Web.config detailed explanation + asp.net optimization
Author:Eve Cole
Update Time:2009-07-01 16:44:14
1. Understanding the Web.config file
The Web.config file is an xml text file, which is used to store the configuration information of the asp.NET Web application (such as the most commonly used authentication method for setting the asp.NET Web application). It can appear in every step of the application. in the directory. When you create a new Web application through .NET, a default Web.config file is automatically created in the root directory by default, including default configuration settings, and all subdirectories inherit its configuration settings. If you want to modify the configuration settings of a subdirectory, you can create a new Web.config file in the subdirectory. It can provide configuration information in addition to the configuration information inherited from the parent directory, and can also override or modify settings defined in the parent directory.
(1).Web.Config is stored in xml file specification, and the configuration file is divided into the following formats
1. Configuration section handler declaration characteristics: located at the top of the configuration file and contained in the <configSections> tag.
2. Specific application configuration features: Located in <appSetting>. You can define information such as global constant settings for the application.
3. Configuration section setting features: Located in the <system.Web> section, it controls the behavior of asp.net runtime.
4. Features of configuration section groups: Using the <sectionGroup> tag, you can customize the grouping and place it inside <configSections> or inside other <sectionGroup> tags.
(2). Each section of the configuration section
1.<configuration> section root element, other sections are inside it.
2. <appSetting> Section This section is used to define application settings. For some uncertain settings, users can also set their own usage according to their actual situation:
I.<appSettings>
<add key="Conntction" value="server=192.168.85.66;userid=sa;password=;database=Info;"/>
<appSettings>
A connection string constant is defined, and the connection string can be modified in actual applications without modifying the program code.
II.<appSettings>
<add key="ErrPage" value="Error.aspx"/><appSettings> defines an error redirect page.
3.<compilation> section format:
<compilation
defaultLanguage="c#"
debug="true"
/>
I.default language: Define the background code language, you can choose two languages: c# and vb.net.
IIdebug: When true, aspx debugging is started; when false, aspx debugging is not started, thus improving the performance of the application when it is running. Generally, programmers set it to true when developing and set it to false when handing it over to customers.
4.<customErrors> section format:
<customErrors
mode="RemoteOnly"
defaultRedirect="error.aspx"
<error statusCode="440" redirect="err440page.aspx"/>
<error statusCode="500" redirect="err500Page.aspx"/>
/>
I.mode: It has 3 states: On, Off, and RemoteOnly. On means that customized information is always displayed; Off means that detailed asp.net error information is always displayed; RemoteOnly means that customized information is only displayed for users who are not running on the local web server.
II.defaultRedirect: URL address used to redirect when an error occurs. Optional
III.statusCode: Indicates the error status code, indicating a specific error status.
IV. redirect: Error redirected URL.
5.<globalization> section format:
<globalization
requestEncoding="utf-8"
responseEncoding="utf-8"
fileEncoding="utf-8"
/>
I.requestEncoding: It is used to check the encoding of each incoming request.
II.responseEncoding: used to check the content encoding of the response sent back.
III.fileEncoding: used to check the default encoding for aspx, asax and other file parsing.
6.<sessionState> section format:
<sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
I.mode: Divided into off, Inproc, StateServer, SqlServer states
mode = InProc is stored in the process. Features: has the best performance and fastest speed, but cannot be shared across multiple servers. mode = "StateServer" is stored in the state server. Features: When user session information needs to be maintained across servers, Use this method. However, the information is stored on the state server. Once the state server fails, the information will be lost. Mode="SqlServer" is stored in sql server. Features: The workload will become larger, but the information will not be lost.
II. stateConnectionString: Specify the server name where the asp.net application stores the remote session state. The default is the local machine.
III.sqlConnectionString: When using a session state database, set the connection string here
IV. Cookieless: When set to true, it means that the cookie session state is not used to identify the customer; otherwise, the opposite is true.
V. TimeOut: Used to define the time for session state storage. If the time limit is exceeded, the session will be automatically terminated.
7.<authentication> section format:
<authentication mode="Forms">
<forms name=".ASPXUSERDEMO" loginUrl="Login.aspx" protection="All" timeout="30"/>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
I.Windows: Use IIS authentication method
II.Forms: Using forms-based validation
III.Passport: Use Passport cookie verification mode
IV.None: does not use any verification method. The meaning of the attributes of the Forms node embedded in it:
I.Name: Specifies the name of the HTTP cookie used to complete authentication.
