Thursday June 27, 2024 dynamicXport 3.2.14 Maintenance Release All Rights Reserved. Copyright (c) 2001 - 2021 by: Dynamic Concepts, Inc. Irvine, CA 92618 USA Email address: techsupport@dynamic.com Information: www.dynamic.com Downloads: ftp.dynamic.com Product Description =================== dynamicXport is a portal and RAD (Rapid Application Development) toolkit, consisting of customizable web templates and a software API (Application Program Interface) which enables the creation of a web based presentation layer to existing software and database. dynamicXport requires both an Application server and a Web server. Although both the Application and the Web servers may reside on a single physical system, Dynamic Concepts strongly recommends the usage of two separate systems and that the Application server is secured behind a Firewall. The Web server may be either a Linux/Unix server or a Windows IIS server. The Application server may be either a Linux/Unix server or a Windows server. Any combination of Linux/Unix and Windows servers may be used with dynamicXport. Pre-Installation Instructions ============================= o This release requires dL4 version 11.3 or higher for application services. Users running with a dL4 license prior to version 10 must also acquire a dL4 version 10 SSN. o Problem reports should be emailed to techsupport@dynamic.com. All problem reports should contain a description of the problem, the operating system name/revision, and, if at all possible, a reproducible sequence o To improve performance and to add additional features, the dynamicXport platform has been changed from the universal platform FF to machine specific platforms, e.g. 6D (Linux), 1B (Windows), (99) SCO etc. If the application server and web server are on different systems, the appropriate machine specific distribution file must be downloaded for each system. o For dynamicXport application services, users should download the latest Passport revision for the appropriate platform. Highlights of Revision 3.2.14 =============================== o Improved security. o Options to prevent script code injection. o Support for platforms 39 and 69 (Red Hat ES9 x86) o Automated requests to dynamicXport application can be implemented as simpler DXQUERY actions. o Unicode input characters can be converted to similar ASCII characters. o Support for TLS/SSL based encrypted communication between the web server and the application server. o Browser based file definitions and dL4 file handling library code generation module. o UTF-8 web pages can be used to support additional languages. o DynamicPage module consisting of Page Block Definitions used to design DynamicXport dynamically generated html pages for user prompts, file tables and file maintenance. o DynamicPaper archiving, DynamicNotice and DynamicPage modules are unprotected to allow customization. o DynamicPaper supports document scanning when using Internet Explorer. o DynamicPaper supports subtypes within folders. o Paypal Payflow Pro interface updated to version 4.3+. o Allow use of special characters in passwords. Upgrade Instructions ==================== 1. Make a current backup of the directory where dynamicXport is currently installed on the Application server. 2. This version requires dL4 11.3 or greater. 3. Both the Application and the Web servers must be upgraded with files from the same version. If the Application and Web servers are on different platforms (such as Linux and Windows or two different Unix platforms), then be certain to download the platform specific copy of dynamicXport for each platform. 4. If upgrading from a previous version, simply follow the regular installation procedure for product upgrade. 5. The upgrade procedure keeps a backup copy of the dynamicXport support files in the oldfiles directory. 6. If you wish to retain your older files, then rename oldfiles directory to files. 7. If you want to retain files from revision 1.2.2 or older, please run the dxrebuild.dl4 utility to convert your files. Login as "dxport" and type the following: run dxrebuild.dl4 Type "run dxrebuild.dl4 help" for help. 8. Please note, the dxsystem.txt configuration file does not get replaced or updated while upgrading. Any new parameter value pairs needed for new features must be manually added to dxsystem.txt. Installation Instructions ========================= 1. Install the application and/or web server as described in the sections below. Please select the section that is appropriate for your platform (Linux/Unix or Windows) and for your server types (application or web server). The Linux/Unix web server installation instructions are generic and may need to be adapted to the particular web server or web server directory structure used on the system. The Windows installation is described for Windows 20xx Server. If you are installing on another version of Windows, the Windows 20xx instructions can be used, but different utility names and other adaptions may be needed. 