If you’re running an old version of Zend Server on the IBM i make sure you look at this article from Zend Support:
Basically you need to rename
/usr/local/zendsvr/lib/libdb400.a to /usr/local/zendsvr/lib/libdb400.a.bak
To do this Rod Flohr suggest you open a PASE shell and issue a mv command to rename the file.
5250 Terminal:
[code]
call qp2term
[/code]
PASE:
[code]
mv /usr/local/zendsvr/lib/libdb400.a /usr/local/zendsvr/lib/libdb400.a.bak
[/code]
If you pass in user supplied parameters to db2_connect function a person could log in as someone else with greater authorities possibly and go into pages or access data they aren’t authorized to use.