ASP.NET 4.5 and ASP.NET Core 1 Hosting BLOG

Tutorial and Articles about ASP.NET 4.0 and the latest ASP.NET 4.5 Hosting

ASP.NET Hosting - ASPHostPortal.com :: Creating Help Desk Web Application using ASP.NET Core

clock January 17, 2017 05:28 by author Armend

Suppose you work for a small to midsize company that employs 50-100 workers. The Help Desk -- a subsidiary of the Information Services Division -- is in charge of trouble tickets regarding general PC issues such as email, viruses, network issues, etc. Initially, the Help Desk team stored this information in Excel spreadsheets, but as the company has grown, managing these spreadsheets has become tedious and time consuming.

The Help Desk has asked you to devise a more efficient solution that could be developed internally, saving the company money. As you start to think about it, the following requirements are apparent: fields for the submitter's first and last name, as well as their email address. You'll also need combo boxes for indicating ticket severity (low, medium, high), department, status (new, open, resolved), employee working on the issue, as well as an area for comments. Of all the solutions available, creating an internal help desk Web application with ASP.NET is relatively simple.

In the following article, we'll see how to implement these features in an ASP.NET help desk Web application using a database-driven approach,
Creating the JavaScript File
Because creating the JavaScript file is the easiest of the work left, we'll do this next. From the Solution Explorer, follow these steps:

Creating the Help Desk Class

Now that we have our data coming in, we need to be able to record a help desk ticket submission. We need to create an event handler in a class to handle it. Let's first create a help desk class by doing the following:

  •     Right click the project solution.
  •     Choose Add>New Item.
  •     In the Add New Item window, select Class.cs.
  •     In the name text field, type "HelpDesk" and then click Add.

Double click HelpDesk.cs from the Solution Explorer, which will show the empty class as shown below:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace HelpDesk
{
    public class HelpDesk
    {
    }
}

We need to import three libraries as shown below:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data;
using System.Configuration;
using System.Data.SqlClient;
namespace HelpDesk
{
    public class HelpDesk
    {
    }
}

The first library (System.Data) allows us to work with stored procedures in ADO.NET, the second (System.Configuration) allows us to reference a connection key from configuration file and the last (System.Data.SqlClient) one allows us to connect to SQL Server.


About ASPHostPortal.com:


ASPHostPortal.com is The Best, Cheap and Recommended ASP.NET & Linux Hosting. ASPHostPortal.com has ability to support the latest Microsoft, ASP.NET, and Linux technology, such as: such as: WebMatrix, Web Deploy, Visual Studio, Latest ASP.NET Version, Latest ASP.NET MVC Version, Silverlight and Visual Studio Light Switch, Latest MySql version, Latest PHPMyAdmin, Support PHP, etc. Their service includes shared hosting, reseller hosting, and Sharepoint hosting, with speciality in ASP.NET, SQL Server, and Linux solutions. Protection, trustworthiness, and performance are at the core of hosting operations to make certain every website and software hosted is so secured and performs at the best possible level.



ASP.NET Hosting - ASPHostPortal.com :: Trick to Run Website in Many Browser in Visual Studio

clock January 13, 2017 11:12 by author Dan

According to dailydotnettips article, As a web developer, for performing cross browser testing, we need to run our web site in multiple browser from Visual Studio. Generally, in a common way, we select particular browser from browser selection menu and run the application. 

However, you can set multiple browser as your default browser. When you run the application with out debugging ( Ctrl+ F5) , Visual Studio will run the application in all the browser, in case of debugging (F5),  Visual Studio will prompt you to select particular browser from the selected default browser list. You can link this feature very much with Refreshing browsers directly from Visual Studio 2013, where you can refresh the browser directly from Visual Studio.

In the browser list drop-down, by default you will be able to see all the list of added browser, with default browser as checked.

When you select the “Browse With…” option, following dialog will appear, and you can see all the list of browser along with the browser which marked as “(Default)”.

Now, there can be more than one default browser, and same has been written in the dialog control as well – “Browsers (Select one or more):” . So, select all the browser in which you want run the application together, and click on “Set as Default”.  That’s all. Now if you click on “Browse” button in the same dialog control, you will find your web application starts on all the selected browser same time.

If you back to Visual Studio main menu, a new option “Multiple Browser” will appear.

Now, if you want to debug the application, and press “F5” or select the multiple browsers options, following dialog will appear, and you need to select a specific browser from the list of selected browsers.

If you run the application without debugging mode and wanted to run the application to verify the cross browser compatibility, Visual Studio will invoke all the browser for the same application.

This feature is really useful for web developer and who spends time on for cross browser testing ! and of courser – all the web developer spends time for the same !! So, from next time, apply this feature!

Note: This is note new features with Visual Studio 2013, it was available in previous version as well.