II.LoginUrl: The page URL that is redirected if the verification fails or times out, usually the login page, allowing the user to log in again.
III.Protection: Specify the protection method of cookie data.
Can be set to: All None Encryption Validation Four protection methods
a. All means encrypting data and performing validity verification in two ways.
b. None means cookies are not protected.
c. Encryption means encrypting Cookie content
d. Validation means verifying the validity of Cookie content
IV. TimeOut: Specify the cookie expiration time. Log in again after timeout.
Modifications to the Web.config file at runtime can take effect without restarting the service (Note: Exception for the <processModel> section). Of course the Web.config file is extensible. You can customize new configuration parameters and write configuration section handlers to handle them.
The web.config configuration file (default configuration settings) all the following code should be located in
<configuration>
<system.web>
and
</system.web>
</configuration>
For learning purposes, the following examples omit this xml tag.
1. The role of the <authentication> section: configure asp.NET authentication support (four types: Windows, Forms, PassPort, and None). This element can only be declared at the computer, site, or application level. The <authentication> element must be used with the <authorization> section.
Example:
The following example is a form-based authentication configuration site. When a user who is not logged in accesses a webpage that requires authentication, the webpage automatically jumps to the login webpage.
<authentication mode="Forms" >
<forms loginUrl="logon.aspx" name=".FormsAuthCookie"/>
</authentication>
The element loginUrl represents the name of the login web page, and name represents the cookie name.
2. The role of the <authorization> section: controls client access to URL resources (such as allowing anonymous users to access). This element can be declared at any level (computer, site, application, subdirectory, or page). Required in conjunction with the <authentication> section.
Example: The following example disables access to anonymous users
<authorization>
<deny users="?"/>
</authorization>
Note: You can use user.identity.name to get the current authenticated user name; you can use the web.Security.FormsAuthentication.RedirectFromLoginPage method to redirect the authenticated user to the page the user just requested. Specific
3. The role of the <compilation> section: configure all compilation settings used by asp.NET. The default debug attribute is "True". It should be set to False after the program is compiled and delivered for use (details are described in the Web.config file, and the example is omitted here)
4.<customErrors>
Role: Provide information about custom error messages for asp.NET applications. It does not apply to errors occurring in xml web services.
Example: When an error occurs, jump to a custom error page.
<customErrors defaultRedirect="ErrorPage.aspx" mode="RemoteOnly">
</customErrors>
The element defaultRedirect represents the name of the customized error web page. The mode element indicates: display custom (friendly) information to users who are not running on the local Web server.
5. The role of the <httpRuntime> section: configure the asp.NET HTTP runtime settings. This section can be declared at the computer, site, application, and subdirectory levels.
Example: Control the maximum size of user upload files to 4M, the maximum time to 60 seconds, and the maximum number of requests to 100
<httpRuntime maxRequestLength="4096" executionTimeout="60" appRequestQueueLimit="100"/>
6. <pages>
Role: Identifies page-specific configuration settings (such as whether to enable session state, view state, whether to detect user input, etc.). <pages> can be declared at the computer, site, application, and subdirectory levels.
Example: Do not detect whether there is potentially dangerous data in the content entered by the user in the browser (Note: This item is detected by default. If you use non-detection, you must encode or verify the user's input). From the client The encrypted view state is checked when the page is posted back to verify that the view state has not been tampered with on the client side. (Note: This item is not verified by default)
<pages buffer="true" enableViewStateMac="true" validateRequest="false"/>
7. <sessionState>
Function: Configure session state settings for the current application (such as setting whether to enable session state and where to save session state).
Example:
<sessionState mode="InProc" cookieless="true" timeout="20"/>
</sessionState>
Note:
mode="InProc" means: store session state locally (you can also choose to store it in a remote server or SAL server or disable session state)
cookieless="true" means: enable session state if the user's browser does not support cookies (default is False)
timeout="20" means: the number of minutes the session can be idle
8. <trace>
Function: Configure asp.NET tracking service, mainly used for program testing to determine where errors occur.
