From mikec at autodispatch.com Tue Aug 1 18:29:36 2000 From: mikec at autodispatch.com (Mike Cantrell) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Keeping track of web logins References: <3.0.6.32.20000721123638.007a2850@mail.infinet-is.com> Message-ID: <006d01bffc10$5b2c7620$320101c0@mikec> I'm wondering if someone out there has a good method of keeping track of web logins when going from page to page. I've ofter relied on .htaccess to generate a $ENV{REMOTE} user to check against but what if you aren't using .htaccess and have a html based login form? 1) I've thought about setting temp cookies but that seems like a security problem and I'd rather not use cookies anyways. 2) creating hidden tags to pass along to the next page if it's a form but what if it's not a form? That also seems like a security problem. 3) encoding the login/passwd into the URL string but that seems to be a security problem as well. Has anyone tried encrypting the login/passwd in the URL string? Is there any good doc's out there on doing such a thing? 4) I often see long sessionID variables in URL strings of sites I've logged into but I'm not sure what they are doing with it. Anyone else know of a better way? Best Regards, Mike Cantrell From jimm at amug.org Tue Aug 1 20:59:01 2000 From: jimm at amug.org (jim mckay) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Keeping track of web logins In-Reply-To: <006d01bffc10$5b2c7620$320101c0@mikec> Message-ID: <20000802015902.QNVB12685.mail.rdc1.az.home.com@[24.21.124.54]> Take a look at Apache-Session.. http://theoryx5.uwinnipeg.ca/mod_perl/cpan-search?filetype=%20distribution%20name%20or%20description;join=and;arrange=file;download=auto;stem=no;case=clike;site=ftp.funet.fi;age=&distinfo=108 I haven't used it but it looks interesting.. if you have any luck with it I'd be interested in seeing what you did.. Also I think Oreilly's "Writing Apache modules with perl and c" has a chapter on keeping state (if you have root access to apache). Jim M On 8/1/00 at 4:29 PM, mikec@autodispatch.com (Mike Cantrell) wrote: > I'm wondering if someone out there has a good method of keeping track of web > logins when going from page to page. I've ofter relied on .htaccess to > generate a $ENV{REMOTE} user to check against but what if you aren't using > ..htaccess and have a html based login form? > > 1) I've thought about setting temp cookies but that seems like a security > problem and I'd rather not use cookies anyways. > > 2) creating hidden tags to pass along to the next page if it's a form but > what if it's not a form? That also seems like a security problem. > > 3) encoding the login/passwd into the URL string but that seems to be a > security problem as well. Has anyone tried encrypting the login/passwd in > the URL string? Is there any good doc's out there on doing such a thing? > > 4) I often see long sessionID variables in URL strings of sites I've logged > into but I'm not sure what they are doing with it. > > Anyone else know of a better way? > > Best Regards, > Mike Cantrell > From joelnelson at home.net Tue Aug 1 23:20:51 2000 From: joelnelson at home.net (Joel Nelson) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Keeping track of web logins References: <3.0.6.32.20000721123638.007a2850@mail.infinet-is.com> <006d01bffc10$5b2c7620$320101c0@mikec> Message-ID: <3987A1A3.4ADE3C54@home.net> Mike Cantrell wrote: > I'm wondering if someone out there has a good method of keeping track of web > logins when going from page to page. I've ofter relied on .htaccess to > generate a $ENV{REMOTE} user to check against but what if you aren't using > .htaccess and have a html based login form? > > 1) I've thought about setting temp cookies but that seems like a security > problem and I'd rather not use cookies anyways. You can still solve it somewhat that way. > 2) creating hidden tags to pass along to the next page if it's a form but > what if it's not a form? That also seems like a security problem. Not a good idea. > 3) encoding the login/passwd into the URL string but that seems to be a > security problem as well. Has anyone tried encrypting the login/passwd in > the URL string? Is there any good doc's out there on doing such a thing? Same as the last one, no! > 4) I often see long sessionID variables in URL strings of sites I've logged > into but I'm not sure what they are doing with it. That's sort of the .asp way. You could try Jim's suggestion and check out Apache::Session. I have not tried it. However, I do have a cookie way that I kinda like. I converted a method I found somewhere on the PHP site. Assuming your using perl, it goes something like this: We don't use the users password in the cookie at all for security reasons. After they submit their name and password and it is verified against the database, we use their login name encrypted with todays weekday name to create an encrypted key stored as a cookie. Each time they access a page protected by the script, we take the name and key from the cookies, create a new key based on todays weekname and their login name, and compare the newly created key with the cookie key. If they are the same we don't need to check the database and we reset the cookies. Even as I type it, it sounds confusing, but it works okay. I pasted in the code we use. You'll figure it out. Hope it helps!! Joel ########################################################### # _Login.inc # # # # To be included in cgi scripts requiring member access. # # Exports: $memberSeq $memberName & $memberPassword # # # ########################################################### use DBI; #$byPassDbSecurity = 1; #------------------------------- Start of Main program loop ---------------------------# &_initialize; if (%memberInfo) { #print header,start_html,"cookie info:
