Apache-ASP
view release on metacpan or search on metacpan
CreateObject =>
'OLE-active objects not supported for this platform, '.
'try installing Win32::OLE',
Gzip =>
'Compress::Zlib is needed to make gzip content-encoding work, '.
'If you want to use this feature, get yourself the latest '.
'Compress::Zlib from CPAN. ',
HiRes => undef,
FormFill =>
'HTML::FillInForm is needed to use the FormFill feature '.
'for auto filling forms with $Response->Form() data',
MailAlert => undef,
SendMail => "No mailing support",
StateDB =>
'cannot load StateDB '.
'must be a valid perl module with a db tied hash interface '.
'such as: SDBM_File (default), or DB_File',
StateSerializer =>
'cannot load StateSerializer '.
'must be a valid serializing perl module for use with MLDBM '.
'such as Data::Dumper (default), or Storable',
StatINC => "You need this module for StatINC, please download it from CPAN",
'Cache' => "You need this module for xml output caching",
XSLT => 'Cannot load XML::XSLT. Try installing the module.',
);
sub handler {
my($package, $r) = @_;
my $status = 200;
# allows it to be called as an object method
ref $package and $r = $package;
# default to Apache request object if not passed in, for possible DSO fix
# rarely happens, but just in case
my $filename;
unless($filename = eval { $r->filename }) {
my $rtest = $ModPerl2 ? Apache2::RequestUtil->request() : Apache->request();
if($filename = eval { $rtest->filename }) {
$r = $rtest;
} else {
return &DSOError($rtest);
}
}
# better error checking ?
$filename ||= $r->filename();
# using _ is optimized to use last stat() record
return(404) if (! -e $filename or -d _);
# alias $0 to filename, bind to glob for bug workaround
local *0 = \$filename;
# ASP object creation, a lot goes on in there!
# method call used for speed optimization, as OO calls are slow
my $self = &Apache::ASP::new('Apache::ASP', $r, $filename);
# for runtime use/require library loads from global/INCDir
# do this in the handler section to cover all the execution stages
# following object set up as possible.
local @INC = ($self->{global}, $INCDir, @INC);
# Execute if no errors
$self->{errs} || &Run($self);
# moved print of object to the end, so we'll pick up all the
# runtime config directives set while the code is running
$self->{dbg} && $self->Debug("ASP Done Processing $self", $self );
# error processing
if($self->{errs}) {
require Apache::ASP::Error;
$status = $self->ProcessErrors;
}
# XX return code of 302 hangs server on WinNT
# STATUS hook back to Apache
my $response = $self->{Response};
if($status != 500 and defined $response->{Status} and $response->{Status} != 302) {
# if still default then set to what has been set by the
# developer
$status = $response->{Status};
}
# X: we DESTROY in register_cleanup, but if we are filtering, and we
# handle a virtual request to an asp app, we need to free up the
# the locked resources now, or the session requests will collide
# a performance hack would be to share an asp object created between
# virtual requests, but don't worry about it for now since using SSI
# is not really performance oriented anyway.
#
# If we are not filtering, we let RegisterCleanup get it, since
# there will be a perceived performance increase on the client side
# since the connection is terminated before the garabage collection is run.
#
# Also need to destroy if we return a 500, as we could be serving an
# error doc next, before the cleanup phase
if($self->{filter} || ($status == 500) || ( $r->isa('Apache::ASP::CGI'))) {
$self->DESTROY();
}
if($status eq '200') {
$status = 0; # OK status code is default unless there was an internal error
}
$status;
}
example ./site/eg/formfill.asp.
This feature can be enabled on a per form basis at runtime
with $Response->{FormFill} = 1
PerlSetVar FormFill 1
=item TimeHiRes
default 0, if set and Time::HiRes is installed, will do
sub second timing of the time it takes Apache::ASP to process
a request. This will not include the time spent in the
session manager, nor modperl or Apache, and is only a
rough approximation at best.
