 |
Miva Empresa UNIX v3.63 Changelog
Valid for all Unix ports: BSDI,
Cobalt RaQ2, DEC UNIX,
Free BSD, Linux, SCO, SGI IRIX, and Sun Solaris.
Changes from 3.62
-----------------
1. EIN/ECIN now return 0 when their left operand is NULL. This fixes
backwards compatibility with Miva v3.57 and earlier and Htmlscript.
2. Fixed a bug which caused the Htmlscript operator SUBSTR to crash if one
of the two numbers was omitted from the right operand (i.e. "Xyz" SUBSTR ",1").
Changes from 3.61
-----------------
1. Fixed a bug in the processing of multipart/form-data POSTed data which
would sometimes cause garbage to be placed in fields.
2. Fixed a bug on the SGI IRIX platform which caused xBase files created
on IRIX to be incompatible with all other platforms. This means that
existing xBase files created on IRIX must be repaired. A program is
available from Miva Corporation to repair xBase files created on
IRIX systems.
Changes from 3.57
-----------------
1. Fixed a bug which caused the creation of temporary files to
fail on some platforms.
2. The MvCOMMERCE tag now uses dynamically loaded commerce libraries.
The available commerce libraries are configured via the
tag in the Miva configuration file:
METHOD is the same value as will be passed to the METHOD
attribute of the MvCOMMERCE tag.
LIBRARY is the *full* path to the commerce library.
Note: may not be used in a tag, and it
must be specified *before* any tags in the Miva
configuration file.
3. A new option for the STANDARDOUTPUTLEVEL attribute of the MIVA tag
has been added: compresswhitespace, when enabled, will cause the
Miva Engine to eliminate extra whitespace in the output of Miva scripts.
4. The ACTION and FIELDS attributes of the MvCOMMERCE tag are no longer
required by default (some commerce libraries may still require them).
5. The METAMETHOD attribute of the MvCOMMERCE tag has been deprecated in
favor of METHOD.
6. Fixed a bug which caused NULL left operands to the IN/CIN/EIN/ECIN to
return 0. They now return 1, which was the previous behavior.
7. Fixed a bug which could cause a crash on some platforms if
or was used on a database with an empty index.
8. A new configuration variable, path, has been added. This option
configures
the value of the PATH environment variable. The default value is the
current
working directory. This option is required for dynamic commerce libraries
to function correctly under BSDI 2.x and BSDI 3.x.
9. Macros may now be used in the definition of the mivaroot configuration
variable to obtain the value of any environment variable. This can be
used to dynamically set the mivaroot variable based on the DOCUMENT_ROOT
environment variable. For example:
mivaroot=&[ DOCUMENT_ROOT ]
10. Fixed a bug which prevented the configuration directive
from
functioning.
11. Added package management. Available packages are configured via the
configuration tag, and the packages configuration option.
The configuration tag configures the "master" list of available
packages, while the packages configuration option controls which packages
are available for a specific virtual domain.
CODE is a unique identifier used for the package.
NAME is the name of the package.
DESCRIPTION is a brief description of the package.
VERSION is the version of the package.
PATH is the *full* path to a .tar file containing the files
required by the package.
DEFAULTPATH is the default installation path. This path will
be used as the default by the Miva Package Manager.
Once a package has been defined by the tag, it must be
made available to a domain (or domains) via the packages configuration
option:
packages=merchant,order
Note: may not be used in a tag, and it
must be specified *before* any tags in the Miva
configuration file. However, packages may be used in a
tag, if desired.
12. Added package management builtin functions:
miva_package_list
Returns a comma separated list of the codes of available
packages.
miva_package_name( code )
Returns the name of the package specified by code.
miva_package_description( code )
Returns the description of the package specified by code.
miva_package_version( code )
Returns the version of the package specified by code.
miva_package_defaultpath( code )
Returns the default installation path of the package
specified by code.
miva_package_extract( code, directory, license )
Attempts to extract the package specified by code into
the directory specified by directory. If an error occurs,
a description of the error is returned. Otherwise, NULL
is returned.
13. Fixed a bug which caused STANDARDOUTPUTLEVEL and/or ERROROUTPUTLEVEL not
to be restored upon returning from a function call that changed the
value(s),
if the values had not been changed from the defaults by the caller of the
function.
14. Fixed a bug which prevented fdelete from removing directories.
Changes from 3.56
-----------------
1. Fixed a bug which prevented the sdelete() builtin function
from working.
2. Fixed a bug in MvCALL which prevented text which immediately
preceded EOF from being processed correctly.
Changes from 3.55
-----------------
1. Fixed a bug in MvCALL that prevented fields from being passed
when the METHOD attribute was GET.
Changes from 3.54
-----------------
1. Fixed a bug in the handling of multipart/form-data that could
cause data corruption and deadlocks.
