Sunday, December 27, 2009

Windows 7, Finally

Huzzah! Windows 7 has finally been installed. It's been a comedy of errors for me, but I'm still going to put most of the blame on Microsoft.

I resolved my power problem by throwing money at it, by purchasing a Corsair VX 550W PSU, approximately a month ago. The PSU is great and I've seen a much stabler machine. So why didn't I have Windows 7 installed immediately after that?

I tried, I really did. However, the DVD was corrupt and then I lost the image in order to make another one. Besides, that image seemed dodgy, so I asked a friend to download a proper image from TechNet. I have a subscription, but no bandwidth. He tried, he really did. It took three attempts to download as the connection kept being interrupted. And did TechNet resume from where the download was before the interruptions? You know the answer.

Anyhow, I finally got hold of that image yesterday and here we are. All futurised.

I've also decided to give Panda's Cloud Antivirus a try. I'll report on that shortly...

Friday, November 20, 2009

Office 2010 Beta

Having failed hopelessly in my attempts to setup Windows 7 (all blame to be directed at my pathetic PSU), I thought I'd go with the much simpler to install and review Office 2010 Beta. The beta is available as a free download here.

Installation
This was fairly slow, and Office has ramped up in size to use 2.34GB in total. Not too bad, but on my work laptop I'm a little short on space. They've made it really easy this time to actually install along side your existing (read: safe) version of Office, or upgrade it if you want to. Seriously, don't upgrade yet, its a beta for a reason. The installation has the awesome affect of making your task bar disappear. Kindly, it is returned after about 5 minutes. I hope that one's on the issue l
ist.

The install appeared to finish, so I tried to access the programs. However it had actually not finished and got quite grumpy.

Word, homey
Once it had finished being grumpy it finally asked me to be restarted. Begrudgingly I obliged. On finally excitedly opening up Word, the splash screen appears and *crash*. The "Send to Bluetooth" feature crashed on load. On second opening of Word, it asked me if I wanted to disable the feature, which is a significant improvement for Microsoft over their "keep trying, its you thats the problem not us" approach.

For some unknown stupid reason, Microsoft have chosen to set the default appearance to the "silver" theme. This has the effect of making Word look like Open Office. Now, I'm all for a bit of open source, in fact I hugely respect it, and understand when it looks like a Romanian gypsy's dog's arse. But I dont expect the same of proprietary software. Not least of all Word 2010. Changing to the "blue" theme really helps with this. Microsoft, pick a new default!



So, as you can see they've gotten rid of that ridiculous round windows button, and brought back a familiar favourite, File. They've spent some time considerably improving the access to the features under file, which is a big plus for me due to work requirements.

Out-WTF-look
Outlook very kindly changed itself to be the default mail client. Now I would love and have begged to be able to use Outlook and Exchange, but until further notice I'm stuck with Lotus Notes. Microsoft, don't change the default when I don't ask you to. Naughty.

Excel at what exactly?
Other than the additional of File, excel remains seeminly largely unchanged. The marketing blurb speaks of new conditional formatting. New? Seriously new? The writer must be new to the marketing department. Perhaps they should open up Excel 2007 and have a look closely, seems pretty much the same to me.

Roundup
Other than some bug fixes and behind the scene's work, this is pretty much a bog standard release of Office. It's an uglier version of 2007, with minor improvements. However, there's one small thing about this beta for which Microsoft deserves a bravo (or rather a cry of "finally!"):
The two smiley's represent a feedback capturing system. If you like something that you see in the new office, click the happy smiley, and a screen shot of what it is you like is taken. Add some comments about why you like, and send to Microsoft. Ofcourse the same applies to stuff you don't. Three cheers to finally garnering user feedback in a friendly way. Huzzah!

Sunday, November 8, 2009

Windows Sucken

I've just eagerly got hold my copy of Windows 7 Ultimate (x64) and key from TechNet and now I'm going through the fun of trying to install it. I thought this was supposed to be a simpler process than Vista, but so far it's been hell.

First problem:
It looks like my Asus P5K SE/EPU motherboard drivers haven't been updated for Windows 7. So I'll be off to Intel to get the chipset drivers then...

