Asp Dot net question with Answer

Asp dot net question with Answer

1. Tell me about yourself

Ans.

• I am Santosh .I have finished my M.C.A at IGNOU from L.J. college Ahmedabad, with an aggregate of 60%. I did my U.G. and schooling in Shahjahanpur UP .I’m having an aggregate of 51% in my B.Sc. science. My native place is Bahraiech UP.

• My interests are playing cricket, reading books, and listening music

2. How the find the N the maximum salary of an employee?

Ans.

SELECT MIN (SALARY )

FROM UEXAMPLE1

WHERE SALARY IN (SELECT DISTINCT TOP 4 SALARY FROM UEXAMPLE1 ORDER BY SALARY DESC)

3. What is @@connection?

4. What is String Builder?

Ans.

Strings are integral to most app dev projects, so it is imperative that they don't impair performance. The .NET StringBuilder class streamlines string values processing. It's hard to find an application that doesn’t deal with text in some way. As a result, developers are faced with a variety of string-related tasks every day. The .NET Framework includes many classes and methods for dealing with strings. One of these classes, StringBuilder, provides an approach to working with strings that is less resource intensive than its standard String class counterpart. Let's look first at why using String can lead to inefficient code. Then, we'll see how to use StringBuilder to save memory and processing time.

Eg.

Dim sb As New StringBuilder()

With sb

.Capacity = 200

.Append("go4expert.com")

.Append(" ")

.Append("is")

.Append(" ")

.Append("the ")

.Append("best")

.Append("programming ")

.Append("forum.")

End With


5. How to copy one total column data to another column?

Ans.

Update Set COLUMN2 = COLUMN1

6. What is dataset Merge ()?

Ans.

The DataSet contains copy of the data we requested through the SQL statement. The SqlDataAdapter object allows us to populate DataTable in a DataSet. We can use Fill method in the SqlDataAdapter for populating data in a Dataset. We can populate Dataset with more than one table at a time using SqlDataAdapter Object. The DataTableCollection contains zero or more DataTable objects.

In some situation we want to combine the result of multiple SQL query as a single result set. In that case we can use the Dataset's Merge method for doing this. The tables involved in the merge should be identical, that is the columns are similar data types .

VB.NET Source Code

Imports System.Data.SqlClient

Public Class Form1

Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click

Dim connetionString As String

Dim connection As SqlConnection

Dim command As SqlCommand

Dim adapter As New SqlDataAdapter

Dim ds As New DataSet

Dim dt As DataTable

Dim firstSql As String

Dim secondSql As String

Dim i As Integer

connetionString = "Data Source=ServerName;Initial Catalog=DatabaseName;User ID=UserName;Password=Password"

firstSql = "Your First SQL Statement Here"

secondSql = "Your Second SQL Statement Here"

connection = New SqlConnection(connetionString)

Try

connection.Open()

command = New SqlCommand(firstSql, connection)

adapter.SelectCommand = command

adapter.Fill(ds, "Table(0)")

adapter.SelectCommand.CommandText = secondSql

adapter.Fill(ds, "Table(1)")

adapter.Dispose()

command.Dispose()

connection.Close()




ds.Tables(0).Merge(ds.Tables(1))

dt = ds.Tables(0)




For i = 0 To dt.Rows.Count - 1

MsgBox(dt.Rows(i).Item(0) & " -- " & dt.Rows(i).Item(1))

Next

Catch ex As Exception

MsgBox("Can not open connection ! ")

End Try

End Sub

End Class







7. What is ds.Copy() and ds.Clone()?

Ans.

dataset.Clone :- It only copies structure, does not copy

data.

dataset.Copy :- Copies both Structure and data




8. Have you used stored procedures?

Ans.

Stored procedures are defined at the verb level. Each stored procedure definition consists of the following elements: StoredProcedureType, StoredProcedureName, ResultSet, and Parameters.

StoredProcedureType defines the type of stored procedure to be used, and this determines when the stored procedure is called. The values are as follows:

• BeforeCreateSP

• AfterCreateSP

• CreateSP

• BeforeUpdateSP

• AfterUpdateSP

• UpdateSP

• BeforeDeleteSP

• AfterDeleteSP

• DeleteSP

• BeforeRetrieveSP

• AfterRetrieveSP

• RetrieveSP

• BeforeRetrieveAllSP

• AfterRetrieveAllSP

• RetrieveAllSP

Note: Stored procedure types associated with RetrieveAll apply to top-level business objects only.

StoredProcedureName is the name of the stored procedure that is associated with the appropriate StoredProcedureType. It is enabled for use with bidirectional languages.

ResultSet determines if the stored procedure returns a result or not (true|false). If the result set is returned, an N-cardinality child for the current business object is created using the values returned in the result set rows.

Parameters can be a combination of input only (IP), output only (OP), and input and output (IO). In the case of Oracle stored procedures, a result set can be returned only as an output parameter. In that case, one of the values in the list of parameters is result set (RS). Parameters are enabled for use with bidirectional languages.




9. Have you used cursors in sqlserver?

Ans.

Cursors can be considers as named result sets which allow a user to move through each record one by one. SQL Server 2000 provide different types of cursors to support different type of scrolling options.




When we use a Select statement in a stored procedure to get some result, we can get a collection of all the records which satisfy the given criteria. This result set can be returned back as a whole to the client application. We can’t move through each individual record one by one in this situation inside a stored procedure. Therefore, whenever we find some situation where we need to process each record individually we can use cursors.




In order to work with a cursor we need to perform some steps in the following order




1. Declare cursor

2. Open cursor

3. Fetch row from the cursor

4. Process fetched row

5. Close cursor

6. Deallocate cursor




DECLARE @name VARCHAR(50) -- database name

DECLARE @path VARCHAR(256) -- path for backup files

DECLARE @fileName VARCHAR(256) -- filename for backup

DECLARE @fileDate VARCHAR(20) -- used for file name




SET @path = 'C:\Backup\'




SELECT @fileDate = CONVERT(VARCHAR(20),GETDATE(),112)




DECLARE db_cursor CURSOR FOR

SELECT name

FROM master.dbo.sysdatabases

WHERE name NOT IN ('master','model','msdb','tempdb')




OPEN db_cursor

FETCH NEXT FROM db_cursor INTO @name




WHILE @@FETCH_STATUS = 0

BEGIN

SET @fileName = @path + @name + '_' + @fileDate + '.BAK'

BACKUP DATABASE @name TO DISK = @fileName




FETCH NEXT FROM db_cursor INTO @name

END




CLOSE db_cursor

DEALLOCATE db_cursor







10. What is an assembly?

Ans.

An assembly is a collection of types and resources that forms a logical unit of functionality. All types in the .NET Framework must exist in assemblies; the common language runtime does not support types outside of assemblies. Each time you create a Microsoft Windows® Application, Windows Service, Class Library, or other application with Visual Basic .NET, you're building a single assembly. Each assembly is stored as an .exe or .dll file.

Note Although it's technically possible to create assemblies that span multiple files, you're not likely to use this technology in most situations.

The .NET Framework uses assemblies as the fundamental unit for several purposes:

• Security

• Type Identity

• Reference Scope

• Versioning

• Deployment

Security

An assembly is the unit at which security permissions are requested and granted. Assemblies are also the level at which you establish identity and trust. The .NET Framework provides two mechanisms for this level of assembly security: strong names and Signcode.exe. You can also manage security by specifying the level of trust for code from a particular site or zone.

Signing an assembly with a strong name adds public key encryption to the assembly. This ensures name uniqueness and prevents substituting another assembly with the same name for the assembly that you provided.

The signcode.exe tool embeds a digital certificate in the assembly. This allows users of the assembly to verify the identity of the assembly's developer by using a public or private trust hierarchy.

You can choose to use either strong names, Signcode.exe, or both, to strengthen the identity of your assembly.

