<% for(1..5) { %>
Size = <%=$_%>
<% } %>
Notice that your perl code blocks can span any html. The for loop above
iterates over the html without any special syntax.
XMLSubs
XMLSubs allows a developer to define custom handlers for HTML & XML tags,
which can extend the natural syntax of the ASP environment. Configured like:
PerlSetVar XMLSubsMatch site:\w+
A simple tag like:
<%=ucfirst $_ %>: | <%= $attributes->{$_} %> |
<%= $body %> |
tags now to override the other font used for the text areas. The spacing was all weird in Netscape before forsections. -Fixed Content-Length calculation when using the Clean option, so that the length is calculated after the HTML is clean, not before. This would cause a browser to hang sometimes. +Added IncludesDir config option that if set will also be used to check for includes, so that includes may easily be shared between applications. By default only Global and the directory the script is in are checked for includes. Also added IncludesDir as a possible configuration option for Apache::ASP->Loader() -Re-enabled the Application_OnStart & OnEnd events, after breaking them when implementing the AllowApplicationState config setting. +Better pre-fork caching ... StatINC & StatINCMatch are now args for Apache::ASP->Loader(), so StatINC symbols loading may be done pre-fork and shared between httpds. This lowers the child httpd init cost of StatINC. Documented. +Made Apache::ASP Basic Authorization friendly so authentication can be handled by ASP scripts. If AuthName and AuthType Apache config directives are set, and a $Response->{Status} is set to 401, a user will be prompted for username/password authentication and the entered data will show up in ServerVariables as: $env = $Request->ServerVariables $env->{REMOTE_USER} = $env->{AUTH_USER} = username $env->{AUTH_PASSWD} = password $env->{AUTH_NAME} = your realm $env->{AUTH_TYPE} = 'Basic' This is the same place to find auth data as if Apache had some authentication handler deal with the auth phase separately. -MailErrorsTo should report the right file now that generates the error. $VERSION = 0.15; $DATE="08/24/1999"; --State databases like $Session, $Application are now tied/untied to every lock/unlock triggered by read/write access. This was necessary for correctness issues, so that database file handles are flushed appropriately between writes in a highly concurrent multi-process environment. This problem raised its ugly head because under high volume, a DB_File can become corrupt if not flushed correctly. Unfortunately, there is no way to flush SDBM_Files & DB_Files consistently other than to tie/untie the databases every access. DB_File may be used optionally for StateDB, but the default is to use SDBM_File which is much faster, but limited to 1024 byte key/value pairs. For SDBM_Files before, if there were too many concurrent writes to a shared database like $Application, some of the writes would not be saved because another process might overwrite the changes with its own. There is now a 10 fold performance DECREASE associated with reading from and writing to files like $Session and $Application. With rough benchmarks I can get about 100 increments (++) now per second to $Session->{count}, where before I could get 1000 increments / second. You can improve this if you have many reads / writes happening at the same time, by placing locking code around the group like $Session->Lock(); $Session->{count}++; $Session->{count}++; $Session->{count}++; $Session->UnLock(); This method will reduce the number of ties to the $Session database from 6 to 1 for this kind of code, and will improve the performance dramatically. Also, instead of using explicit $Session locking, you can create an automatic lock on $Session per script by setting SessionSerialize in your config to 1. The danger here is if you have any long running scripts, the user will have to wait for it to finish before another script can be run. To see the number of lock/unlocks or ties/unties to each database during a script execution, look at the last lines of debug output to your error log when Debug is set to 1. This can help you performance tweak access to these databases. +Updated documentation with new config settings and API extensions. +Added AllowApplicationState config option which allows you to leave $Application undefined, and will not execute Application_OnStart or Application_OnEnd. This can be a slight performance increase of 2-3% if you are not using $Application, but are using $Session. +Added $Session->Lock() / $Session->UnLock() API routines necessary additions since access to session is not serialized by default like IIS ASP. Also prompted by change in locking code which retied to SDBM_File or DB_File each lock. If you $Session->Lock / UnLock around many read/writes, you will increase performance. +Added StateCache config which, if set will cache the file handle locks for $Application and an internal database used for tracking $Session info. This caching can make an ASP application perform up to 10% faster, at a cost of each web server process holding 2 more cached file handles open, per ASP application using this configuration. The data written to or read from these state databases is not cached, just the locking file handles are held open. -Added in much more locking in session manager and