Programming

Jun 6 2008

Philippe’s Law

In a 1992 keynote speech at COMDEX , Philippe Kahn gave a formula on software development productivity which he called Philippe’s Law. The law states that the productivity of a software developer in a team of N people is diminished by dividing it by the cube root of N. In other words,

This is very much in line with the old saying of “too many cooks spoiling the broth”. You can do more with a small group of skilled engineers than a large group of moderately talented ones.

Hire good staff and treat them them well, and they will produce award winning applications.

By Johan • Programming • 0

May 24 2008

Hidden Visual Studio 2005 Image Library

There is a large library of image files hidden within Visual Studio 2005. There are about 1400 animations, bitmaps, and icons that you can use in your applications. The animations include an .avi and a corresponding animated .gif. Every folder of images has an HTML file that lists every file in that folder and a recommendation with what they can be used for.

The image library will save you a great deal of time in searching for icons to use as buttons in your applications, and animated sequences for copying files.

If you installed Visual Studio in the default location, the library can be found at

C:\Program Files\Microsoft Visual Studio 8\Common7\VS2005ImageLibrary

In this folder you’ll find VS2005ImageLibrary.zip which will uncompress to the 3 folders containing the image library.

By Johan • Programming • 0

Apr 24 2008

The Dangers of Assumptions in Software Development

I recently created an ASP.NET application for receiving online orders for a printing company. The web form would collect information about the company placing the order, instructions for how the job will be printed and completed (binding, etc.), delivery information, due time, and the type of file(s) that will be uploaded.

Uploads with a Progress Bar

The file uploads use NeatUpload by Brettle Development. These are open source controls which give a progress bar for uploading files and also allow multiple files for upload. Brettle’s tools rival commercial ones that cost hundreds of dollars and are highly customizable.

The entire project seemed very simple and straightforward. A work order is produced in XFDF format which populates a pre-made PDF document. An XML file containing all of the information from the work order is created for upload into a job management application that is currently being developed for the company.

Murphy’s Law in Full Effect

The work order and uploaded files were saved in a folder where the name was based on date, time, and a three digit number (the folder name is also used as the work order number). This produced a large string which seemed highly unlikely to create conflicts. If two orders were placed at the same time, there would be a 1 in 1000 chance of a collision. This was considered a highly unlikely occurrence so it was decided that I shouldn’t spend the time in writing code for collision avoidance, i.e. preventing a second work order trying to write to an existing folder of another work order.

I completed the code, uploaded it to the server, and it went live. Within a few hours, the impossible happened. Two orders were placed at the same time and they generated the same work order number. The end result was the second order overwrote the previous order’s files, except for the uploaded files.

Never Assume

This event caused great confusion. The first customer had to be contacted in order to place their order again. Fortunately, e-mail confirmations for every order is sent to the printer’s preflight department which is why they were able to discover the problem.

In order to prevent similar events from occurring in the future, I wrote code to prevent folder name collisions. It only took about 10 minutes to write and all that it does is checks if the order number generated matches an existing folder. If it does, then a new order number is generated.

A very simple solution.

What was learned here? Never make assumptions. Just because an event is highly unlikely to occur doesn’t means that its impossible. Someone wins a lottery despite the overwhelming odds against them. You really need to seriously look at the probability of a collision occurring. If its astronomically high, then it probably won’t be necessary to write collision avoidance code. Of course, you need to take into consideration what would happen if a collision did occur. If the outcome was serious, then it should be prevented with proper safeguards. I would say that a customer losing the work order can be considered a serious problem.

Its always important to put your customer first and place yourselves in their shoes. After all, your code is supposed to make their jobs easier and more efficient. Good code brings customer confidence and more work from them and their referrals.

By Johan • Programming • 0

Apr 12 2008

Tips from a Billionaire for New Programmers

Interviewer:

Is studying computer science the best way to prepare to be a programmer?

Bill Gates:

No, the best way to prepare is to write programs, and to study great       
programs that other people have written. In my case, I went to
the garbage cans at the Computer Science Center and I fished
out listings of their operating system.

By Johan • Programming • 0

Jan 30 2008

Using Deprecated Code in PHP 5

If you don’t have the time or inclination to update your PHP4 code to PHP5, you can get the deprecated functions to work properly (especially the authentication code) by creating an .htaccess file and dropping it in the folder where your apps reside.

The .htaccess file should contain the following code:

php_flag register_globals on
php_flag register_long_arrays on

What this means is the following.

register_globals

When this is set on, any variables that you pass to a web page through a URL (i.e. www.website.com?var=123) or post data, or a cookie will be set as a global variable in the PHP script.

The php.net site states that “when on, register_globals will inject your scripts with all sorts of variables, like request variables from HTML forms. This coupled with the fact that PHP doesn’t require variable initialization means writing insecure code is that much easier.”

This is not a secure way to write software and the functionality was deprecated starting in PHP 4.2.0. The code needs to be replaced using $_GET, $_POST, $_COOKIE, or $_REQUEST.

register_long_arrays

This is another bad way of writing PHP code and also deprecated by the PHP team. To quote php.net again, this “tells PHP whether or not to register the deprecated long $HTTP_*_VARS type predefined variables. When On (default), long predefined PHP variables like $HTTP_GET_VARS will be defined. If you’re not using them, it’s recommended to turn them off, for performance reasons. Instead, use the superglobal arrays, like $_GET.”

You need to fix your code by using $_GET, $_SERVER, etc. as opposed to HTTP_GET_VARS, $HTTP_SERVER_VARS, etc.

By Johan • Programming • 0