I am also (pleasantly) surprised by the recent amount of net.data
conversations. I have used it for more than 5 years and, like Joe,
appreciate the relative safety provided by the fact that nobody outside
of the 400 world has ever heard of it. (Lots of people inside have never
heard of it either, but that's a different story.) However, I started
using PHP instead of net.data a few years ago, mostly out of the feat that
I would wake up one day to find version 7.x (or 8.x) no longer supports
it. I have come to appreciate a lot of the stuff that PHP provides that
net.data does not - support for JSON, for example - and have alleviated a
lot of my "hackers who are smarter than I am will destroy my system if I
put PHP on it" fear by still using a lot of RPG. I limit direct SQL
calls as much as reasonably possible, using RPG to do all file updating
and maybe 90% of my data retrieval to the web. It's pretty hard for
someone to do SQL injection when it is a parm passed to RPG which is
turned into good ole' CHAINs, and READE's.
Larry Kleinman
Kleinman Associates, Inc.
212-949-6469
From: "Joe W Holt" <joe.holt@xxxxxxxxxxx>
To: web400@xxxxxxxxxxxx,
Date: 10/24/2014 01:23 PM
Subject: [WEB400] Net.Data and session management
Sent by: "WEB400" <web400-bounces@xxxxxxxxxxxx>
I've noticed an uptick of Net.Data users posting so I wanted to push out a
question. Back when I adopted Net.Data (when it first came out) I
developed
with it as mainly an interface to maintain session management using
persistence and calling rpg programs. Well with the passage of time
persistence is frowned upon even more so today. It is way too easy to
create an error forcing the persistence to bomb out and eject the user
data. I'm quickly writing the replacement application and am being pushed
by relevance of technology to use other tools such as php. Not a big
proponent of using php on my box. I prefer CGIDEV2 and such tools that are
relatively unknown outside of the 400 circles so that they aren't readily
high profile attack options. As I examine my apache logs I see countless
times the efforts being made in the public to take advantage of known
attacks these other platforms have fallen prey.
Anyone else adopt some session management styles with Net.Data that would
be nice to implement? I've started using CGIDEV2 and userspaces with
cookies but it isn't a very clean approach due to my own haste and am
rethinking my options. I'm either going to have to adopt another tool like
php, clean up the CGIDEV2 process, or use Net.Data with??? Any thoughts
would be great. I'm not with great confidence that Net.Data will survive
as an available product as technology continues to change. I was very
surprised (and relieved) to have it on 7.1.
***
Regards,
Joe W Holt
Sr Programmer/Developer
Jack Onofrio Dog Shows, LLC
405.427.8181
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.