Jul 29

In The Absence Of Mind!

Will my opinion make a difference to you? Are you listening to me or are you just hearing what I say? Becareful ; what you’re about to read is a thread of irrational thoughts about a reality that is more unlikely than fiction.

You can’t control what you hear even in your sleep. You have lids to shut down your eyes, and other mechanisms to shut down all other senses except hearing that can even wake you up unwillingly. That’s why it’s sensible to have hearing filtered at the brain level. You choose when to listen and pay attention and when to throw back the sounds as noise and cancel them.

To my amazement; I’ve found that we developed such filtering for other senses as well. I’ve seen people choose what to make out of a picture or a video when they see it. Two people would make radically different deductions even when they’re exposed to the same stimulus of either something to read or to see. This is when you know that they come without will nor the desire for truth. They’ve already made up their minds and are just looking for something to make them feel better about it.

I’m currently living the biggest mass psychology experiment in the history of mankind; unfortunately not for the first time. One might understand when people are deceived about the truth, but when you see them willingly giving their free will to think and have an opinion, this is when you wonder; why have they chosen to be deceived.

It’s well known in psychology that people make decisions and judgments based on emotional arguments and then seek out rational arguments to justify their calls. Nonetheless I always believed there is a place for ration to change what one have emotionally settled upon. I’ve always believed that there is a chance to show the truth. I just found out; this is not true. People choose their version of the truth, and it’s all about making themselves feel good about themselves.

A wise man once said in ancient times “My opinion is right with a chance it would be wrong, and my adversary’s opinion is wrong with a chance it would be right”. Not these days; any more! It has always been know that history is written by the victor, and the victor is the guy who is swinging the bigger stick! Again I would understand when people are forced into saying they believe in something while they don’t, but what I can’t digest is what I see of people freely giving up their freedom and buying a false truth others are spoon-feeding them. It’s mass brainwash!

What hurts most is when you see both sides of the truth, and you’re almost alone in this. I no longer believe we’re an intelligent species. We freely choose to lose our freedom.

I’m sorry, but I think I’ve just lost a great chunk of my belief in mankind!

Jun 01

Back to Blog

It has been a year since I ever blogged about anything. Every day I promised myself to go back to blogging, but I’m not the type of guy who would just type their thoughts or feelings. I also preferred to keep this blog technical but it looks like it’s not working! I had a lot of things to share the last year still I lost it because I hesitated to write a post about it, and of course I can’t squeeze it into 140 character tweet. Every day I thought I was too busy to blog again.

When I sat down and thought about few tings that I can share on my blog I wrote down 5 topics titles in a minute! The moral of this short post is don’t waste time and hesitate. I open my OneNote (Use your preferred note taking app) and type few words at a time. Trace your thoughts line to its end and don’t come up with anything. Once you get to the end of your current thought just switch back to whatever you’re doing. Every now and then whenever you have an idea about the topic you want to blog about, just write them down. Keep adding until at the end you’d do what software developers would; re-factor.

The idea is not to fill your blog with posts. I take it more of leaving a legacy. I tried to leave a legacy many time, like I was an active participant in CodeProject community until came time I was very busy to even reply to message sent to me. I lost good friends their and couldn’t go back. It’s sad. Don’t make my mistake. Plant a seed and water it. Watch it grow; it’s your legacy.

Jun 19

Quick Sign-In Forms and Why They’re EVIL

Almost everyone now signs to about 4-5 different websites if not much more every day. That’s why most site makers have made a small form probably in the main page where you can quickly sign in to their service without having to go to a separate page for sign on only. An example is like the image below of the home page of Twitter. This would probably save you a step, but may be a huge security vulnerability. In this post I’m taking Twitter here as an example of good security practice in comparison to other sites that would implement this feature wrong and hence pose a security risk for users.

The browser shows whether or not your connected in a secure encrypted state -designated by HTTPS prefixing the URL in the address bar to the top-; for example below is an example of non secure HTTP connection Vs. secure HTTPS connection to twitter using Google Chrome browser.

In most browsers you don’t see the HTTP prefix anymore. The problem arises when the users assumes a secure connection when they see the username / password fields. So, what happens when you sign in to a site while connecting in HTTP mode; you simply send your username and password over the internet in plain readable text. Simply anyone in between can read them -like Hotel routers, company network, public hot spot, etc…-. That’s HUGE risk that your password can easily be sniffed.

