Re: File Upload Questions
So far, I've seen two suggestions; both are very good, and I wanted to try to offer a combination, based on a real implementation. The relevant parts of the source code for uploading the content (as related to writing the actual file on the server): my $r=shift; my $q=Apache::Request-instance($r); [snip] my $File=$q-upload('fid') || undef; [snip] my $hFile=$File-fh || undef; [snip] my $fLoc=fqName($hMD5); open(my $DOUT,$fLoc); binmode $DOUT; [snip] seek($hFile,0,0); ps_status(Compressing $fname...); while ($hFile) { ($output,$status)=$dStream-deflate($_); $status == Z_OK or die (Error deflating: $status); print $DOUT $output; } ($output,$status)=$dStream-flush(); $status==Z_OK or die (Error flushing: $status); print $DOUT $output; close $DOUT; As you can see, this code uses an interim deflate stream, but the loop would work just as well without it (eg, simply print $DOUT $_; inside the while loop). Issac PS. If you want to see the application, feel free to conatct me off-list and I'll send you the URL. - Original Message - From: Dennis Daupert [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, November 14, 2002 10:47 PM Subject: File Upload Questions I have gotten file upload working using Apache::Request for text files. But binary files seem to have other ideas :-) For example, uploading a word doc, I get a success message, but when I retrieve the doc after uploading it, and try to open it in Word 2000, I get the popup error message: The document name or path is not valid... etc Do I need to do anything to detect the content type of the file and set binary versus ascii transfers? The man page for Apache::Request talks about type, but not how to set the transfer. In case I have done something silly in my code, here is a section in which I untaint the filename, and also remove the leading c:\path\to\file info (for windows uploads) or similar /path/to/file for unix uploads: # now let's untaint the filename itself if ($data{'up_filename'} =~ /^([-\@\/\w\:\\.]+)$/) { $data{'up_filename'} = $1; my $cleanfile = $data{'up_filename'}; $cleanfile = $1; # $cleanfile now untainted $cleanfile =~ s#\.\.##g; $cleanfile =~ s[//][/]g; # take out windows backslashes if ($cleanfile =~ /\\/) { my @parts = split ( /\\/, $cleanfile ); $cleanfile = pop @parts; } # take out unix forward slashes if ($cleanfile =~ /\//) { my @parts = split ( /\//, $cleanfile ); $cleanfile = pop @parts; } $data{'up_filename'} = $cleanfile; } And then: my $fh = $upload-fh; my @file = $fh; open ( WRITEFILE, $data{'write_dir'}/$data {'up_filename'} ) or die couldn't open $data{'up_filename'} for writing: $! \n; print WRITEFILE @file; close (WRITEFILE); Any insight greatly appreciated. /dennis -- - Office phone: 817-762-8304 -- - Great leaders never tell people how to do their jobs. Great leaders tell people what to do and establish a framework within which it must be done. Then they let people on the front lines, who know best, figure out how to get it done. ~ General H. Norman Schwarzkopf
Re: Apache::DBI and password security
On Fri, 15 Nov 2002, [iso-8859-1] Faßhauer, Wolfgang, FCI3 wrote: one database user because of resource limits. The problem I see is that the password for connecting to the database is clear readable in the perl script. Does anybody know how to hide that password? Have you thought of running your webserver as some 'www' user? You can then make your scripts readonly by a 'dev' group which the www user and the developes are members of.
Re: Apache::DBI and password security
On Fri, 15 Nov 2002, Rafiq Ismail (ADMIN) wrote: On Fri, 15 Nov 2002, [iso-8859-1] Faßhauer, Wolfgang, FCI3 wrote: one database user because of resource limits. The problem I see is that the password for connecting to the database is clear readable in the perl script. Does anybody know how to hide that password? Have you thought of running your webserver as some 'www' user? You can then make your scripts readonly by a 'dev' group which the www user and the developes are members of. CORRECT: 'readonly' should be 'only readable' by R.
