Tuesday, 11 September 2012

Mobile Application Development in ASP.NET

Introduction

Mobile application development in ASP.NET is similar to traditional ASP.NET web application development. And it is very easy for ASP.NET developer to develop mobile application. All mobile web pages are inherit from MobilePage class which exists in System.Web.UI.MobileControls namespace.ASP.NET exposes a System.Web.Mobile namespace is for specifically to Web development.

Background

In this demonstration, you will create a mobile web page that dedicated to mobile device. The page will show a loan repament calculator and after passing valid parameter it will show repament amount of a pricipal amount with terms and rate.

Creating Web Application in ASP.NET

  1. Click to open Microsoft Visual Studio 2008
  2. On the File menu , choose New, and then choose Web Site.
    The New Web Site dialog box appears.
  3. Under Visual Studio installed templates, select ASP.NET Web Site.
  4. Click Browse .
    The Choose Location dialog box appears.
  5. Location File System and LRC
  6. Language Visual C#
  7. Click OK button 

A Default.aspx is added in your solution and it is traditional ASP.NET page which is inherited from System.Web.UI.Page. But you need to create page which inherit from MobilePage class in System.Web.UI.MobileControls namespace. In this demonstration, you will use controls from the System.Web.Mobile namespace that are specifically designed for devices that cannot display as much information as a desktop browser.

Creating Mobile Web Page in Application

  1. Right-click the Default.aspx page in Solution Explorer and choose Delete.
  2. Click OK in the dialog box.
  3. Right-click the application in Solution Explorer and choose Add New Item
  4. Choose Mobile Web Form under Visual Studio installed templates.
    5. LRC1.GIF
    Figure 1
    Dowanload(Download MobileWebFromTemplate.zip - 16.12 KB) mobile page template if you do not have mobile form template in Add New Item box and place tempalate according to instruction provided in readme file. After extrating MobileWebFromTemplate.rar file you will get two folder a 'Web Application' and another is 'Web Site'. Place RAR files in Web Application folder to '[My Documents]\Visual Studio 2008\Templates\ItemTemplates\Visual C#' and RAR files in Web Site folder to '[My Documents]\Visual Studio 2008\Templates\ItemTemplates\Visual Web Developer'. Now you will get Mobile Web Form template.
  5. Name Loan_RepaymentCalculator.aspx
  6. Choose Language Visual C#
  7. Check Place code in separate file.
  8. Click Add in the dialog box
Right click on Loan_RepaymentCalculator.aspx choose View Code define namespace for Loan_RepaymentCalculator class. 
namespace STL.Web.Mobile.UI
{
    public partial class Loan_RepaymentCalculator : System.Web.UI.MobileControls.MobilePage
    {
    }
}
Set Inherits attribute value STL.Web.Mobile.UI.Loan_RepaymentCalculator in page directive of Loan_RepaymentCalculator's source file. 
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Loan_RepaymentCalculator.aspx.cs"
    Inherits="STL.Web.Mobile.UI.Loan_RepaymentCalculator" %>

Design Mobile Web Page

In solution explorer double click on Loan_RepaymentCalculator.aspx to view source code and you will find mobile form form1 rename it as frmInput.From the Mobile Web Forms folder of the Toolbox, drag controls onto frmInput and set their properties as defined in the following.
 1. Label control
   a. ID = "lblHeading"
   b. Runat = "Server"
   c. EnableViewState = "False"
   d. Wrapping = "Wrap"
   e. StyleReference="StyleHeader"

 2. Label control
  a. ID = "lblPrincipal"
  b. Runat = "Server"
  c. EnableViewState = "False"
  d. Text = "1. Amount"
  e. StyleReference="StyleLabel"

 3. TextBox control
   a. ID = "PrincipalAmount"
   b. Runat = "Server"
   c. Numeric = "True"
   d. MaxLength = "12"
   e. Size = "10"
   f. Title = "Principal Amount"
   g. StyleReference="StyleTextBox"

 4. RequiredFieldValidator control for validating principal amount that expect input from user.
   a. ID = "rfvPrincipal"
   b. Runat = "Server"
   c. ControlToValidate ="PrincipalAmount"
   d. ErrorMessage = "Amount Empty!"
   e. StyleReference="StyleValidation"

 5. RegularExpressionValidator control for  validating principal amount that expect only numeric(fractional) value from user .
   a. ID = "revPrincipal"
   b. Runat = "Server"
   c. ControlToValidate = "PrincipalAmount"
   d. ErrorMessage = "Invalid Amount!"
   e. ValidationExpression = "^([0-9]+)?\.?\d{1,2}"
   f. StyleReference="StyleValidation"

 6. Label control
   a. ID = "lblTerm"
   b. Runat = "Server"
   c. EnableViewState = "False"
   d. Text = "2. Term(Year)"
   e. StyleReference="StyleLabel"

 7. TextBox control
   a. ID = "Term"
   b. Runat = "Server"
   c. Numeric = "True"
   d. MaxLength = "6"
   e. Size = "10"
   f. Title = "Term"
   g. StyleReference="StyleTextBox"

8.RequiredFieldValidator control for validating term that expect input from user.
   a. ID = "rfvTerm"
   b. Runat = "Server"
   c. ControlToValidate ="Term"
   d. ErrorMessage ="Term Empty!"
   e. StyleReference="StyleValidation"

 9. RegularExpressionValidator control for validating term that expect only numeric(not fractional) value from user .
   a. ID = "revTerm"
   b. Runat = "Server"
   c. ControlToValidate = "Term"
   d. ErrorMessage = "Invalid Amount!"
   e. ValidationExpression = "^[1-9]([0-9]+)?"
   f. StyleReference="StyleValidation"

 10. Label control
   a. ID = "lblRate"
   b. Runat = "Server"
   c. EnableViewState = "False"
   d. Text = "3. Rate(%)"
   e. StyleReference="StyleLabel"

 11. TextBox control
   a. ID = "Rate"
   b. Runat = "Server"
   c. Numeric = "True"
   d. MaxLength = "5"
   e. Size = "10"
   f. Title = "Rate"
   g. StyleReference="StyleTextBox"

 12. RequiredFieldValidator control for validating rate that expect input from user.
   a. ID = "rfvRate"
   b. Runat = "Server"
   c. ControlToValidate ="Rate"
   d. ErrorMessage ="Rate Empty!"
   e. StyleReference="StyleValidation"

 13. RangeValidatorcontrol for validating rate that expect only numeric value between 1 to 100 from user.
   a. ID = "rvRate"
   b. Runat = "Server"
   c. Type="Double"
   d. ControlToValidate = "Rate"
   e. ErrorMessage = "Invalid Rate!"
   f. MinimumValue="0"
   g. MaximumValue="100"
   h. StyleReference="StyleValidation"

 14. Command control
   a. ID = "cmdRepayment"
   b. Runat = "Server"
   e. Text = "Repayment"
   f. OnClick="cmdRepayment_Click"


The Command control provides a way to invoke ASP.NET event handlers from UI elements, thus posting user input from UI elements back to the server. The command is for calculate repayment. Event OnClick of cmdRepayment is bind with cmdPayment_Click event procedure, it will disscus later in this demonestration.

The Form mobile control enables you to break up complex pages into a collection of forms on a mobile Web page. With this ability, you can minimize the effort required to port Web-based applications to mobile devices.

ASP.NET mobile web page can contain more than one form control and mobile application displays only one form at a time. And a form control cannot be a inner element of another form control.

Add second form control into Loan_RepaymentCalculator.aspx page after frmInput from the Mobile Web Forms folder of the Toolbox, and define form control ID is frmResult

Now from the Mobile Web Forms folder of the Toolbox, drag controls onto frmResult and set their properties as defined in the following.



 1. Label control
   a. ID = "lblHeadingResult"
   b. Runat = "Server"
   c. EnableViewState = "False"
   d. Wrapping = "Wrap"
   e. StyleReference="StyleHeader"

 2. TextView control to display result
   a. ID = "tvLoanDetails"
   b. Runat = "Server"
   c. EnableViewState = "False"
   d. StyleReference="StyleLabelResult"

 3. Command control it is a navigation button to go previous form control
   a. ID = "cmdBack"
   b. Runat = "Server"
   e. Text = "Back"
   f. OnClick="cmdBack_Click"


Event OnClick of the cmdBack command button bind with cmdBack_Click event procedure will discuss later in this demonstration.


Add last form control into Loan_RepaymentCalculator.aspx page after frmResult from the Mobile Web Forms folder of the Toolbox, and define form control ID is frmError. If runtime error occurs application will show this error form.

Now from the Mobile Web Forms folder of the Toolbox, drag controls onto frmError and set their properties as defined in the following.


