Q : What are the 2 types of controls that you can use on a webform in ASP.NET?
Ans : Web Server Controls
Q : What’s the difference between Server controls and HTML controls?
Ans : 1. Server controls can trigger control-specific events on the server.HTML controls can trigger only page- level events on server (postback).
2. Data entered in a server control is maintained across requests. Server controls retain state.Data is not maintained in an HTML control. Data must be saved and restored using page-level scripts.
3. The Microsoft .NET Framework provides a set of properties for each server control. Properties allow you to change the server control’s appearance and behavior within server-side code.HTML controls have HTML attributes only.
4. Server controls automatically detect browser and adapt display as appropriate.HTML controls do not adapt automatically. You must detect browser in code or write for least common denominator.
Q : What are the 2 Layouts supported by a Web form in ASP.NET?
Ans : Grid layout – Controls are placed exactly where you draw them, and they have absolute positions on the page. Use grid layout for Microsoft Windows–style applications, in which controls are not mixed with large amounts of text. Pages using grid layout will not always display correctly in non-Microsoft browsers.
Flow layout – This layout positions controls relative to other elements on the page. If you add elements at run time, the controls that appear after the new element move down. Use flow layout for document-style applications, in which text and controls are intermingled.
Q : When do you choose between GridLayout and Flow layout for Web forms?
Ans : You use GridLayout for Web forms that have a fixed appearance. You use FlowLayout for Web forms that incorporate text and controls.When you create controls with GridLayout, Visual Studio adds style attributes to each control that set the position of the control.When you create controls with FlowLayout, Visual Studio omits the style attribute.
Q : Give 3 reasons why we use HTML controls over Server Controls?
Ans : Migration from earlier versions of Active Server Pages (ASP) : You can load an ASP application into Visual Studio and revise it gradually, rather than rewrite it completely. Earlier versions of ASP supported only HTML elements, and these elements become HTML controls when you load the project in Visual Studio .NET.
Not all controls require server-side events or state management : This is particularly true when you’re doing data binding. Bound items are usually refreshed from the data source with each request, so it’s more efficient not to maintain state information for bound controls. This means that you can use HTML controls or turn off state management for bound server controls.
You have complete control over what is rendered with HTML controls : ASP.NET adjusts the appearance of server controls based on the browser making the request. HTML controls are not adjusted, so you have direct control over their appearance.
Q : How can you prevent users from editing Text in TextBox control on a web form?
Ans : By making the TextBox a readonly TextBox. To make a TextBox readonly set the ReadOnly property to True.
Q : How do you convert an ASP.NET TextBox to accept passwords?
Ans : To convert and ASP.NET TextBox to accept passwords set the TextMode property to “Password”
Q : What happens when you set the AutoPostBack property of a TextBox to true?
Ans : When AutoPostBack property is set to True, the TextBox control fires a TextChanged postback event when the user leaves the TextBox control after changing the contents. By default, this property is set to False and the TextChanged event is cached until some other postback event occurs.
Q : What are the 3 values that a TextMode property of TextBox can have?
Ans : SingleLine : Single Line TextBox
MultiLine : Multi Line TextBox(scrollable)
Password : When set to Password, the text box displays dots in place of the characters typed.
Q : How do you limit the number of characters entered by a user in the ASP.NET TextBox?
Ans : By setting the MaxLength property of the TextBox. If you set the MaxLength property to 10, a user can enter only 10 characters into the TextBox.
Q : What are ASP.NET Custom controls?
Ans : Custom controls extend the tools available to Web developers. Using custom controls, you can encapsulate key aspects of the visual interface and program logic that you want to reuse throughout your application, or throughout your organization.
Q : What are the 3 types of custom controls in ASP.NET?
Ans : Microsoft Visual Studio .NET provides three types of custom control for use on Web forms.
1. Web user controls : These combine existing server and HTML controls by using the Visual Studio .NET Designer to create functional units that encapsulate some aspect of the user interface. User controls reside in content files, which must be included in the project in which the controls are used.
