Ziggy Rafiq | Senior Technical Lead Developer

Overview  C# is a widely used programming language that is known for its ease of use and versatility. However, with the increasing number of cyber-attacks and security breaches, it is essential to ensure that the code we write in C# is secure. In this article, we will discuss some of the best practices for secure coding in C#. Avoid Using Plain Text Passwords When working with passwords, it is essential to store them securely. Storing passwords in plain text is a significant security vulnerability, and it is essential to avoid doing so. Instead, use a secure password hashing algorithm such as PBKDF2 or bcrypt to store the password. Input Validation Input validation is crucial when working with user input, as it helps prevent injection attacks such as SQL injection and cross-site scripting. Always validate user input and use parameterized queries when working with databases. Use Parameterized SQL Queries As mentioned earlier, parameterized queries are a powerful way to prevent S

DRY Software Principle Using C# DRY stands for "Don't Repeat Yourself," which is a software principle in C# that emphasizes the importance of avoiding code duplication. The idea is that every piece of knowledge or logic in a system should have a single, unambiguous representation within that system. In practice, this means that instead of copying and pasting code, developers should create reusable functions, classes, and modules to avoid duplicating code. By doing this, they can simplify code maintenance and reduce the risk of introducing errors when changes are made. Here are some ways to apply the DRY principle in C# development: Create reusable functions and classes: Instead of copying and pasting code, create reusable functions and classes that can be used across multiple parts of the application.   Use inheritance and polymorphism: Inheritance and polymorphism can help reduce code duplication by allowing you to create a base class with common functionality that

    Software Principles Using C# There are several software principles commonly used in C# development, which are as follows. SOLID Principles : The SOLID principles are a set of five principles that guide the design of software systems. They include the Single Responsibility Principle (SRP), Open-Closed Principle (OCP), Liskov Substitution Principle (LSP), Interface Segregation Principle (ISP), and Dependency Inversion Principle (DIP). KISS Principle : The KISS (Keep It Simple, Stupid) principle states that software systems should be simple and straightforward, without unnecessary complexity. YAGNI Principle : The YAGNI (You Ain't Gonna Need It) principle states that developers should only add functionality when it is actually needed, instead of adding it in anticipation of future needs. DRY Principle : The DRY (Don't Repeat Yourself) principle states that developers should aim to write reusable code and avoid repetition. Separation of Concerns (SOC) : The Separation of Co

  Separation of Concerns (SoC) Principle Using C# The Separation of Concerns (SoC) principle is a software engineering principle that encourages developers to separate a software system into distinct modules or components that focus on specific concerns or responsibilities. The principle aims to reduce complexity and improve modularity, maintainability, and scalability. In practice, the SoC principle requires developers to identify and separate concerns or responsibilities within a software system, such as user interface, data access, business logic, and presentation logic. Each module or component should be responsible for only one concern, and communication between modules should be kept to a minimum. By separating concerns, developers can improve the readability and maintainability of the codebase, reduce the risk of errors or bugs, and make it easier to modify or add new features to the system. Separation of concerns also facilitates testing, as each module can be tested independen

  Law of Demeter (LoD) Principle Using C#   The Law of Demeter (LoD) principle, also known as the Principle of Least Knowledge, is a software development principle that encourages developers to minimize the coupling between objects in a software system. The principle states that an object should have limited knowledge of the internal structure or workings of other objects in the system. In practice, the LoD principle requires developers to design software systems in a way that limits the number of direct relationships between objects. Instead of allowing objects to directly access and manipulate the properties or methods of other objects, developers should use intermediary objects or interfaces to facilitate communication between objects. By minimizing the coupling between objects, developers can reduce the risk of creating tight dependencies between different parts of the system. This can make the system more modular, easier to test, and more resilient to changes in the system. The Lo

  YAGNI Software Principle Using C# The YAGNI principle, which stands for "You Ain't Gonna Need It," is a software development principle that suggests that you should only implement features when you actually need them, rather than trying to anticipate future requirements. The principle is based on the idea that implementing features that are not currently needed can result in unnecessary complexity, wasted effort, and increased development time. In practice, the YAGNI principle encourages developers to focus on delivering the minimum viable product (MVP) with only the features that are necessary to meet the requirements at hand. Developers should avoid adding functionality that is not explicitly required by the current project scope or that may be needed in the future but is uncertain. The YAGNI principle is closely related to the Agile software development methodology, which emphasizes iterative development and continuous delivery of working software. By focusing on del