Best ASP.NET Hosting Recommendation

ASPHostPortal.com provides our customers with Plesk Panel, one of the most popular and stable control panels for Windows hosting, as free. You could also see the latest .NET framework, a crazy amount of functionality as well as Large disk space, bandwidth, MSSQL databases and more. All those give people the convenience to build up a powerful site in Windows server 2012. We offers Windows hosting starts from $5/month only. We also guarantees 30 days money back and guarantee 99.9% uptime. If you need a reliable affordable Windows server 2012 Hosting, we should be your best choice.



ASP.NET Hosting - ASPHostPortal.com :: How to implement Windows authentication and authorization in ASP.NET

clock January 10, 2017 05:21 by author Armend

This step-by-step article describes how to implement Windows authentication and authorization in an ASP.NET application. To use the built in security of Windows and ASP.NET, implement Windows authentication and authorization on groups and users. To use Windows authentication, you must adjust settings in both Microsoft Internet Information Services (IIS) and the ASP.NET application Web.config file.

Requirements

  • Microsoft Windows 2000 Professional, Windows 2000 Server, Windows 2000 Advanced Server, or Windows XP Professional
  • Microsoft .NET Framework
  • Microsoft Internet Information Services (IIS)
  • Microsoft Visual Studio .NET

Authentication and authorization

Windows authentication and Windows authorization are two terms that are frequently interchanged. However, they do not have the same meaning. Windows authentication permits the recipient to determine the user's identity. Windows authorization determines the resources to which a user may gain access.

Configure Web application for Windows authentication

To configure your Web application for Windows authentication, follow these steps:

  • Create an ASP.NET Web Application named ASPNETWinAuth. By default, theWebForm1.aspx file appears.
  • In the HTML view of WebForm1.aspx, replace the existing code with the following sample code:

    <%=User.Identity.Name%>

  • Click Start, point to Programs, point to Administrative tools, and then click Internet Information Services.
  • The Internet Information Services MMC appears. Expand Computer, and then expand a Web site that uses Windows authentication.
  • Click the ASPNETWinAuth Web site application.
  • On the Action menu, click Properties.
  • In Properties, click the Directory Security tab.
  • Under Anonymous access and authentication control, click Edit.
  • In Authentication Methods, click to select Integrated Windows authentication. Click to clear all other check boxes.
  • Click OK.
  • In Properties, click OK. The ASPNETWinAuth Web application is now configured to accept valid user accounts.

Configure the ASP.NET application

After you configure the IIS Web site for Integrated Windows Authentication, you must configure the ASP.NET application to recognize authenticated users. To do this, you must change the Web.config file. In the Web.config file, locate the <authentication> tag, and then set the mode attribute to Windows, as in the following example:

<authentication mode="Windows" />

Test authentication

To test your Windows authentication setting, follow these steps:

  • In Microsoft Internet Explorer, view the WebForm1.aspx page. This page is located in the Http://Localhost folder. For example:

    http://Localhost/ASPNETWinAuth/WebForm1.aspx

  • Because Integrated Windows Authentication uses the current Windows user information on the client computer for the authentication, it does not immediately prompt the user for a user name and password. However, if the authentication exchange cannot identify the user, a dialog box appears that prompts the user for a Windows user account user name and password.
  • Type a valid user name and password. When the page loads, your user name appears in the following format:

    Domain Name\User Name

Restrict access

In ASP.NET, you set authorization to the application by adding settings in the Web.config file. You can specify which users or groups are permitted to have access to what resources as follows:
To permit all users of an NT Group named Managers to have access to your resources, use the following code:

<configuration>
      <system.web>
        <authorization>
          <allow roles="domainname\Managers" />
          <deny users="*" />
        </authorization>
      </system.web>
    </configuration>

To permit only specific users to have access, use the following code:

<configuration>
      <system.web>
        <authorization>
          <allow users="domainname\user1,domainname\user2,domainname\user3" />
          <deny users="*" />
        </authorization>
      </system.web>
    </configuration>

Note You can specify multiple roles or users by using a comma separated list. Verify that you use the correct case when you specify the configuration file element and the associated attribute values. This code is case sensitive.

Best ASP.NET Hosting Recommendation

ASPHostPortal.com provides our customers with Plesk Panel, one of the most popular and stable control panels for Windows hosting, as free. You could also see the latest .NET framework, a crazy amount of functionality as well as Large disk space, bandwidth, MSSQL databases and more. All those give people the convenience to build up a powerful site in Windows server 2012. We offers Windows hosting starts from $5/month only. We also guarantees 30 days money back and guarantee 99.9% uptime. If you need a reliable affordable Windows server 2012 Hosting, we should be your best choice.



ASP.NET Hosting - ASPHostPortal.com :: Protect Web Pages Using .htaccess Files

clock January 8, 2017 13:47 by author Armend

A .htaccess file (pronounced ‘dot aitch tee access’ or simply ‘aitch tee access’) is aspecial configuration file used on web servers running the Apache httpd web server software. When someone visits a page that is sitting in a directory alongside, or in the same branch as, a .htaccess file then that configuration file will be loaded by the server and processed.

