| Version 3.59 Dec 29th, 2011 |
| |
| [BUG FIXES] |
| - We no longer read from STDIN when the Content-Length is not set, preventing |
| requests with no Content-Length from freezing in some cases. This is consistent |
| with the CGI RFC 3875, and is also consistent with CGI::Simple. However, the old |
| behavior may have been expected by some command-line uses of CGI.pm. |
| Thanks to Philip Potter and Yanick Champoux. See RT#52469 for details: |
| https://rt.cpan.org/Public/Bug/Display.html?id=52469 |
| |
| [INTERNALS] |
| - remove tmpdirs more aggressively. Thanks to rjbs (RT#73288) |
| - use Text::ParseWords instead of ancient shellwords.pl. Thanks to AlexBio. |
| - remove use of define(@arr). Thanks to rjbs. |
| - spelling fixes. Thanks to Gregor Herrmann and Alessandro Ghedini. |
| - fix test count and warning in t/fast.t. Thanks to Yanick. |
| |
| Version 3.58 Nov 11th, 2011 |
| |
| [DOCUMENTATION] |
| - Clarify that using query_string() only has defined behavior when using the GET method. (RT#60813) |
| |
| Version 3.57 Nov 9th, 2011 |
| [INTERNALS] |
| - test failure in t/fast.t introduced in 3.56 is fixed. (Thanks to zefram and chansen). |
| - Test::More requirement has been bumped to 0.98 |
| |
| Version 3.56 Nov 8th, 2011 |
| |
| [SECURITY] |
| Use public and documented FCGI.pm API in CGI::Fast |
| CGI::Fast was using an FCGI API that was deprecated and removed from |
| documentation more than ten years ago. Usage of this deprecated API with |
| FCGI >= 0.70 or FCGI <= 0.73 introduces a security issue. |
| <https://rt.cpan.org/Public/Bug/Display.html?id=68380> |
| <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2766> |
| (Thanks to chansen) |
| |
| [INTERNALS] |
| - tmp files are now cleaned up on VMS ( RT#69210, thanks to cberry@cpan.org ) |
| - Fixed test failure: done_testing() added to url.t (Thanks to Ryan Jendoubi) |
| - Clarify preferred bug submission location in docs, and note that Mark Stosberg |
| is the current maintainer. |
| |
| Version 3.55 June 3rd, 2011 |
| |
| [THINGS THAT MAY BREAK YOUR CODE] |
| url() was fixed to return "PATH_INFO" when it is explicitly requested |
| with either the path=>1 or path_info=>1 flag. |
| |
| If your code is running under mod_rewrite (or compatible) and you are calling self_url() or |
| you are calling url() and passing path_info=>1, These methods will actually be |
| returning PATH_INFO now, as you have explicitly requested, or has self_url() |
| has requested on your behalf. |
| |
| The PATH_INFO has been omitted in such URLs since the issue was introduced |
| in the 3.12 release in December, 2005. |
| |
| This bug is so old your application may have come to depend on it or |
| workaround it. Check for application before upgrading to this release. |
| |
| Examples of affected method calls: |
| |
| $q->url(-absolute => 1, -query => 1, -path_info => 1 ) |
| $q->url(-path=>1) |
| $q->url(-full=>1,-path=>1) |
| $q->url(-rewrite=>1,-path=>1) |
| $q->self_url(); |
| |
| Version 3.54, Apr 28, 2011 |
| No code changes |
| |
| [INTERNALS] |
| - Address test failures in t/tmpdir.t, thanks to Niko Tyni. |
| Some tests here are failing on some platforms and have been marked as TODO. |
| |
| Version 3.53, Apr 25, 2011 |
| |
| [NEW FEATURES] |
| - The DELETE HTTP verb is now supported. |
| (RT#52614, James Robson, Eduardo Ari�o de la Rubia) |
| |
| [INTERNALS] |
| - Correct t/tmpdir.t MANIFEST entry. (RT#64949) |
| - Update minimum required Perl version to be Perl 5.8.1, which |
| has been out since 2003. This allows us to drop some hacks |
| and exceptions (Mark Stosberg) |
| |
| Version 3.52, Jan 24, 2011 |
| |
| [DOCUMENTATION] |
| - The documentation for multi-line header handling was been updated to reflect |
| the changes in 3.51. (Mark Stosberg, ntyni@iki.fi) |
| |
| [INTERNALS] |
| - Add missing t/tmpfile.t file. (RT#64949) |
| - Fix warning in t/cookie.t (RT#64570, Chris Williams, Rainer Tammer, Mark Stosberg) |
| - Fixed logic bug in t/multipart_init.t (RT#64261, Niko Tyni) |
| |
| Version 3.51, Jan 5, 2011 |
| |
| [NEW FEATURES] |
| - A new option to set $CGI::Carp::TO_BROWSER = 0, allows you to explicitly |
| exclude a particular scope from triggering printing to the browser when |
| fatatlsToBrowser is set. (RT#62783, Thanks to papowell) |
| - The <script> tag now supports the "charset" attribute. |
| (RT#62907, Thanks to Fabrice Metge) |
| - In CGI::Cookie, "Max-Age" is now supported for better spec compliance. |
| (Mark Stosberg) |
| |
| [BUG FIXES] |
| - Setting charset() now works for all content types, not just "text/*". |
| (RT#57945, Thanks to Yanick and Gerv.) |
| - support for user temporary directories ($HOME/tmp) was commented out |
| in 2.61 but the documentation wasn't updated (Peter Gervai, Niko Tyni) |
| - setting $CGITempFile::TMPDIRECTORY before loading CGI.pm has been |
| working but undocumented since 3.12 (which listed it in Changes as |
| $CGI::TMPDIRECTORY) (Peter Gervai, Niko Tyni) |
| - unfortunately the previous change broke the runtime check for looking |
| for a new temporary directory if the current one suddenly became |
| unwritable (Peter Gervai, Niko Tyni) |
| - A bug was fixed in CGI::Carp triggered by certain death cases in |
| the BEGIN phase of parent classes. |
| (RT#57224, Thanks to UNERA, Yanick Champoux, Mark Stosberg) |
| - CGI::Cookie->new() now follows the documentation and returns undef |
| if the -name and -value args aren't provided. This new behavior is also |
| consistent with the docs and code of CGI::Simple::Cookie. (Mark Stosberg) |
| - CGI::Cookie->parse() now trims leading and trailing whitespace from cookie |
| elements as intended. The change also makes this part of the parsing |
| identical to CGI::Simple::Cookie (Mark Stosberg) |
| - Temp file handling was improved (RT#62762) |
| |
| [SECURITY] |
| - Further improvements have been made to guard against newline injections |
| in headers. (Thanks to Max Kanat-Alexander, Yanick Champoux, Mark Stosberg) |
| |
| [PERFORMANCE] |
| - Make EBCDIC a compile-time constant so there's zero overhead (and less |
| compiled code) in subroutines that test for it. (Tim Bunce) |
| - If you just want to use CGI::Cookie, CGI.pm will no longer be loaded |
| unless you call the bake() method, which requires it. (Mark Stosberg) |
| |
| [DOCUMENTATION] |
| - quit referring to the <link> tag as being "rarely used". (Victor Sanders) |
| - typo and whitespace fixes (RT#62785, thanks to scop@cpan.org) |
| - The -dtd argument to start_html() is now documented |
| (RT#60473, Thanks to giecrilj and steve@fisharerojo.org) |
| - CGI::Carp doc are updated to reflect that it can work with mod_perl 2.0. |
| - when creating a temporary file in the directory fails, the error message |
| could indicate the root of the problem better (Peter Gervai, Niko Tyni) |
| |
| [INTERNALS] |
| - Re-fixing https test in http.t. (RT#54768, thanks to SPROUT) |
| - param_fetch no longer triggers a warning when called with no arguments (ysth, Mark Stosberg) |
| |
| Version 3.50, Nov 8, 2010 |
| |
| [SECURITY] |
| 1. The MIME boundary in multipart_init is now random. |
| Thanks to Byron Jones, Masahiro Yamada, Reed Loden, and Mark Stosberg |
| 2. Further improvements to handling of newlines embedded in header values. |
| An exception is thrown if header values contain invalid newlines. |
| Thanks to Michal Zalewski, Max Kanat-Alexander, Yanick Champoux, |
| Lincoln Stein, Fr�d�ric Buclin and Mark Stosberg |
| |
| [DOCUMENTATION] |
| 1. Correcting/clarifying documentation for param_fetch(). Thanks to |
| Ren�e B�cker. (RT#59132) |
| |
| [INTERNALS] |
| 1. Fixing https test in http.t. (RT#54768) |
| 2. Tests were added for multipart_init(). Thanks to Mark Stosberg and CGI::Simple. |
| |
| Version 3.49, Feb 5th, 2010 |
| |
| [BUG FIXES] |
| 1. Fix a regression since 3.44 involving a case when the header includes "Content-Length: 0". |
| Thanks to Alex Vandiver (RT#51109) |
| 2. Suppress uninitialized warnings under -w. Thanks to burak. (RT#50301) |
| 3. url() now uses virtual_port() instead of server_port(). Thanks to MKANAT and Yanick Champoux. (RT#51562) |
| 4. CGI::Carp now properly handles stringifiable objects, like Exception::Class throws (RT#39904) |
| |
| [SECURITY] |
| 1. embedded newlines are now filtered out of header values in header(). |
| Thanks to Mark Stosberg and Yanick Champoux. |
| |
| [DOCUMENTATION] |
| 1. README was updated to reflect that CGI.pm was moved under ./lib. |
| Thanks to Alex Vandiver. |
| |
| [INTERNALS] |
| 1. More tests were added for autoescape, thanks to Bob Kuo. (RT#25485) |
| 2. Attempt to avoid test failures with t/fast, thanks to Steve Hay. (RT#49599) |
| |
| Version 3.48, Sep 25, 2009 |
| |
| [BUG FIXES] |
| 1. <optgroup> default values are now properly escaped. |
| Thanks to #raleigh.pm and Mark Stosberg. (RT#49606) |
| 2. The change to exception handling in CGI::Carp introduced in 3.47 has been |
| reverted for now. It caused regressions reported in RT#49630. |
| Thanks to mkanat for the report. |
| |
| [DOCUMENTATION] |
| 1. Documentation for upload() has been overhauled, thanks to Mark Stosberg. |
