You can store the values in the system registry:

Getting a Key:

// This will create the key if it does not exist.
String keyPath = "Sofware\Foo\Bar";  // use "Software\Company\App" or similar
RegistryKey appKey = Registry.CurrentUser.CreateSubKey(keyPath);

Saving a value:

String config = "SomeConfigurationValue";
appKey.SetValue("ConfigString", config);

Loading a value:

String config = (string)appKey.GetValue("ConfigString", "Default Value");

If I used a database anyway, I'd probably add a table in there and store them, otherwise I think I'd go with an XML file of some sort, I'd be relucant to add the extra complexity of a DB for just a few settings.
With either of those solution you could easily add more settings (older applications would just ignore them) as well as specify the datatype (as an attribute in the XML).

Just to make sure I understand

Requirements: 1. Store user specific settings for your application in a file or in a database 2. From time to time, you may add additional properties.

Is this web based? win forms?, wcf?

My initial thought is to include a version number when persisting.

Each time you update the settings class, create a new settings class that inherits from the last version. Add your new properties and update the version number.

Storage: In a DB, two fields: 1- version 2- serialized settings data. In a file, two entries 1- version 2- serialized settings data.

When serializing, make sure to include the settings class version number.

When deserializing, use a Factory to retrieve the correct version of the settings class.

One thing to keep in mind is that you would have to account for older settings instances in your application.

If you add a "Background Color" property today, none of the settings files from before today will have access to it. You'll need to ensure the application can handle that situation.

So if the Factory finds an older version of the settings class, it can use the saved data to create the newest version of the class and fill the new properties with default values.

Good Luck,

Patrick

The simpliest, effective and most flexible approach is to create a class, add settings, then serialize/deserialize when needed. This source code for the class can be reused in other assemblies, and persistence can be anywhere. Make sure this class knows how to serialize/deserialize itself because of your security requirement. This ensures the implementation stays with the class. Then the calling assembly just needs to create the object by calling a static/shared method.

This gives you strongly-typed settings, versioning, ability to add new settings, and even complex data types (other classes). This object can even be passed to other objects as arguments, and since it supports serialization, it is very flexible.

Example

See How-To (Object Class => Binary Serialization => To Memory => Encrypt => Save to File) at http://social.msdn.microsoft.com/forums/en-US/netfxremoting/thread/68c200c2-4aa4-48dc-95be-6fe077fd10f4/

Reference

• Version Tolerant Serialization at http://msdn.microsoft.com/en-us/library/ms229752(VS.80).aspx

• ISerializable Interface at http://msdn.microsoft.com/en-us/library/system.runtime.serialization.iserializable.aspx

• Isolated Storage at http://msdn.microsoft.com/en-us/library/3ak841sy.aspx

• Cryptographic Tasks at http://msdn.microsoft.com/en-us/library/7yx4d854.aspx

why don't you just put them in the app.config? (or web.config)

Use an application/web config file, and use the ConfigurationManager.AppSettings[configurationItemName] method. (in System.Configuration)