Asp. NET Development Basics Restudying Learning Notes

Disclaimer: This article is to learn the 2014 version of the ASP. NET Video Tutorial learning notes, only for my review, also did not publish to the blog home page.

Basis of general processing procedure

(1) The form submission Note points:

①get through the Url,post through the newspaper style;

② you need to set the name of the form element in HTML;

③ element ID is used for DOM, name is to be submitted to the server;

(2) request processing response model:

① Browser makes an access request →② the server processes the access request and returns the Html→③ browser parsing the HTML and displaying the page

(3)the difference between get and post :(★★★→ Focus)

①get the value via the URL, and post through the HTTP message;

②get The amount of data transmitted is limited, post is not limited;

③post mode cannot be restored by URL among other users;

④get method URL to pass special characters need to be encoded beforehand;

(4)HTTP protocol basic understanding:

① Connection (Connection):http does not keep the connection (the request is closed), if maintaining the connection will reduce the number of concurrent processing requests of the client, do not keep the connection will slow processing speed (establish a connection is slow);

② Request: Contains the request type, the requested data, and the client information;

③ Response (Response): Contains the specific HTML, the response is successful and error code, etc.;

Second, the Template Engine Development Foundation

(1) disadvantages of the traditional model:

① does not realize the separation of interface and logic, art cannot intervene;

② placeholder substitution is not flexible enough to make complex substitutions;

(2)nvelocity template engine:

① Basic usage: writing templates → providing data → rendering generated html

② extension Usage: What is the difference between include and parse?

→ #include ("head.htm") represents template nested child templates, #parse ("foot.htm") represents template nesting templates, and sub-templates can inherit parameters from parent templates;

③ Note:

Nvelocity parsing jquery code $.ajax in $ when the $ as a special symbol in Nvelocity, the method is to use Jquery.ajax instead of $.ajax;

If you want to pass the DataTable to nvelocity only pass datatable.rows, because rows is a collection (collection), you can use a foreach traversal;

To reduce the time of each nvelocity parsing template, it is recommended to enable nvelocity caching;

Third, the transmission and maintenance of the State

(1) Classic URL delivery:

　　　　① Advantages: Simple direct, clear to whom, data will not mess;

② Disadvantages: cannot be kept secret, security is not high

(2) hidden field delivery:

　　　　① will increase website traffic;

② will reduce the speed of access, think about ViewState;

③ Confidential data cannot guarantee security;

　　(3)cookies:(¡ï ★→ Key)

　　　　① Basic concept: To protect the browser side, each time the request to the server will be brought with a cookie; the server returns the message in addition to the HTML and the updated cookie;

② life cycle: If the expires expiration time is not set, the cookie is terminatedif the browser is closed, and if the expires expiration time is set, the expiry time is the expiration time;

③ Limitations: Limited storage of data, confidential information can not exist in a cookie, cannot cross different browsers, such as: IE, Chorme, Firefox, etc., can be cleared, do not save the data cannot be lost to the cookie;

　　(4)Session:(¡ï ★→ Key)

① Basic Concept: Server-side "Cookie", similar to the medical record;

② life cycle: Session with automatic destruction mechanism;

③ Use Note: HttpHandler to use the session to implement the IRequiresSessionState interface, stored in the server memory, do not store big data;

　　　　④ Relationship to cookies: The session is created with a cookie, essentially a cookie that stores a SessionID as a key to request access every time the submission server Session through this key to find the specific value;

　　(5)application:

　　　　① Basic Concept: Apply global object, be shared globally, add lock before using operation, finish unlock after completion, usually put in Application_Start event in Global.asax;

② Use Note: A lot of books, such as the use of application statistics visitors will lead to the site in large concurrency will be very card, recommended to do web development as far as possible without application, and seldom need to be useful to it;

PS: Many books will use application in this way, is it familiar? Add lock before use, after completion unlock although is a good synchronization operation, but because of this, plus lock will cause in the large concurrency of access in the case of Web site system lag phenomenon.

