Posts Tagged ‘Windows Presentation Foundation’

WPF, Hackers, jQuery QUnit, Static Analysis, and MVC

Another day full of great sessions…although as the days go by and I procrastinate on writing up my notes, my mind is getting a bit foggy. Hopefully, you can get something from my notes…

Sessions Attended:

  • WPF Validation – Techniques & Styles (Miguel Castro)
  • Hack Proofing Your ASP.NET Web Forms and MVC Applications (Adam Tuliper)
  • Introduction to jQuery QUnit (John Petersen)
  • Static Analysis in .NET (Jason Bock)
  • Extending ASP.NET MVC with jQuery/Ajax and jSON (John Petersen)

WPF Validation – Techniques & Styles

The validation that comes out of the box in VS2010 is not that great. MVVM is better. Data annotation is good for quick validation on the code side.

There is a difference between validation and business rules. Business rules act on an object and validation does not. Validation is usually a check field – yes/no questions. With business rules, it is more like if this field has this then do this or some other stuff.

We should reject user input as early as we can and do NOT touch valid input. How many times have we run across a website where we enter an invalid value and the site comes back with an error and all the fields are wiped out? Or even worse…no error message at all and we are left to guess at what we did wrong.

We should have one place to go to check for validation of an object (one routine to check). Validation should not be done in multiple places unless we just can’t help it. Validation should be done as early as possible, and rules code should be reusable.

The out of the box validation is view based validation (ValidationRule class) and requires view-based code to perform validation. The validation is done at the XAML level and it cannot be tested. We don’t get information back on what field is invalid, and the error message is put in a hover message.

  • Style Trigger
  • Validation.HasError
  • Set ToolTip property

In MVVM, validation is totally decoupled from the view and we can test it. IDataErrorInfo can be implemented in ViewModel or Model. The indexer method gets the name of the property that changed. The view model is bound to the view and drives state. Anytime a field changes the OnPropertyChanged is called. We drive our buttons with commands not click events. Every command (DelegateCommand) has a method that drives the command and a method that determines if the command can happen.

Error message can include field info. Attributes set on the binding in XAML. Set ValidatesOnDataErrors to true to use validation. IDataErrorInfo can be extended to incorporate rules engine and interface can be implemented by the base class.

With Data Annotations (System.ComponentModel.DataAnnotations), we have to do the checking. An attribute is only as good as its use. Attributes are used by decorating the property, and the attribute values have to be a constant.

Code will use reflection to get the property value and runs the property through validation by using the Validator static class. We can write custom data annotations by overriding IsValid, and we can do multiple validations.

  • this.GetType().GetProperty(PropertyName).GetValue(this, null)
  • Check data validation (Validator.TryValidateProperty)
  • AdornedElementPlaceholder

Recommended Reading:

  • WPF 4 Unleashed (Adam Nathan)
  • WPF Programmer’s Reference: Windows Presentation Foundation with C# 2010 and .NET 4 (Rod Stephens)

Related Sites:

Hack Proofing Your ASP.NET Web Forms and MVC Applications

One big issue we have with web applications is SQL Injection. But we also have to deal with cross site scripting, cross site request forgery, parameter tampering, information leakage, and encryption.

SQL injection is when code gets injected into the data channel and values are altered to create SQL commands when data is expected.

  • URI tampering
  • Parameter tampering
  • Cookie tampering

We should not be using inline SQL, but instead use parameritized queries. Don’t use dynamic strings. Do use ORMs, escape/whitelist input, and audit table permissions. We can use Rank() Order by and pass a number to sort by different things. We can pass parameters in dynamic SQL and use sp_ExecuteSQL.

Cross site scripting (XSS) is when script gets injected into the page, the database, or the cookies. The main types are reflected, persistent, and DOM based. We can also have scriptless attacks.