Example: The following is the default configuration in Web.config:
<trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true" />
Note:
enabled="false" means not to enable tracking;
requestLimit="10" specifies the number of tracking requests stored on the server
pageOutput="false" means that the trace output can only be accessed through the trace utility;
traceMode="SortByTime" indicates that trace information is displayed in the order in which traces are processed.
localOnly="true" means that the trace viewer (trace.axd) is only used for the host Web server. The custom Web.config file configuration section process is divided into two steps.
1. Declare the name of the configuration section and the name of the .NET Framework class that handles the configuration data in the section between the <configSections> and </configSections> tags at the top of the configuration file.
2. Make the actual configuration settings for the declared section after the <configSections> area.
Example: Create a section to store database connection strings
<configuration>
<configSections>
<section name="appSettings" type="System.Configuration.NameValueFileSectionHandler, System, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
</configSections>
<appSettings>
<add key="scon" value="server=a;database=northwind;uid=sa;pwd=123"/>
</appSettings>
<system.web>
...
</system.web>
</configuration>
Accessing the Web.config file You can access the Web.config file by using the ConfigurationSettings.AppSettings static string collection Example: Get the connection string established in the example above. For example:
protected static string Isdebug = ConfigurationSettings.AppSettings["debug"]
2. Detailed explanation of session configuration in web.config After opening the configuration file Web.config of an application, we will find the following paragraph:
< sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
This section configures how the application stores session information. Our various operations below are mainly focused on this configuration. Let's first take a look at the meaning of the content contained in this configuration. The syntax of the sessionState node is as follows:
< sessionState mode="Off|InProc|StateServer|SQLServer"
cookieless="true|false"
timeout="number of minutes"
stateConnectionString="tcpip=server:port"
sqlConnectionString="sql connection string"
stateNetworkTimeout="number of seconds"
/>
The required attributes are: attribute option description
mode sets where to store session information
Ø Off is set to not use the session function.
Ø InProc is set to store the session in the process, which is the storage method in asp. This is the default value.
Ø StateServer is set to store the session in an independent state service.
Ø SQLServer settings store the session in sql server.
Optional attributes are: attribute option description
Ø cookieless sets where the client’s session information is stored,
Ø ture uses cookieless mode,
Ø false Use Cookie mode, this is the default value,
Ø timeout sets the number of minutes after which the server automatically gives up session information. The default is 20 minutes.
stateConnectionString sets the server name and port number used when storing session information in the state service, for example: "tcpip=127.0.0.1:42424". This attribute is required when the value of mode is StateServer.
sqlConnectionString sets the connection string when connecting to sql server. For example "data source= localhost;Integrated Security=SSPI;Initial Catalog=northwind". This attribute is required when the value of mode is SQLServer.
stateNetworkTimeout sets the number of idle seconds after which the TCP/IP connection between the Web server and the server storing the state information is disconnected when using the StateServer mode to store the session state. The default value is 10 seconds.
The storage of client session status in asp.NET is shown in our session model introduction above. You can find that the session status should be stored in two places, namely the client and the server. The client is only responsible for saving the SessionID of the corresponding website, while other session information is saved on the server side. In asp, the client's SessionID is actually stored in the form of a cookie. If the user chooses to disable cookies in the browser settings, then he will not be able to enjoy the convenience of session, and may even be unable to access certain websites. In order to solve the above problems, the client's session information storage method in asp.NET is divided into two types: Cookie and Cookieless.
In asp.NET, by default, cookies are still used to store session information on the client. If we want to use Cookieless to store session information on the client, the method is as follows:
Find the root directory of the current web application, open the Web.Config file, and find the following paragraph:
< sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
The cookieless="false" in this paragraph is changed to: cookieless="true". In this way, the client's session information is no longer stored using cookies, but is stored through the URL. Close the current IE, open a new IE, and revisit the web application just now. You will see something similar to the following:
Among them, what is marked in bold in http://localhost/MyTestApplication/(ulqsek45heu3ic2a5zgdl245 )/default.aspx is the client’s session ID. Note that this information is automatically added by IIS and will not affect previous normal connections.
Preparations for storing session state on the server side in asp.NET:
In order for you to better experience the experimental phenomenon, you can create a page called SessionState.aspx, and then add the following codes to <body></body>.