| 2. Documentation for tmpFileName has been added. Thanks to Mark Stosberg and Nathaniel K. Smith. |
| 3. URLS were updated, thanks to Leon Brocard and Yanick Champoux. (RT#49770) |
| |
| [INTERNALS] |
| 1. More tests were added for autoescape, thanks to Bob Kuo. (RT#25485) |
| |
| Version 3.47, Sep 9, 2009 |
| |
| No code changes. |
| |
| [INTERNALS] |
| Re-release of 3.46, which did not contain a proper MANIFEST |
| |
| Version 3.46 |
| |
| [BUG FIXES] |
| 1. In CGI::Pretty, we no longer add line breaks after tags we claim not to format. Thanks to rrt, Bob Kuo and |
| and Mark Stosberg. (RT#42114). |
| 2. unescapeHTML() no longer falsely recognizes certain text as entities. Thanks to Pete Gamanche, Mark Stosberg |
| and Bob Kuo. (RT#39122) |
| 3. checkbox_group() now correctly includes a space before the "checked" attribute. |
| Thanks to Andrew Speer and Bob Kuo. (RT#36583) |
| 4. Fix case-sensitivity in http() and https() according to docs. Make https() |
| return list of keys in list context. Thanks to riQyRoe and Rhesa Rozendaal. (RT#12909) |
| 5. XHTML is now automatically disabled for HTML 4, as well as HTML 2 and HTML 3. Thanks to |
| Dan Harkless and Yanick Champoux. (RT#27907) |
| 6. Pre-compiling 'end_form' with ':form' switch now works. Thanks to ryochin and Yanick Champoux. (RT#41530) |
| 7. Empty name/values pairs are now properly saved and restored from filehandles. Thanks to rlucas and |
| Rhesa Rozendaal (RT#13158) |
| 8. Some differences between startform() and start_form() have been fixed. Thanks to Slaven Rezic and |
| Shawn Corey. (RT#22046) |
| 9. url_param() has been updated to be more consistent with the documentation and param(). |
| Thanks to Britton Kerin and Yanick Campoux. (RT#43587) |
| 10.hidden() now correctly supports multiple default values. |
| Thanks to david@dierauer.net and Russell Jenkins. (RT#20436) |
| 11.Calling CGI->new() no longer clobbers the value of $_ in the current scope. |
| Thanks to Alexey Tourbin, Bob Kuo and Mark Stosberg. (RT#25131) |
| 12.UTF-8 params should not get double-decoded now. |
| Thanks to Yves, Bodo, Burak G�rsoy, and Michael Schout. (RT#19913) |
| 13.We now give objects passed to CGI::Carp::die a chance to be stringified. |
| Thanks to teek and Yanick Champoux (RT#41530) |
| 14.Turning off autoEscape() now only affects the behavior of built-in HTML |
| generation fuctions. Explicit calls to escapeHTML() always escape HTML regardless |
| of the setting. Thanks to vindex, Bob Kuo and Mark Stosberg (RT#40748) |
| 15.In CGI::Fast, preferences set via pragmas are now preserved. |
| Thanks to heinst and Mark Stosberg (RT#32119) |
| |
| [DOCUMENTATION] |
| 1. remote_addr() is now documented. Thanks to Yanick Champoux. (RT#38884) |
| 2. In CGI::Pretty in the list of tags left unformatted was updated to match the code. Thanks to Mark Stosberg. (RT#42114) |
| 3. In CGI::Pretty, performance concerns are now documented. Thanks to Jochen, Rhesa Rozendaal and Mark Stosberg (RT#13223) |
| 4. A number of outdated Netscape references have been removed. Thanks to Mark Stosberg. |
| 5. The documentation has been purged of examples of using indirect object notation. Thanks to Mark Stosberg. |
| 6. Some POD formatting was fixed. Thanks to Dave Mitchell (RT#48935). |
| 7. Docs and examples were updated to highlight start_form instead of startform. |
| Thanks to Slaven Rezic. |
| 8. Note that CGI::Carp::carpout() doesn't work with in-memory filehandles. |
| Thanks to rhubbell and Mark Stosberg. |
| 9. The documentation for the -newstyle_urls is now less confusing. |
| Thanks to Ryan Tate and Mark Stosberg (RT#49454) |
| |
| [INTERNALS] |
| 1. Quit bundling an ancient copy of Test::More and and using a custom 'lib' path for the tests. Instead, Test::More |
| is now a dependency. Thanks to Ansgar and Mark Stosberg (RT#48811) |
| 2. Automated tests for hidden() have been added, thanks to Russel Jenkins and Mark Stosberg (RT#20436) |
| 3. t/util.t has been updated to use Test::More instead of a home-grown test function. Thanks to Bob Kuo. |
| |
| Version 3.45, Aug 14, 2009 |
| |
| [BUG FIXES] |
| 1. Prevent warnings about "uninitialized values" for REQUEST_URI, HTTP_USER_AGENT and other environment variables. |
| Patches by Callum Gibson, heiko and Mark Stosberg. (RT#24684, RT#29065) |
| 2. Avoid death in some cases when running under Taint mode on Windows. |
| Patch by Peter Hancock (RT#43796) |
| 3. Allow 0 to be used as a default value in popup_menu(). This was broken starting in 3.37. |
| Thanks to Haze, who was the first to report this and supply a patch, and pfschill, who pinpointed |
| when the bug was introduced. A regression test for this was also added. (RT#37908) |
| 4. Allow "+" as a valid character in file names, which fixes temp file creation on OS X Leopard. |
| Thanks to Andy Armstrong, and alech for patches. (RT#30504) |
| 5. Set binmode() on the Netware platform, thanks to Guenter Knauf (RT#27455) |
| 6. Don't allow a CGI::Carp error handler to die recursively. Print a warning and exit instead. |
| Thanks to Marc Chantreux. (RT#45956) |
| 7. The Dump() method now is fixed to escape HTML properly. Thanks to Mark Stosberg (RT#21341) |
| 8. Support for <optgroup> with scrolling_list() now works the same way as it does for popup_menu(). |
| Thanks to Stuart Johnston (RT#30097) |
| 9. CGI::Pretty now works properly when $" is set to ''. Thanks to Jim Keenan (RT#12401) |
| 10. Fix crash when used in combination with PerlEx::DBI. Thanks to Burak G�rsoy (RT#19902) |
| |
| [DOCUMENTATION] |
| 1. Several typos were fixed, Thanks to ambs. (RT#41105) |
| 2. A typo related to the nosticky pragma was fixed, thanks to Britton Kerin. (RT#43220) |
| 3. examples/nph-clock.cgi is now more portable, by calling localtime() rather than `/bin/date`, |
| thanks to Guenter Knauf. (RT#27456). |
| 4. In CGI::Carp, the SEE ALSO section was cleaned up, thanks to Slaven Rezic. (RT#32769) |
| 5. The docs for redirect() were updated to reflect that most headers are |
| ignored during redirection. Thanks to Mark Stosberg (RT#44911) |
| |
| [INTERNALS] |
| 1. New t/unescapeHTML.t test script has been added. It includes a TODO test for a pre-existing |
| bug which could use a patch. Thanks to Pete Gamache and Mark Stosberg (RT#39122) |
| 2. New test scripts have been added for user_agent(), popup_menu() and query_string(), scrolling_list() and Dump() |
| Thanks to Mark Stosberg and Stuart Johnston. (RT#37908, RT#43006, RT#21341, RT#30097) |
| 3. CGI::Carp and CGI::Util have been updated to have non-developer version numbers. |
| Thanks to Slaven Rezic. (RT#48425) |
| 4. CGI::Switch and CGI::Apache now properly set their VERSION in their own name space. |
| Thanks to Alexey Tourbin (RT#11941,RT#11942) |
| |
| Version 3.44, Jul 30, 2009 |
| |
| 1. Patch from Kurt Jaeger to allow HTTP PUT even if the content length is unknown. |
| 2. Patch from Pavel merdin to fix a problem for one of the FireFox addons. |
| 3. Fixed issue in mod_perl & fastCGI environment of cookies returned from |
| CGI->cookie() leaking from one session to another. |
| |
| Version 3.43, Apr 06, 2009 |
| |
| 1. Documentation patch from MARKSTOS@cpan.org to replace all occurrences of |
| "new CGI" with CGI->new()" to reflect best perl practices. |
| 2. Patch from Stepan Kasal to fix utf-8 related problems in perl 5.10 |
| |
| Version 3.42, Sep 08, 2008 |
| |
| 1. Added patch from Renee Baecker that makes it possible to subclass |
| CGI::Pretty. |
| 2. Added patch from Nicholas Clark to allow ~ characters in temporary directories. |
| 3. Added patch from Renee Baecker that fixes the inappropriate escaping of fields |
| in multipart headers. |
| |
| Version 3.41, Aug 25, 2008 |
| |
| 1. Fix url() returning incorrect path when query string contains escaped newline. |
| 2. Added additional windows temporary directories and environment variables, courtesy patch from Renee Baecker |
| 3. Added a handle() method to the lightweight upload |
| filehandles. This method returns a real IO::Handle object. |
| 4. Added patch from Tony Vanlingen to fix deep recursion warnings in CGI::Pretty. |
| |
| Version 3.40, Aug 06, 2008 |
| |
| 1. Fixed CGI::Fast docs to eliminate references to a "special" |
| version of Perl. |
| 2. Makefile.PL now depends on FCGI so that CGI::Fast installs properly. |
| 3. Fix script_name() call from Stephane Chazelas. |
| |
| Version 3.39, Jun 29, 2008 |
| |
| 1. Fixed regression in "exists" function when using tied interface to CGI via $q->Vars. |
| |
| Version 3.38, Jun 25, 2008 |
| |
| 1. Fix annoying warning in http://rt.cpan.org/Ticket/Display.html?id=34551 |
| 2. Added nobr() function http://rt.cpan.org/Ticket/Display.html?id=35377 |
| 3. popup_menu() allows multiple items to be selected by default, satisfying |
| http://rt.cpan.org/Ticket/Display.html?id=35376 |
| 4. Patch from Renee Backer to avoid doubled <http-equiv> headers. |
| 5. Fixed documentation bug that describes what happens when a |
| parameter is empty (e.g. "?test1="). |
| 6. Fixed minor warning described at http://rt.cpan.org/Public/Bug/Display.html?id=36435 |
| 7. Fixed overlap of attribute and parameter space described in http://rt.perl.org/rt3//Ticket/Display.html?id=24294 |
