One Community, One World
ASP.NET Client-Based State Management, Part03: Control State, Hidden Fields, and Query Strings
by Ahmed Rafie  on Aug 3 2007 12:00AM
  PageViews 3056   |    Add to Fav   |     Send to Friend   |    no downloads available

In part two of this article series, we were talking about view state. While view state is a property provides a dictionary object for retaining values between multiple requests for the same page. If you create a custom control and you are using vierwstate, the developer who uses the control might break its functionality by disabling view state.

So, ASP.NET gives you access to a separate area of the “viewstate" reserved for control state information, the control state. If a developer disables viewstate for your control, it won't affect your ability to manage your control's state.

You can use control state property to store information for your control. Control state allows you to persist property information that is specific to a control and cannot be turned off like the viewstate property. 

Managing state with Control State 
The first step in using the controlstate is to notify the host page that your control has controlstate information to save. You do this by calling the "RegisterRequiresControlState" method of the page object that represents your control's host page.

Typically you want to notify the page object as early in your control's lifecycle as possible, so the Init event of your control is the best place to signal this to the host page. 

private void WebCustomeControl_Init(Object sender, EventArgs e)     
    {          ;     

You must pass the RegisterRequiresControlState a reference to the control whose state is being saved. (Use Me in VB code and this in c# code).Once you've registered your control with the host page the "SaveControlState" and "LoadControlState" methods are called automatically.

  • SaveControlState: Any values that you return from this function are saved in the controlstate.
  • LoadControlState: This routine is passed a single parameter named "SavedState" which is the data that was placed in the controlstate by the SaveControlState routine.

    public struct MyData     
                public string MyName;         
                public string MyAge;     

        MyData currentData;       

    protected override object SaveControlState()     
                currentData.MyName = "Rafie";         
                currentData.MyName = "22";         
                return currentData;     

    protected override void LoadControlState(object savedState)     
                currentData = (MyData)savedState;     

You can check to see if your control has enabled controlstate tracking by calling the host page object's RequireControlState method and passing a reference to your control. If the method returns true, the page will call you "ControlState" methods.

Finally, because the developer using your control cannot disable the Control State. When you do use the controlstate you should keep very little data in it. And information related to the user interface or data that the host page puts in the control should stay in the viewstate so that the developer can turn it off if desired.

Query Strings
One of the most interesting state management options is query string. Query strings are commonly used to share variables that identify specific pages. You can add query string to URL by modifying URL and add Key/Value pair after “?" mark, URL with query string might look like the following URL

This URL identifies articles.aspx page and a query string named ID with value 333.

How to write a Query String
There are no methods or tool in ASP.NET to create query strings;

you must modify the URL for any Hyperlink the user might click. For example if you have a hyperlink control with NavigateUrl defined as “~\articles.aspx" you can add the string “?ID=333" to the property, or can also separate multiple query strings with ampersands (&) so the final URL would be “~\articles.aspx?ID=333".

How to read a Query String
To read a query string value, access the Request.QuertString collection; just you would access a cookie. 

if (Request.QueryString["ID"] != null)         
         string v = Server.HtmlEncode(Request.QueryString["ID"]);         

You should always encode cookie or query string values using Server.HTMLEncode before displaying the value in an HTML web page to any user. This ensures there is no malicious code contained in the values before they are displayed.

Query Strings Limitations
Query strings has two limitations, the first one is that some browsers limit 2083-character on the length of the URL, second you must submit the page using an HTTP GET command in order for query strings values to be available during page processing.

Hidden fields
When a user visit a web application that contain web page that exchange data with web server, when the user submits a form hidden fields are sent back to the server but this information is never displayed by the browser.

You can use Hidden Field control to store a single variable in its value property and must be explicitly added to the page, you can user hidden fields only to store information for a single page and you must submit your page to the server using HTTP Post.

Unlike view state data, hidden fields have no built-in compression, encryption, hashing or chunking. So the users can view or modify data stored in hidden fields.

How to: Use Hidden Fields
1. Add hidden fields control named hiddenfield1.
2. In the page_load event handler add your code to store value in hiddenfield1.  

Hiddenfields.Value = "Innovation-Hut";