To prevent XSS, we use HTMLEncode or AttributeEncode for all output (@, <%:, HtmlEncode(), HtmlAttributeEncode()). Do not use the WebForm’s ValidateRequest=false. In ASP.NET 4.5 the HtmlEncode will be embedded in the databind.

He ran out of time to finish his slides, but did leave us with one last tidbit of info. To prevent Information Leakage, Use Retail Mode!! Setting RetailMode = TRUE turns off debugging and tracking which is the main source for Information Leakage.

Related Sites:

Introduction to jQuery QUnit

Why should we test? We can get immediate feedback of our code with unit testing. Testable code is better code. Unit testing makes automated builds worth something.

JavaScript has been challenging to test. JS is not C# or VB, usually embedded in HTML docs and often disorganized.

jQuery QUnit addresses the challenges of testing our JS. It’s a testing framework that is easy to use and integrates with other coding tools like Telerik’s JustCode (a test runner).

Static Analysis in .NET

This was a fascinating session. I found out that maybe I should have gone with Premium or Ultimate instead of getting the Professional edition of VS2010. Code analysis is only available for Premium and Ultimate. However, Jason believes someone on Codeplex has written an add-in to Professional.

We can also use FX Cop…it’s a free tool that offers command line tools for performing static code analysis of .NET code.

In source, an attribute is added to the code to suppress. In project file, we can suppress the instance but it does not get updated if we refactor it. Custom rules are not officially supported.

Other tools: Nitriq CodeAnalysis, NDepend, CodeIt..Right, and Klocwork

Related Sites:

Extending ASP.NET MVC with jQuery/Ajax and jSON

I thought about attending the How to Be a C# Ninja in 10 Easy Steps, but I thought maybe I should have a little more exposure to MVC and jQuery. I think I was in over my head in this one since I have had no experience in this area. Also, I think I was in information overload by the time I got to this session. But here are my notes for what it’s worth…

jQuery is a JavaScript library that is actually a family of projects: jQuery Core, UI, and Mobile, and QUnit. CSS always in play behind the scenes of jQuery

Ajax – Asynchronous JavaScript and XML: A technique to create asynchronous web requests from the client. Ajax communicates with the server and does a postback, and is conservative with bandwidth. The main objective is to improve performance. Multiple components and technologies are involved: HTML, CSS, XMLHttpRequest, and JavaScript. jQuery is a popular JS/Ajax framework.

JSON – JavaScript Object Notation: made up of key/value pairs and groups of key/value pairs make up a document. MongoDB and Couch are DBs that use JSON/BSON (binary JSON).

JavaScript is the glue that ties these 3 together and CSS makes it all come alive.

The update panel in ASP.NET is a div that gets updated via Ajax. Telerik has extensions for MVC and there are other MVC/jQuery based frameworks out there.

Related Sites:


Read Full Post »

WPF, Azure, Threading, Silverlight, and the Future of User Experience

Unfortunately my afternoon on this day involved an emergency back at work and I had to leave the convention after the Chalk Talk to go back to the room to deal with the emergency. But all the sessions I attended on this day were really great.

Sessions Attended:

  • Keynote: The Future of User Experience: The Natural User Interface (Tim Huckaby)
  • Windows Presentation Foundation for Developers (Philip Japikse)
  • Building Your First Azure Application (Michael Stiefel)
  • Chalk Talk: Parallel Programming 101 (Tiberiu Covaci)
  • Top 7 Lessons Learned On My First Big Silverlight Project (Ben Day)

Keynote: The Future of User Experience: The Natural User Interface (Tim Huckaby)

The future technologies coming down the pipe include natural user interfaces with better multi-touch capabilities as well as voice and neural capabilities. Microsoft has recently released Kinect for the PC that will allow users to do various things using just their voice and/or body motions. Here is a link if you are interested in seeing some of the projects already in place with natural user interfaces (all built with Visual Studio 2010).

