Browsing Posts published in December, 2005

As usual, I’ve been reading voraciously about all things .NET and here’s a selection of articles and blog posts that every developer should read in their copious amounts of spare time over the holidays.

Our first stop is security… Security for developers has long been near and dear to my heart. So it should come as no surprise that I’m a big fan of Keith Brown‘s work. His articles on security for developers are very insightful and his book, The .NET Developer’s Guide to Windows Security, should be on every developer’s bookshelf. Keith recently published an article in MSDN Magazine entitled Encrypting Without Secrets, where he lays out a foundation for encrypting data (such as credit card numbers) without placing the decryption keys on an internet-accessible server. He uses a technique very similar to SSL where he uses public/private key cryptography (RSA in his example) to encrypt a dynamically generated symmetric key (AES aka Rijndael, pronounced rain-doll). You keep the private (decryption) key on a secure server in your back office and the public (encryption) key on your web server. Even if the web and/or database server are compromised, the attacker doesn’t have the decryption key to make use of the encrypted credit cards numbers he (or she) just harvested. Very cool stuff.

Our next stop is SharePoint land… Bil Simser has a great blog post that discusses why you shouldn’t use your lightsabre to slice cheese. (Because it will melt the cheese, silly!) His point is that although SharePoint is a cool tool, you should use it for what it was designed for. Like any tool, it cannot be all things to all people. A good developer/architect knows his toolset and knows how to pick the right tool for the job. When all you’ve got in your toolbox is SharePoint, everything looks like a webpart. If this is you, learn a few more tools so you can pick the right one for the job.

Last stop is the world of ASP.NET… There are a wide variety of ways to redirect a user to a new web page and ASP.NET 2.0 adds some new tricks. Ting-hao Yang enumerates the options, including pros and cons of each technique, in this blog post. A very worthwhile read for anyone doing ASP.NET development, either 1.X or 2.0.

I present to you, my dear readers, this humble set of links that I’ve found helpful in my own learnings in the arcane (sometimes black) art of SharePoint development. Honestly I’ve had this list kicking around my desktop for a few months and have been meaning to blog about it. (I put them together for a course that I taught on SharePoint development and webparts awhile ago.) So hopefully you find them useful on your path to SharePoint greatness.

Let’s start with the basics on SPS architecture and webparts:

That’s fun, but is there a webpart template that you can use in Visual Studio 2003? I’m glad you asked:

That’s all great, but I hear that you can connect web parts together and do other funky things. Where can I get a more detailed discussion on creating advanced web parts?

What if my webpart needs some external resources like an image or client-side script. Where do I put it? And what’s the difference between wpresources and _wpresources anyway?

OK, all this webpart stuff is really cool, but I’m feeling lazy. How can I drag and drop my way to a webpart like I do with ASP.NET User Controls?

But I want to code a really cool webpart that might not be granted sufficient permissions by CAS. What should I do?

Now that I’ve finished developing my webpart, how can I easily install it on a production server?

I’ve got a bunch of content that I want to move from one server to another. Do I have to code up some gnarly T-SQL to make it happen? No, just learn your way around stsadm.exe and smigrate.exe:

I still need more information. Where should I start looking?

For all things SharePoint, don’t forget to subscribe to Bil “SPS God” Simser’s blog.


And what, you might ask, does this have to do with System.Web.UI.WebControls.WebParts in ASP.NET 2.0? Not much, but that’s a post for another day…

If you’re running as a non-admin (which you know you should be), you are used to Right click… Run as… if you need to execute an application that needs admin privileges. This is easy and good. This even works for installers that are packaged as EXE. The pain is when you want to install a MSI package. Right click… and there is no Run as… option. So you do what I do, which is launch a command prompt as an admin user, browse to the directory containing the MSI package, and then execute from the command line. Or if you’re Michael Willers, you hack the registry and add an Install as… option. Doh! Why hadn’t I thought of that? Great idea, Michael. His steps are reproduced below:

  1. Run regedit.exe under an account with administrative privileges
  2. Create the key HKEY_CLASSES_ROOT\Msi.Package\shell\runas\
  3. Set the default value to Install &as…
  4. Create the key HKEY_CLASSES_ROOT\Msi.Package\shell\runas\command\
  5. Set the default value to msiexec /i “%1″

Michael’s link to the reg file isn’t working so I’ve duplicated it here.

