Reza Alirezaei’s Blog

Title: Top Tips to write better code for SharePoint

Description:  If you have not dived into SharePoint programming yet and/or would like to learn more techniques, don’t forget to mark your calendar for June 20th where I will introduce some tips and tricks to make your journey in programming the SharePoint object model easier. This demo contains hints and guidelines that will help you with gaining a better understanding on how to write better code to build collaborative applications. If you are intrested ,please register here.

Using browser interface and out-of-the-box, you cannot unblock “Created By” or “Modified By” because, according to SDK, they are kind of predefined fields based on the current logged-in user. However, using object model there is a way to change these two fields or “Assigned To” field programmatically. Below, you can see a code snippet that assigns a cross-site group to “Assigned To”, a domain group to “Created By” and finally an individual user to “Modified By” field. I have used SPUser.AllUsers[string name] to get the context of my user or group. This method requires that the user passed as the parameter (individual user or group) to be either members of the site or who have browsed to the site as authenticated members of a domain group in the site. If not, this method cannot find the user and you should get an SPUser object representing a the user which has never connected himself to a site. I will cover this one in another post , but for now let’s assume that our user (or group) exists in the site’s membership somehow.

Think twice before you implement such a functionality at list item because if there is any functionalities based on these fields and current logged-in user , they will be messed up since you have overwritten current logged-in user with your choice of security context. In such a scenario, I personally prefer to create a custom field instead of playing around with these fields.

I do receive a lot of emails from people who are seeking for help,specially since my blog’s anonymous comment has stopped working and I lost all my comments 🙁

I usually keep all the questions in an Excel sheet for further analysis. The other day I had the chance to go over all the questions and to my surprise; one of the most frequent questions is about content query web part and in particular this question:

“Why Content Query Web Part is not showing up in my web part catalog?”

There are two important things that you need to remember.

First of all, CQWP is part of MOSS 2007 and not WSS. There is a workaround (with some drawbacks) to implement CQWP functionality to an extend in WSS .Check this out:

http://www.u2u.info/Blogs/Kevin/Lists/Posts/Post.aspx?ID=8

Secondly, Content Query Web Part along with Summary Link Web Part and Table of Contents Web Part only show up if you have the Publishing Feature enabled on your site collection.

Hope this helps.

Assuming that you have already set up the membership provider and configured your SharePoint site to use Forms based authentication, here are the steps to add a user to the data store (via membership) and associating it to the Visitors group. You can extend this code to support other group associations such as owners, contributor or even your own custom groups.

1) After you add a new user to the data source using the membership provider, examine the returned status parameter and act accordingly as shown below. You can find the complete code here  as a web part.

2) Install the web part  included in this post (you need to add the class to a solution ,compile it and deploy it yourself:))

3) Now, log in to the site using a user name and password which has appropriate access to the membership provider.

4) Add a new user  (e.g. username : chado , password:pass@word1)

5)New user(chado) should have been added to the visitor group which also means that new user has been successfully added to the data source.

6)Sign in as a different user

7) Since you are using forms authentication, you will be redirected to the login.aspx page. Enter the right credentials (chado,pass@word1) and hit “Sign In” button.

8) Now, you are logged in under the new user’s security context. This user is a visitor to this site.

Here is the situation:

-You have set up your SharePoint site to use forms based authentication using standard out of the box System.Web.Security.SqlMembershipProvider provider.

-You have set up your membership provider to use passwordFormat=”Encrypted”

-You are using ASP.NET Web Site Administration Tool to insert your first user

-You hit your sharepoint site , you are redirected to the login page , then you enter user name and password you created above and you are very excited to see everything works like a charm……………Boom……………. You get this message:)

“The server could not sign you in. Make sure your user name and password are correct, and then try again”.

-You are 100% certain that what you entered as username and password is correct,so what the hell is going on and why it is not working?!!!

Well, Let me give you couple of simple advices that might be helpful:

1) Don’t use this ugly tool. Just drag and drop a “CreateUserWizard” control onto your aspx page and hook it up to your membership provider. Sometimes it is much easier to do things yourself  than relying on this strange creature.

2) Most probably, machinekey element in the asp.net application’s web.config is different than the one defined in your SharePoint site’s web.config . Check the keys (validationKey, decryptionKey) and the encryption algorithm to make sure they are identical.

<machineKey validationKey=“21F0F891A36D12A278DB4FD8699C164EDBDA1FF9713A546C133CBE26DB026C5A5A10C884EF312DE5123959C8D96638423F8A6A3AE77F39E2B7A2596749B8C275” decryptionKey=“D868653A8B663BD752B01277E0465C0788D5BB9A5A9A405E“ validation=“SHA1“/>

3) It is much easier if you create the first user using “Clear” format using passwordFormat=”Clear” (so you can see the password in database) and when you deploy your provider to the web.config of your SharePoint site you can go ahead and change it to “Encrypted” and re-create the initial user one more time.