From jarich at perltraining.com.au  Fri Nov  1 00:38:54 2002
From: jarich at perltraining.com.au (Jacinta Richardson)
Date: Wed Aug  4 00:02:45 2004
Subject: Perl Meetup day
In-Reply-To: <3DC1C710.4090004@StrategicData.com.au>
Message-ID: <Pine.LNX.3.96.1021101115356.4748E-100000@teddybear.perltraining.com.au>

On Fri, 1 Nov 2002, Adam Clarke wrote:

> My understanding is that Gin has a reputation for producing exactly the 
> opposite emotion :)

Well there could be that, but I've never seen anything nasty happen at the
Gin Palace.  It does get quite crowded though.

The Gin Palace is a pretty wierd place to get to.  It's on a laneway
between Lt Collins and Bourke streets.  You wander down and get to a place
with a sign "gp" out the front and no other indications of what happens
inside.  It passes a lot of people's minds that it could be a brothel.
There's a tiny plaque somewhere that says "Gin Palace" but when I read
that I wasn't thinking "Gin" as in alcohol, perhaps as a name...

It's way too noisy and crowded on Friday and Saturdays nights to be
enjoyable in my opinion.  Thursday should be good (so long as we can all
make it to work the next morning.)

	Jacinta
--
   ("`-''-/").___..--''"`-._          |  Jacinta Richardson	    |
    `6_ 6  )   `-.  (     ).`-.__.`)  |  Perl Training Australia    |
    (_Y_.)'  ._   )  `._ `. ``-..-'   |      +613 9354 6001 	    |  
  _..`--'_..-_/  /--'_.' ,'           | contact@perltraining.com.au |
(il),-''  (li),'  ((!.-'              |   www.perltraining.com.au   |



From jhoward at fastmail.fm  Fri Nov  1 01:31:17 2002
From: jhoward at fastmail.fm (Jeremy Howard)
Date: Wed Aug  4 00:02:45 2004
Subject: Perl Meetup day
Message-ID: <20021101073117.B2AF450A7F6@server5.fastmail.fm>

On Fri, 1 Nov 2002 17:38:54 +1100 (EST), "Jacinta Richardson"
<jarich@perltraining.com.au> said:
> The Gin Palace is a pretty wierd place to get to.  It's on a laneway
> between Lt Collins and Bourke streets.	You wander down and get to a
> place
> with a sign "gp" out the front and no other indications of what happens
> inside.  It passes a lot of people's minds that it could be a brothel.
> There's a tiny plaque somewhere that says "Gin Palace" but when I read
> that I wasn't thinking "Gin" as in alcohol, perhaps as a name...
> 
For truely weird, be sure to check out The Croft Institute...

> It's way too noisy and crowded on Friday and Saturdays nights to be
> enjoyable in my opinion.  Thursday should be good (so long as we can all
> make it to work the next morning.)
> 
Agreed--what's the fun of a meet if we can't talk?

-- 
  Jeremy Howard
  jhoward@fastmail.fm

From scottp at dd.com.au  Sat Nov  2 23:29:03 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:45 2004
Subject: CGI Development - Multiple Entry or Dispatch
Message-ID: <29D4C7C6-EEED-11D6-B7F5-003065B58CF8@dd.com.au>

Hey Dudes,

When developing CGI, wether via web application style (ala Mod Perl) or 
individual (ala CGI) you get the choice of having multiple entry points 
or a dispatch.

Most programs never go for complete multiple entry. Usually you will 
get a CGI script to view, edit and save an entry of some type (eg: in a 
database). So even multiple entry points have at least some dispatch.

An alternative is to have a single entry point for an application, 
where you have a dispatch (usually around the rest of the PATH) to 
decide if you want to list vs edit vs save etc.

Do people have an opinion on what is the better way and why? What would 
you recommend if you were developing all over again ?

Scott
-- 
Scott Penrose
Anthropomorphic Personification Expert
http://search.cpan.org/search?author=SCOTT
scott@cpan.org

Dismaimer: While every attempt has been made to make sure that this 
email only contains zeros and ones, there has been no effort made to 
guarantee the quantity or the order.


From scottp at dd.com.au  Sun Nov  3 17:01:07 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:45 2004
Subject: CGI Development - Multiple Entry or Dispatch
In-Reply-To: <3DC61BD1.4070500@iprimus.com.au>
Message-ID: <22B2F6B6-EF80-11D6-B7F5-003065B58CF8@dd.com.au>


On Monday, Nov 4, 2002, at 18:03 Australia/Melbourne, David Dick wrote:

> can you give a short code example of what you mean by multiple entry 
> and dispatch methods?

dispatch.cgi
------------

	use MyImplementation;
	my $m = MyImplementation-new();

	if ($ENV{PATH_INFO} eq "") {
		$m->view;
	} elsif ($ENV{PATH_INFO} eq "edit") {
		$m->edit;
	} elsif ($ENV{PATH_INFO} eq "save") {
		$m->save;
	} else {
		$m->error;
	}



OR, multiple methods

view.cgi
--------
	use MyImplementation;
	MyImplementation-new()->view();

edit.cgi
--------
	use MyImplementation;
	MyImplementation-new()->edit();
	
save.cgi
--------
	use MyImplementation;
	MyImplementation-new()->save();


Of course in the multiple version, you generally actually implement the 
code there, rather than just calling another method.

The advantages of single point of entry are:
	- Single location of code
	- Single point for setting up, database handles, config etc
	- Easier to make mod perl

The advantages of multiple entry points are:
	- Easier to implement
	- Faster to load (less code to compile)
	- Getting the web server to do what you would have to do manually.
	- More flexibility on installation (just web server config changes)

Scott


> Scott Penrose wrote:
>
>> Hey Dudes,
>>
>> When developing CGI, wether via web application style (ala Mod Perl) 
>> or individual (ala CGI) you get the choice of having multiple entry 
>> points or a dispatch.
>>
>> Most programs never go for complete multiple entry. Usually you will 
>> get a CGI script to view, edit and save an entry of some type (eg: in 
>> a database). So even multiple entry points have at least some 
>> dispatch.
>>
>> An alternative is to have a single entry point for an application, 
>> where you have a dispatch (usually around the rest of the PATH) to 
>> decide if you want to list vs edit vs save etc.
>>
>> Do people have an opinion on what is the better way and why? What 
>> would you recommend if you were developing all over again ?
>>
>> Scott
>
>
>
>
>
-- 
Scott Penrose
Welcome to the Digital Dimension
http://www.dd.com.au/
scottp@dd.com.au

Dismaimer: Contents of this mail and signature are bound to change 
randomly. Whilst every attempt has been made to control said 
randomness, the author wishes to remain blameless for the number of 
eggs that damn chicken laid. Oh and I don't want to hear about 
butterflies either.


From pjf at perltraining.com.au  Sun Nov  3 21:51:24 2002
From: pjf at perltraining.com.au (Paul Fenwick)
Date: Wed Aug  4 00:02:45 2004
Subject: CGI Development - Multiple Entry or Dispatch
In-Reply-To: <22B2F6B6-EF80-11D6-B7F5-003065B58CF8@dd.com.au>
References: <3DC61BD1.4070500@iprimus.com.au> <22B2F6B6-EF80-11D6-B7F5-003065B58CF8@dd.com.au>
Message-ID: <20021104035124.GC25433@mukc.org.au>

G'day Scotty / Melb.PM,

	Golly, my answer to this question is a great big "it depends".
If the project involves mod_perl or CGI::Fast, then the dispatch
mechansim as some obvious advantages.  Modules only need to be
loaded once, a single database connection can be used, and data
can be cached between requests.

	Of course, if your various functions have little overlap
with each other, then you may only have a negligible speed saving
from using dispatch vs multiple methods.  Outside of a mod_perl/fastcgi
environment, dispatch becomes slower as there's more code to
load in and parse.

	At the end of the day, unless one method gives you a
*significant* saving or advantage over the other, then I can't
say I have an opinion either way.  I've personally used both
methodologies, and continue to do so.  Usually I'm aiming for
whichever approach gives the most clean, maintainable, and efficient
code.  Most of the time I use both methods -- dispatch for
closely related features, and multiple entry for widely
separated ones.

	All the best,

		Paul

-- 
Paul Fenwick <pjf@perltraining.com.au> | http://perltraining.com.au/
Director of Training                   | Ph:  +61 3 9354 6001
Perl Training Australia                | Fax: +61 3 9354 2681

From joshua at roughtrade.net  Sun Nov  3 23:26:00 2002
From: joshua at roughtrade.net (Joshua Goodall)
Date: Wed Aug  4 00:02:45 2004
Subject: CGI Development - Multiple Entry or Dispatch
In-Reply-To: <22B2F6B6-EF80-11D6-B7F5-003065B58CF8@dd.com.au>
References: <3DC61BD1.4070500@iprimus.com.au> <22B2F6B6-EF80-11D6-B7F5-003065B58CF8@dd.com.au>
Message-ID: <20021104052600.GE16670@roughtrade.net>

On Mon, Nov 04, 2002 at 10:01:07AM +1100, Scott Penrose wrote:
> dispatch.cgi
> ------------
> 
> 	use MyImplementation;
> 	my $m = MyImplementation-new();
> 
> 	if ($ENV{PATH_INFO} eq "") {
> 		$m->view;
> 	} elsif ($ENV{PATH_INFO} eq "edit") {
> 		$m->edit;
> 	} elsif ($ENV{PATH_INFO} eq "save") {
> 		$m->save;
> 	} else {
> 		$m->error;
> 	}

This seems more maintainable to me. You could even abstract it
(validation notwithstanding):

	use MyImplementation;
	use CGI;

	my $m = new MyImplementation;
	my $q = new CGI;
	my $p = $ENV{PATH_INFO};

	$m->$p($q) if $m->publicmethod($p);

This turns the request into a facade for invocation of a method
on a visited object.  OO pattern freaks please note :)

This is not unlike the container model of a J2EE server, although
without any of the sophistication (resource/instance pooling etc).

If MyImplementation is autosplit, then neither approach needs much
compilation.

The dispatch model also allows MyImplementation to be a completely
remote process.  In the multiple methods model, you're constrained
to only implementing remote methods known in advance.

Not many people need such separation, of course.  I think ultimately
only very large or complex OO systems benefit (in maintainability)
from strict pattern usage.  Everything else seems to fall into the
category of "whatever seems most appropriate at the time".

Joshua

From david_dick at iprimus.com.au  Mon Nov  4 12:49:30 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:45 2004
Subject: CGI Development - Multiple Entry or Dispatch
In-Reply-To: <3DC61BD1.4070500@iprimus.com.au>
References: <3DC61BD1.4070500@iprimus.com.au> <22B2F6B6-EF80-11D6-B7F5-003065B58CF8@dd.com.au> <20021104052600.GE16670@roughtrade.net>
Message-ID: <3DC6C13A.7050506@iprimus.com.au>

Joshua Goodall wrote:

>On Mon, Nov 04, 2002 at 10:01:07AM +1100, Scott Penrose wrote:
>  
>
>>dispatch.cgi
>>------------
>>
>>	use MyImplementation;
>>	my $m = MyImplementation-new();
>>
>>	if ($ENV{PATH_INFO} eq "") {
>>		$m->view;
>>	} elsif ($ENV{PATH_INFO} eq "edit") {
>>		$m->edit;
>>	} elsif ($ENV{PATH_INFO} eq "save") {
>>		$m->save;
>>	} else {
>>		$m->error;
>>	}
>>    
>>
>
>This seems more maintainable to me. You could even abstract it
>(validation notwithstanding):
>
>	use MyImplementation;
>	use CGI;
>
>	my $m = new MyImplementation;
>	my $q = new CGI;
>	my $p = $ENV{PATH_INFO};
>
>	$m->$p($q) if $m->publicmethod($p);
>
>This turns the request into a facade for invocation of a method
>on a visited object.  OO pattern freaks please note :)
>
>This is not unlike the container model of a J2EE server, although
>without any of the sophistication (resource/instance pooling etc).
>
where does J2EE implement this sort of stuff? I always imagined that 
instance pooling would be handled by a some sort of proxy thingy 
inbetween the script and MyImplementation method, like

my $m = proxy_new MyImplementation;

to allow for the pooling to be used by cron jobs for example.  Or am i 
completely off the wall here?

>If MyImplementation is autosplit, then neither approach needs much
>compilation.
>
>The dispatch model also allows MyImplementation to be a completely
>remote process.  In the multiple methods model, you're constrained
>to only implementing remote methods known in advance.
>
i would argue that can be a strength of multiple methods.  It forces a 
private vs public methods implementation, and stops a later developer 
from blowing a hole in the application by developing 
MyImplemention->admin_function() only to find out that without his/her 
knowledge, it's become a function available to anyone with a web browser.

>Not many people need such separation, of course.  I think ultimately
>only very large or complex OO systems benefit (in maintainability)
>from strict pattern usage.  Everything else seems to fall into the
>category of "whatever seems most appropriate at the time".
>
>Joshua
>
>  
>


From david_dick at iprimus.com.au  Mon Nov  4 13:02:02 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:45 2004
Subject: CGI Development - Multiple Entry or Dispatch
In-Reply-To: <3DC61BD1.4070500@iprimus.com.au>
References: <3DC61BD1.4070500@iprimus.com.au> <22B2F6B6-EF80-11D6-B7F5-003065B58CF8@dd.com.au> <20021104035124.GC25433@mukc.org.au>
Message-ID: <3DC6C42A.1050407@iprimus.com.au>

on a side note, how many people actually use 'real' PerlHandlers for 
their web applications and how many develop CGI scripts and smack 'em 
along with Apache::Registry?  i just like using Apache::Registry because 
it lets me debug in a more controlled fashion and it's more portable (to 
what i don't know :)).  Anyone prefer using the 'real' PerlHandlers?

Paul Fenwick wrote:

>G'day Scotty / Melb.PM,
>
>	Golly, my answer to this question is a great big "it depends".
>If the project involves mod_perl or CGI::Fast, then the dispatch
>mechansim as some obvious advantages.  Modules only need to be
>loaded once, 
>
i thought that mod_perl meant that regardless of how many times a module 
was used, it was only loaded once?

>a single database connection can be used, 
>
doesn't Apache::DBI type solutions solve this regardless of whether 
multiple entry/dispatch is being used?

>and data
>can be cached between requests.
>
don't understand this one either. sorry. :) could you give an example of 
why you can't cache with the multiple entry points?

>
>	Of course, if your various functions have little overlap
>with each other, then you may only have a negligible speed saving
>from using dispatch vs multiple methods.  Outside of a mod_perl/fastcgi
>environment, dispatch becomes slower as there's more code to
>load in and parse.
>
>	At the end of the day, unless one method gives you a
>*significant* saving or advantage over the other, then I can't
>say I have an opinion either way.  I've personally used both
>methodologies, and continue to do so.  Usually I'm aiming for
>whichever approach gives the most clean, maintainable, and efficient
>code.  Most of the time I use both methods -- dispatch for
>closely related features, and multiple entry for widely
>separated ones.
>
>	All the best,
>
>		Paul
>
>  
>


From joshua at roughtrade.net  Mon Nov  4 06:26:29 2002
From: joshua at roughtrade.net (Joshua Goodall)
Date: Wed Aug  4 00:02:45 2004
Subject: CGI Development - Multiple Entry or Dispatch
In-Reply-To: <3DC6C13A.7050506@iprimus.com.au>
References: <3DC61BD1.4070500@iprimus.com.au> <22B2F6B6-EF80-11D6-B7F5-003065B58CF8@dd.com.au> <20021104052600.GE16670@roughtrade.net> <3DC6C13A.7050506@iprimus.com.au>
Message-ID: <20021104122629.GA426@roughtrade.net>

On Mon, Nov 04, 2002 at 06:49:30PM +0000, David Dick wrote:
> >This is not unlike the container model of a J2EE server, although
> >without any of the sophistication (resource/instance pooling etc).
> >
> where does J2EE implement this sort of stuff? I always imagined that 
> instance pooling would be handled by a some sort of proxy thingy 
> inbetween the script and MyImplementation method, like
> 
> my $m = proxy_new MyImplementation;
> 
> to allow for the pooling to be used by cron jobs for example.  Or am i 
> completely off the wall here?

You're not at all, as far as I know; in particular I had in mind
the life-cycle of a J2EE Session EJB.  Although in J2EE, it's up to
the container (a subsection of the application server) precisely when to
instantiate for you, and it's typically abstracted through a directory
service and an abstractfactory pattern.

It's quite overblown outside of multi-tier applications.

> i would argue that can be a strength of multiple methods.  It forces a 
> private vs public methods implementation, and stops a later developer 
> from blowing a hole in the application by developing 
> MyImplemention->admin_function() only to find out that without his/her 
> knowledge, it's become a function available to anyone with a web browser.

I think only a very naive implementation of the dispatch approach
would allow such.  E.g., all the sample code in this thread checked the
allowedness of a method. 

J

-- 
Joshua Goodall
joshua@roughtrade.net               "Your byte hit ratio is weak, old man"
"If you cache me now, I will dump more core than you can possibly imagine"

From david_dick at iprimus.com.au  Tue Nov  5 02:59:32 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:45 2004
Subject: CGI Development - Multiple Entry or Dispatch
In-Reply-To: <3DC61BD1.4070500@iprimus.com.au>
References: <3DC61BD1.4070500@iprimus.com.au> <22B2F6B6-EF80-11D6-B7F5-003065B58CF8@dd.com.au> <20021104052600.GE16670@roughtrade.net> <3DC6C13A.7050506@iprimus.com.au> <20021104122629.GA426@roughtrade.net>
Message-ID: <3DC78874.5070605@iprimus.com.au>



Joshua Goodall wrote:

>On Mon, Nov 04, 2002 at 06:49:30PM +0000, David Dick wrote:
>  
>
>>>This is not unlike the container model of a J2EE server, although
>>>without any of the sophistication (resource/instance pooling etc).
>>>
>>>      
>>>
>>where does J2EE implement this sort of stuff? I always imagined that 
>>instance pooling would be handled by a some sort of proxy thingy 
>>inbetween the script and MyImplementation method, like
>>
>>my $m = proxy_new MyImplementation;
>>
>>to allow for the pooling to be used by cron jobs for example.  Or am i 
>>completely off the wall here?
>>    
>>
>
>You're not at all, as far as I know; in particular I had in mind
>the life-cycle of a J2EE Session EJB.  Although in J2EE, it's up to
>the container (a subsection of the application server) precisely when to
>instantiate for you, and it's typically abstracted through a directory
>service and an abstractfactory pattern.
>
>It's quite overblown outside of multi-tier applications.
>
>  
>
>>i would argue that can be a strength of multiple methods.  It forces a 
>>private vs public methods implementation, and stops a later developer 
>>from blowing a hole in the application by developing 
>>MyImplemention->admin_function() only to find out that without his/her 
>>knowledge, it's become a function available to anyone with a web browser.
>>    
>>
>
>I think only a very naive implementation of the dispatch approach
>would allow such.  E.g., all the sample code in this thread checked the
>allowedness of a method. 
>
yeah, good point.

