Friday, March 30, 2007

 

Jazz Up Your Posts with Public Domain Art!

There are several sites that offer free, public domain images that you can use on your blog or in your powerpoint presentations.

Public domain image resources: a list of public domain image resources.

stock.xchng: free photo site. Great for Powerpoint presentations, especially if you’ve read Cliff Atkinson’s book, “Beyond Bullet Points”.

http://www.openclipart.org/: a collection of icons.

Wednesday, March 28, 2007

 

More Practical .NET 2.0 and C#

I mentioned Practical .NET2 and C#2 by Patrick Smacchia a few posts back and somehow I missed this site www.practicaldot.net. Not only does it contain glowing recommendations from some of the software industry's well known names, but also a downloadable copy of all 647 code examples from the book and several sample chapters!

This is one of those books you need 2 copies of, one for work and one for home.

Monday, March 26, 2007

 

Updated Overview of Visual Basic 9.0

Saw this via Bill McCarthy's blog: a recent update to the VB 9.0 documents.

 

Code Snippets

Nick followed up on my C# snippet post with a nice piece about using code snippets in Visual Studio 2005 and using a snippet editor to create and share your own code snippets. His post reminded me that I had forgotten to mention that to use that snippet you will need to add a “using System.Data.SqlClient;” and System.Data to your references.

Nick mentioned the VB.NET version of the code snippets editor; you can download Snippy, a Visual Studio C# Snippet Editor from GotDotNet (soon to disappear; come on Microsoft, I’m sure it wouldn’t break the bank to keep this running. I ask myself if Google would close down a similar site…) [BTW, Brian Madsen one of our other Perth MVP’s loves VB.NET with a passion. He is going to kill me for saying that :)… ]

I was also going to recommended having a look at the gotcodesnippets.com site but the second C# snippet I looked at was flawed: don’t use the singleton that is posted there. It’s not thread safe. Use this one instead: C# Singleton Best Practice. The gotcodesnippets site could be improved by having some sort of comment or peer review voting system (similar to regexlib, for example), otherwise it is in danger of spreading incorrect information. I suppose this is always the danger with such open sites. I’m sure there are many useful snippets there; just don’t go using them without checking first. One nice feature is that the site is RSS enabled so you can be notified of new code snippet uploads.

Saturday, March 24, 2007

 

Free Developer E-Learning

 

Branching Guidance for Team Foundation Server

Jeff Beehler has announced the initial release of Branching guidance for Team Foundation Server:

“While the product documentation will tell you how each of our tools works, it
doesn't provide insight into the best practice usage of each. The guidance
that we recently released attempts to fill that gap in the area of version
control and how to best work with branches. ... what you'll read in this
guidance isn't some theoretical description of how things should work in a
perfect world but instead has been pressure tested and proved to be effective
through actual TFS projects. In fact, you'll find examples pulled directly
from our own teams experiences as well. ”

I found it interesting that they appear to have moved away from what I assumed was the industry standard terminology of ‘trunk’ to ‘main’. Much of the advice is familiar. The few differences I suspect are down to working in very large teams (> 100 developers). This is a work in progress, and I’m sure a few changes will be made to it…

The best source of advice on branching and merging that I have come across to date is the free online book Version Control with Subversion. I wonder if the authors read this?

 

C# Code Snippet: Read Data from Stored Procedure

I love clear, concise, easy to read code. Here’s a fairly minimalist .NET 2.0 code snippet to read data using a stored procedure that is hopefully all those things. It makes use of the using statement which guarantees that resources held by types that implement IDisposable will be released even if an exception is thrown (using is syntactic sugar for an enclosing try/catch/finally loop):

// Execute a stored proc to read data
using (SqlConnection conn = new SqlConnection(this.connectionString))
{
    using (SqlCommand cmd = conn.CreateCommand())
    {
        cmd.CommandText = "ProcName";
        cmd.CommandType = CommandType.StoredProcedure;
 
        // Add any input Params...
        cmd.Parameters.AddWithValue("@SomeIDParam", myID);
 
        conn.Open();
 
