added: config option:
// the way we behave when no_session_cookie_treshold limit is exceeded
// 0 - if a client doesn't send a session cookie again then use a temporary session
// (other sessions from this IP address are not affected)
// 1 - add this IP address to ban list and create a temporary session
// (this will block other sessions from this IP address too)
// default: 0
int no_session_cookie_ban_mode;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@996 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: possibility to ban if a client tries to hijack the session cookie
added: possibility to ban if a client did not send a session cookie
renamed: ezc functions:
login_cannot_login -> ipban_is_login_allowed_from_this_ip (and the return value was changed)
login_when_available_login -> ipban_current_ip_expires_time
added: config options:
// after how many broken encoded cookie we should ban the current IP
// default: 2 (value in the range <0 - 65535>)
size_t broken_encoded_cookie_treshold;
// after how many incorrect session identifiers (or session indices) we should ban the current IP
// do not set this value too low, as people connecting from the same IP address (from behind a NAT)
// would be banned if they have an old session cookie remembered in the browser
// default: 128 (value in the range <0 - 65535>)
size_t session_hijacking_treshold;
// after how many times a client will be banned if it did not send a session cookie
// default: 1000 (value in the range <0 - 65535>)
size_t no_session_cookie_treshold;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@995 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: config options:
// whether or not we should encode the session cookie
// (we have a special algorithm)
// default: false
bool session_cookie_encode;
// if session_cookie_encode is true then you should provide
// a file where AES keys will be stored
std::wstring session_keys_file;
// each session has an index -- an unsigned int value
// this value is sent in the cookie string (is encoded)
// and is incremented when session_index_time_increment time is passed since the last incrementing
// if a client sent the cookie back the difference between
// current index and the index in the cookie should be less than or equal to session_allow_index_difference
// default: 8
size_t session_allow_index_difference;
// the time which should pass after the session index is incremented
// default: 30
// (session_allow_index_difference + 1) * session_index_time_increment should be less than a time
// load of a page and all elements on it such as images (of course it depends on client's download too)
time_t session_index_time_increment;
// time in seconds after a new AES key pair should be generated
// we have 256 pairs of keys so this time multiplied by 256 should not be less than
// the max time of a session (session_remember_max_idle),
// by default: 256 * 2 days = 512 days = 1.4 year > 3 months (session_remember_max_idle)
// default: 172800 = 2 days (max: 2678400 = 1 month, min: 10)
size_t session_key_renew_time;
changed: when printing the time of a request we print only two non-zero digits
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@994 e52654a7-88a9-db11-a3e9-0013d4bc506e
everywhere we are using std::wstring and wchar_t*
(std::string and char* is used only locally in some places
especially when creating a path to OS file system etc.)
added: to the special thread when winix closes:
a write function for curl: FetchPageOnExitCurlCallback()
without this function the curl library will print
the page's content to the standart output
changed: TextStream<> class from core can make
UTF8<->wide strings conversions
removed: from config: utf8 option
now winix expects UTF8 from the user's input (html forms, url-es)
and outputs strings in the UTF8 format
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@965 e52654a7-88a9-db11-a3e9-0013d4bc506e
some environment variables were put there
removed: config variable: debug_info
removed: Request::role (responder, authorizer)
now we have only one role: responder
added: new config variables:
log_env_variables (default false) - when true then fastcgi environment
variables are logged to the log file
log_http_answer_headers (default false) - when true all http headers
created by winix ale logged (note that the www server can add/adjust other headers)
changed: some refactoring in Request struct
changed: CookieTab to std::map<std::wstring, std::wstring>
beforehand std::string was used
(changed CookieParser as well)
changed: Request::SetCookie() to AddCookie()
added: Request::out_headers (a PT::Space struct)
http headers (without cookies) send back to the client
added: Request::out_cookies (a PT::Space struct)
cookies send to the client
