I want to design and develop a web base software that enable user to report a problem or discussion using ASP.NET and SQL server.
This application might has many forms. For example Form A for reporting bug for software 1 and etc.
I don't want to create a table for keeping data per form.
Solution that comes to my mind is making UserControl per form. and when user chooses a form application loading target usercontrol.
Now I have challenge for save and restore data that user entered into target usercontrol.
What is your suggestion ?
What do you suggest instead of using UserControl ?
I have also review using XML to keeping forms structures but I think its hard to create UI from XML .
I can not see the difficulty in saving and restoring your data.
If you use user control, then I assume you want to reuse it in other forms as well, or it doesnt make any sense.
Or what you want is to load asp.net controls dynamically?
Then step by step:
Firstly create a proper form page you need, then convert it into several user controls (according the business logic).
Reuse user controls you just converted in other forms based on XML
config files, or URL, or query string or session. In XML you can specify the method name you going to call for saving or retrieving data. (That's the structure of one of projects I worked on)
Hoep it helps.
How to: Convert Web Forms Pages into ASP.NET User Controls
Related
We have SharePoint 2010 application with contains Custom Web Parts. A single web part usually contain around 200 UI fields. Some of them are enabled and few are disabled with default values that will be loaded based on the logged in user.
Recently we came across an issue, user while submitting the application can use FireBug/DOM Explorer or some other developer tool and can tweak the disabled fields which finally submits the wrong values to the database.
We are trying to use Session Variables to store these default values and while storing them to database taking these values from Session instead of taking them from UI form.
Please let me know whether there is any better way to prevent such hacks in SharePoint?
I need to develop a web based product. Features of this will be available to users based on subscription categories like Basic Version /Premium Version / Enterprise Version. I would like to maintain single source for these subscription categories.
Here my question is,
How to design web application, which has features enabled based on configuration / subscription categories?
Thanks in Advance
This is very general question, and I will answer generally.
You can assign Roles to your registered users, and then you check using the IsUserInRole to
see what you going to show and what not.
To gain speed you can assign the permission to the user session and not always call the IsUserInRole
You can open and close some part of your page using the Panel and the Visible of it. Also close the Viewstate of the Panels that are hidden.
Alternative you can use UserControls that inside of them you check if the user have permission to see it or not, and you hide it OnInit, and also disable the ViewState of it.
And of course if a full page is not permitted you can always make a full redirect.
So a full page can have Panels, and UserControls, and the views of it depend from the user level.
You will not be able to get this readymade , you have to design the application based on the technology you are using.
I had similar kind of project going on in which we store the list of feature in database and when the page initializes loads the feature list in session.
On various pages we are showing/hiding controls based on the feature availability.
Offcourse Single feature can also have category based on the User Roles that we can check using FormAuthentication methods and change the page server side accordingly.
Let me know if you have any specific approach in mind and have question related with it.
I'm doing some research on security and sitemaps in ASP.net and am unfortunately running short on time. I have not worked too much with ASP.net security so I'm not completely sure if I'm heading in the right direction.
Here is my problem:
I have a public website (i.e. on the internet) that will allow any user to sign up to. The website will be developed using ASP.net webforms. These users may create other users and assign these users different roles.
Different roles have different restrictions and the menu is displayed appropriately. For example, a user acting as an administrator can see all menu options. Whereas a limited user will only see some of these menu items.
There needs to be the ability for users on our end to modify what pages certain roles can access. For example, if Role1 can do task X, we would like to be able at some point modify Role1 to no longer do task X. This would be done using an application built in-house.
User types (roles) are to be saved in the database. User permissions (what pages each type can have access to) are also to be saved saved in the database.
Here is something I am thinking of doing:
Implement the authorization and authentication set up built in to ASP.net using the web.config file
Use Sitemaps to dynamically create menus/breadcrumbs from the database
I believe it is possible to do the second one using custom providers (please correct me if I'm wrong). But I am not entirely sure if it's possible to configure the web.config file dynamically.
I suppose this is really more of a yes/no answer but I would just like to make sure I'm not going in the wrong direction. I will be using VS2008 and .net 3.5 framework.
Many thanks.
Yes, it's possible to do what you're saying. You can dynamically create the sitemaps using a custom SiteMapProvider, see this articlet http://www.codeproject.com/KB/aspnet/dynamicsitemap.aspx.
You can also modify the web.config at runtime using an XmlReader or if you prefer, just reading it into a string and parsing out the authorization element. I'd put it in a separate file, though, using configSource:
<authorization configSource="auth.config" />
Then you only need to modify that file and not worry about messing up the web.config
Is there a way to share the session between ASP3 And ASP.NET?
Thanks
Despite all of Microsoft's best efforts to make ASP and ASP.NET coexist effortlessly, one area remains a stumbling block... session state. Fortunately the advantages of ASP.NET's upgraded session state management far outweigh the inconvenience of not being able to pass "Classic" session information to .NET. Unfortunately there is no simple solution; the most I can offer is an easy to implement workaround.