| |
| Version 3.37, Apr 22, 2008 |
| |
| 1. Fix pragmas so that they persist over modperl invocations (e.g. RT 34761) |
| 2. Fixed handling of chunked multipart uploads; thanks to Michael Bernhardt |
| who reported and fixed the problem. |
| |
| Version 3.36 |
| |
| 1. Fix CGI::Cookie to support cookies that are separated by "," instead of ";". |
| |
| Version 3.35, Mar 27, 2008 |
| |
| 1. Resync with bleadperl, primarily fixing a bug in parsing semicolons in uploaded filenames. |
| |
| Version 3.34, Mar 18, 2008 |
| |
| 1. Handle Unicode %uXXXX escapes properly -- patch from DANKOGAI@cpan.org |
| 2. Fix url() method to not choke on path names that contain regex characters. |
| |
| Version 3.33, Jan 02, 2008 |
| |
| 1. Remove uninit variable warning when calling url(-relative=>1) |
| 2. Fix uninit variable warnings for two lc calls |
| 3. Fixed failure of tempfile upload due to sprintf() taint failure in perl 5.10 |
| |
| Version 3.32, Dec 27, 2007 |
| |
| 1. Patch from Miguel Santinho to prevent sending premature headers under mod_perl 2.0 |
| |
| Version 3.31, Nov 30, 2007 |
| |
| 1. Patch from Xavier Robin so that CGI::Carp issues a 500 Status code rather than a 200 status code. |
| 2. Patch from Alexander Klink to select correct temporary directory in OSX Leopard so that upload works. |
| 3. Possibly fixed "wrapped pack" error on 5.10 and higher. |
| |
| Version 3.30 |
| |
| 1. Patch from Mike Barry to handle POSTDATA in the same way as PUT. |
| 2. Patch from Rafael Garcia-Suarez to correctly reencode unicode values as byte values. |
| |
| Version 3.29, Apr 16, 2007 |
| |
| 1. The position of file handles is now reset to zero when CGI->new is called. |
| (Mark Stosberg) |
| 2. uploadInfo() now works across multiple object instances. Also, the first |
| tests for uploadInfo() were added as part of the fix. (CPAN bug 11895, with |
| contributions from drfrench and Mark Stosberg). |
| |
| Version 3.28, Mar 29, 2007 |
| |
| 1. Applied patch from Allen Day that makes Cookie parsing RFC2109 compliant |
| (attribute/values can be separated by commas as well as semicolons). |
| 2. Applied patch from Stephan Struckmann that allows script_name() to be set correctly. |
| 3. Fixed problem with url(-full) in which port number appears twice. |
| |
| Version 3.27, Feb 27, 2007 |
| |
| 1. Applied patch from Steve Taylor that allows checkbox_groups to be |
| disabled with a new -disabled=> option. |
| |
| Version 3.26 |
| |
| 1. Fixed alternate stylesheet behavior so that it is insensitive to order of declarations. |
| 2. Patch from John Binns to allow users to provide a callback to CGI::Carp. |
| 3. Added "~" as an unreserved character in escape(). |
| 4. Patch from Chris Fedde to prevent HTTP_HOST from inhibiting SERVER_PORT in url() generation. |
| 5. Fixed outdated documentation (and behavior) of -language in start_html -script option. |
| 6. Fixed bug in seconds calculation in CGI::Util::expire_calc. |
| |
| Version 3.25, Sep 28, 2006 |
| |
| 1. Fixed the link to the Netscape frames page. |
| 2. Added ability to specify an alternate stylesheet. |
| 3. Add support for XForms POST submssion both as application/xml or as multipart/related |
| |
| Version 3.24 |
| |
| 1. In startform(), if request_uri() returns undef, then falls back |
| to self_url(). This should rarely happen except when run outside of |
| the CGI environment. |
| 2. image button alignment options were mistakenly being capitalized, causing xhtml validation to fail. |
| |
| Version 3.23, Aug 23, 2006 |
| |
| 1. Typo in upload() persisted, now fixed for real. Thanks to |
| Emanuele Zeppieri for correct patch and regression test. |
| |
| Version 3.22, Aug 23, 2006 |
| |
| 1. Typo in upload() function broke uploads. Now fixed (CPAN bug 21126). |
| |
| Version 3.21, Aug 21, 2006 |
| |
| 1. Don't try to read data at all when POST > $POST_MAX. |
| 2. Fixed bug that caused $cgi->param('name',undef,'value') to unset param('name') entirely. |
| 3. Fixed bug in which upload() sometimes returns empty. (CPAN bug #12694). |
| 4. Incorporated patch from BURAK@cpan.org to support HTTPcookies (CPAN bug 21019). |
| |
| Version 3.20 |
| |
| 1. Patch from David Wheeler for CGI::Cookie->bake(). Uses mod_perl headers_out->add() |
| rather than headers_out->set(). |
| 2. Fixed problem identified by Andrei Voronkov in which start_form() output was screwed |
| up when initial argument begins with a dash and subsequent arguments do not. |
| 3. Quashed uninitialized variable warnings coming from script_name(), url() and other |
| functions that require access to the PATH_INFO environment variable. |
| |
| Version 3.19 |
| |
| 1. Added patch from Stephen Frost that allows one to suppress use of the temp file that is |
| created during uploads. |
| 2. Fixed problem noted by Martin Foster in which regular expression meta-character terms |
| in the path information were not quoted, causing URL parsing |
| to fail on URLs that contained metacharacters (such as +). |
| 3. More fixes to the url() method. |
| 4. Removed "hack to fix broken PATH_INFO in MSII". |
| |
| Version 3.18 |
| |
| 1. Doc typo fixes. |
| 2. Patch from Steve Peters to default the document type to match the charset. |
| 3. Fixed param() so that param(-name=>'foo',-values=>[]) sets the parameter to empty list. |
| |
| Version 3.17, Feb 24, 2006 |
| |
| 1. Added patch from Mike Hanafey which caused 0 arguments to CGI::Cookie->new() to |
| be treated as empty. |
| 2. Patch to CGI::Carp from Peter Whaite to fix the unfixable problem of CGI::Carp |
| not behaving correctly in an eval() context. |
| 3. CGI::Fast->new() calls CGI->_reset_globals to avoid contamination of one session |
| with another's variables. |
| 4. Fixed upload failure on files that contain semicolons in their names. |
| |
| Version 3.16, Feb 8, 2006 |
| |
| 1. header() -charset option now works even when the MIME type is not "text". |
| 2. Fixed documentation for cookie() function and fastCGI. |
| 3. Upload filehandles now only closed automatically on Windows systems. |
| 4. Apache::Cookie compatibility fix from David Wheeler |
| 5. CGI::Carp->fatalsToBrowser() does not work correctly with |
| mod_perl 2. No workaround is known. |
| 6. Fixed text status code associated with 302 redirects. Should be "Found" |
| but was "Moved". |
| 7. Fixed charset in start_html() and header() to be in synch. |
| |
| Version 3.15, Dec 7, 2005 |
| |
| 1. Remove extraneous "?" from self_url() when URI contains a ? but no query string. |
| |
| Version 3.14, Dec 6, 2005 |
| |
| 1. Fixed broken scrolling_list() select attribute. |
| |
| Version 3.13, Dec 4, 2005 |
| |
| 1. Removed extraneous empty "?" from end of self_url(). |
| |
| Version 3.12, Dec 4, 2005 |
| |
| 1. Fixed virtual_port so that it works properly with https protocol. |
| 2. Fixed documentation for upload_hook(). |
| 3. Added POSTDATA documentation. |
| 4. Made upload_hook() work in function-oriented mode. |
| 5. Fixed POST_MAX behavior so that it doesn't cause client to hang. |
| 6. Disabled automatic tab indexes and added new -tabindex pragma to |
| turn automatic indexes back on. |
| 7. The url() and self_url() methods now work better in the context of Apache |
| mod_rewrite. Be advised that path_info() may give you confusing results |
| when mod_rewrite is active because Apache calculates the path info *after* |
| rewriting. This is mostly worked around in url() and self_url(), but you |
| may notice some anomalies. |
| 8. Removed empty (and non-validating) <div> from code emitted by end_form(). |
| 9. Fixed CGI::Carp to work correctly with Mod_perl 1.29 in an Apache 2 environment. |
| 10. Setting $CGI::TMPDIRECTORY should now be effective. |
| |
| Version 3.11, Aug 3, 2005 |
| |
| 1. Killed warning in CGI::Cookie about MOD_PERL_API_VERSION |
| 2. Fixed append() so that it works in function mode. |
| 3. Workaround for a bug that appears in Apache2 versions through 2.0.54 |
| in which SCRIPT_NAME and PATH_INFO are incorrect if the additional path_info |
| contains a double slash. This workaround will handle the common case of |
| http://mysite.com/cgi-bin/log.cgi/http://www.some.other.site/args, but will |
| not handle the uncommon case of a ScriptAlias directive that adds additional |
| path information to the end of the translated URI. |
| |
| Version 3.10, May 13, 2005 |
| |
| 1. Added Apache2::RequestIO, which is necessary for mp2 interoperability. |
| |
| Version 3.09, May 5, 2005 |
| |
| 1. Fixed tabindex="0" when using CGI to create forms without a prior start_html |
| 2. Removed warning about non-numeric MOD_PERL_API_VERSION. |
| |
| Version 3.08, Apr 20, 2005 |
| |
| 1. update support for mod_perl 2.0. versions prior to |
| mod_perl 1.999_22 (2.0.0-RC5) are no longer supported. |
| |
| Version 3.07, Mar 14, 2005 |
| |
| 1. Fixed typo in mod_perl detection. |
| |
| Version 3.06, Mar 09, 2005 |
| |
| 1. Fixed bare call to script() in start_html |
| 2. Moved Fh::DESTROY out of autoloaded functions so as to avoid |
| clobbering $@ when CGI functions are executed in an eval{} |
| context. |