name[$memberName]
key[$memberKey]",end_html; exit; if (&passesCookieSecurity) { &setCookieAndContinue; } else { &loginForm("Security Info changed, you must log in again!"); } } elsif ($loggingIn) { #print header,start_html,"logging In:
name[$fMemberName]
key[$fMemberKey]",end_html; exit; if (&passesDbSecurity) { &setDbCookieAndContinue; } else { &loginForm("Login Error"); } } else { &loginForm() } #-------------------------------- End of Main program loop ---------------------------# #--------------------------------- Start of sub-routines -----------------------------# #<---------------------------------------------------------------------- initialize --> sub _initialize { # Do we already have cookie info? If so, set member variables %memberInfo = cookie('memberInfo'); if (%memberInfo) { $memberName = $memberInfo{'memberName'}; $memberSeq = $memberInfo{'memberSeq'}; $memberKey = $memberInfo{'memberKey'}; $parentSeq = $memberInfo{'parentSeq'}; } %memberPrefs = cookie('memberPrefs'); if (%memberPrefs) { $memberCompany = $memberPrefs{'memberCompany'}; $memberType = $memberPrefs{'memberType'}; } # Do we have form variables? If so, we're logging in $fMemberName = param('fMemberName'); $fMemberPassword = param('fMemberPassword' ); if ($fMemberName && $fMemberPassword) { $loggingIn = 1 } $fMemberCompany = param('fMemberCompany'); $fMemberCompany = $memberCompany unless ($fMemberCompany); $fMemberType = $memberType unless ($fMemberType); # Set general script variables $script = script_name unless $script; } #<----------------------------------------------------- passesCookieSecurity --> sub passesCookieSecurity { my @days = ('sunday','monday','tuesday','wednesday','thursday','friday','saturday'); my @time = localtime(time); my $cryptKey = $days[$time[6]]; if ($memberKey eq crypt($memberName,$cryptKey)) { return 'true'; } } #<----------------------------------------------------- setCookieAndContinue --> sub setCookieAndContinue { my $cookie = cookie(-name=>'memberInfo',-value=>\%memberInfo,-expires=>'+8h',-path=>'/'); my $cookie2 = cookie(-name=>'memberPrefs',-value=>\%memberPrefs,-expires=>'+1y',-path=>'/'); print header(-cookie=>[$cookie,$cookie2]); } #<--------------------------------------------------------- passesDbSecurity --> sub passesDbSecurity { if ($byPassDbSecurity) { return 'true'; } else { $dbh = DBI->connect($dataSource,$dbUser,$dbPassword) || die("SQL Error: ".$dbh->errstr); # Is this login a company/agency? if ($fMemberType eq 'company') { $query = "select c.name,u.userSeq,u.companySeq,u.name,u.password from user u, company c where c.companySeq = u.companySeq and u.name = '$fMemberName' and c.name = '$fMemberCompany'"; } else { $query = "select c.name,u.agentSeq,u.agencySeq,u.name,u.password from agent u, agency c where c.agencySeq = u.agencySeq and u.name = '$fMemberName' and c.name = '$fMemberCompany'"; } my $sth = $dbh->prepare($query); $sth->execute; $errorMsg = $dbh->errstr(); if ($errorMsg) { $error = "$errorMsg"; } else { my $numrows = $sth->rows; if ($numrows == 0) { $error = "Member [$fMemberName] name not found. Remember, name and password are CaSe sensitive!"; } } if (!$error) { my @row = $sth->fetchrow; if (lc($row[0]) ne lc($fMemberCompany)) { $error = "Invalid company for user [$fMemberName]!"; } if ($row[4] ne $fMemberPassword) { $error = "Password incorrect for member [$fMemberName]. Remember, name and password are CaSe sensitive!"; } $memberSeq = $row[1]; $parentSeq = $row[2]; } if (!$error) { return 'true'; } } } #<--------------------------------------------------- setDbCookieAndContinue --> sub setDbCookieAndContinue { my @days = ('sunday','monday','tuesday','wednesday','thursday','friday','saturday'); my @time = localtime(time); my $cryptKey = $days[$time[6]]; $memberInfo{'memberName'} = $fMemberName; $memberInfo{'memberSeq'} = $memberSeq; $memberInfo{'memberKey' } = crypt($fMemberName,$cryptKey); $memberInfo{'parentSeq' } = $parentSeq; my $cookie = cookie(-name=>'memberInfo',-value=>\%memberInfo,-expires=>'+8h',-path=>'/'); $memberPrefs{'memberCompany'} = $fMemberCompany; $memberPrefs{'memberType'} = $fMemberType; $memberType = $fMemberType; # Needed for changing from one user type to another my $cookie2 = cookie(-name=>'memberPrefs',-value=>\%memberPrefs,-expires=>'+1y',-path=>'/'); print header(-cookie=>[$cookie,$cookie2]); } #<------------------------------------------------------------------------ Show Form --> sub loginForm { #Delete existing cookie info my %memberInfo; $cookie = cookie(-name=>'MemberInfo',-value=>\%memberInfo,-expires=>'-1h',-path=>'/'); print header(-cookie=>$cookie), start_html(-link=>'cyan',-vlink=>'cyan'),"\n", "
\n", "\n", " \n", " \n", "
\n", "
Our Company

You have accessed a members only area. If you are\n", " already a member you can login below. Membership is FREE and takes only\n", " a couple of minutes.
Click here to sign up!

\n", " 		\n", "
\n", "
\n", "
\n"; if ($error) { print "
$error
\n"; } print start_form(-method=>'post',-action=>$script); if ((!$fMemberName)&&($fMemberPassword)) { print "
Oops, missing Name!
\n",br; } if (($fMemberName)&&(!$fMemberPassword)) { print "
Oops, missing Password!
