Search - Articles
DevASP.NET for ASP.NET, VB.NET, XML and C# (C-Sharp) Developers Tuesday, February 07, 2012

Home
Dev Articles
Sample Chapters
Add a Listing
Link to us
Contact

Dev Articles

ASP.Net (338)
C# (300)
SQL Server (53)
VB.Net (195)
Web Services (2)
Search Directory

ASP.Net AJAX
AJAX ToolKit
.NET Namespaces
Applications
Articles & Samples
Assembly & Controls
Community
Developer Sites
Downloads
Hosting Services
Introduction
Knowledge Base
Sample Chapters
WebCasts
ASP.NET

Applications
Articles & Samples
ASP.Net Sites
Assembly & Controls
Downloads
Errors & Bugs
Introduction
Knowledge Base
Sample Chapters
WebCasts
VB.Net

Articles & Samples
Downloads
Errors, Bugs & Fixes
Introduction
Knowledge Base
Sample Chapters
WebCasts
C-Sharp

Applications
Articles & Samples
C-Sharp Sites
Errors, Bugs & Fixes
Introduction
Knowledge Base
Sample Chapters
WebCasts
SQL Server

Applications
Articles & Samples
SQL Sites
Downloads
Errors, Bugs & Fixes
Introduction
Knowledge Base
Sample Chapters
WebCasts
 

FTP Versus Online File Management


Now that we've chosen to use a third party hosting service for our site, we should also consider the additional implications that this choice has on the ease of site maintenance. Uploading files is not a problem – we need nothing more than a simple FTP client to upload, download, rename, and perform most of the other necessary operations on the files. There are lots of them on the market, many available for free. On the other hand, using FTP to update every changed file can be slow and boring, especially when you need to upload the same very large file several times for minor changes, perhaps affecting only a single line of code each time. Sometimes FTP can be slow or even inaccessible when the server is busy (remember that we chose to use a shared server) or because the FTP server is temporarily down. Imagine another situation: when you're traveling or visiting a client's place without your laptop, you show the project to your client and are asked to make a quick modification. Something simple that should only take a few seconds, but how do you do it if you don't have your ASP.NET source code available, and if you don't have an FTP program to upload your changes? Often company networks have firewalls or proxies that prevent full FTP access.

Some of these issues might not seem important and you may be thinking that we could just ignore them. Admittedly, these situations are not the rule, but they do happen, and having a reserve plan can turn out to be a good precaution. So, what is this reserve plan? It is having a web application that serves as a file manager for the web site's files and physical structure (that is, the structure of subdirectories). Such a file manager should allow us to do most of the operations that we would normally do through the FTP utility, plus something else that FTP can't provide. That extra something is that, if we have such a tool for our website, we'll be able to explore our files and resources with nothing more than a web browser and an Internet connection. We'll also be able to edit text files (source code) from the web browser itself, so small changes can be made instantly without a download and subsequent upload – useful if you've just uploaded some code, only to realize you missed out one semi-colon!

 

In short, a file manager tool is pretty handy for site maintenance in some situations.

Database Management

ThePhile.com is a database-driven website that runs against SQL Server 2000. During development we can use the Enterprise Manager to create tables and stored procedures, add/edit/delete records, and set properties on everything. We could do everything with T-SQL scripts written by hand but, to be honest, the Enterprise Manager is so handy that everyone quickly gets used to it and performs most of the required creation and maintenance operations with its help.

 

However, when we deploy a website and replicate the database to the remote server, we can't always continue to use Enterprise Manager on the shared server. Some hosting plans do not allow webmasters to use Enterprise Manager, due to security reasons. This implies that we should resort to good old T-SQL to do everything, from simple operations such as adding records, to the creation and modification of tables and stored procedures, or the setting of various database options. Although all of this is possible with T-SQL code, it's not as quick as with Enterprise Manager, not to mention that coding long T-SQL statement is more error-prone. This is especially true for those commands that you never use because the Enterprise Manager allows you to just select a checkbox or fill a textbox. Also, you don't see a handy list of all the available tables, columns, stored procedures, and other objects.

 

So, it seems that there is space for third party tools here! And, in fact, third party tools for general (or SQL-specific) database management are not that difficult to find. There are nice tools made up of a set of pages that allow you to see all the database objects, edit many properties, and in general manage the database in such a way that you won't miss the Enterprise Manager quite as much.

 

Later in the chapter we'll show how to install and use one of the available tools (called the Web Data Administrator), written in ASP.NET and - guess what - kindly provided by Microsoft for free!

