6:["$","$11",null,{"fallback":null,"children":["$","div",null,{"className":"bg-default","children":["$","section",null,{"className":"mx-auto max-w-screen-xl sm:p-8 sm:pt-0","children":["$","$L19",null,{"categoryQueryProps":{"data":{"category":{"title":"Rules to Better Connection Strings","body":{"type":"root","children":[{"type":"p","children":[{"type":"text","text":"Managing connection strings effectively in software development is vital for several key reasons. Firstly, it significantly enhances security; connection strings often contain sensitive data, such as usernames and passwords, which need to be protected from unauthorized access. By properly managing these strings, developers can ensure that this critical information is secured and not inadvertently exposed, especially in source code repositories."}]},{"type":"p","children":[{"type":"text","text":"$1a"}]}]},"uri":"rules-to-better-connection-strings","index":[{"rule":{"guid":"27abe1ac-b34a-4ea7-94e5-a3cd5ba5e10b","uri":"how-to-make-connection-strings-in-different-environment","title":"Do you know how to make connection strings among different environment?","body":{"type":"root","children":[{"type":"mdxJsxFlowElement","name":"introEmbed","children":[{"type":"text","text":""}],"props":{"body":{"type":"root","children":[{"type":"p","children":[{"type":"text","text":"Different data sources provide different connection strings, for example, the connection string for Oracle is totally different from SQL Server's, even the same product but different versions have special requirement, so how do we make it easy?"}]}]}}},{"type":"p","children":[{"type":"text","text":"The answer is the very useful website called "},{"type":"a","url":"https://www.connectionstrings.com/","title":null,"children":[{"type":"text","text":"connectionstrings.com"}]},{"type":"text","text":", which provides abundant connection strings ranging from different database products to excel files, actually, you can find most of the connection strings of popular products with detail usage."}]}]},"isArchived":false,"archivedreason":null}},{"rule":{"guid":"d8967ec8-56b1-4acc-81ff-8cc5dec43fe0","uri":"do-you-use-windows-integrated-authentication-connection-string-in-web-config","title":"Do you use Windows Integrated Authentication connection string in web.config?","body":{"type":"root","children":[{"type":"mdxJsxFlowElement","name":"introEmbed","children":[{"type":"text","text":""}],"props":{"body":{"type":"root","children":[{"type":"p","children":[{"type":"text","text":"Both SQL Server authentication (standard security) and Windows NT authentication (integrated security) are SQL Server authentication methods that are used to access a SQL Server database from Active Server Pages (ASP)."}]}]}}},{"type":"p","children":[{"type":"text","text":"We recommend you use the Windows NT authentication by default, because Windows security services operate by default with the Microsoft Active Directory?directory service, it is a derivative best practice to authenticate users against Active Directory. Although you could use other types of identity stores in certain scenarios, for example Active Directory Application Mode (ADAM) or Microsoft SQL Server? these are not recommended in general because they offer less flexibility in how you can perform user authentication."}]},{"type":"p","children":[{"type":"text","text":"If not, then add a comment confirming the reason."