Second problem:
It took forever to actually get to the setup screen. I'd been told this is a common issue, so I wasn't too concerned. When it eventually got here, I chose to do a custom install as I wanted to format the partition (leaving no trace of Windows 6, so that Windows 6.1, sorry 7 :P, wasn't held back by it in any way). Like Vista, you've only got the option to do the ridiculously inadequate lightning quick format. It does that, moves on with the setup (while taking forever to get to the next screen). Eventually, at about 15% into it, I'm told that something's corrupt and good day to you sir.

On second attempt, the same happens. Getting some advice, I was told to use a familiar friend to format properly. What friend was this I hear you ask...


Third problem:
And this one I can't gleefully place on Microsoft. My admittedly pathetic 400W power supply has finally caved in, as the nVidia 8800 Ultra is killing it, causing it to randomly restart all during the install. Now, as I'd like to keep my HDD, my Windows 7 saga will have to wait until I get a new psu...


Monday, October 12, 2009

Reverse Engineering Database Diagrams in Visio

This little one fools me every now and then, and it's one of those cases where I always say... crap, I know how to resolve this, how did I do it last time??

I find reverse engineering the database to Visio quite useful, particularly if you're unfamiliar with a new schema, as it's a great way to easily see the relationships between tables. And it's a whole lot better than the abomination that is the generated database diagram in SQL Server.

To get started, create a new Database Model Diagram in Visio. You'll see on the menu bar that you get a Database option, and the first item is Reverse Engineer.

In the wizard that pops up, one of the installed Visio drivers should be Microsoft SQL Server. Select this from the drop down, then click on New... to create a new datasource. You'll need to do this for each database that you want to connect to. For SQL Server database, generally you'll select "User Data Source" and the "SQL Server" or "SQL Native Client" driver over the next two screens.

On the next screen, give your data source a name and choose the server. It's important to get this bit right, and if you're connecting to a named instance, to select the name. Otherwise when you try to connect on the next screen (using your prefered choice of authentication), you'll get an error similar to the one below.



Now that one at least gives you a clue. Sometimes you'll be given an error like "SQL Server does not exist or access denied", so look out for that.

Sunday, July 19, 2009

I'd rather have some policy, thanks

The ruling poltical party in SA, the ANC, suffered a rather embarrassing defacement to their website over this weekend. After the usual party propaganda, there was this little gem:

Let's zoom in on that a bit:


That's right. Jet charters. Government porn. A personal request of JZ perhaps?

According to the report, they can't sort this out until Monday. Now, I understand the annoyance of working over the weekends (hence the recent lack of posts myself), but I'd call in my developers if I found this on my site.

Now let's assume for this minute this wasn't a deliberate attack - which is a fair assumption considering in the top right corner the site is listed as last updated today. This raises questions of the character of the deleveopment team that the government actually hires to design their websites, if they actually allow this to enter production.

This got me thinking though, what can the development team do internally to make a website more secure? Thinking beyond the usual prevent-SQL-injection story here's some questions I would ask my team:
  • Have we ensured resigned employees have had all their access removed?
  • What is our process to ensure the correct version is uploaded to production?
  • Have we built it in to testing to check that the basics of security have been followed?
  • Who do we hold accountable?
Update: In the time it took me to write this post (approx 30 minutes) the website was updated to remove the offending adverts. Apparently someone understood the value of not waiting till Monday.

Wednesday, June 10, 2009

SqlPubWiz Fail

I didn't think I'd talk so much about Sql Server features, but I'm stuck on that topic at the moment because of a current project. Nonetheless, I'm sure countless people need help with such things.

I was attempting to script out a blank database, so that I could get the delete order of the many tables correctly. SqlPubWiz is great in that it does this all for you, by putting the tables in the correct delete sequence based on foreign key constraints. Certainly not something you'd want to do in your spare time!

Anyway, I kept getting the following error:
Timeout expired. The timeout period elapsed prior to obtaining a connection form the pool. This may have occured because all pooled connections were in use and max pool size was reached.
Sorry? I've been in the pool too long and I'm pruning? All that's going on is that it's unhappy that you don't have any data in tables. Simple as that. It doesn't like the empty tables. But when you take a look at your output script, you'll see that it has nicely added the delete portion in the right order.

