advanced web forms with databases programming right from the start with visual basic.net 1/e 13
TRANSCRIPT
AdvancedWeb Forms
with Databases
Programming Right from the Start with Visual Basic .NET 1/e
13
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 2
Objectives
• Understand the principles behind a three-tier architecture
• Know the advantages and disadvantages of client-side state management techniques
• Know the advantages and disadvantages of server-side state management techniques
• Develop an advanced Web Forms database application
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 3
13-1 Three-Tier Architecture
• Business applications involving databases are often divided into three layers:– The presentation layer – web browser– The application layer – IIS Web server– The data layer – database server
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 4
13-1 Three-TierArchitecture (cont.)
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 5
Presentation Layer
• The presentation layer runs on the user’s computer (the client) and provides the application interface.
• A fat client performs relatively significant processing, with less load on the middle tier.
• A thin client typically involves a web browser for displaying HTML with minimal processing.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 6
Application Layer
• The application layer provides various modules and services that are essential for the solution, including the processing of the business-based computing rules.
• The application layer provides a mediator between the presentation layer and the database layer.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 7
Data Layer
• The database layer is responsible for all database access required by the solution.
• This layer usually provides support for adding, deleting, updating, and retrieving information from the database.
• Connections to the database server eases database account maintenance and improves data security.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 8
13-2 State Management
• The HTTP protocol is stateless, which means that each request for a new web page is processed without any knowledge of previous pages requested.
• State management refers to techniques by which developers maintain the state of a web application across multiple page requests.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 9
13-3 Client-Side State Management Techniques
• The following are client-side state management options available to ASP.NET developers:– View state– Cookies– Query strings
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 10
View State
• A web page is re-created each round trip.
• ASP.NET provides view state which represents the state of the page when it was last processed on the server.
• The view state is visible in the HTML source and is a potential security issue.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 11
Query String
• A query string is information appended to the end of a page’s URL.
• Query strings typically begin with a “?”.
• Query strings are not secure because the query information is visible in the browser.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 12
Cookies• A cookie is a small text file stored on the
client machine.• The browser attaches the cookie with each
new HTTP request before sending it to the server, which can read the data and respond appropriately.
• The information stored in a cookie can be exposed so they are not the best means of handling sensitive information.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 13
13-4 Server-Side State Management Techniques
• The following are server-side state management options available to ASP.NET developers:– Application state– Session state– Database support
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 14
Application State
• An ASP.NET application is the sum of all files, pages, and code that resides on a server.
• When a web application runs, ASP.NET maintains information about the application in the application state.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 15
Application State (cont.)
• The application state allows developers to create application variables that can be set and read throughout the lifetime of the application.
• Application variables are global variables– Application(“AppVariableName”)
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 16
Session State
• A session is the period of time that a unique browser interacts with a web application.
• When a new session is created, ASP.NET maintains information about the session in the session state.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 17
Session State (cont.)
• The session state allows developers to create session variables that can be set and read throughout the lifetime of the session.
• Sessions and their variables expire after twenty minutes of inactivity.– Session(“SessionVariableName”)
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 18
Database Support• Data stored in application variables and
session variables will be lost if the application is interrupted; therefore, state information should be stored in a database.
• State information should be maintained for:– Security– Queries– Capacity– Data mining
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 19
Security
• Customer information stored in a database is an extra level removed from the presentation layer, making the data less available for malicious use.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 20
Queries
• Storing data in a database gives the application all the power and functionality of databases in general, including the ability to query for specific information.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 21
Capacity
• Databases are especially good at handling large amounts of information, and the data services can be split off to a data layer that resides on one or more data servers, allowing the web application to avoid a performance decrease.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 22
Data Mining
• An application could maintain information about times and dates of customer visits, pages visited, time per page, items ordered, and so on.
• This information could be mined for interesting relationships – information that could provide a strategic business advantage.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 23
Chapter Summary
• The presentation layer provides the client interface, the application layer usually implements the business logic of a solution, and the data storage layer maintains the database and tools for data access.
• Client-side state management is less secure than server-side state management.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 24
Chapter Summary (cont.)
• When a web application runs, ASP.NET maintains information about the application in the application state.
• Application variables are helpful for storing small amounts of infrequently changed global information that is used by many users.
Crews/Murphy – Programming Right from the Start with Visual Basic.NET 1/e – ©2004 Prentice Hall 25
Chapter Summary (cont.)
• Session state variables are helpful for storing small amounts of short-lived information that is specific to an individual session.
• Database support is good for storing large amounts of information or information that must survive application and session restarts.
AdvancedWeb Forms
with Databases
Programming Right from the Start with Visual Basic .NET 1/e
13