RE: [Catalyst] long poll AJAX
Aha! My configuration was on Apache so that's why I wasn't seeing the same behavior. Good to know the --fork option I always assumed it was forking. Thanks, ALI MESDAQ Sr. Security Researcher WEBSENSE, INC. ph: +1.858.320.9466 fax: +1.858.784.4466 www.websense.com Websense TRITONT For Essential Information ProtectionT Web Security | Data Security | Email Security -Original Message- From: jeff robinson [mailto:jeffreyianrobin...@gmail.com] Sent: Tuesday, June 07, 2011 1:40 PM To: The elegant MVC web framework Subject: Re: [Catalyst] long poll AJAX Larry, You're a genius! That was it. Thanks so much - J On Tue, Jun 7, 2011 at 4:23 PM, Larry Leszczynski lar...@emailplus.org wrote: Hi Jeff - The problem seems to be a bottleneck in Catalyst, because as soon as the long poll completes all of the waiting status requests complete instantly as well. I had imagined that the threading on Catalyst would support the functionality I'm looking for. Just a guess... By any chance are you launching Catalyst by running the myapp_server.pl script? By default it starts up in single-threaded mode. You would need to add the --fork option to to make it fork a new process for each request. HTH, Larry ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ To report this as spam, please forward to s...@websense.com. Thank you. Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] What text editor to use?
Try the full version of Komodo. It understands tt files by default. It's been great to me the past few years. I can't imagine working in a heavy perl/catalyst environment without it. -Original Message- From: John M. Dlugosz [mailto:wxju46g...@snkmail.com] Sent: Wednesday, April 13, 2011 3:12 AM To: catalyst@lists.scsys.co.uk Subject: Re: [Catalyst] What text editor to use? I use Eclipse (EPIC) too with the Amateras HTML Editor to open .tt and .tt2 file extensions: Window - Preferences - General - Editors - File Associations OK, y'all have convinced me to try Eclipse next. I installed it on Windows x64, along with Amateras. Setting the association to tt and tt2 gives me some html tag highlighting, but I can't find any settings for adjusting it, or any instructions for Ameratas at all other than that it has many features. So, how do you turn on TT syntax support? ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ To report this as spam, please forward to s...@websense.com. Thank you. Protected by Websense Email Security Gateway - www.websense.com Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] AutoCrud suggestions
I am looking for suggestions of packages that do autocrud'ing. I have a very basic schema with 1 main table that I want to edit more than add anything to it. Ideally I would like to be able to filter based on various values and sort by values as well. I saw a bunch of packages that seemed like they can do this but before I go through each one and figure out which one is the best thought I would ask the group. ALI MESDAQ Sr. Security Researcher WEBSENSE, INC. ph: +1.858.320.9466 fax: +1.858.784.4466 www.websense.com Websense TRITON™ For Essential Information Protection™ Web Security | Data Security | Email Security Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] What text editor to use?
I have been using Komodo for years and its the best Perl editor I have found. Not just perl it understands everything I have thrown at it and has a lot of perl specific features. It also integrates into various source control management systems like svn, p4, git, etc. The only thing is that its not free but to me its well worth the money. Oh yeah and its cross platform. Aside from having to pay for the full version of the editor I cant think of a reason not to use it from a technical or feature perspective. List of a few features I find most useful - Visual Source code browser with list of funtions in heirarchy in all open files - Embedded perl/python/php/ruby interperter - Debug perl/python/php/ruby with break points and full inspection of variables - Remote debugging of perl applications - Regex Toolkit for quick regex development or quick extraction/cleanup of data - Import various JavaScript libraries like jquery and get auto complete and prototypes of functions - Visual notification of source control files that may be out of sync with depot The only downside I have noticed is in certian situations its really slow on linux boxes when switching tabs when many tabs are open but that problem has slowly been getting better with the newer releases. From: John M. Dlugosz [wxju46g...@snkmail.com] Sent: Wednesday, March 02, 2011 3:10 AM To: catalyst@lists.scsys.co.uk Subject: [Catalyst] What text editor to use? What's a good text editor to use for Catalyst/TT development? The editor I really like for C++ doesn't handle XML well. I've been using Notepad++ for windows, but the syntax highlighting doesn't understand mixing TT inside the base language, and it has tabs only instead of multiple visible windows. I would entertain both Windows and Linux solutions. TIA, --John ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ To report this as spam, please forward to s...@websense.com. Thank you. Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] What text editor to use?
Yeah the free version is disappointing and I would never recommend that version to anyone. There are plenty of other editors that are free with more features. However the full version should be fully customizable. It even supports xpi plugins so you can customize every aspect of the editor. Even without xpi plugins you can customize almost everything in the editor. Any specific customization you are looking to do? From: John M. Dlugosz [wxju46g...@snkmail.com] Sent: Thursday, March 03, 2011 8:11 AM To: catalyst@lists.scsys.co.uk Subject: Re: [Catalyst] What text editor to use? On 3/3/2011 9:24 AM, Cliff Green green-at-umdnj.edu |Catalyst/Allow to home| wrote: On 3/3/2011 9:27 AM, Mesdaq, Ali wrote: I have been using Komodo for years and its the best Perl editor I have found. I wondered if anyone was going to mention Komodo. FWIW, it looks like Ali is talking about KomodoIDE (which I also own), not the free KomodoEdit, which is fundamentally the same editor, sans source code management (svn, etc.). On the other hand, it does allow one to open and save files remotely (I use scp), which is convenient. I already checked out the free Komodo editor. It was quite disappointing. Basically no configuration possible. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ To report this as spam, please forward to s...@websense.com. Thank you. Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Ajax Problem.
I recommend testing this using Firefox with Firebug enabled so you can watch the AJAX request and you can also print to the console to see what your response looks like to make sure it’s what you’re expecting console.log(xmlhttp.responseText); document.getElementById(data).innerHTML=xmlhttp.responseText; Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.comhttp://www.websensesecuritylabs.com/ -- From: Rohan M [mailto:rohan7...@gmail.com] Sent: Wednesday, January 05, 2011 3:07 AM To: catalyst@lists.scsys.co.uk Subject: [Catalyst] Ajax Problem. Dear All, I want to use Ajax in my Catalyst application. Thing's that I've done till now : 1) Created a Javascript function on an event (onblur event) in my view (tt page). 2) Created xmlhttp object in that Javascript function. 3) Called the '/controller/action' path with parameters. 4) The Action subroutine searches database and puts results in the stash I could see, the things are working till the fourth step correctly. Now, how can I render the stash variables in the current tt page? Or Will I need to parse the entire content? Is there a better solution for this problem? Any help or similar (simple) example will be appreciable. CODE SNIPPET === function getDetails(id) { var param = id=+id; if (window.XMLHttpRequest) { xmlhttp=new XMLHttpRequest(); } else { xmlhttp=new ActiveXObject(Microsoft.XMLHTTP); } xmlhttp.open(GET,/indexer/getid/+?+param,true); // /controller/action url xmlhttp.send(); xmlhttp.onreadystatechange=function() { if (xmlhttp.readyState==4 xmlhttp.status==200) { document.getElementById(data).innerHTML=xmlhttp.responseText; // the element to render output } } show(); } === Thanks and regards, Rohan Click herehttps://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== to report this email as spam. Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] receiving form-elements in sequence...?
