Attachments in Programming

I am wanting some advice on getting started on an application that has to take attachments. Basically, I have an application that creates/pulls data from MS SQL Server. With this data, the user can add attachments that are associated with it. I am wondering what is the best (I know that’s subjective, but opinions are what I am asking for) route to take for accomplishing this task. Here are my thoughts:

1) In the database, have a column with links separated by a semicolon.

Pro – Small storage on the database
Con – If the file is moved/modified, the database had to be updated at the same time. Also, processing time for going through the list of attachments.

2) In the database, just have a column that actually points to the attachment itself, letting SQL Server load the attachment internally (not sure if that’s possible, but I know that Wiki’s do it). Basically, it would be like inserting the attachment into the database, and letting SQL Server do it’s thing.

Pro – Easy to code (hopefully)
Con – Not sure about the security… could load a malicious file…etc..

Any thoughts would be great! Thanks all!

Coding Glee

I just thought I would post how awesome it is to be a coder! Yeah I’m a big dork… I have been cooking up ideas left and right and it feels great! We currently have a generic way of creating the documentation necessary for promoting code, etc… Well, I am lazy of course, so I am designing a program that will generate the bulk of this information for you. With this application, you’ll never have to open Word again (well.. close to never).

Reading Good Code Rant

Over at my old job, I had an epiphany and I was wanting to share my thoughts on it to the readers.

Reading good code is like reading a good book.

As stated in the title, it’s called READING code not deciphering code. When you read a book, there’s nothing more annoying than having to jump back and forth between chapters to remember who killed who or who did what. A good book should have a smooth transition between chapters. The flow of it should be fairly straight forward, otherwise it becomes a nuisance to read and gets left on the bookshelf. Code should not be any different.

When I worked support, I hated jumping back and forth in code to figure what the “temp” variable was used for or the why the function “LoadData” was 400 lines long. Come on people! Code should flow.

If you need a temporary variable, then give it the value it actually holds, but try to keep the word “temp” out of the picture. This naming convention will keep you from writing any and everything to a single “temp” variable and will save your support people from pulling their hair out. Any variable declared in a function is considered “temporary” by definition.

Also, don’t forget about your counters and/or sentinels. Let’s say you’re looping through an array of employee names. Well, instead of saying the following:


for( int i = 0; i &lessthan len(employeeNames); ++i )
Print(employeeNames[i]);


Try saying this:

for( int employee = 0; employee &lessthan len(employeeNames); ++i )
Print(employeeNames[employee]);


Since you’re essentially going through a different employee to grab their name, why not state such? In .NET, there is the “foreach” construct that forces you to use a more object oriented approach to looping through collections.

Now for functions… Name your functions according to exactly what they do. If your function name is too long, chances are you need to break up your function into other smaller functions. If it’s too short, you’re probably not giving it a proper name. A function should only perform one operation. If you’re one of those types of people that like to write “bulk” functions, then at least make it readable. Keep the abstraction simple.

function void Cleanup()
{
ClearEmployeeNames();
ClearManagerNames();
//etc...
}


So, in closing, I hope I have saved at least one support person the headache that they already endure on a day to day basis. Their job is tough already, do not make it any harder on them by making your code impossible to read. Enjoy!

Defensive Programming JScript

Over the course of programming in javascript, one can easily lose the concept of defensive programming in that language. I mean come on… it’s likely that the javascript you put in your site is just for fancy popup boxes or capturing keys, etc, and this is not really a crucial factor to consider for your site to properly run.

So in essence, most of us simply put code like so…

function Test()
{
if( document.getElementbyId('mycheckbox').Checked )
//do something
}


We all know that javascript does not have an assert of any kind, but would you necessarily use this same kind of logic in your code behind? I assume not. You would probably want to check to see if this object exists first. Granted, you do not want to always do this because then your code becomes a “Coding Horror”, but nonetheless, it should probably be at least considered in your javascript code, especially if you’re attempting to write generic javascript functions.

Try this on for size:

function Test()
{
var checkbox = document.getElementById('mycheckbox');
if( checkbox != null )
// do something
else
// do something else
}


So next time you get a javascript error in your code, instead of “fixing” it, try a little defensive programming. It could make your life a lot easier, and besides, putting a little extra load on the client never hurts right?

XBox 360

I have finally given up on PC gaming and have moved to console gaming.  I went ahead and bit the bullet to buy myself something nice – an XBox 360.  I picked up Gears of War and I would like to get a racing game, too… but for now… Gears of War will have to do.

I have to say that the 360 is an amazing machine with a HUGE power adapter.  It was well worth the money.  I decided against the PS3 for various reasons and also the Wii.  Besides, I wanted to get something that would last awhile and I figured that MS isn’t going anywhere for a long time. So, forgive me PC gaming community… alas, I will be enjoying my gaming experience without having to worry about downloading the latest patch and making sure my drivers are  up to date.

VB.NET vs C#

Uh oh… not another one of these threads.

I have developed applications in both C# and VB.NET. If you’re an OO programmer, you’re obviously pointing your nose up to the disgrace of VB6, and righteously so, but don’t be so quick to judge on VB.NET.

If you are not already familiar with the .NET framework, it is a power house collection of classes that are beautifully designed. Now, coming from a shop that had VB6 as a primary language, I was a bit skeptical about VB.NET, but I have turned a new leaf. From what I can tell, you can apply all of the OO design you want in VB.NET just as well as C#.