The common language runtime also uses internal hashing information, in conjunction with strong names and signcode, to verify that the assembly being loaded has not been altered after it was built.

Type Identity

The identity of a type depends on the assembly where that type is defined. That is, if you define a type named DataStore in one assembly, and a type named DataStore in another assembly, the .NET Framework can tell them apart because they are in two different assemblies. Of course you can't define two different types with the same name in the same assembly.

Reference Scope

The assembly is also the location of reference information in general. Each assembly contains information on references in two directions:

• The assembly contains metadata that specifies the types and resources within the assembly that are exposed to code outside of the assembly. For example, a particular assembly could expose a public type named Customer with a public property named AccountBalance.

• The assembly contains metadata specifying the other assemblies on which it depends. For example, a particular assembly might specify that it depends on the System.Windows.Forms.dll assembly.

Versioning

Each assembly has a 128-bit version number that is presented as a set of four decimal pieces: Major.Minor.Build.Revision

For example, an assembly might have the version number 3.5.0.126.

By default, an assembly will only use types from the exact same assembly (name and version number) that it was built and tested with. That is, if you have an assembly that uses a type from version 1.0.0.2 of another assembly, it will (by default) not use the same type from version 1.0.0.4 of the other assembly. This use of both name and version to identify referenced assemblies helps avoid the "DLL Hell" problem of upgrades to one application breaking other applications.

Tip An administrator or developer can use configuration files to relax this strict version checking. Look for information on publisher policy in the .NET Framework Developer's Guide.

Deployment

Assemblies are the natural unit of deployment. The Windows Installer Service 2.0 can install individual assemblies as part of a larger setup program. You can also deploy assemblies in other ways, including by a simple xcopy to the target system or via code download from a web site. When you start an application, it loads other assemblies as a unit as types and resources from those assemblies are needed.

The Assembly Manifest

Every assembly contains an assembly manifest, a set of metadata with information about the assembly. The assembly manifest contains these items:

• The assembly name and version

• The culture or language the assembly supports (not required in all assemblies)

• The public key for any strong name assigned to the assembly (not required in all assemblies)

• A list of files in the assembly with hash information

• Information on exported types

• Information on referenced assemblies




11. What is IL?

Ans.

A language that is generated from programming source code, but that cannot be directly executed by the CPU. Also called "bytecode," "p-code," "pseudo code" or "pseudo language," the intermediate language (IL) is platform independent. It can be run in any computer environment that has a runtime engine for the language.




In order to execute the intermediate language program, it must be interpreted a line at a time into machine language or compiled into machine language and run.




12. What is difference between VBScript and JavaScript?

Ans.

Vbscript will be run on IE

JavaScript runs on any browser

Vbscript is developed by ms

Java script by Sunmicrosystems

Vb not case sensitive

Java is case sensitive




13. What is Global.asax?

Ans.

Global.asax is a file used to declare application-level events and objects. Global.asax is the ASP.NET extension of the ASP Global.asa file. ...

the ASP.NET page framework assumes that you have not defined any application/Session events in the application.




Following are the list of events handled in the global.asax file.




Event: Application_Start




When an application starts. This event occurs only one time in an application’s life cycle. It occurs again when you restart the application. It’s the best place to count number of visitors.




Event: Application_End




This event occurs when application ends.




Event: Session_Start




This event occurs whenever a new session starts. This is the best place to count user sessions for an application




Practical Usage: Setting user specific values, caching items based upon user context.




Event: Session_End




This event Opposite of the previous event.




Event: Application_Error




This event occurs when an unhandled error or exception occurs in an application.




Event: Application_BeginRequest




This event occurs every time when server makes a request. This event may occur multiple times in an applications life cycle.




Event: Application_End




This event occurs when an application closes







14. what is bit data type

Ans.

Function

For storing Boolean values (0 or 1).

Syntax

BIT

Usage

By default, columns of BIT data type do not allow NULL. This behavior is different from other data types. You can explicitly allow NULL if desired.

Allowed values are 0 and 1.




15. what is diff between varcher and nvarchar?

Ans.

VARCHAR is an abbreviation for variable-length character string. It's a string of text characters that can be as large as the page size for the database table holding the column in question. The size for a table page is 8,196 bytes, and no one row in a table can be more than 8,060 characters. This in turn limits the maximum size of a VARCHAR to 8,000 bytes.

The "N" in NVARCHAR means uNicode. Essentially, NVARCHAR is nothing more than a VARCHAR that supports two-byte characters. The most common use for this sort of thing is to store character data that is a mixture of English and non-English symbols — in m UTF-8). That said, NVARCHAR strings have the same length restrictions as their VARCHAR cousins — 8,000 bytes. However, since NVARCHARs use two bytes for each character, that means a given NVARCHAR can only hold 4,000 characters (not bytes) maximum. So, the amount of storage needed for NVARCHAR entities is going to be twice whatever you'd allocate for a plain old VARCHAR.

Because of this, some people may not want to use NVARCHAR universally, and may want to fall back on VARCHAR — which takes up less space per row — whenever possible.

may case, English and Japanese.




16. What is boxing?

Ans:

Boxing

Lets now jump to Boxing. Sometimes we need to convert ValueTypes to Reference Types also known as boxing. Lets see a small example below. You see in the example I wrote "implicit boxing" which means you don't need to tell the compiler that you are boxing Int32 to object because it takes care of this itself although you can always make explicit boxing as seen below right after implicit boxing.

________________________________________

Int32 x = 10;

object o = x ; // Implicit boxing

Console.WriteLine("The Object o = {0}",o); // prints out 10

//-----------------------------------------------------------

Int32 x = 10;

object o = (object) x; // Explicit Boxing

Console.WriteLine("The object o = {0}",o); // prints out 10

________________________________________

Unboxing

Lets now see UnBoxing an object type back to value type. Here is a simple code that unbox an object back to Int32 variable. First we need to box it so that we can unbox.

Int32 x = 5;

object o = x; // Implicit Boxing

x = o; // Implicit UnBoxing

So, you see how easy it is to box and how easy it is to unbox. The above example first boxs Int32 variable to an object type and than simply unbox it to x again. All the conversions are taking place implicitly. Everything seems right in this example there is just one small problem which is that the above code is will not compile. You cannot Implicitly convert a reference type to a value type. You must explicitly specify that you are unboxing as shown in the code below.

Int32 x = 5;

object o = x; // Implicit Boxing

x = (Int32)o; // Explicit UnBoxing

Lets see another small example of unboxing.

Int32 x = 5; // declaring Int32

Int64 y = 0; // declaring Int64 double

object o = x; // Implicit Boxing

y = (Int64)o; // Explicit boxing to double

Console.WriteLine("y={0}",y);

This example will not work. It will compile successfully but at runtime It will generate an exception of System.InvalidCastException. The reason is variable x is boxed as Int32 variable so it must be unboxed to Int32 variable. So, the type the variable uses to box will remain the same when unboxing the same variable. Of course you can cast it to Int64 after unboxing it as Int32 as follows:

Int32 x = 5; // declaring Int32

Int64 y = 0; // declaring Int64 double

object o = x; // Implicit Boxing

y = (Int64)(Int32)o; // Unboxing and than casting to double

Console.WriteLine("y={0}",y);







17. What is table and what is a view?

Ans.

This is one type of relation which is not a part of the physical

database.

2. It has no direct or physical relation with the database.

3. Views can be used to provide security mechanism.

4. Modification through a view (e.g. insert, update, delete) generally

not permitted

Base Relation:

1. A base relation is a relation that is not a derived relation.

2. While it can manipulate the conceptual or physical relations stored in the data.

3. It does not provide security.

4. Modification may be done with a base relation.

We can assign the view, a name & relate it the query expression as

Create View as

Let EMPLOYEE be the relation. We create the table EMPLOYEE as follows:-




Create table EMPLOYEE

(Emp_No integer of null,

Name char (20),

Skill chars (20),

Sal_Rate decimal (10, 2),

DOB date,

Address char (100),)

For a very personal or confidential matter, every user is not

permitted to see the Sal_Rate of an EMPLOYEE. For such users, DBA can

create a view, for example, EMP_VIEW defined as:-




Create view EMP_VIEW as

(Select Emp_No, Name, Skill, DOB, Address

From EMPLOYEE)




18. what is index

Ans.