Looks like there is no method to do this from what I can tell but if you really needed to do it this way you could probably just de-serialize it yourself by looking at the raw content with $c-req-body http://search.cpan.org/~bobtfish/Catalyst-Runtime-5.80029/lib/Catalyst/Request.pm#$req-%3Ebody . But that’s probably way more work than doing some of the suggestions mentioned by others like having the position specifically set in the post. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.comhttp://www.websensesecuritylabs.com/ -- From: will trillich [mailto:will.trill...@serensoft.com] Sent: Monday, December 27, 2010 8:52 AM To: Catalyst Subject: [Catalyst] receiving form-elements in sequence...? Quick question: how do we determine the sequence of submitted form elements? Background: we've got several data-rows that we're going to let the user reorder via Javascript drag-and-drop. Looking in $c-req-params, being a hash, gives us all elements, but no clue as to which item is first, which is next, which is last. So in case the opening line above isn't quite the right question, how do we submit a new sequence of rows via $c-req? This is probably a simple one, but we haven't found the $c-req-[sequenced-form-items] method yet (gotta be available via Catalyst::Request, I hope). Pointers gladly welcomed. Thanks! -- Failure is not important. How you overcome it, is. -- Nick Vujicic Click herehttps://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== to report this email as spam. Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Overriding Catalyst::View::TT WRAPPER
Worked like a charm. I agree that this is a cleaner way as well. However it might be useful if we had the ability to override added to catalyst something like $c-stash ( WRAPPER = undef, template = 'src/mypage.tt2', ); Or something along those lines. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.comhttp://www.websensesecuritylabs.com/ -- From: Hernan Lopes [mailto:hernanlo...@gmail.com] Sent: Monday, November 29, 2010 6:38 PM To: The elegant MVC web framework Subject: Re: [Catalyst] Overriding Catalyst::View::TT WRAPPER I personally think that [% IF no_wrapper %] etc is not clean enough so i would create a new view and call it View::NoWrapper then you can set $c-stash( current_view = 'NoWrapper', template = 'src/mypage.html', ); and then, you will need to set a wrapper.tthttp://wrapper.tt. But you can choose to leave it with [% content %] only, or add some html headers.. or whatever you need. --Hernan On Mon, Nov 29, 2010 at 11:27 PM, Sam Kaufman samuel.c.kauf...@gmail.commailto:samuel.c.kauf...@gmail.com wrote: I've found the easiest way is to have some logic in your wrapper: something like this: [% IF no_wrapper; content; ELSE; content WRAPPER site/html + site/layout; END; %] so $c-stash(no_wrapper = 1) and it won't be wrapped. -Sam On Mon, Nov 29, 2010 at 8:16 PM, Mesdaq, Ali ames...@websense.commailto:ames...@websense.com wrote: Hey Everyone, Got a question about how I can override my application's TT wrapper. The closest thing I found was http://search.cpan.org/~abraxxa/Catalyst-View-TT-0.36/lib/Catalyst/View/TT.pm#CONFIGURATIONhttp://search.cpan.org/%7Eabraxxa/Catalyst-View-TT-0.36/lib/Catalyst/View/TT.pm#CONFIGURATION . But what I am trying to do is basically have the wrapper turned off for a specific public method where I will create a new TT file that I want used without it being wrapped. Thanks, ALI MESDAQ Sr. Security Researcher WEBSENSE, INC. ph: +1.858.320.9466 fax: +1.858.784.4466 www.websense.comhttp://www.websense.com Websense TRITON™ For Essential Information Protection™ Web Security | Data Security | Email Security Protected by Websense Hosted Email Security -- www.websense.comhttp://www.websense.com ___ List: Catalyst@lists.scsys.co.ukmailto:Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.ukmailto:Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Click herehttps://www.mailcontrol.com/sr/OB1FpLCS0LfTndxI!oX7Uq23VvDsoYOLJDLGjbmvrfd1rOoY61cT!pyvbRRINjeCKhZ27KkX4EHX9jTmmkEZ8A== to report this email as spam. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Overriding Catalyst::View::TT WRAPPER
Hey Everyone, Got a question about how I can override my application's TT wrapper. The closest thing I found was http://search.cpan.org/~abraxxa/Catalyst-View-TT-0.36/lib/Catalyst/View/TT.pm#CONFIGURATION . But what I am trying to do is basically have the wrapper turned off for a specific public method where I will create a new TT file that I want used without it being wrapped. Thanks, ALI MESDAQ Sr. Security Researcher WEBSENSE, INC. ph: +1.858.320.9466 fax: +1.858.784.4466 www.websense.com Websense TRITON™ For Essential Information Protection™ Web Security | Data Security | Email Security Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Weird error with View::JSON
Hey all, I am getting a weird error when I start/restart my catalyst server. The error does not seem to be stopping anything from working from what I can tell. This is the error: Tried to write to the catalyst_component_name accessor - is your component broken or just mad? (Write ignored - using default value.) at /usr/local/share/perl/5.10.0/Catalyst/Component.pm line 72 Class::MOP::Class:::around('CODE(0xad23638)', 'web::View::JSON=HASH(0xb909088)', 'web::View::JSON') called at /usr/local/lib/perl/5.10.0/Class/MOP/Method/Wrapped.pm line 159 Class::MOP::Method::Wrapped::__ANON__('web::View::JSON=HASH(0xb909088)', 'web::View::JSON') called at /usr/local/lib/perl/5.10.0/Class/MOP/Method/Wrapped.pm line 89 Catalyst::Component::catalyst_component_name('web::View::JSON=HASH(0xb909088)', 'web::View::JSON') called at /usr/share/perl5/Catalyst/View/JSON.pm line 19 Catalyst::View::JSON::new('web::View::JSON', 'web', 'HASH(0xaef5488)') called at /usr/local/share/perl/5.10.0/Catalyst/Component.pm line 110 Catalyst::Component::COMPONENT('web::View::JSON', 'web', 'HASH(0xaef5488)') called at /usr/local/share/perl/5.10.0/Catalyst.pm line 2328 eval {...} called at /usr/local/share/perl/5.10.0/Catalyst.pm line 2328 Catalyst::setup_component('web', 'web::View::JSON') called at /usr/local/share/perl/5.10.0/Catalyst.pm line 2242 Catalyst::setup_components('web') called at /usr/local/share/perl/5.10.0/Catalyst.pm line 1125 Catalyst::setup('web') called at /SecTech/trunk/job/tests/tatooine/web/script/../lib/web.pm line 61 require web.pm called at script/web_server.pl line 66 main::__ANON__() called at /usr/local/share/perl/5.10.0/Catalyst/Restarter/Forking.pm line 20 Catalyst::Restarter::Forking::_fork_and_start('Catalyst::Restarter::Forking=HASH(0xaee37d8)') called at /usr/local/share/perl/5.10.0/Catalyst/Restarter.pm line 68 Catalyst::Restarter::run_and_watch('Catalyst::Restarter::Forking=HASH(0xaee37d8)') called at script/web_server.pl line 104 Any ideas or pointers would be appreciated. Thanks, ALI MESDAQ Sr. Security Researcher WEBSENSE, INC. ph: +1.858.320.9466 fax: +1.858.784.4466 www.websense.com Websense TRITON™ For Essential Information Protection™ Web Security | Data Security | Email Security Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Weird error with View::JSON
package web::View::JSON; use strict; use warnings; use parent 'Catalyst::View::JSON'; 1; Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.comhttp://www.websensesecuritylabs.com/ -- From: Devin Austin [mailto:devin.aus...@gmail.com] Sent: Tuesday, September 07, 2010 10:52 AM To: The elegant MVC web framework Subject: Re: [Catalyst] Weird error with View::JSON On Tue, Sep 7, 2010 at 10:42 AM, Mesdaq, Ali ames...@websense.commailto:ames...@websense.com wrote: Hey all, I am getting a weird error when I start/restart my catalyst server. The error does not seem to be stopping anything from working from what I can tell. This is the error: Tried to write to the catalyst_component_name accessor - is your component broken or just mad? (Write ignored - using default value.) at /usr/local/share/perl/5.10.0/Catalyst/Component.pm line 72 Class::MOP::Class:::around('CODE(0xad23638)', 'web::View::JSON=HASH(0xb909088)', 'web::View::JSON') called at /usr/local/lib/perl/5.10.0/Class/MOP/Method/Wrapped.pm line 159 Class::MOP::Method::Wrapped::__ANON__('web::View::JSON=HASH(0xb909088)', 'web::View::JSON') called at /usr/local/lib/perl/5.10.0/Class/MOP/Method/Wrapped.pm line 89 Catalyst::Component::catalyst_component_name('web::View::JSON=HASH(0xb909088)', 'web::View::JSON') called at /usr/share/perl5/Catalyst/View/JSON.pm line 19 Catalyst::View::JSON::new('web::View::JSON', 'web', 'HASH(0xaef5488)') called at /usr/local/share/perl/5.10.0/Catalyst/Component.pm line 110 Catalyst::Component::COMPONENT('web::View::JSON', 'web', 'HASH(0xaef5488)') called at /usr/local/share/perl/5.10.0/Catalyst.pm line 2328 eval {...} called at /usr/local/share/perl/5.10.0/Catalyst.pm line 2328 Catalyst::setup_component('web', 'web::View::JSON') called at /usr/local/share/perl/5.10.0/Catalyst.pm line 2242 Catalyst::setup_components('web') called at /usr/local/share/perl/5.10.0/Catalyst.pm line 1125 Catalyst::setup('web') called at /SecTech/trunk/job/tests/tatooine/web/script/../lib/web.pmhttp://web.pm line 61 require web.pmhttp://web.pm called at script/web_server.plhttp://web_server.pl line 66 main::__ANON__() called at /usr/local/share/perl/5.10.0/Catalyst/Restarter/Forking.pm line 20 Catalyst::Restarter::Forking::_fork_and_start('Catalyst::Restarter::Forking=HASH(0xaee37d8)') called at /usr/local/share/perl/5.10.0/Catalyst/Restarter.pm line 68 Catalyst::Restarter::run_and_watch('Catalyst::Restarter::Forking=HASH(0xaee37d8)') called at script/web_server.plhttp://web_server.pl line 104 Any ideas or pointers would be appreciated. Thanks, ALI MESDAQ Sr. Security Researcher WEBSENSE, INC. ph: +1.858.320.9466 fax: +1.858.784.4466 www.websense.comhttp://www.websense.com Websense TRITON™ For Essential Information Protection™ Web Security | Data Security | Email Security Protected by Websense Hosted Email Security -- www.websense.comhttp://www.websense.com ___ List: Catalyst@lists.scsys.co.ukmailto:Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ What does your View::JSON look like? -- Devin Austin http://www.codedright.net 9702906669 - Cell Click herehttps://www.mailcontrol.com/sr/uwu5ZR6jAdzTndxI!oX7Uo9cpkuWnNqk7GcA6uNfeErgFbgbcUk1OE5w7THqwvWcvLNars4x0jXX9jTmmkEZ8A== to report this email as spam. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Alternatives to Catalyst ?