AW: Apache::DBI and password security
Hi, I want to build a database application based on mod_perl and Apache::DBI. The goal of Apache::DBI is to get persistent database connections using only one database user because of resource limits. The problem I see is that the password for connecting to the database is clear readable in the perl script. Does anybody know how to hide that password? I think, storing it in a file for reading by the script is not the right way (?). Thanks for help! - Wolfgang Have you thought of running your webserver as some 'www' user? You can then make your scripts readonly by a 'dev' group which the www user and the developes are members of. CORRECT: 'readonly' should be 'only readable' by Yes, that's our plan, too. But the risk still remains that someone will get a look to the script. I think, there is a golden rule: Never put clear text passwords in files. Those files are stored in archives by backup for example. There maybe a lot of people (sysadmin, developer, ...) concerned with the webserver. So it's not easy to secure it. - Wolfgang
Re: AW: Apache::DBI and password security
On Fri, 15 Nov 2002, [iso-8859-1] Faßhauer, Wolfgang, FCI3 wrote: Have you thought of running your webserver as some 'www' user? You can then make your scripts readonly by a 'dev' group which the www user and the developes are members of. CORRECT: 'readonly' should be 'only readable' by Yes, that's our plan, too. But the risk still remains that someone will get a look to the script. I think, there is a golden rule: Never put clear text passwords in files. Those files are stored in archives by backup for example. There maybe a lot of people (sysadmin, developer, ...) concerned with the webserver. So it's not easy to secure it. A thought, although I've never been so secure myself and I'm not sure how secure this would be - but it's one of those silly convoluted ideas you have to tell someone. Since you're using mod_perl and apache_dbi, this is just a thought. Use the Crypt::Blowfish_PP to generate an encrypted password and place it as a variable in a package somewhere. During server startup take a password from the command line, some sort of: Perl Paranoid::CryptDBIPassword::promptForPassword /Perl getliner. Take the value as my $key and: my $bfish = Crypt::Blowfish_PP-new($key) $Apache::PARANOID::dbiPassword = $bfish-decrypt($encryptedPassword); then whenever you want your password you access $Apache::PARANOID::dbiPassword. Hmm. I think that the guy who wrote Blowfish_PP would cut my danglies off for that one. R.
AW: Apache::DBI and password security
Yes, that's our plan, too. But the risk still remains that someone will get a look to the script. I think, there is a golden rule: Never put clear text passwords in files. Those files are stored in archives by backup for example. There maybe a lot of people (sysadmin, developer, ...) concerned with the webserver. So it's not easy to secure it. A thought, although I've never been so secure myself and I'm not sure how secure this would be - but it's one of those silly convoluted ideas you have to tell someone. Since you're using mod_perl and apache_dbi, this is just a thought. Use the Crypt::Blowfish_PP to generate an encrypted password and place it as a variable in a package somewhere. During server startup take a password from the command line, some sort of: Perl Paranoid::CryptDBIPassword::promptForPassword /Perl getliner. Take the value as my $key and: =09my $bfish =3D Crypt::Blowfish_PP-new($key) =09$Apache::PARANOID::dbiPassword =09=3D $bfish-decrypt($encryptedPassword); then whenever you want your password you access $Apache::PARANOID::dbiPassword. Hmm. I think that the guy who wrote Blowfish_PP would cut my danglies off for that one. R. This is an interesting idea. Many thanks to you, Rafiq! - Wolfgang
Re: AW: Apache::DBI and password security
On Fri, 15 Nov 2002, [iso-8859-1] Faßhauer, Wolfgang, FCI3 wrote: Hmm. I think that the guy who wrote Blowfish_PP would cut my danglies off for that one. This is an interesting idea. Cutting my danglies off? hmm. Sounds painful. Many thanks to you, Rafiq! s'ok, although I wouldn't implement this myself. There are probably nicer ways of being paranoid out there. And just use Crypt::Blowfish if you really want to use Blowfish. :) Good luck. R.
