Web Apps Since 2004.

Is your website boring?  Kick it up a notch.  Encodable apps easily drop into your website to make it modern, fun, and interactive, with features like file uploads, user accounts, paid subscriptions, protected pages, live chat, visitor logging, mailing lists, and more.
All apps include:
• Money-back guarantee
• No monthly fees
• Free tech support
• Easy setup (we can even do it for you!)

Regex Bug in Apache's mod_include (SSI)

# Filed on Jul 14, 2006 by Anthony reply

Apache’s Server-Side Includes (SSI) feature, provided by mod_include, is a fantastic tool.  Not only does it let you pull content from other files (to include a standard header & footer across an entire site, for example), but it lets you use regular expressions to control flow and determine output.

Today I got bit by a nasty bug in Apache’s regex implementation, though.  In standard regular expression syntax, if you wanted to match this:

foo.shtml?1-5

...then you would need to escape the question-mark in your regex, like this:

/foo.shtml\?1-5/

However, that does not match in Apache’s SSI expr tests.

I spent a couple hours debugging the problem, trying different combinations of query-string, no query-string, trailing dollar-sign, escaped trailing dollar-sign, all to no avail.  I wrote up a test page that showed some base cases with an output of "matches" or "does not match" and it almost seemed that somehow the $REQUEST_URI didn’t actually include the $QUERY_STRING (even though echoing it did show the QS).

I only discovered the solution as I was preparing to file a bug in Apache’s bugzilla.  Someone else had had a related problem and in the course of discussing it, an Apache developer revealed that all backslashes must be escaped within regex portions of expr statements.  So instead of this:

<!--#if expr="$REQUEST_URI = /foo.shtml\?1-5/" -->

...you need to use this:

<!--#if expr="$REQUEST_URI = /foo.shtml\\?1-5/" -->

Now that’s buggy and ridiculous, but that in itself isn’t a huge deal.  What is a huge deal, though, is that nowhere in the mod_include documentation is this glaring flaw ever mentioned.

Reply to this message here:

Your name
Email (why?)
Website (if you have one)
Subject
search posts:

home | archives ]

Shopping Cart

Your cart is empty.

Client Quotes

Why didn't I just do this from the get-go?  So much easier.  Thanks for your work.  FileChucker makes my work easier.
– Dominic M.
The work, the thought and the organization you put into this app is incredible.
– Bruce C.
FileChucker is helping drive the backend of several high profile entertainment sites for people like Shania Twain and Dolly Parton.  We're also using it to drive backend file uploads for a multi-billion dollar banking institution.  It's a great product.  We've tried other "chucking" upload solutions with progress bars using flash and php, but nothing works as reliably as FileChucker.
– Michael W.
Just one word: Fantastic.  10-minute job to plug FileChucker into my app, and it now works a treat.  It's through the hard work by people like yourselves that make my job so much easier.  Congratulations on an outstanding product... Many many thanks.
– Sean F.
Do you know how rare it is to have a "canned" shopping cart that can easily do complex pricing options on a single item?  Basically, they don't exist!  I have looked.  Everywhere!  And the few that might even come close to CornerStore's functionality cost a fortune!
– Tashina P.
I just installed the demo of your product and got it up and running in no time.  I searched high and low for a decent login script and thank God I found yours.
– Adrian F.
Thank you VERY much for all of your help.  You've really impressed me.  We have support agreements for other software that costs thousands of dollars / year (just for the support), and most of them aren't as helpful as you have been.
– Keith Y.
Thanks again for a great product and great support - beyond expectations.
– Greg S.
The amount of customization in the program is incredible.  I was able to integrate it into my existing page layout relatively simply.  I was also able to easily customize the look/feel to match the current site.
– Jason M.
FileChucker is a great drop-in solution for file uploads, and worth every penny of its very reasonable cost.  Encodable's support is excellent to boot.
– Loren A.
Nice script, it's saving the day on our project.
– Aaron W.
You've done a wonderful job with FileChucker and UserBase, and they have made a big difference to how our website runs.
– Nicholas H.
I just want to say you guys really stand alone in that you have a quality product and you provide genuine customer service.  It's sad but those qualities are seldom found separately, much less together.  Thanks again for your time and help.
– Alex S.
I just wanted to say that yours is the first product that I've tested so far that hasn't failed on handling uploads.  This is going to work for a print company, so they are handling nothing but large files and all the other solutions I've tried so far have not been reliable.  So far yours has been 100% successful in my tests.
– Kevin H.
FileChucker is working great...  Clients love it.  Vendors love it.  We love it.
– Gerry W.
I looked all over trying to find a simple cgi script.  I found that FileChucker was by far the best.  If you have issues with your hosting service's php.ini max upload size then this is the way to go.  Looking forward to future enhancements.
– Bob C.
Our members think your software is fantastic...  I would recommend your software and your company to anyone.  Thanks for all your help.  It has been a pleasure dealing with you.
– Tommy A.