Speed Optimization in ASP.NET 2.0 Web Applications

To write a well performing web application you must make a balance between four common performance measures. These measures are:
Execution Time: It is the time taken to process a request. This is measured as the time elapsed between the first byte received from the server and the last one.
Response Time: It is the time between issuing a request and the first byte received as a response from the server.
Scalability: It measures the performance of a web application against resources (memory, processors, or computers) allocated for it.
Throughput: It is the number of requests your application can serve in a time unit, usually a second.
What follows is a list of areas that you can invoke to harvest for techniques that you can use to develop a high performance ASP.NET application.
State management
Data access
Page and server controls
Web applications
Coding practices

State Management
The following issues give you some ideas about how to make state management efficient.

SessionState State
Disable session state when you are not using it. Not all web application require a session state for each user. When you disable unneeded session state you are definitely improving your application performance.
To disable session state for a complete page in your application, use the following code:
If your page requires access to session variables only to read them then set the session state for this page to read only.
To disable session state for the entire application, open the ‘web.config’ file, and set the mode attribute to off under the session state section as in the following code:

Session State Provider
There are more than one approach for storing your session state data. You can choose the approach you prefer by setting the mode attribute under the session state section of your application ‘web.config’ file. The supported modes are: in-process mode, state server mode, SQL server mode, and custom mode. Each mode is suitable in some circumstance, and has its own set of advantages. The in-process session state is by far the fastest one. So, it is recommended to use the in-process provider if you want to store small amounts of volatile data in the session state. Other state server and SQL server providers are needed if your application using a web farm or garden, or if you want to retain your session state date if the web server is restarted.

Data Access
The following points give you some ideas about how to render data access efficient:

Use SQL server provider
Among the data providers available to be used, choose SQL data provider to build a high performance, scalable web application.

Use SQL Data Reader
The SQLDataReader class gives you the ability to read only retrieved records from the database for once. So, if this is all what you actually need, then it is extremely recommended to use a data reader class instead of a DataSet or, a Table Class. This will gives your application much higher performance.

Use Stored Procedures
Whenever possible use compiled stored procedure instead of SQL plain text commands, this gives your application an extra speed performance. SQL server builds and stores execution plans for previously stored procedures.

Make use of SQLDataSource useful properties
Instead of writing a query that includes the “Where”, or “Sort By” clauses use the caching, filtering, and sorting properties of the SQLDataSourse provider. You can set the SQLDataSource object’s “EnableCaching” property to true to enable caching of the retrieved data by this data source. When you enable data source caching, SQLDataSource will do the operations like filtering and sorting on the cached data. You can use the “FilterExpression” property, and the “SortParameterName” property to perform filtering and sorting using the SQLDataSource object. This will certainly makes your application faster.

View State Encryption
You must balance between the importance of encrypting your application view state data to make your transferred data more secure, and the cost / the impact of using encryption on your application speed. Encryption has a fixed cost for initialization plus a unfixed cost depends on the size of data to be encrypted. In brief, it is recommended to avoid using unnecessary view state data encryption.

It is known that to display data from a given data source you have to use data controls like: GridView, and/or DetailsView controls and to bind them to the data source you want to display data from. You may want to adjust the display layout of some data records and columns within your screen by using the GridView, or the DetailsView paging property and set it to true. This paging technique is called UI paging (User Interface paging). To perform this service, the GridView control requests data from the specified data source, it then filters the elements that will be displayed in the current page and simply ignores the rest. It does this process each time a new page is required … which is certainly a great waste of resources.
There is another technique for doing the same task, it is typically referred to as data source paging. In this technique you make use of a data source control that implements the DataSourceView class, and set its CanPage property to true, then you feed the GridView control or the DetailsView control from this data source. In this case the data source object queries only for the elements needed in each page. Thus, data source paging is more efficient than UI paging. The only data source class that allows data source paging is ObjectDataSource class.

Using the caching technique appropriately can improve the performance of your application more than using any other technique. .Net framework provides some mechanisms for caching pages and data within your ASP.NET application. You can use caching for pages that exhibit heavy traffic and do not change between requests. You can also cache small sized data that is used extensively by your application instead of processing them each time.

To use caching effectively, give attention to the following notes:

– Don’t assign a small duration for your cached items, items that expire quickly take extra cost for cleaning up and garbage collection.
– Don’t cache too many data items, there is a memory cost for each data item. It is not necessary to cache items that can be easily calculated or those which are rarely calculated or used.

