Object To XML and Vice Versa using C#

Sometimes in web applications we like to save or send our data as XML to the SQL databases.
It’s mostly done when there is a large chunk of data or we like to convert our entity model objects to XML.
It makes it easier to move data from web applications to SQL database and vice versa.
Here I’ll share a code snippet to convert C# object to XML and XML to object C#.

C# Object to XML:

To convert an object to XML, we’ll make use of XmlSerializer to serialize and XmlTextWriter to output the XML string.
Here is how the code looks like :

public static string GetXMLFromObject(object o)
    StringWriter sw = new StringWriter();
    XmlTextWriter tw = null;
        XmlSerializer serializer = new XmlSerializer(o.GetType());
        tw = new XmlTextWriter(sw);
        serializer.Serialize(tw, o);
    catch (Exception ex)
        //Handle Exception Code
        if (tw != null)
    return sw.ToString();

XML to Object C# :

Similarly, to convert an XML string to object we make use of the XmlSerializer to deserialize and XmlTextReader to read the XML string.
Here is how the code to convert XML to objects looks like :

public static Object ObjectToXML(string xml, Type objectType)
    StringReader strReader = null;
    XmlSerializer serializer = null;
    XmlTextReader xmlReader = null;
    Object obj = null;
        strReader = new StringReader(xml);
        serializer = new XmlSerializer(objectType);
        xmlReader = new XmlTextReader(strReader);
        obj = serializer.Deserialize(xmlReader);
    catch (Exception exp)
        //Handle Exception Code
        if (xmlReader != null)
        if (strReader != null)
    return obj;

Calling :

Employee emp = new Employee();
emp.FirstName = "Ujjwala Datta";
emp.LastName = "Kalluri";

string xml = GetXMLFromObject(emp);
<?xml version="1.0" encoding="utf-16" ?> 
- <Employee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <FirstName>Ujjwala Datta</FirstName> 

Object obj = ObjectToXML(xml,typeof(Employee));

Regenerating SessionID in ASP.NET

Creating New ASP.NET_SessionId & Attaching Old ASP.NET_SessionId Values to New ASP.NET_SessionId

public void RegenerateSessionId()

System.Web.SessionState.SessionIDManager manager = new System.Web.SessionState.SessionIDManager();
string oldId = manager.GetSessionID(System.Web.HttpContext.Current);

string newId = manager.CreateSessionID(System.Web.HttpContext.Current);

bool isAdd = false, isRedir = false;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedir, out isAdd);

HttpApplication ctx = (HttpApplication)HttpContext.ApplicationInstance;
HttpModuleCollection mods = ctx.Modules;
System.Web.SessionState.SessionStateModule ssm = (SessionStateModule)mods.Get(“Session”);
System.Reflection.FieldInfo[] fields = ssm.GetType().GetFields(BindingFlags.NonPublic | BindingFlags.Instance);
SessionStateStoreProviderBase store = null;
System.Reflection.FieldInfo rqIdField = null, rqLockIdField = null, rqStateNotFoundField = null;
foreach (System.Reflection.FieldInfo field in fields)
if (field.Name.Equals(“_store”)) store = (SessionStateStoreProviderBase)field.GetValue(ssm);
if (field.Name.Equals(“_rqId”)) rqIdField = field;
if (field.Name.Equals(“_rqLockId”)) rqLockIdField = field;
if (field.Name.Equals(“_rqSessionStateNotFound”)) rqStateNotFoundField = field;
object lockId = rqLockIdField.GetValue(ssm);
if ((lockId != null) && (oldId != null)) store.ReleaseItemExclusive(System.Web.HttpContext.Current, oldId, lockId);
rqStateNotFoundField.SetValue(ssm, true);
rqIdField.SetValue(ssm, newId);

UZVAL – Statistics – Total Hits-22,222, Total Visitors-6623, Total Posts – 93

Six years back I started posting certain postings in this blog for learning purpose.

Today it got 22,222 hits, Total Visitors-6623, Total Posts – 93.

During this tenure I had Learned a lot & Implemented my level best, Professionally & Personally.

Today i am feeling that i had completed one life cycle.

Heartful Thanks to My Well-Wishers who had given me good opportunities.

