Rapid Module Development for DotNetNuke

I came across this really great article by Mark Hoskins on the use of various code generation tools to rapidly build modules for the DotNetNuke platform. Mark does a really great job on explaining how he goes about using these tools to develop his modules in a much shorter time frame.

You can read it here.

http://dotnet.sys-con.com/read/180968.htm

Microsoft has just released some details on the upcoming version of their Office product, formerly known as “Office 12.” It is now known officially as Microsoft Office 2007. Personally I am really looking forward to some of the improvements in this Office suite. These features include an improvement to the email management, a new user interface and improved collaboration tools through the use of the Groove technology that Microsoft recently bought.

Of all the improvements that I believe that will make the most difference in an enterprise are the work flow management and the improvement in collaboration.  As I am not specifically beta testing this program I can not really speak as to these improvements.

As it turns out a story like this has also hit the web and I have assembled some of the more notable links on the web. These are:

FAQ: Looking into Office 12

Microsoft offers peak at next Office suite.

Microsoft announces Office 2007 pricing, details

Does Microsoft Office 12 equal Office 2007

I am sure that there will be more details coming down the pipeline as now that the official product has been announced. Basically the questions out there are more to deal with how Microsoft will directly integrate Sharepoint into the Office suite. Hopefully I will not keep my expectations too high so as to not be disappointed by what I expect the end product to be.

Okay you have now passed your certification test, congratulations! Now what? How is this going to actually improve your life, your career? Have you thought about your plans after you have passed the test? For many taking a certification exam is only a stepping stone to true success.

The first thing I would do even before pursuing a certification is to have a plan on how this is actually going to help you in your career. Just because you have passed the test does not mean you are an expert. You must first prove it to the rest of the world. How do you do this?

Sit down at your computer or desk and write out your career goals for the next year, five years, ten years and your entire working career. How does this certification fit into those goals? Can you use it to establish more credibility as an expert?

The first step I would take is to start writing tutorials on the subject matter that you claim to be an expert in. Post these tutorials to your own website, blog or eZine distribution websites. the more you write about a subject the more likely a person is going to consider yourself an expert in the field and the certification just backs that up as well. The more visibility you receive the more likely you are to get clients that are willing to pay for your services.

The second step I would take is not to stop studying! The best thing for you to do is learn as much as possible about your subject matter and to stay on top of it. Each time you learn something new write about it. This not only helps you stay visible but shows that you are up to date with the latest technology. If you are studying for another certification or an upgrade to your existing one learn all you can about the material and then start writing tutorials that teaches others on the same subject. Not only will this help reinforce what you have already learned but it could lead to increased job offers and other opportunities.

The third step would be to visit as many newsgroups as possible to put your knowledge to the test. By helping others this way you reinforce what you have learned and again gain valuable exposure in the field.

Lastly I would find a local user group in your area and start volunteering for it. This will greatly increase the number of contacts you can network with and make your name known in the community. Do not have a user group in your area? See if you can start one and start speaking about your area of expertise to a local crowd. Later I would connect with other regional user groups to see if they are looking for speakers and then start speaking at these user groups.

For many the certification test is the place where most people stop in their careers and then complain that this test did not really help them. The test is merely a stepping stone in establishing more credibility. The rest is up to the individual. You reap what you sow. Certification only contains some of the seeds that you need to plant in order to become truly successful.

Publishing documents on the World Wide Web can seem daunting for the self proclaimed ludites out there. Let's face it HTML, XML, CSS, JavaScript to name just a few of the technologies that you would need to be familiar with in order to develop a truly professional looking website for yourself or your business. Fortunately there is a solution to the problem, it is called a content management system and it is an easier way for just about anyone willing to learn to publish to the Internet.

Some of these content management systems have stemmed from the need of publishing data to the web. CNet for example created one of their own in house content management systems which they later spun off into a separate company called Vignette. Since publishing to the web began to take off in 1995 the development of these systems has really begun to progress. However my focus will be only on open source versions of the web content management systems.