}]},{"type":"code_block","lang":"xml","value":"\n \n","children":[{"type":"code_line","children":[{"text":""}]},{"type":"code_line","children":[{"text":" "}]},{"type":"code_line","children":[{"text":""}]}]},{"type":"mdxJsxFlowElement","name":"figureEmbed","children":[{"type":"text","text":""}],"props":{"figureEmbed":{"preset":"badExample","figure":"Figure: Bad example - Not use Windows Integrated Authentication connection string without comment","shouldDisplay":true}}},{"type":"code_block","lang":"xml","value":"\n \n","children":[{"type":"code_line","children":[{"text":""}]},{"type":"code_line","children":[{"text":" "}]},{"type":"code_line","children":[{"text":""}]}]},{"type":"mdxJsxFlowElement","name":"figureEmbed","children":[{"type":"text","text":""}],"props":{"figureEmbed":{"preset":"goodExample","figure":"Figure: Good example - Use Windows Integrated Authentication connection string by default","shouldDisplay":true}}},{"type":"code_block","lang":"xml","value":"\n \n \n","children":[{"type":"code_line","children":[{"text":""}]},{"type":"code_line","children":[{"text":" "}]},{"type":"code_line","children":[{"text":" "}]},{"type":"code_line","children":[{"text":""}]}]},{"type":"mdxJsxFlowElement","name":"figureEmbed","children":[{"type":"text","text":""}],"props":{"figureEmbed":{"preset":"goodExample","figure":"Figure: Good example - Not use Windows Integrated Authentication connection string with comment","shouldDisplay":true}}}]},"isArchived":false,"archivedreason":null}},{"rule":{"guid":"0bf7e11b-1185-406d-96bd-63304f056ccb","uri":"do-you-avoid-using-duplicate-connection-string-in-web-config","title":"Do you avoid using duplicate connection string in web.config?","body":{"type":"root","children":[{"type":"mdxJsxFlowElement","name":"introEmbed","children":[{"type":"text","text":""}],"props":{"body":{"type":"root","children":[{"type":"p","children":[{"type":"text","text":"Since we have many ways to use Connection String in .NET 2.0, it is probably that we are using duplicate connection string in web.config."}]}]}}},{"type":"code_block","lang":"xml","value":"\n \n\n\n\n \n","children":[{"type":"code_line","children":[{"text":""}]},{"type":"code_line","children":[{"text":" "}]},{"type":"code_line","children":[{"text":""}]},{"type":"code_line","children":[{"text":""}]},{"type":"code_line","children":[{"text":""}]},{"type":"code_line","children":[{"text":" "}]},{"type":"code_line","children":[{"text":""}]}]},{"type":"mdxJsxFlowElement","name":"figureEmbed","children":[{"type":"text","text":""}],"props":{"figureEmbed":{"preset":"badExample","figure":"Bad example - Using duplicate connection string in web.config","shouldDisplay":true}}}]},"isArchived":false,"archivedreason":null}},{"rule":{"guid":"f3141c85-0cc8-40da-a08b-68f01bf6595f","uri":"avoid-putting-connection-strings-in-business-module","title":"Do you avoid putting connection strings in Business module?","body":{"type":"root","children":[{"type":"mdxJsxFlowElement","name":"introEmbed","children":[{"type":"text","text":""}],"props":{"body":{"type":"root","children":[{"type":"p","children":[{"type":"text","text":"We strongly recommend that putting all connection strings together and saving them to one file, it is convenient for management and deployment."}]}]}}},{"type":"mdxJsxFlowElement","name":"imageEmbed","children":[{"type":"text","text":""}],"props":{"alt":"Image","size":"large","showBorder":false,"figureEmbed":{"preset":"badExample","figure":"Bad example - Putting connection strings in Business module","shouldDisplay":true},"src":"https://assets.tina.io/017edb94-e89d-46bd-8e78-2e8602eafb9d/rules/avoid-putting-connection-strings-in-business-module/2024-03-09_16-10-24.png"}}]},"isArchived":false,"archivedreason":null}},{"rule":{"guid":"65039e5e-cae8-4a07-b934-669eff984bc3","uri":"avoid-using-non-strongly-typed-connection-strings","title":"Do you avoid using non strongly typed connection strings?","body":{"type":"root","children":[{"type":"mdxJsxFlowElement","name":"introEmbed","children":[{"type":"text","text":""}],"props":{"body":{"type":"root","children":[{"type":"p","children":[{"type":"text","text":"Using non strongly typed connection strings means that you have to hard code at some point in your code. Once you change the name of your connection strings, you have to change the code that references them too."