Pro ASP.NET 4 in C# 2010, 4th Edition
® THE EXPERT’S VOICE
Pro ASP.NET 4 in
C# 2010 FOURTH EDITION SOURCE CODE ONLINE Matthew MacDonald, Adam Freeman, www.apress.com and
Mario Szpuszta
Pro ASP.NET 4 in C# 2010
Fourth Edition
■ ■ ■ Matthew MacDonald, Adam Freeman, and Mario Szpuszta
Pro ASP.NET in C# 2010, Fourth Edition
Copyright © 2010 by Matthew MacDonald, Adam Freeman, and Mario Szpuszta All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright the publisher.
ISBN-13 (pbk): 978-1-4302-2529-4
ISBN-13 (electronic): 978-1-4302-2530-0 Printed and bound in the United States of America 9 8 7 6 5 4 3 2 1 Trademarked names, logos, and images may appear in this book. Rather than use a trademark
symbol with every occurrence of a trademarked name, logo, or image we use the names, logos, and
images only in an editorial fashion and to the benefit of the trademark owner, with no intention of
infringement of the trademark. The use in this publication of trade names, trademarks, service marks, and similar terms, even ifthey are not identified as such, is not to be taken as an expression of opinion as to whether or not
they are subject to proprietary rights.President and Publisher: Paul Manning Lead Editor: Ewan Buckingham Technical Reviewers: Fabio Claudio Ferracchiati and Todd Meister
Editorial Board: Clay Andres, Steve Anglin, Mark Beckner, Ewan Buckingham, Gary Cornell,
Jonathan Gennick, Jonathan Hassell, Michelle Lowman, Matthew Moodie, Duncan Parkes, Jeffrey Pepper, Frank Pohlmann, Douglas Pundick, Ben Renow-Clarke, Dominic Shakeshaft, Matt Wade, Tom Welsh Coordinating Editor: Anne Collett
Copy Editors: Ralph Moore, Katie Stence, Kim Wimpsett Compositor: Mary Sudul Indexer: Kevin Broccoli Artist: April Milne Cover Designer: Anna Ishchenko Distributed to the book trade worldwide by Springer Science+Business Media, LLC., 233 Spring
For information on translations, please e-mail
Apress and friends of ED books may be purchased in bulk for academic, corporate, or promotional
use. eBook versions and licenses are also available for most titles. For more information, reference
our Special Bulk Sales–eBook Licensing web page at The information in this book is distributed on an “as is” basis, without warranty. Although every precaution has been taken in the preparation of this work, neither the author(s) nor Apress shallhave any liability to any person or entity with respect to any loss or damage caused or alleged to be
caused directly or indirectly by the information contained in this work.The source code for this book is available to readers at ill need to answer questions pertaining to this book in order to successfully download the code.
Contents at a Glance
Contents....................................................................................................................
About the Technical Reviewer ...........................................................................
Part 1: Core Concepts ............................................................................................... ■
Chapter 2: Visual Studio.....................................................................................
■
Chapter 3: Web Forms........................................................................................
■
Chapter 4: Server Controls...............................................................................
■
Chapter 5: ASP.NET Applications .....................................................................
■
Chapter 6: State Management .........................................................................
■
Part 2: Data Access .............................................................................................. ■
Chapter 8: Data Components and the DataSet .................................................
■
Chapter 9: Data Binding ...................................................................................
■
Chapter 10: Rich Data Controls........................................................................
■
Chapter 11: Caching and Asynchronous Pages ...............................................
■
Chapter 12: Files and Streams.........................................................................
■
Chapter 13: LINQ ..............................................................................................
■
Chapter 14: XML...............................................................................................
■
Part 3: Building ASP.NET Websites.......................................................................
■Chapter 25: Cryptography.............................................................................. ■
Chapter 33: Dynamic Data ............................................................................. ■
Chapter 32: MVC ............................................................................................ ■
Chapter 31: Portals with Web Part Pages...................................................... ■
Chapter 30: ASP.NET AJAX............................................................................. ■
Chapter 29: JavaScript and Ajax Techniques ................................................ ■
Chapter 28: Graphics, GDI+, and Charting ..................................................... ■
Chapter 27: Custom Server Controls.............................................................. ■
Chapter 26: Custom Membership Providers .................................................. ■
Chapter 24: Profiles ......................................................................................... ■
Chapter 15: User Controls ................................................................................ ■
Chapter 23: Authorization and Roles ............................................................... ■
Chapter 22: Windows Authentication............................................................... ■
Chapter 21: Membership.................................................................................. ■
Chapter 20: Forms Authentication ................................................................... ■
Chapter 19: The ASP.NET Security Model ........................................................ ■
Chapter 18: Website Deployment..................................................................... ■
Chapter 17: Website Navigation....................................................................... ■
Chapter 16: Themes and Master Pages ........................................................... ■
Chapter 34: Silverlight ...................................................................................