.htaccess files are used to reconfigure the web server without needing to restart it. These files can be used to enable or disable additional functionality and features, such as creating redirects, disabling directory listings and password protecting directories.

If you want to password protect some of your web pages, then you need to use a .htaccess file with a .htpasswd password file. This tutorial will tell you step-by-step what you need to do.


Step By Step Instructions
Let's suppose you want to restrict files in a directory called members to username memberone with password memberonepassword. Here's what to do:
1. Create a file called .htaccess in directory members that looks like this:

AuthType Basic
AuthName "Restricted access"
AuthUserFile /home/USERNAME/.htpasswd
require valid-user


Notes
:

  • In the AuthUserFile line, replace USERNAME with your ftp username.
  • The .htaccess file must be an ASCII text document.
  • A .htaccess file can be created in any word processor but must be saved as text only.
  • IF you upload your .htaccess file via FTP, the FTP client must be set to ASCII mode for transfer.
  • For security reasons, the .htaccess file on the server cannot be seen in a directory listing. If you don't see it after uploading it, don't worry.
    Also note that AuthName can be anything you want. The AuthName field gives the Realm name for which the protection is provided. This name is usually given when a browser prompts for a password, and is also usually used by a browser in correlation with the URL to save the password information you enter so that it can authenticate automatically on the next challenge.

2. Use the htpasswd command, from your home directory, to create a password file called .htpasswd in your home directory:
SSH to your home directory. This is simply done by connecting with your SSH client and NOT entering any path, and NOT changing directories after connecting. After connecting to your home directory via SSH, enter:

# htpasswd -c .htpasswd memberone

Type the password -- memberonepassword -- twice as instructed.
3. That's the setup done. Now test by trying to access a file in the directory members; your browser should demand a username and password, and not give you access to the file if you don't enter memberone and memberonepassword.


Multiple Usernames/Passwords

If you want to give access to a directory to more than one username/password pair, follow the steps above to create the .htaccess file and to create the .htpasswd file with one user. Then, add additional users to the .htpasswd file by using the htpasswd command without the -c:

# htpasswd .htpasswd membertwo
New password:
Re-type new password:
Adding password for user membertwo


Changing Passwords

If you want to change the password for an existing user, simply issue the same command as when you added the user. You will then be prompted for a new password. For example, if the user membertwo already exists and you want to change the password, just SSH to your home directory and enter:

# htpasswd .htpasswd membertwo


Password Protecting Multiple Directories
If you want to password protect multiple directories, and allow all users access to all password protected directories, then all you need to do is put the same .htaccess file in each directory that you want to password protect.

However, if you want to password protect multiple directories, and only allow certain users access to each directory, then you can create a different password file (all in your home directory) for each password protected directory.

Let's say you have 3 different directories (members, admins, board) you want password protected, and each one has a different set of users that you want to allow access. Then just do the following:

Create three .htaccess files and put them in their appropriate directory:

AuthType Basic
AuthName "Restricted access"
AuthUserFile /home/USERNAME/.htpasswd.members
require valid-user
AuthType Basic
AuthName "Restricted access"
AuthUserFile /home/USERNAME/.htpasswd.admins
require valid-user
AuthType Basic
AuthName "Restricted access"
AuthUserFile /home/USERNAME/.htpasswd.board
require valid-user

Remember to replace USERNAME with your ftp username (in lower case).

Create three .htpasswd files in your home directory:

# htpasswd -c .htpasswd.members memberone
# htpasswd -c .htpasswd.admins adminone
# htpasswd -c .htpasswd.board boardmemberone

That's it. Now when you need to add a user to one of the directories, just issue the htpasswd command on the appropriate .htpasswd file.

 

Best ASP.NET Hosting Recommendation

ASPHostPortal.com provides its customers with Plesk Panel, one of the most popular and stable control panels for Windows hosting, as free. You could also see the latest .NET framework, a crazy amount of functionality as well as Large disk space, bandwidth, MSSQL databases and more. All those give people the convenience to build up a powerful site in Windows server. ASPHostPortal.com offers ASP.NET hosting starts from $1/month only. They also guarantees 30 days money back and guarantee 99.9% uptime. If you need a reliable affordable ASP.NET Hosting, ASPHostPortal.com should be your best choice.



ASP.NET Hosting - ASPHostPortal.com :: How to Stop AutoFill Browser in TextBox with ASP.NET

clock January 8, 2017 04:03 by author Dan

According to dotmettrick's website. Today’s browsers like Chrome, Firefox, Internet Explorer and Safari has functionality of auto complete values in TextBoxes. If you have enabled this features in your browser, then each and every time when you start to enter value in TextBox you get a drop down of prefilled values in that TextBox. This feature of browser can be disabled by the programming for a specific web form like payment form and other confidential information form of a web application.

In chrome browser, we can enable auto-fill as shown below:

Suppose we have a below form for online payment of product by credit card or debit card then it is mandatory to stop auto complete functionality of browser so that browser doesn’t save the confidential information of a customer’s credit card or debit card.


