Re: Table inside Table
Em Mon, 13 Jan 2003 22:53:16 + "Maurício Amorim " <[EMAIL PROTECTED]> escreveu: > Hi list, > > I need generate an table that can have table inside table. > I am trying an recursive routine, but i don't am getting sucess, > because the html is not generate. > > Exist any form for do it. > I am trying an explorer in html. (simple) > This is very tricky but possible. For reentrant code use plain perl subs instead of Embperl [$ sub $] and output html with print OUT. Regards, Luiz Fernando B. Ribeiro Engenho Soluções para a Internet - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Table inside Table
I tried it but don't get sucess.
My routine is like:
## Rotina: geranavegacao#sub geranavegacao { my ($sth) = shift; my ($refhashscan) = shift;
# # Fim cursor # undef local $nivel; return unless defined $refhashscan;
$nivel = $$refhashscan{NIVEL}; print '
do { print "" . chr(10); foreach ($$refhashscan{STATUSBOTAO}) { /0/ && do { print ' ' . chr(10); last; };
/1/ && do { print ' ' . chr(10); last; }; } print "" . chr(10); print $$refhashscan{MNOREAL} . chr(10); print "" . chr(10); $refhashscan = $sth->fetchrow_hashref(); die "$DBI::errstr" if (defined $DBI::errstr); } while (defined $refhashscan && $$refhashscan{NIVEL} == $nivel);
if (! defined $refhashscan || $$refhashscan{NIVEL} < $nivel) { print "" . chr(10); } else { print "" . chr(10); geranavegacao($sth, $refhashscan); print "" . chr(10); print "" . chr(10); }}
Which version of embperl i need use ?
I am using 1.3.4.
I tried print to OUT but it no go to stdout.
I tried some of type:
print OUT "";
I need any adicional configuration ?
De:
"Luiz Fernando B. Ribeiro" <[EMAIL PROTECTED]>
Para:
[EMAIL PROTECTED]
Cópia:
Data:
Tue, 14 Jan 2003 11:21:00 -0200
Assunto:
Re: Table inside Table
> Em Mon, 13 Jan 2003 22:53:16 +
> "Maurício Amorim " <[EMAIL PROTECTED]>escreveu:
>
> > Hi list,
> >
> > I need generate an table that can have table inside table.
> > I am trying an recursive routine, but i don't am getting sucess,
> > because the html is not generate.
> >
> > Exist any form for do it.
> > I am trying an explorer in html. (simple)
> >
>
> This is very tricky but possible. For reentrant code use plain perl subs
> instead of Embperl [$ sub $] and output html with print OUT.
>
> Regards,
>
> Luiz Fernando B. Ribeiro
> Engenho Soluções para a Internet
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
> Esta mensagem foi verificada pelo E-mail Protegido Terra.
> Scan engine: VirusScan / Atualizado em 11/01/2003 / Versão: 1.3.13
> Proteja o seu e-mail Terra: http://www.emailprotegido.terra.com.br/
>
>
Re: Table inside Table
At 11:21 AM -0200 1/14/03, Luiz Fernando B. Ribeiro wrote: Em Mon, 13 Jan 2003 22:53:16 + "Maurício Amorim " <[EMAIL PROTECTED]> escreveu: Hi list, I need generate an table that can have table inside table. I am trying an recursive routine, but i don't am getting sucess, because the html is not generate. Exist any form for do it. I am trying an explorer in html. (simple) This is very tricky but possible. For reentrant code use plain perl subs instead of Embperl [$ sub $] and output html with print OUT. Or just use [$ while $] loops instead of the builtin row/col features. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Execute is not sending request object to executed page
>I'm attempting to execute a page and redirect the output to a file. This is
>all that's in the page I'm loading:
>[- Execute({inputfile=> 'page.epl', output => '/tmp/output.html' }); -]
Not quite sure if this is the problem, but it must be outputfile instead of
output
Gerald
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Table inside Table
>I am trying an recursive routine, but i don't am getting sucess, because >the html is not generate. there is a bug in 2.0b8 that sometimes causes html inside a [$sub $] not to be outputed when the sub is nested. Maybe you hit that bug. (No problem with 1.3.x) A workaround is to place the content of the sub inside a file and call this recursivly via Execute. Gerald - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Can't locate object method "TIEHASH"
