mod_perl-1.24: ...called too early to check prototype...

2001-02-28 Thread Ulrich Windl

Hello,

I have a non-trivial CGI script that ran fine with an older Perl and 
mod_perl, even with -w ans use strict. Recently I upgraded to Perl-5.6 
and mod_perl-1.24, and I get this new warning in Apache:

[Tue Feb 27 15:52:15 2001] bugCGI.pl: main::validate_token() called too 
early to check prototype at /usr/local/httpd/cgi-bin/bugCGI.pl line 
1454.

The routine in question is not called before declaration. The spot in 
question is a recursive call however.

Sketch of the code:

# validate current token  @@@line 1339
sub validate_token($)
{
my $q = shift;
...
} else {# invalid token
$q-delete($tokenname);
validate_token($q); # get a new token  @@@trouble line
}
}


Am I right that this is not a programming error on my side?

Regards,
Ulrich




mod_perl-1.24 (perl 5.6): Undefined subroutine CGI::thead

2001-02-28 Thread Ulrich Windl

Hello,

this is an old problem that is still current: Occasionally my CGI 
script fails because of
Undefined subroutine CGI::thead
If I reload the page it works again, but maybe it's because a different 
Apache process is used.

Environment:
Apache/1.3.14 (Unix) (SuSE/Linux)
mod_ssl/2.7.1
OpenSSL/0.9.6
mod_perl/1.24
Linux 2.2.18 (SuSE)
Perl-5.6
CGI.pm is /usr/lib/perl5/5.6.0/CGI.pm (1.19/2.56)

I use this:
use CGI qw/thead tbody/;# auto-generate unknown elements from 
HTML 4.0

and
print $q-thead($q-Tr($q-th(...)));

and
$row .= $q-thead($q-Tr($q-th([...]))) . "\n";




mod_perl/CGI.pm: use CGI::Carp qw(fatalsToBrowser);

2001-02-28 Thread Ulrich Windl

Hello,

it seems
use CGI::Carp qw(fatalsToBrowser);

does no longer work as intended with Apache 1.3.14 and perl-5.6 
(mod_perl 1.24). Where previously the error message appeared in the 
browser, I now get this:

here is good HTML output
HTTP/1.1 200 OK Date: Wed, 28 Feb 2001 10:01:12 GMT Server: 
Apache/1.3.14 (Unix) (SuSE/Linux)
mod_ssl/2.7.1 OpenSSL/0.9.6 mod_perl/1.24 Expires: Wed, 28 Feb 2001 
10:01:42 GMT Connection: close
Content-Type: text/html; charset=iso-8859-1 

OK

The server encountered an internal error or misconfiguration and was 
unable to complete your request.

Please contact the server administrator, [EMAIL PROTECTED]
regensburg.de and inform them of
the time the error occurred, and anything you might have done that may 
have caused the error.

More information about this error may be available in the server error 
log.


Apache/1.3.14 Server at kgate.dvm.klinik.uni-regensburg.de Port 443



Re: mod_perl-1.24: ...called too early to check prototype...

2001-02-28 Thread Paul Johnson

On Wed, Feb 28, 2001 at 10:53:01AM +0100, Ulrich Windl wrote:
 Hello,
 
 I have a non-trivial CGI script that ran fine with an older Perl and 
 mod_perl, even with -w ans use strict. Recently I upgraded to Perl-5.6 
 and mod_perl-1.24, and I get this new warning in Apache:
 
 [Tue Feb 27 15:52:15 2001] bugCGI.pl: main::validate_token() called too 
 early to check prototype at /usr/local/httpd/cgi-bin/bugCGI.pl line 
 1454.

sub validate_token($);

 # validate current token  @@@line 1339
 sub validate_token($)
 {
 my $q = shift;
 ...
 } else {# invalid token
 $q-delete($tokenname);
 validate_token($q); # get a new token  @@@trouble line
 }
 }
 
 
 Am I right that this is not a programming error on my side?

Probably.  Either provide a forward declaration of the sub, or don't use
a prototype.

-- 
Paul Johnson - [EMAIL PROTECTED]
http://www.pjcj.net



RE: [OT] Re: Search Engine Theory

2001-02-28 Thread Dave . Clarke

You can also try http://perlfect.com/freescripts/search/; uses perl and
DB_File.

 -Original Message-
 From: T.J. Mather [SMTP:[EMAIL PROTECTED]]
 Sent: Tuesday, February 27, 2001 10:41 PM
 To:   Modperl
 Subject:  [OT] Re: Search Engine Theory
 
 You might want to look at DBIx::FullTextSearch, a perl module for indexing
 documents using MySQL as a backend.  It supports different frontends and
 backends, and has a nice modular design (IMHO).
 
 http://cpan2.org/Asset/display?dist=DBIx-FullTextSearch
 
 On Tue, 27 Feb 2001, Jamie Krasnoo wrote:
 
  Can anyone point me to any documents on search engine theory and
 programming
  search engines with perl?
  
  Jamie Krasnoo
  www.MyEBoard.com
  [EMAIL PROTECTED]
  
  
 
 _
 T.J. Mather   http://tjmather.com
 http://cpan2.org/ New CPAN Search Engine
 http://www.anidea.com/Digital Asset Management
 http://www.theinnkeeper.com/  Bed and Breakfast Directory



Duplicate entries in @INC

2001-02-28 Thread Arun Theeban

Hi All,
I am using a linux box,with apache server,mod-perl.