2. After the installation is completed, the login page for dynamicXport may be accessed from a JavaScript enabled browser by opening: domain_name/dx/login/dxstd/login.html Linux/Unix Application Server Configuration ===================================== 1. Login as "root". 2. Ensure that you have the latest Passport version installed on your application system. For common platforms, the latest Passport software can be obtained from either www.dynamic.com or ftp.dynamic.com. Older versions of ssnmaint list dynamicXport as product 6. 3. Install dL4 version 11.3 or greater for Linux/Unix, along with your dynamicXport SSN. 4. Unless you are upgrading an existing installation of dynamicXport, create a new user account named "dxport" with the default group "dxport". If necessary, create the group "dxport" before creating the account. 5. Create a home directory for the account created in the previous step, e.g. "/home/dxport" if it does not have one. 6. Login as "dxport". 7. Copy the distribution file to any temporary directory on your system, e.g. "/tmp". 8. If the distribution file has a ".Z" extension, uncompress the file using the command "uncompress filename.Z". If the file has an extension of ".z", then rename the file with an uppercase "Z" before uncompressing the file. 9. Create a temporary installation directory, e.g. /tmp/dxport. 10. cd to the temporary installation directory. 11. Unpack the distribution file using the command "cpio -imcdu <../filename". If an error message occurs, try using the command "cpio -imdu <../filename" or "cpio -imduHodc <../filename". 12. Type "./dxinstall" if you are installing dynamicXport for the first time or if you have not modified any of the dynamicXport programs or libraries. Use "./dxupdatecore" instead of "./dxinstall" to update only the list protected components of dynamicXport. 13. Enter the Web server's IP address and other items requested by the script. 14. To use TLS/SSL encrypted communication between the application server and the web server, first run "./dxmakecert" in the dxport home directory to generate the "root.pem", "appserver.pem", and "webserver.pem" TLS/SSL certificates. The TLS/SSL certificate files must be kept secure and should only be readable by the "dxport" user. Edit dxsystem.txt to uncomment and set the "SSLCert" and "SSLRoot" lines. The "SSLCert" line must be set to the absolute path of "appserver.pem" and the "SSLRoot" line must be set to the absolute path of "root.pem". For higher security, uncomment the "SSLVerify" line after installing the "webserver.pem" and "root.pem" certificates on the web server as described in the web server section below. Please note that the certificates must be replaced before the expiration date displayed by the dxmakecert script. 15. The operating system must be configured to "listen" for dynamicXport requests from the web server on a network TCP port (default 9632). Most systems can be configured using the adddx script. The operating system must have the "systemd", "xinetd", or "inetd" network listening service installed and enabled. To configure the dynamicXport listening service, run the command below as "root" in the dynamicXport home directory: ./adddx where: is the TCP port number (usually 9632) is the dynamicXport user name for the dynamicXport account is the dynamicXport group name for the dynamicXport account is the absolute path of the dynamicXport account home directory For example, ./adddx 9632 dxport dxport /home/dxport The script may instruct you to execute additional commands to start the dynamicXport service. The script can be re-run with different options as long as the port number is not changed. If the port number needs to be changed, remove the existing dynamicXport service before re-running the script (see "Removing a dynamicXport Service"). Multiple ports can be setup to provide listening services with different options by running the adddx script with different port numbers. If you want to review the configuration files before they are installed, add the option "-test" when running the adddx script. If the adddx script reports that the operating system is not supported, see your operating system documentation for information on configuring a network service. See the sections on manual configuration for hints on how to setup an unsupported operating system. Some systems will not be recognized because the "xinetd" service is not installed by default and must be added. 