Version 6.3 Build 453.3
SPECIAL NOTES ABOUT THIS UPDATE:
Build 453.3 is a plug and play update with a few general fixes, some new features and enhancements. The main focus was with the Virtual Domains and CGI/Script maps. A new major option for WcWEB under VDG allow for the creation of Public Web Sites. Please see the Special Upgrade Notes for this AUP update.
Changes, Fixes, New Features and Enhancements by Wildcat! Component
WCSERVER (Wildcat! Server)
- FIX: Fixed a Virtual Domain bug with the WC:\HTTP translation that as still using an older IP-based translation rather then the new host domain based. - ENH: Newer VDG setup allows for parent domain matching and optional IP association. Its now possible to have a VDG: santronics.com and subdomains, such as www.santronics.com will be match against the parent vdg. if www.santronics.com exist as a VDG, then it will be used directly. This eliminate the need to have multiple subdomain alias or cname defined records as VDG. You can also optionally assign an IP address so that direct IP based URL can be matched against the VDG. This eliminate the need to have an IP based VDG record that covers the main domain.
- FIX: SSL Socket Shutdown Fixed a SSL socket shutdown issue that was revealed with the FTP client FileZilla. While no other FTP client had a problem, the logic was incorrect and was fixed in this updaed. This fix should improve the SSL socket shutdown for all SSL connections, including HTTPS. NOTE: In order to implement the fix, you must unzip the extract the WCSSL.ZIP file.
- NEW: WcWebAuth is now automatically installed during Updates. The previous optional zip file wcWebAuth.zip which was provided during updates is now no longer distributed and it is automatically installed. All older files updated are backed up as normal under the BACKUP-mmddyy folders. The reason is because the files in the ZIP are now considered stock and for the most part are required for proper web flow and operations. The main public\*.wct files it used are now simple templates with a single @include statement to include the new http\template files: http\public\login.wct -> http\template\LoginPage.wct http\public\logout.wct -> http\template\LogoutPage.wct http\public\newuser.wct -> http\template\SignupPage.wct http\public\forgotpassword.wct -> http\template\ForgotPasswordPage.wct In fact, login.wct, logout.wct and newuser.wct are no longer technically required as wcWEB will automatically look for their matching template file. Once again, any older public file are backed up so if you need the previous LOGIN.WCT for example, simple copy it from the backed up folder created during the AUP. If this is the case, we highly recommend to use a custom file: http\template\custom\loginpage.wct instead thus avoiding any lost during future updates. - FIX: Under VDG, WcNav connections were not released in the wcWEB monitor once the user disconnected. Minor memory issue fixed. - FIX: VDG fix regarding current domain setting - NEW: WcWEB now offers default support for User Forgotten Passwords. WcWEB will contiue to use 3rd party "LostPassword.htm" script if present in the PUBLIC folder. If not present, it will use the new internal logic. - ENH: WcWEB sigup process was enhanced with Captcha and Ajax. - ENH: WCHTTP log files now have the HOST name in the file name. - NEW: WCWEB will now detect empty content from CGI applications and respond for the following status: 200 not found 404 not found 401 Force a login - ENH: Who's Online was updated to have host field. Note: New templates html-who and who template required. - FIX: WCWEB will not set the environment strings if they are not defined: DOCUMENT_ROOT PATH_INFO PATH_TRANSLATED QUERY_STRING SCRIPT_FILENAME SCRIPT_NAME
- ENH: @INC, @ADD macros can now be used to set user extended variables Example: @INC User.Variable(MailArea{CONF.NUMBER},Joins})@ @SET User.Variable(MailArea{CONF.NUMBER},LastVisit) = DATE TIME@ This will increment the conference tracking in the user's extended database section, example area #12, and also track the last visit date/time: [MailArea12] Joins=3 LastVisit=2009/12/02 14:22 Note: You need to call @UPDATEUSER@ to commit the database or rely on the user logging off. - ENH: DATETIME variables now have .AGE and .AGE.DAYS subfield. All DATETIME variables have subfields: DATETIME.Year DATETIME.Month DATETIME.Day DATETIME.Hour DATETIME.Minute DATETIME.Second DATETIME.MilliSeconds DATETIME.DayNumber DATETIME.DayOfWeek DATETIME.TimeNumber DATETIME.Age DATETIME.Age.Days Example: dim age as integer = USER.BIRTHDATE.AGE Under WCT, examples are: @USER.BIRTHDATE.AGE@ returns the years since today. @MSG.MSGTIME.AGE.DAYS@ returns the days since today. - CHG: Two macros showns the domains was changed to support VDG @DOMAIN@ - Shows Mail server domain name @HOST.DOMAIN@ - Show current HOST domain
