The document discusses security considerations for Zend Core for IBM i. It provides two options for securing the system: 1) guarantee system security by unplugging and locking the system in a vault or 2) take a security journey to protect valuable information assets from outsiders like hackers and insiders like corporate criminals. The document then discusses steps to understand and protect various components of Zend Core like directories, files, programs, user profiles, and configurations. It provides recommendations to make the Apache and PHP configurations more secure through access controls, encryption, and logging.
How to measure and optimize performance of applications that use Zend Framework 1.x. A talk presented at the New York City Zend Framework Meetup (http://www.meetup.com/ZendFramework-NYCmetro/) on August 23, 2011.
Recent advances in DB2 and SQL can make PHP applications more secure, efficient, and require less code. Learn how to take advantage of a true enterprise-grade database: DB2 for IBM i. This tutorial will show the right way to use DB2 with PHP. Topics include: RCAC row and column security built into DB2, techniques to reduce the amount of required boilerplate PHP database code, new features of DB2 and ibm_db2 that can make life easier for developers, detailed performance tips, prevention of SQL injection, library list options, connecting to IBM i's DB2 from Windows and Linux, implementing pagination, using Zend\Db, and more. With new material presented for the first time anywhere.
Strategic Modernization with PHP on IBM iAlan Seiden
You know you need to modernize your IBM i applications, but where to start? In this talk, Alan will inspire you with creative examples of modernization on IBM i that provided a strong return on investment while controlling risk. Learn how to choose projects with the best return on investment, and then complete them with confidence. We will lead an honest discussion of the most effective strategies. Can RPG programmers learn PHP? Yes. Can new PHP developers be integrated into an existing IT department? Yes. Both approaches have merit. See creative ways to use PHP, not only to create new GUI front-ends, but to enhance existing interactive RPG programs. Please your users and business people by incorporating PHP into your shop.
A a sneak peek into PHP 7, Zend Server 9, Zend Studio 13.5, and what the combination brings to IBM i users. Available in Q3, sporting a new DB2 extension and lots of new goodies, Zend Server 9 will prove to be the biggest open source story to hit IBM i this year. Once you add the latest Zend Studio release (13.5), you’ll be well on your way to full web enablement.
Everyone knows installing PHP on IBM i is easy. Just download the save file and run the RSTLICPGM command. But not everyone knows what that RSTLICPGM does. What is it putting on the machine? Where is it putting it? How does it all work together? In this session, we'll take a look at the IFS directories added by the Zend Server installer, to see what's in them. We'll see where PHP and PHP extensions, Apache and FastCGI configurations, log files, and more are kept. We'll also talk about how these new file objects interact with existing prerequisite software on the IBM i to present dynamic pages to the web. This session is for PHP developers and administrators interested in learning how PHP fits in with the unique operating environment of IBM i.
How to measure and optimize performance of applications that use Zend Framework 1.x. A talk presented at the New York City Zend Framework Meetup (http://www.meetup.com/ZendFramework-NYCmetro/) on August 23, 2011.
Recent advances in DB2 and SQL can make PHP applications more secure, efficient, and require less code. Learn how to take advantage of a true enterprise-grade database: DB2 for IBM i. This tutorial will show the right way to use DB2 with PHP. Topics include: RCAC row and column security built into DB2, techniques to reduce the amount of required boilerplate PHP database code, new features of DB2 and ibm_db2 that can make life easier for developers, detailed performance tips, prevention of SQL injection, library list options, connecting to IBM i's DB2 from Windows and Linux, implementing pagination, using Zend\Db, and more. With new material presented for the first time anywhere.
Strategic Modernization with PHP on IBM iAlan Seiden
You know you need to modernize your IBM i applications, but where to start? In this talk, Alan will inspire you with creative examples of modernization on IBM i that provided a strong return on investment while controlling risk. Learn how to choose projects with the best return on investment, and then complete them with confidence. We will lead an honest discussion of the most effective strategies. Can RPG programmers learn PHP? Yes. Can new PHP developers be integrated into an existing IT department? Yes. Both approaches have merit. See creative ways to use PHP, not only to create new GUI front-ends, but to enhance existing interactive RPG programs. Please your users and business people by incorporating PHP into your shop.
A a sneak peek into PHP 7, Zend Server 9, Zend Studio 13.5, and what the combination brings to IBM i users. Available in Q3, sporting a new DB2 extension and lots of new goodies, Zend Server 9 will prove to be the biggest open source story to hit IBM i this year. Once you add the latest Zend Studio release (13.5), you’ll be well on your way to full web enablement.
Everyone knows installing PHP on IBM i is easy. Just download the save file and run the RSTLICPGM command. But not everyone knows what that RSTLICPGM does. What is it putting on the machine? Where is it putting it? How does it all work together? In this session, we'll take a look at the IFS directories added by the Zend Server installer, to see what's in them. We'll see where PHP and PHP extensions, Apache and FastCGI configurations, log files, and more are kept. We'll also talk about how these new file objects interact with existing prerequisite software on the IBM i to present dynamic pages to the web. This session is for PHP developers and administrators interested in learning how PHP fits in with the unique operating environment of IBM i.
PHP Toolkit from Zend and IBM: Open Source on IBM iAlan Seiden
PHP developers on IBM i have a new way to access resources such as RPG and COBOL programs, system commands, data areas, and more, using a new, free, flexible, open source toolkit, supported by Zend. Using IBM's XMLSERVICE toolkit on the back end, it's all open source, enabling a high level of quality and functionality delivered by Zend, IBM, and IBM i community members who take the initiative.
You will learn:
• How your older PHP applications can use the new toolkit with minimal changes, thanks to the Compatibility Wrapper (CW), developed for Zend by Alan
And how to:
• Optimize performance
• Develop PHP on your laptop (Windows, Linux) or in the "cloud" and deploy to the IBM i
With suggestions for:
• Security
• Troubleshooting
• Tips and tricks to work with your IBM i in new ways
Php Dependency Management with Composer ZendCon 2016Clark Everetts
A deep-dive for beginners into Composer, the dependency manager for PHP. Learn how Composer helps you obtain the components your applications depend upon, installs them into your project, and controls their update to newer versions.
PHP is famous for its ability to build web-based front ends, but it's also a flexible tool within batch processes--that is, as a utility language. Alan will show how to accomplish marvelous tasks by calling PHP from ordinary CL programs and with Job Queue functionality in Zend Server.
Running open source PHP applications on you IBM iProximity Group
At International i-Power 2015, Pete Samways presented a hands-on workshop entitled 'Running open source products on your IBM i'.