If you’re a developer like me, you can appreciate an aesthetically pleasing website, but couldn’t create one if your life depended on it. Oh sure, I can sling HTML, DHTML, CSS, and JavaScript with the best of them, but I’m an implementer, not a graphic artist. So what to do if you’re too cheap to hire a graphic artist (or too lazy to deal with cross-browser compatilibity)? Microsoft has released a series of pre-built templates with some nifty features for ASP.NET 2.0. A wide variety of ASP.NET 2.0 features are used in the templates, ranging from Master Pages to Profiles to Themes to new ASP.NET controls. So go check out the ASP.NET 2.0 Design Templates.

No, I’m not confused. Read on and all shall become clear…

Since the dawn of time*, the conditional-expression operator, ?:, has confused C-language newbies for generations. Not to be outdone, C# 2.0 has introduced the ?? operator. This is a little known addition to the C# language that has an interesting use – besides confusing VB developers, that is. Consider the following code:

if(title != null) {
   return title;
} else {
   return string.Empty;

Basically you want to return a default value if your reference is null. If your type happens to be a string, this could be a shared instance (such as string.Empty) or “Default Value” or something else. Other reference types (or Nullables) could do something else.

This isn’t hard code, but it is a fair amount of typing. So many would shorten it to:

return (title != null) ? title : string.Empty;

Checking for null returns is fairly common, especially in database work or when reading from config files. So C# 2.0 introduced the ?? operator:

return title ?? string.Empty;

This does exactly the same thing as the previous two examples, just with less typing. Another interesting use is when working with Nullables:

int? x = ReadFromConfig();
// Do some work
int y = x ?? 42;

It will take awhile to get used to, but is an interesting addition to the C# toolbox.

* The dawn of time is roughly sometime in the early 1970s.

Alright, I’ll admit it. I’m probably the second to last VS developer to figure out how snippets really work. I’m writing this post in the hopes that the last developer finds this…

Code Snippets is a new feature in VS 2005. I’ve been using them via the somewhat laborious Right Click… Insert Code Snippet… scroll to the appropriate snippet, double-click, and it’s inserted. Then you fill in some information. (For instance, if you insert a “for” snippet, you provide the name of the iteration variable and the length by tabbing between the fields. Press Enter and you jump to the insertion point in the loop where you can start coding.) You can put this to great use both for repetitive coding tasks like properties, events, etc. as well as during demos. (For everyone who does technical presentations, I can read faster than you can type – especially if you take into account the inevitable typos. I’d rather watch you debug through the code and explain it rather than watching you fumble your way through Intellisense.) The problem, especially for repetitive coding tasks, is the time it takes to go through the dance – Right-click… Insert Code Snippet… etc. Yes, there’s a keyboard shortcut (Ctrl-K, X), but it’s still time-consuming to find what you want in the list. Then, I noticed the “shortcut” defined for snippets. After some quick digging, I found this document that outlines the 5 different ways to insert code snippets. The best way, once you know the shortcut, is [shortcut]-TAB-TAB to insert the snippet. (i.e. for-TAB-TAB) This is fantastic for the snippets you use frequently.

I also like the simple format for snippets. You define variables for replacement by enclosing them in “$”. For example $classname$. If you repeat the same variable twice, it automatically updates when you change the first instance. You can also specify default values and prompt text. This means that it’s super simple to create your own snippets for common tasks. Roland Weigelt (creator of the AWESOME VS addin, GhostDoc) has crafted up code snippets for an NUnit test, events, properties, and debugger break. I created my own property snippet based on Roland’s for the way I prefer to define properties. The actual code for the read/write property is:

private $type$ m_$property$;

public $type$ $property$ {
  get { return m_$property$;}
  set { m_$property$ = value;}

It doesn’t take a proverbial rocket scientist to figure out how to code your own snippets.

Once you have your snippet created, simply drop it into %My Documents%\Visual Studio 2005\Code Snippets\Visual C#\My Code Snippets and it will immediately appear in VS 2005. You can also add new locations to search for code snippets via the Code Snippets Manager (Tools… Code Snippets Manager… or CTRL-K, CTRL-B.)

Code Snipets are a fantastic addition to make a developer’s life more productive. You’ll definitely be seeing me using code snippets in upcoming presentations. Although I’m a reasonably fast touch-typist, one’s ability to type varies inversely with the number of people wathcing.