Common SELECT Statements (SQL Server) Monday, Jul 18 2011 

Followings are some examples of using SELECT statement. My table name tblTest. Followings are columns. (TestID, TestName, TestDate, TestCity )

1) Select * from tblTest (Returns all columns/Rows)

2) Select * from tblTest Where TestID=2 (Returns the row/s which TestID has value 2)

3) Select * from tblTest where TestID Between 10 and 20 (Return all rows between 10 and 20, this result includes 10 and 20)

4) Select * from tblTest Where TestCity in (‘New York’,’Washington’,’California’) (Returns all rows which city is NewYork, Washington, california)

5) Select * from tblTest Where TestName Like ‘A%’ (Return all rows where the name starts letter A)

6) Select * from tblTest Where TestName Like ‘%A’ (Return all rows where the name ends letter A)

7) Select * from tblTest Where TestName Like ‘[ABC]%’ (Return all rows of name start with A / B / C)

8) Select * from tblTest Where TestName Like ‘[^ABC]%’ (Return all rows of name not start with A and B and C)

9) Select (TestName+space(1)+TestCity) as Address from tblTest (Returns single column address, name and city added together with a space)

10) Select * from tblTest Where TestName IS NULL (Return all rows which TestNane has null values)

11) Select * from tblTest Where TestName IS NOT NULL (Return all rows which TestNane has not null values)

12) Select * from tblTest Order By TestID Desc (Sort the result set descending order, Asc or not using any sort Ascending order)

13) Select ‘Visual Studio’ as IDE, ‘2010’ as Version (Creating memory resident result set with two columns[IDE and Version])

14) Select Distinct TestID from tblTest (Returns unique rows based on TestID)

15) Select Top 10 * from tblTest  (Return 10 customers randomly)

16) Select getdate() (Shows the current date)

17) Select db_name() (shows the database name which you are working on)

18) Select @@Servername (Shows name of the server)

19) Select serverproperty (‘Edition’) (You can pass following ServerName, Edition, EngineEdition, ProductLevel to get current information about the server)

20) Select user_name() (Get current user)

21)  Select *  into #test from tblTest  (Create temporary table #test and insert all records from tblTest)

22)  Select Max(TestID) from tblTest (Returns Maximum TestID from tblTest)

23)  Select * from tblTest Compute Max(TestID) (Returns two result sets – getting all rows and maximum value of TestID)

24) Select FirstName, LastName,  Salary, DOB,

Case Gender
When ‘M’ Then ‘Male’
When ‘F’ Then ‘Female’
End
From Employees

(This Change Gender fields as if M then prints Male and if F then prints Female)  

SQL SERVER – Delete Duplicate Records – Rows Wednesday, Jun 15 2011 

Following code is useful to delete duplicate records. The table must have identity column, which will be used to identify the duplicate records. Table in example is has ID as Identity Column and Columns which have duplicate data are DuplicateColumn1, DuplicateColumn2 and DuplicateColumn3.

DELETE
FROM MyTable
WHERE ID NOT IN
(
SELECT MAX(ID)
FROM MyTable
GROUP BY DuplicateColumn1, DuplicateColumn2, DuplicateColumn3)

OOPS in a nutshell Thursday, May 12 2011 

OOPS – Object Oriented Programming Languages & Systems.
Everything in the world is an object. The type of the
object may vary. In OOPS, we get the power to create
objects of our own, as & when required.

Class – A class is an organized store-house in
object-oriented programming that gives coherent
functional abilities to a group of related code. It is
the definition of an object, made up of software code.
Using classes, we may wrap data and behaviour together
(Encapsulation). We may define classes in terms of
classes (Inheritance). We can also override the
behaviour of a class using an alternate behaviour
(Polymorphism).

Using inhertance, we may assign different traits to different
classes. Yet, the child classes will inherit some common
traits from the base class. As in the figure above, the
classes for “Permanent” and “Wage Worker” will inherit
some common traits from the class of “Employee”.

A class may contain class members like fields, properties,
events & methods with different types of access modifiers
like private, public, protected or friend, to process the
way they are accessed. In VB.NET, a class may be declared
as below…

Public Class SampleClass
‘define class members
End Class

Key Concepts of .NET – To work with classes and modules,
the key concepts to know are definition, access, inheritance,
constructors, destructors, delegates, abstract classes & interfaces..

Class members – The different types of entities in a class,
like fields, properties, events & methods.

Object – An object is an instance of a class. This instance
may be used to access the members of the class. It is pretty
easy to define an object. See sample code below…

Dim objSampleObject as SampleClass

Structure – It is a bit similar to a class. Semantically,
structures are known as value types, while classes as reference types. We do’nt instantiate an object using the New keyword while working with a structure. We can not inherit from a structure.

Public Structure Student
Public RollNo as Integer
Public Name as String
End Structure

Dim objStud as Student
objStud.RollNo=31
objStud.Name=”Monu”

Here, note that the object objStud is not exactly an instance,
it is a simple object (object of a structure) that is used to
access the members of this structure. It would have behaved
differently had it been an object of a class, as it would have
invoked the constructor associated with the class.

Public Class ClassCalc
Public Function FnAdd(ByVal dblA as double, ByVal dblB _

as double) as Double
FnAdd = dblA + dblB
End Function
End Class

Now, lets make use of the method FnAdd defined in the class
above. To use it, first create an object of this class, say
objX. Using this object, we can invoke the methods of this
class. See code below…

Dim objX as ClassCalc
Dim dblResult as Double
dblResult = objX.FnAdd(4.56,2.35)

Property – A property is a thing that describes the features of an object. A property is a piece of data contained within a class that has an exposed interface for reading/writing. Looking at that definition, you might think you could declare a public variable in a class and call it a property. While this assumption is somewhat valid, the true technical term for a public variable in a class is a field. The key difference between a field and a property is in the inclusion of an interface.

We make use of Get and Set keywords while working with
properties. We prefix the variables used within this code block with an underscore. Value is a keyword, that holds the value
which is being retrieved or set.

Private _Color As String
Public Property Color()
Get
Return _Color
End Get
Set(ByVal Value)
_Color = Value
End Set
End Property

Event – An action that an object does. When something happens, we say an event has happened. For example, when a button is clicked, we say it is the click( ) event. When a mouse hovers on an image, we say the mouseover( ) event has taken place.

Access Modifiers – Keywords used to vary the way members of a class are used. Following are different types…

1) Public – These classes can be used anywhere in the code.
There are no restrictions.

Available only to code outside our class

2) Private – These classes are accessible only within their
declaration contexts. This includes nested procedures. When a variable is declared Public inside a Private class, it is
accessible only from inside that class.

