HTML-Embperl

Changes for version 1.2.0

test script had failed in cgi mode on win32. Spotted by Randy Korbes.
=head1 1.2b11 (BETA) 4 Nov 1999
- Added the "Status:" header and error message to embpcgi.pl to let Apache return the correct status line. Patch from Jason Holt.
- Fixed problem that Apache SIGSEGVs when an error message contains a %x. Spotted by Ed Park.
- Added missing BEGIN block in docs for Session handling.
- Fixed an endless loop that occured when tainting is on and the same document is called two times via Execute. With help from Jason Holt.
- Changed access to addtional upload fileinfo. The old syntax (${${$fdat{<name_of_field>}}}) isn't available anymore, because it doesn't work with filenames that are not a vaild perl variable name. Now there is a second field which start with a dash that's holds a hash ref to the file info. Spotted by Huang-Ming Pan.
- The Embperl specific part of Apache session (former Apache::Session::Embperl) is now part of the Embperl distribution (as HTML::Embperl::Session). This makes Embperl independ of new releases of Apache::Session. Embperl now works with Apache::Session version 1.00 and higher. Apache::Session 0.17 is still supported, but the documentation is removed, because it should no longer be used.
- Apache::Session must not be preloaded prior to Embperl. It's enought to set EMBPERL_SESSION_CLASSES and Embperl will bring the right modules in memory for you.
- Removed the call to mod_perl_sent_header, which was an workaround for an problem with (very) old mod_perl version, because it doesn't resolve on (every) IRIX. Spotted by Jearanai Vongsaard.
- NOT_FOUND, FORBIDDEN now also logged thru Apache, so the LogLevel is honoured and log message in Apache error log get a time stamp. Spotted by Christian Gilmore.
- Removed warings that apears when compiling with -Wall.
- Added URL of better emacs mode for Embperl from Erik Arneson.
- Added new paramter 'errors' to Execute function which takes an array ref, that returns any error messages. Suggested by James Elson.
- Fixed that serveral options where not settable inside an Embperl page. Spotted by Ilya Ketris.
=head1 1.2b10 (BETA) 7 Oct. 1999
- Fixed a great security whole in CGI mode. Because Apache passes anything after the first '?' to the cgi script as commandline arguments, embpexec.pl could be tricked into offline mode, where it returned any file that is readable by the httpd! So if you are using CGI mode, I strongly recommend to update to 1.2b10. Now you must use embpcgi.pl instead of embpexec.pl in CGI mode. Spotted by Jason Holt.
- Added EMBPERL_ALLOW. If the file doesn't EMBPERL_ALLOW Embperl will return forbidden. This is primarly another security feature, because dependig on the way you use Embperl in CGI mode, it will not honour all Apache access restrictions. With EMBPERL_ALLOW, you can now force it to serve only certain files. Suggested by Jason Holt.
- Fixed a problem that had occured with magic SVs (tied scalar) as source for the Execute function. Spotted by Todd Eigenschink.
- Embperl works now with Apache::Session 0.17, 1.02 and 1.04 (1.03 is errornous)
- Fixed a SIGSEGV that occurs when the req_rec parameter of the Execute functions gets a Apache::Request object instead of a Apache object, which occured due to the different ways the Apache internal request_rec is stored inside the object. Spotted by Francis J. Lacoste.
- Fixed a SIGSEGV that occured when outputting to a scalar and optReturnError is set. Spotted by Francis J. Lacoste.
- Added a ; after the begin block in startup.pl, which seems had cause a syntax error in some situations. Spotted by Oyvind Gjerstad.
- exit now works the same in offline, mod_perl and cgi mode, it ends the execution of the page, but not the programm itself.
- exit inside a sub will now really exit the page. (but exit inside a file called via Execute will only exit this file, not the whole request) Spotted by Cliff Rayman.
- Added new hash %http_headers_out which could be used to set arbitary http header under mod_perl _and_ in cgi mode. "Location" header will automaticly set status to 301.
- setting http headers and <META HTTP-EQUIV=..> now works also in cgi mode.
- Session Handling now also works in CGI mode (needs Apache::Session >= 1.04)
- ACTION attribute of Formtag is now URL en/decoded. Spotted by Hartmut Palm.
=head1 1.2b9 (BETA) 10. Sept 1999