The first open source system that I want to mention is called DotNetNuke (http://www.dotnetnuke.com) which is a AsP.Net based system. By far one of the more popular open source projects out there today DotNetNuke has an avid following of hundreds of thousands of users. The benefits of using this system is the rapid updates to the platform and the intense support you will receive from it community. These are two very important factors when considering an open source system, the level of updates and the support you will receive from its creators or users of the platform. Further the innovations that are built into this system make it one powerful application by any measure. For instance the skinning mechanism is by far one of the easiest to modify and customize and the scheduling processor reduces some of the more mundane tasks of maintaining any website.

However DotNetNuke does not come without any drawbacks. Since this system was eveloped in ASP.Net this means that you will need at least Visual Studio 2003 Professional or greater in order to truly modify the source and customize the system as you see fit. This can be a serious drawback as the cost of this development platform can run into the hundreds of dollars.

The second open source system that I have some experience in using is called AXCMS.Net (http://www.axcms.net) which is again built upon the .Net platform. This system is as feature rich as other open source systems such as DotNetNuke. However, this system has some definite drawbacks. First is its somewhat difficult setup and deployment problems that can seriously hinder any project. Also, there does not seem to be as an avid user base as DotNetNuke. However the system is as "solid" as they get and you will definitely be rewarded by your efforts once you have the system fully setup and ready to use. Also since this system is really a neat way to get introduced to the development team any updates or customizations you may need will be for a fee from the creators of the system. This really hinders the community support of the system and makes adoption that much harder.

There are many other open source systems out there with some more being developed as I write this article. The main factors when adopting any open source content management systems you should consider are: how well is this system supported by the community and how often is this system updated by its core development team. Even an open source system can have some hidden cost that must be considered before adoption into any business or enterprise.

Perhaps you have heard about the next new version of Microsoft Windows, called 
Vista? The Vista operating system has many promises to one great, stable and 
dynamic operating system. Not only will this operating system have the .Net 
framework built into the core of the operating system it will also feature some 
other key communications, user interface and security breakthroughs.

For instance Vista will utilize the Windows Presentation Foundation (WPF) which 
will greatly increase the aesthetic value of each application. Perhaps you may be 
familiar with a website developed with Flash animation software. Now picture the 
same type of functionality and aesthetics however instead of being restricted to a 
website format having the freedom to develop the interface so it is a true Windows 
application. Further, this WPF will allow for much easier and faster deployments of 
these applications through the use of "one click deployment" technology. If you are 
familiar with the updater application block and the BITS service then you are 
already familiar with innovation. However, instead of being some cumbersome 
application block you will be able to easily deploy these applications with just a 
few clicks from your development environment.

Secondly the Windows Communication Foundation (WCF) will provide a secure and 
reliable messaging platform which will allow for a new era in the creativity of 
application developers. This WCF will bring in a new time when true service oriented 
applications will become commonplace. This will make it much easier to connect 
businesses to each other and their customers.

The in built security mechanisms will make for a much more secure platform as well. 
Since this operating system is built around the .Net framework Code Access Security 
will be much easier to enforce and maintain. Code access security is when the 
author of the program can specify exactly what the program is allowed to do based 
upon the role of the user who is accessing the software. This will allow for a much 
finer grained security mechanism which will make software much more trustworthy by 
the end user.

Another feature of Vista is called SuperFetch. SuperFetch seems to be a caching 
mechanism for frequently used files so that the end user experiences fast response 
times and is not hindered by the background tasks that the operating system is 
performing. This will greatly speed up and perhaps cause less system crashes 
thereby making the OS much more stable.

One other great feature of Vista is its use of the sidebar and gadgets. Gadgets are 
small programs that either you or someone else has created that performs some 
frequently used task such as viewing the latest weather or traffic information from 
your desktop. Now this might seem to be a small feature but I am sure the general 
public will eat this feature up and it is one place where some new innovative 
software inventions might take place. It might even make managing your life that 
much easier.

Perhaps the best feature of Vista is its new ability to easily search through and 
organize  your files for later retrieval. I cannot tell you how many times I have 
had to search my own hard drive for a file that I knew I created but could not 
remember where I stored it.