RE: URI escaping question
According to RFC 2396 (http://www.ietf.org/rfc/rfc2396.txt) the reserved characters in the query component of a URI are ;, /, ?, :, @,, =, +, ,, and $. As amended by RFC 2732(http://www.ietf.org/rfc/rfc2732.txt) the characters [ and ] have been added (formerly _unwise_) There is also an _unwise_ set including {, },|,\, and ` On a side note, although URI::Escape properly unescapes Unicode, it doesn't escape it (for me, with 5.6.1) Neils Poppe recently suggested this on perl-xml for UTF-8 sub escape { join '', map { chr($_) =~ /([a-zA-Z0-9_.-])/o? $1 : sprintf %%%02X, $_ } unpack 'C*', shift } -Original Message- From: Kyle Oppenheim [mailto:kyleo;tellme.com] Sent: Thursday, November 14, 2002 7:11 PM To: modperl List Subject: Re: URI escaping question According to RFC 2396 (http://www.ietf.org/rfc/rfc2396.txt) the reserved characters in the query component of a URI are ;, /, ?, :, @,, =, +, ,, and $. Apache::Util-escape_uri() does not escape :, @, , =, +, ,, or $. Something like the following should work: use URI::Escape qw(uri_escape); sub uri_escape_query_value { my $character_class = '^A-Za-z0-9\-_.!~*\'()'; uri_escape($_[0], $character_class); } - Kyle - Original Message - From: Ray Zimmerman [EMAIL PROTECTED] To: modperl List [EMAIL PROTECTED] Cc: Raj Chandran [EMAIL PROTECTED] Sent: Thursday, November 14, 2002 12:25 PM Subject: URI escaping question Oops ... finger slipped before I was done typing ... Suppose I have a hash of string values that I want to include in the query string of a redirect URL. What is the accepted way of escaping the values to be sure that they come through intact? Specifically, it seems that Apache::Util-escape_uri() is not escaping '=' and '' so if one of the values in the hash is a URI with a query string it messes things up. -- Ray Zimmerman / e-mail: [EMAIL PROTECTED] / 428-B Phillips Hall Sr Research / phone: (607) 255-9645 / Cornell University Associate / FAX: (815) 377-3932 / Ithaca, NY 14853 -- This message is intended only for the personal and confidential use of the designated recipient(s) named above. If you are not the intended recipient of this message you are hereby notified that any review, dissemination, distribution or copying of this message is strictly prohibited. This communication is for information purposes only and should not be regarded as an offer to sell or as a solicitation of an offer to buy any financial product, an official confirmation of any transaction, or as an official statement of Lehman Brothers. Email transmission cannot be guaranteed to be secure or error-free. Therefore, we do not represent that this information is complete or accurate and it should not be relied upon as such. All information is subject to change without notice.
