Re: untainting PATH in mod_perl

2003-07-10 Thread Dominique Quatravaux 
 I need some help with this. Can you share the code you use w/in
 your Perl section?

  Sure! Here is how I untaint a selected range of variables from the
WWW server's %ENV, and discard all the others (good move to ease
debugging anyway):

   # From httpd.conf
   PerlTaintCheck On
   
   perl
  BEGIN {
   # Untaint environment. Those variables come from
   # Apache; even if they didn't, they would come from the root
   # user who launched Apache. No security problems here.
   
   my %cleanenv;
   foreach my $var (qw(PATH GATEWAY_INTERFACE MOD_PERL)) {
  ($cleanenv{$var})=($ENV{$var} =~ m/^(.*)$/g);
   }
   %ENV=%cleanenv;
   }   
   /perl

 I'm pretty confused because I was able to untaint my PATH var.
 by putting 
 
 $ENV{PATH} = '/bin';
 
 in the ***same scope*** where I was getting the error.

 Makes sense to me: if you are using Apache::Registry (for example),
your script only gets compiled once and the BEGIN blocks run at that
time. In fact Apache::Registry reads your cgi, then cooks it into
something like this:

package Some::Name::Made::Up::By::Apache::Registry::To::Isolate::Your::cgi;

sub handler {
  # Your script here
}

  Then it evals that (by that time, the BEGIN blocks run), then calls
Some::Name::...::handler(). The purpose of these steps is caching: the
next time the CGI is hit, the evalling needs not be redone, only the
handler call.

  Now, my guess was that %ENV gets reset between the eval and the
handler call. As you mention, putting the untainter in the same scope
solves the problem, because you now circumvent the cleaning. Putting
it in the perl section should also solve the problem once for all,
because the perl section runs before the default %ENV value is
stashed (even before Apache forks, in fact).

-- 
Dominique QUATRAVAUX   Ingénieur senior
01 44 42 00 08 IDEALX

Re: mod_perl 1.0 and 2.0

2003-07-10 Thread Chris Faust 



There is a 0.92 version of Apache::DBIis mp2 
aware (there may even be a later version at this point).

We started with mp1 and do to problems we decided 
to goto mp2 (which turned out to be non mod_perl and apache related), there 
wasn't any major performance increase or anything like that and I don't remember 
anything major coming up during the switch (outside of cookies - which always 
seem to be a problem).
I use a bunch of the popular modules like 
HTML::Template, Image::Magick, DBI, Parse/WriteExcel, Date::Manip etc and I 
haven't had any problems.

Like Sreeji said, its really about your 
requirements - but the above is my experience, for what its worth.

-Chris

  - Original Message - 
  From: 
  Jamie 
  Krasnoo 
  To: [EMAIL PROTECTED] 
  Sent: Wednesday, July 09, 2003 3:49 
  PM
  Subject: mod_perl 1.0 and 2.0
  
  
  Hi 
  all,
  
  I’m currently working on a 
  personal project to get myself back in mod_perl 
  programming order. However I’m more used to using mod_perl 1.0 with Apache 1.3.x. I’m going through the 
  documentation for mod_perl 2.0 but I’m worried that 
  most of the modules I need won’t work with mod_perl 
  2.0. I’ve been looking for what modules will and will not work with 2.0 (like 
  Apache::DBI for pooling connections with MySQL). Would it be a better benefit to me to switch over 
  to 2.0?
  
  Thanks,
  
  Jamie

Compile issue: conflicting typesfinger at mod_perl. This may be the case as I've managed to compile another Apache server without mod_perl on a different system (RH 9 with PHP). However, I'm thinking it's more along the lines of a compiler (IOW, RedHat'