I have put my own modules in a directory and  added
the directory into @INC in my "startup.pl" file of the
Apache Server.(I used "qw" to do that).

All my programs works fine. 

But when I print all the values of @INC in mod-perl
through browser ,I see duplicate entries for my
directory.But under CGI, I don't see any

What might be the reason? 

-Thanks
Arun

-Thanks
Arun

__
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail. 
http://personal.mail.yahoo.com/



Re: Duplicate entries in @INC

2001-02-28 Thread Stas Bekman

On Wed, 28 Feb 2001, Arun Theeban wrote:

 Hi All,
 I am using a linux box,with apache server,mod-perl.

 I have put my own modules in a directory and  added
 the directory into @INC in my "startup.pl" file of the
 Apache Server.(I used "qw" to do that).

 All my programs works fine.

 But when I print all the values of @INC in mod-perl
 through browser ,I see duplicate entries for my
 directory.But under CGI, I don't see any

 What might be the reason?

 -Thanks
 Arun

 -Thanks
 Arun

That's because you sig is duplicated :)

startup.pl has no influence for mod_cgi (what you call CGI). Check whether
you have PERL5LIB env var set in the shell...

_
Stas Bekman  JAm_pH --   Just Another mod_perl Hacker
http://stason.org/   mod_perl Guide  http://perl.apache.org/guide
mailto:[EMAIL PROTECTED]   http://apachetoday.com http://logilune.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/





Re: mod_perl shared memory with MM

2001-02-28 Thread Adi Fairbank

Sean Chittenden wrote:
 
   Is there a way you can do that without using Storable?
 
  Right after I sent the message, I was thinking to myself that same
  question... If I extended IPC::MM, how could I get it to be any
  faster than Storable already is?
 
 You can also read in the data you want in a startup.pl file
 and put the info in a hash in a global memory space
 (MyApp::datastruct{}) that gets shared through forking (copy on write,
 not read, right?).  If the data is read only, and only a certain size,
 this option has worked _very_ well for me in the past.  -sc
 

Yeah, I do use that method for all my read-only data, but by definition the
persistent session cache is *not* read-only... it gets changed on pretty much
every request.

-Adi




Re: mod_perl shared memory with MM

2001-02-28 Thread Joshua Chamas

Adi Fairbank wrote:
 
 I am trying to squeeze more performance out of my persistent session cache.  In
 my application, the Storable image size of my sessions can grow upwards of
 100-200K.  It can take on the order of 200ms for Storable to deserialize and
 serialize this on my (lousy) hardware.
 

Its a different approach, but I use simple MLDBM + SDBM_File 
when possible, as its really fast for small records, but it has
that 1024 byte limit per record!  I am releasing a wrapper
to CPAN ( on its way now ) called MLDBM::Sync that handles
concurrent locking  i/o flushing for you.  One advantage
of this approach is that your session state will persist
through a server reboot if its written to disk.

I also wrote a wrapper for SDBM_File called MLDBM::Sync::SDBM_File
that overcomes the 1024 byte limit per record.  The below 
numbers were for a benchmark on my dual PIII 450, linux 2.2.14,
SCSI raid-1 ext2 fs mounted async.  The benchmark can be found
in the MLDBM::Sync package in the bench directory once it makes
it to CPAN.

With MLDBM ( perldoc MLDBM ) you can use Storable or 
XS Data::Dumper method for serialization as well as 
various DBMs.

--Josh

=== INSERT OF 50 BYTE RECORDS ===
 Time for 100 write/read's for  SDBM_File   0.12 seconds  
12288 bytes
 Time for 100 write/read's for  MLDBM::Sync::SDBM_File  0.14 seconds  
12288 bytes
 Time for 100 write/read's for  GDBM_File   2.07 seconds  
18066 bytes
 Time for 100 write/read's for  DB_File 2.48 seconds  
20480 bytes

=== INSERT OF 500 BYTE RECORDS ===
 Time for 100 write/read's for  SDBM_File   0.21 seconds 
658432 bytes
 Time for 100 write/read's for  MLDBM::Sync::SDBM_File  0.51 seconds 
135168 bytes
 Time for 100 write/read's for  GDBM_File   2.29 seconds  
63472 bytes
 Time for 100 write/read's for  DB_File 2.44 seconds 
114688 bytes

=== INSERT OF 5000 BYTE RECORDS ===
(skipping test for SDBM_File 1024 byte limit)
 Time for 100 write/read's for  MLDBM::Sync::SDBM_File  1.30 seconds
2101248 bytes
 Time for 100 write/read's for  GDBM_File   2.55 seconds 
832400 bytes
 Time for 100 write/read's for  DB_File 3.27 seconds 
839680 bytes

=== INSERT OF 2 BYTE RECORDS ===
(skipping test for SDBM_File 1024 byte limit)
 Time for 100 write/read's for  MLDBM::Sync::SDBM_File  4.54 seconds   
13162496 bytes
 Time for 100 write/read's for  GDBM_File   5.39 seconds
2063912 bytes
 Time for 100 write/read's for  DB_File 4.79 seconds
2068480 bytes



Re: lingerd mod_perl mod_ssl

2001-02-28 Thread Roger Espel Llima

Vivek Khera wrote:
 mod_ssl alters the Apache API, so if you're doing the same then that's
 why they clash.  Either that or you're patching something near what
 mod_ssl patches.