- Fixed a problem with loading Apache::Session 1.01, when Apache::Session 0.17 is not installed. Spotted by Volker Hess.
=head1 1.2b8 (BETA) 9. Sept 1999
- Fixed behaviour of <INPUT>. <INPUT> now does not overide VALUE="" with the value from %fdat. This seems to has been broken, since a couple of versions and the fix may break pages that depends on that wrong behaviour. Anyway I have to fix it before the release version is out!
- Added a patch (and a FAQ) from Jens-Uwe Mager, so Embperl compiles and links on AIX.
- Fixed error in URL unescaping, spotted by Hartmut Palm.
- _WINSOCK2API_ gets defined on Win32, when compiling with Apache 1.3.9. Spotted by Randy Korbes.
- Win32 test uses also embpexec.test.pl (instead of .bat), so cgi test runs also with Apache 1.3.9. Spotted by Randy Korbes.
- Fixed problem with EMBPERL_SESSION_ARGS that splits the arguments wrong when, for example, the DataSource contains a '='. Spotted by Vince Galloway.
- Fix a memory leak which eats one SV per <OPTION> tag, introduced in 1.2b6.
- Fix a problem that meta commands also recognized as html tags, i.e. now <if x> is no longer the same as [$ if x $]. Spotted by Danielle Gallo.
- German documentation (IntroD.pod, FeaturesD.pod and EmbperlD.pod) are now included in the distribution.
=head1 1.2b7 (BETA) 30 Aug 1999
- Embperl works now with Apache::Session 1.01 (1.01 _not_ 1.00 or below!)
- Cookie for session id is only send the first time and not resend if it's already known by the browser. Suggested by Roman Maeder.
- Fixed a SIGSEGV that occurs with $optRawInput = 1 and a value is in %fdat, but not in the input html tag. Spotted by Robert.
=head1 1.2b6 (BETA) 19 Aug 1999
- When call another page via Execute EMBPERL_VIRTLOG will automaticly set to the same value as the in the calling page
- Add parameter 'firstline' to specify the linenumber of the first line in the input
- Defined missing DECLINED constant for non mod_perl environement Spotted by James Elson.
- Inside of an A tag URL escaped characters are translated back to their ascii aquivalent inside of perl code, before the code is executed. This avoid problems with HTML editors, which changes space to %20 inside an URL.
- '%' is escaped to %25 inside of URLs
- Inside the A tag only the HREF attribute is URL escaped, instead of the whole tag.
- The SRC attribute of embed, frame, iframe, img, layer now are also URL escaped.
- Giving a an array refernce inside an URL, cause Embperl expand it to URL parameter syntax (i.e. [+ \@A +] becomes A=1&B=2, when @A = (A, 1, B, 2) ).
- Embperl checks now for unclosed metacommands (if, while etc.) and unclosed HTML tags (table etc.). Suggest by Todd Eigenschink.
- Fixed a problem when file was not found, which causes in some cases a SIGSEGV.
- Added new configuration directive EMBPERL_MAIL_ERRORS_TO. If set all error messages will be send to the given address.
- input_/output_func parameter can take a code reference as argument. Based on a patch from Jon Tobey.
- Set force PERL_DL_NONLAZY to zero, so make test does not fail if dynaloader was initialized with PERL_DL_NONLAZY set. Patch from John Tobey.
- [$ foreach $i(x..y) $] does not require a space before the ( anymore. Suggested by Jonny Cavell.
- select <option value="a & b"> works now correctly. Spotted by Rick Welykochy.
- Fixed SegFault when parameter input => is numeric. Spotted by Cliff Rayman.
- Added option optNoUncloseWarn, which disables the warnings about unclosed if, while, table etc.
=head1 1.2b5 (BETA) 5 July 1999
- Renamed __strdup and __strndup so there are no duplicate symbols when compiling with glibc. Spotted by Michael Hall.
- Removed some debugging message from the logfile output.
- Correct some wrong table entries for html escaping of some characters like §
- Added optReturnError which causes Embperl to return an error code and let the calling programm (i.e. Apache) handle the error. This is necessary to use the ErrorDocument directive together with Embperl. Spotted by Michael Smith.
- Fixed the problem that the output of Execute inside a table didn't come out when optEarlyHttpHeader was set. Spotted by Chris Alexander.
- %fdat of a Execute will not be overwritten anymore when the %fdat of the main request was empty. Spotted by Chris Alexander.
- fixed a small memory leak which was caused by not releasing memory space for the cookie-name/-domain etc.