2003-07-10 Thread Stewart, Eric 
On RedHat Linux 9.0, with Apache 1.3.27, PHP 4.3.2, and mod_perl 1.28, I'm getting 
a compile error.  These, near as I know, are the latest stable versions of 
everything - which is why I suspect I'm running into this problem:

make[2]: Entering directory `/usr/local/src/apache_1.3.27/src/support'
gcc -c  -I../os/unix -I../include   -DLINUX=22 -D_REENTRANT -D_GNU_SOURCE 
-DTHREADS_HAVE_PIDS -DDEBUGGING -fno-strict-aliasing -I/usr/local/include 
-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -I/usr/include/gdbm  
-I/usr/lib/perl5/5.8.0/i386-linux-thread-multi/CORE  `../apaci` htpasswd.c
htpasswd.c:145: conflicting types for `getline'
/usr/include/stdio.h:473: previous declaration of `getline'
make[2]: *** [htpasswd.o] Error 1
make[2]: Leaving directory `/usr/local/src/apache_1.3.27/src/support'
make[1]: *** [build-support] Error 1
make[1]: Leaving directory `/usr/local/src/apache_1.3.27'
make: *** [build] Error 2

I've seen pWhat

Eric Stewart - Network Admin - USF Tampa Library - [EMAIL PROTECTED]
SCUBA Diver: 220 Dives  Most Recent: 05/10/03 Chankanaab Park, Cozumel
GeoCacher:58 Found  Most Recent: 07/04/03 GCGBHE - Fun in the Sun
http://www.scubadiving.com/talk/ and http://www.geocaching.com/

compile issue: conflicting types for getline

2003-07-10 Thread Stewart, Eric 
Apologies for duplication - I've discovered some unexpected behavior with the 
pasting into a W2K session of VPC 6 on Mac 10.2.6 - and then got a little clicky and 
clicked on the wrong thing. :(

On RedHat Linux 9.0, with Apache 1.3.27, PHP 4.3.2, and mod_perl 1.28, I'm getting 
a compile error.  These, near as I know, are the latest stable versions of 
everything - which is why I suspect I'm running into this problem:

make[2]: Entering directory `/usr/local/src/apache_1.3.27/src/support'
gcc -c  -I../os/unix -I../include   -DLINUX=22 -D_REENTRANT -D_GNU_SOURCE 
-DTHREADS_HAVE_PIDS -DDEBUGGING -fno-strict-aliasing -I/usr/local/include 
-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -I/usr/include/gdbm  
-I/usr/lib/perl5/5.8.0/i386-linux-thread-multi/CORE  `../apaci` htpasswd.c
htpasswd.c:145: conflicting types for `getline'
/usr/include/stdio.h:473: previous declaration of `getline'
make[2]: *** [htpasswd.o] Error 1
make[2]: Leaving directory `/usr/local/src/apache_1.3.27/src/support'
make[1]: *** [build-support] Error 1
make[1]: Leaving directory `/usr/local/src/apache_1.3.27'
make: *** [build] Error 2

I've seen posts that point the finger at mod_perl.  This may be the case as I've 
managed to compile another Apache server without mod_perl on a different system (RH 9 
with PHP).  However, I'm thinking it's more along the lines of a compiler (IOW, 
RedHat's use of gcc 3.2.2) issue.
What I could really use is a solution to get past this point - I'd rather like to 
avoid downgrading either my OS or compiler.  I also kind of need the support tools 
including htpasswd, so skipping them in the compile is highly undesired.  ./configure 
options or even Makefile modifications are preferred.  Code patches are acceptable, 
even to some extent expected, but I'm a lazy systems admin, not a programmer ...
Of course, any assistance at all (as repeated and varied searches on groups.google 
and www.google only verify the problem's existence and have yet to provide a solution) 
is welcome and appreciated.

Eric Stewart - Network Admin - USF Tampa Library - [EMAIL PROTECTED]
SCUBA Diver: 220 Dives  Most Recent: 05/10/03 Chankanaab Park, Cozumel
GeoCacher:58 Found  Most Recent: 07/04/03 GCGBHE - Fun in the Sun
http://www.scubadiving.com/talk/ and http://www.geocaching.com/

Re: compile issue: conflicting types for getline

2003-07-10 Thread Ged Haywood 
Hi there,

On Thu, 10 Jul 2003, Stewart, Eric wrote:

 RedHat Linux 9.0, with Apache 1.3.27, PHP 4.3.2, and mod_perl 1.28,
 I'm getting a compile error.  [snip] I'm thinking it's more along
 the lines of a compiler (IOW, RedHat's use of gcc 3.2.2) issue.