Index in sql is created on existing tables to retrieve the rows quickly.

When there are thousands of records in a table, retrieving information will take a long time. Therefore indexes are created on columns which are accessed frequently, so that the information can be retrieved quickly. Indexes can be created on a single column or a group of columns. When a index is created, it first sorts the data and then it assigns a ROWID for each row.

Syntax to create Index:

CREATE INDEX index_name

ON table_name (column_name1,column_name2...);

Syntax to create SQL unique Index:

CREATE UNIQUE INDEX index_name

ON table_name (column_name1,column_name2...);

Implicit Indexes:

They are created when a column is explicity defined with PRIMARY KEY, UNIQUE KEY Constraint.

Explicit Indexes:

They are created using the "create index.. " syntax.

NOTE:

1) Even though sql indexes are created to access the rows in the table quickly, they slow down DML operations like INSERT, UPDATE, DELETE on the table, because the indexes and tables both are updated along when a DML operation is performed. So use indexes only on columns which are used to search the table frequently.

2) Is is not required to create indexes on table which have less data.

3) In oracle database you can define up to sixteen (16) columns in an INDEX.

19. What is join?, types of joins with example?

Ans

Inner Join (simple join)

Chances are, you've already written an SQL statement that uses an inner join. It is the most common type of join. Inner joins return all rows from multiple tables where the join condition is met.

For example,

SELECT suppliers.supplier_id, suppliers.supplier_name, orders.order_date

FROM suppliers, orders

WHERE suppliers.supplier_id = orders.supplier_id;

This SQL statement would return all rows from the suppliers and orders tables where there is a matching supplier_id value in both the suppliers and orders tables.




Let's look at some data to explain how inner joins work:

We have a table called suppliers with two fields (supplier_id and supplier_ name).

It contains the following data:

supplier_id supplier_name

10000 IBM

10001 Hewlett Packard

10002 Microsoft

10003 NVIDIA




We have another table called orders with three fields (order_id, supplier_id, and order_date).

It contains the following data:

order_id supplier_id order_date

500125 10000 2003/05/12

500126 10001 2003/05/13




If we run the SQL statement below:

SELECT suppliers.supplier_id, suppliers.supplier_name, orders.order_date

FROM suppliers, orders

WHERE suppliers.supplier_id = orders.supplier_id;




Our result set would look like this:

supplier_id name order_date

10000 IBM 2003/05/12

10001 Hewlett Packard 2003/05/13

The rows for Microsoft and NVIDIA from the supplier table would be omitted, since the supplier_id's 10002 and 10003 do not exist in both tables.




Outer Join

Another type of join is called an outer join. This type of join returns all rows from one table and only those rows from a secondary table where the joined fields are equal (join condition is met).

For example,

select suppliers.supplier_id, suppliers.supplier_name, orders.order_date

from suppliers, orders

where suppliers.supplier_id = orders.supplier_id(+);

This SQL statement would return all rows from the suppliers table and only those rows from the orders table where the joined fields are equal.

The (+) after the orders.supplier_id field indicates that, if a supplier_id value in the suppliers table does not exist in the orders table, all fields in the orders table will display as in the result set.

The above SQL statement could also be written as follows:

select suppliers.supplier_id, suppliers.supplier_name, orders.order_date

from suppliers, orders

where orders.supplier_id(+) = suppliers.supplier_id




Let's look at some data to explain how outer joins work:

We have a table called suppliers with two fields (supplier_id and name).

It contains the following data:

supplier_id supplier_name

10000 IBM

10001 Hewlett Packard

10002 Microsoft

10003 NVIDIA




We have a second table called orders with three fields (order_id, supplier_id, and order_date).

It contains the following data:

order_id supplier_id order_date

500125 10000 2003/05/12

500126 10001 2003/05/13




If we run the SQL statement below:

select suppliers.supplier_id, suppliers.supplier_name, orders.order_date

from suppliers, orders

where suppliers.supplier_id = orders.supplier_id(+);




Our result set would look like this:

supplier_id supplier_name order_date

10000 IBM 2003/05/12

10001 Hewlett Packard 2003/05/13

10002 Microsoft

10003 NVIDIA

The rows for Microsoft and NVIDIA would be included because an outer join was used. However, you will notice that the order_date field for those records contains a value.




1. Tell me about your Project?

Ans.

it consists of five main modules production,purchase ,sales

and material management system .

The main aim of the project is

* To save the time and reduce the paper usage.

* To increase the production with proper plane.

* To increase the sales by online marketing.

* To reduce wastage of the raw material by proper

estimation for purchase of the raw material.

I worked in developing purchase module .

whenever i want to execute more than one command i used

some stored procedures to reduce the network traffic,

re usability of the code.




2. How did you apply security in your project?

Ans

The following strategies should be considered by anybody who is responsible for a website which contains potentially sensitive data or who is concerned about vandalism and hacking. These strategies apply equally well to Joomla and non-Joomla sites.

• Fully managed servers in secure data centres with latest software patches. A fully managed server in a data centre will automatically be kept up-to-date with the latest service packs, security releases, and patches. This is the most fundamental way of protecting the system and databases.

• Hardware and software firewalls. Firewalls monitor network activity and can be configured to allow or block operations on the server, and to monitor suspicious activity. A combination of high quality hardware and software firewalls provides a strong level of protection against most types of attack and hacking attempts.

• Anti spam/virus software. Servers must be configured in such a way as to provide the ability to trace the source of e-mails in order to protect against spam relaying. Software is also available to help identify spam and of course anti-virus software should always be kept up-to-date on the server. There are also tools that will automatically block IP addresses of known spammers and trouble-makers, and that can help to prevent or control the effects of other types of attack (eg. DDOS).

• Disable directory browsing. Many web servers allow file directory structures to be browsed over HTTP. This reveals vital clues to the configuration of the system and the software it uses, and is an open invitation for a hacker to explore parts of the site that were never meant to be publicly available. Directory browsing can easily be disabled, and just enabled on the specific directories where it is required.

• Configuration files held securely and read-only where possible. Many web server software packages make use of plain text configuration files which are used to specify the basic settings for the program. If these configuration files are publicly readable, again they can give vital information to a hacker (such as the credentials needed to connect directly to the database). Worse still, configuration files are sometimes publicly writable – meaning a hacker can change your application settings and do serious damage to the website.




Wherever possible then, configuration files should be hidden from public view, and read-only. If a configuration setting needs to be amended, the file can be made writable temporarily whilst the change is carried out, and then set back to read-only again afterwards.

• Turn off error reporting in PHP – use error logs instead. By default, when PHP is installed on a server, it is configured to display all levels of error and warning messages to the user. This is fine and useful when developing a system, but error messages can contain alarmingly important information about the inner workings of an application and configuration of the server.




Instead of displaying errors to the user, PHP can be configured to log errors in a file on the server. This is by far the best option for a production website! Make sure the error log file is stored securely and is not publicly readable.

• Basic validation of requests to run scripts. A script file on a web server may be necessary to perform a legitimate function, but often it is wise to check that the user has followed a valid path through the website before being allowed to run the script. There are simple checks that can be made by a script before it runs any critical processes to check that the request is legitimate (eg. to verify that the user is logged in and has sufficient permission to perform the action). Although not fool-proof (clever hackers might be able to find ways to impersonate a legitimate request), such validation provides another line of defence against malicious attack.

