. NET development of some of the accumulation

Asp. NET projects to develop some trivial accumulation

1. Filtering dangerous strings, such as "=", ">" and other potentially dangerous strings such as databases, I've seen a lot of people doing web pages just doing client-side script validation is not enough. Data validation must also be performed in the backend code of the server segment, and I have written a program that bypasses the script validation submission form.

2. Determine if a string can be converted to a shape, character, float, etc.

3. Error handling, if the simple site needs to be configured to write a Application_Error event. Complex sites need to write a log class to handle

Use the exception that appears on the logging site.

4. Frequent use of the request.querystring operation of the land. It is best to write a public handling method to return the type data you need. Specifically, you can refer to the Dynamic Network forum.

5. According to the size of the site and the function of the division of several areas of the base page class. such as: Background management interface, User Center, Help Center, AJAX processing. You also need to be aware that Web content needs to be stored on the client. If you are developing a project that needs to be maintained at the same time as your own company, you should consider the changes to the JS script file, because if you need to increase the JS code, you may want to increase each page, so the best way to output a script is to define a common class. We often use the Page object's ClientScript property does not complete the script registration of all functions, if you want to write a common page class and output JS to the head, the Scriptmanger is not complete. It is limited to outputting scripts internally to the BODY element. Usually I will. Add a script to the head

HtmlGenericControl js= New HtmlGenericControl ("script");
Js. Attributes.Add ("type", "Text/javascript");
Js. Attributes.Add ("src", "test/123.js");
This. Page.Header.Controls.Add (JS);

Later, if each page needs to add a JS file can be added directly in the base class.

This also applies to database development, such as the use of the PetShop four databases to store the subject data, order center, customer data, etc. according to different modules to divide the database. The principle of division is that the table is directly linked to a database that is particularly closely divided into two databases that are loosely divided. This facilitates later management and maintenance (of course, if it is rented space or not to consider this, because the hosting server to buy the database also need money. Multiple databases with more input, so customers still use a convenient.

6. It is best to write a class separately to handle the message pop-up boxes that are often used. There are also access to host IP, Simplified Chinese Traditional direct conversion, encryption and decryption of characters, cookie operations, file operations, URL operations (get the root URL, etc., often used in the user control, a user control may be a few do not belong to a

The directory hierarchy page call, if the user control has a picture, JS file path will need to get the root directory URL)

7. Must understand the operating environment of the software is hosted in the computer room server or rented space? Managed server development is less restrictive. If it is rented space limit is relatively large, a lot of functions can not be used, if the room is hosted server flexibility is relatively large.

8. Note the SQL statement that is applied in the code, noting that the type of the variable corresponds to the data type in SQL, such as

String a= "45454";
String Sql= "select * from [Customer] customerid=" +a.tostring ();

Compile time is not wrong, the implementation of the time there is a problem. When you go into SQL, "45454" is interpreted as a cosmetic step. An exception occurs if the data range is exceeded. That's all you need. "(single quote)

String a= "45454";
String Sql= "select * from [Customer] customerid= '" +a.tostring () + "'";

9. The encoding process to maximize the realization of the modularity of the function. If you have more than two functional areas on a page, make the other user controls as little as possible between the user controls and the users controls. You can share data by session, Cookie. Modularity not only facilitates code porting, but also facilitates code modification to reading.

10. The design of the Web site should be carefully considered in the cache, so that can greatly improve performance. Generally reading a database is slower than reading a text file on a normal hard disk, so I often cache some XML files into the cache. Test it and you'll see something obvious in performance improvements.

11. The point of change must be considered when designing for different projects. I often do some software for e-commerce platform. The biggest change point of employment often changes in the sales strategy, from delivery to merchandise discounts, often change, for the project is the business logic layer changes frequently. So when writing code, it is best to separate the point of change, business logic is best to write a separate module, frequently used characters can also be converted to a class of constants stored separately.

12. For database integrity Although the constraints do not support cross-data, triggers are supported. Data synchronization between multiple tables can also be implemented using a trigger when the data implementation linkage is handled in C # code for each table. But triggers are only used when other foreign key constraints do not work, because triggers are used as constraints and are not as strong as foreign keys.

13. Good coding standards can ensure good program structure and readability. If the coding specification is done before the project is developed, the readability of the code is greatly reduced even if it is well-structured. Tell me more about naming the database. Generally a medium-sized project less said also have more than 100 tables, if the name of the poor late maintenance staff look is very headache. The general table name is best divided by prefix, suffix lai an function or area. Stored procedures are best used in the form of table name + "_" + verb way to name it for later maintenance, not too short name.