It *might* be the compiler, but I doubt it.  I think you might be
running into RH9-related problems, I've had more than enough of them
and I don't even use it on most of my mod_perl boxes...

After I had troubles with 3.2.2 (nothing to do with mod_perl at all) I
upgraded to 3.2.3 which solved the problems.  I never tried to compile
mod_perl with 3.2.2 but I've compiled mod_perl pre-releases (not 1.28
as released) using gcc 3.2.3 no trouble at all.  This was on a system
running Linux 2.5.69, gcc 3.2.3, glibc 2.3.1, perl 5.8.0, Apache 1.3.27
but no PHP.

 I'd rather like to avoid downgrading either my OS or compiler.

Don't do that.  You might want to try upgrading gcc to 3.2.3, cleaning
up your installation and recompiling everything, including Perl.  If it
works that will be useful information, please let me know.

73,
Ged.

make test fails

2003-07-10 Thread The Alliett's 



Trying to compile mod_perl 1.28 with 
apache 1.3.27 on redhat 7.3 system

Here is the output of the errors. Any idea's 
on how to fix this.

../apache_1.3.27/src/httpd -f 
`pwd`/t/conf/httpd.conf -X -d `pwd`/t httpd listening on port 
8529will write error_log to: t/logs/error_logletting apache warm 
up...\cdone/usr/bin/perl t/TEST 0still waiting for server to warm 
up...not okserver failed to start! (please examine 
t/logs/error_log) at t/TEST line 95.make: *** [run_tests] Error 
9[EMAIL PROTECTED] mod_perl-1.27]# tail t/logs/error_log 
[notice] Destruction-DESTROY called for $global_objectPrototype 
mismatch: sub Socket::INADDR_ANY vs () at 
/usr/lib/perl5/5.6.1/i686-linux/Socket.pm line 329.Prototype mismatch: sub 
Socket::INADDR_BROADCAST vs () at /usr/lib/perl5/5.6.1/i686-linux/Socket.pm line 
330.Prototype mismatch: sub Socket::INADDR_LOOPBACK vs () at 
/usr/lib/perl5/5.6.1/i686-linux/Socket.pm line 331.Prototype mismatch: sub 
Socket::INADDR_LOOPBACK vs () at /usr/lib/perl5/5.6.1/i686-linux/Socket.pm line 
332.[Thu Jul 10 10:56:16 2003] [warn] [notice] child_init for process 22132, 
report any problems to [no address given]

Re: make test fails

2003-07-10 Thread Ken Y. Clark 
On Thu, 10 Jul 2003, The Alliett's wrote:

 Date: Thu, 10 Jul 2003 11:23:11 -0400
 From: The Alliett's [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Subject: make test fails

 Trying to compile mod_perl 1.28 with apache 1.3.27 on redhat 7.3 system

 Here is the output of the errors.  Any idea's on how to fix this.

 ../apache_1.3.27/src/httpd -f `pwd`/t/conf/httpd.conf -X -d `pwd`/t 
 httpd listening on port 8529
 will write error_log to: t/logs/error_log
 letting apache warm up...\c
 done
 /usr/bin/perl t/TEST 0
 still waiting for server to warm up...not ok
 server failed to start! (please examine t/logs/error_log) at t/TEST line 95.
 make: *** [run_tests] Error 9
 [EMAIL PROTECTED] mod_perl-1.27]# tail t/logs/error_log
 [notice] Destruction-DESTROY called for $global_object
 Prototype mismatch: sub Socket::INADDR_ANY vs () at 
 /usr/lib/perl5/5.6.1/i686-linux/Socket.pm line 329.
 Prototype mismatch: sub Socket::INADDR_BROADCAST vs () at 
 /usr/lib/perl5/5.6.1/i686-linux/Socket.pm line 330.
 Prototype mismatch: sub Socket::INADDR_LOOPBACK vs () at 
 /usr/lib/perl5/5.6.1/i686-linux/Socket.pm line 331.
 Prototype mismatch: sub Socket::INADDR_LOOPBACK vs () at 
 /usr/lib/perl5/5.6.1/i686-linux/Socket.pm line 332.
 [Thu Jul 10 10:56:16 2003] [warn] [notice] child_init for process 22132, report any 
 problems to [no address given]

