Upload
ferdinand-butler
View
221
Download
0
Embed Size (px)
Citation preview
DotNetNuke Extension Development Best Practices
Mitchel SellersMicrosoft C# MVP, MCITP
About Mitchel
DotNetNuke Core Team Member Microsoft C# MVP Microsoft Certified Professiona CEO of IowaComputerGurus Blog: http://www.mitchelsellers.com Modules:
http://www.iowacomputergurus.com
Agenda
Source of Recommendations Module Architecture/Packaging Being a Good DNN Citizen
o Basicso Controlso Entitieso Interfaceso User Interface
Security & Data Isolation
Source of Recommendations
No Existing All Encompassing Best Practice Guide DNN “Secure Module” guide
o Covers mostly standard .NET guidanceo Not specific enough, or current
ICG DNN Module Best Practices Guideo Proven practices used in our businesso Based on concept of “playing well”
Module Architecture
Web Application Project (WAP)o Compiled Moduleo Non-Source
Module Folder Namingo Consistencyo /DesktopModules is sharedo /CompanyName/ModuleName
Manifest Naming
Module Packaging
Package for Minimum Supported DNN Version Ensure .dnn file Limits Versions
o 4.x Use <compatibleversions> [MatchRegex]</compatibleversions>
o 5.x Use <dependency type=“CoreVersion”>05.01.00</dependency>
Ensure Package Names Unique to Business Ensure to register any dependencies
o DNN 5.x class name, or package nameo DNN 4.x class name
Being a Good DNN Citizen
Support {objectQualifier} and {databaseOwner} Support localization of all static text elements Use NVARCHAR for all database columns for
international character support Avoid modifying the web.config if possible
Good DNN Citizen (Controls)
Utilize common DNN Elementso LabelControl.ascxo TextEditor.ascxo UrlControl.ascxo SectionHead.ascxo DotNetNuke Web Controls Assembly (Pager,
Profile Editor, etc.) Provide a consistent, familiar process, improves
usability
DNN Controls Examples
Good DNN Citizen (Entities)
Utilize DNN API Entities for Data Manipulationo DotNetNuke.Entities.Portalso DotNetNuke.Entities.Tabso DotNetNuke.Entities.Userso DotNetNuke.Entities.Moduleso DotNetNuke.Security.Roles
Reduces exposure to risks with DNN upgrades and breaking DB changes
Good DNN Citizen (Interfaces)
Implement Consistent Interfaces for Interactiono IPortable – Import/Exporto ISearchable – Core Search Integrationo IActionable – Module Actionso IUpgradable – Upgrading Modules
Not always the 100% solutiono IPortable designed for module content only, but
can be “modified”
Good Citizen (UI)
Ensure all ASP.NET Validators Have Validation Group
Use standard DotNetNuke CSS Classeso Normal – Regular Texto NormalRed – Error Texto SubHead – Labelso Head – Section heading
Security and Data Isolation
Properly Tie Datao PortalId, ModuleId, TabModuleId? Which oneo Auto-Cleanup?
DotNetNuke PortalSecurity Objecto Input Filter (FilterFlag.NoScripting,
FilterFlag.NoMarkup)• objSecurity.InputFilter(“TextToFilter”,
FilterFlag.NoMarkup)
Respect Host File Typeso This.PortalSettings.HostSettings("FileExtension
s")
Resources/Contact
Email: [email protected] Blog: http://www.mitchelsellers.com Company: http://www.iowacomputergurus.com ICG DNN Dev Best Practices:
http://tinyurl.com/ICGDNNDevBP DotNetNuke Securing Modules:
http://tinyurl.com/DNNModSecurity