I'm sure the developers are open to hearing your ideas for optimization and performance improvements. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Oleg Pronin [mailto:syber@gmail.com] Sent: Wednesday, April 21, 2010 9:30 AM To: The elegant MVC web framework Subject: [Catalyst] Alternatives to Catalyst ? This was the last shot for me at dealing with catalyst. Catalyst is very perfomance-optimized system and it never stops me wondering timethese(-1, { sep = sub { $req-param('lang') }, all = sub { $req-params-{lang} }, par = sub { $req-parameters-{lang} }, low = sub { $req-{parameters}{lang} }, }); Benchmark: running all, low, par, sep for at least 1 CPU seconds... all: 1 wallclock secs ( 1.06 usr + 0.00 sys = 1.06 CPU) @ 74016.94/s (n=78643) low: 1 wallclock secs ( 1.09 usr + 0.00 sys = 1.09 CPU) @ 3816940.66/s (n=4144959) par: 2 wallclock secs ( 1.12 usr + 0.00 sys = 1.12 CPU) @ 75281.78/s (n=84692) sep: 1 wallclock secs ( 1.02 usr + 0.00 sys = 1.02 CPU) @ 24448.98/s (n=25022) 1) Getting all params 3x faster than only one 2) Getting $req-{parameters}{lang} 150x faster than $req-param('lang') Guys, is Catalyst a senior system ? I think that creator of Moose, and some similar shit is in cooperation with hardware manufactorers :-) The more CPU spent - the more hardware bought. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Views and escaping HTML
Actually I was not aware of built-in | html escaping. Where is the documentation for that? Or better yet where exactly is that built-in? Is that a catalyst method or TT? Now the authors question makes A LOT more sense. I guess I must be doing things the 1999 way. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: J. Shirley [mailto:jshir...@gmail.com] Sent: Thursday, April 01, 2010 10:35 AM To: The elegant MVC web framework Subject: Re: [Catalyst] Views and escaping HTML On Thu, Apr 1, 2010 at 10:27 AM, Mesdaq, Ali ames...@websense.com wrote: You prefer global escaping to escaping in the template? I use the TT plugin for escaping [% USE HTML %] [% HTML.escape(needs.escaping) %] An idea that might work for you would be if you structure your data in the stash and create your templates generically looking for data in specific stash locations you could accomplish what you want with very little work (potentially) something like: [% USE HTML %] title[% data.title %]/title h1[% HTML.escape(data.escape.something) %]/h1 Not sure if that would work for you Why would you use the HTML plugin rather than just the built-in | html and | uri filters? The HTML plugin gives you HTML generation, using it for filtering seems redundant. PS., adding a template_class would be great... I'd love to have global escaping in a few apps. -J ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] using uri_for to parsing parameters
“so how do I parse the $book_id if I don't want to hard code the URL.” I am a little confused by that statement. What do you mean parse $book_id you already know the book_id. Are you basically trying to redirect the user back to the URL they came from? Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.comhttp://www.websensesecuritylabs.com/ -- From: nhyda [mailto:nhydanh...@gmail.com] Sent: Thursday, March 18, 2010 9:38 AM To: Catalyst@lists.scsys.co.uk Subject: [Catalyst] using uri_for to parsing parameters I don't know whether someone has asked it yet. here is my situation. I have an action find that take one argument of book id and I have another action author that chained to find so in practice I use /find/1/author to list all the authors of book 1. now I want to capture the book id use form but still use the action find and author so in action form_do, I use $c-response-redirect($c-uri_for(/find/$book_id/author)); but I have learned that $c-uri_for($self-action_for('author')*** should be a better approach. so how do I parse the $book_id if I don't want to hard code the URL. Thank you very much. Click herehttps://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== to report this email as spam. Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Best practices: XML output from static XML
Maybe I am missing something but why is a view needed? If you are serving up a static file and its xml why don’t you just serve that file statically based on path? Is the header content-type not getting set properly for that file? Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.comhttp://www.websensesecuritylabs.com/ -- From: David [mailto:oldskif...@yahoo.es] Sent: Friday, March 05, 2010 5:10 AM To: catalyst@lists.scsys.co.uk Subject: [Catalyst] Best practices: XML output from static XML Hi, I need to generate an XML output (Content-type: application/xml), but this XML output is the XML content which is stored in an XML file. I don't need to dinamically generate this XML content. I have searched in google but I don't find any catalyst view module for managing this case. I don't know if exists any module for generating XML output from a static file as, for example, Catalyst::View::XSLT module (http://search.cpan.org/~janus/Catalyst-View-XSLT-0.08/lib/Catalyst/View/XSLT.pmhttp://search.cpan.org/%7Ejanus/Catalyst-View-XSLT-0.08/lib/Catalyst/View/XSLT.pm) does. That is, generate an output from a static file, in this case, an XML output. I am not finding much information about designing your own views in Catalyst, or at least, I don't see much flexibility. All examples I have found need to be generated, through the helper view, with TT template or any other templates. Is it possible to create your own view, with no template, and for example, in my case, read the output from a static file and send this output to the client? (I don't know exactly how Views works in Catalyst, though I have already read Catalyst tutorial and cookbook) Thanks in advanced, David Click herehttps://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== to report this email as spam. Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Best practices: XML output from static XML
To me this sounds like it’s the same issue as serving static images you wouldn’t create a view for that unless you need to wrap it around some application logic. Or at least that’s what it sounds like to me based on the information provided. We could take the MVC concept really far and say that static files need to have a filesystem Model with Controller logic for finding the files and each have their own View for each filetype. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.comhttp://www.websensesecuritylabs.com/ -- From: David [mailto:oldskif...@yahoo.es] Sent: Friday, March 05, 2010 10:49 AM To: The elegant MVC web framework Subject: Re: [Catalyst] Best practices: XML output from static XML Well, as Catalyst works under MVC model, I thought that a best practice would be to use a view module although in this case, obiously, the view task is insignificant. David De: Mesdaq, Ali ames...@websense.com Para: The elegant MVC web framework catalyst@lists.scsys.co.uk Enviado: vie,5 marzo, 2010 19:04 Asunto: RE: [Catalyst] Best practices: XML output from static XML Maybe I am missing something but why is a view needed? If you are serving up a static file and its xml why don’t you just serve that file statically based on path? Is the header content-type not getting set properly for that file? Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.comhttp://www.websensesecuritylabs.com/ -- From: David [mailto:oldskif...@yahoo.es] Sent: Friday, March 05, 2010 5:10 AM To: catalyst@lists.scsys.co.uk Subject: [Catalyst] Best practices: XML output from static XML Hi, I need to generate an XML output (Content-type: application/xml), but this XML output is the XML content which is stored in an XML file. I don't need to dinamically generate this XML content. I have searched in google but I don't find any catalyst view module for managing this case. I don't know if exists any module for generating XML output from a static file as, for example, Catalyst::View::XSLT module (http://search.cpan.org/~janus/Catalyst-View-XSLT-0.08/lib/Catalyst/View/XSLT.pmhttp://search.cpan.org/%7Ejanus/Catalyst-View-XSLT-0.08/lib/Catalyst/View/XSLT.pm) does. That is, generate an output from a static file, in this case, an XML output. I am not finding much information about designing your own views in Catalyst, or at least, I don't see much flexibility. All examples I have found need to be generated, through the helper view, with TT template or any other templates. Is it possible to create your own view, with no template, and for example, in my case, read the output from a static file and send this output to the client? (I don't know exactly how Views works in Catalyst, though I have already read Catalyst tutorial and cookbook) Thanks in advanced, David Click herehttps://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== to report this email as spam. Protected by Websense Hosted Email Security — www.websense.comhttp://www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Best practices: XML output from static XML
Catalyst to serve a static file (which would only make sense if there *is* application logic) putting this in a View would be the Right Way. Yes my point exactly. That’s why I was comparing it to serving static image files and how it's similar to this situation because there seems to be no application logic at all needed for this example so putting it in a view just to follow the design pattern does not make sense to me. That’s why I gave the previous example as an example of overkilling with the design pattern where it really serves no purpose. I completely agree that it makes much more sense to leverage the webserver for dealing with static files when necessary/possible. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: J. Shirley [mailto:jshir...@gmail.com] Sent: Friday, March 05, 2010 12:20 PM To: The elegant MVC web framework Subject: Re: [Catalyst] Best practices: XML output from static XML On Fri, Mar 5, 2010 at 11:31 AM, Mesdaq, Ali ames...@websense.com wrote: To me this sounds like it’s the same issue as serving static images you wouldn’t create a view for that unless you need to wrap it around some application logic. Or at least that’s what it sounds like to me based on the information provided. We could take the MVC concept really far and say that static files need to have a filesystem Model with Controller logic for finding the files and each have their own View for each filetype. I would say that putting it into a view allows a greater degree of future-proof and foresight. Putting it into the controller would work fine, up until you need to serve another static file (or a different file), or add an access control layer, or switch to use sendfile, or switch to start serving from something like MogileFS. If you put it all the above in one method, why put it in a controller rather than a view? In all of what you said you haven't actually said what is wrong with using a view. I would certainly recommend that serving static files would be done by the webserver and render this moot. However, if you want to use Catalyst to serve a static file (which would only make sense if there *is* application logic) putting this in a View would be the Right Way. -Jay ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] determine MIME type of binary Webservice result?
To do in memory matches I use File::LibMagic on ubuntu box with the latest lib magic library installed. my $libm = File::LibMagic-new(); my $mtype = $libm-checktype_contents($content); There is also a method for getting Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: William Wueppelmann [mailto:william.wueppelm...@canadiana.ca] Sent: Tuesday, January 19, 2010 6:39 AM To: The elegant MVC web framework Subject: Re: [Catalyst] determine MIME type of binary Webservice result? On 2010-01-19, at 9:21 AM, Jens Schwarz wrote: Hi, in my Catalyst application I use Webservices to connect to SAP. One of these returns binary data (right now base64-encoded XML, later also PDF). Is it possible to determine the MIME type of those returned (sub)strings? If so, how? Thanks Jens -- Preisknaller: GMX DSL Flatrate für nur 16,99 Euro/mtl.! http://portal.gmx.net/de/go/dsl02 ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ I am using File::MimeInfo::Magic to determine MIME types for uploaded files. I haven't tried to use it with in-memory strings as opposed to on-disk files, but the docs for File::MimeInfo say that this is doable. -William ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] website member urls
Couldn’t you do something with the default method in the root controller? So similar to what others suggested except you would modify the default method so that if the user doesn’t exist you can 404 and have some kind of message. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.comhttp://www.websensesecuritylabs.com/ -- From: Charles [mailto:cshtr...@yahoo.com] Sent: Wednesday, April 29, 2009 1:23 PM To: Catalyst@lists.scsys.co.uk Subject: [Catalyst] website member urls I'd like someone w/ better catalyst-fu to recommend how I could implement urls for members a la myspace and youtube ( ie http://websiteurl.com/membername ) . There's got to be a better way that creating a seperate controller for each user. perl 5.9 catalyst-runtime 5.71 Click herehttps://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== to report this email as spam. Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Catalyst-Ajax-Mochikit - followed tute but am stuck. Cannot show values in view(webpage)
Hello, I am the one who wrote that article sorry if it wasn’t clear enough to help you out here. Looking at the code you pasted I see a few places where I think the issue might be. In your subscriptions_quote.js file you don’t have the price element defined like in my example. What you need is a reference to the element and you don’t have one. So add something like var price = getElement('price'); right under your var check_price = getElement('check_price');. That will give you a reference to that element that you will need when you call replaceChildNodes later. Also a minor change you could add is change p_txt = P({'style':'display:none'}, resp.data.price); to var p_txt = P({'style':'display:none'}, resp.data.price);. One of the debugging steps you can take with firebug is to actually watch the DOM get updated. If you right click somewhere on the page that’s close to where your price data will be displayed you can select Inspect Element then navigate to where the element will be created. Its possible that the element gets added to the DOM but you have an issue with the appear() function so it never displays even though its been inserted with the replaceChildNodes() that has happened to me many times before. Also after you do var p_txt = P({'style':'display:none'}, resp.data.price); I would do a console.log(p_txt); Just to dump that DOM element and make sure its being created correctly with the correct data as well as the correct attributes. You might even want to not have it be set to display none so that you can take the whole visual affect issues out of the debugging. Please let me know if this helps I am very interested in making sure the issue is resolved based on the instructions I gave in the tutorial instead of other work arounds. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: kakim...@tpg.com.au [mailto:kakim...@tpg.com.au] Sent: Sunday, April 12, 2009 8:50 PM To: The elegant MVC web framework Subject: [Catalyst] Catalyst-Ajax-Mochikit - followed tute but am stuck. Cannot show values in view(webpage) hi everybody :) Referring to http://www.catalystframework.org/calendar/2008/24, I have made a small change to my app and tried developing it with AJAX. What's successful: = *) managed to make a call to my controller - i put in a $c-log-debug( ... ) statement and saw that come up fine What I have done to check: = *) Used Firebug on firefox to check the returned object. Looks good in that it has = 1) 'status'='Successful' 2) 'data' hash ref which even has 'price' = 'the value i expected'. How do I actually get the value (which is the 'price' attribute to display)? Point of problem: addCallBack method in my javascript file. Where an I stuck: = *) can't seem to display values returned from JSON be it via span or a html table. All I wanted to do was to get my controller to pass out a 'price' value. here are my files: the only template, 'form.tt2' -- span class=error id=error ul [% FOREACH error IN errors %] li[% error %]/li [% END %] /ul /span hr/ [% END %] form method=post action=[% target_action %] id=agent_subscription_form name=agent_subscription_form table border=0 cellspacing=3 tr td valign=top insurance duration: /td td valign=top input type=text id=duration name = duration/ /td /tr tr td valign=top Price /td td valign=top span class=price id=price/span input type=button id=check_price name=check_price value=check price/ script type=text/javascript src=[% Catalyst.uri_for('/js/subscriptions_quote.js') %]/script /td /tr /table /form the javascript, subscriptions_quote.js
RE: [Catalyst] Thoughts On GeoIP Modules?