>  
>


From mjs at beebo.org  Tue Nov  5 07:09:22 2002
From: mjs at beebo.org (Michael Stillwell)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
Message-ID: <CD356724-F0BF-11D6-8749-0003930BCEFA@beebo.org>

Good CGI discussion this week!

I've been thinking recently about some of the more crapful aspects of 
CGI application development.  In particular, what techniques to people 
use to get around the fact that CGI applications don't get the 
(surprisingly helpful) implicit preconditions and automatic stack and 
scope maintenance bits and pieces that regular applications get for 
free (simply by ordering and nesting statements)?

For example, in a regular application, to get the user to confirm the 
transfer of some amount of money from one account to another is a 
matter of a few lines of code like:

   if (confirm(sprintf("Really transfer %d dollars from %s to %s?", $n, 
$a1, $a2))) {
     # DO TRANSFER
     message("Transfer successful");
   }

   else {
     # ABORT TRANSFER
     message("Transfer aborted");
   }

To get the equivalent effect in a CGI application (where the "confirm" 
screen appears on a separate page) you need to do an amazing number of 
things yourself:

1. Because Perl doesn't make it very convenient to jump (or transfer 
control) to the *middle* of a function (actually, I'm not sure that 
this is even possible), you need to break your functions in two 
whenever you seek user input.  So in the example above, the code 
following the call to confirm()  must appear in a separate function.  
Another shitty consequence of this is that you must supply the "return 
address" to confirm() yourself:

   sub transfer_part1 {
     # ...
     confirm("Really transfer?", "transfer_part2");
   }

   sub transfer_part2 {
     my ($result) = @_;

     if ($result) {
       # DO TRANSFER
     }

     else {
       # ABORT TRANSFER
     }
   }

2. You need to save and restore state information, so that when you 
return from the confirm "call" (in transfer_part2()) you know what $n, 
$a1 and $a2 were, as well as what the account number was, etc.  (And, 
you can't use any sort of conventional stack for this because you have 
almost no control over the route the user takes through your program.  
For example, you can't even guarantee that confirm() will return before 
something happens elsewhere in your program, because the user backed up 
a few pages and hit submit.)

3. You need to confirm, in transfer_part2() that the user really is who 
they say they are.

How do people get around these problems?  Why is the code for web app 
UIs very different to that of desktop app UIs?  I suppose some of these 
problems could be solved if the web server kept the running program in 
memory across requests (instead of starting a new instance each time), 
but I don't know of any system that does this.  Are there any?  (And I 
haven't thought about it much, but I suspect this approach would also 
be horribly complicated too, albeit in different ways.)





--M.

* * *
http://beebo.org


From david_dick at iprimus.com.au  Wed Nov  6 00:48:23 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
In-Reply-To: <CD356724-F0BF-11D6-8749-0003930BCEFA@beebo.org>
References: <CD356724-F0BF-11D6-8749-0003930BCEFA@beebo.org>
Message-ID: <3DC8BB37.8020703@iprimus.com.au>



Michael Stillwell wrote:

> Good CGI discussion this week!
>
> I've been thinking recently about some of the more crapful aspects of 
> CGI application development.  In particular, what techniques to people 
> use to get around the fact that CGI applications don't get the 
> (surprisingly helpful) implicit preconditions and automatic stack and 
> scope maintenance bits and pieces that regular applications get for 
> free (simply by ordering and nesting statements)?

The way i've always thought of it is that CGI/mod_perl development is 
_always_ going to be significantly slower than GUI apps to develop, 
because you have to build everything in CGI from scratch, namely the 
truely horrific possiblities of stateless connections (attaching 
last_updated & last_updated_by fields to _every_ screen of updatable 
data  at least).  However, the longer development cycle is far 
outweighed by the fact that a bugfix/feature add to an application 
rolled out to 100's+ users can be re-rolled out in a matter of 
milli-seconds with a CGI app.  (It also means that you are developing 
with the maintenance cycle in mind, so it's more important than usual to 
comment and code cleanly. :)

Another thing is that lots of the stuff you mention can be significantly 
reduced by getting a good application framework.  I can't say I can 
recommend one (anyone?), cos I tend to carry around one that i wrote 
myself, but once you get comfortable with a good framework, a lot of 
these hassles should go away.

>
>
> For example, in a regular application, to get the user to confirm the 
> transfer of some amount of money from one account to another is a 
> matter of a few lines of code like:
>
>   if (confirm(sprintf("Really transfer %d dollars from %s to %s?", $n, 
> $a1, $a2))) {
>     # DO TRANSFER
>     message("Transfer successful");
>   }
>
>   else {
>     # ABORT TRANSFER
>     message("Transfer aborted");
>   }
>
> To get the equivalent effect in a CGI application (where the "confirm" 
> screen appears on a separate page) you need to do an amazing number of 
> things yourself:
>
> 1. Because Perl doesn't make it very convenient to jump (or transfer 
> control) to the *middle* of a function (actually, I'm not sure that 
> this is even possible), you need to break your functions in two 
> whenever you seek user input.  So in the example above, the code 
> following the call to confirm()  must appear in a separate function.  
> Another shitty consequence of this is that you must supply the "return 
> address" to confirm() yourself:
>
>   sub transfer_part1 {
>     # ...
>     confirm("Really transfer?", "transfer_part2");
>   }
>
>   sub transfer_part2 {
>     my ($result) = @_;
>
>     if ($result) {
>       # DO TRANSFER
>     }
>
>     else {
>       # ABORT TRANSFER
>     }
>   }
>
> 2. You need to save and restore state information, so that when you 
> return from the confirm "call" (in transfer_part2()) you know what $n, 
> $a1 and $a2 were, as well as what the account number was, etc.  (And, 
> you can't use any sort of conventional stack for this because you have 
> almost no control over the route the user takes through your program.  
> For example, you can't even guarantee that confirm() will return 
> before something happens elsewhere in your program, because the user 
> backed up a few pages and hit submit.)
>
> 3. You need to confirm, in transfer_part2() that the user really is 
> who they say they are.
>
> How do people get around these problems?  Why is the code for web app 
> UIs very different to that of desktop app UIs?  I suppose some of 
> these problems could be solved if the web server kept the running 
> program in memory across requests (instead of starting a new instance 
> each time), but I don't know of any system that does this.  Are there 
> any?  (And I haven't thought about it much, but I suspect this 
> approach would also be horribly complicated too, albeit in different 
> ways.)
>
>
>
>
>
> --M.
>
> * * *
> http://beebo.org
>
>


From david_dick at iprimus.com.au  Wed Nov  6 01:19:27 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:45 2004
Subject: XSS,CGI && Template Toolkit
In-Reply-To: <CD356724-F0BF-11D6-8749-0003930BCEFA@beebo.org>
References: <CD356724-F0BF-11D6-8749-0003930BCEFA@beebo.org> <3DC8BB37.8020703@iprimus.com.au>
Message-ID: <3DC8C27F.4010301@iprimus.com.au>

Got a bit of a problem with Cross Site Scripting.  The way I've been 
writing web apps is by using $cgi->param to suck in values from the user 
and using the Template Toolkit to generate the html.  However, CGI.pm 
seems to assume that you'll use the CGI.pm routines to output html, so 
the param method unencodes everything it can, while the CGI.pm output 
commands encodes them.  Translated..... <INPUT TYPE="TEXT" 
NAME="Something" VALUE="&lt;SCRIPT&gt;"> will be translated by 
$cgi->param into <SCRIPT> and the print commands will reencode it as 
&lt;SCRIPT&gt; to protect against Cross Site Scripting attacks.  The way 
i've been thinking, CGI.pm does do the correct thing, the place to 
encode all of that stuff is in the output routine.  I can't find a easy 
way of doing this in Template Toolkit.  I think I need a automatic 
FILTER or something.  Anyone else have this problem or come up with an 
easy solution?


From scottp at dd.com.au  Tue Nov  5 16:10:04 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
In-Reply-To: <CD356724-F0BF-11D6-8749-0003930BCEFA@beebo.org>
Message-ID: <5633A254-F10B-11D6-B7F5-003065B58CF8@dd.com.au>

> How do people get around these problems?  Why is the code for web app 
> UIs very different to that of desktop app UIs?  I suppose some of 
> these problems could be solved if the web server kept the running 
> program in memory across requests (instead of starting a new instance 
> each time), but I don't know of any system that does this.  Are there 
> any?  (And I haven't thought about it much, but I suspect this 
> approach would also be horribly complicated too, albeit in different 
> ways.)

I have seen LOTS of software around for coping with State, and keeping 
the persistence of an object. But in all cases I have not seen the 
concept of your example.

   sub transfer_part1 {
     # ...
     confirm("Really transfer?", "transfer_part2");
   }

   sub transfer_part2 {
     my ($result) = @_;

     if ($result) {
       # DO TRANSFER
     }

     else {
       # ABORT TRANSFER
     }
   }

Where 'confirm' above basically would trigger.

	- Save the current state and location
	- Generate a web page and appropriate URL

And then on return the code would have to

	- Reauthenticate the request (make sure it is the same user and same 
request)
	- Check it has not timed out
	- Restore states
	- Jump back into location.

Of course the save and restore states are not necessary, the 
application could continue to run (this is the idea of the agents talk 
that Danger gave a few months ago).

Now we can simplify it a little by...

Where 'confirm' above basically would trigger.

	- Generate a web page and appropriate URL to return

And then on return the code would have to

	- Reauthenticate the request (make sure it is the same user and same 
request)
	- Return from the method.

This is tricky but no impossible. The idea is quite nice in that you 
would be generating simple dispatch mechanisms, we now need to only 
know which of the 'agents' we need to talk back to.

The tricks would be around clean up (like all stateful implementations 
across a non stateful protocol). eg: the 'confirm' method would have 
some type of timeout, which then returns with fail somehow.

Also in a normal application, if another application is run, we can 
usually say 'sorry locked, exit the other one first'. We can't do that 
in Web, as it may be that the application is no longer accessible (eg: 
browser crashed and lost session id), so we have to offer the user a 
way of force quitting the application.

There are many bits of software out there to handle state and dispatch 
mechanisms to allow the request/confirm/do or cancel approach above, 
but all that I have seen require new entry points for each, and an 
object to hand around. Has anyone seen any code to do what Michael is 
suggesting above, and jump from the middle of a routine, like you would 
processing in a normal application.?

Scott
-- 
Scott Penrose
VP in charge of Pancakes
http://linux.dd.com.au/
scottp@dd.com.au

Dismaimer: If you receive this email in error - please eat it 
immediately to prevent it from falling into the wrong hands.


From daniel at landmarksoftware.com.au  Tue Nov  5 20:26:44 2002
From: daniel at landmarksoftware.com.au (Daniel Walmsley)
Date: Wed Aug  4 00:02:45 2004
Subject: XSS,CGI && Template Toolkit
Message-ID: <10328A423AC2D311AE5B0008C70FE564106F28@LANDNT>

Doesn't TT2 have a built-in html filter? [% myval | html %]

-----Original Message-----
From: David Dick [mailto:david_dick@iprimus.com.au] 
Sent: Wednesday, 6 November 2002 6:19 PM
To: melbourne-pm@pm.org
Subject: XSS,CGI && Template Toolkit


Got a bit of a problem with Cross Site Scripting.  The way I've been 
writing web apps is by using $cgi->param to suck in values from the user 
and using the Template Toolkit to generate the html.  However, CGI.pm 
seems to assume that you'll use the CGI.pm routines to output html, so 
the param method unencodes everything it can, while the CGI.pm output 
commands encodes them.  Translated..... <INPUT TYPE="TEXT" 
NAME="Something" VALUE="&lt;SCRIPT&gt;"> will be translated by 
$cgi->param into <SCRIPT> and the print commands will reencode it as 
&lt;SCRIPT&gt; to protect against Cross Site Scripting attacks.  The way 
i've been thinking, CGI.pm does do the correct thing, the place to 
encode all of that stuff is in the output routine.  I can't find a easy 
way of doing this in Template Toolkit.  I think I need a automatic 
FILTER or something.  Anyone else have this problem or come up with an 
easy solution?

From david_dick at iprimus.com.au  Wed Nov  6 13:03:01 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:45 2004
Subject: XSS,CGI && Template Toolkit
In-Reply-To: <10328A423AC2D311AE5B0008C70FE564106F28@LANDNT>
References: <10328A423AC2D311AE5B0008C70FE564106F28@LANDNT>
Message-ID: <3DC96765.5040009@iprimus.com.au>

Yeah, but that puts the responsibility for preventing XSS attacks onto 
the html coder, which is not what i want to rely on.

Daniel Walmsley wrote:

>Doesn't TT2 have a built-in html filter? [% myval | html %]
>
>-----Original Message-----
>From: David Dick [mailto:david_dick@iprimus.com.au] 
>Sent: Wednesday, 6 November 2002 6:19 PM
>To: melbourne-pm@pm.org
>Subject: XSS,CGI && Template Toolkit
>
>
>Got a bit of a problem with Cross Site Scripting.  The way I've been 
>writing web apps is by using $cgi->param to suck in values from the user 
>and using the Template Toolkit to generate the html.  However, CGI.pm 
>seems to assume that you'll use the CGI.pm routines to output html, so 
>the param method unencodes everything it can, while the CGI.pm output 
>commands encodes them.  Translated..... <INPUT TYPE="TEXT" 
>NAME="Something" VALUE="&lt;SCRIPT&gt;"> will be translated by 
>$cgi->param into <SCRIPT> and the print commands will reencode it as 
>&lt;SCRIPT&gt; to protect against Cross Site Scripting attacks.  The way 
>i've been thinking, CGI.pm does do the correct thing, the place to 
>encode all of that stuff is in the output routine.  I can't find a easy 
>way of doing this in Template Toolkit.  I think I need a automatic 
>FILTER or something.  Anyone else have this problem or come up with an 
>easy solution?
>
>  
>


From david_dick at iprimus.com.au  Wed Nov  6 14:34:18 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
In-Reply-To: <5633A254-F10B-11D6-B7F5-003065B58CF8@dd.com.au>
References: <5633A254-F10B-11D6-B7F5-003065B58CF8@dd.com.au>
Message-ID: <3DC97CCA.5000409@iprimus.com.au>



Scott Penrose wrote:

>> How do people get around these problems?  Why is the code for web app 
>> UIs very different to that of desktop app UIs?  I suppose some of 
>> these problems could be solved if the web server kept the running 
>> program in memory across requests (instead of starting a new instance 
>> each time), but I don't know of any system that does this.  Are there 
>> any?  (And I haven't thought about it much, but I suspect this 
>> approach would also be horribly complicated too, albeit in different 
>> ways.)
>
>
> I have seen LOTS of software around for coping with State, and keeping 
> the persistence of an object. But in all cases I have not seen the 
> concept of your example.
>
>   sub transfer_part1 {
>     # ...
>     confirm("Really transfer?", "transfer_part2");
>   }
>
>   sub transfer_part2 {
>     my ($result) = @_;
>
>     if ($result) {
>       # DO TRANSFER
>     }
>
>     else {
>       # ABORT TRANSFER
>     }
>   }
>
> Where 'confirm' above basically would trigger.
>
>     - Save the current state and location
>     - Generate a web page and appropriate URL
>
> And then on return the code would have to
>
>     - Reauthenticate the request (make sure it is the same user and 
> same request)
>     - Check it has not timed out
>     - Restore states
>     - Jump back into location.
>
> Of course the save and restore states are not necessary, the 
> application could continue to run (this is the idea of the agents talk 
> that Danger gave a few months ago).
>
> Now we can simplify it a little by...
>
> Where 'confirm' above basically would trigger.
>
>     - Generate a web page and appropriate URL to return
>
> And then on return the code would have to
>
>     - Reauthenticate the request (make sure it is the same user and 
> same request)
>     - Return from the method.
>
> This is tricky but no impossible. The idea is quite nice in that you 
> would be generating simple dispatch mechanisms, we now need to only 
> know which of the 'agents' we need to talk back to.
>
> The tricks would be around clean up (like all stateful implementations 
> across a non stateful protocol). eg: the 'confirm' method would have 
> some type of timeout, which then returns with fail somehow.

i would have thought that the correct way of looking at it is not trying 
to emulate a GUI environment at all.  The problem essentially (unless i 
have missed something :)) is that we want a confirmation step and we 
want to be assured that the transfer only happens _once_.

