luni, 16 februarie 2009

Sharepoint ISO Week Number

Finding the week number for a date in Sharepoint cand be a real pain in the ass. The Internet provides some solutions, but they don't adhere to the ISO standard concerning week numbers:
 - weeks start on monday
 - the first week of the year is the one containing the fist Thursday of the year

The starting point for the formula below can be found here. It's pretty complex, and I suggest that first you should build some helper calculated functions for the most used values: day of week (DOW) of the current date, DOW of the first day of the current year, current day/month/year.

And here it is (replace "the_date" with the name of your date column):

           5 < WEEKDAY(DATE(YEAR([the_date]),1,1)), 
           WEEKDAY(DATE(YEAR([the_date]),1,1)) < 9 - (DAY([the_date])-1)),
      (IF(WEEKDAY(DATE(YEAR([the_date]),1,1)) < 6,1,0)) + 
      44 +
      (59+WEEKDAY(DATE(YEAR([the_date])-1,1,1))-WEEKDAY(DATE(YEAR([the_date]),1,1)))*9 / 64,
            30-(DAY([the_date])-1) < WEEKDAY(DATE(YEAR([the_date])+1, 1, 1)) - 2,
            WEEKDAY(DATE(YEAR([the_date])+1,1,1)) < 5),
         (IF(WEEKDAY(DATE(YEAR([the_date]),1,1)) < 6,1,0)) +
         4*(MONTH([the_date])-1) +

... I know, it's horrible... if you have time, make it pretty...

Stumble Upon Toolbar

luni, 12 ianuarie 2009

Death to the ORMs

“Necessary evil” is just an excuse for incompetence in finding a solution for a hard problem. There is a long history of applications that didn’t require the user to rewrite the database schema in order to access the data: xBase, MS Access, SSMS, LINQPad. I can’t stand the nonsense surrounding the so called solutions for accessing data from a database, not counting the religious wars on what’s the best ORM. They’re all crap.

Most programming languages, especially the OO breed, are not adapted to data manipulation as good as the plain old SQL. Microsoft made some progress on this front with LINQ and the Entity framework. But that’s not enough, and it has a fundamental flow: it should have been started as a “Set-Based”, not “Entity” framework.

So, a decent set of requirements that an acceptable development platform for enterprise data applications should provide to its users is:

  • set based data access
  • standard GUI toolkit, geared towards data manipulation (NOT web based)
  • standard business logic specifications
  • database based security

Subject for the next post: how crappy are web based data applications.

Stumble Upon Toolbar

vineri, 5 decembrie 2008

Thoughts on Software Security

Here's something that grinds my gears:
You still use bla bla bla Internet Navigator v13.2.256.2?!  Don't you know that it's full of security holes? You should usee YYY Firedog 2012 because it's secure and hip, and soon everybody will be using it!
From my experience there are no perfect software programs, from the security perspective. The only thing that matters is the number of exploited security holes. And that number tends to be directly proportional to the popularity|number of users and number of functionalities of the software application.

Or worse. My theory is that the users of public software applications (meaning software meant for the masses, not for X company's HR department), with small user bases, tend to be more technically savvy. As the number of users grows, due to the increassing popularity of that software, the average naivety level tends to go up. This is the first step when things start to go bad, because the easiest security exploits rely on user ignorance.

The second step occurs when the application suffers a surge of new functionalities. This usually happens when it starts supporting some form of plugins or automation, because this greatly increasese the area exposed by that application to the world: longer borders=>more border patrols are needed.

So there is no real security comparison between two software applications, unless they have comparable user bases, have been available for the same period of time and support roughly the same major functions.

My conclusion is this: educate the user! Software doesn't need to be foolproof. Time spent on dumbing down the user interface (and I don't reffer here only to the GUI, but the whole end user experince) can be better employed on improving its functionalities.

Help the user make informed decisions. Even if this means saying "Pushing this button exposes you to the following risks: money loss, health loss, pride loss, etc.". Software applications should not follow the marketing propaganda of consumerism. In a medium where information is a de facto currency, there are better ways to advocate the use of your software. Make a commitment to inform the users what are the strong and week points of your application, when it can and when it shouldn't be used.

Stumble Upon Toolbar

marți, 2 decembrie 2008

Thoughts on Programming Languages

1. Use declarative code for the UI (XAML, HTML)
2. OO code for infrastructure (data access, etc...)
3. Functional programming for logic implementation and data manipulation
4. Python has one of the nicest syntaxes of all programming languages
5. F# could have gotten a better syntax, even if it had broke OCAML compatibility.
6. Identation for code block delimitation rocks! I wish C# would have something like that... that might be an interesting idea: a precompiler for C# that just wraps indented blocks in curly braces.

Stumble Upon Toolbar

vineri, 28 noiembrie 2008

Running Linux Apps Seamlessly Insinde Windows for 100EUROS or Less

  1. Get a license and install windows (XP/2003/Vista): blah, blah, blah, next, next, finish ... ~100E for Vista Home Premium
  2. Download & install Virtual Box: blah, blah, blah, next, next, finish ... 0E
  3. Download & install Ubuntu (latest): blah, blah, blah, next, next, finish ... 0E
  4. Press <Host key> + L ... priceless


PS: this post was written with Google Docs on Firefox running on Ubuntu linux running on Microsoft Windows 2003.
PPS: only one operating system was restarted during the creation of this post.
Stumble Upon Toolbar

miercuri, 19 noiembrie 2008

sâmbătă, 18 octombrie 2008

Python can do:

Connect to an MS SQL database with integrated security (sample from a TurboGears aplication, using SQL Alchemy + Elixir + pyodbc):
sqlalchemy.dburi="mssql://<server name|named instance>/<database name>?sspi=true"

Next step: run TurboGears behind IIS in order to use Integrated Windows Security.
Even further: investigate if IronPython fits somewhere.

Stumble Upon Toolbar