| 3. mod_perl 2.0 version detection patch in CGI::Cookie provided by |
| Allen Day. |
| 4. autoEscape() flag is now respected when generating extra |
| attributes. |
| 5. Tests for *tag start/end generation from Shlomi Fish. |
| 6. Support for can() method provided by Ron Savage. |
| 7. Fix for lang='' when outputting XHTML. |
| 8. Added support for chunked transfer encoding, as suggested by |
| Hakan Ardo |
| 9. Fixed clobbering of row and column headers in tableized radio |
| and checkbox groups, as reported by Nicolas Thierry-Mieg. |
| 10. <Label> tags are now associated with form elements, as suggested |
| by accessibility guidelines. |
| 11. The <?xml> directive produced by start_html is now turned off by |
| default and the charset is specified in a <meta> directive. Apparently |
| IE6 (and maybe some versions of Opera) were getting confused by this. |
| 12. Support for tab indexes. |
| 13. Retired the HTML docs. The POD docs are now primary documentation. |
| 14. CGI::Carp now correctly detects and handles Apache::Dispatch. |
| 15. CGI::Util::utf8_chr now correctly sets the UTF8 flag on 5.006 or |
| higher perls (fix courtesy Slaven Rezic). |
| |
| |
| Version 3.05, Apr 12, 2004 |
| |
| 1. Fixed uninitialized variable warning on start_form() when running |
| from command line. |
| 2. Fixed CGI::_set_attributes so that attributes with a - are handled |
| correctly. |
| 3. Fixed CGI::Carp::die() so as to avoid problems from _longmess() |
| clobbering @_. |
| 4. If HTTP_X_FORWARDED_HOST is defined (i.e. running under a proxy), |
| the various functions that return HOST will use that instead. |
| 5. Fix for undefined utf8() call in CGI::Util. |
| 6. Changed the call to warningsToBrowser() in |
| CGI::Carp::fatalsToBrowser to call only after HTTP header is sent |
| (thanks to Didier Lebrun for noticing). |
| 7. Patches from Dan Harkless to make CGI.pm validatable against HTML |
| 3.2. |
| 8. Fixed an extraneous "foo=bar" appearing when extra style |
| parameters passed to start_html; |
| 9. Fixed cross-site scripting bug in startform() pointed out by Dan |
| Harkless. |
| 10. Fixed documentation to discuss list context behavior of |
| form-element generators explicitly. |
| 11. Fixed incorrect results from end_form() when called in OO manner. |
| 12. Fixed query string stripping in order to handle URLs containing |
| escaped newlines. |
| 13. During server push, set NPH to 0 rather than 1. This is supposed |
| to fix problems with Apache. |
| 14. Fixed incorrect processing of multipart form fields that contain |
| embedded quotes. There's still the issue of how to handle ones |
| that contain embedded semicolons, but no one has complained (yet). |
| 15. Fixed documentation bug in -style argument to start_html() |
| 16. Added -status argument to redirect(). |
| |
| Version 3.04, Jan 18, 2004 |
| |
| 1. Fixed the problem with mod_perl crashing when "defaults" button |
| pressed. |
| |
| Version 3.03, Jan 13, 2004 |
| |
| 1. Fix upload hook functionality |
| 2. Workaround for CGI->unescape_html() |
| 3. Bumped version numbers in CGI::Fast and CGI::Util for 5.8.3-tobe |
| |
| Version 3.02 |
| |
| 1. Bring in Apache::Response just in case. |
| 2. File upload on EBCDIC systems now works. |
| |
| Version 3.01, Dec 10, 2003 |
| |
| 1. No fix yet for upload failures when running on EBCDIC server. |
| 2. Fixed uninitialized glob warnings that appeared when file |
| uploading under perl 5.8.2. |
| 3. Added patch from Schlomi Fish to allow debugging of PATH_INFO from |
| command line. |
| 4. Added patch from Steve Hay to correctly unlink tmp files under |
| mod_perl/windows |
| 5. Added upload_hook functionality from Jamie LeTaul |
| 6. Workarounds for mod_perl 2 IO issues. Check that file upload and |
| state saving still working. |
| 7. Added code for underreads. |
| 8. Fixed misleading description of redirect() and relative URLs in |
| the POD docs. |
| 9. Workaround for weird interaction of CGI::Carp with Safe module |
| reported by William McKee. |
| 10. Added patches from Ilmari Karonen to improve behavior of |
| CGI::Carp. |
| 11. Fixed documentation error in -style argument. |
| 12. Added virtual_port() method for finding out what port server is |
| listening on in a virtual-host aware fashion. |
| |
| Version 3.00, Aug 18, 2003 |
| |
| 1. Patch from Randal Schwartz to fix bug introduced by cross-site |
| scripting vulnerability "fix." |
| 2. Patch from JFreeman to replace UTF-8 escape constant of 0xfe with |
| 0xfc. Hope this is right! |
| |
| Version 2.99 |
| |
| 1. Patch from Steve Hay to fix extra Content-type: appearing on |
| browser screen when FatalsToBrowser invoked. |
| 2. Patch from Ewann Corvellec to fix cross-site scripting |
| vulnerability. |
| 3. Fixed tmpdir routine for file uploading to solve problem that |
| occurs under mod_perl when tmpdir is writable at startup time, but |
| not at session time. |
| |
| Version 2.98 |
| |
| 1. Fixed crash in Dump() function. |
| |
| Version 2.97 |
| |
| 1. Sigh. Uploaded wrong 2.96 to CPAN. |
| |
| Version 2.96 |
| |
| 1. More bugfixes to the -style argument. |
| |
| Version 2.95 |
| |
| 1. Fixed bugs in start_html(-style=>...) support introduced in 2.94. |
| |
| Version 2.94 |
| |
| 1. Removed warning from reset() method. |
| 2. Moved |
| |
| and tags into the :html3 group. Hope this removes undefined CGI::Area |
| errors. |
| |
| Changed CGI::Carp to play with mod_perl2 and to (hopefully) restore |
| reporting of compile-time errors. |
| |
| Fixed potential deadlock between web server and CGI.pm when aborting |
| a read due to POST_MAX (reported by Antti Lankila). |
| |
| Fixed issue with tag-generating function not incorporating content |
| when first variable undef. |
| |
| Fixed cross-site scripting bug reported by obscure. |
| |
| Fixed Dump() function to return correctly formed XHTML - bug |
| reported by Ralph Siemsen. |
| |
| Version 2.93 |
| |
| 1. Fixed embarassing bug in mp1 support. |
| |
| Version 2.92 |
| |
| 1. Fix to be P3P compliant submitted from MPREWITT. |
| 2. Added CGI->r() API for mod_perl1/mod_perl2. |
| 3. Fixed bug in redirect() that was corrupting cookies. |
| 4. Minor fix to behavior of reset() button to make it consistent with |
| submit() button (first time this has been changed in 9 years). |
| 5. Patch from Dan Kogai to handle UTF-8 correctly in 5.8 and higher. |
| 6. Patch from Steve Hay to make CGI::Carp's error messages appear on |
| MSIE browsers. |
| 7. Added Yair Lenga's patch for non-urlencoded postings. |
| 8. Added Stas Bekman's patches for mod_perl 2 compatibility. |
| 9. Fixed uninitialized escape behavior submitted by William Campbell. |
| 10. Fixed tied behavior so that you can pass arguments to tie() |
| 11. Fixed incorrect generation of URLs when the path_info contains + |
| and other odd characters. |
| 12. Fixed redirect(-cookies=>$cookie) problem. |
| 13. Fixed tag generation bug that affects -javascript passed to |
| start_html(). |
| |
| Version 2.91 |
| |
| 1. Attribute generation now correctly respects the value of |
| autoEscape(). |
| 2. Fixed endofrm() syntax error introduced by Ben Edgington's patch. |
| |
| Version 2.90 |
| |
| 1. Fixed bug in redirect header handling. |
| 2. Added P3P option to header(). |
| 3. Patches from Alexey Mahotkin to make CGI::Carp work correctly with |
| object-oriented exceptions. |
| 4. Removed inaccurate description of how to set multiple cookies from |
| CGI::Cookie pod file. |
| 5. Patch from Kevin Mahony to prevent running out of filehandles when |
| uploading lots of files. |
| 6. Documentation enhancement from Mark Fisher to note that the |
| import_names() method transforms the parameter names into valid |
| Perl names. |
| 7. Patch from Dan Harkless to suppress lang attribute in <html> tag |
| if specified as a null string. |
| 8. Patch from Ben Edgington to fix broken XHTML-transitional 1.0 |
| validation on endform(). |
| 9. Custom html header fix from Steffen Beyer (first letter correctly |
| upcased now) |
| 10. Added a -verbatim option to stylesheet generation from Michael |
| Dickson |
| 11. Faster delete() method from Neelam Gupta |
| 12. Fixed broken Cygwin support. |
| 13. Added empty charset support from Bradley Baetz |
| 14. Patches from Doug Perham and Kevin Mahoney to fix file upload |
| failures when uploaded file is a multiple of 4096. |
| |
| Version 2.89 |
| |
| 1. Fixed behavior of ACTION tag when POSTING to a URL that has a |
| query string. |
| 2. Added Patch from Michael Rommel to handle multipart/mixed uploads |
| from Opera |
| |
| Version 2.88 |
| |
| 1. Fixed problem with uploads being refused under Perl 5.8 when under |
| Taint mode. |
| 2. Fixed uninitialized variable warnings under Perl 5.8. |
| 3. Fixed CGI::Pretty regression test failures. |
| |
| Version 2.87 |
| |
| 1. Security hole patched: when processing multipart/form-data |
| postings, most arguments were being untainted silently. Returned |
| arguments are now tainted correctly. This may cause some scripts |
| to fail that used to work (thanks to Nick Cleaton for pointing |
| this out and persisting until it was fixed). |
| 2. Update for mod_perl 2.0. |