We can turn off auto-fill for our complete form by setting autocomplete attribute value to off as shown below:

     <form id="Form1" method="post" runat="server" autocomplete="off">
     .
     .
    </form>


We can also turn off auto-fill for a particular TextBox by setting autocomplete attribute value to off as shown below:

     <asp:TextBox Runat="server" ID="txtConfidential" autocomplete="off"></asp:TextBox>

We can also do this from code behind also like as:

     txtConfidential.Attributes.Add("autocomplete", "off");

After doing one of above code you will see that there is no auto-fill.


Summary

In this article, I explain how can you stop auto-complete in TextBox by programming. I hope you will use this trick in your web form. I would like to have feedback from my blog readers. Please post your feedback, question, or comments about this article.

Best ASP.NET Hosting Recommendation

ASPHostPortal.com provides its customers with Plesk Panel, one of the most popular and stable control panels for Windows hosting, as free. You could also see the latest .NET framework, a crazy amount of functionality as well as Large disk space, bandwidth, MSSQL databases and more. All those give people the convenience to build up a powerful site in Windows server. ASPHostPortal.com offers ASP.NET hosting starts from $1/month only. They also guarantees 30 days money back and guarantee 99.9% uptime. If you need a reliable affordable ASP.NET Hosting, ASPHostPortal.com should be your best choice.



ASP.NET Hosting - ASPHostPortal.com :: Understanding Personalization in ASP.NET

clock December 23, 2016 10:07 by author Dan

Web sites are designed for repeated visits from the users. Personalization allows a site to remember the user identity and other information details, and it presents an individualistic environment to each user.

ASP.NET provides services for personalizing a web site to suit a particular client's taste and preference.

Understanding Profiles

ASP.NET personalization service is based on user profile. User profile defines the kind of information about the user that the site needs. For example, name, age, address, date of birth, and phone number.

This information is defined in the web.config file of the application and ASP.NET runtime reads and uses it. This job is done by the personalization providers.

The user profiles obtained from user data is stored in a default database created by ASP.NET. You can create your own database for storing profiles. The profile data definition is stored in the configuration file web.config.

Example

Let us create a sample site, where we want our application to remember user details like name, address, date of birth etc. Add the profile details in the web.config file within the <system.web> element.

<configuration>
<system.web>

<profile>
   <properties>
      <add name="Name" type ="String"/>
      <add name="Birthday" type ="System.DateTime"/>
     
      <group name="Address">
         <add name="Street"/>
         <add name="City"/>
         <add name="State"/>
         <add name="Zipcode"/>
      </group>
     
   </properties>
</profile>

</system.web>
</configuration>

When the profile is defined in the web.config file, the profile could be used through the Profile property found in the current HttpContext and also available via page.

Add the text boxes to take the user input as defined in the profile and add a button for submitting the data:

Update Page_load to display profile information:

using System;
using System.Data;
using System.Configuration;

using System.Web;
using System.Web.Security;

using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class _Default : System.Web.UI.Page
{
   protected void Page_Load(object sender, EventArgs e)
   {
      if (!this.IsPostBack)
      {
         ProfileCommon pc=this.Profile.GetProfile(Profile.UserName);
        
         if (pc != null)
         {
            this.txtname.Text = pc.Name;
            this.txtaddr.Text = pc.Address.Street;
            this.txtcity.Text = pc.Address.City;
            this.txtstate.Text = pc.Address.State;
            this.txtzip.Text = pc.Address.Zipcode;
            this.Calendar1.SelectedDate = pc.Birthday;
         }
      }
   }
}


Write the following handler for the Submit button, for saving the user data into the profile:

protected void btnsubmit_Click(object sender, EventArgs e)
{
   ProfileCommon pc=this.Profile.GetProfile(Profile.UserName);
  
   if (pc != null)
   {
      pc.Name = this.txtname.Text;
      pc.Address.Street = this.txtaddr.Text;
      pc.Address.City = this.txtcity.Text;
      pc.Address.State = this.txtstate.Text;
      pc.Address.Zipcode = this.txtzip.Text;
      pc.Birthday = this.Calendar1.SelectedDate;
     
      pc.Save();
   }
}


When the page is executed for the first time, the user needs to enter the information. However, next time the user details would be automatically loaded.

