Re: system(), exec()?

[Stas Bekman]

On Thu, 5 Apr 2001, Mike Austin wrote:

> On Thu, 5 Apr 2001, Stas Bekman wrote:
>
> > httpd.conf:
> > PerlSetEnv PERL5OPT -Mops=system
>
> Doesn't work.  I'm still able to use the system() call.
>
> Here's the stanza I used:
>
> 
> PerlSetEnv PERL5OPT -M-ops=system
> SetHandler perl-script
> PerlHandler Apache::Registry
> Options +ExecCGI
> PerlSendHeader On
> 

True, I've played with -Mop:subprocess, which works from the command line,
but not if you set it from the httpd.conf... I guess you need to dive into
Opcode.pm to find out the fine details.

I was lucky to sit next to Nat here at ApacheCon, so here is one way to
hack it:

package My::Override;
require Exporter;
@ISA = 'Exporter';
@EXPORT_OK = qw(GLOBAL_system system);
sub import {
my $pkg = shift;
return unless @_;
my $sym = shift;
my $where = ($sym =~ s/^GLOBAL_// ? 'CORE::GLOBAL' : caller(0));
$pkg->export($where, $sym, @_);
}
sub system {
warn "cannot run @_";
}
1;

then in your code:

  my $r = shift;
  $r->send_http_header("text/plain");
  $r->print("Hello $$\n");
  $ENV{PATH} = '';

  use My::Override qw(system);
  system("/bin/echo", "hello");

prints:

  cannot run /bin/echo hello at /home/httpd/perl/My/Override.pm line 13.

Since you want to override this for the whole interpreter you do this in
the startup.pl:

  use My::Override qw(GLOBAL_system);

the only problem is that people can still call CORE::system() and get the
original function.

Philip told me that he has hacked Apache::Registry to use Safe.pm, and it
works well for him.

_
Stas Bekman  JAm_pH --   Just Another mod_perl Hacker
http://stason.org/   mod_perl Guide  http://perl.apache.org/guide
mailto:[EMAIL PROTECTED]   http://apachetoday.com http://logilune.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/

RE: Apache::Request problem (possible bug)

[Geoffrey Young]

 this was fixed in cvs this past month.  check out the archive of the
apreq-dev list (if there is one somewhere) to see the details.  basically it
was because using param() to set a variable was calling Apache::Table->set,
which stringifies its arguments.  Now it calls Apache::Table->add and does
some undef'ing, allowing you to set multiple values from a ref.


--Geoff

-Original Message--
From: Cees Hek
To: [EMAIL PROTECTED]
Sent: 4/6/01 11:07 AM
Subject: Apache::Request problem (possible bug)


Either I've found a problem with Apache::Request, or I don't know what
I'm
doing :)

Setting variables with $r->param() doesn't seem to work for array
references.  ie the following line from the man page doesn't work
correctly

$r->param('foo' => [qw(one two three)]);

When you look at foo afterwards it returns the string 'ARRAY(0x8c04fd8)'
instead of an actual reference to the array.  

I have include a basic handler that demostrates this on my machine
(Apache/1.3.17 mod_perl/1.24 perl 5.005_03)


package Apache::Test;
# File: Apache/Test.pm

use strict;
use Apache::Constants qw(:common);
use Apache::Request ();

sub handler {
my $r = new Apache::Request(shift);

$r->content_type('text/html');
$r->send_http_header();

my @list = $r->param('list');

$r->param('newlist' => [qw(one two three)]);

my @newlist = $r->param('newlist');

my $list = join ', ', @list;
my $newlist = join ', ', @newlist;
print <<"EOM";



list - $list
newlist - $newlist



  Blue
  Green
  Red
  Yellow





EOM

return OK;
}

1;



-- 
Cees Hek
SiteSuite Corporation
[EMAIL PROTECTED]

Re: Apache::Compress and Apache::Filter

[Ken Williams]

Hi JR,

I've been avoiding this bug to my peril.  Does the following patch fix it?

=
--- Filter.pm   2000/12/20 03:43:44 1.16
+++ Filter.pm   2001/04/06 05:05:24
@@ -120,8 +120,8 @@
 
 sub send_fd {
   my $self = shift;
-  if ($self->is_last_filter) {
+  if ($self->is_last_filter and !&Universal::isa($_[0], ref $self)) {
 $self->SUPER::send_fd(@_);
   } else {
 my $fd = shift;
=

The bug occurs when the client doesn't support gzip, and you're using
Apache::Filter, and Apache::Compress is the final filter in the chain.


[EMAIL PROTECTED] (JR Mayberry) wrote:
>Does anyone know anything about the above combo, and getting an error
>message:
>Bad filehandle at Filter.pm line 123
>
>when using a client that doesnt support gzip..(specifically 'ab', apache
>bench)


  ------
  Ken Williams Last Bastion of Euclidity
  [EMAIL PROTECTED]The Math Forum

Apache::Request problem (possible bug)

[Cees Hek]

Either I've found a problem with Apache::Request, or I don't know what I'm
doing :)

Setting variables with $r->param() doesn't seem to work for array
references.  ie the following line from the man page doesn't work
correctly

$r->param('foo' => [qw(one two three)]);

When you look at foo afterwards it returns the string 'ARRAY(0x8c04fd8)'
instead of an actual reference to the array.  