1     voidApplication_Start (Objectsender, EventArgs e)2     {  3         //code to run when the application starts4application["Count"] =0;//initial set count starting from 05     }6 7     voidSession_Start (Objectsender, EventArgs e)8     {  9         //code to run when a new session is startedTenApplication.Lock ();//synchronization to avoid simultaneous write Oneapplication["Count"]=(int) application["Count"]+1;//This global variable adds 1 for each session created AApplication.UnLock ();//End of synchronization -}

View Code

Iv. Basics of Ajax

(1)Reasons for Ajax:

　　　　① Traditional Global refresh results in a bad user experience; XMLHttpRequest was first introduced in ②IE5;

(2)basic AJAX Concepts:

　　　　①ajax Full Name:asynchronousJavascriptandXml= Asynchronous JavaScript and XML, a technique for local page refresh;

②ajax through the background and the server for a small amount of data exchange, Ajax can make the Web page implementation of the asynchronous update, thereby improving the user experience effect;

(3)basic AJAX process:

　　　　① Browser HTML uses JavaScript to create Xmlhttprequest→② server-side fetch requests to process and return AJAX-style data (such as JSON) →③ browser JavaScript to parse the data returned by the server and to display or change the information locally

(4)Ajax Core object:JavaScript object XMLHttpRequest

　　　　XMLHttpRequest allows us to use JavaScript to make requests to the server and process the response without blocking the user.

PS: Here is a classic example of a purely manual use of JS object XMLHttpRequest:

function ajax (URL, onsuccess) {varxmlhttp = window. XMLHttpRequest?NewXMLHttpRequest ():NewActiveXObject ('Microsoft.XMLHTTP');//Create XMLHTTP objects, consider compatibility. XHRXmlhttp.open ("POST"Urltrue);//prepare to issue a POST request to the server's GETDATE1.ASHX (get may have a caching problem). No request has been made here yet .//Ajax is asynchronous, not waiting for server-side return to continue executionXmlhttp.onreadystatechange =function () {if(Xmlhttp.readystate = =4)//ReadyState = = 4 indicates that the server has returned the completed data. may have experienced 2 before (request sent, in process), 3 (part of the data in response is available, but the server has not completed a response generation)        {            if(Xmlhttp.status = = $)//if the HTTP status code is 200 it is successful{onsuccess (xmlhttp.responsetext); }            Else{alert ("The AJAX server returned an error! "); }        }    }    //do not think if (xmlhttp.readystate = = 4) {Execute before send!!!! Xmlhttp.send ();//This is the time to start sending requests. is not equal to server-side return. Request sent out, I wait! Listen to onReadyStateChange! }

View Code

(5)advantages and disadvantages of Ajax:

① Advantages: The page does not refresh , in the page to communicate with the server, the user experience is very good ; " on-demand data " can minimize the burden of redundant requests and responses to the server; XML standardization , and is widely supported by the browser, no need to install plug-ins, etc.;

② Cons: Since Ajax is only a partial refresh, the back button of the page is useless ( breaking the back button mechanism ); Streaming media and mobile devices are not very good;

V. Client not trusted

(1) client authentication is not a substitute for server-side validation:

① client check is for a better client experience, service-side check is the last time to prevent malicious requests ;

② Request message data can be modified , such as HTTP messages in the useragent, Referer, cookies, etc. can be false;

③JQuery validator+ service-side check is a good way to develop;

(2)validaterequest:

　　　　①asp.net to prevent XSS attacks (cross-site scripting attacks) by default for checksum of request data

② check is required to submit text content containing HTML, set requestvalidationmode= "2.0" in Web. config

    <system.web>        <compilation debug="true" targetframework="4.0  " />        "2.0" />    </system.web>

View Code

The use of the closed check vulnerability can be carried out: the message box to send prizes, collect accounts and passwords;

(3)CKEditor: A classic web online editor

　　　　① In addition to _samples, _source, *.php, *.asp are placed under the Js/ckeditor folder;

The ② page references ckeditor.js;

The location of the ③ page Editor uses textarea, Ckeditor.replace (TEXTAREA) in the page onload or after textarea;

Summarize Mind Mapping

Zhou Xurong

Source: http://www.cnblogs.com/edisonchou/

The copyright of this article is owned by the author and the blog Park, welcome reprint, but without the consent of the author must retain this paragraph, and in the article page obvious location to give the original link.