• Release notes, install logs, etc. deleted. Installation of server applications often results in various sundry files being left lying around unnecessarily – for example, release notes which detail all of the changes that have been made to the software since the last release, or log files which list all of the operations performed by the installation program.




These files may contain clues that will help a hacker identify weaknesses in the server configuration. Any such files should therefore be identified, and if they are not absolutely necessary, they should be deleted. Care must also be taken by server administrators to avoid leaving files lying around on the server where others can see them unless they are meant for public consumption.

• Form and URL input always validated (especially where SQL commands are involved or the data entered will be displayed on a dynamic web page). The data that is processed by online form submissions can wreak havoc if it is not properly validated. This is especially true when the data needs to be used in an SQL command, or if the value entered will be displayed in the browser, as the possibility of a malicious SQL injection or cross site scripting becomes a real threat.




Basic validation of the data submitted should therefore be routinely performed on all user input, paying special attention to preventing the evaluation of injected code or cross site scripting.

• Server side processing wherever possible. It is always safer to process data on the server rather than the client, because once the script has been handed over to the client for processing, it is open to abuse by hackers: they can amend validation scripts to allow input that is not valid, effectively bypassing any processing that they don’t want to run.




Having said that, there are times when it is useful to make use of client-side scripting technology such as javascript and flash – but it must be used with caution, and only for non-critical purposes. For example, javascript could be used to display a popup calendar, making it easier for a user to enter a date – but even so, the date entered also needs to be validated on the server side.

• Cookies only used to hold session IDs or tokens – no personal data. Cookies can be a useful way of maintaining state in a web application, but it makes sense to restrict their use to information that will be meaningless to an outside observer. Rather than storing user name and password information in a cookie, with the possibility of interception and discovery, store this information on the server, associate it with a session id, and store the session id in the cookie. The session id will then mean nothing to anyone else, but the server will be able to identify to which user it belongs.

• Disable the HTTP TRACE option (using mod_rewrite if necessary – eg. on shared server). This is another case of an application’s default setting being insecure. The very popular Apache web server comes with a standard feature to enable debugging of applications over HTTP. This feature can be used maliciously to compromise server credentials and even to gain root level access to the system – giving a hacker free reign to do as he pleases.




It is not always possible to ensure that the TRACE option is turned off in apache – especially if using a shared server which is managed by a third-party hosting company. However, the feature can be effectively turned off for a specific domain name by using the ‘mod_rewrite’ function of apache – anybody who tries to access the TRACE function will then be redirected harmlessly.

• Use vulnerability scanners and static analysis tools to check for known hacker exploits. There are tools available, some of which are open source, that can scan a server or website for the most common weaknesses and exploits, and provide corrective advice. Usually, these tools are regularly updated with the latest discoveries by ‘white hat’ hackers, so the site can be regularly tested and corrective action taken if needed. Naturally, ‘black hat’ hackers also use these tools to probe web servers for weaknesses.

• SSL wherever necessary/advantageous. ‘Secure Socket Layer’ (SSL) technology is used to provide encryption of HTTP packets for use over HTTPS. In order to encrypt, a security certificate is needed from a trusted certificate authority.




There are various levels of encryption, the strongest being 256-bit. A lot of browsers still do not support 256-bit encryption though, so most 256-bit SSL certificates will downgrade themselves to 128-bit on such browsers. 128-bit is still considered very secure, but it is feared that within a few years (as computer processing power increases) it may be possible to crack them.




Processing performed over HTTPS is of necessity slower than HTTP because the data has to be encrypted, signed, and packaged at one end, transmitted, and then unpackaged, checked, and decrypted at the other end. For this reason, HTTPS should only be used when necessary – the delay is noticeable enough to make it undesirable for processing non-sensitive data such as normal website page requests.

• One way encryption of passwords. All passwords held in databases should be one-way encrypted - this means that it is impossible to decrypt them. In order to check whether a user has access to a part of the system, the password they type in is also one-way encrypted, and compared to the stored encrypted password - if the two encrypted passwords match, access is granted, but at no point can the passwords actually be decrypted.

• Audit trail. Any actions that involve updates to important information in the databases should be logged in an audit trail, with the date/time, nature of the amendment, and the identity of the user who made the change.

• Use mod_security. If using the Apache web server, installing the mod_security module can provide additional protection against many common forms of attack over HTTP (ie. using exploits in web applications).




3. How you are uploading the files in your project?

Ans. Using CuteFtp software.




4. What is the maximum size of the file that I can upload using file upload control?

Ans. 4MB




5. if I want to upload the file of 4GB then how can I

Ans

You may not realize it, but there is a limit to the size of a file that can be uploaded using this technique. By default, the maximum size of a file to be uploaded to the server using the File Field control is around 4MB. You cannot upload anything that is larger than this limit.

One of the great things about .NET, however, is that it usually provides a way around limitations. You can usually change the default settings that are in place. To change this size limit, you make some changes in either the machine.config or web.config file.

In the machine.config file, find a node called that looks like the following:




A lot is going on in this single node, but the setting that takes care of the size of the files to be uploaded is the maxRequestLength attribute. By default, this is set to 4096 kilobytes (KB). Simply change this value to increase the size of the files that you can upload to the server. If you want to allow 10 megabyte (MB) files to be uploaded to the server, set the maxRequestLength value to 11264, meaning that the application allows files that are up to 11000 KB to be uploaded to the server.

Making this change in the machine.config file applies this setting to all the applications that are on the server. If you want to apply this to only the application you are working with, then apply this node to the web.config file of your application, overriding any setting that is in the machine.config file. Make sure this node resides between the nodes in the configuration file.

Another setting involved in the size limitation of files to be uploaded is the value given to the executionTimeout attribute in the node.

The value given the executionTimeout attribute is the number of seconds the upload is allowed to occur before being shut down by ASP.NET. If you are going to allow large files to be uploaded to the server, you are also going to want to increase this value along with the maxRequestLength value.

One negative with increasing the size of a file that can be uploaded is that there are hackers out there who attack servers by throwing a large number of requests at them. To guard against this, you can actually decrease the size of the files that are allowed to be uploaded; otherwise, you may find hundreds or even thousands of 10 MB requests hitting your server.




6. Write the code to find the 4th record from the data table object?

Ans

So if you want to search for rows that the "username" field starts with "Ray" for example,

you just need to put like the following:

String strSelect = "username like 'Ray%'";

DataRow[] myRows = DataTable.Select(strSelect);




7. If I deleted the web.config file from the application will my application runs?

Ans. Application will run but if u select run without debugging otherwise following thing occure.




If web.config file is not in application eventhought application is run properly.




8. Ok, now I don’t delete web.config file but I delete total code from the web.config now will my applications runs?

Ans:

No Error will come like

The resource cannot be found.




9. How to show the JavaScript Alert message from the Delete Button inside the Gridview? Without using grid’s Rowdatabound Event?




10. What class all aspx pages inherits?




Ans.

System.Web.UI.Page




11. Which class User Control inherits?

Ans: System.Web.UI.UserControl

12. If I designed a page for that the Master Page is applied. If I run which will be loaded into memory first? Either the Master page or Child page?

Ans. Child First




13. If I add a WebUserControl to the Child page (Assume there is a code in Masterpage’s page load event and user controls page load event and your Page’s page load event) then what is the order of the loading?




First run aspx page then run master page and at last run web usercontrol.







1. Reasons for leaving the Present company

Ans.

reason for leaving a job can include wanting to take on greater responsibilities, faster professional growth, wanting a position that makes use of particular skills that you are good at and enjoy and more.







2. What is your role?

Ans.

I am responsible for offering intuitive, maintainable solutions to solve immediate and long-range problems with respect to each individual development challenge. I have been involved with assessing needs, architecting and implementing enterprise level system




3. What standards you followed in your project while developing?

 All queries should be Stored Procedures, and divided project into different Block BLL, DAL and View (Design)




4. What OOPS features you used in your project?




5. Briefly explain the OOPS concepts

 Explained Abstraction, Encapsulation, Inheritance and Polymorphism with examples for more than 5 mins.