Available only to code inside our class

3) Protected – These classes extend the accessibility of their
members to their child classes (means, to the classes that derive from them). They extend their members to both themselves & their child classes.

Available only to classes that inherit from our class

4) Friend – Friend access means that elements are accessible only within the program. Friend is the default access modifer for any class that does not have a modifier.

Available only to code within our project/component

5) Protected Friend – Available only to classes that inherit from our class (in any project) or to code within our project/component. This is a combination of Protected and Friend.

Default – A Default property is a single property of a class that can be set as the default. This allows developers that use your class to work more easily with your default property because they do not need to make a direct reference to the property. Default properties cannot be initialized as Shared or Private and all must be accepted at least on argument or parameter. Default properties do not promote good code readability, so use this option sparingly.

Overloads – The Overloads property allows a function to be
described using deferent combinations of parameters. Each
combination is considered a signature, thereby uniquely defining an instance of the method being defined. You can define a function with multiple signatures without using the keyword Overloads, but if you use the Overloads keyword in one, you must use it in all of the function’s Overloaded signatures.

Shared -The Shared keyword is used in an inherited or base class to define a property or method as being shared among all instances of a given class. If multiple instances of a class with shared properties or methods are loaded, the shared properties or methods will provide the same data across each instance of the class. When one class alters the value for a shared property, all instances of that class will reflect the change. Shared properties of all instances of the class
point to the same memory location.

Overridable -The Overridable keyword is used when defining a property or method of an inherited class, as overridable by the inheriting class.

Overides – The Overides keyword allows the inheriting class to disregard the property or method of the inherited class and implements ts own code.

NotOverridable – The NotOverridable keyword explicitly declares a property or method as not overridable by an inheriting class, and all properties are “not overridable” by default. The only real advantage to using this keyword is to make your code more readable.

MustOverride – The MustOverride keyword forces the inheriting class to implement its own code for the property or method.

Shadows – The Shadows keyword will effectively hide all of the other methods in the baseclass. It is like forcefully getting rid of the overloading that has been done on the methods of the base class.
The Shadows keyword works like the Overloads keyword except that with shadows we do not have to follow rules such as implementing the same signature. The Shadows keyword does not require the consent (override ability) of the inherited class to replace the property or method’s implementation code. A method does not have to be defined as overridable for the Shadows keyword to work. Read the example…

‘This is the Base Class
Public Class Parent
Public Sub MyProc(ByVal num As Integer)
MsgBox(“Number in Parent is ” & num)
End Sub

Public Sub MyProc(ByVal st As String)
MsgBox(“String in Parent is ” & st)
End Sub
End Class

‘This is the Child Class
Public Class Child
Inherits Parent
Overloads Sub MyProc(ByVal num As Integer)
‘overloads the method with the same parameter list
MsgBox(“Number in Child is ” & num)
End Sub

Overloads Sub MyProc(ByVal ch As Char)
‘ overloads the method
MsgBox(“Character in Child is ” & ch)
End Sub
End Class

When we execute the following code…
Dim c As New Child()

‘ prints out “String in Parent is Hello Wazzup!”
c.MyProc(“Hello Wazzup!”)

‘ prints out “Number in Child is 12”
c.MyProc(12)

‘ prints out “Character in DerivedClass is B”
c.MyProc(Chr(66))

When we use Shadows keyword…
Public Class ChildNumber2
Inherits Parent
Shadows Sub MyProc(ByVal num As Integer)
‘ hides all the different argument list
MsgBox(“Number in ChildNumber2 is ” & num)
End Sub
End Class

Dim c2 As New DerivedClass2()
c2.MyProc(7) ‘only one method is exposed, rest of the
‘methods are hidden

Constructor – When a class instance is created in our code,
a special method of that class, called the constructor, is called. Similarly, when the class is destroyed, the destructor
method is called. These are general terms and usually not the actual member names in most object-oriented languages. It is initialized using the keyword New, and is destroyed using the keyword Finalize. In .NET, we tend to forget using Finalize as
the instances(means the object) are automatically destroyed by the Garbage Collecter, when the object is not in use by he CLR(Common Language Runtime).

Dim objSampleObject as New SampleClass
‘ write the code here…
objsampleobject.Finalize

We can add parameters to the constructors. This was’nt allowed in VB6. We can overload the constructors, change the order of parameters, datatypes of parameters which ultimately change the way the constructor works whenever an instance of that class is invoked.

Also note that a constructor can have any access modifier. If
no argument is added in a constructor, VB.NET adds a no-argument constructor during compile time. It adds the Public Sub New( ) with the class declared, if no argument is passed in the constructor. The following code is added…

Public Class ClassA
Public Sub New( )
End Sub

However, when the constructor is added with parameters, the following code is generated…

Public Class ClassA
Public Sub New(ByVal SomeString as String )
End Sub

When a child class’ object is declared, the child class
constructor & its parent class constructor, both are invoked.
Read example below for more clarity…

Public Class Books
Public Sub New()
System.Console.WriteLine(“Book’s constructor.”)
End Sub

Public Sub myProc()
System.Console.WriteLine(“This is a book.”)
End Sub
End Class

Public Class Authors : Inherits Books
Public Sub New()
System.Console.WriteLine(“Author’s constructor.”)
End Sub
End Class

When the Authors class’ constructor is invoked, like in the
following code, the Books class’ no-argument constructor is also called.

Dim author As Authors
author = New Authors()

The result on the console will be…

Book’s constructor.
Author’s constructor.

If the base class does’nt have a no-argument constructor, then it would result in a compiler error. Hence, we need to use the MyBase keyword with the constructor. Our child class will look like this…

Public Class Authors : Inherits Books
Public Sub New(ByVal SomeString As String)
MyBase.New(SomeString)
System.Console.WriteLine(“Authors’s constructor.”)
End Sub
End Class

If a class is not inheriting from any base class, then it will
call the base class constructor of System.Object if we are using MyBase.New( ). Summarizing constructors, whenever we initiate a constructor, the following things happen…

Base class constructor is invoked.
Class level variables are initialized.
Code in the class constructor gets executed.
If the argument name passed in the constructor, is same as the variable name used in the constructor, we use the Me keyword to refer to the constructor variable. For example if the variable name is SomeString, and the parameter passed is also SomeString, then the variable is referred as Me.SomeString.

Abstract Class – They are classes that cannot be instantiated. We cannot create an object from such a class for use in our program. We can use an abstract class as a base class, creating new classes that will inherit from it. Creating an abstract class with a certain minimum required level of functionality gives us a defined starting point from which we can derive non-abstract classes.

