Overview of SharePoint Controls
Controls are nothing but reusable user interface components that execute when a SharePoint page is requested and render the generated markup to the web browser. SharePoint controls can be classified broadly under the following two categories:
• User controls
• Custom controls or web controls
The major difference between a user control and a custom control is that user controls are much easier to develop due to a high level of visual design support available for these controls. The user interface elements are coded separately using the template markup code and stored in .ascx file. Visual designers such as Visual Studio facilitate the development process by allowing you to drag and drop the standard web controls (such as text boxes, labels, and so on) onto the designer surface. Thus the development process for user controls is similar to that of developing ASP.NET pages, the only difference being the template markup file has .ascx extension in place of .aspx and user controls inherit from the System.Web.UI.UserControl class instead of System.Web.UI.Page class.
Web controls on the other hand contain only the assembly code. The user interface elements are also emitted using the assembly code, contained in a .cs (for C# development) or .vb (for Visual Basic development) file. Due to the absence of separate template markup code for user interface elements, no design time support is available for custom controls.
To better appreciate the features and functionalities provided by user and custom controls this hour looks at the steps involved in creating user and custom controls.
Developing User Controls
As discussed earlier, user controls are developed similarly to ASP.NET page development. In fact they can also be thought of as ASP.NET pages having a .ascx extension. Like the ASP.NET web forms, user controls also have two separate files associated with them, one containing the markup code and the other containing the assembly code.
You can also merge the markup code and the assembly code to write inline code blocks in the markup file. However, this is generally not considered a good practice, as it reduces code readability.
All the out of the box SharePoint user controls are stored in the TEMPLATECONTROLTEMPLATES folder under the SharePoint root (or the 14 hive). Any user control you develop should also go into this directory.
Since the markup code file for a user control (that is, an ASCX file) must be placed under the TEMPLATECONTROLTEMPLATES folder, user controls can be deployed only as farm solutions.
Try It Yourself: Create a User Control
1. Create an Empty SharePoint Project in Visual Studio 2010, name it as UserAndCustomControl and configure it to be deployed as a farm solution.
2. Next add a new User Control item to the project, name it as ImageUploaderUserControl, and open it in designer mode.
3. Drag and drop the required control elements from the toolbox onto the designer surface, a File Upload control, a Button control, and a label in this case.
4. Rename the button and the label text so that your user control looks something similar to Figure 5.1.
Figure 5.1. Image Uploader user control
5. Once the user interface elements of the control are ready, double-click the Upload File button and add the following code to the button’s Click event:
protected void ButtonUpload_Click(object sender, EventArgs e)
{
try
{
// Get root web reference
SPWeb rootWeb = SPContext.Current.Site.RootWeb;
// Get reference to MyPictureLibrary
SPPictureLibrary myPictureLibrary =
rootWeb.GetList("MyPictureLibrary") as SPPictureLibrary;
// Get the FileBytes from the File Upload Control
byte[] fileBytes = this.FileUpload1.FileBytes;
// Prepare destination Url and upload the file
string fileName =
Path.GetFileName(this.FileUpload1.PostedFile.FileName);
SPFile file =
myPictureLibrary.RootFolder.Files.Add(
fileName,
fileBytes,
true);
file.Update();
this.LabelUploadResult.Text = "Upload Successful!";
}
catch (Exception ex)
{
this.LabelUploadResult.Text = "Upload Failed:" + ex.Message;
}
}
The preceding code gets a reference to the top level site in the current site collection and uploads the picture file selected by the user using the File Upload control to a picture library called MyPictureLibrary in the top-level site. The result of the file upload operation, whether success or failure, is displayed using the UploadResult label. Ensure that you have the picture library MyPictureLibrary already created. Later in the hour in the discussion related to web parts, you learn how the end user can configure the library name using the web browser itself.
6. To test this user control, add a new Application Page, called ControlDemo.aspx, to the project and add the following Register tag in the page to register the control:
<%@ Register TagPrefix="uc" TagName="FileUploader"
Src="~/_controltemplates/ImageUploaderUserControl/ ImageUploaderUserControl.ascx" %>
7. Once the control is registered on the page, you can use the following markup code to add the user control anywhere inside the page:
<uc:FileUploader ID="PictureUploader" runat="server" />
8. Build and deploy the solution using Visual Studio and browse to http://<<YouServerName>>/_layouts/ControlDemo/ControlDemo.aspx to see the control in action.
9. Select a file using the Browse button and then click the Upload button, to upload the file to MyPictureLibrary of the top level site.
10. Examine the MyPictureLibrary of the top level site in the current site collection to verify that your image file was uploaded successfully.
This example demonstrates how easy it can be to develop a user control, making use of Visual Studio’s design time support for developing user interface components.
Developing Custom Controls
As discussed earlier, custom controls contain only the assembly code, and the user interface elements are also emitted using the assembly code. Due to the absence of separate template mark-up code for user interface elements, no design time support is available for custom controls.
Try It Yourself: Create a Custom Control
1. To create a custom control, insert an Empty Element item in the UserAndCustomControl project that we developed in the preceding section. Name this empty element item ImageViewerCustomControl.
2. Add a new class file and call it ImageViewerCustomControl.cs, under the ImageViewerCustomControl element. Your project should now have a user control named ImageUploaderUserControl, a custom control named ImageViewerCustomControl, and an application page to test these controls, as shown in Figure 5.2.
