Nes - The ultimate template system for HTML, the Web and Perl
use Nes; my $nes = Nes::Singleton->new('template.nhtml'); my $nes_tags = {}; $nes_tags->{'var_hello'} = 'Hello World!'; $nes->out(%$nes_tag);
Nes (No Embedded Source) a system for separating Perl executable code and the representation of the data generated in HTML using Tags are replaced with variables created in Perl.
Nes can do for you? With Nes can do the same or more than any other template system, only much faster and easier. The time is the most valuable resource.
With Nes you can NOT:
- Embed Perl code in the template.
- Modify aplication data from the template.
- Emulating an interpreter or language in the template.
To do these things, there is already a system called PHP. :-)
Nes Callback:
.----------------------------------------------. | | Nes Object | | | '------------' | | .-------------------. .-----------------. | | | template.nhtml | | script.pl | | | |-------------------| |-----------------| | | | _ |--->| _ _ | | | | | |<---| | | | | | '--------|----------' '----|-------|----' | '----------|--------------------|-------|------' | | | | | '------------------. | | | v v v .----------------------. .-----------------------. .------------. | | | | | | | Nes Object Library | | My App Perl Library | | CPAN | | | | | | | '----------------------' '-----------------------' '------------'
Nes Data Flow:
.------------. .-----------------------. | | | | | DATA |------->| My App Perl Library | | | | | '------------' '-----------------------' | | '--------------------------. | .---------------------------------|-----|-----. | | Nes Object | | | | | '------------' v v | | .------------------. .-----------------. | | | template.nhtml |<---| script.pl | | | '------------------' '-----------------' | '----------|----------------------------------' v .---------------------. | OUT | '---------------------'
Nes has only ten Tags to include in the HTML, and a single object to instantiate in Perl. You can start working with Nes in hours, not weeks or months as in other systems.
Transparent management of code injection and cross-site scripting. Plugins for creating secure forms, Forms and Captcha.
Live sample: http://nes.sourceforge.net/miniblog/en/?action=login
Object-oriented paradigm which enables you to reuse your code or use third-party libraries. Objects are the main feature that makes Nes different from other systems.
Full Debug for templates, customizable through templates Nes.
Live sample: http://nes.sourceforge.net/hello_nes/tests/?action=others
Nes is oriented at HTML and not the Perl code. Nes exported very few Perl functions, also to simplify, Nes Objects may also contain HTML, Javascript, CSS, Ajax, etc.. even PHP, or trail mix.
Full support of PHP Wrapper. Nes as Wrapper can use to add functionality to other types as HTML, or PHP to exchange information.
Support for mod_perl.
Creating and managing user sessions.
You can add functionality using plugins to Nes, you can create your own or use by third parties.
Insert parts of PHP code in Nes only have to type a tag, Nes allow the inclusion in your script templates in other languages other than Perl without writing a single line of Perl code. Moreover, most of them can contain Tags Nes.
Live sample: http://nes.sourceforge.net/miniblog/en/?action=item&item=Include%20PHP%20and%20others
You can insert SQL SELECT statements in your templates directly.
Nes provides configuration files per directory.
use Nes; my = Nes::Singleton->new('template.nhtml'); my $nes_tags = {}; $nes_tags->{'var_hello'} = 'Hello World!'; $nes->out(%$nes_tag);
{: NES 1.0 ('hello.cgi') :} <html> <head> <title>Nes Hello World</title> </head> <body> <b>{: $ var_hello :}</b> </body> </html>
See Nes::Tutorial
Sample to use Nes; http://nes.sourceforge.net/
Nes requires configuration of you cgi-bin and .htaccess for directory of the Nes templates.
To active and configure Nes use utility: set_nes_site
Active Nes in /usr/lib/cgi-bin:
set_nes_site --cgi_dir=/usr/lib/cgi-bin
Configure Nes for directory /var/www/myweb:
set_nes_site --dir_cfg=/var/www/myweb
Configure Nes for all site:
set_nes_site --dir_cfg=/var/www
Install hello world and test examples in /var/www/test_nes:
set_nes_site --from_exam=hello_nes --to_exam=/var/www/test_nes
More help:
set_nes_site --help
* Change /usr/lib/cgi-bin and /var/www for you particular path
For configured Nes locally find you path to Nes.pm and add in iprefix in cgi_dir and from_exam options.
