Why there are so few rock stars in development (aka, why so many advanced devs suck!)


Before I get into this rant, I want you to know that the information here is constructive criticism (just in case someone recognizes themselves in my rant). My point here is not to gossip, naming names of the people who have caused me extra work. Seriously. The people I am talking about here are pretty advanced developers and do some really rocking work. But, they all suffer from a bit of suckiness.

One more thing. I am sure I have some suckiness in myself, as well. So, I am potentially throwing stones in a glass house. But, I gladly welcome finding out where I suck, because I think admitting your suckiness is the first step (of twelve?).

What I am talking about here are some things I think are so basic I cannot believe there are people at this career level that are still doing them.

Rock stars

I live in Nashville, TN, a metropolitan area of 1 million plus people. Nashville is a .NET town. Of the people floating around, there are probably a few dozen rock stars who code .NET in this city. And, the consulting groups kHarnow who these people are. Today, fewer and fewer of the rock stars are floating, leaving a consulting glut of sorts. A main reason for this trend is companies are treating talent better and giving good compensation. Don’t get me wrong, there are still a few hellholes in Nashville. And, if you are an unknown guitar god, and you work in one of these hellholes, you are underselling yourself. And, yes, this post is aimed at at least one hidden rock star I know.

Nashville is not unlike other towns. I know people all over America are clamoring for .NET talent. Despite the fact my own resume is not even showing, I am still having people find me and send me offers. For the record, I am not interested right now, as I have a very good position at this time.

Stupid Programmer Tricks

Okay, I am now ready for my rant. 🙂

Security Faux Pas

I recently got a look at a Flex Framework app that really rocked. The GUI looks like a lot of things from this particular group, but that is not a bad thing. I would personally have loved to use Silverlight, but it is a bias thing, as I have not played with Flex yet (may be on my plate soon?). I got a chance to rip through the app last night and found that I can log in as an administrator this way:

http://www.thisapp.com/login.asp?userid=2

Yes, that is a traditional ASP extension. I am not overly worried about that, however, as I can rework the container rather easily. My biggest issue is userid=X. If I were hacking a site and decided sniffing was in order, don’t you think I would look for querystring arguments that circumvent authentication? I suggested that we use the Membership bits from ASP.NET. We cannot use them out of the box, of course, as the user has soem additional adornments I do not feel like sticking in a single string in ASPNET_Profile, but a custom Membership provider will do me well.

In case you are a bit of a newbie, or someone questioning why this might be bad, let’s go through this quickly. There are two ways to request pages on the Internet: GET and POST. A GET sends all of its parameters on the querystring (that means something anyone can see in the browser’s address bar – worse, something anyone else getting on that computer can pull from history). A POST is not necessarily safer, without SSL, but it does hide from the "internal hacker" who looks over the user’s shoulder.

It’s the Metadata … Stupid!

This one is a personal pet peeve. I go into a website and I find a drop down hard coded in the code behind. WHY? I can understand an enum, in many instances, but drop downs, in general, should come from some form of persisted store.

Let me tell a story to illustrate this. We have an application "suite" (too tightly coupled, another pet peeve) that includes a backend "listener", with a "parser", and a website. There are other pieces, but these are the important pieces. We create a new hardware "unit" (we do GPS tracking) and add a new feature. The new feature does not work. Why? The "parser" cannot properly translate. Why? Because the information coming in comes in two different fields and has to be translated to a single event.

Since none of that probably made sense, let me break this down and then give you a proper solution to the problem. The unit sends in two pieces of information. First there is a flag that corresponds to a particular register, and then there is user information to tell you how the reigster is set. For example, I get the following (not real values, but an example):

Register     User Info           Means
10               0                       Vehicle Ignition turned off
10               1                       Vehicle Ignition turned on

In the application, these translate to 10 and 11, let’s say. So, now we have a new event (100 and 101 in translation, but register 12, user bit 0 or 1 in the unit). Since the "parser" does not understand 12/0 and 12/1, it simply turns it into a 0, which corresponds to "unknown".

The solution is simple. Create a metadata table that has the register and its value with an event type. But this was not thought of. In fact, it seems NOBODY in the industry does this. Now, certainly there are differences from manufacturer to manufacturer, which is why this has not been thought through. Each one does it slightly different. But, there is a way to represent each manufacturer in its own table and translate to a single 10 and 11 in the database that serves the website.

