Eager to Code
The first mistake most programmers make is that they start coding too soon because programmers are too eager to code. You have to first have a thorough design of the application and should have thought through any backup plans when you get stuck while coding. So to avoid this, you make sure that you have an idea on these application designs issues:
How will my access to the Database be handled?
You should have a clear mind whether:
You will use ASP.NET data source controls like the new “SqlDataSource” or whether you will write your own custom data access classes.
You will use SQL statements in the code itself or whether you will use stored procedures to store the SQL statements in the database
How will my state information be passed from page to page?
You should have a clear mind whether:
You will use the ASP.NET’s session-state feature
You will pass query strings to application’s pages
How will I protect my application from security breaches?
You should have a clear mind on:
What ways is the application vulnerable to attacks for example: SQL injections
How you should design the application to protect itself from such attacks
How will my application handle error situations?
You should know:
How you want it to respond to a database connection problem.
Handle these issues and you are ready to start on your coding. When developing complex applications, it’s a good practice to do a simple version of the application before you write the complete application to get an overall idea how the complex application will look like. These simple applications are also called the proof-of-concept versions. They focus on the most difficult parts in the application. Once you get the whole picture you will get the knowledge and feel the confidence that you can do the final application.
Programmers today have the idea that documenting their work is not productive because it is a boring job. Proper documentation is a vital component when developing any application. It might not be useful today, but in a year or so, when you want to upgrade or do some change to your application, the documentation will be of great help.
It is also a good practice to use inline comments when you code explaining what each part of the code does.
The documentation prepared should contain a detailed explanation on what the application does, how it was design and how the application will be used.
Lack of Testing
The most common mistake made during the testing phase is to assume that the purpose of testing is to make sure the application works, but in fact testing is done to prove that the application does not work. Think of all the ways you can crash or make your application fail.
Keep in mind that user of your application will do everything and anything to use and abuse your application. The following are some things you should keep in mind during the testing phase.
Try leaving the input fields in a page blank.
Try entering data that include symbols, like % <> etc…
Try to enter the same information into the same data-entry page twice.
Try to delete information and then go back to the same page and try to delete again.
Have a third-party who has not seen your application before test your application.
Do regression testing that is whenever you make a change after testing; you need to re-test the entire application from scratch because there might be unintended errors after the change.
Improper use of State features
Some programmers improperly use the State features, like session state and view state, provided by ASP.NET to save state information. The following are some of the ways you can properly use these state features with your application:
If you don’t need the view state control, disable it. This can make your application run more efficiently. By default ASP.NET controls have the view state enabled. This might then send state information to the browser for each page even if was not required thus reducing the efficiency.
Session state is usually saved in the RAM, so try not to save excessive information in them.
Clear the session states as soon as you are done using.
Improper Validation of Data
Data validation is a very important factor when developing any application. All data entered into an application should be validated. ASP.NET includes a set of Validation controls; therefore as a practice never leave a textbox without a validation, at least put in a “RequiredFieldValidator”.
When dealing with textboxes gathering numeric data, validators should be used to make sure the data typed in is of the correct type, within the correct range and whether it is a positive or a negative value.
Query strings are a form of input data too and ASP.NET does not provide controls to validate them. So you will have to write your own code to manually validate the query string fields before you use the values from them. Failure to do so makes room for malicious users to alter or fake query string values in an attempt to hack your application.
Trying to do too much
Before you spend time on a piece of code, try to find out if that code is already available, usually it is. This should also be applied before your create an application. Check whether it is cheap to build it from scratch or whether it is feasible to buy a ready-made solution.
Always seek Support
In the times of the Interwebs, there are enough and plenty places available where you can ask for help and get the answers you were looking for. You can always post your questions and get an answer within a day or so.
You must also not abuse these features. Research on your own to and try to find what you are looking for. If you do find it, it is good news and if not go and seek help.