\n",br; } print "\n", " \n", "
\n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", " \n", "
" . ucfirst($fMemberType) . " Login
Member Name: 
",textfield(-name=>fMemberName,-size=>30,-value=>$fMemberName),"
Password: 
",password_field(-name=>fMemberPassword,-size=>30,-value=>$fMemberPassword),"
Company Name: 
",textfield(-name=>fMemberCompany,-size=>30,-value=>$fMemberCompany),"

\n", "
\n", end_form, "
\n", end_html; exit; } From mikec at autodispatch.com Wed Aug 2 10:39:33 2000 From: mikec at autodispatch.com (Mike Cantrell) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Keeping track of web logins References: <3.0.6.32.20000721123638.007a2850@mail.infinet-is.com> <006d01bffc10$5b2c7620$320101c0@mikec> <3987A1A3.4ADE3C54@home.net> Message-ID: <002d01bffc97$db5a6960$320101c0@mikec> Much thanks Joel, and Jim. I'll give it a shot. Regards, Mike Cantrell ----- Original Message ----- From: "Joel Nelson" To: Sent: Tuesday, August 01, 2000 9:20 PM Subject: Re: Phoenix.pm: Keeping track of web logins > > > Mike Cantrell wrote: > > > I'm wondering if someone out there has a good method of keeping track of web > > logins when going from page to page. I've ofter relied on .htaccess to > > generate a $ENV{REMOTE} user to check against but what if you aren't using > > .htaccess and have a html based login form? > > > > 1) I've thought about setting temp cookies but that seems like a security > > problem and I'd rather not use cookies anyways. > > You can still solve it somewhat that way. > > > 2) creating hidden tags to pass along to the next page if it's a form but > > what if it's not a form? That also seems like a security problem. > > Not a good idea. > > > 3) encoding the login/passwd into the URL string but that seems to be a > > security problem as well. Has anyone tried encrypting the login/passwd in > > the URL string? Is there any good doc's out there on doing such a thing? > > Same as the last one, no! > > > 4) I often see long sessionID variables in URL strings of sites I've logged > > into but I'm not sure what they are doing with it. > > That's sort of the .asp way. You could try Jim's suggestion and check out > Apache::Session. I have not tried it. However, I do have a cookie way that I > kinda like. I converted a method I found somewhere on the PHP site. Assuming > your using perl, it goes something like this: > > We don't use the users password in the cookie at all for security reasons. After > they submit their name and password and it is verified against the database, we > use their login name encrypted with todays weekday name to create an encrypted > key stored as a cookie. Each time they access a page protected by the script, we > take the name and key from the cookies, create a new key based on todays > weekname and their login name, and compare the newly created key with the cookie > key. If they are the same we don't need to check the database and we reset the > cookies. Even as I type it, it sounds confusing, but it works okay. I pasted in > the code we use. You'll figure it out. Hope it helps!! > > Joel > > ########################################################### > # _Login.inc # > # # > # To be included in cgi scripts requiring member access. # > # Exports: $memberSeq $memberName & $memberPassword # > # # > ########################################################### > use DBI; > > #$byPassDbSecurity = 1; > > #------------------------------- Start of Main program loop > ---------------------------# > &_initialize; > > if (%memberInfo) { > #print header,start_html,"cookie > info:
name[$memberName]
key[$memberKey]",end_html; exit; > if (&passesCookieSecurity) { > &setCookieAndContinue; > } else { > &loginForm("Security Info changed, you must log in again!"); > } > } elsif ($loggingIn) { > #print header,start_html,"logging > In:
name[$fMemberName]
key[$fMemberKey]",end_html; exit; > if (&passesDbSecurity) { > &setDbCookieAndContinue; > } else { > &loginForm("Login Error"); > } > } else { &loginForm() } > > #-------------------------------- End of Main program loop > ---------------------------# > > #--------------------------------- Start of sub-routines > -----------------------------# > > #<---------------------------------------------------------------------- > initialize --> > sub _initialize { > # Do we already have cookie info? If so, set member variables > %memberInfo = cookie('memberInfo'); > if (%memberInfo) { > $memberName = $memberInfo{'memberName'}; > $memberSeq = $memberInfo{'memberSeq'}; > $memberKey = $memberInfo{'memberKey'}; > $parentSeq = $memberInfo{'parentSeq'}; > } > %memberPrefs = cookie('memberPrefs'); > if (%memberPrefs) { > $memberCompany = $memberPrefs{'memberCompany'}; > $memberType = $memberPrefs{'memberType'}; > } > > # Do we have form variables? If so, we're logging in > $fMemberName = param('fMemberName'); > $fMemberPassword = param('fMemberPassword' ); > if ($fMemberName && $fMemberPassword) { $loggingIn = 1 } > $fMemberCompany = param('fMemberCompany'); > $fMemberCompany = $memberCompany unless ($fMemberCompany); > $fMemberType = $memberType unless ($fMemberType); > > # Set general script variables > $script = script_name unless $script; > } > > #<----------------------------------------------------- passesCookieSecurity --> > > sub passesCookieSecurity { > my @days = > ('sunday','monday','tuesday','wednesday','thursday','friday','saturday'); > my @time = localtime(time); > my $cryptKey = $days[$time[6]]; > if ($memberKey eq crypt($memberName,$cryptKey)) { return 'true'; } > } > > #<----------------------------------------------------- setCookieAndContinue --> > > sub setCookieAndContinue { > my $cookie = > cookie(-name=>'memberInfo',-value=>\%memberInfo,-expires=>'+8h',-path=>'/'); > my $cookie2 = > cookie(-name=>'memberPrefs',-value=>\%memberPrefs,-expires=>'+1y',-path=>'/' ); > print header(-cookie=>[$cookie,$cookie2]); > } > > #<--------------------------------------------------------- passesDbSecurity --> > > sub passesDbSecurity { > if ($byPassDbSecurity) { return 'true'; } > else { > $dbh = DBI->connect($dataSource,$dbUser,$dbPassword) || die("SQL Error: > ".