Let's face it Windows XP and Windows 2000 are by now old fashioned. The public 
needs a new operating system simply because the other's are beginning to show their 
age. It is time for an upgrade.

This is a great blog post by one of the members of the SQL Server team explaining when and where SQL Server 2005 Indexes should be used. The topics covered are:

1. How can I find out whether my SQL Indexes are useful?
2. Do I have any tables or indexes that are not uses (or rarely)?
3. What is the cost to benefit of using indexes in SQL Server 2005?
4. Do I have hot spots or index contention?
5. Could I benefit from more or less indexes?

The full blog post can be read here. Again a must read for anyone who wants to gain true performance from their SQL Server.

There is a great crash course of building ASP.Net custom Controls on MSDN. This is more or less a note of reference for myself and anyone who comes across this blog. Truly a great article and a must read!

Find it here:

http://msdn.microsoft.com/asp.net/default.aspx?pull=/library/en-us/dnaspp/html/ASPNETContDev.asp

Yahoo! has developed a Ajax library for developing interactive web page development. This is a very good thing as Yahoo! has been in the business for a very long time and obviously they know how to develop a stable web portal so this library should be fairly stable and ready for deployment in any size business.

You can find out more information here. Personally, I am not a great web developer since I really like to concentrate on Windows Forms applications instead. This should be a real help in my attempting to learn how to build the same functionality into webpages.

You can find out more information about this product here.

http://developer.yahoo.net/yui/

Today I attended a live webcast on DotNetNuke hosted by Stan Schultes and Russ Fustino and the topic of security in the DNN framework came up. I originally was going to post a article on the subject of how to encrypt a connection string in ASP.Net when I came across this resource guide. This lists a series of how to guides on the best practices for both .Net versions. If you have not already done so, you should check it out here.

It can be found here:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/securityhowtosindex.asp

This should answer any question you may have regarding the following subjects:

• Authentication and Authorization
• Code Access Security
• Code Review
• Communication Security
• Configuration
• Cryptography
• Deployment Review
• Impersonation and Delegation
• Input and Data Validation
• Patching and Upgrading
• SQL Server 2000
• Threat Modeling
• Web Services
• Etc.

Hopes this helps someone out there who may stumble across my blog looking for information on these subjects. Eventually I hope to write an article about each of these particular areas when I have the time to do so.

This is also another meeting announcement from the sarasotadev website for the March 16th, 2006 meeting.

Ensure A Seamless Upgrade Path to WCF with ASMX 2 and WSE 3 - by Tom Fuller

This meeting will be on Thu, Mar 16, 2006 at 6pm. Location: Sarasota Community Foundation, located at 2635 Fruitville Rd., Sarasota, FL 34237 (just west of Tuttle on the north side of Fruitville).

The WinFx components are sure to have a significant impact on how we develop applications that target the .NET framework. In this session I will focus in on Windows Communication Foundation and how to ensure forward compatibility with the services you are deploying today. You will certainly walk away from this session understanding what types of limitations exist and what you are able to embrace immediately. If the next generation of web services interests you this session is a must see!

About Tom Fuller:

Tom is an SOA Architect with Publix corporate in Lakeland, FL. He's also an author and the founder of the SOApitstop site.

Here is the details for the next upcoming Sarasota Developers Group meeting this Feburary 15th. from the sarasotadev.net website.

Windows Vista, and Visual Studio Tools for Office (VSTO) - by Russ Fustino

This meeting will be on Wed, Feb 15, 2006 at 6pm. Location: Sarasota Community Foundation, located at 2635 Fruitville Rd., Sarasota, FL 34237 (just west of Tuttle on the north side of Fruitville).

In this two part talk, Russ will give an overview of Vista - the next-generation Windows platform. He'll also give a technical overview of Visual Studio Tools for Office (VSTO) development.

About Russ Fustino:

Russ is the Microsoft Developer Community Champion for the eastern region. He delivers MSDN sessions, user group talks, and other developer events throughout Florida. He also hosts Pub Clubs after many of his meetings that give developers a chance to socialize with their peers.