I have used it pretty heavily in the past and been happy with it. I am not sure if the geo-location stuff in the way you want to use it will be successful however since I have not used it for those purposes. So the problem your experiencing is what exactly? Automated signups or manual signups that get abused in other ways? -Original Message- From: Andy Dorman [mailto:ador...@ironicdesign.com] Sent: Tuesday, March 10, 2009 7:08 AM To: The elegant MVC web framework Subject: [Catalyst] Thoughts On GeoIP Modules? We have several signup web sites using Catalyst. Recently we have realized we are going to have to limit signups by geographical region to help limit abuse. Captchas (we use and love reCaptcha) and other heuristics just do not seem to be sufficient. Does anyone on the list have any experience with open source options in the way of GeoIP modules? We are looking at MaxMind GeoIP (http://sourceforge.net/projects/geoip/) at the moment. Any prior experiences from this group with any product out there would be welcome. We will be happy to report our success (or lack of) back to the group as soon as we know something. Thank you, -- Andy Dorman Ironic Design, Inc. AnteSpam.com, HomeFreeMail.com, ComeHome.net ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Catalyst - any good AJAX tutes?
Not sure if this is even relevant anymore to this discussion but maybe this will help http://www.catalystframework.org/calendar/2008/24 -Original Message- From: kakim...@tpg.com.au [mailto:kakim...@tpg.com.au] Sent: Thursday, March 05, 2009 9:44 PM To: The elegant MVC web framework Subject: [Catalyst] Catalyst - any good AJAX tutes? hello there, I would like to use AJAX in my catalyst app. Any good references/tutes to recommend? thanks. K. akimoto ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Example of a simple repeatable field and button
Might help might be overkill http://www.catalystframework.org/calendar/2008/24 -Original Message- From: Florent Angly [mailto:florent.an...@gmail.com] Sent: Tuesday, March 10, 2009 2:55 PM To: The elegant MVC web framework Subject: [Catalyst] Example of a simple repeatable field and button Hi list, I have created a small Catalyst webapp that uses a form that is based on a FormFu YML configuration file. I would like to have some repeatable fields, along with a button to click in order generate more of these fields on the fly. I have read the Catalyst tutorial, the FormFu documentation, and I have some basic repeatable fields, but I seem to have problem with the logic of how to generate more repetitions of these fields from the webinterface. I don't even know if using a button is the most elegant, recommended way. So... if someone could post a simple example of that, it would be great! Thanks, Florent ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] One App, multiple databases
Are these db's exact copies as far as schema from each other? Or is it different tables and structure as well? Reason I am asking is because if its exactly the same and all your queries work the same and your logic works the same as well and the only difference is if user1 is connected then connect to one schema and if user2 is connected connect to another schema you might be able to more cleanly determine the db in your controller code. You would also then create a model for each user. This would give you granular control over if the user db's ever move or if you need to configure specific connection data per users db like different user accounts and passwords etc. So instead of something like: $c-model('DB::Blah')-all You could do: $c-model($user:Blah)-all But I think knowing a little more about your exact situation might help understand the issue more. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Jose Luis Martinez [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 19, 2008 9:54 AM To: The elegant MVC web framework Subject: [Catalyst] One App, multiple databases Hello, This question has been asked a couple of times on the list, and I have found yet another solution to it, but I would like to hear if maybe I'm doing something wrong, or I will suffer serious pain by doing it my way :) We have an app that will connect to one database or another depending on the logged in user. My solution: package App::Model::DB; use strict; use base 'Catalyst::Model::DBIC::Schema'; ... sub ACCEPT_CONTEXT { my ($self, $c) = @_; my $user_db = $c-lookup_the_users_db(); $self-config-{'connect_info'}-[0] =~ s/#DATABASE#/$user_db/; $self-schema-connection(@{$self-config-{'connect_info'}}); return $self; } 1; I've done the same with Catalyst::Model::DBI: package App::Model::AnotherDB; use strict; use base 'Catalyst::Model::DBI'; sub ACCEPT_CONTEXT { my ($self, $c) = @_; my $user_db = $c-lookup_the_users_db(); $self-{'dsn'} =~ s/#DATABASE#/$user_db/; return $self; } 1; And the two seem to be working OK, but I'm worried about what will happen when we fire it up in a FastCGI environment (I suspect the connection to user1's database will be kept live, and the next user will get the connection to it). Am I right? Any pointers? Does this way of using the models trigger any warning lights to Catalyst gurus? Thanks in advance, Jose Luis Martinez [EMAIL PROTECTED] ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] [META] Advent calendar
I volunteer to write an article on Catalyst + Mochikit + JSON to build AJAX Web Apps. I can probably only do a simple example to get people started don’t have enough free time to write an in-depth article. If any of the Advent Calendar organizers want me to write it just contact me and we can discuss an outline to make sure its covering what we want. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Kieren Diment [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 04, 2008 9:48 PM To: The elegant MVC web framework Subject: Re: [Catalyst] [META] Advent calendar On Tue, Nov 04, 2008 at 04:19:38PM -0600, Jonathan Rockway wrote: * On Tue, Nov 04 2008, Dermot wrote: Is there going to be an advent calendar for this year? Sure, why not? It's been in planning for a while. http://dev.catalyst.perl.org/wiki/advent08plan Please feel free to add suggestions as they arise. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Hosted Email Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] A suitable method to redraw a page
I think ajax would be your friend here. You could just make an ajax call to some function to check the status of the file copies and then update the DOM directly instead of refreshing the whole page. Or the actual call to start the copy can be made via ajax instead of the call to check the status that way your js code for that page can call the copy file function on the server sequentially for each file and update the page in a loop. There are a lot of ways to do this. You might even want to look into having a background process launched to do the actual copy so you don’t run into http timeout issues and just have your controllers start and check the copy process. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Dermot [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 23, 2008 3:53 AM To: The elegant MVC web framework Subject: [Catalyst] A suitable method to redraw a page Hi, I have a controller who's job is to copy some files (4-6). These files can be quite big and the time it takes has been causing what looks like timeouts on the server. [Tue Sep 23 09:48:55 2008] [error] [client x.x.x.x] FastCGI: comm with server /var/www/MyApp/script/motion_fastcgi.pl aborted: idle timeout (30 sec), referer: http://somehost/cgi-bin/doit.cgi [Tue Sep 23 09:48:55 2008] [error] [client x.x.x.x] FastCGI: incomplete headers (0 bytes) received from server /var/www/MyApp/script/myapp_fastcgi.pl I could increase the timeout period on the httpd daemon. I thought a more elegant solution would be to present a page with the results for each file after it's copied that is updated with the status of each copied file. So the same window refreshes and the next file is listed with the copy status. I have achieved this in the past (CGI) by putting a form on the page and using javascript/onload/submit while items 1. It's a bit of a hack but it works. Is there a method within Catalyst that might help me reach my goal? Something akin to Chained perhaps. Alternatively can I loop through the list of files and $c-{template} = 'files/rename.tt2'. My experiments haven't been successful. I get the whole page of results. Is there something like $c-forward that I should be using here? Here an abridged versions of the controller. sub rename : Local { my ($self, $c) = @_; die if ($c-request-param('id') !~ /\d+/); my $list = getFilesBySubID($c, $c-request-param('id')); my @moved; foreach my $file ( @{$list} ) { my $source = $file-path; my $type = getFileTypeFromName(basename($file-path)); my %state = ( 'id' = $c-request-param('id'), 'source' = $file-path, 'distin' = undef, ); my $path = getPathFromNumber($c-request-param('splnumber'), $type); my $x = copy($source,$path) or warn Cannot copy $source to $path: $!\n; $state{'success'} = $x; $state{'distin'} = $path; } else { $state{'success'} = 0; } push(@moved, \%state); $c-stash-{moved} = [EMAIL PROTECTED]; $c-stash-{template} = 'files/rename.tt2'; } } I hope this makes sense :-/. Any advice would be appreciated. Thanx, Dp. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Help! Need help deploying app to Apache