I have include a basic handler that demostrates this on my machine
(Apache/1.3.17 mod_perl/1.24 perl 5.005_03)


package Apache::Test;
# File: Apache/Test.pm

use strict;
use Apache::Constants qw(:common);
use Apache::Request ();

sub handler {
my $r = new Apache::Request(shift);

$r->content_type('text/html');
$r->send_http_header();

my @list = $r->param('list');

$r->param('newlist' => [qw(one two three)]);

my @newlist = $r->param('newlist');

my $list = join ', ', @list;
my $newlist = join ', ', @newlist;
print <<"EOM";



list - $list
newlist - $newlist



  Blue
  Green
  Red
  Yellow





EOM

return OK;
}

1;



-- 
Cees Hek
SiteSuite Corporation
[EMAIL PROTECTED]

Hangs / Out of memory

[Gregor Mosheh, Programmer]

VERSIONS
The problem exists with various combinations. The ones I'm currently
testing are:
Apache 1.3.12+mod_perl 1.17+perl 5.5.3
Apache 1.3.14+mod_perl 1.3.24+Perl 5.6.0

PROBLEM / SYMPTOMS

The combination of Apache 1.3.12 + mod_perl 1.27 + perl 5.5.3 is working
beautifully on our existing server, which is running Solaris 2.6.

This same combination, as well as combinations of newer versions of each
package, does not work on the new server, which is running Solaris 2.8

Very often, but not with 100% reliability, a mod_perl program will either
A) generate an "Out of memory!/Callback called exit." error in the
error_log or B) simply hang without generating any messages at all. 
Whichever failure mode happens (or if it works), it sticks with for
several hours at a time. e.g. If it hangs now, I can hit it in a moment
and be assured that it will hang again and not work or generate the
message. 

I followed the advice in the mod_perl_traps, regarding
PERL_EMERGENCY_SBRK, and it made absolutely no difference at all.


This is driving myself and my co-workers crazy, cuz it's delaying our
migration to the new server. Ideas?

--
Gregor Mosheh, B.S.
Programmer, CargoTel

Re: Apache::DBI->forcibly_disconnect?

[Tim Bunce]

On Thu, Apr 05, 2001 at 05:00:40PM -0400, Daniel wrote:
> Has anybody attempted to modify Apache::DBI to force a handle to disconnect?
> 
> eg. $dbh->forcibly_disconnect;

Fetch the latest -> read the docs -> if not found -> implement yourself
-> send a patch -> help save the world.

Tim.

Re: Problem with Apache::DBI

[Cees Hek]

On Thu, 5 Apr 2001, Alec Smith wrote:

> In my module I've got:
> 
> use DBI;
> use Apache::DBI;
> $db = DBI->connect('DBI:mysql:dbname', 'username', 'password', {RaiseError 
> => 1, AutoCommit => 1});

Have a read of the Apache::DBI man page and it will explain what is wrong
here.

You don't need to add Apache::DBI in your module.

> and in startup.pl:
> 
> use DBI;
> use Apache::DBI;
> Apache::DBI->connect_on_init('DBI:mysql:dbname', 'username', 
> 'password',{RaiseError => 1, AutoCommit => 1});

The use Apache::DBI should come bofore the use DBI call.  In fact, the use
Apache::DBI should come before you load any DBI enabled modules in you
config files.

Cees Hek

> 
> yet I'm still seeing the  error
> 
> Issuing rollback() for database handle being DESTROY'd without explicit 
> disconnect() at /usr/lib/perl5/site_perl/5.005/Apache/DBI.pm line 139.
> 
> in the logs.
> 
> Still lost,
> Alec
> 
> 
> At 09:24 AM 4/5/01 +0100, you wrote:
> >You would only get that message if AutoCommit was off.
> >It should not be off for DBD::mysql (since it doesn't yet support
> >the transaction features of newer versions).
> >
> >Plus, disconnect doesn't do anything when using Apache::DBI
> >(by design).
> >
> >Tim.
> >
> >On Wed, Apr 04, 2001 at 11:49:17PM -0400, Alec Smith wrote:
> > > Issuing rollback() for database handle being DESTROY'd without explicit
> > > disconnect() at /usr/lib/perl5/site_perl/5.005/Apache/DBI.pm line 139.
> > >
> > > Using Apache::DBI 0.88+DBI 1.14+mod_perl 1.25+MySQL 3.23.36 I'm getting 
> > the
> > > above in my error_log and am not sure why. Any ideas? I do have a
> > > $db->disconnect; line in my modules.
> > >
> > > Just a tad lost,
> > > Alec
> 
> 
> 

-- 
Cees Hek
SiteSuite Corporation
[EMAIL PROTECTED]

Apache::Compress and Apache::Filter

[JR Mayberry]

Does anyone know anything about the above combo, and getting an error
message:
Bad filehandle at Filter.pm line 123

when using a client that doesnt support gzip..(specifically 'ab', apache
bench)

I may be something wrong but its only breaking when a client doesnt support
gzip

thanks

Apache::DBI->forcibly_disconnect?

[Daniel]

Has anybody attempted to modify Apache::DBI to force a handle to disconnect?

eg. $dbh->forcibly_disconnect;

Thanks,
-- 
Daniel Bohling
NewsFactor Network

Re: Apache::ASP -- Corruption of statedir files/truncation of methodnames

[Carl Lipo]

The statedir is local so it doesnt seem to be an NFS issue. There
definitely seems to be a corruption of the StateDir files: here is a error
that crops up in our error log.

[Thu Apr  5 08:09:07 2001] [notice] child pid 11555 exit signal
Segmentation fault (11)
Use of uninitialized value at /usr/lib/perl5/MLDBM.pm line 161 (#1)

(W) An undefined value was used as if it were already defined.  It was
interpreted as a "" or a 0, but maybe it was a mistake.  To suppress
this warning assign an initial value to your variables.



Unauthorized use, disclosure, or distribution of information within
this message is prohibited.