This can be achieved with a minimum of fuss with the following steps.

provide a confirmation screen that has the details of the transfer with 
a confirmation URL something like

/transfer?State=Confirm&TransferId=[% transfer_id %]&LastUpdated=[% 
last_updated %]&LastUpdatedBy=[% last_updated_by %]&

where the transfer_id is the UID for the Transfer Object and the 
last_updated and last_updated_by fields are a representation of who and 
when last modified this transfer object.

assuming that the business has no processes at all... no names, no pack 
drill :), multiple people can all get to this same step and attempt to 
confirm the transfer at the same time.

therefore the transfer script (when it gets a State=Confirm etc, etc) must

1) Obtain a write lock on the transfer object (SELECT....FROM transfer 
WHERE transfer_id = $transferId FOR UPDATE)
2) Compare (SELECT last_updated_by, last_updated FROM transfer WHERE 
transfer_id = $transferId) with the LastUpdated and LastUpdatedBy values 
obtained via  $cgi->param().
3) If they are the same, then no-one has modified the object since we 
last looked at it.  If they are not the same, error out with a message 
telling the user that the object has
been modified since they last saw it.
4) If no-one has modified the object since we last looked at it, confirm 
the transfer (UPDATE transfer SET status = 'Confirmed', last_updated = 
$currentTime, last_updated_by = $currentUser)
5) Release the write lock on the transfer (COMMIT)

so long as these steps are followed, there will not be a drama with 
multiple successful confirmations.

>
> Also in a normal application, if another application is run, we can 
> usually say 'sorry locked, exit the other one first'. We can't do that 
> in Web, as it may be that the application is no longer accessible (eg: 
> browser crashed and lost session id), so we have to offer the user a 
> way of force quitting the application.
>
> There are many bits of software out there to handle state and dispatch 
> mechanisms to allow the request/confirm/do or cancel approach above, 
> but all that I have seen require new entry points for each, and an 
> object to hand around. Has anyone seen any code to do what Michael is 
> suggesting above, and jump from the middle of a routine, like you 
> would processing in a normal application.?

I've never this sort of code in a package, but i can't think how to put 
it in a package.  As stated previously, my best effort is to write a 
template once and then modify the template for each new job.  So I have 
no idea basically... :)



From scottp at dd.com.au  Wed Nov  6 05:22:17 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
In-Reply-To: <3DC97CCA.5000409@iprimus.com.au>
Message-ID: <02167DC8-F17A-11D6-B7F5-003065B58CF8@dd.com.au>


On Thursday, Nov 7, 2002, at 07:34 Australia/Melbourne, David Dick 
wrote:
> i would have thought that the correct way of looking at it is not 
> trying to emulate a GUI environment at all.  The problem essentially 
> (unless i have missed something :)) is that we want a confirmation 
> step and we want to be assured that the transfer only happens _once_.

Essentially I would agree with you. But the request was made (I think 
by Michael Stillwell) that it would be nice to use a GUI design 
metaphor. So I was just supplying a way that could b achieved.

> This can be achieved with a minimum of fuss with the following steps.
>
> provide a confirmation screen that has the details of the transfer 
> with a confirmation URL something like
>
> /transfer?State=Confirm&TransferId=[% transfer_id %]&LastUpdated=[% 
> last_updated %]&LastUpdatedBy=[% last_updated_by %]&

Yes of course, this is the way it would normally be done.

The conversation was just exploring the idea of using the GUI as a 
paradigm for development of CGI.
I think it was an interesting thought, but I think that it is probably 
not suitable. The only reason to probably do it is to allow users to 
write 'macros' to a web application.

eg: Say a user wanted to write really simple code like.

	X = getAccountNumber();
	if (X && getConfirm('Add $25 to your account?")) {
		addMoney(X, 25.00);
	}

It is certainly simple :-)

> where the transfer_id is the UID for the Transfer Object and the 
> last_updated and last_updated_by fields are a representation of who 
> and when last modified this transfer object.
>
> assuming that the business has no processes at all... no names, no 
> pack drill :), multiple people can all get to this same step and 
> attempt to confirm the transfer at the same time.
>
> therefore the transfer script (when it gets a State=Confirm etc, etc) 
> must
>
> 1) Obtain a write lock on the transfer object (SELECT....FROM transfer 
> WHERE transfer_id = $transferId FOR UPDATE)
> 2) Compare (SELECT last_updated_by, last_updated FROM transfer WHERE 
> transfer_id = $transferId) with the LastUpdated and LastUpdatedBy 
> values obtained via  $cgi->param().
> 3) If they are the same, then no-one has modified the object since we 
> last looked at it.  If they are not the same, error out with a message 
> telling the user that the object has
> been modified since they last saw it.
> 4) If no-one has modified the object since we last looked at it, 
> confirm the transfer (UPDATE transfer SET status = 'Confirmed', 
> last_updated = $currentTime, last_updated_by = $currentUser)
> 5) Release the write lock on the transfer (COMMIT)
>
> so long as these steps are followed, there will not be a drama with 
> multiple successful confirmations.

Yes :-) Well thought out and definitely the current way it should be 
done.

Thanks David

Scott
-- 
Scott Penrose
VP in charge of Pancakes
http://linux.dd.com.au/
scottp@dd.com.au

Dismaimer: If you receive this email in error - please eat it 
immediately to prevent it from falling into the wrong hands.


From jh_lists at fastmail.fm  Wed Nov  6 05:38:21 2002
From: jh_lists at fastmail.fm (JP Howard)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
Message-ID: <20021106113821.41A444CD2E3@server5.fastmail.fm>

On Wed, 6 Nov 2002 22:22:17 +1100, "Scott Penrose" <scottp@dd.com.au>
said:
> 
> On Thursday, Nov 7, 2002, at 07:34 Australia/Melbourne, David Dick 
> wrote:
> > i would have thought that the correct way of looking at it is not 
> > trying to emulate a GUI environment at all.  The problem essentially 
> > (unless i have missed something :)) is that we want a confirmation 
> > step and we want to be assured that the transfer only happens _once_.
> 
> Essentially I would agree with you. But the request was made (I think 
> by Michael Stillwell) that it would be nice to use a GUI design 
> metaphor. So I was just supplying a way that could b achieved.
> 
This can be done within a GUI design metaphor by having your session
framework include a hidden field (or GET param) with a random value that
is stored in the server session as well. If that value is received twice,
you know that the transaction has been submitted twice. You can abstract
out the generation and validation of this value into your session
framework so that you don't have to think of it when writing your app
modules.

This has the problem that it breaks the Back button (since that will
resubmit the same value), but that's pretty much impossible to avoid if
you want to deal with this problem.

From daniel at landmarksoftware.com.au  Wed Nov  6 08:05:56 2002
From: daniel at landmarksoftware.com.au (Daniel Walmsley)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
Message-ID: <10328A423AC2D311AE5B0008C70FE564106F2D@LANDNT>

I originally forwarded this to the wrong address. Apologies if these
concerns have already been answered (regardless, this is something of a
non-solution). Anyway, here we go...

I'm going to get flamed for this, I'm sure ;)

I've been playing with ASP.NET and Visual Studio .NET a little bit (a couple
of hours in total), and this is exactly the sort of thing they're heading
for. You create an application interface by dragging and dropping components
(calendar controls, buttons, images, data grids, etc) onto a form, and you
attach properties/events to them. Then when you deploy, they get compiled as
an .aspx page and a dll. The client is just a normal web browser (yep, I've
tested it with mozilla, and *almost* everything works - fscking Microsoft),
and the web server and .NET runtime handle session information and
everything works just as it was designed. It really is almost exactly the
same experience as writing a standard, client-side GUI application.

The other cool thing is that you can write one app, and have to turned into
WML, cHTML, HTML, or any number of other dialects on the fly, depending on
what client was detected. It irons out the differences as best it can. This
is a boon for non-geeks ;) Anyway, I'm sure open source will write/has
written a system to do just this ;)

Obviously there will be limitations when you let the runtime and coding
environment do this much thinking for you. It's like being in a self-driving
car while blindfolded - you know you should trust it, but you feel like you
should at least have your eyes open. Or something.

Oh, yeah - and the hood is welded shut. I think that's how it goes. A night
of drinking and Karaoke makes everything a teensy bit muddier.

-----Original Message-----
From: Michael Stillwell [mailto:mjs@beebo.org] 
Sent: Wednesday, 6 November 2002 12:09 AM
To: melbourne-pm@pm.org
Subject: Paradigms for CGI application development?


Good CGI discussion this week!

I've been thinking recently about some of the more crapful aspects of 
CGI application development.  In particular, what techniques to people 
use to get around the fact that CGI applications don't get the 
(surprisingly helpful) implicit preconditions and automatic stack and 
scope maintenance bits and pieces that regular applications get for 
free (simply by ordering and nesting statements)?

For example, in a regular application, to get the user to confirm the 
transfer of some amount of money from one account to another is a 
matter of a few lines of code like:

   if (confirm(sprintf("Really transfer %d dollars from %s to %s?", $n, 
$a1, $a2))) {
     # DO TRANSFER
     message("Transfer successful");
   }

   else {
     # ABORT TRANSFER
     message("Transfer aborted");
   }

To get the equivalent effect in a CGI application (where the "confirm" 
screen appears on a separate page) you need to do an amazing number of 
things yourself:

1. Because Perl doesn't make it very convenient to jump (or transfer 
control) to the *middle* of a function (actually, I'm not sure that 
this is even possible), you need to break your functions in two 
whenever you seek user input.  So in the example above, the code 
following the call to confirm()  must appear in a separate function.  
Another shitty consequence of this is that you must supply the "return 
address" to confirm() yourself:

   sub transfer_part1 {
     # ...
     confirm("Really transfer?", "transfer_part2");
   }

   sub transfer_part2 {
     my ($result) = @_;

     if ($result) {
       # DO TRANSFER
     }

     else {
       # ABORT TRANSFER
     }
   }

2. You need to save and restore state information, so that when you 
return from the confirm "call" (in transfer_part2()) you know what $n, 
$a1 and $a2 were, as well as what the account number was, etc.  (And, 
you can't use any sort of conventional stack for this because you have 
almost no control over the route the user takes through your program.  
For example, you can't even guarantee that confirm() will return before 
something happens elsewhere in your program, because the user backed up 
a few pages and hit submit.)

3. You need to confirm, in transfer_part2() that the user really is who 
they say they are.

How do people get around these problems?  Why is the code for web app 
UIs very different to that of desktop app UIs?  I suppose some of these 
problems could be solved if the web server kept the running program in 
memory across requests (instead of starting a new instance each time), 
but I don't know of any system that does this.  Are there any?  (And I 
haven't thought about it much, but I suspect this approach would also 
be horribly complicated too, albeit in different ways.)





--M.

* * *
http://beebo.org

From david_dick at iprimus.com.au  Thu Nov  7 00:17:25 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
In-Reply-To: <02167DC8-F17A-11D6-B7F5-003065B58CF8@dd.com.au>
References: <02167DC8-F17A-11D6-B7F5-003065B58CF8@dd.com.au>
Message-ID: <3DCA0575.7090609@iprimus.com.au>



Scott Penrose wrote:

>
> On Thursday, Nov 7, 2002, at 07:34 Australia/Melbourne, David Dick wrote:
>
>> i would have thought that the correct way of looking at it is not 
>> trying to emulate a GUI environment at all.  The problem essentially 
>> (unless i have missed something :)) is that we want a confirmation 
>> step and we want to be assured that the transfer only happens _once_.
>
>
> Essentially I would agree with you. But the request was made (I think 
> by Michael Stillwell) that it would be nice to use a GUI design 
> metaphor. So I was just supplying a way that could b achieved.

okay. my mistake. :)


From david_dick at iprimus.com.au  Thu Nov  7 00:59:36 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
In-Reply-To: <10328A423AC2D311AE5B0008C70FE564106F2D@LANDNT>
References: <10328A423AC2D311AE5B0008C70FE564106F2D@LANDNT>
Message-ID: <3DCA0F58.5090002@iprimus.com.au>



Daniel Walmsley wrote:

>I originally forwarded this to the wrong address. Apologies if these
>concerns have already been answered (regardless, this is something of a
>non-solution). Anyway, here we go...
>
>I'm going to get flamed for this, I'm sure ;)
>  
>
*flame**flame*, etc..... happy? :) bloody hell i'm tired now.... :)

>I've been playing with ASP.NET and Visual Studio .NET a little bit (a couple
>of hours in total), and this is exactly the sort of thing they're heading
>for. You create an application interface by dragging and dropping components
>(calendar controls, buttons, images, data grids, etc) onto a form, and you
>attach properties/events to them. Then when you deploy, they get compiled as
>an .aspx page and a dll. The client is just a normal web browser (yep, I've
>tested it with mozilla, and *almost* everything works - fscking Microsoft),
>and the web server and .NET runtime handle session information and
>everything works just as it was designed. It really is almost exactly the
>same experience as writing a standard, client-side GUI application.
>  
>
i would be very interested to hear how things go when you use it with a 
project for a client. Like you said, there probably will be limitations, 
but it would be interesting to hear about how successful it is. 
Personally, i'm backing vi.... go silver sovereign, go!!! :)

>The other cool thing is that you can write one app, and have to turned into
>WML, cHTML, HTML, or any number of other dialects on the fly, depending on
>what client was detected. It irons out the differences as best it can. This
>is a boon for non-geeks ;) 
>
hahahahahahaha. How does VS .NET allow the graphic designer to input 
their stuff? Do they need to use VS .NET? Integrate with DreamWeaver, etc?


From scottp at dd.com.au  Wed Nov  6 14:42:28 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:45 2004
Subject: November Perl Mongers Meeting - Damian Conway on Perl 6
In-Reply-To: <94376B6A-F135-11D6-B7F5-003065B58CF8@dd.com.au>
Message-ID: <43E2445A-F1C8-11D6-B7F5-003065B58CF8@dd.com.au>

This months Perl Mongers meeting will be held on November 13th at 6pm
at myinternet in North Melbourne, where Damian Conway will be
presenting Perl 6.

Don't miss this key presentation on the new perl from the worlds best 
perl
presenter and one of the perl community's leading lights.

(See http://www.yetanother.org/damian/projects.html for more)

Along with this excellent talk, this night will give you an opportunity 
to win
a signed copy of Damians Book - "Object Oriented Perl" with a second
prize of "Rebel Code" by Glyn Moody.

(See 
http://books.guardian.co.uk/firstchapters/story/0,6761,471281,00.html 
for
the first chapter of Moody's dramatic chronicle of the Free Software 
and Open
Source movements).

As the talk goes for about 3 hours we will also be providing food
(nibbles and some hot food) and drink (coffee, tea and water).

When:
		Wednesday 13th of November
		6pm - doors open from 5:30pm

Where:
		myinternet
		Level 8, myinternet House
		14-20 Blackwood Street
		North Melbourne

What:
		Perl 6 Update - by Damian Conway
		Raffle for Object Oriented Perl and Rebel Code
		Free Food and Drink

After:
		Drink and fun atmosphere in the Pub (The Metropolitan)

-- 
Scott Penrose
VP in charge of Pancakes
http://linux.dd.com.au/
scottp@dd.com.au

Dismaimer: If you receive this email in error - please eat it 
immediately to prevent it from falling into the wrong hands.


-- 
Scott Penrose
Anthropomorphic Personification Expert
http://search.cpan.org/search?author=SCOTT
scott@cpan.org

Dismaimer: While every attempt has been made to make sure that this 
email only contains zeros and ones, there has been no effort made to 
guarantee the quantity or the order.


From jh_lists at fastmail.fm  Wed Nov  6 17:30:24 2002
From: jh_lists at fastmail.fm (JP Howard)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
Message-ID: <20021106233024.C91E547427A@server5.fastmail.fm>

On Thu, 7 Nov 2002 01:05:56 +1100 , "Daniel Walmsley"
<daniel@landmarksoftware.com.au> said:
> I've been playing with ASP.NET and Visual Studio .NET a little bit (a
> couple of hours in total), and this is exactly the sort of thing
> they're heading for. You create an application interface by dragging
> and dropping components (calendar controls, buttons, images, data
> grids, etc) onto a form, and you attach properties/events to them.

Yes, there's a lot to like about ASP.NET and the VS.NET IDE. There's been
discussions about this on the mod_perl list, and no-one has identified an
equivalent technology for Perl apps. There's template frameworks, of
course, but nothing with such a complete event-driven framework, or with
a such a rich graphical form builder.

ADO.NET is also really interesting, making it pretty easy to create
client-side data snapshots to avoid server round-trips.

Having said that, there's enormous downsides:
 - Tied to IIS, which means (amongst other things) high license fees if
 you need anything more than play functionality
 - Such a complex system *will* have bugs, but you can't fix them because
 you don't have the source
 - The vendor (MS) has a history of building dominance and then
 leveraging it to maximise their profits. So expect your costs to keep
 going up over time
 - Only Windows IE users will get the full experience of your app--as
 usual there are little annoyances in targeting non-Windows and/or non-IE
 browsers
 - Developers are somewhat tied to VS.NET; ASP.NET can be written without
 VS.NET, but it's a pretty code-heavy framework when you don't have the
 GUI builder to help you (but at least you can embed Vim in Visual
 Studio!)

With vendor lock-in for your servers, and your development tool, lack of
source code so you can't fix bugs, and a vendor history of leveraging
their market power to maximise their profits (and your costs!) the
business risks seem far too high to justify the convenience of the app
framework. There's nothing you can do in ASP.NET you can't do in
mod_perl, and of course mod_perl has plenty of advantages over ASP.NET
(like access to the full Apache API). It's just that some things are more
convenient in ASP.NET/VS.NET, and requires less skilled programmers.

IMO there's plenty of interesting ideas to for the Perl/mod_perl
community to learn from in ASP.NET. Most of these ideas are also present
in Delphi BTW, which is not surprising since MS pinched Delphi's lead
engineer...

From daniel at landmarksoftware.com.au  Wed Nov  6 18:00:25 2002
From: daniel at landmarksoftware.com.au (Daniel Walmsley)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
Message-ID: <10328A423AC2D311AE5B0008C70FE564106F32@LANDNT>

Just quickly, there has been a significant amount of work done to bring
ASP.NET and ADO.NET to Ximian's Mono:

http://www.go-mono.com/asp-net.html

These may (eventually) provide the features we're looking for - including
Apache integration!

It may not be everyone's cup'o'tea, but kudos to Ximian for having the guts
to commit to something like this. This is what needs to happen to break the
Microsoft "Embrace and Extend" strategy - do it to them before they do it to
you! :P Which is more likely to become the commodity .NET runtime:
Microsoft's Windows-only version, or one that works the same on Windows, OS
X, BSD, Linux, QNX, and others? ooooo-er!

