Part of the
You Can Learn ASP.Net and C# series.
By Ken Brown
Updated: February 12, 2005
In ASP.Net there are four ways to manage client side state. What does that mean
client side state management? When your user clicks on an URL or button or
server side control, the information goes from your page to the server and then
back again to the users web browser. How do you remember the information that
is currently on the page. These are the techniques to save the information on
the client side and not the server side.
Unlike a client server application, there is no automatic storage of
information from the previous browser page. Therefore the ASP.Net developer has
to take steps to save important information from the postback to the server.
The four methods of client side state management are:
This article will discuss the advantages and disadvantages of each method of
The query string is a holdover from the ASP days of web programming. You
will see this alot when you are surfing around the internet. Basically, it is
passing information to the next page with the URL. In it's simplest form it is
an URL, with a question mark ?, followed by a key value pair.
So let's say you wanted to pass the user's name to the next page requested.
Your redirected URL is http:/www.youcanlearnseries.com?name=Joe+Smith.
When the user goes to the next page, the developer only needs to capture the
query string in the page postback and you have successfully "saved" information
from the previous page.
To read the query string you use the HttpRequest object.
string sName = Request.QueryString["name"];
To pass two or more key value pairs through the querystring property use an
ampersand between keyvalue pairs. It would look like this:
To pass a value to the querystring use:
Request.QueryString["state"] = sState.ToString();
One of the advantages to using querystring is it requires no postback operation
from the server. The limitations and disadvantages include:
There is still a lot of uses of querystring, because it is simple to read and
send the key value pair between pages, you just have to careful what you send
and you have to know the limitations of the querystring.
There is a limit to the number of characters browsers will allow the length of
the querystring to be.
There is virtually no security with querystring. Any information you send in a
querystring can be read by anybody else.
There is no persistence. There is no way to remember the information in a
querystring after the user leaves the page.
You are limited to using only strings. There is no support for storing
structured data, such as ArrayLists, controls, structures or classes.
Next is the ASP classic cookies. You are aware of cookies. When you go
to a website and the website leaves a txt file on your computer that contains
information for the website to use the next time you come to the site.
The Advantages of cookies include the fact that the information can be
persisted on the user's computer. You can set the cookies expire property to
automatically expire the cookie after a certain time.
The disadvantages of Cookies
Since the cookies reside on the client's computer, any web browser can read the
cookies you leave on others' computers. So it is critical you don't leave
mission critical information where any smart guy with a browser can pick up
your cookies and cause trouble.
Users can disable cookies in their browsers
Size restriction by browser around 4kb to 8kb
Cannot store structured data in cookies
can't leave sensitive information in cookies
The cookies property comes from the HttpReponse object.
Here is the C# code to set a cookie.
//Create a cookie
HttpCookie cCookie = new HttpCookie("UserName");
cCookie.Value = txtUserName.Text;
//To set expiration time of cookie to 30 minutes from now.
cCookie.Expires = DateTime.Now + new TimeSpan(0,0,30,0);
//Add the cookie to users computer
You have just added the cookie to the user's computer. When you need to get
that information you do the following.
//First check to see if the cookie is available anymore. Many power users delete
//their cookies on a regular basis to improve performance.
if (Request.Cookies["UserName"] == null)
//The cookie is not available go on without it.
//Cookie is still there let's read it.
string sUserName = Request.Cookies["UserName"].Value;
Cookies have their place in the internet world. I go to a site on a regular
basis. They place a cookie on my computer and know who I am when I arrive. It
saves me the time of having to login when I want to comment in their forum.
Using Client side state management techniques like hidden fields and viewstate.