Resolution: Another error message fail.

Tuesday, May 26, 2009

SQL Login Hell

No apologies for my thinly disguised reference to DLL hell in the post title, I think everyone dealing with SQL Server has at one point dealt with login issues (e.g. two colleagues today, hence the post). If you're like me, you'll see these issues again and again and each time you'll have to Google them to remind yourself how to solve them. I'll add to this list over time but for now, here's a couple of regulars:

Error: Login failed for user 'sa'. The user is not associated with a trusted SQL Server connection.
This just means that you haven't set the Server to use Mixed Mode authentication. Login using Windows authentication and change your server authentication settings on your server to look like this:


Finally, restart the database engine's service. The easiest way to do this is through Control Panel > Admin Tools > Services. Click on SQL Server (Instance Name) and restart the service. You should then be able to login to the server with the sa account without a problem.


Error: Login failed for user 'sa'. (Without any other message)
Check that:
  • - the sa account's password is correct or that it is strong (if enforce password policy is checked)
  • - the account is granted permission to connect to the server
  • - the account is enabled
  • - the account is not locked
Error: Cannot open user default database. Login failed. Login failed for user 'user.name'.
I logged in with Windows authentication and dropped the database that was set as the default database for this authentication. I also forgot the sa account's password so I couldn't log in with that to change my Windows authentication's default password. That leaves scripts! Using the master database's context, execute the following command (replacing the names where appropriate):
ALTER LOGIN [user.name] WITH DEFAULT_DATABASE = master
A little special Olympics, but I managed to do this. Or perhaps that just says something about me...

Sunday, May 24, 2009

Some SSIS pointers

Here's a few pointers that'll make your life with SQL Server Integration Services (SSIS) a bit easier:

Set your database table fields to Unicode character types
If your data sources come from MS Excel and Access, and you're not using Unicode character types, you'll need to include the Data Conversion data flow task. It's pure grunt work that you'll need to include for each table you're migrating, and it can be easily avoided.

Avoid repository conflicts by working on separate packages and merging later
Using SVN, this has been a nightmare. Sometimes your packages merge perfectly, other times you have many lines of conflict that are just not worth the effort of resolving. It's easier in that situation to copy and paste the work you've created to another package, delete the file and get it back from SVN again, re-add your files and commit.

As a temporary stop measure work on separate packages, within the same solution, from your colleagues and designate one person to look after a "main" package (essentially manually merging your work). This also prevents an irate colleague from walking over to your desk several times a day when you keep breaking their connection strings and giving them gifts of 29 errors and 209 warnings that they can only resolve through re-establishing the connections in the each of the data flow tasks.

Only use a SQL Server Destination if your packages are going to run on a local server
Use an OLE DB Destination if your SQL Server instance is located on a remote server. An issue with this is that you don't get all the functionality associated with SQL Server Destination (and, most importantly, the speed!). A quick MSDN lookup will show you that this is in fact a feature, not a bug! Such is life...


Saturday, May 9, 2009

Don't forget the data!

Data migration is a nightmare. You never have enough time for it, and the source of the data always looks like this:



And I've got that expression on too. You're likely to encounter this situation at some point, unless you have the luck of writing a brand new system that just requires basic master data (where do I sign up?!).

I've been happily impressed though, with SQL Server Integration Services (SSIS). It's commonly used to do basic mapping and importing of data from Excel from within SQL Server, however using Business Intelligence Studio, you can create some powerful data migration packages by using a workflow of data transformation tasks. Very 5th generation, says a colleague. I'm not going to give a huge breakdown, as that is more effectively given by the SSIS project on CodePlex, but here's a basic example of a data flow task:



The greater Control Flow can contain many data flow tasks as well as other tasks (eg Bulk Inserts, Execute SQL, FTP Tasks, Sending Mail and many more). The data flow is probably the most complex, as this is where your specific data transformations occur. In the screenshot, you see that we read from a source destination (in this case an MS Access database), from which we do some data conversions, followed by a lookup of another field based on one in the source database (think of it like a VLOOKUP in Excel), creating a derived column, perhaps a calculation, and then inserting the transformed data into our SQL Server destination. Of course, you need to set up all of these by double clicking on the individual tasks and performing some MacGuyver tricks but you're hopefully getting the idea of how useful this tool is.