<scriptrunat="server">
Sub Session_Add(sender As Object, e As EventArgs)
session("MySession") = text1.Value
span1.InnerHtml = "Session data updated! < P>Your session contains: < font color=red>" & session("MySession"). ToString() & "< /font>"
End Sub
Sub CheckSession(sender As Object, eAs EventArgs)
If (Session("MySession")Is Nothing) Then
span1.InnerHtml = "NOTHING, session DATA LOST!"
Else
span1.InnerHtml = "Your session contains: < font color= red>" & session("MySession").ToString() & "< /font>"
End If
End Sub
</script>
< formrunat="server"id="Form2">
< inputid="text1"type="text"runat="server"name="text1">
< inputtype="submit"runat="server"OnServerClick="Session_Add"
value="Add to session State " id="Submit1"name="Submit1">
< inputtype="submit"runat="server"OnServerClick="CheckSession"
value=" View session State " id="Submit2"name="Submit2">
< /form>
< hrsize="1">
< fontsize="6">< spanid="span1"runat="server" />< /font>
The SessionState.aspx page can be used to test whether session information is lost on the current server.
Storing server session information in the process Let's go back to the previous paragraph of the Web.config file:
< sessionState
mode="InProc"
stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="false"
timeout="20"
/>
When the value of mode is InProc, it indicates that the server is using this mode.
This method is the same as the previous mode in asp, that is, the server stores session information in the IIS process. When IIS is shut down and restarted, this information will be lost. But this mode also has its own biggest advantage, which is the highest performance. Because all session information is stored in the IIS process, IIS can quickly access this information. The performance of this mode is faster than storing session information out of process or storing session information in SQL Server. a lot of. This mode is also the default way of asp.NET.
Okay, now let's do an experiment. Open the SessionState.aspx page just now and enter some characters to store them in the session. Then, let's restart IIS. Note that it is not to stop and restart the current site, but to right-click the node with the local machine name in IIS and select Restart IIS. (I think when I used NT4, I had to restart the computer to restart IIS. Microsoft is really @#$%^&) Return to the SessionState.aspx page, check the session information just now, and find that the information has been lost.
Storing server session information outside the process First, let us open the management tools -> Services, find the service named: asp.NET State Service, and start it. In fact, this service starts a process to save session information. After starting this service, you can see a process named aspnet_state.exe from Windows Task Manager->Processes. This is the process where we save session information.
Then, go back to the above paragraph in the Web.config file and change the mode value to StateServer. After saving the file, reopen an IE, open the SessionState.aspx page, and save some information to the session. At this time, let us restart IIS and go back to the SessionState.aspx page to check the session information just now and find that it is not lost.
In fact, this way of storing session information outside the process not only means that the information can be stored outside the process of the local machine, but also the session information can be stored in the processes of other servers. At this time, not only do you need to change the mode value to StateServer, but you also need to configure the corresponding parameters in stateConnectionString. For example, your calculation is 192.168.0.1. If you want to store the session in the process of the computer with IP address 192.168.0.2, you need to set it like this: stateConnectionString="tcpip=192.168.0.2:42424". Of course, don't forget to install the .NET Framework on the 192.168.0.2 computer and start the asp.NET State Services service.
Storing server session information in sql server First, let us do some preparatory work. Start the sql server and sql server proxy services. Execute a script file called InstallSqlState.sql in sql server. This script file will create a database in SQL Server specifically for storing session information, and a SQL Server agent job that maintains the session information database. We can find that file in the following path:
[system drive]winntMicrosoft.NETFramework[version]
Then open the query analyzer, connect to the sql server, open the file just now and execute it. Wait a moment and the database and job will be created. At this time, you can open the Enterprise Manager and see that a new database called ASPState has been added. But there are only some stored procedures in this database, and there is no user table. In fact, the session information is stored in the ASPStateTempSessions table of the tempdb database, and another ASPStateTempApplications table stores the application object information in asp. These two tables were also created by the script just now. In addition, check Management->SQL server Agent->Jobs and find that there is also an additional job called ASPState_Job_DeleteExpiredSessions. This job actually deletes expired session information from the ASPStateTempSessions table every minute.
