Hello Joshua!
I think, I catch new bug of Apache::ASP again, although may be Apache::ASP
is innocent in this case.
I have 2 Apache servers - simple/proxy and mod_perl and secured virtual site
of management big Samara portal.
Secured on simple Apache.
----------------------------------------------------------------------------
----
<Macro auth_macro $realm $group>
<IfDefine simple>
<Directory /usr/web/$realm/data/>
AuthType Basic
AuthName $realm
AuthUserFile /usr/web/users_file
AuthGroupFile /usr/web/groups_file
require group $group
</Directory>
</IfDefine>
</Macro>
----------------------------------------------------------------------------
----
This site is located at http://195.128.133.23:777 - here listen simple
Apache, mod_perl Apache listen on http://195.128.133.23:778 address and I
don't want that anyone can acces mod_perl Apache from outside the server
Therefore, I have following handler.
----------------------------------------------------------------------------
----
sub My::ProxyRemoteAddr ($)
{
my $r = shift;
# we'll only look at the X-Forwarded-For header if the requests
# comes from our proxy at localhost
return FORBIDDEN unless ($r->connection->remote_ip =~ /^195.128.133/);
if (my ($ip) = $r->header_in('X-Forwarded-For') =~ /([^,\s]+)$/)
{
$r->connection->remote_ip($ip);
}
return OK;
}
----------------------------------------------------------------------------
----
All worked just pretty fine until I try, for fun, connect to mod_perl
directly...
http://195.128.133.23:778/
As I await - I got
----------------------------------------------------------------------------
----
Forbidden
You don't have permission to access / on this server.
----------------------------------------------------------------------------
----
Apache/1.3.9 Server at www.samara.ru-editor Port 778
----------------------------------------------------------------------------
----
Huh! It's cool! But...
After it I return to 777 port and request
http://195.128.133.23:777/index.shtml
and got a error:
----------------------------------------------------------------------------
----
Errors Output
> Can't use string ("select level,rubric_id,parent_id") as a SCALAR ref
while "strict refs" in use at (eval 13) line 14.
, /usr/lib/perl5/site_perl/5.005/Apache/ASP.pm line 1142
Debug Output
> STARTING ASP HANDLER (v0.17) for file
/usr/web/www.samara.ru-editor/data/index.shtml
> GlobalASA package
Apache::ASP::Compiles::_usr_web_www_samara_ru_editor_global_global_asa
> ASP object created - GlobalASA: Apache::ASP::GlobalASA=HASH(0x8700d08);
Request: Apache::ASP::Request=HASH(0x870443c); Response:
Apache::ASP::Response=HASH(0x876b0b0); Server:
Apache::ASP::Server=HASH(0x8705c0c); app_state: 1; basename: index.shtml;
buffering_on: 1; cgi_headers: 0; clean: 0; compile_includes: 1; dbg: 2;
debugs_output: ARRAY(0x876b134); errs: 0; filename:
/usr/web/www.samara.ru-editor/data/index.shtml; global:
/usr/web/www.samara.ru-editor/global; global_package: ; id:
_usr_web_www_samara_ru_editor_data_index_shtmlxDYN; includes_dir:
/usr/web/inc; init_packages: ARRAY(0x83bed14); mail_alert_to: ;
mail_errors_to: ; mtime: 944649459; no_cache: ; no_session: 0; no_state: 1;
package:
Apache::ASP::Compiles::_usr_web_www_samara_ru_editor_global_global_asa;
pod_comments: 1; r: Apache=SCALAR(0x8634908); stat_inc: ; stat_inc_match: ;
unique_packages: 0;
> executing _usr_web_www_samara_ru_editor_data_index_shtmlxDYN
> executing
Apache::ASP::Compiles::_usr_web_www_samara_ru_editor_global_global_asa::_usr
_web_www_samara_ru_editor_global_portal_inc
> executing
Apache::ASP::Compiles::_usr_web_www_samara_ru_editor_global_global_asa::_usr
_web_inc_dbi_inc
> Can't use string ("select level,rubric_id,parent_id") as a SCALAR ref
while "strict refs" in use at (eval 13) line 14.