Recently I have been researching the various techniques that web developers utilize in order to make their websites more search engine friendly. I have found many contradicting information regarding this subject and many website advocate purely unethical behavior to say the least. Hopefully though I will steer you clear from those methods and show you how to properly optimize you website so that it can be found by the various search engines.

The very first thing I would do to optimize your website is to go to one of the many free resource sites on the Internet. These include such sites as:

http://www.sitereportcard.com

http://www.seocompany.ca/tool/free-seo-tools.html

http://www.spiderhelp.com/optimize/

This is the best place to start when you want to make sure your website is fully optimized for the various search engines. The benefit of these sites is that they rapidly point out the various flaws your website may be experiencing due to some of the inadvertent mistakes you make.

Also the following tips I have found to be the most useful when actually building a website.

1. Make sure you have the proper keyword placement on your website so that visitors know exactly where to look to find the content they are searching for.
2. Make sure your HTML is validated and free of any errors.

A good place to check for that is at: http://www.anybrowser.com/validateit.html

Also check for broken links at: http://www.anybrowser.com/linkchecker.html

3. Make sure you have utilized your META TAGS correctly
4. Make sure your page title is as descriptive as possible. This is more or less the same tip as #1 however it really helps the search engine but also the end user find what they are looking for on your website.
5. Make sure that if you have links to filenames that they utilize the same keyword phrases you want users to find your website. Also make sure you use the alt text when displaying images on your website as search engines also scan these as well for key phrases.

There are many other possible ways to increase the way your website is optimized for the web however I found these to be the most solid tips when creating a new website.

This is a must have for every developer. Just a quick note today. More to come soon. Please order this kit if you are unsure about securing your applications. Click here.

Technorati Profile

Oracle has finally joined the bandwagon of creating an express edition of its database server! This is great news to those that want to foray into new uncharted waters of using an Oracle DB. Myself I have only used SQL Server databases, the first one being version 7.0 and finally ending up with SQL Server 2005. So this will be a totally new experience for me.

The benefits of using this express edition of the Oracle database is that it will be far easier for software developers to create products that use the Oracle database as its backend. Also for students this means having an actual database to kick around instead of having to Telnet into a database in order to learn the subject matter.

There seems to be few limitations to this database as it can hold up to 4GB of user data and use up to 1GB of RAM. This seems plenty for what this database is designed for which is mainly for students and small DB backends for ISV’s to use as their database of choice.

At this moment the product is only in Beta so I am going to wait until it is fully released before I install it on my machine. I have a rule of never installing beta products on my machine because of the probability of having my computer getting fried. Not a pleasant situation believe me.

You can learn more about this release here.

This is a tip I learned some time ago on how to make a Windows XP CD bootable. This should work on most cases as  I have never heard anyone complain that this did not work.

Here are the steps:

1. Make a directory to store the integrated (slipstreamed) OS:
    mkdir <DEST DRIVE>:\XPSP2_Int\Pro

2. Copy my Windows XP w/SP1a to my hard drive:
    xcopy <CD DRIVE>: <DEST DRIVE>:\XPSP2_Int\Pro /E

3. Extract the XP SP2:
    <CD DRIVE>:\xpsp2.exe /X:<DEST DRIVE>:\XPSP2Temp

4. Integrate, or slipstream XP SP2:
    <DEST DRIVE>:\XPSP2Temp\update\update.exe /Integrate:<DEST DRIVE>:\XPSP2_Int\Pro

5. Make the bootable CD-ROM by following the instructions here.

That should be all you need in order to create a bootable CD for Windows XP SP2. More tips & tricks coming soon.

We here in Florida have a very strong developer community. We have many local .Net user groups to help support those just coming into the field of .Net programming and also help those with their particular struggle with a particular project that they are working on.

In Orlando we have the Orlando .Net Code camp details as follows:

When and where:

When:

March 25^th, 2006

Where:

Orlando, Florida

Exact location to be determined (as of this writing)

The website for this code camp can be reached here.