As the IBM i is a more open platform than it has ever been, it has become an excellent platform for running and developing web and mobile applications. In this practical workshop, attendees were guided through the process of installing and running open source PHP applications on their IBM i such as Drupal, Magento, WordPress, Mantis Bug Tracker and Sugar CRM. The session included live and guided demonstrations of installing Zend Server, Zend DBi and the applications themselves from a .zpk or from source.
Download the slides from the workshop to find out about more about Zend Server, some top tips for configuring Zend Server, what open source is, why PHP for open source and the advantages of PHP on the IBM i.
Install MariaDB on IBM i - Tips, troubleshooting, and moreRod Flohr
MariaDB is the new open source drop-in replacement for MySQL that has been adopted by IBM for use on Power Linux and IBM i. ZendDBi is the installer provided by Zend for installation of MariaDB on the IBM i. In this session we'll show how to use ZendDBi to install MariaDB and provide some important tips for post-installation. We'll also demonstrate troubleshooting some common installation issues. While most installations of MariaDB are trouble free, the troubleshooting procedures will give us a chance to understand a bit more about the operation of MariaDB on the IBM i. It'll also give us the opportunity to explore some concepts on IBM i that may not be familiar to some RPG programmers.
From Zero to ZF: Your first zend framework project on ibm iAlan Seiden
Step by step, I'll demonstrate the creation of a Zend Framework (ZF) project, with special attention to configuring the db2 adapter so it works well with IBM i.
Create a welcoming development environment on IBM iAlan Seiden
Thanks to languages such as PHP, young developers are entering the IBM i world, but may be unprepared for their new environment. They may not realize that IBM i has an SSH shell environment that can have them feeling at home and productive.
This talk will offer tools and tips to allow developers to work from a UNIX command line in the manner they may be used to (with minor adjustments) on IBM i. Improve job satisfaction with the tips presented here.
Topics will include:
* create a chroot environment for safe experimentation on IBM i
* install bash shell with tab autocomplete and other familar features
* access DB2 and IBM i operations from the command line
* use familiar editing tools such as vi
* use php-cli efficiently
This presentation reviews of the many aspects of PHP performance that can impact day-to-day living. It explores basic concepts for resolution when PHP performance has got you down. The focus is on Zend Server configuration options including, but not limited to: caching, Apache settings, PHP syntax fundamentals, diagnosing bottlenecks, and DB2/SQL optimization.
Zend con 2016 bdd with behat for beginnersAdam Englander
Learn the basics of behavioral driven development (BDD) with Behat to build high quality and well documented applications. You'll learn how BDD can help you deliver greater business value more efficiently while accurately documenting the functionality of your application along the way. You'll learn how to utilize Behat as your BDD tool. With Behat, you'll create tests for the features in your application by utilizing a natural language syntax called Gherkin backed by PHP code to execute the steps executed in the feature's scenarios.
This will be a hands-on tutorial. You'll learn how to implement BDD for a web application. This will include utilizing Selenium WebDriver for real world multi-browser testing including introductions to Selenium Grid and hosted integration services utilizing Selenium.
Zend_Cache: how to improve the performance of PHP applicationsEnrico Zimuel
In this talk i showed some caching techniques in PHP using the Zend_Cache class of hte Zend Framework.
I presented the functions and the flexibility of the Zend_Cache with the use of the backends: File, APC, Memcached, Zend Server Community Edition.
IBM i: Fertile Ground for PHP DevelopersAlan Seiden
The IBM i platform, which evolved from System i, i5, iSeries, and AS/400, is a highly reliable, secure, self-managing, and integrated operating environment with a loyal, devoted following among thousands of businesses. A PHP developer who knows how to speak "IBM i" will be differentiated in the job market, gaining interesting employment and consulting opportunities.
In this talk, Alan Seiden will introduce you to the world of IBM i, covering the basics of this unique platform.
Zend Framework 2 (ZF2) is an open source, object oriented Framework designed for developing web applications and services using PHP 5.3+. This presentation covers an overview on Zend 2, advantages of using this and installation process.
What is new in Notes & Domino Deleopment V10.xUlrich Krause
Slides for my siession at DNUG46 in Essen, Germany. 04.-05-MAY-2019.
The session was all about the new classes added in V10.x of Notes/Domino. FP2 changes are included.
Sizing an alfresco infrastructure has always been an interesting topic with lots of unrevealed questions. There is no perfect formula that can accurately define what is the perfect sizing for your architecture considering your use case. However, we can provide you with valuable guidance on how to size your Alfresco solution, by asking the right questions, collecting the right numbers, and taking the right assumptions on a very interesting sizing exercise.
How many alfresco servers will you need on your alfresco cluster? How many CPUs/cores do you need on those servers to handle your estimated user concurrency? How do you estimate the sizing and growth of your storage? How much memory do you need on your Solr servers? How many Solr servers do you need to get the response times you require? What are the golden rules that can drive and maintain the success of an Alfresco project?
PHP Toolkit from Zend and IBM: Open Source on IBM iAlan Seiden
PHP developers on IBM i have a new way to access resources such as RPG and COBOL programs, system commands, data areas, and more, using a new, free, flexible, open source toolkit, supported by Zend. Using IBM's XMLSERVICE toolkit on the back end, it's all open source, enabling a high level of quality and functionality delivered by Zend, IBM, and IBM i community members who take the initiative.
You will learn:
• How your older PHP applications can use the new toolkit with minimal changes, thanks to the Compatibility Wrapper (CW), developed for Zend by Alan
And how to:
• Optimize performance
• Develop PHP on your laptop (Windows, Linux) or in the "cloud" and deploy to the IBM i
With suggestions for:
• Security
• Troubleshooting
• Tips and tricks to work with your IBM i in new ways
Php Dependency Management with Composer ZendCon 2016Clark Everetts
A deep-dive for beginners into Composer, the dependency manager for PHP. Learn how Composer helps you obtain the components your applications depend upon, installs them into your project, and controls their update to newer versions.
PHP is famous for its ability to build web-based front ends, but it's also a flexible tool within batch processes--that is, as a utility language. Alan will show how to accomplish marvelous tasks by calling PHP from ordinary CL programs and with Job Queue functionality in Zend Server.
Running open source PHP applications on you IBM iProximity Group
At International i-Power 2015, Pete Samways presented a hands-on workshop entitled 'Running open source products on your IBM i'.