- added the missing -T switch to embpexec.test.bat, which caused the taint test in cgi mode to fail on win32
- Added epchar.c.iso-latin-2 from Jiri Novak, which contains the correct escaping for the iso-8859-2 (iso-latin-2) character set. You may use it to replace the standard epchar.c
- Added new metacommand [$ sub <name> $] and [$ endsub $] which allows you to define blocks of code an call them mulitple times inside a page, either a creating a subrequest Execute('#<name>') or by calling them directly as a perl subroutine [- <name> -]. Read the docs for more information on the details and differences.
- Added new parameter "import" to Execute, which let's you import subs (defined with [$sub <name>$]) into the current page.
- @ffld is filled with 'values %fdat' if the ffld parameter in the call to the Execute funtion is missing.
- Filedata will held into memory until the end of the request, so a second call to Execute for the same file will not reread the data from disk.
- Added emacs/embperl.el. It's a emacs minor mode for Embperl written by Erik Arneson
- Output of dbgShowCleanup is now sorted by name
- Update the Faq.pod with new Q&A and removed obsolete Q&A
- Made Makefile.PL more smarter in DSO situations. It detecteds now which of the needed Apache modules are linked staticly and places neccessary LoadModule statements in the httpd.conf for make test. This way make test should work also where all modules linked at runtime, like on RedHat 6. With help form James H. Thompson.
- Makefile.PL ask´s now if it can´t find any modules. On win32 it will not try to guess (the maybe wrong) path anymore.
- Added possibility to get the the uploadInfo from CGI.pm (e.g. ${${$fdat{upload}}} -> {'Content-Type'} will return the content type). Requested by Brian Reichert.
- Catch die of CGI.pm when it hit's a 'Malformed multipart POST'. Spooted by Chris Alexander.
- Add optKeepSrcInMemory which tells Embperl to keep the source file in memory and not reload it on every request
- Added the possibility to use recursive calls to Execute. NOTE: You can create local variables via [* local $foo ; *]
- Reworked the cleanup. Now imported values from other modules left unchanged. This solves problems with using modules inside Embperl pages, which exports some global variables.
- Added the %CLEANUP hash. Put variables into with should be additional cleaned up ($CLEANUP{'var'} = 1) or which shouldn't cleaned up ($CLEANUP{'var'} = 0)
- Special handling for DBIx::Recordset objects, so it's sure they are really get destroyed
- fixed a problem with dynamic tables, that occurs when you had tried to repeat multiple table rows
- Embperl compiles now with perl5.005_57+. Patch from Ask Bjoern Hansen
- Cleanup now logs any errors that occurs when calling object destructors and makes sure errors inside object destructors do not break Embperl itself.
- Embperl now returns DECLINED when called for a directory. This way Apache can handle diretories the correct way. This will make DiretoryIndex (e.g. index.html) work again with Embperl.
- Fixed a problem that @ffld contains the same field more then one time if posted from a select multiple with multiple items selected. This caused problems with [$hidden$]. Spotted by Martin Leja.
- Double quotes (") will be url-encoded to %22 inside URLs.
- Embperl now never writes to the logfile if EMBPERL_DEBUG is zero
- make test now runs with newest version of mod_ssl (2.3.5)
- Added option optKeepSpaces which will disable the removing of spaces and empty lines from the output. Suggested from Gary Shea.
- Added option optOpenLogEarly, which will cause Embperl to open the logfile as soon as it is loaded into memory. You can use this when you loaded Embperl via PerlModule under Apache, to open the log as root instead of the non-privileged user Apache runs as.
=head1 1.2b4 (BETA) 15 Feb 1999
- fixed a problem that $req_rec was sometimes invalid on the second call to the same page causing Embperl to SIGSEGV. With help of Todd Eigenschink.
- Cleanup the variable space inside Embperl pages. Before this fix many of the internal my variables were visible to the Embperl page. Spotted by Todd Eigenschink.
- multiple form values with the same name are handled now correctly (concated in a tab delimited string) when send in a multipart/form-data (file-upload). Spotted by Dirk Lutzebaeck.
- The dbgForm flag works now also for multipart/form-data
- a missing right *] will be reported as an error.
