What stops you from telecommuting ?

I'm surprised that no one mentioned this yet, so maybe it doesn't apply to everyone, but I have an issue with working from home, and that is that the family doesn't appreciate that although I am home I am actually working. This means that at any given time, I have to be available to go shopping, look after an unwell child or just simply babysit, etc.

I know you said a MS standpoint, but what about getting familiar with Mono? You know C# and .NET already, so how about learning how to run it on other platforms? I know if I had the time that is what I would do, even if it's just to see for myself what the differences are.

The following is the response I received from the article's author, after asking the same question via email: ----- Start Email Response ----- Hi, Here's a copy-pasted email I just sent someone who asked a related question: ------ Even if you are hashing the password on the client side, you still have to hash on the server. Because if you just hash in the browser, then the hash "becomes" the password in the sense that the hash value is all an attacker needs to get in to someone's account. If a bad guy hacks into the database storing all of these values, then he'll have immediate access to every account. So regardless of what you do in the browser, you still need to hash on the server. [ the original sender was worried that looking up the salts would let an attacker test if usernames are valid without knowing the password ] Anyway, if you do hash on the client side too, you're right that you really don't want to let an attacker test if usernames are valid. Since you're still hashing on the server with a random per-user salt, it's OK to sacrifice randomness for the client-side salts. I recommend combining... 1. The username. 2. A website-specific string (e.g. the domain name). ...to make the client-side salt. It's not guaranteed to be unique (e.g. domain changes ownership), but it's very likely to be. It's good enough. Another thing to consider is that not all users have JavaScript enabled in their browser (I don't), so whatever you do, the system should fall back to emulating the JavaScript hashing on the server if the user isn't running scripts in their browser. ----- I'll add this to the FAQ or to the main article since it's very important to get right! Thanks! havoc ----- End Email Response -----

Looks nice and modern, a job well done! Would you mind pointing out the resources you used to develop the design? I ask because I like how it is Modern (Metro) based, without actually looking like a part of windows. To me this is important, as it will sell well with all users, not just Microsoft/Windows users.

From my experience, the best way to learn is to read as much as you can, but at the same time to write as much code as possible. There are a number of sites out there with programming puzzles, which you may find interesting and instructive. A good mentor is also an excellent way to learn those subjects, as they should be able to help guide you from experience, which is the best way to learn any subject. Code reviews are also a great way to gain experience. Thing is, I think most of programming theory is going to be opinionated. Look at what's happening with the MVC pattern today: There is MVC, MVP, MVVM, there are even frameworks out there that just call themselves MV-Something or MV*. All of them are slightly different, even those that call themselves MVC. Patterns are a shared language for design, not a particular implementation, so sometimes they are interpreted differently, or can/should be implemented differently in a particular technology. Remember to keep an open mind: there is always more than one way of accomplishing your goal.

Accepted standards for programming should theoretically be the same for most languages, such as using recognized Design Patterns. This can depend on the type of environment you are working in, which can be desktop, web, mobile, cloud, etc. There are plenty of blogs and sites out there that discuss these issues. For more information on .NET Garbage Collection and IDisposable/Finalizers, you can check out the following links: Garbage Collection[^] - Covers Garbage Collection in .NET, with details about the how it works. Cleaning Up Unmanaged Resources[^] - Discusses Disposing and Finalizing in .NET.

At least he made it a Private function, that is one good thing!

Regarding the issues, there are a few more, like initializing a variable only to re-initialize a few lines later, and others. In .NET especially, there is connection pooling for database connections, meaning that even after you close a connection, the connection is kept alive by the framework, and next time you open the connection, the existing connection will be reused. No comment on the Singleton pattern. It is considered a best practice to always call the Dispose method on a Class that implements IDisposable. This is why there is a

using (resource) { }

construct built into the language. Classes usually implement IDisposable to indicate that they are using external resources which need to be released once you are finished with the class. In .NET, once a method has completed (returned), any instances created that have no other references can be collected by the Garbage Collector (GC). However, because the GC decides to clean the memory in its own time, this can sometimes mean that instances remain alive for longer than necessary. For example, on a computer with a lot of RAM, the GC may not run for a long time, as there is no issue with Memory. Another issue with relying on the GC is that the GC will not call the Dispose method on an instance, as it doesn't know anything about IDisposable. What it does is call the Finalize method (known as the Finalizer), which all classes inherit from Object. However, the way in which GC calls the Finalizer means that the instance has to be kept alive for longer than absolutely necessary, at minimum until the next GC collection. Additionally, not all classes necessarily implement a Finalizer. If a class used external resources, such as a file or a database connection and doesn't release the resource, the external resources may remain inaccessible even after the .NET application closes.

You're not the only one with these issues, check out this article on The Daily WTF: http://thedailywtf.com/Articles/The-ProgramGenerator-Program.aspx[^]. Enjoy your weekend, Schmulik.