As the IBM i is a more open platform than it has ever been, it has become an excellent platform for running and developing web and mobile applications. In this practical workshop, attendees were guided through the process of installing and running open source PHP applications on their IBM i such as Drupal, Magento, WordPress, Mantis Bug Tracker and Sugar CRM. The session included live and guided demonstrations of installing Zend Server, Zend DBi and the applications themselves from a .zpk or from source.
Download the slides from the workshop to find out about more about Zend Server, some top tips for configuring Zend Server, what open source is, why PHP for open source and the advantages of PHP on the IBM i.
Install MariaDB on IBM i - Tips, troubleshooting, and moreRod Flohr
MariaDB is the new open source drop-in replacement for MySQL that has been adopted by IBM for use on Power Linux and IBM i. ZendDBi is the installer provided by Zend for installation of MariaDB on the IBM i. In this session we'll show how to use ZendDBi to install MariaDB and provide some important tips for post-installation. We'll also demonstrate troubleshooting some common installation issues. While most installations of MariaDB are trouble free, the troubleshooting procedures will give us a chance to understand a bit more about the operation of MariaDB on the IBM i. It'll also give us the opportunity to explore some concepts on IBM i that may not be familiar to some RPG programmers.
From Zero to ZF: Your first zend framework project on ibm iAlan Seiden
Step by step, I'll demonstrate the creation of a Zend Framework (ZF) project, with special attention to configuring the db2 adapter so it works well with IBM i.
Create a welcoming development environment on IBM iAlan Seiden
Thanks to languages such as PHP, young developers are entering the IBM i world, but may be unprepared for their new environment. They may not realize that IBM i has an SSH shell environment that can have them feeling at home and productive.
This talk will offer tools and tips to allow developers to work from a UNIX command line in the manner they may be used to (with minor adjustments) on IBM i. Improve job satisfaction with the tips presented here.
Topics will include:
* create a chroot environment for safe experimentation on IBM i
* install bash shell with tab autocomplete and other familar features
* access DB2 and IBM i operations from the command line
* use familiar editing tools such as vi
* use php-cli efficiently
This presentation reviews of the many aspects of PHP performance that can impact day-to-day living. It explores basic concepts for resolution when PHP performance has got you down. The focus is on Zend Server configuration options including, but not limited to: caching, Apache settings, PHP syntax fundamentals, diagnosing bottlenecks, and DB2/SQL optimization.
Zend con 2016 bdd with behat for beginnersAdam Englander
Learn the basics of behavioral driven development (BDD) with Behat to build high quality and well documented applications. You'll learn how BDD can help you deliver greater business value more efficiently while accurately documenting the functionality of your application along the way. You'll learn how to utilize Behat as your BDD tool. With Behat, you'll create tests for the features in your application by utilizing a natural language syntax called Gherkin backed by PHP code to execute the steps executed in the feature's scenarios.
This will be a hands-on tutorial. You'll learn how to implement BDD for a web application. This will include utilizing Selenium WebDriver for real world multi-browser testing including introductions to Selenium Grid and hosted integration services utilizing Selenium.
Zend_Cache: how to improve the performance of PHP applicationsEnrico Zimuel
In this talk i showed some caching techniques in PHP using the Zend_Cache class of hte Zend Framework.
I presented the functions and the flexibility of the Zend_Cache with the use of the backends: File, APC, Memcached, Zend Server Community Edition.
IBM i: Fertile Ground for PHP DevelopersAlan Seiden
The IBM i platform, which evolved from System i, i5, iSeries, and AS/400, is a highly reliable, secure, self-managing, and integrated operating environment with a loyal, devoted following among thousands of businesses. A PHP developer who knows how to speak "IBM i" will be differentiated in the job market, gaining interesting employment and consulting opportunities.
In this talk, Alan Seiden will introduce you to the world of IBM i, covering the basics of this unique platform.
Zend Framework 2 (ZF2) is an open source, object oriented Framework designed for developing web applications and services using PHP 5.3+. This presentation covers an overview on Zend 2, advantages of using this and installation process.
What is new in Notes & Domino Deleopment V10.xUlrich Krause
Slides for my siession at DNUG46 in Essen, Germany. 04.-05-MAY-2019.
The session was all about the new classes added in V10.x of Notes/Domino. FP2 changes are included.
Sizing an alfresco infrastructure has always been an interesting topic with lots of unrevealed questions. There is no perfect formula that can accurately define what is the perfect sizing for your architecture considering your use case. However, we can provide you with valuable guidance on how to size your Alfresco solution, by asking the right questions, collecting the right numbers, and taking the right assumptions on a very interesting sizing exercise.
How many alfresco servers will you need on your alfresco cluster? How many CPUs/cores do you need on those servers to handle your estimated user concurrency? How do you estimate the sizing and growth of your storage? How much memory do you need on your Solr servers? How many Solr servers do you need to get the response times you require? What are the golden rules that can drive and maintain the success of an Alfresco project?
In this session we will take a look at several different methods for building tiered applications. Some of the tiering methodologies include Soap, XML-RPC, RESTful and multiple language architectures. The purpose of this talk will not be to determine which methodology is best, but instead will try to provide an unbiased view of the pros and cons of each.
Solving the C20K problem: Raising the bar in PHP Performance and ScalabilityZendCon
How do you configure and tune your PHP applications to handle 20,000
or more concurrent connections to your database on your desktop? This technical session describes how to implement and tune PHP's OCI8 extension with Oracle's Database Resident Connection Pool (DRCP).
Pradeep Sharma from OSSCube presents on Securing your web server at OSSCamp, organized by OSSCube - A Global open Source enterprise for Open Source Solutions
To know how we can help your business grow, leveraging Open Source, contact us:
India: +91 995 809 0987
USA: +1 919 791 5427
WEB: www.osscube.com
Mail: sales@osscube.com
With the rise of cloud computing and the death of the Xserve, learn how you can deploy your WebObjects applications on a Linode private virtual server.
(Click 2nd slide for video) Deploy PHP apps faster in 2017. This talk focuses on how PHP developers can use simple Ansible scripts to rapidly configure new dev and production servers from scratch, and deploy their apps. No more "snowflake servers"!
This is a general introduction to DevOps essentials and Ansible, with a few extras for PHP developers, including some best practice tips and overview of two major Ansible-based PHP projects, Drupal-VM and Trellis (modern WordPress setup).
● Micro Data Center 25 TB, Small Business Solution
● Hadoop Open Source Technology
● Hive Data Warehouse
● Hadoop Testing Data model
● Software & Tools Library
● Business Intelligence report
Spenser Reinhardt's presentation on Detecting Security Breaches With Docker, Honeypots, & Nagios.
