The Strong Coders Community will be hosting its Ask An Expert Live chat on Thursday, May 1, 2008 at 6:00 PM Pacific Time and I've been invited to sit in on the expert panel.

 

Get your tough development questions answered by Microsoft MVPs, Regional Directors, and other industry experts. Community experts will be on hand to answer your .NET- and Visual Studio-related questions. No off topic questions please.

 

Please note that questions regarding upcoming products and future product specs might not be answered.

 

 

MSDN Online Chats - http://msdn2.microsoft.com/en-us/chats/default.aspx
Chat Room - http://www.microsoft.com/communities/chats/chatrooms/msdn.aspx
ICS - http://www.microsoft.com/communities/chats/vcs/08_0501_msdn_DEV.ics

 

DDD Community Event.  May 3, 2008. More at Plip's.

 

.NET Valley Pre-Bash Party at Sidel's

Wednesday, April 30, 2008
5:30 PM - 8:30 PM

If you've never been to a Pub Night before, you don't know what your missing. It's time to roll up the sleeves and dig in to some great food from Sidel's. We'll have Bruschetta, Fried Mozzarella, Antipasta, Tortellini salad, Mini-beef Wellington’s, and Shrimp. It all begins at 5:30pm. We have limited seating available so if you're sure you'll be there, register today!

 

WOOT!

 

 

 

Philly.NET Meeting

Wednesday April 23

 

Brian Donahue, Vitreo Solutions The Evolution of TDD

 

Test Driven Development has been gaining prominence, and many developers recognize the value it provides. Still, TDD adoption can be a slow and painful process, and often results in early abandonment as challenges mount. Many believe the current body of TDD knowledge puts too much emphasis on testing implementation details, and not enough on testing behavior. Behavior Driven Development (BDD) takes a more focused approach to TDD that can help clarify the testing process, and create a meaningful, readable suite of tests that not only helps you and other developers understand your application, but can be used to show your client that the application is meeting their needs. When developers, customers, and managers can clearly see the value of writing tests, everyone wins.

 

Alfred Thompson's posted a few times about the necessity of having computer teachers and applications classes in K-12 schools.  Although I train adults how to program and help advance their careers (most haven't seen the inside of Varsity High since their 10th anniversary reunion), I couldn't agree more.  I'll share some thoughts on this since in my neck of the woods I am the local 'go to geek' and I do get asked this kind of question a lot. 

So why do schools need computer teachers?

• Not all kids are just born with computing skills despite the stereotyped image that youth = automatic electronic wizardry.  It's just not so. Just because they can text their friends, rack up cell phone bills and play Xbox, that doesn't mean they have real computing skills. 
• Not all kids are that adventurous, ambitious or willing to explore new subjects.  Not all kids will figure it out on their own, because they just don't want to.  Just think, how many do this with Grammar?  Not many. Some kids are more adventurous in history or some other subject, rather than computing.  Alfred touched on this but his point was mostly in relation to the OLPC (one laptop per child) program and lack of teachers in areas those laptops go to.

And, what about what the computer teachers should be teaching?

• Computer teachers need to teach students what is important for a career in computing the same way that the Spanish teacher demonstrates what's important if your career will be in linguistics. I have a big point to make here.  So many non-IT people come to me thinking that typing skills = computing skills.  I hope I cannot be more clear when I say NO NO NO NO NO, that's not so.  I know great admins and developers who can't type so well.   Just because I happen have a career in IT and I happen to be able to bang out 150+ WPM doesn't mean that fast typing is the whole of my job, or even all that important.  Much, much more important are the logic, reading, analysis, communication & team, mathematical, problem solving and logic (did I say logic :)) skills than typing.
• Kids need to learn the foundations of computing, basics in computability theory, the history of computing, key figures like Alan Turing, what's possible with computing, including an intro to Artificial Intelligence, robotics,  and social computing (did I get it all?).
• Kids need to learn how computing devices, theories and technology can solve real world problems.  I really believe that technology has the potential to make the lives of so many people so much better, especially in the not-so-developed or developing countries.  I want our kids to think so too.

Notice I didn't include any specific vendors like Microsoft or applications like Word, Excel.  Specific applications change too fast and the kids won't get any long lasting knowledge from them (for more on apps, see this post from Alfred).   I also don't think kids should be inundated and certainly can't learn every detail of these rather advanced theories.  They can, however get a lego robot kit and play with it in a class, they can learn a little about AI basic concepts and think up scenarios for more life like machines and they can see how key figures shaped history to bring about the programs and devices that they use today like cell phones, games and the Internet.  Knowing those things will be the most valuable (I think so anyway).  I believe the fundamentals like these are the topics that will allow students to dream, drive innovation and be successful if they do so choose a career in computing, and help ease their pain as a user of technology if they don't.

Particular applications can be integrated nicely into other classes for an extra added bonus.  If a student has an essay due, they can use their favorite word processing program to type it out. And yes, the computer teacher should be there to assist them with using that word processor, for example if they need to add in bullet points to that essay. 

 

Download Exception Management Strategies & Best Practices

Download Accessing Data using the ObjectDatasource

 

I am giving a presentation titled "Exception Management Strategies" at Luzerne County Community College for the .NET User Group's monthly meeting.  If you haven't done so yet, please register and I'll see you there.

 

That's this Saturday folks!

Where: Harrisburg University (downtown Harrisburg, Pa)

When: 8:00am-4:00pm

What's the scoop:  There are several sessions you can attend, and you are should to register for the event.

