Month: October 2015

by

Agile – Agile and Waterfall are two distinct methods of software development

The Waterfall model can essentially be described as a linear model of software design. Like its name suggests, waterfall employs a sequential design process. Development flows sequentially from start point to end point, with several different stages: Conception, Initiation, Analysis, Design, Construction, Testing, Implementation, and Maintenance.

The Agile model proposes an incremental and iterative approach to software design. It was essentially developed in response to the limitations of Waterfall, as a way to give designers more freedom. The design process is broken into individual models that designers work on. There is no pre-determined course of action or plan with the Agile method. Rather, designers are free to respond to changes in requirements as they arise and make changes as the project progresses.

waterfall-vs-agileWaterfall challenges

Traditional Waterfall treats analysis, design, coding, and testing as discrete phases in a software project. This worked OK      when the cost of change was high. But now that it’s low it hurts us in a couple of ways.

Poor quality

waterfall-poor-qualityFirst off, when the project starts to run out of time and money, testing is the only phase left. This means good projects are forced to cut testing short and quality suffers.

Poor visibility

waterfall-poor-visibilitySecondly, because working software isn’t produced until the end of the project, you never really know where you are on a Waterfall project. That last 20% of the project always seems to take 80% of the time.

Too risky

waterfall-too-riskyThirdly you’ve got schedule risk because you never know if you are going to make it until the end.

You’ve got technical risk because you don’t actually get to test your design or architecture until late in the project.

And you’ve got product risk because don’t even know if you are building the right until it’s too late to make any changes.

Can’t handle change

waterfall-cant-handle-changeAnd finally, most importantly, it’s just not a great way for handling change.

The Agile ApproachAgile-ApproachInstead of treating these fixed stages Agilists believe these are continuous activities.

By doing them continuously:

  • Quality improves because testing starts from day one.
  • Visibility improves because you are 1/2 way through the project when you have built 1/2 the features.
  • Risk is reduced because you are getting feedback early, and
  • Customers are happy because they can make changes without paying exorbitant costs.

Making the Choice Between Agile and Waterfall

So, how do we choose? First, we change the game a little (which is what most software development organizations do) by defining our own process. It’s a variation on the traditional Waterfall methodology. This helps to improve the team’s understanding of requirements and communication with the customer.

In this way, we strive to be as iterative as possible without compromising our overall system architecture.

We consider the following factors when considering which methodology to use:

how-select-waterfall-agile

Share this:
Share
by

Asp.Net – A potentially dangerous Request.Form value was detected from the client in asp.net

Yesterday, I was working in CMS engine in asp.net where I had to allow user to format the content in Rich Text Editors using Tiny Mice editor. but when I click on submit button asp.net raised an exception for “A potentially dangerous Request.Form value was detected from the client”.

Error:
Server Error in ‘ASP.Net’ Application.

A potentially dangerous Request.Form value was detected from the client (txtContent.Text=”<p>Hello</p>”).

Exception Details:
System.Web.HttpRequestValidationException: A potentially dangerous Request.Form value was detected from the client (TextBox1=”<p>Hello</p>”).

Description:
Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. You can disable request validation by setting validateRequest=false in the Page directive or in the configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case.

Cause:
ASP.Net By default validates all input controls for potentially unsafe contents that can lead to Cross Site Scripting and SQL Injections. Thus it disallows such content by throwing the above Exception. By default it is recommended to allow this check to happen on each postback.

Solution:
To make it working as per above scenario we need to set the ValidateRequest attribute as “false” to disbale the validation request for the page. There is two way to do it as follows.

1. Page level using page directive:
We can disable ValidateRequest by settings the attribute value in page directive.

<%@ Page Language=”C#” AutoEventWireup=”true” ValidateRequest = “false”

or

<pages validateRequest =”false” />

2. Globally using Web.config:
Instead of disabling ValidateRequest page wise we can disable it globally by mentioned the attribute in web.config file.

<system.web>
<page ValidateRequest = “false”/>

<!– Following extra setting require only for .net framework 4.0 or above  –>
<httpRuntime requestValidationMode = “2.0” />
</system.web>

Alternate Solution (Encoding the content):
Unless you actually need users to be able to enter HTML, you must convert the string to its HTML encoding equivalent – basically this means that certain characters (like “<“) are converted to codes (so “<” is converted to “&lt;”, etc). To perform this conversion use HttpUtility.HtmlEncode,

for example:
txtContent.Text = HttpUtility.HtmlEncode(MyTextBox.Text)

Friendly Error Message:
If you want to make the user ensure that the content does not contain dangerous value you can use your own validator.

