BCD Announces WebSmart PHP

At the recent spring COMMON Conference in Anaheim we were excited to make our most important product announcement of recent years: the upcoming release of WebSmart PHP.

For many months now, the largest development team that we've ever assembled at BCD has been working towards the single objective of bringing WebSmart into the PHP world. So this wasn't just an announcement of intent – visitors to our booth at the Expo had the opportunity to see WebSmart PHP in action, as members of our team demoed the software, creating and running dozens of programs. And with great feedback from high-level reps at both IBM and Zend, and an Honor Roll star for WebSmart ILE from IBM Systems Magazine, we returned from this conference invigorated and ready for the final push towards a mid-June beta of WebSmart PHP.

What will WebSmart PHP do?
WebSmart PHP is a development tool for creating PHP applications that run on the System i and other PHP-supported platforms such as Linux, Unix and Windows. More than just an editor, WebSmart PHP provides application frameworks and composition tools that help you construct complete, working programs with no PHP coding experience required. It guides you through every step to create powerful dynamic web apps. It’s built for professional application development which is reflected in the robust feature set not found in typical PHP editors. It uses the same sophisticated IDE as WebSmart ILE (though of course you'll be coding PHP, not PML) and also supports Web 2.0; Web Services, SOA, AJAX, LDAP, Mobile Computing and more.

Support for Multiple Platforms and Databases
WebSmart PHP will be shipping with over 50 different templates that you can use to build applications that use database functions for DB2 SQL, Record Level Access and MySQL. Full MySQL support means you can write PHP applications that run on either the System i or other platforms. These also provide a teaching tool for your staff - all the PHP and MySQL code is generated for them, providing great examples to learn from. Once you’ve created a PHP program using the templates, you can modify and enhance the code in any way you need using WebSmart’s integrated PHP code editor.

Now We Built it, Who Will Come
If you already use WebSmart ILE you’ll find the transition to WebSmart PHP intuitive because both versions share the same IDE, though WebSmart PHP also includes user interface features specially designed for PHP programming needs. You can move seamlessly between using PML to write ILE CGI applications in WebSmart, to writing native PHP applications with the same design tool. And, you can mix and match ILE-written and PHP-written web applications with it all being transparent to your users. WebSmart PHP will also be particularly attractive to programmers wanting to leverage the more than 5000 existing PHP functions as well as to department managers wanting to take advantage of the vast potential-employee pool of PHP developers.

And the Buzz is on...
We are now in the process of pulling together the final components for our upcoming beta, scheduled for mid-June. In the meantime, to further whet your appetite and learn more about WebSmart PHP, visit www.bcdsoftware.com/wsphp and click the green Request More Information button to receive the four-page WebSmart PHP datasheet. We'll also send you the WebSmart PHP white paper (when it's released), and notify you when the beta is available for download. And while you wait, make sure you read Chris Maxcer's article in System i Network and Alex Woodie's in IT Jungle, to see what other's are saying about WebSmart PHP.


 
WebSmart Case Study: RPG Pro Rescues Project with WebSmart and Web Services

RVOS Farm Mutual Insurance Company of Texas is an insurance company that operates under the rules that govern not-for-profit Farm Mutual insurance providers. Its focus is to provide insurance products to homeowners, farmers and ranchers in Texas. Since RVOS is owned by its policyholders, any profit gleaned from business operations is retained to pay claims and offset future premium increases. With almost 68,000 members, it has over $9 billion of insurance in force and is rated A- Excellent by A.M. Best.

As part of an System i -based insurance management system overhaul, RVOS wanted policyholder information to be available to hundreds of regional agents and underwriters over the Web, as it had been for more than a decade on PC desktops running terminal emulation. RVOS had already made a significant investment in a widely used Web-based insurance quoting and submission system and now needed to integrate aspects of the legacy system and the new Web-based one with a Web services-based transaction service.