 1. Label control
   a. ID = "lblHeadingError"
   b. Runat = "Server"
   c. EnableViewState = "False"
   d. Wrapping = "Wrap"
   e. StyleReference="StyleHeader"

 2. TextView control to display error
   a. ID = "tvError"
   b. Runat = "Server"
   c. EnableViewState = "False"
   d. Text ="Sorry For Inconvenience!"
   e. StyleReference="StyleError"

 3. Command control it is a navigation button to go previous form control
   a. ID = "cmdHome"
   b. Runat = "Server"
   e. Text = "Home"
   f. OnClick="cmdBack_Click"


Event OnClick of the cmdBack command button bind with cmdBack_Click event procedure will disscuss later in this demonstration.


StyleSheet

StyleSheet can be internal or external in mobile ASP.NET application. External stylesheet is for entire application while internal stylesheet only for page specific. The stylesheet control is need to implement style in application. Stylesheet control can contain any number of style elements, or elements that inherits from the style element. Each style element must have a unique name property. You can use the Name property to refer to each Style element in the StyleSheet control from other controls on the same MobilePage object.

To create the external style sheet, you create a user control, in an .ascx file, and place a single style-sheet control with a set of styles in it. Then, to refer to this file, you place a style-sheet control on the page and set its ReferencePath property to the relative URL of the user control.


Now add a StyleSheet folder in LRC Application. To do this follow the below steps:
   1. Right Click on LRC application
   2. Choose New Folder
   3. Rename it StyleSheet

Add Mobile Web User Control in StyleSheet folder. Follow the below steps:

   1. Right Click on StyleSheet folder in LRC application
   2. Choose Add New Item

   Add New Item dialogbox appear as below,

LRC1.GIF
Figure 2
   3. Name LRC_StyleSheet.ascx
   4. Labguage Visual C#
   5. Click Add in the dialog box.


set STL.Web.Mobile.UI namespace for LRC_StyleSheet class in LRC_StyleSheet.ascx.cs file and Set
Inherit="STL.Web.Mobile.UI.LRC_StyleSheet" in control directive of LRC_StyleSheet's source file.

To define style sheet you need to add a StyleSheet control on the page from Toolbox under Mobile Web Forms Folder. And define styles as bellow:



   <mobile:StyleSheet ID="StyleSheet1"  runat="server">
       <mobile:Style Name="StyleForm" Font-Size="Small">
       </mobile:Style>
       <mobile:Style Name="StyleHeader" ForeColor="#999966" Font-Size="Small" Font-Bold="True">
       </mobile:Style>
       <mobile:Style Name="StyleLabel" ForeColor="#cc3399" Font-Size="Small" Font-Bold="False">
       </mobile:Style>
       <mobile:Style Name="StyleTextBox" ForeColor="#cc3399" Font-Size="Small" Font-Bold="False">
       </mobile:Style>
       <mobile:Style Name="StyleValidation" ForeColor="Red" Font-Size="Small" Font-Bold="False">
       </mobile:Style>
       <mobile:Style Name="StyleLabelResult" ForeColor="#cc0066" Font-Size="Small" Font-Bold="False">
       </mobile:Style>
       <mobile:Style Name="StyleError" ForeColor="Red" Font-Size="Small">
       </mobile:Style>
   </mobile:StyleSheet>
To add style reference from this external StyleSheet into Loan_RepaymentCalculator.aspx, Just go to the source of this page and add a StyleSheet control from the
Toolbox under Mobile Web Froms add set ReferencePath="~/StyleSheet/LRC_StyleSheet.ascx"


    <mobile:StyleSheet ID="StyleSheet1"  runat="server" ReferencePath="~/StyleSheet/LRC_StyleSheet.ascx">       
    </mobile:StyleSheet>
Now you can a add StyleReference in elements of a mobile web page.


    <mobile:Label ID="lblHeading"  runat="server" EnableViewState="False" StyleReference="StyleHeader" Wrapping="Wrap">
    </mobile:Label>

Class

Add a class under STL.Web.Mobile.UI namespace in LRC Application for UI constants

 Steps:
   1. Right Click on the App_Code folder
   2. Choose Add New Item
   3. Choose Class
   4. Name UIConstant.cs
   5. Click Add in the dialog box.

LRC3.GIF
Figure 3

Add constants in UIConstant.cs files

namespace STL.Web.Mobile.UI
{
    public class UIConstant
    {
        private UIConstant()
        {
        }
        public const String TITLE_BAR="Loan Payment Calculator";
        public const String PAGE_TITLE = "Loan Payment Calculator";
    }
}

Events

Add Microsoft.VisualBasic.dll reference in application to calculate monthly payment using Financial.Pmt method.


 Steps:
   1. Right Click on the LRC Application
   2. Choose Add Reference
   3. Choose Microsoft.VisualBasic
   4. Click Add in the dialog box.

LRC4.GIF
Figure 4


Using Microsoft.VisualBasic namespace in Loan_RepaymentCalculator.aspx.cs file


using Microsoft.VisualBasic;
OnClick event of cmdRepayment command in frmInput form is as bellow

 protected void cmdRepayment_Click(object sender, EventArgs e)
        {
            if (!Page.IsValid) return;
            try
            {
                Double dblPrincipal = double.Parse(this.PrincipalAmount.Text);
                Double dblApr = double.Parse(this.Rate.Text);
                Double dblMonthlyInterest = (Double)(dblApr / (12 * 100));
                Int64 intTermInMonths = Int64.Parse(this.Term.Text) * 12;
                Double dblMonthlyPayment;
  //Calculate monthly payment
                dblMonthlyPayment = Microsoft.VisualBasic.Financial.Pmt(dblMonthlyInterest, intTermInMonths, -dblPrincipal,       0, Microsoft.VisualBasic.DueDate.BegOfPeriod);
                this.ActiveForm = this.frmResult;
                StringBuilder sbDetailsSpec = new StringBuilder("");
                sbDetailsSpec.Append(String.Format("{0} @ {1}% for {2} years <br /> Payment: ", dblPrincipal.ToString      ("C0"), dblApr.ToString(), this.Term.Text));
                sbDetailsSpec.Append("" + dblMonthlyPayment.ToString("C") + "");
                this.tvLoanDetails.Text = sbDetailsSpec.ToString();
            }
            catch
            {
  //If runtime error occurs then go to error form.
                this.ActiveForm = frmError;
            }
  }
OnClick event of cmdBack command in frmInput form is as bellow


 protected void cmdBack_Click(object sender, EventArgs e)
        {
     //To back to input form
            this.ActiveForm = this.frmInput;
        }
Initialize user method to initialize elements in the mobile web page

 private void Initialize()
        {
            this.frmInput.Title = UIConstant.TITLE_BAR;
            this.frmResult.Title = UIConstant.TITLE_BAR;
            this.frmError.Title = UIConstant.TITLE_BAR;

            this.lblHeading.Text = UIConstant.PAGE_TITLE;
            this.lblHeadingResult.Text = UIConstant.PAGE_TITLE;
            this.lblHeadingError.Text = UIConstant.PAGE_TITLE;
        }
Load event of the page

 protected void Page_Load(object sender, EventArgs e)
        {
            Initialize();
        }

Application Level Errors

To handle application level error you need to add a error page. To add page

   Steps:
   1. Right click on the LRC application
   2. Choose Add New Item
   3. Name ErrorPage.aspx
   4. Click Add in the dialog

Set Inherits="STL.Web.Mobile.UI.ErrorPage" in page directive of ErrorPage.aspx. And define STL.Web.Mobile.UI namespace for
ErrorPage 


 namespace STL.Web.Mobile.UI
 {
    public partial class ErrorPage : System.Web.UI.MobileControls.MobilePage
    {
    }
 }
Add a StyleSheet control in the page and set ReferencePath="~/StyleSheet/LRC_StyleSheet.ascx"

Add a form control in the ErrorPage and set ID="frmError"

Add control in frmError that is defined as following:

 1. Label control
   a. ID = "lblHeadingError"
   b. Runat = "Server"
   c. EnableViewState = "False"
   d. Wrapping = "Wrap"
   e. StyleReference="StyleHeader"

 2. TextView control to display error
   a. ID = "tvError"
   b. Runat = "Server"
   c. EnableViewState = "False"
   d. Text ="Sorry For Inconvenience!"
   e. StyleReference="StyleError"

 3. Command control it is a navigation button to go previous form control
   a. ID = "cmdHome"
   b. Runat = "Server"
   e. Text = "Home"
   f. OnClick="cmdBack_Click"

Code of the ErrorPage file is as follows:


public partial class ErrorPage : System.Web.UI.MobileControls.MobilePage
    {
        #region Event

        protected void Page_Load(object sender, EventArgs e)
        {
            Intitalize();
        }

        protected void cmdHome_Click(object sender, EventArgs e)
        {
  //To redirect to Loan_RepaymentCalculator page
            Response.Redirect("~/Loan_RepaymentCalculator.aspx");
        }

        #endregion Event

        #region Method

        private void Intitalize()
        {
            this.frmError.Title = UIConstant.TITLE_BAR;
            this.lblHeadingError.Text = UIConstant.PAGE_TITLE;
        }

        #endregion Method
    }

Web.config

You nedd to change configuration in Web.config file to redirect to Error Page when application level error is occured.
set mode="on" and defaultRedirect="~/ErrorPage.aspx" in customErros element under System.Web element.