An abstract class may contain abstract methods & non-abstract methods. When a class is derived from an abstract class, the derived class must implement all the abstract methods declared in the base class. We may use accessibility modifiers in an abstract class (unlike in Interfaces).

An abstract class can inherit from a non-abstract class. In C++, this concept is known as pure virtual method.

Interface – its a kind of class, that has only methods, do not have code, just the definition of the methods. Also, the interface can’t be instantiated. Its an abstract class with public abstract methods, all of which must be implemented in the inherited classes. All methods in an interface are public, no other access modifier is used. It is public by default.

Classes can contain code, but interface dont. However, classes that implement an interface do contain code. Keep in mind that there are no instances of interfaces in VB .NET. Every instance is a type that implements an interface, but is itself not an instance of the interface. Also note, in an interface, all methods must be abstract (which is not necessary in an abstract class).

‘VB .NET Interface
Public Interface ISalary
Sub CreditSalary(ByVal Amount As Decimal)
ReadOnly Property Incentive() As Decimal
ReadOnly Property Attendance() As Integer
End Interface

To use members of an interface, we make use of the implements keyword.

Public Class Employee
Implements ISalary
Public Function Salary() As Decimal Implements ISalary.CreditSalary()
‘code here …
End Function
End Class

Serializable – This is a class attribute. When we use this attribute with a class, an instance of this class can be taken in whatever state it is, and write it to a disk. The class can then be deserialized, and the class will act as if it is simply stored in the memory.

Boxing & Unboxing – Value Types are stored on the stack and Reference types are stored on the heap. The conversion of value type to reference type is known as Boxing. Converting reference type back to value type
is known as Unboxing.

Value Types – Value types are primitive types that are mapped directly to the FCL. Like Int32 maps to System.Int32, double maps to System.double.
All value types are stored on stack and all the value types are derived from System.ValueType. All structures and enumerated types that are derived from System.ValueType are created on stack, hence known as ValueType.

Reference Types – Reference Types are different from value types in such a way that memory is allocated to them from the heap. All the classes are of reference type. C# new operator returns the memory address of the
object.

Partial Class – This concept has been introduced in .NET framework 2.0. They give you the ability to split a single class into more than one source code (.cs or .vb) file. Here’s what a partial class looks like when it’s split over two files…

// Stored in file MyClass1.cs
public partial class MyClass
{
public MethodA()
{…}
}

// Stored in file MyClass2.cs
public partial class MyClass
{
public MethodB()
{…}
}

When you build the application, Visual Studio .NET tracks down each piece of MyClass and assembles it into a complete, compiled class with two methods, MethodA() and MethodB().

Partial classes don’t offer much in the way of solving programming problems, but they can be useful if you have extremely large, unwieldy classes. (Of course, this might be a sign that you haven’t properly factored your problem, in which case you should really break your class down into separate classes.) The real purpose of partial classes in .NET is to hide automatically generated designer code.

Source: http://sites.google.com/site/moredotnet/oops

SQL Server Interview Questions and Answers ebook free download Wednesday, Nov 10 2010 

SQL Server Interview Questions and Answers ebook free download click here.

Sql server User Defined Function (UDF) VS Stored Procedure (SP) Wednesday, Oct 13 2010 

UDFs vs. Stored Procedures
UDFs and stored procedures are both SQL Server objects that store one or more T-SQL statements in a single named, executable routine. Although you can often implement the same or similar functionality using either a UDF or a stored procedure, the code will look significantly different depending on which technique you choose. Here are the main differences between UDFs and stored procedures:

  • A UDF must return a value-a single result set. A stored procedure can return a value-or even multiple result sets-but doesn’t have to.
  • You can use a UDF directly in a SELECT statement as well as in ORDER BY, WHERE, and FROM clauses, but you can’t use a stored procedure in a SELECT statement.
  • A UDF can’t use a nondeterministic function such as GETDATE(), NEWID(), or RAND(), whereas a stored procedure can use such functions. A nondeterministic function is one that can return a different result given the same input parameters.
  • A UDF can’t change server environment variables; a stored procedure can.
  • A UDF always stops execution of T-SQL code when an error occurs, whereas a stored procedure continues to the next instruction if you’ve used proper error handling code.

Some very important ADO.NET Interview Questions Thursday, Oct 7 2010 

How do you create an instance of SqlDataReader class?
To create an instance of SqlDataReader class, you must call the ExecuteReader method of the SqlCommand object, instead of directly using a constructor.
//Error! Cannot use SqlDataReader() constructor
//to create an instance of SqlDataReader class
SqlDataReader ReaderObject = new SqlDataReader();

//Call the ExecuteReader method of the SqlCommand object
SqlCommand CommandObject = new SqlCommand();
SqlDataReader ReaderObject = CommandObject.ExecuteReader();

Creating an instance of SqlDataReader class using SqlDataReader() constructor generates a compile time error – The type ‘System.Data.SqlClient.SqlDataReader’ has no constructors defined.

How do you programatically check if a specified SqlDataReader instance has been closed?
Use the IsClosed property of SqlDataReader to check if a specified SqlDataReader instance has been closed. If IsClosed property returns true, the SqlDataReader instance has been closed else not closed.

How do you get the total number of columns in the current row of a SqlDataReader instance?
FieldCount property can be used to get the total number of columns in the current row of a SqlDataReader instance.

Give an example for executing a stored procedure with parameters?
//Create the Connection Object
SqlConnection ConnectionObject = new SqlConnection(ConnectionString);
//Create the Command Object
SqlCommand CommandObject = new SqlCommand(“StoredProcedureName”, ConnectionObject);
//Specify to CommandObject that you intend to execute a Stored Procedure
CommandObject.CommandType = CommandType.StoredProcedure;
//Create an SQL Parameter object
SqlParameter ParameterObject = new SqlParameter();
//Specify the name of the SQL Parameter
ParameterObject.ParameterName = “Parameter1”;
//Assign the Parameter value
ParameterObject.Value = “Some Value”;
//Specify the Database DataType of the Parameter
ParameterObject.DbType = DbType.String;
//Specify the type of parameter – input-only, output-only, bidirectional
ParameterObject.Direction = ParameterDirection.Input;
//Associate the Parameter to the Command Object
CommandObject.Parameters.Add(ParameterObject);
//Open the connection
ConnectionObject.Open();
//Execute the command
int Records_Affected = CommandObject.ExecuteNonQuery();
//Close the Connection
ConnectionObject.Close();

What is the use of SqlParameter.Direction Property?
SqlParameter.Direction Property is used to specify the Sql Parameter type – input-only, output-only, bidirectional, or a stored procedure return value parameter. The default is Input.

How do you retrieve two tables of data at the same time by using data reader?
Include 2 select statements either in a stored procedure or in a select command and call the ExecuteReader() method on the command object. This will automatically fill the DataReader with 2 Tables of data.

