- What are the different validators in ASP.NET?
ASP.NET validation controls define an important role in validating the user input data. Whenever the user gives the input, it must always be validated before sending it across to various layers of an application. If we get the user input with validation, then chances are that we are sending the wrong data. So, validation is a good idea to do whenever we are taking input from the user.There are the following two types of validation in ASP.NET:
When validation occurs on the server, then it is known as Server-Side Validation. Server-Side Validation is a secure form of validation. The main advantage of Server-Side Validation is if the user somehow bypasses the Client-Side Validation, we can still catch the problem on server-side.
The following are the Validation Controls in ASP.NET:
- Can you set which type of comparison you want to perform by the CompareValidator control?
Yes, by setting the Operator property of the CompareValidator control.
- What is the behavior of a Web browser when it receives an invalid element?
The behavior of a Web browser when it receives an invalid element depends on the browser that you use to browse your application. Most of the browsers ignore the invalid element; whereas, some of them display the invalid elements on the page.
- What are the advantages of the code-behind feature?
The code-behind feature of ASP.NET offers a number of advantages:
Makes code easy to understand and debug by separating application logic from HTML tags
Provides the isolation of effort between graphic designers and software engineers
Removes the problems of browser incompatibility by providing code files to exist on the Web server and supporting Web pages to be compiled on demand.
- How do you sign out from forms authentication?
The FormsAuthentication.Signout() method is used to sign out from the forms authentication.
- What is AutoPostBack?
If you want a control to postback automatically when an event is raised, you need to set the AutoPostBackproperty of the control to True.
- What is View State?
Answer:View State is the method to preserve the Value of the Page and Controls between round trips. It is a Page-Level State Management technique. View State is turned on by default and normally serializes the data in every control on the page regardless of whether it is actually used during a post-back.A web application is stateless. That means that a new instance of a page is created every time when we make a request to the server to get the page and after the round trip our page has been lost immediately
Features of View State
These are the main features of view state:
Retains the value of the Control after post-back without using a session.
Stores the value of Pages and Control Properties defined in the page.
Creates a custom View State Provider that lets you store View State Information in a SQL Server Database or in another data store.
- What Are Advantages of View State?
Advantages of view state are:Easy to Implement. No server resources are required: The View State is contained in a structure within the page load. Enhanced security features: It can be encoded and compressed or Unicode implementation.
- What is the function of the ViewState property?
The ASP.NET 4.0 introduced a new property called ViewStateMode for the Control class. Now you can enable the view state to an individual control even if the view state for an ASP.NET page is disabled.
- Why do you use the App_Code folder in ASP.NET?
The App_Code folder is automatically present in the project. It stores the files, such as classes, typed data set, text files, and reports. If this folder is not available in the application, you can add this folder. One of the important features of the App_Code folder is that only one dll is created for the complete folder, irrespective of how many files it contains.
- Define a multilingual Web site.
A multilingual Web site serves content in a number of languages. It contains multiple copies for its content and other resources, such as date and time, in different languages.
22.What is an ASP.NET Web Form?
ASP.NET Web forms are designed to use controls and features that are almost as powerful as the ones used with Windows forms, and so they are called as Web forms. The Web form uses a server-side object model that allows you to create functional controls, which are executed on the server and are rendered as HTML on the client. The attribute, runat=”server”, associated with a server control indicates that the Web form must be processed on the server.
- What is the difference between a default skin and a named skin?
The default skin is applied to all the Web server controls in a Web form, which are of similar type, and it does not provide a Skin ID attribute. The named skin provides a Skin ID attribute and users have to set the Skin ID property to apply it.
- What are the data controls available in ASP.NET?
The Controls having DataSource Property are called Data Controls in ASP.NET. ASP.NET allows powerful feature of data binding, you can bind any server control to simple properties, collections, expressions and/or methods. When you use data binding, you have more flexibility when you use data from a database or other means.
Data Bind controls are container controls.