<asp:RegularExp<b></b>ressionValidator runat=”server” ControlToValidate=”textbox” ValidationExp<b></b>ression=”^[\w]+$” ErrorMessage=”Use only alphanumeric characters” />

Remember:
When disabling the validation request on the page make sure to validate all input from that page.
When disabling the request validation on the application make sure to validate the entire application.

Important
The examples are just to illustrate the given solution, remember to validate as well at the server side.

Share this:
Share
by

SQL SERVER – Convert IN to EXISTS for better performance

Today, I have received to optimize a store procedure where I have made changes and gotten good performance.

I can show simple method to convert IN clause to EXISTS clause. Here is the simple example.

USE AdventureWorks
GO
— use of =
SELECT *
FROM HumanResources.Employee E
WHERE E.EmployeeID = ( SELECT EA.EmployeeID
FROM HumanResources.EmployeeAddress EA
WHERE EA.EmployeeID = E.EmployeeID)
GO
— use of EXISTS
SELECT *
FROM HumanResources.Employee E
WHERE EXISTS ( SELECT EA.EmployeeID
FROM HumanResources.EmployeeAddress EA
WHERE EA.EmployeeID = E.EmployeeID)
GO

It is NOT necessary that every time when IN is replaced by EXISTS it gives better performance. However, in my case listed above it does for sure give better performance.

Click on below image to see the execution plan.

inexists

Share this:
Share
by

SQL Server – How to create, alter, drop, enable, disable the Primary Key Constraint

The Primary Key constraint is used to identify each row uniquely in a database table.

Primary key constraint enforce the following rules.

  1. Primary keys must contain UNIQUE values.
  2. Primary key column cannot contain NULL values.
  3. Most tables should have a primary key, and each table can have only ONE primary key.
  4. Primary key can consist of one or more columns on a table (When multiple columns are used as a primary key, they are called a composite key.)
  5. Primary keys can be specified either when the table is created (using CREATE TABLE) or by changing the existing table structure (using ALTER TABLE).

Create primary key:
There are several ways to create a primary key in a database table.
At the time of table creation:

Method 1:
CREATE TABLE [dbo].[Table1] (
[ID] [int] NOT NULL,
[StudentName] [nvarchar](50) NULL
CONSTRAINT [PK_Table1] PRIMARY KEY CLUSTERED ([ID] ASC)
)

Method 2:
CREATE TABLE [dbo].[Table1] (
[ID] [int] NOT NULL PRIMARY KEY,
[StudentName] [nvarchar] (50) NULL
)

Method 3:
CREATE TABLE [dbo].[Table1](
[ID] [int] NOT NULL,
[StudentName] [nvarchar] (50) NULL,
PRIMARY KEY ( [ID] )
)

Create primary key on multiple columns:
For defining a PRIMARY KEY constraint on multiple columns and columns should not nullable.
use the following SQL syntax:


PolicyBazaar IN CPL - Personal Loan

Method 1:
CREATE TABLE [dbo].[Table1] (
[ID] [int] NOT NULL,
[StudentName] [nvarchar] (50) NOT NULL,
PRIMARY KEY CLUSTERED ( [ID], [StudentName] )
)

Method 2:
CREATE TABLE [dbo].[Table1] (
[ID] [int] NOT NULL,
[StudentName] [nvarchar] (50) NOT NULL
CONSTRAINT [PK_Table1] PRIMARY KEY ( [ID], [StudentName] ASC )
)

Create primary key on existing table:
To create a primary key constraint on the ID columns when Table1 table already exists.

use the following SQL syntax:

ALTER TABLE [Table1]
ADD CONSTRAINT [PK_Table1] PRIMARY KEY CLUSTERED (ID);

Note: If you use the ALTER TABLE statement to add a primary key, the primary key column (s) must already have been declared to not contain NULL values (when the table was first created).

Drop primary key constraint:
You can clear the primary key constraints from the table.

use the following SQL syntax:

ALTER TABLE [Table1]
DROP PRIMARY KEY ;

Disable Primary key constraint :
You can disable a primary key using the ALTER TABLE statement

use the following SQL syntax:

ALTER INDEX [PK_Table1] ON [Table1]
DISABLE;


Voonik CPA

Enable Primary key constraint:
You can enable a primary key using the ALTER TABLE statement

use the following SQL syntax:

ALTER INDEX [PK_Table1] ON [Table1]
REBUILD;


PaisaBazaar IN CPL - Credit Card

Share this:
Share