$dbh->errstr); > > # Is this login a company/agency? > if ($fMemberType eq 'company') { > $query = "select c.name,u.userSeq,u.companySeq,u.name,u.password from user > u, company c where c.companySeq = u.companySeq and u.name = '$fMemberName' and > c.name = '$fMemberCompany'"; > } else { > $query = "select c.name,u.agentSeq,u.agencySeq,u.name,u.password from > agent u, agency c where c.agencySeq = u.agencySeq and u.name = '$fMemberName' > and c.name = '$fMemberCompany'"; > } > > my $sth = $dbh->prepare($query); > $sth->execute; > $errorMsg = $dbh->errstr(); > if ($errorMsg) { $error = "$errorMsg"; } > else { > my $numrows = $sth->rows; > if ($numrows == 0) { > $error = "Member [$fMemberName] name not found. Remember, name and > password are CaSe sensitive!"; > } > } > > if (!$error) { > my @row = $sth->fetchrow; > if (lc($row[0]) ne lc($fMemberCompany)) { > $error = "Invalid company for user [$fMemberName]!"; > } > if ($row[4] ne $fMemberPassword) { > $error = "Password incorrect for member [$fMemberName]. Remember, name > and password are CaSe sensitive!"; > } > $memberSeq = $row[1]; > $parentSeq = $row[2]; > } > > if (!$error) { return 'true'; } > } > } > > #<--------------------------------------------------- setDbCookieAndContinue --> > > sub setDbCookieAndContinue { > my @days = > ('sunday','monday','tuesday','wednesday','thursday','friday','saturday'); > my @time = localtime(time); > my $cryptKey = $days[$time[6]]; > $memberInfo{'memberName'} = $fMemberName; > $memberInfo{'memberSeq'} = $memberSeq; > $memberInfo{'memberKey' } = crypt($fMemberName,$cryptKey); > $memberInfo{'parentSeq' } = $parentSeq; > my $cookie = > cookie(-name=>'memberInfo',-value=>\%memberInfo,-expires=>'+8h',-path=>'/'); > $memberPrefs{'memberCompany'} = $fMemberCompany; > $memberPrefs{'memberType'} = $fMemberType; > $memberType = $fMemberType; # Needed for changing from one user type to > another > my $cookie2 = > cookie(-name=>'memberPrefs',-value=>\%memberPrefs,-expires=>'+1y',-path=>'/' ); > print header(-cookie=>[$cookie,$cookie2]); > } > > #<------------------------------------------------------------------------ Show > Form --> > sub loginForm { > #Delete existing cookie info > my %memberInfo; > $cookie = > cookie(-name=>'MemberInfo',-value=>\%memberInfo,-expires=>'-1h',-path=>'/'); > > print > header(-cookie=>$cookie), > start_html(-link=>'cyan',-vlink=>'cyan'),"\n", > "
\n", > "\n", > " \n", > " \n", > "
\n", > "
Our > Company

You have accessed a members only area. If you are\n", > " already a member you can login below. Membership is FREE and > takes only\n", > " a couple of minutes.
Click > here to sign up!

\n", > " 		\n", > "
\n", > "
\n", > "
\n"; > if ($error) { print "
$error
\n"; } > print start_form(-method=>'post',-action=>$script); > if ((!$fMemberName)&&($fMemberPassword)) { print "
Oops, missing > Name!
\n",br; } > if (($fMemberName)&&(!$fMemberPassword)) { print "
Oops, missing > Password!
\n",br; } > print > "\n", > " \n", > "
\n", > " \n", > " \n", > " \n", > " \n", > " \n", > " \n", > " > \n", > > " \n", > " \n", > " \n", > " > \n", > > " \n", > " \n", > " \n", > " > \n", > > " \n", > " \n", > " \n", > " \n", > "
" . > ucfirst($fMemberType) . " Login
Member > Name: 
",textfield(-name=>fMemberName,-size=>30,-value=>$fMemberName),"
size=-1>Password: 
",password_field(-name=>fMemberPassword,-size=>30,-value=>$fMemberPasswo rd),"
Company > Name: 
",textfield(-name=>fMemberCompany,-size=>30,-value=>$fMemberCompany),"

\n", > "
\n", > end_form, > "
\n", > end_html; > exit; > } > > From mikec at autodispatch.com Wed Aug 2 11:52:49 2000 From: mikec at autodispatch.com (Mike Cantrell) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Netscape Server and Perl References: <3.0.6.32.20000721123638.007a2850@mail.infinet-is.com> <006d01bffc10$5b2c7620$320101c0@mikec> <3987A1A3.4ADE3C54@home.net> <002d01bffc97$db5a6960$320101c0@mikec> Message-ID: <004f01bffca2$1732a600$320101c0@mikec> I might have to start a new project using Netscape as the web server and all my previous experience is w/ Apache. Has anyone out there developed CGI / Database stuff under Netscape w/ Perl? Any wise tips from the learned would be most appreciated. I've found the Netscape::Server::Session and Netscape::Server::Request modules wich will help out a lot. My main concern is performance. Apche and IIS have mod_perl and perlIIS.dll but I can't seem to find an equivalent for Netscape. Regards, Mike Cantrell From Bryan.Lane at VITALPS.COM Wed Aug 2 12:22:52 2000 From: Bryan.Lane at VITALPS.COM (Bryan Lane) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Perl Meeting Thursday! Message-ID: <219B26AF200FD411A11200805FE6EF250CDCAF@tef00021.vitalps.com> We'll be having a Phoenix.pm meeting Thursday August 3rd at 7:00PM. It will be held at The Willow House, which is located at 149 W. McDowell Rd., which is just West of Bowne on McDowell. This is a social meeting, so just show up, hang out, and have fun. The Willow House has coffee, and sandwiches, so bring some money if you are hungry. If you want more information, visit http://www.willowhouse.com/. See you there! From djmilesfamily at earthlink.net Wed Aug 2 19:38:52 2000 From: djmilesfamily at earthlink.net (Doug and Julie Miles) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Perl Meeting Thursday! In-Reply-To: <219B26AF200FD411A11200805FE6EF250CDCAF@tef00021.vitalps.co