Now we all know lot of significant CHANGES (new versions, new libraries, new frameworks) evolved in .Net Stack.

Hope TOGETHER (Integrations & Collaborations) we learn and implement NEW needful CHANGES Professionally & Personally for a better life-style & society.


Ujjwala Datta Kalluri.


If any Suggestion, please submit it below :

Getting MAC Address of Client Machine in C #

Usually MAC address is also used to keep track of the unique Identification, if IP Address are not static, Every then from same system it will generate different IP Address, so cannot be keep records for unique, unless it is Static IP.

But MAC is set in users hardware system it is easy to trace, it is also used in E-commerce website, even IRCTC uses MAC Address to traces the records to trace the number of new user per day.

A media access control address (MAC address), also called physical address, is a unique identifier assigned to network interfaces for communications on the physical network segment.

MAC addresses are used as a network address for most IEEE 802 network technologies, including Ethernet and WiFi. Logically, MAC addresses are used in the media access control protocol sublayer of the OSI reference model.
MAC addresses are most often assigned by the manufacturer of a network interface controller (NIC) and are stored in its hardware, such as the card’s read-only memory or some other firmware mechanism.

If assigned by the manufacturer, a MAC address usually encodes the manufacturer’s registered identification number and may be referred to as the burned-in address (BIA). It may also be known as an Ethernet hardware address (EHA), hardware address or physical address. This can be contrasted to a programmed address, where the host device issues commands to the NIC to use an arbitrary address.

How do I find out the MAC address of my computer? (Windows)
• Click the Start icon
• Click Control Panel
• Select Network and Internet
• Click Network and Sharing Centre
• Select Change Adapter Settings from the list on the left hand side
• You may have a separate icon for your Wireless connection, Ethernet (Wired) and a Virtual WiFi MiniPort. Each has its own MAC address.
• Right click on the connection you are trying to find the MAC address for and select Properties
• Hover your mouse over the text box underneath connect using . Your MAC address will appear in the tooltip and is made up of 12 characters e.g. 00:11:22:AA:66:DD
using System.Management;
using System.IO;

protected void Page_Load(object sender, EventArgs e)
string MacAddress = GetMACAddress();

public string GetMACAddress()
string macAddresses = “”;

foreach (System.Net.NetworkInformation.NetworkInterface nic in System.Net.NetworkInformation.NetworkInterface.GetAllNetworkInterfaces())
if (nic.OperationalStatus == System.Net.NetworkInformation.OperationalStatus.Up)
macAddresses += nic.GetPhysicalAddress().ToString();
return macAddresses;

Encryption and Decryption in C# – Data Encryption Standard (DES) Algorithm

In cryptography, Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. It requires some secret information to transform the plain text to cipher text; it is usually referred as key.

Decryption is the process of converting encrypted data back into its original form, so it can be understood

There are many modern cryptographic methods used for encryption and decryption and it is classified in to two classes of key based algorithms.

1.     Symmetric Algorithm 

a.    Same key is used for both Encryption and Decryption. The key will be kept as secret.

b.     Symmetric Ciphers is divided into Stream and Block Ciphers.

i.      Stream Ciphers – It encrypts a single bit of plain text at a time.

ii.      Block Ciphers –    It takes number of bits and encrypts them as a single unit.

2.       Asymmetric Algorithm

a.       Different key is used for Encryption and Decryption. It is also called as public Key algorithm.

b.      Encryption key is public and the Decryption key will be kept as secret.

c.       By using this asymmetric algorithm, anyone can encrypt the message by using encryption key but the message can be decrypted only by using decryption key.

3.       Hybrid Encryption – Symmetric and Asymmetric algorithm are used together and it is called as Hybrid Encryption.

Algorithm Requirements:

1.       The Key will be kept secret and should be Random.

2.       It should not be possible to find the key even if the plain text and Cipher text are known.

 Types of Symmetric Encryption Algorithm:

1.       Data Encryption Standard (DES)

2.       Triple DES (3DES)

3.       Advanced Encryption Standard (AES)

Below is the example for encryption and decryption in C# using Triple DES algorithm.

using System.IO;
using System.Security;
using System.Security.Cryptography;
Public class Program
static void Main(string[] args)
var text = “This is Plain Text”;

var encryptedText = CryptoGraphyExample.EncryptPlainTextToCipherText(text);
var decryptedText = CryptoGraphyExample.DecryptCipherTextToPlainText(encryptedText);