Re: File Upload Questions
Thanks all for the suggestions; I really appreciate the help. I will tuck BINMODE away for future reference. Before I got those ideas, while digging around in the mailing list archives I found a reference to the link function in Apache::Request that creates a hard symlink to a specified path from the uploaded temp file, thus: my $upload = $apr-upload('file'); $upload-link(/path/to/newfile) or die sprintf link from '%s' failed: $!, $upload-tempname; I tried that last night, and it works great. Makes me a believer in checking the archives. /dennis --- Office phone: 817-762-8304 --- Great leaders never tell people how to do their jobs. Great leaders tell people what to do and establish a framework within which it must be done. Then they let people on the front lines, who know best, figure out how to get it done. ~ General H. Norman Schwarzkopf
Re: AW: Apache::DBI and password security
On Fri, Nov 15, 2002 at 12:52:13PM +, Rafiq Ismail (ADMIN) wrote: $Apache::PARANOID::dbiPassword = $bfish-decrypt($encryptedPassword); then whenever you want your password you access $Apache::PARANOID::dbiPassword. Hmm. I think that the guy who wrote Blowfish_PP would cut my danglies off for that one. Which is why you copied him in the first place? :-) In general, though, there isn't a good way to get any security from any system that has to be able to access sensitive data in an automatic way. MBM -- Matthew Byng-Maddick [EMAIL PROTECTED] http://colondot.net/
Re: AW: Apache::DBI and password security
=?iso-8859-1?Q?=22Fa=DFhauer=2C_Wolfgang=2C_FCI3=22?= [EMAIL PROTECTED] ads.net wrote: Hi, I want to build a database application based on mod_perl and Apache::DBI. The goal of Apache::DBI is to get persistent database connections using only one database user because of resource limits. The problem I see is that the password for connecting to the database is clear readable in the perl script. Does anybody know how to hide that password? I think, storing it in a file for reading by the script is not the right way (?). Thanks for help! - Wolfgang Have you thought of running your webserver as some 'www' user? You can then make your scripts readonly by a 'dev' group which the www user and the developes are members of. CORRECT: 'readonly' should be 'only readable' by Yes, that's our plan, too. But the risk still remains that someone will get a look to the script. I think, there is a golden rule: Never put clear text passwords in files. Those files are stored in archives by backup for example. There maybe a lot of people (sysadmin, developer, ...) concerned with the webserver. So it's not easy to secure it. Something we do is put the password in a file outside the document root. The script reads the file. If running with mod_perl, this can be in a file readable only by root read during server startup (assuming the server starts up as root). Then the password can be cached in memory. If it changes, a graceful restart might be sufficiant, but I haven't tried that yet -- most of our current code is PHP that we're are working on replacing. The last time I played with mod_perl and graceful restarts was the early 1.2x or late 1.1x mod_perl and it didn't always work well, iirc. I think some of that has been fixed. -- James Smith [EMAIL PROTECTED], 979-862-3725 Texas AM CIS Operating Systems Group, Unix
DBI question
Hiya everyone, I am new to mod_perl and have a question about generating dynamic webpages from a mysql database. I have a script that queries a IDS database and generates results such as Top 5 Signatures, etc. The problem is when I pass the results to the web interface it seems to be looping. What I mean is that when I refresh the page, instead of getting the Top 5 - i get the top 10, then 15etc. I am using HTML::Template to generate my HTML files, and I have two servers running, one for static docs, one for mod_perl stuff, and I create me DB connections persistently in my startup.pl file. It seems if you wait long enough, you only get 5 results for some of the queries others I get X5 Anyone seen this behaviour before?? Suggestions would be appreciated. Brett
RE: DBI question
Brett; The script, and variables, are being cached. Declaring the variables in the smallest possible scope with my should do the trick. The reason that you sometimes see only 5 is that you are hitting an apache child which has not been hit before. Reading this will definitely be helpful... http://perl.apache.org/docs/1.0/guide/porting.html -josh -Original Message- From: [EMAIL PROTECTED] [mailto:Brett.Gillett;tsx.ca] Sent: Friday, November 15, 2002 4:00 PM To: [EMAIL PROTECTED] Subject: DBI question Hiya everyone, I am new to mod_perl and have a question about generating dynamic webpages from a mysql database. I have a script that queries a IDS database and generates results such as Top 5 Signatures, etc. The problem is when I pass the results to the web interface it seems to be looping. What I mean is that when I refresh the page, instead of getting the Top 5 - i get the top 10, then 15etc. I am using HTML::Template to generate my HTML files, and I have two servers running, one for static docs, one for mod_perl stuff, and I create me DB connections persistently in my startup.pl file. It seems if you wait long enough, you only get 5 results for some of the queries others I get X5 Anyone seen this behaviour before?? Suggestions would be appreciated. Brett -- This message is intended only for the personal and confidential use of the designated recipient(s) named above. If you are not the intended recipient of this message you are hereby notified that any review, dissemination, distribution or copying of this message is strictly prohibited. This communication is for information purposes only and should not be regarded as an offer to sell or as a solicitation of an offer to buy any financial product, an official confirmation of any transaction, or as an official statement of Lehman Brothers. Email transmission cannot be guaranteed to be secure or error-free. Therefore, we do not represent that this information is complete or accurate and it should not be relied upon as such. All information is subject to change without notice.