session garbage collector to help avoid collisions between the two. There were definite windows that the two would collide in, during which bad things could happen on a high volume site. -Fixed some warnings in DESTROY and ParseParams() $VERSION = 0.14; $DATE="07/29/1999"; -CGI & StatINC or StatINCMatch would have bad results at times, with StatINC deleting dynamically compiled CGI subroutines, that were imported into other scripts and modules namespaces. A couple tweaks, and now StatINC & CGI play nice again ;) StatINCMatch should be safe to use in production with CGI. This affects in particular environments that use file upload, since CGI is loaded automatically by Apache::ASP to handle file uploads. This fix should also affect other seemingly random times when StatINC or StatINCMatch don't seem to do the right thing. +use of ASP objects like $Response are now "use strict" safe in scripts, while UniquePackages config is set. +Better handling of "use strict" errors in ASP scripts. The error is detected, and the developer is pointed to the Apache error log for the exact error. The script with "use strict" errors will be recompiled again. Its seems though that "use strict" will only throw its error once, so that a script can be recompiled with the same errors, and work w/o any use strict error messaging. $VERSION = 0.12; $DATE="07/01/1999"; -Compiles are now 10 +times faster for scripts with lots of big embedded perl blocks <% #perl %> Compiles were slow because of an old PerlScript compatibility parsing trick where $Request->QueryString('hi')->{item} would be parsed to $Request->QueryString('hi') which works. I think the regexp that I was using had O(n^2) characteristics and it took a really big perl block to 10 +seconds to parse to understand there was a problem :( I doubt anyone needed this compatibility, I don't even see any code that looks like this in the online PerlScript examples, so I've commented out this parsing trick for now. If you need me to bring back this functionality, it will be in the form of a config setting. For information on PerlScript compatibility, see the PerlScript section in the ASP docs. -Added UniquePackages config option, that if set brings back the old method of compiling each ASP script into its own separate package. As of v.10, scripts are compiled by default into the same package, so that scripts, dynamic includes & global.asa can share globals. This BROKE scripts in the same ASP Application that defined the same sub routines, as their subs would redefine each other. UniquePackages has scripts compiled into separate perl packages, so they may define subs with the same name, w/o fear of overlap. Under this settings, scripts will not be able to share globals. -Secure field for cookies in $Response->Cookies() must be TRUE to force cookie to be secure. Before, it just had to be defined, which gave wrong behavior for Secure => 0. +$Response->{IsClientConnected} set to one by default. Will work out a real value when I upgrade to apache 1.3.6. This value has no meaning before, as apache aborts the perl code when a client drops its connection in earlier versions. +better compile time debugging of dynamic includes, with Debug 2 setting +"use strict" friendly handling of compiling dynamic includes with errors $VERSION = 0.11; $DATE="06/24/1999"; +Lots of documentation updates +The MailHost config option is the smtp server used for relay emails for the Mail* config options. +MailAlertTo config option used for sending a short administrative alert for an internal ASP error, server code 500. This is the compliment to MailErrorsTo, but is suited for sending a to a small text based pager. The email sent by MailErrorsTo would then be checked by the web admin for quick response & debugging for the incident. The MailAlertPeriod config specifies the time in minutes during which only one alert will be sent, which defaults to 20. +MailErrorsTo config options sends the results of a 500 error to the email address specified as if Debug were set to 2. If Debug 2 is set, this config will not be on, as it is for production use only. Debug settings less than 2 only log errors to the apache server error log. -StatINCMatch / StatINC can be used in production and work even after a server graceful restart, which is essential for a production server. -Content-Length header is set again, if BufferingOn is set, and haven't $Response->Flush()'d. This broke when I introduce the Script_OnEnd event handler. +Optimized reloading of the GlobalPackage perl module upon changes, so that scripts and dynamic includes don't have to be recompiled. The global.asa will still have to be though. Since we started compiling all routines into a package that can be named with GlobalPackage, we've been undeffing compiled scripts and includes when the real GlobalPackage changed on disk, as we do a full sweep through the namespace. Now, we skip those subs that we know to be includes or scripts. -Using Apache::Symbol::undef() to undefine precompiled scripts and includes when reloading those scripts. Doing just an undef() would sometimes result in an "active subroutine undef" error. This bug came out when I started thrashing the StatINC system for production use. +StatINCMatch setting created for production use reloading of perl modules. StatINCMatch allows StatINC