Next, we return to the Web.config file and modify the mode value to SQLServer. Note that you also need to modify the value of sqlConnectionString at the same time. The format is:
sqlConnectionString="data source=localhost; Integrated Security=SSPI;"
The data source refers to the IP address of the SQL server server. If the SQL server and IIS are the same machine, just write 127.0.0.1. Integrated Security=SSPI means using Windows integrated authentication. In this way, accessing the database will be done as asp.NET. Through this configuration, you can obtain better security than the sql server authentication method using userid=sa;password=password. sex. Of course, if the sql server is running on another computer, you may need to maintain the consistency of the authentication on both sides through the Active Directory domain.
Again, let's do an experiment. Add session information to SessionState.aspx, and then find that the session information already exists in the SQL server. Even if you restart the computer, the session information will not be lost. Now, you have completely seen what the session information looks like, and it is stored in SQL Server. What you can do depends on your performance.
Summary 3. General settings of asp.net form authentication
General settings for asp.net form authentication:
1: In web.config, add form authentication;
<authentication mode="Forms">
<forms name="auth" loginUrl="index.aspx" timeout="30"></forms>
</authentication>
<authorization>
<deny users="?" />
</authorization>
2: If there is a registration page, anonymous users should be allowed to call the registration page to register;
The following code should be between <configuration><system.web> and should not be included between <system.web>..</system.web>;
----------------Indicates that anonymous users are allowed to access the userReg.aspx page.
<location path="userReg.aspx">
<system.web>
<authorization>
<allow users="?" />
</authorization>
</system.web>
</location>
3. After successful login, an identity verification ticket must be created to indicate that the authenticated legal user has passed;
if (login successful)
System.Web.Security.FormsAuthentication.SetAuthCookie(username, false);
4. Access the Web.config file. You can access the Web.config file by using the ConfigurationSettings.AppSettings static string collection. Example: Get the connection string established in the above example. For example:
protected static string Isdebug = ConfigurationSettings.AppSettings["scon"]
asp.Net performance optimization.
(1).Select session state storage method
Configure in Webconfig file:
<sessionState mode="???" stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
cookieless="false" timeout="20"/>
ASP.NET has three ways to store session state information:
1. Stored in the process: attribute mode = InProc
Features: It has the best performance and the fastest speed, but cannot be shared across multiple servers.
2. Stored in the state server: attribute mode = "StateServer"
Features: Use this method when user session information needs to be maintained across servers.
But the information is stored on the state server, and once the state server fails, the information will be lost
3. Stored in sql server: attribute mode="SqlServer"
Features: The workload will become larger, but the information will not be lost.
One more thing:
I. Since some pages do not require session state, session state can be disabled:
The code is as follows: <%@ Page EnableSessionState="false" %>
II. If the page needs to access session variables but is not allowed to modify them, you can set the page session status to read-only:
The code is as follows: <%@ Page EnableSessionState="false" %>
When using it, you can choose a certain method according to the specific situation
(2).Use Page.IsPostBack
Page.IsPostBack indicates whether it is returned from the client. When running for the first time, it is not returned from the client. Its value
Is false, when an event on the page is triggered or the page is refreshed, the value of Page.IsPostBack becomes true because it is postback;
Generally used in: Page_Load method:
private void Page_Load(Object sender,EventArgs e)
{
if(!Page.IsPostBack)
{
....; //Code to initialize the page. These codes are executed when the page is initialized for the first time, and when posted back for the second time,
//Will not be executed again. Improve efficiency.
}
}
Often IsPostBack has to be used because some controls need to maintain their state after initialization.
For example: DropDownList, if initialized every time, no matter what option the user selects, it will be initialized to the default value.
(3). Avoid using server controls
1. For general static display information, try not to use server-side controls to display it. Because server-side controls need to post back to the server for execution,
It will reduce the efficiency of program execution. Generally, it can be displayed with <DIV>.
If server-side controls are used, removing: runat="server" will also improve efficiency.
2. Disable the state view of server-side controls. Some controls do not need to maintain their state. You can set their properties: EnableViewState=false;
If the entire page control does not need to maintain a state view, you can set the state view of the entire page to false:
The code is as follows: <%@ Page EnableViewState="false"%>
3. Configure in the Web.Config file:
asp.NET Sessions can be configured in the Sessionsstate element in Web.config or Machine.config.
Here is an example of the settings in Web.config:
<Sessionsstate timeout="10" cookieless="false" mode="Inproc" />
(4). Avoid using DataGrid
Everyone knows that DataGrid is powerful. However, while it is powerful, it also increases performance overhead. Generally use other controls: DataList
Or Repeater control can achieve this, try not to use DataGrid.