Attributes for the <add> Element

Apart from the name and type attributes that we have used, there are other attributes to the <add> element. Following table illustrates some of these attributes:

Anonymous Personalization

Anonymous personalization allows the user to personalize the site before identifying themselves. For example, Amazon.com allows the user to add items in the shopping cart before they log in. To enable this feature, the web.config file could be configured as:

<anonymousIdentification enabled ="true" cookieName=".ASPXANONYMOUSUSER"
   cookieTimeout="120000" cookiePath="/" cookieRequiresSSL="false"
   cookieSlidingExpiration="true" cookieprotection="Encryption"
   coolieless="UseDeviceProfile"/>

Best ASP.NET Hosting Recommendation

ASPHostPortal.com provides its customers with Plesk Panel, one of the most popular and stable control panels for Windows hosting, as free. You could also see the latest .NET framework, a crazy amount of functionality as well as Large disk space, bandwidth, MSSQL databases and more. All those give people the convenience to build up a powerful site in Windows server. ASPHostPortal.com offers ASP.NET hosting starts from $1/month only. They also guarantees 30 days money back and guarantee 99.9% uptime. If you need a reliable affordable ASP.NET Hosting, ASPHostPortal.com should be your best choice.



ASP.NET Hosting - ASPhostPortal.com :: Tips Create User Roles in ASP.NET MVC

clock December 20, 2016 04:54 by author Armend

ASP.NET MVC 5 is the latest update to Microsoft's popular MVC (Model-View-Controller) technology - an established web application framework. MVC enables developers to build dynamic, data-driven web sites. MVC 5 adds sophisticated features like single page applications, mobile optimization, adaptive rendering, and more.

In this article, We'll look into how to create default user roles in ASP.NET MVC 5. Let's begin by establishing where the user role is assigned, and that is the registration stage. In the default template, you have the AccountController that contains a Register action. The default implementation looks like this:

[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult Register(RegisterModel model)
{
    if (ModelState.IsValid)
    {
        // Attempt to register the user
        try
        {
            WebSecurity.CreateUserAndAccount(model.UserName, model.Password);
            WebSecurity.Login(model.UserName, model.Password);
            return RedirectToAction("Index", "Home");
        }
        catch (MembershipCreateUserException e)
        {
            ModelState.AddModelError("", ErrorCodeToString(e.StatusCode));
        }
    }
    // If we got this far, something failed, redisplay form
    return View(model);
}


What's missing here is the role assignment, so let's add that. Right after the CreateUserAndAccount call, we can check whether a specific role exists, and if it is - add the registered user to it. In case the role is new, create it.

if (!Roles.RoleExists("Standard"))
    Roles.CreateRole("Standard");
Roles.AddUserToRole(model.UserName, "Standard");


Here I am working with a role called Standard, but obviously you can use another identifier for it. If you open the database that is carrying the app data, you will notice that there are two new tables introduced in the existing context - Roles and UsersInRoles.

As the data skeleton is established, you can now limit content access based on roles. In views, you could use the Authorize attribute:

[Authorize(Roles = "Admin")]

Or you could check for the role directly:


@if (Roles.GetRolesForUser().Contains("Admin"))
{
}

 

Best ASP.NET MVC Hosting Recommendation

ASPHostPortal.com provides its customers with Plesk Panel, one of the most popular and stable control panels for Windows hosting, as free. You could also see the latest .NET framework, a crazy amount of functionality as well as Large disk space, bandwidth, MSSQL databases and more. All those give people the convenience to build up a powerful site in Windows server. ASPHostPortal.com offers ASP.NET hosting starts from $1/month only. They also guarantees 30 days money back and guarantee 99.9% uptime. If you need a reliable affordable ASP.NET Hosting, ASPHostPortal.com should be your best choice.

 



ASP.NET Hosting - ASPHostPortal.com :: Working with the panel control ASP.NET

clock December 17, 2016 15:17 by author Dan

According to tutorialspoint website, The Panel control works as a container for other controls on the page. It controls the appearance and visibility of the controls it contains. It also allows generating controls programmatically.

The basic syntax of panel control is as follows:


<asp:Panel ID= "Panel1"  runat = "server">
</asp:Panel>


The Panel control is derived from the WebControl class. Hence it inherits all the properties, methods and events of the same. It does not have any method or event of its own. However it has the following properties of its own:

Working with the Panel Control

Let us start with a simple scrollable panel of specific height and width and a border style. The ScrollBars property is set to both the scrollbars, hence both the scrollbars are rendered.

The source file has the following code for the panel tag:

<asp:Panel ID="Panel1" runat="server" BorderColor="#990000" BorderStyle="Solid"
   Borderstyle="width:1px" Height="116px" ScrollBars="Both" style="width:278px">
  
   This is a scrollable panel.
   <br />
   <br />

   <asp:Button ID="btnpanel" runat="server" Text="Button" style="width:82px" />
</asp:Panel>


The panel is rendered as follows:

Example

The following example demonstrates dynamic content generation. The user provides the number of label controls and textboxes to be generated on the panel. The controls are generated programmatically.

Change the properties of the panel using the properties window. When you select a control on the design view, the properties window displays the properties of that particular control and allows you to make changes without typing.