The datareader will always return the data from first table only. If you want to get the second table then you need to use ReaderObject.NextResult() method. The NextResult() method will return true if there is another table. The following code shows you how do it.
//Create the SQL Query with 2 Select statements
string SQLQuery = “Select * from Customers;Select * from Employees;”;
//Create the Connection Object
SqlConnection ConnectionObject = new SqlConnection(ConnectionString);
//Create the Command Object
SqlCommand CommandObject = new SqlCommand(SQLQuery, ConnectionObject);
//Open the connection
ConnectionObject.Open();
//Execute the command. Now reader object will have 2 tables of data.
SqlDataReader ReaderObject = CommandObject.ExecuteReader();
//Loop thru the tables in the DataReader object
while (ReaderObject.NextResult())
{
while (ReaderObject.Read())
{
//Do Something
}
}
//Close the Reader
ReaderObject.Close();
//Close the Connection
ConnectionObject.Close();

What are the advantages of using SQL stored procedures instead of adhoc SQL queries in an ASP.NET web application?
Better Performance : As stored procedures are precompiled objects they execute faster than SQL queries. Every time we run a SQL query, the query has to be first compiled and then executed where as a stored procedure is already compiled. Hence executing stored procedures is much faster than executing SQL queries.
Better Security : For a given stored procedure you can specify who has the rights to execute. You cannot do the same for an SQL query. Writing the SQL statements inside our code is usually not a good idea. In this way you expose your database schema (design) in the code which may be changed. Hence most of the time programmers use stored procedures instead of plain SQL statements.
Reduced Network Traffic : Stored Procedures reside on the database server. If you have to execute a Stored Procedure from your ASP.NET web application, you just specify the name of the Stored Procedure. So over the network you just send the name of the Stored Procedure. With an SQL query you have to send all the SQL statements over the network to the database server which could lead to increased network traffic.

Can you update the database using DataReader object?
No, You cannot update the database using DataReader object. DataReader is read-only, foward only. It reads one record at atime. After DataReader finishes reading the current record, it moves to the next record. There is no way you can go back to the previous record.

What is the difference between a DataReader and a DataSet?
DataReader
1.
DatReader works on a Connection oriented architecture.
2. DataReader is read only, forward only. It reads one record at atime. After DataReader finishes reading the current record, it moves to the next record. There is no way you can go back to the previous record. So using a DataReader you read in forward direction only.
3. Updations are not possible with DataReader.
4. As DataReader is read only, forward only it is much faster than a DataSet.
DataSet
1.
DataSet works on disconnected architecture.
2. Using a DataSet you can move in both directions. DataSet is bi directional.
3. Database can be updated from a DataSet.
4. DataSet is slower than DataReader.

Give an example scenario of using a DataSet and a DataReader?
If you want to just read and display the data(No updates, deletes, or inserts) then use a DataReader.
If you want to do a batch inserts, updates and deletes then use a DataSet.

Source: http://venkataspinterview.blogspot.com/2008/07/frequently-asked-adonet-interview.html

SSL and HTTPS related ASP.NET Interview Questions Monday, Sep 13 2010 

How do you provide Secure Communication over the world wide web?
Security is not just a matter of identifying users and preventing unauthorized users from accessing your Web applications, but it’s just as important to ensure that sensitive data sent across the Internet can’t be read by others.

To provide secure communication across the Internet, IIS supports a standardized means of encrypting and decrypting Web requests and responses. This cryptography requires that you request an encryption key called a server certificate from an independent third party called a certificate authority.

What is Secure Sockets Layer (SSL)?
The Secure Sockets Layer (SSL) is the standard means of ensuring that data sent over the Internet can’t be read by others. When a user requests a secure Web page, the server generates an encryption key for the user’s session and then encrypts the page’s data before sending a response. On the client side, the browser uses that same encryption key to decrypt the requested Web page and to encrypt new requests sent from that page.

Explain the process of secure communication using SSL?
Using SSL in your application requires special authorization from a recognized certificate authority. This authorization comes in the form of a server certificate, which you install in IIS to identify your server. The certificate authority licenses server certificates (for a fee) and acts as a clearinghouse to verify your server’s identity over the Internet.

When a user’s browser begins secure communications, it requests the server certificate and checks it against a list of trusted sites provided by the certificate authority. If the server certificate does not match one of the sites already authorized by the user, or if the server certificate does not match the Web address for which it was registered, or if there are any other problems with the server certificate, the browser displays a warning.

In this way, the certificate authority not only provides encryption for secure data transmission, but it also provides assurance to users that your Web site is authentic.

What is the largest certificate authority?
The largest certificate authority is VeriSign.

What are the steps to follow to use SSL in your Web application?
1. Generate a certificate request from IIS.
2. Request a certificate from a certificate authority.
3. Install the certificate on the server using IIS.
4. Install the certificate on browsers if you are using a test certificate.
5. Use the Secure Hypertext Transfer Protocol (HTTPS) when accessing secure pages in your application.

What should you do before you can request a server certificate from a certificate authority?
Before you can request a server certificate from a certificate authority, you must generate a certificate request from IIS. The certificate request contains encrypted information about your server that the certificate authority uses to identify your server over the Internet.

What are the steps to follow to generate a certificate request from the IIS?
1. Select Default Web Site in the console tree of the IIS, and then choose Properties from the Action menu. IIS displays the Default Web Site Properties dialog box.
2. Click the Directory Security tab in the Properties dialog box, and then click Server Certificate. IIS starts the Web Server Certificate Wizard.
3. Step through the wizard by reading each screen and clicking Next. The wizard instructions are straightforward.
4. When you click Finish at the end, the wizard creates an encrypted text file with the .cer file extension. That file is the certificate request that you send to the certificate authority.

Why do you have to select Default Web Site when generating a Certificate Request from IIS?
IIS requires that a certificate be created at the server root before secure communications can be created or configured for subordinate sites on the server. That’s why you have to select Default Web Site (or the root Web site if you have renamed it). After you have installed a server certificate at the root, you can repeat the process for subordinate sites if you want separate certificates for those sites.

What is the file extension of a server certificate?
.cer

What are the steps to follow to install the Certificate to enable SSL for your Web applications?
To install a server certificate in IIS:
1. Select Default Web Site in the console tree of the IIS snap-in, and then choose Properties from the Action menu. IIS displays the Default Web Site Properties dialog box.
2. Click the Directory Security tab in the Properties dialog box, and then click Server Certificate. IIS starts the Web Server Certificate Wizard.
3. Click Next, and select Process The Pending Request And Install The Certificate.
4. Click Next, and enter the name of the certificate file.
5. Click Next, and then click Finish to complete the installation.