Contents
Contents at a Glance................................................................................................ About the Technical Reviewer ...........................................................................
Part 1: Core Concepts ............................................................................................... ■
The Seven Pillars of ASP.NET
#1: ASP.NET Is Integrated with the .NET Framework #3: ASP.NET Is Multilanguage ................................................................................................... #5: ASP.NET Is Object-Oriented................................................................................................. #7: ASP.NET Is Easy to Deploy and Configure ....................................................................................
The Evolution of ASP.NET
ASP.NET 1.0 and 1.1............................................................................................................ ASP.NET 3.5.................................................................................................................... Silverlight ....................................................................................................................
Summary
Chapter 2: Visual Studio..................................................................................... ■
Introducing Visual Studio Websites and Web Projects ...................................................................................................... Designing a Web Page...........................................................................................................
The Visual Studio IDE Solution Explorer .............................................................................................................. Toolbox ........................................................................................................................ Server Explorer ................................................................................................................
The Code Editor Adding Assembly References ..................................................................................................... Visual Studio 2010 Improvements................................................................................................
The Code Model How Code-Behind Files Are Connected to Pages How Events Are Connected to Event Handlers .....................................................................................
Web Projects Creating a Web Project .........................................................................................................
Visual Studio Debugging Single-Step Debugging.......................................................................................................... Advanced Breakpoints...........................................................................................................
The Web Development Helper Chapter 3: Web Forms........................................................................................
■ Page Processing
HTML Forms .....................................................................................................................
Dynamic User Interface .........................................................................................................
Automatic Postbacks............................................................................................................
XHTML Compliance...............................................................................................................
Web Forms Processing Stages
Page Framework Initialization ..................................................................................................
Validation.....................................................................................................................
Automatic Data Binding .........................................................................................................
A Page Flow Example ............................................................................................................
The Page As a Control Container
Showing the Control Tree .......................................................................................................
Dynamic Control Creation.......................................................................................................
The Page Class
Session, Application, and Cache ................................................................................................
Response .......................................................................................................................
User ...........................................................................................................................
Accessing the HTTP Context in Another Class
Summary
Chapter 4: Server Controls...............................................................................
■Types of Server Controls
The Server Control Hierarchy ...................................................................................................
HTML Server Controls
The HtmlControl Class ..........................................................................................................
The HtmlContainerControl Class................................................................................................. The HTML Server Control Classes ................................................................................................ Programmatically Creating Server Controls ......................................................................................
Web Controls ...............................................................................................................142
The WebControl Base Class...................................................................................................... Units .......................................................................................................................... Colors ......................................................................................................................... Focus .......................................................................................................................... Scrollable Panels ..............................................................................................................
The List Controls The Selectable List Controls ...................................................................................................
Input Validation Controls..............................................................................................162
The Validation Controls........................................................................................................ The BaseValidator Class ........................................................................................................ The RangeValidator Control ..................................................................................................... The RegularExpressionValidator Control ......................................................................................... The ValidationSummary Control .................................................................................................. Validation Groups..............................................................................................................
Rich Controls
The AdRotator Control ..........................................................................................................
Summary
Chapter 5: ASP.NET Applications .....................................................................
■Anatomy of an ASP.NET Application
The Application Domain.........................................................................................................
Application Updates............................................................................................................
The global.asax Application File
Application Events .............................................................................................................
ASP.NET Configuration ................................................................................................192
The machine.config File ........................................................................................................
<system.web> ...................................................................................................................
<appSettings> ..................................................................................................................
Reading and Writing Configuration Sections Programmatically
Extending the Configuration File Structure.....................................................................................
.NET Components
Creating a Component ...........................................................................................................
Using a Component Through the Bin Directory
Extending the HTTP Pipeline........................................................................................219
HTTP Handlers ..................................................................................................................
Configuring a Custom HTTP Handler ..............................................................................................
Using Configuration-Free HTTP Handlers ......................................................................................... Creating an HTTP Handler for Non-HTML Content Creating a Custom HTTP Module ..................................................................................................
Summary
Chapter 6: State Management ......................................................................... ■
ASP.NET State Management A View State Example........................................................................................................... Assessing View State ........................................................................................................... View State Security ............................................................................................................
Transferring Information Between Pages The Query String...............................................................................................................
Cookies Session Architecture ........................................................................................................... Configuring Session State ......................................................................................................
Static Application Variables...................................................................................................
Summary
Part 2: Data Access .............................................................................................. ■
The ADO.NET Architecture ADO.NET Data Providers .........................................................................................................
Standardization in ADO.NET .....................................................................................................