| 3. Pragmas such as -no_xhtml are now respected in mod_perl |
| environment. |
| |
| Version 2.86 |
| |
| 1. Fixes for broken CGI::Cookie expiration dates introduced in 2.84. |
| |
| Version 2.85 |
| |
| 1. Fix for broken autoEscape function introduced in 2.84. |
| |
| Version 2.84 |
| |
| 1. Fix for failed file uploads on Cygwin platforms. |
| 2. HTML escaping code now replaced 0x8b and 0x9b with unicode |
| references < and *#8250; |
| |
| Version 2.83 |
| |
| 1. Fixed autoEscape() documentation inconsistencies. |
| 2. Patch from Ville Skytt� to fix a number of XHTML inconsistencies. |
| 3. Added Max-Age to list of CGI::Cookie headers. |
| |
| Version 2.82 |
| |
| 1. Patch from Rudolf Troller to add attribute setting and option |
| groups to form fields. |
| 2. Patch from Simon Perreault for silent crashes when using CGI::Carp |
| under mod_perl. |
| 3. Patch from Scott Gifford allows you to set the program name for |
| CGI::Carp. |
| |
| Version 2.81 |
| |
| 1. Removed extraneous slash from end of stylesheet tags generated by |
| start_html in non-XHTML mode. |
| 2. Changed behavior of CGI::Carp with respect to eval{} contexts so |
| that output behaves properly in mod_perl environments. |
| 3. Fixed default DTD so that it validates with W3C validator. |
| |
| Version 2.80 |
| |
| 1. Fixed broken messages in CGI::Carp. |
| 2. Changed checked="1" to checked="checked" for real XHTML |
| compatibility. |
| 3. Resurrected REQUEST_URI code so that url() works correctly with |
| multiviews. |
| |
| Version 2.79 |
| |
| 1. Changes to CGI::Carp to avoid "subroutine redefined" error |
| messages. |
| 2. Default DTD is now XHTML 1.0 Transitional |
| 3. Patches to support all HTML4 tags. |
| |
| Version 2.78 |
| |
| 1. Added ability to change encoding in <?xml> assertion. |
| 2. Fixed the old escapeHTML('CGI') ne "CGI" bug |
| 3. In accordance with XHTML requirements, there are no longer any |
| minimized attributes, such as "checked". |
| 4. Patched bug which caused file uploads of exactly 4096 bytes to be |
| truncated to 4094 (thanks to Kevin Mahony) |
| 5. New tests and fixes to CGI::Pretty (thanks to Michael Schwern). |
| |
| Version 2.77 |
| |
| 1. No new features, but released in order to fix an apparent CPAN |
| bug. |
| |
| Version 2.76 |
| |
| 1. New esc.t regression test for EBCDIC translations courtesy Peter |
| Prymmer. |
| 2. Patches from James Jurach to make compatible with FCGI-ProcManager |
| 3. Additional fields passed to header() (like -Content_disposition) |
| now honor initial capitalization. |
| 4. Patch from Andrew McNaughton to handle utf-8 escapes (%uXXXX |
| codes) in URLs. |
| |
| Version 2.752 |
| |
| 1. Syntax error in the autoloaded Fh::new() subroutine. |
| 2. Better error reporting in autoloaded functions. |
| |
| Version 2.751 |
| |
| 1. Tiny tweak to filename regular expression function on line 3355. |
| |
| Version 2.75 |
| |
| 1. Fixed bug in server push boundary strings (CGI.pm and CGI::Push). |
| 2. Fixed bug that occurs when uploading files with funny characters |
| in the name |
| 3. Fixed non-XHTML-compliant attributes produced by textfield() |
| 4. Added EPOC support, courtesy Olaf Flebbe |
| 5. Fixed minor XHTML bugs. |
| 6. Made escape() and unescape() symmetric with respect to EBCDIC, |
| courtesy Roca, Ignasi <ignasi.roca@fujitsu.siemens.es> |
| 7. Removed uninitialized variable warning from CGI::Cookie, provided |
| by Atipat Rojnuckarin <rojnuca@yahoo.com> |
| 8. Fixed bug in CGI::Pretty that causes it to print partial end tags |
| when the $INDENT global is changed. |
| 9. Single quotes are changed to character entity ' for compatibility |
| with URLs. |
| |
| Version 2.74 |
| |
| September 13, 2000 |
| 1. Quashed one-character bug that caused CGI.pm to fail on file |
| uploads. |
| |
| Version 2.73 |
| |
| September 12, 2000 |
| 1. Added -base to the list of arguments accepted by url(). |
| 2. Fixes to XHTML support. |
| 3. POST parameters no longer show up in the Location box. |
| |
| Version 2.72 |
| |
| August 19, 2000 |
| 1. Fixed the defaults button so that it works again |
| 2. Charset is now correctly saved and restored when saving to files |
| 3. url() now works correctly when given scripts with %20 and other |
| escapes in the additional path info. This undoes a patch |
| introduced in version 2.47 that I no longer understand the |
| rationale for. |
| |
| Version 2.71 |
| |
| August 13, 2000 |
| 1. Newlines in the value attributes of hidden fields and other form |
| elements are now escaped when using ISO-Latin. |
| 2. Inline script and style sections are now protected as CDATA |
| sections when XHTML mode is on (the default). |
| |
| Version 2.70 |
| |
| August 4, 2000 |
| 1. Fixed bug in scrolling_list() which omitted a space in front of |
| the "multiple" attribute. |
| 2. Squashed the "useless use of string in void context" message from |
| redirects. |
| |
| Version 2.69 |
| |
| 1. startform() now creates default ACTION for POSTs as well as GETs. |
| This may break some browsers, but it no longer violates the HTML |
| spec. |
| 2. CGI.pm now emits XHTML by default. Disable with -no_xhtml. |
| 3. We no longer interpret &#ddd sequences in non-latin character |
| sets. |
| |
| Version 2.68 |
| |
| 1. No longer attempts to escape characters when dealing with non |
| ISO-8861 character sets. |
| 2. checkbox() function now defaults to using -value as its label, |
| rather than -name. The current behavior is what has been |
| documented from the beginning. |
| 3. -style accepts array reference to incorporate multiple stylesheets |
| into document. |
| |
| 1. Fixed two bugs that caused the -compile pragma to fail with a |
| syntax error. |
| |
| Version 2.67 |
| |
| 1. Added XHTML support (incomplete; tags need to be lowercased). |
| 2. Fixed CGI/Carp when running under mod_perl. Probably broke in |
| other contexts. |
| 3. Fixed problems when passing multiple cookies. |
| 4. Suppress warnings from _tableize() that were appearing when using |
| -w switch with radio_group() and checkbox_group(). |
| 5. Support for the header() -attachment argument, which can give |
| pages a default file name when saving to disk. |
| |
| Version 2.66 |
| |
| 1. 2.65 changes in make_attributes() broke HTTP header functions |
| (including redirect), so made it context sensitive. |
| |
| Version 2.65 |
| |
| 1. Fixed regression tests to skip tests that require implicit fork on |
| machines without fork(). |
| 2. Changed make_attributes() to automatically escape any HTML |
| reserved characters. |
| 3. Minor documentation fix in javascript example. |
| |
| Version 2.64 |
| |
| 1. Changes introduced in 2.63 broke param() when retrieving parameter |
| lists containing only a single argument. This is now fixed. |
| 2. self_url() now defaults to returning parameters delimited with |
| semicolon. Use the pragma -oldstyle_urls to get the old "&" |
| delimiter. |
| |
| Version 2.63 |
| |
| 1. Fixed CGI::Push to pull out parameters correctly. |
| 2. Fixed redirect() so that it works with default character set |
| 3. Changed param() so as to returned empty string '' when referring |
| to variables passed in query strings like 'name1=&name2' |
| |
| Version 2.62 |
| |
| 1. Fixed broken ReadParse() function, and added regression tests |
| 2. Fixed broken CGI::Pretty, and added regression tests |
| |
| Version 2.61 |
| |
| 1. Moved more functions from CGI.pm proper into CGI/Util.pm. |
| CGI/Cookie should now be standalone. |
| 2. Disabled per-user temporary directories, which were causing grief. |
| |
| Version 2.60 |
| |
| 1. Fixed junk appearing in autogenerated HTML functions when using |
| object-oriented mode. |
| |
| Version 2.59 |
| |
| 1. autoescape functionality breaks too much existing code, removed |
| it. |
| 2. use escapeHTML() manually |
| |
| Version 2.58 |
| |
| This is the release version of 2.57. |
| |
| Version 2.57 |
| |
| 1. Added -debug pragma and turned off auto reading of STDIN. |
| 2. Default DTD updated to HTML 4.01 transitional. |
| 3. Added charset() method and the -charset argument to header(). |
| 4. Fixed behavior of escapeHTML() to respect charset() and to escape |
| nasty Windows characters (thanks to Tom Christiansen). |
| 5. Handle REDIRECT_QUERY_STRING correctly. |
| 6. Removed use_named_parameters() because of dependency problems and |
| general lameness. |
| 7. Fixed problems with bad HREF links generated by url(-relative=>1) |
| when the url is like /people/. |
| 8. Silenced a warning on upload (patch provided by Jonas Liljegren) |
| 9. Fixed race condition in CGI::Carp when errors occur during parsing |
| (patch provided by Maurice Aubrey). |
| 10. Fixed failure of url(-path_info=>1) when path contains % signs. |
| 11. Fixed warning from CGI::Cookie when receiving foreign cookies that |
| don't use name=value format. |
| 12. Fixed incompatibilities with file uploading on VMS systems. |
| |
| Version 2.56 |
| |
| 1. Fixed bugs in file upload introduced in version 2.55 |
| 2. Fixed long-standing bug that prevented two files with identical |
| names from being uploaded. |
| |
| Version 2.55 |
| |