Console.WriteLine(“Passed Text = ” + text);
Console.WriteLine(“EncryptedText = ” + encryptedText);
Console.WriteLine(“DecryptedText = ” + decryptedText);


public class CryptoGraphyExample
/// <summary>
/// This security key should be very complex and Random for encrypting the text. This playing vital role in encrypting the text.
/// </summary>
private const string _securityKey = “MyComplexPrivateKey”;

/// <summary>
/// This method is used to convert the plain text to Encrypted/Un-Readable Text format.
/// </summary>
/// <param name=”PlainText”>Plain Text to Encrypt before transferring over the network.</param>
/// <returns>Cipher Text</returns>
public static string EncryptPlainTextToCipherText(string PlainText)
//Getting the bytes of Input String.
byte[] toEncryptedArray = UTF8Encoding.UTF8.GetBytes(PlainText);

MD5CryptoServiceProvider objMD5CryptoService = new MD5CryptoServiceProvider();

//Gettting the bytes from the Security Key and Passing it to compute the Corresponding Hash Value.
byte[] securityKeyArray = objMD5CryptoService.ComputeHash(UTF8Encoding.UTF8.GetBytes(_securityKey));

//De-allocatinng the memory after doing the Job.

var objTripleDESCryptoService = new TripleDESCryptoServiceProvider();

//Assigning the Security key to the TripleDES Service Provider.
objTripleDESCryptoService.Key = securityKeyArray;

//Mode of the Crypto service is Electronic Code Book.
objTripleDESCryptoService.Mode = CipherMode.ECB;

//Padding Mode is PKCS7 if there is any extra byte is added.
objTripleDESCryptoService.Padding = PaddingMode.PKCS7;

var objCrytpoTransform = objTripleDESCryptoService.CreateEncryptor();

//Transform the bytes array to resultArray
byte[] resultArray = objCrytpoTransform.TransformFinalBlock(toEncryptedArray, 0, toEncryptedArray.Length);

//Releasing the Memory Occupied by TripleDES Service Provider for Encryption.

//Convert and return the encrypted data/byte into string format.
return Convert.ToBase64String(resultArray, 0, resultArray.Length);

/// <summary>
/// This method is used to convert the Cipher/Encypted text to Plain Text.
/// </summary>
/// <param name=”CipherText”>Encrypted Text</param>
/// <returns>Plain/Decrypted Text</returns>
public static string DecryptCipherTextToPlainText(string CipherText)
byte[] toEncryptArray = Convert.FromBase64String(CipherText);

MD5CryptoServiceProvider objMD5CryptoService = new MD5CryptoServiceProvider();

//Gettting the bytes from the Security Key and Passing it to compute the Corresponding Hash Value.
byte[] securityKeyArray = objMD5CryptoService.ComputeHash(UTF8Encoding.UTF8.GetBytes(_securityKey));

//De-allocatinng the memory after doing the Job.

var objTripleDESCryptoService = new TripleDESCryptoServiceProvider();

//Assigning the Security key to the TripleDES Service Provider.
objTripleDESCryptoService.Key = securityKeyArray;

//Mode of the Crypto service is Electronic Code Book.
objTripleDESCryptoService.Mode = CipherMode.ECB;

//Padding Mode is PKCS7 if there is any extra byte is added.
objTripleDESCryptoService.Padding = PaddingMode.PKCS7;

var objCrytpoTransform = objTripleDESCryptoService.CreateDecryptor();

//Transform the bytes array to resultArray
byte[] resultArray = objCrytpoTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);

//Releasing the Memory Occupied by TripleDES Service Provider for Decryption.

//Convert and return the decrypted data/byte into string format.
return UTF8Encoding.UTF8.GetString(resultArray);

Handling Errors in SQL Server (Try Catch & Transactions)

During development of any application, one of the most common things we need to take care of is Exception and Error handling.

TRY…CATCH blocks are the standard approach to exception handling in modern programming languages. Use and syntax are likely the same as normal programming language. Like Exception Handling in Programming Language, we can use nested Try-Catch block in SQL Server also.

Try block will catch the error and will throw it in the Catch block. Catch block then handles the scenario.