The presentation was given during the Nagios World Conference North America held Oct 13th - Oct 16th, 2014 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/conference
OpenStack Summit 2013 Hong Kong - OpenStack and WindowsAlessandro Pilotti
OpenStack summit session about how to deploy Windows instances using Cloudbase-Init and Heat!
The session takes care of explaining all the issues you might encounter, for example how to choose the rioght KVM VirtIO drivers.
Deployment of WebObjects applications on CentOS LinuxWO Community
With the rise of cloud computing and the death of the Xserve, learn how you can deploy your WebObjects applications on a CentOS server. You will also get tips about how to secure your server so that you don't get hack.
One thing that most programmers do not take the time to understand is the servers that their application lives on. Most know a smattering of Apache configs, PHP configs, and basic information about the OS. This talk will deal with looking at tools that can help you quickly set up a server and how it can help you be a better developer. We'll look at tools like puppet for server management, OSSEC for log management, different command line tools, and nagios/monit for system monitoring.
An overview of the four main PHP handlers used today - suPHP, DSO, CGI and FCGI. The talk covers their pros and cons and dispel the common myths surrounding them. I also explore a new approach to server setup that combines the best from each method using mod_ruid2.
PHP, LAMP, Windows, ASP.NET ?????? Sometimes you can't choose just one.
In this session, long time PHP developer and Microsoft MisfitGeek with explore the plethora of ways you can make PHP and ASP.NET interoperate.
Make your PHP Application Software-as-a-Service (SaaS) Ready with the Paralle...ZendCon
Extend the market reach of your PHP application while creating additional revenue for your Company! Parallels a worldwide leader in virtualization and automation software that optimizes computing across all major hardware, operating systems, and virtualization platforms has the ideal platform for your PHP Application.
DB2 Storage Engine for MySQL and Open Source Applications SessionZendCon
MySQL in i5/OS opens up new and interesting methods both for developing customized web-based applications that leverage i5/OS resources as well as deploying open community solutions.
OpenID and Information Cards are two of the most prominent emerging identity technologies. It is important that you understand the benefits, usage and differences between them in order prepare for the future, even when not ready to deploy them. During this presentation we will examine what digital identities are and specifically what each of these technologies is.
"PHP offers many opportunities and avenues to leverage existing i5 investments. One such area to leverage is the existing i5 applications and programs. This presentation will guide you through examples utilizing PHP to both invoke RPG/COBOL/CL programs web-enable 5250 applications."
Lesser Known Security Problems in PHP ApplicationsZendCon
When the security of PHP applications is in focus usually standard XSS vulnerabilities, SQL Injections, Remote File Inclusions, Header Injections and CSRF are discussed. However there are a number of different vulnerability classes and non obvious exploitation paths that are as dangerous but lesser known. This talk will give an insight in such vulnerabilities and how to defend against them.
Architecting for PHP5 - Why "Runs on PHP5" is not "Written for PHP5"ZendCon
Does your application merely run on PHP5? Do you write complicated code unaware that PHP5 has a built in solution that is twice as fast? PHP5 is an evolutionary step forward from PHP4 but everyone can find new weapons for their toolbelt and enhance their applications for speed and maintainability. Learn how to make your project "Written for PHP5" not "Runs on PHP5"
SQL Query Tuning: The Legend of Drunken Query MasterZendCon
Once upon a time, a young application developer embarked on a journey to master the art of database application tuning. Her path led to studying at the feet of the Drunken Query Master. After years studying the arts of join-fu and table-kee-do, she returned to her home. Jay has catalogued the lessons she learned from the Drunken Query Master and shares her knowledge with tutorial goers.
How much do you really know about the tool you work with every day? How much time could you save by correctly using a feature, knowing a handy shortcut, or properly configuring your work environment?
This session will uncover some useful, but not so well known VIM features as well as go over a number of VIM plugins that are essential for programmers.
Testing is not something that traditional PHP developers are being familiar with. This session introduces the needs and means for testing, and the test-driven development model to create rock-solid PHP applications.
Rickroll To Go With PHP, WURFL, and Other Open Source ToolsZendCon
"In a world where mobile content is becoming more prevalent by the day, how can we enhance the experience of gathering images, audio and video for consumption on mobile devices?
Brian will demonstrate how you can leverage the Wireless Universal Resource File (WURFL), PHP, ImageMagick, ffmpeg, and other open source tools to optimize content for consumption on mobile devices."
PECL Picks - Extensions to make your life betterZendCon
One of the biggest strengths of PHP is its "glue" power. Take any C library and with a little magic and a compiler you have a fantastic extension. These extensions hide in PECL, but few people can tell the good from the unmaintained or just plain broken. Find the best extensions for your project, learn about PECL, and find out how to become a part of the PECL developer community.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
1. Zend Core for IBM i
Security Considerations
Tony “Ranger” Cairns
2. Developers are seeing PHP benefits but,
managers are worried about PHP security.
What can we do?
3. Option 1) Guarantee system security
Step 1) Unplug system.
Step 2) Lock in a vault.
4. Option 2) Start a security journey where valuable
information assets may be used by authorized
people for authorized purposes ...
• Protect against outsiders
– Would be web hackers
– Bumbling user input
• Protect against insiders
– Would be corporate criminals
– Careless programmers
5. An hour security pitch is not
your answer...
but if you believe security is a
journey not a destination, this
may help.
6. Step 1) Understand what we get out of the box.
IBM i
• RSTLICPGM
I5_COMD
• 5250 start / stop PASE
*PGM,
zend subsystem
*SRVPGM
• Dual Apache HTTP:89
configuration Server HTTP:8000
(Reverse Proxy)