So, are big sites like Twitter unaware of this? Of course not. Even when you open Twitter in HTTP, this particular part of the page is sent encrypted. You can see that if you view the page’s source

So the form posts via HTTPS which is good. Now even if you open Twitter as http://www.twitter.com your username and password are safe. The problem lies when the site creator would simply post the form back using the same protocol. Believe me, this is more common than you imaging and I’ve seen this in many popular site.

To get around this quickly and without the headache of checking the page’s source for each site; when you see a quick sign in form in a page that’s not on a secure connection, simply input your username with a blank password. This usually redirects you to another page dedicated for sign in which is usually on HTTPS. If it doesn’t; you might try to explicitly insert HTTP before the name of the site in the address bar.

If the site doesn’t connect after you add HTTPS to it’s URL, or shows you an error message; get out of there.

May 07

How to Edit Any .NET Program If You Don’t Have The Source Code

Background

In this article we discuss the ultimate edge in .NET reverse engineering. How can you easily edit / update / modify any .NET assembly (that’s the exe or dll file) when you don’t have the source code for that; all you need is the file itself. In this article I’ll start with a WinForms sample to keep things simple and because probably it’s old unsupported software that you’d want to reverse engineer and tweak. Then for the sake of completeness I’ll show a small WPF sample for comparison. Console applications and Class Libraries are much more easier to modify since they usually only have code files, and few other embedded files which can be easily edited externally as will be shown below..

The idea of this article started when my brother asked me to modify a program that he purchased but was no longer supported by its company. So I’m stuck in the task of repairing an old buggy software that I don’t even have the source code for.

I started looking on the internet and of course my first resource was the famous Red Gate .NET Reflector. One problem with it was that it could only show you the code but you can’t modify it, so I had to look further for an add in that would do the job for me. All the sources out there but when I got the job done I thought of putting together an article for those who might want to follow a step by step guide to get them started. My original task was to modify an embedded Crystal Report inside the exe. So I had to save it externally in a file then modify it using Crystal Reports Designer, and finally put it back in. This was completely a piece of cake using the tools discussed in this article.

Disclaimer

Do not use knowledge in this article to do crack, hack or otherwise do any illegal activities. This article is for educational purposes only and you alone are held responsible for what you’ll do with this knowledge. This article assumes that the reader at least is an intermediate developer in C#/VB .NET with some experience. A good knowledge of MSIL is a plus but not required since you’ll be editing the code directly in C#/VB.NET depending on the language you choose in Reflector. All code samples here are in C# though.

Tools

Like I mentioned we’ll be using mainly reflector, but also there are a couple of other handy tools and add ins on the way:

  1. Reflector, which unfortunately was free, but Red Gate decided to discontinue the free version -last one was 6.8- and made a new version 7 that you have to buy. Fortunately if you still have the last free version you’re allowed to use it and upgrade up to version 6.8 but if you’re a fresh customer they simply say -buzz off!!!-. Here is a great article on how to obtain a fresh new 6.8 free version of Reflector. If this doesn’t work anymore for some reason you’ll just have to search on the internet I’m sure someone shared it somewhere.
  1. Some Reflector Add-ins that will enhance the performance of this magnificent tool and allow us to actually edit in the .NET assemblies. I’ve listed more add-ins than I actually used in this article as a bonus :) -
    1. Reflexil: This is the most important one that allows you to edit in the MSIL and insert new statements, then save the patched file.
    1. CodeSearch: Neat add-in that allows you to search through the code
    1. FileGenerator: Allows you to dump all the code of the assembly into files.
    1. Deblector: Allows you to actually debug the assembly but instead of seeing MSIL you can relate that to the actual source code
  1. Other tools I used beside Reflector and its add-ins:
    1. ObjectSpy: Spy++ sucks in .NET. This handy tool actually does a marvelous job -but only in WinForms. It doesn’t work in WPF as far as I know-. When you use it it gives you the visual tree of objects and you can easily know the names of the controls on the current screen
    1. Resourcer: Handy tool to edit .resources files that you can’t edit even in Visual Studio!! Other Win32 resource tools -like Resource Hacker- won’t be able to edit .NET resources files.

