Project 31-A

Wayne cites a few issues which I respectfully take issue with: Source Control : the problem he cites is an issue with the Source Control that he elects to use – it does not occur with all source control systems. Deployment: this is again an issue tied to the tools (or lack of tools) that you are using.  I believe MSDeploy eliminates most of these issues. Security : This issue was not addressed, and having TSQL, especially with MVC creates a much higher risk of vulnerability. True, using parameterized reduces it – but if you are working with a team of any size, this will not be enforced across all code without a lot of effort. It’s easy to scan a project and detect if any command is set to text instead of stored procedure (SP). Normalization of Code : By this I mean that there is just one occurrence of code to get data from the database, an SP. This code may occur in many places in the C# code. Each instance would be coded individually (in differ...

Telerik’s JustCode (downloadable from http://www.telerik.com/products/justcode.aspx ) has been making my productivity day. I often work with large projects that often results in my heading off for a Latte while a full build runs. I come back and then proceed to fix errors and modify some more code, and repeat the cycle.   JustCode does continuous analysis so I often see in the bottom tool bar “3 errors” which if clicked, brings up the list of existing errors without having to do a recompile . In fact, it catches some errors that MSBuild does not catch and will only be obvious when executing code breaks.   It’s even sweeter because if speaks JavaScript!  If you have a Telerik subscription and have not installed it, I would recommend that you do.  It’s only getting sweeter on each build …

Over the 16 years I have been using SQL Server, I go hot and cold about the usefulness of stored procedures.  For a while I hated them and didn’t have anything to do with them, then I got in the habit of using them everywhere.  At this point in my personnel best practices, I have turned against them again.   Here is why: Source Control It is harder to check in stored procedures into source control than checking in C# source.  Instead of stored procedures, I’m using inline parameterized queries in my C# code.  Either in the model (MVC) or in the business object layer. I can check the code in to source control and that checks in the Transact-SQL statements that are in the code – all in one revision of the source control. Deploying Having the Transact-SQL inline  also makes deploying the code easier.  Instead of deploying stored procedures and matching web site code, I just need to deploy the ASP.NET code and the complied assemblies (for the ...

Today I looked at some code and saw (from an alleged experienced developer) WCF binding puts in a .xml file in the root of a web application instead of web.config. When I just starting to ramp up on C#, I did similar things until I learnt how to define and create new sections in .config files (see  http://www.codeproject.com/KB/cs/CustomConfigurationSectio.aspx if you are missing this skill ).   In this case, there was no need to create new configuration sections – it’s there automatically, Furthermore, http://msdn.microsoft.com/en-us/library/cc949012.aspx walks you through how to do it – so the standards are there.   Anyone who is security aware, knows that .xml file in the root are easily fished for and retrieved by hackers. While it is possible to protect them by changing IIS settings, that is, IMHO, rarely a robust solution and subject to breaks (and thus security exposure). WCF bindings, especially to an isolated system are prize material for hackers and at...

I am running the SQL Azure Migration Wizard v3.2 on my 15 year old SQL Server 2005 database in order to transfer it to SQL Azure.  As it ran it outputted these two errors:   UPDATETEXT is not supported in current version of SQL Azure TEXTPTR is not supported in current version of SQL Azure   When the wizard tried to script this stored procedure: ALTER PROCEDURE [dbo].[AppendToAreaText] ( @Area_Id int , @Area_Text text ) AS DECLARE @ptrval binary (16) SELECT @ptrval = TEXTPTR(Area_Text) FROM Area WHERE Area_Id = @Area_Id IF (@ptrval IS NULL ) UPDATE Area SET Area_Text = @Area_Text WHERE Area_Id = @Area_Id ELSE UPDATETEXT Area.Area_Text @ptrval NULL 0 @Area_Text The stored procedure sets the Area_Text to the incoming text if the column is currently null or concatenate the text onto the text in the column (saving the all the text) back into the column.   Doing some research and I came upon ...

I found the SQL Azure Migration Wizard v3.2 on CodePlex and I am excited to use it.  I was looking for a one-click solution to get my 15 year-old database running on SQL Server 2005 database onto SQL Azure.  I wanted to run the tool on the database server itself; the server is in a colocation facility with a fast pipe to the Internet.  It would make the transfer faster running it right off the SQL Server to SQL Azure. The Story However, after I downloaded  the Migration Wizard I got this error:   Could not load file or assembly 'Microsoft.SqlServer.ConnectionInfo, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91' or one of its dependencies.   I realize that it requires SQL Server 2008 SQL Management Objects (SMO).   Because I am running SQL Server 2005, version 10 of that assembly wasn’t on my box all I had was version 9.X.X.X.  The easiest way to get it was to install SQL Server 2008 Management Studio Expre...

For sometime I have been been meaning to move my 15 year old web site to offsite hosting.  Currently it is hosted on a dedicated server running Windows 2003 and SQL Server 2005.  One of the issues is that over the years I haven't really put much time in to maintaining the technology.  I did upgrade from classic ASP to ASP.NET and did redo some of the pages in ASP MVC.  Lately as the site has slowed I have done some performance optimization in SQL Server like query optimization and index building.  However, it is still running SQL Server 2005.  When I heard about SQL Azure at the PDC two years ago I knew this is where I want to go.  However, I was waiting for R2 of SQL Server 2008 to make migrating a little easier.  In summary there is always an excuse.  So today I thought I would get started and see how far I could get before getting stuck.   “The first thing I learned is that you need to update your database level.”   S...