        // Assuming Stored Proc returns a set of records...
        using (SqlDataReader rdr = cmd.ExecuteReader(CommandBehavior.CloseConnection))
        {
            while (rdr.Read())
            {
                // do something with each rdr row ... 
            }
        }
 
        // OR alternatively, 
        // if your proc returns a single valued result (e.g. an image)
        // (i.e. query of the form "SELECT imgColumnName FROM Table WHERE ID= ?"
        // byte[] img = (byte[])cmd.ExecuteScalar();  
    }
}

Thursday, March 22, 2007

 

Source Code Highlighting for Blogger Posts: CopySourceAsHTML

If you have read any of my blog posts that contain C# source code, you will have no doubt noticed the varied, or lack of indentation! It wasn't intentional. I've actually sat down and tried to post entries with lots of source code and then given up in frustration.

I've been using CopySourceAsHTML 2.0, a great little add-in for Visual Studio 2005, for some time but Blogger would lose the indentation when I swapped between the HTML and compose views. I played around with it for a bit today and found settings that seem to work:

I also tried turning off "Embed styles" and placing the small amount of required CSS into the blog template, but I had no luck getting this to work. Let's just say I'm not the world's greatest CSS wizard (Lvl 1, AC10, small kitten...).

CopySourceAsHTML made it into James Avery's must read MSDN article "Ten Essential Tools: Visual Studio Add-Ins Every Developer Should Download Now".

I also came across Jean-Claude Manoli's Code Format Tool which does the job nicely but misses out on the 'Teal' Type colouring that you get from CopySourceAsHTML. It's worth downloading his lean source code for a peek; a very nice piece of coding. Doug Rohm posted a syntax colouring round-up here.


 

SQL Server 2005 Security: Operational Best Practices

Bob Beauchemin's SQL Server 2005 Security Best Practices - Operational and Administrative Tasks whitepaper is up on the Technet website:
"This white paper covers some of the operational and administrative tasks
associated with SQL Server 2005 security and enumerates best practices and
operational and administrative tasks that will result in a more secure SQL
Server system. Each topic describes a feature and best practices."

Wednesday, March 21, 2007

 

T-SQL Helper Table Utilities

Over at Red Gate's Simple-Talk blog, Robyn Page and 'Phil Factor' have a nice article on using a helper table of numbers to convert some common T-SQL iterative tasks to set-based operations:
  • Splitting Strings into table-rows, based on a specified delimiter
  • Encoding and decoding a string
  • Substituting values into a string
  • Extracting individual words from a string into a table
  • Extracting all the numbers in a string into a table
  • Removing all text between delimiters
  • Scrabble score
  • Moving averages
  • Getting the 'Week beginning' date in a table
  • Calculating the number of working days between dates
Rob Farley is a bit of a demon with a table of numbers; I wonder if knows any more of these? Rob?

Tuesday, March 20, 2007

 

Attachment Detachment!

Ken Getz is no slouch when it comes to coding. The “Access Developers Handbook” series by Litwin/Getz/Gilbert was a classic. Few books covered the material so well or as comprehensively. I just pulled my Access 97 version down from the bookshelf. Ah, Access we had some good times! Right, that’s enough reminiscing!

It’s therefore reassuring to discover that developers of Ken’s stature occasionally make the same kinds of mistakes as the rest of us! As testament to the fact that the .NET framework is, in the words of Michael Palin as the chaplain in ‘Monty Python’s The Meaning of Life’, “…so very, very Huge! ..”, Ken posted this article.

Ken’s advice is worth heeding:

“A word to the wise: If you find yourself writing .NET code which seems like it
sure as heck ought to have been included in the Framework, take a few seconds
and try to convince yourself that it's not.”

 

Test Your Apps for SQL Injection Attacks

Do you test your applications for SQL injection vulnerabilities? I came across a nice round-up of possible attacks here: SQL Injection Cheat Sheet It has a nice reference section.