- [[* is correctly output as [* and not interpreted as a starting of a perl block. Spotted by Dirk Lutzebaeck.
- fixed a bug that causes the html after an endforeach to be skiped, when the foreach loop gets an empty array as argument. Spotted by Dirk Lutzebaeck.
- Makefile.PL checks now for required modules and versions and generates warnings if necessary
- Do not CLEAR %udat and %mdat in cleanup, so Apache::Session will not warn anymore about unsupported CLEAR operation.
- Added tests for session management (%udat, %mdat)
- Added more tests to see that $req_rec is correctly setup
- Added module Apache::Session::epDBI which is a subclass of Apache::Session::DBI and corrects a problem with locking and cares of serializing requests, so %mdat works correctly. Please read IMPORTANT NOTE under Session Management in Embperl.pod
- Added the dbgProfile flag which cause the display of the time since the request start for every source line in the logfile.
- Correct a problem that the escape character ('\') was not removed when unescaping the input. Now '<' is correctly translated to '<' and '\<' is translated to '<' .
- When requesting to view the logfile via the browser now all lines which does not start with a pid ([<pid>]) are displayed.
- fixed a problem, that sometimes not all errors are shown in the error page, in conjunction with dynamic tables
- When running under perl 5.005 or higher, the cleanup after the every request, now not only cleans up scalars, array and hashs, but also closes all open file- and directoryhandles and undef's all typglob (which causes for example DBIx::Recordset objects to DESTROY correctly) NOTE: This also causes imported variables from other packages/modules not to be cleanedup anymore!! NOTE: That the cleanup behaveiour under perl 5.004 and 5.005 is slightly differnt! The new cleanup doesn't work with 5.004 because of a bug, which should be corrected in 5.004_05 as soon as available.
- EMail adress from the form is insert as Reply-To header instead of From header in MailFormTo to avoid problems with unresolvable EMail adresses.
- Fixed the problem that session management (%udat, %mdat) didn't work when Execute is used in the same page. Spotted by by Simon Lindgren.
- Fixed a path problem in Makefile.PL. Now pathes on Win32 Systems uses blackslash instead of slash. Spotted by Randy Kobes.
- Win32 batch files will no longer contain path to perl after the #!, so cgi tests passes on systems with 4DOS shell. Spotted by Randy Kobes.
- Added ; as terminator for cookie to correctly parse multiple cookies. Patch from Tim Carrol.
- Changed table_set to table_add when setting the cookie for session data to avoid problems with other modules setting also cookies.
- Corrected the %ENV problem that mod_perl-1.18 introduced, so both work together again.
- Added dbgSession flag to enable/disable logging of session handling
- Added configuration diretives EMBPERL_COOKIE_NAME, EMBPERL_COOKIE_DOMAIN, EMBPERL_COOKIE_PATH and EMBPERL_COOKIE_EXPIRES to configure the cookie which holds the session id. Suggested by Cliff Rayman.
=head1 1.2b3 (BETA) 22 Nov 1998
- fixed an undefined pointer which occurs when using precompiled [* ... *] blocks. Spotted by Bruce W. Holyman and Paul J. Schinder
- removed unwanted 0xa0 characters from tagscan.htm which causes the test to fail on sunos. Spotted by Paul J. Schnider.
- Enhanced the detection of Stronghold, Apache SSL and mod_ssl so they are found if they are not in a standard path. Spotted by Brad Cox.
- Convert relativ path for apache source to absolute to avoid problems within test script. Spotted by Brad Cox.
- Make Embperl compile with useperio=defined. Spotted by Todd Eigenschink.
- Makefile.PL does now check if mod_perl is compiled into apache and don't create a config for USE_DSO situtation even if libperl.so exists.
- Added a workarround in the Execute('foo.htm') call, to avoid a bug in perl5.004 which causes a SIGSEGV. Spotted by Michael J. Schout and Chris Alexander.
=head1 1.2b2 (BETA) 9 Nov 1998
- There is now a short form of the Execute function. You can now include a sub page in an Embperl page by simply writing [- Execute ('filename.html') -] or use [- Execute ('filename.html', 1, 2, 3) -] to pass additional parameters
