You must have gone through many articles to create Custom Event Handles by the time. But before actually creating custom event handler,keep the following points in mind:
1. Security:
The assembly you deploy to the Global Assembly Cache(GAC) is running with full trust. Watch out for the following:
• Denial of Service attack: If a user uploads 10000 items to a list, what is the effect it will have to the systems your assembly uses.
• SQL Injection attack: If a user attempts to insert SQL statements into a column of a list that your assembly uses to update a database, what mechanisms are you using to make sure the input is valid.
• Cross Site scripting attack: What is the effect of adding script to a column that your assembly uses to update another area in SharePoint?
2. Performance:
This is a important factor while building custom event handler.
• Load: What burden are you placing on your web front end servers to run the assembly each time an event occurs? Use performance counters to determine this.
• Long Running Operations: Consider creating a custom SharePoint timer job. Kick off/ Schedule the Timer Job from the event rather than running all the logic inside the event. This will allow you to use the features of SharePoint to view whether the Timer Job ran successfully.
• Sync vs Async Events: Synchronous events have to wait until your code completes before returning the page, whereas Asynchronous events show the page immediately.
3. Error Handling:
When using synchronous events and you decide to cancel an event, let the user know why the event was cancelled. For example, update a Task List with a message why it failed.
Log your errors so that you can determine what issue is occurring when your system is in production environment.
4. Connections:
Cater for external systems being down when you are trying to connect to them. Don’t let your code / solution go belly up because you cannot connect to a database.
5. Bulk Operations:
The MSDN documentation mentions that event handlers will not fire when bulk operation is occurring. For example, when a new list is created, the FieldAdding event will not fire.
So now you are ready to create a custom event handler successfully by keeping above points in mind.
You can also visit my other blogs to know about different topics:
Virtualization Concepts
Strong Named Assembly in SharePoint
SharePoint Taxonomy
SharePoint Object Model
No comments:
Post a Comment