16. If necessary, alter firewall and/or routing rules to permit access by the web server to the dynamicXport TCP port on the application server. 17. Delete the distribution file or move it to a backup directory. 18. Reboot the Linux/Unix Application server. Manual Configuration of dxlistener ================================== 1. Define the dynamicXport service TCP port on the Application server by adding a line to the text file /etc/services. The new entry in /etc/services should look like the following: dxport 9632/tcp # dynamicXport uses tcp/ip port 9632 2. The system must be configured to "listen" on the dynamicXport service TCP port and run the dynamicXport service. On most systems, this is done using one of three methods. If the directory /etc/systemd/system exists, go to step 3 to configure "systemd". If the directory /etc/xinetd.d exists, go to step 4. If the file /etc/inetd.conf exists, go to step 5. If none of these directories or files exist, see your operating system documentation for information on configuring a network service. On some systems, xinetd is supported but must be installed as a system option. 3. To configure systemd, you must create two text files named "dxport.socket" and "dxport@.service" in the /etc/systemd/system directory. The prefix "dxport" in the filenames can be changed to any name that you prefer, but the prefix must be the same in both filenames. First, as "root", create the text file /etc/systemd/system/dxport.socket. Enter the following 10 lines beginning with the line "[Unit]" and without the leading spaces: [Unit] Description=dynamicXport application service Documentation=https://www.unibasic.com [Socket] ListenStream=0.0.0.0:9632 Accept=True [Install] WantedBy=sockets.target The dynamicXport port number is specified in the line "ListenStream=9632" where "9632" should be replaced by whatever TCP port number you require. Busy systems may need a "MaxConnections=" line added after the "Accept=True" line to increase the maximum number of simultaneous connections ("" is the limit as a decimal number). On Red Hat Enterprise 8 or similar systems, a "TriggerLimitBurst=" setting may be needed to increase the maximum number of connections per second that will be accepted. Next, create a text file /etc/systemd/system/dxport@.service containing the following 16 lines beginning with the line "[Unit]" and without the leading spaces: [Unit] Description=dynamicXport application service Documentation=https://www.unibasic.com [Service] Type=simple ExecStart=/usr/bin/run -XB /home/dxport/dxlistener.dl4 StandardInput=socket TimeoutStartSec=0 KillMode=process User=dxport Group=dxport WorkingDirectory=/home/dxport UMask=0077 [Install] WantedBy=multi-user.target The lines "User=" and "Group=" specify the user and group that the dynamicXport service will run as. The line "ExecStart=" specifies the command line used to invoke the dynamicXport server. The line "WorkingDirectory=" specifies the current directory to be used by dynamicXport and should be set to the directory in which dynamicXport was installed. If you are using TLS/SSL connections between the web server and the application server, change "-XB" to "-XD". The ExecStart line must also be modified if the dynamicXport home directory is not /home/dxport. The dxport.socket and dxport@.service files should be owned by "root" and have "644" or "444" permissions. After creating the two files, execute these three commands as "root" to start the dynamicXport service: systemctl daemon-reload systemctl enable dxport.socket systemctl start dxport.socket Continue at step 16 above. 4. To configure xinetd to run the dynamicXport application service, add, as "root", a new text file /etc/xinetd.d/dxport with contents similar to: # default: on # description: dynamicXport application server connections service dxport { flags = REUSE socket_type = stream wait = no user = dxport server = /home/dxport/run server_args = -XB /home/dxport/dxlistener.dl4 disable = no cps = 5000 1 } If the home directory of the dxport account is not /home/dxport, change each occurrence of "/home/dxport" to the actual home directory path. If TLS/SSL encrypted communication will be used between the web server and the application server, change "-XB" in "server_args" to "-XD". To enable the configuration changes, execute the command "kill -HUP " as "root" where "" is the process id number of the xinetd process. Continue at step 16 above. 