Good guess.  mod_ssl adds some initialization code add the end of
common_init(), and so does lingerd  which is why lingerd's patch
wasn't applying cleanly.  

I had to make a different patch, for use with mod_ssl.  The file is
ftp://iagora.com/pub/software/lingerd/tmp/aplinger-ssl.diff 
(I'll put it in a proper lingerd release once I've checked a bit
more closely how it all works)

With this patch, I got Apache to build with lingerd, mod_perl and
mod_ssl, and it seems to work fine.  Netscape can access it, the
ssl_engine_log doesn't show any errors, and keep-alive works.

Btw, SSL really wants keep-alives on (key setup is slow), while
mod_perl kind of wants them off (images should be served separately
anyway, and lingerd is much more effective when keep-alives are
off), so putting mod_ssl and mod_perl in the same Apache is a bit of
a compromise.  I'd still do it for secure dynamic pages, since you
really need both, but I'd never serve non-secure (http) pages from
the Apache that has mod_ssl in and keep-alives on.

Anyway, here's the sequence of commands that I used to get
Apache/mod_perl/mod_ssl/lingerd to build:

get and untar:
  apache_1.3.17.tar.gz
  mod_ssl-2.8.0-1.3.17.tar.gz
  mod_perl-1.25.tar.gz
  lingerd-0.93.tar.gz
  aplinger-ssl.diff

cd mod_ssl-2.8.0-1.3.17 
./configure --with-apache=../apache_1.3.17/

cd ../mod_perl-1.25 
perl Makefile.PL APACHE_SRC=../apache_1.3.17/src DO_HTTPD=1 \
 USE_APACI=1 PREP_HTTPD=1 EVERYTHING=1
make 
make install

cd ../lingerd-0.93
vi config.h apache-1.3/ap_lingerd.h
make
make install
mkdir /var/run/lingerd
chown httpd.httpd /var/run/lingerd
chmod 755 /var/run/lingerd

cd ../apache_1.3.17
cp ../lingerd-0.93/apache-1.3/ap_lingerd.* src/main 
patch -p0 -d src/  ../aplinger-ssl.diff  

SSL_BASE=SYSTEM ./configure --prefix=/usr/local/ssl-apache \
--enable-module=ssl --activate-module=src/modules/perl/libperl.a \
--enable-module=perl

make
make certificate
make install


Let me know if something like that works for you...  I want to
officially support mod_ssl in the next release of lingerd, but I
need more test data!


Roger
-- 
Roger Espel Llima, [EMAIL PROTECTED]
http://www.iagora.com/~espel/index.html



Re: lingerd mod_perl mod_ssl -- how about Ben-apache_ssl

2001-02-28 Thread Michael

 Good guess.  mod_ssl adds some initialization code add the end of
 common_init(), and so does lingerd  which is why lingerd's patch
 wasn't applying cleanly.  
 
 I had to make a different patch, for use with mod_ssl.  The file is
 ftp://iagora.com/pub/software/lingerd/tmp/aplinger-ssl.diff (I'll
 put it in a proper lingerd release once I've checked a bit more
 closely how it all works)
 
 With this patch, I got Apache to build with lingerd, mod_perl and
 mod_ssl, and it seems to work fine.  Netscape can access it, the
 ssl_engine_log doesn't show any errors, and keep-alive works.
 

I'm running Ben's apache_ssl + mod_perl and am considering adding 
lingerd to the mix. I already have lingerd + apache running on the 
lite-weight end, and wonder if apache_ssl has similar problems BEFORE 
I mess up my production server.

Michael
[EMAIL PROTECTED]



Re: Duplicate entries in @INC

2001-02-28 Thread Perrin Harkins

 But when I print all the values of @INC in mod-perl
 through browser ,I see duplicate entries for my
 directory.But under CGI, I don't see any

 What might be the reason?

I can think of two possibilities.  First, you might be adding
/usr/local/apache/lib/perl (or where ever your Apache lives + /lib/perl) to
@INC, which mod_perl does automatically.  Second, your startup.pl may be
running twice because Apache runs the config file twice on startup.  Stas
posted a message a few days ago about seeing files pulled in from
PerlModule/PerlRequire commands running twice on startup, even though they
probably shouldn't.  See
http://forum.swarthmore.edu/epigone/modperl/crachoupro/Pine.LNX.4.30.0102231
[EMAIL PROTECTED] for more info and a workaround.

- Perrin




Unusual proxying, CONNECT munging.

2001-02-28 Thread Chris Lewis

We have a rather unusual proxying scheme.

In normal operation, our server has all of the slave applications' DNS
pointing to itself. Browsers are not configured to proxy. After
authentication and access control, it converts the "local" reference to
a proxy to the real server (like the wAMPC example in the section on:
"Invoking mod_proxy for Nonproxy requests").  We have this working
rather well.

In one particular instance, we need to have this server acting as a real
proxy (browsers are configured to have it as a proxy), and fall through
the rest of the code to the back end applications.

I have this working for HTTP easily enough (just don't proxyify the
requests), but SSL seems to be a severe problem, because browsers use
the "CONNECT hostname:port" for https (and then blindly copy packets
bidirectionally), rather than "GET http://host.../file".