  SOLID Software Principle Using C# The SOLID principle is a set of design principles for object-oriented software development that aim to make the software more maintainable, flexible, and scalable. The SOLID acronym stands for the following principles: Single Responsibility Principle (SRP): A class should have only one reason to change. In other words, a class should have only one responsibility or job to do, making it easier to maintain and modify.   Open-Closed Principle (OCP): Software entities (classes, modules, functions, etc.) should be open for extension but closed for modification. In other words, new features should be added by extending the existing code rather than modifying it.    Liskov Substitution Principle (LSP): Subtypes should be substitutable for their base types without causing any errors or unexpected behaviour. This means that any object of a superclass should be able to be replaced by an object of a subclass without affecting the correctness of the program. I

  KISS Software Principle Using C#   The KISS principle, which stands for "Keep It Simple, Stupid," is a popular design principle in software engineering that emphasizes the importance of keeping systems, interfaces, and code as simple as possible. The principle suggests that software should be designed and written in such a way that it is easy to understand, modify, and maintain. The KISS principle is based on the idea that simplicity leads to better software. Simple software is easier to write, test, debug, and maintain than complex software. Additionally, simple software is easier for users to learn and use, leading to higher user satisfaction. In practice, following the KISS principle involves designing and implementing software that is focused on meeting the essential requirements, avoiding unnecessary complexity, and prioritizing simplicity over novelty. This can be achieved by breaking down complex problems into smaller, more manageable parts, using familiar and well-u

   Best Practice for Code Reviewing C# Code review is an important step in the software development process that helps ensure code quality, maintainability, and consistency. Here are some best practices for code review of C# code: 1. Know the code standards: Familiarize yourself with the project's coding standards, naming conventions, and best practices before starting a code review. This will help you identify areas where the code deviates from established standards and make suggestions for improvements. 2. Focus on maintainability: Code review should focus on code maintainability, readability, and scalability. Look for easy-to-understand and maintain code, and suggest changes where necessary. 3. Check for best practices and conventions: Ensure that the code follows best practices and conventions, such as naming conventions, coding style, and indentation. 4. Verify that the code is performant: Check that the code is performant and does not contain any performance bottlenecks. This

  Coding Standards in C# Overview The purpose of this document is to define a set of coding standards for C# projects. The purpose of these standards is to ensure consistency, readability, and maintainability of the codebase. The coding standards described in this document apply to all projects and codes developed by the organization. Naming Conventions Class names should be written in PascalCase. Method names should be written in PascalCase. Variable names should be written in camelCase. Constants should be written in ALL_CAPS and separated by underscores. Namespaces should be written in PascalCase. Formatting Use 4 spaces for indentation. Braces should be on a new line and aligned with the code block. Put a space before and after every operator. Put a blank line between methods to increase readability. Comments Write comments for all methods, classes, and complex blocks of code. Use XML documentation comments for public members. Use inline comments when necessary to explain complex

How to use Enum Data Values with .Net 6.0 Framework and Entity Framework Core 6 Overview An Enum (Enumeration) is a group of constants that are read-only value types. By default, the first value of the Enum variable is 0 i.e. Here we will create an Enum of Priorities type with read-only values of Highest, Normal and Low. We will set the read-only values using an integer assigning a number next to the value. By default, the integer value will start with 0. Here we will be assigning the integer value next to the Enum value such as in the below example and we will use a comma (,) to separate the item in the list of Enum(Enumeration).  We create Enum by using the Enum keyword and then using class, interface, and abstract. The reason we use an Enum is to ensure we improve our application performance and improve application readability, and maintainability, and reduces the complexity of the application hence why if you take a look at the example below of Status (NotStarted, Started, Complete

  C# Virtual and Non-Virtual Method In Microsoft.net C# Virtual method supports polymorphism, which is part of the OOP Concept. We would combined virtual and override keyword with the virtual keyword on the parent/base class and then use the override keyword on the method in the child/derive class and both methods are virtual. Any methods which do not have virtual or override keyword or that have new keyword are non-virtual method. When a virtual method is invoked on an object, the run-time type of the object is used to determine which implementation of the method to use. When a non-virtual method is invoked on an object the compile-time type of object is used to determine which implementation of the method to use.

  C# Comments Overview C# Comments are only for you to read, not for the computer to execute. All the comments displayed in the Code Editor are green by default, which makes it easy to identify those lines, and the C# compiler ignores those parts when it runs your program. Single-line Comments You can make any line into the single-line comment by starting it with the two forward slash marks //, indicating the remainder of the line is a comment. Example End of line comments The End of line comments is generally used to describe variables and data types. Example Multiline Comments (delimited comments) Multiline Comments begin with an open comment mark /* and end with a lost comment mark */. All the text between the delimiters is ignored by the compiler. Example Code Example Code(Header Comments) XML Comments In C# we use XML comment on our methods by simply typing /// to get the XML comment.