ASP. NET Status Management

Source: Internet
Author: User
Tags http cookie


LClient-differentiated, page-insensitive

LThe amount of data increases as the number of clients (concurrency) increases.

LWhat is stored on the server:Data is stored on the server(Inproc,StateServer,Sqlserver)

LWhat is stored on the client:The client storesSessionid

LThere is an expiration Policy

LApplicable scenarios: User-related data, shopping cart, user account,


LGlobal data, shared by all clients: client-independent, page-independent

LWhat is stored on the server:Data is stored on the server (in the server process)

LWhat is stored on the client:The client does not store anyApplicationStatus data

LMulti-thread concurrent access may occur, and synchronization is required (Lock/unlock)

LApplicable scenarios: global data inApplication_startAnd then access

ViewstateView status

LDifferentiate clients and pages

LWhat is stored on the server:Data on servers and clients(Page data)Shuttle back and forth

LWhat is stored on the client:Data on servers and clients(Page data)Shuttle back and forth

LApplicable scenarios: temporary data on a single page, used for interaction between a user and a page.

LLow Security

Instance field on the page

LDifferentiate clients, pages, and requests

LThe survival time is very short. It is valid only when the server processes the page.

LNarrow Applicability

Static Field

LGlobal data, shared by all clients: client-independent, page-independent

LWhat is stored on the server:Data is stored on the server (in the server process)

LWhat is stored on the client:The client does not store anyStaticStatus data

LMulti-thread concurrent access may occur. You need to write your own synchronization.Code(WorseApplicationConvenient)

LApplicable scenarios: global data is initialized wherever needed and then accessed on other pages

Query stringQuery string

LDifferentiate clients and share them between two adjacent pages (using data in the address bar)

LWhat is stored on the server:Data Interaction in the address bar of the server and client browser

LWhat is stored on the client:Data Interaction in the address bar of the server and client browser

LApplicable scenario: as a separate keyword for data queryCopyOr storage. Security loss;Heterogeneous website Systems(JSP, ASP, PHP)AndASP. NETPage Integration


LDifferentiate clients and share them between two adjacent pages (using data in the address bar)

LWhat is stored on the server:Data from the client pagePostTo the server

LWhat is stored on the client:Data from the client pagePostTo the server

LApplicable scenarios: heterogeneous website Systems(JSP, ASP, PHP)AndASP. NETPage Integration

Status Management in ASP. NET (1)

Web table webpages are based on HTTP and are stateless, which means they do not know whether all requests come from the same client computer, whether the webpage is damaged, and whether the webpage is refreshed, in this way, information may be lost. As a result, status management becomes the development of Internet applicationsProgramA real problem.

In ASP, we can easily solve these problems through cookies, query strings, applications, and dialogs. Now in the ASP. NET environment, we can still use these features, but they are more diverse and more powerful.

There are two main ways to manage Internet web pages: client and server.

1. Client status management:

During multiple request-response periods between the client and server, the server does not save the information, and the information will be stored on the webpage or user's computer.

A. Cookie

Cookie is a small amount of data stored in the text file of the client file system or in the memory of the client browser conversation. It is mainly used to track data settings. The following is an example: Suppose we want to customize a welcome Internet webpage. When a user requests a default Internet webpage, the application will first check whether the user has registered before, we can obtain user information from cookies:

[C #]
If (request. Cookies ["username"]! = NULL)
Lbmessage. Text = "dear" + request. Cookies ["username"]. Value + ", welcome shopping here !";
Lbmessage. Text = "welcome shopping here !";

To store user data, we can use the following code:

[C #]
Response. Cookies ["username"]. value = username;

In this way, when the user requests the webpage, we can easily identify the user.

Status Management in ASP. NET (2)
B. Hide the domain

The hidden domain is not displayed in the user's browser, but we can set its attributes like setting the property controlled by the standard. When a webpage is submitted to the server, the hidden domain content and other controlled values are sent to the HTTP form set together. A hidden domain can be a repository of Webpage-related information stored on a webpage. A hidden domain stores a variable in its value attribute and must be explicitly added to the webpage.