m> Message-ID: <4.3.2.7.0.20000802173732.032f58f0@mail.earthlink.net> Sorry this is so late. I've been trying to send it all week, and haven't had time to figure out if it is a problem at work, or a list problem. Hope some of you can make it out. Thanks! At 10:22 AM 8/2/00 -0700, you wrote: >We'll be having a Phoenix.pm meeting Thursday August 3rd at 7:00PM. >It will be held at The Willow House, which is located at 149 W. McDowell >Rd., which is just West of Bowne on McDowell. This is a social meeting, >so just show up, hang out, and have fun. The Willow House has coffee, >and sandwiches, so bring some money if you are hungry. If you want more >information, visit http://www.willowhouse.com/. See you there! From djmilesfamily at earthlink.net Wed Aug 16 18:38:50 2000 From: djmilesfamily at earthlink.net (Doug and Julie Miles) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Fwd: O'Reilly Needs Guinea Pigs...Any Volunteers? Message-ID: <4.3.2.7.0.20000816163834.032e8f00@mail.earthlink.net> >Date: Wed, 16 Aug 2000 12:54:43 -0700 (PDT) >From: Denise Olliffe >To: djmilesfamily@earthlink.net >Subject: O'Reilly Needs Guinea Pigs...Any Volunteers? > > > >What technologies are your group members excited about? Where do they >smell vaporware? We want you or members of your group to tell us all >about it. We invite you to join O'Reilly's new email survey research >panel, and give us your two cents. You can sign up at >http://www.survey.com/orpanel.html -- it only takes a few minutes. > >As a thank you for your time and insight, we'll give you a 25% discount >on all O'Reilly books purchased through the O'Reilly Web site for one >year (5% more than the regular UG discount), plus enter you in a drawing >for one of 200 "Official O'Reilly Guinea Pig" T-shirts. > >A few important details: After you register for the panel, you'll >receive short email invitations to participate in surveys, either from >O'Reilly & Associates or Survey.com, our partner in this endeavor. When >you enroll, you choose how often you're interested in hearing from us. >Membership and participation is entirely voluntary, and you may leave >the panel at any time. There's also no obligation to participate in any >particular survey. > >We promise that all information you submit will be kept confidential. >We will never sell or rent your personal information. If you order >books directly from us, we'll send you our book catalog three or four >times a year (if you don't want it, just ask us not to send it). > >If you feel your members would be interested in particpating, please >pass this invitation on to them. > >--Denise :) From djmilesfamily at earthlink.net Sat Aug 19 14:10:58 2000 From: djmilesfamily at earthlink.net (Doug and Julie Miles) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Meeting 08/22/2000 Message-ID: <4.3.2.7.0.20000819120745.03771a50@mail.earthlink.net> We'll be having a Phoenix.pm meeting Tuesday, August 22nd at 7:00PM. It will be held at Bowne, which is located at 1500 N. Central Avenue, which is on the Southwest corner of Central and McDowell. The parking lot is gated, so just press the button on the intercom, and tell the receptionist that you are there for the Perl meeting. Park in the lot that is straight ahead from the entrance on the South side of McDowell. Park in any uncovered, non-reserved space. Proceed to the main lobby, which is on the Northeast side of the parking lot. I haven't had time to put together a Perl 201 presentation, but I'll be presenting my Template and CGI::Template modules as an example of OO Perl and inheritance. From Bryan.Lane at VITALPS.COM Tue Aug 22 13:11:09 2000 From: Bryan.Lane at VITALPS.COM (Bryan Lane) Date: Thu Aug 5 00:16:14 2004 Subject: FW: Phoenix.pm: Reminder: Meeting 08/22/2000 Message-ID: <219B26AF200FD411A11200805FE6EF25F20FEE@tef00021.vitalps.com> -----Original Message----- From: doug.miles@bpxinternet.com [mailto:doug.miles@bpxinternet.com] Sent: Tuesday, August 22, 2000 11:09 AM To: Bryan Lane Subject: Phoenix.pm: Reminder: Meeting 08/22/2000 Can you forward this to the list for me? Thanks. All: Please RSVP, so I know whether or not anyone can make it tonight. Thanks! We'll be having a Phoenix.pm meeting Tuesday, August 22nd at 7:00PM. It will be held at Bowne, which is located at 1500 N. Central Avenue, which is on the Southwest corner of Central and McDowell. The parking lot is gated, so just press the button on the intercom, and tell the receptionist that you are there for the Perl meeting. Park in the lot that is straight ahead from the entrance on the South side of McDowell. Park in any uncovered, non-reserved space. Proceed to the main lobby, which is on the Northeast side of the parking lot. I haven't had time to put together a Perl 201 presentation, but I'll be presenting my Template and CGI::Template modules as an example of OO Perl and inheritance. From Bryan.Lane at VITALPS.COM Tue Aug 22 13:42:39 2000 From: Bryan.Lane at VITALPS.COM (Bryan Lane) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Reminder: Meeting 08/22/2000 Message-ID: <219B26AF200FD411A11200805FE6EF25F20FEF@tef00021.vitalps.com> I'll be there! -----Original Message----- From: Bryan Lane Sent: Tuesday, August 22, 2000 11:11 AM To: phoenix-pm-list@happyfunball.pm.org Subject: FW: Phoenix.pm: Reminder: Meeting 08/22/2000 -----Original Message----- From: doug.miles@bpxinternet.com [mailto:doug.miles@bpxinternet.com] Sent: Tuesday, August 22, 2000 11:09 AM To: Bryan Lane Subject: Phoenix.pm: Reminder: Meeting 08/22/2000 Can you forward this to the list for me? Thanks. All: Please RSVP, so I know whether or not anyone can make it tonight. Thanks! We'll be having a Phoenix.pm meeting Tuesday, August 22nd at 7:00PM. It will be held at Bowne, which is