In the Miramar area we have the South Florida .Net Code camp with details as follows:

When and where:

When:

February 4^th, 2006

Where:

Devry University

Miramar Campus

2300 SW 145th Ave. Miramar Florida 33027

To register click here

To bad there isn’t any local Tampa Bay Code Camps that I am aware of. Maybe I should work on getting one started. Is anyone interested in attending perhaps a half day in Sarasota for a “mini code camp”? Let me know in the comments of this post.

Data Binding in Windows Forms 2.0 - by Brian Noyes

This meeting will be on Tue, Jan 17, 206 at 6pm. Location: Sarasota Community Foundation, located at 2635 Fruitville Rd., Sarasota, FL 34237 (just west of Tuttle on the north side of Fruitville).

Windows Forms 2.0 introduces a host of new capabilities for managing data binding scenarios. The BindingSources component allows you to easily bind to almost any kind of data source, and the Data Sources window in Visual Studio 2005 makes it easy to generate the code to hook up BindingSources to controls. This session will demonstrate the use of BindingSources and the Data Sources window to handle a variety of complex data binding scenarios including Master-Details, data bound custom controls, and keeping multiple sets of data bound controls synchronized.

About Brian Noyes:

Brian Noyes is a Microsoft MVP and an international speaker, trainer, writer and consultant with IDesign (www.idesign.net). He speaks at Microsoft TechEd US, Europe, and Malaysia, Visual Studio Connections, SDC Netherlands, DevTeach Montreal, VSLive!, DevEssentials, and other conferences, and is a top rated speaker on the INETA Speakers Bureau. He has published numerous articles on .NET development for MSDN Magazine, CoDe Magazine, The Server Side .NET, and other publications. Brian latest book, Data Binding with Windows Forms 2.0, part of the Addison-Wesley .NET Development Series, will hit the shelves in the January 2006, and his next book, Smart Client Deployment with ClickOnce will follow in the summer of 2006. Brian’s blog can be found at http://www.softinsight.com/bnoyes/.

Please be sure to register on our website in order to get updated information about all meetings and any other up coming events in the Sarasota area. Also if you are interested in sponsoring our little but growing local developer community please e-mail me.

Today I was looking forward to seeing Bill Gates keynote address that he gave at the latest CES in Las Vegas. I went to Bill Gates webcast website and clicked on the 300K streaming media link as I have a very high speed internet connection. However, to my disappointment the webcast ended up not a fluid dynamic presentation but rather more of an audio show with still images taken from the webcast. So this begs the question as to why is it that Microsoft can not seem to get streaming media correct?

I contrast this with the same keynote experience from Steve Jobs using Apple’s Quicktime media player. What did I see a fluid, crystal clear experience of the presentation with just some minor stuttering and glitches as one would expect even from a high speed connection.

Now you see I am using a brand new Dell Windows Media Center edition PC with one of the best video cards available and one of the highest speed processor that I can buy. Why is it that on a Windows machine the streaming media experience is so much better with Quicktime than with the Windows Media player? It is pure shameful that this should be the case. How can Apple develop so much better of a Windows program than Microsoft?

I would love to see the Bill Gates keynote but I am simply spoiled the sheer quality of the Quicktime experience. I eventually gave up viewing the keynote using the streaming media using the Windows Media player. Hopefully the developers at the Windows Media center are listening and working hard to solve this issue with the program. Because if they do not hurry up Apple will quickly overtake them with the home entertainment experience. Just my little rant for the day I guess.

For many developers out in the .Net community it was ASP.Net that initially drove them to switch from some other platform. This was most likely due to the much enhanced programming model that ASP.Net provided and the improvements in performance that were promised and delivered. However, although the ASP.Net platform is a highly robust and scalable system you should still be aware of a few tricks of the trade that may help you increase your performance on your web application.

During my years of working with .Net I have learned many things on how to properly deal with certain situations that arise. Hopefully, you will find this information useful.

Best Practice #1

It is usually a good idea to set the SmartNavigation property to true on most pages.

The reasoning:

This reduces or eliminates screen flickering during postbacks to the server. Furthermore the scroll position will be preserved.

Best Practice #2

Enable the ability for multiple postbacks when using AutoPostback controls by using a user interface device such as a button.