In trying to find a suitable resolution, I've come across two good options that are worth mentioning. The first involves parsing the session information out to hidden form fields on a "Classic" intermediate page and then submitting the page to a .NET intermediate page that loads the form fields into the session state. This is a good, simple solution, however it doesn't work both ways. In .NET you cannot specify the page that you submit to. Each page has to PostBack to itself.
The second option is probably closer to an actual solution than to a workaround. Billy Yuen at Microsoft has developed an effective solution. The code is elegant, the integration appears to be seamless, but I couldn't get it to work on my system (remember I said that there was no simple solution, not that there was no solution at all). If this solution works for you, great! You won't need my code and you'll be happily passing session information from "Classic" to .NET like it's going out of vogue, thanks for stopping by.
Ok, if you're still reading let me briefly describe the workaround I've created. It requires a database, but it is not important which type of database (though the code is written for SQL Server). When a page (source page) wants to redirect to another page (destination page) that uses a different version of ASP, it calls an intermediate page. The source intermediate page takes each session variable and adds it to the database along with a Globally Unique ID (GUID). Since "Classic" and .NET use different SessionID formats it is not possible to use SessionID, hence the use of a GUID. The source intermediate page then passes the GUID to the destination intermediate page through a Querystring variable. The destination intermediate page retrieves the session information from the database, cleans up after itself, and then redirects to the destination page. It's similar to the first workaround, but supports transferring state in both directions.
Code Usage
Installation
Run the SQL Query in "ASPSessionState.sql" on the database which will hold the temporary Session information.
Copy the .asp and .aspx.* (SessionTransfer.aspx and SessionTransfer.aspx.cs) files to a folder on your website.
Update connection object information in the "SessionTransfer.asp" and "SessionTransfer.aspx.cs" files. It is located in three places in each file (sorry about not consolidating the connection info).
Compile the aspx files.
The .asp and .aspx.* files must all reside in the same folder to work.
Usage
For use in a Hyperlink (Anchor Tag) or a Response.Redirect, set the destination URL to be one of the following:
From a ASP "Classic" page:
SessionTransfer.asp?dir=2aspx&url=<asp_dotnet_url>
From an ASP.NET page:
SessionTransfer.aspx?dir=2asp&url=<asp_classic_url>
The code will transfer the Session information and Redirect the user to the url specified by or .
Download
You can download the code from here: session_transfer.zip (4.6 KB).
Could take a look at NSession it allows sharing session state between Classic ASP and ASP.Net using State server. Pretty easy to setup just configure App to use State Server for session and register a couple of dll files.
Two web applications I'm working with are using the ASP.NET membership and each have areas for user information which use this Property name/value storage method in the database.
Here is an example:
PropertyNameValues
publicEmail:S:0:19:yahooIM:S:19:0:timezone:S:19:2:commonName:S:21:4:birthdate:S:25:81:signatureFormatted:S:106:0:gender:S:106:1:fontsize:S:107:1:signature:S:108:0:dateFormat:S:108:15:enableEmoticons:S:123:4:webLog:S:127:0:enablePostPreviewPopup:S:127:5:location:S:132:12:bio:S:144:0:webAddress:S:144:0:interests:S:144:0:icqIM:S:144:0:aolIM:S:144:0:language:S:144:5:occupation:S:149:0:msnIM:S:149:0:
PropertyValues
someemailhere#here.com-6Asia<?xml version="1.0" encoding="utf-16"?>
<dateTime>0001-01-01T00:00:00</dateTime>20ddd, MMM d yyyyTrueFalseTest Testing-US
I can see the jist of how it works, name values show at what length in the property value string to begin grabbing and when to end - but is there an existing function to split these apart into an array or something?
Thanks!
How this works depends on if you are using a "web site" or a "web application" project type. If you are using a regular asp.net web site project, you will have a dynamically generated Profile object you can use to fetch user properties from.
If your application is MVC or a Web Application Project though, you will have to make your own profile object. I recommend you grab the web profile builder. This tool creates the ProfileCommon object that is needed to get at the profile data.
In general, I personally have found through repeated exposure that the Profile provider system supplied in asp.net is quite dreadful for storing actual user information (the kind of stuff you are using it for). The profile provider mechanism is great for stuff like user preferences (stuff usually called personalization) such as "always show details" or "I prefer the green background". The reason is that the profile system only makes the profile data easily accessable within the request of the one user. If you have admin tools that need to read from multiple user's profiles, you will find that performance will quickly degenerate, and getting at the profile data is actually quite difficult.
For these reasons, I recommend that you consider not using the profile system for the kind of data you are storing there. You will be a lot better off rolling your own tables and objects to store and fetch this particular kind of info. But if you never need to access the data for more than one user at a time, the built-in profile stuff is alright.
It looks like you're referring to the ASP.NET Profile system.
Within the code-behind of an aspx page, just use Profile.publicEmail, Profile.yahooIM, etc. There's an automatically generated class that parses that out for you. See the linked article for more details.