Hello all, I'm having all kinds of problems with sessions... here goes. The error message when using the embperl 2.08b default behavior (Apache::SessionX): = [Tue Jan 14 10:52:53 2003] [error] [24539]ERR: 24: Error in Perl code: Permission denied at /usr/lib/perl5/site_perl/5.6.1/Apache/Session/Lock/Semaphore.pm line 92. [Tue Jan 14 10:52:53 2003] [error] Permission denied at /usr/lib/perl5/site_perl/5.6.1/Apache/Session/Lock/Semaphore.pm line 92. = The line referenced in 'Semaphore.pm' is trying to create a semaphore. I'm not sure where in the filesystem though. The error message when using the 'old' behavior (Apache::Session): == [24769]ERR: 66: Embperl Session handling DISABLED because of the following error: Can't locate object method "TIEHASH" via package "Embperl::Session" (perhaps you forgot to load "Embperl::Session"?) at /usr/lib/perl5/site_perl/5.6.1/i386-linux/Embperl/Object.pm line 130. Set EMBPERL_SESSION_HANDLER_CLASS to 'no' to avoid this message. == The odd thing is that %udat works for a little while when using the old method. But after a couple minutes of inactivity, values stored in %udat are gone. I've install Apache::Session 1.54 without incident. I had to modify MD5.pm for Apache::SessionX 2.00b3. I had trouble running make test. Changed lines from 'use MD5' ==> 'use Digest::MD5' as mentiond by G. Richter in a posting last year. Any assistance would be appreciated. -- Farouk Khawaja <[EMAIL PROTECTED]> Instinet Corporation <> This message is intended only for the use of the Addressee and may contain information that is PRIVILEGED and/or CONFIDENTIAL or both. This email is intended only for the personal and confidential use of the recipient(s) named above. If the reader of this email is not an intended recipient, you have received this email in error and any review, dissemination, distribution or copying is strictly prohibited. If you have received this email in error, please notify the sender immediately by return mail and permanently deleting the copy you received. Thank you.
Re: Execute is not sending request object to executed page
I changed the top level file to just:
[- Execute ('page.epl' ); -]
and I'm still getting errors in my database because the $req is not going to
page.epl.
Scott
On Tuesday 14 January 2003 07:16 am, Gerald Richter wrote:
> >I'm attempting to execute a page and redirect the output to a file. This
> > is all that's in the page I'm loading:
> >[- Execute({inputfile=> 'page.epl', output => '/tmp/output.html' }); -]
>
> Not quite sure if this is the problem, but it must be outputfile instead of
> output
>
> Gerald
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: session records bulding up
>I think though, from the looks of the documentation, you have to manage the lifespan of the sessions on the server side yourself Yes unfortunately you have to >One more way which is probably evil but better overall, imo, is to add a field to the session table with the timestamp Adding a field should work. Mysql can use a default value on insert. If you set the default to now() mysql should automaticly insert the date and time and you should be done Gerald - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Table inside Table
>I am using 1.3.4. > >print OUT ""; For 1.3.4 you should set optRawInput in EMBPERL_OPTIONS in your httpd.conf, otherwise Embperl will remove the html tag inside the input. See the docs and Faq.pod for more informations about this issue Additionaly note that printing to OUT only works inside Embperl page. Gerald - Gerald Richterecos electronic communication services gmbh Internetconnect * Webserver/-design/-datenbanken * Consulting Post: Tulpenstrasse 5 D-55276 Dienheim b. Mainz E-Mail: [EMAIL PROTECTED] Voice:+49 6133 925131 WWW:http://www.ecos.de Fax: +49 6133 925152 - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Can't locate object method "TIEHASH"
>[Tue Jan 14 10:52:53 2003] [error] [24539]ERR: 24: Error in Perl code: Permission denied > at /usr/lib/perl5/site_perl/5.6.1/Apache/Session/Lock/Semaphore.pm line 92. The user Apache runs as has no access to the semaphore. Use ipcs to show all sempahores and ipcrm to remove the sempahore of Apache::Session. Apache::Session will recreate it with correct permissions. >(perhaps you forgot to load "Embperl::Session"?) at /usr/lib/perl5/site_perl/5.6.1/i386-linux/Embperl/Object.pm line 130. Did you load Embperl::Session somewhere. If not do it >The odd thing is that %udat works for a little while when using the old method. >But after a couple minutes of inactivity, values stored in %udat are gone. It works as long as you hit the same Apache child.That's normal behaviour. Gerald - Gerald Richterecos electronic communication services gmbh Internetconnect * Webserver/-design/-datenbanken * Consulting Post: Tulpenstrasse 5 D-55276 Dienheim b. Mainz E-Mail: [EMAIL PROTECTED] Voice:+49 6133 925131 WWW:http://www.ecos.de Fax: +49 6133 925152 - - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Execute is not sending request object to executed page
>I changed the top level file to just:
>[- Execute ('page.epl' ); -]
>
>and I'm still getting errors in my database because the $req is not going
to
>page.epl.
