Re: Trouble writing to a file from mod_perl
Rod Brick wrote: I'm trying to write for a file from a mod_perl script. I can write successfully to a file located in /tmp, but I cannot write to the dir containing the script, nor to the apache logs dir. How can this be accomplished? Is there a setting in httpd.conf that I need to specify? Is it a file permissions problem? I don't want to make the script dir world read/writable. Would the Apache::Log interface allow me to write to my own file? My code looks something like the following: open(LOG, ">>/usr/local/apache/htdocs/aws/perl/rod.log") || print "script.pl: Can't write to log file."; print LOG "hello\n"; close LOG change it to open(LOG, ">>/usr/local/apache/htdocs/aws/perl/rod.log") || print "script.pl: Can't write to log file : $! "; print LOG "hello\n"; close LOG And at least it'll tell yuo why it can't write to the file :) Carl
Re: mp2: multiple include paths accross virtual servers?
Stas Bekman wrote: You need to add: PerlOptions +Parent PerlOption `Parent' requires an ithreads enabled Perl *doh* Carl
mp2: multiple include paths accross virtual servers?
I'm running into something that may be a feature(!) of my misunderstanding of how mp works. I've got this defined in a directive: PerlRequire "/data/www/foo/secure/etc/startup.pl" For a number of different virtual servers. Is it possible for mp2 (or mp in general) to keep state seperate between virtual servers? Ie: if I have a different include path set in a couple of different startup.pl scripts, will the different virtual servers keep them seperate, or can I only have the one across a particular httpd instance? I'm fearing that I'll need seperate httpd's for each seperate site? Carl
Re: cookies and POST in pure MP2?
Egor Korablev wrote: Hi How can I write and get cookies and get POST data (text) under MP2 handler without using apache::compat? You can either use libapreq, which is _almost_ there :) or hack yuor own bits up cribbed from CGI.pm or the test stuff in the mp2 test suite. That's what I'm using at the moment while assisting as best I can with the libapreq development. If you look through the archives for this list you'll find lots of useful bits & pieces. Carl
Re: mp2: architectural question re authentication handlers
Cees Hek wrote: [chomp] Thanks Cees, that's exactly what I needed :) My stuff is all completely generated by scripts where I need access control, but I certainly see the use for controlling static entity access. Carl
mp2: architectural question re authentication handlers
Forgive me for asking yet another fundamentally basic question. I'm cutting a web app over from PHP to mod_perl 2, and am wondering how 'best' (for which there are many flavours ...) to handle authentication. At present I've knocked up a site that does auth via a form and state tracking with Session.pm. The form checks usernames & passwords against a MySQL database, and the state is maintained by Session. This seems quite logical to me, coming from essentially a CGI background, but the discussion of handlers around here makes me believe there's a better way? I see threads here discussing the use of handlers, which I don't really understand how they fit into the picture, they seem to my poor understanding to be a hardcoded chunk in httpd.conf, for handling authentation/state. Is there anywhere a dumb beginers guide to how this works? Do they set environment variables or something that a script can then look for that the script can be sure is legit? Or am I completely missing the point? Do I need to buy a book? It seems really bad to go hacking into httpd.conf, but maybe that's just my old-school conservatism? for now I'm continuing with my form based authentication, but is there a 'better' way? And if so, what makes it better? Carl
mp2: some POST data is showing up as a hashref after I parse it
Apache 2.0.46
modperl 1.99-10.dev (CVS snapshot from last night)
perl 5.8.0
NetBSD 1.6.1
I've got a form that I'm posting to an MP2 script, and am parsing the