reloading of a subset of all the modules defined in %INC, those that match $module =~ /$StatINCMatch/, where module is some module name like Class/Struct.pm +Reoptimized pod comment parsing. I slowed it down to sync lines numbers in the last version, but found another corner I could cut. $VERSION = 0.10; $DATE="05/24/1999"; += improvement; - = bug fix +Added index.html file to ./eg to help people wade through the examples. This one has been long overdue. +Clean config option, or setting $Response->{Clean} to 1 - 9, uses HTML::Clean to compress text/html output of ASP scripts. I like the Clean 1 setting which is lightweight, stripping white space for about 10% compression, at a cost of less than a 5% performance penalty. +Using pod style commenting no longer confuses the line numbering. ASP script line numbers are almost exactly match their compiled perl version, except that normal inline includes (not dynamic) insert extra text which can confuse line numbering. If you want perl error line numbers to entirely sync with your ASP scripts, I would suggest learning how to use dynamic includes, as opposed to inline includes. -Wrapped StatINC reloading of libs in an eval, and capturing error for Debug 2 setting. This makes changing libs with StatINC on a little more friendly when there are errors. -$Request->QueryString() now stores multiple values for the same key, just as $Request->Form() has since v.07. In wantarray() context like @vals = $Request->QueryString('dupkey'), @vals will store whatever values where associated with dupkey in the query string like (1,2) from: ?dupkey=1&dupkey=2 +The GlobalPackage config directive may be defined to explicitly set the perl module that all scripts and global.asa are compiled into. -Dynamic includes may be in the Global directory, just like normal includes. +Perl script generated from asp scripts should match line for line, seen in errors, except when using inline (default) includes, pod comments, or <% #comment %> perl comments, which will throw off the line counts by adding text, removing text, or having an extra newline added, respectively. -Script_OnEnd may now send output to the browser. Before $main::Response->End() was being called at the end of the main script preventing further output. ++All scripts are compiled as routines in a namespace uniquely defined by the global.asa of the ASP application. Thus, scripts, includes, and global.asa routines will share all globals defined in the global.asa namespace. This means that globals between scripts will be shared, and globals defined in a global.asa will be available to scripts. Scripts used to have their own namespace, thus globals were not shared between them. +a -o $output_dir switch on the ./cgi/asp script allows it to execute scripts and write their output to an output directory. Useful for building static html sites, based on asp scripts. An example use would be: asp -b -o out *.asp Without an output directory, script output is written to STDOUT $VERSION = 0.09; $DATE="04/22/1999"; +Updated Makefile.PL optional modules output for CGI & DB_File +Improved docs on $Response->Cookies() and $Request->Cookies() +Added PERFORMANCE doc to main README, and added sub section on precompiling scripts with Apache::ASP->Loader() +Naming of CompileIncludes switched over to DynamicIncludes for greater clarity. +Dynamic includes can now reference ASP objects like $Session w/o the $main::* syntax. These subs are no longer anonymous subs, and are now compiled into the namespace of the global.asa package. +Apache::ASP->Loader() precompiles dynamic includes too. Making this work required fixing some subtle bugs / dependencies in the compiling process. +Added Apache::ASP->Loader() similar to Apache::RegistryLoader for precompiling ASP scripts. Precompile a whole site at server startup with one function call. +Prettied the error messaging with Debug 2. +$Response->Debug(@args) debugging extension, which allows a developer to hook into the module's debugging, and only have @args be written to error_log when Debug is greater than 0. -Put write locking code around State writes, like $Session and $Application. I thought I fixed this bug a while ago. -API change: converted $Session->Timeout() and $Session->SessionID() methods into $Session->{Timeout} and $Session->{SessionID} properties. The use of these properties as methods is deprecated, but backwards compatibility will remain. Updated ./eg/session.asp to use these new properties. +Implemented $Response->{PICS} which if set sends out a PICS-Label HTTP header, useful for ratings. +Implemented $Response->{CacheControl} and $Response->{Charset} members. By default, CacheControl is 'private', and this value gets sent out every request as HTTP header Cache-Control. Charset appends itself onto the content type header. +Implemented $Request->BinaryRead(), $Request->{TotalBytes}, documented them, and updated ./eg/form.asp for an example usage. +Implemented $Response->BinaryWrite(), documented, and created and example in ./eg/binary_write.htm +Implemented $Server->MapPath() and created example of its use in ./eg/server.htm -$Request->Form() now reads file uploads correctly with the latest CGI.pm, where $Request->Form('file_field') returns the actual file name uploaded, which can be used as a file handle to read in the