Sql Server 2005 Developer Install Fails

Remove MS 2003 OWC using appwiz.cpl (control panel / add remove programs).

Form Based Authentication in ASP.NET 2.0

Present user with a form that populates database with their credentials. All their information is stored with these credentials. Store all account information on an internal user id; but only allow unique email addresses. A user can have an unlimited number of accounts.

ASP.NET 2.0 Global Layout

Master pages allow you to manage look and feel of your web application from a single file.

Themes use Cascading Style Sheets and Control Skins to affect the global look and feel of your web application.

SQL Injection Attacks in ASP.NET

SQL injection attacks are often accomplished with the ' single quote or -- double dash as a comment.

Use parameterized queries as placeholders for the values in your SQL statements.

Configuration Guidelines

- Don't hardcode any connectivity information in your code.
- Put database connection information in section of Web.Config.
- Put application strings in section of Web.Config.
- Application settings can be drive mappings, IP address, file path, etc.
- Limit the number of Web.Config settings to a small number like 10.
- You shouldn't be changing your Web.Config every day.
- If an application setting will be changed often store it in the database.

+ Use the System.Configuration.ConfigurationManager class.
+ Define your settings in Private Shared variables.
+ Expose your settings as properties from your section.
+ Settings that need to change with users logged in should be tracked in a database.

Reference: Pro Asp.NET 2.0 Website Programming by Damon Armstrong