Controls -> Child Control
Data Binding is binding controls to data from databases. With data binding we can bind a control to a particular column in a table from the database or we can bind the whole table to the data grid.
Data binding provides simple, convenient, and powerful way to create a read/write link between the controls on a form and the data in their application.
Data binding allows you to take the results of properties, collection, method calls, and database queries and integrate them with your ASP.NET code. You can combine data binding with Web control rendering to relieve much of the programming burden surrounding Web control creation. You can also use data binding with ADO.NET and Web controls to populate control contents from SQL select statements or stored procedures.
Data binding uses a special syntax:
The <%#, which instructs ASP.NET to evaluate the expression. The difference between a data binding tags and a regular code insertion tags <% and %> becomes apparent when the expression is evaluated. Expressions within the data binding tags are evaluated only when the DataBind method in the Page objects or Web control is called.
Data Bind Control can display data in connected and disconnected model.
Following are data bind controls in ASP.NET:
- What is IIS? Why is it used?
Internet Information Services (IIS) is created by Microsoft to provide Internet-based services to ASP.NET Web applications. It makes your computer to work as a Web server and provides the functionality to develop and deploy Web applications on the server. IIS handles the request and response cycle on the Web server. It also offers the services of SMTP and FrontPage server extensions. The SMTP is used to send emails and use FrontPage server extensions to get the dynamic features of IIS, such as form handler.
- What is Query String? What are its advantages and limitations?
The Query String helps in sending the page information to the server.
The Query String has the following advantages:
Every browser works with Query Strings.
It does not require server resources and so does not exert any kind of burden on the server.
The following are the limitations of Query String:
Information must be within the limit because URL does not support many characters.
Information is clearly visible to the user, which leads to security threats.
- What is actually returned from server to the browser when a browser requests an .aspx file and the file is displayed?
When a browser requests an .aspx file then the server returns a response, which is rendered into a HTML string.
- How can you display all validation messages in one control?
The ValidationSummary control displays all validation messages in one control.
- Which two new properties are added in ASP.NET 4.0 Page class?
The two new properties added in the Page class are MetaKeyword and MetaDescription.
- What is tracing? Where is it used?
Tracing displays the details about how the code was executed. It refers to collecting information about the application while it is running. Tracing information can help you to troubleshoot an application. It enables you to record information in various log files about the errors that might occur at run time. You can analyze these log files to find the cause of the errors.
In .NET, we have objects called Trace Listeners. A listener is an object that gets the trace output and stores it to different places, such as a window, a file on your locale drive, or a SQL Server.
The System.Diagnostics namespace contains the predefined interfaces, classes, and structures that are used for tracing. It supplies two classes, Trace and Debug, which allow you to write errors and logs related to the application execution. Trace listeners are objects that collect the output of tracing processes.
Tracing helps to see the information of issues at the runtime of the application. By default Tracing is disabled.
Tracing has the following important features:
We can see the execution path of the page and application using the debug statement.
We can access and manipulate trace messages programmatically.
We can see the most recent tracing of the data.
Tracing can be done with the following 2 types.
Page Level: When the trace output is displayed on the page and for the page-level tracing we need to set the property of tracing at the page level.
<%@ Page Trace=”true” Language=”C#”
Application: Level: In Application-Level tracing the information is stored for each request of the application. The default number of requests to store is 10. But if you want to increase the number of requests and discard the older request and display a recent request then you need to set the property in the web.config file.
- What is the difference between authentication and authorization?
Authentication verifies the identity of a user and authorization is a process where you can check whether or not the identity has access rights to the system. In other words, you can say that authentication is a procedure of getting some credentials from the users and verify the user’s identity against those credentials. Authorization is a procedure of granting access of particular resources to an authenticated user. You should note that authentication always takes place before authorization.
- What is the authentication and authorization in ASP.NET?Authentication: Prove genuineness
Authorization: process of granting approval or permission on resources.