Despite the fact that Web Services and SOA have been around for a while, technicians still lack experience in creating, setting up, and running them. A Web service essentially runs over the Web and uses an XML remote procedure call. In its most elementary state, a client encodes a request in an agreed-upon format as an XML message and sends it over the Web to an application service running on a server. The Web service application parses the message and then goes to the database to retrieve the requested information. It then encodes a response as an XML message and returns it to the client URL.

To read about how RVOS Farm Mutual Insurance Company of Texas used WebSmart to overcome these challenges, read the full case studyOpens new window at our website.
 
ProGen Plus 9 Training Course in Victoria, BC

We are hosting a 4-day ProGen Plus 9 Fundamentals training course the week of June 11-14. If you are interested in attending this class, please submit a training request via our website, or give us a call at (250) 655-1766.

The ProGen Plus Fundamentals class is primarily targeted at new users, though even ProGen veterans of many years have found these courses useful. The class moves quickly and you'll benefit from a constant stream of useful tips and techniques collected during thousands of development and support hours. Most of the class time is spent working through over a dozen hands-on exercises. The labs are always enjoyable, and they'll give you the opportunity to thoroughly acquaint yourself with the product under the watchful eye of our trainer.

If you have any questions about the course content, or whether the level would be appropriate for you, give us a call at (250) 655-1766. Our Sidney, BC offices are located just a 5-minute drive from Victoria International Airport (YYJ) and three blocks from a beautiful oceanfront walkway with panoramic views of Mt. Baker and the San Juan Islands. Late spring is a great time to visit southern Vancouver Island, and this area abounds with recreational options.


WebSmart Fundamentals Training Class in Florida, May 22-25

If you have a flexible schedule and are urgently needing some WebSmart training, we have 2 seats available at a WebSmart Fundamentals class in De Funiak Springs, Florida beginning on Tuesday, May 22nd. For information on this class, please email or call Cam Ellis, at (250) 655-1766. If you'll be flying in, the nearest airports are at Fort Walton BeachOpens new window and Pensacola.


BCD at June IBM Tech Conference and Michigan User Group TC

BCD will be at the spring IBM Tech Conference and ExpoOpens new window in Scottsdale, Arizona. The Expo will be on from June 18 to 20, and you'll find us there at booth 1. Eric Figura, Rich Prechtel and Kevin Cronin will all be on hand to discuss your iSeries application development needs, and give you demos of WebSmart PHP!

BCD will also have a booth at the 2007 Michigan iSeries Technical Education ConferenceOpens new window (MITEC), Tuesday, June 5th in Dearborn, Michigan.

If you plan to attend either event, come by for a look at all the latest from BCD.


Nexus 3.3 in General Availability

We are pleased to announce that after a very successful beta period with lots of feedback and many useful additions to the software, Nexus 3.3 is now in General Availability. You can download Nexus 3.3 from our website, or by logging in to myBCDsoftware.com.

Nexus 3.3 includes many useful new features, as well as dozens of smaller tweaks to existing functions. The completely updated user guideOpens new window reflects all the recent changes, and also includes an entirely new tutorial section with an added chapter describing how to use Nexus to secure your existing CGI applications.

If you have any questions about the new Nexus release, please give us a call at (250) 655-1766.


BCD a Multi-Award Winner at Anaheim COMMON Conference

It seems like everyone from BCD who attended the Anaheim COMMON Conference and Expo a few weeks ago came home with their pockets full: our support team members staffing the booth and doing the rounds at the show came back with t-shirts, caps, toys and a suspiciously high number of BCD keychains, while our sales and management reps came back with their pockets full of awards (and maybe a few toys as well):
  • WebSmart received the System i Magazine Honor Roll award.
  • Kevin Cronin once again won the COMMON Conference Best Traditional Lab award for the WebSmart lab.
  • And Marcel Sarrasin received a System i Magazine "Extra Mile" Award, for extraordinary service.
The rest of us, who didn't attend, will look forward to a similar complement of goodies on the lunch room table next year.