The Mono project is currently trying to produce neat-o parsers and code
generators to replicate some of the groovy functionality found in VS.NET.
There is also a free .NET IDE that looks like it could eventually take on
VS.NET - SharpDevelop. It runs on the .NET runtime, too.

http://www.icsharpcode.net/OpenSource/SD/default.asp

Now, we can use ASP (or any new open-source equivalent) for the front-end,
MySQL for the back end, and Perl for what it was designed to do - gluing it
all together. Spitting out html from Perl directly always felt like a hack
;)

Cheers,
Danger

-----Original Message-----
From: JP Howard [mailto:jh_lists@fastmail.fm]
Sent: Thursday, 7 November 2002 10:30 AM
To: Daniel Walmsley; Melbourne Perl Mongers
Subject: Re: Paradigms for CGI application development?


On Thu, 7 Nov 2002 01:05:56 +1100 , "Daniel Walmsley"
<daniel@landmarksoftware.com.au> said:
> I've been playing with ASP.NET and Visual Studio .NET a little bit (a
> couple of hours in total), and this is exactly the sort of thing
> they're heading for. You create an application interface by dragging
> and dropping components (calendar controls, buttons, images, data
> grids, etc) onto a form, and you attach properties/events to them.

Yes, there's a lot to like about ASP.NET and the VS.NET IDE. There's been
discussions about this on the mod_perl list, and no-one has identified an
equivalent technology for Perl apps. There's template frameworks, of course,
but nothing with such a complete event-driven framework, or with a such a
rich graphical form builder.

ADO.NET is also really interesting, making it pretty easy to create
client-side data snapshots to avoid server round-trips.

Having said that, there's enormous downsides:
 - Tied to IIS, which means (amongst other things) high license fees if  you
need anything more than play functionality
 - Such a complex system *will* have bugs, but you can't fix them because
you don't have the source
 - The vendor (MS) has a history of building dominance and then  leveraging
it to maximise their profits. So expect your costs to keep  going up over
time
 - Only Windows IE users will get the full experience of your app--as  usual
there are little annoyances in targeting non-Windows and/or non-IE  browsers
 - Developers are somewhat tied to VS.NET; ASP.NET can be written without
VS.NET, but it's a pretty code-heavy framework when you don't have the  GUI
builder to help you (but at least you can embed Vim in Visual
 Studio!)

With vendor lock-in for your servers, and your development tool, lack of
source code so you can't fix bugs, and a vendor history of leveraging their
market power to maximise their profits (and your costs!) the business risks
seem far too high to justify the convenience of the app framework. There's
nothing you can do in ASP.NET you can't do in mod_perl, and of course
mod_perl has plenty of advantages over ASP.NET (like access to the full
Apache API). It's just that some things are more convenient in
ASP.NET/VS.NET, and requires less skilled programmers.

IMO there's plenty of interesting ideas to for the Perl/mod_perl community
to learn from in ASP.NET. Most of these ideas are also present in Delphi
BTW, which is not surprising since MS pinched Delphi's lead engineer...

From pjf at perltraining.com.au  Thu Nov  7 22:40:55 2002
From: pjf at perltraining.com.au (Paul Fenwick)
Date: Wed Aug  4 00:02:45 2004
Subject: Paul Fenwick's talks are now available on-line.
Message-ID: <20021108044055.GC25309@mukc.org.au>

G'day everyone,

	I've been meaning to convert my talks into a more friendly
format for a while, and I've now done so.  All the talks I've
presented this year are now available on-line at:

		http://www.perltraining.com.au/talks/

	Enjoy!

		Paul

-- 
Paul Fenwick <pjf@perltraining.com.au> | http://perltraining.com.au/
Director of Training                   | Ph:  +61 3 9354 6001
Perl Training Australia                | Fax: +61 3 9354 2681

From jarich at perltraining.com.au  Thu Nov  7 23:02:58 2002
From: jarich at perltraining.com.au (Jacinta Richardson)
Date: Wed Aug  4 00:02:45 2004
Subject: Perl Success Stories
Message-ID: <Pine.LNX.3.96.1021108160002.26046B-100000@teddybear.perltraining.com.au>


(for those who don't get the O'Reilly Newsletter)

check out O'Reilly's story about their collected stories and follow the
links to the success stories themselves:

http://www.oreillynet.com/pub/a/oreilly/perl/2002/11/04/perlsuccess.html

(http://perl.oreilly.com/news/success_stories.html)

Looks like some great reading. 

	Jacinta
--
   ("`-''-/").___..--''"`-._          |  Jacinta Richardson	    |
    `6_ 6  )   `-.  (     ).`-.__.`)  |  Perl Training Australia    |
    (_Y_.)'  ._   )  `._ `. ``-..-'   |      +613 9354 6001 	    |  
  _..`--'_..-_/  /--'_.' ,'           | contact@perltraining.com.au |
(il),-''  (li),'  ((!.-'              |   www.perltraining.com.au   |


From jarich at perltraining.com.au  Thu Nov  7 23:10:01 2002
From: jarich at perltraining.com.au (Jacinta Richardson)
Date: Wed Aug  4 00:02:45 2004
Subject: Interesting reading.
Message-ID: <Pine.LNX.3.96.1021108160930.26046C-100000@teddybear.perltraining.com.au>


http://www.opensource.org/halloween/halloween7.php

and hence

http://www.itnews.com.au/storycontent.cfm?ID=17&Art_ID=11214
(MS calls for stop to open source sledging)

Hooray!



--
   ("`-''-/").___..--''"`-._          |  Jacinta Richardson	    |
    `6_ 6  )   `-.  (     ).`-.__.`)  |  Perl Training Australia    |
    (_Y_.)'  ._   )  `._ `. ``-..-'   |      +613 9354 6001 	    |  
  _..`--'_..-_/  /--'_.' ,'           | contact@perltraining.com.au |
(il),-''  (li),'  ((!.-'              |   www.perltraining.com.au   |


From mjs at beebo.org  Fri Nov  8 00:13:15 2002
From: mjs at beebo.org (Michael Stillwell)
Date: Wed Aug  4 00:02:45 2004
Subject: closure bug?
Message-ID: <2B0DE6FC-F2E1-11D6-938B-0003930BCEFA@beebo.org>

Am I doing something wrong here or is there a bug in Perl's closure 
(and/or scoping) mechanism?

In the outer section, $data->{name} exists; in the inner section it 
doesn't.

#!/usr/bin/env perl

use strict;
use warnings;

{
     my $data = { name => "Michael" } ;

     sub foo {
         if (exists $data->{name}) {
             print "OUTER: EXISTS\n";
         }
         else {
             print "OUTER: DOES NOT EXIST\n";
         }

#       $_ = $data;

         my $fn = sub {
             if (exists $data->{name}) {
                 print "INNER: EXISTS\n";
             }
             else {
                 print "INNER: DOES NOT EXIST\n";
             }
         };

         $fn->();
     }
}

foo();

__END__

If the commented out line is uncommented, $date->{name} exists in the 
inner section too.  (Tested on 5.6, 5.6.1, 5.8.)




--M.

* * *
http://beebo.org


From wayland at smartchat.net.au  Fri Nov  8 16:32:31 2002
From: wayland at smartchat.net.au (Timothy S. Nelson)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
In-Reply-To: <3DCA0F58.5090002@iprimus.com.au>
Message-ID: <Pine.LNX.4.44.0211090930580.1997-100000@elphin.nelson.org.au>

On Thu, 7 Nov 2002, David Dick wrote:

> 
> 
> Daniel Walmsley wrote:
> 
> >I originally forwarded this to the wrong address. Apologies if these
> >concerns have already been answered (regardless, this is something of a
> >non-solution). Anyway, here we go...
> >
> >I'm going to get flamed for this, I'm sure ;)
> >  
> >
> *flame**flame*, etc..... happy? :) bloody hell i'm tired now.... :)

	You did hear about the Emacs flame war re-enactment society, that 
re-enacts great Usenet flame wars about Emacs vs. vi?  There was an article 
about it recently, when Redhat suggested combining Emacs and vi into two 
similar editors, vimacs and emavis.  

	:)

---------------------------------------------------------------------
| Name: Tim Nelson                 | Because the Creator is,        |
| E-mail: wayland@smartchat.net.au | I am                           |
---------------------------------------------------------------------

----BEGIN GEEK CODE BLOCK----
Version 3.1
GCS d? s: a-- C++>++++$ US+ P++ L++ E- W+++ N+ w+> M-- V- Y+>++ 
PGP->++ R(+) !tv B++ DI++++ D+ G e>++ h!/* y-
-----END GEEK CODE BLOCK-----



From wayland at smartchat.net.au  Fri Nov  8 16:27:39 2002
From: wayland at smartchat.net.au (Timothy S. Nelson)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
In-Reply-To: <CD356724-F0BF-11D6-8749-0003930BCEFA@beebo.org>
Message-ID: <Pine.LNX.4.44.0211090924280.1997-100000@elphin.nelson.org.au>

On Wed, 6 Nov 2002, Michael Stillwell wrote:

> 1. Because Perl doesn't make it very convenient to jump (or transfer 
> control) to the *middle* of a function (actually, I'm not sure that 
> this is even possible), you need to break your functions in two 
> whenever you seek user input.  So in the example above, the code 
> following the call to confirm()  must appear in a separate function.  
> Another shitty consequence of this is that you must supply the "return 
> address" to confirm() yourself:

	I've probably done too much Programming Language Theory and not enough 
Perl, but it strikes me that this would be a wonderful thing for co-routines.  
However, these days, it seems like most people do things with threads instead 
of co-routines.  And I doubt Perl has co-routines, although I could be wrong 
:).  


---------------------------------------------------------------------
| Name: Tim Nelson                 | Because the Creator is,        |
| E-mail: wayland@smartchat.net.au | I am                           |
---------------------------------------------------------------------

----BEGIN GEEK CODE BLOCK----
Version 3.1
GCS d? s: a-- C++>++++$ US+ P++ L++ E- W+++ N+ w+> M-- V- Y+>++ 
PGP->++ R(+) !tv B++ DI++++ D+ G e>++ h!/* y-
-----END GEEK CODE BLOCK-----



From jhoward at fastmail.fm  Fri Nov  8 14:45:31 2002
From: jhoward at fastmail.fm (Jeremy Howard)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
Message-ID: <20021108204531.672CF3F2919@server5.fastmail.fm>

On Sat, 9 Nov 2002 09:27:39 +1100 (EST), "Timothy S. Nelson"
<wayland@smartchat.net.au> said:
> On Wed, 6 Nov 2002, Michael Stillwell wrote:
> > 1. Because Perl doesn't make it very convenient to jump (or transfer
> >    control) to the *middle* of a function (actually, I'm not sure
> >    that this is even possible), you need to break your functions in
> >    two whenever you seek user input.  So in the example above, the
> >    code following the call to confirm()  must appear in a separate
> >    function. Another shitty consequence of this is that you must
> >    supply the "return address" to confirm() yourself:
>
> I've probably done too much Programming Language Theory and not enough
> Perl, but it strikes me that this would be a wonderful thing for
> co-routines. However, these days, it seems like most people do things
> with threads instead of co-routines.  And I doubt Perl has co-routines,
> although I could be wrong :).
>
Yes, very co-routinish. When we were nutting out the RFCs on
perl6-language, there was a lot of interest in co-routines, and Damian
wrote this:
  http://dev.perl.org/rfc/31.html

There's also RFC 27, covering similar territory.

There continues to be an interest in coroutines amongst the Perl6
community and IIRC Dan plans to incorporate the necessary features into
Parrot.

-- 
  Jeremy Howard
  jhoward@fastmail.fm

From pjf at perltraining.com.au  Fri Nov  8 17:32:43 2002
From: pjf at perltraining.com.au (Paul Fenwick)
Date: Wed Aug  4 00:02:45 2004
Subject: Speaker tips
Message-ID: <20021108233243.GA987@mukc.org.au>

G'day Everyone,

	For those of you who are thinking of giving a presentation,
but are looking for tips on good presentation techniques, the following
recently appeared on the Perl training list:

		http://perl.plover.com/yak/presentation/

	It's a very amusing set of slides and notes by Dominus, on
the topic of how to do (conference) presentations.  I both laughed
and learnt something at the same time.

	See you all on Wednesday,

		Paul

-- 
Paul Fenwick <pjf@perltraining.com.au> | http://perltraining.com.au/
Director of Training                   | Ph:  +61 3 9354 6001
Perl Training Australia                | Fax: +61 3 9354 2681

From mrjcleaver at yahoo.co.uk  Mon Nov 11 03:52:48 2002
From: mrjcleaver at yahoo.co.uk (=?iso-8859-1?q?Martin@Cleaver.org?=)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
In-Reply-To: <10328A423AC2D311AE5B0008C70FE564106F2D@LANDNT>
Message-ID: <20021111095248.73205.qmail@web10305.mail.yahoo.com>

> -----Original Message-----
> From: Michael Stillwell [mailto:mjs@beebo.org] 
> Sent: Wednesday, 6 November 2002 12:09 AM
> To: melbourne-pm@pm.org
> Subject: Paradigms for CGI application development?
> 
> 
> Good CGI discussion this week!
> 
> I've been thinking recently about some of the more crapful
> aspects of 
> CGI application development.  

I think Mason (http://masonhq.com) addresses these sorts of
needs. I believe it provides a cross between Php scripting for
perl and some features that would normally be found in an
Application Server.

Features: (http://www.masonhq.com/about/features.html :)

Simple embedded Perl syntax. Infuse your HTML pages with the full
power of Perl: variables, arrays and data structures,
conditionals, iteration, and the wide variety of freely available
Perl modules. (Docs)


Modular pages with components. Build pages from components that
call one another and pass values back and forth like subroutines.
Encapsulate common design elements (headers, footers, menus,
logos) into shared components that need only change once to
affect the whole site.


Parameter handling. Access GET/POST parameters directly as
lexical ("my") variables. Assign default values or trigger error
conditions when parameters are omitted. (Docs)


Templates and filters. Assign a common template, filter, or piece
of code to an entire site (or a particular section) with a single
well-placed file. (Docs)


Object-oriented techniques. Define your own methods and
attributes on pages; access them from templates for increased
flexibility. (Docs)


Caching. Cache HTML and data, from small page elements to entire
pages or complex data structures. Automatically expire elements
after a certain time period or when a certain condition occurs.
(Docs)


Previewing. Using the built-in previewer application, review your
page under a variety of client and request conditions: browser
type, time of day, referer, etc. View a page trace with a
breakdown of which component is responsible for each piece of
HTML. (Docs)


Staging/production modes. Adjust configuration settings to
maximize ease of development on a staging server and raw
performance on a live server. (Docs)

I first looked at Mason for TWiki, but retrofitting looks like
quite a lot of work. See also
http://twiki.org/cgi-bin/view/Codev/ApplicationServer

Cheers, Martin.

(I'll be in studying Melbourne from January..)

=====
--
Martin@Cleaver.org (please don't reply to @yahoo)

__________________________________________________
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com

From scottp at dd.com.au  Tue Nov 12 04:41:48 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:45 2004
Subject: Reminder: November Perl Mongers - Wednesday 6pm
Message-ID: <58818252-F62B-11D6-A927-003065B58CF8@dd.com.au>

Reminder that Melbourne Perl Mongers will start at 6pm Wednesday 13th 
of November.

Speaker = Damian Conway
Topic = Perl 6

Place = myinternet, Level 8, 14 Blackwood Street, North Melbourne.
Time = Doors open from 5:30. Meeting starts at 6pm sharp !

Scott
-- 
Scott Penrose
Anthropomorphic Personification Expert
http://search.cpan.org/search?author=SCOTT
scott@cpan.org

Dismaimer: While every attempt has been made to make sure that this 
email only contains zeros and ones, there has been no effort made to 
guarantee the quantity or the order.


From scottp at myinternet.com.au  Tue Nov 12 15:44:52 2002
From: scottp at myinternet.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:45 2004
Subject: Reminder: November Perl Mongers - Wednesday 6pm
Message-ID: <F9F95FCF-F687-11D6-A927-003065B58CF8@myinternet.com.au>

Reminder that Melbourne Perl Mongers will start at 6pm Wednesday 13th 
of November.

Speaker = Damian Conway
Topic = Perl 6

Place = myinternet, Level 8, 14 Blackwood Street, North Melbourne.
Time = Doors open from 5:30. Meeting starts at 6pm sharp !

Scott
-- 
Scott Penrose
Anthropomorphic Personification Expert
http://search.cpan.org/search?author=SCOTT
scott@cpan.org

Dismaimer: While every attempt has been made to make sure that this 
email only contains zeros and ones, there has been no effort made to 
guarantee the quantity or the order.



From wayland at smartchat.net.au  Wed Nov 13 14:49:42 2002
From: wayland at smartchat.net.au (Timothy S. Nelson)
Date: Wed Aug  4 00:02:45 2004
Subject: Paradigms for CGI application development?
In-Reply-To: <20021108204531.672CF3F2919@server5.fastmail.fm>
Message-ID: <Pine.LNX.4.44.0211140747440.1844-100000@elphin.nelson.org.au>

On Fri, 8 Nov 2002, Jeremy Howard wrote:

> On Sat, 9 Nov 2002 09:27:39 +1100 (EST), "Timothy S. Nelson"
> <wayland@smartchat.net.au> said:
> > On Wed, 6 Nov 2002, Michael Stillwell wrote:
> > > 1. Because Perl doesn't make it very convenient to jump (or transfer
> > >    control) to the *middle* of a function (actually, I'm not sure
> > >    that this is even possible), you need to break your functions in
> > >    two whenever you seek user input.  So in the example above, the
> > >    code following the call to confirm()  must appear in a separate
> > >    function. Another shitty consequence of this is that you must
> > >    supply the "return address" to confirm() yourself:
> >
> > I've probably done too much Programming Language Theory and not enough
> > Perl, but it strikes me that this would be a wonderful thing for
> > co-routines. However, these days, it seems like most people do things
> > with threads instead of co-routines.  And I doubt Perl has co-routines,
> > although I could be wrong :).
> >
> Yes, very co-routinish. When we were nutting out the RFCs on
> perl6-language, there was a lot of interest in co-routines, and Damian
> wrote this:
>   http://dev.perl.org/rfc/31.html
> 
> There's also RFC 27, covering similar territory.
> 
> There continues to be an interest in coroutines amongst the Perl6
> community and IIRC Dan plans to incorporate the necessary features into
> Parrot.