located at 1500 N. Central Avenue, which is on the Southwest corner of Central and McDowell. The parking lot is gated, so just press the button on the intercom, and tell the receptionist that you are there for the Perl meeting. Park in the lot that is straight ahead from the entrance on the South side of McDowell. Park in any uncovered, non-reserved space. Proceed to the main lobby, which is on the Northeast side of the parking lot. I haven't had time to put together a Perl 201 presentation, but I'll be presenting my Template and CGI::Template modules as an example of OO Perl and inheritance. From doug.miles at bpxinternet.com Tue Aug 22 18:58:47 2000 From: doug.miles at bpxinternet.com (Doug Miles) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: New PHP group Message-ID: <39A313B7.1E688362@bpxinternet.com> There is a new PHP group starting in town. I thought some of you might be interested... Eric Thelin wrote: > > I have found out that tuesday is the orientation for new college > students so all rooms are already taken on the planned date of tuesday > the 22 so we are moving the meeting to WEDNESDAY AUG. 23. We have a > smaller room reserved for this time and a room reserved for next month > and there after that we can definately grow into, it can probably seat > about 60! And more importantly it has net connectivity. > > I am planning to discuss where we want the group to go, what topics we > want presented, who can present, how we can get people to join the > group, what our website should be like, etc. So invite everyone you > know who uses PHP or has interest in learning it so they can have a > voice in planning the direction of the group. It will be a great > opportunity to mold the group according to our dreams (or lack there of.) > > Here are the directions to the current and planned future meeting > locations: > > This month, WEDNESDAY Aug 23 @ 7:00: > Park in the visitors parking on the North side. Turn into MCC at the > light on Southern between Alma School and Dobson. Go to the Kirk > Student Center Cafeteria. This building is the one with the large clock > tower in the center of the MCC campus. Go down stairs by the elevators > labeled conference rooms. The room this month is the Papago Room. > > In the future, 4th TUESDAY of each month @ 7:00: > Go to the Kirk Student Center Cafeteria it is the one with the large clock > tower in the center of the MCC campus. Go down the stairs that face > East and go to the Kiba room which has a glass door. > > Eric > > Eric Thelin erict@aztechbiz.com > AZtechBiz.com: Where Arizona Does Tech Business > Voice: 480-377-6743 Fax: 480-377-6755 -- - Doug Don't anthropomorphize computers. They hate that. From doug.miles at bpxinternet.com Wed Aug 23 12:53:01 2000 From: doug.miles at bpxinternet.com (Doug Miles) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Meeting followup Message-ID: <39A40F7D.1997042C@bpxinternet.com> I realized last night that I forgot to explain @ISA. @ISA is Perl's method of handling inheritance. If you notice in the HTMLTemplate.pm module line 9: @ISA = qw(Exporter AutoLoader Template); Exporter and AutoLoader are put in by the h2xs script. I added Template. This makes HTMLTemplate a sub-class of Template. The way this works, is that if you attempt to call a method that doesn't exist in package HTMLTemplate, perl will look at the packages in @ISA and see if they have that method. So if I do this: $self->build(); in HTMLTemplate (which I do), perl will search through @ISA to find build, because it does not exist in HTMLTemplate. Perl will then use the build method in the Template package. Sorry about that. Let me know if you have any questions. -- - Doug Don't anthropomorphize computers. They hate that. From Bryan.Lane at VITALPS.COM Wed Aug 23 12:52:58 2000 From: Bryan.Lane at VITALPS.COM (Bryan Lane) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Meeting followup Message-ID: <219B26AF200FD411A11200805FE6EF25F20FF6@tef00021.vitalps.com> Thanks for the follow up.... -----Original Message----- From: doug.miles@bpxinternet.com [mailto:doug.miles@bpxinternet.com] Sent: Wednesday, August 23, 2000 10:53 AM To: Phoenix.pm Subject: Phoenix.pm: Meeting followup I realized last night that I forgot to explain @ISA. @ISA is Perl's method of handling inheritance. If you notice in the HTMLTemplate.pm module line 9: @ISA = qw(Exporter AutoLoader Template); Exporter and AutoLoader are put in by the h2xs script. I added Template. This makes HTMLTemplate a sub-class of Template. The way this works, is that if you attempt to call a method that doesn't exist in package HTMLTemplate, perl will look at the packages in @ISA and see if they have that method. So if I do this: $self->build(); in HTMLTemplate (which I do), perl will search through @ISA to find build, because it does not exist in HTMLTemplate. Perl will then use the build method in the Template package. Sorry about that. Let me know if you have any questions. -- - Doug Don't anthropomorphize computers. They hate that. From doug.miles at bpxinternet.com Wed Aug 23 13:26:55 2000 From: doug.miles at bpxinternet.com (Doug Miles) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: $& discussion Message-ID: <39A4176F.6F233E2A@bpxinternet.com> I looked into the $& problem in O'reilly's "Mastering Regular Expressions", and found that the inefficiency is caused by perl making a copy of the string that is being matched against. This is also caused by using '()'s in a regex (which I am doing), so avoiding the use of $& won't help. Also, with the addition of \s* to my pattern (which I have done), I don't think I can avoid using $&. Great discussion! -- - Doug Don't anthropomorphize computers. They hate that. From mdearman at inficad.com Thu Aug 