I have two talks: Exception Management and Using the ObjectDataSource/Data Source Controls in Web Applications.  I'll be posting the slides and samples after the code camp.

 

I’m often asked to assist with some basic exception handling strategies for code. Below are a few exception handling pointers and hopefully expand on them in later posts.

· After identifying suspect code, determine if it will benefit from exception handling, the tester-doer pattern or the try.parse pattern. There are some times you won’t want to use a try/catch, (e.g. check to see if a connection is closed first before closing it rather than wrapping the close call in a try catch).

· Where possible, catch specific exceptions, not just System.Exception. (i.e. If you know the exception to be caught will be a SqlException, catch that)

· Don’t use return error/success codes and rely on other developers (or yourself) to use or check the value of return codes. More often than not, return values/codes from a function are just wasted.

· Exceptions aren’t always errors. Exceptions can represent errors but they can represent anything that isn’t ordinarily going to happen during the execution of your code, and that isn't always an error.  

· Use the finally block. You’ll be able to save half the coding and coding around other code you’d normally need to do without it. If you don’t use a finally block, not only will you have to check for specific states of variables yourself to cleanup code when an exception has occurred, but you will have to check these flags/variables again when things run smooth.  Finally trims code and makes things smoother.

· Make sure the state of the application hasn’t changed after the exception. There is one of two states that you want to leave an application method after an exception, 1) the state the app was in before the method call or 2) as if the method had never run before.  Either way, if an exception occurs, you have some work to do to make sure the app state is solid.

· Users should never have to see or deal with an exception that has been bubbled all the way up the stack. Not only does break the state rule but the user has just lost confidence in this application.   The only worse thing you can do to the user now is to have the app hang all day.

· Log all exceptions. By logging all exceptions, you can generate information, metrics and reports about the internal state of the program to perform diagnostics and create a better quality version next release.

 

Software developers need to be aware of security but oh so many aren’t.  Security shouldn’t be an afterthought, it should be right up front with the rest of your project’s requirements and built in from the start.  We should always think about being secure and developing our applications securely.  Nowadays we cannot leave it to the systems administrator to lock down a few files or directories for us, we need to be proactive in our approach and development methodology, as it’s our responsibility just as much to ensure that data about our customers or coworkers is safely kept and transported.  Here's a few security related issues to think about when starting your next development project:

Evaluating Threat Potential & Risk
Preventing SQL Injection
Preventing common attacks (buffer overruns, xss scripting, etc…)
Encrypting data
Securing the layers
.NET Security specifics
    Securing the web.config file,  IIS  & ASP.NET
    Forms, Windows or other authentication types
Database security
Human factors

 

Use the above list (and there’s more to be aware of, but for now this will have to do) in your next project, and you’ve already taken steps to make your apps a little more secure.  I will try to break out some of these items and write more about them in upcoming posts, but this is definitely something to get you started thinking about security, andI cannot stress enough to developers to focus on this area more.

 

Tatiana Apandi from O'Reilly has recently published a Women in Technology: Hear us Roar series housing several articles from prominent women in the technology business.  So far each article has been a great read, and I expect the rest of the essays to be just as fantastic.

Way to go girls!

 

May 19^th : TECHbash 2007.

This is for both ITPros and Developers, there's several sessions available as well as tons of free software and goodies.  There's still some room left so register now!

May 15th : Central-Penn.NET Meeting, presentations by David Laribee:

Drive by Enterprise Library 3.0: Validation and
Test Driving NHibernate and the Domain Model

May 15th : Lehigh Valley.NET User's Group Meeting

Peter Laudati from Microsoft will be presenting this month.

May 16^th : Philly .NET Code Camp

It's the pre code camp kick-off PUB.NET night at Philly.NET.  There are no more seats available for the Philly.NET Code Camp on May 19th, so you might want to catch this meeting instead. 

 

Jason and I have been working on some projects together and have had this problem bugging us where the data in a certain table was 'mysteriously' deleting itself (re: this post).  We had checked a particular stored procedure and despite both of us having looked it over many times, we just didn't see that little extra "@" character stuck in there (oopsie).  What we saw was what we humans wanted to, not what was actually there.

This reminds me of those emails you get where you are asked to comb through a paragraph and count the number of times the letter 'F'

Finished files are the result of years of scientific study combined with the experience of many years

There are 6 letter F's in this paragraph.  Most folks skip over the the word 'of' and only count the letter F in the larger words.  Humans skim when we read.  The computer does not.

Here was our procedure (table names changed to protect the innocent)

ALTER PROCEDURE [dbo].[ProcedureName]
@EmailAddress varchar(256)
AS
IF EXISTS (SELECT TableID from The_Table_Name_Was_Pretty_Long
WHERE EmailAddress=@EmailAddress)
BEGIN
         DELETE The_Table_Name_Was_Pretty_Long
         WHERE @EmailAddress = @EmailAddress
END

Obviously now the WHERE @EmailAddress = @EmailAddress should have been WHERE EmailAddress = @EmailAddress.  Indeed, the computer takes your instructions very seriously.

This is fairly common phenomenon though, I see it in my classes every day as well as in the field by both novice and experienced professionals.  The simpler it is, the easier it is for you to overlook it.  If only that machine could just read our minds!

This also reminds me of the words of Charles Babbage

"On two occasions I have been asked, 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question."

I know I said this last time, but really, next time I'll be look more closely and be more careful.