}]},{"type":"p","children":[{"type":"text","text":"Visual Studio provides a convenient tool, called Application Settings, that allows you to manage all of your connection strings from only one location. You can use its wizard to compose connection strings quickly and correctly. Also, it provides a management class to read and write all of your connection strings."}]}]}}},{"type":"code_block","lang":"cs","value":"var connString = System.Configuration.ConfigurationManager.ConnectionStrings[\"MyProj.Properties.Settings.ConnectString\"].ToString();\nvar conn = new SqlConnection(ConnString);\nvar cmd = new SqlCommand(strSql, conn);\nconn.Open();\ncmd.ExecuteNonQuery();\nconn.Close();","children":[{"type":"code_line","children":[{"text":"var connString = System.Configuration.ConfigurationManager.ConnectionStrings[\"MyProj.Properties.Settings.ConnectString\"].ToString();"}]},{"type":"code_line","children":[{"text":"var conn = new SqlConnection(ConnString);"}]},{"type":"code_line","children":[{"text":"var cmd = new SqlCommand(strSql, conn);"}]},{"type":"code_line","children":[{"text":"conn.Open();"}]},{"type":"code_line","children":[{"text":"cmd.ExecuteNonQuery();"}]},{"type":"code_line","children":[{"text":"conn.Close();"}]}]},{"type":"mdxJsxFlowElement","name":"figureEmbed","children":[{"type":"text","text":""}],"props":{"figureEmbed":{"preset":"badExample","figure":"Bad example - Using non strongly typed connection strings, the highlighted text is hard code actually","shouldDisplay":true}}},{"type":"mdxJsxFlowElement","name":"imageEmbed","children":[{"type":"text","text":""}],"props":{"alt":"Image","size":"large","showBorder":false,"figureEmbed":{"preset":"goodExample","figure":"Good example - Using Application Settings to configure connection strings","shouldDisplay":true},"src":"https://assets.tina.io/017edb94-e89d-46bd-8e78-2e8602eafb9d/rules/avoid-using-non-strongly-typed-connection-strings/conn.gif"}}]},"isArchived":true,"archivedreason":"Update connection string management - favor IOptions pattern over Visual Studio's Application Settings. Offers robust, flexible config in .NET Core, aligning with modern development practices. Refer to Microsoft's IOptions pattern in .NET documentation for implementation guidance."}},{"rule":{"guid":"6c4dd299-6155-4c3f-aa2b-916fc26bec1d","uri":"add-the-application-name-in-the-sql-server-connection-string","title":"Do you add the Application Name in the SQL Server connection string?","body":{"type":"root","children":[{"type":"mdxJsxFlowElement","name":"introEmbed","children":[{"type":"text","text":""}],"props":{"body":{"type":"root","children":[{"type":"p","children":[{"type":"text","text":"You should always add the application name to the connection string so that SQL Server will know which application is connecting, and which database is used by that application. This will also allow SQL Profiler to trace individual applications which helps you monitor performance or resolve conflicts."}]}]}}},{"type":"code_block","lang":"xml","value":"","children":[{"type":"code_line","children":[{"text":""}]}]},{"type":"mdxJsxFlowElement","name":"figureEmbed","children":[{"type":"text","text":""}],"props":{"figureEmbed":{"preset":"badExample","figure":"Bad example - The connection string without Application Name","shouldDisplay":true}}},{"type":"code_block","lang":"xml","value":" ","children":[{"type":"code_line","children":[{"text":" "}]}]},{"type":"mdxJsxFlowElement","name":"figureEmbed","children":[{"type":"text","text":""}],"props":{"figureEmbed":{"preset":"goodExample","figure":"Good example - The connection string with Application Name","shouldDisplay":true}}}]},"isArchived":false,"archivedreason":null}},{"rule":{"guid":"21370ad5-406f-4830-9b86-65db6ce19214","uri":"best-place-to-place-the-connection-string","title":"Do you know the best