I believe I can get this to work if, after detecting a "CONNECT" method
connection, I change the effective "hostname:port" to be localhost:443,
and force the Apache proxy to redirect to itself.  Then I can handle it
through the stuff we already use.

Does anybody know how to alter the CONNECT's parameters in mod_perl so
that mod_proxy will do the right thing with it? I can "see" the CONNECT
parameter by examining $r-uri, but setting it ala
$r-uri("localhost:443") appears to be ignored.

I can't even seem to find official documentation for CONNECT.  The links
(netscape and elsewhere) appear dead.  I've been playing around with
some simple stand-alone proxies to test out whether the back-end stuff
will work out, but, I don't seem to be able to get them to interoperate
with CONNECT requests quite yet.

Thanks muchly.



Apache thrashing my swap...

2001-02-28 Thread Jason Terry

I am running
Apache/1.3.14 (Unix) mod_perl/1.24_01 PHP/4.0.3pl1 mod_ssl/2.7.1 OpenSSL/0.9.6

And run several database and MEMORY hogging mod_perl scripts...  My problem is that 
recently I have had some users that are getting
impatient and hitting the reload/refresh button OFTEN.  In some instances this causes 
one single person to have over 40 httpd
children service JUST them.  This causes my server to start thrashing swap...

Does anybody on this list know of a way to limit the number of connections apache will 
allow per IP address (before any reverse
lookups would be nice)?  I would like to set this to like 10-15 or so if it is 
possible?  I know that this could cause some people
with proxy servers to be limited, but I figure 10-15 httpd children should be able to 
handle most proxy systems just fine...

I know this isn't really a mod_perl problem... but I also know that this list is 
probably the most likely to have other people who
have exactly this issue on their machines

Thanks in advance
-Jason




Apache::ASP, Response-Flush problems ...

2001-02-28 Thread Demetrios C. Christopher

Hello all,
due to some issues with long-running scripts and impatient users
we decided to display some sort of message (either in the window
or in a popup - better!) that would say "Chill out, don't refresh
or double-click" etc, etc.  I was trying to take advantage of
$Response-{Buffer} and $Response-Flush() but apparently it does
not work.  Clearing and Flushing may work in the "end product"
which is what you see on your browser but the timing is not correct.
That is, when I say "$Response-Flush()" I actually want the user
to see the output thus far.  My ASPs unfortunately will not display
the source until the last statement has been executed and then the
source will be received in its entirety.  What I meant by "end
product" by the way is: if I do something similar to Josh's sample
response.html file and say:

print a bunch of stuff
Response-Flush
print something here
if I should clear this
 { Response-Clear }
do other things

then the above statements will take the proper effect and either
show the "print something here" or not depending on the conditional.
The problem is I won't see the "print a bunch of stuff" until the
end of script (so if there was a noticeable delay in "do other things"
I'd have to wait for them to finish until I could see "print a bunch
of stuff").

Any help would be greatly appreciated.

DCC

P.S. I tested the timing of the output returned by telnet'ing
to port 80 and using sleep(x) right after Flush().  The start of
the output has to wait for the completion of the script in all
instances.



RE: Search Engine Theory

2001-02-28 Thread Shane Adams
Title: RE: Search Engine Theory





Check out the book Managing Gigabytes


Text indexing theory and algorithms. Source code too.




-Original Message-
From: Jamie Krasnoo [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 27, 2001 3:03 PM
To: Modperl
Subject: Search Engine Theory



Can anyone point me to any documents on search engine theory and programming
search engines with perl?


Jamie Krasnoo
www.MyEBoard.com
[EMAIL PROTECTED]





Re: Apache thrashing my swap...

2001-02-28 Thread Dave Hodgkinson

"Jason Terry" [EMAIL PROTECTED] writes:

 I know this isn't really a mod_perl problem... but I also know that this list is 
probably the most likely to have other people who
 have exactly this issue on their machines

I wonder if putting a thin apache on the front of a very limited fat
apache would at least get you somewhere near where you want to be. If
someone hits stop before something gets passed to the fat apache, will
it get tossed completely?

Having a maxclients limit on the fat apache will keep memory and CPU
usage sane.

-- 
Dave Hodgkinson, http://www.hodgkinson.org
Editor-in-chief, The Highway Star   http://www.deep-purple.com
  Apache, mod_perl, MySQL, Sybase hired gun for, well, hire
  -



Mod_perl and Apache 2.0

2001-02-28 Thread Jeffrey A. Stuart

Has anyone tried compiling mod_perl under apache 2.0?  Also, what is the
word on mod_perl 2.0?

--
Jeff Stuart
[EMAIL PROTECTED]




Re: Mod_perl and Apache 2.0

2001-02-28 Thread sterling

Well, from the looks of the cvs commits, doug seems to be compiling
mod_perl under apache 2.0 quite regularly :)  With the complete rewrite
there's been plenty of work to do.

The word on it is here:
http://perl.apache.org/~dougm/modperl_2.0.html

its still in heavy development by doug - i would say the best thing to do
is watch the commits if you want to keep up with it.

sterling


On Wed, 28 Feb 2001, Jeffrey A. Stuart wrote:

 Has anyone tried compiling mod_perl under apache 2.0?  Also, what is the
 word on mod_perl 2.0?
 