2. Composite custom controls : These create new controls from existing server and HTML controls. Although similar to user controls, composite controls are created in code rather than visually, and therefore they can be compiled into an assembly (.dll), which can be shared between multiple applications and used from the Toolbox in Visual Studio .NET.
3. Rendered custom controls : These create entirely new controls by rendering HTML directly rather than using composition. These controls are compiled and can be used from the Toolbox, just like composite controls, but you must write extra code to handle tasks that are performed automatically in composite controls.
Q : What are the limitations of user controls in ASP.NET?
Ans : As the user controls are not compiled into assemblies, they have the following limitations:
1. A copy of the control must exist in each Web application project in which the control is used.
2. User controls can’t be loaded in the Visual Studio .NET Toolbox; instead, you must create them by dragging the control from Solution Explorer to the Web form.
3. User control code is initialized after the Web form loads, which means that user control property values are not updated until after the Web form’s Load event.
Q : What are the steps to follow for creating and using a user control in a Web application?
Ans : 1. Add a Web user control page (.ascx) to your project.
2. Draw the visual interface of the control in the designer.
3. Write code to create the control’s properties, methods, and events.
4. Use the control on a Web form by dragging it from Solution Explorer to the Web form on which you want to include it.
5. Use the control from a Web form’s code by declaring the control at the module level and then using the control’s methods, properties, and events as needed within the Web form.
Q : How do you identify user controls?
Ans : User controls are identified by their .ascx file extensions.
Q : What is the base class from which user controls derive?
Ans : User controls derive from System.Web.UI.UserControl base class. This base class provides the base set of properties and methods you use to create the control.
Q : What is the base class from which user controls derive?
Ans : User controls
derive from System.Web.UI.UserControl base class. This base class provides the base set of properties and methods you use to create the control.
Q : What are the steps to follow to create properties and methods for the user control that you can use from a Web form?
Ans : To create properties and methods for the user control that you can use from a Web form, follow these steps:
1. Create the public property or method that you want to make available on the containing Web form.
2. Write code to respond to events that occur for the controls contained within the user control. These event procedures do the bulk of the work for the user control.
3. If the property or method needs to retain a setting between page displays, write code to save and restore settings from the control’s ViewState.
Q : What happens when you drag a user control from solution explorer and drop it on a web form?
Ans : When you drag a user control from solution explorer and drop it on a web form, Visual Studio .NET generates a @Register directive and HTML tags to create the control on the Web form.
Q : What are composite custom controls?
Ans : Composite custom controls combine one or more server or HTML controls within a single control class, which can be compiled along with other control classes to create an assembly (.dll) that contains a custom control library. Once created, the custom control library can be loaded into Visual Studio .NET and used in the same way as the standard server and HTML controls.
Composite custom controls are functionally similar to user controls, but they reside in their own assemblies, so you can share the same control among multiple projects without having to copy the control to each project, as you must do with user controls. However, composite controls are somewhat more difficult to create because you can’t draw them visually using the Visual Studio .NET Designer.
Q : What are the steps to follow create and use a custom control in a Web application?
Ans : 1.Create a solution containing a custom control project.
2. Add a Web application project to the solution, and set it as the startup project. You will use the Web application project to test the custom control during development.
3. Add a project reference from the Web application to the custom control project, and add an HTML @Register directive and control element to use the custom control on a Web form.
4. Create the custom control’s visual interface by adding existing controls to it through the custom control’s CreateChildControls method.
5. Add the properties, methods, and events that the custom control provides.
6. Build and test the custom control.
Q : In general what is the base class for every composite custom control?
Ans : System.Web.UI.WebControls.WebControl
Q : Which directive is used to add a custom control to a Web form?
Ans : Register directive.
Q : What are the 3 Register directive’s attributes?
Ans : TagPrefix : This name identifies the group that the user control belongs to. For example, the tag prefix for ASP.NET server controls is “asp”. You use this prefix to create a naming convention to organize your custom controls.