	Hey, I've been trying to figure out if they're planning meta-operators 
in perl6.  By "Meta-operators", I mean what APL calls "operators" (since what 
it calls functions are what we call operators).  

	You seem like someone who might know, or at least know where to find 
out.  Do you happen to know?  

	Thanks!

---------------------------------------------------------------------
| Name: Tim Nelson                 | Because the Creator is,        |
| E-mail: wayland@smartchat.net.au | I am                           |
---------------------------------------------------------------------

----BEGIN GEEK CODE BLOCK----
Version 3.1
GCS d? s: a-- C++>++++$ US+ P++ L++ E- W+++ N+ w+> M-- V- Y+>++ 
PGP->++ R(+) !tv B++ DI++++ D+ G e>++ h!/* y-
-----END GEEK CODE BLOCK-----



From wayland at smartchat.net.au  Wed Nov 13 17:57:28 2002
From: wayland at smartchat.net.au (Timothy S. Nelson)
Date: Wed Aug  4 00:02:46 2004
Subject: READ ME FIRST
In-Reply-To: <Pine.LNX.4.44.0211140747440.1844-100000@elphin.nelson.org.au>
Message-ID: <Pine.LNX.4.44.0211141055010.3266-100000@elphin.nelson.org.au>

On Thu, 14 Nov 2002, Timothy S. Nelson wrote:

> > Yes, very co-routinish. When we were nutting out the RFCs on
> > perl6-language, there was a lot of interest in co-routines, and Damian
> > wrote this:
> >   http://dev.perl.org/rfc/31.html
> > 
> > There's also RFC 27, covering similar territory.
> > 
> > There continues to be an interest in coroutines amongst the Perl6
> > community and IIRC Dan plans to incorporate the necessary features into
> > Parrot.
> 
> 	Hey, I've been trying to figure out if they're planning meta-operators 
> in perl6.  By "Meta-operators", I mean what APL calls "operators" (since what 
> it calls functions are what we call operators).  
> 
> 	You seem like someone who might know, or at least know where to find 
> out.  Do you happen to know?  

	Let me answer my own stupid question to save you all the trouble.  I 
went through dev.perl.org (thanks Jeremy!), and there's a lot of design stuff 
happening which I was unable to find starting at www.perl.com on numerous 
previous occasions.  

	Anyway, now that I've found it, I'll answer it myself.  

	:)

---------------------------------------------------------------------
| Name: Tim Nelson                 | Because the Creator is,        |
| E-mail: wayland@smartchat.net.au | I am                           |
---------------------------------------------------------------------

----BEGIN GEEK CODE BLOCK----
Version 3.1
GCS d? s: a-- C++>++++$ US+ P++ L++ E- W+++ N+ w+> M-- V- Y+>++ 
PGP->++ R(+) !tv B++ DI++++ D+ G e>++ h!/* y-
-----END GEEK CODE BLOCK-----



From pjf at perltraining.com.au  Wed Nov 13 19:25:43 2002
From: pjf at perltraining.com.au (Paul Fenwick)
Date: Wed Aug  4 00:02:46 2004
Subject: Fate of the OO Perl book
Message-ID: <20021114012543.GC32234@mukc.org.au>

G'day Everyone,

	As many of you know, I was the lucky winner of the Object
Oriented Perl book in the raffle last evening.  Given this
amazing stroke of luck, I wondered if the book can be put to
use by the greater good.
	
	As such, I proposed the idea of auctioning or (more likely)
raffling the book, and giving all proceeds to The Perl Foundation.
The book has been left intentionally unsigned at this stage, so
the winner can choose what they would like to have written inside.

	I've started a discussion on PerlMonks regarding the topic,
which you can find here:

		http://perlmonks.org/index.pl?node_id=212727

	All suggestions and comments are very welcome.

	Cheers,

		Paul


-- 
Paul Fenwick <pjf@perltraining.com.au> | http://perltraining.com.au/
Director of Training                   | Ph:  +61 3 9354 6001
Perl Training Australia                | Fax: +61 3 9354 2681

From mrjcleaver at yahoo.co.uk  Fri Nov 15 05:55:37 2002
From: mrjcleaver at yahoo.co.uk (=?iso-8859-1?q?Martin@Cleaver.org?=)
Date: Wed Aug  4 00:02:46 2004
Subject: Mason  for CGI application development?
Message-ID: <20021115115537.92755.qmail@web10304.mail.yahoo.com>

I am resending this as the original seems to have gotten lost in
the ether..

 --- "Martin@Cleaver.org" <mrjcleaver@yahoo.co.uk> wrote: > Date:
Mon, 11 Nov 2002 09:52:48 +0000 (GMT)
> From: "Martin@Cleaver.org" <mrjcleaver@yahoo.co.uk>
> Subject: Re: Paradigms for CGI application development?
> To: melbourne-pm@pm.org
> 
> > -----Original Message-----
> > From: Michael Stillwell [mailto:mjs@beebo.org] 
> > Sent: Wednesday, 6 November 2002 12:09 AM
> > To: melbourne-pm@pm.org
> > Subject: Paradigms for CGI application development?
> > 
> > 
> > Good CGI discussion this week!
> > 
> > I've been thinking recently about some of the more crapful
> > aspects of 
> > CGI application development.  
> 
> I think Mason (http://masonhq.com) addresses these sorts of
> needs. I believe it provides a cross between Php scripting for
> perl and some features that would normally be found in an
> Application Server.
> 
> Features: (http://www.masonhq.com/about/features.html :)
> 
> Simple embedded Perl syntax. Infuse your HTML pages with the
> full
> power of Perl: variables, arrays and data structures,
> conditionals, iteration, and the wide variety of freely
> available
> Perl modules. (Docs)
> 
> 
> Modular pages with components. Build pages from components that
> call one another and pass values back and forth like
> subroutines.
> Encapsulate common design elements (headers, footers, menus,
> logos) into shared components that need only change once to
> affect the whole site.
> 
> 
> Parameter handling. Access GET/POST parameters directly as
> lexical ("my") variables. Assign default values or trigger
> error
> conditions when parameters are omitted. (Docs)
> 
> 
> Templates and filters. Assign a common template, filter, or
> piece
> of code to an entire site (or a particular section) with a
> single
> well-placed file. (Docs)
> 
> 
> Object-oriented techniques. Define your own methods and
> attributes on pages; access them from templates for increased
> flexibility. (Docs)
> 
> 
> Caching. Cache HTML and data, from small page elements to
> entire
> pages or complex data structures. Automatically expire elements
> after a certain time period or when a certain condition occurs.
> (Docs)
> 
> 
> Previewing. Using the built-in previewer application, review
> your
> page under a variety of client and request conditions: browser
> type, time of day, referer, etc. View a page trace with a
> breakdown of which component is responsible for each piece of
> HTML. (Docs)
> 
> 
> Staging/production modes. Adjust configuration settings to
> maximize ease of development on a staging server and raw
> performance on a live server. (Docs)
> 
> I first looked at Mason for TWiki, but retrofitting looks like
> quite a lot of work. See also
> http://twiki.org/cgi-bin/view/Codev/ApplicationServer
> 
> Cheers, Martin.
> 
> (I'll be in studying Melbourne from January..)
> 
> =====
> --
> Martin@Cleaver.org (please don't reply to @yahoo)
> 
> __________________________________________________
> Do You Yahoo!?
> Everything you'll ever need on one web page
> from News and Sport to Email and Music Charts
> http://uk.my.yahoo.com
>  

=====
--
Martin@Cleaver.org (please don't reply to @yahoo)

__________________________________________________
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com

From wayland at smartchat.net.au  Sat Nov 16 08:22:24 2002
From: wayland at smartchat.net.au (Timothy S. Nelson)
Date: Wed Aug  4 00:02:46 2004
Subject: Mason  for CGI application development?
In-Reply-To: <20021115115537.92755.qmail@web10304.mail.yahoo.com>
Message-ID: <Pine.LNX.4.44.0211170119240.1848-100000@elphin.nelson.org.au>

On Fri, 15 Nov 2002, Martin@Cleaver.org wrote:


> > Templates and filters. Assign a common template, filter, or
> > piece
> > of code to an entire site (or a particular section) with a
> > single
> > well-placed file. (Docs)

	As someone who has used HTML::Mason (this was some time back), this is 
one of the best aspects.  You just code up some headers, drop them in one of 
the automatic files, and then they appear on all files in all subdirectories 
(unless directed otherwise).  Want to change your headings on all pages (eg. 
to add a stylesheet)?  Just change the main handler and it all happens.  


	:)

---------------------------------------------------------------------
| Name: Tim Nelson                 | Because the Creator is,        |
| E-mail: wayland@smartchat.net.au | I am                           |
---------------------------------------------------------------------

----BEGIN GEEK CODE BLOCK----
Version 3.1
GCS d? s: a-- C++>++++$ US+ P++ L++ E- W+++ N+ w+> M-- V- Y+>++ 
PGP->++ R(+) !tv B++ DI++++ D+ G e>++ h!/* y-
-----END GEEK CODE BLOCK-----



From scottp at dd.com.au  Fri Nov 15 23:24:42 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:46 2004
Subject: Mason  for CGI application development?
In-Reply-To: <Pine.LNX.4.44.0211170119240.1848-100000@elphin.nelson.org.au>
Message-ID: <B6013140-F923-11D6-A927-003065B58CF8@dd.com.au>

On Sunday, Nov 17, 2002, at 01:22 Australia/Melbourne, Timothy S. 
Nelson wrote:
> On Fri, 15 Nov 2002, Martin@Cleaver.org wrote:
>>> Templates and filters. Assign a common template, filter, or
>>> piece
>>> of code to an entire site (or a particular section) with a
>>> single
>>> well-placed file. (Docs)
>
> 	As someone who has used HTML::Mason (this was some time back), this is
> one of the best aspects.  You just code up some headers, drop them in 
> one of
> the automatic files, and then they appear on all files in all 
> subdirectories
> (unless directed otherwise).  Want to change your headings on all 
> pages (eg.
> to add a stylesheet)?  Just change the main handler and it all happens.

That is true of course. Something I never understand is why it is not 
used more often for standard static HTML pages. Even when I do the 
simplest web site I will use SSI to do all the additional wrapping, 
headers etc. Thus, as you said being able to replace CSS in one simple 
place.

The whole concept of doing web pages with a GUI (ala Dreamweaver) is 
infuriating. Long live templates, server side includes, Template 
Toolkit, HTML::Mason, AxKit (and all those others I have missed) :-)

Scott
-- 
Scott Penrose
Open source developer
http://linux.dd.com.au/
scottp@dd.com.au

Dismaimer: Open sauce usually ends up never coming out (of the bottle).


From alloy at bigbutton.com.au  Sat Nov 16 18:14:51 2002
From: alloy at bigbutton.com.au (Michael Lindner)
Date: Wed Aug  4 00:02:46 2004
Subject: command line from web
Message-ID: <3DD77323.22352.16CB1B@localhost>

hi,
why is it that:: print `touch hello`;
produce nothing when run in a browser initiated script?
is this a security feature, or what am i doing wrong :-)
(running on linux rh7.2)

thanks in advance,
mike lindner.

-----
This message has been scanned with Norton Anti-Virus.
All information contained herein is for the recipient only.



From david_dick at iprimus.com.au  Sat Nov 16 21:15:56 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:46 2004
Subject: command line from web
In-Reply-To: <3DD77323.22352.16CB1B@localhost>
References: <3DD77323.22352.16CB1B@localhost>
Message-ID: <3DD709EC.6030705@iprimus.com.au>

what you are trying to do? :)

#! /usr/bin/perl
print `touch hello`; # dosen't produce anything anywhere.  It will 
however touch hello. :)

Michael Lindner wrote:

>hi,
>why is it that:: print `touch hello`;
>produce nothing when run in a browser initiated script?
>is this a security feature, or what am i doing wrong :-)
>(running on linux rh7.2)
>
>thanks in advance,
>mike lindner.
>
>-----
>This message has been scanned with Norton Anti-Virus.
>All information contained herein is for the recipient only.
>
>
>
>  
>


From Adam.Clarke at StrategicData.com.au  Sat Nov 16 21:21:05 2002
From: Adam.Clarke at StrategicData.com.au (Adam Clarke)
Date: Wed Aug  4 00:02:46 2004
Subject: command line from web
In-Reply-To: <3DD77323.22352.16CB1B@localhost>
References: <3DD77323.22352.16CB1B@localhost>
Message-ID: <3DD70B21.5070101@StrategicData.com.au>

First, since you may be on a learning curve a couple of hints based on 
the fact that running system commands can get you into strife security wise.

1. Run your script with warnings on and in taint mode (#!perl -wT)

2. Have a look at the following
http://www.w3.org/Security/Faq/index.html &
http://www.oreilly.com/catalog/cgi2/chapter/ch08.html

Now as for what's going wrong.

1. When you say produces nothing do you mean that the file "hello" does 
not get created or that no output is created. I ask because you are 
using backticks and therefore running the system command "touch" with 
"hello" as it's argument. When I run
    perl -e 'print `touch hello`';
I don't get any visible output to STDOUT either, I do however got an 
empty file called "hello" created. Maybe your script is working. You 
remember that the current working directory of the web server (when it 
runs your script) is where "hello" would get created. If your executing 
from /cgi-bin/ then that's where the simple example you gave is going to 
put it.

2. If the you've thought of the above and/or that's not it then check 
your webserver logs. Maybe there is a clue there.

Cheers
Adam Clarke   **

Michael Lindner wrote:

>hi,
>why is it that:: print `touch hello`;
>produce nothing when run in a browser initiated script?
>is this a security feature, or what am i doing wrong :-)
>(running on linux rh7.2)
>
>  
>




From alloy at bigbutton.com.au  Sun Nov 17 20:08:30 2002
From: alloy at bigbutton.com.au (Michael Lindner)
Date: Wed Aug  4 00:02:46 2004
Subject: perl running os commands from web
Message-ID: <3DD8DF46.7604.BEA497@localhost>


i want to run commands, for example:: touch hello ::  is a pretty innocuous example of a 
command, and in this example i would expect to find a file called:: hello :: in the same 
directory as the script, or anywhere on the filesystems would be ok :-)  but i do not.

no command gets excecuted, whatever it is.

why?

?????????????????????????????????

mikel

> >hi,
> >why is it that:: print `touch hello`;
> >produce nothing when run in a browser initiated script?
> >is this a security feature, or what am i doing wrong :-)
> >(running on linux rh7.2)

On 17 Nov 2002 at 14:15, David Dick wrote:

> what you are trying to do? :)
> 
> #! /usr/bin/perl
> print `touch hello`; # dosen't produce anything anywhere.  It will 
> however touch hello. :)
> 
> Michael Lindner wrote:
> 

-----
This message has been scanned with Norton Anti-Virus.
All information contained herein is for the recipient only.



From Nathan.Bailey at its.monash.edu  Sun Nov 17 20:47:44 2002
From: Nathan.Bailey at its.monash.edu (Nathan Bailey)
Date: Wed Aug  4 00:02:46 2004
Subject: perl running os commands from web 
In-Reply-To: alloy's message of Mon, 18 Nov 2002 12:38:30 +1030.
             <3DD8DF46.7604.BEA497@localhost> 
Message-ID: <200211180247.NAA393448@goaway.cc.monash.edu.au>

The best script to start with is "print 'hello world'".  That should
print output on the web page.  If that isn't working, either your
webserver or your CGI environment isn't configured properly.

Having succeeded with that, you probably want to move on to 'ls'.  The
good thing about 'ls' is it will tell you what directory you are in --
which is, most likely, the root directory.  And if your environment is
set up the least bit sanely, you won't be able to write there (e.g.
create 'hello' with touch).  So you want 'cd /tmp; touch hello'
instead, perhaps :-)

cheers,
N

From crashkat at cmetech.com.au  Sun Nov 17 20:59:33 2002
From: crashkat at cmetech.com.au (crashkat)
Date: Wed Aug  4 00:02:46 2004
Subject: perl running os commands from web
In-Reply-To: <3DD8DF46.7604.BEA497@localhost>
Message-ID: <Pine.LNX.3.96.1021118135620.24800E-100000@cyanogen.cmetech.com.au>



On Mon, 18 Nov 2002, Michael Lindner wrote:

> 
> i want to run commands, for example:: touch hello ::  is a pretty innocuous example of a 
> command, and in this example i would expect to find a file called:: hello :: in the same 
> directory as the script, or anywhere on the filesystems would be ok :-)  but i do not.
> 
> no command gets excecuted, whatever it is.
> 
> why?