What is the protocol on which secure pages are generally requested?
HTTPS, the protocol HTTPS is what initializes the secure communication. When you’ve begun secure communication, it continues until you specify a nonsecure site.

What are the steps to follow to make a web page secure in a web application?
To require secure communication for a Web page using IIS, follow these steps
1. Select the folder or file that requires secure communication, and then choose Properties from the Action menu. IIS displays the Properties dialog box.
2. Click the Directory Security tab, and then click Edit in the Secure Communications group. IIS displays the Secure Communications dialog box.
3. Select the Require Secure Channel (SSL) check box, and click OK.

Can a user access secure web page over HTTP protocol instead of HTTPS?
No, When you require secure communication for a Web page, that page can’t be viewed using HTTP. The user must type in or click a link using HTTPS, otherwise, access will be denied.

Source: http://venkataspinterview.blogspot.com/2008/10/ssl-and-https-related-aspnet-interview.html

ASP.NET ViewState related Interview Questions Friday, Aug 20 2010 

What is ViewState?
Web forms have very short lifetimes.In ASP.NET, the data that is entered in controls is encoded and stored in a hidden field. This encoded data is then sent with each request and restored to controls in Page_Init. The data in these controls is then available in the Page_Load event.The data that ASP.NET preserves between requests is called the Web form’s view state.

How do you enable or disable a ViewState for a control on the page?
Every ASP.NET control has a property called EnableViewState. If EnableViewState is set to true ViewState is enabled for the control. If EnableViewState is set to false ViewState is disabled for the control.

How do you enable or disable a ViewState at the page level?
At the page level you can enable or disable ViewState using EnableViewState property of the page.

What is the name of the hidden form field in which ViewState of the page is saved?
__ViewState

What are the performance implications of ViewState?
ViewState is usually good to retain the state of the controls on the webform across postbacks. If you have a huge DataGrid with tons of data being loaded on every page load. It is a good idea to disable the ViewState of the DataGrid for the page to load faster. If the ViewState of a large DataGrid is not disabled, ViewState can easily get very large, on the order of tens of kilobytes. Not only does the __ViewState form field cause slower downloads, but, whenever the user posts back the Web page, the contents of this hidden form field must be posted back in the HTTP request, thereby lengthening the request time, as well.

When does ViewState restoration happens?
During the Page_Init event

What are the disadvantages of using ViewState?
1. On all page visits, during the save view state stage the Page class gathers the collective view state for all of the controls in its control hierarchy and serializes the state to a base-64 encoded string. (This is the string that is emitted in the hidden __ViewState form filed.) Similarly, on postbacks, the load view state stage needs to deserialize the persisted view state data, and update the pertinent controls in the control hierarchy.

2. The __ViewState hidden form field adds extra size to the Web page that the client must download. For some view state-heavy pages, this can be tens of kilobytes of data, which can require several extra seconds (or minutes!) for modem users to download. Also, when posting back, the __ViewState form field must be sent back to the Web server in the HTTP POST headers, thereby increasing the postback request time.

Is ViewState encoded?
Yes, ViewState is base-64 encoded.

Can you encrypt ViewState of Page?
Yes, we can use the LosFormatter class to encrypt ViewState of Page

Can the HTML controls retian State accross postbacks?
No, by default HTML controls donot retain state accross postbacks.

Can you make HTML controls retain State accross postbacks?
Yes, HTML controls can retain State accross postbacks, if you convert HTML controls to Server Controls. There are 2 ways to convert HTML control to Server Controls.

1. Right click on the HTML Control and then click “Run As Server Control”
Or
2. Set runat=”server” attribute for the Control.

Is ViewState supported in classic ASP?
No,ViewState is introduced in asp.net, it was not in classic asp.

When a form is submitted in classic ASP, all form values are cleared. Suppose you have submitted a form with a lot of information and the server comes back with an error. You will have to go back to the form and correct the information. You click the back button, and what happens…….ALL form values are CLEARED, and you will have to start all over again! The site did not maintain your ViewState.

When a form is submitted in ASP .NET, the form reappears in the browser window together with all form values. How come? This is because ASP .NET maintains your ViewState. The ViewState indicates the status of the page when submitted to the server.

Is ViewState of one page available to another page?
No, ViewState of a Page is available only in that page. You cannot access ViewState of one page from another page.

Can you programatically store and retrieve data from ViewState?
Yes. In ASP.NET you can programatically store and retrieve data from ViewState.See the example below

//Save the value in ViewState object
ViewState(“SomeVar”) = txtFirstName.text;

//Retrieve the value from ViewState object
String strFirstName = ViewState(“SomeVar”).ToString();

Can someone view the Page HTML source and read ViewState?
No. ViewState is base-64 encoded. Hence you cannot read ViewState. If you right click on the Page and View Source you will find __ViewState is base-64 encoded.

What happens during the Page_Init event?
The server controls are loaded and initialized from the Web form’s view state. This is the first step in a Web form’s life cycle.

Source: http://venkataspinterview.blogspot.com/2008/07/aspnet-viewstate-related-interview.html

SSL and HTTPS related ASP.NET Interview Questions Friday, Aug 20 2010 

How do you provide Secure Communication over the world wide web?
Security is not just a matter of identifying users and preventing unauthorized users from accessing your Web applications, but it’s just as important to ensure that sensitive data sent across the Internet can’t be read by others.

To provide secure communication across the Internet, IIS supports a standardized means of encrypting and decrypting Web requests and responses. This cryptography requires that you request an encryption key called a server certificate from an independent third party called a certificate authority.

What is Secure Sockets Layer (SSL)?
The Secure Sockets Layer (SSL) is the standard means of ensuring that data sent over the Internet can’t be read by others. When a user requests a secure Web page, the server generates an encryption key for the user’s session and then encrypts the page’s data before sending a response. On the client side, the browser uses that same encryption key to decrypt the requested Web page and to encrypt new requests sent from that page.

Explain the process of secure communication using SSL?
Using SSL in your application requires special authorization from a recognized certificate authority. This authorization comes in the form of a server certificate, which you install in IIS to identify your server. The certificate authority licenses server certificates (for a fee) and acts as a clearinghouse to verify your server’s identity over the Internet.

When a user’s browser begins secure communications, it requests the server certificate and checks it against a list of trusted sites provided by the certificate authority. If the server certificate does not match one of the sites already authorized by the user, or if the server certificate does not match the Web address for which it was registered, or if there are any other problems with the server certificate, the browser displays a warning.

In this way, the certificate authority not only provides encryption for secure data transmission, but it also provides assurance to users that your Web site is authentic.