About a year and half ago, I was going to submit some of my photographs to a stock library based in Queensland, Australia, and on a whim I decided to try a very basic SQL injection to see how secure this site would be with my financial details. It didn't pass! I contacted the owner/maintainer and told him about the problem. One year later, I checked back to see if it had been fixed. It had not. Needless to say, I don't list any photos with them!

Sunday, March 18, 2007

 

NDepend2

NDepend is a static code analysis tool that can provide you with some surprising insights into your code. Scott Hanselmann did a podcast and blogged about this tool recently, and when Scott waxes lyrical about something I sit up and take note. I played around with tool in its earlier incarnation some time ago, but didn’t fully ‘grok’ it, as I didn’t persevere over the 15 – 30 minutes ‘hump’ with the excellent tutorials (it’s only 5 – 10 minutes for Scott, apparently. Damn those Hanselmann clones!) It complements FxCop’s functionality and it can be similarly incorporated into your automated build process. Don’t take my word for it, go and download the free trial version and work through all 6 tutorials at least twice.

So what can NDepend be used for? Getting familiar with an existing, large codebase, gathering all kinds of metrics with a view to refactoring and improving existing code.

It can give you the 100ft view of a large and complex code base, but at the same time allows you to analyse and pinpoint a problem and then drill-down right to the code. If I remember correctly, I think Scott said it was Reflector on Steroids, but then so much more! It uses some pretty clever visualization techniques to convey code metric information.

I’m going to blog about NDepend2 in a bit more detail presently. In fact, I’m thinking it would make a great .NET User Group session…

 

Practical .NET 2 and C#

Practical .NET2 and C#2 by Patrick Smacchia

Even though this book was released over a year ago, and the .NET framework 3.0 has been released since then (but it’s really just the .NET framework 2.0 with the WPF + WCF additions), it is still relevant and one of the best in this subject area.

Several of the Amazon reviews comment on the fact that the English in the book is a little hard to follow in one or two places. Frankly, I am amazed this got past an editor. This aside, it’s a great book. It covers just about everything you need to know about the new features and how to put them to practical use.

There is a Code Project article listing the new features in .NET 2.0, also written by Patrick, that is well worth checking out. Patrick Smacchia is the developer behind NDepend2, probably the most amazing tool to hit the Microsoft landscape since the release of the .NET framework.

Thursday, March 15, 2007

 

TODO or not TODO

Just read "//TODO: Uncomment Later" over at the newly renamed "DailyWTF" (it's now called Worse Than Failure, and while I understand Alex's motivation for the name change, I think the original was better...) . It got me thinking; as part of the build process, do you have a task that checks for any TODO comments? (You do use TODO comments, right?) In addition, check out the comments to that post: I love the wolves story, classic!

That post got me thinking, as part of the TODO comment checking task we should also check for commented out code lines. I deplore seeing commented out code that developers have left in the codebase; it's a warning sign that something smells. That's what Source Control is for! The only time leaving commented out code is acceptable is to indicate that it shouldn't be done that way WITH an associated clear and explanatory comment.

When I program against the .NET Framework, I'm happy swapping between C# and VB.NET, although I must confess a preference for C#, having spent many years programming in C. It occurred to me that it would be slightly easier to check for commented out code (without using System.CodeDom) by checking for lines that contain "\\" and ";" or "{" or "}". OK, it might match a few false positives. What are your thoughts on this?...

Wednesday, March 14, 2007

 

Structuring Projects for Team Foundation Server

J.D. Meier has a nice post up on how to structure projects for Team Foundation Server here. He's also asking for real world practices you use on your project as feedback to incorporate into the patterns and practices guidance.

Tuesday, March 13, 2007

 

Crowds, Screws and Software

I’ve recently been reading “The Wisdom of Crowds” by James Surowiecki. It’s a well written, easy to read, intriguing and thought provoking book. It doesn’t contain any heavy mathematics; in fact it contains no mathematics at all, so should be accessible to the widest audience. I would definitely recommended reading this book.