In ASP.NET authentication means to identify the user or in other words its nothing but to validate that he exists in your database and he is the proper user.
Authorization means does he have access to a particular resource on the IIS website. A resource can be an ASP.NET web page, media files (MP4, GIF, JPEG etc), compressed file (ZIP, RAR) etc.
33. What are the types of authentication and authorization in ASP.NET
Types of authentication and authorization in ASP.NET:
There are three ways of doing authentication and authorization in ASP.NET:
Windows authentication: In this methodology ASP.NET web pages will use local windows users and groups to authenticate and authorize resources.
Forms Authentication: This is a cookie based authentication where username and password are stored on client machines as cookie files or they are sent through URL for every request. Form-based authentication presents the user with an HTML-based Web page that prompts the user for credentials.
Passport authentication: Passport authentication is based on the passport website provided by the Microsoft .So when user logins with credentials it will be reached to the passport website ( i.e. hotmail,devhood,windows live etc) where authentication will happen. If Authentication is successful it will return a token to your website.
Anonymous access: If you do not want any kind of authentication then you will go for Anonymous access.
In ‘web.config’ file set the authentication mode to ‘Windows’ as shown in the below code snippets.
We also need to ensure that all users are denied except authorized users. The below code snippet inside the authorization tag that all users are denied. ‘?’ indicates any unknown user.
- How can you register a custom server control to a Web page?
You can register a custom server control to a Web page using the @Register directive.
- Which ASP.NET objects encapsulate the state of the client and the browser?
The Session object encapsulates the state of the client and browser.
Differentiate globalization and localization.
The globalization is a technique to identify the specific part of a Web application that is different for different languages and make separate that portion from the core of the Web application. The localization is a procedure of configuring a Web application to be supported for a specific language or locale.
- What is ViewState?
The ViewState is a feature used by ASP.NET Web page to store the value of a page and its controls just before posting the page. Once the page is posted, the first task by the page processing is to restore the ViewState to get the values of the controls.
- Which method is used to force all the validation controls to run?
The Page.Validate() method is used to force all the validation controls to run and to perform validation.
- Which method has been introduced in ASP.NET 4.0 to redirect a page permanently?
The RedirectPermanent() method added in ASP.NET 4.0 to redirect a page permanently. The following code snippet is an example of the RedirectPermanent() method:
- How can you send an email message from an ASP.NET Web page?
You can use the System.Net.Mail.MailMessage and the System.Net.Mail.SmtpMail classes to send an email in your Web pages. In order to send an email through your mail server, you need to create an object of the SmtpClient class and set the server name, port, and credentials.
- What is the difference between the Response.Write() and Response.Output.Write() methods?
The Response.Write() method allows you to write the normal output; whereas, the Response.Output.Write() method allows you to write the formatted output.
- What does the Orientation property do in a Menu control?
Orientation property of the Menu control sets the horizontal or vertical display of a menu on a Web page. By default, the orientation is vertical.
- Differentiate between client-side and server-side validations in Web pages.
- How does a content page differ from a master page?
A content page does not have complete HTML source code; whereas a master page has complete HTML source code inside its source file.
- Suppose you want an ASP.NET function (client side) executed on the MouseOver event of a button. Where do you add an event handler?
The event handler is added to the Add() method of the Attributes property.
- What is the default timeout for a Cookie?
The default time duration for a Cookie is 30 minutes.
- What are HTTP handlers in ASP.NET?
HTTP handlers, as the name suggests, are used to handle user requests for Web application resources. They are the backbone of the request-response model of Web applications. There is a specific event handler to handle the request for each user request type and send back the corresponding response object.
Each user requests to the IIS Web server flows through the HTTP pipeline, which refers to a series of components (HTTP modules and HTTP handlers) to process the request. HTTP modules act as filters to process the request as it passes through the HTTP pipeline. The request, after passing through the HTTP modules, is assigned to an HTTP handler that determines the response of the server to the user request. The response then passes through the HTTP modules once again and is then sent back to the user.
