Re^6: Debugging a module that's failing under taint mode

Thank you kcott for such a thorough warning of the potential pitfalls...

I hope you can see where this is going. There is no such thing as "will only be used by" or "final version" or anything else absolute like that

Oh yes...I see where that is going.
That's exactly the reason I created the CRM module that I asked for help with back here -> [RFC] Review of module code and POD

Generally I have not been too bad at making code reusable.

There is no such thing as "will only be used by"

Well...I have some boilerplate code (I think that's the right term) which I use on nearly every website. It does the stuff I need for every site but for which the details are site specific. Things like displaying the headers and footers and putting in site wide default titles, descriptions, etc. The framework gets copied to each site and the site-specific values added in. Once that has happened, the code really is of no use anywhere else. If I wanted to recreate it, I'd make another copy of the code without any site values. This is what I mean by a module that will not get reused.

I would abstract all those functions into a generic module which would update all the functionality of all sites. Except I don't think it can be done...or at least I don't think I can do it. Every site has different levels of user tracking from none at all through just checking if the user is logged on all the way to having persistent session cookies linked to our central CRM so different browsers used by the same person get linked and all conversion activity tracked and recorded. The use cases seem to be too diverse to cover with a generic module.

My existing code is slowly being improved as I need to make changes. As part of that process I am looking for places to move similar things into a module.

More so with new code. I have just started working on a new phase of a project where, because of the history of the project, security is likely to be very important. So I am designing abstraction and data hiding into that from the start. Even to the point of only serving Javascript functions to users that have the appropriate privileges.

You've been here for less than a year with a clear appetite for learning and improvement

Thank you for your kind words.
It is certainly my intention to learn and to improve.

Comment on Re^6: Debugging a module that's failing under taint mode

Replies are listed 'Best First'.
Re^7: Debugging a module that's failing under taint mode by kcott (Archbishop) on Jul 04, 2021 at 22:39 UTC
The following provides a few hints regarding some of the points you mentioned. They are based on a current $work project so, while I can't give too much away, I do know that in principle it works and the information is up-to-date (i.e. not like the historical examples I posted earlier). Whenever I make a change to a module, that can be quite a bit of work in itself: the version must be changed in the code, POD, and potentially other places; I need to test the changes; I have to rerun the `make` cycle; and, a new distribution needs to be created and appropriately disseminated. Any modules that depend on the first module also need varying amounts of similar work: version updates; changes to `Makefile.PL`; and so on. I would much prefer to avoid all of this tedious effort wherever possible. I assume by "framework" that you are referring to a basic layout to provide a consistent look-and-feel across different pages. I create a single template for all of these pages. The text for things like the title in the header, copyright date in the footer, and so on, is all held in configuration files. If, say, I find a typo somewhere, I just make a change to a configuration file. Pages reuse a single generic module. I have situations where different JavaScript files need to be provided. My template has code like this: `<% BLOCK script_js %> <script src="<% request.uri_base %>/js/<% js_file %>"></script +> <% END %> <% FOREACH js_file = js_files %> <% PROCESS script_js %> <% END %>` [download] My module code provides the list of `*.js` files (`js_files`) to the template; that then generates an appropriate list of `<script>` elements. Your list might include `core.js` and then, depending on the outcome of authentication, either `guest.js`, `standard.js`, or `manager.js` (of course, I'm completely guessing about your requirements and naming conventions). I have similar code for generating a list of `<link>` elements for CSS files. I wrote the module code to be generic from the outset. When the project moved from version 1 to version 2, I needed to make various changes or additions to config, template, JS and CSS files; however, the module remains unchanged at version `0.001`. — Ken	[reply] [d/l] [select]

Replies are listed 'Best First'.

Re^7: Debugging a module that's failing under taint mode
by kcott (Archbishop) on Jul 04, 2021 at 22:39 UTC

The following provides a few hints regarding some of the points you mentioned. They are based on a current $work project so, while I can't give too much away, I do know that in principle it works and the information is up-to-date (i.e. not like the historical examples I posted earlier).

Whenever I make a change to a module, that can be quite a bit of work in itself: the version must be changed in the code, POD, and potentially other places; I need to test the changes; I have to rerun the make cycle; and, a new distribution needs to be created and appropriately disseminated. Any modules that depend on the first module also need varying amounts of similar work: version updates; changes to Makefile.PL; and so on. I would much prefer to avoid all of this tedious effort wherever possible.

I assume by "framework" that you are referring to a basic layout to provide a consistent look-and-feel across different pages. I create a single template for all of these pages. The text for things like the title in the header, copyright date in the footer, and so on, is all held in configuration files. If, say, I find a typo somewhere, I just make a change to a configuration file. Pages reuse a single generic module.

I have situations where different JavaScript files need to be provided. My template has code like this:

        <% BLOCK script_js %>
        <script src="<% request.uri_base %>/js/<% js_file %>"></script
+>
        <% END %>
        <% FOREACH js_file = js_files %>
            <% PROCESS script_js %>
        <% END %>
[download]

My module code provides the list of *.js files (js_files) to the template; that then generates an appropriate list of <script> elements. Your list might include core.js and then, depending on the outcome of authentication, either guest.js, standard.js, or manager.js (of course, I'm completely guessing about your requirements and naming conventions).

I have similar code for generating a list of <link> elements for CSS files.

I wrote the module code to be generic from the outset. When the project moved from version 1 to version 2, I needed to make various changes or additions to config, template, JS and CSS files; however, the module remains unchanged at version 0.001.

— Ken

[reply]
[d/l]
[select]