The htmlinputhidden control in ASP. NET provides the function of hiding a domain.

[C #]
Protected system. Web. UI. htmlcontrols. htmlinputhidden hidden1;
File: // assign values to hidden fields
Hidden1.value = "this is a test ";
File: // obtain the value of a hidden field
String STR = hidden1.value;

Note that to use a hidden domain, you must use the http-POST method to submit an Internet webpage. Although its name is a hidden field, its value is not hidden.Source code"Function to find its value.

C. view the status

Each control on a web forms page, including the webpage itself, has a property named viewstate. It is a built-in structure that automatically maintains the webpage and control status, this means that after submitting a webpage to the server, we do not need to take any measures to restore the controlled data.
Here, the viewstate attribute is useful for us. We can use it to store information during multiple request-response periods with the server.

[C #]
File: // save information
Viewstate. Add ("shape", "circle ");
File: // get information
String shapes = viewstate ["shape"];

Note: Unlike hidden fields, viewstate attributes are invisible and compressed and encrypted when you use the view source code function.

D. query strings

The query string provides a simple and restricted maintenance state information method. We can easily transfer information from one web page to another, however, most browsers and client devices limit the URL length to 255 characters. In addition, the query value is transmitted to the Internet through a URL. Therefore, in some cases, security becomes a major problem.

The URL with the query string is as follows:

Http:// Categoryid = 1 & productid = 101

After a client requests list. aspx, you can use the following code to obtain the Directory and product information:

[C #]
String categoryid, productid;
Categoryid = request. Params ["categoryid"];
Productid = request. Params ["productid"];

Note: You can only use HTTP-get to submit the Internet webpage. Otherwise, you cannot obtain the required value from the query string.

Status Management in ASP. NET (3)

2. Server Status Management

Information is stored on the server. Despite its high security, it occupies a large amount of Web Server resources.

A. aplication object

The aplication object provides a mechanism for all code running on the Web application server to access the stored data. data inserted into the state variables of the Application object should be shared by multiple dialogs, and will not change frequently. Because it can be accessed by all applications, we need to use the lock and unlock pairs to avoid conflicting values.

[C #]

Application. Lock ();

Application ["mydata"] = "mydata ";

Application. Unlock ();

B. Session Object

The Session object can be used to store the information of a specified dialog that needs to be maintained during multiple server request-response and webpage requests. The Session object is the basis for the existence of each conversation, that is, different clients generate different session objects. The data stored in the dialog state variable has a short period of time.

The ASP. Net dialog of each activity is uniquely identified and tracked by a sessionid string containing valid url ascii characters and 120 characters. The sessionid value is unique byAlgorithmGenerated so that there is no conflict between conversations. the randomness of sessionid makes it difficult for us to guess the ID of an existing conversation.

According to the application configuration, sessionid is transmitted between client-server requests through HTTP cookies or the modified URL. Then, how to set the dialog equipment Method for application configuration.

Each web application must have a configuration file named Web. config, which is based on an XML file. The following is a dialog named sessionstate:

The value of cookieless is true or false. When its value is false (default), Asp. net will use HTTP cookie to identify users; when its value is true, Asp. net will generate a unique number randomly and put it in front of the requested file. This number is used to identify the user and we can see it in the address bar of IE:

Http: // localhost/management/(2yzakzez3eqxut45ukyzq3qp)/default. aspx

OK. Next we will return to the session object.

[C #]
File: // storage Information
Session ["myname"] = "Mike ";
File: // obtain information
Myname = session ["myname"];

C. Database

The database enables us to store a large amount of State-related information in Web applications. Sometimes, users frequently access the database using a unique ID, and we can store it in the database, used in multiple requests to webpages on the website.


ASP. NET has more functions and tools than ASP, allowing us to manage the status of web pages more effectively and efficiently. Which method is related to your application? The following questions can be taken into consideration during the selection:

· How much information does it need to store?

· Does the client accept persistent or in-memory cookies?

· Do you want to store information on the client or server?

· Do the information to be stored need to be kept confidential?

· What is the performance of your webpage?

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.