Introduction

The purpose of this document is to assist beginning and experienced ASP developers in the creation of efficient ASP pages. While a wealth of information can be found on the Internet, many tips and code samples simply attempt to answer a question or solve a task at hand. An ASP developer must take that information and determine not only how the answer works on their site, but also take into consideration how a technique scales under real world conditions.

By reviewing the best practices mentioned in this document ASP applications can be made more efficient. It should be noted that this document makes generalizations. Certain practices may need to be ignored depending on the specific needs of a website.

ASP Coding Style

• Always use "Option Explicit" as the first statement in any ASP page. This will force variables to be declared and catch any misspelled variables. Use of "Option Explicit" will also increase the speed in which pages are processed.
  
  
• Use good coding style.
  • Indent blocks of code.
  • Use blank lines (white space) around blocks.
  • Use comments in all code even if it is obvious
  
  
  
• Put ASP delimiters in the left hand margin to make code blocks easy to spot.
  
  
• Combine multiple "Response.Write" lines into one larger single statement whenever possible.
  
  
• Arrays are always faster and more efficient than other storage methods and use less memory than dictionary objects or collections.
  
  
• Avoid context switching such as switching between ASP and HTML or switching between VBscript and Jscript on the same page.
  
  
• Never assume data returned in the browser is correct. If accessing a database make sure to look in the database and compare the results to what is actually there.
  
  
• Use "white space" and indent the code to make it more readable to the human eye.
  
  
• Use "Server.Transfer" or "Server.Execute" rather than "Response.Redirect". The response object generates a client side redirection header while the others perform server side redirection.
  
  

Use File Extensions Properly

Since the server compiles ASP files any scripting code or sensitive information should always be in an ASP file. Non-ASP files can be viewed in a browser as text. With this in mind, all include files (*.inc) should be renamed to ASP files. There is nothing more embarrassing than having your connection string and passwords viewed by others in plain text in a browser. If you are lucky a little embarrassment will be the only problem.

If a file does not have a server side scripts or code it should be given an HTM extension. This will tell the server the file is ready to send and calls to ISAPI will be skipped saving some time.

Remove all old files on the website. Old files, especially LOG files can provide information for hackers. Old FTP log files are great sources of system information and should be removed

Do Not Use Session Variables Unless Necessary

Sessions should be avoided. Alternatives to Session variables are hidden tags in forms, cookies, and the use of querystrings.

Sessions can fail when certain proxy servers are used. If your clients will visit the site via a proxy server the pages should be tested using that proxy server. Sometimes this cannot be done since many ISP's send their customers t hrough their own proxy server.

Bookmarking can be a problem if session variables are used. Be sure to code for bookmarked pages if the page needs prior information.

Since sessions have thread affinity they have processor affinity. Once a session is attached to a specific CPU, CPU utilization can become unbalanced. This defeats the load balancing provided by IIS. Sessions use resources such as memory. The more variables implanted into sessions the more memory required for your site.

Most Important ASP Tips

• Always Use "Option Explicit".
• Comment All Code Liberally.
• Use White Space Liberally.
• Avoid Using Session Variables When Possible.
• Use Includes In Moderation.
• Put All Code In ASP Files.
• Never Assume Data Returned Is Correct.