Forum Moderators: open
I'm a self-taught asp coder... been doing basic for more than two-thirds of my life so Visual Basic and VBScript were a natural for me. I've been earning a living full-time for the last year and a half from the software and web sites that I've built using MS technologies. VB just makes sense to me, and I suspect that there are a lot of programmers out there that are like me.
My question is this: How long will it be before MS stops supporting VBScript and COM in IIS and Windows?
I've done everything that I can to learn .Net. I've been to several MS trainings, subscribe to numerous .Net magazines and I do a lot of reading. The problem is that every time I sit down to create my first app or site in .Net, I invariably run into a snag and upon further research find that I can't do what I want to do in .Net. At best I'd have to use COM with .Net. To top it off, it seems that all I read about with .Net software is less secure, less scalable, and less compatible than doing it the old way with VB6 or VBScript.
Am I the only one who thinks this? Am I doomed in a few years when MS stops supporting the old code?
I spent the weekend reading about the upcoming features found in .Net 2.0, and I see a little hope. But still, with what I'm doing, it just doesn't make sense to switch unless I do it simply because that is where the industry is going. Sheesh, I'm even thinking about learning PHP. I'd love to hear your opinions about my dilema...
I mean think about it, most MS-DOS programs still work even in Windows XP and some of those date back 20 years or more. I haven't bothered to learn .NET ... I still write programs in Visual Basic 6 and still build websites in ASP, and I'm not worried in the least that it will be going away any time soon. Microsoft knows how important "old programs" are to everyone.
I'll have retired from this industry long before I have to worry about my ASP pages not working properly. And if the day ever comes where "someone" has to redo my work, I'm sure there will be plenty of justification to do it - stuff like new ideas, features, requirements, etc. - so it won't be so bad starting over from scratch anyway.
WHen I first got my hands on .Net, it was confusing because it was new. But after a while I got used to it and I'm hooked. I can't imagine anything you can do in VB6 that you can't do in VB.Net. I find .Net much more powerful and flexible than VB6, and easier to program and debug too.
I think ASP and VBScript will be around for a long time, but I'd recommend that you keep playing with .Net until the light bulb turns on in your head. It shouldn't take too long for that to happen to VB6 programmer.
Not sure what you are trying to do, but I have not found anything I cannot do in .net that can be done in COM+. I find it the opposite.
>>To top it off, it seems that all I read about with .Net software is less secure, less scalable, and less compatible than doing it the old way with VB6 or VBScript.
Hmmm... not sure what you mean here either.
.Net has finally given ASP some legs. It is much easier to develop than classic asp. I am doing things in 3 lines that took 10 before.
It is really bringing OOP to the common man. Before you either need to know C++ or Java to really use OOP. Now you can use it with many different languages. The framework really is qa step foward.
It was hard at first to understand how to use .Net correctly. It is a different mindset. I understand the frustration and the desire to just stick with what works.
Like said above MS will continue to have the asp.dll in IIS for a while. Take your time moving over because it is frustrating, since the method is completely different.
Are you using visual studio.net? Web matrix is good but it is very frustrating to learn with.
It begs to ask the question... What publications are reporting that .net is all the above that you've read?
I’m glad you asked. As for security, what I’ve read is the talk about Obfuscating code. There was an article in MSDN Magazine a few months ago that recommended using a third-party obfuscator because it did a better job at protecting against decompiling than the one that comes with VS.Net. Then it added that code protected with even the best obfuscators can be decompiled in a matter of a day or two. I read that line out load to my wife just to see if she understood it the way that I did. Some of my VB6 apps connect to SQL Server or an FTP server over the net and contain passwords. I can’t afford to have those passwords discovered. Am I missing something here? Of course these passwords are for accounts with minimum privileges, but it would still be bad if they got out.
As for scalability, the last MS training that I attended was last summer. One of the labs that was set up was to experiment with the tool that checks web pages for how many requests per second it can handle (I can’t recall the exact name of the tool). For an experiment we each built some .Net code in C# that concatenated a string numerous times. With the original code, all of us got varied results but the average was around 17 RPS. Then the instructor showed us how to use the concatenation module (again I don’t recall the exact name). Some people had lower RPS, but on average the code could handle 24 RPS. There was a whole lot of extra code, but the increase in performance really didn’t appear to be that great. While the instructor was talking, I quickly put together some code that did the same thing with straight ASP. This code averaged over 150 RPS on my machine. I asked the instructor about this in private afterwards, but he said he couldn’t comment. Concatenation is pretty fundamental to a lot of my web pages, this makes me believe that ASP.NET just isn’t as scalable.