| 1. Fixed cookie regression test so as not to produce an error. |
| 2. Fixed path_info() and self_url() to work correctly together when |
| path_info() modified. |
| 3. Removed manify warnings from CGI::{Switch,Apache}. |
| |
| Version 2.54 |
| |
| 1. This will be the last release of the monolithic CGI.pm module. |
| Later versions will be modularized and optimized. |
| 2. DOMAIN tag no longer added to cookies by default. This will break |
| some versions of Internet Explorer, but will avoid breaking |
| networks which use host tables without fully qualified domain |
| names. For compatibility, please always add the -domain tag when |
| creating cookies. |
| 3. Fixed escape() method so that +'s are treated correctly. |
| 4. Updated CGI::Pretty module. |
| |
| Version 2.53 |
| |
| 1. Forgot to upgrade regression tests before releasing 2.52. NOTHING |
| ELSE HAS CHANGED IN LIBRARY |
| |
| Version 2.52 |
| |
| 1. Spurious newline in checkbox() routine removed. (courtesy John |
| Essen) |
| 2. TEXTAREA linebreaks now respected in dump() routine. (courtesy |
| John Essen) |
| 3. Patches for DOS ports (courtesy Robert Davies) |
| 4. Patches for VMS |
| 5. More fixes for cookie problems |
| 6. Fix CGI::Carp so that it doesn't affect eval{} blocks (courtesy |
| Byron Brummer) |
| |
| Version 2.51 |
| |
| 1. Fixed problems with cookies not being remembered when sent to IE |
| 5.0 (and Netscape 5.0 too?) |
| 2. Numerous HTML compliance problems in cgi_docs.html; fixed thanks |
| to Michael Leahy |
| |
| Version 2.50 |
| |
| 1. Added a new Vars() method to retrieve all parameters as a tied |
| hash. |
| 2. Untainted tainted tempfile name so that script doesn't fail on |
| terminal unlink. |
| 3. Made picking of upload tempfile name more intelligent so that |
| doesn't fail in case of name collision. |
| 4. Fixed handling of expire times when passed an absolute timestamp. |
| 5. Changed dump() to Dump() to avoid name clashes. |
| |
| Version 2.49 |
| |
| 1. Fixes for FastCGI (globals not getting reset) |
| 2. Fixed url() to correctly handle query string and path under |
| MOD_PERL |
| |
| Version 2.48 |
| |
| 1. Reverted detection of MOD_PERL to avoid breaking PerlEX. |
| |
| Version 2.47 |
| |
| 1. Patch to fix file upload bug appearing in IE 3.01 for |
| Macintosh/PowerPC. |
| 2. Replaced use of $ENV{SCRIPT_NAME} with $ENV{REQUEST_URI} when |
| running under Apache, to fix self-referencing URIs. |
| 3. Fixed bug in escapeHTML() which caused certain constructs, such as |
| CGI->image_button(), to fail. |
| 4. Fixed bug which caused strong('CGI') to fail. Be careful to use |
| CGI::strong('CGI') and not CGI->strong('CGI'). The latter will |
| produce confusing results. |
| 5. Added upload() function, as a preferred replacement for the |
| "filehandle as string" feature. |
| 6. Added cgi_error() function. |
| 7. Rewrote file upload handling to return undef rather than dieing |
| when an error is encountered. Be sure to call cgi_error() to find |
| out what went wrong. |
| |
| Version 2.46 |
| |
| 1. Fix for failure of the "include" tests under mod_perl |
| 2. Added end_multipart_form to prevent failures during qw(-compile |
| :all) |
| |
| Version 2.45 |
| |
| 1. Multiple small documentation fixes |
| 2. CGI::Pretty didn't get into 2.44. Fixed now. |
| |
| Version 2.44 |
| |
| 1. Fixed file descriptor leak in upload function. |
| 2. Fixed bug in header() that prevented fields from containing double |
| quotes. |
| 3. Added Brian Paulsen's CGI::Pretty package for pretty-printing |
| output HTML. |
| 4. Removed CGI::Apache and CGI::Switch from the distribution. |
| 5. Generated start_* shortcuts so that start_table(), end_table(), |
| start_ol(), end_ol(), and so forth now work (see the docs on how |
| to enable this feature). |
| 6. Changed accept() to Accept(), sub() to Sub(). There's still a |
| conflict with reset(), but this will break too many existing |
| scripts! |
| |
| Version 2.43 |
| |
| 1. Fixed problem with "use strict" and file uploads (thanks to Peter |
| Haworth) |
| 2. Fixed problem with not MSIE 3.01 for the power_mac not doing file |
| uploads right. |
| 3. Fixed problem with file upload on IIS 4.0 when authorization in |
| use. |
| 4. -content_type and '-content-type' can now be provided to header() |
| as synonyms for -type. |
| 5. CGI::Carp now escapes the ampersand BEFORE escaping the > and < |
| signs. |
| 6. Fixed "not an array reference" error when passing a hash reference |
| to radio_group(). |
| 7. Fixed non-removal of uploaded TMP files on NT platforms which |
| occurs when server runs on non-C drive (thanks to Steve Kilbane |
| for finding this one). |
| |
| Version 2.42 |
| |
| 1. Too many screams of anguish at changed behavior of url(). Is now |
| back to its old behavior by default, with options to generate all |
| the variants. |
| 2. Added regression tests. "make test" now works. |
| 3. Documentation fixes. |
| 4. Fixes for Macintosh uploads, but uploads STILL do not work pending |
| changes to MacPerl. |
| |
| Version 2.41 |
| |
| 1. url() method now includes the path info. Use script_name() to get |
| it without path info(). |
| 2. Changed handling of empty attributes in HTML tag generation. Be |
| warned! Use table({-border=>undef}) rather than |
| table({-border=>''}). |
| 3. Changes to allow uploaded filenames to be compared to other |
| strings with "eq", "cmp" and "ne". |
| 4. Changes to allow CGI.pm to coexist more peacefully with |
| ActiveState PerlEX. |
| 5. Changes to prevent exported variables from clashing when importing |
| ":all" set in combination with cookies. |
| |
| Version 2.40 |
| |
| 1. CGI::Carp patched to work better with mod_perl (thanks to Chris |
| Dean). |
| 2. Uploads of files whose names begin with numbers or the Windows |
| \\UNC\shared\file nomenclature should no longer fail. |
| 3. The <STYLE> tag (for cascading style sheets) now generates the |
| required TYPE attribute. |
| 4. Server push primitives added, thanks to Ed Jordan. |
| 5. Table and other HTML3 functions are now part of the :standard set. |
| 6. Small documentation fixes. |
| |
| TO DO: |
| 1. Do something about the DTD mess. The module should generate |
| correct DTDs, or at least offer the programmer a way to specify |
| the correct one. |
| 2. Split CGI.pm into CGI processing and HTML-generating modules. |
| 3. More robust file upload (?still not working on the Macintosh?). |
| 4. Bring in all the HTML4 functionality, particular the accessibility |
| features. |
| |
| Version 2.39 |
| |
| 1. file uploads failing because of VMS patch; fixed. |
| 2. -dtd parameter was not being properly processed. |
| |
| Version 2.38 |
| |
| I finally got tired of all the 2.37 betas and released 2.38. The main |
| difference between this version and the last 2.37 beta (2.37b30) are |
| some fixes for VMS. This should allow file upload to work properly on |
| all VMS Web servers. |
| |
| Version 2.37, various beta versions |
| |
| 1. Added a CGI::Cookie::parse() method for lucky mod_perl users. |
| 2. No longer need separate -values and -labels arguments for |
| multi-valued form elements. |
| 3. Added better interface to raw cookies (fix courtesy Ken Fox, |
| kfox@ford.com) |
| 4. Added param_fetch() function for direct access to parameter list. |
| 5. Fix to checkbox() to allow for multi-valued single checkboxes |
| (weird problem). |
| 6. Added a compile() method for those who want to compile without |
| importing. |
| 7. Documented the import pragmas a little better. |
| 8. Added a -compile switch to the use clause for the long-suffering |
| mod_perl and Perl compiler users. |
| 9. Fixed initialization routines so that FileHandle and type globs |
| work correctly (and hash initialization doesn't fail!). |
| 10. Better deletion of temporary files on NT systems. |
| 11. Added documentation on escape(), unescape(), unescapeHTML() and |
| unescapeHTML() subroutines. |
| 12. Added documentation on creating subclasses. |
| 13. Fixed problem when calling $self->SUPER::foo() from inheriting |
| subclasses. |
| 14. Fixed problem using filehandles from within subroutines. |
| 15. Fixed inability to use the string "CGI" as a parameter. |
| 16. Fixed exponentially growing $FILLUNIT bug |
| 17. Check for undef filehandle in read_from_client() |
| 18. Now requires the UNIVERSAL.pm module, present in Perl 5.003_7 or |
| higher. |
| 19. Fixed problem with uppercase-only parameters being ignored. |
| 20. Fixed vanishing cookie problem. |
| 21. Fixed warning in initialize_globals() under mod_perl. |
| 22. File uploads from Macintosh versions of MSIE should now work. |
| 23. Pragmas now preceded by dashes (-nph) rather than colons (:nph). |
| Old style is supported for backward compatibility. |
| 24. Can now pass arguments to all functions using {} brackets, |
| resolving historical inconsistencies. |
| 25. Removed autoloader warnings about absent MultipartBuffer::DESTROY. |
| 26. Fixed non-sticky checkbox() when -name used without -value. |
| 27. Hack to fix path_info() in IIS 2.0. Doesn't help with IIS 3.0. |
| 28. Parameter syntax for debugging from command line now more |
| straightforward. |