On Wed, 4 Apr 2001, Joshua Chamas wrote:

> Carl Lipo wrote:
> > 
> > I've just started having problems with asp state files for Apache::ASP
> > 2.09 becoming corrupted during use. My application will work just fine but
> > at somepoint the session asp state files get corrupted and only deleting
> > them allows the application to continue working. Oddly, this occurs on two
> > different servers so the problem does not appear to be machine specific.
> > 
> > The symptom of the problem is that application errors are returned
> > from the asp code execution that look something like this:
> > 
> > Uncaught exception from user code:
> > Can't locate object method 'Quer' via package
> > "Apache::ASP::Request'; at (eval 263) l
> > ine 167. 
>INAP::NEIS::_usr_local_applprod_infosource_apps_netcfg_viewNodes_htmxINL() called
> > at /usr/local/lib/site_perl/Apache/
> > ASP.pm line 1504
> > 
> 
> Generally problems of this nature, where even perl data seems
> to be corrupted, seem to be from buffer overrun type issues
> that normally result in segfaults.  Looking at your config, 
> I would suspect the culprit to be use of DB_File on your
> StateDir, where /usr/local/etc/infosource/apps/netcfg/state-dir
> may be mounted over NFS.  NFS typically does not support the 
> flock() style locking that Apache::ASP uses to protect DB_File 
> from corruption.  
> 
> If you are & must use NFS, don't use DB_File, use the default 
> SDBM_File, which does not corrupt as easily.  If you need to 
> get past the 1000 byte limit, then you might use 
> MLDBM::Sync::SDBM_File which I developed just for this purpose.
> I need to add config support for this still to Apache::ASP though.
> If you can switch to a CIFS/or samba mounted file system, do 
> this, as this supports flock() semantics.
> 
> If StateDir is mounted locally, then possibly there is a bug in 
> Apache::ASP StateDB locking, but this is less likely the case
> and we might look at other types of buffer overrun issues that
> might corrupt perl data structures.  If your modperl httpd is compiled
> DSO, compile it static, as I have seen no end of odd errors with
> the DSO config from time to time.  
> 
> Also, DBD::Oracle and long values with CLOBs/BLOBs can create 
> another type of buffer overrun, which is supposedly on OCI bug, 
> though you didn't mention use of Oracle this is an odd bug that 
> stung me recently.
> 
> If you give up on trying to find this bug, which seems to be 
> related to StateDB corruption, you may create $Application & 
> $Session objects with Apache::Session in the global.asa Script_OnStart, 
> which would at least eliminate the StateDB issue.
> 
> -- Josh
> 
> _
> Joshua Chamas Chamas Enterprises Inc.
> NodeWorks >> free web link monitoring Huntington Beach, CA  USA 
> http://www.nodeworks.com1-714-625-4051
> 
> 

mod_perl BOF

[Geoffrey Young]

hi all...

  over a few beers last night, we (anyone who was drinking:) decided that
tonight would be a better time for the BOF than 9am this morning (or any
morning for that matter)

  seeing as how we don't have a room though, I thought that the pool was as
good a place to meet as anywhere...

  cya there

--Geoff

Apache::AuthTicket and MD5 question

[Bolt Thrower]

In version 0.20 of Apache::AuthTicket, there are a few calls to
Digest::MD5->md5_hex().  According to the documentation for Digest::MD5,
md5_hex is a function, not a method call.  So, for example, when
AuthTicket compares my password to the MD5 digest in my database that
was placed there by php (md5()), it's essentially doing an md5sum of
("Digest::MD5","password"), which needless to say doesn't match the
string that's in the database.

Shouldn't these md5_hex calls be changed to Digest::MD5::md5_hex()?
-- 
Steve Chadsey <[EMAIL PROTECTED]>
Now playing: The Veils of Negative Existence
(Manilla Road - "Crystal Logic")

Re: Problem with Apache::DBI

[Alec Smith]

In my module I've got:

use DBI;
use Apache::DBI;
$db = DBI->connect('DBI:mysql:dbname', 'username', 'password', {RaiseError 
=> 1, AutoCommit => 1});

and in startup.pl:

use DBI;
use Apache::DBI;
Apache::DBI->connect_on_init('DBI:mysql:dbname', 'username', 
'password',{RaiseError => 1, AutoCommit => 1});

yet I'm still seeing the  error

Issuing rollback() for database handle being DESTROY'd without explicit 
disconnect() at /usr/lib/perl5/site_perl/5.005/Apache/DBI.pm line 139.

in the logs.

Still lost,
Alec


At 09:24 AM 4/5/01 +0100, you wrote:
>You would only get that message if AutoCommit was off.
>It should not be off for DBD::mysql (since it doesn't yet support
>the transaction features of newer versions).
>
>Plus, disconnect doesn't do anything when using Apache::DBI
>(by design).
>
>Tim.
>
>On Wed, Apr 04, 2001 at 11:49:17PM -0400, Alec Smith wrote:
> > Issuing rollback() for database handle being DESTROY'd without explicit
> > disconnect() at /usr/lib/perl5/site_perl/5.005/Apache/DBI.pm line 139.
> >
> > Using Apache::DBI 0.88+DBI 1.14+mod_perl 1.25+MySQL 3.23.36 I'm getting 
> the
> > above in my error_log and am not sure why. Any ideas? I do have a
> > $db->disconnect; line in my modules.
> >
> > Just a tad lost,
> > Alec

Re: system(), exec()?

[Mike Austin]

On Thu, 5 Apr 2001, Stas Bekman wrote:

> httpd.conf:
> PerlSetEnv PERL5OPT -Mops=system

Doesn't work.  I'm still able to use the system() call.

Here's the stanza I used:


PerlSetEnv PERL5OPT -M-ops=system
SetHandler perl-script
PerlHandler Apache::Registry
Options +ExecCGI
PerlSendHeader On


Thoughts?

Thanks,
mga.