Are you using the default Perl binary that came preinstalled by RedHat
on the system?  If so, I'd recommend doing and rpm -e --nodeps perl
and then rebuilding Perl from source.  Then try rebuilding
Apache/mod_perl.

ky

Re: untainting PATH in mod_perl

2003-07-10 Thread Peter Ensch 
On Thu, Jul 10, 2003 at 10:25:59AM +0200, Dominique Quatravaux wrote:
  I need some help with this. Can you share the code you use w/in
  your Perl section?
 
   Sure! Here is how I untaint a selected range of variables from the
 WWW server's %ENV, and discard all the others (good move to ease
 debugging anyway):
 
# From httpd.conf
PerlTaintCheck On

perl
   BEGIN {
# Untaint environment. Those variables come from
# Apache; even if they didn't, they would come from the root
# user who launched Apache. No security problems here.

my %cleanenv;
foreach my $var (qw(PATH GATEWAY_INTERFACE MOD_PERL)) {
   ($cleanenv{$var})=($ENV{$var} =~ m/^(.*)$/g);
}
%ENV=%cleanenv;
}   
/perl
 
  I'm pretty confused because I was able to untaint my PATH var.
  by putting 
  
  $ENV{PATH} = '/bin';
  
  in the ***same scope*** where I was getting the error.
 
  Makes sense to me: if you are using Apache::Registry (for example),
 your script only gets compiled once and the BEGIN blocks run at that
 time. In fact Apache::Registry reads your cgi, then cooks it into
 something like this:
 
 package Some::Name::Made::Up::By::Apache::Registry::To::Isolate::Your::cgi;
 
 sub handler {
   # Your script here
 }
 
   Then it evals that (by that time, the BEGIN blocks run), then calls
 Some::Name::...::handler(). The purpose of these steps is caching: the
 next time the CGI is hit, the evalling needs not be redone, only the
 handler call.
 
   Now, my guess was that %ENV gets reset between the eval and the
 handler call. As you mention, putting the untainter in the same scope
 solves the problem, because you now circumvent the cleaning. Putting
 it in the perl section should also solve the problem once for all,
 because the perl section runs before the default %ENV value is
 stashed (even before Apache forks, in fact).
 

Dominique,

Thanks for sharing your code; unfortunately, it's not working for me.
I copied it into my httpd.conf file, stopped/started the server and
I still get the same error:

[Thu Jul 10 11:10:38 2003] [error] 19156: ModPerl::Registry: Error executing run mode 
'getlib': \
Insecure $ENV{PATH} while running setgid at 
/opt/asic/http/2.0.46/worker/perl-lib/Webace/Art.pm line 386

where line #386 is:

foreach my $release (`/bin/ls $path`) { # $path is already untainted
 do stuff
}

Any other ideas?
Thanks and regards,
P

-- 

^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^
Peter Ensch,
[EMAIL PROTECTED]   A-1140   (214) 480 2333
^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^

Re: Combining authen-handler with mod_auth

2003-07-10 Thread Martin Wickman 
On Mon, Jul 07, 2003 at 10:06:59AM -0700, Geoffrey Young wrote:

[...]

I think a lot of interesting password policies could be implemented
if it was possible to run perl-code before and after existing
authentication modules. Is it feasible to add this to the current
mod_perl as a runtime option?
 
 runtime is not likely to be possible.  I'm considering a patch that
 would make the hook behavior configurable as a compile-time option,

Instead of trying to cram multiple perl-script into the same Authen
phase, which btw could not be done without patching Apache and/or
mod_perl, I ended up using other phases but Authen. Other phases that
should not really be used for authentication like this and breaks a
few Apache rules.

I specifically had to change mod_auth_ so it returns sets a apache
note and returns DECLINED instead of stopping the whole request with a
HTTP_UNAUTHORIZED. The change is simple and can be applied to any auth
module without much effort.