data. Before, $Request->Form('file_field') would return a glob that looks like *Fh::filename, so to get the file name, you would have to parse it like =~ s/^\*Fh\:\://, which you no longer have to do. As long as parsing was done as mentioned, the change should be backwards compatible. +Updated +enhanced documentation on file uploads. Created extra comments about it as an FAQ, and under $Response->Form(), the latter being an obvious place for a developer to look for it. +Updated ./eg/file_upload.asp to show use of non file form data, with which we had a bug before. +Finished retieing *STDIN to cached STDIN contents, so that CGI input routines may be used transparently, along side with use of $Request->Form() +Cleaned up and optimized $Request code +Updated documentation for CGI input & file uploads. Created file upload FAQ. +Reworked ./eg/cgi.htm example to use CGI input routines after doing a native read of STDIN. ++Added dynamic includes with extension. This style of include is compiled as an anonymous sub & cached, and then executed with @args passed to the subroutine for execution. This is include may also be rewritten as a new API extension: $Response->Include('file', @args) +Added ./eg/compiled_includes.htm example documenting new dynamic includes. +Documented SSI: native file includes, and the rest with filtering to Apache::SSI +Turned the documentation of Filter config to value of Off so people won't cut and paste the On config by default. +Added SecureSession config option, which forces session cookie to be sent only under https secured www page requests. +Added StateDB config option allows use of DB_File for $Session, since default use of SDBM_File is limited. See StateDB in README. +file include syntax w/o quotes supported like +Nested includes are supported, with includes including each other. Recursive includes are detected and errors out when an include has been included 100 times for a script. Better to quit early than have a process spin out of control. (PORTABLE ? probably not) +Allow notation w/o quotes around file names -PerlSetEnv apache conf setting now get passed through to $Request->ServerVariables. This update has ServerVariables getting data from %ENV instead of $r->cgi_env +README FAQ for PerlHandler errors $VERSION = 0.08; $DATE="02/06/1999"; ++SSI with Apache::Filter & Apache::SSI, see config options & ./eg files Currently filtering only works in the direction Apache::ASP -> Apache::SSI, will not work the other way around, as SSI must come last in a set of filters +SSI file includes may reference files in the Global directory, better code sharing - <% @array... %> no longer dropped from code. +perl =pod comments are stripped from script before compiling, and associated PodComments configuration options. +Command line cgi/asp script takes various options, and allows execution of multiple asp scripts at one time. This script should be used for command line debugging. This is also the beginning of building a static site from asp scripts with the -b option, suppressing headers. +$Response->AddHeader('Set-Cookie') works for multiple cookies. -$Response->Cookies('foo', '0') works, was dropping 0 because of boolean test -Fixed up some config doc errors. $VERSION = 0.07; $DATE="01/20/1999"; -removed SIG{__WARN__} handler, it was a bad idea. -fixes file locking on QNX, work around poor flock porting +removed message about Win32::OLE on UNIX platforms from Makefile.PL -Better lock garbage collection. Works with StatINC seamlessly. -Multiple select forms now work in array context with $Response->Form() @values = $Response->Form('multi'); -Better CGI.pm compatibility with $r->header_out('Content-type'), improved garbage collection under modperl, esp. w/ file uploads $VERSION = 0.06; $DATE="12/21/1998"; +Application_OnStart & Application_OnEnd event handlers support. -Compatible with CGI.pm 2.46 headers() -Compatible with CGI.pm $q = new CGI({}), caveat: does not set params +use strict; followed by use of objects like $Session is fine. -Multiple cookies may be set per script execution. +file upload implemented via CGI.pm ++global.asa implemented with events Session_OnStart and Session_OnEnd working appropriately. +StateDir configuration directive implemented. StateDir allows the session state directory to be specified separately from the Global directory, useful for operating systems with caching file systems. +StateManager config directive. StateManager specifies how frequently Sessions are cleaned up, with 10 (default) meaning that old Sessions will be cleaned up 10 times per SessionTimeout period (default 20 minutes). +$Application->SessionCount() implemented, non-portable method. : returns the number of currently active sessions -STOP button fix. Users may hit STOP button during script execution, and Apache::ASP will cleanup with a routine registered in Apache's $r->register_cleanup. Works well supposedly. +PerlScript compatibility work, trying to make ports smoother. : Collection emulator, no ->{Count} property : $.*(.