Test Application

To test the application you can use Microsoft Mobile Explorer 3.0 . If not avilable Microsoft Mobile Explorer 3.0 you can use your desktop browser or free download it
from net. Install Microsoft Mobile Explorer 3.0 in your system.

To browse with Microsoft Mobile Explorer 3.0 you need to do as follows:
   1. Right click on Loan_RepaymentCalculator.aspx file
   2. Choose Browse With
     ( If Microsoft Mobile Explorer 3.0 is not avilable in Browsers list of Browse With dialog, you need add it)
   3. Click Add
   4. Browse your location where you installed Microsoft Mobile Explorer 3.0 (mmeemu.exe)
   5. Select Microsoft Mobile Explorer
   6. Click Set as Default in the dialog box.

LRC5.GIF
Figure 5


Press F5 to run the application. Microsoft Mobile Explorer Emulator will appear. Click ASP.NET Development Server icon in the system tray to get application URL name
and its port. It may be different in your system.
LRC6.GIF Figure 6


In the Microsoft Mobile Explorer Emulator type URL as http://localhost:1439/LRC/Loan_RepaymentCalculator.aspx

LRC7.GIF Figure 7


Enter Amount, Term & Rate. Click on Repayment button in the screen. You will get result like bellow,

LRC8.GIF
Figure 8

Tools

For testing application in Mobile Emulator
http://devhood.com/tools/tool_details.aspx?tool_id=52

Conclusion

In this demonstration you have created mobile pages and used controls and validation controls for mobile device. This experience will help you
to create further application development for mobile device in ASP.NET

 IMP Link:-


http://www.c-sharpcorner.com/uploadfile/csharpgoingon/steps-to-create-mobile-application-in-Asp-Net-2-0/
http://www.dnzone.com/go?53&LinkFile=index3.htm
http://www.codeproject.com/Articles/69887/Mobile-Application-Development-in-ASP-NET
http://support.microsoft.com/kb/311568
http://msdn.microsoft.com/en-us/library/9xe8eb2k%28v=VS.80%29.aspx
http://etutorials.org/Programming/.NET+Framework+Essentials/Chapter+9.+.NET+and+Mobile+Devices/9.1+ASP.NET+Mobile+Controls/
http://etutorials.org/Programming/Asp.net/Part+III+Namespace+Reference/Chapter+40.+The+System.Web.UI.MobileControls+Namespace/ObjectList/
http://msdn.microsoft.com/en-us/library/aa695848%28VS.71%29.aspx
http://www.scribd.com/doc/23095110/Developing-ASP-NET-Mobile-Web-Applications#fullscreen:on
http://archive.wirelesspronews.com/wirelesspronews-14-20040109PersonalizingMobileWebApplications.html
http://forums.asp.net/t/1105749.aspx
http://forums.asp.net/t/1374859.aspx
Posted by at No comments:

Saturday, 8 September 2012

Best Practices to Improve ASP.NET Web Application Performance


Introduction

Performance tuning can be tricky. It's especially tough in Internet-related projects with lots of components running around, like HTML client, HTTP network, Web server, middle-tier components, database components, resource-management components, TCP/IP networks, and database servers. Performance tuning depends on a lot of parameters and sometimes, by changing a single parameter, performance can increase drastically. This document lists out some tips for optimizing ASP.NET Web applications and many traps and pitfalls are discussed.

Tips For Web Application

  1. Turn off Tracing unless until required
    Tracing is one of the wonderful features which enables us to track the application's trace and the sequences. However, again it is useful only for developers and you can set this to "false" unless you require to monitor the trace logging.
    How it affects performance
    Enabling tracing adds performance overhead and might expose private information, so it should be enabled only while an application is being actively analyzed.
    Solution
    When not needed, tracing can be turned off using:
    <trace enabled="false" requestLimit=”10” pageoutput=”false” 
traceMode=”SortByTime” localOnly=”true”>
  2. Turn off Session State, if not required
    One extremely powerful feature of ASP.NET is its ability to store session state for users, such as a shopping cart on an e-commerce site or a browser history.
    How it affects performance
    Since ASP.NET manages session state by default, you pay the cost in memory even if you don't use it, i.e., whether you store your data in-process or on state server or in a SQL database, session state requires memory and it's also time consuming when you store or retrieve data from it.
    Solution
    You may not require session state when your pages are static or when you do not need to store information captured in the page.
    In such cases where you need not use session state, disable it on your web form using the directive:
    <@%Page EnableSessionState="false"%>
    In case you use the session state only to retrieve data from it and not to update it, make the session state read only by using the directive:
    <@%Page EnableSessionState ="ReadOnly"%>
  3. Disable View State of a Page if possible
    View state is a fancy name for ASP.NET storing some state data in a hidden input field inside the generated page. When the page is posted back to the server, the server can parse, validate, and apply this view state data back to the page's tree of controls.
    View state is a very powerful capability since it allows state to be persisted with the client and it requires no cookies or server memory to save this state. Many ASP.NET server controls use view state to persist settings made during interactions with elements on the page, for example, saving the current page that is being displayed when paging through data.
    How it affects performance
    1. There are a number of drawbacks to the use of view state, however. 
    2. It increases the total payload of the page both when served and when requested. There is also an additional overhead incurred when serializing or deserializing view state data that is posted back to the server.
    3. View state increases the memory allocations on the server. Several server controls, the most well known of which is the DataGrid, tend to make excessive use of view state, even in cases where it is not needed.