The Sample

I’ve prepared a very simple application. One form with two text boxes and a button. When you click the button it shows the values in the text boxes in a message.  The task is to modify it to do the following:

  1.  Validation: If the textboxes are empty a different message.
  2. Modify user interface: Add two labels to the left of each text box.
  3. Change the title /caption of the form by modifying the resources files

Steps

So to start we open it in Reflector. Right click on the assembly’s name and select Export. This will export the files in the assembly and format them as a C# project ready to be opened in visual studio.

When you open the project in Visual Studio you might be prompted to upgrade the project. Don’t worry, this is normal. Just click finish and have your project upgraded. There shouldn’t be any errors, but you’ll notice that your project structure is of course a bit different than the standard project tree you might be used to.

Running the solution works right out of the box, but opening the form in designer mode didn’t work initially. All I had to do was to modify the code in this line from

To

Silly isn’t it?! Anyway, now the designer works perfectly and we have our project with its source ready to be modified easily. To accomplish our tasks:

 

  1. Modify Form1.cs button click handler to look like this:

  1. Open the form in designer mode and add your labels. Notice that after editing in design mode an resx file will be created, but you’ll have to delete it since your resources are already in Disassemblee.Form1.resources file. You’ll have to delete on of them.
  2. Open the resources file (Disassemblee.Properties.Resources.resources) in Resourcer and change the value like the screenshot, then save the file

Finally build the project and the output should look like this

Now you can see the labels, the new caption and the validation message. Sweet!

WPF

The WPF application was quite different. After exporting the files all references were missing from the file and the project structure is of course different from what you’d expect in a WPF solution. If you build the solution right away you’ll have some errors, so you have to add the references highlighted in red in the following screenshot. After that you add missing using statements in your code files and it should run smoothly.

So where did the XAML go? After compiling your project XAML is actually converted to BAML -Microsoft and its acronyms, eh?!- which is Binary Application Markup Language-. It’s stored in the resource file WPFDisassemblee.g.resources. Using Resourcer here won’t be of much help instead, in Reflector you can Save this file by right clicking on it and selecting Save As. The problem is that BAML is in binary and currently I don’t know if there is an editor / converter available for it. if I find anything I’ll update this section with it.

Conclusion

This was just a quick sample of what you can do with Reflector with its add-ins, along with Resourcer and ObjectSpy. I haven’t used ObjectSpy but I strongly encourage you to play with it and see what it can show you. Its main use is to identify the visual structure so that if you’re in a big solution or perhaps you didn’t get the chance to full export it to Visual Studio for some reason you can quickly identify the spot where you want to modify using ObjectSpy, then in reflector you can always edit the code in MSIL using reflexil as shown in the screenshot

Once you finish right click on the assembly and choose Reflexil, then Save as

To export an embedded file  like a resources file or an embedded report as in my case, just click on it and open Reflexil. There are two options for save as and open from file. Simply save it to a file, edit it and then load the modified version.

P.S.

Since you have the will to read past the conclusion I’ll give you a bonus. It’s very beneficial for you to try to look at how the compiler optimizes your code after compiling your solution. For example The original code for the btnShow_Click event was like this

But only this got past the compile since the rest is rubbish

Unused variables and useless condition were completely ripped off. Nice!

Final Thought

If it’s in .NET, it’s almost always open source ;) Obfuscation is an option, but I believe its reliability is questionable.

Jan 08

Sticking To The Old Ways

The Principle!

For years I’ve been known among my colleagues by slaughtering those who don’t update their skills to the latest available. I’ve been arguing with friends on moving on to WCF from web services, ASP.NET MVC from WebForms, WPF from Winforms, etc… All this since I’m mainly a Microsoft developer. Strangely I fell recently into a deep predicament myself where I found myself right in the same corner where I attack my victims.

I also was holding high the principle of reading, reading and more reading as a learning method. I always consider video tutorials as an appetizer, or a starter kit. With all do respect to the pioneers who invest a very hard effort in preparing wonderful video tutorials to new technologies, they’re indispensable, but also -in my opinion- not enough. You must go beyond the phase of observing and watching to the phase of reading and practicing before you say you’ve mastered a tool.