This one is a bit more complex, but I have found that nearly all of the values are not in the database. They are coded in the code behind. I will give a bit of leeway to the developer, as there was a serious time crunch on the application. But this person is rather advanced and should be determining "enums" (lookup tables in the database schema world) before coding his application.

Why do we have this problem?

To put it simply, there are very few people who consider development a career. It is a great paying job for far too many. Compound this with the fact that so few consider their code something they are placing their name on. And this is compounded by the fact that it is hard to really screw up your career when everyone is drooling for advanced devs, esp. at the "right price". This means one can work a 40 hour week, in many instances, and not spend one moment learning after hours, and still make close to six figures.

It is not helpful that we end up with two types of interviewers. The first asks questions he has pulled off the web, that everyone has studied. Once they realize the dev is advanced, they do not ask any basics. At the other end of the spectrum we have egotistical bastards who want to prove they are God’s gift to programming. These are the jerkwads who really piss me off. You will often here them say things like "Oh, Scott Guthrie could never get a job here as our standards are now too high". In general, these types try to make interviewees cry.

BTW, the comment is a real person, but he was not demeaning Scott Guthrie in real life. But then, you would not be in tune with the person he was demeaning, so Scott makes a great example to give you an idea how incredibly stupid the comment was.

The first interviewer is trying to do the right thing. The problem is he let the interviewee control the interviewer. To be honest, I am often the interviewee that controls because I am tired of answering "that would be the code behind page Dave" types of questions. If you are also tired, just hit one out the park when you get the soft ball. Things like "the difference between displaying data in a table in ASP and ASP.NET is looping versus binding. Although, when you decompile the .NET classes in Reflector, you find it is actually looping". Bing! No more basic questions. But, the interviewer should ask the basics. Not those types of basics necessarily, but make sure you cover the issues you have seen advanced devs really screw up.

Interviewer type 2 has one of two agendas:

  1. Wants to prove he is smarter than you
  2. Wants you to validate his development skills

Person one is easy to spot. When you start knocking everything out the park, and he realizes you should be his boss, he throws in something like "name all of the methods on the Iscrewyou interface in the System.SomethingReallyImpossibleToRemember namespace". This is normally in a phone interview, and he is looking it up. One possibility, if you are a quiet typer, is to name all of them and then state "but only an idiot would actually use that interface". The other, which I have used is "well I can see that this interview is over". Numbnuts then said "no it isn’t, because I still have a list of questions to ask you". My answer, "yes, it is, because I am hanging up on you now". You can’t win this interview, unless you bow down to the demigod in front of you. If he really is smarter, you might take the job to learn. But, if you smell BS, you don’t want this job.

Person two is also easy. After he asks you how you would solve X problem, he will then ask something like "well what if the person did Y instead". This is a strong clue that the interviewee did Y. If you think Y is really stupid, you also don’t want to work there. So, the proper answer is "why would someone do something that stupid" and get yourself excused from the interview as quickly as possible.

BTW, there is nothing wrong with answering an interview question "I don’t know, but I know where I can find the information". In fact, provided you meet our needs, I will give you extra points if you don’t know but can show me where you would find the information. Nobody knows everything!

And, this leads me to my point. one of the reasons so many developers suck is they are afraid to answer "I don’t know". Add this to the fact that most developers are trying to show they can mark higher up the tree (dog reference) and you have a cluster waiting to happen.

There are a few books I think every .NET developer should read … numerous times:

  1. Design Patterns – dry as hell, but you have to understand patterns to work efficient in an OOP paradigm
  2. The McConnell triplets
    1. The Software Project Survival Guide – every manager should read this too
    2. Rapid Development – Understanding how to define before you build
    3. Code Complete – these are the basic rules
  3. Refactoring: Improving the Design of Existing Code

I have more, but if you understand patterns, the rules, why projects fail and how to refactor code (the last is a major pet peeve of mine), you have tackled most of the basics. If you want a different patterns book, that is fine. I also think Refactoring to Patterns is a very useful book, to make sure you are not a man/woman with a hammer, just searching for nails. To get these books will cost a few hundred, but they are worth EVERY penny. As an aside, the $20 you spend on buying your boss the Software Project Survival Guide will be worth the hair you save.

Wrapping this up

I know a lot of rock stars in my town. I know even more rock stars from my association with the Microsoft MVP program. Yes, not all MVPs are rock stars, but there are many that are. And, to a person, I have noticed that all of them are excited about software. They are living their career and not merely doing a job. They will spend time after work learning technology.