5. To configure inetd to run the dynamicXport application service, add, as "root", the following two lines to the end of the /etc/inetd.conf file using any text file editor: # the entry below in /etc/inetd.conf file is for dynamicXport dxport stream tcp nowait dxport /home/dxport/run run -XB /home/dxport/dxlistener.dl4 Please note that the second occurrence of "run" in the entry is not a typographical error: it is a required field. If the home directory of the dxport account is not /home/dxport, change the line to use the actual home directory path. If TLS/SSL encrypted communication will be used between the web server and the application server, change "-XB" to "-XD" in /etc/inetd.conf. To enable the configuration changes, execute the command "kill -HUP " as "root" where "" is the process id number of the inetd process. Removing a dynamicXport Service =============================== To remove a dynamicXport service, run the script rmvdx as "root" in the dynamicXport home directory with the port number as the only argument. Example: ./rmvdx 9632 Linux/Unix Web Server Configuration ================================== 1. Login as the user of the Web site. 2. Create a directory named "dx" in the DOCUMENT_ROOT_DIRECTORY. The DOCUMENT_ROOT_DIRECTORY is typically at /var/www/html Set the permissions of the "dx" directory to be the same as the DOCUMENT_ROOT_DIRECTORY or simply to 755 (which will allow any user to access the directory, but only the directory owner will be allowed to create or delete files). 3. Copy the distribution file to any temporary directory on your system, e.g. "/tmp". 4. If the distribution file has a ".Z" extension, uncompress the file using the command "uncompress filename.Z". If the file has an extension of ".z", then rename the file with an uppercase "Z" before uncompressing the file. 5. Create a temporary installation directory, e.g. /tmp/dxport. 6. cd to the temporary installation directory. 7. Unpack the distribution file using the command "cpio -imcdu <../filename". If an error message occurs, try using the command "cpio -imdu <../filename" or "cpio -imduHodc <../filename". 8. cd to the WebServer subdirectory using the command "cd WebServer". 9. In this step the contents of the WebServer directory are copied to DOCUMENT_ROOT_DIRECTORY/dx. Type the following command find * -print | cpio -pmdu DOCUMENT_ROOT_DIRECTORY/dx where DOCUMENT_ROOT_DIRECTORY is replaced with the web site directory described in step 2. 10. Set permission of the DOCUMENT_ROOT_DIRECTORY file cgi-bin/dxserver.cgi to 755. 11. Edit the cgi-bin/dxserver.txt file using your favorite editor. Set the DXIP value to the IP address of the Application server. Set the DXPORT value to the Application server's tcp/ip port number as set in /etc/services file. You should not have to change anything else in the cgi-bin/dxserver.txt file unless you use TLS/SSL communication with the Application server. 12. To use TLS/SSL encrypted communication to the Application server, edit the cgi-bin/dxserver.txt file. Uncomment the "SSLONLY" line to enable TLS/SSL communication. For higher security, uncomment and set the "SSLCERT" and "SSLROOT" lines. The "SSLCERT" line must be set to the absolute path of the TLS/SSL client certificate ("webserver.pem") and the "SSLROOT" line must be set to the absolute path of the TLS/SSL root certificate ("root.pem"). These TLS/SSL certificates are normally self-signed certificates such as those produced by the dxmakecert shell script (see the Linux/Unix Application Server Configuration section above). The TLS/SSL certificate files ownership and permissions should be set to restrict access to the web server process. 13. The web server configuration may need to be modified to allow cgi-scripts to run in the dx/cgi-bin/ directory. For example on Apache, the /etc/http/httpd.conf file may need to be modified. Example changes to a default Apache conf file are as follows: Comment out the following line in /etc/apache/httpd.conf - ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ Add the ExecCGI option to the following line (after ) - Options Indexes Includes FollowSymLinks MultiViews Uncomment the following line so that .cgi and .pl files will be executed as CGI scripts - #AddHandler cgi-script .cgi .sh .pl Consult your Apache or other web server resources for further details on web server configuration. 14. If you have installed the demo examples, the S_UPLOADFILE setting in dxsystem.txt on the application server and the COPYMAP setting in cgi-bin/dxserver.txt on the web server must be set correctly in order to run the upload example. It may also be necessary to set the correct download path in the program examples/exdown.dl4 before using the download example. 