Namespace problem
I am having a namespace problem that is a slight twist to that described in the 1.0 docs http://perl.apache.org/docs/1.0/guide/porting.html#Name_collisions_with_Modules_and_libs My problem is even simpler, but worse. If I have two CGI programs using the same required script. Initially one works without any problems. Then if I call up the other script, each time I get an error saying the subroutine cannot be found. Refresh the browser and it works, but then the first one starts to give an error; Error message: Undefined subroutine ModPerl::ROOT::ModPerl::Registry::home_httpd_qx_2dbin_gdtest1::goodDay called at /home/httpd/qx-bin/gdtest1 line 7. This has to be something simple because I don't get the error with normal Library components. What am I missing here?? Here is the package, and both CGI scripts that use it. Thanks for any help, Tom -- commontest.pl -- #!/usr/local/bin/perl # Common Functions that will be 'required' by Perl CGI scripts CONFIG: { package commontest ; } sub goodDay { package commontest ; print H1Good Day Billy/H1\n ; } 1; -- gdtest1 (First CGI script that uses the package #!/usr/local/bin/perl require /usr/lib/perl5/site_perl/commontest.pl ; print Content-Type: text/html; charset=ISO-8859-1\n\n ; print headtitleTest 1/title/headbodyH1Test 1/H1\n ; goodDay ; print /bodyhtml\n ; exit ; -- gdtest2 (Second CGI script that uses the package #!/usr/local/bin/perl require /usr/lib/perl5/site_perl/commontest.pl ; print Content-Type: text/html; charset=ISO-8859-1\n\n ; print headtitleTest 2/title/headbodyH1Test 2/H1\n ; goodDay ; print /bodyhtml\n ; exit ; __ Do you Yahoo!? Yahoo! Web Hosting - Let the expert host your site http://webhosting.yahoo.com
Re: please help... mod_ssl seems to overwrite mod_perl and mod_perls eems to overwrite mod_ssl
I followed the instructions in INSTALL.simple.mod_ssl and did: setenv SSL_BASE SYSTEM setenv EAPI_MM SYSTEM cd mod_ssl-2.8.10-1.3.26 ./configure --with-apache=../apache_1.3.26/ cd ../mod_perl perl Makefile.PL DO_HTTPD=1 APACHE_PREFIX=/usr/local/apache APACHE_SRC=../apache-1.3.26/src USE_APACI=1 EVERYTHING=1 APACI_ARGS='--enable-module=ssl' make ../apache-1.3.26/src/httpd -l should list both mod_ssl.c and mod_perl.c Mitchel, Jennifer (Jem) wrote: Hi all, How do I get BOTH mod_perl and mod_ssl built into and working in Apache? I had mod_perl successfully built into my apache to use Authentication hook. Then I added mod_ssl in and I started to get errors from my .htaccess file Error: [Fri Nov 15 14:39:03 2002] [alert] [client 135.2.60.152] /web/content/askLucent/password-reset/cgi-bin/.htaccess: Invalid command 'PerlSetVar', perhaps mis-spelled or defined by a module not included in the server configuration Contents of .htaccess Limit GET POST AuthName NT Domain\Login and Password AuthType Basic #PerlSetVar NT_Controllers 'na02il0015dc00:na02il0015dc01' PerlSetVar NT_Controllers 'na02il0015dc04:na02il0015dc01:NA02IL0015DC02' PerlAuthenHandler Apache::AuthenN2 require valid-user /Limit so i rebuilt mod_perl back into apache and now I get errors of directives from mod_ssl in my httpd.conf file Error: 5e-cts root: /web/server/apache/1.3.22/bin/apachectl stop ; /web/server/apache/1.3.22/bin/apachectl start /web/server/apache/1.3.22/bin/apachectl stop: httpd (no pid file) not running Syntax error on line 1008 of /web/server/apache/1.3.22/conf/httpd.conf: Invalid command 'SSLRandomSeed', perhaps mis-spelled or defined by a module not included in the server configuration /web/server/apache/1.3.22/bin/apachectl start: httpd could not be started Lines from httpd.conf: SSLRandomSeed startup builtin SSLRandomSeed connect builtin SSLRandomSeed startup file:/dev/random 512 SSLRandomSeed connect file:/dev/random 512 I need to use both mod_perl and mod_ssl and it seems like keeps overwriting the other. How do I change this so I can get them built in together? Thank you Jem -- _.,-*~`^'~*-,._ Danny Rathjens _.,-*~`^'~*-,._ FireCast: Rock solid kiosk software: http://wirespring.com