    Solution

    Pages that do not have any server postback events can have the view state turned off.
    The default behavior of the ViewState property is enabled, but if you don't need it, you can turn it off at the control or page level. Within a control, simply set the EnableViewState property to false, or set it globally within the page using this setting:
    <%@ Page EnableViewState="false" %>
    If you turn view state off for a page or control, make sure you thoroughly test your pages to verify that they continue to function correctly.
  4. Set debug=false in web.config
    When you create the application, by default this attribute is set to "true" which is very useful while developing. However, when you are deploying your application, always set it to "false".
    How it affects performance
    Setting it to "true" requires the PDB information to be inserted into the file and this results in a comparatively larger file and hence processing will be slow.
    Solution
    Therefore, always set debug="false" before deployment.
  5. Avoid Response.Redirect
    Response.Redirect() method simply tells the browser to visit another page.
    How it affects performance
    Redirects are also very chatty. They should only be used when you are transferring people to another physical web server.
    Solution
    For any transfers within your server, use .transfer! You will save a lot of needless HTTP requests. Instead of telling the browser to redirect, it simply changes the "focus" on the Web server and transfers the request. This means you don't get quite as many HTTP requests coming through, which therefore eases the pressure on your Web server and makes your applications run faster.
    Tradeoffs
    1. ".transfer" process can work on only those sites running on the server. OnlyResponse.Redirect can do that.
    2. Server.Transfer maintains the original URL in the browser. This can really help streamline data entry techniques, although it may make for confusion when debugging
    5. A) To reduce CLR Exceptions count, use Response.Redirect (".aspx", false) instead ofresponse.redirect (".aspx").
  1. Use the String builder to concatenate string
    How it affects performance
    String is Evil when you want to append and concatenate text to your string. All the activities you do to the string are stored in the memory as separate references and it must be avoided as much as possible.
    i.e. When a string is modified, the run time will create a new string and return it, leaving the original to be garbage collected. Most of the time, this is a fast and simple way to do it, but when a string is being modified repeatedly, it begins to be a burden on performance: all of those allocations eventually get expensive.
    Solution
    Use String Builder whenever string concatenation is needed so that it only stores the value in the original string and no additional reference is created.
  2. Avoid throwing exceptions
    How it affects performance
    Exceptions are probably one of the heaviest resource hogs and causes of slowdowns you will ever see in web applications, as well as windows applications.
    Solution
    You can use as many try/catch blocks as you want. Using exceptions gratuitously is where you lose performance. For example, you should stay away from things like using exceptions for control flow.
  3. Use Finally Method to kill resources
    1. The finally method gets executed independent of the outcome of the Block.
    2. Always use the finally block to kill resources like closing database connection, closing files and other resources such that they get executed independent of whether the code worked in Try or went to Catch.
  4. Use Client Side Scripts for validations
    User Input is Evil and it must be thoroughly validated before processing to avoid overhead and possible injections to your applications.
    How It improves performance
    Client site validation can help reduce round trips that are required to process user's request. In ASP.NET, you can also use client side controls to validate user input. However, do a check at the Server side too to avoid the infamous JavaScript disabled scenarios.
  5. Avoid unnecessary round trips to the server
    How it affects performance
    Round trips significantly affect performance. They are subject to network latency and to downstream server latency. Many data-driven Web sites heavily access the database for every user request. While connection pooling helps, the increased network traffic and processing load on the database server can adversely affect performance.
    Solution
    1. Keep round trips to an absolute minimum
    2. Implement Ajax UI whenever possible. The idea is to avoid full page refresh and only update the portion of the page that needs to be changed
  6. Use Page.ISPostBack
    Make sure you don't execute code needlessly. Use Page.ISPostBack property to ensure that you only perform page initialization logic when a page is first time loaded and not in response to client postbacks.
  7. Include Return Statements with in the Function/Method
    How it improves performance
    Explicitly using return allows the JIT to perform slightly more optimizations. Without a returnstatement, each function/method is given several local variables on stack to transparently support returning values without the keyword. Keeping these around makes it harder for the JIT to optimize, and can impact the performance of your code. Look through your functions/methods and insert return as needed. It doesn't change the semantics of the code at all, and it can help you get more speed from your application.
  8. Use Foreach loop instead of For loop for String Iteration
    Foreach is far more readable, and in the future it will become as fast as a For loop for special cases likestrings. Unless string manipulation is a real performance hog for you, the slightly messier code may not be worth it.
  9. Avoid Unnecessary Indirection
    How it affects performance
    When you use byRef, you pass pointers instead of the actual object.
    Many times, this makes sense (side-effecting functions, for example), but you don't always need it. Passing pointers results in more indirection, which is slower than accessing a value that is on the stack.
    Solution
    When you don't need to go through the heap, it is best to avoid it there by avoiding indirection.
  10. Use "ArrayLists" in place of arrays
    How it improves performance
    An ArrayList has everything that is good about an array PLUS automatic sizing, Add, Insert, Remove, Sort, Binary Search. All these great helper methods are added when implementing the IList interface.
    Tradeoffs
    The downside of an ArrayList is the need to cast objects upon retrieval.
  11. Always check Page.IsValid when using Validator Controls
    Always make sure you check Page.IsValid before processing your forms when using Validator Controls.
  12. Use Paging
    Take advantage of paging's simplicity in .NET. Only show small subsets of data at a time, allowing the page to load faster.
    Tradeoffs
    Just be careful when you mix in caching. Don't cache all the data in the grid.
  13. Store your content by using caching
    How it improves performance
    ASP.NET allows you to cache entire pages, fragment of pages or controls. You can also cache variable data by specifying the parameters on which the data depends. By using caching, you help ASP.NET engine to return data for repeated request for the same page much faster.
    When and Why Use Caching
    A proper use and fine tune of caching approach will result in better performance and scalability of your site. However, improper use of caching will actually slow down and consume lots of your server performance and memory usage.
    Good candidate to use caching is if you have infrequent chance of data or static content of web page.
  14. Use low cost authentication
    Authentication can also have an impact over the performance of your application. For example, passport authentication is slower than form-base authentication which in here turn is slower than Windows authentication.
  15. Minimize the number of web server controls
    How it affects performance
    The use of web server controls increases the response time of your application because they need time to be processed on the server side before they are rendered on the client side.
    Solution
    One way to minimize the number of web server controls is by taking into consideration, the usage of HTML elements where they are suited, for example if you want to display static text.
  16. Avoid using unmanaged code
    How it affects performance
    Calls to unmanaged code are a costly marshaling operation.
    Solution
    Try to reduce the number calls between the managed and unmanaged code. Consider doing more work in each call rather than making frequent calls to do small tasks.
  17. Avoid making frequent calls across processes
    If you are working with distributed applications, this involves additional overhead negotiating network and application level protocols. In this case, network speed can also be a bottleneck. Try to do as much work as possible in fewer calls over the network.
  18. Cleaning Up Style Sheets and Script Files
    1. A quick and easy way to improve your web application's performance is by going back and cleaning up your CSS Style Sheets and Script Files of unnecessary code or old styles and functions. It is common for old styles and functions to still exist in your style sheets and script files during development cycles and when improvements are made to a website. 
    2. Many websites use a single CSS Style Sheet or Script File for the entire website. Sometimes, just going through these files and cleaning them up can improve the performance of your site by reducing the page size. If you are referencing images in your style sheet that are no longer used on your website, it's a waste of performance to leave them in there and have them loaded each time the style sheet is loaded. 
    3. Run a web page analyzer against pages in your website so that you can see exactly what is being loaded and what takes the most time to load.
  19. Design with ValueTypes
    Use simple structs when you can, and when you don't do a lot of boxing and unboxing.
    Tradeoffs
    ValueTypes are far less flexible than Objects, and end up hurting performance if used incorrectly. You need to be very careful about when you treat them like objects. This adds extra boxing and unboxing overhead to your program, and can end up costing you more than it would if you had stuck with objects.
  20. Minimize assemblies
    Minimize the number of assemblies you use to keep your working set small. If you load an entire assembly just to use one method, you're paying a tremendous cost for very little benefit. See if you can duplicate that method's functionality using code that you already have loaded.
  21. Encode Using ASCII When You Don't Need UTF
    By default, ASP.NET comes configured to encode requests and responses as UTF-8.
    If ASCII is all your application needs, eliminating the UTF overhead can give you back a few cycles. Note that this can only be done on a per-application basis.
  22. Avoid Recursive Functions / Nested Loops
    These are general things to adopt in any programming language, which consume lot of memory. Always avoid Nested Loops, Recursive functions, to improve performance.
  23. Minimize the Use of Format ()
    When you can, use toString() instead of format(). In most cases, it will provide you with the functionality you need, with much less overhead.
  24. Place StyleSheets into the Header
    Web developers who care about performance want browser to load whatever content it has as soon as possible. This fact is especially important for pages with a lot of content and for users with slow Internet connections. When the browser loads the page progressively the header, the logo, the navigation components serve as visual feedback for the user.
    When we place style sheets near the bottom part of the HTML, most browsers stop rendering to avoid redrawing elements of the page if their styles change thus decreasing the performance of the page. So, always place StyleSheets into the Header.
  25. Put Scripts to the end of Document
    Unlike StyleSheets, it is better to place scripts to the end of the document. Progressive rendering is blocked until all StyleSheets have been downloaded. Scripts cause progressive rendering to stop for all content below the script until it is fully loaded. Moreover, while downloading a script, the browser does not start any other component downloads, even on different hostnames.
    So, always have scripts at the end of the document.
  26. Make JavaScript and CSS External
    Using external files generally produces faster pages because the JavaScript and CSS files are cached by the browser. Inline JavaScript and CSS increase the HTML document size but reduce the number of HTTP requests. With cached external files, the size of the HTML is kept small without increasing the number of HTTP requests thus improving the performance.