What is the largest certificate authority?
The largest certificate authority is VeriSign.

What are the steps to follow to use SSL in your Web application?
1. Generate a certificate request from IIS.
2. Request a certificate from a certificate authority.
3. Install the certificate on the server using IIS.
4. Install the certificate on browsers if you are using a test certificate.
5. Use the Secure Hypertext Transfer Protocol (HTTPS) when accessing secure pages in your application.

What should you do before you can request a server certificate from a certificate authority?
Before you can request a server certificate from a certificate authority, you must generate a certificate request from IIS. The certificate request contains encrypted information about your server that the certificate authority uses to identify your server over the Internet.

What are the steps to follow to generate a certificate request from the IIS?
1. Select Default Web Site in the console tree of the IIS, and then choose Properties from the Action menu. IIS displays the Default Web Site Properties dialog box.
2. Click the Directory Security tab in the Properties dialog box, and then click Server Certificate. IIS starts the Web Server Certificate Wizard.
3. Step through the wizard by reading each screen and clicking Next. The wizard instructions are straightforward.
4. When you click Finish at the end, the wizard creates an encrypted text file with the .cer file extension. That file is the certificate request that you send to the certificate authority.

Why do you have to select Default Web Site when generating a Certificate Request from IIS?
IIS requires that a certificate be created at the server root before secure communications can be created or configured for subordinate sites on the server. That’s why you have to select Default Web Site (or the root Web site if you have renamed it). After you have installed a server certificate at the root, you can repeat the process for subordinate sites if you want separate certificates for those sites.

What is the file extension of a server certificate?
.cer

What are the steps to follow to install the Certificate to enable SSL for your Web applications?
To install a server certificate in IIS:
1. Select Default Web Site in the console tree of the IIS snap-in, and then choose Properties from the Action menu. IIS displays the Default Web Site Properties dialog box.
2. Click the Directory Security tab in the Properties dialog box, and then click Server Certificate. IIS starts the Web Server Certificate Wizard.
3. Click Next, and select Process The Pending Request And Install The Certificate.
4. Click Next, and enter the name of the certificate file.
5. Click Next, and then click Finish to complete the installation.

What is the protocol on which secure pages are generally requested?
HTTPS, the protocol HTTPS is what initializes the secure communication. When you’ve begun secure communication, it continues until you specify a nonsecure site.

What are the steps to follow to make a web page secure in a web application?
To require secure communication for a Web page using IIS, follow these steps
1. Select the folder or file that requires secure communication, and then choose Properties from the Action menu. IIS displays the Properties dialog box.
2. Click the Directory Security tab, and then click Edit in the Secure Communications group. IIS displays the Secure Communications dialog box.
3. Select the Require Secure Channel (SSL) check box, and click OK.

Can a user access secure web page over HTTP protocol instead of HTTPS?
No, When you require secure communication for a Web page, that page can’t be viewed using HTTP. The user must type in or click a link using HTTPS, otherwise, access will be denied.

Source: http://venkataspinterview.blogspot.com/2008/10/ssl-and-https-related-aspnet-interview.html#comment-form

Sharepoint Interview Questions with Answers Monday, May 31 2010 

What is a SharePoint Feature? What files are used to define a feature?
A SharePoint Feature is a functional component that can be activated and deactivate at various scopes throughout a SharePoint instances, scope of which are defined as
1. Farm level 2. Web Application level 3. Site level 4. Web level
Features have their own receiver architecture, which allow you to trap events such as when a feature is
Installing, Uninstalling, Activated, or Deactivated.

The element types that can be defined by a feature include
menu commands, link commands, page templates, page instances, list definitions, list instances,
event handlers, and workflows.

The two files that are used to define a feature are the feature.xml and manifest file(elements.xml). The feature XML file defines the actual feature and will make SharePoint aware of the installed feature. The manifest file contains details about the feature such as functionality.

• Workflow can be applied to what all elements of SharePoint ?
Workflow associations are often created directly on lists and libraries, a workflow association can also be created on a content type that exists within the Content Type Gallery for the current site or content types defined within a list. In short, it can be applied …
At the level of a list/library
At the level of a content type defined at site scope
At the level of a content type defined at list scope

• What are the types of input forms that can be created for a workflow ?
You can create four different types of input forms including
1. An association form
2. An initiation form
3. A modification form
4. A task edit form.

Note that these forms are optional when you create a workflow template.

• What are ways to create input forms for workflow ?
Two
1. You can create your forms by using custom application pages, which are standard .aspx pages deployed to run out of the _layouts directory. ( disadv: lot of code required when compared to Infopath approach)
2. Using Microsoft Office InfoPath 2007 (disadv: picks up a dependenct on MOSS, i.e. it cannot run in a standalone WSS environment)

• What is the difference between method activity and event activity in WorkFlow ?
A method activity is one that performs an action, such as creating or updating a task. An event activity is one that runs in response to an action occurring.

• What are content types?
A content type is a flexible and reusable WSS type definition (or we can a template) that defines the columns and behavior for an item in a list or a document in a document library. For example, you can create a content type for a leave approval document with a unique set of columns, an event handler, and its own document template and attach it with a document library/libraries.
• Can a content type have receivers associated with it?
Yes, a content type can have an event receiver associated with it, either inheriting from the SPListEventReciever base class for list level events, or inheriting from the SPItemEventReciever base class. Whenever the content type is instantiated, it will be subject to the event receivers that are associated with it.

What two files are typically (this is kept generally) included when developing a content type, and what is the purpose of each?
There is generally the main content type file that holds things like the content type ID, name, group, description, and version. There is also the ContentType.Fields file which contains the fields to include in the content type that has the ID, Type, Name, DisplayName, StaticName, Hidden, Required, and Sealed elements. They are related by the FieldRefs element in the main content type file.

What is an ancestral type and what does it have to do with content types?
An ancestral type is the base type that the content type is deriving from, such as Document (0x0101). The ancestral type will define the metadata fields that are included with the custom content type.

• Can a list definition be derived from a custom content type?
Yes, a list definition can derive from a content type which can be seen in the schema.XML of the list definition in the element.

• When creating a list definition, how can you create an instance of the list?
You can create a new instance of a list by creating an instance.XML file

What is a Field Control?
Field controls are simple ASP.NET 2.0 server controls that provide the basic field functionality of SharePoint. They provide basic general functionality such as displaying or editing list data as it appears on SharePoint list pages.

• What base class do custom Field Controls inherit from?
This varies. Generally, custom field controls inherit from the Microsoft.SharePoint.WebControls.BaseFieldControl namespace, but you can inherit from the default field controls.