The pitfall

Recently, I had a requirement to make a simple database driven Windows based application, and since I’m currently focusing on the web and a more abstract form of system analysis and design; I didn’t have the time to dive deep into WPF. So I found myself in need of finishing the software within 4 weeks and only in my spare time. So, I rolled up my sleeves and starting digging for videos to get e started quickly in DB driven WPF applications, and I found that the design pattern the would suit me most is the MVVM -Why in God’s name wouldn’t they just name it MVC!!-. Anyway I was overwhelmed with the extra amount of work and code I had to tolerate just to gain -maintainability and best practice compliance-.

Going even further I decided to read a 200 pages book about MVVM. For the life of me I felt like a child lost in the woods! Even though the very close similarities between MVVM and the web’s MVC concept -and generally the concept of n-tier design regardless of how many tiers and how you name them-; it was the bizarre WPF binding syntax that I never had the stomach for, and the intricacies of binding the Data Entity Framework into the bundle!! Sheesh. Well I know some people will crucify my for this, and perhaps argue of how easy it’s, and here is the point of my post.

Was I too lazy to truly invest time and effort in learning a new technology? Am I getting too old for this? I’ve always hated and criticized the drag-drop development concept and suddenly I find my self going way back to Typed datasets in Winforms and finishing the project in no time -with good results I hope-. My argument is what would WPF/MVVM combination give me more than what WinForms/Typed Dataset did already? I know that this is the future and we need to go this way, but just take a look at the introductory article for MVVM on MSDN? We make new technologies to make our life more productive, more efficient and yes; easier! Yes I’m willing to waste time in learning it, but at its current state what would WPF/MVVM save me in terms of time and effort with all the extra code I have to write and maintain.

On the very contrast; when I moved from WebForms to ASP.NET MVC -especially razor view engine-; I noticed that we’re giving away the concept of drag your controls from the toolbox and customize; into the concept of true development. You had to write way much more code and be involved way much more in your HTML and Javascript but immediately it made sense! I fell in love with it just by hearing the notion. I don’t know why this harmony is completely missing in WPF/MVVM.

The Verdict

In my opinion WPF is great technology for designing magnificent UI for Windows -with all the thrilling Metro style apps and all-, but to make a DB driven application, and quickly; I don’t think so. In the web MVC you have to write more code for a reason, you need to get involved with HTML markup for a very good reason, but why can’t the designer help me with the binding in WPF like it did in WinForms/Datasets? I lived hell when I tried to use MS Ajax Control Toolkit with the UpdatePanel, and I was willing to give up anything to avoid that agony in developing interactive web apps, but Winforms DB driven apps were just fine? Why can’t we get the grace of the WPF UI with the power of Data Entity Framework, while we maintain the easiness and simplicity of how we designed DB driven apps in the Winforms era?

So I spent some time designing the database itself on SQL server, trying to grasp the new concept and decided where to go; but I admit; I failed in taking the step and making it WPF/MVVM. So I decided to go the Winforms way. In the way I tried to use a component to bind Winforms to Data Entities instead of Typed datasets, but it didn’t work. Since it has been a long time since I did anything using Winforms it took me some time before it came back to me, but once it did it was like riding a bike; It took very little time to design the UI. In the project I needed an image annotation control. I thought that many controls would have been open source and free by now already, but to my surprise it was the contrary. Hardly I found a good one which was open source and I had to modify it to fit my needs. When I searched the other way in WPF I got many free open source controls for annotations with more than just text annotations! I even though I could host them in a WPF interoperability host inside my form, but things didn’t go well.

A nice thing in dealing with old technologies -apart from the availability of controls- is that any problem you may face have been killed in search and almost for certain you’ll find someone who found a solution or two for it. One small issue that faced me was that when I cleared the input of a text box bound to a numeric value it wouldn’t accept that as a null, because Microsoft wouldn’t add a missing parameter in the Bindings.Add method call for the null value. This implied that I had to modify the Designer.Cs file myself and certainly I wouldn’t do that since all my changes will be gone with the wind when I regenerate the file. So, I simply wrote a recursive function to loop over all my controls and add a null value for the Text property binding

Conclusion

Upgrading tools and technologies is non questionable manner. The issue is that when we design/embrace a new technology or tool we need to consider and weigh the pros and cons. In my experience -and to my surprise- and perhaps in my particular scenario -small scale, low budget Windows based DB driven application with no need for fancy UI- I found that the old school WinForms/Typed dataset was way better for me than WPF/MVVM. Do you think I made the right decision? Do you think that spending more time in learning, developing in WPF/MVVM was worth it -at least to my small software-?

Oct 11

Securing Microsoft SQL Server for Shared Environment

One day I was administrating a SQL server that will host multiple DBs for multiple clients. The thing is that SQL server by default allows any user to see names of other databases in SQL Management Studio (SSMS) even if he/she doesn’t have access to. This was unacceptable to me.

I searched everywhere on a solution to this matter. Most people would suggest to simply remove the view databases permission from the public role:

This will simply means that if the user opens SSMS he won’t see any database, not even his own. Weird! Such situation doesn’t exist in MySQL or Oracle! Anyway I came up with a simple solution based on convention over configuration. I created a server trigger on the CREATE_LOGIN and CREATE_DATABASE events. The idea is simply to match the Database name to a user with the same name and set it as db_owner. This is the only way a user can see a database after the View Any Database permission has been revoked.

To sum up:

  • Run the above three scripts to revoke the view any database permission, and add the two triggers
  • When you add a database add a user with the same name, and automatically he’ll be assigned as owner
  • Vice versa. Meaning you can add the user first and then add a database with the same name and still he’ll be assigned as owner
  • Sysadmins are not affected by the above. You’ll still have full access to all databases.
  • Users will only see their databases in SSMS

Other users when given the permission will be able to execute queries against databases that they don’t own. The above solution is only to solve the problem of viewing databases names in SSMS for SQL servers in shared environment.

Sep 13

404 Error in WCF RESTful Services

Recently I’ve been developing a WCF RESTful service. The service included a method to download / upload some files to / and from a backend database. The UriTemplate was something like “/downloads/{filename}.txt”. I was surprised that when I try to download for example test.txt, I was hit by a 404 not found error. When debugging the method never even got hit.

I suddenly realized that when I browser to http://myserver/myservice.svc/downloads/test.txt, IIS actually tries to route the request to a physical file rather than routing the request to the service itself. This is what gives me a 404 error as there is not text file with that path. Thanks to this blog post I got the solution, and it was extremely simple. Just add this line to your Global.asax Application_Start method

Of course if you use another factory you should replace WebServiceHostFactory with yours, but this is the default. And that’s it! Any path requested under your service will be routed handled by your service class and not the IIS. A nice catch is that your service will be root. So to access the above method you won’t request http://myserver/myservice.svc/downloads/test.txt, but instead you’ll request http://myserver/downloads/test.txt. This could make a great confusion if you publish your service to a web application that contains other services or even web pages. To handle this, in the ServiceRoute constructor, instead of having the first parameter as an empty string add you desirable prefix. For example if we use

The request URL would be http://myserver/MyRESTService/downloads/test.txt, which will allow you to access other resources on the same server, and in most cases more aesthetic than having a .svc in your service address.So even if you don’t face the 404 issue I recommend adding this routing in your global.asax.

Sep 06

Dynamically modifying udcx connection files

In a previous post I discussed how to publish InfoPath forms with code behind as a feature in SharePoint 2010. This approached had another side issue to handle; How to save/read the data to/from SP list while you don’t know the URL of the site you’re deploying to. In my case all my InfoPath form were supposed to read from a REST service that I deploy in my feature package. My approach to solve this issue is

  • Create a Data Connections Library and deploy it in the feature.
  • Create a udcx file that is deployed by default to this library with no URL in the connection Info element.
  • Use the code in the event receiver to modify it dynamically based on the deployment URL.

So to get started:

  • Add new item, and choose list instance. The Elements.xml should like something like this
  • Now add a new module to the project. Its Elemnts.xml should be like this
  • The above code essentially tells SharePoint to deploy a file inside the module’s folder called DataService.udcx and fills out its properties -e.g. description, connection type, etc…- and point it to the DataConLibrary we created earlier.
  • Now add a new item to the module and choose it to be an XMl file. Rename it to DataService.udcx in the project explorer, then edit it and insert the following code
  • Great! Now we almost have everything in order. Now we’ll have a list, and a module that automatically deploys a udcx file to the list and populates its properties. Only one issue, the udcx points to a DataService.svc without specifying its full URL. To achieve this we have to add the following code to the event receiver

  • The above code essentially does the following
    • Get the connection file
    • Create a temp file and writes the default udcx file to it
    • modify the temp file and insert the url of the feature’s parent site -since this features scope is Site the parent is casted as SPSite- into the appropriate location -which is the SelectCommand/ConnectionInfo/Query XMl element-.
    • Finally write the temp file back to the original SPFile in the data connections library

And that’s just about it! This way you can deploy multiple udcx files that points only to the names of your lists, and at the time of deployment you can modify the url to be the absolute path to your service -or library or whatever you want to save/read the InfoPath data to/from-. In case you want the udcx file to save you’d have to update the query element inside the UpdateCommand element instead of the SelectElement. There are tons of articles and posts dealing with how to consume data connection files in InfoPath forms so I won’t bother talking about it.

There is an alternative approach and to be honest I don’t remember why I didn’t choose to venture this way as it’s been a long time since I was involved in this project. The alternate approach is to use FormsService.DataConnectionFiles.Add() method to add the data connection to Central Admin like we did with InfoPath forms in the last post. This way in InfoPath you can choose the data connection to be centrally managed.

This is the second shortcut I took in SharePoint. Got any comment, ideas, or even a better way to tackle this issue, I’d really love to hear about it.

Aug 25

How to REALLY deploy InfoPath 2010 forms with code behind as a SharePoint feature!

Introduction

It took me about 3 weeks in development hell till I figured it out. 3 posts in SharePoint official forums and tons of Googling and Binging; all weren’t enough. I almost thought it was not possible. Well, it’s possible alright! There is just one simple trick. All you have to do -in addition to the normal steps of deploying an InfoPath form without code in a feature- is to extract and publish the dll file in a specially formatted folder inside you feature’s folder.

I’ll try to keep this as simple as possible, and give you the conclusion I got to. There are a lot of intricacies that I can warn you about, but instead I’ll just give you the clean way I finally took, but first we need some background about the issue. If you’re already familiar with the matter, or just want the steps, skip the next section.

The Problem

SharePoint is heavily integrated with Office products like InfoPath. Unlike other Office products InfoPath documents -referred as forms- may or may not contain .NET code in them. Essentially a Form -the file with the xsn extension- is just a CAB package that contains several other files in them like the schema, fields, etc… When your form includes code the package also includes the compiled Dll file and here comes the problem. Deploying a form with no code behind is as simple as inheriting your feature receiver from XsnFeatureReceiver class. It handles just about anything, but when you form has code in it it must by administrator approved. This is done manually using the Central Admin, but if you’re deploying hundreds of forms to several sites? This is not practical. So you have to register the forms with Forms Services in your code, and since it’s the administrator who will activate the feature – it’s required to be activate as a farm solution not sandbox-, then implicitly you have the admin’s approval.

The Solution

  • Create your form in InfoPath, add the code you want normally.
    Sample InfoPath form
  • From the Ribbon choose the developer tab, open the code editor and add some code.
  • Save the code you’ve just added and close the code editor.
  • This step is important folks! Go to File => Publish => Publish the form to a network Location. I can’t stress enough that forgetting this step would ruin everything -even in publishing a form without code-. For the life of me I don’t know why.
  • More important; in the publishing wizard’s second step clear the text field that points to the public path of the file.Again don’t ask why. When a warning message box appears just press OK.
  • In the last step make sure that the security level is Domain, otherwise change that in the File => Form Options => Security and Trust
  • Create your SharePoint 2010 empty project in Visual Studio, and choose it to be deployed as farm solution.
  • Add a new feature to the solution with Site scope.
  • Add your mapped feature folder, then add a subfolder for your forms. Since your feature is not deployed yet you won’t have a Feature folder TemplatesFeatures SharePoint folder. A trick is to deploy your solution first and activate it then add the mapped folder. Your folder structure should look something like this
    Folder Structure
  • Finally, add a feature receiver and in the FeatureActivated event write the following code:
    N.B. In the following code most reference are available by default in the project so you just have to add the using statement, except for the FormsServiceclass you have to manually add reference to “C:Program FilesMicrosoft Office Servers14.0BinMicrosoft.Office.InfoPath.Server.dll”

The above code essentially does the following:

  1. Iterates on all the files in the InfoForms folder with the xsn extension
  2. Extract them into a uniquely identified temp folder
  3. Get the Form’s name from the Name attribute in the manifest
  4. If the form doesn’t exist in the target Forms Services, the form is uploaded and activated for the current site collection, Otherwise it’s just upgraded
  5. Finally it cleans up the temporary files and folders before closing
  6. Note that I gave a 30 seconds timeout on
  • Finally don’t forget to add clean up code that does the opposite by removing the forms from the site collection and Central Admin.

