Essential ASP.NET With Examples in C# [Paperback]

Typically, the author approaches a capability of ASP.NET--validation of submitted form data, say--by presenting a quick summary of the problem and then attacking it (or components of it) with code. The code segments (which tend not to be too long, and so relatively easy to trace and comprehend) are then dissected, and special attention called to details of particular interest to the local problem. It's a great way to learn if you already have a grasp of the basics, as you can either go hands-on with your own system or absorb the author's wisdom through the book alone. --David Wall

Topics covered: How ASP.NET works, and how to write effective software with it. Detailed coverage goes to HtmlControls, WebControls, the web.config file, form-data validation, custom controls, and state management. There's also excellent coverage of the often confusing HTTP Pipeline.

It was late at night in Torrance, California, in August 2000. I had spent 12 hours of the day teaching DevelopMentor’s Guerrilla COM course with Mike Woodring and Jason Whittington. Don Box had come over after class, and, as usual, we were staying up late into the night after the students had long since gone to bed, discussing technology and hacking. Microsoft had just released its preview version of .NET at the PDC in July, and we had been spending much of the year up to that point digging into “the next COM” and were excited that it had finally been released so we could talk about it. It was that evening that Don, in his typical succinct way, showed me my first glimpse of ASP.NET (then called ASP+). Perhaps it was the late hour or the fact that I had been teaching all day, but I have to admit that although I “got” the technical details of what Don was showing me, I was somewhat underwhelmed by being able to change the innerText of an h1 element from a class.

The following week, after a couple of good nights of sleep, I revisited the .aspx example and began to explore ASP.NET in more detail. After a day of reading and experimenting, I finally “got it” and I was hooked. This technology was poised to fundamentally change the way people built Web applications on Windows, and it took full advantage of the new .NET runtime. I spent the next six months researching, building ASP.NET applications, and writing DevelopMentor’s Essential ASP.NET course, and I spent the subsequent year and a half teaching, speaking, and writing about ASP.NET. This book is the culmination of those activities, and I hope it helps you in your path to understanding ASP.NET.C# versus VB.NET

Before .NET, Visual Basic was not just another language—it was a platform unto itself. Building applications in Visual Basic 6.0, for example, was completely different from using C++ and MFC. With .NET, this distinction is gone, and Visual Basic is indeed just another .NET language that uses the same libraries, the same development tools, and the same runtime as all others. As a consequence, we can now talk about technologies like ASP.NET from a language-neutral standpoint. The code samples, however, must be shown in a particular language, so this book is published in two versions: one with examples in C# and one with examples in VB.NET. All content outside the examples is nearly identical between the two books.This site also contains any errata found after publication and a supplemental set of more extended examples of the concepts presented in this book for your reference. The author welcomes your comments, errata, and feedback via the forms available on the Web site.

This book focuses exclusively on ASP.NET and does not spend time reviewing .NET programming, object-oriented programming techniques, database access, or general Web application development techniques. You will be able to get the most out of this book if you have spent some time gaining experience in each of these areas.

This book approaches ASP.NET from the ground up, beginning with a look at the core elements of the architecture in Chapter 1 and continuing with the server-side control model in Chapter 2. It is recommended that the reader be familiar with the contents of Chapters 1 and 2 before reading any of the subsequent chapters. However, all chapters after 2 can be read independently and in any desired sequence.

Chapter 1, Architecture, covers the fundamentals of the ASP.NET architecture, beginning with a look at the parsing of .aspx files and their subsequent compilation into assemblies. This chapter explains the details of the Page class, demonstrates the new code-behind model, and discusses the shadow copy mechanism used to prevent file locking. The chapter concludes with a look at the new classes in ASP.NET that replace the intrinsic objects of traditional ASP.

Chapter 2, Web Forms, looks at the control-based programming model supported in ASP.NET called Web Forms. This chapter looks at the details of state retention across post-backs using both POST body data and ViewState, and describes how to effectively use server-side controls to create dynamic Web pages. The chapter concludes with a look at the various server-side controls available in ASP.NET.

Chapter 3, Configuration, describes the configuration model used by ASP.NET, starting with the XML format used by all configuration files and the hierarchical application of configuration settings. This chapter inspects several configuration elements in detail, including the processModel and appSettings elements. The chapter concludes by demonstrating two techniques for adding custom configuration sections to your configuration files.