Tips For Database Operations

  1. Return Multiple Resultsets
    If the database code has request paths that go to the database more than once, then these round-trips decrease the number of requests per second your application can serve.
    Solution
    Return multiple resultsets in a single database request, so that you can cut the total time spent communicating with the database. You'll be making your system more scalable, too, as you'll cut down on the work the database server is doing managing requests.
  2. Connection Pooling and Object Pooling
    Connection pooling is a useful way to reuse connections for multiple requests, rather than paying the overhead of opening and closing a connection for each request. It's done implicitly, but you get one pool per unique connection string. Make sure you call Close or Dispose on a connection as soon as possible. When pooling is enabled, calling Close or Dispose returns the connection to the pool instead of closing the underlying database connection.
    Account for the following issues when pooling is a part of your design:
    1. Share connections 
    2. Avoid per-user logons to the database 
    3. Do not vary connection strings 
    4. Do not cache connections
  3. Use SqlDataReader Instead of Dataset wherever it is possible
    If you are reading a table sequentially, you should use the DataReader rather than DataSet.DataReader object creates a read only stream of data that will increase your application performance because only one row is in memory at a time.
  4. Keep Your Datasets Lean
    Remember that the dataset stores all of its data in memory, and that the more data you request, the longer it will take to transmit across the wire.
    Therefore, only put the records you need into the dataset.
  5. Avoid Inefficient queries
    How it affects performance
    Queries that process and then return more columns or rows than necessary waste processing cycles that could best be used for servicing other requests.
    Cause of Inefficient queries
    1. Too much data in your results is usually the result of inefficient queries.
    2. The SELECT * query often causes this problem. You do not usually need to return all the columns in a row. Also, analyze the WHERE clause in your queries to ensure that you are not returning too many rows. Try to make the WHERE clause as specific as possible to ensure that the least number of rows are returned. 
    3. Queries that do not take advantage of indexes may also cause poor performance.
  6. Unnecessary round trips
    How it affects performance
    Round trips significantly affect performance. They are subject to network latency and to downstream server latency. Many data-driven Web sites heavily access the database for every user request. While connection pooling helps, the increased network traffic and processing load on the database server can adversely affect performance.
    Solution
    Keep round trips to an absolute minimum.
  7. Too many open connections
    Connections are an expensive and scarce resource, which should be shared between callers by using connection pooling. Opening a connection for each caller limits scalability.
    Solution
    To ensure the efficient use of connection pooling, avoid keeping connections open and avoid varying connection strings.
  8. Avoid Transaction misuse
    How it affects performance
    If you select the wrong type of transaction management, you may add latency to each operation. Additionally, if you keep transactions active for long periods of time, the active transactions may cause resource pressure.
    Solution
    Transactions are necessary to ensure the integrity of your data, but you need to ensure that you use the appropriate type of transaction for the shortest duration possible and only where necessary.
  9. Avoid Over Normalized tables
    Over Normalized tables may require excessive joins for simple operations. These additional steps may significantly affect the performance and scalability of your application, especially as the number of users and requests increases.
  10. Reduce Serialization
    Dataset serialization is more efficiently implemented in .NET Framework version 1.1 than in version 1.0. However, Dataset serialization often introduces performance bottlenecks.
    You can reduce the performance impact in a number of ways: 
    1. Use column name aliasing 
    2. Avoid serializing multiple versions of the same data 
    3. Reduce the number of DataTable objects that are serialized
  11. Do Not Use CommandBuilder at Run Time
    How it affects performance
    CommandBuilder objects such as SqlCommandBuilder and OleDbCommandBuilder are useful when you are designing and prototyping your application. However, you should not use them in production applications. The processing required to generate the commands affects performance.
    Solution
    Manually create stored procedures for your commands, or use the Visual Studio® .NET design-time wizard and customize them later if necessary.
  12. Use Stored Procedures Whenever Possible
    1. Stored procedures are highly optimized tools that result in excellent performance when used effectively.
    2. Set up stored procedures to handle inserts, updates, and deletes with the data adapter
    3. Stored procedures do not have to be interpreted, compiled or even transmitted from the client, and cut down on both network traffic and server overhead.
    4. Be sure to use CommandType.StoredProcedure instead of CommandType.Text
  13. Avoid Auto-Generated Commands
    When using a data adapter, avoid auto-generated commands. These require additional trips to the server to retrieve meta data, and give you a lower level of interaction control. While using auto-generated commands is convenient, it's worth the effort to do it yourself in performance-critical applications.
  14. Use Sequential Access as Often as Possible
    With a data reader, use CommandBehavior.SequentialAccess. This is essential for dealing with blob data types since it allows data to be read off of the wire in small chunks. While you can only work with one piece of the data at a time, the latency for loading a large data type disappears. If you don't need to work the whole object at once, using Sequential Access will give you much better performance.

Tips for ASP.NET Applications Developed using VB

  1. Enable Option Strict and Option Explicit for your pages
    With Option Strict on, you protect yourself from inadvertent late binding and enforce a higher level of coding discipline.
  2. Use early binding in Visual Basic or JScript code
    Visual Basic 6 does a lot of work under the hood to support casting of objects, and many programmers aren't even aware of it. In Visual Basic 7, this is an area out of which you can squeeze a lot of performance.
    Solution
    When you compile, use early binding. This tells the compiler to insert a Type Coercion is only done when explicitly mentioned.
    This has two major effects:
    1. Strange errors become easier to track down.
    2. Unneeded coercions are eliminated, leading to substantial performance improvements.
    3. When you use an object as if it were of a different type, Visual Basic will coerce the object for you if you don't specify. This is handy since the programmer does not have to worry about less code.
  3. Put Concatenations in One Expression
    If you have multiple concatenations on multiple lines, try to stick them all on one expression. The compiler can optimize by modifying the string in place, providing a speed and memory boost. If the statements are split into multiple lines, the Visual Basic compiler will not generate the Microsoft Intermediate Language (MSIL) to allow in-place concatenation.

Summary

When we talk about ASP.NET performance, there are lots of factors in place. Discussed above are the most critical of the speed improvements you can make in ASP.NET that will have a dramatic impact on the user experience of your web application.
Posted by at No comments:

Wednesday, 5 September 2012

PayPal for C# - ASP.NET developers

Introduction

PayPal is probably one of the first things that gets mentioned once you start discussion on online payments. It’s not so without reason – in 2008, PayPal moved over 60 billion dollars between accounts which is, you’ll agree, a respectable amount. And also, all trends show that this growth will continue – with huge number of new accounts (over 184 million accounts in 2008 compared to 96.2 million in 2005), with a new platform named PayPal X, and with more cool applications that involve paying (like Twitpay), you can bet that PayPal is here to stay. So, how can you join the whole PayPal Development movement?
Unfortunately, I would say – not so easily. When I first started with PayPal integration - it was hard, really hard. If you wish to see what I mean, just jump to the PayPal Developer Center. There is no way you’ll easily fish out what you need from that site if you are a PayPal newbie; simply - there are too many links, too many resources, and too many mixings of important and not-so-important information. So, how should you start?

Getting Started with PayPal

To those who really want to get into PayPal, and are willing to shell out some buck, I would recommend the Pro PayPal E-Commerce book - that’s how I eventually got into understanding the concepts behind PayPal integration. For those who are not so eager to pay – don’t worry, that’s why this article is here... I'll go over most of the stuff that book covers, but in a more brief and concise manner.
First and foremost - understanding what kinds of integration PayPal offers is, I would say, the most important thing in order to successfully start your development journey. A common mistake, that happened to me also, is to start at once with the PayPal API and Express Checkout. I mean it’s natural - we are developers, and when they tell us to integrate with something, the first thing we look for is the SDK & API… the PayPal API comes up as a result… we say “That’s it” to ourselves… and start working. The problem is – the majority of payment scenarios can be handled with a way simpler approach - HTML forms that are part of the Website Payments Standard.
So, without further ado, here is a classification of PayPal integrations:
  • Website Payments Standard (HTML)
  • Postpayment Processing
    • AutoReturn
    • Payment Data Transfer (PDT)
    • Instant Payment Notification (IPN)
  • PayPal API
    • Express Checkout
    • Direct Payment (Website Payments Pro)
  • Payflow Gateway
Items in classification are also ordered in a way I would suggest for everyone to follow. So, if you are new to PayPal – first learn all of the options that you have with the Website Payments Standard (HTML). Then, if you need to add some basic post-payment processing, see if Auto-Return or PDT will solve your problem… if not, IPN is a more robust option you have at your disposal.
The next level would involve the PayPal API and implementing the Express Checkout, which is the most flexible PayPal integration solution. And finally, if you long for the ability to directly process credit cards on your website, you’ll pay a monthly fee to PayPal and implement Direct Payment (effectively getting what is called Website Payments Pro).
The last item from our classification - the Payflow Gateway is, on the other hand, a different beast. It doesn’t “update the stack” in a way the previously mentioned technologies do. It is a solution aimed specifically at those businesses that have/want an Internet Merchant Account (IMA) and just need the payment gateway. In order to keep the article consistent, I’ll skip explaining the details of the Payflow Gateway. However, if you have any questions related to it, feel free to leave a message in the comments section and I’ll try to answer.
That said, let’s get to setting up a test PayPal account, and then we’ll delve deeper into describing the mentioned integrations.

