Interview Tips Interview Tips, Interview Questions and Answers

13Oct/110

Additional security when calling JSON serialized services

A security feature of ASP.NET web services that are JSON serialized through the ASP.NET AJAX extensions is that they must be requested in a specific way. This is an important deterrent against your services being used in XSS attacks. Scott Guthrie has a great post providing detailed information on the particulars. It boils down to is two things:

  • The request must be an HTTP POST request
  • The request’s content-type must be: “application/json; charset=utf-8?

When you register and call a web service through ASP.NET AJAX’s ScriptManager, you may safely enjoy blissful ignorance of these requirements. The framework transparently handles everything for you.

However, if you want to use a third party AJAX framework to request the JSON serialized output, you may run into trouble due to these security features.

Tagged as: , , , , , , , , , No Comments
1Oct/110

Code Issues specific to partial methods

There are several conditions that are applied to partial methods, such as:

    Partial methods must be void
    Signatures of both parts of partial methods must match
    Access modifiers are not allowed for partial methods
    Partial methods must be declared in partial classes
    etc

You don’t have to remember all these conditions if you have the CodeRush code issues feature turned on. When the rule of the partial method declaration is violated, code issues will show you an error or a hint, and you can fix it before you compile the code. These code issues are:
Partial method cannot have access modifiers or the virtual, abstract, override, new, sealed, or extern modifiers

If a partial method has an invalid modifier (e.g., virtual, abstract, override, new, sealed, extern, or an access modifier) you will see an error in the code editor, because partial methods cannot have these type of modifiers:
CodeRush Partial method cannot have modifiers
CodeRush Partial method cannot have access modifiers
Partial method cannot have out parameters

Out parameters are not allowed for partial methods. If a partial method is declared with ‘out’ parameters, you will see an error:

CodeRush Partial method cannot have out parameters
Partial method must be declared within a partial class or partial struct

Partial methods can only reside inside a partial class or a partial structure, otherwise, an error is shown:

CodeRush Partial method must be declared within a partial class
Partial method has only single part

When the partial method has only a single part without a declaration, it does not need to be declared as partial. This code issue has a hint type:

CodeRush Partial method has only single part
Tagged as: , , , , , , , , , No Comments
29Sep/110

Volatile Fields

Software built on the .NET framework is subject to many optimisations. Some optimisation is performed when compiling your program or library in Visual Studio or using the command-line compiler. Other optimisations are applied when executing the compiled intermediate language (IL) code. These vary according to the type of processor used to run the program. In many situations these optimisations lead to faster code or smaller programs without any noticeable side effects.

One optimisation that can have side effects relates to publicly visible fields in classes or structures. When you request the value of such a field the program normally performs a non-volatile read. This type of read can be optimised to improve the performance of the program. For example, the processor may choose to read the value from memory earlier than expected, and potentially in a different order than specified, in preparation for its later use. This may move the value to the processor's cache memory, where it can be accessed more quickly than from the main memory, or to its registers for yet faster performance. In single-threaded code these changes are unnoticeable.

When you are creating a multithreaded application or one that uses parallel programming code, non-volatile reads can present a problem. To illustrate this, consider the following program:

Tagged as: , , , , , , , , , No Comments
2Jul/110

Features of ListView Control:

·          Can define our own template/Layout/Structure for the data display.

·          Edit/Update/Delete capabilities on the data displayed.

·          Built-in support for inserting new row.

·          Built-in support for sorting

·          Supports databinding via DataSource Controls including LINQ DataSource controls.

·          Paging via DataPager control, which can be part of ListView control or can be kept outside the control. Means, DataPager can be kept at any part of page as opposed to GridView where the built-in paging is packed with the control itself.

To start this tutorial you need to drag a ListView control on a Page and you need to add LayoutTemplate, ItemTemplate and SelectedItemTemplate as shown in the following code. Notice that the HTML markup in SelectedItemTemplate is almost identical to ItemTemplate with only one difference that I am changing the background and text color of the row in SelectedItemTemplate to give user visual clue that the item is selected. Also notice the LinkButton I am using in both templates. The CommandName of these buttons is set to Select which is required to enable selections in ListView.