Namespace : This is the project name and namespace within the custom control assembly that contains the controls to register. Microsoft Visual Basic .NET uses the project name as an implicit namespace, so for controls written in Visual Basic .NET, use the project name.
Assembly : This is the name of the assembly (.dll) containing the custom controls. The control assembly must be referenced by the Web application. Referencing the assembly maintains a copy of it in the Web application’s /bin directory.
Q : What are the differences between User Controls and Custom Controls?
Ans : 1. User Controls are easy to create where as Custom Controls are difficult to create.
2. User Controls cannot be compiled into an assembly, where as Custom Controls can be compiled into an assembly.
3. User Controls cannot be added to tool box, where as Custom controls can be added to the toolbox.
4. You need to have a copy of user control in every project where you want to use it, where as this is not the case with custom controls. You can install a single copy of the Web custom control in the global assembly cache and share it between applications, which makes maintenance easier.
5. User controls are used for reusing existing user interface elements and code, but are not useful for developing reusable components for multiple web applications.
Q : What are Master Pages in ASP.NET? or What is a Master Page?
Ans : ASP.NET master pages allow you to create a consistent layout for the pages in your application. A single master page defines the look and feel and standard behavior that you want for all of the pages (or a group of pages) in your application. You can then create individual content pages that contain the content you want to display. When users request the content pages, they merge with the master page to produce output that combines the layout of the master page with the content from the content page.
Q : What are the 2 important parts of a master page?
Ans : The following are the 2 important parts of a master page
1. The Master Page itself
2. One or more Content Pages
Q : Can Master Pages be nested?
Ans : Yes, Master Pages be nested.
Q : What is the file extension for a Master Page?
Ans : File extension for a Master Page is .master
Q : How do you identify a Master Page?
Ans : The master page is identified by a special @ Master directive that replaces the @ Page directive that is used for ordinary .aspx pages.
Q : Can a Master Page have more than one ContentPlaceHolder?
Ans : Yes, a Master Page can have more than one ContentPlaceHolder.
Q : What is a ContentPlaceHolder?
Ans : ContentPlaceHolder is a region where replaceable content will appear.
Q : How do you bind a Content Page to a Master Page?
Ans : MasterPageFile attribute of a content page’s @ Page directive is used to bind a Content Page to a Master Page.
Q : Can the content page contain any other markup outside of the Content control?
Ans : No.
Q : What are the advantages of using Master Pages?
Ans : 1. They allow you to centralize the common functionality of your pages so that you can make updates in just one place.
2. They make it easy to create one set of controls and code and apply the results to a set of pages. For example, you can use controls on the master page to create a menu that applies to all pages.
3. They give you fine-grained control over the layout of the final page by allowing you to control how the placeholder controls are rendered.
4. They provide an object model that allows you to customize the master page from individual content pages.
Q : What are the 3 levels at which content pages can be attached to Master Page?
Ans : At the page level – You can use a page directive in each content page to bind it to a master page.
At the application level – By making a setting in the pages element of the application’s configuration file (Web.config), you can specify that all ASP.NET pages (.aspx files) in the application automatically bind to a master page.
At the folder level – This strategy is like binding at the application level, except that you make the setting in a Web.config file in one folder only. The master-page bindings then apply to the ASP.NET pages in that folder.
Q : What is @MasterType directive used for?
Ans : @MasterType di
rective is used to create a strongly typed reference to the master page.
Q : Are controls on the master page accessible to content page code?
Ans : Yes, controls on the master page are accessible to content page code.
Q : At what stage of page processing master page and content page are merged?
Ans : During the initialization stage of page processing, master page and content page are merged.
Q : Can you dynaimically assign a Master Page?
Ans : Yes, you can assign a master page dynamically during the PreInit stage using the Page class MasterPageFile property as shown in the code sample below.
void Page_PreInit(Object sender, EventArgs e)
this.MasterPageFile = “~/MasterPage.master”;
Q : Can you access non public properties and non public methods of a master page inside a content page?