Re: Optimizing memory use of modperl servlets

[Stas Bekman]

[ an extensive  description of sharing memory question snipped ]

Please read (or reread) these sections of the guide:

http://perl.apache.org/guide/performance.html#Sharing_Memory
http://perl.apache.org/guide/performance.html#Improving_Performance_by_Prevent
http://perl.apache.org/guide/strategy.html#Running_More_than_One_mod_perl_S

> I have one other question...entirly unrelated to the above problem...that
> is this.  As i mentioned before, we have the 1 script, test.pl, that
> requires test.pm into it and calls test::run() to access the loaded libs.
> Is it possible to bypass this directly, and have all accesses to a
> particular virtual host "test.blah.com" instead of routing to test.pl (as
> it does now) be handled by the pre-loaded test.pm module (directly call
> test::run())  ?

Take a look at Apache::Dispatch, or roll your own.



_
Stas Bekman  JAm_pH --   Just Another mod_perl Hacker
http://stason.org/   mod_perl Guide  http://perl.apache.org/guide
mailto:[EMAIL PROTECTED]   http://apachetoday.com http://logilune.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/

Re: system(), exec()?

[Stas Bekman]

On Thu, 5 Apr 2001, Mike Austin wrote:

> On Thu, 5 Apr 2001, Stas Bekman wrote:
>
> > % perldoc ops
> > % perldoc Opcode
>
> But this appears to be a global change, correct?
>
> Can I restict access to these commands for most directories, but still
> enable them for a few, trusted directories?
>
> " Since the ops pragma currently has an irreversible global
>  effect, it is only of significant practical use with the
>  `-M' option on the command line."

Mike, I've not tried this one yet. I've just read the docs :) So if you
get down on actually trying it, please share your finding with the rest of
us. Thanks!

> I can't trust my users to enter -Mopts syntax in their scripts.  Can I
> pass the ops inside the  stanzas in the Apache config file?

httpd.conf:
PerlSetEnv PERL5OPT -Mops=system


_
Stas Bekman  JAm_pH --   Just Another mod_perl Hacker
http://stason.org/   mod_perl Guide  http://perl.apache.org/guide
mailto:[EMAIL PROTECTED]   http://apachetoday.com http://logilune.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/

Optimizing memory use of modperl servlets

[Bryce Pasechnik]

I've done extensive reading in both the guide and the maillist archives
and haven't found a very comprehensive explanation of this topic.

First I'll explain the setup of the scripts and webserver that we're
using:

I have 1 accessor script that the public would connect to "test.pl".
Inside that script, I "use" a single module "test.pm" and then call
"test::run()".  When I just use this setup, and do no pre-loading, each
servlet compiles the test.pm + all included modules on the first call and
then it stays compiled for the duration of the servlet.  This is ok, but
the entire compiled network of included pm's caused the servlet sizes to
be about 8 megs each.  Fairly high if we wanted to run a lot of servlets
on a minimal system.

So I instead pre-loaded the test module in the startup.pl file during
apache's loading session.  This then seemed to save a lot of memory.  With
4 servlets running, we went from aproximatly 30megs of total memory used
to 20 megs.  However,  Once we started accessing the script and causing
calls to be made to man aspects of the script, the total memory used spike
to over 60megs!  This seemed really strange since the memory used without
library sharing was less!!  Is this a problem with the way system-monitor
(the way we were calculating the shared/real memory) reports stuff?
Because each servlet was now reported to be ~15megs in size..about 7-8
megs bigger than before in the "non-optimized" state :)

I understand that with shared libs, as global variables become dirty,
pages become unshared.  Is that true?  Is it only for global variables?
Or do local code pages become unshared when used?  If so, then there would
be minimal advantage to sharing libs on a very diversly active system
since most code would become unshared quite quickly.

Is there a technique to minimize the ammount of non-dynamic variables that
get shared?  Perhaps putting all dynamic variables into a seperate package
and module?  This interests me the most as a number of our variables are
semi-large static data structures that may be contributing to the
wastefulness of space when they lie on pages that are forced to be shared
due to the global variable use.

I suppose another possibility is optimizing those static data structures
not to use too much memory.  For example, a couple of those data
strucutres are hashes.  They are dynamically created at compile time and
never change from that point onward so they should not causing a sharing
issue.  However, I don't know the internal representation of hashes in
perl, though I can make some guesses.  I assume it allocates a new chunk
of memory every so often as variables are added.  But I also assume it
allocates more than needed to optimize for speed.  Is there a way to
'prune' off that excess memory at some point?  The advantage of doing that
would be that if those variables do become unshared, their wasted memory
doesn't get duplicated along side the data.


I have one other question...entirly unrelated to the above problem...that
is this.  As i mentioned before, we have the 1 script, test.pl, that
requires test.pm into it and calls test::run() to access the loaded libs.
Is it possible to bypass this directly, and have all accesses to a
particular virtual host "test.blah.com" instead of routing to test.pl (as
it does now) be handled by the pre-loaded test.pm module (directly call
test::run())  ?


If anyone can help me on any of these issues, or point me to a page in
'the guide' or other web resource, I'd greatly appreciate it.

- Bryce

Re: system(), exec()?

[Mike Austin]

On Thu, 5 Apr 2001, Stas Bekman wrote:

> % perldoc ops
> % perldoc Opcode

But this appears to be a global change, correct?

Can I restict access to these commands for most directories, but still
enable them for a few, trusted directories?

" Since the ops pragma currently has an irreversible global
 effect, it is only of significant practical use with the
 `-M' option on the command line."

I can't trust my users to enter -Mopts syntax in their scripts.  Can I
pass the ops inside the  stanzas in the Apache config file?

Thanks again,
mga.

Re: system(), exec()?