 --
 Jeff Stuart
 [EMAIL PROTECTED]
 







Re: Apache thrashing my swap...

2001-02-28 Thread Perrin Harkins

On Wed, 28 Feb 2001, Jason Terry wrote:
 My problem is that recently I have had some users that are getting
 impatient and hitting the reload/refresh button OFTEN.  In some
 instances this causes one single person to have over 40 httpd children
 service JUST them.  This causes my server to start thrashing swap...

First, put something in place so that your server will never go into
swap.  I prefer a combination of MaxClients and Apache::SizeLimit.  Also,
if you haven't moved your images to another server and/or put a proxy
server in place, do that.

 Does anybody on this list know of a way to limit the number of
 connections apache will allow per IP address (before any reverse
 lookups would be nice)?

If you set a unique cookie, you could limit based on that and fall back to
IP address if you don't find a cookie.  That will help with the proxy
issue.  You could adapt one of the existing modules for this purpose, or
maybe grab Randal's Stonehenge::Throttle code from the list archives.

Be careful.  Blocking users is always a dangerous thing to do and may be
more trouble than it's worth.  You could check the list archives for
discussions of how to handle long-running tasks for ideas on interface
changes that might solve your problem.

- Perrin




Apache::GD examples?

2001-02-28 Thread JR Mayberry

Does anyone have any real world examples of Apache::GD or Apache::GD/Graph I
could look at?

And/or stories of using Apache::GD/Graph in a production enviroment..






Re: mod_perl shared memory with MM

2001-02-28 Thread Sean Chittenden

  Is there a way you can do that without using Storable?
 
 Right after I sent the message, I was thinking to myself that same
 question... If I extended IPC::MM, how could I get it to be any
 faster than Storable already is?

You can also read in the data you want in a startup.pl file
and put the info in a hash in a global memory space
(MyApp::datastruct{}) that gets shared through forking (copy on write,
not read, right?).  If the data is read only, and only a certain size,
this option has worked _very_ well for me in the past.  -sc

-- 
Sean Chittenden[EMAIL PROTECTED]
C665 A17F 9A56 286C 5CFB  1DEA 9F4F 5CEF 1EDD FAAD

 PGP signature


Re: Not even beginning - INSTALL HELP

2001-02-28 Thread A. Santillan Iturres

Finally I reinstalled Perl 5.6 and mod_perl installed without problems.
I am really new to mod_perl and I don't know if mod_perl is running well.
How can I know?

I would like to test if my script is running under mod_perl so I wrote the
following from the faqs but nothing happens (nothing is written):

#!/usr/bin/perl
if (exists $ENV{"MOD_PERL"}){ #if running under mod_perl
print "first test\n";
}
if($ENV{"GATEWAY_INTERFACE"} eq "CGI-Perl/1.1"){
print "second test\n";
}

Will this work as a test to know if mod_perl is running?


Thanks

Alejandro





- Original Message -
From: "Kurt Hansen" [EMAIL PROTECTED]
To: "A. Santillan Iturres" [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Tuesday, February 27, 2001 6:43 PM
Subject: Re: Not even beginning - INSTALL HELP


 Alejandro wrote:

  Another question:
  If I plan to use the DBD modules in the future, should they be installed
  before mod_perl, or is it the same?

 The DBD modules are independent of the mod_perl, so you should be able to
 install them whenever.  I mentioned them for completeness sake since it
was
 something I did. Also, DBI, DBD, et al. are a critical part of our
solution.
 If you don't use them now, no need to install them now.

 Take care,

 Kurt







security

2001-02-28 Thread Gustavo Vieira Goncalves Coelho Rios

Hi folks!

I have a FreeBSD server configured as a http server, running apache.
This installation includes mod_perl+EmbPerl, mod_php4 mod_cgi and
mod_fastcgi. Some of my users will be using mysql for database. The
problem is that this scenario requires sensitive information inside
file. This means no problem when these users write their dymanic pages
inside a compiled program. I can chmod a-rw and nobody will be able to
take away user/password from a compiled program. The problem happens
when write their php or embperl pages!

the key user\password are kept inside this file, so anyone can uses an
editor to retrieve the user mysql account. I resolve this problem
running php on secure mode and chgrping the php file the same user as
the http process and removing other flags file access (g-rwx). So nobody
besides the owner of the file (or the http process) will be able to read
it.

since php have some security facilities, like: if the file owner id !=
the file the script is trying to open = fails.
My problem is with perl: how to solve such a problem in a perl
environment?
Does mod perl allows any kind of security, to prevent ones writing
script to read others files?


PS: All cgi runs through suexec, so even cgi are not able to run the
script, ok?



How to unsubscribe.

2001-02-28 Thread John Michael




How to unsubscribe. please
Thanks
John Michael



Re: Apache::GD examples?

2001-02-28 Thread dsh

We started using it a few months ago for a web poll, and are now using it
for most of our reporting.  It's simple and quick.
http://www.sitemason.com/poll/iIDEre/results
The current version works well out of the box, even though we use the old
GD that supports gifs (have to skip the make test though)

Scott

On Wed, 28 Feb 2001, JR Mayberry wrote:

 Does anyone have any real world examples of Apache::GD or Apache::GD/Graph I
 could look at?
 
 And/or stories of using Apache::GD/Graph in a production enviroment..
 