6. Which version of Asp.net you are using?

 2.0




7. Have you ever worked on 1.1?

Yes




8. Have you ever worked on 3.0/3.5?

 No, but having idea about new concepts that are introduced.




9. What are the new features of 3.5?

I told there are 4 new frameworks included to apart from the .net 2.0 framework and AJAX has been integrated and LINQ Datasource is newly introduced.

Ans.

.NET Framework 3.5 builds incrementally on the new features added in .NET Framework 3.0. For example, feature sets in Windows Workflow Foundation (WF), Windows Communication Foundation (WCF), Windows Presentation Foundation (WPF) and Windows CardSpace. In addition, .NET Framework 3.5 contains a number of new features in several technology areas which have been added as new assemblies to avoid breaking changes. They include the following:

• Deep integration of Language Integrated Query (LINQ) and data awareness. This new feature will let you write code written in LINQ-enabled languages to filter, enumerate, and create projections of several types of SQL data, collections, XML, and DataSets by using the same syntax.

• ASP.NET AJAX lets you create more efficient, more interactive, and highly-personalized Web experiences that work across all the most popular browsers.

• New Web protocol support for building WCF services including AJAX, JSON, REST, POX, RSS, ATOM, and several new WS-* standards.

• Full tooling support in Visual Studio 2008 for WF, WCF, and WPF, including the new workflow-enabled services technology.

• New classes in .NET Framework 3.5 base class library (BCL) that address many common customer requests.




10. What is WPF? WCF?

Windows Presentation Foundation, it is to develop the applications which contains Rich Graphics. Example Google Earth.

Windows Communication Foundation is the framework to develop the SOA (Service Oriented Architecture) based applications. Which applications can be communicated with any applications that are developed using any other technologies?




11. Then, what is web service?



Web services are frequently just Web APIs that can be accessed over a network, such as the Internet, and executed on a remote system hosting the requested services

The W3C Web service definition encompasses many different systems, but in common usage the term refers to clients and servers that communicate over the HTTP protocol used on the Web. Such services tend to fall into one of two camps: Big Web Services and RESTful Web Services.

"Big Web Services" use XML messages that follow the SOAP standard and have been popular with traditional enterprise. In such systems, there is often machine-readable description of the operations offered by the service written in the Web Services Description Language (WSDL). The latter is not a requirement of a SOAP endpoint, but it is a prerequisite for automated client-side code generation in many Java and .NET SOAP frameworks (frameworks such as Spring, Apache Axis2 and Apache CXF being notable exceptions). Some industry organizations, such as the WS-I, mandate both SOAP and WSDL in their definition of a Web service.




12. Then, what is the difference between WCF and a Webservice?

Ans.

WCF is the Windows Communication Foundation which is shipped along with Dot Net 3.0/3.5. User's having 2.0 framework can make use of WCF by installing the MS add-in component for WCF. WCF comes up as a replacement for Remoting and Web service in dotnet. The main feature of WCF is it's security. It can use the protocols like basice,wsHttp,tcp...wsHttp comes with default windows based security feature. WRT web services WCF works with the industry standard Contract based protocols. The componets WCF are data contract, Service Contract and the Service programme. WCF also supports many of the advanced WS-* Web service standards, which can provide rich Web service communication across platforms. WCF can be extended to use protocols other than SOAP to communicate with Web services, for example, Rich Site Summary (RSS). It is interoperable with WSE 3.0, System.Messaging, .NET Enterprise Services, and ASMX Web services.

This means that, with little or no change to code, existing applications that are built with these technologies can interoperate with WCF services. WCF contracts define the behavior of WCF services. They are created in code by service developers, and are exposed to clients in the service metadata. The five types of contracts:

Service Contracts

Operation Contracts

Data Contracts

Message Contracts

Fault Contracts

13. What protocols does web service support?

SOAP and HTTP




14. How can I make a class that creates only one object instance (i.e. At any time there should be only one object exist).



15. What is an Interface?

 Interfaces

Interfaces allow us to create definitions for component interaction. They also provide another way of implementing polymorphism. Through interfaces, we specify methods that a component must implement without actually specifying how the method is implemented. We just specify the methods in an interface and leave it to the class to implement those methods. Visual Basic .NET does not support

multiple inheritance directly but using interfaces we can achieve multiple inheritance. We use the Interface keyword to create an interface and implements keyword to implement the interface. Once you create an interface you need to implement all the methods specified in that interface. The following code demonstrates the use of interface.

Imports System.Console

Module Module1




Sub Main()

Dim OneObj As New One()

Dim TwoObj As New Two()

'creating objects of class One and Two

OneObj.disp()

OneObj.multiply()

TwoObj.disp()

TwoObj.multiply()

'accessing the methods from classes as specified in the interface

End Sub




End Module




Public Interface Test

'creating an Interface named Test

Sub disp()

Function Multiply() As Double

'specifying two methods in an interface

End Interface




Public Class One

Implements Test

'implementing interface in class One




Public i As Double = 12

Public j As Double = 12.17




Sub disp() Implements Test.disp

'implementing the method specified in interface

WriteLine("sum of i+j is" & i + j)

Read()

End Sub




Public Function multiply() As Double Implements Test.Multiply

'implementing the method specified in interface

WriteLine(i * j)

Read()

End Function




End Class




Public Class Two

Implements Test

'implementing the interface in class Two




Public a As Double = 20

Public b As Double = 32.17




Sub disp() Implements Test.disp

WriteLine("Welcome to Interfaces")

Read()

End Sub




Public Function multiply() As Double Implements Test.Multiply

WriteLine(a * b)

Read()

End Function




End Class

Output of above code is the image below.

Sum of i+j is 24.17

146.04

Welcome to interface

643.4

16. Difference between an Interface and Abstract class?

Ans.

(1) An abstract class may contain complete or

incomplete methods. Interfaces can contain only the

signature of a method but no body. Thus an abstract class

can implement methods but an interface can not implement

methods.

(2) An abstract class can contain fields,

constructors, or destructors and implement properties. An

interface can not contain fields, constructors, or

destructors and it has only the property's signature but no

implementation.

(3) An abstract class cannot support multiple

inheritance, but an interface can support multiple

inheritance. Thus a class may inherit several interfaces

but only one abstract class.

(4) A class implementing an interface has to

implement all the methods of the interface, but the same is

not required in the case of an abstract Class.

(5) Various access modifiers such as abstract,

protected, internal, public, virtual, etc. are useful in

abstract Classes but not in interfaces.

(6) Abstract classes are faster than interfaces.







17. How you retrieved data in your project?

 We used datasets to retrieve data from database and to insert, update and delete we used command.




18. Which one is advisable to use in project?

 If no of users are more then Dataset is advisable, if frequent manipulations on data is required then Command is advisable to use.




19. If I retrieved a table from the database using DataReader and assigned to a Grid. By the after that other user modified data..Then will it reflects on the Grid?

I said No. it will not reflect .




20. How to update data from the Dataset?

Ds.update()




21. What is caching? Why we use caching explain?

 When clients access an ASP.NET page, there are basically two ways to provide them with the information they need:

• the ASP.NET page can either obtain information from server resources, such as from data that has been persisted to a database, or

• the ASP.NET page can obtain information from within the application.

Retrieving information from a resource outside the application will require more processing steps, and will therefore require more time and resources on the server than if the information can be obtained from within the application space.

If the information that will be sent to the browser has already been prepared by a previous request, the application will be able to retrieve that information faster if it has been stored in memory, somewhere along the request/response stream.

Known as caching, this technique can be used to temporarily store page output or application data either on the client or on the server, which can then be re-used to satisfy subsequent requests and thus avoid the overhead of re-creating the same information.