Strange. What do you get if you add a
[+ $_[0] +]
to page.epl _before_ the shift?
Does it change anything if you remove the [$ var $req $] ?
Gerald
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Execute is not sending request object to executed page
I made it like this:
[$ var $rec $req %qdat %ssdat %srdat @set $set $names %db $key $allow_update
$allow_demolinks @values $creator $datetime $eventcode $user_id $info
$sth_eventlog $review_type $review_os $recurring_total $]
[+ $_[0] +]
[- $req = shift; -]
[-
and I still got the error.
When I open page.epl directly (the top of it's showing above), it works fine
and I get this where the $_[0] is at:
Embperl::__6=HASH(0x85b238c)
I then removed the entire [$ var $] line and it gave the same error when
executed and it loads directly just fine, chainging the number of the hash
reference.
Scott
On Tuesday 14 January 2003 11:59 am, Gerald Richter wrote:
> >I changed the top level file to just:
> >[- Execute ('page.epl' ); -]
> >
> >and I'm still getting errors in my database because the $req is not going
>
> to
>
> >page.epl.
>
> Strange. What do you get if you add a
>
> [+ $_[0] +]
>
> to page.epl _before_ the shift?
>
> Does it change anything if you remove the [$ var $req $] ?
>
> Gerald
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Can't locate object method "TIEHASH"
On Tue, 2003-01-14 at 14:57, Gerald Richter wrote: Did you load Embperl::Session somewhere. If not do it I belive the following from 'httpd.conf' loads Embperl::Session. PerlModule Embperl SetHandler perl-script PerlHandler Embperl::Object Options ExecCGI Embperl_AppName GSSiconsole Embperl_Object_Base base.htm Embperl_UriMatch "\.htm.?|\.epl$" Embperl_Options 16 Embperl_Log "/www/apache/logs/embperl/embperl.log" Embperl_Debug 4 Embperl_Mailhost tusmail.instinet.com Embperl_Cookie_Expires +1h Embperl_Session_Handler_Class "Embperl::Session" Embperl_Session_Classes "File Semaphore" Embperl_Session_Args "Directory=/www/apache/session" -- Farouk Khawaja <[EMAIL PROTECTED]> Instinet Corporation *** <> This message is intended only for the use of the Addressee and may contain information that is PRIVILEGED and/or CONFIDENTIAL or both. This email is intended only for the personal and confidential use of the recipient(s) named above. If the reader of this email is not an intended recipient, you have received this email in error and any review, dissemination, distribution or copying is strictly prohibited. If you have received this email in error, please notify the sender immediately by return mail and permanently deleting the copy you received. Thank you. ***
DBIx::Recordset/Embperl security question
One of the great features of of the Embperl/DBIx::Recordset
combination is the ability to pass %fdat directly to a database
update or insert call. Recordset takes the parameters that exist in
the record and ignores the rest. You can easily update your database
and your web forms without having to update all the code inbetween.
The risk, however, is when a malicious web user either knows, or
guesses, some of your database structure and attempts to manipulate
the update. For instance, they might take a form that creates a new
account, and add a field to the form that sets the class of user,
thus giving themselves administration rights instead of the default
user rights.
There are two solutions to this. The most secure one is that you
never pass %fdat directly to the Recordset calls. Instead you pass a
slice of it, where you explicitly determine which parameters you want
to pass.
foreach $key (qw(good1 good2 good3)) { $newhash{$key} = $fdat{$key}; }
or
@safe = qw(good1 good2 good3);
@newhash{@safe} = @fdat{@safe};
The slightly more risky, but far more convenient, especially during
development, solution is that you deliberately delete or override the
fields you don't want the user to set.
foreach $key (qw(bad1 bad2 bad3)) { delete $fdat{$key}; }
The other day though, it occurred to me that there's a hole in the
second case that isn't easy to plug. Namely, what if the attacker
uses a different, or mixed case, version of the keyword name. $fdat
is case sensitive. DBIx::Recordset is (normally) not. What happens
when I set $fdat{foo} to 'user', and the attacker sets $fdat{FOO} to
'admin' and both get passed to Recordset?
Does anyone have any suggestions here? Or is the only safe course to
take the "explicitly specify what you want to pass" route? (And if
so, is there a better way to copy one slice of a hash to another?)
--
Kee Hinckley - Somewhere.Com, LLC
http://consulting.somewhere.com/
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