Caching is so important and the ASP.NET framework gives a varity of caching mechanisms you can use to improve your application performance more and more. Some of those mechanisms are: Caching application data, Page output casching, Caching web forms, and Caching parts of web forms.

(sursa: http://www.beansoftware.com/asp.net-tutorials/sessionstate-data-optimization.aspx)


SQL Tips – Inner Join Select

SELECT tabela1.*, tabela2.Shares, tabela3.domainID
(SELECT ID, col2, col3, col4
FROM tabela1) tabela1
(SELECT col1,COUNT(col1) AS Shares FROM tabela2
GROUP BY col1) tabela2
ON tabela1.ID = tabela2.col1 INNER JOIN
(SELECT col1, col2 FROM tabela2) AS tabela3
ON tabela3.col1= tabela2.col1

dbcc checkident (numeTabela,reseed,1)

Rijndael – Algoritm de criptare a datelor

Dupa parerea expertilor in domeniu AES:Rijndael este cel mai bun algoritm de criptare. Algoritmul dezvoltat de catre Daemen si Vincent Rijmen a castigat concursul “Advanced Encryption Standard”. Este un “block cipher” pe 128 de biti cu o cheie de maxim 256 de biti. (sursa: http://copiatac.3x.ro/Proiecte_AC/CipariuDanciu.htm)

Cod C# pentru criptarea unui string

private static RijndaelManaged rijndaelCipher = new RijndaelManaged();
private static string secretSalt = “string care contine litere, cifre si caractere speciale“;

private static string EncryptString(string toEncrypt) {
try {
byte[] plainText = Encoding.Unicode.GetBytes(toEncrypt);
// Using salt to make it harder to guess the key using a dictionary attack.
byte[] salt = Encoding.ASCII.GetBytes(secretSalt.Length.ToString());
// The (secret Key) will be generated from the specified password and salt.
PasswordDeriveBytes secretKey = new PasswordDeriveBytes(secretSalt, salt);
// Create a encryptor from the existing SecretKey bytes. Is used 32 bytes
//for the secret key, (the default rijndael key length is 256 bit = 32 bytes)
//and then 16 bytes for the IV (initialization vector),the default Rijndael IV length is 128 bit = 16 bytes

ICryptoTransform encryptor = rijndaelCipher.CreateEncryptor(secretKey.GetBytes(32), secretKey.GetBytes(16));
// Create a MemoryStream that is going to hold the encrypted bytes
MemoryStream memoryStream = new MemoryStream();
// Create a CryptoStream through which will be processed the data. CryptoStreamMode.Write means
//that is going to be writing data to the stream and
//the output will be written in the MemoryStream provided. (always use write mode for encryption)
CryptoStream cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write);
// Start the encryption process.
cryptoStream.Write(plainText, 0, plainText.Length);
// Finish encrypting.
// Convert encrypted data from a memoryStream into a byte array.
byte[] cipherBytes = memoryStream.ToArray();
// Close both streams.
// Convert encrypted data into a base64-encoded string. A common mistake would be to use
//an Encoding class for that. It does not work, because not all byte values can be represented
//by characters. Using Base64 encoding, that is designed exactly for what we are trying to do.

string encryptedData = Convert.ToBase64String(cipherBytes);
// Return encrypted string.
return encryptedData;
} catch (Exception ex) {
return null;

private static string DecryptString(string toDecrypt) {
try {
byte[] encryptedData = Convert.FromBase64String(toDecrypt);
byte[] salt = Encoding.ASCII.GetBytes(secretSalt.Length.ToString());
PasswordDeriveBytes secretKey = new PasswordDeriveBytes(secretSalt, salt);
// Create a decryptor from the existing secretKey bytes.
ICryptoTransform decryptor = rijndaelCipher.CreateDecryptor(secretKey.GetBytes(32), secretKey.GetBytes(16));
MemoryStream memoryStream = new MemoryStream(encryptedData);
// Create a CryptoStream. (always use Read mode for decryption).
CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
// Since at this point we don’t know what the size of decrypted data will be, allocate the
//buffer long enough to hold encryptedData, decryptedData is never longer than encryptedData.

byte[] plainText = new byte[encryptedData.Length];
// Start decrypting.
int decryptedCount = cryptoStream.Read(plainText, 0, plainText.Length);
// Convert decrypted data into a string.
string decryptedData = Encoding.Unicode.GetString(plainText, 0, decryptedCount);
// Return decrypted string.
return decryptedData;
} catch (Exception ex) {
return null;

Pentru criptarea unui fisier singura diferenta este ca in loc de folosirea unui memory stream se va folosi file stream