RFC: Template::YetAnother
Hi! Yes, this is a RFC for Yet Another Templating System. I know that there are a lot of those around. But this own might be different/interesting (at least I think/hope so...) I also posted this on perlmonks: http://www.perlmonks.org/index.pl?node_id=213300 So, here it is, in POD format: =pod =head1 NAME Template::YetAnother =head1 INTRODUCTION =head2 Why another templating system? There are a lot of templating modules on CPAN. Some are obvious, some are hidden in very strange namespaces (eg HTML::Processor). Some are used a lot, some not. I read a lot of manpages, but definitly not all and none completly. If there is a module doing what I am proposing, please inform me! Before we continue, read Perrin Harkins' Choosing a Templating System, available here: http://perl.apache.org/docs/tutorials/tmpl/comparison/comparison.html There are different types of Templating Systems available. Some are complete Application Frameworks, including stuff like Session Management, Form Handling etc. Examples include Mason, AxKit and Embperl. They are nice. They work. But that's not what I'm looking for. I want Just Templates. Why? Because IMO, the main reason for using templates is to seperate code from markup. The code produces some data. The markup displays the data. Those Application Frameworks don't seem to be too good at seperating code and markup (I have to admit though, that I know next to nothing about them, only that they are too big/powerfull). After all, they Bembed code in markup. So I am looking for a pipeline-type, Just-Template System, which reduces the number of available modules somewhat. The best-known contestors here are TemplateToolkit resp. Apache::Template and HTML::Template. But if you look at there manpages, you'll quickly find references to stuff like CTPL_LOOP (HTML::Template). TT2 even has it's own mini-language. So, once again, code (even rather trivial) mixed with the markup. There is one module, CGI::FastTemplate, that does seperate code from markup completly. But the way different templates are strung together seems rather comlicated to me. But why is there no Templating System with a clean seperation of code and markup? There are two types of code (at least) that pollute nearly all Templating Systems: =over =item * Loops Loops are one of the things computers do best (for very good reasons, mainly lazyness of humans). So, a template should be able to handle large amounts of similar data using ... a template. Obvious. So a Templating System must handle Loops. Most (all?) do it by adding some sort of LOOP or FOREACH Syntax, thereby introducing code into the markup. But there is another way to loop over data: Recursion. =item * If-Blocks As the template is rather general, you want it to handle slightly different kinds of data differently. One very obvious example would be to print something like No Data instead of Cundef. Or to highlight the current item in a list. Often IF-Blocks are also used to present different kinds of data differently, which can lead to long series of IF-ELSIF-ELSE blocks. Which is a clear pointer that one should use Object Orientation instead. Another way would be to add something like attributes to the data. But as far as I know, attributes aren't included that thightly into Perl as OO. =back So I am looking for a Templating System that does Just Templating, no code in the markup, maybe by using recursion and OO. I didn't find anything. So I am proposing this: =head2 Template::YetAnother The name is just a placeholder right now, other ideas are: =over =item * Template::Dumper =item * Template::Stringify =item * Template::OO =item * Template::OO_Dumper =item * any other ideas? =back Template::YetAnother is yet another Templating module, using a slightly different approach than most of the