Ans : No, the properties and methods of a master page must be public in order to access them on the content page.
Q : From the content page code how can you reference a control on the master page?
Ans : Use the FindControl() method as shown in the code sample below.
// Gets a reference to a TextBox control inside
// a ContentPlaceHolder
ContentPlaceHolder ContPlaceHldr = (ContentPlaceHolder)Master.FindControl (“ContentPlaceHolder1”);
if(ContPlaceHldr != null)
TextBox TxtBox = (TextBox)ContPlaceHldr.FindControl(“TextBox1”);
if(TxtBox != null)
TxtBox.Text = “TextBox Present!”;
// Gets a reference to a Label control that not in
// a ContentPlaceHolder
Label Lbl = (Label)Master.FindControl(“Label1”);
if(Lbl != null)
Lbl.Text = “Lable Present”;
Q : Can you access controls on the Master Page without using FindControl() method?
Ans : Yes, by casting the Master to your MasterPage as shown in the below code sample.
protected void Page_Load(object sender, EventArgs e)
MyMasterPage MMP = this.Master;
MMP.MyTextBox.Text = “Text Box Found”;
Q : What are different page navigation techniques in ASP.NET?
Ans : Hyperlink control : Navigate to another page.
Response.Redirect : Navigate to another page from code. This is equivalent to clicking a hyperlink.
Server.Transfer : End the current Web form and begin executing a new Web form. This method works only when navigating to a Web Forms page (.aspx).
Server.Execute : Begin executing a new Web form while still displaying the current Web form. The contents of both forms are combined. This method works only when navigating to a Web Forms page (.aspx).
Window.Open script method : Display a page in a new browser window on the client.
Q : What is the difference between Response.Redirect and Server.Transfer?
Ans : 1. SWhen we use Server.Transfer the redirection happens on the server where as when we use Response.Redirect the redirection happens from the browser.
2. Server.Transfer is faster as there is no round trip involved while navigating from one webform to another webform. Response.Redirect is slower than Server.Transfer as there is round trip from the server to the client browser.
3. Server.Transfer works only with .aspx files where as Response.Redirect works with .aspx and .Htm pages.
4. Server.Transfer will work with files on the same web server. You can’t use Server.Transfer to send the user to an external site where as Response.Redirect can do that.
5. Server.Transfer does not update the URL in the browser. For example when you navigate from WebForm1.aspx to WebForm2.aspx using Server.Transfer the URL in the browser still shows WebForm1.aspx while you are actually looking at WebForm2.aspx. Response.Redirect updates the URL in the browser.
Q : What is the use of Server.Execute method?
Ans : Server.Execute method is used to process a second Web form without leaving the first Web form. This technique lets you direct the results from a Web form to a region on the current page.
Q : Is it possible to send a webform’s QueryString, ViewState, and event procedure information to another webform?
Ans : Yes, we can use Server.Transfer or Server.Execute to send a webform’s QueryString, ViewState, and event procedure information to another webform.
For this to work you have to set the preserveForm argument to True.To be able to read one Web form’s ViewState from another, you must first set the EnableViewStateMac attribute in the Web form’s Page directive to False. By default, ASP.NET hashes ViewState information, and setting this attribute to False disables that hashing so that the information can be read on the subsequent Web form.
Q : What is Validation controls in ASP.NET?
Ans : ASP.NET provides validation controls to help you check Web form data entries before the data is accepted and saved in the Database. Validation controls can be used to address the following questions.
1. Did the user enter anything?
2. Is the entry the appropriate kind of data (For example, Date of Birth should be a valid Date, Name should be a string etc.)?
3. Is the data within a required range?(For example age cannot be greater than 100 years)
The validation controls check the validity of data entered in associated server controls on the client before the page is posted back to the server.Most validity problems can be caught and corrected by the user without a round-trip to the server.
Q : Where do the ASP.NET validation controls validate data, on the Client or on the Web Server?