- FIX: WCWEB CGI/Scripts across networks. WCWEB CGI or Script Maps (i.e. PHP, PERL) operations now uses VDG domains and better supports running WCONLINE on a same or different machine which may or may not have a virtual domain associated with the web site. - NEW: Running WCONLINE on 2nd machine for CGI/SCRIPT MAPS Unless the Virtual Domain HTTP paths are fully qualified, a 2nd wconline requires to manually create the following registry string: REG_STR: HKLM\SSI\WILDCAT\NETWORK\wcserver_computer_name\SERVERDIRECTORY VALUE : network location of WC6 folder. UNC can be used to avoid network drives. You can use WCREGEDIT to create this key, for example: wcregedit /local /string:network\hdev1\serverdirectory /value:\\hdev1\d$\wc6 where hdev1 is the computer where wcserver.exe is running and \\hdev1\d$\wc6 is the UNC to the D:\WC6 folder on the HDEV1 machine. You can avoid creating this registry string if the VDG HTTP paths are fully quality and not relative to the Wildcat! root folder. - DOC: Summary Setup information for CGI/Script Maps Summary Administrator Setup for WcWEB CGI and Script Maps In the WCCONFIG | COMPUTERS setup for doors, external door processes need to know where its files are located thus the COMPUTERS section provides a Door Path field for default and specific computers running WCONLINE. Similarily, there is a CGI PATH for each computer. This CGI PATH is only used under two conditions: 1) When the url has a /CGI/ alias part, or 2) When the following script map option is checked. [X] Allow Script Maps in CGI Directory Only When the /CGI/ alias is used, the CGI PATH defined is where the EXE or script applet (like applet.php) is expected to be located. When the CGI Directory Only (CGI-DIR-ONLY) option is checked, the script is expected to be within the CGI PATH. If a URL sub-path is provided in the URL, then the translated sub-folder is expected below the cgi path. Some examples: /cgi/applet.exe --> c:\cgi-bin\applet.exe /cgi/public/applet.exe --> c:\cgi-bin\public\applet.exe /cgi/private/applet.exe --> c:\cgi-bin\private\applet.exe /applet.php --> c:\cgi-bin\applet.php /public/applet.php --> c:\cgi-bin\public\applet.php /private/pwe/applet.php --> c:\cgi-bin\private\pwe\applet.php For script maps, when the CGI-DIR-ONLY is unchecked, then all scripts are expected to be within the DOCUMENT ROOT folder which is the HTTP sub folder by default: /applet.php --> http\applet.php /public/applet.php --> http\public\applet.php /private/pwe/applet.php --> http\private\pwe\applet.php Virtual Domains Groups (VDG) allow you to create different HTTP folders for different web host domains. For example: domain,com ---> http\ <--- this is your default host1.domain.com ---> http1\ host2.domain.com ---> http2\ So if your URL is: http://host2.domain.com/applet.php The location of the script is: CGI-DIR-ONLY checked ---> c:\cgi-bin\applet.php CGI-DIR-ONLY unchecked ---> http2\applet.php The benefits of CGI-DIR-ONLY is (besides offering better security) is to use a single copy of the script in one location. Otherwise they need to be copied to each virtuall domain http path if you wish to offer the PHP script in a virtual domain. When running WCONLINE on a different computer other than the WCSERVER computer and you wish to offer the same PHP scripts on the main computer, you need to do one of two things: 1) Use fully qualfied path names (FQPN) for the HTTP paths using network drives: http\ ===> w:\wc6\http\ where w:\wc6 is a mapped drive specifying the location of your Wildcat! root folder. 2) On the 2nd computer set a registry string called ServerDirectory using the WcRegEdit utility: wcRegEdit /local /string:ServerDirectory /value:w:\wc6 Using this method allows you to keep the HTTP paths relative.
WCSAP (Wildcat! Sender Authentication Protocol)
- NEW: WCSAP (v2.11) was updated to better support multi-machine WCSMTP setups.
- FIX: Correction when adding header/footers by wcListServer for both base64 or uuencoded blocks.
WCVDG (Wildcat! Virtual Domain Groups)
- ENH: Major enhancements and fixes to VDG - NEW: Public Web Root Folders. With VDG, you can now make your root HTTP folder public folders. [_] Web Root Is Public If set, then the HTTP document root folder is the public folder and no initial authentication is required. Good for pure html web site or to make your WcWEB site a public system.
NOTE: The Wildcat! Clients (i.e, /client?file.wcn) still require authentication for usage. Enabling [X] Web Root Is Public will only make the direct resources under the HTTP folder public.
See Virtual Domains: Public Web Sites for details.