Related Sites:

Windows Presentation Foundation for Developers (Philip Japikse)

WPF is the next generation rich user application platform based on DirectX and is leaps ahead with databinding. WPF has true animation, and uses styles and templates (one place to change the entire application style).

If you write something once, you should probably make it a method. Twice, you should make it a method. Three or more times, you should stop being a programmer.

New in .NET 4: DataGrid, DatePicker, Calendar, Ribbon controls, Layout Rounding, Multi-Touch support, Custom Dictionaries, Behaviors, Animation Easing, and Binding String Format. New in .NET 4.5: Improved Performance with large data, Binding to Static Properties, Accessing Collections on non-UI Threads, Asynchronous Validation, and bug fixes. What’s missing? Visual inheritance, MDI support, ExtenderProvider support, MaskedTextBox, ErrorProvider/HelpProvider, and AutoComplete. We can use gradients and vector graphics. We can make images scale and not have to store files for all sizes of images. We can stack, wrap, and dock panels…horizontally and vertically.

Since I’ve not used WPF before, I jotted down the various features and functions that Phillip demo’d. Some of this may be beginner level for most, but here are my notes for those interested:

  • Attached properties – button on the panel gets the property of the panel (DockPanel.Dock(“Top”)).
  • Tabbing order thru menus goes in order the items are listed in XAML.
  • SharedSizeGroup – everything contained is capable of sharing size
  • Scroll bar control separate from other controls
  • Expander control
  • Height – number (specific), auto (fill what u need), * (like %)
  • MinHeight {Binding ElementName=MyText, Path=ActualHeight}
  • GridRow – column starts count with 0
  • Don’t use canvas because you lose the benefits of WPF
  • Save button can be disabled if no changes made
  • CommandViewModel (MVVM style)
  • Dictionary Support in MVVM – can make custom dictionary
  • Behaviors – watermark text box
  • Blend 4 get command behavior on grids
  • Blend SDK (reference System.Windows.Interactivity)
  • SWI
  • Hierarchical Data Template
  • DataBinding – 2-way and 1-way
  • Update source trigger happens on lose focus
  • Expressive UI – type in one field and other fields change if you have them tied together
  • Value converters or MulitValue
  • DataContext – looks to for binding. First one it finds. If it doesn’t find, has silent failure.
  • Style Trigger – use to trigger elements to display based on the trigger
  • IDataErrorInfo – string indexer & error property
  • Magic Strings – array populated in XAML order

As you can tell, lots of cool stuff in WPF…can’t wait to get started with it.

Recommended Books:

  • Pro WPF Development
  • WPF Unleashed

Related Sites:

Building Your First Azure Application (Michael Stiefel)

Azure is Platform as a Service (PAAS). Windows Azure works when we don’t want to manage infrastructure or a data center, we don’t want to buy for peak capacity, we don’t want virtual machines, and we have customers all over the world.

We sign up at the management portal in order to get started, and can also access the DB thru the portal (must set firewall rules – usually with IP range). We can connect to the Azure DB thru SSMS but there are limitations to this connection.

In the Hosted Services section of the portal, we have access to local emulators (compute and storage). An icon in the task bar gives us options to see how the application is working. The DB uses local SQL Express for development storage DB. If using the emulator, don’t forget to close down deployment when done.

A role is configuration plus code and is analogous to an application. Several ways to deploy application: the portal, Visual Studio, or PowerShell. Startup tasks can be set up to run every time the application is deployed.

