Case Status
Log In


  • RSS Feed

Last modified on 3/3/2009 10:49 AM by User.


Coding Standards


  • Use a 3-tier architecutre. Web pages call business objects (BLL layer), which in turn call data access layer (DAL layer). [note - need to look into the new MVC pattern]

Web Pages (UI Layer)

  • Code located in code-behind (aspx.cs), not inline with the .aspx page
  • Contains only a minimal amount of "glue code" to interface with the BLL layer
  • Use ASP.NET Masterpages to keep consistent theme
  • Use divs, not tables unless you are displaying tabular data
  • Web pages generally access business objects using ObjectDataSource. Click here to read a series of articles about ASP.NET best practices for data access with ObjectDataSource

Business Objects (BLL Layer)

  • Generally use the ActiveRecord design pattern. This pattern basically wraps a database row as an object with static Save(), Update(), Delete() and Fetch() methods.
  • Business objects access data through the DAL layer or O/RM
  • Object collections are exposed as List<T>, example:   public List<OrderDetail> GetOrderDetailsByOrderID(int OrderID)

Database Access (DAL Layer)

  • Use an O/RM tool - LINQ, NHibernate, Telerik O/RM, or SQLHelper.cs / OraHelper.cs class.
  • No dynamic sql - this is a major security risk for SQL Injection Attacks 
  • Generally no sql queries in code-behind or aspx pages, with possible exception of populating a lookup value from a simple lookup table (countries table, employee type table, etc)
  • Single database connection string in web.config


  • Normalize tables
  • All tables have primary key
  • All tables have referential integrity
  • Do not prefix tables with "tbl" (eg. Orders and not tblOrders)
  • Table names plural
  • Tables include CreatedDate and UpdateDate columns
  • Tables include rowversion (also called timestamp) column for optimistic concurrency. See this article 
  • Use existing standard, if none exists then SQL Server 2008 or XML files for smaller datasets.

Error Handling

  • If it is appropriate, a method will deal with errors in a try-catch block but most methods will not catch errors, and therefore automatically pass the error up the call stack.
  • Global.asax will capture unhandled errors and log them, typically by inserting a new case into a bug tracking system and passing along all available debugging information.

Standard Language

  • We are generally language agnostic and will use the best language and tool for the job, however our standard is C# and .NET 3.5 framework unless there is a compelling reason otherwise

Web Framework