The reasoning:

If the user has disabled Javascript controls in their browser then there is no way for the user to submit the form unless you provide a button or other user interface device.

Best Practice #3

It is preferred to use the Server.HtmlEncode method when displaying data taken from the database to an HTML control or Web control.

The reasoning:

This makes sure that the special characters are displayed in the correct manner and prevents cross side scripting attacks.

Best Practice #4

It is always best to validate input on the client side by using a validator control. Also, make sure you also validate all data on the server side as well as unforeseen security vulnerabilities can put your server at risk.

The reasoning:

Validation of all data is a best practice in all situations. This ensures a consistent database and data integrity and the integrity of your website.

Best Practice #5

It is usually a best practice to make sure the client is still connected during a time consuming task. This can be accomplished using the Response.IsClientConnected method during a known time consuming task.

The reasoning:

This method allows you to check to see if the client is still connected to the server. If the client is no longer connected you can then use the Response.End method to end the session and free up resources.

Best Practices #6

It is usually a good practice to avoid the use of hidden fields in order to store data between page postbacks.

The reasoning:

There are few very good reasons for storing potentially sensitive information using hidden fields. These do not store data in an encrypted manner or can store any significant amounts of data.

Best Practice #7

It is usually a good practice to store data taken from either files or a database in the ASP.Net cache object if the data does not change much over a period of time and can be shared with multiple users on the webpage.

The reasoning:

By storing and caching the data taken from a file or database you increase the performance and scalability of your application.

Best Practice #8

It is a best practice to use a Global error handler in the Global.asax file of your application.

The reasoning:

This allows you to recover properly from unexpected exceptions in the current application. Also this may allow you to implement a common error recovery mechanism for your web application.

Best Practice #9

It is always best to never use the Off attribute when setting the <custom errors> attribute in the web.config file of your application when it resides on a production server viewable by the outside.

The reasoning:

Doing this will enable unauthorized visitors to view potentially sensitive information about your application thereby increasing the security risk that  your website can be attacked from outside visitors.

Best Practice #10

It is always best to set your application tracing in the web.config file rather than using the @Page directive on individual aspx pages.

The reasoning:

This allows you to enable application level tracing for the entire application rather than for each individual page of  your website.

It can hardly be said that any serious programmer has had to deal with database programming at least some time in their careers. So it would be logical then to make sure your connection to these underlying databases are as efficient as possible. Hopefully I will share some of the best practices I have learned in dealing with ADO.Net programming. These techniques were learned from a variety of sources, many of them I can not remember sorry. Hopefully you will find them equally as useful as I do.

Best Practice #1

Always use native .Net data providers.

The reasoning:

It has been proven by using the native .Net data providers always perform better and allow you to take advantage of both the .Net framework and the full power of the underlying database.

Best Practice #2

Always use a config file to store your connection strings. Also it might be a good idea to encrypt these connection strings especially if stored in a dubious location.

The Reasoning:

It is always best to store data that might change in a location outside of your application where you can easily update the connection strings. Also encrypting the connection strings is always a good idea from a security standpoint.

Best Practice #3

It is always best to use Windows authentication mode when connecting to your SQL Server database, this really applies mostly to Windows Forms applications.

The Reasoning:

Windows authentication is always much safer as the username and password do not pass over the wire.

Best Practice #4

Always use an asynchronous delegate when establishing a connection from a Windows Forms application.

The Reasoning:

This will prevent the user interface from seeming to seizing up as the application attempts to connect to the underlying database.

Best Practice #5

Prefer to use the sorting methods on the SQL Server such as the ORDER BY, HAVING and GROUP BY statements.

The Reasoning:

By performing the sorting on the server side as opposed to the client side you save time because the server can perform the work faster.

Best Practice #6

You should always try to limit the number of rows in a resultset. This can be performed typically by using the TOP keyword or other similar methods.

The Reasoning:

By limiting the amount of information you send through the wire you make the application seem faster and this also allows for a more scaleable design.

Best Practice #7

It is always best to use the CommandBehavior.CloseConnection enumerated value when you invoke the ExecuteReader method of a Command object.