The key is that these packages are reusable. I've spent some many hours massaging the same data for different time periods in separate Excel spreadsheets. One of these packages could've got my public holidays back!

Testing the packages

While the proverbial jury may still be out on unit testing, I've personally found it invaluable in projects. Not as much during initial development, but its usefulness becomes reallyclear during support.

Now I've recently come across the ssisUnit project on CodePlex. This uses the familiar ~unit test format - setup, test, teardown (with setup and teardown used to create and remove test data, respectively) - using XML. I'm busy playing around with this and will post my thoughts up in the next week.


Now, providing a business case for the additional effort required to include any type of unit testing an a project is a whole other story...

Saturday, May 2, 2009

All it takes is a little thought...

I'd like to start off my blog by looking at a variation of a theme on a post by a friend and colleague on his blog regarding South Africa's Independent Electoral Commission's website.

A particular interest of mine, and one that is notoriously difficult for developers to get right, is the area of human-computer interaction (HCI). This seems to have been something the development team at the IEC have forgotten about at best, or ignored at worst. After the recent South African General Elections, I thought it would be interesting to have a look at the breakdown of the voting patterns in the area I live in. I opened up the report page to find this handy breakdown:



Now granted that whilst the Voting District number is supplied in your identity document, would it really have taken much trouble to populate this drop down with the name of the Voting District, as they've done for the Province and Municipality? This is a standard ASP .NET control, quite simple to populate the name and value properties...

Ah, but never mind - there is a handy search tab I see. Well, not quite. This allows you to search the Voting District's number, or by some other variable called the "VS Name". On running a report you discover this stands for "Voting Station Name" - as in the physical building you voted in (e.g. "Camps Bay Club"). I tried searching for large, well known suburbs but nothing turns up. I tried an exact search of Camps Bay Club but nothing turns up. Clearly this piece of functionality is quite flawed. I was nearly tempted to call them on the toll free number for that "more information", seeing as there was no discernible help available!

This is could be all quite innocent - until we view the source. I must say, they've out done themselves with unnecessary Javascript. I don't want to stray too far off the HCI topic, but even at Varsity I knew I was doing something wrong if I had to use invisible text fields to get the job done. And why write lines of Javascript for something that can be easily achieved using the .NET Framework? In fact, why bother using the framework at all?

Finally, I had a look at the validation. Take a look at this function,
presumably used to prevent HTML injections (taken from the view source available in any browser):

---------------------------------------------------------------------------------
This function is used to detect the characters '<' and '>' when the user enteres them
onto the screen or when text containing the mentioned characters is entered onto the screen.
When this happens, this function will delete remove everything that was entered onto the textBox
---------------------------------------------------------------------------------------*/
function RemoveBadCharacters()
{
var txtSearch = document.getElementById('ctl00_ContentPlaceHolder1_txtSearch');
var bRemoveText = "0";
if(window.event.keyCode == 188 || window.event.keyCode == 190)
{
txtSearch.value = "";
}
for(var i = 0; i <= txtSearch.value.length; i++) { if(txtSearch.value.substring(i, 1) == ">" || txtSearch.value.substring(i, 1) == "<") txtSearch.value = ""; } return false; }


Whilst it's great that they've thought about validation it's not so great that they don't tell the user what they've done wrong. Rather let them enter these characters, and redirect an error message to the page. And see what I mean with regards to unnecessary Javascript? Not much room for code reuse across the application here. Again, I'm straying.

Now I've knocked this application quite a bit, so I need to be fair as I'm not aware of their requirements, deadlines, development team skills and all the other holistic aspects that affect development. However, this is an important institution, reporting on an event that only occurs once every 5 years - and this reporting was done far more innovatively by others (News24 is a great example). I think they're some key principals we can take away from this:

  • Apply the KISS (Keep It Simple, Stupid) mantra - to both the usability as well as the code
  • Make it clear to the user what they've done wrong, and how they can go about correcting it
  • Make it easy for the user to do the right thing, and difficult to go wrong
  • Provide easily accessible, preferably context based, help