So, I thought I'd ask the list for opinions regarding this
poor-mans-approach. 


Here is the setup:

Location /secure/
  AuthType Basic
  AuthName Secure Area
  Require valid-user

  # Find userinfo in cache. If user is banned, return
  # HTTP_UNAUTHORIZED else let him through to next handler
  PerlAccessHandler MyApache::Bouncer

  # The actual auth module. Patched so it creates an apache
  # request note if user is unauthorized + let request through
  # to next handler (DECLINED) _even tho_ user failed!
  AuthExternal wicauth

  # If apache note contains current user, update cache (nfailures
  # count) and return HTTP_UNAUTHORIZED or return OK
  PerlFixUpHandler MyApache::Ledger
/Location

Here is my tidied error_log log which shows how it works.

[ User wic with wrong pwd below ]

Bouncer: wic not in cache. Letting through.
AuthExtern wicauth: Failed for user wic.
Ledger: wic not in cache. Adding.

Bouncer: wic in cache: 1  --- nfailures
AuthExtern wicauth: Failed for user wic
Ledger: wic in cache. Updating.

[ ... 10 times or something like that ... ]

Bouncer: wic in cache: 10
AuthExtern wicauth: Failed for user wic.
Ledger: banning wic for 2 hours.

Bouncer: wic in cache: banned
Bouncer: wic is banned!

Bouncer: wic in cache: banned
Bouncer: wic is banned!

[ The user wic is banned and have to wait for 2 hours until Bouncer
will let him through. ]

Bouncer: wic banning time has expired. Letting through.
AuthExtern wicauth: OK accepted for user wic.
Ledger: wic login ok. 


By keeping count like this (and assuming it works in a real
situation), one can device lots of cool ways to add login and password
policies. Just change relevant part in the Bouncer/Ledger.

(Btw, I am using Cache::FileCache to keep track of number of failed
retries.)

Re: untainting PATH in mod_perl

2003-07-10 Thread Dominique Quatravaux 
 Thanks for sharing your code; unfortunately, it's not working for me.
 I copied it into my httpd.conf file, stopped/started the server and
 I still get the same error:

  Sorry, getting out of good ideas.. I'm not using mod_perl 1.99, this
probably explains why my code does not work, and also it prevents me
from further investigating your problem. There was a thread recently
on the list about perl ... /perl section only being implemented
recently, do you run the latest version of mod_perl?

 Insecure $ENV{PATH} while running setgid

  While running setgid? That's odd (although I don't think this
nterfers with your problem in any way)

 foreach my $release (`/bin/ls $path`) { # $path is already untainted
  do stuff
 }

  TI (still) MTOWTDI: why not try

  use IO::Pipe;
  my $pipe = new IO::Pipe()-reader(/bin/ls,$path);

  while($pipe) {
  }

  (although this will not save you from having to review all your codebase)

-- 
Dominique QUATRAVAUX   Ingénieur senior
01 44 42 00 08 IDEALX

Magic number checking on storable error withApache::Session::MySQL

2003-07-10 Thread Dan McCormick 
Hi,

I'm running a site with Apache, MySQL, Mason, and
Apache::Session::MySQL.  I've been sporadically seeing this message in
my error log:

[Wed Jul  9 20:41:42 2003] [error] Magic number checking on storable
string failed at blib/lib/Storable.pm (autosplit into
blib/lib/auto/Storable/thaw.al) line 364, at
/usr/lib/perl5/site_perl/5.6.1/Apache/Session/Serialize/Storable.pm line
27

Can anyone provide any clues as to why this might be happening?  Is it
implying the db data is corrupt?

FYI, a cronjob deletes sessions that are more than 30 minutes old, but
creating a session and then manually deleting it did not reproduce this
error.

Software specs:
Apache 1.3.27
mod_perl 1.27
Apache::Session 1.54
MySQL 4.0.13

Thanks,
Dan

Fw: select multiple

2003-07-10 Thread Dennis Stout 
This is the original email I sent out, regarding my multiple selects...

