OpenCOBOL on the web
Last Updated on Tuesday, 9 November 2010 11:44 Written by aoirthoir Monday, 8 November 2010 03:13
Well it certainly seems that OpenCOBOL is a viable solution for the internet.
Being a compiled language adds many benefits for being a solution. First and foremost would be speed.
Since it is a compiled language unlike PHP, Java, VBS, JS and adnausium, it is FAST. This is due to it not needing to be run through an interpreter first. The Second reason would be security. Many of the internet applications and websites are rife with security holes. Most specifically SQL injection. Also known as SQLi. This is where a hacker inserts an sql query statement into a field on your website. When the field is submitted it is then executed by the database. Nasty stuff. If they know the structure of your database they can get all sorts of information. This can usually be found by sniffing the data sent over in a post to the back-end from the PHP or Java. With COBOL all you need to do is submit the field data from the page and let COBOL decide how to handle it. If you use SQL as your data storage it will not matter since COBOL will call the required StoredProc that will handle getting and putting your data. Any SQLi contained in the field data is treated exactly as that. Data. So your hacker is just simply out of luck. If your data is contained in COBOL files preferably in indexed files it’s even safer since COBOL doesn’t need SQL. COBOL has been handling data in an efficient manner long before database systems were created and not much has changed since.
Can I use COBOL for AJAX. Most certainly. You can pass and get data via a standard XmlHTTPost using Get or Post just like with PHP and Java. There are many examples available for how to do this. We should soon start having working code available for download on this site.
There is not much more to say at this time about this. Later I will write a series of tutorials guiding you in creating a web app using COBOL, HTML5, and a little JavaScript. I will not be getting into any CSS as that will be outside the scope.
Here is the roadmap at this time for these tutorials:
1.Web-servers and Hosts and requirements
2.Installing OpenCOBOL
3.Creating the basic AJAX page with HTML5 and JavaScript
4.Creating a basic COBOL cgi to use with the AJAX page
5.Expanding the My Library application
As more items come up for the tutorial they will be added.
Until then, go get OpenCOBOL from http://opencobol.org and play around if you anxious to get started. The community is full of wonderful helpful people who love the language and want to make OpenCOBOL one of the best open source languages available.
(To comment click “Read More”)
This content is published under the Attribution-Share Alike 3.0 Unported license.
Damon,
Are you using SQL with COBOL right now? Also I think we have to examine because if you are using SQL stringed statements, there’s a chance that SQL injection could occur. With Prepared Statements I believe your chance of SQL injection is almost non-existent. If you are using SQL Stored Procedures, chance is greatly reduced as well.
Of corset with COBOL reads/writes from native files, there is no chance of injection.
Currently I am not using SQL. I using strictly ISAM files.
During the tutorials I will be using ISAM to start with. As we become more advanced I will move over into SQL. Also, I will be happy to post Web security and related links for those interested.
I am highly interested in using ISAM if we can get all of the issues worked out. The power it would give us would be immense. And the security, well just awesome.
Well you’ve fixed the isam issue sort of on DH with vbisam, but we do need to get it working with BDB since vbisam may have some issues with it according to btiffin.