During his demo, I jotted down a few notes:

  • DiagnosticConfiguration.GetDefaultInitial – can set to move data on specified time. (scheduled transfer period, buffer quota)
  • In Diagnostics section on Config tab, add cloud key.
  • Azure Storage Explorer – free addin to view IIS log and other diagnostics
  • Any degree of I/O should use medium VM size
  • Must set instance count – tools out there to help automate this
  • Load balancer in front of Azure handles traffic (Round Robin – no memory)
  • Does not redirect to same instance in same session
  • Set up cache
  • Minimum of 2 instances – small % that both will go down
  • Failure zones – fabric controller makes sure no shared hardware between your instances
  • Upgrade Zones – instances don’t get updated at same time
  • Create package file and upload to Management Portal
  • Affinity group – all services go in same center
  • Can deploy to stage or production
  • Windows Azure Cost Calculator – compute is major driver of cost
  • Can bulk copy DB
  • Put binary data in a blob

Related Sites:

Chalk Talk: Parallel Programming 101 (Tiberiu Covaci)

Good discussion on threading. I jotted down some notes in between getting pinged from work with an emergency. I ended up leaving this session to deal with the emergency. If anyone has anything to add from this, please leave your comments.

  • Asynchronous – waiting for answer (active waiting)
  • Concurrency – multithreading
  • Thread pool
  • Parallel – multiple computations concurrently
  • I/O is a big problem
  • We can’t get faster processors anymore so instead we get more cores
  • The thread is responsible for execution not the process…heavy weight.
  • Quick sort array and Queens Problem
  • Don’t use lock on disk
  • Interlock is performed in sharing data
  • Mutexes not recommended but can be seen everywhere (system wide object)
  • Semaphores – can run 3 print jobs in parallel
  • Reader/writer locks are bad on performance
  • ThreadPool.QueueUserWorkItem(_ => {action})
  • Task Parallelism (Task <T>)

Top 7 Lessons Learned On My First Big Silverlight Project (Ben Day)

Originally I had planned to attend the Fast, Faster Async ASP.NET session, but since I missed the 2:30pm session with Silverlight I decided to attend this one so that I could at least get a taste of Silverlight while I was here.

Ben briefly discussed RIA Services and recommends using RIA Services only for short-term, fast to market applications. This will save time coding but has no code reuse and is difficult to maintain long-term.

Here are Ben’s top 7 lessons:

  1. It’s 2 applications: client-side and server-side
  2. Unit Test
  3. Async WCF rules your architecture
  4. Repository and adapter patterns
  5. No shortcuts! Keep ViewModels and Models separate.
  6. Primitive obsession in your ViewModel
  7. x:Name is a code smell

Related Sites:

Read Full Post »

Creating User Experiences – An Entry Point for Developers (Billy Hollis)

In his user experiences workshop, Billy gave us a look into the user psychology and brain wiring that make design concepts work. He has a lot of visuals and explanations in his workshop that I won’t be able to translate well into this blog post, and I have no intention of attempting this. If you have the chance, I highly recommend that you attend one of his speaking events on this subject. If you are interested in learning some of the key points discussed in his workshop, please continue reading…

 “As our case is new, so we must think anew and act anew” ~ Abraham Lincoln, 1862

Coming up with solutions involves creativity and imagination whether part of the detailed analytical side or the big picture. Software development has always been about making something possible that wasn’t possible before. However, this way of thinking is coming to an end and now it is really about making it easy.

Something that we fall prey to is inattentional blindness. We can’t see what we are not looking for. To see this in action, here is a website with a famous awareness test.

We need to be sure to put visual indicators very near what it pertains to such as an error message next to the error instead of at the very top or bottom of the screen.

A few Design Principles to keep in mind:

  • Archetypes – certain objects and actions have a universally understood form or theme such as buttons are normally round and a round object signifies a button that can be pushed.
  • Fitt’s Law – the time required to locate and use an object is less if the object is bigger and closer to the user such as moving a larger submit button on a form closer to the last form entry.
  • Hick’s law – the time required to locate and use an object decreases as the number of objects decreases such as fewer menu choices takes less time to decide where to go than longer and more detailed menus.

Fear of empty spaces…horror vacui. When a user asks us to put everything on the screen, they are asking for this because they are afraid that we will screw it up and they won’t be able to find what they need. However, a crowded screen comes across as poor quality and bad design. We don’t need to use every piece of screen real estate – we need to have more whitespace in our applications.