Chapter 4, HTTP Pipeline, explores the details of the classes involved with servicing HTTP requests in ASP.NET. This chapter first walks through all the elements in the HTTP pipeline used to process a request, and then discusses the three points of extensibility in the pipeline: custom application classes, custom handlers, and custom modules. The chapter concludes with a discussion of threading and object pooling in the pipeline.

Chapter 5, Diagnostics and Error Handling, covers the new diagnostic features of ASP.NET, including page and application tracing as well as the new performance monitor counters. This chapter also discusses techniques for debugging ASP.NET applications and exception handling. The chapter concludes with a look at how to define custom error pages for your applications.

Chapter 6, Validation, describes the new validation architecture built into ASP.NET. This chapter begins by looking at how validation is performed in Web applications in general and proceeds to show how ASP.NET’s validation architecture provides a general solution to the problem of validating user input. The chapter includes a detailed look at how both client-side and server-side validation work, as well as a look at all the available validation controls.

Chapter 7, Data Binding, explores the process of binding server-side data to controls in an ASP.NET page. This chapter starts by explaining how data binding works with several different data sources, including collection classes, DataReaders, and DataSets, and then looks at how to bind data to several controls, including the DataGrid class. The chapter concludes with a look at templates and how to use them effectively with the Repeater, DataList, and DataGrid classes.

Chapter 8, Custom Controls, covers the fundamentals of building your own custom controls for use in ASP.NET applications. This chapter explains how custom controls are built, how to use the HtmlTextWriter class to achieve some browser independence, how to further support browser-independent rendering, how to define properties and subproperties, how to extract the inner content of a control’s tag, how to generate client-side script, and how to manage control state. The chapter also covers the details of building composite controls, user controls, controls that support validation, and controls that support data binding. The chapter concludes with a look at how to integrate your controls with the Visual Studio .NET designer.

Chapter 9, Caching, looks at both output caching and data caching in ASP.NET. This chapter discusses the mechanism of output caching and how to precisely control which versions of a page are placed in the cache, as well as how to cache portions of a page using page fragment caching with user controls. The chapter explains how to use the new application-wide data cache and includes a discussion of considerations and guidelines to observe when caching data.

Chapter 10, State Management, discusses the various types of state in an ASP.NET Web application and how and when to use each type. This chapter begins with a look at application state and explains why it should typically be avoided in ASP.NET. It then looks at the improvements in session state, including out-of-process storage and cookieless key management, as well as techniques for optimizing your use of session state. The chapter concludes with a look at using cookies and view state as alternatives, or in addition, to session state.

Chapter 11, Security, describes the security features of ASP.NET and how to control client authentication and authorization in your applications. This chapter starts by reviewing the concepts of security for Web applications and then shows how to build and manage applications that need to authenticate clients using the forms authentication architecture provided by ASP.NET. The chapter also covers the management of authentication cookies in Web farms, safe password storage, building role-based authentication systems, and how to control the process identity used by ASP.NET.

I would first like to thank my wife, Susan, and my children, Zoë and Sam, who supported me without hesitation during the writing of this book. Thanks also to my parents, Pat and Dan Onion, for their support and direction.

Thanks to all my colleagues at DevelopMentor for the many discussions and constant feedback both for the course and for this book. In particular, thanks to Bob Beauchemin for his always timely and useful feedback; Keith Brown, for showing me how to salt my hashes and otherwise reinforcing my security chapter; Simon Horrell, for his detailed feedback; Dan Sullivan, for leaving no stone unturned; Ted Pattison, for commiserating on writing and for his always positive comments; Stu Halloway, for making my writing more concise; and Mike Woodring, for thinking through the threading implications of asynchronous handlers with me.

Thanks to my official reviewers, Justin Burtch, Amit Kalani, Daryl Richter, Martin Heller, and Matt Milner, all of whom provided invaluable feedback. Thanks to the members of the ASP.NET team at Microsoft for building such an interesting product and for fielding many questions. In particular, thanks to Rob Howard for his input on caching and to Erik Olson for explaining thread allocation and pooling in the pipeline. Thanks to Don Box for introducing me to ASP.NET and for getting my writing career started at C++ Report back in 1995.

Thanks to my editor, Stephane Thomas, for all her hard work, and to my copy editor, Debby English, who more than lives up to her last name. Much gratitude also to the more than 1,000 students who have taken the Essential ASP.NET course-your input has shaped the stories in this book more than anything else. Thanks in particular to the students at the Essential ASP.NET course offered in Washington, D.C., in October 2002 for helping choose the color of the book covers.