Server
• i5 toolkit for program IFS
access (i5_COMD) /www
PHP
Module
• Multiple direct PHP
DB2 access methods 5250 zend Zend Core
subsystem
admin tools DB2 UDB
7. What to protect in Zend Core for IBM i?
• Internal Access (PHP) • External Access (Web)
– Directories (web dirs) – ILE Apache
• /www/zendcore • /www/zendcore/conf
• /usr/local/Zend • httpd.conf
– Stream files (web pages / scripts) – PASE Apache
• /www/zendcore/htdocs • /usr/local/Zend/apache2/conf
• /usr/local/Zend/apache2/htdocs • httpd.conf
– Programs (web call) – PHP configuration
• /qsys.lib/zendcore.lib • /usr/local/Zend/Core/etc
• Toolkit called programs (RPG) • php.ini
– User profiles – PHP programs (asset on ramp)
• Nobody, NoGroup, etc. • db2_connect()
• i5_connect()
8. Zend Core for IBM i installed profiles
• NOBODY (*USER) • ZENDADMIN (*SECOFR)
– PHP Apache server – Start/stop jobs in ZEND
– Zend Core jobs (ZENDCOREAP) subsystem
– Group = NOGROUP – Pseudo random generator (prngd)
– Special authorities = *NONE – GROUP = *NONE
• NOGROUP (*USER) – *ALL special authorities
– Group profile • ZENDTECH (*USER)
– For access to NOBODY – Update PHP configuration
resources, other profiles may add – GROUP = *NONE
• Group = NOGROUP – Special authorities = *NONE
• MYSQL (*PGMR)
– Mysql profile
– Optional install
– Special authorities = *NONE
9. Zend Core for IBM i access rights ...
Execute Rights
Access Rights
I5_COMD
PASE *PGM, *SRVPGM
QTMHHTTP
HTTP:89 CMD, ...
Server
(Reverse Proxy) HTTP:8000
NOBODY Server IFS
NOGROUP /www/zendcore
PHP /usr/local/Zend
Module
5250 zend
ZENDADMIN subsystem Zend Core
ZENDTECH admin tools
DB2 UDB
*PUBLIC EXCLUDE
10. /www/zendcore
• Default secure as of ZC 2.6.1 ...
– Access control is no public access
• /www/zendcore/* (drwxrws--- 5 nobody)
– PUBLIC *EXCLUDE
– NOBODY *RWX
– Note: NOGROUP *RWX
• /www
– PUBLIC *RX
– PUBLIC is not allowed access to PHP scripts or other information
• Add group profile NOGROUP to other user profiles for access
– QTMHHTTP
– Group = NOGROUP
Protect your PHP applications from public view
11. /usr/local/Zend
• Default secure as of ZC 2.6.1 ... • More secure ...
– Access control standard web – Access control only PHP web
• /usr/local/Zend (drwxr-sr-x 5 qsecofr) • /usr/local/Zend (drwxr-s--- 5 qsecofr)
– PUBLIC *RX – PUBLIC *EXCLUDE
– QSECOFR *RWX (who install) • /usr
– Note: NOGROUP *RX • /usr/local
• /usr – PUBLIC *USE
• /usr/local – Public will not be able to call PHP
– PUBLIC *RX from command line or RPG program
– Public is allowed access to PHP • Add group profile NOGROUP to other
from command line or RPG user profiles for access
program, etc. – QTMHHTTP
– Group = NOGROUP
Protect Zend Core web server, programs,
configuration and files.
12. ZENDCORE
• Default secure as of ZC 2.6.1 • More secure ...
– PUBLIC *RX – PUBLIC *EXCLUDE
– ZENDADMIN *RWX • Only PHP administrator can access
programs (adopt QSECOFR)
Protect Zend Core product library programs.
14. Dual Apache ZC 2.6.1 (default)
• ILE Apache:89
Browser HTTP:89
– Responds to any browser
http://myi:89 Server
– Reverse proxy (Reverse Proxy)
• to PASE Apache:8000
– Configuration
• http://myi:2001/HTTPAdmin->ZENDCORE
– https is available
• PASE Apache:8000 HTTP:8000
Browser
– Responds to any browser Server
http://myi:8000
– Also Reverse proxy via Apache:89 PHP
Module
– Configuration (edit only)
• http://myi:2001/HTTPAdmin->PASENEW
• /usr/local/Zend/apache2/conf/
• httpd.conf
– https is available
15. Comparison of the Two HTTP Servers
IBM HTTP Server Apache Server
ZENDCORE server instance; using UNIX-based open source server
5722DG1 product
ZENDCORE instance created and Server instance created and configured
configured automatically when Zend automatically when Zend Core product is
Core product is installed installed
Server runs in IBM i Server runs in IBM i PASE
Main function: reverse proxy server Main function: run the PHP application
and return result
Configure server instance using IBM Edit only configure the server using the
Web Administration Tool IBM GUI (no tabs)
Https available Https available, but certificates using
PASE openssl tools (unfamiliar i5 folks)
16. Apache degrees of security,
a matter of choice ...
• PASE Apache:8000 (default)
• ILE Apache:89 (default) Lower security
– Reverse proxy to 8000
• ILE Apache:89 (edit)
– Reverse proxy 8000
– 8000 only responds localhost
• PASE SSL enabled
– Using openssl
• ILE Apache SSL enabled
– Reverse proxy to 8000
– 8000 only responds localhost
• Multiple systems
– DMZ reverse proxy
Higher security
17. PASE Apache Server (default)
• Listens on port 8000
HTTP:89
– Only receives URL requests
Server
that are sent to that port httpd.conf: (Reverse Proxy)
• Allows any user to make these User nobody
requests Group nogroup
• All data flowing between the
IBM HTTP Server (Reverse
Proxy) and the Apache server HTTP:8000
is not encrypted Browser
Server
http://myi:8000
• All data flowing on the network PHP
between client and server is Module
public
Lower security
18. IBM HTTP Server Reverse Proxy (default)
• Server instance name is: HTTP:89
Browser
ZENDCORE http://myi:89 Server
(Reverse Proxy)
• Listens on port 89
– Only receives URL requests
that are sent to that port
httpd.conf:
• Users are denied access if QTMHHTTP
requesting any other (default)
directory/files/applications HTTP:8000
Server
• Forwards on those requests to
PHP
the Apache Server 8000 Module
• Allows any user to make
requests
• All data flowing on the network
between client and server is
public
Lower security
19. IBM HTTP Server Reverse Proxy (default)
Modify PASE Apache for localhost (edit)
• Leave HTTP Server:89 as is
– Leave reverse proxy Browser HTTP:89
http://myi:89 Server
• Modify PASE Apache (Reverse Proxy)
– Change:
• Allow from all
– To httpd.conf:
• Allow from 127.0.0.1 Allow from 127.0.0.1
• 127.0.0.1 == localhost (localhost)
HTTP:8000
Server
PHP
Module
More security
20. PASE Apache 443 (https)
(short “self certificate” tutorial)
• Make certificate (self)
– call qp2term
– cd /usr/local/Zend/apache2/conf Browser
– openssl req -x509 -nodes -days 365 -subj https://myi
'/C=US/ST=Minnesota/L=Rochester/CN=www.myi.com'
-newkey rsa:4096 -keyout server.key -out server.crt
– Note: CN correct for your site Encrypted
• Go zendcore/zcmenu
httpd_ssl.conf:
– 7. Additional Apache options Include conf/ssl.conf HTTP:8000
– 2. PASE Apache Control ssl_conf: Server
• /usr/local/... SSLCertificateFile PHP
• http_ssl.conf /usr.../server.crt Module
• S = Start (E = Stop) SSLCertificateKeyFile
• https://myi5 /usr.../server.key
– Get certificate (not perm)
– Note https is port 443 (conflict?)