Client-side validation is provided by a JScript library named WebUIValidation.js, which is downloaded separately to the client. Validation controls also automatically provide server-side validation. Server-side validation is always performed, whether or not client-side validation has occurred. This double-checking ensures that custom validations are performed correctly and that client-side validation has not been circumvented.
Q : What are the different validation controls provided by ASP.NET?
Ans : RequiredFieldValidator:Checks whether a control contains data
CompareValidator: Checks whether an entered item matches an entry in another control
RangeValidator: Checks whether an entered item is between two values
RegularExpressionValidator: Checks whether an entered item matches a specified format
CustomValidator: Checks the validity of an entered item using a client-side script or a server-side code, or both
ValidationSummary: Displays validation errors in a central location or display a general validation error description
Q : What property of the validation control is used to specify which control to validate?
Ans : ControlToValidate property.
Q : Explain in simple steps how to use validation controls?
Ans : 1.Draw a validation control on a Web form and set its ControlToValidate property to the control you want to validate.
2.If you’re using the CompareValidator control, you also need to specify the ControlToCompare property.
3.Set the validation control’s ErrorMessage property to the error message you want displayed if the control’s data is not valid.
4.Set the validation control’s Text property if you want t
he validation control to display a message other than the message in the ErrorMessage property when an error occurs. Setting the Text property lets you briefly indicate where the error occurred on the form and display the longer ErrorMessage property in a ValidationSummary control.
5.Draw a ValidationSummary control on the Web form to display the error messages from the validation controls in one place.
6.Provide a control that triggers a postback event. Although validation occurs on the client side, validation doesn’t start until a postback is requested.
Q : What is the use of CausesValidation property of an ASP.NET button control?
Ans : CausesValidation property of an ASP.NET button control is used to determine if the validation controls should be fired when the button is clicked. If CausesValidation property is set to true, then validation is performed and if the CausesValidation property is set to false then validation is not done.
Q : Give an example of real time scenario where you might use CausesValidation property of an ASP.NET button control?
Ans : Let us assume we have a Page that collects user information like name, age, date of birth, gender with a submit and reset buttons. When I click the submit button the information filled on the form should be validated and saved to the database. If I click the reset button then all the controls on the webform should default to their initial values without validation happening.So you have to set the CausesValidation property of the reset button to false for the validation to be bypassed. Other wise you will not be able to post back the page to the server.
Q : What is ASP.NET Custom Validator used for?
Ans : ASP.NET Custom Validator is used to perform complex types of validation not provided by the standard validation control, use a CustomValidator control and write code to perform the validation on the server side and optionally on the client side.
Ans : We use Page.IsValid property to determine if all the validations have succeeded. For this property to return true, all validation server controls in the current validation group must validate successfully.
Q : How do you programatically invoke all validation controls on a page?
Ans : Call Page.Validate() method. When this method is invoked, it iterates through the validation controls contained in the ValidatorCollection object associated with the Page.Validators property and invokes the validation logic for each validation control in the current validation group.
Q : What is a validation group?
Ans : Validation groups allow you to group validation controls on a page as a set. Each validation group can perform validation independently from other validation groups on the page.
Q : How do you create a validation group?
Ans : You create a validation group by setting the ValidationGroup property to the same name for all the controls you want to group. You can assign any name to a validation group, but you must use the same name for all members of the group.
Q : Explain how a validation group works when the Page is posted by clicking a button?
Ans : During postback, the Page class’s IsValid property is set based only on the validation controls in the current validation group. The current validation group is determined by the control that caused validation to occur. For example, if a button control with a validation group of LoginGroup is clicked, then the IsValid property will return true if all validation controls whose ValidationGroup property is set to LoginGroup are valid.
Q : Can a DropDownList fire validation controls?
Ans : Yes, DropDownList control can also fire validation if the control’s CausesValidation property is set to true and the AutoPostBack property is set to true.
Q : How do you programatically force all validation controls in a particular validation group to be fired?
