Using Data with ASP.Net - 10 of my 'Best Practices'
It can hardly be said that any serious programmer has had to deal with database programming at least some time in their careers. So it would be logical then to make sure your code to these underlying databases are as efficient as possible. Hopefully I will share some of the best practices I have learned in dealing with ADO.Net programming. These techniques were learned from a variety of sources, many of them I cannot remember sorry but are public Internet sources. Hopefully you will find them equally as useful as I do.
Best Practice #1
Always use built in .Net data providers.
The built in .Net data providers allow you to take advantage of both the .Net framework and the full power of the database.
Best Practice #2
Always use a config file to store your connection strings. Also it might be a good idea to encrypt these connection strings especially if stored in a dubious location.
It is always best to store data that might change in a location outside of your application where you can easily update the connection strings. Also encrypting the connection strings is always a good idea from a security standpoint.
Best Practice #3
Prefer to use the sorting methods on the SQL Server such as the ORDER BY, HAVING and GROUP BY statements.
By performing the sorting on the server side as opposed to the client side you save time because the server can perform the work faster.
Best Practice #4
You should always try to limit the number of rows in a resultset. This can be performed typically by using the TOP keyword or other similar methods.
By limiting the amount of information you send through the wire you make the application seem faster.
Best Practice #5
It is always best to use CommandBehavior.CloseConnection when you use the ExecuteReader method of a Command object.
This allows for better connection pooling as the connections that are opened are returned quickly.
Best Practice #6
It is always best to cancel before closing a DataReader object if you are finished reading any more rows.
The close method of the DataReader class continues to read all remaining rows before it finally closes the object. This is a wasteful use of resources.
Best Practice #7
It is always best to use a parameterized command (usually a stored procedure) over dynamic SQL queries.
This will improve performance and reduce the chance SQL injection attack while also making your code much more easier to maintain.
Best Practice #8
It is always best to implement some sort of resultset pagination when dealing with results of 50 or more rows.
Although not an easy task in most cases using this technique you can increase performance on both your server database and your client application as less overhead and network traffic is taking place at any one time.
Best Practice #9
It is usually best to implement a timestamp field against all rows – I usually have ‘creationdate’ and ‘lastupdate’ fields.
This will allow you to detect when the database has been updated, and makes it much easier to check your code is interacting with the data source correctly.
Best Practice #10
Don't return data via ordinals e.g SELECT *
Although a SELECT * may be the quickest way of coding it is certainly the slowest way of returning all the columns - and how often do you actually use all the columns? Specify the columns you are selecting.
A Nice Collection
I like these tips, and also agree with Phil's vote for the using block statement. A nice invention, that.
I especially like your #3, but would vote in favor of generalizing it a bit: let the database do what the database is good at.
Thanks for posting! Hope to see more, Chris.
Best,
Dan
Best Practice #6
The close method of the DataReader class continues to read all remaining rows before it finally
closes the object.
Are you sure? I thought reading was done only with the Read() method.
Using Close or Cancel
Dino Esposito in Programming ASP.NET 2.0 also echoes the author's suggestion about canceling rather than just closing. While Dino doesn't say the remaining records are read before the close occurs, he does say that resources become available much more quickly by using the suggestion.
Best Practice #10
To answer "and how often do you actually use all the columns?"
I would say those who uses Business Objects with a N Tier Model selects all the columns and fills the Business Object a lot.
But do they?
I understand where you are coming from on this, but do you include columns such as 'DateCreated' and 'LastModified' in your business DTO's?
Chris Gaskell, .NET & Web development Enthusiast
Problem with Best Practice #7
Dynamic SQL queries implemented as parameterized commands improve performance (supposedly better than a stored procedure, but there is some of debate about that) and reduce the chance SQL injection attack (because it is parameterized) while also making your code much more easier to maintain (when done through an OR-Mapper or like technique). It is the static SQL queries (tends to be very common) that suffer these kinds of problems.
Apologies
It seems my definition of a dynamic SQL query hasn't come across as I intended. Please see my example of a dynamic query below (I think you will find this matches your descripiton of a static query)
sql = @"SELECT Col1, Col2 FROM table WHERE id=" + id;
Thanks,
Chris Gaskell, .NET & Web development Enthusiast
Limit numbers of SQL Queries
Great list - I would add the following to it:
Create a limited number of SQL queries and store them in a common file, rather than letting them appear all over your code.
You might want to change your database later. This can cause problems if you are trying to find everything that may be affected by a change in your schema. If you store every SQL query in a common file, and limit the numbers of these, there will be less to change and less risk of your missing something important.
Caching....
If you can cache it then do it. Common lists (Treeview data, Combo Box Selections etc... ). If it doesn't change that often then Cache it on first retrieval (Or lazy load) then use that cache. DB round trips are slow, so if you can stick it away in memory somewhere then do it.
Thats my 2 cents worth anyway.
If you can cache it think first
See my post "Caching Considered Harmful."
Storing data in database
Hai,
I did a website in that if i post some information in 2 seperate line, during i view the post it display in single line. Am did this in asp and acess database.
Can you sugges me about this problem.
Best Practices
With regard number 5, I'd go one step further.
Ensure you utilise the using statments.
Using Conn As New SqlConnection()
using (SqlConnection Conn = new SqlConnection())
This will ensure the cleanup of all resources.