WCSDK (Wildcat! Software Development Kit)
- NEW: TConnectionInfo now has Domain field - NEW: New WCSDK Functions BOOL APIENTRY WcGetVirtualDomainBool(const char *szDomain, const char *szSection, const char *szKey, BOOL *bVal, BOOL bDef); BOOL APIENTRY WcGetVirtualDomainVar(const char *szDomain, const char *szSection, const char *szKey, char *szValue, const DWORD dwSize, const char *szDefault);
WCBASIC (Wildcat! BASIC Library/Compiler)
- FIX: Fixed the DateStringToDateTime() converter to support regional date formats such as dd-MMM-yyyy.
WCEVENT (Wildcat! Events Server)
- NEW: New Display Date Format - ENH: Cleaner WCEVENT.LOG - NEW: Wcevent now has Registered Message Shutdown You can use WCPOSTWM to close Wcevent automatically by broadcasting the wcpostwm message: wcpostwm wildcat.shutdown.wcevent - DOC: Using Wildcat! Event Scheduler (WCEVENT) under Windows. WCEVENT fails to run under certain versions of Windows like XP SP2, 2003 SP1 and newer OSes like 2008, VISTA and Windows 7. Microsoft will break WCEVENT.EXE (and thousands of other applications) in an attempt to fix its own security problems by breaking well established and trusted applications like WcEvent.exe. They have no consistency on how this is resolved for thousands of applications other than for applications to "White List" themselves. For Windows versions which offers Data Execution Protection (DEP), wcEvent will attempt to disable DEP for its own process in order to run correctly. This appears to work under XP, 2008 and newer OSes. However, under Windows 2003, Microsoft decided that they want people to upgrade so 2003 will not allow WCEVENT to run unless you manually white list the application. The only solution under 2003 is to manually white list WCEVENT.EXE under the Data Executation Protection (DEP) dialog. You can find this under My Computer | Advanced | Performance where you will see the DEP tab. Under this dialog, if you have the 2nd option enabled: (o) Turn on DEP for all programs..... except those I select: then you MUST add wcevent.exe to the exception list. Reason WCEVENT is unique: WCEVENT was written under an older Borland v4.5 C/C++ compiler using the OWL (Object Windows Library) framework. For some reason, after nearly 15 years of perfect OWL operation under Windows, Microsoft decided its using a "SetWindowLong() Thunking" method that it deems today insecure under Windows. Ironically, MS also uses this in its ATL (Active Template Library) framework so any application using ATL will have the same problem. Of course, MS will automatically white list and exempt its own products and applications but it will break all others. YEAH MICROSOFT!
WHO'S ONLINE (Wildcat! Who's Online Client)
- ENH: The WcWEB WHO client was greatly enhanced for flexible display. See the new template\whos_online.htm for detailed comments about the new features and options for the wcWeb Who's Online display. Optional new drop template files, if created, will add additional display items for each user displayed: info icons template\custom\who-infoicon-XXXX.htm more info template\custom\who-moreinfo.htm Info Icons Info Icons are designed for 3rd party developers to add a ICON click to do "something". For example: template\custom\who-infoicon-XYZ.htm would be an Info Icon from vendor or applet XYZ. It contains any HTML but expected to be an icon, such as this example:
@COMMENT@ #----------------------------------------------------------- # Who's Online Info Icon for vendor XYZ #----------------------------------------------------------- @ENDCOMMENT@ <a href="/code/html-userinfo-xyz.wcx?uname=@SUB OTHERNODE.USER.NAME@" title="View @SUB OTHERNODE.USER.NAME@ Identity" target="_blank"><img border="0" src="/images/infoicon.gif"></a>
Info icons are displayed to the far right of the name table cell. Each info icon should have a URL for the click and its own unique icon image to help separate it from others. More Info More information about the user can be displayed below the name using the following template: template\custom\who-moreinfo.htm This is useful for sysops to see more information about the user or for 3rd party developers to write scripts to display information. Its similar to the Info Icon but not expected to have an icon. It could, but its more text oriented. For example:
@COMMENT@ #----------------------------------------------------------- # Who's Online More Info display for each user #----------------------------------------------------------- @ENDCOMMENT@ @//@------------------------------------------------------- @//@ Show User Security - SYSOP ONLY CAN SEE THIS! @//@------------------------------------------------------- @IF ACCESS.OID.OBJECTID_MASTER_SYSOP@ <div style="color:navy; border-top: 1px solid black;"> Security: @SUB OTHERUSER.SECURITY@<br> LastCall: @SUB OTHERUSER.LASTCALL@<br> </div> @ENDIF@
WCVIEW (Wildcat! Console Viewer)
- NEW: Added /SERVER:xxxxxx command line support to wcview.exe