Version 6.3 Build 453.3


Build 453.3 is a plug and play update with a few general fixes, some new features and enhancements. The main focus was with the Virtual Domains and CGI/Script maps. A new major option for WcWEB under VDG allow for the creation of Public Web Sites. Please see the Special Upgrade Notes for this AUP update.


Changes, Fixes, New Features and Enhancements by Wildcat! Component  

WCSERVER (Wildcat! Server)

- FIX: Fixed a Virtual Domain bug with the WC:\HTTP translation
       that as still using an older IP-based translation rather
       then the new host domain based.

- ENH: Newer VDG setup allows for parent domain matching and optional
       IP association.  Its now possible to have a VDG:

       and subdomains, such as will be match against
       the parent vdg. if exist as a VDG, then it
       will be used directly.  This eliminate the need to have multiple
       subdomain alias or cname defined records as VDG.

       You can also optionally assign an IP address so that direct IP
       based URL can be matched against the VDG.  This eliminate the
       need to have an IP based VDG record that covers the main domain.

WCSSL (Wildcat! SSL)

- FIX: SSL Socket Shutdown

Fixed a SSL socket shutdown issue that was revealed with the FTP client
FileZilla.  While no other FTP client had a problem, the logic was
incorrect and was fixed in this updaed.  This fix should improve the SSL
socket shutdown for all SSL connections, including HTTPS.

NOTE: In order to implement the fix, you must unzip the extract the

WCWEB (Wildcat! Web Server)

- NEW: WcWebAuth is now automatically installed during Updates.

  The previous optional zip file which was provided
  during updates is now no longer distributed and it is automatically
  installed.  All older files updated are backed up as normal under
  the BACKUP-mmddyy folders.

  The reason is because the files in the ZIP are now considered stock
  and for the most part are required for proper web flow and operations.
  The main public\*.wct files it used are now simple templates with a
  single @include statement to include the new http\template files:

    http\public\login.wct           -> http\template\LoginPage.wct
    http\public\logout.wct          -> http\template\LogoutPage.wct
    http\public\newuser.wct         -> http\template\SignupPage.wct
    http\public\forgotpassword.wct  -> http\template\ForgotPasswordPage.wct

  In fact, login.wct, logout.wct and newuser.wct are no longer
  technically required as wcWEB will automatically look for their
  matching template file.

  Once again, any older public file are backed up so if you need the
  previous LOGIN.WCT for example, simple copy it from the backed up
  folder created during the AUP.  If this is the case, we highly
  recommend to use a custom file:


  instead thus avoiding any lost during future updates.

- FIX: Under VDG, WcNav connections were not released in the wcWEB
       monitor once the user disconnected. Minor memory issue fixed.

- FIX: VDG fix regarding current domain setting

- NEW: WcWEB now offers default support for User Forgotten Passwords.

  WcWEB will contiue to use 3rd party "LostPassword.htm" script if
  present in the PUBLIC folder.  If not present, it will use the
  new internal logic.

- ENH: WcWEB sigup process was enhanced with Captcha and Ajax.

- ENH: WCHTTP log files now have the HOST name in the file name.

- NEW: WCWEB will now detect empty content from CGI applications
       and respond for the following status:

       200   not found
       404   not found
       401   Force a login

- ENH: Who's Online was updated to have host field.

  Note: New templates html-who and who template required.

- FIX:  WCWEB will not set the environment strings if they are
        not defined:


WCT (Wildcat! Templates)

- ENH: @INC, @ADD macros can now be used to set user extended variables


       @INC User.Variable(MailArea{CONF.NUMBER},Joins})@
       @SET User.Variable(MailArea{CONF.NUMBER},LastVisit) = DATE TIME@

       This will increment the conference tracking in the user's
       extended database section, example area #12, and also track
       the last visit date/time:

          LastVisit=2009/12/02 14:22

       Note: You need to call @UPDATEUSER@ to commit the database
       or rely on the user logging off.

- ENH: DATETIME variables now have .AGE and .AGE.DAYS subfield.

       All DATETIME variables have subfields:



        dim age as integer = USER.BIRTHDATE.AGE

      Under WCT, examples are:

        @USER.BIRTHDATE.AGE@     returns the years since today.
        @MSG.MSGTIME.AGE.DAYS@   returns the days since today.

- CHG: Two macros showns the domains was changed to support VDG

       @DOMAIN@            - Shows Mail server domain name
       @HOST.DOMAIN@       - Show current HOST domain

WCCGI (Wildcat! CGI)

- FIX: WCWEB CGI/Scripts across networks.