set_nes_site --cgi_dir=/usr/lib/cgi-bin --iprefix=/home/USER/path-to-Nes
* Change /usr/lib/cgi-bin and /home/USER/path-to-Nes for you particular path
cgi_dir option of the set_nes_site utility, create a file like this:
# ---------- Nes configuration -------------- # exec cgis Options +ExecCGI AddHandler cgi-script .cgi .pl # Nes nhtml files AddHandler perl-nes .nhtml AddHandler perl-nes .nhtm # nes dispatcher Action perl-nes /cgi-bin/nes/dispatch.cgi # protected Nes configuration and other files <FilesMatch \.(nsql|nes.cfg)$> order deny,allow deny from all </FilesMatch> #---------------------------------------------
Usually the procedure for using a template would be:
Template->new('template');
The Perl script calls the template.
In Nes, template calls to Perl script:
{: NES 1.0 ('script.pl') :} <html> ...
Usually the procedure for output a template would be:
Template->out;
The Perl script handles the output.
In Nes, template handles the output.
Usually must call many methods to manage the template.
In Nes, no need to call more than one or two methods, and in many cases none:
{: NES 1.0 none :} { # no Perl script requires :} <html> ...
Extremely simple, in most cases you just need to do this:
use Nes; my $nes = Nes::Singleton->new('template.nhtml'); my %tags; # the things that make your script... ... # set variables for output $tags{'var_hello'} = 'Hello World!'; # the things that make your script... ... # send variables to Nes $nes->out(%$nes_tag);
And in case you want to use user session?
Too. Only in special cases need access Nes::Singleton, consider this example:
{: NES 1.0 ('index.cgi') :} <html> ... {: ~ ( ! *nes_session_ok ) {: include ('user_register.nhtml') :} :} ... </html>
The perl script required is:
none! :-) easy?
For this case we can rewrite the template as follows:
{: NES 1.0 none :} <html> ... {: ~ ( ! *nes_session_ok ) {: include ('user_register.nhtml') :} :} ... </html>
So to create the session:
{: NES 1.0 none :} <html> ... {: ~ ( $login_ok ) {: include ( '{: * cfg_obj_top_dir :}/session.nhtml', 'create', '{: * q_user :}', '30m' ) :} :} ... </html>
* In this example we assumed that there is a form that gives value {: * q_user :} or/and an object that defines Nes {: $ login_ok :}
Nes is oriented at HTML and not the Perl code.
See: Nes::Singleton
Nes instructions consist of blocks enclosed in braces, the keys to open and close a block are respectively:
{: and :}
The Tags are the word or symbol that precedes the keys to open the block. Similar to the HTML Tags. The Tag Nes syntax is:
{: TAG [(parameters)] [HTML] :}
TAG can be:
# Comment $ Variable * Environment variable ~ Expression sql SQL SELECT @ Data table @$ Field in a data table include include a file NES Nes & Plugin
It allows abbreviated as follows:
{: $ ( 'variable' ) :} {: $ ( variable ) :} {: $ variable :} {: $variable :}
The four forms have the same meaning.
Parentheses are not required provided there are no spaces between the parameters:
{: ~ $variable <p> HTML code </p> :} <- * unnecessary {: ~ ($ variable1 == $ variable2) <p> HTML code </p> :} <- * required
Use quotation marks and commas in the parameters:
{: include ('template.nhtml', 'The \'Title\'', 'one, two and three' ) :} {: include ('{: * cfg_obj_top_dir :}/Nes/form/secure_login.nhtml', " script_handler => 'my_script_handler.pl', function_handler => 'my_function_handler', form_name => 'my_form_1', " ) :}
All Tags except NES may occupy several lines:
{: # If variable returns true you see "HTML code" :} {: ~ ( $ variable ) <p>HTML code</p> :}
{: # comment :}
Block is removed and not displayed in the HTML output.
{: NES 1.0 none :} <html> <head> <title>Nes sample</title> </head> <body> {: # this is a comment :} </body> </html>
{: $ variable :}
The block is replaced by the value of "variable" that must have been previously defined in our Perl script, of not being the block is replaced by an empty string.
template.nhtml:
{: NES 1.0 ('script.pl') :} <html> <head> <title>Nes sample</title> </head> <body> <b>{: $ var_name :}</b> </body> </html>
script.pl:
use Nes; my $nes = Nes::Singleton->new('template.nhtml'); my $nes_tags = {}; $nes_tags->{'var_name'} = 'Hello!'; $nes->out(%$nes_tags);
{: * environment_variable :}
The block is replaced by the value of environment_variable which is an environment variable Nes.