The ‘wisdom of crowds’ refers to collective intelligence, namely how it is possible for a crowd to pick a solution which is better than a corresponding one made by an expert: “when our imperfect judgments are aggregated in the right way, our collective intelligence is often excellent”.

The wide variety of complex problems upon which collective intelligence can be brought to bear, is broken into 3 problem groups: cognition, coordination and cooperation. Cognition problems are defined as those that have or will have a definite solution, such as “Where would be the best place to build this new road?”. Coordination problems require members of a group to determine how to coordinate their behavior with each other, such as buyers and sellers trading at a fair price. Cooperation problems involve getting self-interested, possibly distrustful people to work together, even when self-interest would seem to imply no benefit from taking part, such as paying taxes.

One of the key concepts discussed is the ‘Information Cascade’, a situation where people make a decision based more on the decisions being made around them rather on their own private information, the outcome of which is not always beneficial. I loved the story of one such example, plank-road fever (pg 51)!

[The human brain can be viewed as a crowd; perhaps that’s why when you become expert in a particular field, you can become better still by learning about other fields. Diverse perspectives are more likely to come up with something new, but I digress…]

I came across an example of an information cascade that centers on the humble screw in 1860s America, which was vaguely reminiscent of the ongoing changes we have seen in software development over the last 30 - 40 years. Back in the 1860s, when the machine-tool industry was a rough analogy to the technology industry in the 1990s, screws were individually hand-made by machinists. In the absence of national or industry standards, when a nut or bolt was damaged or lost, either a new one would have to be hand crafted or a replacement sent for from the original builder. This obviously severely limited the possibility of mass-production, and as James notes, it also enabled individual machinists to protect their way of life. As a customer, if you have a reliance on something that is custom made, then you are locked in to that supplier. Here’s the line that resonated with me in terms of the software development industry: “But if the screws became interchangeable, customers would need the craftsman less and would worry about the price more”.

William Sellers, a respected machinist of his era, believed that mass production was inevitable. Over a period of approximately 6 years he designed and promoted a standardized screw that was easier, faster and cheaper to produce than any other. Each new customer he secured meant it more likely that others would follow suite, based on the experience of the predecessors.

James sums up an information cascade as follows: “In a cascade, people’s decisions are not made independently, but are profoundly influenced – in some cases, even determined – by those around them.”

Monday, March 12, 2007

 

Another Visual Studio Tip

Several months ago, a colleague was editing a file in Visual Studio 2003 and said “...it would be great if you could select a block of text by columns...”. He was therefore a little surprised when I mentioned that you have been able to do this since around version 4 of what was then called Visual C++! If you hold down the ALT key whilst right-click dragging a selection you can select a rectangular block of text. (Ok, I know most people will already know this, but just in case…)

Friday, March 09, 2007

 

Cool Commands for Visual Studio 2005

I have been using Omer van Kloeten’s Copy/Paste Visual Studio project references between projects for a while and noticed that he had updated his blog to point at another set of add-ins for Visual Studio 2005 that do this and much more. Gaston Milano’s CoolCommands are simply great. If you are not already using them, go and get them from here. You won't regret it!

Sunday, March 04, 2007

 

Passwords, Passwords, Passwords

Think you don’t need to secure that router? Think again: Default Password List.
I was talking to Nick Randolph (whose been busy updating the Perth .NET User Group web site, more news to follow) and was reminded about the topic of passwords, hence the post.

Saturday, March 03, 2007

 

Visual Studio IDE Tip

Every so often you come across something so useful, so fundamental, that you find it hard to believe you did not know about it! Yesterday was one of those days. I have access to an A3 colour printer where I'm working, so I printed out the Visual Studio 2005 Cheat Sheet that I mentioned recently. I'm making an effort to increase my productivity using the IDE, so in a moment's reflection I thought I'd have a look to see if there was anything useful that I was not using regularly.

If you paste text using CTRL + SHFT + V, you can cycle through all the entries on the clipboard ring! It means you can do multiple copies of different text then move to another location and have access to them all without jumping to and fro.

I'm assuming I'm probably the last to know about this, but just in case I'm not...

    

Powered by Blogger