Chapter 5. File InputOutput in ASP.NET

Chapter 5. File Input/Output in ASP.NET

In this chapter

Directory

The File and StreamReader Classes

The File and StreamWriter Classes

StringReader, StringBuilder, and StringWriter

FileStream, BinaryReader, and BinaryWriter

This chapter talks about input and output (I/O) in ASP.NET applications ” specifically , file and string I/O. Fewer than half of the ASP developers I've met over the years actually read or write data from and to disk files. Most ASP applications center around .ASP and .HTM files, which contain the bulk of the application's presentation. And a majority of the data used to populate .ASP files comes from a data source of some kind.

Many of my more successful Web applications use .ASP files with elements that are populated with data from a SQL Server database without disk files ever being read or written. For example, I have a page on www.YourPediatrician.com that enables users to enter a person's name, and it then matches the name in a SQL Server table and tells users the meaning and origin of the name. (You can find this page at http://www.yourpediatrician.com/BabyNameSearch.htm.) Yes, dynamic data populates the resulting .ASP, but nothing is read from disk.

There's one very practical reason that writing to a disk file is not always a good idea: The network administrator must grant write permissions to the Web application for the Web application to write any data to the disk. This opens up a potential security concern because adding permission to write disk files lowers the security, and offers the potential for unwanted content to be written to the server. If a good hacker figures out that one of your Web application directories has write permission, and your server's security is loose, he might find a way to write to the server's disk in a way that compromises the integrity of your application's files.

Still, though, you might need to write data to disk under certain circumstances, or you might need to read disk files and use the data in your application. A good example can be found on www.UsingASP.net. I wanted to provide a way for readers of this book to experiment with .ASPX files, whether they have a Web server or not (including localhost , which gets installed with Visual Studio.NET and the .NET components ). To facilitate this, I created an HTML form in which users can type in their .ASPX data. This form then saves to a special directory that has the necessary permissions, and then the Web server executes the .ASPX. In this way, readers (and other users) can freely experiment with the concepts presented.

I have another Web site named www.eKidPlace.com that contains hundreds of activities and games for kids . The size of these activities, in terms of the amount of text, can be larger than what you'd normally store in SQL Server. I usually keep SQL Server data fields to 255 characters or less. The activity files on www.eKidPlace.com can exceed 2,000 characters . For this reason, I store them in disk files, each of which has a unique identification name. The filename, rather than the actual activity data, is stored in the database. The application queries the database, gets the filename, opens the activity file, and then uses the activity data to create the HTML page that's served up to the client.

You probably can think of many more situations in which disk files are useful. This chapter teaches you how to effectively use them in your application.

Please note that the namespace that you must use for applications that access the server's disk is System.IO.