Setting up a Test Account

Word of notice – you’ll want to follow this step even if you already have a live PayPal account. There are two reasons for using test accounts:
  • you don’t want to test and play with real money
  • you want to have access to different types of PayPal accounts
    • Personal account – most people have these; just an account that allows you to use PayPal when paying for stuff online. Theoretically, you can use a Personal account to accept money; just know that you’ll be severely constrained – there is a $500 receiving limit per month, and you are only able to accept one time payments using the Website Payments Standard (HTML). The big advantage of a Personal account is that you don’t need to pay any transaction fee when receiving money. Note, however, that if you receive more than $500 in one month, you’ll be prompted to either upgrade to a Premier/Business account or reject the payment.
    • Premier account – step up from a personal account; for anyone who wants to run a personal online business. This type of account has all of the integration options (accepting credit cards, recurring payments, PayPal API). However, most people skip directly from Personal to Business account as Premier account has the same transaction fees (in most cases, 2.9% + $0.30 per transaction) while lacking reporting, multi-user access, and other advanced merchant services of the Business account.
    • Business account – it has all of the features of the Premier account plus a few more (ability to operate under your business’s name is one of them). If you are developing a website that needs to accept payments in 99% of situations, you’ll go with this type of account.
To start, visit the PayPal Sandbox and sign-up for a new account. The process is straightforward, and most developers should have no trouble finishing it. However, here are the pictures that will help you navigate through the process:
Signing up for sandbox account
Signing up for a Sandbox account
Filling in details of your sandbox account
Filling in the details of your Sandbox account
Once done with entering the details for your Sandbox account, you'll need to check the email you provided in order to complete the registration. After that, you'll be able to login and start creating Sandbox PayPal accounts. Clicking on Test Accounts (menu on the left), and then Create Account: Preconfigured - will get you a form like the one on the image below:
Creating a Sandbox Test Account
Creating a Sandbox test account
Clarification of Account Type radio buttons: by selecting Buyer, you'll create a Personal account, and by selecting Seller, you'll create a Business account. For testing most integration scenarios, you'll need both accounts, so be sure to create them. Here is what you should eventually have on your screen after you click on Test Accounts:
Overview of your testing accounts
Overview of your testing accounts
Checking the radio button next to any of the accounts from the list and clicking on Enter Sandbox Test Site should bring up the Sandbox PayPal site which will allow you to login and administer your account in the same way as with a regular PayPal account. The only difference is that you'll have a huge PayPal Sandbox header and text that displays the email address of your developer account. To see what I'm talking about, check the image below:
Administering PayPal Sandbox account
Administering a PayPal Sandbox account
Last but not least - in order to use your Sandbox account for testing, you need to be logged in with your developer account. If you are not logged in and you follow some payment link, you'll get the following screen:
Login to use the PayPal Sandbox features
Login to use the PayPal Sandbox features

Website Payments Standard (HTML)

In this section, I'll provide you with a number of examples that will show how to create your own HTML form for receiving money over PayPal. You'll see how to use different variables in order to influence payment details. Before we delve into details, let's take a look at the two most basic variables:
  • form's action attribute - in most cases, it should be https://www.paypal.com/cgi-bin/webscr. If you are using Sandbox for testing payments, you'll change it to https://www.sandbox.paypal.com/cgi-bin/webscr - effectively, you just insert the word sandbox into the URL (this is also true for some other integrations; e.g., the PayPal API). For upcoming examples, I won't be using the Sandbox URL because most of you would just get that "Login to use the PayPal Sandbox features" screen (look up for the image).
  • form's business child - I'll use youremailaddress@yourdomain.com for most examples; if you copy-paste the code, you'll want to replace that with the email of your PayPal account.

Basic Payment

OK, let’s say you have an opened PayPal account and you just wish to be able to accept a $10 payment for a painting you are selling through your site. Just insert the following HTML into your page and you are set to go:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">

    <input type="hidden" name="cmd" value="_xclick" />
    <input type="hidden" name="business" value="youremailaddress@yourdomain.com" />

    <input type="hidden" name="item_name" value="My painting" />
    <input type="hidden" name="amount" value="10.00" /> 
    <input type="submit" value="Buy!" />

</form>

Shipping & Handling

The next thing that comes to mind is that you'll wish to add shipping and/or handling fees to your form. It's easy - just add more parameters:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">

    <input type="hidden" name="cmd" value="_xclick" />
    <input type="hidden" name="business" value="youremailaddress@yourdomain.com" />

    <input type="hidden" name="item_name" value="My painting" />
    <input type="hidden" name="amount" value="10.00" />

    <input type="hidden" name="shipping" value="3.00" /> 
    <input type="hidden" name="handling" value="2.00" />

    <input type="submit" value="Buy with additional parameters!" />
</form>

Donations & Textual Links

If you aren't selling anything but rather accepting donations for some cause - you'll just need to change the value of the cmd variable to _donations. If we combine this with a common requirement to have a hyperlink instead of a button - we get the following URL (of course, you can use this method of URL creation for other PayPal payment types):
  • https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=youremailaddress@yourdomain.com&item_name=Save Polar Bears!&amount=10.00

Result:

Cart System

If you have a bunch of different products to offer and you just want a simple cart system without implementing anything, PayPal has you covered. Basically, you'll just play with the cmd variable while keeping the rest of the form same as for the Basic Payment. Let's see how you should do this for two products; one priced at $10 without shipping fees, and one priced at $5 with $1 shipping fee. We will also need a View Cart button:
My Cart Item 1:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="paypal">

    <input type="hidden" name="cmd" value="_cart">
    <input type="hidden" name="add" value="1">

    <input type="hidden" name="business" value="youremailaddress@yourdomain.com">
    <input type="hidden" name="item_name" value="My Cart Item 1">

    <input type="hidden" name="amount" value="10.00">
    <input type="hidden" name="shopping_url" 
           value="http://www.yourwebsite.com/shoppingpage.html">

    <input type="hidden" name="return" value="http://www.yourwebsite.com/success.html">
    <input type="hidden" name="cancel_return" value="http://www.yourwebsite.com/cancel.html">

    <input type="hidden" name="bn" value="PP-ShopCartBF:x-click-but22.gif:NonHosted">
    <input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but22.gif" border="0"

        name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
    <img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1"

        height="1">
</form>

My Cart Item 2:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="paypal">

    <input type="hidden" name="cmd" value="_cart">
    <input type="hidden" name="add" value="1">

    <input type="hidden" name="business" value="youremailaddress@yourdomain.com">
    <input type="hidden" name="item_name" value="My Cart Item 2">

    <input type="hidden" name="amount" value="5.00">
    <input type="hidden" name="shipping" value="1.00">

    <input type="hidden" name="shopping_url" 
        value="http://www.yourwebsite.com/shoppingpage.html">
    <input type="hidden" name="return" value="http://www.yourwebsite.com/success.html">

    <input type="hidden" name="cancel_return" value="http://www.yourwebsite.com/cancel.html">
    <input type="hidden" name="bn" value="PP-ShopCartBF:x-click-but22.gif:NonHosted">

    <input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but22.gif" border="0"
        name="submit" alt="Make payments with PayPal - it's fast, free and secure!">

    <img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1"
        height="1">
</form>

View Cart:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="paypal">
    <input type="hidden" name="cmd" value="_cart">

    <input type="hidden" name="display" value="1">
    <input type="hidden" name="business" value="youremailaddress@yourdomain.com">

    <input type="hidden" name="shopping_url" 
        value="http://www.yourwebsite.com/shoppingpage.html">
    <input type="image" src="https://www.paypal.com/en_US/i/btn/view_cart_02.gif" 
           name="submit" alt="Make payments with PayPal - it's fast, free and secure!">

</form>

Recurring Payments

If you are selling a monthly service rather than a product, you'll be interested in the recurring payment options PayPal provides. Again, it's playing with different variables that have different meaning. Let's say you wish to set a 3 day free trial after which the user will have to pay you $10.00 per month to keep using the service. The following HTML form should do the trick:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
    <input type="hidden" name="cmd" value="_xclick-subscriptions"/> 
    <input type="hidden" name="business" value="youremailaddress@yourdomain.com"/> 
    <input type="hidden" name="item_name" value="Something"/> 
    <input type="submit" value="Subscribe!" /> 

    <input type="hidden" name="a1" value="0"/> 
    <input type="hidden" name="p1" value="3"/> 
    <input type="hidden" name="t1" value="D"/> 
    <input type="hidden" name="a3" value="10.00"/> 
    <input type="hidden" name="p3" value="1"/> 
    <input type="hidden" name="t3" value="M"/> 
    <input type="hidden" name="src" value="1"/> 
    <input type="hidden" name="srt" value="0"/> 
    <input type="hidden" name="sra" value="1"/> 

</form>

HTML Variables & Resources

After reading the previous example, you may be wondering what certain variables do (a1? p1? srt?). Luckily, PayPal provides an "HTML Variables for Website Payments Standard" page on which you can read about any variable that you are interested in.
Also, another great resource (to which I wish someone pointed me when I first started with PP integration) is "skier's PayPal examples". You'll find examples for almost all payment scenarios you can think of - so instead of cluttering this article with more examples, I'll encourage you to visit that page should you wish to implement some more advanced PayPal HTML form.