As time goes on, the rock star will take less time learning most new tech (there is some, however, that is just plain hard – most of this type of tech dies out unless it is compelling), but they do not give it up. The reason they spend less time is they realize that they can always learn MVC, but they will never have a daughter’s first birthday …. ever! You miss it, it is gone.

If you are a rock star, you know this already. And, you probably do not even think of yourself as a rock star, although you do know you know a lot (and you know where to find the stuff you have not memorized). If you are not a rock star, this is not rocket science. It is never too late to go back and learn the basics. Consider Tiger Woods. Years at the top and he takes a year to relearn the basics. That year, his game sucks … but he came back the next year and pretty much swept the competition. He had to unlearn bad habits, even if he was still winning with those habits.

One more thing. The day you look at 6 month old code and say "I could not do better than that today" is either the day you should retire or you should become a teacher. As Denis Waitley says, "if you’re green, you’re growing. The moment you stop growing, you turn brown and shrivel up and die". Translated, if you do not see room to grow (improve), you need to find a new career, as you either have outgrown technology (not likely) or you are too egotistical/incompetent/insecure to understand/admit how much you still have to learn.

I am finally tired now, so a demain!

Peace and Grace,
Greg

Advertisements

MVC Preview 3 Released


MVC Preview 3 has been released this week and Scott Hanselman has already released a video. If you have not yet played with MVC, it is starting to shape up. You can download the code from Phil Haack’s blog site.

In the past, I have been a bit critical of MVC. It is not that I do not like MVC, or I feel it is not up to snuff, etc. My main issue has been that while it is testable, and does separate concerns, it also couples the view with the data rather strongly. Let me show you what I mean with a few samples.

First, here is a link:

<%= Html.ActionLink("Linktext 123", "OrderDetails", "Orders") %>

Now, this is not really all that bad, as I can easily alter the code. But, if I end up renaming something in a controller (which I shouldn’t do too much if I planned before I built), I end up with a lot of editing in my views, especially, if I have plenty of links.

Next, let’s bind some data:

<h2><%=ViewData.CategoryName %></h2>

<ul>

    <% foreach (Product product in ViewData.Model.Products.Model) { %>

        <li id="prod<%= product.ProductID %>">
            <%= product.ProductName %>
            <span class="editlink"">
                (<%= Html.ActionLink("Edit", new { Action="Edit", ID=product.ProductID })%>)
            </span>
        </li>

    <% } %>

</ul>

I am not snitting a big deal about this, but it looks an awful lot like traditional ASP. I have completely migrated away from the ASP.NET binding model, where I place a control and bind it to a data source (sometimes with no additional information) and I am now looping again. Yes, I know I was always looping in the Microsoft code anyway (easily confirmed by adding code into the row binding events), but this just feels a bit backwards.

Once again, I am not going to avoid MVC over this, but I am ending up with GUI goodness that cannot easily be tested (in the unit test sense). I do get the benefit of separation of concerns, of course, but I was putting most of my code into libraries anyway (my primary reasoning is I can throw any GUI on top of my app that way).

To be perfectly honest, I am not sure how I would solve this. How do I make MVC views where I can drop controls and bind them rather than loop? How do I get back to an easy to develop experience? There has to be some way. I will venture a guess that it will not be solved prior to final release, however.

Please note I am not against MVC. I think one of its strongest "artifacts" is the fact it forces the separation of concerns. In its first iteration, however, I am fearful it will be difficult enough to use that those who need the "lesson" will not venture into the classroom. I pray I am wrong with this, as I would like to see more developers "get this".

Tomorrow, maybe I will rant on why many advanced developers suck? Sorry, just a bit tired of dealing with applications that have advanced features but miss the basics. If I do, I will also be shooting at myself, as I am still learning not to suck so bad. ;->

Peace and Grace,
Greg

Why AJAX is ruining the web


Okay, so AJAX is not really ruining the web. In fact, it is a great technology, when correctly used, that makes user experience much better. But AJAX, in combination with other technologies, are causing issues. My latest issue comes from trying to use an AJAX extender with MapQuest tiled maps. Both use JavaScript, so the site is blowing up in Internet Explorer. Just a few minutes ago, I confirmed it was exclusively an Internet Explorer.

Now, this is not AJAX’s fault. It is also not MapQuest’s fault. But, it is certainly a problem that manifests itself when technology outpaces the tools. And I am not the first person to talk about this. Kathleen Dollard wrote about it in May of last year, in an article called Pace of Change Leaves No One Competent. Rocky Lhotka alludes to it here.