place to place the connection string?","body":{"type":"root","children":[{"type":"mdxJsxFlowElement","name":"introEmbed","children":[{"type":"text","text":""}],"props":{"body":{"type":"root","children":[{"type":"p","children":[{"type":"text","text":"The best place to put the connection string is in the Web.Config file.That makes the code simple and easy to read. Look into the following code:"}]}]}}},{"type":"code_block","lang":"cs","value":"string cnnString = \"data source=(local); integrated security=SSPI; persist security info=False; pooling=False; initial catalog=Northwind2\";","children":[{"type":"code_line","children":[{"text":"string cnnString = \"data source=(local); integrated security=SSPI; persist security info=False; pooling=False; initial catalog=Northwind2\";"}]}]},{"type":"mdxJsxFlowElement","name":"figureEmbed","children":[{"type":"text","text":""}],"props":{"figureEmbed":{"preset":"badExample","figure":"Bad example - Using magic strings","shouldDisplay":true}}},{"type":"p","children":[{"type":"text","text":"and observe the following code which is simple and easy to read:"}]},{"type":"code_block","lang":"cs","value":"string cnnString = LinqToNorthwind.Properties.Settings.Default.NorthwindEFConnectionString;","children":[{"type":"code_line","children":[{"text":"string cnnString = LinqToNorthwind.Properties.Settings.Default.NorthwindEFConnectionString;"}]}]},{"type":"mdxJsxFlowElement","name":"figureEmbed","children":[{"type":"text","text":""}],"props":{"figureEmbed":{"preset":"goodExample","figure":"Good example - Strongly typed connection string","shouldDisplay":true}}},{"type":"code_block","lang":"cs","value":"private void Form1_Load(object sender, System.EventArgs e)\n{\n //string connString = \"data source=(local); integrated security=SSPI; persist security info=False; pooling=False; initial catalog=Northwind2\";\n string cnnString = LinqToNorthwind.Properties.Settings.Default.NorthwindEFConnectionString;\n cboCity.Items.Add(\"London\");\n cboCity.Items.Add(\"Madrid\");\n cboCity.Items.Add(\"Sao Paulo\");\n db = new NorthwindDataContext(cnnString);\n cboCity.SelectedIndex = 0;\n}","children":[{"type":"code_line","children":[{"text":"private void Form1_Load(object sender, System.EventArgs e)"}]},{"type":"code_line","children":[{"text":"{"}]},{"type":"code_line","children":[{"text":" //string connString = \"data source=(local); integrated security=SSPI; persist security info=False; pooling=False; initial catalog=Northwind2\";"}]},{"type":"code_line","children":[{"text":" string cnnString = LinqToNorthwind.Properties.Settings.Default.NorthwindEFConnectionString;"}]},{"type":"code_line","children":[{"text":" cboCity.Items.Add(\"London\");"}]},{"type":"code_line","children":[{"text":" cboCity.Items.Add(\"Madrid\");"}]},{"type":"code_line","children":[{"text":" cboCity.Items.Add(\"Sao Paulo\");"}]},{"type":"code_line","children":[{"text":" db = new NorthwindDataContext(cnnString);"}]},{"type":"code_line","children":[{"text":" cboCity.SelectedIndex = 0;"}]},{"type":"code_line","children":[{"text":"}"}]}]},{"type":"mdxJsxFlowElement","name":"figureEmbed","children":[{"type":"text","text":""}],"props":{"figureEmbed":{"preset":"goodExample","figure":"Good example - Using strongly typed connection string","shouldDisplay":true}}}]},"isArchived":true,"archivedreason":"Update connection string management: prefer IOptions pattern over Web.Config. Enables flexible, robust config in .NET, emphasizing dependency injection.\n"}}]}},"query":"\n query categoryWithRulesQuery($relativePath: String!) {\n category(relativePath: $relativePath) {\n ... on CategoryCategory {\n title\n body\n uri\n index {\n rule {\n ... on Rule {\n guid\n uri\n title\n body\n isArchived\n archivedreason\n }\n }\n }\n }\n }\n}\n ","variables":{"relativePath":"software-engineering/rules-to-better-connection-strings.mdx"}}}]}]}]}]