Sunday, August 21, 2005

The perils of stubbing out methods

I only have a single-thread brain. Sad, but true. I can only really concentrate on one thing at a time.

For example, when I'm writing, I like to stub out sections of code so I can some back and flesh them out when I've finished something else. Take thei example of some code in process:

Public Function GetString(AllTheString as Boolean) as String
    If AllTheString Then
        Return "You asked for all the string"
    Else
        'Add the 'Not-All-The-String' in a minute.
        'Why not make a coffee?
    End If

You get the point. I can deal with the other path the code can take at some point in time. Perhaps after a coffee. However, this approach doesn't work in SQL Server 2000. I'm sure it's well documented and whatnot, but it really did give me some grief earlier today. Take this example:

CREATE PROCEDURE ThisIsATest
    (@TestValue int)
AS

IF EXISTS(SELECT TheKey FROM TheTable WHERE TheKey = @TestValue
BEGIN
    INSERT INTO AuditTable(Event, Time)
    VALUES ('This value was found: ' + @TestValue, GETDATE())
END
ELSE
BEGIN
    /*I'll worry about this part in a minute
    I quite feel like a coffee roundabout now...*/
END

Hit the 'Validate SQL' button, and it'll return an error. A nice error? A helpful error? An error that might vaguely suggest that you might have a code path that doesn't actually so anything? No. What does it come back with?

Incorrect syntax near the keyword 'END'

Pointing at the last line of the script.

Took me ages of sifting through a long SPROC before I realised that was what it was trying to tell me. Bugger. All I was trying to dso was vlidate the SQL I had writen so I could move on to the other part.

Just wanted to share. Apologies for irrelevance and brevity, but it's late. All because of this very thing!

Saturday, August 13, 2005

Firsts, firsts and more firsts...

We're just starting a new project at work for the next few months. It's a fairly standard data mangling app, retreiving deatails about people, updating them stashing them back in a database. Nothing really out of the ordinary.

Well, it would seem that my team doesn't like to do the same thing over and over again (fair enough, neither do I!) so we're going to be doing a whole bunch of stuff that none of us have ever really done before. Our next project will be:

  • Written in C#
  • v2.0
  • in VS 05 beta
  • All developed on virtual PCs
  • Managed by Team System (Also running on a virtual server)


It's times like this that I really like not being chrged for by the hour. We had a meeting yesterday where we kind of figured that we can get the data-mangling parts written relatively quickly, so we could spend a bit more time doing nice twiddly bits for the UI. Nice. So there's going to be a few AJAX-easqe bits (I'm not even going to pretend that it's a new thing, but I'd never found a library quite as nice as Michael Schwarz' AJAX.NET for making it happen). IN real life, I;m sure we could knock something very dull rogether in a few weeks, but that would be it. It would be a very boring bit of kit. Just another in a long line of data mangling applications, And if I was being charged for by the hour, I'm sure that would suffice ('I don't care how boring it is, just do it as quick and cheap as possible!').

But I'm not. And that's cool. We get to learn new stuff (none of us have written in C# before) use new things (all betas, which is why we're doing it all on VPC's) and have some real fun (if you're into that sort of thing) with it.

Nice!

Just wanted to share.

Saturday, August 06, 2005

Disaster at Benjimawoo Towers!

Of all the keys that had to stop working after my little bit of clumsiness a couple of weeks ago why did it have to be F11!

Yes, I know I can change the default key bindings, but i'm too lazy to change them from the VS defaults and reconfigure every time I rebuild.

Grr! Just wanted to share.

Friday, August 05, 2005

Short-circuiting comparisons

This was one of those things that I read about and though 'Huh. When am I ever going to use that?' Turns out it's pretty useful at times.

VB.NET can short circuit comparisons using the AndAlso an OrElse keywords.

What's short-circuiting?
Short circuiting occurs when you have multiple comparisons on a line and the outcome is known before you get to the end of the line. Take the following line of code:
If 1=2 And 3=3 Then
'Do some stuff
End If


You know after the first part (1=2) that the comparison is going to return false, but the second part is still evaluated (i.e. the machine still checks to see if 3 does in fact equal 3). However, if you were to use this:
If 1=2 AndAlso 3=3 Then
'Do some stuff
End If


The machine skips the 3=3 part of the comparison. Just ignores it. It knows that since 1!=2 the result is going to be false, so it just skips over the second part.

So?
That contrived example doesn't look too useful. However, if we look at a real world example, all becomes clear:

Dim ds as Dataset = GetMyDataset()
Dim dr as DataRow = GetMyDataSet.Tables(0).Rows(0)
If Not IsDbNull(dr("FieldName")) And dr("FieldName") > 0 Then
'Do some stuff
End If


Because we're using the normal 'And', if the value in the row specified is null, the method will throw an exception because a value of type DBNull can't be cast to an integer. Although 'Not IsDbNull(dr("FieldName"))' returns false (because it is null) the second section is still evaluated. And because it's a null value, an exception is thrown.