If Debug is set also, you will get a comment in your
HTML output that indicates the time it took to process
that script.
If system debugging is set with Debug -1 or -2, you will
also get this time in the Apache error log with the
other system messages.
=head2 Mail Administration
Apache::ASP has some powerful administrative email
extensions that let you sleep at night, knowing full well
that if an error occurs at the web site, you will know
about it immediately. With these features already enabled,
it was also easy to provide the $Server->Mail(\%mail) API
extension which you can read up about in the OBJECTS section.
=item MailHost
The mail host is the smtp server that the below Mail* config directives
will use when sending their emails. By default Net::SMTP uses
smtp mail hosts configured in Net::Config, which is set up at
install time, but this setting can be used to override this config.
The mail hosts specified in the Net::Config file will be used as
backup smtp servers to the MailHost specified here, should this
primary server not be working.
PerlSetVar MailHost smtp.yourdomain.com.foobar
=item MailFrom
Default NONE, set this to specify the default mail address placed
in the From: mail header for the $Server->Mail() API extension,
as well as MailErrorsTo and MailAlertTo.
PerlSetVar MailFrom youremail@yourdomain.com.foobar
=item MailErrorsTo
No default, if set, ASP server errors, error code 500, that result
while compiling or running scripts under Apache::ASP will automatically
be emailed to the email address set for this config. This allows
an administrator to have a rapid response to user generated server
errors resulting from bugs in production ASP scripts. Other errors, such
as 404 not found will be handled by Apache directly.
An easy way to see this config in action is to have an ASP script which calls
a die(), which generates an internal ASP 500 server error.
The Debug config of value 2 and this setting are mutually exclusive,
as Debug 2 is a development setting where errors are displayed in the browser,
and MailErrorsTo is a production setting so that errors are silently logged
and sent via email to the web admin.
PerlSetVar MailErrorsTo youremail@yourdomain.com
=item MailAlertTo
The address configured will have an email sent on any ASP server error 500,
and the message will be short enough to fit on a text based pager. This
config setting would be used to give an administrator a heads up that a www
server error occurred, as opposed to MailErrorsTo would be used for debugging
that server error.
This config does not work when Debug 2 is set, as it is a setting for
use in production only, where Debug 2 is for development use.
PerlSetVar MailAlertTo youremail@yourdomain.com
=item MailAlertPeriod
Default 20 minutes, this config specifies the time in minutes over
which there may be only one alert email generated by MailAlertTo.
The purpose of MailAlertTo is to give the admin a heads up that there
is an error at the www server. MailErrorsTo is for to aid in speedy
debugging of the incident.
PerlSetVar MailAlertPeriod 20
=head2 File Uploads
=item FileUploadMax
default 0, if set will limit file uploads to this
size in bytes. This is currently implemented by
setting $CGI::POST_MAX before handling the file
upload. Prior to this, a developer would have to
hardcode a value for $CGI::POST_MAX to get this
to work.
PerlSetVar 100000
=item FileUploadTemp
default 0, if set will leave a temp file on disk during the request,
which may be helpful for processing by other programs, but is also
a security risk in that other users on the operating system could
potentially read this file while the script is running.
The path to the temp file will be available at
$Request->{FileUpload}{$form_field}{TempFile}.
The regular use of file uploads remains the same
with the <$filehandle> to the upload at
$Request->{Form}{$form_field}. Please see the CGI section
for more information on file uploads, and the $Request
Future work for server farm capabilities might include breaking
up the internal database into one of 256 internal databases
hashed by the first 2 chars of the session id. Also on the plate
is Apache::Session like abilities with locking and/or data storage
occuring in a SQL database. The first dbs to be done will include
MySQL & Oracle.
+Better session security which will create a new session id for an
incoming session id that does not match one already seen. This will
help for those with Search engines that have bookmarked
pages with the session ids in the query strings. This breaks away
from standard ASP session id implementation which will automatically
use the session id presented by the browser, now a new session id will
be returned if the presented one is invalid or expired.