, /usr/lib/perl5/site_perl/5.005/Apache/ASP.pm line 1142
Last 100 Bytes of Buffered Output
= 'Management site of www.samara.ru | Rubrics';
// -->
</script>
</head>
<body bgcolor=#9DFFFF>
ASP to Perl Program
1: package
Apache::ASP::Compiles::_usr_web_www_samara_ru_editor_global_global_asa; ;;
no strict; ;; use vars qw($Application $Session $Response $Server $Request);
;; sub
Apache::ASP::Compiles::_usr_web_www_samara_ru_editor_global_global_asa::_usr
_web_www_samara_ru_editor_data_index_shtmlxDYN { ;; return(1) unless
$_[0]; ;;
$Response->Include('/usr/web/www.samara.ru-editor/global/portal.inc', );
$Response->Write('
2: ');
3:
4: sub main_page {
5: my $err = shift;
6:
7: header ("Login - Password");
8: info_report ($err);
9:
10: $Response->Write('
11:
12: <strong>Management site of <a
href=http://www.samara.ru>www.samara.ru</a></strong>
13: <form action=index.shtml method=post>
14:
15: <table>
16: <tr>
17: <th>
18: Login:
19: </td>
20: <td>
21: <input type=text name=login tabindex=1
alue="'.( $Request->Cookies("login_name") ).'"><input type=submit
value=Enter tabindex=3>
22: </td>
23: </tr>
24: <tr>
25: <th>
26: Password:
27: </td>
28: <td>
29: <input type=password name=password tabindex=2>
30: </td>
31: </tr>
32: </table>
33:
34: </form>
35:
36: ');
37:
38: footer ();
39: $Response->End();
40: }
41:
42: if ($Request->Form("login")) {
43: my ($newsmaker_id,$password,$super);
44:
45: my $dbh = my_DBInitialize ();
46: my $sth_login = my_prepare (\$dbh,"select
portal.newsmakers.newsmaker_id,password,super from
portal.newsmakers,portal.divisions,portal.divisions_newsmakers where login =
? and portal.newsmakers.newsmaker_id =
portal.divisions_newsmakers.newsmaker_id and
portal.divisions_newsmakers.division_id = portal.divisions.division_id");
47: $sth_login->bind_param(1,$Request->Form("login"));
48: $sth_login->execute();
49: $sth_login->bind_columns(\($newsmaker_id,$password,$super));
50:
51: if ($sth_login->fetchrow_arrayref()) {
52: if ($password ne $Request->Form("password")) {
53: main_page ("Wrong password!");
54: } else {
55: $Response->Cookies("login_name", $Request->Form("login"));
56: $Response->Cookies("login_name",
"Expires",&HTTP::Date::time2str(time+366*86400));
57: $Response->Cookies("login", "id", $newsmaker_id);
58: $Response->Cookies("login", "super", $super) if ($super eq "y");
59:
60: $Response->Write('
61: <html>
62: <!-- frames -->
63: <frameset rows="60,*">
64: <frame name=Menu src="menu.shtml" scrolling="no" frameborder="0">
65: <frame name=Main src="test.shtml" scrolling="auto" frameborder="0">
66: </frameset>
67:
68: </html>
69: ');
70:
71: }
72: } else {
73: main_page ("User not found or you have not any rights!");
74: }
75: } else {
76: main_page ();
77: }
78:
79: ;; }
----------------------------------------------------------------------------
----
An error has occured with the Apache::ASP script just run. If you are the
developer working on this script, and cannot work through this problem,
please try researching the it at the Apache::ASP web site, specifically the
FAQ section. Failing that, check out your support options, and if necessary
include this debug output with any query.
----------------------------------------------------------------------------
----
After some refreshes - I got another output, which is not done by
index.shtml!
As you can see in debug output 'Last 100 Bytes of Buffered Output' is not
present in 'ASP to Perl Program' !
Because 'Last 100 bytes' - code of another script - divisions.shtml ! And
the same thing happens with all other scripts.
divisions.shtml shows code of rubrics.shtml and etc.
What you can say ?
----------------------------------------------
Sergey Polyakov (BeerBong)
Chief of Web Lab (http://www.mustdie.ru/~beerbong)