other Templating modules. The templates are completly dumb. There is Babsolutly no piece of code in a template - neither Perl nor mini language. A template consists of arbitrary text (e.g. HTML) and Template Tags, e.g. [% title %] Your application builds up a data structure. The data structure consists of various Perl Data Types (Strings, Arrays, Hashes) and Template::YetAnother Objects (or Data Structures marked with some other kind of metainformation, e.g. with attributes) The data structure gets passed to Template::YetAnother, which magically find the right template for each object and replaces all Template Tags (recursivly) with the dumped/stringified data structure. Template::YetAnother is like Data::Dumper on steroids. It's the big Stringifyer. Template::YetAnother doesn't use one monolithic template, but a lot of small template fragments, each one correlating to a data type generated by the application. Template::YetAnother is just an idea right now. I am trying the write documentation, write tests, write code way of development... There is only a small prove-of-concept type bit of code (I can send it/post it if somebody cares..).
please help... mod_ssl seems to overwrite mod_perl and mod_perl seems to overwrite mod_ssl
Hi all, How do I get BOTH mod_perl and mod_ssl built into and working in Apache? I had mod_perl successfully built into my apache to use Authentication hook. Then I added mod_ssl in and I started to get errors from my .htaccess file Error: [Fri Nov 15 14:39:03 2002] [alert] [client 135.2.60.152] /web/content/askLucent/password-reset/cgi-bin/.htaccess: Invalid command 'PerlSetVar', perhaps mis-spelled or defined by a module not included in the server configuration Contents of .htaccess Limit GET POST AuthName NT Domain\Login and Password AuthType Basic #PerlSetVar NT_Controllers 'na02il0015dc00:na02il0015dc01' PerlSetVar NT_Controllers 'na02il0015dc04:na02il0015dc01:NA02IL0015DC02' PerlAuthenHandler Apache::AuthenN2 require valid-user /Limit so i rebuilt mod_perl back into apache and now I get errors of directives from mod_ssl in my httpd.conf file Error: 5e-cts root: /web/server/apache/1.3.22/bin/apachectl stop ; /web/server/apache/1.3.22/bin/apachectl start /web/server/apache/1.3.22/bin/apachectl stop: httpd (no pid file) not running Syntax error on line 1008 of /web/server/apache/1.3.22/conf/httpd.conf: Invalid command 'SSLRandomSeed', perhaps mis-spelled or defined by a module not included in the server configuration /web/server/apache/1.3.22/bin/apachectl start: httpd could not be started Lines from httpd.conf: SSLRandomSeed startup builtin SSLRandomSeed connect builtin SSLRandomSeed startup file:/dev/random 512 SSLRandomSeed connect file:/dev/random 512 I need to use both mod_perl and mod_ssl and it seems like keeps overwriting the other. How do I change this so I can get them built in together? Thank you Jem
timing downloads with mod_perl
I would like to log the time it take users to download items from my site. Has anyone has any success writing a mod perl prog to accomplish this? Thanks! __ Do you Yahoo!? Yahoo! Web Hosting - Let the expert host your site http://webhosting.yahoo.com
Executing Apache::Registry cached script from normal mod_perl
Hi, I have a script which executes under Apache::Registry and resides in /perl/blah.pl. However, it only generates a fragment of a page, and is normally embedded into an html template using SSI with something like: !--#perl sub=Apache::Include arg=/perl/blah.pl -- I am very aware that this would be better implemented as a raw perl module used from apache's startup.pl (and then embedded using something like !--#perl sub=Blah --) - but practically this isn't an option right now. My problem is that I would like to nonetheless execute this code from 'normal' mod_perl; from a library used from startup.pl. I've tried doing this two ways to date, both of which have failed painfully: 1) Apache::Include-virtual(/perl/blah.pl); Which simply segfaults the httpd process - presumably because the perl interpreter which tries to handle the Included request collides with the one actually executing the original script. 