-$Application->GetSession will only return a session if
one already existed. It would create one before by default.
+Script_OnFlush global.asa event handler, and $Response->{BinaryRef}
member which is a scalar reference to the content about to be flushed.
See ./site/eg/global.asa for example usage, used in this case to
insert font tags on the fly into the output.
+Highlighting and linking of line error when Debug is set to 2 or -2.
--removed fork() call from flock() backup routine? How did
that get in there? Oh right, testing on Win32. :(
Very painful lesson this one, sorry to whom it may concern.
+$Application->SessionCount support turned off by default
must enable with SessionCount config option. This feature
puts an unnecessary load on busy sites, so not default
behavior now.
++XMLSubsMatch setting that allows the developer to
create custom tags XML style that execute perl subroutines.
See ./site/eg/xml_subs.asp
+MailFrom config option that defaults the From: field for
mails sent via the Mail* configs and $Server->Mail()
+$Server->Mail(\%mail, %smtp_args) API extension
+MailErrorsTo & MailAlertTo now can take comma
separated email addresses for multiple recipients.
-tracking of subroutines defined in scripts and includes so
StatINC won't undefine them when reloading the GlobalPackage,
and so an warning will be logged when another script redefines
the same subroutine name, which has been the bane of at least
a few developers.
-Loader() will now recompile dynamic includes that
have changed, even if main including script has not.
This is useful if you are using Loader() in a
PerlRestartHandler, for reloading scripts when
gracefully restarting apache.
-Apache::ASP used to always set the status to 200 by
default explicitly with $r->status(). This would be
a problem if a script was being used to as a 404
ErrorDocument, because it would always return a 200 error
code, which is just wrong. $Response->{Status} is now
undefined by default and will only be used if set by
the developer.
Note that by default a script will still return a 200 status,
but $Response->{Status} may be used to override this behavior.
+$Server->Config($setting) API extension that allows developer
to access config settings like Global, StateDir, etc., and is a
wrapper around Apache->dir_config($setting)
+Loader() will log the number of scripts
recompiled and the number of scripts checked, instead
of just the number of scripts recompiled, which is
misleading as it reports 0 for child httpds after
a parent fork that used Loader() upon startup.
-Apache::ASP->Loader() would have a bad error if it didn't load
any scripts when given a directory, prints "loaded 0 scripts" now
=item $VERSION = 0.18; $DATE="02/03/2000";
+Documented SessionQuery* & $Server->URL() and
cleaned up formatting some, as well as redoing
some of the sections ordering for better readability.
Document the cookieless session functionality more
in a new SESSIONS section. Also documented new
FileUpload configs and $Request->FileUpload collection.
Documented StatScripts.
+StatScripts setting which if set to 0 will not reload
includes, global.asa, or scripts when changed.
+FileUpload file handles cleanup at garbage collection
time so developer does not have to worry about lazy coding
and undeffing filehandles used in code. Also set
uploaded filehandles to binmode automatically on Win32
platforms, saving the developer yet more typing.
+FileUploadTemp setting, default 0, if set will leave
a temp file on disk during the request, which may be
helpful for processing by other programs, but is also
a security risk in that others could potentially read
this file while the script is running.
The path to the temp file will be available at
$Request->{FileUpload}{$form_field}{TempFile}.
The regular use of file uploads remains the same
with the <$filehandle> to the upload at
$Request->{Form}{$form_field}.
+FileUploadMax setting, default 0, currently an
alias for $CGI::POST_MAX, which determines the
max size for a file upload in bytes.
+SessionQueryParse only auto parses session-ids
into links when a session-id COOKIE is NOT found.
This feature is only enabled then when a user has
disabled cookies, so the runtime penalty of this
( run in 2.820 seconds using v1.01-cache-2.11-cpan-39bf76dae61 )