Changes for version 3.54 - 2009-03-22

  • build CPAN dist
  • All request parameter values will be filtered by default from now on. This is done to prevent XSS vulnerabilities. The filtering is pretty simple, as it is just translating angle brackets, < and >, and quotes, " and ', into their named-entity equivalents &lt;\ and &gt;. If for some an application requires that all request parameter values be unfiltered (which is not safe, and opens the application up to XSS vulnerabilities), then they can specify a config option named 'unfiltered_params'. This value can be set to either '1' or 'on'. Also, if access to a request parameter is needed unfiltered, then the uf_params() method may be used.
  • Explicitly close auth database handle in Authorization and Authentication handlers on failure so that connections aren't left hanging around when Apache::DBI isn't being used.
  • Explicitly close database handles in Gantry cleanup() method so that connections aren't left hanging around when Apache::DBI isn't being used.
  • Change use of DBI->connect_cached() in Gantry::Utils::ModelHelper to DBI->connect() to prevent "idle in transaction" cases when Apache::DBI isn't being used and auto commit is turned off. What ends up happening is when a rollback or commit isn't explicitly issued, the transaction is left open on the database server in a "idle in transaction" state, even though the request has finished being processed.
  • Enhance results.tt
  • Add no_options configuration item to suppress header and row options.
  • Add options for adding a pre header row.
  • Allow more customizing via classes.
  • Add ability to specifiy a plugin directory.
  • Documentation cleanup.
  • Allow a custom template to be specified for CRUD delete action.
  • Allow foreign_display_rows to be constrained.
  • Don't read all rows into memory before processing.
  • Fix bug in is_date. check_date is not a class method.
  • Fix a bug with cgi engine. Post params were not being included as part of the cgi object because $self->get_post_body() gets the post body from the cgi object, which hadn't been created yet.
  • Fixed a bug with form.tt where input_value wasn't being reset.
  • Changed form.tt to not output a value attribute when the field has no value.
  • Changed FormMunger to throw an error when an invalid form field is specified. This prevents the form from getting corrupted.
  • Add option to allow form validation errors to be grouped together by the field. This allows for more versbose error reporting.
  • Skip form validation for non post requests. The results were being discarded anyways.
  • Add *.* to list of web_dirs so that files in the top level directory are also installed.
  • Fix bug in MP13.pm where adding headers would overwrite the previous header instead of appending.
  • update mod_perl2 test -- skip tests if Apache2::Request does not exist
  • Updated the documentation, add an external exception handler. Works correctly with the standalone server.
  • Added some experimental code to throw exceptions and catching them in a state machine. This would allow redirects and such to become exceptions, which could then be handled locally or within the handler.

Documentation

Frequently Asked Questions regarding Gantry::Conf
Tutorial on how to use Gantry::Conf
Table of Contents for Gantry documentation
A document explaining Gantry's features and history
Gantry How Tos
how database connection info flows through Gantry
Frequently asked questions and answers about gantry
Getting your first Gantry app up and running
The Gantry Tutorial
What's a framework and why should I want one?

Modules

Web application framework for mod_perl, cgi, etc.
a Module::Build subclass for Gantry apps
Gantry's Flexible Configuration System
Base class for all Gantry::Conf providers
Uses Config::General to configure your Gantry application
Uses Config::Tiny to configure your Gantry application
Base class for all Gantry::Conf::Provider::HTTP modules
Uses Config::General to configure your Gantry application
Configure via ModPerl::ParamBuilder
Configure via PerlSetVar's in httpd.conf
Store your configuration in a PostgreSQL database
The Core for User Management and Administration
Authentication by IP
Database based authentication
AuthenBase subclass for normal ORMs
AuthenBase subclass for normal ORMs
Page based access control.
AuthenBase subclass for CDBI ORMs
AuthenBase subclass for normal ORMs
Database based authorization.
Database based authorization for Class::DBI.
Database based authorization for most ORMs.
Group management for the Gantry library
Page based control adminstration.
User Management
model for auth_group_members table
model for auth_groups table
model for auth_pages table
model for auth_users table
model for auth_group_members table
Model Component for auth_group_members table
model for auth_groups table
model for auth_pages table
Model Component for the auth_pages table
model for auth_users table
Model Component for auth_users Control table
CGI plugin ( or mixin )
mod_perl 1.0 plugin ( or mixin )
mod_perl 2.0 plugin ( or mixin )
Structured exceptions for Gantry
Gantry install options
helper for AJAX based CRUD work
helper for AJAX based Form processing
Plugin for cookie based authentication
provides CRUD support
the actual CRUD for CDBI AutoCRUD
the actual CRUD for DBIx::Class AutoCRUD
helper for somewhat interesting CRUD work
A Plugin for initializing cache processing
A Plugin interface to a caching subsystem
A Plugin interface to a caching subsystem
A Plugin interface to a caching subsystem
DBIx::Class schema accessor mixin
A plugin for caching application pages
document style SOAP support
RPC style SOAP support
Plugin for cookie based session management
Static file method
Validates input values.
HTTP::Server::Simple::CGI subclass providing stand alone server
Main stash object for Gantry
Stash object for the controller
Stash object for the view
Stash object for the view's form
Default state handler for Gantry
A state machine for Gantry that uses exceptions
A simple state machine for Gantry
Default text plugin for Gantry.
Framing plugin for Gantry.
Template Toolkit plugin for Gantry.
Class::DBI base model for Gantry Auth
Class::DBI base class for Gantry applications
a way to call a controller's method from a CRON script
helper routines for CRUD plugins
a way to mange captchas
an easy way to crypt and decrypt
Database wrapper functions, specfic to PostgreSQL
connection info and dbh cache manager base module
connection info and dbh cache manager for mod_perl 1
connection info and dbh cache manager for mod_perl 2.0
connection info and dbh cache manager for scripts
a DBIx::Class subclass models can inherit from
A CRUD form validation error object
Munges form hashes like the ones bigtop makes.
HTML tag generators.
a general purpose Object Relational Model base class
base class for auth database modelers
base class for database modelers
mixin for model base classes
PODViewer application
This module will set the client ip
SQL routines.
enforces retrieve permssions on main listings
Form processing util for a three-way join
Validates input values.
decrypter for AuthCookie plugin

Provides

in lib/Gantry/Plugins/AuthCookie.pm
in lib/Gantry/Server.pm
in lib/Gantry/State/Constants.pm
in lib/Gantry/Utils/PODViewer.pm
in lib/Gantry/Stash/Controller.pm
in lib/Gantry/Stash/View/Form.pm
in lib/Gantry/Stash.pm
in lib/Gantry/Stash/View.pm