Simple Talk is now part of the Redgate Community hub - find out why

Using SQL Server Query Hints with Entity Framework

Entity Framework (EF) is designed to work with a variety of data sources. Although this presents many advantages, there is a downside that many of the special features of a data source such as SQL Server are off-limits. Query Hints are an example: though often misused, they are occasionally important. Dennes Torres shows how you can use these in EF, using a command interceptor that will allow you to use any query hint with SQL Server.… Read more

Encrypting connection strings in web.config

Encrypting web.config elements is a good security feature. Web.Config elements can include passwords and important keys that we need to protect.Encrypting web.config elements is a good security feature. Web.Config elements can include passwords and important keys that we need to protect. There are several methods to encrypt the web.config: Using a command line statement Using … Read more

SQLCLR in Practice: Creating a Better Way of Sending Email from SQL Server

SQLCLR is now considered a robust solution to the few niche requirements that can't be met by the built-in features of SQL Server. Amongst the legitimate reasons for avoiding SQLCLR, there is the fear of getting bogged down in code with special requirements that is difficult to debug. Darko takes a real example, extending the features of sp_send_dbmail, to demonstrate that there need be few terrors in SQLCLR. … Read more

Anti-Forgery Validation in ASP.NET Core

Hackers use the cross-site request forgery technique to grab the identity and privileges of legitimate authenticated users of a site to then perform any action that the victims have rights for. Without a way to detect this, the site will have no way to distinguish between a forged and legitimate request, ASP.NET has a robust defense if you remember to implement it, and Core introduces some other ways to ensure that this forgery can't succeed. … Read more

Revisiting Script Injection in ASP.NET

The danger of Cross-Site Scripting (XSS) has to be dealt with in any web application. You do this by validating the input from all possible channels. by constraining it in terms of its range, type and length, and by encoding the output from views. ASP.NET has some built-in validation of requests that can be extended to make it more effective, but this approach has changed with ASP.NET Core to place the onus on the application developers to provide the middleware to perform effective validation that is fine-tuned to the application. Dino Esposito explains.… Read more

Visual Studio 2017 and Swagger: Building and Documenting Web APIs

The OpenAPI ‘Swagger’ Specification defines a protocol that allows applications to discover, and generate documentation of methods, parameters and models of REST APIs, This provides a way for any software to identify the features of a REST API. It does for REST APIs what WSDL (Web Service Description Language) did for web services. Visual Studio now provides it to support proxy creation for REST APIs, as Dennes Torres explains.… Read more

Control the Controller in ASP.NET MVC

Because of its obvious importance in coordinating the MVC application, we tend to be wary of being too adventurous with it, but there are some interesting features that can sometimes be exploited to provide for less common requirements. The controller in ASP.NET MVC core, for example, can be a plain-old C# class (POCO), making it easier to create file-based content on the fly. The DefaultControllerFactory class can be changed, and you can override the GetControllerType method with a custom factory to give you localized routes and URLs. Dino explores some of the interesting internals of ASP.NET MVC controllers… Read more

High Performance PowerShell with LINQ

PowerShell is a scripting language, and like all scripting languages it struggles to perform well with rapid iterative processes such as aggregation. It isn't well-known that PowerShell can use LINQ for many of those tasks which would otherwise use iteration, though somewhat awkwardly. However, some of the speed improvements you can get are startling. To get you well started, Michael explains every LINQ function , gives you example code in C#, The PowerShell way of getting the result, and finally Powershell's use of LINQ. This article could change the way you use PowerShell.… Read more

A Visual Lexicon of LINQ

LINQ is best learned from examples, but few LINQ resources supply, along with the code, pictures that illustrate what each associated LINQ operator in the code is doing. This article is a visual index of all LINQ operators, that explain clearly with code and illustrations what even the most arcane LINQ operators actually do. To increase your enlightenment, it is accompanied with a reference chart to provide even more detail. Michael Sorens is, with these two articles, determined to persuade you of the power of LINQ.… Read more

A Visual Lexicon of LINQ: The Wallchart

Here is a handy wallchart that condenses the information contained in our article 'The Visual LINQ Lexicon' even further, but which adds some more technical specs that allow you, for example, to see at a glance which operators use deferred execution and which use immediate execution. You can use it to see what operators use lambda syntax and which ones are available in query syntax. You can see all the other key properties of all the LINQ operators, even including even how much of a sequence a given operator actually consumes. Click here to download the PDF version of the reference chart: … Read more