output with the following subroutines :
sub hash_post {
# returns a hash of all the POST values
my ($r) = shift;
my $post_string = CB::read_post($r);
my %rethash = {};
my @bits = split(/&/, $post_string);
foreach my $bit (@bits) {
$bit =~ /^(.*)=(.*)$/;
my $key = CGI::Util::unescape($1);
my $value = CGI::Util::unescape($2);
$rethash{$key} = $value;
}
return %rethash;
}
CB::read_post() is :
sub read_post {
use Apache::Filter ();
use APR::Bucket ();
use APR::Brigade ();
use constant IOBUFSIZE => 8192;
use Apache::Const -compile => qw(MODE_READBYTES);
use APR::Const-compile => qw(SUCCESS BLOCK_READ);
use CGI::Util;
my $r = shift;
my $debug = shift || 0;
my @data = ();
my $seen_eos = 0;
my $filters = $r->input_filters();
my $ba = $r->connection->bucket_alloc;
my $bb = APR::Brigade->new($r->pool, $ba);
do {
my $rv = $filters->get_brigade($bb,
Apache::MODE_READBYTES, APR::BLOCK_READ, IOBUFSIZE);
if ($rv != APR::SUCCESS) {
return $rv;
}
while (!$bb->empty) {
my $buf;
my $b = $bb->first;
$b->remove;
if ($b->is_eos) {
warn "EOS bucket:\n" if $debug;
$seen_eos++;
last;
}
my $status = $b->read($buf);
warn "DATA bucket: [$buf]\n" if $debug;
if ($status != APR::SUCCESS) {
return $status;
}
push @data, $buf;
}
$bb->destroy;
} while (!$seen_eos);
my $string = join '', @data;
return $string;
}
The observant will notice that read_post() is pretty-much
Stas's code from the mp test scripts, so I figure it's
got to be good code (Stas wrote it :) )
This all seems to work quite nicely for the simple form
I'm processing, like so :
my %posted_data = CB::hash_post($r);
foreach my $key (keys %posted_data) {
$vars->{form}->{$key} = $posted_data{$key};
}
The %vars gets thrown into template toolkit and
as far as I can see, it looks fine, so I _think_
I'm parsing the POST data correctly at this point.
But
I then want to throw the data at a database insert :
CB::submit_training_log($user_id, %posted_data);
sub submit_training_log {
my ($user_id,%values) = @_;
# use DBI;
#my $dbh = DBI->connect("DBI:mysql:".$db_name.":".$db_server,
$db_user, $db_pass,
{ RaiseError => 1}) or return -1;
my $fields = "user_id";
my $values = "\'".$user_id."\'";
foreach my $key (keys %values) {
$fields .= ",$key";
$values .= ",\'".$values{$key}."\'";
}
my $insert = "INSERT into training_log ($fields) VALUES ($values)";
logit($log,$insert);
# $dbh->disconnect;
}
(yes, I need to do lots of safety/sanity/taint checks etc ... )
What I see in the INSERT log message is this :
INSERT into training_log
('user_id','av_hr','distance','time','percent_fat','max_speed','comments',
'time_e3','time_o2','max_power','weather','weight','resting_hr','day',
'mon','time_e1','motivation','fatigue','energy_burnt','max_hr','stress',
'time_e2','time_rec','location','planned_session','av_speed',
'actual_session','HASH(0x8d7be98)','av_power','time_se','soreness',
'sleep','year') VALUES ('1','','','','','','The session was
great!','','','','funky','','','25','6','','1','1','','','1','','',
'','','','As per planned session','','','','1','1','2003')
There's a "HASH(0x8d7be98)" in there. That's a problem! Can anyone
see where it might be coming from? All the form variables are
accounted for, so it seems to be coming from nowhere? The onlyplace I
can think of is the submit button?
thanks
Carl
Re: mp2: Session method not seeming to set extra records?
Carl Brewer wrote: I'm an idiot :) It's important that the user accessing a MySQL database to do any work with Apache::Session::MySQL or Session have update permission as well as insert, select and delete on the sessions table. Carl
Re: mp2: right place to unescape HTML?
Stas Bekman wrote:
Carl Brewer wrote:
I'm using Stas's read_post() call from the test
directory in mp1.99-10-dev, and am using it
to grab POST data of the form of an email
address ..
this is giving me this :
read_post returned : username=carl%40somewhere&password=foo
Escaped the @ ... of course.
I'm curios, where's the best place to unescape it?
Should I do it in the read_post function, or afterwards?
Recommendations?