15. If you intend to use dynamicNotice, uncomment the L:COPYMAP setting in dxserver.txt and set the directory path in COPYMAP to the "articles" directory. 16. If SELinux is enabled in enforcing mode, it may be necessary to change the SELinux configuration to permit cgi-bin/dxserver.cgi and cgi-bin/dxserver to run. For example, the command setsebool -P httpd_can_network_connect=1 permits dxserver to use network connections to access the application server. The following commands enable CGI scripts and specifically enable running cgi-bin/dxserver.cgi: setsebool -P httpd_enable_cgi=1 chcon -t httpd_sys_script_exec_t /var/www/html/dx/cgi-bin/dxserver.cgi If dxserver.cgi is renamed or moved, it may be necessary to repeat the chcon command. If the "copy files to the web server" feature is used, then writing to the destination directory must be enabled: semanage fcontext -a -t httpd_sys_rw_content_t 'destination_directory' restorecon -v 'destination_directory' You can change the SELinux mode to "permissive" to allow dynamicXport to run while the system generates system log entries describing which SELinux settings need to be changed. Application Server Installation on Microsoft Windows 20xx Server ========================================================================== 1. Login as Administrator. 2. Run the dynamicXport installation program 1B_dxport_3.2.14.exe and follow the displayed instructions. This will extract dynamicXport web and application services modules into the C:\temp\dx folder (or a folder of your choice). Please note that the dynamicXport application services require Passport and hence Passport software with an SSN must be installed in conjunction with dynamicXport application services. 3. Make certain that dynamicXport is enabled in your SSN. The installation process will not work without a dynamicXport SSN. 4. Open a DOS command prompt and type the following commands: cd \temp\dx\ApplicationServer (or cd \temp\dx\applic~1) instlapp C:\dxapp If dynamicXport is being installed in a non-default directory, change the value of "C:\dxapp" to the actual directory. 5. The installation process starts Notepad so that you can edit the WebServer1IP=LOCALHOST entry in the dxsystem.txt file. Change the LOCALHOST value to the IP address of the web server. If dynamicXport is not being installed in "C:\dxapp", change all instances of "C:\dxapp" to the actual directory. If dL4 has been installed somewhere other than "C:\Program Files\dl4", change the value of "dL4Processor" to use the correct path. If the web server is running a 64-bit version of Windows, the path will probably be "C:\Program Files (x86)\dl4". When finished, save the changes and exit Notepad. 6. To use TLS/SSL encrypted communication between the application server and the web server, run the "dxmakecert" script on a Unix or Linux system to generate the "root.pem", "appserver.pem", and "webserver.pem" TLS/SSL certificates. The TLS/SSL certificate files must be kept secure and should only be readable by the "dxport" user. Edit dxsystem.txt to uncomment and set the "SSLCert" and "SSLRoot" lines. The "SSLCert" line must be set to the absolute path of "appserver.pem" and the "SSLRoot" line must be set to the absolute path of "root.pem". For higher security, uncomment the "SSLVerify" line after installing the "webserver.pem" and "root.pem" certificates on the web server as described in the web server sections. 7. If the standard TCP port number (9632) and standard installation directory ("C:\dxapp") are being used, type the following command in the DOS command window: instsrvr To use a TCP port number other than 9632 or if dynamicXport is being installed somewhere other than "C:\dxapp", use the command instsrvr 8. Type "instdemo C:\dxapp" from C:\dxapp directory to install the optional dynamicXport demo options. If dynamicXport is being installed in a non-default directory, change the value of "C:\dxapp" to the actual directory. service. If necessary, alter firewall and/or routing rules to permit access by the web server to the dynamicXport TCP port on the application server. Web Server Configuration on Microsoft Windows 20xx Server and IIS ?? ========================================================================== 1. Login as Administrator. 2. Enable the CGI server role in IIS if it hasn't been enabled already. 3. Run the dynamicXport installation program 1B_dxport_3.2.14.exe and follow the displayed instructions. This will extract dynamicXport web and application services modules into the C:\temp\dx folder (or a folder of your choice). You can skip this step if you have already extracted dynamicXport. 