Higher security
21. IBM HTTP Server 443 Browser
https://myi
HTTP:443
Encrypted Server
(Reverse Proxy)
• HTTP 443 documented procedure
– Web GUI (2001 port)
• Copy the reverse proxy lines into your new
443 instance
– ProxyPass / http://127.0.0.1:8000 HTTP:8000
– ProxyPassReverse / http://127.0.0.1:8000 Server
• Change PASE Apache PHP
• Allow from all Module
httpd.conf:
– To Allow from 127.0.0.1
• Allow from 127.0.0.1 (localhost)
Higher security
22. “Reverse Proxy” HTTP Server
• Improves performance
– Can cache static documents in
memory I5_COMD
– Can aid with balancing requests to
*PGM, *SRVPGM
a set of HTTP servers
• Improves security CMD, ...
– Can control access at the front door HTTP:89
– Can keep server in DMZ separate Server
from internal network (Reverse Proxy) IFS
– Hides the content server
environment /www/zendcore
– Can log activity F
/usr/local/Zend
I
R
HTTP:80 E
Server W
(Reverse Proxy) HTTP:8000
A
Server DB2 UDB
DMZ System L
PHP
L
Module
23. Tip: PASE Apache prefork start/stop
• Good PASE Apache settings • Keep the same
– <IfModule prefork.c> – StartServers == MinSpareServers
• StartServers 5 – MaxSpareServers == MaxClients
• MinSpareServers 5 • Leave as zero or very high count
• MaxSpareServers 25
– MaxRequestsPerChild 0
• MaxClients 25
• Never end worker job
• MaxRequestsPerChild 0
– </IfModule>
HTTP:8000 HTTP:8000
HTTP:8000Server HTTP:8000 Server
HTTP:89 HTTP:8000Server HTTP:8000
Server
Server Server Server
(Reverse Proxy)
Avoid PASE Apache bad prefork settings.
The machine will prefork to “death”!
24. Tip: Apache “chroot”
• Apache security consultants may recommend chroot to a new
directory that can not access other commands on the system.
• This approach is not recommended for PASE Apache
– The qsys file system will no longer be accessible
• PHP interoperability with ILE becomes increasingly difficult
– The /QOpenSys file system contains PASE “shared binaries” used by Apache
• Chroot below /QOpenSys may be the only way to run without “difficult” copy of
runtime for your PASE Apache engine
Apache chroot not recommended, (security to failure)!
26. php.ini Settings
• safe_mode = On/Off
– Zend Core default: safe_mode = Off
– By enabling safe_mode parameter, PHP scripts are able to access files only
when their owner is the owner of the PHP scripts. This is one of the most
important security mechanisms built into the PHP. Effectively counteracts
unauthorized attempts to access system files and adds many restrictions that
make unauthorized access more difficult.
• safe_mode_gid = On/Off
– Zend Core default: safe_mode_gid = Off
– When safe_mode is turned on and safe_mode_gid is turned off, PHP scripts
are able to access files not only when UIDs are the same, but also when the
group of the owner of the PHP script is the same as the group of the
owner of the file.
– Utility concerns:
• <?php echo shell_exec(“PASE utility steal system”); ?>
• <?php echo `system ('call cmd steal from system')`; ?>
27. php.ini Settings
• open_basedir = directory[:...]
– Zend Core default: not active (comment only in php.ini)
– When the open_basedir parameter is enabled, PHP will be able to access
only those files, which are placed in the specified directories (and
subdirectories).
• safe_mode_exec_dir = directory[:...]
– Zend Core default: safe_mode_exec_dir =
– When safe_mode is turned on, system(), exec() and other functions that
execute system programs will refuse to start those programs, if they are
not placed in the specified directory.
– More utility concerns:
• <?php echo $_POST('textFromEvilUseStealFromSystem');?>
– Where HTML form data (textarea) was ...
» $_POST('textFromEvilUseStealFromSystem') =
» “shell_exec('system('do something bad')')”;
28. php.ini Settings
• display_errors = On/Off
– Zend Core default: display_errors = Off
– If the display_errors parameter is turned off, PHP errors and warnings are not
being displayed. Because such warnings often reveal precious
information like path names, SQL queries etc., it is strongly
recommended to turn this parameter off on production servers
Do not turn display_errors On (default off), instead
check /usr/local/Zend/Core/logs/php_error_log
29. php.ini Settings
• log_errors = On
– Zend Core default: log_errors = On
– When log_errors is turned on, all the warnings and errors are logged into the file
that is specified by the error_log parameter. If this file is not accessible,
information about warnings and errors are logged by the Apache server.
• error_log = filename
– Zend Core default: error_log = /usr/local/Zend/Core/logs/php_error_log
– This parameter specifies the name of the file, which will be used to store
information about warnings and errors (attention: this file must be writeable by
the user or group apache).
Do not turn display_errors On (default off),
error_log = /usr/local/Zend/Core/logs/php_error_log
30. php.ini Settings
• expose_php = On/Off
– Zend Core default: expose_php = On
– Turning off the "expose_php" parameter causes that PHP will not disclose
information about itself in HTTP headers that are being sent to clients in
responses to web requests.
PHP security by obscurity.
31. php.ini Settings
• .register_globals = On/Off
– Zend Core default: register_globals = Off
– When the register_globals parameter is turned on, all the EGPCS
(Environment, GET, POST, Cookie and Server) variables are automatically
registered as global variables. Because it can pose a serious security
threat, it is strongly recommended to turn this parameter off (starting
from the PHP version 4.2.0, this parameter is turned off by default)
// need a "register" global variable?
gpost();
$gvar = "Hi";
echo "$gvar {$_POST['gvar']} {$GLOBALS['gvar']}";
function gpost($var)
{ if(!array_key_exists($var,$_POST)) $_POST[$var]='';
$GLOBALS[$var]=&$_POST[$var]; }
33. Programming APIs
• i5_*() APIs • db2_*() APIs
– Connect – Connect
– CMD call – Results
– PGM/SRVPGM call – Commit/Rollback
– SQL access – Fetch
– Native file access – Statement
– Data areas / queues – Stored procedure call
– User space – Meta Data
– Print/Spool • Column
– Job logs • Table
– Active jobs • Field
• Info
– Object list
Files or programs with PUBLIC *USE or *ALL,
hacker's will have an easier job!