Look at CGI.pm, you could easily prototype your code after it, as it's
written in pure perl. Hint: look at the function param().
For the archives, if anyone's interested, I used CGI::Util::unescape()
My read_lines() subroutine is now (cribbed extensively from
Stas's test scripts) :
$post_params = read_post($r);
sub read_post {
use Apache::Filter ();
use APR::Bucket ();
use APR::Brigade ();
use constant IOBUFSIZE => 8192;
use Apache::Const -compile => qw(MODE_READBYTES);
use APR::Const-compile => qw(SUCCESS BLOCK_READ);
use CGI::Util;
my $r = shift;
my $debug = shift || 0;
my @data = ();
my $seen_eos = 0;
my $filters = $r->input_filters();
my $ba = $r->connection->bucket_alloc;
my $bb = APR::Brigade->new($r->pool, $ba);
do {
my $rv = $filters->get_brigade($bb,
Apache::MODE_READBYTES, APR::BLOCK_READ, IOBUFSIZE);
if ($rv != APR::SUCCESS) {
return $rv;
}
while (!$bb->empty) {
my $buf;
my $b = $bb->first;
$b->remove;
if ($b->is_eos) {
warn "EOS bucket:\n" if $debug;
$seen_eos++;
last;
}
my $status = $b->read($buf);
warn "DATA bucket: [$buf]\n" if $debug;
if ($status != APR::SUCCESS) {
return $status;
}
push @data, $buf;
}
$bb->destroy;
} while (!$seen_eos);
my $string = join '', @data;
return CGI::Util::unescape($string);
}
Seems to work ok in lieu of Apache::Request being available.
Carl
mp2: Session method not seeming to set extra records?
mp1.99.10-dev
apache 2.0.46
Session-0.01 (by Olivier Poitrey)
I've got a subroutine as follows :
sub login {
# checks supplied username & passwd against users table in db
# if ok, creates a session & returns session_id & username
# otherwise, returns 0
my ($supplied_username, $supplied_passwd) = @_;
use DBI;
use Session;
my $user_id = 0;
my $dbh = DBI->connect("DBI:mysql:".$db_name.":".$db_server,
$db_user, $db_pass,
{ RaiseError => 1}) or return -1;
my $sth = $dbh->prepare(qq{SELECT * FROM passwd WHERE username = ? AND
passwd = PASSWORD(?) });
$sth->execute($supplied_username, $supplied_passwd);
my @ary = $sth->fetchrow_array;
if (defined($ary[0])) {
$user_id = $ary[0];
}
my $rc = $sth->finish;
if ($user_id == 0) {# no match, return 0
return 0;
}
my %session_config = (
Store => "MySQL",
Lock=> "MySQL",
Generate=> "MD5",
Serialize => $serialize,
DataSource => "DBI:mysql:host=$db_server;database=$db_name",
UserName=> $db_user,
Password=> $db_pass,
LockDataSource => "dbi:mysql:".$db_name,
LockUserName=> $db_user,
LockPassword=> $db_pass
);
my $session = new Session(undef, %session_config);
$session->set('user_id' => $user_id);
my $session_id = $session->session_id();
my @keys = $session->keys();
$session->release();
logit($log, "keys stored : @keys");
return $session_id;
}
It checks login info ok, and all seems mostly well, *except* it
never seems to store the 'user_id' value.
the logfile that logit() writes to sees this on every invocation :
steel1: {14} tail -f log
keys stored : user_id
keys stored : user_id
keys stored : user_id
so $session->set() seems to be working at that point, but in the
database record I get this :
mysql> select * from sessions\G
*** 1. row ***
id: a1c170b34f080053211471b4365006d8
a_session:
BQUDAQogYTFjMTcwYjM0ZjA4MDA1MzIxMTQ3MWI0MzY1MDA2ZDgLX3Nlc3Npb25faWQ=
(I'm serializing with Base64)
the base64 decoding of the a_session data shows :
mmencode -u
BQUDAQogYTFjMTcwYjM0ZjA4MDA1MzIxMTQ3MWI0MzY1MDA2ZDgLX3Nlc3Npb25faWQ=
a1c170b34f080053211471b4365006d8_session_id
Which is the session_id, but no sign of the user_id record?
