Finding and fixing production PHP errors can be a challenge without the right tools. In this blog, we give an overview of how to find and fix common PHP issues in production apps.
Transformation Not Modernization – Eradani
Last week, I had a surprising conversation with an IBM i user. She contacted us about our API generation solutions, and I told her that many people were using our tools for IBM i modernization. Her response was, “we are not modernizing; we are transforming.” “What’s the difference?” I asked. She replied, “Our company has committed to the IBM i as our core platform for the foreseeable future. That means we must be prepared to support emerging technologies using the IBM i rapidly, and we must recruit the next generation of programmers and IT professionals to work on it.” “We say transformation,” she continued, “because we are transforming how we think about the IBM i. We are not engaged in a ‘holding action’ until the platform is replaced. We are aggressively looking to explore how we can use the IBM i to put our company in the forefront of innovation.”
I loved that conversation. We are seeing more and more IBM i users who recognize the platform’s long-term value to their organizations. They plan to use IBM’s support for languages like JavaScript and Python to extend their IBM i applications. They are automating business processes and improving their customer experiences by using APIs to connect their IBM i applications with their customers and business partners. IBM i users are starting to integrate open source modules into their RPG code to speed up their development efforts. Companies are also looking to these new languages to help them recruit and retain the next generation of software engineers. RPG applications continue to be at the core of their development efforts. Still, many shops are adopting new languages and moving to Free Format RPG to make it easier for these new developers to become productive. We are also seeing an acceleration of the move to open source DevOps tools like Git—even for RPG code. Using Git makes it much easier to bring new developers up to speed on working with the RPG applications.
Transformation means a dramatic shift in our view of the IBM i and our IBM i IT professionals. It means enabling the IBM i to look, act, and be secured like all other platforms in a company’s technology stack. The IBM i should be viewed as an ideal platform to provide our end users access to the latest innovations. Experienced IBM i professionals should lead the adoption of the new technology and show their end users what is possible with the IBM i. That is a critical part of their transformation because the existing staff has the deep understanding of the business necessary to ensure that their new initiatives reflect the needs of their end users, customers, and partners.
Eradani has helped a wide range of customers across industries connect with their customers and partners while adopting the latest technology for the IBM i. We have solutions and domain experts in API enablement, open source, and the latest DevOps tools.
N2i: Getting Started with Understanding IBM i Security
February 13, at 4:30 p.m. CT<br /><br /> Join us to get your burning IBM i-related questions answered and meet new people!
Automate downloading report from AS400?
My new job uses AS400 for certain reports and I am new to it. Im not too familiar with these old IBM systems. I am using Telnet 5250 with it.
What I want to do is schedule a report to download to a folder every day similar to how you can with SSRS subscriptions (which is what Im familiar with). This report will require dynamic parameters, the date ranges will shift every time. What is the best way to do this?
Side note – Ive been researching AS400 and have noticed that the “main menu” (the one with user tasks, office tasks, system tasks, etc) is not what I see when I login. When I login I see a premade menu specifically about company inquiries, reports, etc. Im wondering if this is because of my permissions? Is there a command I can run that tells me my permissions or what menus I have access to?
Thanks
submitted by /u/Nat9523
[link][comments]
Multiple Vulnerabilities Pop Up In Navigator For i – IT Jungle
Multiple Vulnerabilities Pop Up In Navigator For i
January 23, 2023
Timothy Prickett Morgan
Why do we network computers again? Remind me.
A new security bulletin was released for the Navigator for i system management interface for the IBM i platform on January 18, which rolls up four different vulnerabilities for Navigator for i that leave it open to log file access, to obtaining file attributes, and to SQL Injection attacks due to multiple other vulnerabilities.
You can read about this security bulletin at this link. The most severe of the issues is the SQL injection attack, which has a CVSS Base score of 6.3 out of 10. According to the bulletin: “IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information for an object they are authorized to but not while using this interface. By performing a UNION based SQL injection an attacker could see file permissions through this interface.”
Access to log files for Navigator for i 7.3, 7.4, and 7.5 is unintentionally allowed when a remote authenticated user can bypass the interface checks in the tool and download log files by modifying the servlet filter for Navigator for i. This one has a CVSS rating of 4.3. Another vulnerability allows an authenticated user to get files they are authorized to get but not through the Navigator for i toll (this seems like a minor problem if you as me), and yet another one allowed attackers to see user profile attributes why performing an SQL injection.
IBM is providing fixes for these vulnerabilities for IBM i 7.3, IBM i 7.4, and IBM i 7.5. The following PTFs patch Navigator for i up against these vulnerabilities:
The CVE record dates for these vulnerabilities was October 26, 2022, and we remind you that this record date is not necessarily when the vulnerability was first known to customers or IBM. But it certainly was not after that date!
RELATED STORIES
New Nav for i Brings New Stuff to You
What’s New in IBM i Services and Networking
IBM Delivers More Out-of-the-Box Security with IBM i 7.5
Announcement Day: IBM Lifts The Veil On IBM i 7.5 And 7.4 TR6
IBM Accelerates New Nav Development Following Log4j Issue
No Plan To Support New Nav on Older IBM i Releases, IBM Says
Log4j Hits Heritage Version of Navigator for i – No Patch Coming
New Nav Puts SQL Services Within Reach
Navigator For IBM i On A Zigzag Journey
IBM Navigator for i Increases Web and Mobile Effort
Tags: Tags: IBM i, IBM i 7.3, IBM i 7.4, IBM i 7.5, Navigator for i, SQL
