Friday, March 19, 2010

State Managements in .NET

State Management Techniques in ASP.NET

Developer is forced to implement various state management techniques when developing applications which provide customized content and which “remembers” the user.Here we are here with various options for ASP.NET developer to implement state management techniques in their applications. Broadly, we can classify state management techniques as client side state management or server side state management. Each technique has its own pros and cons. Let’s start with exploring client side state management options.

Client side State management Options:

ASP.NET provides various client side state management options like Cookies, QueryStrings (URL), Hidden fields, View State and Control state (ASP.NET 2.0). Let’s discuss each of client side state management options.

Bandwidth should be considered while implementing client side state management options because they involve in each roundtrip to server. Example: Cookies are exchanged between client and server for each page request.


A cookie is a small piece of text stored on user’s computer. Usually, information is stored as name-value pairs. Cookies are used by websites to keep track of visitors. Every time a user visits a website, cookies are retrieved from user machine and help identify the user.

Let’s see an example which makes use of cookies to customize web page.

if (Request.Cookies["UserId"] != null)

lbMessage.text = “Dear” + Request.Cookies["UserId"].Value + “, Welcome to our website!”;


lbMessage.text = “Guest,welcome to our website!”;

If you want to store client’s information use the below code



* Simplicity


* Cookies can be disabled on user browsers

* Cookies are transmitted for each HTTP request/response causing overhead on bandwidth

* Inappropriate for sensitive data

Hidden fields:

Hidden fields are used to store data at the page level. As its name says, these fields are not rendered by the browser. It’s just like a standard control for which you can set its properties. Whenever a page is submitted to server, hidden fields values are also posted to server along with other controls on the page. Now that all the web controls have built in state management in the form of view state and new feature in 2.0 control state, hidden fields functionality seems to be redundant. We can still use it to store insignificant data. We can use hidden fields in ASP.NET pages using following syntax

protected System.Web.UI.HtmlControls.HtmlInputHidden Hidden1;

//to assigns a value to Hidden field

Hidden1.Value=”Create hidden fields”;

//to retrieves a value

string str=Hidden1.Value;


* Simple to implement for a page specific data

* Can store small amount of data so they take less size.


* Inappropriate for sensitive data

* Hidden field values can be intercepted(clearly visible) when passed over a network

View State:

View State can be used to store state information for a single user. View State is a built in feature in web controls to persist data between page post backs. You can set View State on/off for each control using EnableViewState property. By default, EnableViewState property will be set to true. View state mechanism poses performance overhead. View state information of all the controls on the page will be submitted to server on each post back. To reduce performance penalty, disable View State for all the controls for which you don’t need state. (Data grid usually doesn’t need to maintain state). You can also disable View State for the entire page by adding EnableViewState=false to @page directive. View state data is encoded as binary Base64 – encoded which add approximately 30% overhead. Care must be taken to ensure view state for a page is smaller in size. View State can be used using following syntax in an ASP.NET web page.

// Add item to ViewState

ViewState["myviewstate"] = myValue;

//Reading items from ViewState



* Simple for page level data

* Encrypted

* Can be set at the control level


* Overhead in encoding View State values

* Makes a page heavy

Query strings:

Query strings are usually used to send information from one page to another page. They are passed along with URL in clear text. Now that cross page posting feature is back in 2.0, Query strings seem to be redundant. Most browsers impose a limit of 255 characters on URL length. We can only pass smaller amounts of data using query strings. Since Query strings are sent in clear text, we can also encrypt query values. Also, keep in mind that characters that are not valid in a URL must be encoded using Server.UrlEncode.

Let’s assume that we have a Data Grid with a list of products, and a hyperlink in the grid that goes to a product detail page, it would be an ideal use of the Query String to include the product ID in the Query String of the link to the product details page (for example, productdetails.aspx?productid=4).

When product details page is being requested, the product information can be obtained by using the following codes:

string productid;



* Simple to Implement


* Human Readable

* Client browser limit on URL length

* Cross paging functionality makes it redundant

* Easily modified by end user

Control State:

Control State is new mechanism in ASP.NET 2.0 which addresses some of the shortcomings of View State. Control state can be used to store critical, private information across post backs. Control state is another type of state container reserved for controls to maintain their core behavioral functionality whereas View State only contains state to maintain control’s contents (UI). Control State shares same memory data structures with View State. Control State can be propagated even though the View State for the control is disabled. For example, new control Grid View in ASP.NET 2.0 makes effective use of control state to maintain the state needed for its core behavior across post backs. Grid View is in no way affected when we disable View State for the Grid View or entire page

Server Side State management:

As name implies, state information will be maintained on the server. Application, Session, Cache and Database are different mechanisms for storing state on the server.