 
 

--
Scott Holdren
[EMAIL PROTECTED]
http://www.sitemason.com - Build a better site




Re: Apache thrashing my swap...

2001-02-28 Thread Stas Bekman

 On Wed, 28 Feb 2001, Jason Terry wrote:
  My problem is that recently I have had some users that are getting
  impatient and hitting the reload/refresh button OFTEN.  In some
  instances this causes one single person to have over 40 httpd children
  service JUST them.  This causes my server to start thrashing swap...

See
http://perl.apache.org/guide/debug.html#Handling_the_User_pressed_Stop_

  Does anybody on this list know of a way to limit the number of
  connections apache will allow per IP address (before any reverse
  lookups would be nice)?

You don't want to do that. Think of AOL users who all come through the
same proxy (well a few).

This is not a situation where throttling helps, as with stopping rude
robots. Your purpose it to stop the script on abort, not to limit users.

Also you may want to revise your code to minimize the possibility of users
try to restart the request all the time. See the performance chapter in
the guide.

_
Stas Bekman  JAm_pH --   Just Another mod_perl Hacker
http://stason.org/   mod_perl Guide  http://perl.apache.org/guide
mailto:[EMAIL PROTECTED]   http://apachetoday.com http://logilune.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/





Re: How to unsubscribe.

2001-02-28 Thread Stas Bekman

 How to unsubscribe. please

The information is right before your yes: look at any of the posts'
headers:

...
Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm
Precedence: bulk
list-help: mailto:[EMAIL PROTECTED]
list-unsubscribe: mailto:[EMAIL PROTECTED]
list-post: mailto:[EMAIL PROTECTED]
Delivered-To: mailing list [EMAIL PROTECTED]
...


_
Stas Bekman  JAm_pH --   Just Another mod_perl Hacker
http://stason.org/   mod_perl Guide  http://perl.apache.org/guide
mailto:[EMAIL PROTECTED]   http://apachetoday.com http://logilune.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/






Re: Not even beginning - INSTALL HELP

2001-02-28 Thread Stas Bekman

On Wed, 28 Feb 2001, A. Santillan Iturres wrote:

 Finally I reinstalled Perl 5.6 and mod_perl installed without problems.
 I am really new to mod_perl and I don't know if mod_perl is running well.
 How can I know?

http://perl.apache.org/guide/install.html#How_can_I_tell_whether_mod_perl_

_
Stas Bekman  JAm_pH --   Just Another mod_perl Hacker
http://stason.org/   mod_perl Guide  http://perl.apache.org/guide
mailto:[EMAIL PROTECTED]   http://apachetoday.com http://logilune.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/





Re: security

2001-02-28 Thread Stas Bekman

On Wed, 28 Feb 2001, Gustavo Vieira Goncalves Coelho Rios wrote:

 Hi folks!

 I have a FreeBSD server configured as a http server, running apache.
 This installation includes mod_perl+EmbPerl, mod_php4 mod_cgi and
 mod_fastcgi. Some of my users will be using mysql for database. The
 problem is that this scenario requires sensitive information inside
 file. This means no problem when these users write their dymanic pages
 inside a compiled program. I can chmod a-rw and nobody will be able to
 take away user/password from a compiled program. The problem happens
 when write their php or embperl pages!

 the key user\password are kept inside this file, so anyone can uses an
 editor to retrieve the user mysql account. I resolve this problem
 running php on secure mode and chgrping the php file the same user as
 the http process and removing other flags file access (g-rwx). So nobody
 besides the owner of the file (or the http process) will be able to read
 it.

 since php have some security facilities, like: if the file owner id !=
 the file the script is trying to open = fails.
 My problem is with perl: how to solve such a problem in a perl
 environment?
 Does mod perl allows any kind of security, to prevent ones writing
 script to read others files?


 PS: All cgi runs through suexec, so even cgi are not able to run the
 script, ok?

At this moment anybody who has an access to mod_perl server can read any
data which is accessible by the same server. suexec is not an option
because of process persistance.

I understand that you want to store the SQL engine authentication info,
and users not to know each other's access credentials. The only solution
at this point is to either trust your users not to abuse each other, or
run a separate server for each one :(

_
Stas Bekman  JAm_pH --   Just Another mod_perl Hacker
http://stason.org/   mod_perl Guide  http://perl.apache.org/guide
mailto:[EMAIL PROTECTED]   http://apachetoday.com http://logilune.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/





Re: Apache::ASP, Response-Flush problems ...

2001-02-28 Thread Joshua Chamas

"Demetrios C. Christopher" wrote:
 
 Hello all,
 due to some issues with long-running scripts and impatient users
 we decided to display some sort of message (either in the window
 or in a popup - better!) that would say "Chill out, don't refresh
 or double-click" etc, etc.  I was trying to take advantage of
 $Response-{Buffer} and $Response-Flush() but apparently it does
 not work.  Clearing and Flushing may work in the "end product"
 which is what you see on your browser but the timing is not correct.
 That is, when I say "$Response-Flush()" I actually want the user

It should work, the code that's relevant in Apache::ASP::Response::Flush(),
but its seems not to be working for me either.  My real problem
here is that I've fixed this before, so I obvi need to create a decent
make test case for this routine.  My humble apologies.

I'll get back to you when I have this fix.