Good software design will increase productivity, reduce the amount of training needed, lower the number of errors, and ultimately increase sales. Extra investment in design will improve the end product and reduce the number of bugs. Good design requires collaboration.

How do we break loose from the standard file menu and rectangular designs? One place to look to for inspiration is video games.

Users prefer beautiful, curved things over sharp, unattractive things. Curved objects are perceived as safe whereas sharp objects are perceived as dangerous. Beautiful software appears more usable to users.

Users resist change and it can be difficult for users to accept changes to existing systems that have poor design because they feel the changes will make their job harder. Some users even feel that they have better job security when the software sucks and they are the only users who know how to use it. In order to get users to accept change, it is recommended to create new applications that are completely different from existing applications than to merely make enhancements to the existing applications.

Error messages should be as text on the screen with some sort of visual. We can use pop ups…but only as a last resort. In WPF we can create buttons using the ellipse tool. By layering a couple ellipse objects, we can achieve a button that appears indented.

Did you know that in VS we can right-click on an object’s property and reset it to the default value? Or that Ctrl I gives us the ability to do an incremental search?

Questions to ask in discussion of building a new system:

  • What is needed in a new system?
  • Where does the old system fall short to meet the business needs?
  • What has changed that we need a new system?
  • What are the platform and environment needs?
  • What technologies will be used?
  • What are the older applications that will still need to be used and need to work with the new system?
  • How much is available for investment in a new system?
  • Are there any arbitrary deadlines?
  • Do we build good enough software? Cost-benefit and satisficing
  • Do we build based on performance or preference?
  • Where can business value be added?
  • What affects revenue/cost?

To sharpen our “designer’s eye”, observe our surroundings, take pictures, carry a notebook to sketch, visit places with excellent design like museums and upscale shopping malls, and read books related to design principles and philosophy.

The collaboration team should be made up of 3-4 team members including business analysts, developers, and designers. The design process begins with blue sky visioning. Don’t have too much structure at this point. The details gathered will bring about the structure needed for the project. The more ideas generated the more we can let go.

The team needs to gather enough details to have a general understanding of the business needs. The general design begins to take shape with visioning and storyboarding. The team will draw up illustrations and paper mock-ups, and start the interaction prototyping.

The interpretation phase involves mapping out the major activities and task flows. In this phase, the team is doing the contextual inquiry and field observations, and building the work models.

During the contextual inquiry, watch what the users are currently doing. Ask the users to give running commentary as they do their work explaining what they are doing and why. Take pictures of the work environment such as sticky notes all over the place. Look for trends.

Don’t over invest in storyboarding and illustration. Do more than one prototype to give users options. If users are presented only one prototype, they tend to be nitpicky on the little things.

End stage in the design process is empathy. We should have empathy with the user and understand where they add value. We understand where the current system is constraining the user and are able to evaluate ideas that will appeal to the user.

If we know what we are doing is valuable, we will be happier. Being creative can be highly rewarding.

Recommended Reading:

Recommended Websites/Videos:

Read Full Post »

Welcome to Las Vegas SignThe 5 days of sessions and workshops at Visual Studio Live were full of valuable information and great tips to improve efficiency and productivity. I will be sharing some of this in future posts, but here is a little of what I learned and the sessions that I attended…

The future technologies coming down the pipe include natural user interfaces with better multi-touch capabilities as well as voice and neural capabilities. Microsoft has recently released Kinect for the PC that will allow users to do various things using just their voice and/or body motions. Here is a link if you are interested in seeing some of the projects already in place with natural user interfaces (all built with Visual Studio 2010).

Creating User Experiences Workshop

The Creating User Experiences workshop that I attended provided much more useful information than what I can summarize here. If you are interested in hearing more on this, I will be writing up a more in-depth post soon.

Creating a successful user experience is not just about making something possible that wasn’t possible before. To make the user experience a success, it is about making it easy…which is what we keep saying that we need to do with our applications.

