Do you know how the Dot Net mechanism stores your object in memory? I don't know! But we should know how to store the content of an object into a file (in the simplest form) or transfer the object between a network, passing an object from one domain to another, sending the object to a remote application by means of a Web Service, Rest, and so on. To do more security you should convert the content into the different format and after the operation re-convert it to the same format. This operation is called Serialization. Sterilization in an operation defined in Dot Net, it's all about transforming the state of an object into serial data like XML, binary or another format and restores or recreate it when needed (this recreation operand is deserialization).
Note: writing the plain text into a file or transferring it is so dangerous, that's because we serial the content to make it more secure.
Let's take an example, in Dot Net the namespace System.Runtime.Serialization contains some members to do this. I'm just going to make an example on writing content and serializing it into a file because it is the simplest one!
Create a class with this definition:
[Serializable]
public class Content : ISerializable
{
public string Name { get; set; }
public DateTime DateTime { get; set; }
public Content()
{
}
public void GetObjectData(SerializationInfo info, StreamingContext context)
{
info.AddValue("Ehsan", Name);
info.AddValue("10/18/2013", DateTime);
}
}
Iserializable interface is for controlling the serialization process and if you want to serialize a content you must apply the Serializable attribute. You can see the controlling the serialization in GetObjectData().
Now add the Serialize and Deserialize methods to complete the operation
public class Presentaion
{
public static void Serialize()
{
var content = new Content {Name = "Ehsan", DateTime = DateTime.Now};
Stream stream = File.Open("MyFile", FileMode.Create);
var binaryFormatter = new BinaryFormatter(); //System.Runtime.Serialization
binaryFormatter.Serialize(stream,content);
}
public static void Deserialize()
{
var content = new Content();
Stream stream = File.Open("MyFile", FileMode.Open);
var binaryFormatter = new BinaryFormatter();
content = (Content) binaryFormatter.Deserialize(stream);
stream.Close();
//Operation on content
}
}
I just create the file, serialized the content in Serialize() and then de-serialized it in Deserialize().
there are some notes about serialization you should know about:
- It is important to note that the Serializable attribute cannot be inherited.
- serialization cannot be added to a class after it has been compiled.
- It is important to use properties, which have the get and set keywords, in this sort of serialization code.