24 05:07:17 2000 From: mdearman at inficad.com (Michael Dearman) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: $& discussion References: <39A4176F.6F233E2A@bpxinternet.com> Message-ID: <39A4F3D4.23D4C4A4@inficad.com> Hi guys, Enjoyed the get together and meeting you'all. Doug Miles wrote: > > I looked into the $& problem in O'reilly's "Mastering Regular > Expressions", For Perl ver. 5.003, don't have a clue if this still holds. The author has maintained an excellent support site, but I don't remember seeing anything addressing this issue. > and found that the inefficiency is caused by perl making a > copy of the string that is being matched against. This is also caused > by using '()'s in a regex (which I am doing), so avoiding the use of $& Just to round the culprits out - this also happens when $' and $` are used. As I read it, this group and parens also disable some optimizations done for substitutions. But for parens,this only affects the regex actually in the parens. and the /i modifier causes the copy, in some cases. Also, you'll get this performance hit if these are in any module/lib your using. There's a list of the offending libs on pg. 278, Mastering Reg Expressions. Of course some popular modules are on the list. > won't help. Also, with the addition of \s* to my pattern (which I have I'm probably missing something, but why can't you just do 'length($1)', for $match_length? Mike D. > done), I don't think I can avoid using $&. Great discussion! > > -- > - Doug > > Don't anthropomorphize computers. They hate that. From mdearman at inficad.com Thu Aug 24 05:36:18 2000 From: mdearman at inficad.com (Michael Dearman) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: yet another strange beast; $#$var as lvalue Message-ID: <39A4FAA2.3A072B0@inficad.com> Hi, Ran up on this in the Perl Algorithms book. sub insertion_merge { ... my $merge; # The merged result. $#$merge = @$large + @$small - 1; # Pre-extend and then $merge used as ref to an array? $merge->[ $i ]; Two questions. 1. Could someone share where any documentation on the $#$var construct? I know I've seen a discussion on manually pre-extending an array instead of relying on Perl to auto-magically do this. But don't remember seeing this. 2. But the real thing that gets me - At what point and how does $merge become a ref to an array? I kinda see what happens. But I'd appreciate it of someone could put this to words ( or lyrics :) $#$merge = @$arr_1 + @$arr_2 -1; Thanks, Mike D. From doug.miles at bpxinternet.com Thu Aug 24 11:56:39 2000 From: doug.miles at bpxinternet.com (Doug Miles) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: $& discussion References: <39A4176F.6F233E2A@bpxinternet.com> <39A4F3D4.23D4C4A4@inficad.com> Message-ID: <39A553C7.6D6BCB1@bpxinternet.com> Michael Dearman wrote: > > Hi guys, > Enjoyed the get together and meeting you'all. > > Doug Miles wrote: > > > > I looked into the $& problem in O'reilly's "Mastering Regular > > Expressions", > > For Perl ver. 5.003, don't have a clue if this still holds. The author > has maintained an excellent support site, but I don't remember seeing > anything addressing this issue. > > > and found that the inefficiency is caused by perl making a > > copy of the string that is being matched against. This is also caused > > by using '()'s in a regex (which I am doing), so avoiding the use of $& > > Just to round the culprits out - this also happens when $' and $` are used. > As I read it, this group and parens also disable some optimizations done for > substitutions. But for parens,this only affects the regex actually in the parens. > > and the /i modifier causes the copy, in some cases. > > Also, you'll get this performance hit if these are in any module/lib your using. > There's a list of the offending libs on pg. 278, Mastering Reg Expressions. > Of course some popular modules are on the list. > > > won't help. Also, with the addition of \s* to my pattern (which I have > > I'm probably missing something, but why can't you just do 'length($1)', > for $match_length? The reason for this is that for this tag: length($1) would give me 4 and length($&) would give me 13, which is what I'm looking for. I want to replace the entire tag, not just the contents. -- - Doug Don't anthropomorphize computers. They hate that. From doug.miles at bpxinternet.com Thu Aug 24 12:17:38 2000 From: doug.miles at bpxinternet.com (Doug Miles) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: yet another strange beast; $#$var as lvalue References: <39A4FAA2.3A072B0@inficad.com> Message-ID: <39A558B2.2E497085@bpxinternet.com> Michael Dearman wrote: > > Hi, > > Ran up on this in the Perl Algorithms book. > > sub insertion_merge { > > ... > my $merge; # The merged result. > > $#$merge = @$large + @$small - 1; # Pre-extend > > and then $merge used as ref to an array? > > $merge->[ $i ]; > > Two questions. > 1. Could someone share where any documentation on the $#$var construct? > I know I've seen a discussion on manually pre-extending an array > instead of relying on Perl to auto-magically do this. But don't > remember seeing this. I've never seen it before either, but I'll take a stab at explaining it. You can set an array to be a certain length by assigning to the last index of the array like this: $#array = 99; # Gives an array of 100 elements (0-99). See below for the explanation of the construct in question. > 2. But the real thing that gets me - > At what point and how does $merge become a ref to an array? > I kinda see what happens. But I'd appreciate it of someone > could put this to words ( or lyrics :) > $#$merge = @$arr_1 + @$arr_2 -1; Let's take this apart piece by piece: The @ in front of $arr_1 and $arr_2 means that they must resolve to