34. PHP general (information abounds)
• Most important rule: never trust user input
– Always check user input HTML forms
– Always check input to SQL
• There are many sites that explain PHP security practices that you can read
to “know your enemy”
– http://www.ipbwiki.com/Practical_PHP_Programming:Security_concerns
– php.ini settings (previous section)
– Don't use PHP eval on user data
• <?php eval $_POST('HackerDelight'); ?>
– Don't allow user to specify PHP include names
• http://myi.php”
• <?php include($_GET['include']); ?>
– Don't use include names that can be read by URL (.inc, etc.)
• https://myi5/secretstuff.inc
– Don't allow user to SQL inject your database (db2 section)
• db2_exec($_POST(“DropSchemaPayroll;...”');
35. Toolkit - i5_(p)connect()
• i5_pconnect(Server, User, Password [, array Options])
– Server – “”, “localhost” or “127.0.0.1”
– User - “”, or “uid” i5_pconnect(“”,””,””)
• “” - NOBODY profile
EASYCOM
– Password - “” or “password” HTTP:8000 SRVPGM
– Options – Server EASYCOM
PGM / CMD
• I5_OPTIONS_PRIVATE_CONNECTION SRVPGM
EASYCOM
PGM / CMD
• Return: SRVPGM
– IBM i connection HTTP:8000 PGM / CMD
– or false on failure Server
• i5_pconnect(“”,””,””)
– Fewer EASYCOM jobs
EASYCOM
HTTP:8000 SRVPGM
Server PGM / CMD
(PRIVATE)
Use pconnect over connect
avoid start/stop job stress!
36. ibm_db2 - db2_(p)connect()
• db2_pconnect(Database, User, Password [, array
Options] )
– Database - “”, “*LOCAL”, db2_pconnect(“*LOCAL”,”NOBODY”,””)
• “IASP”, “10.1.5.13”
– User - QSQSRVR
• “”, “NOBODY”, “SOMEUSER” (NOBODY)
QSQSRVR
– Password - “”, “PASSWORD”
HTTP:8000 (NOBODY)
• Return: QSQSRVR
Server (NOBODY)
– IBM i DB2 connection
– or false on failure
HTTP:8000
• db2_pconnect(“”,””,””) Server
• No QSQSRV jobs
• db2_pconnect(...,”*NOBODY,””) HTTP:8000 DB2 UDB
• Shared QSQSRV jobs
Server
db2_pconnect(“”,””,””)
No “click” route, so do not commit across “clicks”!
37. i5_pconnect(“localhost”,”uid”,”pwd”
Apache “stateless” ... )
EASYCOM
EASYCOM
EASYCOM
HTTP:89 UID:UID:UID: FRED
UID: FRED
FRED FRED
Browser HTTP:8000
myi:89 Server Server
HTTP:89
(Reverse Proxy) EASYCOM
Browser Server (private)
HTTP:89
(Reverse Proxy)
myi:89 UID: TOM
Server
(Reverse Proxy) HTTP:8000 db2_pconnect(“”,”uid”,”pwd”)
QTMHHTTP Server
DB2
QSQSRVR
QSQSRVR
QSQSRVR
Browser FRED HTTP:8000 UID:UID: FRED
FRED
UID:UID: JEN
JEN
myi:8000 TOM Server
Browser JEN NOBODY QSQSRVR
DB2
myi:8000 NOGROUP QSQSRVR
LIZA UID: TOM
UID: Liza
UID: LIZA
... no “click” has a consistent route (TOM i5 private)
38. Connect *.inc best intentions,
terrible results ...
/www/zendcore/htdocs/iconnect.inc
<?php
function db2ConnPayroll()
{ return db2_pconnect(“*LOCAL”,”PAY”,”RGFJ183G”); }
function i5ConnectCreditCards()
{ return i5_pconnect(“localhost”,”CREDIT”,”FDRS453Y”); }
?>
• Browser http://myi:8000/iconnect.inc
– Up pops the source code for iconnect.inc, because “*.inc” is just a
file not a PHP program
– “You've been hacked!”
• Instead use ...
– /www/zendcore/htdocs/iconnect.inc.php
• Also ... /www/zendcore/htdocs/*
– PUBLIC *EXCLUDE
39. Better connect Apache env vars ...
/usr/local/Zend/apache2/conf/httpd.conf
# Password PC should be encrypted (MCrypt)
SetEnv UC CREDIT
SetEnv PC FDRS453Y
/www/zendcore/htdocs/iconnect.inc.php
<?php
$cc= $_SERVER['UC']; $pc = $_SERVER['PC'];
function i5ConnectCreditCards()
{ global $cc,$pc;
return i5_pconnect(“localhost”,$cc,$pc); }
?>
• /usr/local/Zend/apache2/conf/httpd.conf
– VERY limited access and PUBLIC *EXCLUDE
– Include conf/password.conf
• /www/zendcore/htdocs/iconnect.inc.php
– For better security add encrypt / decrypt for $_SERVER['PC']
• See PECL extension MCrypt
40. db2_pconnect and library list ...
$uid= $_SERVER['DB2UID']; $pwd = $_SERVER['DB2PWD'];
$opt=array(“i5_naming”=>DB2_I5_NAMING_ON);
// who are you?
if (isset($_SESSION['bigwig'])) array_push($opt,
array(“i5_libl”=>'BIGDEAL LILDEAL”));
else array_push($opt,
array(“i5_libl”=>”LILDEAL”));
$con=db2_pconnect(“*LOCAL”,$uid,$pwd,$opt);
// access the correct data
$result = $db2_exec($con, “select * from accounts”);
– “i5_libl”=>”BIGDEAL LILDEAL”
• call qsys2.qcmdexc('cmd',len)
• CHGLIBL LIBL(BIGDEAL LILDEAL) CURLIB(BIGDEAL)
– Query known based on $_SESSION['bigwig']
What if our script dies during a BIGDEAL library list
query (or times out)? Hopefully, no other PHP script
has “select * from accounts”
41. i5_pconnect and library list ...