The source file for the example is as follows:

<form id="form1" runat="server">
   <div>
      <asp:Panel ID="pnldynamic" runat="server" BorderColor="#990000"
         BorderStyle="Solid" Borderstyle="width:1px" Height="150px"  ScrollBars="Auto" style="width:60%" BackColor="#CCCCFF"  Font-Names="Courier" HorizontalAlign="Center">
    
         This panel shows dynamic control generation:
         <br />
         <br />
      </asp:Panel>
   </div>

   <table style="width: 51%;">
      <tr>
         <td class="style2">No of Labels:</td>
         <td class="style1">
            <asp:DropDownList ID="ddllabels" runat="server">
               <asp:ListItem>0</asp:ListItem>
               <asp:ListItem>1</asp:ListItem>
               <asp:ListItem>2</asp:ListItem>
               <asp:ListItem>3</asp:ListItem>
               <asp:ListItem>4</asp:ListItem>
            </asp:DropDownList>
         </td>
      </tr>

      <tr>
         <td class="style2"> </td>
         <td class="style1"> </td>
      </tr>

      <tr>
         <td class="style2">No of Text Boxes :</td>
         <td class="style1">
            <asp:DropDownList ID="ddltextbox" runat="server">
               <asp:ListItem>0</asp:ListItem>
               <asp:ListItem Value="1"></asp:ListItem>
               <asp:ListItem>2</asp:ListItem>
               <asp:ListItem>3</asp:ListItem>
               <asp:ListItem Value="4"></asp:ListItem>
            </asp:DropDownList>
         </td>
      </tr>

      <tr>
         <td class="style2"> </td>
         <td class="style1"> </td>
      </tr>

      <tr>
         <td class="style2">
            <asp:CheckBox ID="chkvisible" runat="server"
               Text="Make the Panel Visible" />
         </td>

         <td class="style1">
            <asp:Button ID="btnrefresh" runat="server" Text="Refresh Panel"
               style="width:129px" />
         </td>
      </tr>
   </table>
</form>


The code behind the Page_Load event is responsible for generating the controls dynamically:

public partial class _Default : System.Web.UI.Page
{
   protected void Page_Load(object sender, EventArgs e)
   {
      //make the panel visible
      pnldynamic.Visible = chkvisible.Checked;

      //generating the lable controls:
      int n = Int32.Parse(ddllabels.SelectedItem.Value);
      for (int i = 1; i <= n; i++)
      {
         Label lbl = new Label();
         lbl.Text = "Label" + (i).ToString();
         pnldynamic.Controls.Add(lbl);
         pnldynamic.Controls.Add(new LiteralControl("<br />"));
      }
     
      //generating the text box controls:

      int m = Int32.Parse(ddltextbox.SelectedItem.Value);
      for (int i = 1; i <= m; i++)
      {
         TextBox txt = new TextBox();
         txt.Text = "Text Box" + (i).ToString();
         pnldynamic.Controls.Add(txt);
         pnldynamic.Controls.Add(new LiteralControl("<br />"));
      }
   }
}


When executed, the panel is rendered as:

Best ASP.NET Hosting Recommendation

ASPHostPortal.com provides its customers with Plesk Panel, one of the most popular and stable control panels for Windows hosting, as free. You could also see the latest .NET framework, a crazy amount of functionality as well as Large disk space, bandwidth, MSSQL databases and more. All those give people the convenience to build up a powerful site in Windows server. ASPHostPortal.com offers ASP.NET hosting starts from $1/month only. They also guarantees 30 days money back and guarantee 99.9% uptime. If you need a reliable affordable ASP.NET Hosting, ASPHostPortal.com should be your best choice.



ASP.NET Hosting - ASPHostPortal.com :: 7 Tips for Developing a Secure ASP.NET Web Application

clock December 13, 2016 04:52 by author Armend

7 Tips for Developing a Secure ASP.NET Web Application

As the usage of the internet and the number of web applications over the internet have gone exponentially high there are bad people who continuously work around the clock to hack them. It may be for personal gain or just as an amateur act. Despite the intention of the bad guy the damage caused to the organization hosting the site or its users should be taken into account. As a professional web application developer it is a must to be aware of the best practices to follow in order to make the application more secure. In this article I will be listing and explaining my top 7 tips for developing a secure asp.net application.

Don’t Let Your Users be Victims of Click Jacking

Have you ever thought about someone framing your website onto theirs, making your users to be the victims of click jacking? Yes, the attackers can load your website onto their site in an iframe. They can then skillfully place their transparent controls over your website and fetch the PII information, user credentials, make them perform an unwanted task like exposing their financial information, etc.
In order to prevent that you will have to use a frame busting technique. The following script will not allow your website to be iframed. This can be placed in your master pages.

  •     <script type="text/javascript" language="javascript">
  •         //Check if the top location is same as the current location
  •         if (top.location.hostname != self.location.hostname) {
  •             //If not then set the top to you current
  •             top.location.href = self.location.href;
  •         }
  •     </script>
  • In addition to the above script don’t forget to add the following header, which informs the browser to DENY framing of this website. This is supported in all major browsers except IE versions less than 8.
    The header should be added in the global.asax application start event.