arrays. This means that $arr_1 and $arr_2 must be references to arrays, or an error. @$arr_1 and @$arr_2 are being used in scalar context, so they evaluate to the number of elements in each array. So what you get is the length of one array plus the length of another array minus 1. I would have written it like this for clarity: @{$arr_1} + @{$arr_2} - 1; The last part should answer your question. $# indicates the last element of an array. In this case, perl uses this context to make $merge a reference to an array. I would have written the whole thing like this: $#{$merge} = @{$arr_1} + @{$arr_2} - 1; I don't know if this is any clearer to anyone else, but it helps me out. Hopefully I answered your question (and did it without spreading misinformation :). -- - Doug Don't anthropomorphize computers. They hate that. From djmilesfamily at earthlink.net Thu Aug 24 18:55:00 2000 From: djmilesfamily at earthlink.net (Doug and Julie Miles) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Fwd: O'Reilly University of Perl 2000 Message-ID: <4.3.2.7.0.20000824165304.00a85560@mail.earthlink.net> All: FYI Tim, when you get a chance, can you put the banner at the bottom of this message on the site, and let me know when you do? Thanks! >Date: Thu, 24 Aug 2000 16:49:27 -0700 (PDT) >From: Denise Olliffe >To: djmilesfamily@earthlink.net >Subject: O'Reilly University of Perl 2000 > >O'REILLY BRINGS ITS EXPERTISE TO YOU AT >UNIVERSITY OF PERL 2000 > >O'Reilly University of Perl 2000 is a four-city tour offering two-day >tutorials featuring the best Perl training available. This >cross-country tour will start in Seattle and move to Los Angeles and >Atlanta, ending in New York City. > >O'Reilly University of Perl 2000 will be taught by top-rated leaders in >the Perl community; Damian Conway, Mark-Jason Dominus, brain d foy, Dan >Klein, Michael Rodriquez, Randal Schwartz, and Nathan Torkington. >These fearless leaders will teach you solutions to your programming >problems, offer advanced programming techniques and much more. > >Eleven courses in all, the tutorials will focus on: > >'Perl 101' for programmers new to Perl >Perl CGI and Web programming >Advanced Perl Programming techniques >mod_perl > >Dates and Locations: > >October 2 & 3: Seattle, Hyatt Regency Bellevue >October 5 & 6: Los Angeles, The Westin Los Angeles Airport >October 16 & 17: Atlanta, Sheraton Atlanta >October 19 & 20: New York City, New York Marriott East Side > >For more information about O'Reilly University of Perl 2000, go to: >http://conferences.oreilly.com/uperl2k/ > >If you would like to help O'Reilly by posting a banner for this tour on >your site, go to: http://conferences.oreilly.com/uperl2k/banners.html > >If you post the banner, please let me know. > >Please pass this information to all of your group members. > >Thanks, >Denise From mdearman at inficad.com Fri Aug 25 00:55:40 2000 From: mdearman at inficad.com (Michael Dearman) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: $& discussion References: <39A4176F.6F233E2A@bpxinternet.com> <39A4F3D4.23D4C4A4@inficad.com> <39A553C7.6D6BCB1@bpxinternet.com> Message-ID: <39A60A5C.5B55F9A@inficad.com> Doug Miles wrote: > > Michael Dearman wrote: > > -snip- > > I'm probably missing something, but why can't you just do 'length($1)', > > for $match_length? > > The reason for this is that for this tag: > > > > length($1) would give me 4 and length($&) would give me 13, which is > what I'm looking for. I want to replace the entire tag, not just the > contents. I _was_ confused! Guess I didn't know what $& was actually doing. Do now :) Well, how about this: $template =~ /(<--\s*(.+?)\s*-->)/g; $length = length($1); $tag = $2; Mike D. From mdearman at inficad.com Fri Aug 25 01:03:18 2000 From: mdearman at inficad.com (Michael Dearman) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: yet another strange beast; $#$var as lvalue References: <39A4FAA2.3A072B0@inficad.com> <39A558B2.2E497085@bpxinternet.com> Message-ID: <39A60C26.D65227CD@inficad.com> Thanks Doug, Between sleeping on it and your explanation I believe I get it now. And by the way. Thanks for the readable code! *bow* Mike D. From doug.miles at bpxinternet.com Fri Aug 25 11:54:13 2000 From: doug.miles at bpxinternet.com (Doug Miles) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: yet another strange beast; $#$var as lvalue References: <39A4FAA2.3A072B0@inficad.com> <39A558B2.2E497085@bpxinternet.com> <39A60C26.D65227CD@inficad.com> Message-ID: <39A6A4B4.AA5D3F94@bpxinternet.com> Michael Dearman wrote: > > Thanks Doug, > > Between sleeping on it and your explanation I believe I get it now. > > And by the way. Thanks for the readable code! *bow* > > Mike D. Thanks. I try to optimize for readability. -- - Doug Don't anthropomorphize computers. They hate that. From djmilesfamily at earthlink.net Fri Aug 25 18:07:03 2000 From: djmilesfamily at earthlink.net (Doug and Julie Miles) Date: Thu Aug 5 00:16:14 2004 Subject: Phoenix.pm: Fwd: Correction and info for ORA University of Perl 2000 Message-ID: <4.3.2.7.0.20000825160636.00e75de0@mail.earthlink.net> >Date: Fri, 25 Aug 2000 09:30:18 -0700 (PDT) >From: Denise Olliffe >To: djmilesfamily@earthlink.net >Subject: Correction and info for ORA University of Perl 2000 > >A 20% discount is being offered to O'Reilly UG Members that wish to >attend the O'Reilly University of Perl 2000. > >When registering for the tutorials, enter the code: DSUG in the >Discount Code field on the form. > >Also... > >I would like to make a spelling correction to the name of one of the >tutorial instructors from my last message--brain d foy, should read: >brian d foy. > >To brian, and those who know brian (I've already heard from some of >you)--Woops...sorry. > >;) >Denise