Transcript Maintaining State MacDonald Ch. 9 MIS 324 Professor Sandvig Maintaining State Tools:  1. 2. 3. 4. Cookies Viewstate Session Cache 1. Cookies  Text stored in user’s browser   We can create cookies Read our own cookies  Used.

Maintaining State
MacDonald Ch. 9
MIS 324
Professor Sandvig
Maintaining State
Tools:

1.
2.
3.
4.
Cookies
Viewstate
Session
Cache
1. Cookies

Text stored in user’s browser


We can create cookies
Read our own cookies

Used for retaining state information:





User identification
Items in shopping cart
Date of last visit
User preferences
etc.
1. Cookies

Write:

Single value per cookie:
• Response.Cookies[“Name”].Value = “Bart”;

Multiple values per cookie
• Response.Cookies[“Name”][“First”] = “Bart”;
• Response.Cookies[“Name”][“Last”] = “Simpson”;
•

Read


Request.Cookies[“Name”].Value;
Request.Cookies[“Name”][“First”].Value;
1. Cookies
 Expiration:



Default: when browser is closed
Response.Cookies[“CookieName”].Expires =
DateTime.Now.AddDays(180);
Delete Cookie: set expiration to past (-1)
1. Cookies
 Testing

for cookie
Attempt to read a cookie that is not present:
Error: Object reference not set to an instance of an object
 Solution:
If (Request.Cookies[“Name”] != null) {
//safe to read cookie
name = Request.Cookies[“Name”] .Value;
}
1. Cookies
 Benefits:



Persist between sessions
Keep track of usernames, last visit, etc.
Easy to use
 Drawbacks:


Client can block
Not secure
2. Viewstate

Data in web controls automatically stored


May add to viewstate programmatically


Encoded in hidden form field
ViewState[“UserID”] = “333”;
Retrieve with same syntax

Returned datatype is object
• Must convert

int intUserID = Convert.ToInt32(ViewState["UserID"]);
ViewState

Benefits:



Very convenient
Can access data even when controls hidden
Drawback


Difficult to transfer between pages
Does not persist between sessions
Viewstate Security
 Concern:
man-in-the-middle attacks
 Encoded

Viewstate decoder (grab viewstate here)
 Encryption

Can turn on in page or for application
• Adds overhead

Use SSL
• Encrypts everything on page
3. Sessions



Data stored on server
Unique to each user
Uses cookie to associate with user


Create:


User must have cookies enabled
Session[“LastName”] = “Simpson”;
Delete


Session.Abandon; – Deletes the session
Session.Remove[“LastName”]; – removes items
Sessions

Expiration



Default: 20 minutes
Session.Timeout = 60;
Benefits

Secure
• Client cannot view, edit, delete


Automatic timeout
Drawbacks



Do not persist
Require cookies
Use server resources
4. Cache
 Stored

Application
 Often


used to cache data
Example: XML Music
 Store

on server
any type of data / object
Stored as type “object”
Recast when retrieved
Cache
 Add

item to cache:
Cache.Insert(“key”, object, dependency,
absoluteExpiration, slidingExpiration)
 Example:

Cache.Insert(“cat30”, “apples”, null,
DateTime.Now.AddSeconds(60),
Cache.NoSlidingExpiration)
Cache
 Retrieve:
If (Cache[“cat30”] != null) {
string fruit = (string) Cache[“cat30”];
}
Cache
 Benefits:



Secure
Many expiration options
Store any object
 Drawbacks:

??
When to use each:
Cookies
•
•
Viewstate
• Data associated with page
• Similar to hidden form field
Session
• Secure
• Associated with each user session
Cache
• Secure
• Share data across sessions
• Control expiration
Need data to persist across sessions
Security not important
Example: output (source)
Summary

Maintaining state:

Method depends on needs

Several flexible alternatives