Ans : Call the Page.Validate(string GroupName) method and pass the name of the validation group. This will fire only the validation controls in that validation group.
Q : What is SetFocusOnError property of a validation control used for?
Ans : Use the SetFocusOnError property to specify whether focus is automatically set to the control specified by the ControlToValidate property when this validation control fails. This allows the user to quickly update the appropriate control.
If multiple validation controls fail and this property is set to true, the control specified in the ControlToValidate property for the first validation control receives focus.
Q : What is InitialValue property of a RequiredFieldValidator?
Ans : Use this property to specify the initial value of the input control.Validation fails only if the value of the associated input control matches this InitialValue upon losing focus.
Q : What is State management in ASP.NET?
Ans : State management is the process by which you maintain state and page information over multiple requests for the same or different pages.
Q : Why we need State management to maintain state?
Ans : Net Pages are destroyed and re-created with each round trip to the server; therefore, page information will not exist beyond the life cycle of a single page.
Q : What are different state management techniques available in .Net?
Ans : ASP.NET provides multiple ways to maintain state between server round trips this can be either client side or server side.
Client Side State Management options:
Storing page information using client-side options doesn’t use server resources.
1. View state
2. Control state
3. Hidden fields
5. Query strings
Server side state management options:
1. Application state
2. Session state
3. Profile properties
Q : What are the advantages and disadvantages of using client side state management?
Ans : Advantages:
No server resources are required.
Potential security risks
Depends on browser compatibility
Q : What is ViewState?
Ans : Web forms have very short lifetimes.In ASP.NET, the data that is entered in controls is encoded and stored in a hidden field. This encoded data is then sent with each request and restored to controls in Page_Init. The data in these controls is then available in the Page_Load event.The data that ASP.NET preserves between requests is called the Web form’s view state.
Q : How do you enable or disable a ViewState for a control on the page?
Ans : Every ASP.NET control has a property called EnableViewState. If EnableViewState is set to true ViewState is enabled for the control. If EnableViewState is set to false ViewState is disabled for the control.
Q : How do you enable or disable a ViewState at the page level?
Ans : At the page level you can enable or disable ViewState using EnableViewState property of the page.
Q : What is the name of the hidden form field in which ViewState of the page is saved?
Ans : _ViewState
Q : What are the performance implications of ViewState?
Ans : ViewSta
te is usually good to retain the state of the controls on the webform across postbacks. If you have a huge DataGrid with tons of data being loaded on every page load. It is a good idea to disable the ViewState of the DataGrid for the page to load faster. If the ViewState of a large DataGrid is not disabled, ViewState can easily get very large, on the order of tens of kilobytes. Not only does the __ViewState form field cause slower downloads, but, whenever the user posts back the Web page, the contents of this hidden form field must be posted back in the HTTP request, thereby lengthening the request time, as well.
Q : When does ViewState restoration happens?
Ans : During the Page_Init event
Q : What are the disadvantages of using ViewState?
Ans : 1. On all page visits, during the save view state stage the Page class gathers the collective view state for all of the controls in its control hierarchy and serializes the state to a base-64 encoded string. (This is the string that is emitted in the hidden __ViewState form filed.) Similarly, on postbacks, the load view state stage needs to deserialize the persisted view state data, and update the pertinent controls in the control hierarchy.
2. The __ViewState hidden form field adds extra size to the Web page that the client must download. For some view state-heavy pages, this can be tens of kilobytes of data, which can require several extra seconds (or minutes!) for modem users to download. Also, when posting back, the __ViewState form field must be sent back to the Web server in the HTTP POST headers, thereby increasing the postback request time.
Q : Is ViewState encoded?
Ans :Yes, ViewState is base-64 encoded.
Q : What happens during the Page_Init event?
Ans : The server controls are loaded and initialized from the Web form’s view state. This is the first step in a Web form’s life cycle.
Q : What are Cookies in ASP.NET?
Q : What are different types of Cookies?
Ans : Session Cookies
Q : What are Session Cookies?