The Connection Class
Connection Strings .............................................................................................................
Connection Pooling.............................................................................................................
The Command and DataReader Classes
Command Basics.................................................................................................................
The ExecuteReader() Method and the DataReader
The ExecuteNonQuery() Method ...................................................................................................
Using Parameterized Commands ...................................................................................................
Transactions
Transactions and ASP.NET Applications..........................................................................................
Savepoints .....................................................................................................................
Provider-Agnostic Code
Creating the Factory ...........................................................................................................
A Query with Provider-Agnostic Code ............................................................................................
Summary
Chapter 8: Data Components and the DataSet .................................................
■Building a Data Access Component
The Data Package...............................................................................................................
The Data Utility Class.........................................................................................................
Disconnected Data
Web Applications and the DataSet ...............................................................................................
XML Integration ................................................................................................................ The DataSet
Filling a DataSet .............................................................................................................. Searching for Specific Rows .................................................................................................... Data Binding ...................................................................................................................
The DataView Class Sorting with a DataView ........................................................................................................ Advanced Filtering with Relationships ..........................................................................................
Summary
Chapter 9: Data Binding ................................................................................... ■
Single-Value Binding ........................................................................................................... Repeated-Value Binding .........................................................................................................
Data Source Controls The Page Life Cycle with Data Binding..........................................................................................
The SqlDataSource Selecting Records.............................................................................................................. Handling Errors................................................................................................................ Deleting Records ............................................................................................................... Disadvantages of the SqlDataSource .............................................................................................
The ObjectDataSource Selecting Records..............................................................................................................
Updating Records ...............................................................................................................
The Limits of the Data Source Controls
The Problem ....................................................................................................................
Handling the Extra Options with the SqlDataSource
Summary
Chapter 10: Rich Data Controls........................................................................
■The GridView
Defining Columns ...............................................................................................................
Formatting the GridView
Formatting Fields..............................................................................................................
Formatting-Specific Values .....................................................................................................
GridView Row Selection
Using Selection to Create a Master-Details Form
Using a Data Field As a Select Button ..........................................................................................
Sorting the GridView
Sorting with the SqlDataSource .................................................................................................
Sorting and Selection ..........................................................................................................
Paging the GridView
Automatic Paging ...............................................................................................................
Custom Pagination with the ObjectDataSource
GridView Templates
Using Multiple Templates .......................................................................................................
Editing Templates in Visual Studio ............................................................................................. Handling Events in a Template .................................................................................................. Client IDs in Templates........................................................................................................
The ListView Grouping .......................................................................................................................
The DetailsView and FormView The DetailsView ................................................................................................................
Advanced Grids Summaries in the GridView ...................................................................................................... Editing a Field Using a Lookup Table........................................................................................... Detecting Concurrency Conflicts ................................................................................................
Summary
Chapter 11: Caching and Asynchronous Pages ............................................... ■
Understanding ASP.NET Caching.................................................................................477 Output Caching ............................................................................................................478
Declarative Output Caching ..................................................................................................... Caching with Specific Query String Parameters Caching with the HttpCachePolicy Class ......................................................................................... Cache Profiles................................................................................................................. Output Caching Extensibility...................................................................................................
Data Caching Adding Items to the Cache ......................................................................................................
A Simple Cache Test............................................................................................................
Caching with the Data Source Controls..........................................................................................
Cache Dependencies
File and Cache Item Dependencies ...............................................................................................
The Item Removed Callback ......................................................................................................
How Cache Notifications Work ...................................................................................................
Creating the Cache Dependency ..................................................................................................
Custom Cache Dependencies
A Basic Custom Cache Dependency ................................................................................................
Asynchronous Pages
Creating an Asynchronous Page..................................................................................................
Handling Errors................................................................................................................
Multiple Asynchronous Tasks and Timeouts
Summary
Chapter 12: Files and Streams.........................................................................
■Working with the File System......................................................................................527
The Directory and File Classes .................................................................................................
The DriveInfo Class............................................................................................................
Filter Files with Wildcards ....................................................................................................
The Path Class .................................................................................................................
Reading and Writing Files with Streams Text Files ..................................................................................................................... Uploading Files ................................................................................................................ Compression....................................................................................................................
Serialization Chapter 13: LINQ ..............................................................................................
■ LINQ Basics
Deferred Execution ............................................................................................................. LINQ Expressions...............................................................................................................
Typed DataSets .................................................................................................................
LINQ to Entities Generating the Data Model...................................................................................................... Entity Relationships ........................................................................................................... LINQ to Entities Queries “Under the Hood”......................................................................................
Database Operations Inserts........................................................................................................................ Deletes........................................................................................................................ Handling Concurrency Conflicts .................................................................................................
The EntityDataSource Control Displaying Data................................................................................................................