My understanding of the way that Apache::Session (and Session)
work is that when you add a variable, it stores it in the a_session
field, and when you untie (or in this case use $session->release(),
which is equivalent?) that the new value should get written to the
session record in the database and thus be available for future
reference?
Later calls from other scripts can't see user_id when I
call them as $session->get('user_id'), which is, I think,
consistant with them not showing up in the database?
Can anyone see what I'm doing wrong? I'm using Session for syntatic
sugar reasons moreso than anything functional except the wrapping
of ugly exec()'s (ughhh), is the problem I'm seeing my
code/understanding or should I file a bug report with Olivier?
thanks
Carl
mp2: Re: Can't call method "method" on an undefined value at Apache-Test/lib/Apache/TestRequest.pm
Brent, I think Stas was having a bit of a look at it, I just ignored the error messages and installed it anyway :) Carl Brent Jensen wrote: Carl, I'm getting the same error on the make test w/ Mod Perl. Did you resolve this issue? I'm using FreeBSD 5.1. Is it really an issue or is it just a testing problem. I get the same error you're getting: Can't call method "method" on an undefined value at Apache-Test/lib/Apache/TestRequest.pm line 411. Thanks, Brent
mp2: right place to unescape HTML?
I'm using Stas's read_post() call from the test directory in mp1.99-10-dev, and am using it to grab POST data of the form of an email address .. this is giving me this : read_post returned : username=carl%40somewhere&password=foo Escaped the @ ... of course. I'm curios, where's the best place to unescape it? Should I do it in the read_post function, or afterwards? Recommendations? thanks Carl
Re: How practical is that Practical mod_perl?
Stas Bekman wrote: Slava, [chomp] I think it's a time to start a new thread on how to improve: http://perl.apache.org/docs/tutorials/client/compression/compression.html For starters, apache2/mp2 coverage. As I understand it, and my logs seem to indicate, mod_deflate compresses everything thrown at it, dynamic or otherwise :)
Re: mp2: really dumb q re getting values sent to a form
Stas Bekman wrote:
Carl Brewer wrote:
My appologies, I've tried to grok this from the doco,
but must have missed it somewhere while trying to
parse apache::request somehow?
You mean Apache::RequestRec. Apache::Request is a 3rd party module.
I've got a script, I want to grab submitted values to it
of the form :
http://foo.bar/perl/script.pl?a=4
And I want to be able to work out what "a" is within script.pl,
ie, within the script I want to set a to "4", or whatever it
gets called as.
I know this is trivially easy to do with CGI.pm,
but how do I do it without CGI.pm? (caveats
concerning taint etc appreciated)
print $r->args;
Perfect.
I found that just after I posted the email too .. *doh*
prints "a=4", you can also do:
$r->args("a=5");
Is that what you are after?
Yes. Out of curiosity, why would setting the argument be of any
use? It's come in from the URL supplied by the browser,
you'd change it for some filter maybe?
I've set PerlSwitches -T in httpd.conf, which I thought would
taint the value of $r->args, but I can merrily print it out
without any parsing, which seems wrong to me, any clues?
Also see the guts of Apache/compat.pm for how it provides the backcompat
functionality of doing:
my %args = $r->args;
The doco says that's evil, or at least it is in an array context,
not a hash?
don't expect this to ever be part of the mp2 API, it's CGI.pm or
Apache::Request that (will) do that job.
*nod*
I'm also trying to get my head around retrieving data from a POST
form, which I don't think I can get with $r->args? In the
absence of Apache::Request and CGI.pm what's the most appropriate
mp2-pure way to get form data submitted by a POST form?
Something using APR::Table ?
any examples? :)
Carl
mp2: really dumb q re getting values sent to a form
My appologies, I've tried to grok this from the doco, but must have missed it somewhere while trying to parse apache::request somehow? I've got a script, I want to grab submitted values to it of the form : http://foo.bar/perl/script.pl?a=4 And I want to be able to work out what "a" is within script.pl, ie, within the script I want to set a to "4", or whatever it gets called as. I know this is trivially easy to do with CGI.pm, but how do I do it without CGI.pm? (caveats concerning taint etc appreciated) Carl
Re: is anybody using mp2 in production?