One key point made during the workshop was that we should not strive to use every bit of screen real estate. The eye naturally will focus on the area of the screen from the top left corner down to the bottom right corner. Users look at crowded screens as being poor quality and bad design which can lead to lost revenue and a decrease in productivity.

Users resist change and it can be difficult for users to accept changes to existing systems that have poor design because they feel the changes will make their job harder. In order to get users to accept change, it is recommended to create new applications that are completely different from existing applications than to merely make enhancements to the existing applications.

Good software design will increase productivity, reduce the amount of training needed, lower the number of errors, and ultimately increase sales.


List of Workshops/Sessions Attended

Workshops (Full Day):

  • Creating Today’s User Experiences – An Entry Point for Developers (Billy Hollis)
    • Explanation of design concepts and the user psychology and brain wiring that make the concepts work.
  • Programming with WCF in One Day (Miguel Castro)
    • All WCF fundamentals, advanced features, and lots of tips and tricks for design, hosting, and WCF consuming.


  • HTML5 and Internet Explorer: A Developer Overview (Ben Hoelting)
    • The power of HTML5 in IE9 and IE10, and the features available now and in the future.
  • Advanced ASP.NET MVC, HTML5 and the .NET Stack (Ben Hoelting)
    • The awesomeness of MVC, and discussion on key concepts and features.
  • Visual Studio for Mobile Apps on iOS, Android and WP7 (Miguel de Icaza)
    • This felt more like a sales pitch for Xamarin applications (MonoDevelop), but did learn some information on using VS for developing mobile apps.
  • Visual Studio 2010 and 11 Tips & Tricks (Amy Hartwig)
    • Various tips and tricks on using the shortcut keys and other built in functions.
  • Entity Framework Code First – Beyond the Basics (Sergey Barskiy)
    • Performance analysis tips, database scheme techniques, and models
  • The Future of User Experience: The Natural User Interface (Tim Huckaby)
    • Look at past technologies and how technology has developed over the years, a look at the impressive software being built today with .NET technologies, and the future of NUI.
  • Windows Presentation Foundation for Developers (Philip Japikse)
    • Strengths of WPF, various layouts, and maximizing databinding.
  • Building Your First Azure Application (Michael Stiefel)
    • Key technologies and techniques, and basics of building Azure applications
  • Parallel Programming 101 (Tiberiu Covaci)
    • Using threads and thread pools
  • Silverlight, WCF RIA Services and Your Business Objects (Deborah Kurata)
    • Discussion on using RIA to develop Silverlight/WCF services.
  • Top 7 Lessons Learned On My First Big Silverlight Project (Ben Day)
    • Real world tips for architecting Silverlight applications, testing, and pain points.
  • WPF Validation – Techniques & Styles (Miguel Castro)
    • Various validation offerings including MVVM-based, and custom styling.
  • Hack Proofing Your ASP.NET Web Forms and MVC Applications (Adam Tuliper)
    • Why most existing applications can be hacked, details of common attacks, and techniques for protecting against hack attacks.
  • Introduction to jQuery QUnit (John Peterson)
    • Basics of using QUnit for testing jQuery.
  • Static Analysis in .NET (Jason Bock)
    • Benefits, how to improve code, and custom rules
  • Extending ASP.NET MVC with jQuery/Ajax and jSON (John Peterson)
    • Some information on Ajax and jSON, but mostly discussion on using jQuery.

As you can see, I attended a mixture of sessions on various technologies.

What’s Next?

Over the next week or so, I will be documenting all that I learned and sharing the wealth of information in future blog posts.

Plus, I was the “tweet to win” winner for a free 5 day pass to attend another VS Live event later in the year…I chose Orlando, FL in December. This event in Orlando is actually 4 events in 1 (Visual Studio, SQL Server, SharePoint, and Cloud & Virtualization). I am really looking forward to this one!

Read Full Post »

%d bloggers like this: