Hell in Pseudo .NET, surrounding a nice big ball of ASP-Classic

Obviously not me, but the sentiment is there!

Have you ever started something and wished you’d thought about it a little bit more and started something else? A bit of foresight would be nice in these situations, to be able to know what was involved in the journey you were just about to embark on. In a way, its similar to buying a beat up old shell of a 70′s Corvette to restore to perfection, only not knowing that every part is either fanastically expensive, or just too rare, making parts of the project next to impossible. Well, not exactly, I’ve no idea whats involved with restoring an old Corvette, so I’m not really in my right to comment on it.

Anyway, this is how I’ve been feeling about my new contract recently, it was advertised as an ASP.NET (C#) 2.0 position. Just my area, work I’m used to, and I really wanted to get into a Position where I’d be doing some high level stuff thats been a bit more challenging that work I’ve bee doing of late.

It’s not exactly what I expected, my predecessor seemed to know his stuff (to an extent), and the application as it stood was solid and error free, but that’s about it. Things I’ve discovered so far:

  • The only thing .NET about this application is its server side code is written in C#, apart from the code itself all pages are written ASP-classic style:
    • embedded <% %> tags strewn all throughout the code in true ASP spaghetti styles
    • no concept of viewstate, postbacks, code-behind and not a single ASP.NET control was used (I know, Gridviews are the scorn of the devil, but I miss Controls, Masterpages, Repeaters, etc etc)
    • extremely mediocre classes with no concept of code reuse (A quite well written SQL wrapper class, the only problem is its been repeated about 20 times on different pages). (App_Code, anyone?!?!)
    • Not to mention, is missing out on all the nice things that I’ve grown so accustomed to, that were mainly available in ASP time too like Sessions, Caching, Compression, Collections, etc..
  • And various problems with security. I’ve been doing this for a fair while now, and in the web world I think (what I understand is a common thought) security is imperative. Joe (we’ll call him that), must have had no concept of SQL injection at all as there’s no use of parameters, or even simple string escaping and type checking.

So anyway, it seems I’ve got quite a job ahead of me to get this project up and web ready (secure) by August. Heave Ho!!!

This entry was posted on Thursday, June 28th, 2007 at 8:24 pm and is filed under .NET, Online. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

blog comments powered by Disqus