This is what I was thinking as well, which is why I looked at all the responses. The only I would change, in .NET 4, is to use the HasFlags method of enum:

var rolesList = user.Roles.HasFlag(userRole) ? inRoles : outRoles;
rolesList.Add(roleName);

This also means no brackets are necessary.

It should be noted that the URL does not appear to work! Anybody try following it and successfully got to a SQL Server download page? I know I couldn't, although it may be a local thing. Or maybe it is just such an old message that the link is not valid anymore? Also, notice how the message reads "require sql server 2005 express or sql server 2005 express", what's the difference between the two options?

Could you please elaborate further on architecture visibility and what features you find most useful? Schmuli

I have been working in a 9-to-5 job as a programmer for the last 3 1/2 years. I started with C# and after about two years moved to Java. At the time, it wasn't my choice to make the move to Java, rather the company as a whole decided to move to Java because of cross-platform requirements. Now however I'm between projects, and although I decided to continue with C#, I have received an offer for a job in Java. The opinion being used to convince me, is that the language and frameworks are not that important, rather the knowledge of how to program correctly is what is important. Whilst I agree that language is not that important, I still have, for some reason, a stronger desire to work in .NET, but can't seem to place my finger on the exact reason (or at least express it in words clearly). So, my question to everyone is: If you were in such a position, why would you choose to program in your chosen language/framework? Schmuli. P.s. I don't think the cross-platform argument is relevant, because if it is required then .NET is not really option to begin with.

First of all, I have to say I agree with you completely concerning lack of high-quality tools for working with databases. I would like to point out that Red-Gate do have some very good database tools (although, mostly for MSSQL), including support for version control. My issue with writing all the data access code in the code-base, rather than the database, is that you are still writing SQL! How ever you look at the issue, you still need to write SQL in order to manipulate database and extract/update data. The only difference is where it is written, and I don't believe that writing classes and functions are any better than writing sprocs. If you think that only sprocs are copied in order to make small changes, or that only sprocs are prone to remain around for years for fear of deletion, why, check out The Daily WTF for multitudes of cases where the same (and worse) happens to code. I think that the best conclusion that can be made from all that has been shared here, is: we need much better development tools for databases. Tools that make it much easier to write, test and debug SQL (and vendor-specific SQL-based languages). Tools that make it as simple as VS or Eclipse to search and view dependencies and references between database objects. Tools that make it as simple as one click to commit, update and merge version-controlled database objects, and I don't mean exporting a DDL file and versioning that. Of course, this still doesn't mean that any developer that knows a little C#, VB.NET or Java, can now become an automatic expert at SQL, even if this does seem to be expected by most job advertisements.

Is it just me, or is this how it should be, always, in order to be a developer (not just productive)? That's like saying: in order for me to be a good driver, I need a car that has gas and working brakes. Obviously, this is generally not available, but that is because of negligence and/or bad project scheduling, in my opinion anyway. To be a productive developer, I would say a private office, with a decent setup, i.e. a comfortable chair and desk, an up-to-date computer and so on.

As almost everyone has replied previously, generally comments appear above the code or inline. In the world of academia, where real-world applications, programming teams and programmers are sparse to non-existent, you may find lots of things that are different to what really goes out in the real-world. That being said, although I may be wrong, there is one time when I will put a comment after the line of code, and that is in the case of 'else'.

// This explains what will happen when 'condition' is true
if( true )
{
...
}
else
{
// This explains what happens in other cases
}

I'm not sure what others do in this case, but then again, it is very specific, only appears inside a function block, and is pretty clear when reading the code.

Have you thought about using built-in functionality available in the .NET framework, without having to P/Invoke first? In the System.Data.Sql namespace (in the System.Data dll), there is a SqlDataSourceEnumerator class, that, "Provides a mechanism for enumerating all available instances of SQL Server within the local network." Schmuli.

Could I suggest you look at CultureInfo Class[^] for more details on culture specific formatting. Specifically, look at the TextInfo property and what it represents. You should then understand why your statement is incorrect in this circumstance.

I would have to say, having read most of the previous replies, that this is one of those cases where there is more than one way to perform one operation. In this case, converting a non-string into a string value. Saying that the returned value from Boolean.ToString() should be lower-case just because XML defines the string definition of a Boolean as such, means that at some point, when you expect upper-case, the framework is again unreliable. As pointed out, and the XML classes in .NET, such as XmlWriter, already do, you can use the XmlConvert class to get a XML representation. For example, when using an XmlWriter, there is a WriteValue(bool value) method, which will handle the conversion in a similar manner.

It is my original intent to use the blog as a way of keeping track of stuff learnt each day. I don't expect to have a crowd, or even more than myself viewing the blog. Hopefully, one day when the blog is going strong and I do have some followers, I will then move to my own domain. Exactly because this is yet another programming blog, I don't want to make a big deal out of the start. On the other hand, if I use a good blogging engine now, that will encourage me to keep on posting, plus, the blog is in a place that gets good views, this will help prevent me from abandoning the blog, and will also, one day, make it easier to transition to my own domain. There are lots of good blogs out there that are not hosted by their author's domain.