Using Nexus Protections to Secure CGI Applications
Part 2 of a 3-Part Series

In our introductory article on this topic in last month's Tech Update we started by discussing some of the advantages of using Nexus Protections to secure your CGI applications, and focused in on the flexibility of being able to leverage your Nexus groups and users to set HTTP server-level security for your applications. This month we will take a look at some of the advantages Nexus gives you in terms of the UI you can offer to your prospective users.

Using Standard Apache HTTP Server Protection Directives
The Apache HTTP Server configuration allows you to protect your iSeries programs and IFS files with directives similar to these:

<LocationMatch ^/webapps>
  AuthType Basic
  AuthName SecureArea
  PasswdFile %%SYSTEM%%
  UserID %%CLIENT%%
</LocationMatch>

This block of directives applies to programs in the path /webapps, and requires users to sign in using their iSeries user profile and password to run the programs. The action triggered is the presentation of a challenge box similar to this one:



If the user enters a valid iSeries user profile and password, they get through to the program. But if they make a mistake, they'll usually get redirected to a blunt 'Access Denied' or 'Authorization Required' error message in an otherwise blank page.

This approach could be well described as 'crude, yet effective' – which most likely isn't the characterization you're shooting for with a flashy new web application.

Sure it's crude – but after all, this is the iSeries...
Admittedly, this is probably not all that different from how you have handled your green screen access since John Travolta was lighting it up to the tune of the Bee Gees. So why worry about it now?

But consider these scenarios:
  • Even if all your are doing is 'webifying' existing in-house applications, with new technologies and improved user interfaces come new expectations. If your application looks better, your users (not unreasonably) may also expect it to work better - more like other web applications that they log into every day. Settling for rudimentary functionality in an otherwise sophisticated application is at the least, inconsistent, and at worst, will generate a steady stream of complaints.
  • If you are creating web applications for a broader audience (online customers, business partners, etc.) then you will want your login process to be at least partly self-managing. You won't want to create and manage dozens of new iSeries user profiles, and personally be involved every time someone fails to log in correctly.
  • And there is also the matter of how new users will interpret this challenge process, particularly if they make a mistake the first time they try it. Your customers may well interpret a '403 - Access Denied' message as an application error rather than a user error, and this will reflect poorly on your application.
So, while the standard HTTP server configuration options can be used to guarantee that your applications are secure, they lack the polish you need to offer to your users.

Nexus Login Options
Nexus can mediate between the stringent authority requirements of the HTTP server instance and the capricious input of potentially inexperienced users, providing a best-of-both-worlds solution. Security requirements are in no way compromised, while the UI is enhanced to provide meaningful instructions and error messages to users attempting to log in.

Here is an illustration of the login area of a Nexus site page, after a failed login attempt:



There are several features here that are worth noticing:

  • First of all, this login form is part of an HTML page, and its appearance is governed by your Nexus site 'skin'. This means that even when you use the standard Nexus login form, you can customize it to match the look of your Nexus site.
  • This page gives your users meaningful feedback, while staying on the same [familiar] page. Users aren't redirected to a generic 'Access Denied' page with some technical jargon to decipher, nor do they get a challenge box that just flashes back repeatedly with no indication of what's wrong.
  • In this illustration you can also see that Nexus has also added a 'Forgot your password?' option to the form. In your Nexus user profiles you can set up password hints and secret questions that can be used to automatically email users their forgotten passwords. Then, within the site, you can also allow users to change their passwords and login hints without your intervention.
  • And finally, while this isn't evident in the illustration, Nexus allows you to use both iSeries user profiles or Nexus-only profiles for security, with no difference in how the login is handled.
These tools will free you from the drudgery of helping dozens or hundreds of users with their login problems, and provide them with a better login experience.