PostPayment Processing

When you setup your PayPal HTML form, the first question you'll probably ask is - after user pays, can I have some post-payment processing logic? It is not so without reason; there are numerous post-payment scenarios we can think of - from sending a simple "Thank you" email to updating the site database and allowing user access to restricted resources for which he paid. Depending on your knowledge and the desired level of robustness for post-processing logic, there are three ways you can go; and the good thing is you can combine them.

AutoReturn

AutoReturn is the simplest PostPayment processing solution that you have - after the user pays, he is automatically* redirected to a specified page on your website on which you can display some confirmation text. If you carefully went through "HTML Variables for Website Payments Standard", you know that you can use a return variable to specify the AutoReturn URL in the HTML form. If you wish to have the default AutoReturn URL, follow these steps:
  1. Log in to your Premier or Business account
  2. Click the Profile subtab
  3. Click the Website Payment Preferences in the Selling Preferences column
  4. Click the On radio button next to the Auto Return label
  5. Enter the URL where you want your users to return in the text box labeled Return URL
  6. Click the Save button at the bottom of the page
Providing AutoRetremoved removed in your PayPal profile
Providing the AutoReturl URL in your PayPal profile
Know that if you have both AutoReturn URL in your profile and provide a return variable in your HTML form, the return variable will overwrite the profile URL value.
Now, when your return page is hit, you'll be getting variables that should allow you to customize the page display and log payment:
  • tx - Transaction ID
  • st - Payment status
  • amt - Payment amount
  • cc - Currency code
Before closing this section, one more thing. The reason why I've italicized the word "automatically" in the first sentence is: if the user uses a credit card to pay you, he won't be automatically redirected to your return URL; he'll rather need to click on the "Return to Merchant" button. If this sounds weird to you, know that you're not alone; however, because of legal issues, PayPal refused and still refuses to change the way credit card payments are handled with AutoReturn.

Payment Data Transfer (PDT)

After looking over the list of variables that AutoReturn provides, you probably wondered - can I get more details about the transaction that occurred? This is exactly where PDT jumps in - building on the AutoReturn functionality. For that reason, you'll need to enable both AutoReturn and then PDT in your profile; here is how to do that:
  1. Log in to your Premier or Business account
  2. Click the Profile sub tab
  3. Click Website Payment Preferences in the Selling Preferences column
  4. Click the On radio button next to the Auto Return label
  5. Enter the URL of the script that will process the PDT HTTP request sent from PayPal
  6. Under Payment Data Transfer, click the On radio button
  7. Click Save.
After following these steps, you should get a PDT Identity Token that is needed for querying PayPal. If you don't copy-paste the token after clicking Save, know that you can always see it in your Website Payment Preferences:
Payment Data Transfer and Identity Token
Payment Data Transfer and Identity Token
Now that you have the Identity Token, you can query PayPal for more details after your return URL has been hit. Here is how things flow when utilizing PDT:
  1. User pays and is redirected to your AutoReturn page, for example: http://www.yourdomain.com/Thanks.aspx?tx=[TransactionID].
  2. From the code-behind of Thanks.aspx, you'll parse the tx value and make an HTTP POST to https://www.paypal.com/cgi-bin/webscr with the following parameters: cmd=_notify-synch&tx=[TransactionID]&at=[PDTIdentityToken]. (If you are using Sandbox, you'll of course make an HTTP POST to https://www.sandbox.paypal.com/cgi-bin/webscr.)
  3. PayPal will respond to your HTTP POST in the following format:
    4. SUCCESS
first_name=Firstname
last_name=Lastname
payment_status=Completed
payer_email=firstname%40lastname.com
payment_gross=50.00
mc_currency=USD
custom=Custom+value+you+passed+with+your+HTML+form
etc.
  4. Do whatever you wish with the data.
Here is how what was said in the previous few lines looks in C# code:
protected void Page_Load(object sender, EventArgs e)
{
    if (!Page.IsPostBack)
    {
        authToken = WebConfigurationManager.AppSettings["PDTToken"];

        //read in txn token from querystring
        txToken = Request.QueryString.Get("tx");


        query = string.Format("cmd=_notify-synch&tx={0}&at={1}", 
                              txToken, authToken);

        // Create the request back
        string url = WebConfigurationManager.AppSettings["PayPalSubmitUrl"];
        HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);

        // Set values for the request back
        req.Method = "POST";
        req.ContentType = "application/x-www-form-urlencoded";
        req.ContentLength = query.Length;

        // Write the request back IPN strings
        StreamWriter stOut = new StreamWriter(req.GetRequestStream(), 
                                 System.Text.Encoding.ASCII);
        stOut.Write(query);
        stOut.Close();

        // Do the request to PayPal and get the response
        StreamReader stIn = new StreamReader(req.GetResponse().GetResponseStream());
        strResponse = stIn.ReadToEnd();
        stIn.Close();

        // sanity check
        Label2.Text = strResponse;

        // If response was SUCCESS, parse response string and output details
        if (strResponse.StartsWith("SUCCESS"))
        {
            PDTHolder pdt = PDTHolder.Parse(strResponse);
            Label1.Text = 
                string.Format("Thank you {0} {1} [{2}] for your payment of {3} {4}!",
                pdt.PayerFirstName, pdt.PayerLastName, 
                pdt.PayerEmail, pdt.GrossTotal, pdt.Currency);
        }
        else
        {
            Label1.Text = "Oooops, something went wrong...";
        }
    }
}
In the code I'm attaching with the article, under the PDT directory, you'll see more classes that will help you out in following the previously mentioned flow.
And, as with AutoReturn, one notice before closing the subject - take a look at the custom variable in PayPal's response to your HTTP POST. You'll probably want to utilize this variable as it allows you to pass some information from your payment page to your post-processing page without presenting it to the user. To name one use, in some of my PayPal implementations, I track the user with it - when he started payment process, and when/if he finished it.

Instant Payment Notification (IPN)

One big shortcoming of PDT is that it is a user-driven process, meaning - if the user closes the browser after performing a payment and before being redirected to your site, you'll lose the opportunity to run your post processing logic. That's why you are advised to combine the PDT with IPN for any serious integration with PayPal.
IPN is a back-end mechanism that makes HTTP POSTs to your page, notifying you of important events. It is used not only for PostPayment processing, but also for things that come after, like handling user cancelation of recurring payments.
Being a back-end technology, it is somewhat harder to implement and debug than PDT. There are a couple of things you should be aware of before starting to implement IPN:
  • IPN messages can be delayed sometimes. I know, I know... that beats the word "Instant" in IPN, but that's how things are.
  • There is a known history of problems with the IPN service; two latest incidents happened on October 2nd 2009 (2 hour delay) and on September 6th 2009 (6 hour delay).
  • Whenever you have problems with IPN, be sure to check the Live Status page and see if there is an incident notification before digging into debugging and changing your script. There is also a similar page for Sandbox Status.
Before being able to receive IPN messages, you'll need to activate this service; follow these steps:
  1. Log in to your Premier or Business account
  2. Click the Profile sub tab
  3. Click Instant Payment Notification in the Selling Preferences column
  4. Click the 'Edit IPN Settings' button to update your settings
  5. Select 'Receive IPN messages' (Enabled) and enter the URL of your IPN handler
  6. Click Save, and you should get a message that you have successfully activated IPN
Activating Instant Payment Notification
Activating Instant Payment Notification
As with AutoReturn, you can overwrite the IPN handler URL set in the profile in individual forms by adding the notify_url variable (see the HTML Variables reference). Know that this will influence not only the initial IPN message but all future messages related to that transaction (they will all go to notify_url).
To handle IPN messages, you'll need to create an HTTP handler somewhere on your website. When a significant event occurs (e.g., user performs payment), following flow takes place:
  1. PayPal will send an HTTP POST to your IPN handler with a number of variables.
  2. After receiving HTTP POST and parsing it, you need to submit the complete body of the message back to https://www.paypal.com/cgi-bin/webscr (or https://www.sandbox.paypal.com/cgi-bin/webscr for a Sandbox account). When you are doing this, be sure to send a message back in the exact format in which you received it; the only thing you are allowed to do is adding cmd=_notify-validate. This is all done in order to verify that HTTP POST was authentic and sent from PayPal.
  3. PayPal will respond with either VERIFIED or INVALID. After you receive this response, be sure to send 200 OK to prevent additional attempts from PayPal to send an IPN. If you don't close the loop with a 200 OK, PayPal will start resending IPN (starting from 4 seconds and doubling - 8 seconds, 16 seconds, 32 seconds... up to 4 days).
Here is a generic C# IPN handler (for more code, check the zip attached to the article):
protected void Page_Load(object sender, EventArgs e)
{    
    string postUrl = ConfigurationManager.AppSettings["PayPalSubmitUrl"];
    HttpWebRequest req = (HttpWebRequest)WebRequest.Create(postUrl);

