Caching Unique Values For Update

[Mark Whitton]

Hi, I am developing using ASP.Net using SQL Server and also have several
layers in between, eventually producing a custom business object that is
used to populate the web form. I don't use datasets because of performance
issues and also they just aren't proper business entities.

When it comes to updating my database I generally use an identity value and
a datetime value to avoid multiple updates. e.g. Update Customers set .....
where Id = :Id and DateModified=ateModified.

My problem is deciding where I should store this data within the webforms
layer. I don't want to store the whole business object as the majority of
the data is displayed on the webform, and only want to store the data
necessary to allow me to update on postback. I believe Session state is
not the answer, and application state is definitely not the answer, which
leaves me with View state or cookies. The problem with both of these is
security and also performance.

I'd appreciate your thoughts.

 

[S. Justin Gengo]

Mark,

Without knowing the size of the data being displayed / stored on the web
form I can't say for sure, but I would go with viewstate myself.

As far as security goes, I've seen a couple of articles that may help you.
One dealt with encrypting all of viewstate (I'm not certain how that will
perform, but it can be done). Do a search for asp.net encrypt viewstate on
google for info on that. The other article I've seen showed how to store
viewstate on sql server. Search for asp.net store viewstate on SqlServer on
google.

Another answer may be to simply encrypt only the portion of viewstate that's
sensitive. I recently placed a login component's project on my website,
www.aboutfortunate.com. (The code is free) in which I'm encrypting a string
of user information. I know you don't need the login component but if you
examine the code you will see how I'm handling the storage and retrieval of
information both in an application level table and linking it back to the
user via a guid, and how I'm encrypting sensitive information that I'm
placing in viewstate. It may be the answer your looking for.

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche

 

[Mark Whitton]

Thanks for your help

Mark,

Without knowing the size of the data being displayed / stored on the web
form I can't say for sure, but I would go with viewstate myself.

As far as security goes, I've seen a couple of articles that may help you.
One dealt with encrypting all of viewstate (I'm not certain how that will
perform, but it can be done). Do a search for asp.net encrypt viewstate on
google for info on that. The other article I've seen showed how to store
viewstate on sql server. Search for asp.net store viewstate on SqlServer on
google.

Another answer may be to simply encrypt only the portion of viewstate that's
sensitive. I recently placed a login component's project on my website,
www.aboutfortunate.com. (The code is free) in which I'm encrypting a string
of user information. I know you don't need the login component but if you
examine the code you will see how I'm handling the storage and retrieval of
information both in an application level table and linking it back to the
user via a guid, and how I'm encrypting sensitive information that I'm
placing in viewstate. It may be the answer your looking for.

--
Sincerely,

S. Justin Gengo, MCP
Web Developer / Programmer

www.aboutfortunate.com

"Out of chaos comes order."
Nietzsche