Did you try also looking at the apache error log? Might have useful information in there about file paths or permissions Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Sr. Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: sardaukar_siet [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2008 9:47 AM To: catalyst@lists.scsys.co.uk Subject: [Catalyst] Help! Need help deploying app to Apache Hello all. I have a Catalyst app running fine with the _server.pl script, but trying to deploy it with mod_perl for Apache 2 has proven itself impossible... %-| Here is the file I include at the end of my httpd.conf: - PerlOptions +GlobalRequest PerlSwitches -I/home/LookingGlass/LookingGlass/lib/ PerlSwitches -I/home/LookingGlass/LookingGlass/lib/Net PerlModule LookingGlass Location / SetHandler modperl PerlResponseHandler LookingGlass /Location VirtualHost * DocumentRoot /home/LookingGlass/LookingGlass/lib/ Directory / Options FollowSymLinks AllowOverride None /Directory Directory /home/LookingGlass/LookingGlass/root/src/ Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all /Directory ErrorLog /var/log/httpd/LookingGlass_error.log LogLevel warn CustomLog /var/log/httpd/LookingGlass_access.log combined ServerSignature On /VirtualHost - And here is a typical error msg when going to https://localhost/: - Request bless({ action = index, address = 10.137.9.24, arguments= [], base = bless(do{\(my $o = https://lgdeploy/;)}, URI::https), body_parameters = {}, captures = [], cookies = { lookingglass_session = bless({ name = lookingglass_session, path = /, value = [e56ac9d37cac79e47e1c6de681dc67313b0da6e0], }, CGI::Simple::Cookie), }, headers = bless({ accept = text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8, accept-charset = ISO-8859-1,utf-8;q=0.7,*;q=0.7, accept-encoding = gzip,deflate, accept-language = en-us,en;q=0.5, connection = keep-alive, cookie = lookingglass_session=e56ac9d37cac79e47e1c6de681dc67313b0da6e0, host = lgdeploy, keep-alive = 300, user-agent = Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1, }, HTTP::Headers), hostname = undef, match= , method = GET, parameters = {}, path = , protocol = HTTP/1.1, query_parameters = {}, secure = 1, uploads = {}, uri = bless(do{\(my $o = https://lgdeploy/;)}, URI::https), user = undef, }, Catalyst::Request) Response bless({ body= , cookies = {}, headers = bless({ content-type = text/html; charset=utf-8, x-catalyst = 5.7014, }, HTTP::Headers), status = 200, }, Catalyst::Response) Stash {} Config do { my $a = { Plugin::Authentication = {}, Plugin::ConfigLoader = {}, debug = { ignore_classes = [ DBIx::Class::ResultSource::Table, DBIx::Class::ResultSourceHandle, DateTime, ], scrubber_func = sub { ??? }, }, form = {}, home = /home/LookingGlass/LookingGlass, name = LookingGlass, root = bless({ dirs = [, home, LookingGlass, LookingGlass, root], file_spec_class = undef, volume = , }, Path::Class::Dir), session = { cookie_name= lookingglass_session, expires= 7200, namespace = , storage= /tmp/lookingglass/session/data, verify_address = 0, }, static = { debug = 1, dirs = [], ignore_dirs = [], ignore_extensions = [tmpl, tt, tt2, html, xhtml], include_path = ['fix'], mime_types = {}, mime_types_obj = bless({}, MIME::Types), no_logs = 1, }, }; $a-{static}{include_path}[0] = $a-{root}; $a; } Session ID
RE: [Catalyst] XPath, DOM problem
I agree. Using XML::LibXML and the built in xpath queries would be a much better option. Also you probably definitely want to just pass a data structure to your template that is better suited for processing i.e. plain array or array of hash of name value pairs. Another option if your xml is structured a certain way you can just use xslt to transform the xml into the html or whatever you need and bypass processing it to process it again for display. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Jonathan Rockway [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2008 2:04 PM To: The elegant MVC web framework Subject: Re: [Catalyst] XPath, DOM problem * On Tue, Jul 08 2008, Herr Verdieck Götz wrote: Hi, I try to generate a site content menu from a xml file. In my TT file I have the following syntax: [% # USE prod_tree = XML.Simple('config/xml/hele_de_tree.xml'); # OK this works USE xpath = XML.XPath('config/xml/hele_de_tree.xml'); # ERROR #USE dom = XML.DOM; #prod_tree = dom.parse('config/xml/sitemap.xml'); # ERROR -%] BTW, XML::LibXML is a much nicer library for doing anything related to XML in Perl. Using anything else is slightly crazy ;) Regards, Jonathan Rockway -- print just = another = perl = hacker = if $,=$ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Dbix-class] Re: [Catalyst] untainting utf8 text for db
No escape sequence should get through if you reject any characters outside of the allowed characters. For example you could just reject the input and prompt for another input if this regex matches (?:[^a-zA-Z0-9 _]+) So escape sequences shouldn't affect this test. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Daniel McBrearty [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 11:07 PM To: The elegant MVC web framework Cc: DBIx::Class user and developer list Subject: [Dbix-class] Re: [Catalyst] untainting utf8 text for db Thanks for the suggestions. Indeed, specifying a list of chars which is clean (e.g. [a-zA-Z0-9_] for a username in English) is optimum, and I prefer that. But when you are working with fully multilingual material, this becomes pretty much impossible. As the site in question is all about language learning and could eventually handle any language, that is the issue. Rejecting some of the suspicious chars you suggest is something I will do - but even that is not foolproof as there are various ways (more than one, IIRC, but I'm not sure what they all are) of using escape sequences to get through. Of the list you suggest, I'd need to keep (, ), ? - all the rest I could kill quite happily. Again, thanks for the input. I'm going to forward this to the DBIx::Class list (as that is probably where it should have gone in the first place). ___ List: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/dbix-class IRC: irc.perl.org#dbix-class SVN: http://dev.catalyst.perl.org/repos/bast/DBIx-Class/ Searchable Archive: http://www.grokbase.com/group/[EMAIL PROTECTED] Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] untainting utf8 text for db
I inquired about this myself a few months ago. Consensus if I remember correctly was that DBIC gives you some safety in that it uses place holders but that does not mean your protected fully from bad input or malicious abuse of that parameter. I personally like having input meet specific requirements and if doesn't meet them then just reject it. But that does not always fly especially if you HAVE to be flexible. Another approach is rejecting input if it has characters or data that you know you don't want or expect things like , %, (, ), \, /, ?, `, *, +, just as some examples. I think its better to be more strict with input than less strict especially if its public facing. If its internal then its different story. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Daniel McBrearty [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 11:22 AM To: The elegant MVC web framework Subject: Re: [Catalyst] untainting utf8 text for db yes, that's what I meant. but does using the DBIx::Class construct sanitise, provide safety and prevent unwanted babies though? IIRC it does for creating records. On Thu, Jun 5, 2008 at 8:10 PM, Ash Berlin [EMAIL PROTECTED] wrote: On 5 Jun 2008, at 19:05, Daniel McBrearty wrote: database contains text fields which can be in any language and contain any text and punctuation 1. I am getting params back via a web form to create new records. What do I do to validate input (apart from length check)? 2. I want to take a param and do a like(%$param%) search returning matching records. How do I protect this? You mean foo LIKE '%$param%' and its done by $rs-search({ col = { -like = %$param% } }) -ash ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ -- Daniel McBrearty email : danielmcbrearty at gmail.com http://www.engoi.com http://danmcb.vox.com http://danmcb.blogger.com find me on linkedin and facebook BTW : 0873928131 ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] UTF-8 Conversion on the fly
Hello Everyone, Got a question about utf8 conversions on the fly. I was wondering if anyone had experience and some pointers of good practices for taking a webpage thats stored as a blob in mysql then serving that page after its been converted to utf8. Right now the way this is implemented is conversion before storage but I never liked that idea. The engineer who did it thought utf8 conversion is always going to be a smooth thing. I also don't like the fact we don't store the orginal copy of the page in the db its the converted copy. So I wanted to see if anyone here had good suggestions on how the original can be stored and just converted on the fly. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] So, what do we want in the -next- book?
