LibWeb::Core - The core class for libweb modules
- BSD, Linux, Solaris and Windows.
@ISA = qw(LibWeb::Core);
This class is responsible for reading the LibWeb's rc file, handling
portability issues, printing and logging error and debug messages and
sending alert e-mail to the site administrator should error occur. You are
not supposed to use or ISA this class directly. It is ISAed internally by
other modules in LibWeb, e.g. LibWeb::Admin, LibWeb::CGI, LibWeb::Database,
LibWeb::HTML::Default and LibWeb::Themes::Default. You should call the
methods presented in this man page through one of those sub-classes.
The current version of LibWeb::Core is available at
Several LibWeb applications (LEAPs) have be written, released and are
Variables in all-caps (e.g. ADMIN_EMAIL) are those variables set through
LibWeb's rc file. `Sanitize' means escaping any illegal character possibly
entered by user in a HTML form. This will make Perl's taint mode happy and
more importantly make your site more secure. All `error/help messages'
mentioned can be found at
LibWeb::HTML::Error and they can be customized by ISA (making a sub-class of)
LibWeb::HTML::Default. Please see
LibWeb::HTML::Default for details. Method's parameters in square brackets means optional.
You should place your LibWeb rc (config) file outside your WWW document
root. The following shows how a cgi script using LibWeb will typically look
my $rc_file = '/home/me/dot_lwrc';
my $html = new LibWeb::HTML::Default($rc_file);
my $themes = new LibWeb::Themes::Default();
my $session = new LibWeb::Session();
my $db = new LibWeb::Database();
my $q = new LibWeb::CGI();
It is recommended that you pass the absolute path of LibWeb's rc file to
LibWeb::HTML::Default and make it the *first* LibWeb object initialized.
This will ensure other LibWeb objects can ``see'' the rc file and be
However, LibWeb::Admin, LibWeb::CGI, LibWeb::Database,
LibWeb::Themes::Default, and LibWeb::Session all can take
$rc_file as the argument to their new() methods (constructor). You will never need this unless you do not want
LibWeb::HTML::Default to manage HTML page display for you.
You still do *not* need this even if you have ISAed LibWeb::HTML::Default.
The reason to ISA LibWeb::HTML::Default is to customize the normal and
error HTML page display and error messages built into LibWeb. If you have
ISAed LibWeb::HTML::Default, you just have to replace the following two
my $html = new LibWeb::HTML::Default($rc_file);
my $html = new MyHTML($rc_file);
where MyHTML is your class which ISAs LibWeb::HTML::Default. Please read LibWeb::HTML::Default for details. A sample rc file has been included in the ./eg directory. If
you could not find it, please go to http:://libweb.sourceforge.net and
download a standard LibWeb distribution.
LibWeb::Core provides sanitize() method to escape illegal characters entered by users in HTML forms.
LibWeb's definition of illegal characters is as follows,
sanitize() also has the ability to escape HTML tags and detect dirty e-mail addresses
(format). Please see below for details on
class [, rc_file, error_object]
No, you do not call LibWeb::Core::new()
directly in client codes.
class is the class/package name of this package, be it a string or a reference.
rc_file is the absolute path to the rc file for LibWeb.
error_object is a reference to a perl object for printing out error/help message to
users should error occur.
debug_print('you debug message');
-msg [, -input=>, -helpMsg=>, -alertMsg=>,
-isAlert=>, -isDisplay=>, -cookie=> ]
-msg => 'You have not entered your password.',
-alertMsg => "$user did not enter password!",
-helpMsg => \('Please hit back and edit.')
'Possible denial of service attack detected!',
-isDisplay => 0
-alertMsg must be scalar and
-helpMsg must be a SCALAR reference.
-cookie can be a scalar or an ARRAY reference to scalars,
-input is the user input that triggers this fatal error,
-helpMsg is any instruction to guide the remote user, which can be HTML,
-helpMsg to the viewing web browser and abort the current running program if
-isDisplay is defined and is equal to 1 (default),
-isAlert is defined and is equal to 1 (default),
-alertMsg to `FATAL_LOG' if `FATAL_LOG' is defined,
send an alert e-mail, with
-alertMsg as the message body, to `ADMIN_EMAIL' if `IS_MAIL_DEBUG_TO_ADMIN' is 1, and
-alertMsg to the viewing web browser if `DEBUG' is 1.
sanitize(): sanitizes Web client inputs
-text=>'plain_text' || -html=>'html_text' ||
-email=>'email_here' [, -allow=>[characters allowed] ]
sanitize( -text => $user_input, -allow => ['-', '_'] );
sanitize( -email => [$email1,$email2, $email3] );
sanitize( -html => $user_input );
-email, each must be a scalar or an ARRAY reference to scalars,
-allow is an ARRAY reference to special characters allowed. It's effective only
when you use it with
-text: sanitize text by escaping all illegal characters
-html: escape all html <> tags,
-email: sanitize email addresses. Print an error message and abort the current
running program if email is dirty (
array is returned if want array,
this can only process one type of sanity at a time (i.e. per method call).
send_cookie() -- this one is here due to inheritance (backward?) issues not yet resolved
my $cookie1 =
'auth1=0; path=/; expires=Thu, 01-Jan-1970 00:00:01 GMT';
my $cookie2 =
send_cookie( $cookie1 ); # or
send_cookie( [$cookie1, $cookie2] );
Parameter must be either a scalar or an ARRAY reference to scalars,
no other HTTP headers should be sent before this in a single CGI session.
-to=>, -from=>, -subject=>, -msg=>
[, -replyTo=>, -cc=>, -bcc=>, -smtp=> ]
- Colin Kong (colin.kong(at)utoronto.ca)
LibWeb::Admin, LibWeb::Class, LibWeb::Core, LibWeb::CGI,
LibWeb::Crypt LibWeb::Database, LibWeb::File,