2. Fixed a bug in MvCALL regarding the handling of slashes in
the middle of an unquoted attribute value.
3. Fixed a bug in MvCALL regarding the handling of attributes with
empty values.
4. Fixed a bug in MvCALL regarding the handling of slashes at the
ends of tags (ie ).
5. Fixed a bug which would cause Miva to go into an infinite loop
if the builtin function glosub was called with a NULL search
parameter.
6. Changed the wording of the error message displayed when attempting
to access an unopened database to be grammatically correct.
Changes from 3.52
-----------------
1. Fixed a bug which affected the generation of temporary filenames
under most UNIX platforms.
Changes from 3.51
-----------------
1. Fixed a bug which prevented scripts from passing arguments when
using CGI-style URLs.
2. Fixed a bug which caused the miva_getvarlist builtin function to
return all system variables twice.
3. Fixed a bug in the generation of temporary filenames which would
cause MvPOP to fail when downloading large numbers of Email
messages.
Changes from 3.50
-----------------
1. CyberCash results which return multiple results (query, etc..) now
have their results sorted properly.
2. tagname_Error attributes to the MIVA tag are no longer case-sensitive.
Changes from 3.22
-----------------
1. Fixed a bug which caused the recno database variable to be clobbered
by an loop.
2. Fixed a bug which caused Miva to enter an infinite loop when reading
some xBase memo files.
3. Fixed a bug which caused an MvDELETE or MvUNDELETE to update the current
database record, which made indexes get out of sync, and caused "Record
not in index" errors.
4. Fixed a bug which caused the documenturl system variable to contain
the port number when used via an SSL connection on the standard SSL
port (443).
5. Added support for the CyberCash Cash Register API.
6. Added support for HTTP file upload.
7. A new configuration option, validextensions, has been added.
validextensions=.mv,.hts
When defined, Miva will only execute scripts with one
of the extensions listed.
8. A new configuration variable, contentbuffersize has been added.
contentbuffersize configures the buffer size used when reading POST'ed
FORM data. The default value is 8192.
9. The CGI version of Miva will now exit with a timeout error
when the following signals are received:
SIGHUP
SIGINT
SIGQUIT
SIGPIPE
SIGTERM
10. Variable names posted from an HTML FORM or passed on the URL
command line are no longer checked for invalid characters. If
a variable name contains a character that may not be used in an
expression (i.e. -, +, *, %, etc..) it can be escaped by prepending
a backslash.
11. Added builtin functions to manipulate files in the script directory.
The following functions are functional equivalents the "f" functions,
except that they manipulate files in the script directory:
sexists( path )
smkdir( path )
sdelete( path )
scopy( source, dest )
srename( source, dest )
schmod( path, mode )
ssize( path )
smode( path )
The following functions transfer files from the script directory
to the data directory (functions starting in "sf") or from the
data directory to the script directory (functions starting in "fs"):
fscopy( source, dest )
sfcopy( source, dest )
fsrename( source, dest )
sfrename( source, dest )
12. Two new system variables have been added to allow scripts to deal with
globaltimeout:
globaltimeout Contains the maximum number of seconds that the
current script may execute
dyn_time_remaining Contains the number of seconds that may elapse
before the current script is terminated
13. The following builtin functions have been added:
isalpha( string )
isupper( string )
islower( string )
isdigit( string )
isxdigit( string )
isalnum( string )
isspace( string )
ispunct( string )
isprint( string )
isgraph( string )
iscntrl( string )
isascii( string )
14. The following builtin functions have been added:
abs( number )
acos( number )
asin( number )
atan( number )
atan2( x, y )
ceil( number )
cos( number )
cosh( number )
exp( number )
floor( number )
fmod( x, y )
int( number )
log( number )
log10( number )
sin( number )
sinh( number )
sqrt( number )
tan( number )
tanh( number )
15. Two new system variables have been added:
tm_usec
dyn_tm_usec
The variables contain the current microsecond relative to tm_sec/
dyn_tm_sec. Note that under Windows, the operating system only
allows Miva to receive this value in 50-0 increments.
16. MvDO is now subject to the maxfunctiondepth configuration limit. This
prevents MvDO loops from causing a stack overflow.
17. A new builtin function, miva_getvarlist, has been added.
miva_getvarlist( scope )
Returns a comma separated list of variables in the specified scope
18. Runtime errors may now be controlled on a per-tag basis.
For example:
Would cause all runtime errors generated by MvOPEN to be
fatal (script execution stops) and displayed (Miva outputs
the error message).
Would cause all runtime errors generated by MvOPEN to be
non-fatal (script execution continues) and not to be
displayed by Miva.
Changes from 3.21
-----------------
1. Fixed a bug which prevented MvPOP from loading the system variables
describing an e-mail message.
