Hi fellow Carroters (and rooters :-) ),
[warning: I'm not a guru]
I've been plodding away and adding a couple of features to Carrot that I
miss from PHP, mainly the ability to get GET, POST and COOKIE variables
separately, without each one munging (or adding) to the other, and the
ability to upload files.
[appologies if this is known] In PHP it was / is a security problem
when you use a feature called "register_globals", which basically
collates all the variables passed from GET, POST, COOKIES and SESSIONS
and into variables. (ie if ?firstname=bob&lastname=smith was passed as
a get request, then a variable called $firstname with a value of bob)
If there was a POST variable called firstname and a GET variable called
firstname, they would munge each other. More importantly though is if a
variable was defined (and assigned a value) in the script, GET and POST
variable (of the same name) could overwrite the variable value.
[http://www.php.net/manual/en/security.registerglobals.php]
//GET request ?auth=1
$auth=0;
if( $isauth )
{
//blah <-- this would execute. (according to the php manual)
}
else
{
echo "unauthed";
}
This really has nothing to do with Carrot, except now you can
specifically get a value from a specific source (GET, POST, or COOKIES),
which should theoretically be safer. (You might disagree; so might I :-) )
TList *GetVars("POST");
TList *GetVars("GET");
TList *GetVars("COOKIE"); // or COOKIES
TList *GetVars("FILE"); // or FILES
Secondly I added the ability to parse multipart POST data, as well as
the ability to upload files. (enctype="multipart/data") I wrote my own
version which wasn't the best, but I stumbled on mod_dtcl which had a
very nicely structure mutlipart request handling functions. I converted
this to C++ to fit in better.
BUT, the file handling doesn't quite work yet.. It all parses fine and
gFileList is filled, but when I try and access gFileList (which elements
are of type TApacheUploadedFile), I get
Warning: Interpreted class TApacheUploadedFile derived from precompiled
class TNamed FILE:/usr/local/root-c++/include/TApacheUploadedFile.h LINE:27
!!!There are some limitations regarding compiled/interpreted class
inheritance
(see attached ALLVars.C line 147)
I think this is a problem with how libCarrot is built. I tried to
include TApacheUploadedFile.lo in libCarrot which it seems to have done:
[??]
c++ -shared CarrotDict.lo TApache.lo TApacheObject.lo TApacheUtil.lo
TApacheBrowser.lo
/home/ash/ash-server/Work/build/Carrot/module/TApacheUploadedFile.lo
-lc -Wl,-soname -Wl,libCarrot-1.0.so.2 -o .libs/libCarrot-1.0.so.2.0.0
I'm not a C/C++ guru so this is all a bit beyond me. Can someone give
me a clue as to why TApacheUploadedFile isn't seen as an compiled class?
I'm sure there are other thing I have done wrong.
Anyways, see what you think.
Ashley Cambrell
This archive was generated by hypermail 2b29 : Sat Jan 04 2003 - 23:50:50 MET