However, if we use AndAlso, the comparison is short-circuited and it doesn't throw an exception:

Dim ds as Dataset = GetMyDataset()
Dim dr as DataRow = GetMyDataSet.Tables(0).Rows(0)
If Not IsDbNull(dr("FieldName")) AndAlso dr("FieldName") > 0 Then
'Do some stuff
End If


Because the first part of the comparison return false, the framework knows that the overall expression is going to return false, so it doesn't bother trying to evaluate the second part, and it doesn't throw an exception.

Needless to say, OrElse works in exactly the same way, but for Or's rather than And's.

It's come in handy for me a couple of times recently, anyway.

Just wanted to share.

Monday, August 01, 2005

Weeping update...

Although the title sounds like something you'd take to the doctor, I thought I'd offer something of an update to the last post I wrote about cleaning out my dad's computer.

As one kind commenter wrote, "it is far more productive to think of possible solutions"

Now I'm not proposing that I'm going to put a stop to all the various different flavours of intrusive marketing out there (blog comment spam, IM spam and the great granddaddy of them all, email spam), but I can at least make a note of what I did to try an alleviate the problem somewhat for my dad.

First, let me set the scene.

I have a teenage stepsister, and my teenage stepsister is a great one for IM, file sharing (although, as far as I know, it's all legal now) and generally caning the net for all its socially worth. She is also, at the end of the day, a teenager. Bit impetuous, bit naive, and a little too quick to believe popups that claim that her computer could be running quicker if she installed widget x.

I also have a father. He, like a lot of fathers, just wants his computer for invoicing, perhaps the odd bit of emailing, banking, and that's about it. He also once uttered the immortal line "Why couldn't they just leave it at Windows 3.01? Didn't it already do everything everyone wanted?". Hmmm. Although the gist of it was more about how computers have been getting more complicated than he wants.

So, to summarize:

1 teenage daughter who wants to use her computer to keep up with her mates, but isn't too aware that there are bad people out there who want to user her computer for slightly more nefarious deeds.

1 mature guy who needs his computer for work, but really doesn't want to have to deal with any more stuff to learn just to get his books done, which he's been doing in the same way since Office 97. Oh yes, and he hasn't really got time (who has, really, in the real world) to supervise her every online move.

I see a problem. How to secure his machine without adding the need for any more management. In fact, how to secure his machine network-wise without any apparent change in behaviour (of the machine, not him).

Well, the most thorough (and my preferred method) would be to start from scratch, stash all the documents and data away somewhere and spend a good few hours installing and configuring the machine to be nice and safe from (at least some of the nastier) nasties. Lock everything down, disable all the non-essential services, do some admin-type bits like shift his data onto a different partition from his system bits, stuff like that, and have everyone running on a non-admin account. However, although most of that would cause no noticeable change in the machine's behaviour, bits and pieces would require management, or to put it another way 'More bloody work'.

I would (and did), however, rightly or wrongly, hold short of installing a second firewall. My thinking is that with all the ports and services disabled that aren't needed, Windows firewall will be sufficient. It sits nicely in the background and slots in nicely with the rest of Windows Security Center. It doesn't have the learning overhead of a separate application.

I also whacked on MS Anti-Spyware for exactly the same reason. Although it's just a lightly re-branded version of Giant's Anti Spyware, it does at least integrate nicely with Windows and doesn't seem like too disparate of an app to learn. It's still quite consistent with (particularly the newer parts) the rest of Windows XP. I think I said before, it's perhaps not the swankiest, but it does at least do a reasonable job.

Those were the easy parts. Now came the hard part.

I started with turning the computer off.

I heard someone say once that the biggest security hole in any system lies between the keyboard and the chair. Any system (yes, ANY) can be compromised when you've got a real person pushing buttons at the business end.

So the most difficult part was getting my stepsister to take a bit of responsibility for what runs on her computer. I told her about checking for mysterious processes running in the background, what to do if she found one, how to check if something malicious was running and how to get rid of it. I told her about the perils of hitting 'yes' when asked "Do you want to enhance your browsing experience?". I went explained at great length (you ever tried to talk to a 13 year old girl about 'nerd stuff' for more than 10 minutes?) about how firewalls work, and what they do, and generally tried to make her a bit more aware of what's out there trying to get in.

The last part is the make-or-break factor. Everything before it is almost incidental. I can have an iron-clad OS, be running behind a rock solid firewall and have every scanner known to man running checking everything's OK. However, just like vampires, if I invite nasty things onto my machine, they (potentially) get a free rein over my computer. And that's the bit I really need to work on.

Oh to have longer than a short and hectic weekend to do it all in!

Just wanted to share.