I think there needs to be a balance. Free software is free so that already is a big bonus for us as a consumer of the software. Then having the software be open source is another big bonus. Then having documentation that is free is another big plus. Paying for a book that someone put time into should not be an expectation we should have. I mean writing releasable software framework is hard enought in itself and then having to deal with peoples opinions and harrassment is stressful enough. I am just happy the contributors to Catalyst are still working on it and if we can support them by buying a book or using them for consulting for detailed support is a good way to return the favor they have done for us. Thanks, -- Ali Mesdaq Security Researcher Websense Security Labs http://www.WebsenseSecurityLabs.com https://webmail.websense.com/exchweb/bin/redir.asp?URL=http://www.WebsenseSecurityLabs.com -- From: Ali M. [mailto:[EMAIL PROTECTED] Sent: Thu 3/27/2008 5:29 AM To: The elegant MVC web framework Subject: Re: [Catalyst] So, what do we want in the -next- book? Education (or knowledge depending on how you translate it) is As Indispensable As Water and Air -- Taha Hussein (an Egyptian scholar) One of the maing benefits of Free Software is Free education, I don't understand when a Free Software proponent do not also support just as much free education in the form of free docs and books On Tue, Mar 11, 2008 at 8:13 AM, Matt Rosin [EMAIL PROTECTED] wrote: FWIW, I am very much for both free and commercial docs. The more docs of both types the better. I would prefer that experts loved by the community be given incentives to do both. Books are nice, but I would probably prefer purchasing just the digital version of a book right now. No shipping or printing costs, always at my fingertips. Ideally it would include a lifetime ID so I could download it with revisions and code forever, so if I lost the data I could get it again. It would have to be unencumbered and preferably both a PDF and pod versions. I'd like recognition of a relationship and credit toward future purchases. As a loyal customer I tend to repurchase things I like over the years, multiple times. I wonder if it could be made cheaper by forgoing the physical printing but giving the author/editor/publishing team the same profit. That might make it easier for more people to get hold of it. My 2 yen, Matt R. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] external javascript files
I think in your case it would be /src/myjavascript.js Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Jennifer Ahn [mailto:[EMAIL PROTECTED] Sent: Monday, March 24, 2008 2:43 PM To: The elegant MVC web framework Subject: [Catalyst] external javascript files hello! i'm tyring to call my external javascript library under myapp/root/src/myjavascript.js in my tt2 file by placing this line at the top of the tt2 file: script language=Javascript src=/myjavascript.js type=text/javascript/script is this the right way to use an external javascript file in my template file? thank you! jennifer ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Problem Using Jemplate
I think you have to specify the view in some cases. I know I had to do that for JSON views like this. # At the end of the controller method $c-stash-{current_view} = 'JSON'; Maybe jtemplate becomes the default. Are you specifying a TT template by the way? Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Stephen Sykes [mailto:[EMAIL PROTECTED] Sent: Friday, March 21, 2008 2:29 PM To: The elegant MVC web framework Subject: [Catalyst] Problem Using Jemplate I've been playing with jrockway's Jemplate example and when I create the view using script/myapp_create.pl view Jemplate the app will no longer render the TT view. It seems to overwrite template rendering and will print a few lines of javascript to the screen, no matter what screen I try to view. Anyone know what the problem is here? If I delete /lib/MyApp/View/Jemplate.pm the app will work again by rendering the proper tt2 templates. Thanks in advance for your help. Stephen ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] implementing ajax
Jennifer, Are you sure you want to stick with this route? Looks like your going to make a lot of work for yourself. I would hate to see the js code to make xml. Use the js code to just post the values you want read those values in with something like $c-request-params-{whatever} in your controller. Then in your controller just spit out json which is not even really a line of code. If your using the JSON view all you need to do is put your data in the $c-stash-{json} and it will auto serialize it for you. Why would you want to use JSON? Because javascript can just read it straight in and you can use it without having to parse anything. Your js would just eval the returned json content and use it. If you return xml you will need to parse it out and just makes a lot of work. If you want I can maybe create something on the wiki on how to use mochikit for the js part of it and catalyst for the controller part of it. Maybe its a good advent calendar article anyone think it would be good? Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Jennifer Ahn [mailto:[EMAIL PROTECTED] Sent: Monday, March 10, 2008 9:37 AM To: The elegant MVC web framework Subject: [Catalyst] implementing ajax hello! i'm wondering how one would implement the server side controller end of an application with ajax. i have the javascript on my client sending an xml file to a uri controller method but, how does the controller process that xml? is the standard way of doing this by reading in the xml file through stdin? i'd like to implement this without using JSON of jemplate. thanks for your help! jennifer ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] implementing ajax
As I said I use mochikit which is very lightweight and makes ajax and pretty much everything in javascript very easy but doesnt modify things like other libraries. This js code is assuming you have two drop down elements with an id of 'drop_make' and another one with 'drop_year'. initMake needs to be called after those elements on the page. ===JS=== function initMake () { var drop_make = getElement('drop_make'); var drop_year = getElement('drop_year'); connect ( drop_make, 'onchange', function () { make = drop_make.options[drop_make.selectedIndex].text; make_id = drop_make.options[drop_make.selectedIndex].value; var params = new Object; params['year'] = year; params['make_id'] = make_id; var url = '/inventory/getModels'; var d = doXHR ( url, { 'Accept': 'text/xml', 'method': 'POST', sendContent : queryString(params), headers: { Content-Type:application/x-www-form-urlencoded } } ); d.addCallback ( function (req) { var opt = evalJSONRequest(req); //if you have firebug you can basically dump the object to firebug console console.log(opt.json); } ); } ); } ===Catalyst=== sub getModels : Local { my ( $self, $c ) = @_; # my posted params my $year = $c-request-params-{year}; my $make_id = $c-request-params-{make_id}; #modified my code to just give an example my $make = $c-model('adminDB::make')-find($make_id); my $models = $c-model('adminDB::model')-search ( { make_id = $make_id, year = $year } ); my $json; #This should work but its untested and modified from my original code to make it simpler foreach my $model (@{$models}) { push(@{$json}, {model_id = $model-model_id, model = $model-model}); } $c-stash-{json} = $json; $c-stash-{current_view} = 'JSON'; } Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Jennifer Ahn [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 11, 2008 2:28 PM To: The elegant MVC web framework Subject: Re: [Catalyst] implementing ajax Hi Ali Thanks for your suggestions. I was a little reluctant to explor JSON because I didn't find the cpan documentation or catalyst book being sufficient. Being that this application is my first with catalyst, I wanted to tackle one thing at time. Catalyst first, then all the plug in modules. If you could provide a working example of hos to implement the js and catalyst controller part of JSON, I would greatly appreciate it! Thanks jennifer Mesdaq, Ali wrote: Jennifer, Are you sure you want to stick with this route? Looks like your going to make a lot of work for yourself. I would hate to see the js code to make xml. Use the js code to just post the values you want read those values in with something like $c-request-params-{whatever} in your controller. Then in your controller just spit out json which is not even really a line of code. If your using the JSON view all you need to do is put your data in the $c-stash-{json} and it will auto serialize it for you. Why would you want to use JSON? Because javascript can just read it straight in and you can use it without having to parse anything. Your js would just eval the returned json content and use it. If you return xml you will need to parse it out and just makes a lot of work. If you want I can maybe create something on the wiki on how to use mochikit for the js part of it and catalyst for the controller part of it. Maybe its a good advent calendar article anyone think it would be good? Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Jennifer Ahn [mailto:[EMAIL PROTECTED] Sent: Monday, March 10, 2008 9:37 AM To: The elegant MVC web framework Subject: [Catalyst] implementing ajax hello! i'm wondering how one would implement the server side controller end of an application with ajax. i have the javascript on my client sending an xml file to a uri controller method but, how does the controller process that xml? is the standard way of doing this by reading in the xml file through stdin? i'd like
RE: [Catalyst] The home page, the wiki and the mailing list
Do you really think people are going to list their projects for their internal tools and portals on a public website? Yes the wiki is way out of date and poorly maintained but guess what the one we have here at work is also poorly maintained. That's just the nature of the wiki and I have complained about it before but until I contribute I can't really complain any further. DBIC is confusing if you haven't used ORM or similar techniques. I know I myself have faced a lot of issues with DBIC not being clear or being too confusing. But when you sit down and think about writing your own ORM you quickly realize the beauty of having something like that. But even if DBIC is too confusing you can always just go back to basic DBD and write your own logic for find_or_create or insert_or_update. And I don't think the focus should be on ...post better links and stories... for marketing reasons. If anything we just need to document better probably just use better examples in the documentation. I personally don't care about the hype factor of catalyst but I do care about the features and control it provides. But googling people and saying they shouldn't be quoted is kinda silly in my opinion. That's like saying who are you to post a message like this on this mailing list your not qualified to criticize the marketing tactics of Catalyst. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Ali M. [mailto:[EMAIL PROTECTED] Sent: Friday, March 07, 2008 9:38 AM To: catalyst@lists.scsys.co.uk Subject: [Catalyst] The home page, the wiki and the mailing list I just want to draw the attention or to ask, Why is the wiki so poorly maintained, the list of sites and projects using catalyst is really umimpressive, are those really all the project using catalyst? The thing is, from the traffic I see on this mailing list, I really doubt it, and I really wish that these sites and project listed on the wiki are not representative. I even visited the NetHorus link from this wiki and beside the fact that this seems like a very small one man show project, the author converged to using RoR because in his own words Catalyst and DBIx::Class is proving too difficult for me to code, resulting in a lack of progress and the danger of de-motivation Is catalyst being implemented in more serious place, can someone post better links and stories, even the ones on the front page sound ...well ...i wont say not to sound mean ... but totaly dope!!! ... really. And who are these people quoted, I googled one or two of them, they are not major contributors to big FOSS project and they dont work for large enterprise, why are they quoted!! Best regards Ali ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] javascript libraries in your application
I put mine under root/static/js during testing and development but on live servers I put it under /js and use mod rewrite rules to allow that and the images directory to be served up statically. For some reason having /static/js on a live URL is ghetto to me. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- From: Dennis Daupert [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 05, 2008 11:43 AM To: The elegant MVC web framework Subject: Re: [Catalyst] javascript libraries in your application On Feb 5, 2008 2:04 PM, Jennifer Ahn [EMAIL PROTECTED] wrote: hello!! i just started building my web application on catalyst and i'm wondering where to put my javscript library in the framework. Usually you want your javascript library to just download to the client as is, so under root/static is a good place. I like to set dedicated directories for static files: root/static/js root/static/css /dennis Click here https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== JgBaACSDeMXQWRz9bcREXBI5WqhMaOjSoV05X3tupocxOU+hzbZ!McXk8aO1IcCWTJm2e1JR kak83gA7i1ZX0Rh0pjvjOVVc6jcNlB8Ds4+JocbhkZWBW7!0F73cQW1dwOla+spYSJAy!Vv4 KBKU6lr3gM0bZYMcdwivWgSmGe9NjQAjWNIXit9O to report this email as spam. Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Catalyst test server response times.