Caching is particularly suitable when you expect to return the same information in the same format for many different requests.

ASP.NET provides the following types of caching that can be used to build highly responsive Web applications:

• Output caching, which caches the dynamic response generated by a request.

• Fragment caching, which caches portions of a response generated by a request.

• Data caching, which allows developers to pragmatically retain arbitrary data across requests.




22. What are the explicit objects comes with the aspx page?

Nearly all of us know that we can implement an interface in 2 ways, one is explicit and the other one is implicit. In case of the implicit implementation the interface methods stay public and in explicit implementation the methods stay private in C#. Let me show a simple example

interface ICar

{

void Start();

}

Now this method can be implemented in two ways, the first one is an example of the implicit implementation.

class BMW : ICar

{

public void Start()

{

// write code to start the BMW

}

}

See the method is public, it can also be protected as well. Now the explicit implementation should look like this

class BMW : ICar

{

void ICar.Start()

{

// write code to start the BMW

}

}

As you can see there is no public or private keyword present for explicit implementation, and if we try to put a access modifier like public or private then we would get a compiler error. However the C# compiler will make this method private.

Well, except for private and public is there any other significance?

No Virtual

Well yes, there is. An explicit method implementation cannot be virtual. So we cannot override the method implementation in a child class. If we had declared the method virtual in the implicit implementation like the code below then we would have been able to override in a subclass.

public virtual void Start();

So you can see the that if we had a specific implementation of BMW that needed a different way to start then we would be able to override the virtual function and call it.

No direct access for Derived class

Also the derived class cannot call the method directly, we cannot call base.Start() in a child class. We would need to cast it to the interface. So a derived class has to write code like this for explicit implementation.

ICar car = this;

car.Start();

No abstract Implementation

I almost forgot another issue, which is ... we cannot use explicit implementation in an abstract form. If we had defined the class BMW an abstract class we could have left the implementation abstract for a derived class to implement like this

abstract void ICar.Start();

But with explicit implementation we cannot delay the implementation in a later derived class.

Hmm ... when is explicit implementation a must?

Well, lets say we had another interface that has the same method with the same signature and then it could be a problem. Let see this example below

interface IBoat

{

void Start();

}

Now lets assume we have a amphibian car than can run in both land and water but engine for water and land are different so it would require two different methods to start. Since the implicit implementation can have one method the same name in both cases if IBoat and ICar the same method would be called.

class MyAmphibianCar : ICar, IBoat

{

public void Start()

{

// write code to start the BMW

}

}

This is a problem since we want to have 2 different code to start the engine. So we would have to go to implicit implementation and write code like this

class BMW : ICar, IBoat

{

void ICar.Start()

{

// write code to start the BMW

}




void IBoat.Start()

{

// write code to start the BMW

}

}

Now our problem is solved and we can use two different codes for the two implementations.

When is Explicit Implementation a Problem?

If we use explicitly implement a value type then if we need to access the interface methods then we would have to cast the value type to the interface type which would cause boxing and may hinder performance.







23. what are the aspx page methods

 Simply put, a Page Method is a page specific WebMethod. Instead of creating a full web service for your method, you can conveniently create a method in your page and use it from client-script. Let's look at how simple it is to use them:

1. Add a ScriptManager to your page, this is needed for ASP.NET AJAX interactions of any type (UpdatePanel, AJAX Control Toolkit, etc).

2. Set the EnablePageMethods property of the ScriptManager equal to true.

3. In the server-side code for the Page, create a static (Shared in VB) method and decorate it with the WebMethod attribute. (Note the WebMethodAttribute is located in the namespace System.Web.Services)

4. Use the server-side method from client-side code by simply making a call to PageMethods.YourMethodName;

5. Process the server callback. Remember AJAX is asynchronous, so in step 4, we make the request and we need to pass it the callback function in order to process the result. In some cases, you may not need this step, but typically you always are requesting something from the server.

.




24. What is Application Object?

you are familiar with the Session object, you know already that data stored in session is not permanent and data stored is usually only available to a specific user. The Application object stores data that is shared accross the application and not for a specific user. Internally the values of both the Session and Application objects are stored in a key/value pair (HashTable). All data stored in Application in stored 'in process', meaning if you restart your application all data in lost (I will show you how to maintain all application data in another tutorial).




Any time you wish to modify a Application object, you must call lock() and unlock() since the data is shared application wide you may get into problems if you don't call a explicit lock on the variable and multiple users attempt to modify it. Also, whenever you are incrementing you must cast to integer.


































25. What is Session Object?

By using session object we can maintain the state of the data which is helpful for maintaining the session(i.e to keep track of the information of the same client during the consecutive visits of the application)we can obtain the session object by using the following code:HttpSession sn=request.getSession();we can store the attributes in session object by usingsession.setAttribute(String sn,Object value);we can obtain the attributes by usingsession.getAttribute(String name);




26. How my server knows from which client request coming from?

 About 5 min discussion revolved around this question. I said through

Client’s machine address (i.e. IPAddress) and with unique Session it recognizes particular client and sends the response.

Then he said if my lab is having 20 computers and a proxy server through that proxy server only all requests goes…then how…

Here I confused a lot…and he asked 3 to 4 questions related to client server concept…

1. Dim strClientIP As String

2. strClientIP = Request.UserHostAddress()

3. Response.Write(strClientIP)










27. How to know whether the Table ‘xyz’ exists or not?

 IF NOT EXISTS (SELECT * FROM sys.objects WHERE object_id = OBJECT_ID(N'[dbo].[Country_Master]') AND type in (N'U'))




CREATE TABLE [dbo].[Country_Master](

[County_id] [int] IDENTITY(1,1) NOT NULL,

[CountryName] [varchar](50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL

)

28. How you handled exceptions in your project?

Proper error handling is the bane of the developer’s existence, for errors are both visible and marginal. Errors are visible in that the user sees them. They are marginal in that they are part of "infrastructure" error handling is a technical problem, and not a business priority.

The marginality of error handling means that the "business case" for error handling is weak, since a heavy duty error handling scheme is to a manager with an MBA from a good school, a market failure.

Unlike programmers, people who are fiduciaries of companies—that is, people with direct responsibility to the bottom line—generally seek ways to quantify risk, and this is usually using an insurance or hedging model. They don’t like to see elaborate error handling in cases where this cost hasn’t been externalized into a customer demand for elaborate error handling or even a software risk insurance policy which states, "we underwrite on condition your programmers do thus and so in error handling."

But this externalization of costs leads to a further problem: as soon as the business requirements get spelled out in detail the question arises to why they need to be in effect rewritten as code. This, in turn, takes us back to the central issue of programming: its necessary marginality as a form of writing, supplementary to the specification.

But that is a large theme; let us focus on error handling.

In my view, a system-level error handling scheme in .NET must meet the following criteria:

• To leave error logging, notification, and display to the highest level tier.

• To avoid elaborate recursive error handling of errors within the error handling, a tricky and in some cases desperate business.

• To add value to the error message where possible, and to Throw or otherwise pass the error message to the next higher level of error handling. To never "lock down" the code to any one vision of error handling.

• To add value in part by conscientiously decorating the message with highly structured information, including the date, the time, the class from where the error emerged, the object instance from where the error emerged, and the type of the error (see below).

• To provide at least the option to write the decorated error to a system log.

• To provide help in two forms

o Help help (general information)

o Action help (information as to what the object is going to do about the error)

• To force the error caller to think about the type of error:

o Pure information that is not, in fact, an error, but which "zero case" the error handles as a professional courtesy...while making sure the error viewer knows that the "error" is not an error

o Warnings, veiled threats, and words to the wise: any situation in which processing can continue without error and in which the object issuing the error hasn’t been compromised or damaged

o Serious errors: processing cannot continue without error. These seem to consist of

 User errors, which can be recovered from in the sense they don’t affect the integrity of the object

 Resource errors, which while not compromising the integrity of the object, prevent it from doing its job in responding to current and future events

o Critical errors: errors where the software discovers a program bug. For example, the default "not supposed to happen" case in a select case statement should raise this type of error. The object should put itself out of commission.