Nes defined all CGI environment as:
{: * env_SERVER_NAME :} {: * env_DOCUMENT_ROOT :} etc...
All parameters passed in the GET and POST methods, add 'q_' at the beginning of the name of the variable:
{: * q_varname :}
The varibles in the configuration file as:
{: * cfg_varname :}
Other:
Current Directory:
{: * nes_this_dir :}
Current file:
{: * nes_this_file :}
NES version:
{: * nes_ver :}
Language:
{: * nes_accept_language :}
{: ~ (expression) HTML :}
The block is replaced by "HTML" if expression is true. Expression can be any valid Perl expression, including Perl regular expressions, the variable can only be a $ variable, environment *, or a literal:
{: ~ ( $ variable =~ /hello/ ) <p>variable greets us</p> :} {: ~ ( * variable ) <p>variable is defined</p> :} {: ~ ( ! * variable ) <p>variable is not defined</p> :}
The expressions that result in the assignment of a variable, return true or false but the assignment has no effect:
{: ~ ( $ variable = 1 ) <p>value does not change</p> :}
{: @ (table) HTML :}
The block is replaced and is repeated by "HTML" as many times as records have Table. We refer to each field in each record with:
{: @$ table.field :}
Table must be defined in our Perl script as an array of hashes reference.
In script.pl:
my $table = [ { name => 'one', email => 'one@example.com', }, { name => 'two', email => 'two@example.com', }, { name => 'three', email => 'three@example.com', } ]; $tag{'users'} = $table;
In template.nhtml:
<table> {: @ users <tr> <td> {: @$ users.name :} </td> <td> {: @$ users.email :} </td> </tr> :} </table>
Where "field" is the name of the field in the table. {: @$ table.field :} is a property of {: @ (table) HTML :} or {: sql (SQL SELECT) HTML :}
{: sql (SQL SELECT) HTML :}
The block is replaced and is repeated by "HTML" for each record returned by the query. The operation is similar to Tag @. The SQL statement must begin with SELECT.
It reads the configuration (.nes.cfg) the following variables to access the database:
DB_base = base_name DB_user = user DB_pass = password DB_driver = mysql DB_host = localhost DB_port = 3306
Sample:
<table> {: sql ( 'SELECT * FROM `table` WHERE 1 LIMIT 5;' ) <tr> <td> {: @$ table.name :} </td> <td> {: @$ table.email :} </td> </tr> :} </table>
{: include ('file') :}
The block is replaced by the file "file", file can be a nhtml, nsql, html, php, sh, text, perl, etc..
You can send parameters to the included file:
{: include ('file.nhtml','param', ... ) :}
These will be received in the file nHtml environment variables as:
q_filename_param_number {: * q_file_param_1 :}
And in the Perl script with similar notation, excluding 'q_' in the query:
use Nes; my $nes = Nes::Singleton->new('file.nhtml'); my $q = $nes->{'query'}->{'q'}; my $param = $q->{'file_param_1'};
The included file inherits the parent tags
{: NES ver ('file') :}
It is similar to a line of files unix shell (#!/usr/bin/...) indicating that script must be run.
In the absence of this line is treated as HTML file (type text/html) without replacing any of Tags. If you do not need any Perl script but you want the file to be treated as replacement Tag Nes:
{: NES 1.0 ('') :}
Or explicitly stating 'none' to avoid any suggestion that this is an error or oversight:
{: NES 1.0 ('none') :}
For clarity we recommend this:
{: NES 1.0 none :}
{: & tag (param...) :}
Reserved for use by plugins.
Nes Objects are bits of code, NES, HTML, JavaScript, Perl... or a mixture. Any script can become an object Nes, so it is not necessary to rewrite the code.
.------------------------------------------------------------------------------------. | | Nes Object | | | '------------' | | .-----------------------------------. .---------------------------------------. | | | template.nhtml | | script.pl | | | |-----------------------------------| |---------------------------------------| | | | |--->| | | | | {: Nes 1.0 ('script.pl') :} | | Nes::Singleton->new('template.nhtml') | | | | |<---| | | | '-----------------------------------' '---------------------------------------' | '------------------------------------------------------------------------------------'
The script can be a Perl script only, but 'template' can be almost any non-binary file:
.----------------------------------------------. | | Nes Object | | | '------------' | | .-------------------. .-----------------. | | | template.js | | script.pl | | | |-------------------| |-----------------| | | | (JavaScript) |--->| | | | | |<---| | | | '-------------------' '-----------------' | '----------------------------------------------' .----------------------------------------------. | | Nes Object | | | '------------' | | .-------------------. .-----------------. | | | template.php | | script.pl | | | |-------------------| |-----------------| | | | (PHP) |--->| | | | | |<---| | | | '-------------------' '-----------------' | '----------------------------------------------'
etc...