--Josh
 
_
Joshua Chamas   Chamas Enterprises Inc.
NodeWorks  free web link monitoring   Huntington Beach, CA  USA 
http://www.nodeworks.com1-714-625-4051



Re: mod_perl shared memory with MM

2001-02-28 Thread Sean Chittenden

The night of Fat Tuesday no less...  that didn't help any
either.  ::sigh::

Here's one possibility that I've done in the past becuase I
needed mod_perl sessions to be able to talk with non-mod_perl
programs.  I setup a named bi-directional pipe that let you write a
query to it for session information, and it wrote back with whatever
you were looking for.  Given that this needed to support perl, java,
and c, it worked _very_ well and was extremely fast.  Something you
may also want to consider because it keeps your session information
outside of apache (incase of restart of apache, or desire to
synchronize session information across multiple hosts).

-sc

On Wed, Feb 28, 2001 at 09:25:45PM -0500, Adi Fairbank wrote:
 Delivered-To: [EMAIL PROTECTED]
 Date: Wed, 28 Feb 2001 21:25:45 -0500
 From: Adi Fairbank [EMAIL PROTECTED]
 X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.14-5.0 i586)
 X-Accept-Language: en
 To: Sean Chittenden [EMAIL PROTECTED]
 Subject: Re: mod_perl shared memory with MM
 
 It's ok, I do that a lot, too.  Usually right after I click "Send" is when I
 realize I forgot something or didn't think it through all the way. :)
 
 Sean Chittenden wrote:
  
  Hmm... yeah, whoops.  I suppose that's what I get for sending
  email that late.  :~) -sc
 
 

-- 
Sean Chittenden[EMAIL PROTECTED]
C665 A17F 9A56 286C 5CFB  1DEA 9F4F 5CEF 1EDD FAAD

 PGP signature


Re: Apache::ASP, Response-Flush problems ...

2001-02-28 Thread Joshua Chamas

"Demetrios C. Christopher" wrote:
 
 Hello all,
 due to some issues with long-running scripts and impatient users
 we decided to display some sort of message (either in the window
 or in a popup - better!) that would say "Chill out, don't refresh
 or double-click" etc, etc.  I was trying to take advantage of
 $Response-{Buffer} and $Response-Flush() but apparently it does
 not work.  Clearing and Flushing may work in the "end product"

The old $Response-Flush() functionality will be back in 2.11.  
If you'd like my latest copy, I can send it to you, or you can 
patch up ASP.pm yourself:

*** ASP.pm~ Mon Feb 26 19:40:09 2001
--- ASP.pm  Wed Feb 28 18:43:43 2001
***
*** 3392,3397 
--- 3392,3398 
#unless($self-{r}-connection-aborted) {
# OK to print random ouput for 200's  300's
if(! defined $self-{Status} or ($self-{Status} = 200 and $self-{Status}  
400)) {
+   local $| = 1;
$self-{r}-print($out);
}
#   }

This change in mod_perl behavior really killed me.
Funny little thing, but at least its more perlish. :)

--Josh
_
Joshua Chamas   Chamas Enterprises Inc.
NodeWorks  free web link monitoring   Huntington Beach, CA  USA 
http://www.nodeworks.com1-714-625-4051



Re: mod_perl shared memory with MM

2001-02-28 Thread Adi Fairbank

Sean,

Yeah, I was thinking about something like that at first, but I've never played
with named pipes, and it didn't sound too safe after reading the perlipc man
page.  What do you use, Perl open() calls, IPC::Open2/3, IPC::ChildSafe, or
something else?  How stable has it been for you?  I just didn't like all those
warnings in the IPC::Open2 and perlipc man pages.

-Adi

Sean Chittenden wrote:
 
 The night of Fat Tuesday no less...  that didn't help any
 either.  ::sigh::
 
 Here's one possibility that I've done in the past becuase I
 needed mod_perl sessions to be able to talk with non-mod_perl
 programs.  I setup a named bi-directional pipe that let you write a
 query to it for session information, and it wrote back with whatever
 you were looking for.  Given that this needed to support perl, java,
 and c, it worked _very_ well and was extremely fast.  Something you
 may also want to consider because it keeps your session information
 outside of apache (incase of restart of apache, or desire to
 synchronize session information across multiple hosts).
 
 -sc





apache question...

2001-02-28 Thread Joseph Crotty

I am set up on apache_1.3.14/mod_perl currently, however, have an older
non-mod_perl apache_1.3.6.  The old apache's index.html needs to redirect to
the index.html on the new apache/mod_perl.  The old and new apache servers
are on different unix boxes.  Anyone think of an elegant block directive
solution, because I can't.

Thanks,

Joe Crotty



Re: apache question...

2001-02-28 Thread ___cliff rayman___

i would use mod_rewrite, but, since this is a mod_perl forum,
i have to suggest that u write a mod_perl transhandler that does
a redirect.

--
___cliff [EMAIL PROTECTED]http://www.genwax.com/

Joseph Crotty wrote:

 I am set up on apache_1.3.14/mod_perl currently, however, have an older
 non-mod_perl apache_1.3.6.  The old apache's index.html needs to redirect to
 the index.html on the new apache/mod_perl.  The old and new apache servers
 are on different unix boxes.  Anyone think of an elegant block directive
 solution, because I can't.

