Tuesday, 28 February 2006

Microsoft Security Interchange notes

Last night Gary, Chris and I attended the Adelaide edition of the Microsoft Security Interchange evenings that they are running around the country.

It was a relaxed evening, but there were some good speakers. Most interesting and entertaining would have to be Steve Riley. I've heard Steve and Jesper talk at TechEd previously, and he is a very compelling presenter. I wish some of the ISTS guys had been there to hear him talk about how "account lockout" is just a great way to mount DoS attacks on user accounts. It's also worth repeating the security tradeoff triangle diagram:

Rocky Heckmen also did an interesting presentation where he showed a new tool that will be released soon from Microsoft that helps with Threat modeling.

Dave Glover finished up with some demos of techniques to help improve code security. Sadly, encrypting web.config didn't work for him on the night, but he did also mention the Anti-Cross Site Scripting Library that I blogged about last week. Turns out this includes security-conscious versions of the Server.HTMLEncode and Server.UrlEncode functions

Sunday, 26 February 2006

Building a WaitScreen control for ASP.NET

This is something we could use - a WaitScreen control for ASP.NET

The Code Room

The Code Room - I think I've found a reason to make up that final packet of popcorn that's been floating around my desk and have another "developer film event"!

Thursday, 23 February 2006

This week's brushes with fame

So far this week, I've had contact with two 'famous':

First of all I've had a few emails going back and foward to Scott Guthrie, a pretty high-up guy at Microsoft who looks after the teams that produce ASP.NET, Visual Studio web bits and IIS). I've got a problem with the Web Application project that is currently in beta. I think it's a bug, so hopefully they can fix it for the next update.

The second person was a reply from Mark Russinovich, one of the guys behind Sysinternals. I reported an issue I'd seen with the BlueScreen Screen Saver when running remote desktop (it displays a funny error message).

Wednesday, 22 February 2006

ASP.NET RSS Toolkit

My first generic method

Since starting to use .NET 2.0, I've made quite a lot of use of the Generic Collection classes.

Today however was the first time I've created my own generic method that adapts to the required type for each instance.

The use of the method is to replace the following kind of code:

        Dim rowTest As dsTests.TESTSRow
 
        rowTest = dtTests(0)
 
        If rowTest.TEST_PUBLISHED <> test.Published Then
            OnDataItemChanged(dtTests.TEST_PUBLISHEDColumn.ColumnName, rowTest.TEST_PUBLISHED, test.Published)
            rowTest.TEST_PUBLISHED = test.Published
        End If

Basically, I'm checking if the value has changed, and if it has then I update the DataRow property, and eventually I call a DataAdapter to send the updates back to the database. By doing the compare, I'm only sending real changes back to the database.

My first step was to create a helper method that took an object as a parameter like this:

    Public Shared Sub UpdateDataRowItem1(ByVal row As Data.DataRow, ByVal column As Data.DataColumn, ByVal newValue As Object)
        Dim oldValue As Object = row(column.ColumnName)
        If oldValue <> newValue Then
 
            row(column.ColumnName) = newValue
 
            OnDataItemChanged(column.ColumnName, oldValue, newValue)
        End If
    End Sub

But as the squiggly lines appeared in Visual Studio, I realised that this wasn't going to work if I stuck with the general Object data type - you can't use <> with Object types! The alternatives were to create separate versions of the method for the different types, or I realised I could make use of generics to do the same thing but in a much easier to maintain way.