Improvements to Model Binding in ASP.NET Core

Model Binding has been a popular feature of ASP.NET MVC, but has, before now, had some minor restrictions. ASP.NET Core now has enhanced model binding: If a value passed via routes, posted data, or query strings couldn't be bound appropriately, it forced a global exception. Now, there are a number of ways of providing a more graceful reaction to incorrect data. You can now force the binding to a given source or create new sources for binding to. Dino Esposito explains.… Read more

Ten Unsung Visual Studio Time-Savers

We all have our favourite third-party extensions to Visual Studio, and although we all like Resharper, there are many others that could well make your development work easier. To celebrate the fact that Visual Studio Enterprise now includes ReadyRoll Core, SQL Prompt Core, and SQL Search as part of the Data storage and processing workload, Michael Sorens describes nine of his current favourite extensions, and wonders if he's missing anything in his list.… Read more

Scala and Apache Spark in Tandem as a Next-Generation ETL Framework

Scala and Apache Spark might seem an unlikely medium for implementing an ETL process, but there are reasons for considering it as an alternative. After all, many Big Data solutions are ideally suited to the preparation of data for input into a relational database, and Scala is a well thought-out and expressive language. Krzysztof Stanaszek describes some of the advantages and disadvantages of a scala-based approach to implementing and testing an ETL solution. … Read more

Building Better Entity Framework Applications

Entity Framework (EF) is Microsoft’s Object/Relational (ORM) database access library, with a new generation, EF Core, released in 2016. In this article Jon P Smith looks at six different software principles and patterns that help to keep the EF code nicely separated from the rest of the application. The six approaches make the EF database access code is easier to write, test, refactor and, most importantly, performance-tune.… Read more

Model Binding in ASP.NET Core

Model binders work under the covers in ASP.Net MVC to provide the data for the action methods on a controller class. This data is held by the incoming HTTP request embedded into POST-ed form values, and maybe even the URL itself. Much magic is performed to get this right and, with some care, you can ensure that you can bind to object data, arrays and collections, as well as providing default values.… Read more

What is the Go Language, and Why is it Useful?

When Google announced the 'Go' language in 2009 we were all underexcited. After all, a compiled, statically typed language in the tradition of Algol and C isn't that radical, especially one that eschewed generic programming, implicit type conversions, assertions, inheritance and pointer arithmetic. However, it has proved to be robust, highly-portable, simple to use, and productive to work with. Ed Elliott reckons that it is definitely worth checking it out. … Read more

The Common Problems of Data Grids

Data grids are easy to do in HTML, and if we want anything complicated in terms of scrolling, locking and data entry, we usually shrug and buy a component to do it. However, there is a lot to be said for the approach of creating tables using a basic JavaScript platform such as jQuery, perhaps using a plugin which you can then customise. Dino talks you through this approach, showing how to take the DataTables plugin and implement locked columns, on-demand paging and filtering.… Read more

User Acceptance Testing and the Application Lifecycle

User Acceptance Testing (UAT) is an important part of the development process. If carried out as early as possible and as regularly as possible, it not only alerts the development team to aspects that don't yet meet the requirements of the users, but also gives governance a better idea of progress. If UAT is delayed, defects become expensive and troublesome to fix. Sophia Segal gives an experienced summary view of UAT… Read more

Working with the BigInt Type in Node and SQL Server

Node.JS and SQL Server are a good match for creating non-blocking, event-driven database applications. Though you can use ODBC or JDBC to communicate between the two, it is possible to run such applications on platforms such as Azure, Linux, OSX and iOS by using Node together with the JavaScript TDS library called 'Tedious'. 'Tedious' is a mature product but it is still possible to get things wrong in converting SQL Server datatypes such as BigInt to native Javascript data. … Read more

Continuous Code Quality Inspection with SonarQube

There are many ways that static code analysis can help to speed software delivery. It can pick up, as a preliminary to check-in, errors and weaknesses in code that can happen incidentally to even the most experienced developer. It can give the team a measure of technical debt, and remove the obvious 'noise' from code before it is reviewed. Vishwas introduces a popular Code-quality inspection tool, SonarQube, and takes you through the basics of using it with C# and Java. … Read more

How you log in to Simple Talk has changed

We now use Redgate ID (RGID). If you already have an RGID, we’ll try to match it to your account. If not, we’ll create one for you and connect it.

This won’t sign you up to anything or add you to any mailing lists. You can see our full privacy policy here.


Simple Talk now uses Redgate ID

If you already have a Redgate ID (RGID), sign in using your existing RGID credentials. If not, you can create one on the next screen.

This won’t sign you up to anything or add you to any mailing lists. You can see our full privacy policy here.