[Robin Berjon]

At 18:52 05/04/2001 -0700, Stas Bekman wrote:
>On Thu, 5 Apr 2001, Mike Austin wrote:
>> I'm used to mod_php4, and we use "safe_mode" to allow our developers to
>> write applications, but restrict their access to files they don't own, and
>> to stop them from using system() or exec() type calls.
>>
>> Is there anything like this with mod_perl?  I'd like to offer them the
>> ability to develop with Perl, but I don't really want to give them access
>> to system() or exec() calls, or the ability to include files that they
>> don't own.
>
>% perldoc ops
>% perldoc Opcode

Is PerlOpMask in limbo or is it going to leave experimental status at some
point ?

___
Robin Berjon <[EMAIL PROTECTED]> -- CTO
k n o w s c a p e : // venture knowledge agency www.knowscape.com
--
Change is inevitable except from a vending machine.

Re: system(), exec()?

[Stas Bekman]

On Thu, 5 Apr 2001, Mike Austin wrote:

>
> Hi, I'm new to mod_perl, but I haven't been able to find an answer to this
> question.
>
> I'm used to mod_php4, and we use "safe_mode" to allow our developers to
> write applications, but restrict their access to files they don't own, and
> to stop them from using system() or exec() type calls.
>
> Is there anything like this with mod_perl?  I'd like to offer them the
> ability to develop with Perl, but I don't really want to give them access
> to system() or exec() calls, or the ability to include files that they
> don't own.

% perldoc ops
% perldoc Opcode

> For instance, I don't want them to be able to pop up an xterm display from
> our restricted web server to their display.
>
> Any thoughts?
>
> Thanks,
> mga.
>



_
Stas Bekman  JAm_pH --   Just Another mod_perl Hacker
http://stason.org/   mod_perl Guide  http://perl.apache.org/guide
mailto:[EMAIL PROTECTED]   http://apachetoday.com http://logilune.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/

system(), exec()?

[Mike Austin]

Hi, I'm new to mod_perl, but I haven't been able to find an answer to this
question.

I'm used to mod_php4, and we use "safe_mode" to allow our developers to
write applications, but restrict their access to files they don't own, and
to stop them from using system() or exec() type calls.

Is there anything like this with mod_perl?  I'd like to offer them the
ability to develop with Perl, but I don't really want to give them access
to system() or exec() calls, or the ability to include files that they
don't own.

For instance, I don't want them to be able to pop up an xterm display from
our restricted web server to their display.

Any thoughts?

Thanks,
mga.

Re: returning HTTP error code

[Helios de Creisquer]

"Jeffrey W. Baker" wrote:
> sub handler {
> my $r = shift;
> $r->status(503);
> $r->send_http_header;
> 
> return OK; #or return SERVER_ERROR; depends on how want to do it.
> }

Wow, pretty simple, in fact, thx a lot ! :-)

Cheers.
-- 
Helios de Creisquer
mail: [EMAIL PROTECTED]

Re: returning HTTP error code

[Jeffrey W. Baker]

On Thu, 5 Apr 2001, Helios de Creisquer wrote:

> Hi !
>
> I've got a mod_perl script calling an external program which
> use much memory. And I would like to send a 503 instead of
> calling this external program when there is less than xxxMB
> of memory free.
>
> Is mod_perl provides this ability to decide to send
> an HTTP return code or another ?

sub handler {
my $r = shift;
$r->status(503);
$r->send_http_header;

return OK; #or return SERVER_ERROR; depends on how want to do it.
}

-jwb

returning HTTP error code

[Helios de Creisquer]

Hi !

I've got a mod_perl script calling an external program which
use much memory. And I would like to send a 503 instead of
calling this external program when there is less than xxxMB
of memory free.

Is mod_perl provides this ability to decide to send 
an HTTP return code or another ?

Thx for your answers...

Cheers.
-- 
Helios de Creisquer
mail: [EMAIL PROTECTED]

[JOB] Web/Database Programmer/Analyst (US-NY-Ithaca)

[Ray Zimmerman]

The Applied Economics & Management department at Cornell University 
invites applications for a Web/Database Programmer/Analyst for the 
Laboratory for Experimental Economics and Decision Research.

To work in close partnership with team leadership to design & 
implement a flexible web-based platform for simulating economic 
markets. Platform will be used for a national electric power market 
experiment, & will serve as a foundation for many other economics 
experiments for research & teaching.

Requirements: Bachelors in computer science or equivalent experience. 
Must have experience in design & implementation of large complex 
database-driven web applications. Must have 5 yrs experience in 
object-oriented Perl programming, SQL database programming & web 
programming. Apache/mod_perl & mysql experience desired. Experience 
w/embedded Perl technologies, Linux server administration, XML, Java, 
JavaScript & open source software a plus.

Full-time employee or on-site contractor options are possible.

For more information on life in the beautiful Ithaca area or 
employment at Cornell University, please see the Cornell University 
Profile at .


Contact Information:
 Ray Zimmerman
 Cornell University
 428 Phillips Hall
 Ithaca NY 14853
 Ph: (607) 255-9645

Re: Apachecon folks

[Paul Cotter]

From: "Gunther Birznieks" <[EMAIL PROTECTED]>

> I'm here... and I think Stas, Eric Cholet, and others were interested in
> doing dinner around 7 or 8. They'll probably check their mail soon?
>
> Up until an hour ago, I didn't realize how beat I'm still feeling from
> Jetlag (normally I'm 15 hours ahead of California time), so I'm turning in
> early...

Hi

Instead of flying West go the other way and then you will end up 9 hours
behind California time, and have a whole extra day to recover.

Regards - Paul Cotter

Re: Problem with Apache::DBI

[BeerBong]

I have exactly the same errors in my log.
AutoCommit not specified in connect method, therefore 'on' by default.
Now, specify AutoCommit explicitly and wait for errors.