Now if you go to the Central admin => General Application Settings => Manage Form Templates you’ll find your form registered. Also if you go to http://YourSite/FormServerTemplates/Forms/All%20Forms.aspx You’ll find your form activated. Finally try opening it in the browser

Web InfoPath Form

Voila! I can’t even tell you how much pain I went through to get to this result. Now regardless whether you add new forms, delete forms or upgrade forms in the sub folder you specified, the event receiver will handle it for you. You can download a sample project and release package from here and here. I’ve added a sample submit list to illustrate how to submit this types of forms.

Aug 20

SharePoint shortcuts – Epilogue

SharePoint is a great platform. You get a zillion things done for you with a few lines of code and some XML. But all those feature come with a price tag. Developing in SharePoint sucks!!! Horrible debugging experience, insanely scarce documentation, weird coding syntax -e.g. loading the query then executing it, not to mention what to dispose and what not to dispose to name a few-, and a truck load of technologies you got to learn and use to make a descent application in SharePoint!

After my intense experience with SP few months ago, I came to realize a simple truth; For all of you web developers out there thinking we could kiss ASP .NET development good bye and migrate everything to SP and save a lot of effort; this is not going to happen and this is not what SP is all about… I agree that SP is becoming more of a development platform giving you the ability to develop a web application entirely inside of it, but the question is why? SP is not meant for every solution. Developing simple web applications with SP could turn out like driving your own bus!

My biggest problem in SP what what’s engraved inside every developer; automation. I went through hell to automate deployment of every aspect of my application to make it as a package that will be deployed by itself and… Well; you can do that, but in the process you’ll lose a piece of yourself. The other day I was envied by a fellow developer in a forum that I started developing in SP 2010 not in 2007 or the dreaded 2003 earlier versions… -sigh!- I know SP has come a long way and they’ve add a ton of cool features in the latest version – seriously -, but developing an application in SP is like walking in a minefield. I got a lot of things done quickly and spent weeks in a trivial matter to get it solved using a spell from Harry Potter novels; only to my bitterness find that doing it this way would ruin my application -like I’ll explain later when I discuss deploying Infopath forms with code behind in a feature-.

So I decided to make a series of posts and called them SharePoint Shortcuts. Perhaps these shortcuts in the vast minefield of SP would save another poor developer from a bang or two. In the end you have to choose carefully why you’d go for SharePoint as an application platform -especially with ASP MVC now in the market for those who hate the guts of Web forms like me!-. I chose SP for my latest web application because I needed extensibility, and because I thought developing in SP would save me a great deal of time, but it turned out everything is relative. The time I saved in some complex things -like the interface design, auditing, security, etc…- was wasted burning my brain cells to understand why some simple things just won’t work in SP. SP does save a great deal of time and give you a huge boost in your project but only when you put it in the right perspective.

I strongly advice any web developer to learn about SP if you don’t already know and if you already have SP background from an earlier version you should upgrade your knowledge. SP has a great potential and I predict that MS is going to stuff every good new technology into future versions of it. Just don’t rush into choosing it until you study the odds well -of course licensing is a big issue here; as you know the free SP foundation doesn’t have all the killer features of SP server like the forms services for example-. Also you must understand that you may -well, to be honest, must- suffer a great deal of frustration if you are to develop a full blown web application in SP. Mine was an Electronic Medical Record system.

P.S.
Just to emphasize; I’m not attacking SharePoint as a development platform, on the contrary I’m about to explain some of the tough tasks I faced so that others would save time using SharePoint for development. I’m not talking in this blog series about common ordinary tasks nor about SP features as those could be found in a lot of places over the internet. These articles I’m about to post are based on my personal experience and opinion. If you have any update / suggestion / comment your contribution is most welcomed.