We call an object with include:
{: include ( 'object.nhtml', [ parameter list ] ) :}
The objects may reside in any directory. A simple example is the object location.nhtml that redirects to another page:
{: include ( '{: * cfg_obj_top_dir :}/location.nhtml', 'http://example.com/page.nhtml', '301 Moved Permanently' ) :}
Nes Objects offers many opportunities for code reuse. Nes The idea is to have a huge library of objects, so you only have to write code for individual cases, disposing of objects commonly used for the login, sessions, etc.. work to create a Web with Nes will virtually mount templates and Web design.
With Nes can not create objects, you can invoke/include objects in your templates, but the object must be created in Perl, HTML, JavaScript, etc.. Or a mixture of all with a template Nes or not.
As an example we have encapsulated part of LWP in an Nes Object:
{: include ('{: * cfg_obj_top_dir :}/lwp.nhtml', URL, extrac, {: # default: content | status | Content-Type | title | head | body | star:-:end | :-:star:-:end:-: :} method, {: # default: GET | POST :} query, {: # query: 'name=Jose&email=jose@sample.com' :} charset, {: # default: no change | ISO | UTF-8 :} useragent {: # default: Nes/0.8 :} email {: # user agent email. default: $ENV{'SERVER_ADMIN'} :} ) :} extrac: <tag>:-:</tag> Return tag content without tags: '<tag></tag>' :-:<tag>:-:</tag>:-: Return tag content and include tags: '<tag></tag>' Defined: {: $ status :} # Status response {: $ request :} # request send {: $ Content-Type :} # Content type {: $ content :} # All HTML content {: $ title :} # Title Tag content {: $ head :} # Head Tag content {: $ body :} # Body Tag content {: $ extrac :} # extrac return value
To test our object we have created a page test_page.html of which we can extract the "Title" as follows:
{: include ('{: * cfg_obj_top_dir :}/lwp.nhtml', 'http://nes.sourceforge.net/miniblog/es/test_page.html', title ) :}
Out:
Test Page - Sample to use Nes;
We created our object so we can directly call the Perl script without the template nhtml:
{: include ('{: * cfg_obj_top_dir :}/lwp.pl', 'http://nes.sourceforge.net/miniblog/es/test_page.html', title ) :}
We may also create a new template for this Perl script. lwp.pl defines the following Nes Tags:
{: $ status :} # Status response {: $ request :} # request send {: $ Content-Type :} # Content type {: $ content :} # All HTML content {: $ title :} # Title Tag content {: $ head :} # Head Tag content {: $ body :} # Body Tag content {: $ extrac :} # extrac return value
Then to create a small one-page report:
{: NES 1.0 ('./lwp.pl') :} Status:<br> {: $ status :}<br> Title:<br> {: $ title :}<br> Content type:<br> {: $ Content-Type :}<br> Head:<br> {: $ head :}<br> Extrac:<br> {: $ extrac,yes_html :}
Name as lwp_custom.nhtml, store it in the obj directory, and finally we can invoke like this:
{: include ('{: * cfg_obj_top_dir :}/lwp_custom.nhtml', 'http://nes.sourceforge.net/miniblog/es/test_page.html' 'title' ) :}
Status: 200 OK Title: Test Page - Sample to use Nes; Content type: text/html Head: <meta http-equiv="content-type" content="text/html;charset=ISO-8859-1" /> <title>Test Page - Sample to use Nes;</title> Extrac: Test Page - Sample to use Nes;
See: Nes::Obj::secure_login, Nes::Obj::multi_step
With the HTTP-headers variable we have to define in our Perl script:
use Nes; my $nes = Nes::Singleton->new('template.nhtml'); my $nes_tags = {}; $nes_tags->{'HTTP-headers'} = "Content-type: text/html\n\n"; $nes->out(%$nes_tags);
We can control the headers of the HTML output.