2. Fixed a bug which caused MvPACK to fail when packing databases contained
in a sub-directory on some platforms.
3. Changed the handling of large number comparisons. Miva should now handle
very large numbers correctly.
4. Strings consisting solely of spaces are now NOT EQUAL to NULL. Previous
versions of Miva (and Htmlscript) considered them equal.
5. Fixed a bug which caused MvHIDE to change the case of variable names.
Changes from 3.2
----------------
1. Fixed a crash which occurred when MvEXIT was used inside a function.
2. Fixed an error message which would occur when workdir was defined in
the configuration file.
Changes from 1.12
-----------------
1. redirectonly configuration variable
A new configuration variable, redirectonly, has been
added to the CGI versions of Miva. This flag allows you
to configure Miva to only allow itself to be invoked
via Apache redirect.
redirectonly=yes|no
2. serveruserid configuration variable
A new configuration variable, serveruserid, has been
added to the CGI versions of Miva. serveruserid allows you
to control which user id may execute the Miva binary. This
allows you to prevent people with shell access from executing
the Miva binary from a shell prompt.
serveruserid=[numeric userid]
3. GET support
Miva now supports name/value pairs as part of the URL. This
allows Miva to process HTML FORMs submitted using a METHOD of
GET. In addition, it makes parsing the s.argN variables a
thing of the past.
A global variable is created for each variable passed in the
URL. For example, the URL:
http://www.somesite.com.mv?VarA=This+is+a+test&VarB=123
would create two global variables:
VarA = This is a test
VarB = 123
If a variable is specified without a value, it will be created
with its value equal to the name of the variable.
4. UPS OnLine Cost Calculation
MvCOMMERCE now supports a METAMETHOD of UPSCost. This allows
you to do *online* calculation of UPS shipping charges using
UPS' CGI gateway.
Syntax:
The value of the FIELDS attribute is dependent on the request, and
is beyond the scope of this document. You can see ups.mv for
a partial list, or download the complete documentation from
UPS' web site.
Depending on the services requested, MvCOMMERCE will iterate
once or multiple times. Iteration may be stopped by using
MvCOMMERCESTOP.
While inside the MvCOMMERCE block, the following variables are
available:
errmsg Description of error, or NULL if no
error occurred.
errorcode Numeric code of error, or NULL if no
error occurred.
message Informational message
product UPS product code
orig_postal Shipment source postal code
orig_country Shipment source country code
dest_postal Shipment destination postal code
dest_country Shipment destination country code
zone UPS shipping zone
weight Shipment weight
productchrg Shipment charge, minus any accessory or
surcharges
accs_surcharg Shipment accessory or surcharges
totalchrg Total cost of shipment
time Commit time, or -1 if EOD
5. dBase III Memo Fields
dBase III memo fields are now supported.
Syntax:
Memo field data is stored in a separate file. The memo file
has the same name as the database file, but with the extension
.DBT. The memo file is automatically created/opened by Miva.
Due to the structure of the dBase III memo file, all updates are
done by simply appending the new data to the end of the file.
To prevent the memo files from growing out of control, Miva only
updates the memo file when a field is considered "dirty." A
field is flagged as dirty whenever a value is assigned to it,
even if that value is the same as the previous value of the field.
6. MvFILTER
A new tag, MvFILTER, has been added. MvFILTER provides a fast,
easy way to do sequential searches through a dBase database.
Syntax:
After specifying a filter, only fields which match the filter
will be "visible."
The variables totrec and recno will still refer to the total
number of records in the database and the absolute record
number.
When using MvFIND with a filter, the first record which matches
both the value being searched for and the filter will be found.
7. MvDO
A new tag, MvDO, has been added. MvDO provides an easy way
to include HTML and/or Miva code from supplemental script
files.
Syntax:
If the NAME and VALUE attributes are specified, Miva will
evaluate the expression in VALUE and store the result into
NAME (this would be used, for example, to call a function
in the file specified by FILE).
If NAME/VALUE are not specified, Miva will simply begin
executing the file specified by FILE from the top, and
will merge the output of the supplemental file with the
output of the primary file.
8. encodeentities/decodeentities
Two new builtin functions are provided to encode and decode
HTML entities (ie >, <, etc..).
Syntax:
9. makesessionid/Cookies
Cookies have been revamped again. The htscallerid cookie now
expires one year after being set, and has been lengthened to
128 bits to aid uniqueness.
In addition, a builtin function, makesessionid, has been
provided to generate a 128 bit unique id.
Syntax:
10. MvLOCKFILE
...
MvLOCKFILE exclusively locks a file.