Tagged as: , , , , , , , , , No Comments
18Jun/110

how to upload an excel in c# ASP.Net?

protected void btnUpload_Click(object sender, EventArgs e)
    {
        if (fuUpload.HasFile)
        {
            string filename = fuUpload.PostedFile.FileName;

            string strConn;
            strConn = "Provider=Microsoft.Jet.OLEDB.4.0;"
+"Data Source="+ filename +";" +"Extended Properties=Excel
8.0;";
            OleDbConnection con = new OleDbConnection(strConn);
            con.Open();
            OleDbCommand cmd = new OleDbCommand("select *
from [Sheet1$]",con);
            OleDbDataAdapter dad = new OleDbDataAdapter();
            dad.SelectCommand = cmd;
            DataSet ds= new DataSet();
            dad.Fill(ds);
            DataGrid1.DataSource = ds.Tables[0].DefaultView;
            DataGrid1.DataBind();
            con.Close();
        }

    }
Tagged as: , , , , , , , , , No Comments
12Jun/110

Powerpacked new controls in Microsoft ASP.NET 3.5

DataPager - Controls like Gridview, Repeater exhibit the pagination behaviour. This is useful when display results return far too many records than an ideal web page height. A search may return countless records, but the web page size should not ideally go on and on depending on the number of records returned. For this, the feature of Page Numbers, OR Previous-Next feature at the bottom of the display results seem to be more ideal. For this purpose, the DataPager control has been introduced.

While using a ListView control, a DataPager control may be used along with it, to provide a paging functionality. The DataPager has a property called PagerControlId which is set to the ID of the ListView control. Simple!

ListView - This control is like an advanced Repeater control, and is as good as a GridView control in terms of features it has. It may be set to any standard data source like SQL, Oracle, Access, XML and even LINQ.

Say you want to display a matrix of values with 3 records per row, the ListView control is the ideal solution. The ListView settings may be made manually using the aspx page, OR may also be set using the Smart Tag feature to launch the properties dialog box.

ScriptManager - Every Ajax enabled page in ASP.NET that makes use of the Ajax Library needs to have a boss or a  manager that takes care of the internal Ajaxification process. All this is controlled by the ScriptManager control. Every page should have not more than one ScriptManager control. It takes care of the javascript functionalities, partial postbacks made by the web page by taking care of the XmlHttpRequest object from behind the scenes. More on Ajax, Read Here.

If the EnablePartialPostback property of the ScriptManager is set to false, the web page exhibits a full page postback.

ScriptManagerProxy - There might be a scenario where your master page and content page need to have separate ScriptManager controls. For such situations, the ScriptManagerProxy control comes to rescue. Here, the masterpage may contain the ScriptManager control, and the content page may use the ScriptManagerProxy control. However, internally, the ScripManagerProxy control communicates with the corresponding ScriptManager  class of the web page. The ScriptManagerProxy control actually transfers its set of responsibilities to the ScriptManager control.

UpdatePanel - This is the control that wraps all the controls that need to be partially posted back. A web page may comprise of several UpdatePanels. In case there is any event happening within the controls wrapped inside an UpdatePanel control, the entire page isn't posted back, rather only the contents within the UpdatePanel are posted back to the web server. If the partial postback property is to be avoided, set the ChildrenAsTriggers property of the UpdatePanel to false.

Further, the Triggers of an UpdatePanel may be used to set the application in such a way that the partial postback of the UpdatePanel may be invoked from controls that lie outside the UpdatePanel.

UpdateProgress - There are scenarios where a request may take time, an image may take time to load, a business logic may time to calculate, data may take time to load due to diversities in the source. In UpdatePanels, as postbacks are partial in nature, the browser's default progress bar does not appear. For avoiding any confusion to the end user, that a page process is going on in the background, the UpdateProgress control may be used. This is like a progress bar that shows to the end user that a process is going on. The progress may be set to any moving gif image as well, to enhance the look & feel of the web application.

Tagged as: , , , , , , , , , No Comments
30Apr/110

What is viewstate in ASP.NET?

The postback question is the heart of any interview on ASP NET. When a postback happens (i.e. when a form is submitted to a server), the variable values that are set in the code-behind page are erased from the memory of the client system. This concept would be different from what happens in Windows-based applications, where the variable variables persist in memory until they are freed from the memory either by the garbage collector, or by specific codes like dispose or finalize.

In web applications, variable values simply get erased. But it is very simple to persist these values. They may be persisted using the Viewstate object. Before the postback is invoked, the variable's value is saved in a viewstate object. In the recieving page, the viewstate's value may be retrieved back. See example code below...

//Save the value in ViewState object before the PostBack
ViewState("SomeVar") = txtFirstName.text;

//Retrieve the value from ViewState object after the PostBack
String strFirstName = ViewState("SomeVar").ToString();

Tagged as: , , , , , , , , , No Comments
21Apr/110

difference between a document library and a form library in SharePoint?

What is the difference between a document library and a form library in SharePoint?

Document libraries in SharePoint consist of your main/core documents. For example a word document, excel, PowerPoint, Visio, pdf, csv, notepad etc. Form libraries consist of XML forms.

Tagged as: , , , , , , , , , No Comments
   Older Entries »

  • Recent Posts

  • Tag Cloud

  • BlogRoll

  • Archives

  • Categories

  • .NET
  • Asp.Net
  • Database
  • Interview Skills
  • Interview Tips
  • Java
  • Job News
  • Phone Screen Skills
  • Programming
  • web

    • Sponsors