The Design

Now that we're aware of the usefulness of having maintenance tools, let's start designing our file manager module by writing down the list of features we want to implement. A typical utility of this type includes the following functionality:

 

q        Starting from the web root, the file manager should allow the administrator to see the list of sub directories and files, and to navigate the structure by clicking a directory name to go one level down, or an arrow at the top of the list to go one level up.

 

q        It should display information about each file-system item (file or directory) in our application. This will include a predefined icon that describes the item type, size (of all the subdirectories and files if the item is a directory), attributes, creation date, and the date of last modification.

q        There should be the ability to upload and download files.

q        It should offer the ability to create, rename, copy, move, and change the attributes of any directories and files.

q        It should enable us to view and edit the content of text files.

 

This list includes most of the basic commands that we would expect from any file manager for Windows. We want to reproduce them with a web interface running on a browser, which will allow us to perform common operations without the need for any external tools.

 

We want this application to respect a couple of basic requirements:

 

q        It should be easy to integrate the tool into other existing websites

q        It should not be possible for an anonymous Internet user to access the file manager; it must have a reliable authentication/authorization system

Let's look at some details to better explain the design choices.

Implementation Design

Most applications are data-driven and have a set of business rules to respect. In this case, as we said in Chapter 2, the first concern for a developer would be to decide how to split the application into several layers: data, business, and user presentation. This application, though, is of a different type – it has no database and the data to be shown is part of the structure of the file system. The components for working with the file system and performing all the required I/O operations are already provided by the huge collection of classes within the .NET Framework, so we don't have to worry about this either. Therefore, what we have to write is only the presentation layer – that is, a set of ASP.NET pages and custom controls.

 

This is the first module we're going to develop for ThePhile.com. By module, we mean a web application that is site-independent, so we should design it in a way that makes it easy to integrate this module with any other site. This is a requirement that all the other modules we'll see in the book should also meet. On the other hand, our designers do want to integrate this module with the rest of the site, so it should have the same color schemes and a similar layout. For this reason we'll make use of the shared stylesheet that we built in Chapter 2 for the entire site, so that if we change the style for an element or a style class, all the pages of our module will automatically change without any further manual intervention. In Chapter 2 we also built header and footer user controls that can be inserted into any page in order to have the same layout without having to manually copy and paste the common HTML code into each page. However, this module does not need the site-wide header and footer controls, since it really is an independent and external tool accessed by administrators only, so we'll avoid using these two shared controls.

 

The file manager will comprise only two ASP.NET pages: one for navigating the folder structure, uploading, deleting, renaming, copying, and moving files and directories. The other is a simple text editor for creating a new file or editing an existing one.

 

Security Design

Most sites have an administration section that allows us to update a database or perform other operations that normal users are not allowed to do, and they usually have other parts that are for registered members only. So, securing a website is often a major task that must be taken very seriously during the design phase. ASP.NET offers several types of security, each of which should be used in different situations. You should already know something about this if you've ever developed for the web with .NET, so let's just review them briefly:

 

q        Windows authentication: based on IIS authentication and the NTFS file permissions of Windows 2000. After a user is authenticated, they access the protected resources under the context of that account, with its rights and limitations.

q        Forms-based authentication: the user logs in via a custom ASP.NET page and their credentials are validated against the values stored in the web.config file, a database, an XML file, or some other data source.

q        Passport authentication: the user is authenticated by an external web service powered by Microsoft at www.passport.com. This service, born in 1999 but not widely used yet, requires a paid subscription.

 

Each of these types of authentication is best suited to particular situations. Forms-based authentication allows a great deal of customization, and is best suited when you need to add, remove, and manage an unknown number of users quite frequently, and without touching IIS and Windows settings. This type of authentication will be explained in much more detail in the next chapter, where we'll build a users module for the management of the site's members and the administrators of the other modules that we'll present throughout the book.

 

On the other hand, Windows authentication requires the server administrator to set up a group and a number of users from the Computer Management snap-in, and to associate them with the resources to protect. It offers the opportunity to assign different permissions to different users. It is best suited when we're building a system based on an intranet, or when we know in advance the number of users for which we should create an account. For the file manager module, we have a fixed number of administrators that we want to allow to manage the site's resources, so we can create a few accounts and use Windows authentication. However, with the User Accounts module we build later, you'll see how we could integrate our system with that.

The Solution

Now that we have a clear idea about what we're going to build, we can start creating the project with VS.NET. The files for the presentation layer are part of the main ThePhile project, and sit in the Modules\FileManager folder. Unless otherwise stated, all classes for this module should be part of the Wrox.WebModules.FileManager.Web namespace.


DevASP.Net - Disclaimer - Privacy
© 2002-2010 DevASP.net