S.T.O.U.T. = Synthetic Technician Optimized for Ultimate Troublshooting
- Original Message - 
From: Dennis Stout [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, July 10, 2003 11 39
Subject: select multiple


 Beginners-CGI;

 If I have a form with a lot of values (such as Tech ID, Tech Name, Tech
 Queues..) and one of the fields is a select multiple, with a varied amount
of
 options selected, how are those values sent to the cgi script?

 Is it something like ?queue=lvl1,lvl2,admin,sysadfoo=bar or what?

 Thanks

 Dennis


 -- 
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]

mp2: architectural question re authentication handlers

2003-07-10 Thread Carl Brewer 


Forgive me for asking yet another fundamentally basic question.

I'm cutting a web app over from PHP to mod_perl 2, and
am wondering how 'best' (for which there are many flavours ...)
to handle authentication.
At present I've knocked up a site that does auth via a
form and state tracking with Session.pm.  The form checks
usernames  passwords against a MySQL database, and the state is
maintained by Session.  This seems quite logical to me, coming from
essentially a CGI background, but the discussion of handlers
around here makes me believe there's a better way?
I see threads here discussing the use of handlers, which I
don't really understand how they fit into the picture,
they seem to my poor understanding to be a hardcoded
chunk in httpd.conf, for handling authentation/state.  Is
there anywhere a dumb beginers guide to how this
works?  Do they set environment variables or something
that a script can then look for that the script can be sure
is legit?  Or am I completely missing the point?  Do I
need to buy a book?  It seems really bad to go
hacking into httpd.conf, but maybe that's just my
old-school conservatism?
for now I'm continuing with my form based authentication,
but is there a 'better' way? And if so, what makes it better?
Carl

Re: select multiple

2003-07-10 Thread Dennis Stout 
 Because there is no way to create a delimiter that the potential data
doesn't contain, the browser doesn't have the option to choose an arbitrary
delimiter like a comma, or the like.  So (though I can't speak for all
browsers most will do the same) each value is passed with the same key, so
your string ends up like:

 ?queue=lvl1queue=lvl2queue=adminqueue=sysadfoo=bar

 This punts the problem to the server side (or whatever does the query string
parsing) so there are multiple ways to handle it, build a complex data
structure that stores an array reference for any multi-valued keys, store the
keys with some known delimiter (aka cgi-lib.pl used to use the null character
\0).  So it depends on your request parser, some provide multiple manners (I
think the standard CGI does). Have a look at the respective docs for how your
parser handles it, unless you are writing a parser...but then why do that with
so many good freely available ones?

Interesting.

So in mod_perl, I would use $r-args{__what__} to get to it?  Heh.

I'll email the mod_perl list..

Dennis

Re: select multiple

2003-07-10 Thread Chris Faust 
CGI.pm does the trick for me, the multi values are seperated by \0

 select name=yadda multi
optionyadda1
optionyadda2
optionyadda3

/select

my $CGI = new CGI();
 %form_data = $CGI-Vars;

@options = split(\0,$form_data{'yadda'});

$options[0] = yadda1, $options[1] = yadda2  etc .

Not usable live code obviously, but you should see the idea...

-Chris
- Original Message - 
From: Dennis Stout [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Thursday, July 10, 2003 4:52 PM
Subject: Re: select multiple



 Interesting.

 So in mod_perl, I would use $r-args{__what__} to get to it?  Heh.

 I'll email the mod_perl list..

 Dennis

Re: select multiple

2003-07-10 Thread Dennis Stout 
ARHG.

I want to stay as far away from use CGI; as possible =/

*sigh*

mod_perl and the methods available in the apache request object shuold beable
to replace CGI.pm entirely, especially when you have a highly customized
RequestHandler :/

Guess I'll see what happens, since I need cookie headers to work AND now
multiple values for one param.