Just giving my recommendation for what in my opinion is an ESSENTIAL tool for any web developer or even power user Firebug for Firefox https://addons.mozilla.org/en-US/firefox/addon/1843 . Best overall tool I have found. Lets you debug JavaScript, inspect elements and their dom properties, lets you modify anything live and see the change, displays http requests with both post data and returned data, shows response times for each request item, profiles JavaScript on page, list just goes on and on. Great for design, debugging, and security. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Peter Edwards [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 30, 2008 8:00 AM To: 'The elegant MVC web framework' Subject: RE: [Catalyst] Catalyst test server response times. Hi Ian doing a 'host' command on an IP address works instantly and the contents of the /etc/resolv.conf file look to be correct. Could it be a problem with specific IP addresses rather than with the nameservers? (I can't cause a problem manually with the IP addresses I know the Catalyst app is run from). There are a few things you could try to narrow the problem. 1. You're definitely running the server without flags? i.e. $ perl script/myapp_server.pl The -k and -d flags slow it down a lot. 2. You've got the latest code? $ cpan Catalyst::Devel 3. Use the debugger to see where the program is $ perl -d script/myapp_server.pl Fire up a request from your browser. If it's slow, press CTRL-C to break in the debugger and use 'v'iew, '.' and 'T'race to see where you are. It may seem hit and miss but it's a quick way to see where the program is at. You can use 'c'ontinue to complete dispatching. Some more notes at http://catwiki.toeat.com/fromtrac/debugsample 4. Use DProf to profile a couple of requests. $ PERL5OPT=-d:DProf perl script/myapp_server.pl Do a few requests in your browser $ dprofpp Will show you which routines are eating up time. 5. Use a browser debugging tool like Fiddler2 in IE http://www.fiddlertool.com/fiddler/ or Charles in FF http://www.xk72.com/charles/ if you suspect there's some browser - server idiocy going on. See when the request is sent, see when the header comes back. See how long it takes to get the ancillary .css .js .jpg files. That will indicate whether it's a network problem, the server, or simply slow javascript. Regards, Peter http://perl.dragonstaff.co.uk ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Documentation on DBIx Class
I personally prefer a lot of different examples or a comprehensive FAQ. I think just those being addressed could solve the documentation issues with dbic. Cuz I mean its pretty well documented at the method level but putting it together is where its lacking. For what it does the FAQ section is very short although the cookbook is pretty good. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Jonathan Rockway [mailto:[EMAIL PROTECTED] Sent: Friday, January 18, 2008 1:50 PM To: The elegant MVC web framework Subject: RE: [Catalyst] Documentation on DBIx Class On Fri, 2008-01-18 at 12:47 -0800, Mesdaq, Ali wrote: I have to just rant a bit about that. The most difficult thing about catalyst is trying to learn dbic. I love dbic and how clean it can make working with the data layer but because of the documentation its hard to wrap ur head around to just fully know how it works and what to expect. I am not a full time web developer so I use catalyst for about a week or two then work on other projects then go back to catalyst a few weeks later and realize I need to re-learn all the dbic stuff again. The simple stuff is easy but the many to many is poorly documented in my opinion so it makes grasping that concept a little hard. I know for the life of me I can't ever remember how to setup the relationships for many to many tables and I need to look at old files then read the docs then test it out then relook at everything again. Maybe the examples just need some more schema examples because the cd example is too simple so its hard to see how it could be used in more complex situtations. Thats just my rant from a perl guy who is a catalyst beginner. I think the book takes a pretty good approach with DBIx::Class. Chapter 5 really covers the advanced stuff, and the rest shows you how to use it in simple CRUD applications. But, kd and I were planning on writing a better tutorial. When he's back from vacation, we'll get started... maybe that will help everyone out. Regards, Jonathan Rockway Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Documentation on DBIx Class
I have to just rant a bit about that. The most difficult thing about catalyst is trying to learn dbic. I love dbic and how clean it can make working with the data layer but because of the documentation its hard to wrap ur head around to just fully know how it works and what to expect. I am not a full time web developer so I use catalyst for about a week or two then work on other projects then go back to catalyst a few weeks later and realize I need to re-learn all the dbic stuff again. The simple stuff is easy but the many to many is poorly documented in my opinion so it makes grasping that concept a little hard. I know for the life of me I can't ever remember how to setup the relationships for many to many tables and I need to look at old files then read the docs then test it out then relook at everything again. Maybe the examples just need some more schema examples because the cd example is too simple so its hard to see how it could be used in more complex situtations. Thats just my rant from a perl guy who is a catalyst beginner. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Alex Povolotsky [mailto:[EMAIL PROTECTED] Sent: Friday, January 18, 2008 12:04 PM To: The elegant MVC web framework Subject: Re: [Catalyst] Documentation on DBIx Class Ian Tegebo wrote: Unfortunately, Tutorial is weak. CRUD section lacks Update at all, and it does not deal with any transaction, and it seems to use poor methods to create records. Could you provide an example of richer methods for record creation? Not yet. I'm learning Catalyst for about two weeks. I like Catalyst and I don't like Catalyst's manuals. I'll try to write something as soon as I'll get my app working. Alex. P.S. Most problems in nowadays tutorial is that they tell do this and this instead to achieve this, we must do this because of... Alex. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ TO REPORT THIS AS SPAM, PLEASE CLICK THE FOLLOWING LINK: https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== TaMd7SPPKfrEThCb6GTfuQhkbM4jmyJjjeYnFXhkf38JX143ywurL2Ncq1ItaSLL5XLdGuJ4 xEG5vJskRm7rlXQcp5FzjO6FLYAzdYgLwzwWselO1FESy9UHaDPja!wOkwdXTZZETDgcgaE1 ptV6M3YX3azTQRjM+9j59w2k+qd74Qsh5ImGKsu Protected by Websense Messaging Security -- www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Input/Parameter Checks
Anyone have some suggestions or references to good modules or best practices in this regards? This is mainly in regards to using these inputs in sql queries or other areas where common attacks against web applications happen. I wonder in the catalyst world what best practices are. Would it be a catalyst plugin that would best fit that role or a module that gets used in the controller possibly maybe just some code in the model? It just feels like its one of those things that has been solved by someone else way better than I would have done it and I am just not aware of it. Kinda like when I wrote my own logging module because at the time I didn't find a good one then I stumble accross log4perl and realize how badly I wasted my time! Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- Protected by Websense Messaging Security ? www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Input/Parameter Checks
I use DBIC with catalyst and even in cases I don't use DBIC I always use placeholders. However I still don't think thats a strong solution or at least it doesnt help me sleep better. I have still seen cases when I have used placeholders and the input variable still ended up escaping something and the query would break or data would be inserted partially. I cant remember for sure but I think it was with a value of 'C:\' with the single quotes like it is there. But not sure if that was the case or not I just remember I had to use the quotesql method before I could pass that variable to interopelate into the execute command. Also there is params that are not just in the form but also in the URL that can get passed to catalyst. Ideally I would think to be safe and consistant it might be a best practice to write a wrapper around the various validation and checks that can be done and include that in your catalyst app so you can call the wrapper methods to do the checks for you. I just see so many exploits on a daily basis for web apps that I am on the paranoid side and don't usually trust basic checks like variable place holders in dbi or dbic. But its possible those worries are totally unfounded. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: John Napiorkowski [mailto:[EMAIL PROTECTED] Sent: Thursday, December 13, 2007 1:41 PM To: The elegant MVC web framework Subject: Re: [Catalyst] Input/Parameter Checks --- Mesdaq, Ali [EMAIL PROTECTED] wrote: Anyone have some suggestions or references to good modules or best practices in this regards? This is mainly in regards to using these inputs in sql queries or other areas where common attacks against web applications happen. I wonder in the catalyst world what best practices are. Would it be a catalyst plugin that would best fit that role or a module that gets used in the controller possibly maybe just some code in the model? It just feels like its one of those things that has been solved by someone else way better than I would have done it and I am just not aware of it. Kinda like when I wrote my own logging module because at the time I didn't find a good one then I stumble accross log4perl and realize how badly I wasted my time! Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- Hi, You have a couple of questions here. First of all, for hardening your SQL, I recommend you use an ORM, like DBIx:Class or Rose::DB to act as a layer between your front end code (collecting form params, for instance, typically in your controller) and the actual database. DBIC (shorthand for DBIx::Class) automatically uses bind parameters, which helps a lot with the SQL inject style attacks. For parameter checking, there's a bunch of stuff floating around. Please do a quick search of the recent archives, you'll find someone asking a similar question with a lot of discussion following. My personal choice for form validation is the system based on HTML::FormFu, which integrates nicely with Catalyst. There is a reasonably active mailing list as well and tons of documentation and examples. But your results may be better served by other things, my opinion is far from canonical. --john Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ TO REPORT THIS AS SPAM, PLEASE CLICK THE FOLLOWING LINK: https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== s8WLBdegZqu0wt9pgnuPw6wl0cfc3FOTSj3Rktko5qRAFVm6k1y9KKPTtdPjmqEzO49riMeS bp!3SjWuzjoT7Sh!wb9c90w7QShf6Bw+PxJ0CBxcCvEfU7rz1b6D4F7WWWk5rG+Kjt!B4Nhy !SIC4hksddxQMr9C3VSBKtqujQEyPilqFlGO8fw Protected by Websense Messaging Security ? www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Input/Parameter Checks
There is also input via url which is actually a little more worrisome than form input. I wonder if there is possible way the Catalyst dispatch internals can be exploited in this manner. Maybe thats an area thats already been reviewed but just mentioning it to throw it out there. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: Ash Berlin [mailto:[EMAIL PROTECTED] Sent: Thursday, December 13, 2007 1:53 PM To: The elegant MVC web framework Subject: Re: [Catalyst] Input/Parameter Checks On 13 Dec 2007, at 21:21, Mesdaq, Ali wrote: Anyone have some suggestions or references to good modules or best practices in this regards? This is mainly in regards to using these inputs in sql queries or other areas where common attacks against web applications happen. I wonder in the catalyst world what best practices are. Would it be a catalyst plugin that would best fit that role or a module that gets used in the controller possibly maybe just some code in the model? It just feels like its one of those things that has been solved by someone else way better than I would have done it and I am just not aware of it. Kinda like when I wrote my own logging module because at the time I didn't find a good one then I stumble accross log4perl and realize how badly I wasted my time! Thanks, Right there are two different issues here. 1) Form Validation To check that all fields are completed, match input requirements etc. Data::FormValidator FormValidator::Simple to name 2. There might be plugins for these, but dont use them, just use the modules normally. 2) avoiding SQL injection This is simple. never interpolate *anything* from the user into SQL. Use placeholders. Or better yet use an ORM such as DBIx::Class. HTH Ash ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ TO REPORT THIS AS SPAM, PLEASE CLICK THE FOLLOWING LINK: https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== FSyxGlfzifoD9iskHT153bNjfUMmSqRWWoHAsN+t+VlFT3BPSZ3fr96v31ikwTrLOQQZE0Fk xeIqDzz1EFL059DsCPCBHIo2H!nlns!GnVg+20!lsKoFWK2BIwNbU0vWLK6JPrqT2HC0tIJ+ dixD!+7sddxQMr9C3VSBKtqujQEyG9h3l8evuIY Protected by Websense Messaging Security ? www.websense.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] DBIx relationships