  WCWEB CGI or Script Maps (i.e. PHP, PERL) operations now uses VDG
  domains and better supports running WCONLINE on a same or different
  machine which may or may not have a virtual domain associated with the
  web site.

- NEW: Running WCONLINE on 2nd machine for CGI/SCRIPT MAPS

  Unless the Virtual Domain HTTP paths are fully qualified, a 2nd
  wconline requires to manually create the following registry string:

    VALUE  : network location of WC6 folder.

  UNC can be used to avoid network drives.  You can use WCREGEDIT to create
  this key, for example:

    wcregedit /local

  where hdev1 is the computer where wcserver.exe is running and \\hdev1\d$\wc6
  is the UNC to the D:\WC6 folder on the HDEV1 machine.

  You can avoid creating this registry string if the VDG HTTP paths are fully
  quality and not relative to the Wildcat! root folder.

- DOC:  Summary Setup information for CGI/Script Maps

  Summary Administrator Setup for WcWEB CGI and Script Maps

  In the WCCONFIG | COMPUTERS setup for doors, external door processes
  need to know where its files are located thus the COMPUTERS section
  provides a Door Path field for default and specific computers running

  Similarily, there is a CGI PATH for each computer.  This CGI PATH
  is only used under two conditions:

     1) When the url has a /CGI/ alias part, or
     2) When the following script map option is checked.

         [X] Allow Script Maps in CGI Directory Only

  When the /CGI/ alias is used, the CGI PATH defined is where the EXE or
  script applet (like applet.php) is expected to be located.

  When the CGI Directory Only (CGI-DIR-ONLY) option is checked, the
  script is expected to be within the CGI PATH.

  If a URL sub-path is provided in the URL, then the translated
  sub-folder is expected below the cgi path.  Some examples:

    /cgi/applet.exe            -->   c:\cgi-bin\applet.exe
    /cgi/public/applet.exe     -->   c:\cgi-bin\public\applet.exe
    /cgi/private/applet.exe    -->   c:\cgi-bin\private\applet.exe
    /applet.php                -->   c:\cgi-bin\applet.php
    /public/applet.php         -->   c:\cgi-bin\public\applet.php
    /private/pwe/applet.php    -->   c:\cgi-bin\private\pwe\applet.php

  For script maps, when the CGI-DIR-ONLY is unchecked, then all scripts
  are expected to be within the DOCUMENT ROOT folder which is the
  HTTP sub folder by default:

    /applet.php                -->   http\applet.php
    /public/applet.php         -->   http\public\applet.php
    /private/pwe/applet.php    -->   http\private\pwe\applet.php

  Virtual Domains Groups (VDG) allow you to create different HTTP
  folders for different web host domains. For example:

     domain,com          --->   http\   <--- this is your default    --->   http1\    --->   http2\

  So if your URL is:

  The location of the script is:

      CGI-DIR-ONLY checked       --->  c:\cgi-bin\applet.php
      CGI-DIR-ONLY unchecked     --->  http2\applet.php

  The benefits of CGI-DIR-ONLY is (besides offering better security) is
  to use a single copy of the script in one location. Otherwise they
  need to be copied to each virtuall domain http path if you wish to
  offer the PHP script in a virtual domain.

  When running WCONLINE on a different computer other than the WCSERVER
  computer and you wish to offer the same PHP scripts on the main computer,
  you need to do one of two things:

  1) Use fully qualfied path names (FQPN) for the HTTP paths using
     network drives:

         http\  ===>   w:\wc6\http\

     where w:\wc6 is a mapped drive specifying the location of your
     Wildcat! root folder.

  2) On the 2nd computer set a registry string called ServerDirectory
     using the WcRegEdit utility:

        wcRegEdit /local /string:ServerDirectory /value:w:\wc6

     Using this method allows you to keep the HTTP paths relative.

WCSAP (Wildcat! Sender Authentication Protocol)

- NEW: WCSAP (v2.11) was updated to better support multi-machine
       WCSMTP setups.

MIMELIB (Wildcat! Mime Lib)

- FIX: Correction when adding header/footers by wcListServer for both
       base64 or uuencoded blocks.

WCVDG (Wildcat! Virtual Domain Groups)

- ENH: Major enhancements and fixes to VDG

- NEW: Public Web Root Folders.

  With VDG, you can now make your root HTTP folder public folders.

     [_] Web Root Is Public

  If set, then the HTTP document root folder is the public folder and no
  initial authentication is required.  Good for pure html web site or
  to make your WcWEB site a public system.

NOTE: The Wildcat! Clients (i.e, /client?file.wcn) still require authentication for usage. Enabling [X] Web Root Is Public will only make the direct resources under the HTTP folder public.