*)->{Item} parsed automatically, shedding the ->{Item} for Collection support (? better way ?) : No VBScript dates support, just HTTP RFC dates with HTTP::Date : Win32::OLE::in not supported, just use "keys %{$Collection}" +./cgi/asp script for testing scripts from the command line : will be upgraded to CGI method of doing asp : is not "correct" in anyway, so not documented for now but still useful +strips DOS carriage returns from scripts automatically, so that programs like FrontPage can upload pages to UNIX servers without perl choking on the extra \r characters. $VERSION = 0.05; $DATE="10/19/1998"; +Added PERFORMANCE doc, which includes benchmarks +hints. +Better installation warnings and errors for other modules required. -Turned off StatINC in eg/.htaccess, as not everyone installs Devel::Symdump -Fixed AUTOLOAD state bug, which wouldn't let you each through state objects, like %{$Session}, or each %$Session, (bug introduced in v.04) +Parses ASP white space better. HTML output matches author's intent by better dealing with white space surrounding <% perl blocks %> -Scalar insertion code <%=$foo%> can now span many lines. +Added include.t test script for includes. +Script recompiles when included files change. +Files can be included in script with SSI syntax, needs to be done in ASP module to allow compilation of included code and html into script. Future chaining with Apache::SSI will allow static html includes, and other SSI directives $VERSION = 0.04; $DATE="10/14/1998"; +Example script eg/cgi.htm demonstrating CGI.pm use for output. +Optimized ASP parsing, faster and more legible executing code : try 'die();' in code with setting PerlSetVar Debug 2 +Cleaned up code for running with 'use strict' -Fixed directory handle leak on Solaris, from not closing after opendir() +StatINC overhaul. StatINC setting now works as it should, with the caveat that exported functions will not be refreshed. +NoState setting optimization, disallows $Application & $Session +$Application->*Lock() functions implemented -SoftRedirect setting for those who want scripts to keep running after a Redirect() +SessionSerialize setting to lock session while script is running : Microsoft ASP style session locking : For a session, scripts execute one at a time : NOT recommended use, please see note. -MLDBM can be used for other things without messing up internal use : before if it was used with different DB's and serializers, internal state could be lost. --State file locking. Corruption worries, and loss of data no more. +CGI header support, developer can use CGI.pm for *output*, or just print() : print "Set-Cookie: test=cookie\n", and things will just work : use CGI.pm for output : utilizes $r->send_cgi_header(), thanks Doug! +Improved Cookie implementation, more flexible and complete - Domain cookie key now works : Expire times now taken from time(), and relative time in sec : Request->Cookies() reading more flexible, with wantarray() on hash cookie values, %hash = $Request->Cookie('test'); -make test module naming correction, was t.pm, now T.pm for Unix +POD / README cleanup, formatting and HTML friendly. $VERSION = 0.03; $DATE="09/14/1998"; +Installation 'make test' now works +ActiveX objects on Win32 implemented with $Server->CreateObject() +Cookies implemented: $Response->Cookies() & $Request->Cookies() -Fixed $Response object API, converting some methods to object members. Deprecated methods, but backwards compatible. +Improved error messaging, debug output +$, influences $Response->Write(@strings) behavior +perl print() works, sending output to $Response object +$Response->Write() prints scalars, arrays, and hashes. Before only scalars. +Begin implementation of $Server object. +Implemented $Response->{Expires} and $Response->{ExpiresAbsolute} +Added "PerlSetVar StatINC" config option +$0 is aliased to current script filename +ASP Objects ($Response, etc.) are set in main package Thus notation like $main::Response->Write() can be used anywhere. $VERSION = 0.02; $DATE="07/12/1998"; ++Session Manager, won't break under denial of service attack +Fleshed out $Response, $Session objects, almost full implementation. +Enormously more documentation. -Fixed error handling with Debug = 2. -Documentation fixed for pod2man support. README now more man-like. -Stripped \r\n dos characters from installation files -755 mode set for session state directory when created -Loads Win32/OLE properly, won't break with UNIX $VERSION = 0.01; $DATE="06/26/1998"; Syntax Support -------------- Initial release, could be considered alpha software. Allows developers to embed perl in html ASP style. <% for(1..10) { %> counting: <%=$_%>
<% } %> ASP Objects ----------- $Session, $Application, $Response, $Request objects available for use in asp pages. $Session & $Application data is preserved using SDBM files. $Session id's are tracked through the use of cookies. Security -------- Timeouts any attempt to use a session id that doesn't already exist. Should stop hackers, since there is no wire speed guessing cookies. LICENSE Copyright (c) 1998-2002, Joshua Chamas, Chamas Enterprises Inc. All rights reserved. Apache::ASP is a perl native port of Active Server Pages for Apache and mod_perl. This software is licensed under the GPL. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. For the full text of the GPL, see the license file in the distribution of this software, visit the GPL site at http://www.gnu.org/copyleft/gpl.html or write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. For general licensing questions, please see the SUPPORT section. To contact us about licensing terms, please email asp@chamas.com.