(5).String operations
1. Avoid boxing operations. Packing operations are less efficient.
For example, run two code snippets:
string test="";
for(for int i=0;i<10000;i++)
{
test = test + i;
}
and
string test="";
for(for int i=0;i<10000;i++)
{
test = test + i.ToString();
}
The code snippet below is obviously more efficient. Because i is an integer, the system must first box and convert i into a string type before connecting. It takes time.
Readers can copy it to their own machines and test it.
2. Use StringBulider class
When performing string concatenation: string str = str1 + str2 + ....;
Generally, for more than three connections, it is best to use StringBuilder instead of the string class. StringBuilder can avoid re-creating string objects.
performance loss.
Generally used when assembling sql statements: StringBulider.
Readers can test it on their own machines.
3. Use as little as possible:
try
{}
catch
{}
finally
{}
Statement. The execution efficiency of this statement is relatively low.
(6) Optimization of ADO.Net usage
1. Database connections are opened and closed. Open when a connection is needed, and close the connection immediately after accessing the database.
For example, let’s look at two code snippets:
I.
DataSet ds = new DataSet();
SqlConnection MyConnection = new SqlConnection("server=localhost; uid=sa; pwd=; database=NorthWind");
SqlCommand myCommand = new SqlCommand(strSql,MyConnection);
SqlDataAdapter myAdapter=new SqlDataAdapter(queryStr,connectionStr);
MyConnection.Open(); //Open the connection
for(int i=0;i<1000;i++) //for loop simulates business logic operations before obtaining data
{
Thread.Sleep(1000);
}
myAdapter.Fill(ds);
for(int i=0;i<1000;i++) //for loop simulates business logic operations after obtaining data
{
Thread.Sleep(1000);
}
MyConnection.Close(); //Close the connection
II.
DataSet ds = new DataSet();
SqlConnection MyConnection = new SqlConnection("server=localhost; uid=sa; pwd=; database=NorthWind");
SqlCommand myCommand = new SqlCommand(strSql,MyConnection);
SqlDataAdapter myAdapter=new SqlDataAdapter(queryStr,connectionStr);
for(int i=0;i<1000;i++) //for loop simulates business logic operations before obtaining data
{
Thread.Sleep(1000);
}
MyConnection.Open(); //Open the connection
myAdapter.Fill(ds);
MyConnection.Close(); //Close the connection
for(int i=0;i<1000;i++) ////The for loop simulates the business logic operation after obtaining the data
{
Thread.Sleep(1000);
}
The display II code is much better than the I code. The I code occupies the connection early. If there are many users, the connection pool is likely to be full. In severe cases, a crash may occur.
2. Database query
I. Directly generate sql statements. SQL Server has to compile it every time, and there will not be a big improvement in performance. In addition, it is not safe enough. Easily attacked.
II. Use the sql command with parameters. In this way, sql server only compiles it once, and the compiled commands can be reused for different parameters. Improved performance.
III. Use sql server stored procedures. Compile once. It is independent and easy to modify and maintain. It can complete the function of sending statements multiple times at one time. It reduces the network overhead.
flow. Stored procedures are not necessarily more efficient than statements. If the business logic is very complex, sometimes statements are more efficient than stored procedures.
(6). Cache optimization
There are two types of cache: page cache and API cache.
1. Use page caching and fragment caching
<%@ OutputCache Duration="5" VaryByParam="None"%>
<%@ OutputCache Duration=60 VaryByParam=”TextBox1,TextBox2” %>
Note: Duration is to set the expiration time of Cache;
VarByParam is whether the setting changes according to parameters. When None, all parameters use the same Cache.
When setting TextBox1, cache them separately according to different values of TextBox1; when there are multiple parameters, cache them in combination;
2.API cache. for use in applications
I. An example of Cache usage:
http://blog.csdn.net/chengking/archive/2005/10/03/494545.aspx
II. Pay attention to the difference between Page.Cache and HttpContext.Current.Cache when using:
They refer to the same object. In Page, use Page.Cache. If you use it in global.asax or your own class: HttpContext.Current.Cache. In some events, because there is no HttpContext, use HttpRuntime.Cache.