  See Virtual Domains: Public Web Sites for details.

WCSDK (Wildcat! Software Development Kit)

- NEW: TConnectionInfo now has Domain field

- NEW: New WCSDK Functions

   BOOL  APIENTRY WcGetVirtualDomainBool(const char *szDomain,
                                         const char *szSection,
                                         const char *szKey,
                                         BOOL *bVal,
                                         BOOL bDef);

   BOOL  APIENTRY WcGetVirtualDomainVar(const char *szDomain,
                                        const char *szSection,
                                        const char *szKey,
                                        char *szValue,
                                        const DWORD dwSize,
                                        const char *szDefault);

WCBASIC (Wildcat! BASIC Library/Compiler)

- FIX: Fixed the DateStringToDateTime() converter to support regional
       date formats such as dd-MMM-yyyy.

WCEVENT (Wildcat! Events Server)

- NEW: New Display Date Format


- NEW: Wcevent now has Registered Message Shutdown

  You can use WCPOSTWM to close Wcevent automatically by broadcasting
  the wcpostwm message:

     wcpostwm wildcat.shutdown.wcevent

- DOC: Using Wildcat! Event Scheduler (WCEVENT) under Windows.

  WCEVENT fails to run under certain versions of Windows like XP
  SP2, 2003 SP1 and newer OSes like 2008, VISTA and Windows 7.

  Microsoft will break WCEVENT.EXE (and thousands of other applications)
  in an attempt to fix its own security problems by breaking well
  established and trusted applications like WcEvent.exe. They have no
  consistency on how this is resolved for thousands of applications
  other than for applications to "White List" themselves.

  For Windows versions which offers Data Execution Protection (DEP),
  wcEvent will attempt to disable DEP for its own process in order to
  run correctly.  This appears to work under XP, 2008 and newer OSes.

  However, under Windows 2003, Microsoft decided that they want people
  to upgrade so 2003 will not allow WCEVENT to run unless you manually
  white list the application.

  The only solution under 2003 is to manually white list WCEVENT.EXE
  under the Data Executation Protection (DEP) dialog. You can find this
  under My Computer | Advanced | Performance where you will see the DEP

  Under this dialog, if you have the 2nd option enabled:

    (o) Turn on DEP for all programs..... except those I

  then you MUST add wcevent.exe to the exception list.

  Reason WCEVENT is unique:

  WCEVENT was written under an older Borland v4.5 C/C++ compiler using
  the OWL (Object Windows Library) framework. For some reason, after
  nearly 15 years of perfect OWL operation under Windows, Microsoft
  decided its using a "SetWindowLong() Thunking" method that it deems
  today insecure under Windows. Ironically, MS also uses this in its ATL
  (Active Template Library) framework so any application using ATL will
  have the same problem. Of course, MS will automatically white list and
  exempt its own products and applications but it will break all others.

WHO'S ONLINE (Wildcat! Who's Online Client)

- ENH: The WcWEB WHO client was greatly enhanced for flexible display.

See the new template\whos_online.htm for detailed comments about the new
features and options for the wcWeb Who's Online display.

Optional new drop template files, if created, will add additional
display items for each user displayed:

   info icons    template\custom\who-infoicon-XXXX.htm
   more info     template\custom\who-moreinfo.htm

Info Icons

Info Icons are designed for 3rd party developers to add a ICON click
to do "something".  For example:


would be an Info Icon from vendor or applet XYZ.  It contains any HTML
but expected to be an icon, such as this example:

  # Who's Online Info Icon for vendor XYZ
  <a href="/code/html-userinfo-xyz.wcx?uname=@SUB OTHERNODE.USER.NAME@"
     title="View @SUB OTHERNODE.USER.NAME@ Identity"
     target="_blank"><img border="0" src="/images/infoicon.gif"></a>
Info icons are displayed to the far right of the name table cell. Each
info icon should have a URL for the click and its own unique icon image
to help separate it from others.

More Info

More information about the user can be displayed below the name using
the following template:


This is useful for sysops to see more information about the user or
for 3rd party developers to write scripts to display information.
Its similar to the Info Icon but not expected to have an icon. It
could, but its more text oriented.

For example:
  # Who's Online More Info display for each user

  @//@ Show User Security - SYSOP ONLY CAN SEE THIS!

    <div style="color:navy; border-top: 1px solid black;">
     Security: @SUB OTHERUSER.SECURITY@<br>

WCVIEW (Wildcat! Console Viewer)

- NEW: Added /SERVER:xxxxxx command line support to wcview.exe