Here is what is happening in my situation. I have two technologies that are both using client side JavaScript. I need one of the technologies. I would really like the other, but there is no way I can get them to play nice together. And, the debugging help in Internet Explorer is so far behind the curve that I am going to have to scrap the AJAX bits to get this site out. And, since there are other bits that use client side scripting, I am not sure that is all I will have to cut. I will solve my problem by some time tomorrow.

This is not a problem unique to client side scripting, however. Microsoft has released a plethora of new technology in the last year or so, including WCF, WF, and WPF (including Silverlight, or WPF in the browser). Currently, the tools available for some of these technologies are rudimentary, at best. In the batters box, we see another large set of technologies, including ADO.NET Entities, ASP.NET AJAX extensions and the MVC Framework. There is some tool support for the first two, but the third will likely be released with very little tool support.

Please note that I am not against new technology. I personally think Silverlight 2.0 is great and welcome the .NET Framework installed in every browser. I love the Deep Zoom technology, as well; being able to set up very large images without inconveniencing the user is a great idea. The same is true with many other new technologies being shoved out the door. I am saying that we should be very careful to have the technology outpace the tools.

Microsoft may be thinking that some of the technologies will end up failing and do not want to spend time on tools for failed technologies. After all, they have some history in this area with Microsoft Agent. But, the quickest way to kill a technology is to release it with zero support.

It is prime time for the competition to examine the direction Microsoft is heading and adjust their plans to offer competition with tool support. It will not necessary eclipse the Microsoft technology, but it will force Microsoft to spend a bit more time on decent tools to support their new technology, sooner rather than later.

Peace and Grace,
Greg

Why I Don’t Watch American Idol


We are in the midst of cementing some details for our Make-A-Wish trip in November, so I call my mom who asks if I am watching American Idol. I then call my aunt, who asks if I am watching American Idol. My wife calls her sister-in-law, who is a Disney fan and is booking the character meals, and she does not answer. Why? She is watching American Idol.

A few weeks ago, Tiffany told the nurses that she had never watched one episode of American Idol. They gave her a look like you might expect if someone said "I have never driven a car" or "we have never owned a television".

Everyone is watching American Idol! Except us, it seems.

Here are the winners of Idol since it started in the US.

Season 1, 2002 : Kelly Clarkson
Season 2, 2003 : Ruben Studdard
Season 3, 2004 : Fantasia Barrino
Season 4, 2005 : Carrie Underwood
Season 5, 2006 : Taylor Hicks
Season 6, 2007 : Jordin Sparks

Notice that only two of these are producing viable albums today: Kelly Clarkson and Carrie Underwood. And, that is if you consider My December (Clarkson) viable. No matter who wins this season, I doubt either will have a long career as an idol. I am basing this on the few performances I have watched on You Tube, so this is by no means a "final answer", but I see both having work to do to get over the dancing monkey problem. Based on what I have seen, Cook is more likely to do it than Archuletta.

Why do most of the "Idols" fail after they have left the show? Because we like to watch dancing monkeys, but we don’t like to listen to them. While it is fun to watch someone thrusting extra lyrical moments into a song, it is nerve wracking to listen to it without the visuals. The focus is on winning the show, of course, which requires one to be a dancing monkey. But few can remove the monkey suit successfully.

Remember the show Star Search. It was another dancing monkey show. Sam Harris singing "Over the Rainbow" in a "Patty Labelle on uppers" style was a winner. It was fun to watch. He always used the "Star Search" moment properly – that is, advancing to the audience during the bridge. Yet, when his album was released, one found out how truly irritating it is to listen to someone singing in monkey style when you cannot see the movement.

Idol no longer uses the bridge as the canned moment to "advance" the song, so the performers invent one. Last night, for Archuletta, it was adding an extra "blinded by the light" to "Don’t Let the Sun Go Down on Me". Nice moment to stand up to audience cheers.

I imagine some of you are not convinced, so I offer you this experiment to try on your own. Go to You Tube and find the videos from this season. Click on one and minimize the browser. Now go about your work. After you listen to a few, ask yourself "if I were listening to this in a music store, and had never seen the performance on Idol, would I buy this?" I would imagine that most of you, if being honest, will answer "not only no, but hell no!".

As music only, the dancing monkeys are screechy and completely destroy the beauty of many of the songs they sing. They are breathy, and often flat. But, you can ignore than when you watch them dance. When you remove the visuals, and only the music is left, you find yourself wanting to see the dancing monkeys dance. Perhaps this is why the American Idol tours do better than the Idols do in their own careers.