The reasoning:

This allows for better connection pooling as the connections that are opened are returned quickly.

Best Practice #8

It is always best to cancel before closing a DataReader object if you are finished reading any more rows.

The reasoning:

The close method of the DataReader class continues to read all remaining rows before it finally closes the object. This is a wasteful use of resources.

Best Practice #9

It is always best to use a parameterized command over dynamic SQL queries.

The reasoning:

This will improve performance and reduce the a SQL injection attack while also making your code much more easier to maintain.

Best Practice #10

It is always best to access tables through views and stored procedures over other methods like dynamic SQL queries.

The reasoning:

The stored procedures and views do not add any overhead to a SQL server while providing some level of indirection which allow you to change the structure of the database table without drastically affecting your client code.

Best Practice #11

It is always best to implement some sort of resultset pagination when dealing with results of 50 or more rows.

The reasoning:

Although not an easy task in most cases using this technique you can increase performance on both your server database and your client application as less overhead and network traffic is taking place at any one time.

Best Practice #12

It is always best to close a transaction as quickly as possible.

The reasoning:

When a transaction occurs one or more rows are locked which means other users or applications can not access them. By using as short of a transaction as possible you ensure the scalability and stability of your application.

Best Practice #13

Never rely on the default behavior of the DataAdapter object for managing concurrency issues with your database.

The reasoning:

The DataAdapter object relies on the underlying which will leave itself in an inconsistent state if an update occurs, this is because ADO.Net will only throw an exception and not resolve the actual conflict at hand.

Best Practice #14

It is usually best to implement a timestamp field when you are using optimistic concurrency.

The reasoning:

This will allow to more easily detect when another user has updated the database.

SQL Server is a very powerful tool when used properly. It can also come to a screeching halt if left to rot with no maintenance and poor planning. While the program itself is highly scalable it is still subject to performance bottlenecks and slow response times caused by inattentive administrators and developers. I have learned much about SQL Server 2000 in the past year many of those are the best practices used by other developers and senior administrators. I hope to share that information with you now so that those just starting out can learn from what I have learned.

Best Practice #1

Download and install and actually use the SQL Server Best Practices Analyzer tool provided by Microsoft.

The Reasoning:

This tool will scan your databases for any code or implementation issues that do not conform to Microsoft Best Practices standards. This should be the starting point on any existing or currently in production database you may have. Now you can take each recommendation with a grain of salt as the tool is probably not aware of every situation a developer may face. So therefore it is always up to the developer or administrator to decide which practices to put into place.

Best Practice #2

Never start the name of any stored procedure with the SP prefix.

The reasoning:

All system stored procedures start with the SP prefix. Naming your stored procedures in this manner will cause potential clashes as service packs are released potentially with the exact same naming as your previous stored procedure. This is highly unwise.

Best Practice #3

Apply the latest service packs and security packs

The reasoning:

With so many potential threats against a database keeping your system up to date will ensure data integrity. Keeping data integrity should be the duty of anyone either developing on the database or administrating the database.

Best Practice #4

Keep your result sets that you return from your database as small as possible.

The Reasoning:

Not only does this greatly improve performance but it makes the database much more scalable and better able to handle more concurrent users.

Best Practice #5

Avoid the Insert statement when performing bulk inserts into your database.

The reasoning:

The DTS or BCP utilities are far better for inserting information in bulk into SQL Server. These utilities are far more flexible then the SQL Bulk Insert statements you may want to use.

Best Practice #6

Keep your stored procedures as small as possible.

The reasoning:

If two users are accessing the same stored procedure at the same time then two query plans will be stored in the cache. It is far better to have smaller stored procedures call other stored procedures then one very large stored procedure. This practice makes maintaining the code a bit easier as well.

Best Practice #7

Analyze all your query plans using the SQL Query Analyzer to make sure they are performing at optimum speed.

The reasoning:

Getting to know how to use the SQL Query Analyzer is one of the best things any serious developer can do to improve performance in an application. Using this tool you can see where are the bottlenecks in your code and thereby increase performance by altering indexes or even re-writing stored procedures.

Best Pra