I am still very much a beginner myself but from one beginner to another it looks like your schema is not a many to many type. You would need a table to bring the family and members together like family_members(male_id, female_id, family_id) Then you could have a search on the family table and list out all the members like my $rs = $c-model(''AppModelDB::Family')-search({family_id = #id}); while ($rs-next) { print $_-male-first_name, $_-family-family; print $_-female-first_name, $_-family-family; } Please correct me if I am wrong anyone on the list because I am still trying to get the hang of it myself. Thanks, -- Ali Mesdaq (CISSP, GIAC-GREM) Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- From: Angel Kolev [mailto:[EMAIL PROTECTED] Sent: Friday, December 07, 2007 11:21 AM To: catalyst@lists.scsys.co.uk Subject: [Catalyst] DBIx relationships Guys, i cant understand relationships yet (has_many and many_to_many too). I have 3 tables in my datebase: males (id,first_name,family_name) etc females (id,first_name,family_name) etc and family (id,family,city,address) etc All ids are equal. I have classes for all of them (MyApp::Males,::Females,::Family). Every male and female with same ID belongs to same ID in the family table. So i want to fetch one line through MyApp::Family at once. Something like: $c-model('AppModelDB::Family')-family #id,city,first_name(female),first_name(male) Thank you Click here https://www.mailcontrol.com/sr/o5qG9EVieck13K4hCHgocuaezl6vIhKaF2MvW56w q5n5v+5pGstheR4+CWTOHVIPC8xG6KV63TzWRagmh6U2E6ni+wO5wLv4999QL!oSPGUdP5sc ULzIWoXT0xqRtC1Ms9EUn8V!sujYWnNTNVfud2qAOcypvK+JTUUd+2adAL3!tmJLfymf8esr J8FNtBBajQMNIEaOjhRSnGos6ruelSl1jpaPNlJ6 to report this email as spam. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Jobs and Freelance
Where is the proper place to post Job postings and/or Freelance stuff? Thanks, -- Ali Mesdaq Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com http://www.WebsenseSecurityLabs.com -- ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Shared Host Setup
Been working on setting up Catalyst on a shared host and I have to say its been pretty painful. Been trying to use the default install on the host and add the modules I need but came across the suggestion to install a new version of perl and that helped a lot. But the host I am using (aplus.net) has pretty strict setup as opposed to dreamhost having a more open setup so its making it even harder. But it seems like everything else works good except Module::Build. It seems like you need to have root to install that module. I keep getting errors that are related to chdir and it not figuring out what directory its built in and permissions issues. So my question is what are my options? Changing hosts is not an option. Is there a way I can cleanly and reliably build it on a system that I do have root access like a freebsd vmware image and then move it over? Would par be a good option for something like that? I wonder if its possible to just build a portable custom install of perl with all catalyst modules and everything on a machine with root access and just tar and move the whole install. I mean I did build the initial perl install on the vm image because I was getting errors with building on the shared host but I didn't want to build all the modules there because I thought it might not be a reliable way of setting up the environment. Thoughts? Thanks, -- Ali Mesdaq Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Shared Host Setup
Myself and I am sure many others would really appreciate a howto on using local-lib. I have suspicion that it won't work in all setups on shared hosts. But this is a case where I would LOVE to be wrong. Thanks, -- Ali Mesdaq Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: John Goulah [mailto:[EMAIL PROTECTED] Sent: Thursday, November 01, 2007 6:43 PM To: The elegant MVC web framework Subject: Re: [Catalyst] Shared Host Setup On Nov 1, 2007 2:06 PM, Mesdaq, Ali [EMAIL PROTECTED] wrote: Been working on setting up Catalyst on a shared host and I have to say its been pretty painful. Been trying to use the default install on the host and add the modules I need but came across the suggestion to install a new version of perl and that helped a lot. But the host I am using ( aplus.net) has pretty strict setup as opposed to dreamhost having a more open setup so its making it even harder. But it seems like everything else works good except Module::Build. It seems like you need to have root to install that module. I keep getting errors that are related to chdir and it not figuring out what directory its built in and permissions issues. So my question is what are my options? Changing hosts is not an option. Is there a way I can cleanly and reliably build it on a system that I do have root access like a freebsd vmware image and then move it over? Would par be a good option for something like that? I wonder if its possible to just build a portable custom install of perl with all catalyst modules and everything on a machine with root access and just tar and move the whole install. I mean I did build the initial perl install on the vm image because I was getting errors with building on the shared host but I didn't want to build all the modules there because I thought it might not be a reliable way of setting up the environment. Use local::lib (http://search.cpan.org/~apeiron/local-lib-1.001000/lib/local/lib.pm) (I'd actually be happy to do an advent article on installing catalyst under local::lib if there was any interest) Thanks, John Click here https://www.mailcontrol.com/sr/JtkBmHQs560mmWmUCpkxrDvETnliijQITarfADRR vFt+SJKa+TvSBnfmOV4h2hC5VF9s7qQxuLmMab+6FGo4FS2ZWrg9AbxVpxhuXeZIy577VNwe FF08GZLzrovvczc8AQ6RMbdVRYSkcn6svW!Fi1FZD!2tyKm98uzx0afe6idQ6JdNVGVQzoIr 0TG5GlpAHKhXb878mrsWGUTZ33eZFSNijjucDX7S to report this email as spam. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Hypothetical Site and Scalability Planning
Hey All, Just wanted to start a thread about scalability planning and design. I was thinking we could take the approach of what peoples opinions, ideas, and best practices are for large scale sites and use a hypothetical site or a existing site as the model to plan for. Not everything discussed needs to be catalyst only it could be general web server configs or something similar. For example how would you guys approach a project where you needed to create a site like a myspace.com or similar with 0 current users but could surpass 1 million users in 1 month then 100 million in 1 year. I am interested to see the opinions and designs people would have to deal with that type of scalability. I mean even simple issues become very complex with those numbers. Like where and how to store photos. Should they be stored on filesystem, db, or external sites like akamai. What web server should be used? Apache? Should it be threaded version? How does that affect catalyst and its modules are they all thread safe or is threaded apache not even the way to go? Thanks, -- Ali Mesdaq Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
RE: [Catalyst] Hypothetical Site and Scalability Planning
J, Amazing feedback this is great! I think memcached is great. I haven't had time to play with it yet but I have pretty much read everything and been prepped to play with it once I have a chance. I personally think that storing images in the DB is the best place to start because if other better solutions are available later you can very easily migrate. But if you start out with filesystem migration is a little bit more cludgy in my opinion. I mean you have to go traverse directories and copy/move/delete or whatever you have to do for the migration. We have been using mysql on some pretty big internal projects here and its been working satisfactorily. However there are issues with it that make me not so confident in these big claims of large sites using it. Mainly its the scaling out paradigm that is not very clear with mysql. We tried using replication with master slaves and the replication speed was wayy too slow. Then the whole clustering approach with mysql seems to be very confusing and not very documented as far as I have poked around. The only really solid scaling approaches I have seen with mysql is either using vmware to cluster hardware at the hardware/os/vm layer to make one big virtual machine or using third party hardware/software bundles with mysql like ones from NetApp or similar. I wish clustering with mysql was as simple as adding a node to the cluster and you gain 0.7 performance per machine. Another very intriguing thing with super large sites is the actual schema design. You have to be very smart about design, data segregation, indexes, etc. I mean I don't know for sure but I am pretty sure sites like myspace don't just have one huge users table with user_id, email, sha1_password. I would imagine they have segregated users into separate schemas which would scale far better than mysql replication or clustering would. Something like every 10,000 users are allocated on a new mysql server. Thanks, -- Ali Mesdaq Security Researcher II Websense Security Labs http://www.WebsenseSecurityLabs.com -- -Original Message- From: J. Shirley [mailto:[EMAIL PROTECTED] Sent: Friday, October 26, 2007 12:31 PM To: The elegant MVC web framework Subject: Re: [Catalyst] Hypothetical Site and Scalability Planning On 10/26/07, Mesdaq, Ali [EMAIL PROTECTED] wrote: Hey All, Just wanted to start a thread about scalability planning and design. I was thinking we could take the approach of what peoples opinions, ideas, and best practices are for large scale sites and use a hypothetical site or a existing site as the model to plan for. Not everything discussed needs to be catalyst only it could be general web server configs or something similar. For example how would you guys approach a project where you needed to create a site like a myspace.com http://myspace.com or similar with 0 current users but could surpass 1 million users in 1 month then 100 million in 1 year. I am interested to see the opinions and designs people would have to deal with that type of scalability. I mean even simple issues become very complex with those numbers. Like where and how to store photos. Should they be stored on filesystem, db, or external sites like akamai. What web server should be used? Apache? Should it be threaded version? How does that affect catalyst and its modules are they all thread safe or is threaded apache not even the way to go? Here's my opinions on the matter: 1) Start out with memcached in place. It scales well, and use it. Use PageCache where you can. 2) Store images in something that is for storing data, not files. Storing images as files means you are stuck with some file system format that binds you unnecessarily. Things like S3, Akamai or your own homegrown MogileFS cluster gives you an API into the data. Granted, you could do the same for NFS or whatever, and just write a good compatibility API, you are largely duplicating the work of the previous tech. If you use S3, setup your image servers to cache for a loong time (on disk). Pull from S3, and store it for as long as you reasonably can. This area a lot of people get wrong and then get stuck with costly migrations. 3) Use database replication strategies where you can. In the F/OSS world, MySQL is outshining PostgreSQL with this. InnoDB removes a lot of the complaints that folks have about MySQL but there is always evangelism against MySQL. If it works for you, just take it in stride - a LOT of high traffic sites use MySQL; you can usually get some insight from them. MySQL allows InnoDB on the master, and MyISAM on the slaves -- gets you faster read times, and tends to not block on inserts that bad -- and then as you grow it is easier to grow into a full blown MySQL cluster... but at that point, you have enough money to thoroughly explore every option available. 4) You'll have to tune Apache or whatever web