Getting Related Data...........................................................................................................
Validation.....................................................................................................................
Using the QueryExtender Control
Using a SearchExpression .......................................................................................................
Using a PropertyExpression.....................................................................................................
Summary
Chapter 14: XML...............................................................................................
■When Does Using XML Make Sense?
The Advantages of XML ..........................................................................................................
XML Namespaces .................................................................................................................
XML Schemas....................................................................................................................
Stream-Based XML Processing
Writing XML Files..............................................................................................................
In-Memory XML Processing
The XmlDocument ................................................................................................................
The XDocument ..................................................................................................................
Searching XML Content
Searching with XmlDocument .....................................................................................................
Searching XDocument with LINQ..................................................................................................
Validating XML Content................................................................................................651
A Basic Schema.................................................................................................................
Validating with XDocument ......................................................................................................
Transforming XML Content A Basic Stylesheet ............................................................................................................. Using the Xml Control ..........................................................................................................
XML Data Binding Nonhierarchical Binding ........................................................................................................ Nested Grids ................................................................................................................... Using XSLT..................................................................................................................... Updating XML Through the XmlDataSource
XML and the ADO.NET DataSet Converting the DataSet to XML..................................................................................................
Summary
Part 3: Building ASP.NET Websites....................................................................... ■
User Control Basics Creating a Simple User Control .................................................................................................
Adding Code to a User Control Handling Events................................................................................................................ Using Custom Objects ........................................................................................................... Exposing the Inner Web Control .................................................................................................
Dynamically Loading User Controls Portal Frameworks ..............................................................................................................
Partial Page Caching
VaryByControl ..................................................................................................................
Summary
Chapter 16: Themes and Master Pages ...........................................................
■Cascading Style Sheets
Creating a Stylesheet ..........................................................................................................
Themes
Theme Folders and Skins ........................................................................................................
Handling Theme Conflicts.......................................................................................................
Skins with Templates and Images................................................................................................
Applying Themes Through a Configuration File
Standardizing Website Layout
A Simple Master Page ...........................................................................................................
Default Content................................................................................................................
Master Pages and Relative Paths ................................................................................................
Advanced Master Pages
Interacting with the Master Page Class.........................................................................................
Nesting Master Pages ...........................................................................................................
Summary
Chapter 17: Website Navigation....................................................................... ■
Pages with Multiple Views The MultiView Control ..........................................................................................................
Site Maps Defining a Site Map ............................................................................................................ Breadcrumbs .................................................................................................................... The Site Map Objects........................................................................................................... Creating a Custom SiteMapProvider..............................................................................................
URL Mapping and Routing URL Mapping ....................................................................................................................
The TreeView Control The TreeNode ................................................................................................................... TreeView Styles ................................................................................................................
The Menu Control Menu Styles....................................................................................................................
Summary
Chapter 18: Website Deployment..................................................................... ■
Installing and Configuring IIS Installing IIS 7 ...............................................................................................................
Deploying a Website Deploying by Copying Files.....................................................................................................
Using FTP Deployment...........................................................................................................
Managing a Website
Creating a New Site............................................................................................................
Using the VirtualPathProvider..................................................................................................
Using Application Warm-Up......................................................................................................
Extending the Integrated Pipeline
Creating the Handler...........................................................................................................
Configuring the Handler........................................................................................................
Summary
Part 4: Security..................................................................................................... ■
What It Means to Create Secure Software
Understanding Potential Threats ................................................................................................
Understanding Gatekeepers ......................................................................................................
Understanding the Levels of Security
Authentication .................................................................................................................
Confidentiality and Integrity ..................................................................................................
Understanding Secure Sockets Layer
Understanding Certificates .....................................................................................................
Configuring SSL in IIS 7.x .....................................................................................................
Summary
Chapter 20: Forms Authentication ................................................................... ■
Introducing Forms Authentication Why Use Forms Authentication?.................................................................................................. Why Not Implement Cookie Authentication Yourself?
Configuring Forms Authentication ............................................................................................... Creating a Custom Login Page ................................................................................................... Persistent Cookies in Forms Authentication.....................................................................................
IIS 7.x and Forms Authentication Chapter 21: Membership..................................................................................
■ Introducing the ASP.NET Membership API
Configuring Forms Authentication ............................................................................................... Configuring Connection String and Membership Provider
Using the Security Controls The Login Control.............................................................................................................. The LoginView Control.......................................................................................................... The ChangePassword Control.....................................................................................................
Configuring Membership in IIS 7.x Configuring Providers and Users ................................................................................................
Using the Membership Class
Retrieving Users from the Store ................................................................................................
Creating and Deleting Users ....................................................................................................
Summary
Chapter 22: Windows Authentication...............................................................
■