[cgiapp] Internationalization with Locale::Maketext
Jerry Kaidor
jerry at tr2.com
Thu Jun 3 01:06:56 EDT 2010
> On Thu, May 27, 2010 at 6:29 AM, Jerry Kaidor <jerry at tr2.com> wrote:
>> Jani-Hur wrote
>>
>>> I'm new to web programming. Thanks to economical turmoil I've plenty of
>>> free time
>>
>> *** I've been meaning to write an intro post myself. Like in the AA
>> meetings:
>>
>> "My name is Jerry Kaidor, and I'm a programmer..."
>>
>> Well, I used to be a programmer. Did it for a living for 20 years.
>> Mostly embedded systems, networking equipment, lots of C and assembler.
>
> Hi Jerry,
>
> Looks like your post got buried inside this thread :)
*** Yeah, I should have started my own instead of trying to hijack
Jani-Hur's....
> As for source code control, might I suggest subversion over CVS.
*** Yes, I arrived at this conclusion myself. After putting together a
CVS repository, I moved to svn.
They
> use the same basic underlying principles but subversion seems to be
> much more mature and robust (although I haven't looked at CVS in over
> 10 years, so perhaps things have changed for the better). Also, a lot
> of people swear by 'git'
*** Git seems a little cryptic to me. I don't want to make a career of
taming a version control system. And my project is nowhere near big
enough to where I'd worry about the version control system's performance.
And I'm not looking for another programmer job, so I don't have to worry
about being "buzzword compliant" :).
The next step is to figure out an access control scheme. I have to do
that up front, because access control is part of the forest of run
modes.
What's the 800-pound gorilla among access control schemes that works well
with cgiapp?
Right now, I use a couple of things: First, the webserver demands HTTPS
for the cgi directories. Second, I use basic authentication. I use it
because somebody else who knew what they were doing wrote it :). Third,
I use my own login/password screen. When a user logs in, an MD5 hash is
created off of all the interesting and unique things I could easily
find. Things like the username, the IP address of his computer, the
exact time when he logged in, etc etc. The hash is stored in an SQL
table of sessions, which also includes times of last use. The session
ID and hash are passed around as CGI parameters and verified for each
page. A housekeeping cron task ages out unused sessions. There is also
a system of permissions for each user. As I develop my code I keep
finding individual actions that are worth adding a permission for.
I am sure that my system is quite broken, and there is much better stuff
out there :).
- Jerry Kaidor
More information about the cgiapp
mailing list