Application Security Testing: An Integral Part of DevOps
I don't need to tell most of you how important serialization is in your programs. If today is the first time you come across the term Serialization, I'd suggest reading here before continuing.
Being able to serialize and deserialize information in your apps is a very important feature to have. Being able to save and load information stored is crucial. There are many ways to serialize data, but it all depends on your program's needs. You can serialize info into and from the registry; you can store and load info from a database, or from a file. Today we will save info to an xml file and load it from that xml file.
Figure 1 - Our Design
I decided that instead of serializing basic tidbits of data, to throw a spanner in the works and demonstrate how to save real objects created from code. For this demonstration we will create a new class called clsStudent and give it some properties. These properties will be the information we will serialize. Let us add a new class now, and edit its code.
Add the necessary namespace(s), in General Declarations:
Imports System.Xml.Serialization 'The Serialization namespace contains classes that are used to serialize objects into XML format documents or streams
Now, let us add the Student Class' member variables:
Private strName As String 'Name Member Variable Private strCourse As String 'Course Member Variable Private intStuNo As Integer 'StudentNumber Member Variable
The above member variables will be used in conjunction with our class' properties (which we will add now) to get and set their values. Let us add the Properties now.
'Gets / Sets Student Name Public Property StudentName() As String Get StudentName = strName End Get Set(ByVal Value As String) strName = Value End Set End Property 'Gets / Sets Student's Course Public Property StudentCourse() As String Get StudentCourse = strCourse End Get Set(ByVal Value As String) strCourse = Value End Set End Property 'Gets / Sets StudentNumber <XmlElementAttribute(ElementName:="Student Number")> _ Public Property StudentNumber() As Integer Get StudentNumber = intStuNo End Get Set(ByVal Value As Integer) intStuNo = Value End Set End Property
You can probably tell what the above code does. We simply give our Student class some properties. These properties include StudentName (for the Student's name), StudentCourse (what course the student does) and StudentNumber (the student's student number).
We need to connect our student class, and from there populate it with our form's controls. Finally, we must serialize and deserialize the entered info.
frmSD ( or However You Named It )
Let us start with the namespaces again. I always start with the namespaces - old habits die hard I suppose. Add the following two namespaces to your form's general declarations section:
Imports System.IO 'File Input & Output Imports System.Xml.Serialization 'The Serialization namespace contains classes that are used to serialize objects into XML format documents or streams
Let us now add the serialization code:
Private Sub btnS_Click(sender As Object, e As EventArgs) Handles btnS.Click 'Instantiate new Student object Dim stu As New clsStudent() 'Information to save stu.StudentName = txtName.Text stu.StudentCourse = txtCourse.Text stu.StudentNumber = Convert.ToInt16(txtStuNum.Text) 'Serialize student object to an XML file, via the use of StreamWriter Dim objStreamWriter As New StreamWriter("C:\StudentInfo.xml") Dim xsSerialize As New XmlSerializer(stu.GetType) 'Determine what object types are present xsSerialize.Serialize(objStreamWriter, stu) 'Save objStreamWriter.Close() 'Close File End Sub
We created a new clsStudent object, and populated it with whatever data was entered into the textboxes. Note, if you have named your objects differently, you will have to compensate for that in your code.
We then created a StreamWriter object, which will create our file on the C drive, called StudentInfo.xml.
We created an XmlSerializer object that will facilitate in the serializing of our data. Lastly we wrote our entered data, and closed the file.
Let us add the Deserialization code:
Private Sub btnD_Click(sender As Object, e As EventArgs) Handles btnD.Click 'Deserialize XML file to a new Student object. Dim objStreamReader As New StreamReader("C:\StudentInfo.xml") 'Read File Dim stu As New clsStudent() 'Instantiate new Student Object Dim xsDeserialize As New XmlSerializer(stu.GetType) 'Get Info present stu = xsDeserialize.Deserialize(objStreamReader) 'Deserialize / Open objStreamReader.Close() 'Close Reader 'Display values of the new student object txtName.Text = stu.StudentName txtCourse.Text = stu.StudentCourse txtStuNum.Text = CStr(stu.StudentNumber) End Sub
Same principle as the serialization, but we just load the info with the help of the Deserialize method of the XmlSerializer object and load the info into our textboxes.
If you run your project now, you will be able to save your entered data, and then load them. I am including the source files below.
As always, (you may say that I sound like a broken record sometimes - blame it on my O. C. D.) I hope you have enjoyed this little article, and that you have learned something from it. Until next time! Cheers! - I always say that too...