I'm using mp2 with Template::Toolkit for a number of production sites on NetBSD. Apart from it whinging at test time, it seems just fine :) Carl
mp2: session/auth handlers stable enough to use?
I'm looking at Apache::SessionX from Embperl as a possible session tracker for an app I'm doing with Template::Toolkit, has anyone any comments/suggestions re how mature this, (or any other recommendations?) session tracking module is under mp2? I've read some comments on CPAN discussing the use of tie() and performance, which I confess to knowing nothing about. Is any of this relevant to mp2? I want to avoid 100% any use of the compat stuff in mp2, and make this as pure an mp2 site as possible. thanks :) Carl
mp2: apache 2.0.46 works
I've just spun up apache 2.0.46 on Solaris 8, and the install of mod_perl 1.99_09 seems fine so far. Carl
Re: CGI.pm and friends port to mp2
Stas Bekman wrote: Lincoln Stein wrote: You want to move to MP2, if one of the following reasons apply: - you are stuck with Apache2 - you want to use i/o filters - you want to write your own protocol handlers - you want to use a threaded mod_perl - you are stuck with win32 (mp1 is unusable on win32, serialization) And you use IPv6 :) Carl
Re: mp2: works with NetBSD? was Re: mp2: anyone got mp2 and apache2.0.44 working on any version of OpenBSD?
Stas Bekman wrote: Carl Brewer wrote: As no-one seems interested in this after a few weeks, It's not about not being interested, but lacking the access to the system and/or lacking the expertise on these platforms. We really need to have at least one person taking care of problems on each of the less-mainstream platforms. Understood, I can make a box available to you if it helps? Carl
mp2: works with NetBSD? was Re: mp2: anyone got mp2 and apache 2.0.44working on any version of OpenBSD?
As no-one seems interested in this after a few weeks, I'm considering NetBSD ... anyone got mod_perl2 and apache2 running nicely on NetBSD 1.6? That's my next-choice O/S for my application, but I don't have a testbed yet to play with. Carl Carl Brewer wrote: Scanning both dev.modperl and here, I've found a couple of mails concerning OpenBSD and mod_perl 2 (1.99_08) with Apache 2.0.44, I've tried a few quick hacks and have been unable to get it working either, with the same error as seen on : http://mathforum.org/epigone/modperl/sponggrunlim/[EMAIL PROTECTED] I'm using perl 5.8.0 on OpenBSD 2.9, but the same error crops up. Has anyone been able to get it to run? (it seems to work well on SunOS 5.8 with the same apache & perl versions) Carl
mp2: any recommendations for template systems yet?
Do any of you have any recommendations for template systems with mp2? Not of the religious kind (!) but more on the lines of what's working with mp2 at the moment? I'm about to port a PHP app to mod_perl and will be covering IPv6 traffic with it, so (and I want to as well :) ) will have to use apache2, and thus mp2. I looked at Mason but their homepage seemed to make little mention of mp2 except in the FAQ "not yet" :) Without wishing to start anything religious ... any suggestions for a template system that handles sessions? I'm not adverse to HTML::Template and Apache::Session if it'll work with mp2. thanks for your time, Carl
mp2: anyone got mp2 and apache 2.0.44 working on any version of OpenBSD?
Scanning both dev.modperl and here, I've found a couple of mails concerning OpenBSD and mod_perl 2 (1.99_08) with Apache 2.0.44, I've tried a few quick hacks and have been unable to get it working either, with the same error as seen on : [EMAIL PROTECTED]">http://mathforum.org/epigone/modperl/sponggrunlim/[EMAIL PROTECTED] I'm using perl 5.8.0 on OpenBSD 2.9, but the same error crops up. Has anyone been able to get it to run? (it seems to work well on SunOS 5.8 with the same apache & perl versions) Carl
