True or False: To test a Web service you must create a windows application or
Web application to consume this service? No the webservice comes with a test page
and it provides HTTP-GET method to test. And if the web service turned off HTTP-
GET for security purposes then you need to create a web application or windows app
as a client to this to test.

49. How many classes can a single .NET DLL contain? One or more classes