Add the steep learning curve, and I just can’t see the benefit of moving on up to .Net. I guess I’m being short sighted, and I try to muster the courage, but when I sit down in front of VS 2003 it just doesn’t click. Any suggestions you have for how to get it to click with me would be greatly appreciated.
You might not worry about becoming obsolete, but it will only get harder for you to move on once you really have to.
I took me more effor to be able to "understand" pascal after programming in basic, than it took me to learn c,c++,java, and asm x86 combined later on.
Have you tried comparing string vs. StringBuilder to handle your concats?
Like people not hashing and salting passwords in a database or heaven forbid a flat file. In .net all you have to do is salt it, instatiate the cryptography class and use the hashing method. Boom you are a hundred times more secure. Or not sending passwords back out when people lose them instead of reseting them to a new random string and then sending it out. So many little things that just get over looked that could make your applications rock solid.
I work in the financial applications industry and all the companies have moved to .Net. My industry has the most sensitive data around, your money and personal information. If .Net was not as secure as legacy technology we would still be using COM+.
As far as the string class goes, yes it is weighty, but it is faster than VBScript. Not sure why your instructor thought that the execution of compiled code would run slower than vbscript. The first time when it compiles it is true that the app is sluggish as it is being cached. After that it is extremely quick.
One huge advantage is that you are using a typed data structure. You don't have to use the ram hogging variants anymore. This alone makes .Net pages so much faster than classic ASP.
I really figured .Net out by using datasets and xml. Reading and writing xml using ado.net let me understand the basics. I was able to use datagrids for the gui which really sold me on .Net.
static void Main(string[] args)
{
Console.WriteLine("TEST 1");
Console.WriteLine(System.DateTime.Now.ToLongTimeString());
string test = "";
for (int x = 0; x < 50000; x ++)
{
test = test + "t";
}
Console.WriteLine(System.DateTime.Now.ToLongTimeString());Console.WriteLine("\nTEST 2");
Console.WriteLine(System.DateTime.Now.ToLongTimeString());
string test2 = "";
for (int j = 0; j < 50000; j ++)
{
test2 += "t";
}
Console.WriteLine(System.DateTime.Now.ToLongTimeString());
Console.WriteLine("\nTEST 3");
Console.WriteLine(System.DateTime.Now.ToLongTimeString());
StringBuilder sb = new StringBuilder();
for(int y = 0; y < 50000; y ++)
{
sb.Append("t");
}
Console.WriteLine(System.DateTime.Now.ToLongTimeString());
}
Results
TEST 1
11:06:36 PM
11:06:39 PM
TEST 2
11:06:39 PM
11:06:42 PM
TEST 3
11:06:42 PM
11:06:42 PM
Test #4 was run in an ASP Page
<%= Now() %><br>
<% For i = 0 to 50000 %>
<% s = s + "t" %>
<% Next %>
<%= Now() %><br>
TEST 4
5/10/2004 8:12:27 PM
5/10/2004 8:12:32 PM
Test 5 was an ASP.Net Page using code behind:
private void Page_Load(object sender, System.EventArgs e)
{
Label1.Text += (System.DateTime.Now.ToLongTimeString());
StringBuilder sb = new StringBuilder();
for(int y = 0; y < 50000; y ++)
{
sb.Append("t");
}Label1.Text += "<br>" + (System.DateTime.Now.ToLongTimeString());
}
TEST 5
8:17:44 PM
8:17:44 PM
For Windows applications, the benefits of code obfuscation are minimal. If you had an algorithm that was so proprietary that it requires obfuscation in .NET, I could use a disassembler on the output of VB6 to extract the same algorithm. Disassembled 80x86 code and MSIL code look very similar.
There is very little code in this world that is truly worth protecting. Any code that meets that criteria needs to be patented. (I think software patents are a crock, but until they are outlawed, that's the mechanism to protect software.)
