Disabling Browser Back Button after Logout

Recently in an application we developed there was a requirement to stop the browser back button after user logs out of the application.

The reason behind this was to stop the security risk of another user without proper permissions peeking into the earlier users screens. If you notice in many applications if the browser back is not properly handled then after the user is logged out you can re visit the site by just pressing the browser back button. This happens because the browser shows the cached page when the back is pressed. Even if you have server side code to check for the user they will not fire since the page will load from cache.

With the limited time I found a genius idea to handle this in the internet. What this javascript does is it will always try to put the user back to the last page in the history. For example, I am having a login page and a default page which I am taking a user after he logs in. You need to place the following javascript in the default page to make the above happen.

1. <script type="text/javascript" language="JavaScript">
2.     window.history.forward(1);
3. </script>

Then once a user logs out from the system and if presses the back button of the browser, when the default page loads it will put the user again to login (history forward) page which is the login page. Ultimately user needs to login again to go back to the site.

Comparing SharePoint 2010 vs 2007

It is some time since the SharePoint 2010 is released and now is a good time for you to migrate to the new improved version of it. When searching the net I found some good sites which compares the 2 versions.

Read through the following sites if you are interested.

http://www.rharbridge.com/?page_id=103

http://www.khamis.net/blog/Lists/Posts/Post.aspx?ID=4

Installing and Uninstalling Internet Explorer 8

Since Internet Explorer (IE) 8 is a built-in feature of Windows Server 2008 R2 there is no way to install or uninstall it using the user interfaces. Instead you need to run the following commands in a command prompt window which has administrative privileges.

If you are only having IE in your machine as an internet browser be sure to install another internet browser before uninstalling IE, otherwise you will not be able to browse internet.

1. Click the start button and type Cmd in the search box.
2. Right click on the Cmd icon and click on Run as Administrator.
3. Choose the appropriate command from below for your need and copy it.

To Install -

dism /online /Enable-Feature /FeatureName:Internet-Explorer-Optional-amd64

To Uninstall -

dism /online /Disable-Feature /FeatureName:Internet-Explorer-Optional-amd64

or

FORFILES /P %WINDIR%\servicing\Packages /M Microsoft-Windows-InternetExplorer-8*.mum /c "cmd /c echo Uninstalling package @fname && start /w pkgmgr /up:@fname /norestart"

4. Paste the command into the command prompt windows you just opened by right clicking and clicking on Paste.
5. Press enter to run the command, when the command is successful you need to restart your machine to complete the action.

Sharing Screen with Multiple People

As you might know the new Skype allows us to share our desktop to another contact by only using Skype. Best things are it is free and we can share through internet. But this has a limitation which is you cannot share the screen with multiple contacts.

To overcome this I happen to find this nice Skype add-on named InnerPass Share and Collaborate which enable us to share our desktop with many people at once freely.

To get it installed go to Skype Extras Manager by clicking Tools –> Extras –> Get Extras.

Type InnerPass on the top left search box and press search.

Then on the left search results select the InnerPass Share and Collaborate add-on and install.

After installing you can launch InnerPass by clicking Tools –> Extras –> InnerPass Share and Collaborate. This will bring you a screen similar to the following.

You can click Get Started button to create your free InnerPass account and start using the features offered by InnerPass.

Some of the features are,

• Managing meeting rooms.
• Add contacts from other sources like Yahoo, Gmail, etc.
• Schedule meetings.
• Attend meetings.
• Host meetings.
• Sharing your screen.
• Viewing others’ screens.
• Share documents.

Preserving State in ASP.Net

As you know a main challenge in web development is preserving the state of the application. We say web is stateless because web server treats each HTTP request for a page as an independent request. The server will not know any knowledge of variable values that were set/used during the previous requests. For example in Windows applications after we start the application if we set a variable to a certain value in a form it will be there until we close the form. But in web since the page is getting posted back the value will be normally lost.

To overcome this limitation in web ASP.Net provides two main methods and they are having different options under them.

1. Client Side State Management
   1. View State
   2. Cookies
   3. Query String
2. Server Side State Management
   1. Session State
   2. Application State
   3. Profile Properties

1.1- View State

Viewstate is a technique used in ASP.Net to preserve the state changes during the page postbacks. The viewstate data is always belong to the page, so this needs to be used when we want to store data at page level and retrieve them on the same page. Viewstate data will not be available from another page.

Viewstate uses a hidden form field named __VIEWSTATE as default to store the state information. When the “EnableViewstate” property of a control is set to true ASP.Net will start saving the control state in the viewstate. If we enable this property for many controls then soon the viewstate hidden variable will be large, and that may slow our application since this needs to be transferred at each postback. For example each time we submit a page the viewstate will go from our machine to server and from server to our machine. Due to this reason we should consider whether it is really required before enabling viewstate for a control. One advantage viewstate has is that it is not using server resources.

Apart from the viewstates of the controls in the form we can also add the values we need to preserve to the viewstate.

Adding a value -

1. ViewState["Text"] = value;

1. ViewState.Add("Text", value);

Retrieving a value -

1. object o = ViewState["Text"];

1. string str = (string) ViewState["Text"];

Read more at http://msdn.microsoft.com/en-us/library/bb386448.aspx.

1.2- Cookies

We use cookies to store frequently changed small amount of data at client side. We can control the life span of a cookie. For example we can create a cookie which expires when the session is over or which exists indefinitely in the client machine.

Cookies are light weight since they are text based structures having key value pairs. They are not taking any server resources since they are at client, but this also adds a disadvantage on security because users/hackers can tamper them. To prevent this we can encrypt cookies but this will reduce application performance. There is also a limit to the amount of data which we can be stored in a cookie. Also if cookies are blocked in browser the application will fail.