    1. protected void Application_Start(object sender, EventArgs e)
    2. {
    3.             HttpContext.Current.Response.AddHeader("x-frame-options", "DENY");
    4. }
    5.  

     

    In addition to the above script don’t forget to add the following header, which informs the browser to DENY framing of this website. This is supported in all major browsers except IE versions less than 8.
    The header should be added in the global.asax application start event.

    1. protected void Application_Start(object sender, EventArgs e)
    2. {
    3.             HttpContext.Current.Response.AddHeader("x-frame-options", "DENY");
    4. }
    5.  

     

    White List the Request URL

    Though we have many techniques to perform the security preventions inside the application it is most important to prevent the bad data from being entered into your website at the first place. Most attacks happen through the query string values passed through the URL. It is a best security practice to define a common place like an HttpModule to white list the URL, i.e. sanitize the entire URL with a set of white listed characters and drop all the bad ones. It means you will not encourage any other characters apart from a white listed set defined in your application.
    It is important for you to know that black listing is not a foolproof mechanism and it can be broken by the hackers easily.

    Practice of Encoding the Data

    While processing and sending, the data in the response that is fetched from outside the trust boundary should always be encoded. The type of encoding may differ based on the usage of the non-trusted data. For example perform an HtmlEncode for the data that is sent to the client page.

    Label1.Text = Server.HtmlEncode(Request.QueryString["BadValue"]);

     

    Encoding the data will make the XSS scripts inactive and prevent them from being executed. Microsoft has provided the AntiXss library, which provides more sophisticated encoding methods including the JavascriptEncode.

    Using Cookies

    As a web developer you should take utmost care while using cookies, which may open a back door for the hackers to get into your applications. Following are the best practices while using a cookie to store information.
    1. Is your website is hosted under SSL? Then be sure to mark your cookies as secure. This will make them available only in the SSL transmissions.

    1. HttpCookie cookie = new HttpCookie("MySecureCookie");
    2. cookie.Value = "This is a PII information";
    3. cookie.Secure = true;

     

    If your website is not SSL enabled then always encrypt the values using a strong encryption mechanism like AES 256 and then store them in the cookies.

    Secure the Service Calls (WCF / Web Service)

    Are you exposing WCF services through basicHttpBinding? Then think again because the messages transmitted over will be plain text and any intruder will be able to trap the requests and even simulate them easily. Use wsHttpBinding, which will transport the messages in an encrypted format, which makes the life of the intruder hard.
    Though you make lots of protections for your WCF or web services it is a best practice to host the services under an SSL layer.
    Never Deploy the Application with debug=”true”
    It is strongly recommended not to deploy your applications in the production environment with compilation debug=”true” in your web.config. This will result in a big nightmare for performance and security of the application.
    This may leak too much information for the attackers, for example the stack trace in the event of an unhandled exception and the debug trace information. Such exposure of the internals will be good bucks for the attackers.

  • <system.web>
  •         <compilation debug="false" targetFramework="4.0" />
  •     </system.web>
  • Thinking About Turning Off ViewStateMAC?

    Turning off ViewStateMAC will create a security loophole in your asp.net application if you are using Viewstate on your web pages. The intruders will easily be able to intercept, read the 64 bit encoded values and modify them to do some bad things to your website. Having it turned on ensures that the viewstate values are not only encoded but also a cryptographic hash is performed using a secret key.

    1. <pages enableViewStateMac="true"></pages>

     

    I hope this article is useful for the developers who thrive at making their asp.net application an absolutely impossible place for the hackers to deal with.

    Happy reading!

    Best ASP.NET Hosting Recommendation

    ASPHostPortal.com provides its customers with Plesk Panel, one of the most popular and stable control panels for Windows hosting, as free. You could also see the latest .NET framework, a crazy amount of functionality as well as Large disk space, bandwidth, MSSQL databases and more. All those give people the convenience to build up a powerful site in Windows server. ASPHostPortal.com offers ASP.NET hosting starts from $1/month only. They also guarantees 30 days money back and guarantee 99.9% uptime. If you need a reliable affordable ASP.NET Hosting, ASPHostPortal.com should be your best choice.

     



    ASP.NET Hosting - ASPHostPortal.com :: How to Configure ASP.NET Core Project

    clock December 9, 2016 10:09 by author Dan

    According to tutorialspoint website about the configuration related to ASP.NET Core project. In Solution Explorer, you will see the Startup.cs file. If you have worked with previous versions of ASP.NET Core, you will probably expect to see a global.asax file, which was one place where you could write codes to execute during startup of a web application.

    • You would also expect to see a web.config file containing all the configuration parameters your application needed to execute.
    • In ASP.NET Core those files are all gone, and instead of configuration and startup code are loaded from Startup.cs.
    • There is a Startup class inside the file and in this class you can configure your application and even configure your configuration sources.

    Here is the default implementation in the Startup.cs file.