-
Sergey Polyakov   aka "BeerBong"
Chief of WebZavod http://www.webzavod.ru
Tel. +7 (8462) 43-93-85 | +7 (8462) 43-93-86
mailto:[EMAIL PROTECTED]
- Original Message -
From: "Tim Bunce" <[EMAIL PROTECTED]>
To: "Alec Smith" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, April 05, 2001 12:24 PM
Subject: Re: Problem with Apache::DBI


> You would only get that message if AutoCommit was off.
> It should not be off for DBD::mysql (since it doesn't yet support
> the transaction features of newer versions).
>
> Plus, disconnect doesn't do anything when using Apache::DBI
> (by design).
>
> Tim.
>
> On Wed, Apr 04, 2001 at 11:49:17PM -0400, Alec Smith wrote:
> > Issuing rollback() for database handle being DESTROY'd without explicit
> > disconnect() at /usr/lib/perl5/site_perl/5.005/Apache/DBI.pm line 139.
> >
> > Using Apache::DBI 0.88+DBI 1.14+mod_perl 1.25+MySQL 3.23.36 I'm getting
the
> > above in my error_log and am not sure why. Any ideas? I do have a
> > $db->disconnect; line in my modules.
> >
> > Just a tad lost,
> > Alec
>

Build problems on Mandrake

[Dave Hodgkinson]

I'm trying to build mod_perl on my Mandrake 7.2 laptop, apache 1.3.19,
mod_perl 1.25 and perl 5.6.0 and I'm getting:

cc  -DLINUX=22 -DMOD_PERL -DUSE_PERL_SSI -fno-strict-aliasing -D_LARGEFILE_SOURCE 
-D_FILE_OFFSET_BITS=64 -DUSE_HSREGEX -DNO_DL_NEEDED -fno-strict-aliasing 
-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 `./apaci`\
  -o httpd buildmark.o modules.o modules/standard/libstandard.a 
modules/perl/libperl.a main/libmain.a ./os/unix/libos.a ap/libap.a regex/libregex.a   
-lm -lcrypt -rdynamic -Wl,-rpath,/usr/lib/perl5/5.6.0/i386-linux/CORE  
-L/usr/local/lib  -L/usr/lib/perl5/5.6.0/i386-linux/CORE -lperl -lnsl -ldl -lm -lc 
-lposix -lcrypt 
modules/perl/libperl.a(perlxsi.o): In function `xs_init':
perlxsi.o(.text+0xdb): undefined reference to `boot_DynaLoader'
collect2: ld returned 1 exit status
make[3]: *** [target_static] Error 1


Am I missing something? Is it a perl issue?

TIA,

Dave

-- 
Dave Hodgkinson, http://www.hodgkinson.org
Editor-in-chief, The Highway Star   http://www.deep-purple.com
  Interim CTO, web server farms, technical strategy
   

Re: access log and the request object

[test]

I once used this: 
Is PerlCleanupHandler the same as LogHandler?
As far as I remember putting the code in the cleanup phase would mean
logging after finishing the request cycle with no delay for the client.
Is that true?
 




SetHandler  perl-script
PerlHandler Bankers::BedrijfswagensLijst
PerlCleanupHandler  Apache::LogDBI



package  Apache::LogDBI;

use Apache::Constants qw(:common);

use strict;
use DBI ();
use Apache::Util qw(ht_time);

use constant DSN=>  'dbi:mysql:koeweide';
use constant DB_TABLE   =>  'access_log';
use constant DB_AUTH=>  ':';

sub handler {
my $orig =shift;
my $r = $orig->last;
my $date= ht_time($orig->request_time, '%Y-%m-%d %H;%M:%S'
,0);
my $host= $r->get_remote_host;
my $method  = $r->method;
my $url = $orig->uri;
my $user= $r->connection->user;
my $referer = $r->header_in('Referer');
my $browser = $r->header_in('User-agent');
my $status  = $orig->status;
my $bytes   = $r->bytes_sent;

my $dbh = DBI->connect(DSN,split ':', DB_AUTH);
my $sth = $dbh->prepare("insert into ${\DB_TABLE} values 
(?,?,?,?,?,?,?,?,?)");

$sth->execute($date,$host,$method,$url,$user,$browser,$referer,$status,$bytes);
$sth->finish;


return OK;

}

1;


__END__






On Wed, 4 Apr 2001, darren chamberlain wrote:

> Andrew Lau ([EMAIL PROTECTED]) said something to this effect on
> 04/04/2001:
> > I am currently developing a Perl based apache module and was
> > wondering if such a functionality was available.  From within
> > the module would it be possible to modify the request object so
> > that the url that gets logged to the access.log is different
> > from what the client actually requested?
> > 
> > For example, if a client requested /file which was redirected
> > to this module could it modify either the request object or
> > some apache internal so that it gets written in the access log
> > as /file?session=1234567890abcdef  .
> > 
> > I apologize if this is readily available from some FAQ as i
> > have been unable to find this information.  Thanks for your
> > time.
> 
> This is untested, but I believe that mod_log_config logs, as part
> of the %r CustomLog directive, r->the_request, which is the first
> line of the request (i.e., "GET /file HTTP/1.0"). It might be
> possible to do something like:
> 
> my @request = split / /, $r->the_request;
> $request[1] = sprintf "%s?session=%s", $request[1], $r->param('session');
> $r->the_request(join ' ', @request);
> 
> assuming that $r->the_request is not read-only.
> 
> Another option is to use CustomLog to log something other than
> %r, like %{session}e to log an environment variable, or %q to log
> the query string:
> 
> CustomLog "%h %l %u %t \"%m %U%q %H\" %>s %b"
> 
> %m is the method, %U is the requested url, %q is the query
> %string (or '' if no query string), %H is the request protocol.
> 
> (darren)
> 
> -- 
> Everybody wants to go to heaven, but nobody wants to die.
> 

Re: Problem with Apache::DBI

[test]