Hi Michael,
Does the user that the script is running as have permissions to run the
commands you are trying to run?
ie. for touch, the user would need to have write permissions to the
directory the script is in to be able to create the file.

cheers
crash


From wayland at smartchat.net.au  Sat Nov 16 11:41:00 2002
From: wayland at smartchat.net.au (Timothy S. Nelson)
Date: Wed Aug  4 00:02:46 2004
Subject: Mason  for CGI application development?
In-Reply-To: <B6013140-F923-11D6-A927-003065B58CF8@dd.com.au>
Message-ID: <Pine.LNX.4.44.0211170439420.9281-100000@elphin.nelson.org.au>

On Sat, 16 Nov 2002, Scott Penrose wrote:

> On Sunday, Nov 17, 2002, at 01:22 Australia/Melbourne, Timothy S. 
> Nelson wrote:
> > On Fri, 15 Nov 2002, Martin@Cleaver.org wrote:
> >>> Templates and filters. Assign a common template, filter, or
> >>> piece
> >>> of code to an entire site (or a particular section) with a
> >>> single
> >>> well-placed file. (Docs)
> >
> > 	As someone who has used HTML::Mason (this was some time back), this is
> > one of the best aspects.  You just code up some headers, drop them in 
> > one of
> > the automatic files, and then they appear on all files in all 
> > subdirectories
> > (unless directed otherwise).  Want to change your headings on all 
> > pages (eg.
> > to add a stylesheet)?  Just change the main handler and it all happens.
> 
> That is true of course. Something I never understand is why it is not 
> used more often for standard static HTML pages. Even when I do the 
> simplest web site I will use SSI to do all the additional wrapping, 
> headers etc. Thus, as you said being able to replace CSS in one simple 
> place.
> 
> The whole concept of doing web pages with a GUI (ala Dreamweaver) is 
> infuriating. Long live templates, server side includes, Template 
> Toolkit, HTML::Mason, AxKit (and all those others I have missed) :-)

	PHP?  :)  The thing I like about HTML::Mason over SSI/PHP/whatever is 
that you don't have to add something to each individual file -- it just 
happens.  

	:)

---------------------------------------------------------------------
| Name: Tim Nelson                 | Because the Creator is,        |
| E-mail: wayland@smartchat.net.au | I am                           |
---------------------------------------------------------------------

----BEGIN GEEK CODE BLOCK----
Version 3.1
GCS d? s: a-- C++>++++$ US+ P++ L++ E- W+++ N+ w+> M-- V- Y+>++ 
PGP->++ R(+) !tv B++ DI++++ D+ G e>++ h!/* y-
-----END GEEK CODE BLOCK-----



From david_dick at iprimus.com.au  Mon Nov 18 12:56:59 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:46 2004
Subject: XSS,CGI && Template Toolkit
In-Reply-To: <10328A423AC2D311AE5B0008C70FE564106F28@LANDNT>
References: <10328A423AC2D311AE5B0008C70FE564106F28@LANDNT>
Message-ID: <3DD937FB.5090401@iprimus.com.au>

Ended up just using a custom stash.  Sample code is attached, i needed 
to override the _assign method as well because there was an inheritance 
problem but this seems to vary with your version of TT, so you may not 
need it.  You can also use this to inherit from Template::Stash::XS if 
you want to. (Just change the ISA stuff).  As has been noted on the TT 
mailing list, the Stash isn't the best place to do this sort of stuff, 
because _ideally_ what you want is to apply this sort of filter _after_ 
all the other filters in the template, but it works and it was quick to 
code ;).
Uru

Daniel Walmsley wrote:

>Doesn't TT2 have a built-in html filter? [% myval | html %]
>
>-----Original Message-----
>From: David Dick [mailto:david_dick@iprimus.com.au] 
>Sent: Wednesday, 6 November 2002 6:19 PM
>To: melbourne-pm@pm.org
>Subject: XSS,CGI && Template Toolkit
>
>
>Got a bit of a problem with Cross Site Scripting.  The way I've been 
>writing web apps is by using $cgi->param to suck in values from the user 
>and using the Template Toolkit to generate the html.  However, CGI.pm 
>seems to assume that you'll use the CGI.pm routines to output html, so 
>the param method unencodes everything it can, while the CGI.pm output 
>commands encodes them.  Translated..... <INPUT TYPE="TEXT" 
>NAME="Something" VALUE="&lt;SCRIPT&gt;"> will be translated by 
>$cgi->param into <SCRIPT> and the print commands will reencode it as 
>&lt;SCRIPT&gt; to protect against Cross Site Scripting attacks.  The way 
>i've been thinking, CGI.pm does do the correct thing, the place to 
>encode all of that stuff is in the output routine.  I can't find a easy 
>way of doing this in Template Toolkit.  I think I need a automatic 
>FILTER or something.  Anyone else have this problem or come up with an 
>easy solution?
>
>  
>
-------------- next part --------------
package MyStash;
use strict;

use Template::Stash();
use HTML::Entities();
use vars qw(@ISA);
@ISA = qw(Template::Stash);

sub get {
	my ($self, $ident, $args) = @_;
	my ($result) = $self->SUPER::get($ident, $args);
	$result = HTML::Entities::encode($result);	
	return ($result);
}

sub _assign {
    my ($self, $root, $item, $args, $value, $default) = @_;
    my $rootref = ref $root;
    my $result;
    $args ||= [ ];
    $default ||= 0;

#    print(STDERR "_assign(root=$root, item=$item, args=[@$args], \n",
#                         "value=$value, default=$default)\n")
#       if $DEBUG;

    # return undef without an error if either side of the dot is unviable
    # or if an attempt is made to update a private member, starting _ or .
    return undef                                                ## RETURN
        unless $root and defined $item and $item !~ /^[\._]/;

    if ($rootref eq 'HASH' || UNIVERSAL::isa($root, __PACKAGE__)) {
#       if ($item eq 'IMPORT' && UNIVERSAL::isa($value, 'HASH')) {
#           # import hash entries into root hash
#           @$root{ keys %$value } = values %$value;
#           return '';                                          ## RETURN
#       }
        # if the root is a hash we set the named key
        return ($root->{ $item } = $value)                      ## RETURN
            unless $default && $root->{ $item };
    }
    elsif ($rootref eq 'ARRAY' && $item =~ /^-?\d+$/) {
        # or set a list item by index number
        return ($root->[$item] = $value)                        ## RETURN
            unless $default && $root->{ $item };
    }
    elsif (UNIVERSAL::isa($root, 'UNIVERSAL')) {
        # try to call the item as a method of an object

        return $root->$item(@$args, $value)                     ## RETURN
            unless $default && $root->$item();

# 2 issues:
#   - method call should be wrapped in eval { }
#   - fallback on hash methods if object method not found
#
#         eval { $result = $root->$item(@$args, $value); };
#
#         if ($@) {
#             die $@ if ref($@) || ($@ !~ /Can't locate object method/);
#
#             # failed to call object method, so try some fallbacks
#             if (UNIVERSAL::isa($root, 'HASH') && exists $root->{ $item }) {
#                 $result = ($root->{ $item } = $value)
#                     unless $default && $root->{ $item };
#             }
#         }
#         return $result;                                               ## RETURN

    }
    else {
        die "don't know how to assign to [$root].[$item]\n";    ## DIE
    }

    return undef;
}

1;
From scottp at dd.com.au  Mon Nov 18 16:54:40 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:46 2004
Subject: Mason  for CGI application development?
In-Reply-To: <Pine.LNX.4.44.0211170439420.9281-100000@elphin.nelson.org.au>
Message-ID: <B87B3D0E-FB48-11D6-9BE0-003065B58CF8@dd.com.au>

> 	PHP?  :)  The thing I like about HTML::Mason over SSI/PHP/whatever is
> that you don't have to add something to each individual file -- it just
> happens.

Actually there are a number of Apache modules to do that, and it is 
even possible with SSI. You just make the top document (eg: /) the SSI 
document, and in that you can do things like...

	... your headers
	<!--#include virtual="/src/${PATH_INFO}" -->
	... your footers

There are a dozen other ways to do it. If you only want headers and 
footers, wrappers etc, then I strongly recommend using Apache modules. 
If however you want more intelligence (coz lets face it SSI is PRETTY 
simple !!!) then by all means HTML::Mason, Template Toolkit, AxKit etc 
:-)

Scott
-- 
Scott Penrose
Welcome to the Digital Dimension
http://www.dd.com.au/
scottp@dd.com.au

Dismaimer: Contents of this mail and signature are bound to change 
randomly. Whilst every attempt has been made to control said 
randomness, the author wishes to remain blameless for the number of 
eggs that damn chicken laid. Oh and I don't want to hear about 
butterflies either.


From jarich at perltraining.com.au  Mon Nov 18 21:37:27 2002
From: jarich at perltraining.com.au (Jacinta Richardson)
Date: Wed Aug  4 00:02:46 2004
Subject: Annual IT Security Forum 2002 - Melbourne
Message-ID: <Pine.LNX.3.96.1021119143045.4221A-100000@teddybear.perltraining.com.au>


For anyone who hasn't heard of this and is able to take some or all of
tomorrow away from work...

--- 

The Annual IT Security Forum 2002 - Melbourne is being held at Rydges on
Bouverie St. tomorrow.

You can register at 

http://www.technologyforum.com.au/index.asp

Registration is free.

---
Whilst not strictly Perl related, security is something we all have to
care about these days.  :)

	Jacinta


--
   ("`-''-/").___..--''"`-._          |  Jacinta Richardson	    |
    `6_ 6  )   `-.  (     ).`-.__.`)  |  Perl Training Australia    |
    (_Y_.)'  ._   )  `._ `. ``-..-'   |      +613 9354 6001 	    |  
  _..`--'_..-_/  /--'_.' ,'           | contact@perltraining.com.au |
(il),-''  (li),'  ((!.-'              |   www.perltraining.com.au   |


From scottp at dd.com.au  Tue Nov 19 15:10:07 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:46 2004
Subject: Competition
Message-ID: <47987F02-FC03-11D6-9BE0-003065B58CF8@dd.com.au>

# NOTE ON POD - It is cheat pod - easier to read in Email, not proper 
pod

=head1 INTRODUCTION

Hello and welcome to our first Melbourne.pm competition.

=head1 COMPETITION

The following code is a simple example of some useful code. The idea is
to provide a number of alternatives to the code in the categories 
described
below. These will then be judged and the best in each category will win
a bag of Jelly Beans complements of Melbourne.pm :-)

=head1 BACK STORY

I was writing some code which allowed you to enter a URL where the 
system
would automatically move backwards until it found the closest match.

In doing so it was decided that we did not want the URLs to be 
accidently
mistyped in important places. Therefore we needed a scheme that would
optionally allow bits of the URL to be chopped off.

The simple solution that we came up with was replacing the '/' in the 
URL
with a '|', where on failure to find a page would fall back one step.

Eg: the url "/A/Very/Big|Directory/Reference|Links"

Would return one of (first one to exist wins)

	* "/A/Very/Big/Directory/Reference/Link"

	* "/A/Very/Big/Directory/Reference"

	* "/A/Very/Big"

=head1 THE PERL

There are just SOOO many ways to do this. The following code is a very
simple, spread out example code.

However, I am always looking for the better way to do it. Combining list
operations (like grep, sort) are methods of reducing the need for 
temporary
variables etc, but tend to drag my mind into the lands of lisp :-) but
they can be much more explanatory if formatted correctly.

=head1 THE PROJECT

To demonstrate the better layout, performance, size and flexibility of
good perl code for the good of all I am going to offer a bag of Jelly 
Beans
to the winner of each of the following categories. Winners of each
will be chosen by the current Perl Mongers Admin Committee (admin 
members
will be able to enter code, but only as examples for the web site and
not for the competition).

In all of the following (except EXISTING MODULES), no perl modules
should be used, only core language. Only one entry per category per 
person.

Entries must be received by 6pm Monday the 25th of November.

The command line inputs and outputs should be similar to the example, 
but
not necessarily the same. The 'sub test' emulating the module will not
be judged, but should not contain any of the logic.

=head2 FASTEST VERSION

A version of the code that performs the fastest, no matter how ugly or
how long.

=head2 SMALLEST VERSION

A version of the code with the shortest source, not counting white space
or comments.

=head2 EASIEST TO READ / MAINTAIN

The best overall version to read and maintain, the sort of code you
would like to read and maintain if someone else wrote it.

=head2 EXISTING MODULES

Demonstrate your CPANability and show what modules could be used to
help this problem.

=head2 WEIRDEST VERSION

Hmmm.... says it all :-)

=head2 PERL 6

A perl6 version. Judged on a balance of easy to read, length and
use of Perl 6 features.

=head1 RESULTS

Results will be judged over the following week and should be completed
by Sunday 30th of November.

The winners and interesting entries will then be formatted as examples
on our web site for others to benefit from.

=cut

# ----------------------------------------------------------------------
# Test String =
my $test = $ARGV[1] || "A/Very/Big|Directory/Reference|Links";

# ----------------------------------------------------------------------
# Test object create in order of
#	A/Very/Big/Directory/Reference/Link
#	A/Very/Big/Directory/Reference
#	A/Very/Big
# All other alternatives are not valid (eg: /A/Very/Big/Directory)

my $ret = undef;
my ($key, @try) = split(/\|/, $test);
while (!defined($ret)) {
	print STDERR "Try = " . join('/', $key, @try) . "\n";
	$ret = test(
		join('/', $key, @try)
	);
} continue {
	last unless (pop @try);
}

print "Return Value = $ret\n";
exit 0;

# ----------------------------------------------------------------------
# The dummy test object - pretend to return a blessed object or undef.
sub test {
	return ($_[0] eq ($ARGV[0] || 'A/Very/Big')) ? 1 : undef;
}


__END__


-- 
Scott Penrose
Anthropomorphic Personification Expert
http://search.cpan.org/search?author=SCOTT
scott@cpan.org

Dismaimer: While every attempt has been made to make sure that this 
email only contains zeros and ones, there has been no effort made to 
guarantee the quantity or the order.


From Nathan.Bailey at its.monash.edu  Tue Nov 19 16:38:43 2002
From: Nathan.Bailey at its.monash.edu (Nathan Bailey)
Date: Wed Aug  4 00:02:46 2004
Subject: Competition 
In-Reply-To: scottp's message of Wed, 20 Nov 2002 08:10:07 +1100.
             <47987F02-FC03-11D6-9BE0-003065B58CF8@dd.com.au> 
Message-ID: <200211192238.JAA405357@goaway.cc.monash.edu.au>

Scott Penrose <scottp@dd.com.au> wrote:
>The simple solution that we came up with was replacing the '/' in the 
>URL with a '|', where on failure to find a page would fall back one step.
>
>Eg: the url "/A/Very/Big|Directory/Reference|Links"

I don't understand why 'Directory/Reference' has a '/'?

N

From rickm at isite.net.au  Tue Nov 19 17:11:01 2002
From: rickm at isite.net.au (Rick Measham)
Date: Wed Aug  4 00:02:46 2004
Subject: Competition 
In-Reply-To: <200211192238.JAA405357@goaway.cc.monash.edu.au>
Message-ID: <BA011035.244%rickm@iSite.net.au>

In other words .. don't look in /A/Very/Big/Directory/. Only look in places
ending with a pipe (|):
/A/Very/Big
/A/Very/Big/Directory/Reference
/A/Very/Big/Directory/Reference/Links

on 20/11/02 9:38 AM, Nathan Bailey at Nathan.Bailey@its.monash.edu wrote:

> Scott Penrose <scottp@dd.com.au> wrote:
>> The simple solution that we came up with was replacing the '/' in the
>> URL with a '|', where on failure to find a page would fall back one step.
>> 
>> Eg: the url "/A/Very/Big|Directory/Reference|Links"
> 
> I don't understand why 'Directory/Reference' has a '/'?
> 
> N

--------------------------------------------------------
?? ? ? ? ? ? There are 10 kinds of people:
?? those that understand binary, and those that don't.
--------------------------------------------------------
?? The day Microsoft makes something that doesn't suck
?? ? is the day they start selling vacuum cleaners
--------------------------------------------------------



From scottp at dd.com.au  Tue Nov 19 18:20:55 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:46 2004
Subject: Competition 
In-Reply-To: <200211192238.JAA405357@goaway.cc.monash.edu.au>
Message-ID: <EF8E8CF8-FC1D-11D6-9BE0-003065B58CF8@dd.com.au>


On Wednesday, Nov 20, 2002, at 09:38 Australia/Melbourne, Nathan Bailey 
wrote:

> Scott Penrose <scottp@dd.com.au> wrote:
>> The simple solution that we came up with was replacing the '/' in the
>> URL with a '|', where on failure to find a page would fall back one 
>> step.
>>
>> Eg: the url "/A/Very/Big|Directory/Reference|Links"
>
> I don't understand why 'Directory/Reference' has a '/'?

A '/' is not optional where a '|' is

So If I say http://somesite/Information/About/Bailey|Nathan/X

Then I am asking for information on Nathan X Bailey, or just on Bailey.

Scott
-- 
Scott Penrose
Welcome to the Digital Dimension
http://www.dd.com.au/
scottp@dd.com.au

Dismaimer: Contents of this mail and signature are bound to change 
randomly. Whilst every attempt has been made to control said 
randomness, the author wishes to remain blameless for the number of 
eggs that damn chicken laid. Oh and I don't want to hear about 
butterflies either.


From cgarnett at ap.be  Wed Nov 20 09:45:18 2002
From: cgarnett at ap.be (Gina Hampton)
Date: Wed Aug  4 00:02:46 2004
Subject: Reduce Travel Costs
Message-ID: <000039be1637$00003e04$00004cd3@postman.mx.aol.com>

An HTML attachment was scrubbed...
URL: http://mail.pm.org/archives/melbourne-pm/attachments/20021119/3221ce5a/attachment.htm
From tim.hunt at its.monash.edu.au  Thu Nov 21 00:16:58 2002
From: tim.hunt at its.monash.edu.au (tim)
Date: Wed Aug  4 00:02:46 2004
Subject: IO::Socket and LWP::UserAgent
References: <LAW2-F82xroC6POYFSr000003d9@hotmail.com>
Message-ID: <3DDC7A5A.6C1CC2AD@its.monash.edu.au>

Hello.

I'm trying to connect to a service provider using two methods:

HTTPS:// GET via LWP::UserAgent;
TCP/IP stream via IO::Socket::SSL;

In each case I'm sending information to be SMSed to mobile phones.

My script instantiates an object and then calls the specific ->send()
method; in each case the object is reused. The HTTPS method is about
three times faster than the socket method. The socket seems to put one
message per second, whilst the supplier has suggested that 20 per second
is achievable.

Am I missing something intrinsic about IO::Socket::SSL (and IO::Socket
in general), or shoudl I be talking to the provider to get their system
tuned? They use Win NT as their server, and that's about all I know :)

Thanks in advance,

Tim.

