Entries by

Storing Passwords Safely

If your application deals with user accounts, it has to deal with passwords. Storing passwords in plain text would be a bad idea; a data breach could allow an attacker access to every account. The obvious answer is to encrypt the passwords. However, using cryptography without understanding could give you a false sense of security—if you make the inappropriate choice, you could make things easier for an attacker without realizing it. This article will focus on getting you up to speed with the best ways to use cryptography to secure passwords.

How to Measure Python Speed with QCachegrind

Want to know which parts of your Python program take how much time? Which parts are slow, and how often they are called? Python includes tools to measure speed, but it’s not easy to visualize their meaning. To make it easier, the QCachegrind tool graphically displays profiler output from a variety of languages. We first introduced our build of QCachegrind as a PHP tool, but you can put your Python programs under the QCachegrind microscope as well.

Reading and Writing Physical Files in a Shell using Rfile

Want to read source member data from within an IBM i shell environment, such as SSH, QShell, or QP2TERM? Need to copy records from a text file to a physical file? Want a quick way to upload a save file without needing FTP? IBM i’s Rfile command can do all these things easily. Rfile is designed to be easy to integrate into scripts, so it’s a great tool to have at hand.

Detecting Memory Leaks in PHP Extensions During Development

When a PHP extension has a memory leak, mysterious crashes can result, forcing users to restart the web server for relief. As official maintainers of the ibm_db2 and PDO_IBM extensions, we’ve been on a quest to find and eliminate any memory leaks from these popular PHP modules. With such a comprehensive goal, we needed a strategy. For extensions that have comprehensive test suites we decided that, in addition to reviewing the usual regression tests, why not also use the tests to detect leaks? What follows is a technical look at how we do it.

Sending Email from PHP on IBM i

With reliable email functionality being one of the top concerns of IBM i PHP users, we’ve made sure that CommunityPlus+ PHP includes everything you need to send email. The PHP mail() function works well, as do components such as Zend\Mail and PHPMailer. Over the past couple of years, we’ve been hearing from disappointed PHP users that mail() didn’t work in other Community PHP distributions (and some builds of Zend Server). PHP mail() requires an external program that implements the sendmail interface. If your PHP distribution lacked sendmail or equivalent, you might have received a cryptic error message such as: sh:…

Porting Extensions to PHP 8

PHP 8 has been the biggest change to PHP in years. While PHP 8’s JIT compiler gets most of the publicity, more significant to most developers would be PHP 8’s changes that encourage better coding practices. PHP 8 pushes developers to use clearer syntax and is stricter with problematic code. While the PHP runtime itself has improved, what about extensions such as ibm_db2? What changes do extension developers need to make to adapt to PHP 8? As maintainers of the ibm_db2 and PDO_IBM database extensions, we’ve learned what it takes to make PHP extensions compatible with PHP 8.

Getting Started with SSH for IBM i

Secure Shell (SSH) provides the best environment for installing, managing, and running open source software on IBM i. Among SSH’s advantages over QSHELL and QP2TERM: IBM i’s SSH command line works just like SSH on Linux or Windows, helping the IBM i platform appeal to younger developers and admins. Supporting a wide range of Unix programs and open source software, such as git, SSH is our go-to terminal interface for open source and PASE. This article covers how to set up SSH and use it to connect to IBM i servers.

RPM Package Signing

In our current work with RPMs, we’re adding digital signatures to our PHP packages to enhance their security. Package Signing ensures the integrity of a package at rest by detecting and deterring tampering. A package is signed with a private key, which is then validated by the public key provided by the package builder and installed by the user. This technique complements TLS encryption, which guards against tampering and snooping in transport.