| 29. Added $DISABLE_UPLOAD to disable file uploads. |
| 30. Added $POST_MAX to error out if POSTings exceed some ceiling. |
| 31. Fixed url_param(), which wasn't working at all. |
| 32. Fixed variable suicide problem in s///e expressions, where the |
| autoloader was needed during evaluation. |
| 33. Removed excess spaces between elements of checkbox and radio |
| groups |
| 34. Can now create "valueless" submit buttons |
| 35. Can now set path_info as well as read it. |
| 36. ReadParse() now returns a useful function result. |
| 37. import_names() now allows you to optionally clear out the |
| namespace before importing (for mod_perl users) |
| 38. Made it possible to have a popup menu or radio button with a value |
| of "0". |
| 39. link() changed to Link() to avoid overriding native link function. |
| 40. Takes advantage of mod_perl's register_cleanup() function to clear |
| globals. |
| 41. <LAYER> and <ILAYER> added to :html3 functions. |
| 42. Fixed problems with private tempfiles and NT/IIS systems. |
| 43. No longer prints the DTD by default (I bet no one will complain). |
| 44. Allow underscores to replace internal hyphens in parameter names. |
| 45. CGI::Push supports heterogeneous MIME types and adjustable delays |
| between pages. |
| 46. url_param() method added for retrieving URL parameters even when a |
| fill-out form is POSTed. |
| 47. Got rid of warnings when radio_group() is called. |
| 48. Cookies now moved to their very own module. |
| 49. Fixed documentation bug in CGI::Fast. |
| 50. Added a :no_debug pragma to the import list. |
| |
| Version 2.36 |
| |
| 1. Expanded JavaScript functionality |
| 2. Preliminary support for cascading stylesheets |
| 3. Security fixes for file uploads: |
| + Module will bail out if its temporary file already exists |
| + Temporary files can now be made completely private to avoid |
| peeking by other users or CGI scripts. |
| 4. use CGI qw/:nph/ wasn't working correctly. Now it is. |
| 5. Cookie and HTTP date formats didn't meet spec. Thanks to Mark |
| Fisher (fisherm@indy.tce.com) for catching and fixing this. |
| |
| p |
| |
| Version 2.35 |
| |
| 1. Robustified multipart file upload against incorrect syntax in |
| POST. |
| 2. Fixed more problems with mod_perl. |
| 3. Added -noScript parameter to start_html(). |
| 4. Documentation fixes. |
| |
| Version 2.34 |
| |
| 1. Stupid typo fix |
| |
| Version 2.33 |
| |
| 1. Fixed a warning about an undefined environment variable. |
| 2. Doug's patch for redirect() under mod_perl |
| 3. Partial fix for busted inheritence from CGI::Apache |
| 4. Documentation fixes. |
| |
| Version 2.32 |
| |
| 1. Improved support for Apache's mod_perl. |
| 2. Changes to better support inheritance. |
| 3. Support for OS/2. |
| |
| Version 2.31 |
| |
| 1. New uploadInfo() method to obtain header information from uploaded |
| files. |
| 2. cookie() without any arguments returns all the cookies passed to a |
| script. |
| 3. Removed annoying warnings about $ENV{NPH} when running with the -w |
| switch. |
| 4. Removed operator overloading throughout to make compatible with |
| new versions of perl. |
| 5. -expires now implies the -date header, to avoid clock skew. |
| 6. WebSite passes cookies in $ENV{COOKIE} rather than |
| $ENV{HTTP_COOKIE}. We now handle this, even though it's O'Reilly's |
| fault. |
| 7. Tested successfully against new sfio I/O layer. |
| 8. Documentation fixes. |
| |
| Version 2.30 |
| |
| 1. Automatic detection of operating system at load time. |
| 2. Changed select() function to Select() in order to avoid conflict |
| with Perl built-in. |
| 3. Added Tr() as an alternative to TR(); some people think it looks |
| better that way. |
| 4. Fixed problem with autoloading of MultipartBuffer::DESTROY code. |
| 5. Added the following methods: |
| + virtual_host() |
| + server_software() |
| 6. Automatic NPH mode when running under Microsoft IIS server. |
| |
| Version 2.29 |
| |
| 1. Fixed cookie bugs |
| 2. Fixed problems that cropped up when useNamedParameters was set to |
| 1. |
| 3. Prevent CGI::Carp::fatalsToBrowser() from crapping out when |
| encountering a die() within an eval(). |
| 4. Fixed problems with filehandle initializers. |
| |
| Version 2.28 |
| |
| 1. Added support for NPH scripts; also fixes problems with Microsoft |
| IIS. |
| 2. Fixed a problem with checkbox() values not being correctly saved |
| and restored. |
| 3. Fixed a bug in which CGI objects created with empty string |
| initializers took on default values from earlier CGI objects. |
| 4. Documentation fixes. |
| |
| Version 2.27 |
| |
| 1. Small but important bug fix: the automatic capitalization of tag |
| attributes was accidentally capitalizing the VALUES as well as the |
| ATTRIBUTE names (oops). |
| |
| Version 2.26 |
| |
| 1. Changed behavior of scrolling_list(), checkbox() and |
| checkbox_group() methods so that defaults are honored correctly. |
| The "fix" causes endform() to generate additional <INPUT |
| TYPE="HIDDEN"> tags -- don't be surpised. |
| 2. Fixed bug involving the detection of the SSL protocol. |
| 3. Fixed documentation error in position of the -meta argument in |
| start_html(). |
| 4. HTML shortcuts now generate tags in ALL UPPERCASE. |
| 5. start_html() now generates correct SGML header: |
| <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN"> |
| |
| 6. CGI::Carp no longer fails "use strict refs" pragma. |
| |
| Version 2.25 |
| |
| 1. Fixed bug that caused bad redirection on destination URLs with |
| arguments. |
| 2. Fixed bug involving use_named_parameters() followed by |
| start_multipart_form() |
| 3. Fixed bug that caused incorrect determination of binmode for |
| Macintosh. |
| 4. Spelling fixes on documentation. |
| |
| Version 2.24 |
| |
| 1. Fixed bug that caused generation of lousy HTML for some form |
| elements |
| 2. Fixed uploading bug in Windows NT |
| 3. Some code cleanup (not enough) |
| |
| Version 2.23 |
| |
| 1. Fixed an obscure bug that caused scripts to fail mysteriously. |
| 2. Fixed auto-caching bug. |
| 3. Fixed bug that prevented HTML shortcuts from passing taint checks. |
| 4. Fixed some -w warning problems. |
| |
| Version 2.22 |
| |
| 1. New CGI::Fast module for use with FastCGI protocol. See pod |
| documentation for details. |
| 2. Fixed problems with inheritance and autoloading. |
| 3. Added TR() (<tr>) and PARAM() (<param>) methods to list of |
| exported HTML tag-generating functions. |
| 4. Moved all CGI-related I/O to a bottleneck method so that this can |
| be overridden more easily in mod_perl (thanks to Doug MacEachern). |
| 5. put() method as substitute for print() for use in mod_perl. |
| 6. Fixed crash in tmpFileName() method. |
| 7. Added tmpFileName(), startform() and endform() to export list. |
| 8. Fixed problems with attributes in HTML shortcuts. |
| 9. Functions that don't actually need access to the CGI object now no |
| longer generate a default one. May speed things up slightly. |
| 10. Aesthetic improvements in generated HTML. |
| 11. New examples. |
| |
| Version 2.21 |
| |
| 1. Added the -meta argument to start_html(). |
| 2. Fixed hidden fields (again). |
| 3. Radio_group() and checkbox_group() now return an appropriate |
| scalar value when called in a scalar context, rather than |
| returning a numeric value! |
| 4. Cleaned up the formatting of form elements to avoid unesthetic |
| extra spaces within the attributes. |
| 5. HTML elements now correctly include the closing tag when |
| parameters are present but null: em('') |
| 6. Added password_field() to the export list. |
| |
| Version 2.20 |
| |
| 1. Dumped the SelfLoader because of problems with running with taint |
| checks and rolled my own. Performance is now significantly |
| improved. |
| 2. Added HTML shortcuts. |
| 3. import() now adheres to the Perl module conventions, allowing |
| CGI.pm to import any or all method names into the user's name |
| space. |
| 4. Added the ability to initialize CGI objects from strings and |
| associative arrays. |
| 5. Made it possible to initialize CGI objects with filehandle |
| references rather than filehandle strings. |
| 6. Added the delete_all() and append() methods. |
| 7. CGI objects correctly initialize from filehandles on NT/95 systems |
| now. |
| 8. Fixed the problem with binary file uploads on NT/95 systems. |
| 9. Fixed bug in redirect(). |
| 10. Added '-Window-target' parameter to redirect(). |
| 11. Fixed import_names() so that parameter names containing funny |
| characters work. |
| 12. Broke the unfortunate connection between cookie and CGI parameter |
| name space. |
| 13. Fixed problems with hidden fields whose values are 0. |
| 14. Cleaned up the documentation somewhat. |
| |
| Version 2.19 |
| |
| 1. Added cookie() support routines. |
| 2. Added -expires parameter to header(). |
| 3. Added cgi-lib.pl compatibility mode. |
| 4. Made the module more configurable for different operating systems. |
| 5. Fixed a dumb bug in JavaScript button() method. |
| |
| Version 2.18 |
| |
| 1. Fixed a bug that corrects a hang that occurs on some platforms |
| when processing file uploads. Unfortunately this disables the |
