Unidev .NET Technology Blog

The past few weeks have been challenging in an interesting and fun way. We are on track to release version 2.6 of our Content Management System and finally decided it was time to overhaul our security framework. We are moving from a simple role based architecture to a framework that supports the following:

• Roles
• Permissions
• Ability to assign Permissions to Roles
• Ability to assign Supplemental Permissions to Users external of Roles
• Ability to assign Roles to Users
• Ability to grant/deny access down to the control level
• Reverse capability of locking individual elements down by assigning Roles/Permissions to user created elements

In working on this there have been LOTS of questions as you can imagine. Here are a few resources I found useful and/or interesting while working on this implementation.

• I am a regular reader of the .NET Security Blog and found the CAS and CLR discussions pertaining to .NET 4 interesting.
• I found a nice way to get a flattened hierarchy of controls on a page over at the Vault of Thoughts. We implemented something similar but with a few additions.
• Here is a good read on general role based security.

Derek Bemis

 By Allan Sieker

If you want to learn something from one of the best, please check out Clint Edmonson’s web site where you can download free coding standards for both VB and C#.  I worked with Clint at AB and I must say that he is one sharp guy.  I am sure he raised Microsoft’s collective talent a few notches when he joined them.  Be sure to look him up at the St. Louis “Day of .NET” Conference in August.

Shifting gears from .NET to SQL….

I ran across “Ten Common Database Design Mistakes” and found it to be most interesting.  I’m sure you will too.

Usually a website owner has the data from their contact forms emailed to them.  But sometimes it can be useful for the site to automatically add that info to an ongoing list of contacts.  One way that most people like to be able to see and sort such data is in a spreadsheet.  It is quite easy to make a “fake” spreadsheet using an html table that Excel will open like any other .xls file.

Here are the basic steps:

• Create and save a “spreadsheet” which defines the header row
• Upon each contact form submittal, write an html row to that file 

Read the rest of this entry »

by George Zheng

Problem

AJAX Control Toolkit has a neat control – TabContainer, to allow you create tabs on your web page easily. However, one problem with it is that when user refreshes the page, it defaults back to the first tab. This will cause user confusion if you have pagination in third tab let’s say. Every time, when user click a page number on third tab. Page get refreshed and it should show third tab, not the first tab.

Solution

The reason refreshed page always show the first tab is, in fact, one of the benefits of the tab control – switching between tabs doesn’t cause a post back. This is a pure client activity. When server prepares the page, it has no idea which tab is the active tab on client side. So server will set first tab as active tab by default.
Read the rest of this entry »

I am always astounded how often I inherit code from smart developers who know what they are doing, but still do not take the time to close and destroy objects. As much fuss is made about memory management and such, this is still an area of coding where laziness abounds.

.Net memory management and garbage collection is intended to free up our need to manage memory at a micro level, but at the same time it is criticized for not freeing up memory fast enough and then blamed for application issues and server slowness. For best practices, never rely on inherent memory management. Where you can, close and DISPOSE!
Read the rest of this entry »

by Allan Sieker

The story you are about to hear is true and should be of interest to all web developers – be you .NET or not.

A few businesses I know had issues with web site connectivity a few weeks ago.  Some computers could connect while others could not.  IE 8 seemed to have more of a problem than IE 7.   The client could access other web sites ok.  Client locations were across the US and not all local (the St. Louis area).
Read the rest of this entry »

I recently needed to update an existing C# solution of multiple projects to add transactions around two different data updates.  I wanted to have this pattern for each one:

• Start transaction
• Delete all existing data
• Insert all new data
• Commit transaction

Read the rest of this entry »

by Allan Sieker

The Overview

   “We do not pretend to have achieved perfection — but we do have a system — and it works.”  – Klaatu

When developing ASP.NET web applications a very common approach to maintaining state is to store variables into the Session.

Session is just one way to store data. Here are some other ones that I know of. Can you think of any others?

• Application (global) – uses server memory.
• Session (user) – can use user memory and/or database storage.
• Data cache (global, but can be user specific with proper handling) – uses server memory.
• Viewstate (web page) – rides along with the page.  No server memory.
• Database (global and user) – includes SQL, XML, local files, etc.
• Cookie (user) – stored on the client’s computer and accessed via the browser.
• Query String (user) – doesn’t use server memory – just a lot of developer patience.
• Form fields (web page) – popular in HTML and classic ASP development.
Read the rest of this entry »

The bottom line much of the time, is that developers are creatures of habit… much of what we do, we do because that is what we do, and we have no better reason than that. Perhaps the first time we do something we thought it through, but rarely do we go back and revise those thoughts, and conciously choose a different direction, ideology or methodology… for me this is the case with my choice of choosing Website over WebApp for my development.

Recently I began a new project with a co-worker, and although we discussed every aspect of the project, the coding, the tools, the flow, basically every detail as to what was ahead of us, we never addressed whether this would be a WebApp or a Website project. As I began coding my first page of this project, the dev environment was different, my options had changed, and I knew we had not addressed a fundamental decision that we should have addressed.
Read the rest of this entry »

Recently our organization (The Net Impact) made the decision to rebuild our entire development environment. As most know this can be both a daunting and yet exciting venture. During the planning phase we had numerous discussions concerning which source control utility to implement and we finally decided to test Subversion versus Microsoft Team Server.

One of the complaints I have had in the past with Subversion is how clunky interfacing with it has been. I feel that in this day and age any command line interface is past its prime, and having to run external third party interfaces is simply annoying. I wanted something fully integrated into our development tools mimicking the functionality of eclipse and PVCS I had used years back.
Read the rest of this entry »