TRANSACTIONS group a set of tasks into a single execution unit. Each transaction begins with a specific task and ends when all the tasks in the group successfully complete. If any of the tasks fails, the transaction fails. Therefore, a transaction has only two results: success or failure. Incomplete steps result in the failure of the transaction.

Users can group two or more Transact-SQL statements into a single transaction using the following statements:

  • Begin Transaction
  • Rollback Transaction
  • Commit Transaction

If anything goes wrong with any of the grouped statements, all changes need to be aborted. The process of reversing changes is called rollback in SQL Server terminology. If everything is in order with all statements within a single transaction, all changes are recorded together in the database. In SQL Server terminology, we say that these changes are committed to the database.

Example :

  @SalesPersonID INT,
  @SalesAmt MONEY = 0

      UPDATE SalesData
      SET SalesLastYear = SalesLastYear + @SalesAmt
      WHERE SalesPersonID = @SalesPersonID;

    IF @@TRANCOUNT > 0

    -- @@TRANCOUNT returns number of active Transactions,
    -- BEGIN TRANSACTION will increment the transaction count by 1 & 
    -- COMMIT TRANSACTION will decrement the transaction count by 1
    DECLARE @ErrorNumber INT = ERROR_NUMBER();
    DECLARE @ErrorLine INT = ERROR_LINE();
    DECLARE @ErrorMessage NVARCHAR(4000) = ERROR_MESSAGE();
    DECLARE @ErrorSeverity INT = ERROR_SEVERITY();
    DECLARE @ErrorState INT = ERROR_STATE();

    PRINT 'Actual error number: ' + CAST(@ErrorNumber AS VARCHAR(10));
    PRINT 'Actual line number: ' + CAST(@ErrorLine AS VARCHAR(10));

    RAISERROR(@ErrorMessage, @ErrorSeverity, @ErrorState);


Authentication using LDAP (Active Directory) for ASP.NET applications

Authentication: The process of identifying an individual, usually based on a username and password.

Generally every applications needs user authentication and we have few ways

(Forms Authentication, Windows Authentication & Passport Authentication)

to authenticate the users in web applications. Most of the intranet asp.net web applications authenticate the users against active directory by using windows user name and passwords.

The main benefit of this LDAP (lightweight directory access protocol) authentication is application users do not maintain separate user name and password for each application. Users can able to use their windows user name and password for all application.

Namespace details:

System.DirectoryServices library plays main role on this functionality, this takes the user’s user name and password and validating against windows active directory.


using System.DirectoryServices;

String adPath = “LDAP://uzval.com”;

String DomainName = “uzval”;

public bool IsAuthenticated(string adPath, string domain, string username, string pwd)


string wholeString = username;

string firstBit = wholeString.Split(‘@’)[0];

username = firstBit;

string domainAndUsername = domain + @”\” + username;

DirectoryEntry entry = new DirectoryEntry(adPath, domainAndUsername, pwd);



//Bind to the native AdsObject to force authentication.

object obj = entry.NativeObject;

DirectorySearcher search = new DirectorySearcher(entry);

search.Filter = “(SAMAccountName=” + username + “)”;



//CN or Display Name




SearchResult result = search.FindOne();

if (null == result)


return false;




Session[“ADUserID”] = string.Empty;

Session[“ADUserName”] = string.Empty;

Session[“ADuserAccountControl”] = string.Empty;

//ADUser UserId

Session[“ADUserID”] = result.Properties[“SAMAccountName”][0];

//AD UserName

Session[“ADUserName”] = result.Properties[“cn”][0];

                Session[“ADuserAccountControl”] = Convert.ToString(result.Properties[“userAccountControl”][0]);

//User Account Control values

//Allow all these ID’s to login- 512,544,4096,66048,590336,532480

//512 – Enable Account

//514 – Disable account

//544 – Account Enabled – Require user to change password at first logon

//4096 – Workstation/server

//66048 – Enabled, password never expires

//590336 – Enabled, User Cannot Change Password, Password Never Expires

//66050 – Disabled, password never expires

//262656 – Smart Card Logon Required

//532480 – Domain controller



catch (Exception ex)


return false;

//throw new Exception(“Error authenticating user. ” + ex.Message);


return true;