• Your recent searches
Apache2-Controller
4 results

 view release on metacpan or  search on metacpan

Changes  view on Meta::CPAN 

            Is this a problem with the DBI rollback handler,
            which closes on a string var in the setup phase?

            Moved all of the internal notes/pnotes garbage
            under one structure $r->pnotes->{a2c} because
            it makes more sense to not clutter the limited
            notes/pnotes key namespace.

1.000.010   2008-12-2

            Detaints directive values. 

            Controller doesn't double-check allowed_methods
            in case your dispatch wants freedom from that.

            Improvements/correction to documentation.

            Session now uses a checkum.  Thanks David Ihern.

            OpenID auth module put on backburner until
            I rewrite it again, I wanted to get this out

README.TODO  view on Meta::CPAN 


What the heck is this?  Any risk of injecting code to be evaluated 
by breaking the connection?  Need to de-taint the value being evaluated
to use.  Or is this a bug in mod_perl and not my lib at all?

[Thu Aug 09 20:05:38 2012] [error] lookup of 'Apache2::Controller::Log::DetectAbortedConnection::' failed
[Thu Aug 09 20:05:38 2012] [error] lookup of 'Apache2::Controller::Log::DetectAbortedConnection::' failed
[Thu Aug 09 20:05:38 2012] [error] [client 10.62.20.90] Can't locate Apache2/Controller/Log/DetectAbortedConnection/.pm in @INC (@INC contains: ...) at (eval 1349) line 2.\n, referer: http://...
[Thu Aug 09 20:05:38 2012] [error] [client 10.62.20.90] Can't locate Apache2/Controller/Log/DetectAbortedConnection/.pm in @INC (@INC contains: ...) at (eval 1349) line 2.\n, referer: http://...
[Thu Aug 09 20:05:39 2012] [error] lookup of 'Apache2::Controller::Log::\xa0\xe1\xc1\xf3\xfa\x7f::' failed
[Thu Aug 09 20:05:39 2012] [error] [client 10.62.20.90] Unrecognized character \\xA0; marked by <-- HERE after ler::Log::<-- HERE near column 35 at (eval 1349) line 1.\n, referer: http://...

lib/Apache2/Controller/Directives.pm  view on Meta::CPAN 

=head1 SYNOPSIS

 # apache2 config file
 PerlLoadModule Apache2::Controller::Directives

 # for Apache2::Controller::Render::Template settings:
 A2C_Render_Template_Path /var/myapp/templates

 # etc.

All values are detainted using C<< m{ \A (.*) \z }mxs >>,
since they are assumed to be trusted because they come
from the server config file.  As long as you don't give
your users the ability to set directives, it should be okay.

=cut

use strict;
use warnings FATAL => 'all';
use English '-no_match_vars';

lib/Apache2/Controller/Directives.pm  view on Meta::CPAN 

        return;
    }

    my $file = $value;
  # DEBUG("using file '$file' as A2C_Dispatch_Map");
    croak "A2C_Dispatch_Map $file does not exist or is not readable."
        if !(-e $file && -f _ && -r _);
    
    # why not go ahead and load the file!

    # slurp it in so it can be detainted.

    my $file_contents;
    {   local $/;
        open my $loadfile_fh, '<', $file 
            || croak "Cannot read A2C_Dispatch_Map $file: $OS_ERROR";
        $file_contents = <$loadfile_fh>;
        close $loadfile_fh;
    }

    eval { $self->{A2C_Dispatch_Map} = Load($file_contents) };

lib/Apache2/Controller/Directives.pm  view on Meta::CPAN 

one parameter and verifies that the directory exists and is readable.

(At startup time Apache2 is root... this should verify readability by 
www user?  Hrmm how is it going to figure out what user that is?
It will have to access the server config via $parms. Except that
this does not appear to work?  It returns an empty hash.)

=cut

sub A2C_Render_Template_Path {
    my ($self, $parms, @directories_untainted) = @_;

    my @directories = map { 
        my ($val) = $_ =~ m{ \A (.*) \z }mxs;
        $val;
    } @directories_untainted;

    # uhh... this doesn't work?
  # my $srv_cfg = Apache2::Module::get_config($self, $parms->server);
  # DEBUG(sub{"SERVER CONFIG:\n".Dump({
  #     map {("$_" => $srv_cfg->{$_})} keys %{$srv_cfg}
  # }) });
  # DEBUG("server is ".$parms->server);

    # I need to figure out how to merge these or something

lib/Apache2/Controller/Render/Template.pm  view on Meta::CPAN 

    Apache2::Controller
    Apache2::Controller::Render::Template
 );

 use Apache2::Const -compile => qw( HTTP_OK );

 sub allowed_methods {qw( default )}

 sub default {
    my ($self, @first, @last) = @_;
    my @path_args = $self->my_detaint_path_args('name'); # from $self->{path_args}

    $self->{stash}{creditcards} = $self->pnotes->{a2c}{dbh}->fetchall_arrayref(
        q{  SELECT ccnum, exp, addr1, zip, cac 
            FROM customer_credit_cards 
            WHERE lname = ? AND fname = ?
        }, undef, @path_args
    );

    # request was like http://myserver.xyz/foo/Larry/Wall



( run in 0.307 second using v1.01-cache-2.11-cpan-d6f9594c0a5 )