| check for bad Netscape uploads. |
| 2. Fixed bizarre problem involving the inability to process uploaded |
| files that begin with a non alphabetic character in the file name. |
| 3. Fixed a bug in the hidden fields involving the -override directive |
| being ignored when scalar defaults were passed. |
| 4. Added documentation on how to disable the SelfLoader features. |
| |
| Version 2.17 |
| |
| 1. Added support for the SelfLoader module. |
| 2. Added oodles of JavaScript support routines. |
| 3. Fixed bad bug in query_string() method that caused some parameters |
| to be silently dropped. |
| 4. Robustified file upload code to handle premature termination by |
| the client. |
| 5. Exported temporary file names on file upload. |
| 6. Removed spurious "uninitialized variable" warnings that appeared |
| when running under 5.002. |
| 7. Added the Carp.pm library to the standard distribution. |
| 8. Fixed a number of errors in this documentation, and probably added |
| a few more. |
| 9. Checkbox_group() and radio_group() now return the buttons as |
| arrays, so that you can incorporate the individual buttons into |
| specialized tables. |
| 10. Added the '-nolabels' option to checkbox_group() and |
| radio_group(). Probably should be added to all the other |
| HTML-generating routines. |
| 11. Added the url() method to recover the URL without the entire query |
| string appended. |
| 12. Added request_method() to list of environment variables available. |
| 13. Would you believe it? Fixed hidden fields again! |
| |
| Version 2.16 |
| |
| 1. Fixed hidden fields yet again. |
| 2. Fixed subtle problems in the file upload method that caused |
| intermittent failures (thanks to Keven Hendrick for this one). |
| 3. Made file upload more robust in the face of bizarre behavior by |
| the Macintosh and Windows Netscape clients. |
| 4. Moved the POD documentation to the bottom of the module at the |
| request of Stephen Dahmen. |
| 5. Added the -xbase parameter to the start_html() method, also at the |
| request of Stephen Dahmen. |
| 6. Added JavaScript form buttons at Stephen's request. I'm not sure |
| how to use this Netscape extension correctly, however, so for now |
| the form() method is in the module as an undocumented feature. Use |
| at your own risk! |
| |
| Version 2.15 |
| |
| 1. Added the -override parameter to all field-generating methods. |
| 2. Documented the user_name() and remote_user() methods. |
| 3. Fixed bugs that prevented empty strings from being recognized as |
| valid textfield contents. |
| 4. Documented the use of framesets and added a frameset example. |
| |
| Version 2.14 |
| |
| This was an internal experimental version that was never released. |
| |
| Version 2.13 |
| |
| 1. Fixed a bug that interfered with the value "0" being entered into |
| text fields. |
| |
| Version 2.01 |
| |
| 1. Added -rows and -columns to the radio and checkbox groups. No |
| doubt this will cause much grief because it seems to promise a |
| level of meta-organization that it doesn't actually provide. |
| 2. Fixed a bug in the redirect() method -- it was not truly HTTP/1.0 |
| compliant. |
| |
| Version 2.0 |
| |
| The changes seemed to touch every line of code, so I decided to bump |
| up the major version number. |
| 1. Support for named parameter style method calls. This turns out |
| to be a big win for extending CGI.pm when Netscape adds new HTML |
| "features". |
| 2. Changed behavior of hidden fields back to the correct "sticky" |
| behavior. This is going to break some programs, but it is for |
| the best in the long run. |
| 3. Netscape 2.0b2 broke the file upload feature. CGI.pm now handles |
| both 2.0b1 and 2.0b2-style uploading. It will probably break again |
| in 2.0b3. |
| 4. There were still problems with library being unable to distinguish |
| between a form being loaded for the first time, and a subsequent |
| loading with all fields blank. We now forcibly create a default |
| name for the Submit button (if not provided) so that there's |
| always at least one parameter. |
| 5. More workarounds to prevent annoying spurious warning messages |
| when run under the -w switch. -w is seriously broken in perl |
| 5.001! |
| |
| Version 1.57 |
| |
| 1. Support for the Netscape 2.0 "File upload" field. |
| 2. The handling of defaults for selected items in scrolling lists and |
| multiple checkboxes is now consistent. |
| |
| Version 1.56 |
| |
| 1. Created true "pod" documentation for the module. |
| 2. Cleaned up the code to avoid many of the spurious "use of |
| uninitialized variable" warnings when running with the -w switch. |
| 3. Added the autoEscape() method. v |
| 4. Added string interpolation of the CGI object. |
| 5. Added the ability to pass additional parameters to the <BODY> tag. |
| 6. Added the ability to specify the status code in the HTTP header. |
| |
| Bug fixes in version 1.55 |
| |
| 1. Every time self_url() was called, the parameter list would grow. |
| This was a bad "feature". |
| 2. Documented the fact that you can pass "-" to radio_group() in |
| order to prevent any button from being highlighted by default. |
| |
| Bug fixes in version 1.54 |
| |
| 1. The user_agent() method is now documented; |
| 2. A potential security hole in import() is now plugged. |
| 3. Changed name of import() to import_names() for compatibility with |
| CGI:: modules. |
| |
| Bug fixes in version 1.53 |
| |
| 1. Fixed several typos in the code that were causing the following |
| subroutines to fail in some circumstances |
| 1. checkbox() |
| 2. hidden() |
| 2. No features added |
| |
| New features added in version 1.52 |
| |
| 1. Added backslashing, quotation marks, and other shell-style escape |
| sequences to the parameters passed in during debugging off-line. |
| 2. Changed the way that the hidden() method works so that the default |
| value always overrides the current one. |
| 3. Improved the handling of sticky values in forms. It's now less |
| likely that sticky values will get stuck. |
| 4. If you call server_name(), script_name() and several other methods |
| when running offline, the methods now create "dummy" values to |
| work with. |
| |
| Bugs fixed in version 1.51 |
| |
| 1. param() when called without arguments was returning an array of |
| length 1 even when there were no parameters to be had. Bad bug! |
| Bad! |
| 2. The HTML code generated would break if input fields contained the |
| forbidden characters ">< or &. You can now use these characters |
| freely. |
| |
| New features added in version 1.50 |
| |
| 1. import() method allows all the parameters to be imported into a |
| namespace in one fell swoop. |
| 2. Parameters are now returned in the same order in which they were |
| defined. |
| |
| Bugs fixed in version 1.45 |
| |
| 1. delete() method didn't work correctly. This is now fixed. |
| 2. reset() method didn't allow you to set the name of the button. |
| Fixed. |
| |
| Bugs fixed in version 1.44 |
| |
| 1. self_url() didn't include the path information. This is now fixed. |
| |
| New features added in version 1.43 |
| |
| 1. Added the delete() method. |
| |
| New features added in version 1.42 |
| |
| 1. The image_button() method to create clickable images. |
| 2. A few bug fixes involving forms embedded in <PRE> blocks. |
| |
| New features added in version 1.4 |
| |
| 1. New header shortcut methods |
| + redirect() to create HTTP redirection messages. |
| + start_html() to create the HTML title, complete with the |
| recommended <LINK> tag that no one ever remembers to include. |
| + end_html() for completeness' sake. |
| 2. A new save() method that allows you to write out the state of an |
| script to a file or pipe. |
| 3. An improved version of the new() method that allows you to restore |
| the state of a script from a file or pipe. With (2) this gives you |
| dump and restore capabilities! (Wow, you can put a "121,931 |
| customers served" banner at the bottom of your pages!) |
| 4. A self_url() method that allows you to create state-maintaining |
| hypertext links. In addition to allowing you to maintain the state |
| of your scripts between invocations, this lets you work around a |
| problem that some browsers have when jumping to internal links in |
| a document that contains a form -- the form information gets lost. |
| 5. The user-visible labels in checkboxes, radio buttons, popup menus |
| and scrolling lists have now been decoupled from the values sent |
| to your CGI script. Your script can know a checkbox by the name of |
| "cb1" while the user knows it by a more descriptive name. I've |
| also added some parameters that were missing from the text fields, |
| such as MAXLENGTH. |
| 6. A whole bunch of methods have been added to get at environment |
| variables involved in user verification and other obscure |
| features. |
| |
| Bug fixes |
| |
| 1. The problems with the hidden fields have (I hope at last) been |
| fixed. |
| 2. You can create multiple query objects and they will all be |
| initialized correctly. This simplifies the creation of multiple |
| forms on one page. |
| 3. The URL unescaping code works correctly now. |