2) Apache::ROOTwww_2edomain_2ecom::perl::blah_2epl(); Which fails with the above being an Undefined subroutine. Now, running this with apache in non-forking mode as httpd -X and $Apache::Registry::Debug = 4, I first request the URL of /perl/blah.pl to make sure that Apache::Registry has compiled and cached the script: [Fri Nov 15 19:58:13 2002] [error] Apache::Registry::handler for /www01/domain.com/perl/blah.pl in process 31030 [Fri Nov 15 19:58:13 2002] [error] Apache::Registry::handler examining /perl/blah.pl [Fri Nov 15 19:58:13 2002] [error] Apache::Registry::handler package Apache::ROOTwww_2edomain_2ecom::perl::blah_2epl And see that it seems to compile and cache the script fine, with the expected name, and indeeds generates the output to the browser correctly. However, on then requesting a different Apache::Registry script which makes use of the library preloaded in startup.pl which attempts to execute Apache::ROOTwww_2edomain_2ecom::perl::blah_2epl(), it still dies on failing to find that subroutine. Any insight into how I might persuade this to work (without doing the Right Thing and shifting everything into preloaded libraries (and perhaps handlers)) would be appreciated. This is all happening under Apache/1.3.27 mod_perl/1.27, with Apache::Registry version 2.01 running on debian woody x86. thanks, Matthew.
Re: Executing Apache::Registry cached script from normal mod_perl
Matthew Hodgson wrote: Hi, I have a script which executes under Apache::Registry and resides in /perl/blah.pl. However, it only generates a fragment of a page, and is normally embedded into an html template using SSI with something like: !--#perl sub=Apache::Include arg=/perl/blah.pl -- I am very aware that this would be better implemented as a raw perl module used from apache's startup.pl (and then embedded using something like !--#perl sub=Blah --) - but practically this isn't an option right now. How about just executing this file like this: do $path_to/perl/blah.pl; Regards, Josh Josh Chamas, Founder phone:925-552-0128 Chamas Enterprises Inc.http://www.chamas.com NodeWorks Link Checkinghttp://www.nodeworks.com
Re: RFC: Template::YetAnother
Thomas Klausner wrote: Hi! Yes, this is a RFC for Yet Another Templating System. I know that there are a lot of those around. But this own might be different/interesting (at least I think/hope so...) I also posted this on perlmonks: http://www.perlmonks.org/index.pl?node_id=213300 So, here it is, in POD format: Don't do it. If you want a stripped down version of an existing templatting language, then that's great. Work with the authors of exising frameworks like Template Toolkit or HTML::Template that *were designed* as pure template frameworks ( as opposed to the app frameworks like Embperl, ASP, AxKit, Mason) I'm sure you can get the authors to accept patches to disable features that you don't want, you might even be able to create a subclass of such a template module that sets these for the end user, so if they just use Template:JustVarsPlease, and Template::JustVarsPlease is a subclass of Template or HTML::Template, then you have your solution. Those template solutions that are too much for you got that way because their users wanted needed more. That is the natural evolution of these things. The perl template user community is already fractured enough, better to hop onto a project, hack it to your satisfaction ( with the blessing of the maintainers ) to get the configs/subclasses you need for your requirements. That's what I would do anyway. :) Regards, Josh Josh Chamas, Founder phone:925-552-0128 Chamas Enterprises Inc.http://www.chamas.com NodeWorks Link Checkinghttp://www.nodeworks.com