I wish both of the contestants on the show the best of luck. But if you want me to watch your show, Simon, I want substance, not dancing monkeys.

Peace and Grace,
Greg

Internet Arguments and the Search For Truth


As you go through this post, please note that I am purposefully putting certain words in quotes. The reason for the usage of the word, in quotes, signifies that it is a facsimile of the true definition of the word. When I say "science", I am talking more about the modern day philosophy that uses some science as its basis. And when I say "faith", I am focused on the caricature of faith presented in many forums.

I have spent a good part of my spare time debating the Big Bang theory to someone who still insists that the Big Bang was an explosion into empty space. No matter how much evidence I show (in predicted observations primarily) for the Big Bang as a "creation" and then expansion of space, he is still stuck on the idea that space existed and then the Big Bang exploded radiation and matter into this empty space.

The argument, as it is no longer a debate, degraded when my opponent stated I was using Creationist arguments. I guess I can understand the confusion, as both Cosmologist and Creationist start with a C and end with an ist. I am fully aware that the use of the word Creationist is not a confusion with Cosmologist, by the way. I know it was thrown out, as with many Internet arguments, to dredge up something about my personal belief system, as my opponent was having a hard time refuting my words. In previous bouts, I was accused of espousing a position that "man and T Rex had veggie burgers" prior to Adam’s ejection from the Garden of Eden.

The point here is not about the Big Bang, but rather about the human characteristic to flip the bozo bit on people who think differently than we do. Each of us believes something that will ultimately be proven to be false, so we should each listen to other ideas with an open mind. There are, of course, ideas that are stupid. But, stupid ideas, when properly incubated, can be honed to become new technologies far beyond what we can imagine today.

Faith

I bring this topic up now, as there is a lot of bandying about faith. Religious people are characterized as those who unscrew their heads and leave their brains in the foyer when they attend religious activities. In the caricature, faith is the word described to believe in something for which there is no proof. There are at least two of problems with this caricature.

  1. All people cling to unfounded beliefs. This is not saying that there is "no proof", but rather that the proof is insufficient to hold such beliefs.
  2. Religious belief can be based on evidence. Perhaps not scientific evidence, but, as I shall show later, science is not the be all end all of evidence.

I have used the word "faith" to describe modern "science" many times. The retort is generally that science is not about "faith" as faith refers only to religion. I can easily disprove this with a trip to Merriam Websters, which has the following definition of faith

Main Entry:

1faith Listen to the pronunciation of 1faith

Pronunciation:

ˈfāth

Function:

noun

Inflected Form(s):

plural faiths Listen to the pronunciation of faiths ˈfāths, sometimes ˈfāthz

Etymology:

Middle English feith, from Anglo-French feid, fei, from Latin fides; akin to Latin fidere to trust — more at bide

Date:

13th century

1 a: allegiance to duty or a person : loyalty b (1): fidelity to one’s promises (2): sincerity of intentions2 a (1): belief and trust in and loyalty to God (2): belief in the traditional doctrines of a religion b (1): firm belief in something for which there is no proof (2): complete trust3: something that is believed especially with strong conviction; especially : a system of religious beliefs <the Protestant faith>

While the main definition does focus on religious faith, it is also defined as "firm belief in something for which there is no proof" and "something that is believed especially with strong conviction". It is these definitions, especially the second, that I am focused on when I state the "science" is based on faith.

Just recently, Rabbi Shmuley wrote an editorial in the Jerusalem Post, detailing his "fight"/"debate" with Richard Dawkins and the fallout after the event. If you have not seen Shmuley’s comments, they are available on You Tube (Part 1, Part 2). What struck me out of the editorial was the following comment:

A few hours later, at a cocktail reception, a Harvard professor of physics and I were having a pleasant conversation. She suddenly interjected, "I find it curious that someone as smart as you does not believe in unaided evolution."

I thanked her for her backhanded compliment and told her, "Imagine if I said to you, ‘I find it curious that someone as smart as you doesn’t believe in God. You would probably think that I was a close-minded, condescending, ideologue."

I am not against science. And while I do see there is a current faith versus science war going on, I do not believe it is necessary. Science and faith, or religion, when viewed logically, answer different questions. As I do not believe it is science versus faith, I will not get into the evolution versus creation debate (a funny debate, since evolution does not involve origins), except to hone in on one thing:

A great deal of what we accept as fact in evolution comes from extrapolation. There is nothing wrong with extrapolation, as we have to have a means of taking observations and applying them to other items we cannot test (perhaps I should say "currently test", as we have hope the extrapolations will bear out). Extrapolation is quite useful in predicting, or modeling, what we can expect to observe if a theory is correct.