And Going to the Next Level...
Nexus also allows you to embed a customized login form (passing Nexus the required parameters) anywhere on your current site. Here is an example of how one of our customers has done thisOpens new window:




When users log in correctly they go right in to the site, and if they make a mistake, they are redirected to a standard Nexus failed login page (similar to the one we looked at above).

This topic is discussed in more detail in a new tutorial section of the Nexus 3.3 User Guide. For more information, please contact Technical Support. The Nexus User Guide also includes extensive sections addressing group and user management, site design and login options.


New Example Program: Color-coding Clover Columns Based on the Value

We have published another Clover example programs this month:
  • Example 130 - Clover Bar Color Coding. This example illustrates how you can use Clover to create a SmartChart where the columns are color-coded based on the value they represent. For example, column totals in a 'safe' zone can be green, those in a transitional zone can be yellow, and those in the red... well, they can be red!
If you have any questions about any of the examples posted, please drop a note to Technical Support.


New Employees in the Technical Support and Professional Services

We're pleased to announce that in the last couple of months we've had two more team members join the Technical Support and Professional Services groups at BCD.

Alexandra Drew is the newest member of the Professional Services team. Alex was born in Austria, but grew up in Calgary and completed her degree in Computer Science with an emphasis in Software Engineering at the University of Victoria. Alex has been working in software development for the last 8 years, and her interesting projects include a stint automating observations on the 1.2m telescope at the Dominion Astrophysical Observatory here in Victoria. When not glued to the screen, Alex also enjoys east coast music (that's Canadian east coast...), kickboxing and playing with her 5 year old son.

Scott Honeyman joins the Technical Support team where he plunged right into the task of getting up to speed on all our tools. After spending some time dedicated to book learning, he's now moved onto the Sisyphean task of chipping away at the long list of internal applications we need written in WebSmart. Scott originally hails from right here in Sidney, by way of an extended stint in Dominica where he worked as a dive instructor. On returning, he completed a diploma program specializing in Web development at a local college. When Scott isn't plugged in here at the office, he enjoys golfing, and spending time with his young labrador puppy, "IzzyPants".

We look forward to the contributions of our new team members over the coming months and years.


 Summary List of Recent Updates


WebSmart 6.05/Clover 1.51
There is a new iSeries update for WebSmart 6.05, update W605005P. This update addresses several issues, including:
  • Fix compile errors for wrtdbgdta when debug option not turned on.
  • Protection from SQL Injection.
  • Resolve issue where date types could not be included in a structure.
  • Program generation can now be binding directory/WAS specific.
  • Redirect functions using the SECURE parameter will now correctly redirect to the specified connection type.
In conjunction with this iSeries-side update, you also need to download Build 9048 of the WebSmart IDE. This PC-side update also includes a few other fixes:
  • SQL templates now use program field PGMF_SQLCOD to allow easier viewing of SQLCOD values in debug
  • Search and Replace window is now automatically populated with highlighted text.
  • Search and Replace now warns you if you try to replace text when the replace field is empty.
  • PML Validation now catches fields which are being treated as array elements.
  • File maintenance templates now enable/disable key fields appropriately.
  • Fixes an incorrect PML syntax validation error saying "Invalid use of array index operator on field: xyz".
Note that these updates include an item to protect new programs from SQL injection. For instructions on how to address this vulnerability in existing programs, please visit the WebSmart Updates page.


© 2007 ExcelSystems Software Development, Inc.
ProGen WebSmart and ProGen Plus are Registered Trademarks in the US and Canada, and Trademarks in all other countries.

Tech Update Archive

Subscribe to
BCD Tech Updates

Change your Subscription Status
at myBCDsoftware.com


Current Product Update Levels:

Nexus 3.3

WebSmart 6.05
Build 9048

Clover 1.51

ProGen Plus 9.02

Catapult 6.14

Spool-Explorer/400 4.31

Docu-Mint 6 - DN60R017

DbGen 2.3 - DB23R013

FFPlus 4.20 - FFP40011

Recent Updates Summary