My first question was "Can you actually have generic methods?", as I didn't really want a whole class to do this. Thanksfully, the answer is Yes. So I updated the method to look like this:

    Public Shared Sub UpdateDataRowItem2(Of t)(ByVal row As Data.DataRow, ByVal column As Data.DataColumn, ByVal newValue As t)
        Dim oldValue As t = CType(row(column.ColumnName), t)
        If oldValue <> newValue Then
 
            row(column.ColumnName) = newValue
 
            OnDataItemChanged(column.ColumnName, oldValue, newValue)
 
        End If
    End Sub

Getting closer, but it was still complaining - "Operator '<>' is not defined for types 't' and 't'". Going back to check the documention, I noticed one of the examples used a 'constraining type' on the type parameter. That is just what I needed too, so the final version is as follows:

    Public Shared Sub UpdateDataRowItem(Of t As IComparable)(ByVal row As Data.DataRow, ByVal column As Data.DataColumn, ByVal newValue As t)
        Dim oldValue As t = CType(row(column.ColumnName), t)
        If oldValue.CompareTo(newValue) <> 0 Then
 
            row(column.ColumnName) = newValue
 
            OnDataItemChanged(column.ColumnName, oldValue, newValue)
 
        End If
    End Sub

Unit Testing Events with Anonymous Delegates in .NET 2.0

How do you unit test your event code? You use Anonymous Delegates

Here's a sample unit test that I've created that makes use of this technique:

        [TestMethod()]
        public void UpdateTestTimesTest()
        {
            object expected = UniSA.UniSAnet.SmartMark.DataAccess.DataItemChangedEventArgs.ChangeType.Update;
            object actual = null;
 
            UniSA.UniSAnet.SmartMark.DataAccess.TestComponent.DataItemChanged += delegate(object sender, UniSA.UniSAnet.SmartMark.DataAccess.DataItemChangedEventArgs e)
            {
                actual = e.Change;
            };
 
            Test test = UniSA.UniSAnet.SmartMark.DataAccess.TestComponent.GetTest(UnitTestingTestId);
 
            test.MinutesAllowed += 1;
            UniSA.UniSAnet.SmartMark.DataAccess.TestComponent.UpdateTestTimes(test);
 
            Assert.AreEqual(expected, actual);
 
        }

Wednesday, 15 February 2006

Default content in ContentPlaceHolder is not replaced when it contains <%= %> tags

I think I've found a bug in ASP.NET Master Pages - if you try to include any <%= %> tags in a ContentPlaceHolder control on a Master Page, then it doesn't get overidden by the content in the Content control.

Using CSS when JavaScript is disabled

I've often worried about pages that use CSS to hide content, then allow JavaScript to dynamically show it again (eg. when you click on something), that if JavaScript was disabled, then there's no way to show the content.

Project Seven shows an example of how to use CSS and make sure content is viewable with or without JavaScript enabled.

Click on the example to see how it works.

Friday, 10 February 2006

January CTP build of Atlas

January CTP build of Atlas has been released. Nikhil describes the changes from the previous release.

Wednesday, 8 February 2006

TFS Data Warehouse not updating

I noticed today that the reports section of our intallation of TFS were not updating - they were still only showing 24th January. Here's the workaround.

Saturday, 4 February 2006

Team Foundation signs off on Release Candidate

Looks like I'll be asking Chris to grab this from MSDN Downloads mid-next week.

Friday, 3 February 2006

Extending Enums

A couple of articles on adding attributes to Enums.

Combine this with a custom TypeConverter and you've got some nice code to work with.

"the handle is invalid" error with VSTS and TFS

We've struck this error trying to check-in a file in Visual Studio Team System. You get a very helpful dialog that says "The handle is invalid".

Turns out this is a bug that has been fixed post-Beta3, and bites you when two people have checked out an item. The workaround is to use the Get Latest Version menu-item, merge changes then you should be ok.

See this post in the MSDN Forums for more details.

Uploading Files in ASP.NET 2.0

An Overview of using the FileUpload server control in ASP.NET 2.0.

Wednesday, 1 February 2006

Jeff Beehler to Visit Australia March

Jeff is involved in the Team Foundation Server product from Microsoft. His Blog is one I keep an eye on for the latest updates in TFS.

I've asked Chuck if there's any way to get him to visit Adelaide on his Australian visit.