changed: App class to use Request::out_headers and Request::out_cookies
some SendHeaders...() methods were renamed to PrepareHeaders...()
and they create output in Request::out_headers first (and out_cookies)
and later it is sent
added: two plugin messages:
// http headers (without cookies) were created and are ready to send
// here you can make some changes to them
// in p1 you have a pointer to the PT::Space (Request::out_headers)
#define WINIX_PREPARE_TO_SEND_HTTP_HEADERS 31070
// http cookies were created and are ready to send
// here you can make some changes to them
// in p1 you have a pointer to the PT::Space (Request::out_cookies)
#define WINIX_PREPARE_TO_SEND_HTTP_COOKIES 31080
added: config variable:
// how many output streams do we have in Request class
// default: 16 (64 maximum)
size_t ezc_out_streams_size;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@940 e52654a7-88a9-db11-a3e9-0013d4bc506e
then we are using a generic json serializer
changed: we are sending the application/json header when returning an json string
added: to config: log_server_answer (default false)
when true we put the whole string (server's answer) to the log file
added: to Request: use_200_status_for_not_found_and_permission_denied
if this is true then if the server http code would be 403 or 404
then we return 200 OK (useful when using ajax)
changed: System::RedirectTo() methods take as the last parameter: use_reqtype
if this is true (default) then reqtype:type parameter is automatically added to the redirecting path
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@918 e52654a7-88a9-db11-a3e9-0013d4bc506e
possibility to remove a ban (or all bans)
added: to SessionManager: sorting of the ban list (in the second thread)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@903 e52654a7-88a9-db11-a3e9-0013d4bc506e
now after some incorrent login attempts your IP can be banned or blocked
(see new config variables)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@902 e52654a7-88a9-db11-a3e9-0013d4bc506e
removed start_tm
added start_date (PT::Date)
changed: in Session:
removed: tm_time
added: start_date (PT::Date)
renamed: time -> start_time
the same is for last_time
now we have (last_time and last_date)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@838 e52654a7-88a9-db11-a3e9-0013d4bc506e
// a session is going to be removed
// it is called from session manager's thread (with lock/unlock)
#define WINIX_PREPARE_SESSION_TO_REMOVE 30027
// a session has been removed
// it is called from session manager's thread (with lock/unlock)
// in l1 you have the old session id
#define WINIX_SESSION_REMOVED 30029
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@832 e52654a7-88a9-db11-a3e9-0013d4bc506e
ConfParser is now SpaceParser
added: to SessionManager
Session * SessionManager::FindSession(long id)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@831 e52654a7-88a9-db11-a3e9-0013d4bc506e
(Session, SessionContainer, SessionManager)
now a Session object don't copy all fields in its copy constructor (only id)
the rest fields are set after the object is inserted in SessionContainer
added: after successfully login a session id is changed
added: plugin.Call() methods with a first argument a pointer to a Session object
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@823 e52654a7-88a9-db11-a3e9-0013d4bc506e
changed: UGContainer<> now uses std::list as a storage
(previously it was using std::vector with pointers)
removed: now we don't have the operator[] for UGContainer<>
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@816 e52654a7-88a9-db11-a3e9-0013d4bc506e
it's nearly finished
now we are using three levels from Space (ConfParser)
- group set
- group
- values
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@773 e52654a7-88a9-db11-a3e9-0013d4bc506e
we have there two pointers:
Request * request;
Session * session;
these are the current request and the current session
the session GC was moved to SessionManager (was in SessionContainer)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
changed: sessions are deleted at the end of a request (and only a few sessions)
other sessions will be deleted after a next request
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@684 e52654a7-88a9-db11-a3e9-0013d4bc506e
changed: functions for text/numbers conversions
int Toi(const std::string & str, int base = 10);
int Toi(const std::wstring & str, int base = 10);
int Toi(const char * str, int base = 10);
int Toi(const wchar_t * str, int base = 10);
long Tol(const std::string & str, int base = 10);
long Tol(const std::wstring & str, int base = 10);
long Tol(const char * str, int base = 10);
long Tol(const wchar_t * str, int base = 10);
template<class CharType>
bool Toa(unsigned long value, CharType * buffer, size_t buf_len, int base = 10);