Can multiple SharePoint installs point to the same DB?
Multiple SharePoint installs can use the same database server. Not literally the same database on that server. That server must be SQL Server 2000 or SQL Server 2005. It cannot be Oracle or another vendor.

• How to create links to the mapped network drives?
Creating links to mapped drives in WSS v3 or MOSS 2007 can be done via
the new content type for .lnk files.

• While creating a Web part, which is the ideal location to Initialize my new controls?
Override the CreateChildControls method to include your new controls. You can control the exact rendering of your controls by calling the .Render method in the web parts Render method.

What are the two base classes a WebPart you are going to use within SharePoint 2007 can inherit from?
There are two base classes that a WebPart which is going to be consumed by SharePoint can inherit from, either the
SharePoint WebPart Base class
or the
ASP.NET 2.0 WebPart base class.
When inheriting from the SharePoint WebPart Base class your derived WebPart class will inherit from Microsoft.SharePoint.WebPartPages.WebPart. When inheriting from the ASP.NET 2.0 WebPart base class your derived WebPart class will inherit from System.Web.UI.WebControls.WebParts.WebPart. It is considered good practice to use the ASP.NET WebPart base class since the old base class is meant for backwards compatibility with previous version of SharePoint, however there are four exception when it is better to leverage functionality from the SharePoint WebPart base class:
Cross page connections
Connections between Web Parts that are outside of a Web Part zone
Client-side connections (Web Part Page Services Component)
Data caching infrastructure

What are the differences between the two base classes and what are the inherit benefits of using one over another?
The difference is the Microsoft.SharePoint.WebPartPages.WebPart base class is meant for backward compatibility with previous versions of SharePoint. The benefit of using the SharePoint WebPart base class is it supported:
Cross page connections
Connections between Web Parts that are outside of a Web Part zone
Client-side connections (Web Part Page Services Component)
Data caching infrastructure
ASP.NET 2.0 WebParts are generally considered better to use because SharePoint is built upon the ASP.NET 2.0 web architecture. Inheriting from the ASP.NET 2.0 base class offers you features that inherit to ASP.NET 2.0, such as embedding resources as opposed to use ClassResources for deployment of said types.

• What is the WebPartManager sealed class? What is its purpose?
The WebPartManager sealed class is responsible for managing everything occurring on a WebPart page, such as the WebParts (controls), events, and misc. functionality that will occur in WebPartZones. For example, the WebPartManager is responsible for the functionality that is provided when you are working with moving a WebPart from WebPartZone to WebPartZone. It is known as the “the central class of the Web Part Control Set.”

• What does AllowUnsafeUpdates do ?
If your code modifies Windows SharePoint Services data in some way, you may need to allow unsafe updates on the Web site, without requiring a security validation. You can do by setting the AllowUnsafeUpdates property.

• What does RunWithElevatedPrivileges do?
There are certain object model calls model that require site-administration privileges. To bypass access-denied error, we use RunWithElevatedPrivileges property when request is initiated by a nonprivileged user. We can successfully make calls into the object model by calling the RunWithElevatedPrivileges method provided by the SPSecurity class.
• What does SPWeb.EnsureUser method do?
Checks whether the specified login name belongs to a valid user of the Web site, and if the login name does not already exist, adds it to the Web site.
e.g SPUser usr = myWeb.EnsureUser(“hitenders”);

• What is a SPSite and SPWeb object, and what is the difference between each of the objects?
The SPSite object represents a collection of sites (site collection [a top level site and all its subsites]). The SPWeb object represents an instance SharePoint Web, and SPWeb object contains things like the actual content. A SPSite object contains the various subsites and the information regarding them.

• What does a SPWebApplication object represent?
The SPWebApplication objects represents a SharePoint Web Application, which essentially is an IIS virtual server. Using the class you can instigate high level operations, such as getting all the features of an entire Web Application instance, or doing high level creation operations like creating new Web Applications through code.

Would you use SPWebApplication to get information like the SMTP address of the SharePoint site?
Yes, since this is a Web Application level setting. You would iterate through each SPWebApplication in the SPWebApplication collection, and then use the appropriate property calls (OutboundMailServiceInstance) in order to return settings regarding the mail service such as the SMTP address.

• How do you return SharePoint List items using SharePoint web services?
In order to retrieve list items from a SharePoint list through Web Services, you should use the lists.asmx web service by establishing a web reference in Visual Studio. The lists.asmx exposes the GetListItems method, which will allow the return of the full content of the list in an XML node. It will take parameters like the GUID of the name of the list you are querying against, the GUID of the view you are going to query, etc.
Side Question: I got asked how I built queries with the lists.asmx web service. In order to build queries with this service, one of the parameters that the GetListItems method exposes is the option to build a CAML query. There are other ways to do this as well, but that was how I answered it.

• When retrieving List items using SharePoint Web Services, how do you specify explicit credentials to be passed to access the list items?
In order to specify explicit credentials with a Web Service, you generally instantiate the web service, and then using the credentials properties of the Web Service object you use the System.Net.NetworkCredential class to specify the username, password, and domain that you wish to pass when making the web service call and operations.

• What is CAML, and why would you use it?
CAML stands for Collaborative Application Markup Language. CAML is an XML based language which provides data constructs that build up the SharePoint fields, view, and is used for table definition during site provisioning. CAML is responsible for rending data and the resulting HTML that is output to the user in SharePoint. CAML can be used for a variety of circumstances, overall is used to query, build and customize SharePoint based sites. A general use would be building a CAML query in a SharePoint WebPart in order to retrieve values from a SharePoint list.

• What is impersonation, and when would you use impersonation?
Impersonation can basically provide the functionality of executing something in the context of a different identity, for example assigning an account to users with anonymous access. You would use impersonation in order to access resources on behalf of the user with a different account, that normally, that wouldn’t be able to access or execute something.

What are WebPart properties, and what are some of the attributes you see when declaring WebPart properties in code?
WebPart properties are just like ASP.NET control properties, they are used to interact with and specify attributes that should be applied to a WebPart by a user. Some of the attributes you see with ASP.NET 2.0 properties are WebDescription, WebDisplayName, Category, Personalizable, and WebBrowsable. Although most of these properties come from the System.Web.UI.WebControls.WebParts class, ones like Category come out of System.ComponentModel namespace.

• Why are properties important in WebPart development, and how have you exploited them in past development projects? What must each custom property have?
Properties are important because WebParts allow levels of personalization for each user. WebPart properties make it possible for a user to interact, adjust, and increase overall experience value with the programmatic assets that you develop without having the need to use an external editor or right any code. A very simple example of exploiting a property would be something like allowing the user to change the text on the WebPart design interface so that they can display whatever string of text they desire.
Each custom property that you have must have the appropriate get and set accessor methods.

