Serialization (serialization)
The object's state information into the form can be stored or transmitted process. In the sequence of the period, the object of its current state is written to the temporary or permanent storage area. Later, you can read from the storage area or the state to deserialize the object, re-create the object.
Serialization so that other code can view or modify the sequence of those who do not will not be able to access the object instance data. Rather, the code execution serialization need special permissions: that specified SerializationFormatter logo SecurityPermission. In the default strategy, through the Internet to download the code or Intranet code does not grant the authority; only the local computer, the code was only given this permission.
Typically, the object instances of all fields will be serialized, which means that data will be expressed as an instance of the sequence of data. In this way, be able to explain the format of the code may be able to determine the value of these data does not depend on the member's accessibility. Similarly, deserialize serialized representation from the extracted data, and directly set the object state, which has nothing to do with the accessibility rules.
For any that may contain important security data object, if possible, should make the object can not be serialized. If it must be serializable, please try to generate a specific field to save important data can not be serialized. If you can not achieve this, they should note that the data will be open to anyone with a code for serialization rights, and to ensure that no malicious code to obtain the permission.
. NET Framework provides two serialization technologies:
* Binary serialization to maintain type fidelity, which is essential for the application between the different calls to retain the state of the object is useful. For example, by the object serialization to the clipboard can be shared among different applications objects. You can use object serialization to a stream, disk, memory, and network and so on. Remoting serialization "by value" in the computer or application to pass objects between domains.
* XML serialization only serializes public properties and fields, and does not maintain the type of fidelity. When you want to provide or use the data without restricting the use of the data applications, this point is very useful. Because XML is an open standard, therefore, to share data through the Web, this is a good choice. SOAP is also an open standard, which makes it has also become an attractive option.
The following is an example of serialization: Adapted from MSDN
The program runs in the Console application procedures:
using System;
using System.IO;
using System.Collections.Generic;
using System.Text;
using System.Xml;
using System.Xml.Serialization;
namespace Microsoft.Samples.CustomOrder
(
public class OrderedClass
(
private int field1;
private string field2;
private string field3;
[XmlElement (Order = 3)]
public string Field3
(
get (return field3;)
set (field3 = value;)
)
[XmlElement (Order = 1)]
public int Field1
(
get (return field1;)
set (field1 = value;)
)
[XmlElement (Order = 2)]
public string Field2
(
get (return field2;)
set (field2 = value;)
)
public OrderedClass ()
(
field1 = 1;
field2 = "String1";
field3 = "String2";
)
)
public class UnorderedClass
(
private int field1;
private string field2;
private string field3;
public string Field3
(
get (return field3;)
set (field3 = value;)
)
public int Field1
(
get (return field1;)
set (field1 = value;)
)
public string Field2
(
get (return field2;)
set (field2 = value;)
)
public UnorderedClass ()
(
field1 = 1;
field2 = "String1";
field3 = "String2";
)
)
static class Program
(
static void Main ()
(
UnorderedClass unordered = new UnorderedClass ();
OrderedClass ordered = new OrderedClass ();
XmlSerializer unorderedSerializer =
new XmlSerializer (typeof (UnorderedClass));
XmlSerializer orderedSerializer =
new XmlSerializer (typeof (OrderedClass));
Console.WriteLine ( "Unordered serialization: \ n");
unorderedSerializer.Serialize (Console.Out, unordered);
Console.WriteLine ( "\ n \ nOrdered serialization: \ n");
orderedSerializer.Serialize (Console.Out, ordered);
Console.ReadLine ();
)
)
)
The object's state information into the form can be stored or transmitted process. In the sequence of the period, the object of its current state is written to the temporary or permanent storage area. Later, you can read from the storage area or the state to deserialize the object, re-create the object.
Serialization so that other code can view or modify the sequence of those who do not will not be able to access the object instance data. Rather, the code execution serialization need special permissions: that specified SerializationFormatter logo SecurityPermission. In the default strategy, through the Internet to download the code or Intranet code does not grant the authority; only the local computer, the code was only given this permission.
Typically, the object instances of all fields will be serialized, which means that data will be expressed as an instance of the sequence of data. In this way, be able to explain the format of the code may be able to determine the value of these data does not depend on the member's accessibility. Similarly, deserialize serialized representation from the extracted data, and directly set the object state, which has nothing to do with the accessibility rules.
For any that may contain important security data object, if possible, should make the object can not be serialized. If it must be serializable, please try to generate a specific field to save important data can not be serialized. If you can not achieve this, they should note that the data will be open to anyone with a code for serialization rights, and to ensure that no malicious code to obtain the permission.
. NET Framework provides two serialization technologies:
* Binary serialization to maintain type fidelity, which is essential for the application between the different calls to retain the state of the object is useful. For example, by the object serialization to the clipboard can be shared among different applications objects. You can use object serialization to a stream, disk, memory, and network and so on. Remoting serialization "by value" in the computer or application to pass objects between domains.
* XML serialization only serializes public properties and fields, and does not maintain the type of fidelity. When you want to provide or use the data without restricting the use of the data applications, this point is very useful. Because XML is an open standard, therefore, to share data through the Web, this is a good choice. SOAP is also an open standard, which makes it has also become an attractive option.
The following is an example of serialization: Adapted from MSDN
The program runs in the Console application procedures:
using System;
using System.IO;
using System.Collections.Generic;
using System.Text;
using System.Xml;
using System.Xml.Serialization;
namespace Microsoft.Samples.CustomOrder
(
public class OrderedClass
(
private int field1;
private string field2;
private string field3;
[XmlElement (Order = 3)]
public string Field3
(
get (return field3;)
set (field3 = value;)
)
[XmlElement (Order = 1)]
public int Field1
(
get (return field1;)
set (field1 = value;)
)
[XmlElement (Order = 2)]
public string Field2
(
get (return field2;)
set (field2 = value;)
)
public OrderedClass ()
(
field1 = 1;
field2 = "String1";
field3 = "String2";
)
)
public class UnorderedClass
(
private int field1;
private string field2;
private string field3;
public string Field3
(
get (return field3;)
set (field3 = value;)
)
public int Field1
(
get (return field1;)
set (field1 = value;)
)
public string Field2
(
get (return field2;)
set (field2 = value;)
)
public UnorderedClass ()
(
field1 = 1;
field2 = "String1";
field3 = "String2";
)
)
static class Program
(
static void Main ()
(
UnorderedClass unordered = new UnorderedClass ();
OrderedClass ordered = new OrderedClass ();
XmlSerializer unorderedSerializer =
new XmlSerializer (typeof (UnorderedClass));
XmlSerializer orderedSerializer =
new XmlSerializer (typeof (OrderedClass));
Console.WriteLine ( "Unordered serialization: \ n");
unorderedSerializer.Serialize (Console.Out, unordered);
Console.WriteLine ( "\ n \ nOrdered serialization: \ n");
orderedSerializer.Serialize (Console.Out, ordered);
Console.ReadLine ();
)
)
)