----------

[SCRIPT]
my $sms = new Monash::SMS_Stunnel($account, $pass);
my $ssl_mobile_number = '0419xxxxxxxxx';
my $message = 'TEXT for test purposes';
my $str;
map {
    $response = $sms->send_socket_SSL($ssl_mobile_number, $message);
    if ($response) {
        $str = "Message $_ sent from process $$";
    } else {
        $str = "Message $_ failed from process $$";
    }
    carp $str;
} (1..200);

[MODULE]

sub new
{
   use IO::Socket::SSL;
   my $remote_ssl = IO::Socket::SSL->new(
               Proto=> 'tcp',
               PeerAddr => 'xx.xx.xx.xx',
               PeerPort => 'xxx',
           )
             or die "cannot connect to [SSL] server";

    my ($clazz, $account_name, $passwd) = @_;

    my $self = {
        _account_name   => $account_name,
        _passwd     => $passwd,
        _remote_ssl => $remote_ssl,
    };

    bless $self, $clazz;
    return $self;
}

sub send_socket_SSL($)
{
    my ($self,$mobile_number,$message) = @_;

    # These three should form part of the object invocation:
    my $sender = 'xxxxxx';
    my $sender_address = 'xxxxxxxxxxxxxx';
    my $recipient = 'xxxxxxxxxxxxx';
    my $remote = $self->{_remote_ssl};
    # Okay, let's send it!
    print $remote qq{\r\r}.$self->{_account_name}.qq{\r1\r1\r}.
        qq{$sender\r}.
        qq{$sender_address\r}.
        qq{$recipient\r}.
        qq{$mobile_number}.
        qq{\rGSM}.
        qq{\r0\r0\r0\r}.$self->{_passwd}.qq{\r}.
        qq{$message};

    # Send result
    # Accepted Result code = 0x06 Description = Lodge OK
    # Rejected Result code = 0x15 Description = Lodge Error

    my $strbuff = '';
    $remote->read($strbuff,10,0);
    # Next line for debug purposes only:
#   print "\nstrbuff was ($strbuff)\n";
    if ($strbuff =~ /Lodge OK/) {
        return 1;
    } else {
        return 0;
    }
}

__END__

From piers at ompa.net  Thu Nov 21 01:38:02 2002
From: piers at ompa.net (Piers Harding)
Date: Wed Aug  4 00:02:46 2004
Subject: IO::Socket and LWP::UserAgent
In-Reply-To: <3DDC7A5A.6C1CC2AD@its.monash.edu.au>; from tim.hunt@its.monash.edu.au on Thu, Nov 21, 2002 at 05:16:58PM +1100
References: <LAW2-F82xroC6POYFSr000003d9@hotmail.com> <3DDC7A5A.6C1CC2AD@its.monash.edu.au>
Message-ID: <20021121073801.B19052@gnu>

While LWP is a magnificent module - it is slow.

Something that you might consider is writing a specific C extension to
handle your HTTP/HTTPS connections.  There is one that uses Gnomes HTTP
module ( written by Matt Sargent ) HTTP::GHTTP, but I don't think that
this supports SSL.  If all you need to do is GETs then VFS::Gnome ( soon
to be part of VFS ) will do it, or CURL::easy, but if you need to POST 
then that is a problem.

Also, are you using Connection: keep-alive on your HTTP connections?  This
 would help performance.

Cheers.


On Thu, Nov 21, 2002 at 05:16:58PM +1100, tim wrote:
> Hello.
> 
> I'm trying to connect to a service provider using two methods:
> 
> HTTPS:// GET via LWP::UserAgent;
> TCP/IP stream via IO::Socket::SSL;
> 
> In each case I'm sending information to be SMSed to mobile phones.
> 
> My script instantiates an object and then calls the specific ->send()
> method; in each case the object is reused. The HTTPS method is about
> three times faster than the socket method. The socket seems to put one
> message per second, whilst the supplier has suggested that 20 per second
> is achievable.
> 
> Am I missing something intrinsic about IO::Socket::SSL (and IO::Socket
> in general), or shoudl I be talking to the provider to get their system
> tuned? They use Win NT as their server, and that's about all I know :)
> 
> Thanks in advance,
> 
> Tim.
> 
> ----------
> 
> [SCRIPT]
> my $sms = new Monash::SMS_Stunnel($account, $pass);
> my $ssl_mobile_number = '0419xxxxxxxxx';
> my $message = 'TEXT for test purposes';
> my $str;
> map {
>     $response = $sms->send_socket_SSL($ssl_mobile_number, $message);
>     if ($response) {
>         $str = "Message $_ sent from process $$";
>     } else {
>         $str = "Message $_ failed from process $$";
>     }
>     carp $str;
> } (1..200);
> 
> [MODULE]
> 
> sub new
> {
>    use IO::Socket::SSL;
>    my $remote_ssl = IO::Socket::SSL->new(
>                Proto=> 'tcp',
>                PeerAddr => 'xx.xx.xx.xx',
>                PeerPort => 'xxx',
>            )
>              or die "cannot connect to [SSL] server";
> 
>     my ($clazz, $account_name, $passwd) = @_;
> 
>     my $self = {
>         _account_name   => $account_name,
>         _passwd     => $passwd,
>         _remote_ssl => $remote_ssl,
>     };
> 
>     bless $self, $clazz;
>     return $self;
> }
> 
> sub send_socket_SSL($)
> {
>     my ($self,$mobile_number,$message) = @_;
> 
>     # These three should form part of the object invocation:
>     my $sender = 'xxxxxx';
>     my $sender_address = 'xxxxxxxxxxxxxx';
>     my $recipient = 'xxxxxxxxxxxxx';
>     my $remote = $self->{_remote_ssl};
>     # Okay, let's send it!
>     print $remote qq{\r\r}.$self->{_account_name}.qq{\r1\r1\r}.
>         qq{$sender\r}.
>         qq{$sender_address\r}.
>         qq{$recipient\r}.
>         qq{$mobile_number}.
>         qq{\rGSM}.
>         qq{\r0\r0\r0\r}.$self->{_passwd}.qq{\r}.
>         qq{$message};
> 
>     # Send result
>     # Accepted Result code = 0x06 Description = Lodge OK
>     # Rejected Result code = 0x15 Description = Lodge Error
> 
>     my $strbuff = '';
>     $remote->read($strbuff,10,0);
>     # Next line for debug purposes only:
> #   print "\nstrbuff was ($strbuff)\n";
>     if ($strbuff =~ /Lodge OK/) {
>         return 1;
>     } else {
>         return 0;
>     }
> }
> 
> __END__

From jh_lists at fastmail.fm  Thu Nov 21 02:46:13 2002
From: jh_lists at fastmail.fm (JP Howard)
Date: Wed Aug  4 00:02:46 2004
Subject: IO::Socket and LWP::UserAgent
Message-ID: <20021121084613.7499D6288F7@server5.fastmail.fm>

On Thu, 21 Nov 2002 07:38:02 +0000, "Piers Harding" <piers@ompa.net>
said:
> While LWP is a magnificent module - it is slow.
> 
> Something that you might consider is writing a specific C extension to
> handle your HTTP/HTTPS connections.  There is one that uses Gnomes HTTP
> module ( written by Matt Sargent ) HTTP::GHTTP, but I don't think that
> this supports SSL.  If all you need to do is GETs then VFS::Gnome ( soon
> to be part of VFS ) will do it, or CURL::easy, but if you need to POST 
> then that is a problem.
> 
A simpler approach would simply be to use Parallel::ForkManager. This
module lets you maintain a pool of n clients working together. It neatly
gets over the latency problem when writing LWP clients. Here's a
template:
----
   my $PFM = Parallel::ForkManager->new(25);
   for (1..10) {
     $PFM->start and next;
     do_something();
     $PFM->finish;
   }
   $PFM->wait_all_children;
   print "all done!\n";
----

Just write your sub do_something{} and you're done!
> 
> On Thu, Nov 21, 2002 at 05:16:58PM +1100, tim wrote:
> > Hello.
> > 
> > I'm trying to connect to a service provider using two methods:
> > 
> > HTTPS:// GET via LWP::UserAgent;
> > TCP/IP stream via IO::Socket::SSL;
> > 
> > In each case I'm sending information to be SMSed to mobile phones.
> > 
> > My script instantiates an object and then calls the specific ->send()
> > method; in each case the object is reused. The HTTPS method is about
> > three times faster than the socket method. The socket seems to put one
> > message per second, whilst the supplier has suggested that 20 per second
> > is achievable.
> > 
> > Am I missing something intrinsic about IO::Socket::SSL (and IO::Socket
> > in general), or shoudl I be talking to the provider to get their system
> > tuned? They use Win NT as their server, and that's about all I know :)
> > 
> > Thanks in advance,
> > 
> > Tim.
> > 
> > ----------
> > 
> > [SCRIPT]
> > my $sms = new Monash::SMS_Stunnel($account, $pass);
> > my $ssl_mobile_number = '0419xxxxxxxxx';
> > my $message = 'TEXT for test purposes';
> > my $str;
> > map {
> >     $response = $sms->send_socket_SSL($ssl_mobile_number, $message);
> >     if ($response) {
> >         $str = "Message $_ sent from process $$";
> >     } else {
> >         $str = "Message $_ failed from process $$";
> >     }
> >     carp $str;
> > } (1..200);
> > 
> > [MODULE]
> > 
> > sub new
> > {
> >    use IO::Socket::SSL;
> >    my $remote_ssl = IO::Socket::SSL->new(
> >                Proto=> 'tcp',
> >                PeerAddr => 'xx.xx.xx.xx',
> >                PeerPort => 'xxx',
> >            )
> >              or die "cannot connect to [SSL] server";
> > 
> >     my ($clazz, $account_name, $passwd) = @_;
> > 
> >     my $self = {
> >         _account_name   => $account_name,
> >         _passwd     => $passwd,
> >         _remote_ssl => $remote_ssl,
> >     };
> > 
> >     bless $self, $clazz;
> >     return $self;
> > }
> > 
> > sub send_socket_SSL($)
> > {
> >     my ($self,$mobile_number,$message) = @_;
> > 
> >     # These three should form part of the object invocation:
> >     my $sender = 'xxxxxx';
> >     my $sender_address = 'xxxxxxxxxxxxxx';
> >     my $recipient = 'xxxxxxxxxxxxx';
> >     my $remote = $self->{_remote_ssl};
> >     # Okay, let's send it!
> >     print $remote qq{\r\r}.$self->{_account_name}.qq{\r1\r1\r}.
> >         qq{$sender\r}.
> >         qq{$sender_address\r}.
> >         qq{$recipient\r}.
> >         qq{$mobile_number}.
> >         qq{\rGSM}.
> >         qq{\r0\r0\r0\r}.$self->{_passwd}.qq{\r}.
> >         qq{$message};
> > 
> >     # Send result
> >     # Accepted Result code = 0x06 Description = Lodge OK
> >     # Rejected Result code = 0x15 Description = Lodge Error
> > 
> >     my $strbuff = '';
> >     $remote->read($strbuff,10,0);
> >     # Next line for debug purposes only:
> > #   print "\nstrbuff was ($strbuff)\n";
> >     if ($strbuff =~ /Lodge OK/) {
> >         return 1;
> >     } else {
> >         return 0;
> >     }
> > }
> > 
> > __END__
> 

From david_dick at iprimus.com.au  Fri Nov 22 23:13:27 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:46 2004
Subject: Conditional http get for dynamic pages
Message-ID: <3DDF0E77.2010102@iprimus.com.au>

G'day all,
This is slightly off topic, but i figure there is some interest in web 
stuff in the perl-mongers.  I've been reading the http rfc over the last 
week and realising just how cool conditional gets are for dynamic pages. 
 It seems to reduce network traffic by a good amount.  Is anyone else 
using them for dynamic pages?  Any experiences on this?
Uru
-dave


From scottp at dd.com.au  Sat Nov 23 19:50:51 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:46 2004
Subject: Conditional http get for dynamic pages
In-Reply-To: <3DDF0E77.2010102@iprimus.com.au>
Message-ID: <292CC0CF-FF4F-11D6-A7DC-003065B58CF8@dd.com.au>

On Saturday, Nov 23, 2002, at 16:13 Australia/Melbourne, David Dick 
wrote:

> G'day all,
> This is slightly off topic, but i figure there is some interest in web 
> stuff in the perl-mongers.  I've been reading the http rfc over the 
> last week and realising just how cool conditional gets are for dynamic 
> pages. It seems to reduce network traffic by a good amount.  Is anyone 
> else using them for dynamic pages?  Any experiences on this?
> Uru
> -dave

Are you talking about standard IMS request (If Mod Since). If so that 
has been a part of the standard for many years and built into most 
proxy and web servers. For example every time you make a request 
through SQUID it will do an IMS request to the up stream server to only 
get the response if has been modified.

However it is of course extremely difficult to do with dynamic pages. 
My preference is along the lines of this. If it is a dynamic page that 
changes only occasionally then you are best off generating the page. A 
good example of this would be the slashdot home page. Generate the page 
off line and let the web server deliver it. This has many advantages 
the most of which is that you don't have to write special code.

However, if it is a dynamic page which changes depending on the user 
logged in etc, then you are not going to get any advantage out of an 
IMS header response. There are a few reasons for this. A proxy cache 
generally does not cache these pages (it can do but is almost pointless 
so generally don't). Another is that things change in too complicated a 
way. Theoretically you should be able to get cookies and stuff with 
your IMS, but all this overhead generally slows things down quite a bit 
:-)

To reduce network traffic for dynamically generated pages I recommend 
the following strategy:
	- Generate the pages and put them somewhere sensible if they can be 
cached. If they can't be cached (eg: aways changing) then you gain 
nothing from IMS anyway.
	- Use a reasonable expiry time
	- GZIP the pages. If you use the right settings in apache they only 
get compressed once so it is reasonably efficient. You can even go 
further and compress yourself and then NOT check if the file is 
changed, just always send the current GZ file if GZIP is supported.

Scott
-- 
Scott Penrose
Open source developer
http://linux.dd.com.au/
scottp@dd.com.au

Dismaimer: Open sauce usually ends up never coming out (of the bottle).


From mpm at bachelorguy.com  Sun Nov 24 09:45:23 2002
From: mpm at bachelorguy.com (ADFH)
Date: Wed Aug  4 00:02:46 2004
Subject: Error/Warning - what's "prettier" way of achieving purpose
Message-ID: <20021125024523.58e98a37.mpm@bachelorguy.com>

Some code I've written has following line..

print   (!defined $DEBUG) ? $cgi_int->header : '' ;

Basically, if I'm debugging, a content type header is printed
elsewhere.. With the above line I get the following message:

"Useless use of a constant in void context"

Should I be using a full-blown if statement?
Should I be using a different way of saying null?
Is there a different structure I should be using?

ADFH

From david_dick at iprimus.com.au  Sun Nov 24 13:19:50 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:46 2004
Subject: Conditional http get for dynamic pages
In-Reply-To: <292CC0CF-FF4F-11D6-A7DC-003065B58CF8@dd.com.au>
References: <292CC0CF-FF4F-11D6-A7DC-003065B58CF8@dd.com.au>
Message-ID: <3DE12656.2070409@iprimus.com.au>



Scott Penrose wrote:

> On Saturday, Nov 23, 2002, at 16:13 Australia/Melbourne, David Dick 
> wrote:
>
>> G'day all,
>> This is slightly off topic, but i figure there is some interest in 
>> web stuff in the perl-mongers.  I've been reading the http rfc over 
>> the last week and realising just how cool conditional gets are for 
>> dynamic pages. It seems to reduce network traffic by a good amount.  
>> Is anyone else using them for dynamic pages?  Any experiences on this?
>> Uru
>> -dave
>
>
> Are you talking about standard IMS request (If Mod Since).

Actually the INM (If None Match) request :)

> If so that has been a part of the standard for many years and built 
> into most proxy and web servers. For example every time you make a 
> request through SQUID it will do an IMS request to the up stream 
> server to only get the response if has been modified.
>
> However it is of course extremely difficult to do with dynamic pages. 
> My preference is along the lines of this. If it is a dynamic page that 
> changes only occasionally then you are best off generating the page. A 
> good example of this would be the slashdot home page. Generate the 
> page off line and let the web server deliver it. This has many 
> advantages the most of which is that you don't have to write special 
> code. 

Hmmmmm... Correct.  My problem is probably a specific one.  I'm building 
a inventory system (keep track of the amount of goods in a warehouse). 
 This means that I can't use a cache for the volume of stock remaining 
type enquiries, cos it's vital that the application server is consulted 
for every enquiry.  However, it's quite likely that the level of stock 
only changes relatively slowly.

But if I take a MD5 Digest (for example) of the final page just before 
actually sending it and send it with the page as a ETag, the next time 
the user requests a "level of stock remaining" page (for example :)), if 
the page has the same MD5 Digest, I can just send a 304 and save the 
network traffic of a full response.  Also extremely applicable to a 
"Search for a document" type pages, which i am using quite a lot.

>
>
> However, if it is a dynamic page which changes depending on the user 
> logged in etc, then you are not going to get any advantage out of an 
> IMS header response. There are a few reasons for this. A proxy cache 
> generally does not cache these pages (it can do but is almost 
> pointless so generally don't). Another is that things change in too 
> complicated a way. Theoretically you should be able to get cookies and 
> stuff with your IMS, but all this overhead generally slows things down 
> quite a bit :-)
>
> To reduce network traffic for dynamically generated pages I recommend 
> the following strategy:
>     - Generate the pages and put them somewhere sensible if they can 
> be cached. If they can't be cached (eg: aways changing) then you gain 
> nothing from IMS anyway. 

Except that you do reduce network traffic.  As above, it's probably a 
more specific problem than i realised. :) i just got really excited on 
realising that there was a technical optimisation that i could apply to 
the problem. :)

>
>     - Use a reasonable expiry time
>     - GZIP the pages. If you use the right settings in apache they 
> only get compressed once so it is reasonably efficient. You can even 
> go further and compress yourself and then NOT check if the file is 
> changed, just always send the current GZ file if GZIP is supported. 