Adding a value -

1. Response.Cookies["userData"]["Name"] = "Arjuna";
2. Response.Cookies["userData"]["lastVisit"] = DateTime.Now.ToString();
3. Response.Cookies["userData"].Expires = DateTime.Now.AddDays(1);

1. HttpCookie aCookie = new HttpCookie("userData");
2. aCookie.Values["Name"] = "Arjuna";
3. aCookie.Values["lastVisit"] = DateTime.Now.ToString();
4. aCookie.Expires = DateTime.Now.AddDays(1);
5. Response.Cookies.Add(aCookie);

Retrieving a value -

1. HttpCookie cookie = Request.Cookies["userData"];
2. if (cookie == null)
3. {
4.     lblCookieText.Text = "Cookie not found.";
5. }
6. else
7. {
8.     lblCookieText.Text = cookie.Values[0] + ", " + cookie.Values["lastVisit"];
9. }

Read more at http://msdn.microsoft.com/en-us/library/ms178194.aspx.

1.3- Query String

A query string is the information added at the end of the URL. This is supported by all the browsers and does not consume server resources. But this has limited capacity and security problems.

Adding a value -

1. Response.Redirect("Webform2.aspx?Name=" +
2. this.txtName.Text + "&LastName=" +
3. this.txtLastName.Text);

Retrieving a value -

Using Webform2.

1. this.TextBox1.Text = Request.QueryString[0];
2. this.TextBox2.Text = Request.QueryString["LastName"];

 

2.1- Session State

Session state (variables) needs to be used to store session specific data. For example the logged in user information can be stored in session. Session variables are accessible by the entire set of pages in an application within the same session.

Session is created once a user visits a site and the session will end when the user leaves a site or when user becomes idle. Session variables are stored in a SessionStateItemCollection object that is exposed through the HttpContext.Session property. In an ASP.NET page, the current session variables are exposed through the Session property of the Page object. One disadvantage is that the session variables are taking server resources.

Adding a value -

1. Session["Name"] = “My Name”;

Retrieving a value -

1. string str = (string) Session["Name"];

Read more at http://msdn.microsoft.com/en-us/library/ms178581.aspx.

2.2- Application State

Application state (variables) are used to store application specific data. Application state will be accessible to any users connected to the application. Normally global data which are infrequently changed, having no security concerns are stored in an application state.

The HttpApplicatioState instance is created at the first time a user accesses any URL resource in an application and the application state is lost when the application is ended. For example if the web server is restarted. If the value is required after application restart then before application end the required values needs to be transfered to a non volatile medium such as a database for later retrieval. The HttpApplicationState class is most often accessed through the Application property of the HttpContext class. When using the application state we need to remove any unnecessary items as soon as it is not required to maintain the site performance.

Adding a value -

When adding a value to an application variable it is always good to lock it before adding data since application state data can be accessed by multiple threads at the same time. Otherwise invalid data or erroneous data will appear. The loack needs to be removed after adding or changing the value to make the application state available for other threads.

1. Application.Lock ();
2. Application["NumberofViews"] = 1;
3. Application.UnLock ();

Retrieving a value -

1. string str = (string)Application["NumberofViews"];

Read more at http://msdn.microsoft.com/en-us/library/ms178594.aspx.

2.3 Profile Properties

Profile properties uses an ASP.Net profile and is user specific. This is similar to session state except that the data stored in profile properties are not lost when session is ended.

We can store the profile data in a place that we like. If we are using SQL Server to store them then we can use SqlProfileProvider, if not we can write our own profile provider classes so the profile data will be stored in custom formats and in a custom storage mechanisms, such as an XML file, or even to a Web service. But performance will be less since the data is stored in a data store. Also to use it additional configurations and to keep it in a fully optimized level maintenance activities are required.

Adding a value -

First we need to add the required provider and the properties to the web.config file.

1. <profile enabled="true">
2.   <providers>
3.     <clear/>
4.     <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/>
5.   </providers>
6.   <properties>
7.     <add name="UserName" />
8.   </properties>
9. </profile>

Retrieving a value -

1. TextBox1.Text = System.Web.Profile.DefaultProfile.Properties["UserName"].DefaultValue.ToString();

Read more at http://msdn.microsoft.com/en-us/library/2y3fs9xs.aspx.

Read more on ASP.Net state managements at http://msdn.microsoft.com/en-us/library/75x4ha6s.aspx.

Features of Search Engines

How many of you know that common and popular search engines like Google and Bing are providing many other functionalities than searching?

Yes it is true there are many functionalities within them that most of us don’t know.

Following are some features, you can try these out by typing the italic text in your favorite search engine.

1. Finding the date and the time of a place. – “Time Sri Lanka”, “time Melbourne”
2. Checking spelling of words. – “Cheking”, ”mathmatics”
3. Finding results of arithmetic. – “(25*34)+78”, “2**5”
4. Finding the weather if a place. – “Weather Colombo”, “weather Changi”
5. Finding the populations of countries or popular cities. – “Population UK”, “population Sri Lanka”
6. Converting units. – “12.5km in Meters”, “3km in inches”
7. Stock details. – “MSFT”, “AAPL”
8. Find similar word (Synonyms). – “~Cooking”, “~hot drinks”
9. Finding currency values. – “1 GBP in AUD”, “89.34 AUD in USD”
10. Finding maps. – “New York Map”, “Sydney map”
11. Finding definitions of words. – “Define Computer”, “define language”
12. Other than above you can find about Books, Movies, Air Line Schedules etc. But they are widely for other countries like UK, US.

While searching you can use special characters like wild cards, concatenate, subtract to help while searching. Try them out to find the results by your own.