I have created a demonstration project that illustrates these principles in a .NET-based exception handling framework. After a walk-through of the demonstration/test program I will conclude with an explanation of the underlying code. The entire project, including the test program and a reusable .NET error handling DLL, can be downloaded from this link (zip file):

Trying the errorHandler out

In the shipped code itemized in the next section, run errorHandlerTest.EXE to see the following screen:




In the Level group box, click all the radio buttons to see the result of the errorLevel2Explanation() procedure (see documentation later in this article) refresh the screen with the explanation of each level.

When you’re done exploring, leave the level at "Critical error." Fill in values as follows:




Click Test. Since errorHandlerTest places the call to errorHandler in a Try..Catch block, the Catch intercepts the error that errorHandler Throws to the next higher level along with a vanilla Exception. Since errorHandlerTest is the highest level of error handling and it "knows" it is a Windows application it makes sense to allow errorHandlerTest to report the error using a Windows message box. Here is what should appear:




The complete error message consists of several lines:

• The first line starts with System.Exception because the top level test form has used Catch objException As Exception to Catch the error, and has simply displayed objException.ToString(): but because correspondingly, errorHandler created a New exception with a string set to the full error message, the text of the Exception.ToString() is what errorHandler has built

• Therefore, System.Exception is followed by the meaning of the radio button selected as the Level of the error: criticalLevel.

• This is followed by the source of the error: myObject.myProcedure().

• This is followed by the date, time, and the body of the error message.

• A line break is followed by the full help advice which consists of help text, the errorLevel2Explanation explanation of the error, a blank line, and finally the action you identified.

The blank line appears because errorHandler accesses Microsoft.VisualBasic.Err.Number and Err.Description. If Err.Number is zero and Err.Description is a null string, a blank line appears, otherwise these values are displayed.

You may want to remove the code that displays Err.Number and Err.Description. This is because using them increases your dependence on Microsoft.VisualBasic as a library. This library is full of "legacy" code which doesn’t in all cases work smoothly in Web Services and as a general rule, VB.NET code should migrate away from it.

• The help advice lines are followed by the rest of the Exception.ToString() text, which provide the source of the error.

Take a look at the Event log. Right click My Computer on the Windows desktop, click Manage, open System Tools and Event Viewer if necessary under Computer Management, and open the most recent Application event: this will have the Source set to errorHandler Test:




As shown above, because strEventLog was included, an event was added to the Application log.

Try the errorHandler out to see if it meets your needs and that of your team.

Additional Code Explanation

Project Structure

The following directories and files are available, containing the errorHandler and its test application.

• ErrorHandler: directory containing all files needed

• ErrorHandler/AssemblyInfo.vb: assembly information for errorHandler.DLL

• ErrorHandler.SLN: solution file including both errorHandler and errorHandlerTest

• ErrorHandler.PROJ: project file for errorHandler.DLL

• ErrorHandler.VB: Visual Basic .Net source code for errorHandler.DLL

• Bin: directory containing errorHandler.DLL

• ErrorHandlerTest: directory containing the errorHandler test application, containing ErrorHandlerTest.SLN, ErrorHandlerTest.PROJ, and Form1.VB.

The errorHandler Class

errorHandler is a stateless .NET class which exposes two Shared methods: errorHandler() and errorLevel2Explanation():

errorHandler()

errorHandler(strMessage As String,

ByVal enuLevel As ENUerrorHandlerLevel,

ByVal strObject As String,

ByVal strProcedure As String,

ByVal strHelp As String,

ByVal strAction As String,

ByVal strEventLog As String)

strMessage is the only required parameter of errorHandler() and it should describe the message. There’s an art to composing an error message, of course, and errorHandler() can’t prevent you from composing a bad one. In general the message should avoid blaming the user who unlike the programmer is usually scared of error messages.

The remaining parameters are all optional in the sense of overloads-optional.

• enuLevel is the error level as described above.

• criticalLevel: a programming error has occurred.

• informationLevel: not an error: but we need to provide some information using the error handling system.

• resourceLevel: an object cannot get the resources it needs from the system to operate properly. In .Net, for example, this would be any failure to create a reference object (other than Boolean, Byte, Short, Integer, Long, Single, Double or String), which needs storage in the .Net heap.

• userLevel: the object user has supplied invalid data, typically as a procedure parameter, such that the request made cannot be honored, but the object itself is OK.

• warningLevel: there might be a problem, but probably isn’t.

strObject should identify the object producing the error...not its class. Ideally, you’ve named each class instance using a method I will fully describe in a subsequent article, where the name includes the class name, a sequence number, and the date and time. However, something like classname instance is perfectly acceptable for short-term use. It identifies the class, but makes it clear that an instance produced the error. strObject defaults to "Unidentified object."

strProcedure should identify the "procedure" which in VB.Net identifies either the method or property, generating the error. strProcedure defaults to "Unidentified procedure."

strHelp can be a long or short string with long or brief help information. There doesn’t seem to be much point in subordinating an elaborate "help" system to the errorHandler which to be reusable interface needs to be light in weight and in spirit, and you can, if you like, get the help information from another subsystem and pass it, if it is of reasonable size, as a string. strHelp defaults to a null string because it looks unprofessional to default to "Help is not available." There’s a public service ad on Hong Kong TV which advises people working in shops never to say "no" in such a way as to make the customer feel as if she’s undeserving of help.

strAction should identify what is being done in response to the error condition. It’s a separate consideration from help information. It defaults to a null string.

strEventLog when present and not null causes the error to be logged (with its full "decoration" including date and time) using System.Diagnostics.EventLog.WriteEntry() with two parameters: strEventLog and the fully decorated message.

On a Windows system, this adds the message with decoration and new-lines to the Application log which can be viewed by right-clicking My Computer on the desktop, opening Manage, opening System Tools and Event Viewer and clicking Application.

errorLevel2Explanation()

This shared procedure accepts an enuLevel enumerator (of type ENUerrorHandlerLevel) and returns its explanation:

• criticalLevel: "Programming error" is returned

• informationLevel: "Not an error, information instead" is returned

• resourceLevel: "System not able to get a needed resource" is returned

• warningLevel: "Warning, processing continues: there may be a problem" is returned

• userLevel: "Have recovered from a user error" is returned

One problem throughout this short and simple class is its exclusive use of English, but for ease of modification, the error level explanations are symbol constants, and not strings




29. If the table ‘xyz’ is not available in database what error it throws?

Invalid object name xyz

30. What is Try, Catch and Finally?

A common usage of catch and finally together is to obtain and use resources in a try block, deal with exceptional circumstances in a catch block, and release the resources in the finally block.

// try-catch-finally

using System;

public class EHClass

{

public static void Main ()

{

try

{

Console.WriteLine("Executing the try statement.");

throw new NullReferenceException();

}




catch(NullReferenceException e)

{

Console.WriteLine("{0} Caught exception #1.", e);

}




catch

{

Console.WriteLine("Caught exception #2.");

}




finally

{

Console.WriteLine("Executing finally block.");

}

}

}




31. try

{

Int x = function A()

….

….

}

Catch

{

Error Msg

}




Function A()

{

Try

{

…..if error occurs here then explain what happens next and where control

Moves next..?

}

Catch

{

Error Msg

}

}







32. what is Inner Class?




Inner classes nest within other classes. A normal class is

a direct member of a package, a top-level class. Inner

classes, which became available with Java 1.1, come in four

flavors:

? Static member classes

? Member classes

? Local classes

? Anonymous classes

Let's take a quick look at each in turn.