    //Set values for the request back
    req.Method = "POST";
    req.ContentType = "application/x-www-form-urlencoded";
    byte[] param = Request.BinaryRead(HttpContext.Current.Request.ContentLength);
    string strRequest = Encoding.ASCII.GetString(param);
    string ipnPost = strRequest;
    strRequest += "&cmd=_notify-validate";
    req.ContentLength = strRequest.Length;

    //for proxy
    //WebProxy proxy = new WebProxy(new Uri("http://url:port#"));
    //req.Proxy = proxy;

    //Send the request to PayPal and get the response
    StreamWriter streamOut = new StreamWriter(req.GetRequestStream(), 
                             System.Text.Encoding.ASCII);
    streamOut.Write(strRequest);
    streamOut.Close();
    
    StreamReader streamIn = new StreamReader(req.GetResponse().GetResponseStream());
    string strResponse = streamIn.ReadToEnd();
    streamIn.Close();

    // logging ipn messages... be sure that you give write
    // permission to process executing this code
    string logPathDir = ResolveUrl("Messages");
    string logPath = string.Format("{0}\\{1}.txt", 
                     Server.MapPath(logPathDir), DateTime.Now.Ticks);
    File.WriteAllText(logPath, ipnPost);
    //

    if (strResponse == "VERIFIED")
    {
        //check the payment_status is Completed
        //check that txn_id has not been previously processed
        //check that receiver_email is your Primary PayPal email
        //check that payment_amount/payment_currency are correct
        //process payment
    }
    else if (strResponse == "INVALID")
    {
        //log for manual investigation
    }
    else
    {
        //log response/ipn data for manual investigation
    }
}
If you have received an INVALID response, that could mean two things:
  • Someone tried to send a malicious message to your IPN handler.
  • Your implementation isn't perfect.
In case of a malicious message, you're on your own (log IP, take appropriate action), but for imperfect implementations, visit this IPN troubleshooting topic on PayPal Developer Forums; it is full of useful tips that should help you solve INVALID responses.
Also, before going online with your IPN handler, be sure to test it thoroughly with the Instant Payment Notification (IPN) simulator. As an IPN handler will work in the background, you'll want to test it as much as you can before going live and relying on its processing.
Another thing you'll want to visit if you are implementing IPN is ScriptGenerator2 page... it can quickly generate an IPN handler in the language of your choice. Funny thing - they are missing a generator for ASP.NET/C#; for that, check out the IPN directory in the code-archive I've attached to this article and these Code Samples.
Finally, on PayPal Developer Center, there is this nice page that lists most of the IPN and PDT variables. I'm saying most because there are some variables missing on it (check comments on this page), but the list is far beyond being useless.

PayPal API

As said in the introduction, most developers, even if they have no previous experience with PayPal, start directly with the API. Google search brings up either API Reference or the SDKs and Downloads page and then browsing through Documentation starts. I don't want to say that there is something wrong with using PayPal API for payments; I want to say that in most of the cases, it's not necessary to go down that path.
PayPal API is much more than just a mechanism for payment - if you look at the provided API Reference page, you'll see that there are lots of methods not tied directly to "user performing payment". You can use the API to browse through the history of your transactions, issue a refund, or update a recurring payments profile. So how do you start using it?
First and foremost, you'll need to enable API access in your account; follow these steps:
  1. Log in to your Premier or Business account
  2. Click the Profile sub tab
  3. Click the API Access link under the Account Information header
  4. Click the link that says Request API Credentials / View API Certificate
  5. Select either API Signature or API Certificate
Step 5 from activating API Access
Step 5 from activating API Access
I recommend that you select API Signature, and the examples that follow will assume you made this choice. There is nothing wrong with selecting API Certificate; I just find it more demanding from a setup perspective.
Now that you have credentials to make API calls, how do you perform them? The approach that will work equally well with all platforms is to download the SDK, target the appropriate API endpoint, and start making HTTP calls with either Name-Value pairs or SOAP.
However, for .NET developers, I recommend a different approach. Considering that Visual Studio has an awesome WSDL parser, I urge you to just add a Web Service Reference to https://www.paypal.com/wsdl/PayPalSvc.wsdl. After a few moments, you'll have an up-to-date class ready to serve you with all the benefits of strong typing - no building of HTTP requests, no copy-pasting field names, and no cumbersome parsing of responses. You have the same thing available for Sandbox at: https://www.sandbox.paypal.com/wsdl/PayPalSvc.wsdl.

Express Checkout

Express Checkout is the most flexible PayPal integration solution. The user is redirected to PayPal just for authentication and confirmation that he wants to pay for your services, and after that, everything is done on your website; you'll make calls to the PayPal API in the background. The following picture describes the process (taken from this page):
Step 5 from activating API Access
Express Checkout flow
  1. You'll add a PayPal Checkout button that invokes the SetExpressCheckout method of the PayPal API after it is clicked.
    1. If you are invoking this method for one time payment, it'll be valid if you include only the required fields. Setting the NOSHIPPING variable to 1 is important if you are selling some online service (it'll help you skip the Shipping info page).
    2. If you are invoking this method in order to set recurring payments, be sure to set L_BILLINGTYPE0 to RecurringPayments and L_BILLINGAGREEMENTDESCRIPTION0 to a valid description of your service.
  2. SetExpressCheckout will return a 20 char token that will uniquely identify your transaction. This token is valid for 3 hours. After you receive it, redirect the user to https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=[TOKEN] (you can guess what the URL for Sandbox is, right?).
  3. The user will review payment information, and if everything is OK, enter the login credentials. After this, PayPal will redirect him to the URL you specified with RETURNURL when you called SetExpressCheckout.
  4. When your RETURNURL is hit, you need to invoke the GetExpressCheckoutDetails method and see the details of the actual transaction; verify that everything is in order.
  5. Now, all that is left is to commit the transaction. Depending on what you did in step 1, there are two things that can be done.
    1. For one time payments, you'll just invoke DoExpressCheckoutPayment and forward the appropriate variables.
    2. For recurring payments, you'll invoke the CreateRecurringPayments method. It is required that you include the DESC field and match it to the value entered in L_BILLINGAGREEMENTDESCRIPTION0 when you called SetExpressCheckout.
In a nutshell - that's it. Again, I have provided code examples that follow the previously specified flow in the archive accompanying this article (under the API directory). If you wish, you can also use the PayPal Express Checkout Integration Wizard for generating the reference code.

Direct Payment (Website Payments Pro)

Most developers aren't aware that the PayPal platform can be used for just Credit Card processing. This part of the PayPal API is called Direct Payment, and when combined with Express Checkout (which only services customers with PayPal accounts), you get what is referred to as Website Payments Pro on the PayPal Developer Center.
To be able to call methods that are part of Direct Payment (DoDirectPayment and CreateRecurringPayments), you first need to satisfy some conditions:
  1. Have a Business account that is based in US, UK, or Canada
  2. Oblige that you'll implement both Express Checkout and Direct Payment on your website
  3. Submit application for Website Payments Pro through your PayPal account and have it approved
  4. Pay monthly fee (currently $30 per month)
After you have a Website Payments Pro account in place, calling Direct Payment methods is pretty straightforward - if in doubt, either visit the API Reference page, or look at the code attached to this article. Just know that if you try to call any Direct Payment method on an account that doesn't have Pro enabled, you'll get an error with code 10501 (this is one of the most common problems reported in the Sandbox forum).
Lastly, once you start dealing with credit cards, you'll need to take care of PCI Compliance; here is a nice forum thread that provides more information on that.

Conclusion

My hope is that this article gave you good overview of PayPal integration options. If it did that, I'll be at peace - as once you have an understanding of the concepts laid out in this article, you'll easily fetch the needed details from the provided links. Sure, there are some topics we haven't touched, like Encrypted Website Payments, PayPal API Certificates, or Payflow Gateway, but I think you can tackle even that on your own once you fully understand all things written here.
If you get stuck on anything, I suggest that you first visit the PayPal Developer Community and ask your question in the appropriate forum. A number of great, knowledable developers monitor those forums, and it's highly probable that you'll receive an answer to almost any PayPal issue within an hour. I also have an account on that site (lepipele) and try to answer questions whenever I have time; so feel free to send me a private message if you drop by or run into trouble.
Posted by at No comments:
Subscribe to: Comments (Atom)