The problem comes when we accept extrapolation as proven fact, and that is where "science" has a problem. Much of what is taught in our classrooms are grand assumptions based on very little evidence. Certainly some steps have good evidence, but the picture, as a whole, has very little evidence. Perhaps in another hundred years we will fill in the gaps of our knowledge and better support the steps we currently have little or no evidence for, but we may not. It is faith to express that we will. Perhaps not religious faith, but faith none-the-less.

The Ugly Side of Disagreement

In another "debate", I have encountered a person who is an ideologue. His primary problem is George Bush and he views anyone who voted for Bush as a war criminal. He has stated, of Conservatives, that when he sees one, he just wonders "why the mother ******* isn’t dead!".

It is easy to disregard this type of post as a rant, but we see today that some people actually carry through with this type of thinking. Admittedly, a large number of those "following through" are what we have termed "Islamic Fundamentalists", but this is not true throughout history. Hundreds of years ago, it was the Christians who were on the giving side of the equation. Lest the atheist see this as a religious problem, we also have the examples of Hitler, Stalin, Mao and the Khmer Rouge.

The person just wondering "why the mother ******* isn’t dead!" has the same potential as each of us. We can each be a monster or a saint, or somewhere in between. While we generally view Hitler as the most evil person to ever walk the face of the earth, we each have the potential to be evil. In fact, if we leave our nature (which is selfish) unchecked, and are given proper opportunity, we can realize this potential. Will Smith was lambasted for stating:

Even Hitler didn’t wake up going, ‘Let me do the most evil thing I can do today’. I think he woke up in the morning and using a twisted, backwards logic, he set out to do what he thought was ‘good’. Stuff like that just needs reprogramming.

But what Will states is true. Hitler brought his country out of a Depression that made our Great Depression appear pale in comparison. He restored a sense of hope in his people. He focused on the good of his country and the prosperity of his people. Each of these thoughts are good, in and of themselves. It is the application that was evil. Helping your people is a good thing; doing it by destroying others is evil. And, he was only given the ability to follow through on his application through the opportunities power gave him. What makes Hitler different from many of us is he was given the power to follow through.

I agree with Richard Dawkins that religion, or at least some religious people, can stave the flow of science in some ways. And I would like to see science have the freedom to explore new ideas (although I am getting a bit tired of "science"). But there are a great many good things that religion provides us. When we focus on only one element, we run the risk of forcing society to hamper speech based on its "truthfullness", which means God is a verboten subject. Is this really any different, on the philosophical level, from shutting up scientists because they do not view Genesis as a literal science textbook?

When Dawkins seeks the destruction of religion, he is losing balance. He might argue this balance is not necessary, but allowing "science" to trump science is no better than allowing "faith" to trump science. When A. K. spouts that Conservatives should be wiped out, he is risking swinging the pendulum too far to the Liberal side, which, once again, destroys balance. Without balance, one side is allowed to run amok, without restraint – and both the good and ugly of that side are set free.

Towards a Better World

I am not going to change the world in one post.

Dawkins will continue to believe that a world without religion is a better world than one with it. He will continue to focus on the crimes and "delusion" of religion and not notice the good it does. He will continue to be befuddle at intelligent Christians, Jews and Muslims. Rather than attempt to pull the good out of religion, he will throw the baby out with the bathwater.

A.K. will continue to believe a world without Conservatives is a better world than one with them. He will focus strongly on the "War in Iraq" as the worst scourge in history and view voting for George Bush as a rubber stamp on everything he has accomplished. He will ignore the good that comes from Conservatism, as he is unwilling to view the world in anything but black and white. Worse, he will exhibit the same characteristics he says he deplores in Conservatives, without even realizing it.

Debate will continue to be uncivil. From Sean Hannity and Nancy Grace walking all over their guests, to the continued ad hominem attacks in open forums, we will see uncivil discourse.

It is my hope, however, that the number of people unwilling to stand up for this type of badgering will increase. I envision a world when a Liberal will defend a Conservative who is being beaten up merely for being a Conservative. Where a black man seeing a white man beaten will jump in and help and a white man seeing a black man being beaten will do the same. Where the scientist and religious leaders can focus on advancing ideas rather than creating caricatures of each other, straw men of their own making that they can burn down. Where all people who disagree can try to walk a mile in their opponents shoes and find that they are really not that different after all. That is my hope.