 Thanks,

 Joe Crotty







[ANNOUNCE] MLDBM::Sync

2001-02-28 Thread Joshua Chamas

Hey there,

MLDBM::Sync is finally available in CPAN, also at:
  http://www.perl.com/CPAN-local/modules/by-module/MLDBM/

Below is a bit of the README...

Its a locking wrapper around MLDBM I developed for the purpose 
of creating safe fast DBM storage for multi-process environments.
DBM's like DB_File  SDBM_File can become corrupt if not properly
locked and have their i/o flushed, though DB_File is much more 
sensitive to this.

Further, there's a special wrapper around SDBM_File which 
gets around its 1024 byte limit, called MLDBM::Sync::SDBM_File,
see benchmarks below.

--Josh
_
Joshua Chamas   Chamas Enterprises Inc.
NodeWorks  free web link monitoring   Huntington Beach, CA  USA 
http://www.nodeworks.com1-714-625-4051


NAME
  MLDBM::Sync (BETA) - safe concurrent access to MLDBM databases

SYNOPSIS
  use MLDBM::Sync;   # this gets the default, SDBM_File
  use MLDBM qw(DB_File Storable);# use Storable for serializing
  use MLDBM qw(MLDBM::Sync::SDBM_File);  # use extended SDBM_File, handles values 
 1024 bytes

  # NORMAL PROTECTED read/write with implicit locks per i/o request
  tie %cache, 'MLDBM::Sync' [..other DBM args..] or die $!;
  $cache{""} = "";
  my $value = $cache{""};

  # SERIALIZED PROTECTED read/write with explicity lock for both i/o requests
  my $sync_dbm_obj = tie %cache, 'MLDBM::Sync', '/tmp/syncdbm', O_CREAT|O_RDWR, 
0640;
  $sync_dbm_obj-Lock;
  $cache{""} = "";
  my $value = $cache{""};
  $sync_dbm_obj-UnLock;

DESCRIPTION
This module wraps around the MLDBM interface, by handling concurrent
access to MLDBM databases with file locking, and flushes i/o explicity
per lock/unlock. The new Lock()/UnLock() API can be used to serialize
requests logically and improve performance for bundled reads  writes.

  my $sync_dbm_obj = tie %cache, 'MLDBM::Sync', '/tmp/syncdbm', O_CREAT|O_RDWR, 
0640;
  $sync_dbm_obj-Lock;
... all accesses to DBM LOCK_EX protected, and go to same file handles ...
  $sync_dbm_obj-UnLock;

MLDBM continues to serve as the underlying OO layer that serializes
complex data structures to be stored in the databases. See the MLDBM the
BUGS manpage section for important limitations.

BENCHMARKS
In the distribution ./bench directory is a bench_sync.pl script that can
benchmark using the various DBMs with MLDBM::Sync.

The MLDBM::Sync::SDBM_File DBM is special because is uses SDBM_File for
fast small inserts, but slows down linearly with the size of the data
being inserted and read, with the speed matching that of GDBM_File 
DB_File somewhere around 20,000 bytes.

So for DBM key/value pairs up to 1 bytes, you are likely better off
with MLDBM::Sync::SDBM_File if you can afford the extra space it uses.
At 20,000 bytes, time is a wash, and disk space is greater, so you might
as well use DB_File or GDBM_File.

Note that MLDBM::Sync::SDBM_File is ALPHA as of 2/27/2001.

The results for a dual 450 linux 2.2.14, with a ext2 file system
blocksize 4096 mounted async on a SCSI disk were as follows:

 === INSERT OF 50 BYTE RECORDS ===
  Time for 100 write/read's for  SDBM_File   0.12 seconds  
12288 bytes
  Time for 100 write/read's for  MLDBM::Sync::SDBM_File  0.14 seconds  
12288 bytes
  Time for 100 write/read's for  GDBM_File   2.07 seconds  
18066 bytes
  Time for 100 write/read's for  DB_File 2.48 seconds  
20480 bytes

 === INSERT OF 500 BYTE RECORDS ===
  Time for 100 write/read's for  SDBM_File   0.21 seconds 
658432 bytes
  Time for 100 write/read's for  MLDBM::Sync::SDBM_File  0.51 seconds 
135168 bytes
  Time for 100 write/read's for  GDBM_File   2.29 seconds  
63472 bytes
  Time for 100 write/read's for  DB_File 2.44 seconds 
114688 bytes

 === INSERT OF 5000 BYTE RECORDS ===
 (skipping test for SDBM_File 1024 byte limit)
  Time for 100 write/read's for  MLDBM::Sync::SDBM_File  1.30 seconds
2101248 bytes
  Time for 100 write/read's for  GDBM_File   2.55 seconds 
832400 bytes
  Time for 100 write/read's for  DB_File 3.27 seconds 
839680 bytes

 === INSERT OF 2 BYTE RECORDS ===
 (skipping test for SDBM_File 1024 byte limit)
  Time for 100 write/read's for  MLDBM::Sync::SDBM_File  4.54 seconds   
13162496 bytes
  Time for 100 write/read's for  GDBM_File   5.39 seconds
2063912 bytes
  Time for 100 write/read's for  DB_File 4.79 seconds
2068480 bytes

 === INSERT OF 5 BYTE RECORDS ===
 (skipping test for SDBM_File 1024 byte limit)