A general theory of design

“Design consists of creating things for clients who may not know what they want, until they see what you’ve done, then they know exactly what they want, but it’s not what you did.” — Brian Sooy
Read Mr. Sooy’s entire blog post.  I’m not a designer, but having spent most of the past 10 years working with them to build database-driven websites and applications, I definitely agree with him.  My most recent project (an extranet for the nation’s AMBER Alert coordinators) didn’t launch until 6 months after its originally scheduled launch date in large part because of the client’s uncertainty over what they wanted.

Community Server 2.0 Patching

Telligent sent out an e-mail last Friday afternoon about a critical security patch. These were the patch instructions:

Directions for installing the patch:

These are the contents of the readme.txt file:

Steps for installing the Community Server 2.0 SP1 Patch.

1. Make a copy of the CommunityServer.Components.dll found in the bin folder of your web site.
2. Replace the existing CommunityServer.Components.dll with the new one you just downloaded and unzipped.

If you have questions or problems, please email support@telligent.com

We have also included the updated source files. If you have modified any of the code in the Community Server Components project you will need to apply these fixes and redeploy your assemblies.

I wish the readme file had said exactly where the updated source files go. I don’t like the idea of having to hunt around files to replace when the patch has to do with security. So here’s what the readme file should include:

ComponentsHttpModuleCSHttpModule.cs

ComponentsComponentsHtmlScrubber.cs

ComponentsComponentsTransforms.cs

Telligent has an announcements blog with a post about this security patch.

Paging in Microsoft SQL Server stored procedures

Today I found out that an old boss of mine at Ciena Corporation has a blog (thanks to Plaxo).   I learned a lot about  ASP.NET, C#, and Plumtree through the work he assigned to me.  From looking at the posts he’s got in there so far, if you’re looking to overclock a PC or find out more about Vista, it’s worth checking out.
An older post of his has a good example of how to implement paging in a SQL Server stored procedure.

Amazon “1-Click” Patent Challenge

According to this article, Amazon’s patent is being reviewed because it looks like the U.S. Patent & Trademark Office granted a similar one 18 months before Amazon’s filing.  It will be interesting to see what fallout there would be from a decision invalidating Amazon’s patent.

That aside, this brief story does a nice job of pointing out how profoundly broken the patent system is.  The prior patent wasn’t found by a USPTO employee, but an actor from New Zealand who was angry about a slow book delivery and wanted to get back at Amazon.  If Amazon hadn’t made one of their customers upset, who knows if this would have ever been found.  The patent review will probably revisit these requirements:

  • is 1-click new
  • is 1-click useful
  • is 1-click nonobvious

At the time Amazon got the patent, I felt it clearly failed the nonobvious requirement.  The existence of an 18-month-old patent on the same idea only confirms that.

Stored Procedures vs. Ad-hoc SQL

I saw this insightful article on the subject in a “most popular articles” list. The author, Douglas Reilly, acknowledges at the beginning of the article that he uses stored procedures virtually all the time, but still does a great job of describing the pros and cons of each approach.

The most useful thing the article taught me was that as of version 7, SQL Server keeps execution plans for all statements, not just stored procedures. This reduces the advantage of stored procedures for basic CRUD (create, read, update, delete) operations substantially. I’ve certainly touted the superior performance argument in comparing stored procedures to ad-hoc SQL before, so I’m glad I learned the real deal now.
That said, I still hold a bias in favor of stored procedures. Once upon a time, I worked for Sybase Professional Services as a DBA, and they were definitely pro-stored procedure. Nearly every shop I’ve worked in since then has been similarly inclined. Anytime an employer has used ad-hoc SQL, it’s been absolute murder to maintain. In my experience, the maintenance advantage of stored procedures over ad-hoc SQL is substantial, not slight (as Reilly concludes).

One issue the article doesn’t bring up that might be interesting is source code control for stored procedures and other database elements (views, user-defined functions, etc). While SQL Server does have backup and restore, it’s not nearly as granular or convenient as the check-in/check-out model of today’s source code control systems. On my projects, I tend to generate a script with just the stored procedures in it and store that in SourceSafe. I’d certainly like a better solution, but haven’t found one yet. I’m curious to see what SQL Server 2005 is like, since it will allow you to write stored procedures in C# or VB.NET.

Apple’s business model beating Microsoft’s

So says Walt Mossberg, the man with the job I envy most in technology.

I agree with what he says for the most part on the advantages of the end-to-end model versus the component model. One thing I would say that’s slightly different is that Apple is winning not merely because of the tight linkages, but because of the quality of the end product, and their huge market share.

Having lost what Mossberg describes as “the first war” in the personal computing space, Apple took a look at the MP3 player market and delivered a product significantly ahead of the competition in quality and ease of use. Even when connected to a PC (as I did with my first iPod), using MusicMatch for the music software, I liked the experience better than other players I’d considered. Once iTunes came to the PC, it made things even easier.

Part of what helped Apple get its current marketshare in the digital music market is their refusal to inflict the subscription model on their customers. They understood that people want to own music instead of renting it and delivered just that. Between that, their great per-track price point, and the minimum necessary DRM, there are plenty of reasons to choose Apple over the competition.

Removing time from a datetime field in SQL

I’ve got a small project at work that required me to use the date, but not the time in a datetime field for retrieval of certain rows from a table in SQL Server 2000. A bit of Googling revealed a document titled “Remove seconds from datetime SQL“. The title isn’t quite right, as the author’s query removes hours and minutes too, but the result turned out to be just what I wanted.

The query: SELECT Cast(Convert(varchar, GetDate(),105) as datetime)

I ended up using code 101 instead of 105 to get my query working, but that was it.

ASP.NET Configuration File Handling

One of things I like the least about working with multiple development, QA, and production environments is messing around with configuration files to make sure the different versions point at the right databases.  Add the use of the Enterprise Library, and there are even more files to manage.

In my last year at Ciena, I worked in a group where they’d put together some code that detected what environment it was in (development, QA, or production) and retrieved the correct settings from web.config.  It was similar to the solution Mike Gunderloy describes in this article on ASP.NET 2.0 productivity.

When I was poking around for more information on config file handling, I came across another article that references Gunderloy’s that talks about a file attribute for the appSettings tag.  I hadn’t come across the existence of that attribute anywhere else before.  I’ll definitely use this on my next project.

Finally, this article provides another option for dealing with configuration files in multiple environments.  The code and examples are well-explained.  My group at Lockheed Martin should integrate something like this into the custom library we’ve been building.

Downside of Certification

According to this eWeek article pay premiums for skills that don’t have a certification grew three times faster than pay premiums for certified skills.

I never really bothered with certifications for any of my skills because I was usually too busy working to set aside the time to study for and pass the exams.  I was more motivated to do that for things like grad school.  I always felt that experience was more valuable than a certification, but the counter-argument of “if you have the experience, certification should be no problem” is still a reasonable one.

Still, I hope the pay premium changes mean employers are choosing experience in favor of those who’ve passed an exam but have little or no hands-on experience.