Figure 5.2. Developing an Image Viewer custom control
3. As a first step, modify the definition of the ImageViewerCustomControl class and change it to inherit from the System.Web.UI.Control class. All the custom controls that you create should inherit from this class. In fact the user controls also derive ultimately from the System.Web.UI.Control class (the UserControl class inherits from the TemplateControl class, which ultimately extends the System.Web.UI.Control control class).
The System.Web.UI.Control class provides a number of methods that you can override to develop your user controls. Out of these the most commonly overridden method is the CreateChildControls method, which, as the name suggests, is used to insert the custom control’s child controls into its controls collection.
4. Override the CreateChildControls method to loop through the picture library and add as many ASP.NET image controls to the custom control’s control collection to render the images in the picture library. Also add the ASP.NET Panel to the controls collection of the custom control to serve as a container for these image controls. One image control is added for every picture in the picture library, as illustrated in the following code snippet:
protected override void CreateChildControls()
{
try
{
// Get root web reference
SPWeb rootWeb = SPContext.Current.Site.RootWeb;
// Get reference to MyPictureLibrary
SPPictureLibrary myPictureLibrary =
rootWeb.GetList("MyPictureLibrary")
as SPPictureLibrary;
// Add a Panel to controls collection
Panel panel = new Panel();
panel.Width = 353;
panel.BorderColor = System.Drawing.Color.Gray;
panel.BorderStyle = BorderStyle.Solid;
panel.BorderWidth = 1;
this.Controls.Add(panel);
foreach (SPListItem item in myPictureLibrary.Items)
{
// Create a new image control and set its
// image url to point to the Picture
Image image=new Image();
image.ImageUrl =Path.Combine(rootWeb.Url,item.Url);
// Add image control to the Panel's Controls Collection
panel.Controls.Add(image);
}
}
catch (Exception ex)
{
// Display any exceptions
this.Controls.Add(new LiteralControl(ex.Message));
}
}
5. Add the following Register tag in the application page (ControlDemo.aspx) to register the control on the page:
<%@ Register TagPrefix="cc"
Assembly="$SharePoint.Project.AssemblyFullName$"
Namespace="UserAndCustomControl.CustomControl" %>
6. Once registered, add the following markup code (below the user control’s section) on the page to insert the custom control in the page:
<cc:ImageViewerCustomControl ID="ImageViewer" runat="server" />
7. Build and deploy the solution using Visual Studio and navigate to the ControlsDemo.aspx application page, which should now look something like Figure 5.3.
Figure 5.3. Image Viewer Custom Control in Action
8. Test the control by uploading an image (“Hello World” in our case) using the Image Uploader user control, and verify that the same image gets displayed in the Image Viewer custom control as well. As you upload more images, additional Image controls are added to the Image Viewer custom control to render all those images on the page.
In the preceding example, notice that we did not write any template markup code to design the control’s user interface. The user interface elements were also created through the assembly code by overriding the CreateChildControls method. Also, there was no design time support when it came to developing the control’s user interface.
As a rule of thumb, you should develop user controls when the user interface is more or less static, or you need the controls to render a large number of child controls, as in the case of data entry forms containing many form fields. Custom controls are preferable in situations where you want to create dynamic user interfaces and need a lot of control-on-control rendering.
Understanding the Concept of Safe Mode Processing
In the preceding two scenarios, you tested the user and the custom control by adding them to an application page. The process for deploying these controls on master pages and site pages is also similar. You can customize the master page or a site page, add the required registration tag, and then use the control in the page. However, one important additional step is required for using the custom controls on the customized SharePoint master and site pages.
Before discussing this additional step, let’s first have a look at the concept of safe mode processing. By default, the SharePoint security model blocks execution of inline code blocks and unapproved controls in the content served from the content databases. This important security measure prevents users from inserting faulty/malicious code blocks in customized pages and also prevents them from deploying unapproved controls and web parts.
Since the customized pages are served from the content database against the file system, safe mode processing enforces restrictions on the controls that can be added to these pages. The allowed set of controls are called safe controls Therefore to use the earlier developed custom control on the site pages, you must register it as a safe control in your site’s web.config.
If you open your web applications web.config and look for the SafeControls tag, you find entries similar to Figure 5.4.
Figure 5.4. Safe control entries in web.config
To register your custom control as a safe control you can directly edit the web.config shown in Figure 5.4 and add an entry similar to the following:
<SafeControl
Assembly="[Fully Qualified Assembly Name]"
Namespace="ImageUploaderUserControlProject.ImageViewerCustomControl"
TypeName="*" />
Or, as always, you can let Visual Studio do all the work for you. Right-click the ImageViewerCustomControl element in your project and select Safe Mode Entries from the properties window. Click the Add button, as illustrated in Figure 5.5. Deploy the solution and examine the web.config again. You will find that Visual Studio added the required safe control entry into the web.config and now you are free to use the control on the customized site and master pages.
Figure 5.5. Registering a control as Safe using Visual Studio
In case you are wondering why we don’t need to do this for the user controls, examine the web.config again and look for the following safe control entry:
<SafeControl Src="~/_controltemplates/*"
IncludeSubFolders="True" Safe="True"
AllowRemoteDesigner="True"
SafeAgainstScript="True" />
As discussed earlier, the user controls are deployed to the CONTROLTEMPLATES folder under the SharePoint root (or 14 hive). Hence all the user controls are already registered as safe controls and there is no need to explicitly add a safe control entry for them.
The concept of safe mode processing is not applicable to the application pages. This is because application pages are served from the file system and not from the content database. Therefore, you can use custom controls on application pages without the need of registering them as safe controls.