Peace and Grace,
Greg

What NOT to do in .NET Development


When I am frustrated, I like to blog. In fact, most of my best blog posts have been about something that frustrates me. Currently, I am frustrated with the MapQuest API, but not because of the API as much as trying to lay maps on a site that was developed a while back that follows some practices that one should not follow. In order to save you some headache, I am passing on my wisdom.

Do Not Loop Through Data to Create Reports

I am starting with this one, as many I have said this to say "well, duh!". Unfortunately, it is not always "well, duh!" as Microsoft used a looping model in ASP. Once you make the paradigm shift to data binding, you no longer need to loop to bind data. Here is a sample, from the app:

string s = "<table style="font-size:11px;" width="100%" border="0" cellspacing="0" cellpadding="3">";
s += "<tr bgcolor="#293f34"><th style="color:#FFFFFF">Start</th><th style="color:#FFFFFF">Stop</th><th style="color:#FFFFFF">Duration</th><th style="color:#FFFFFF">Address</th><th style="color:#FFFFFF">Event</th><th style="color:#FFFFFF">Latitude</th><th style="color:#FFFFFF">Longitude</th></tr>";

foreach (Report r in R)
{
    //Hundreds more concats here to create individual rows
}

What is happening here is a DataSet is being treated as if it were an ADO Recordset (remember – rs = CreatObject("ADODB.Recordset")?). In ado, it was common to loop and output. In .NET, you can use a simpler method:

GridView1.DataSource = R;

Wow, from thousands of lines to one. And the speed difference will blow your socks off. Wow, that guy who created the app must be a moron? Not actually, he ran into an issue. The customer can dictate which columns are included in the report, so he was looping so he could make column decisions, like (pseudocode here, as I am too lazy to search 1000s of lines of code or look this up):

if(User.Columns.Contains["NumberOfSats"])
{
    //Code to include this column
}

Is there a better way to do this? I can think of multiple ways, but here are some ways to solve other than hammering your web server with concats. Note that some of these will only solve one problem and some are not good ideas in some situations. But, here are some things we can do:

  1. Use a StringBuilder – see "Do Not Concatenate Strings" – this does not really solve the problem, but it sure speeds up the bad code
  2. Write dynamic SQL code – This is generally overkill, but pruning your result set at the database is a great way to bind without having to alter your application (allows for lazy binding). This is by far the simplest on the .NET side, but can get quite complex on the SQLside. There is a way around SQL complexity, but it requires executing dynamic SQL, which does not create statistics to improve SQL performance.
  3. Write your stored procedure as .NET code. This is better, in many than dynamic SQL code, but it can still get you to a place where the stats do not help much.
  4. Dynamically alter the bound columns on the GridView – This allows you to use the full result set every time. Only those columns chosen will be bound and no data loop.
  5. Prune the DataSet – Get rid of columns you are not going to bind. This allows you to be lazy on your GridView (not explicitly name columns) without having to loop through data

Of these choices, as you can probably guess, I would pick either 4 or 5. In most cases, option 4 would be the lightest on your server processor, so that would be where I would aim first. To accomplish this, add the GridView, rename it (unless you really like GridView1), and add the columns based on user prefs.

After typing this, I thought of one other option, or a variation on option 3, and that is to prune the result set in a .NET assembly in SQL Server. This is not an option if you are not using SQL Server, of course.

Do Not Concantenate Strings

This one flows from the last one, as the desire to loop data lead to the decision to concatenate. Consider the following:

class Program
{
    private static double Concat(int loopSize)
    {
        DateTime start = DateTime.Now;

        string s = String.Empty;
        for (int i = 0; i < loopSize; i++)
        {
            s += i.ToString();
            s += "rn";
        }

        DateTime end = DateTime.Now;

        return end.Ticks – start.Ticks;
    }

    private static double NoConcat(int loopSize)
    {
        DateTime start = DateTime.Now;

        StringBuilder builder = new StringBuilder();
        for (int i = 0; i < loopSize; i++)
        {
            builder.Append(i);
            builder.Append("rn");
        }

        DateTime end = DateTime.Now;

        return end.Ticks – start.Ticks;
    }

    static void Main()
    {
        int loopSize = 1000;
        int increment = 1000;