11. Macro Encoding
The output of macros may now be optionally encoded:
&[ [:encoding] ]
Where encoding is one of the following:
entities Functionally the same as encodeentities()
attribute Functionally the same as encodeattribute()
i.e.:
&[ g.FormField:entities ]
Changes from 1.1
----------------
1. The security system has been redesigned.
By default, Miva runs in its most secure mode. In the event
that this conflicts with your system configuration, you will
need to enable one or more options using the securityoptions
configuration directive.
securityoptions is a bitmask. Each bit turns on a specific
feature. The bits are as follows:
MSB LSB
... 00000
^^^^^
|||||
||||+-- [1] Follow symlinks in script directory
|||+--- [2] Ignore symlink ownership in script directory
||+---- [4] Follow symlinks in data directory
|+----- [8] Ignore symlink ownership in data directory
+------ [16] Allow absolute paths for data files
By default, all bits are turned off (value of 0). To enable
one or more flags, add the value in square brackets ([]).
For example, to enable following symlinks in the script directory
AND the data directory, you would set securitylevel to 5.
2. New variables have been added for xBase fields of type DATE:
Assuming fieldname is the name of a database date field:
fieldname_raw contains a YYYYMMDD format string
fieldname_day contains the day of the month
fieldname_month contains the month of the year
fieldname_year contains the year
fieldname still contains a time_t representation of
the field value.
3. Fixed a bug in the sitevars processor that would cause
an extra carriage return to be appended to every variable.
4. Fixed another bug in the indexing algorithm that would
cause "Record is not in index" error messages.
5. Changed scope names to be non case-sensitive.
6. Added a check and error message for nested 2.x-style tags.
7. Fixed a bug that would cause index operations with numbers
longer than 12 digits to fail.
8. Fixed a bug that would sometimes cause a crash when a single
variable containing more than 8192 bytes was evaluated.
9. Fixed a bug that prevented arguments to function calls in an
index expression from being saved to the index.
10. Fixed a bug that caused "Mismatched Parenthesis" errors when
parameters to functions contained parenthesis.
11. Fixed a bug that would sometimes cause a crash when calling
a forward-referenced function with no parameters.
12. Fixed a bug that would cause a crash when a function contained
a mismatched IF.
13. Fixed a bug that caused occasional corruption of database
date fields.
14. Added a check for multiple function declarations with the
same name.
15. Added a check to prevent opening multiple databases with the
same NAME attribute.
16. A new builtin function, padl, has been added.
padl( string, length, pad_character )
Will pad "string" to length characters long, using
pad_character.
Pad characters are added to the beginning of the string.
17. A new builtin function, padr, has been added.
padr( string, length, pad_character )
Will pad "string" to length characters long, using
pad_character.
Pad characters are added to the end of the string.
18. A new builtin function, glosub, has been added.
glosub( string, search, replace )
Will globally search for "search" in string and replace it with
"replace."
19. A new configuration directive, dnslookup, has been added.
dnslookup controls whether Miva will attempt to resolve
directives to IP addresses, or compare them
as they appear in the file. The default value for dnslookup
is 1.
20. The authfile configuration directive is now honored in standard mode.
21. Fixed numerous bugs in the expression analyzer.
22. Fixed cookies.
23. The EXPRESSION attribute to has been deprecated in favor
of EXPR.
24. Fixed a bug in the mktime_t builtin function that would cause the
incorrect timezone to be applied.
25. Fixed a backwards-compatibility bug in the handling of flat files
that would cause whitespace to be removed from fields on import.
26. Added a check and error message for database field names longer than
10 characters.
27. Added a new value for the securitylevel configuration directive
that permits symbolic links in data/script directories. See
the administration manual for more information.
Changes from 1.0
----------------
1. Fixed a serious bug in the indexing algorithm that would cause
records to mysteriously disappear or appear in the incorrect order.
2. Variables passed from a form via POST are now canonically mapped
using the following rules:
. is replaced with _
3. A new configuration variable, securitylevel, is provided to control
the level of restriction on access to data files.
securitylevel=0
Allows Miva applications to read/write data files
(subject to normal UNIX permissions) that are outside
of the configured data directory, via symbolic links
or ../ in the file path.
securitylevel=1 (default)
Does not allow Miva applications to read or write
data outside of the configured data directory.
4. Fixed a security flaw that would allow remote users to read any file
owned by a user authorized to run Miva.
5. Changed the old Htmlscript-style MAIL tag to automatically delete
messages on the POP3 server as they are downloaded. This was the
behavior under Htmlscript 2.99.
6. Fixed a bug which would cause an "Unexpected end of file looking for
" error when the MvPOP tag was used and no messages were
available.
7. Added "Line:" in front of line numbers in error messages to prevent
confusion.
8. NSAPI version only -- added the URI system variable.
9. Added a Host: request line in the HTTP headers sent by the MvCALL tag.
This resolves "404 File Not Found" errors when calling URLs on servers
running software virtual domains.
### end CHANGELOG ###
|
|