S.T.O.U.T. = Synthetic Technician Optimized for Ultimate Troublshooting
- Original Message - 
From: Chris Faust [EMAIL PROTECTED]
To: Dennis Stout [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Thursday, July 10, 2003 16 30
Subject: Re: select multiple


 CGI.pm does the trick for me, the multi values are seperated by \0

  select name=yadda multi
 DEFANGED_optionyadda1
 DEFANGED_optionyadda2
 DEFANGED_optionyadda3
 
 /DEFANGED_select

 my $CGI = new CGI();
  %form_data = $CGI-Vars;

 @options = split(\0,$form_data{'yadda'});

 $options[0] = yadda1, $options[1] = yadda2  etc .

 Not usable live code obviously, but you should see the idea...

 -Chris
 - Original Message - 
 From: Dennis Stout [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
 [EMAIL PROTECTED]
 Sent: Thursday, July 10, 2003 4:52 PM
 Subject: Re: select multiple


 
  Interesting.
 
  So in mod_perl, I would use $r-args{__what__} to get to it?  Heh.
 
  I'll email the mod_perl list..
 
  Dennis

Re: select multiple

2003-07-10 Thread Dennis Stout 
 mod_perl and the methods available in the apache request object shuold
beable
 to replace CGI.pm entirely, especially when you have a highly customized
 RequestHandler :/
 
 Guess I'll see what happens, since I need cookie headers to work AND now
 multiple values for one param.

 Have you looked at Apache::Request?

Reading documentation.. and it looks like $r-param is what I need :)  Thanks!

--- perldoc Apache::Request ---

param

Get or set request parameters (using case-insensitive
keys) by mimicing the OO interface of CGI::param.
Unlike the CGI.pm version, Apache::Request's param
method is very fast- it's now quicker than even
mod_perl's native Apache-args method.  However,
CGI.pm's -attr = $val type arguments are not sup-
ported.

# similar to CGI.pm

my $value = $apr-param('foo');
my @values = $apr-param('foo');
my @params = $apr-param;

# the following differ slightly from CGI.pm

# assigns multiple values to 'foo'
$apr-param('foo' = [qw(one two three)]);

# returns ref to underlying apache table object
my $table = $apr-param; # identical to $apr-parms - see below

parms

Get or set the underlying apache parameter table of
the Apache::Request object.  When invoked without
arguments, parms returns a reference to an
Apache::Table object that is tied to the
Apache::Request object's parameter table.  If called
with an Apache::Table reference as as argument, the
Apache::Request object's parameter table is replaced
by the argument's table.

# $apache_table references an Apache::Table object
$apr-parms($apache_table); # sets $apr's parameter table

# returns ref to Apache::Table object provided by $apache_table
my $table = $apr-parms;

Re: Magic number checking on storable error with Apache::Session::MySQL

2003-07-10 Thread Stas Bekman 
Dan McCormick wrote:
Hi,

I'm running a site with Apache, MySQL, Mason, and
Apache::Session::MySQL.  I've been sporadically seeing this message in
my error log:
[Wed Jul  9 20:41:42 2003] [error] Magic number checking on storable
string failed at blib/lib/Storable.pm (autosplit into
blib/lib/auto/Storable/thaw.al) line 364, at
/usr/lib/perl5/site_perl/5.6.1/Apache/Session/Serialize/Storable.pm line
27
Can anyone provide any clues as to why this might be happening?  Is it
implying the db data is corrupt?
probably most likely unrelated to mod_perl, the error normally happens when 
you upgrade Storable and you try to read files that were created with older 
Storable version. perl users list/newsgroups is probably more appropriate for 
this issue.

FYI, a cronjob deletes sessions that are more than 30 minutes old, but
creating a session and then manually deleting it did not reproduce this
error.
Software specs:
Apache 1.3.27
mod_perl 1.27
Apache::Session 1.54
MySQL 4.0.13
Thanks,
Dan


--

__
Stas BekmanJAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide --- http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

Re: make test fails

2003-07-10 Thread Stas Bekman 
The Alliett's wrote:
Trying to compile mod_perl 1.28 with apache 1.3.27 on redhat 7.3 system
 
Here is the output of the errors.  Any idea's on how to fix this.
 