Ans : Session cookies are stored in-memory during the client browser session. When the browser is closed the session cookies are lost.
Q : How can you create Session Cookies?
Ans : You can create session cookies by calling the Add method of the Cookies collection on the Response object. The Cookies collection contains individual cookie objects of type HttpCookie.
//Code to create a UserName cookie containing the name David.
HttpCookie CookieObject = new HttpCookie(“UserName”, “David”);
//Code to read the Cookie created above Request.Cookies[“UserName”].Value;
Q : What is the difference between Session Cookies and Persistent Cookies?
Ans : Persistent Cookies are same as Session Cookies except that, persistent cookies have an expiration date. The expiration date indicates to the browser that it should write the cookie to the client’s hard drive. Keep in mind that because a user can delete cookies from their machine that there is no guarantee that a cookie you “drop” on a user machine will be there the next time they visit your site.
Q : What are Persistent Cookies used for?
Ans : Persistent cookies are generally used to store information that identifies a returning user to a Web site. Typical information found in Persistent Cookies includes user names or user IDs.
Q : How do you create a Persistent Cookie?
Ans : You create a persistent cookie the same way as session cookies except that you set the Expires property to a Date in the future which will store the Cookie to the client computer harddrive.
//Code to create a UserName Persistent Cookie that lives for 10 days
HttpCookie CookieObject = new HttpCookie(“UserName”, “David”);
CookieObject.Expires = DateTime.Now.AddDays(10);
//Code to read the Cookie created above
Q : What is Cookie Dictionary?
Ans :A cookie dictionary is a single cookie object that stores multiple pieces of information. You use the Values property to access and assign new values to the cookie dictionary.
Q : What are the advantages of Using Cookies?
Ans : 1. Cookies do not require any server resources since they are stored on the client.
2. Cookies are easy to implement.
3. You can configure cookies to expire when the browser session ends (session cookies) or they can exist for a specified length of time on the client computer (persistent cookies).
Q : What are the disadvantages of Using Cookies?
Ans : 1. Users can delete a cookies.
3. Cookies exist as plain text on the client machine and they may pose a possible security risk as anyone can open and tamper with cookies.
Q : How do you create a Cookie that never expires?
Ans :To create a Cookie that never expires set the Expires property of the Cookie object to DateTime.MaxValue.
Q : Are Cookies secure?
Ans : No, Cookies are not secure. You must pay attention to the type of data you store in cookies.
1. Cookies are not designed to store critical information so storing passwords in a cookie is a bad idea.
2. Keep the lifetime of a cookie as short as practically possible.
3. Encrypt cookie data to help protect the values stored in the cookie.
Q : Give an example of using querystrings to send data from one page to another?
Ans : Query strings are a very simple and popular technique to pass data from one Web page to the next. You send data as part of the URL. In the below example FName and LName are sent as part of the URL. In the page load of QueryStrings2.aspx we use Request.QueryString to read the values. As we are sending more than one query string we use the & symbol to seperate query strings.
Q : //Code to send query strings FName and LName as part of the URL
Ans : QueryStrings2.aspx?FName=David&LName=Boon
protected void Page_Load(object sender, EventArgs e)
//Code to read Query String values
string FirstName = Request.QueryString[“FName”];
string LastName = Request.QueryString[“LName”];
Response.Write(“Data from QueryStrings1.aspx : ” + FirstName + “, ” + LastName);
Q : Give an example to send Query Strings from code?
Ans : You can send query strings from server side code using the Response.Redirect() method as shown below.
Q : What are the advantages of using Query Strings?
Ans : 1. Query strings are easy to implement.
2. Browser support for passing values in a query string is nearly universal.
3. Query strings are contained in the HTTP request for a specific URL and do not require server resources.
Q : What are the disadvantages of using querystrings to send data from one page to another?
Ans : 1. Query strings are insecure because the information in the query string is directly visible to the user on the address line in the browser.
2. Many browsers impose a 255 URL character limit which can limit their flexibility.