Care must be taken to conserve server resources. For a high traffic web site with large number of concurrent users, usage

of sessions object for state management can create load on server causing performance degradation

Application object:

Application object is used to store data which is visible across entire application and shared across multiple user sessions. Data which needs to be persisted for entire life of application should be stored in application object.

In classic ASP, application object is used to store connection strings. It’s a great place to store data which changes infrequently. We should write to application variable only in application_Onstart event (global.asax) or application.lock event to avoid data conflicts. Below code sample gives idea




Session object:

Session object is used to store state specific information per client basis. It is specific to particular user. Session data persists for the duration of user session you can store session’s data on web server in different ways. Session state can be configured using the section in the application’s web.config file.

Configuration information:

cookieless = <”true” | “false”>

timeout =

sqlconnectionstring =

server =

port =


This setting supports three options. They are InProc, SQLServer, and State Server

Cookie less:

This setting takes a Boolean value of either true or false to indicate whether the Session is a cookie less one.


This indicates the Session timeout vale in minutes. This is the duration for which a user’s session is active. Note that the session timeout is a sliding value; Default session timeout value is 20 minutes


This identifies the database connection string that names the database used for mode SQLServer.


In the out-of-process mode State Server, it names the server that is running the required Windows NT service: aspnet_state.


This identifies the port number that corresponds to the server setting for mode State Server. Note that a port is an unsigned integer that uniquely identifies a process running over a network.

You can disable session for a page using EnableSessionState attribute. You can set off session for entire application by setting mode=off in web.config file to reduce overhead for the entire application.

Session state in ASP.NET can be configured in different ways based on various parameters including scalability, maintainability and availability

* In process mode (in-memory)- State information is stored in memory of web server

* Out-of-process mode- session state is held in a process called aspnet_state.exe that runs as a windows service.

* Database mode – session state is maintained on a SQL Server database.

In process mode:

This mode is useful for small applications which can be hosted on a single server. This model is most common and default method to store session specific information. Session data is stored in memory of local web server

Configuration information:

sqlConnectionString=”data source=server;user id=freelance;password=freelance”

cookieless=”false” timeout=”20″ />


* Fastest mode

* Simple configuration


* Session data will be lost if the worker process or application domain recycles

* Not ideal for web gardens and web farms

Out-of-process Session mode (state server mode):

This mode is ideal for scalable and highly available applications. Session state is held in a process called aspnet_state.exe that runs as a windows service which listens on TCP port 42424 by default. You can invoke state service using services MMC snap-in or by running following net command from command line.

Net start aspnet_state

Configuration information:


sqlConnectionString=”data source=;user id=freelance; password=freelance”

cookieless=”false” timeout=”20″/>


* Supports web farm and web garden configuration

* Session data is persisted across application domain recycles. This is achieved by using separate worker process for maintaining state


* Out-of-process mode provides slower access compared to In process

* Requires serializing data

SQL-Backed Session state:

ASP.NET sessions can also be stored in a SQL Server database. Storing sessions in SQL Server offers resilience that can serve sessions to a large web farm that persists across IIS restarts.

SQL based Session state is configured with aspnet_regsql.exe. This utility is located in .NET Framework’s installed directory

C:\\\framework\. Running this utility will create a database which will manage the session state.

Configuration Information:

sqlConnectionString=”data source=server;user id=freelance;password=freelance”

cookieless=”false” timeout=”20″ />


* Supports web farm and web garden configuration

* Session state is persisted across application domain recycles and even IIS restarts when session is maintained on different server.


* Requires serialization of objects

Choosing between client side and Server side management techniques is driven by various factors including available server resources, scalability and performance. We have to leverage both client side and server side state management options to build scalable applications.

When leveraging client side state options, ensure that little amount of insignificant information is exchanged between page requests.

Various parameters should be evaluated when leveraging server side state options including size of application, reliability and robustness. Smaller the application, In process is the better choice. We should account in the overheads involved in serializing and deserializing objects when using State Server and Database based session state. Application state should be used religiously.


Ref :



















Tuesday, November 24, 2009

query on datagrid


I want to query a datagrid on the page. possibly using Linq.

My purpose is to extract data of a column into an IList:-
currently doing like:-
for each(raddatagriditem item in radgrid.items)

but Due to performance concerns, I want to use Linq directly to populate "uniquecolumnname" string  values to another Ilist<string>.

please suggest how to query a datagrid item collection directly.

email removed


Reply 1

Hi hemantrhtk,

Do you mean get all the values of “uniquecolumnname” from DataGridView (You have said Linq, so it might be DataGridView not DataGrid, right?)?