Similar problem here but not quite
First time now I want to use a database handler more persistent.
Not yet by using Apache::DBI but in a global  $DBH
Shouldn't this just  work? 
I did not put Apache::DBI in startup file

I also tried code outside handler and I tried server restarts.
I always get a server has gone

use DBI ();
use Apache::Reload;

use vars qw($DBH $DB_TABLE $ID_LENGTH, %SESSION);


sub handler {
my $r = shift;

$DBH = DBI->connect(DSN,undef,undef) unless defined($DBH) ;
  
or: $DBH ||= DBI->connect(DSN,undef,undef) unless defined($DBH) ;


my $bla = $DBH->do("select 1 from $DB_TABLE");



[Thu Apr  5 12:33:21 2001] null: DBD::mysql::db do failed: MySQL server
has gone away at /usr/local/apache/lib/perl/Navvy/NavvyLijst.pm line 59.





Arnold


On Thu, 5 Apr 2001, Tim Bunce wrote:

> You would only get that message if AutoCommit was off.
> It should not be off for DBD::mysql (since it doesn't yet support
> the transaction features of newer versions).
> 
> Plus, disconnect doesn't do anything when using Apache::DBI
> (by design).
> 
> Tim.
> 
> On Wed, Apr 04, 2001 at 11:49:17PM -0400, Alec Smith wrote:
> > Issuing rollback() for database handle being DESTROY'd without explicit 
> > disconnect() at /usr/lib/perl5/site_perl/5.005/Apache/DBI.pm line 139.
> > 
> > Using Apache::DBI 0.88+DBI 1.14+mod_perl 1.25+MySQL 3.23.36 I'm getting the 
> > above in my error_log and am not sure why. Any ideas? I do have a 
> > $db->disconnect; line in my modules.
> > 
> > Just a tad lost,
> > Alec
> 

RE: Getting AuthCookie to return a wml page

[Michael Smith]

Thanks for the help Tim

Well in our situation we have a different server for wap -
(mobile.iii.co.uk) - so I can check what to send them back based on the
'Host:' header.  I do have a RewriteRule which checks for mobile devices
trying to connect the web site: 

RewriteCond %{HTTP_ACCEPT} text/vnd.wap.wml [NC]
RewriteCond %{HTTP_ACCEPT} !text/html 
RewriteRule ^/?$ http://mobile.iii.co.uk/wap/index.wml [L,R]

We do have an authenticated page on this site at the moment, which uses
standard HTTP Authentication. This was quite difficult to get working but it
does seem to work, except if you get your username and password incorrect,
when I think you get a text/html page and some spurious error appears on the
phone.

I don't really know that much about wap gateways and so forth, so wasn't
sure where the cookie would get stored.  I just hoped that it would work,
perhaps rather too optimistically!  I know that most sites that have a login
don't seem to use HTTP authentication - but maybe they add something on to
all the URLs.

I have scoured my code and am definitely not sending out the header that the
client is actually receiving.  The only place I can find the header is in
the apache source, inside http_protocol.c:

/* We should have named this send_canned_response, since it is used for any
 * response that can be generated by the server from the request record.
 * This includes all 204 (no content), 3xx (redirect), 4xx (client error),
 * and 5xx (server error) messages that have not been redirected to another
 * handler via the ErrorDocument feature.
 */
API_EXPORT(void) ap_send_error_response(request_rec *r, int recursive_error)

and indeed if I change the line in here, the header is changed
correspondingly.  However I seem to be unable to override this.

I am curious as to why login pages under AuthCookie do have a 403 status,
instead of a 200 status.  Is this necessary, or will OK do?  

Cheers

Mike



-Original Message-
From: tim fulcher [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 05, 2001 10:48 AM
To: [EMAIL PROTECTED]
Subject: Re: Getting AuthCookie to return a wml page



Delivering text/html to a wap browser will definitely make it choke a bit
:-)

If you are using the same access mechanism for both web & wap access then
you
have to sniff the client details to work out what to send back. Now you
*could*
look at the USER_AGENT string of the request and work off of that, but
frankly
that can get to be a real chore given the increasing diversity of wap
browsers.
(Yeah, you could match 'Nokia', 'UP' or 'Ericsson' to get most of them)
Alternatively, best to look at the Accept content type field in the request,
and
match on text/vnd.wap.wml for the WAP users. For them, you'll then need to
set
the header type of any response to be that mime type. I'd have thought
$r->content_type() should work, surely. You aren't using header_out()
somewhere
instead are you (IIRC the Eagle book says used content_type over this)

ps: I find the Phone.com UP SDK more informative when dealing with errors in
development. Of course, all the real phones deviate from the emulators
anyway,
but thats another story.

pps: out of curiosity, are you relying on the wap gateway to store the
cookie on
behalf of the wap browser or what ? I was under the impression that not all
wap
browsers could deal with cookies


Tim Fulcher



Michael Smith wrote:

> Dear All,
>
> I'm trying to use AuthCookie to return a wml page for those lucky people
on
> wap browsers.  I've got it all working nicely for normal web browsers, but
> am getting errors on wap (and the Nokia Wap Toolkit doesn't tell me very
> much about why it's an error).  One thing that looks a bit suspicious is
the
> Content-type line which comes our as text/html - in fact to be precise it
> comes out as:
>
> Content-Type: text/html; charset=iso-8859-1
>
> I've tried to override this with things like $r->content_type but to no
> avail.  It seems that there's a line in http_protocol.c (line 2667) which
is
> setting this (this response is harcoded there).
>
> Surely I ought to be able to override this ... in which case the obvious
> question is, how?
>
> Cheers
>
> Mike
>
> http://www.iii.co.uk
> Interactive Investor International is a leading UK Internet personal
> finance service that provides individuals with the capability to identify,
> compare, monitor and buy online a number of financial products and
services.
>
> Interactive Investor Trading Limited, a subsidiary of Interactive Investor
> International plc, is regulated by the SFA.

http://www.iii.co.uk 
Interactive Investor International is a leading UK Internet personal 
finance service that provides individuals with the capability to identify, 
compare, monitor and buy online a number of financial products and services.