template<class CharType>
bool Toa(long value, CharType * buffer, size_t buf_len, int base = 10);
template<class CharType>
bool Toa(unsigned int value, CharType * buffer, size_t buf_len, int base = 10);
template<class CharType>
bool Toa(int value, CharType * buffer, size_t buf_len, int base = 10);
const wchar_t * Toa(unsigned int value, int base = 10);
const wchar_t * Toa(unsigned long value, int base = 10);
const wchar_t * Toa(int value, int base = 10);
const wchar_t * Toa(long value, int base = 10);
void Toa(int value, std::string & res, int base = 10, bool clear = true);
void Toa(long value, std::string & res, int base = 10, bool clear = true);
void Toa(int value, std::wstring & res, int base = 10, bool clear = true);
void Toa(long value, std::wstring & res, int base = 10, bool clear = true);
added: HtmlTextStream class (files htmltextstream.cpp htmltextstream.h in templates)
this is a special stream for automatically escaping html tags
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@682 e52654a7-88a9-db11-a3e9-0013d4bc506e
fixed: when winix exits the session data were not properly destroyed (memory leak)
we should set request.session pointer to each session when deleting sessions
from session_container
the session data were not properly destroyed when winix checked for
outdated sessions (and when it was removing them)
fixed: performance (memcpy used too often)
in some places there were reserve method used (on std::wstring/std::string objects)
especially in AssignString() method and TextStream<> object
if we add a new string we should check the new size
and only call reserve() if the new size will be greater than existing one
(plus some constant)
changed: fcgi objects moved to App class (from Request)
now we use thread safe methods (e.g. FCGX_Accept_r)
added: log_plugin_call option to the config
default: false
when true winix log when a plugin function is called
added: winix parameter 'nostat' for not calculating statistics
(useful when making performance tests)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@680 e52654a7-88a9-db11-a3e9-0013d4bc506e
they are in FunThread and FunTicket classes now
added funtion FunUptime (I forgot about it)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@631 e52654a7-88a9-db11-a3e9-0013d4bc506e
now we have app object and singletons are only: log logn plugin and app
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@628 e52654a7-88a9-db11-a3e9-0013d4bc506e
files: htmlfilter.h htmlfilter.cpp
this is an html filter used to make the html output looking better
this is a very lightweight filter
(without using any dynamic memory - some memory is allocated only at the beginning - in ctors)
this filter has O(n) complexity over the whole html string
* added: antyspamming method
if the POST request is sent too fast after the GET
it is treated as a spam
only for no logged users and only in 'emacs' and 'createthread' functions
git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@534 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: the session file
sessions can still be available between starting and stopping the cmslu system
git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@529 e52654a7-88a9-db11-a3e9-0013d4bc506e
changed: mount points parser allows empty lines (with some white characters)
git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@518 e52654a7-88a9-db11-a3e9-0013d4bc506e
core.a content.a templates.a confparser.a have gone away
there is only: cmslu.a now (in the global directory 'cmslu')
changed: the way of building
in Makefile(s) we dont longer use explicitly a variable 'o = file1.o file2.o...'
it was put into Makefile.o.dep and is generated automatically
when 'make depend' is invoked
changed: some #include "..." directives were put from *.h to *.cpp files
fewer dependences
git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@501 e52654a7-88a9-db11-a3e9-0013d4bc506e
sessions are indexed by id and time (last used time)
changed: old sessions are deleted
parameter: session_max_iddle in the config file
added: function 'who'
git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@483 e52654a7-88a9-db11-a3e9-0013d4bc506e
main Makefile is in an application directory
in cmslu/ there are only libraries:
core.a content.a confparser.a templates.a
added: macros APPTEMPLATES APPFUNCTIONS
defined in the application's Makefile
added: PatternCacher
added: cmslu function 'run'
files which have exec permissions
can be run (run is a default function)
after read from the database the content is parsed
into Ezc::Pattern object, this object is then cached
in PatternCacher
added: FunctionCodeParser - will be used to parse the code
from standard functions (ls/cat/...)
git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@475 e52654a7-88a9-db11-a3e9-0013d4bc506e