- Added new block [* ... *]. This block compiles code to an outer subroutine which surounds the whole page. This makes it possible to define "local" variables with a scope of the whole page, which would be necessary for recursive calls to Execute. Also this let you use perl control structures inside Embperl pages: e.g. [* foreach $v (1..5) { *] Cnt = [+ $v +] [* } *] NOTE: [* ... *] blocks _must_ always end with a ;,{ or } [* ... *] cannot apear inside html tags that are interpreted by Embperl (unless you disable the interpretation of such tags like table, input etc.)
- Added a comment block: Everything between [# and #] is a comment and is removed from the output. NOTE: [* ... *] blocks also interpreted inside of a [# ... #] block, all other blocks [+/-/$ $/-/+] are not.
- Added magic hash %mdat, which can be used to store persitent data on a per module basis (needs Apache::Session, with path in session.patch applied)
- Done more tests on session handling, seems to work fine now.
- Added new option dbgNoHiddenEmptyValue which suppresses empty hidden input fields in the [$hidden$] meta command. Patch from Steve Willer.
- Whitespaces after [...] blocks are removed in the output, so there will be less empty lines, makeing the output shorter and more readable, based on a patch from Todd Eigenschink.
- Embperl compiles now with mod_ssl (from Ralf Engelschall). Spotted by Dirk Lutzebaeck and Randel Schwartz.
- Added a patch from Todd Eigenschink to build Embperl with Stronghold 2.4.1
- Added patch from Gerald McLarnon so Embperl compiles on AIX
- Added optAllowZeroFileSize to accept files of length 0, without that option Embperl will report NOT_FOUND. Suggested by Doug Bagley
- fixed a wrong call to logerror when OPT_EXECCGI is not on, spotted by Dirk Lutzebaeck.
- fixed the problem that reloads only takes place at the next day, because mtime was an int instead of a double (introduced in1.2b1. Spotted by Michael Smith and Roman Maeder.
- fixed a problem that changing of the filesize was ignored, when a documents is reloaded (introducted in 1.2b1)
- cleanup for all subpages are disabled if main request has disabled cleanup and subpages does not specify otherwise
- dbgShowCleanup works again
- Every package is only cleanuped once, also it's included multiple times in one page
- %fdat and @ffld are setup correctly when optDisableVarCleanup is set
- DEFS=-DEPDEBUGALL compiles again, spotted by Michael Smith
- fixed that cleanup is never called with Execute nesting, when req_rec was not set. Now the parameter req_rec isn't necessary anymore. Spotted by Michael J.Schout
- Changes of $escmode inside a HTML-A tag now handled correctly, spotted by Michael Smith
- fixed problems with links to the logfile and the line break in the html log file display
- fixed a problem with blocks that expand to nothing inside of Embperl interpreted HTML tags.
- Adapted test script to modified error output of Apache 1.3.4. Spotted by Eric Cholet.
- Empty values (VALUE="") in input tags will not be overridden by value in %fdat
=head1 1.2b1 (BETA) 8 Oct 1998
- I have reworked the whole source code so Embperl is now going to be an object. This means Embperl is reentrant, you can call Execute within an Embperl page, for example to include the same header on each page.
- Addeded Session handling via Apache::Session. Simply store data to %udat and let Embperl do the rest for you. Experimental! NOTE: You need Apache-Session-0.16.1 or higher and must apply the patch from session.patch to it.
- Added test for calling Execute inside a Embperl page
- Errors of Input/Output function now also log to the httpd error log
- Added an test for input file not found

Documentation

CVS

Changes

HTML::Embperl

Perl extension for embedding Perl code in HTML documents

HTML::Embperl

einbetten von Perlcode in HTML Dokumente

Embperl

Features

FeaturesD

INSTALL

Intro

IntroD

Modules

HTML::Embperl::Session

Provides

Apache::Embperl

in Embperl.pm

HTML::Embperl

in Embperl.pm

HTML::Embperl::Log

in Embperl.pm

HTML::Embperl::Module

in Embperl/Module.pm

HTML::Embperl::Out

in Embperl.pm

HTML::Embperl::Req

in Embperl.pm

subimp

in test/html/subimp.pm

Examples

Other files

To install HTML::Embperl, copy and paste the appropriate command in to your terminal.

cpanm

cpanm HTML::Embperl

CPAN shell

perl -MCPAN -e shell
install HTML::Embperl

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

Changes for version 1.2.0

Documentation

Modules

Provides

Examples

Other files

Module Install Instructions