        Console.WriteLine("Loop size: {0}", loopSize);

        for(int i=0;i<10;i++)
        {
            double concat = Concat(loopSize);
            double noconcat = NoConcat(loopSize);

            Console.WriteLine("Comparison {0}", i+1);
            Console.WriteLine("String Concat: {0}", concat);
            Console.WriteLine("StringBuilder: {0}", noconcat);
            Console.WriteLine();

            loopSize += increment;
        }

        Console.Read();
    }
}

Forgive me for being lazy in my "counting" method. It is rather crude, but the differences between the two are pretty startling and I did not really want to think too much right now. If you run this, you will see some overhead popping up in the StringBuilder from time to time. If someone wants to write a better counter, go for it. My main point is adding lines to the StringBuilder does not affect performance much. Adding string concats does.

Am I a "Nazi" about this? Certainly not. If you have a bit of code where you are returning something simple, like "Hello" + name, I do not see a reason to hyperventilate at a concatenation. It makes the code more readable and the performance penalty is not enough to cry over. Once you start adding more than a few strings, you need to switch to a StringBuilder. And, if you are looping, it is imperative.

Don’t Throw New Technology in the Middle of a Build Cycle

This one is a pet peeve. Whenever Microsoft comes out with a new hammer, developers invariably start looking for a nail to fit the hammer. It does not matter that they are using screws. Perhaps this is a bad analogy, but you get the picture.

I am not saying you should shun new technology. There are certainly technologies that warrant the learning curve and throwing them in. But, you should be sure both of the following conditions are met:

  1. The technology is necessary to complete your application or (more likely) will GREATLY simplify your work.
  2. You have the time to learn how to do it right before implementing in a production application

Most often, the developer wants to learn something cool and figures he can stick it in the latest application. Since the development schedule is already hectic, he cannot find the time to properly learn the new technology, which leads to things like looping DataSets in ADO.NET. I will not talk about the AJAX applications I have seen lately. 🙂

The point here is you should make a strong business case before slapping new technology into an application, especially an application you are ALREADY working on. If you can make the case, then you fight for the time to learn it well enough you don’t do something ignorant or, worse, stupid. If you want to build your resume, play at home.

Don’t Reinvent the Wheel

Let me show you a security model. It is rather simple.

u = (ObsucatedLibraryName.User)Session["User"];
if (u == null)
    Response.Redirect("~/login.aspx");

Like it? If you have been developing in .NET very long, you probably deplore it about as much as I do. once again, this has its roots in ASP. Using this model, I have to get the User object on every single page, even if I am not using it for anything other than redirecting the user. I can make this less painful by moving these bits to a master page or a base page, but .NET makes this much simpler.

<authentication mode="Forms">
  <forms name="Something" loginUrl="login.aspx"/>
</authentication>

I can then set security on any page I want. In fact, I can use roles in the web.sitemap file, for my menus. Or, I can simply set up web.configs on different directories/files and kill both birds (menu and security) with one stone. And, I do not have to make an artificial call to Response.Redirect. In addition, I get a redirect back to the page I wanted to visit without me writing the mechanism.

The point here is simple. If there is a built in mechanism to do something, you better have a really good reason for writing your own. With security, there might be a case where you want to write your own, but you do not have to go gonzo custom to get it done, as there is a provider model.

In this app, I am retooling, there is:

  1. A custom security model (above)
  2. Hard coded menu items (which forces two master pages, simply to add administrative menus)
  3. Custom role mechanism (largely implemented in the two master pages)

I could probably go on, but each of these are handled with standard ASP.NET bits and do not require rewriting the entire system to get it the way we would like it to work in this application.

End Note

There are other things I could rant on about, but the above can be summed up in a few points (the first two being the same point, but from a slightly different perspective):

  • Know how to code in the paradigm you are coding in before you code in it. If you come from an ASP background, you will have to relearn if you do not want to suck.
  • Don’t play with new technology until you have time to learn it. If you are with a company that will not give you the time, you probably need to consider moving on.
  • When you have a complex problem, sit back and research before coding. If you do not, you will either end up in refactor hell or your application will suck.

While this may seem like I am railing on the developer in question, that is not my intent. I have found a great many developers who switched from the COM world who suck in .NET. Those who are intent on learning eventually get over these hurdles; those who are content continue to suck. Intent is better than content every day.

I need to write an entry on the "lazy programmers manifesto". Oh, that will have to wait. I have to get back to this application and figure out which CSS element is causing my map to puke. Until next time.

Peace and Grace,
Greg