When Nes verifies that HTTP-headers has value, prints its content and not the headers by default. Should be included immediately after the NES Tag:
{: NES 1.0 ('file.pl') :} {: $ HTTP-headers :}
If you define HTTP-headers and then not included with {: $ HTTP-headers :} we get an error. * This is not required from version 1.03.
You can use any module of CPAN to create the HTTP headers. The difference is that you can not send them directly to the output, assign it to the variable {'HTTP-headers'}
use Nes; use CGI ':standard'; my $nes = Nes::Singleton->new('template.nhtml'); my $cgi = CGI->new(); my %tags = {}; print $cgi->header('text/html'); <- It will not work $tags->{'HTTP-headers'} = $cgi->header('text/html'); <- Ok $nes->out(%tags);
Nes transparently manages the removal of malicious code variables.
By default is filtered HTML and the tags Nes all environment variables (*) from forms.
By default is filtered HTML and the tags of all the variables Nes ($).
By default is filtered HTML and the tags Nes all the variables of Tables and SQL (@$).
By default HTML is allowed <br> HTML Tag.
By default, calls DBI::quote on all variables that are part of a SELECT statement in sql Tag
The types of variables x, $ y @$ accept parameters to change this behavior:
{: $ ('var','yes_html','no_sql') :} {: * ('q_var','yes_html','no_sql') :} {: @$ ('table.field','yes_html','no_sql') :}
We passed as parameters the filtering options you want, and are:
no_sql # not allow SQL, call DBI::quote no_html # not allow Tag HTML no_br # not allow Tag HTML <br> no_nes # not allow Tag Nes {: :} yes_sql # allow SQL, not DBI::quote filter yes_html # allow all Tags HTML yes_br # allow Tag HTML <br> yes_nes # allow Tag Nes {: :}
Allow specific HTML tags ( yes_tag_TAG ):
yes_tag_B # allow Tag HTML <B></B> yes_tag_STRONG # allow Tag HTML <strong></strong> ...
Format:
{: $ ('var',[list of options in any order]) :}
If we make a variable 'yes_nes' will not get run code that contains the variable. For safety, you can not execute code from a Nes variable. The effect of 'no_nes' is that the tags are visible, and 'yes_nes' is disappearing.
We must prevent access to these files in .htaccess:
<FilesMatch \.nes.cfg$> order deny,allow deny from all </FilesMatch>
Nes filters the Nes Tags of the forms in PHP include or Wrapper, but NOT the HTML and SQL. It is assumed that the PHP script should incorporate these filters.
We can managing user sessions with Objects or Perl script.
Managing user sessions with the object session.nhtml:
{: include ( '{: * cfg_obj_top_dir :}/session.nhtml', action, {: # default: get | create | del :} user, {: # if 'get' action: user :} expire {: # if 'get' action: expire :} :} Expire format: time suffix: s: seconds, m: minutes h: hours d: days, M: months, y: years 30s = 30 seconds 12h = 12 hours 2y = 2 years ...
# Session is open {: * nes_session_ok :} # User name session {: * nes_session_user :}
Nes::Tutorial, Nes::Singleton, Nes::nes.cfg
Skriptke: Enrique Castañón
Version 1.04
Copyright (c) Enrique F. Castanon Barbero. All rights reserved.
This program is free software; you can redistribute it and/or modify it under the same terms and conditions as GNU Public License (GPL).
This means that you can, at your option, redistribute it and/or modify it under either the terms the GNU Public License (GPL), or under the Perl Artistic License.
See http://dev.perl.org/licenses/
THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
Use of this software in any way or in any form, source or binary, is not allowed in any country which prohibits disclaimers of any implied warranties of merchantability or fitness for a particular purpose or any disclaimers of a similar nature.
IN NO EVENT SHALL I BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION (INCLUDING, BUT NOT LIMITED TO, LOST PROFITS) EVEN IF I HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE
Sample to use Nes; http://nes.sourceforge.net/, Template::Toolkit, HTML::Template, HTML::Mason, HCKit::Template, Catalyst, CGI::Framework, CGI::Application, CGI::Application::Framework, mod_perl
1 POD Error
The following errors were encountered while parsing the POD:
Non-ASCII character seen before =encoding in 'Castañón'. Assuming UTF-8
To install Nes, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Nes
CPAN shell
perl -MCPAN -e shell install Nes
For more information on module installation, please visit the detailed CPAN module installation guide.