You can define HTTP handlers in the <httpHandlers> element of a configuration file. The <add> element tag is used to add new handlers and the <remove> element tag is used to remove existing handlers. To create an HTTP handler, you need to define a class that implements the IHttpHandler interface.
- What are the events that happen when a client requests an ASP.NET page from IIS server?
The following events happen when a client requests an ASP.NET page from the IIS server:
User requests for an application resource.
The integrated request-processing pipeline receives the first user request.
Response objects are created for each user request.
An object of the HttpApplication class is created and allocated to the Request object.
The HttpApplication class processes the user request.
- Explain file-based dependency and key-based dependency.
In file-based dependency, you have to depend on a file that is saved in a disk. In key-based dependency, you have to depend on another cached item.
- How can you implement the postback property of an ASP.NET control?
You need to set the AutoPostBack property to True to implement the PostBack property of controls.
- Explain how Cookies work. Give an example of Cookie abuse.
The server tells the browser to put some files in a cookie, and the client then sends all the cookies for the domain in each request. An example of cookie abuse is large cookies affecting the network traffic.
- What are Cookies in ASP.NET?
Cookies are a State Management Technique that can store the values of control after a post-back. Cookies can store user-specific Information on the client’s machine like when the user last visited your site. Cookies are also known by many names, such as HTTP Cookies, Browser Cookies, Web Cookies, Session Cookies and so on. Basically cookies are a small text file sent by the web server and saved by the Web Browser on the client’s machine.List of properties containing the HttpCookies Class:
Domain: Using these properties we can set the domain of the cookie.
Expires: This property sets the Expiration time of the cookies.
HasKeys: If the cookies have a subkey then it returns True.
Name: Contains the name of the Key.
Path: Contains the Virtual Path to be submitted with the Cookies.
Secured: If the cookies are to be passed in a secure connection then it only returns True.
Value: Contains the value of the cookies.
Limitation of the Cookies
The size of cookies is limited to 4096 bytes.
A total of 20 cookies can be used in a single website.
- Explain login controls.
Login controls are built-in controls in ASP.Net for providing a login solution to ASP.NET application. The login controls use the membership system to authenticate a user credentials for a Web site.
There are many controls in login controls.
ChangePassword control – Allows users to change their password.
CreateUserWizard control – Provides an interface to the user to register for that Web site.
Login control – Provides an interface for user authentication. It consists of a set of controls, such as TextBox, Label, Button, CheckBox, HyperLink.
LoginView control – Displays appropriate information to different users according to the user’s status.
LoginStatus control – Shows a login link to users, who are not authenticated and logout link, who are authenticated
LoginName control – Displays a user name, if the user logs in.
PasswordRecovery control – Allows users to get back the password through an e-mail, if they forget.
- Use of CheckBox in .NET?
The CheckBox control is a very common control of HTML, unlike radio buttons it can select multiple items on a webpage. The CheckBox control in ASP.NET has many properties and some of them are listed below.
||Specifies whether the form should be posted immediately after the Checked property has changed or not. The default is false.
||Specifies if a page is validated when a Button control is clicked.
||Specifies whether the check box is checked or not.
||Attribute names and values used for the Input element for the CheckBox control.
||Attribute names and values used for the Label element for the CheckBox control.
||Specifies that the control is a server control. Must be set to “server”.
||The text next to the check box.
||On which side of the check box the text should appear (right or left).
||Group of controls for which the Checkbox control causes validation when it posts back to the server.
||The name of the function to be executed when the Checked property has changed.
- What is the use of PlaceHolder control? Can we see it at runtime?
The PlaceHolder control acts as a container for those controls that are dynamically generated at runtime. We cannot see it at runtime because it does not produce any visible output. It used only as a container.
- What setting must be added in the configuration file to deny a particular user from accessing the secured resources?
To deny a particular user form accessing the secured resources, the web.config file must contain the following code:
<deny users=”username” />