Interactive Investor Trading Limited, a subsidiary of Interactive Investor 
International plc, is regulated by the SFA.

Re: PerlAccessHandler causes '500 Server Error' on 'return OK'

[Jochen Schnapka]

Hi. Sometimes, one has to answer one's own questions

On Fri, Mar 30, 2001 at 03:00:08PM +0200, Jochen Schnapka wrote:
> Hi.
> 
> I'm trying some of the well-known Apache-Perl-Modules, such as
> DayLimit.pm.
> Strangely, the server throws an internal error (500), when the Perl module
> returns 'OK'. The same is with 'DECLINED'.
> FORBIDDEN works well, AUTH_REQUIRED works also (though it doesn't make
> sense in the access control stage).
> I do not see anything in my error_log.
> The problem seems to be specific to the PerlAccessHandler
> Other Handlers (e.g.the PerlAuthenHandler) work fine: when returning OK,
> the page is displayed.

After some days of debugging, I finally found the error. 

The Documentation to DayLimit.pm (http://perl.apache.org/src/contrib/)
puts a 'Satisfy any' into the configuration, which causes the error. This
statement has nothing to do at this place and should be taken out. See the
apache docu for using 'Satisfy'.

I consider it as a bug, that there is no specific debug information in the
error_log, but only 'Internal Server Error'. I think, this should be
enhanced.

Greetings, ~~~:-Jochen 

Re: Getting AuthCookie to return a wml page

[tim fulcher]

Delivering text/html to a wap browser will definitely make it choke a bit :-)

If you are using the same access mechanism for both web & wap access then you
have to sniff the client details to work out what to send back. Now you *could*
look at the USER_AGENT string of the request and work off of that, but frankly
that can get to be a real chore given the increasing diversity of wap browsers.
(Yeah, you could match 'Nokia', 'UP' or 'Ericsson' to get most of them)
Alternatively, best to look at the Accept content type field in the request, and
match on text/vnd.wap.wml for the WAP users. For them, you'll then need to set
the header type of any response to be that mime type. I'd have thought
$r->content_type() should work, surely. You aren't using header_out() somewhere
instead are you (IIRC the Eagle book says used content_type over this)

ps: I find the Phone.com UP SDK more informative when dealing with errors in
development. Of course, all the real phones deviate from the emulators anyway,
but thats another story.

pps: out of curiosity, are you relying on the wap gateway to store the cookie on
behalf of the wap browser or what ? I was under the impression that not all wap
browsers could deal with cookies


Tim Fulcher



Michael Smith wrote:

> Dear All,
>
> I'm trying to use AuthCookie to return a wml page for those lucky people on
> wap browsers.  I've got it all working nicely for normal web browsers, but
> am getting errors on wap (and the Nokia Wap Toolkit doesn't tell me very
> much about why it's an error).  One thing that looks a bit suspicious is the
> Content-type line which comes our as text/html - in fact to be precise it
> comes out as:
>
> Content-Type: text/html; charset=iso-8859-1
>
> I've tried to override this with things like $r->content_type but to no
> avail.  It seems that there's a line in http_protocol.c (line 2667) which is
> setting this (this response is harcoded there).
>
> Surely I ought to be able to override this ... in which case the obvious
> question is, how?
>
> Cheers
>
> Mike
>
> http://www.iii.co.uk
> Interactive Investor International is a leading UK Internet personal
> finance service that provides individuals with the capability to identify,
> compare, monitor and buy online a number of financial products and services.
>
> Interactive Investor Trading Limited, a subsidiary of Interactive Investor
> International plc, is regulated by the SFA.

Re: Problem with Apache::DBI

[Tim Bunce]

You would only get that message if AutoCommit was off.
It should not be off for DBD::mysql (since it doesn't yet support
the transaction features of newer versions).

Plus, disconnect doesn't do anything when using Apache::DBI
(by design).

Tim.

On Wed, Apr 04, 2001 at 11:49:17PM -0400, Alec Smith wrote:
> Issuing rollback() for database handle being DESTROY'd without explicit 
> disconnect() at /usr/lib/perl5/site_perl/5.005/Apache/DBI.pm line 139.
> 
> Using Apache::DBI 0.88+DBI 1.14+mod_perl 1.25+MySQL 3.23.36 I'm getting the 
> above in my error_log and am not sure why. Any ideas? I do have a 
> $db->disconnect; line in my modules.
> 
> Just a tad lost,
> Alec

Re: no_cache & pragma/cache-control headers : confusion

[Andrew Ho]

Hello,

KO>From the code in Apache.xs, it seems like setting $r->no_cache(0) will
KO>unset the flag, but not remove the headers.

Well, the Expires header is also removed. But it's still broken; you can
verify this buggy behavior with this simple script:

use Apache ();
my $r = Apache->request;

$r->no_cache(1);
$r->no_cache(0);
$r->send_http_header;

With mod_perls 1.24_01 and 1.25 on Apaches 1.3.14 and 1.3.19, this call
leaves me with Pragma and Cache-Control headers. Sadly, the nice (but
broken as per above) no_cache() behavior of sending those two headers is
also undocumented in the mod_perl guide to begin with.

Humbly,

Andrew

--
Andrew Ho   http://www.tellme.com/   [EMAIL PROTECTED]
Engineer   [EMAIL PROTECTED]  Voice 650-930-9062
Tellme Networks, Inc.   1-800-555-TELLFax 650-930-9101
--