If my understanding is correct, you can use this code to get value
foreach (DataGridViewRow dgvRow in myDataGridView1.Rows)
If I misunderstood you, please feel free to tell me.

Kira Qian

Reply 2

You can also use DataTable.Select(filterExpression) instead.

With best regards, Yasser Zamani

Tuesday, October 20, 2009

SpSiteDataQuery with more than 256 conditions.


I am getting error :-
Incorrect syntax near 'UserData'.
System.Data.SqlClient.SqlException: Too many table names in the query. The maximum allowable is 256.

if I use spsitedataquery with more than 256 conditions.

at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection) at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) at System.Data.SqlClient.SqlDataReader.ConsumeMetaData() at System.Data.SqlClient.SqlDataReader.get_MetaData() at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString) at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async) at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, DbAsyncResult result) at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method) at System.Data.SqlClient.SqlCommand.ExecuteReader(CommandBehavior behavior, String method) at System.Data.SqlClient.SqlCommand.ExecuteReader(CommandBehavior behavior) at Microsoft.SharePoint.Utilities.SqlSession.ExecuteReader(SqlCommand command, CommandBehavior behavior) at Microsoft.SharePoint.SPSqlClient.ExecuteQuery(Boolean& bSucceed) at Microsoft.SharePoint.Library.SPRequestInternalClass.CrossListQuery(String bstrUrl, String bstrXmlWebs, String bstrXmlLists, String bstrXmlQuery, ISP2DSafeArrayWriter pCallback, Object& pvarColumns) at Microsoft.SharePoint.Library.SPRequest.CrossListQuery(String bstrUrl, String bstrXmlWebs, String bstrXmlLists, String bstrXmlQuery, ISP2DSafeArrayWriter pCallback, Object& pvarColumns) at Microsoft.SharePoint.SPWeb.GetSiteData(SPSiteDataQuery query) at.......

Did anybody faced this issue before ?



Reply 1

Can you include the CAML query you are trying to run, any view field set and background on what you are trying to achieve?

My SharePoint Blog -

Reply 2

is it something to do with length of the caml query possibly?

Reply 3

The Query property of the SPSiteDataQuery is a string.  I don't believe the CAML Query has a max length.

My SharePoint Blog -

Thursday, October 15, 2009

detect if new spfile is uploaded


Is there a way to detect if
a new spfile is uploaded in document library/ old spfile is replaced for the same item
only the meta data have been edited. (may be in itemupdated eventhandler.)

Thanks & Regards
Hemant Kumar

Reply 1

When a file is replaced, the ItemUpdated event is triggered.  The same is true if you just change the metadata for the file.  Not sure if it's relevant to you, but replacing an existing file does not call ItemDeleted and ItemAdded.  In other words, it's not a delete and add operation.

Randy -

Reply 2


Yes, as Williams’s information, both file replacing action and metadata updating action trigger ItemUpdated event.

And perhaps you need to distinguish them by BeforeProperties and AfterProperties.

Here is a  Williams article for detailed information when retrieving event’s  before and after value.

Hope this can help.


Best Regards,


Reply 3


@hemantrhtk :) Please look at this link :
A great artcile for eventhandler.

Best Regards,


Reply 4

Hello Aron

Could you suggest , possibly what is is the column /property name which changes while new doc is uploaded/previous doc is overridden.

I tried the same thing before starting this thread with all the properties in loop , but could not figure out the possible column/property name.


Friday, June 1, 2007

How far I should go with customization ........

Almost every SharePoint project starts with elaborating  what the current version of SharePoint supports as Out of Box  feature .

But at the end of the day , level of customization we require in these OOB feature is huge.

To make it easy for future upgrades and better performance and really really get what Microsoft promise , we should be inclined towards no  customization.

Sunday, June 4, 2006

What's the difference between Abstract classes and Interfaces?

Features                                      Interfaces                                abstract class

Multiple inheritanceA class may inherit several interfaces.A class may inherit only one abstract class.
Default implementationAn interface cannot provide any code, just the signature.An abstract class can provide complete, default code and/or just the details that have to be overridden.
Access ModfiersAn interface cannot have access modifiers for the subs, functions, properties etc everything is assumed as publicAn abstract class can contain access modifiers for the subs, functions, properties
Core VS PeripheralInterfaces are used to define the peripheral abilities of a class. In other words both Human and Vehicle can inherit from a IMovable interface.An abstract class defines the core identity of a class and there it is used for objects of the same type.
HomogeneityIf various implementations only share method signatures then it is better to use Interfaces.If various implementations are of the same kind and use common behaviour or status then abstract class is better to use.
SpeedRequires more time to find the actual method in the corresponding classes.Fast