../apache_1.3.27/src/httpd -f `pwd`/t/conf/httpd.conf -X -d `pwd`/t 
httpd listening on port 8529
will write error_log to: t/logs/error_log
letting apache warm up...\c
done
/usr/bin/perl t/TEST 0
still waiting for server to warm up...not ok
server failed to start! (please examine t/logs/error_log) at t/TEST line 95.
make: *** [run_tests] Error 9
[EMAIL PROTECTED] mod_perl-1.27]# tail t/logs/error_log
[notice] Destruction-DESTROY called for $global_object
Prototype mismatch: sub Socket::INADDR_ANY vs () at 
/usr/lib/perl5/5.6.1/i686-linux/Socket.pm line 329.
Prototype mismatch: sub Socket::INADDR_BROADCAST vs () at 
/usr/lib/perl5/5.6.1/i686-linux/Socket.pm line 330.
Prototype mismatch: sub Socket::INADDR_LOOPBACK vs () at 
/usr/lib/perl5/5.6.1/i686-linux/Socket.pm line 331.
Prototype mismatch: sub Socket::INADDR_LOOPBACK vs () at 
/usr/lib/perl5/5.6.1/i686-linux/Socket.pm line 332.
[Thu Jul 10 10:56:16 2003] [warn] [notice] child_init for process 22132, 
report any problems to [no address given]
a possible reason for this issue: you have 5.6.1 installed but using a 
different perl version  to build/test mod_perl, but for some reason 5.6.1 gets 
into the way. Dumping @INC may show some light (hint: perl -V)

If you search the archives you will find more than one report and follow-ups 
on this issue.

__
Stas BekmanJAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide --- http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

ProxyPass not getting type of dynamic images?

2003-07-10 Thread Kirk Bowe 


Hi, I'm doing a naive one size fits all ProxyPass thing wherein I've got
one server simply sitting between the end users and the real machine.  So
my only lines are:

ProxyPass / http://other.server.with.specified.port.com:8082/
ProxyPassReverse / http://other.server.with.specified.port.com:8082/
ProxyReceiveBufferSize 16384

Most of it works fine but I appear to be losing content types.  The
backend server generates pretty much everything in mod_perl and Template
Toolkit.  However I generate PNGs on the fly too, with and without a .png
extension in some cases.  In particular, the PNGs aren't getting through
with a mime type.  Guess I need to set it somewhere -- any ideas?  It all
works fine without the proxy in the middle.

Cheers


Kirk.

'PerlSetVar' error, please help

2003-07-10 Thread Dead Line 
Hello Everyone,

  Im on FreeBSD 4.8R Fresh installation, I have apache-fp, installed and 
running,
  I installed p5-Apache-ASP-2.51 from /ports collection, installation was 
fine.

  I copied whats in ./site/eg to the www directry,  as its informed in the 
website,
  also I did the AllowOverride All option
  But the Site is not working any more the Msg which come to the web site 
it says
Internal Server Error
The server encountered an internal error or misconfiguration and was unable 
to complete your request

And the Log Error file it says
../www/.htaccess: Invalid command 'PerlSetVar', perhaps mis-spelled or 
defined by a module not included in the server configuration

What I should do please Advise?
Beside when i make/make install all of these things and it seems to be fine,
it should be enabled by defult int?
no ASP or Perl logos to be apear on the website, only front page .
Please when replay CC my email.
Thank you much.
marwan.
_
Add photos to your messages with MSN 8. Get 2 months FREE*. 
http://join.msn.com/?page=features/featuredemail

Re: select multiple

2003-07-10 Thread Wiggins d'Anconia 
Dennis Stout wrote:
ARHG.

I want to stay as far away from use CGI; as possible =/

*sigh*

mod_perl and the methods available in the apache request object shuold beable
to replace CGI.pm entirely, especially when you have a highly customized
RequestHandler :/
Guess I'll see what happens, since I need cookie headers to work AND now
multiple values for one param.
Probably best to try and see. Setup a simple handler that calls $r-args 
 in list context and then step through the elements and see how they 
are arranged. I poked around in the 1.0 docs but wasn't able to come up 
with anything concrete, you might also mention which version of mod_perl 
you are dealing with

http://danconia.org