MS has done a bang-up job with VB.NET (and the .NET framework itself for that matter). What used to be lacking was the XML comments, but with ASP.NET 2.0 and VS 2005 that once empty void has been filled with the three single quotes and intellisense. So, next time you decide on which language to use in the .NET framework, my answer to you is the one easiest for you. Honestly, C# is probably less writing (the whole Dim blah as Type can be rather annoying), but the semantics are exactly the same. Enjoy!

DES Encryption VB.NET

For those who want to use a simple encryption scheme that compiles and does not eat up your processor, I have provided a snippet. Enjoy. It is single pass DES encryption using the .NET framework.


Imports System.Security.Cryptography
Imports System.IO
Imports System.Text

'''
''' Encrypts the given input using single pass DES encryption.
'''
''' Input string to be encrypted.
''' Encrypted string.
'''
Public Function Encrypt(ByVal input As String) As String
Dim encryptedString As String = Nothing
Dim desKey() As Byte = {&H1, &H23, &H45, &H67, &H89, &HAB, &HCD, &HEF}
Dim desIV() As Byte = {&H1, &H12, &H23, &H34, &H45, &H56, &H67, &H78}

' assign the byte array
Dim b_inputArray() As Byte = Encoding.UTF8.GetBytes(input)

'more efficient to use DES encryption, but the keys are easier to break since
'limited to only 64 bit encryption
Dim des As DESCryptoServiceProvider = New DESCryptoServiceProvider()
Dim cs As CryptoStream = Nothing

Dim ms As MemoryStream = New MemoryStream()

Try
' write out the string to the memorystream for further use and easy
' conversion to a string value
cs = New CryptoStream(ms, des.CreateEncryptor(desKey, desIV), CryptoStreamMode.Write)
cs.Write(b_inputArray, 0, b_inputArray.Length)
cs.FlushFinalBlock()

' build the string into a readable format excluding non-generic ascii values
encryptedString = Convert.ToBase64String(ms.ToArray())

Catch ex As Exception
'error handling here
Finally
' clear out the memory
desKey = Nothing
desIV = Nothing
b_inputArray = Nothing
des.Clear()
des = Nothing
cs.Clear()
cs = Nothing
ms.Close()
ms = Nothing
End Try

Return encryptedString

End Function

'''
''' Decrypts the given input using single pass DES decryption.
'''
''' Input string to be decrypted.
''' Decrypted string.
'''
Public Function Decrypt(ByVal input As String) As String
Dim decryptedString As String = Nothing
Dim desKey() As Byte = {&H1, &H23, &H45, &H67, &H89, &HAB, &HCD, &HEF}
Dim desIV() As Byte = {&H1, &H12, &H23, &H34, &H45, &H56, &H67, &H78}

' assign the byte array
Dim b_inputArray() As Byte = Convert.FromBase64String(input)

'more efficient to use DES encryption, but the keys are easier to break since
'limited to only 64 bit encryption
Dim des As DESCryptoServiceProvider = New DESCryptoServiceProvider()
Dim cs As CryptoStream = Nothing

Dim ms As MemoryStream = New MemoryStream()
Dim encoding As System.Text.Encoding = System.Text.Encoding.UTF8

Try
' write out the string to the memorystream for further use and easy
' conversion to a string value
cs = New CryptoStream(ms, des.CreateDecryptor(desKey, desIV), CryptoStreamMode.Write)
cs.Write(b_inputArray, 0, b_inputArray.Length)
cs.FlushFinalBlock()

' build the string into a readable format excluding non-generic ascii values
decryptedString = encoding.GetString(ms.ToArray())

Catch ex As Exception
'error handling here
Finally
' clear out the memory
desKey = Nothing
desIV = Nothing
b_inputArray = Nothing
des.Clear()
des = Nothing
cs.Clear()
cs = Nothing
ms.Close()
ms = Nothing
encoding = Nothing
End Try

Return decryptedString

End Function


Source Control, VS 2005, and ASP.NET

For those who have not been able to figure out why they can’t get their solutions into Source Safe with a neat folder structure.. here’s your solution. Of course, everything works KINDA ok whenever you use all defaults for where your website is located at, but if you’re any kind of developer and you have source control, you will want to create the same directory structure as your source control delegates (for web apps anyways).

By default 2003 creates the correct folder heiarchy and defaults your web application location to your local machine’s inetpub directory (even though this is bad – *spank*). VS 2005, on the other hand, puts your solution two folders above your projects and puts those files all over your Documents and Settings/LocalUserName/ blah blah.

Well, let’s say you create your web application in C:\Dev\Websites. Open it in VS 2005 and you’ll notice there’s no solution.. hmmmm… Add another project and it instantly appears. Rather than blogging all the stuff that VS 2005 sets up that doesn’t play nice with SS… I’ll just post a solution.

Create your folder heiarchy as follows:

Solution Folder -> (.sln) -> Web Project Folder -> (.aspx, .cs, etc…)

If you have multiple projects, then create a new folder (VS 2005 should create one by default once you save your solution correctly) for your project and put it in the same branch as your Web Project Folder. Ridiculous? Wait until you try to create a .msi file. Of course, this process is great facilitated with the Web Deployment Projects download from MS…. but mum’s the word.