But if you do take the hash before the gzip, you may not need to gzip. 
:) Of course, if you use a MD5 Digest after any possible compression, 
you can also use it for a Content-MD5 field :)

>
>
> Scott



From david_dick at iprimus.com.au  Sun Nov 24 13:34:16 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:46 2004
Subject: Error/Warning - what's "prettier" way of achieving purpose
In-Reply-To: <20021125024523.58e98a37.mpm@bachelorguy.com>
References: <20021125024523.58e98a37.mpm@bachelorguy.com>
Message-ID: <3DE129B8.5080504@iprimus.com.au>



ADFH wrote:

>Some code I've written has following line..
>
>print   (!defined $DEBUG) ? $cgi_int->header : '' ;
>
>Basically, if I'm debugging, a content type header is printed
>elsewhere.. With the above line I get the following message:
>
>"Useless use of a constant in void context"
>
>Should I be using a full-blown if statement?
>Should I be using a different way of saying null?
>Is there a different structure I should be using?
>
You could use

print ((! defined $DEBUG) ? $cgi->header : '');

or

print $cgi->header if (not defined $DEBUG); # slightly different, it 
won't print the empty string ;)

as to whether you should.... What are you trying to achieve? Quick and 
dirty prototyping? Application for others to maintain?

>
>ADFH
>
>  
>


From rickm at isite.net.au  Sun Nov 24 14:34:11 2002
From: rickm at isite.net.au (Rick Measham)
Date: Wed Aug  4 00:02:46 2004
Subject: Error/Warning - what's "prettier" way of achieving purpose
In-Reply-To: <3DE129B8.5080504@iprimus.com.au>
References: <20021125024523.58e98a37.mpm@bachelorguy.com>
 <3DE129B8.5080504@iprimus.com.au>
Message-ID: <a05200f01ba06e4d459f3@[192.168.1.128]>

At 6:34 AM +1100 25/11/02, David Dick wrote:
>print $cgi->header if (not defined $DEBUG); # slightly different, it 
>won't print the empty string ;)

The whole point of 'unless' is to remove the 'if not' syntax so even 
better would be:
print $cgi->header unless defined($DEBUG);

I would argue for using this type of snyax over ()?: because you want 
to print the header. That's the point of the line. Unless you're 
debugging.

With the original line the point appears to be to test if $DEBUG is 
defined and if it isn't then print a header.

Small difference, but makes code easier to maintain.

Cheers!
Rick
-- 
--------------------------------------------------------
             There are 10 kinds of people:
   those that understand binary, and those that don't.
--------------------------------------------------------
   The day Microsoft makes something that doesn't suck
     is the day they start selling vacuum cleaners
--------------------------------------------------------

From scottp at dd.com.au  Sun Nov 24 17:21:57 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:46 2004
Subject: Error/Warning - what's "prettier" way of achieving purpose
In-Reply-To: <a05200f01ba06e4d459f3@[192.168.1.128]>
Message-ID: <86F0134E-0003-11D7-BBDF-003065B58CF8@dd.com.au>


On Monday, Nov 25, 2002, at 07:34 Australia/Melbourne, Rick Measham 
wrote:

> At 6:34 AM +1100 25/11/02, David Dick wrote:
>> print $cgi->header if (not defined $DEBUG); # slightly different, it 
>> won't print the empty string ;)
>
> The whole point of 'unless' is to remove the 'if not' syntax so even 
> better would be:
> print $cgi->header unless defined($DEBUG);

I would tend to agree. The ternary operator (silly name isn't it :-) 
has some great uses. Especially so is if you want to provide a number 
of alternative inputs to a sub without wanting to use a temporary 
variable.

Therefore it would be 'reasonable' to do something like this.

	print "You are currently in " . (defined $DEBUG ? 'DEBUG' : 
'PRODUCTION') . " mode";

But in the example given where we need to do nothing if not debug, then 
Ricks example is probably the best.

Scott
-- 
Scott Penrose
Welcome to the Digital Dimension
http://www.dd.com.au/
scottp@dd.com.au

Dismaimer: Contents of this mail and signature are bound to change 
randomly. Whilst every attempt has been made to control said 
randomness, the author wishes to remain blameless for the number of 
eggs that damn chicken laid. Oh and I don't want to hear about 
butterflies either.


From scottp at dd.com.au  Sun Nov 24 17:18:10 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:46 2004
Subject: Conditional http get for dynamic pages
In-Reply-To: <3DE12656.2070409@iprimus.com.au>
Message-ID: <FF35E8EA-0002-11D7-BBDF-003065B58CF8@dd.com.au>


On Monday, Nov 25, 2002, at 06:19 Australia/Melbourne, David Dick wrote:
> Hmmmmm... Correct.  My problem is probably a specific one.  I'm 
> building a inventory system (keep track of the amount of goods in a 
> warehouse). This means that I can't use a cache for the volume of 
> stock remaining type enquiries, cos it's vital that the application 
> server is consulted for every enquiry.  However, it's quite likely 
> that the level of stock only changes relatively slowly.
>
> But if I take a MD5 Digest (for example) of the final page just before 
> actually sending it and send it with the page as a ETag, the next time 
> the user requests a "level of stock remaining" page (for example :)), 
> if the page has the same MD5 Digest, I can just send a 304 and save 
> the network traffic of a full response.  Also extremely applicable to 
> a "Search for a document" type pages, which i am using quite a lot.

Oh I see, yeah that sounds kind of exciting. The search idea is kind of 
cool. I was thinking about the fact that a whole bunch of students in a 
class room may all click on the same search string to Google. Of course 
the silly proxy won't cache it because it is a CGI - however... in 
theory it could cache it and use your example above. In that case 
instead of an ETag it would just be the query that it caches against.

> But if you do take the hash before the gzip, you may not need to gzip. 
> :) Of course, if you use a MD5 Digest after any possible compression, 
> you can also use it for a Content-MD5 field :)

Umm... why not NEED to gzip ? What has the hash to do with compression. 
Sure do the MD5 as you suggested above, bug compressions still reduces 
bandwidth.

Scott
-- 
Scott Penrose
Open source developer
http://linux.dd.com.au/
scottp@dd.com.au

Dismaimer: Open sauce usually ends up never coming out (of the bottle).


From scottp at dd.com.au  Sun Nov 24 22:00:14 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:46 2004
Subject: Competition Reminder
Message-ID: <6700FEAA-002A-11D7-BBDF-003065B58CF8@dd.com.au>

Hey Dudes,

Just a reminder that the competition closes today. Email your entries 
back to me directly and I will forward them on to the other judges :-)

Good luck

Scott
-- 
Scott Penrose
Welcome to the Digital Dimension
http://www.dd.com.au/
scottp@dd.com.au

Dismaimer: Contents of this mail and signature are bound to change 
randomly. Whilst every attempt has been made to control said 
randomness, the author wishes to remain blameless for the number of 
eggs that damn chicken laid. Oh and I don't want to hear about 
butterflies either.


From david_dick at iprimus.com.au  Mon Nov 25 13:09:16 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:46 2004
Subject: Error/Warning - what's "prettier" way of achieving purpose
In-Reply-To: <86F0134E-0003-11D7-BBDF-003065B58CF8@dd.com.au>
References: <86F0134E-0003-11D7-BBDF-003065B58CF8@dd.com.au>
Message-ID: <3DE2755C.2080606@iprimus.com.au>



Scott Penrose wrote:

>
> On Monday, Nov 25, 2002, at 07:34 Australia/Melbourne, Rick Measham 
> wrote:
>
>> At 6:34 AM +1100 25/11/02, David Dick wrote:
>>
>>> print $cgi->header if (not defined $DEBUG); # slightly different, it 
>>> won't print the empty string ;)
>>
>>
>> The whole point of 'unless' is to remove the 'if not' syntax so even 
>> better would be:
>> print $cgi->header unless defined($DEBUG);
>
>
> I would tend to agree. The ternary operator (silly name isn't it :-) 
> has some great uses. Especially so is if you want to provide a number 
> of alternative inputs to a sub without wanting to use a temporary 
> variable.
>
> Therefore it would be 'reasonable' to do something like this.
>
>     print "You are currently in " . (defined $DEBUG ? 'DEBUG' : 
> 'PRODUCTION') . " mode";
>
> But in the example given where we need to do nothing if not debug, 
> then Ricks example is probably the best.
>
> Scott 

i'd agree too.  Mental note not to reply to emails just after waking up. 
*pause* DOH!!! :)


From david_dick at iprimus.com.au  Mon Nov 25 13:25:00 2002
From: david_dick at iprimus.com.au (David Dick)
Date: Wed Aug  4 00:02:46 2004
Subject: Conditional http get for dynamic pages
In-Reply-To: <FF35E8EA-0002-11D7-BBDF-003065B58CF8@dd.com.au>
References: <FF35E8EA-0002-11D7-BBDF-003065B58CF8@dd.com.au>
Message-ID: <3DE2790C.7010901@iprimus.com.au>



Scott Penrose wrote:

>
> On Monday, Nov 25, 2002, at 06:19 Australia/Melbourne, David Dick wrote:
>
>> Hmmmmm... Correct.  My problem is probably a specific one.  I'm 
>> building a inventory system (keep track of the amount of goods in a 
>> warehouse). This means that I can't use a cache for the volume of 
>> stock remaining type enquiries, cos it's vital that the application 
>> server is consulted for every enquiry.  However, it's quite likely 
>> that the level of stock only changes relatively slowly.
>>
>> But if I take a MD5 Digest (for example) of the final page just 
>> before actually sending it and send it with the page as a ETag, the 
>> next time the user requests a "level of stock remaining" page (for 
>> example :)), if the page has the same MD5 Digest, I can just send a 
>> 304 and save the network traffic of a full response.  Also extremely 
>> applicable to a "Search for a document" type pages, which i am using 
>> quite a lot.
>
>
> Oh I see, yeah that sounds kind of exciting. The search idea is kind 
> of cool. I was thinking about the fact that a whole bunch of students 
> in a class room may all click on the same search string to Google. Of 
> course the silly proxy won't cache it because it is a CGI - however... 
> in theory it could cache it and use your example above. In that case 
> instead of an ETag it would just be the query that it caches against.

I _think_ that would work.  The only difference between mine and your 
case is that you would also give it a TTL?  That way the proxy could 
validate it for a GET.  back i go to the rfc... :)

>
>> But if you do take the hash before the gzip, you may not need to 
>> gzip. :) Of course, if you use a MD5 Digest after any possible 
>> compression, you can also use it for a Content-MD5 field :)
>
>
> Umm... why not NEED to gzip ? What has the hash to do with 
> compression. Sure do the MD5 as you suggested above, bug compressions 
> still reduces bandwidth.

Due to poor english language skills, sending code instead.... and hoping 
early morning coding skills up to the job.... :)

sub send_output {
    my ($self, $reference_to_html) = @_;
    $self->{'etag'} = Digest::MD5::md5_base64($$reference_to_html);
    if ((exists $ENV{'HTTP_IF_NONE_MATCH'}) && 
($ENV{'HTTP_IF_NONE_MATCH'} eq $etag) && ($self->response() eq 'OK')) {
        # send 304
    } else {
        # compress if possible and send 200
    }
}

or

sub send_output {
    my ($self, $reference_to_html) = @_;

    # compress if possible

    my ($md5) = Digest::MD5::md5_base64($compressed_html);
    $self->{'etag'} = $md5;
    $self->{'content-md5'} = $md5;

    if ((exists $ENV{'HTTP_IF_NONE_MATCH'}) && 
($ENV{'HTTP_IF_NONE_MATCH'} eq $etag) && ($self->response() eq 'OK')) {
        # send 304
    } else {
        # send 200  
    }
}





From scottp at dd.com.au  Tue Nov 26 00:20:16 2002
From: scottp at dd.com.au (Scott Penrose)
Date: Wed Aug  4 00:02:46 2004
Subject: Concat a String
Message-ID: <2102080A-0107-11D7-BBDF-003065B58CF8@dd.com.au>

Hey Dudes,

I find that we have a lot of code that loops through code continually 
building a XML object or some HTML or some other type of string by 
continuing to concatenate a string.

eg:
	foreach my $x (@y) {
		$out .= $x->{something} . "\n";
	}

(the example above is too trivial to be real, coz you could just use a 
map there !)

Anyway I was wondering if we should be doing something much more 
sensible, along the lines of

	foreach my $x (@y) {
		push @z, $x->{something};
	}
	$out = join("\n", @z);

Or we could even go a lot further and do it without temporary variables.

	$out = join("\n",
		map {
			$_->{something}
		} @y
	);

(oooh I am looking forward to Perl 6, where I don't have to use $_ for 
the map above :-)

Which is more efficient but still logical to read ?

Also if I go about the join/map code above, do you think it is 
reasonable to have a very complicated MAP method, or is that just too 
hard to read/understand ?

Scott
-- 
Scott Penrose
Anthropomorphic Personification Expert
http://search.cpan.org/search?author=SCOTT
scott@cpan.org

Dismaimer: While every attempt has been made to make sure that this 
email only contains zeros and ones, there has been no effort made to 
guarantee the quantity or the order.


From peterm at zeta.org.au  Tue Nov 26 23:45:52 2002
From: peterm at zeta.org.au (Peter G. Martin)
Date: Wed Aug  4 00:02:46 2004
Subject: Concat a String
In-Reply-To: <2102080A-0107-11D7-BBDF-003065B58CF8@dd.com.au>
Message-ID: <200211270546.gAR5kCr12031@mail.pm.org>

Scott Penrose:
On Tue, 26 Nov 2002 17:20:16 +1100,  you wrote:
>Hey Dudes,
>
>I find that we have a lot of code that loops through code
>continually
>building a XML object or some HTML or some other type of string by
>continuing to concatenate a string.
>
>eg:
>    foreach my $x (@y) {
>        $out .= $x->{something} . "\n";
>    }
>
>(the example above is too trivial to be real, coz you could just use
>a
>map there !)
>
>Anyway I was wondering if we should be doing something much more
>sensible, along the lines of
>
>    foreach my $x (@y) {
>        push @z, $x->{something};
>    }
>    $out = join("\n", @z);
>

Maybe have a look at Data::Locations, which can go further, and 
collect elements in all kinds of different places.   Advantages include being able to 
use ties, print, printf, etc etc.     But more particularly, it's a bit easier
to hand non-sequential data that can assembled in bits and then pulled together
in your own order at the end of processing.

-- 
Peter G. Martin, peterm@zeta.org.au on 27/11/2002
http://www.zeta.org.au/~peterm


From chinatong at cnrz.net  Wed Nov 27 09:25:42 2002
From: chinatong at cnrz.net (diesel fuel injection)
Date: Wed Aug  4 00:02:46 2004
Subject: Head & Rotor VE 11/28B
Message-ID: <20021127152617.CE06F4883B@mail1.panix.com>

Dear Sir,  
 
 *????????????????????????VE????(VE??????????????),??????????
    ??????4JB1,??????6BT,????????????,??????????.....

			
	
 * ??????????????????????VE??????????, ??????????????????????
   ??????????,????????????????????????????????????????????
   ??????????????,??????????????????????????????,??????.??????
   ????????????????????????????. 

 * ????????????????????,??????????.




 
   we have been in the field of diesel fuel injection 
systems for quite a few years.(CHINA)

  Recently we have developed a new kind of h&r,
AM Bosch number HD90100A.Its unit price is USD120/pc.And 
we also adjust the unit price of Nozzle , Plunger to USD4~5/pc
respectively.

   We tell you that we will update our VE h&r
(hydraulic heads for the VE distributor pump) list in our 
homepages.Thirty more models will be added.And the minimum
order will be 10pcs a model.

  we give the unity quotation of VE distributor head:

3-cyl:USD:55/1pcs
4-cyl:USD:40~50/1pcs
5-cyl:USD:55/1pcs
6-cyl:USD:45~50/1pcs

   We can ship the following three models to you within 8~10 weeks. after
we receive your payment.
  If you feel interested in our products,please advise the details about 
what you need,such model name,part number,quantity and so on.We are always
within your touch.

  we'd like to interchange our website's linkage with you.As a result,we
can add the icon of your website to our website's main-page.
  Vice versa.What do you think of that?
  
 
Thanks and best regards

  Looking forward to our favorable cooperation.
  Hope to hear from you soon.
(NIPPON DENSO)
096400-0143
096400-0242
096400-0262
096400-0371
096400-0432
096400-1030
096400-1060
096400-1090
096400-1210
096400-1220
096400-1230
096400-1240
096400-1250
096400-1330
096400-1331
096400-1600
096540-0080 
146400-2220
145400-3320
146400-4520
146400-5521
146400-8821
146400-9720
146401-0520
146401-2120
146402-0820
146402-0920
146402-1420
146402-4020
146402-4320
146402-3820
146403-2820
146403-3120
146403-3520
146404-1520
146404-2200
146405-1920
146430-1420
1 468 333 320
1 468 333 323
1 468 334 313
1 468 334 327
1 468 334 565
1 468 334 337
1 468 334 378
1 468 334 424
1 468 334 475
1 468 334 485
1 468 334 494
1 468 334 496
1 468 334 580
1 468 334 590
1 468 334 564
1 468 334 565
1 468 334 575
1 468 334 592
1 468 334 595
1 468 334 596
1 468 334 603
1 468 334 604
1 468 334 606
1 468 334 617
1 468 334 675
1 468 334 678
1 468 334 720
1 468 334 780
1 468 334 798
1 468 334 859
1 468 334 874
1 468 334 899
1 468 334 946
1 468 335 345
2 468 335 022
1 468 336 335
1 468 336 352
1 468 336 364
1 468 336 403
1 468 336 423
1 468 336 464
1 468 336 480
1 468 336 528
1 468 336 608
1 468 336 614
1 468 336 626
1 468 336 632
2 468 334 050
2 468 334 021
2 468 336 013

 
 


                                    C.Hua
									
Sales & purchasing director
http://WWW.China-LuTon.com 
chinatong@cnrz.net