    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Threading.Tasks;

    using Microsoft.AspNetCore.Builder;
    using Microsoft.AspNetCore.Hosting;
    using Microsoft.AspNetCore.Http;

    using Microsoft.Extensions.DependencyInjection;
    using Microsoft.Extensions.Logging; 

    namespace FirstAppDemo {
       public class Startup {
          // This method gets called by the runtime.
          // Use this method to add services to the container.
          // For more information on how to configure your application,
          // visit http://go.microsoft.com/fwlink/?LinkID=398940
          public void ConfigureServices(IServiceCollection services) {
          } 
         
          // This method gets called by the runtime. Use this method to configure
          // the HTTP request pipeline.
          public void Configure(IApplicationBuilder app, IHostingEnvironment env,
             ILoggerFactory loggerFactory) {
             loggerFactory.AddConsole(); 
            
             if (env.IsDevelopment()) {
                app.UseDeveloperExceptionPage();
             } 
             app.Run(async (context) => {
                await context.Response.WriteAsync("Hello World!");
             });
          }
       }
    }


    In the Startup class, there are two methods where most of our work will take place. The Configure method of the class is where you build your HTTP processing pipeline.

    • This defines how your application responds to requests. Currently this application can only say Hello World! and if we want the application to behave differently, we will need to change the pipeline around by adding additional code in this Configure method.
    • For example, if we want to serve the static files such as an index.html file, we will need to add some code to the Configure method.
    • You can also have an error page or route requests to an ASP.NET MVC controller; both of these scenarios will also require to do some work in this Configure method.
    • In the Startup class, you will also see the ConfigureServices() method. This helps you configure components for your application.

    Right now, we have a hard-coded string for every response — the Hello World! string. Instead of hard-coding the string, we want to load this string from some component that knows the text that we want to display.

    • This other component might load that text from a database or a web service or a JSON file, it doesn't matter where exactly it is.
    • We will just set up a scenario so that we do not have this hard-coded string.

    In the Solution Explorer, right-click on your project node and select Add → New Item.

    In the left pane, select Installed → Code and then in the middle pane, select the JSON File. Call this file AppSettings.json and click on the Add button as in the above screenshot.

    We can also have our program read the text from the file instead of having the Hello World! String in Startup.cs. Let us add the following code in AppSettings.json file.

    {
       "message": "Hello, World! this message is from configuration file..."
    }


    Now we need to access this message from the Startup.cs file. Here is the implementation of the Startup.cs file which will read the above message from the JSON file.

    using Microsoft.AspNet.Builder;
    using Microsoft.AspNet.Hosting;
    using Microsoft.AspNet.Http;

    using Microsoft.Extensions.DependencyInjection;
    using Microsoft.Extensions.Configuration; 

    namespace FirstAppDemo {
       public class Startup {
          public Startup() {
             var builder = new ConfigurationBuilder()  
                .AddJsonFile("AppSettings.json");
             Configuration = builder.Build();
          } 
          public IConfiguration Configuration { get; set; } 
         
          // This method gets called by the runtime.
          // Use this method to add services to the container.
          // For more information on how to configure your application,
          // visit http://go.microsoft.com/fwlink/?LinkID=398940
          public void ConfigureServices(IServiceCollection services) {
          } 
         
          // This method gets called by the runtime. 
          // Use this method to configure the HTTP request pipeline.
          public void Configure(IApplicationBuilder app) {
             app.UseIISPlatformHandler(); 
             app.Run(async (context) => {
                var msg = Configuration["message"];
                await context.Response.WriteAsync(msg);
             }); 
          } 
           
          // Entry point for the application.
          public static void Main(string[] args) =7gt; WebApplication.Run<Startup>(args);
       }
    }


    Let us now run the application. Once you run the application, it will produce the following output.

    Best ASP.NET Hosting Recommendation

    ASPHostPortal.com provides its customers with Plesk Panel, one of the most popular and stable control panels for Windows hosting, as free. You could also see the latest .NET framework, a crazy amount of functionality as well as Large disk space, bandwidth, MSSQL databases and more. All those give people the convenience to build up a powerful site in Windows server. ASPHostPortal.com offers ASP.NET hosting starts from $1/month only. They also guarantees 30 days money back and guarantee 99.9% uptime. If you need a reliable affordable ASP.NET Hosting, ASPHostPortal.com should be your best choice.



    Cheap ASP.NET 4.5 Hosting

    We’re a company that works differently to most. Value is what we output and help our customers achieve, not how much money we put in the bank. It’s not because we are altruistic. It’s based on an even simpler principle. "Do good things, and good things will come to you".

    Success for us is something that is continually experienced, not something that is reached. For us it is all about the experience – more than the journey. Life is a continual experience. We see the Internet as being an incredible amplifier to the experience of life for all of us. It can help humanity come together to explode in knowledge exploration and discussion. It is continual enlightenment of new ideas, experiences, and passions


    Author Link


     

    Corporate Address (Location)

    ASPHostPortal
    170 W 56th Street, Suite 121
    New York, NY 10019
    United States

    Tag cloud

    Sign in