• What are ClassResources? How do you reference and deploy resources with an ASP.NET 2.0 WebPart?
ClassResources are used when inheriting from the SharePoint.WebPart.WebPartPages.WebPart base class, and are defined in the SharePoint solution file as things that should be stored in the wpresources directory on the server. It is a helpful directory to use in order to deploy custom images. In ASP.NET 2.0, typically things such as images are referenced by embedding them as resources within an assembly. The good part about ClassResources is they can help to eliminate recompiles to change small interface adjustments or alterations to external JavaScript files.

• What is a SharePoint Solution File? How does it differ from WebPart .cab files in legacy development? What does it contain?
A SharePoint solution file is essentially a .cabinet file with all a developers ustom componets suffixed with a .wsp extension that aids in deployment. The big difference with SharePoint solution files is is that a solution:
allows deployment to all WFE’s in a farm
is highly manageable from the interface allowing deployment, retraction, and versioning
Can package all types of assets like site definitions, feature definitions (and associated components), Webparts, etc.
Can provide Code Access Security provisioning to avoid GAC deployments
And much more..

• What is a .ddf file and what does it have to do with SharePoint Solution creation?
A .ddf file is a data directive file and is used when building the SharePoint solution bundle specifying the source files and their destination locations. The important thing for someone to understand is that the .ddf file will be passed as a parameter to the MAKECAB utility to orchestrate construction of the SharePoint solution file.

• What file does a SharePoint solution package use to orchestrate (describe) its packaged contents?
The solution Manifest.XML file.

• What deployment mechanism can you use to instigate Code Access Security attributes for your WebParts?
SharePoint solution files can add in order to handle code access security deployment issues. This is done in the element in the SharePoint solution manifest.XML, which makes it easier to get assemblies the appropriate permissions in order to operate in the bin directory of the web application.

• What are event receivers?
Event receivers are classes that inherit from the SpItemEventReciever or SPListEventReciever base class (both of which derive out of the abstract base class SPEventRecieverBase), and provide the option of responding to events as they occur within SharePoint, such as adding an item or deleting an item.

• When would you use an event receiver?
Since event receivers respond to events, you could use a receiver for something as simple as canceling an action, such as deleting a document library by using the Cancel property. This would essentially prevent users from deleting any documents if you wanted to maintain retention of stored data.

• What base class do event receivers inherit from?
Event receivers either inherit from the SPListEventReciever base class or the SPItemEventReciever base class, both which derive from the abstract base class SPEventReceiverBase.

• If I wanted to not allow people to delete documents from a document library, how would I go about it?
You would on the ItemDeleting event set: properties.Cancel= true.

• What is the difference between an asynchronous and synchronous event receivers?
An asynchronous event occurs after an action has taken place, and a synchronous event occurs before an action has take place. For example, an asynchronous event is ItemAdded, and its sister synchronous event is ItemAdding

.What are Application Pages in SharePoint?
Unlike site pages (for example, default.aspx), a custom application page is deployed once per Web server and cannot be customized on a site-by-site basis. Application pages are based in the virtual _layouts directory. In addition, they are compiled into a single assembly DLL.

A good example of an Application Page is the default Site Settings page: every site has one, and it’s not customizable on a per site basis (although the contents can be different for sites).

With application pages, you can also add inline code. With site pages, you cannot add inline code.

Typically, you link custom application pages to application.master, the master page file that is used by the default application pages in Windows SharePoint Services. You should also write application pages to inherit from a base class defined inside the Microsoft.SharePoint assembly named LayoutsPageBase.

.When to use Diffrent Site Collections?

Ans. An Individual Site collection offers following :

For the Users:

Dedicated Recycle bins
Dedicated usage Reports
Distributed administration (site collection administrators)
Dedicated search scopes, keywords, and best-bets
Custom feature deployments
Dedicated language translation maintenance
Dedicated galleries for web parts, master pages, content types, site columns, site templates, and list templates
Dedicated shared libraries, such as site collection images and site collection styles
Dedicated real estate (Self Containment)

For the IT Administrators:

Site quota templates
Distributed administration
Site locking
Database maintenance options
Backup / Restore abilities
Content Deployments
InfoPath forms services global template targeting.

.What are Security methods(Authentication methods) available in sharepoint.

Ans :“Out of the box”, SharePoint 2007 supports nine authentication methods. NTLM (short for NT Lan Manager, which is simply the Windows authentication that everyone is familiar with) and Kerberos (also a Windows “standard” authentication) are offered during installation, but I recommend to get started with NTLM, as Kerberos requires “special configuration by the domain administrator”, while NTLM works without further hassle.

.What does AllowUnsafeUpdates do ?
If your code modifies Windows SharePoint Services data in some way, you may need to allow unsafe updates on the Web site, without requiring a security validation. You can do by setting theAllowUnsafeUpdates property.

C#:
using(SPSite mySite = new SPSite(“yourserver”))
{
using(SPWeb myWeb = mySite.OpenWeb())
{
myWeb.AllowUnsafeUpdates = true;
SPList interviewList = myWeb.Lists[“listtoinsert”];
SPListItem newItem = interviewList.Items.Add();

newItem[“interview”] = “interview”;
newItem.Update();
}
}

.How Does SharePoint work?
The browser sends a DAV packet to IIS asking to perform a document check in. PKMDASL.DLL, an ISAPI DLL, parses the packet and sees that it has the proprietary INVOKE command. Because of the existence of this command, the packet is passed off to msdmserv.exe, who in turn processes the packet and uses EXOLEDB to access the WSS, perform the operation and send the results back to the user in the form of XML.

.What is the difference between Syncronous & Asyncronous events?
Syncronous calls ending with ‘ing’
E.g. ItemDeleting
Event Handler code execute BEFORE action is committed
WSS waits for code to return
Option to cancel and return error code

Asyncronous calls ending with ‘ed’
E.g. ItemDeleted
Event Handler code executes AFTER action is committed
WSS does not wait for code to return
Executed in its own Worker thread.

.What is ServerUpdate() ?
Any changes in the list, i.e. new addition or modification of an item.. the operation is complete by calling the Update method.

But if a List is set to maintain versions .. and you are editing an item, but don’t want to save it as a new version, then use the SystemUpdate method instead and pass in ‘false’ as the parameter.

.What is query.ViewAttributes OR How can you force SPQuery to return results from all the folders of the list?

If you use SPQuery on any SPlist .. it will bring back results from the current folder only.
If you want to get results from all the folders in the list.. then you need to specify the scope of the query by the use of ViewAttributes..
e.g. query.ViewAttributes = “Scope=\”Recursive\””;