$uid= $_SERVER['DB2UID']; $pwd = $_SERVER['DB2PWD'];
$conn = i5_pconnect("localhost", $uid, $pwd);
if (isset($_SESSION['bigwig']))
{ i5_command("chglibl",array("libl"=>"BIGDEAL LILDEAL"),array(),$conn);
}
else
{ i5_command("chglibl",array("libl"=>"LILDEAL"),array(),$conn);
}
– “libl”=>”BIGDEAL LILDEAL”
• CHGLIBL
– Query known based on $_SESSION['bigwig']
What if our script dies during a BIGDEAL library list
query (or times out)? Hopefully, no other PHP script
has “select * from accounts”
42. “i5_naming”=> choice/problem ...
for ($i=1;$i<21;$i++)
{ $modulus = $i % 2;
if (!$modulus)
{ $opt=array("i5_naming"=>DB2_I5_NAMING_ON, "i5_libl"=>"BIGDEAL");
$conn = db2_pconnect("*LOCAL", "DB2", "SECRET", $opt);
}
else
{ $opt=array("i5_naming"=>DB2_I5_NAMING_OFF, "i5_lib"=>"LILDEAL");
$conn = db2_pconnect("*LOCAL", "DB2", "SECRET", $opt);
}
• Do not attempt to mix naming in the same profile
– "i5_naming"=>DB2_I5_NAMING_ON (lib/table)
– "i5_naming"=>DB2_I5_NAMING_OFF (lib.table)
• Use separate profiles for each naming
– db2_pconnect("*LOCAL", "DB2NATIVE", "SECRET", $opt);
– db2_pconnect("*LOCAL", "DB2SQL", "SECRET", $opt);
43. Use db2_prepare/db2_execute,
(and i5_prepare/i5_execute)
// db2_exec is unsafe ...
$statement = "select email, password, access from eaccounts
where email='{$_POST['email']}' and password='{$_POST['password']}'";
$stmt = db2_exec($conn, $statement);
// db2_prepare / db2_execute is safer ...
$userData = array($_POST['email'], $_POST['password']);
$statement = "select email, password, access from eaccounts
where email='?' and password='?'";
$stmt = db2_prepare($conn, $statement);
$isok = db2_execute($stmt, $userData);
// db2_exec is hacked by “' or 1=1 --” and the first row returns (CTO's record)
$row = db2_fetch_array($stmt);
• Hacked by single-line comment delimiter (--).
– $_POST['email'] = "' or 1=1 --";
– $_POST['password'] = "";
• select email, password, access from eaccounts where email='' or
1=1 --' and password=''
• Let DB2 do basic analysis on the ? parameter markers to help
avoid SQL injection attack (i5_query has inject detect)
44. Tip: PHP/DB2 with 65535
• Issue: PHP scripts getting “junk” back from their DB2 SQL queries. Root
problem is often QCCSID setting 65535 (binary default from
manufacturing)
• Change CCSID before starting Apache
– 0) signon as QSECOFR
– 1) go zendcore/zcmenu -> stop apache
– 2) CHGJOB LANGID(ENU) CNTRYID(US) CCSID(37)
– 3) go zendcore/zcmenu -> start apache
PHP/DB2 does not work well with the default 65535 (binary) CCSID setting. Most
PHP applications experience what appears to be junk returning in SQL queries
(VARCHAR, CHAR, etc.). Change your CCSID to something other than 65535
and restart the Zend Core Apache.
45. Tip: DB2 – Schema (info) …
• On DB2 UDB for iSeries, a schema is used to group related database
objects. A DB2 UDB for iSeries schema is actually a collection of DB2
objects and OS/400 objects. When the CREATE SCHEMA statement is
executed, the following objects are created:
– OS/400 library
– OS/400 journal and journal receiver
– DB2 views containing schema-wide catalog
• This collection of objects in the schema provides the container for storing
related DB2 objects and the journal objects needed for enabling recovery
of database changes to these DB2 objects.
Use schemas (libraries), created with the SQL statement CREATE SCHEMA over
CRTLIB to enable journaling. The ibm_db2 commit APIs will not function without
journal enabled in the schema (library). In addition, some ibm_db2 BLOB/CLOB
scenarios require journal enabled.
46. MySql quick management
• PhpMyAdmin – Manage MySql from the web
– http://www.phpmyadmin.net/home_page/index.php
• Privileges tab
– users/access rights
• Manage databases, tables, etc.
• MySql GUI tools client / server)
– Configurations secure, tunnel, etc.
• http://forums.mysql.com/read.php?30,249779,249779
• Directory
– Zend
• /usr/local/mysql
– Upgrades 5.1 recommend
• /QopenSys/usr/local
48. Trademarks and Disclaimers
8 IBM Corporation 1994-2006. All rights reserved.
References in this document to IBM products or services do not imply that IBM intends to make them available in every country.
The following terms are trademarks of International Business Machines Corporation in the United States, other countries, or both:
AS/400 e-business on demand IBM i
AS/400e IBM OS/400
eServer IBM (logo) System i5
iSeries ZendCore
Rational is a trademark of International Business Machines Corporation and Rational Software Corporation in the United States, other countries, or both.
Intel, Intel Logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered
trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
Linux is a trademark of Linus Torvalds in the United States, other countries, or both.
Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both.
UNIX is a registered trademark of The Open Group in the United States and other countries.
Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.
Other company, product or service names may be trademarks or service marks of others.
Information is provided "AS IS" without warranty of any kind.
All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual
environmental costs and performance characteristics may vary by customer.
Information concerning non-IBM products was obtained from a supplier of these products, published announcement material, or other publicly available sources and does
not constitute an endorsement of such products by IBM. Sources for non-IBM list prices and performance numbers are taken from publicly available information, including
vendor announcements and vendor worldwide homepages. IBM has not tested these products and cannot confirm the accuracy of performance, capability, or any other
claims related to non-IBM products. Questions on the capability of non-IBM products should be addressed to the supplier of those products.
All statements regarding IBM future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only. Contact your local
IBM office or IBM authorized reseller for the full text of the specific Statement of Direction.
Some information addresses anticipated future capabilities. Such information is not intended as a definitive statement of a commitment to specific levels of performance,
function or delivery schedules with respect to any future products. Such commitments are only made in IBM product announcements. The information is presented here to
communicate IBM's current investment and development activities as a good faith effort to help with our customers' future planning.
Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user
will experience will vary depending upon considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration,
and the workload processed. Therefore, no assurance can be given that an individual user will achieve throughput or performance improvements equivalent to the ratios
stated here.