Briefly, a static member class is a static member of a

class. Like any other static method, a static member class

has access to all static methods of the parent, or top-

level, class.

Like a static member class, a member class is also defined

as a member of a class. Unlike the static variety, the

member class is instance specific and has access to any and

all methods and members, even the parent's this reference.

Local classes are declared within a block of code and are

visible only within that block, just as any other method

variable.

Finally, an anonymous class is a local class that has no

name.







33. Can I access the variables of Outer class inside Inner class? And vice versa

34. What is tracing?

35. What is the difference between Tracing and Debugging?




Debug Class provides a set of methods and properties that help debug your code. If you use methods in the Debug class to print debugging information and check your logic with assertions, you can make your code more robust without impacting the performance and code size of your shipping product. In Visual Studio 2005 projects, creating a debug build enables Debug.




You can use the properties and methods in the Trace class to instrument release builds. Instrumentation allows you to monitor the health of your application running in real-life settings. Tracing helps you isolate problems and fix them without disturbing a running system.

In Visual Studio 2005 projects, Trace is enabled by default for both release and debug builds, so code is generated for all trace methods in both release and debug builds. Therefore, you can use Trace to instrument release builds.




36. How will u allow tracing?




Tracing Explained

Tracing records diagnostic information about a particular web page. Depending on which method is used to activate it (see below) information can be appended to the page display or can be viewed via a separate document URI. Some of the information recorded includes the execution time of page methods, time spent rendering page controls, and the contents of various collections such as the querystring, HTTP header, and session state.

Enabling Tracing

Tracing can be enabled for an individual page or an entire application.

Page-Level Activation

Page-level activation is handy because it allows you to quickly view the trace for a single page without disturbing the rest of the application. You can activate tracing using a page directive:




Or in the code-behind using the Trace object:

Private Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) _

Handles MyBase.Load

Trace.IsEnabled = True

End Sub

Again using the Trace object, a common way to enable tracing dynamically is as follows:

Private Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) _

Handles MyBase.Load

If Request.QueryString("trace") = "true" Then

Trace.IsEnabled = True

End If

End Sub

This allows tracing to be enabled at any time by calling the page with a querystring flag:

TraceTest1.aspx?trace=true

Application-Level Activation

All three of the approaches above append the trace information to the page display, which is useful for quick debugging or performance evaluation of pages. A drawback to these approaches is that you must add one of them to every page in your website. You can get around this limitation by enabling tracing for an entire application. There are two ways to accomplish this.

The first is to modify the trace element in web.config as follows:




enabled turns tracing on or off

pageOutput determines whether or not trace information is output to the page. If pageOutput is set to false trace information can be retrieved via web browser by visiting http://applicationRoot/trace.axd. Trace information is not physically stored in an .axd file. Instead, .NET intercepts the request for this URI and outputs the trace information to the browser.

requestLimit is the number of page requests that are stored and displayed via trace.axd if page output is set to false.

traceMode can be SortByTime or SortByCategory, and defines the way the trace results are displayed.

localOnly defines whether or not trace information captured by this application level trace will only be displayed to web requests originating from the machine serving the web application. Note that tracing enabled using a page directive or via the Trace object in code are shown to all requests, local or not.

The second way to enable tracing for an application is to insert the following into your global.asax.vb file in the Application_BeginRequest method:

' ENABLE TRACING ON PAGE IF SPECIFIED

If (Context.Request.QueryString("trace") = "true") Then

Context.Trace.IsEnabled = True

End If

Then place 'trace=true' into the querystring of any page to enable tracing:

TraceTest1.aspx?trace=true

This is handy during development but remember to remove it before moving to production. With this approach, anyone who inserts 'trace=true' will see the trace information.

Trace Contents

The trace can contains up to 10 sections, many of which only appear if they contain data. The sections are: Request Details, Trace Information, Control Tree, Session State, Application State, Cookies Collection, Headers Collection, Form Collection, QueryString Collection, and Server Variables.

The Request Details section contains some basic information including the user's session ID, the time the request was made, and a status code.




The Trace Information section contains the execution time of each built-in page method.




The Control Tree section contains each control rendered to the page. Information includes relevant nesting of controls, the type of control, the size (in bytes) of the rendered control, and the size the control occupied in the viewstate. This information can be handy for troubleshooting long page-loads.




The Session and Application State sections appear next if they contain data. Name and value pairs are listed.

The Cookies Collection section enumerates the names and values of all cookies.




The Headers Collection section contains the name and value for each item in the http header.




The Form and QueryString collection sections appear next if they contain data.

The Server Variables section contains the contents of the Request.ServerVariables collection.




Writing to the Trace

The final feature of Tracing is the ability to write custom messages to the output. These messages appear in the Trace Information section and are written using the Trace object:

Private Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) _

Handles MyBase.Load

Trace.IsEnabled = True

Trace.Write("Before retrieving an item from ViewState")

Dim a As Object = ViewState("Test")

Trace.Write("After retrieving an item from ViewState")

End Sub

The result is shown below:




Another way to output to the trace is using Trace.Warn. Trace.Warn is identical to Trace.Write except the text displayed is red instead of black.

Text written using the trace object is only output if tracing is enabled, so this is an easy way to insert debugging messages into your code that will not output once the application is migrated to production (assuming you de-activate tracing during the migration). Outputting custom trace messages is a good way to determine how long it takes to perform a specific action and can aid in streamlining page execution.










1. What is Web function?




2. What is reflection?




All .NET compilers produce metadata about the types defined

in the modules they produce. This metadata is packaged

along with the module (modules in turn are packaged

together in assemblies), and can be accessed by a mechanism

called reflection.

Reflection is the ability to read metadata at runtime. Using reflection, it is possible to uncover the methods, properties, and events of a type, and to invoke them dynamically. Reflection also allows us to create new types at runtime.

Reflection generally begins with a call to a method present on every object in the .NET framework: GetType. The GetType method is a member of the System.Object class, and the method returns an instance of System.Type. System.Type is the primary gateway to metadata. System.Type is actually derived from another important class for reflection: the MemeberInfo class from the System.Reflection namespace. MemberInfo is a base class for many other classes who describe the properties and methods of an object, including FieldInfo, MethodInfo, ConstructorInfo, ParameterInfo, and EventInfo among others. As you might suspect from thier names, you can use these classes to inspect different aspects of an object at runtime.




The System.Reflection namespace contains classes that can

be used to interrogate the types for a module/assembly.




Using reflection to access .NET metadata is very similar to

using ITypeLib/ITypeInfo to access type library data in

COM, and it is used for similar purposes - e.g. determining

data type sizes for marshaling data across

context/process/machine boundaries.




Reflection can also be used to dynamically invoke methods (

System.Type.InvokeMember ) , or even create types

dynamically at run-timeystem.Reflection.Emit.TypeBuilder).




3. What is threading?

Ans in detail in document of thread.

4. What is NewID?

5. Yes, newid() is unique. newid() returns a globally unique identifier. newid() will be unique for each call of newid().

6. Thus, newid() can be used as the value of a primary key of a sql server table. Values returned by newid() can be inserted into a primary key column of type "uniqueidentifier". Here is an example of a "uniqueidentifier" primary key column, with newid() used as the default value:

7. CREATE TABLE [tblUsers] (

[UserId] [uniqueidentifier] NOT NULL DEFAULT (newid()),

[UserName] [varchar](256) NOT NULL,

PRIMARY KEY ([UserId])




8. What are types of Temparary Table?

Two types Global and local

9. What is Difference between shared and private assembly in dot net ?

Private assemblies are deployed along with your exe where as shared assemblies are deployed in the GAC.

Private assemblies are identified by their friendly name ( name of the dll) only. Shared assembles have strong name that consists of friendly name + version + public key + encrypted hash of your code.

Shared assembles are used for security and sharing components between various applications.