4. Create a directory, e.g. dx, in your DOCUMENT_ROOT_DIRECTORY. For example, this directory may be called D:\InetPub\wwwroot\domainname. Do NOT create an IIS Virtual Directory. 5. Copy all files from the temporary installation "WebServer" directory to the directory created in the above step. 6. Edit the cgi-bin\dxserver.txt file using your favorite editor such as Notepad or Word. Set the DXIP value to the IP address of the Application server. Set the DXPORT value to the Application server's tcp/ip port number as set in the instsrvr.bat file for Windows, or in the /etc/services file for UNIX. You may need to change the S_ROOT value in the cgi-bin\dxserver.txt file to /dx/ or ../../dx/. 7. To use TLS/SSL encrypted communication to the Application server, edit the cgi-bin/dxserver.txt file. Uncomment the "SSLONLY" line to enable TLS/SSL communication. For higher security, uncomment and set the "SSLCERT" and "SSLROOT" lines. The "SSLCERT" line must be set to the absolute path of the TLS/SSL client certificate ("webserver.pem") and the "SSLROOT" line must be set to the absolute path of the TLS/SSL root certificate ("root.pem"). These TLS/SSL certificates are normally self-signed certificates such as those produced by the dxmakecert shell script (see the Linux/Unix Application Server Configuration section above). The TLS/SSL certificate files ownership and permissions should be set to restrict access to the web server process. 8. Open IIS Manager from: Start ==> All Programs ==> Administrative Tools ==> IIS Manager 9. Select the domain site. 10 Select "Handler Mappings". 11. Select "Add Script Map". 12. In "Request Path:", enter "*.cgi" without the quotation marks. 13. In "Executable:", enter the following as a single line including the quotation marks: "C:\InetPub\wwwroot\domain_name\dx\cgi-bin\dxserver.exe" -a 14. Type ".cgi" in the box labeled "Name:". 15. Select the "OK" button. 16. When you are asked whether to allow this ISAPI extension, select "Yes". 17. If you have installed the demo examples, the S_UPLOADFILE setting in dxsystem.txt on the application server and the COPYMAP setting in cgi-bin/dxserver.txt on the web server must be set correctly in order to run the upload example. It may also be necessary to set the correct download path in the program examples/exdown.dl4 before using the download example. 18. If you intend to use dynamicNotice, uncomment the L:COPYMAP setting in dxserver.txt and set the directory path in COPYMAP to the "articles" directory. Verifying Web Server to Application Server Communication ======================================================== 1. Attempt to login as admin through a browser by opening: domain_name/dx/login/dxstd/login.html 2. If login fails, attempt to obtain the Application Server revision number through a browser by opening: domain_name/dx/cgi-bin/dxserver.cgi?option=revision It should display the revision number and a suggested setting for S_ROOT. 3. If step 2 fails, try changing S_ROOT in cgi-bin\dxserver.txt to /dx/, ../dx/, or ../../dx/. 4. If step 3 fails, attempt a simple telnet to the IP and port of the Application server listener to verify that the listening process is functioning. The telnet session should print out some text and then exit. New in This Release =================== Jun 27, 2024 (Maintenance Release 3.2.14) o Bug fixed: upload errors were reported on pages with more than one upload field unless files were selected in each field. o Bug fixed: Setting "Allowed=U" in dxsysten.txt on the application server to reject duplicated browser tabs or windows sometimes caused errors to be reported for any action after logging into dynamicXport. Jan 11, 2024 (Maintenance Release 3.2.13) o By default, dynamicXport now uses a more secure mechanism for authentication. The new method is compatible with "API" style access as long as the session id is not used in the URL. The old authentication method can be used by adding then line "AUTH=URL" to the dxserver.txt configuration file on the web server. o Script code can no longer be injected using the "SESSION" value. o A new dxserver.txt configuration option, "SANITIZE", has been implemented to resist JavaScript code injection. Code injection is an attempt to make a web page execute JavaScriptcode that is not part of the page. The "SANITIZE" option has three possible values: "STD" - do not sanitize text being inserted by any of the dl4x() macros. This is the traditional dynamicXport behavior which allows applications to insert HTML coding or JavaScript. "HTML" - When processing dl4x() macros, replace the characters "<", "(", ")", quotation marks, and single quotation marks with HTML entity code that are displayed as the original characters but are not interpreted as JavaScript. The "<" character is only replaced when followed by "script" or "/script". "SPC" - When processing dl4x() macros, replace the characters "<", "(", ")", quotation marks, and single quotation marks with spaces or by just deleting the character. The "<" character is only replaced when followed by "script" or "/script". The global setting for "SANITIZE" can be overridden in any dl4x() macro by using the "Code", "HTML", or "SPC" specifier surrounding the value name. For example, "dl4v(Code(name))" causes the value of "name" to be inserted without sanitizing. o The S_UPLOADFILE parameter now supports two new macros: %NAMENOEXT% - the filename without the extension %NAMEXT% - the filename extension o The "multiple" file attribute is now supported for upload fields. When uploading multiple files from an upload field, the first filename can be loaded with DXGET or DXGET$ from the value "S_FILEUPLOAD_name" where "name" is the name of the upload field. The other filenames can be loaded from "S_FILEUPLOAD_name1", "S_FILEUPLOAD_name2", and so on. The number of uploaded files can be determined by retrieving filenames sequentially until the returned filename is "". o A new script, dxupdatecore, is now provided in the installation package to perform a minimal upgrade of an application server. This script can be used to update the non-user modifiable programs and libraries on application servers that use customized versions of the other components. The dxupdatecore script must be run as the dynamicXport user. o Bug fixed: if a user uploaded too many files or a file that was too large, the message "No socket data" was displayed instead of "File upload failed". o Bug fixed: various errors sometimes occurred after uploading a file. o Bug fixed: sequence number fields in S_UPLOADFILE were not incremented when the filename contained a space. Jan 17, 2023 (Maintenance Release 3.2.12) o Bug fixed: sequence number fields in S_UPLOADFILE were not incremented when a filename collision occurred. Because of this, files with duplicate names could not be uploaded without overwriting any existing file. Dec 6, 2022 (Maintenance Release 3.2.11) o Support has been added for platforms 39 and 69 (Red Hat ES9 x86 32 bit and 64 bit). o Bug fixed: the "dxpurge" process did not run if dynamicXport was configured using "systemd" on the application server. The systemd configuration example now uses "KillMode=process". Mar 22, 2022 (Maintenance Release 3.2.10) o Many web browsers allow the user to duplicate browser tabs. Such duplicated tabs can cause problems in dynamicXport applications that use "U_xxxx" fields to store session data. In this release, the "Allowed=U" setting in dxsystem.txt on the application server enables detection of inconsistent "U_xxxx" data. A warning message will be displayed if a problem is found. o Bug fixed: the "Change Password" option restricted the new password to letters and digits. Oct 14, 2021 (Maintenance Release 3.2.9) o A new standard option, "DXLOGIN", has been added to generate session id values which can be used to start browser sessions. The user name for the session is passed via the "LOGINAS" value. When used with dxbridge.dl4, the user or the "admin" id and password must be provided. The session id value is returned as the value of "NEWSESSION". If the session id value is used with a URL and IP address verification is enabled in dynamicXport, then the user will be immediately required to re-validate. Sample program using dxbridge.dl4: Declare Intrinsic Sub DXSet Declare Intrinsic Function DXGet$ Call DXSet("ID", "admin") Call DXSet("PASSWORD", "password") Call DXSet("Option","DXLOGIN") Call DXSet("LOGINAS","user id") Call "dxbridge.dl4" If DXGet$("S_MSGNO") Or DXGet$("S_INTMSG") Print "Error: S_MSGNO" + ": " + DXGet$("S_MSGNO") Print "S_INTMSG" + ":" + DXGet$("S_INTMSG") Else Print "http://server/dx/cgi-bin/dxserver.cgi?"; Print "SESSION=";DXGet$("NEWSESSION");"&Option=Options" End If End o Enhancement: if a dynamicXport application sets the value "S_SETOPTIONLIST" to "Y" before exiting, the option data values will be added to the data to be merged with the output page. o Behavior change: the "dxpurge" process is now executed using the "run" path defined in the dL4Process line of the dxsystem.txt file. This change prevents problems starting dxpurge when the xinetd or systemd environment does not define the PATH environment variable. Aug 30, 2021 (Maintenance Release 3.2.8) o A new standard action, "DXQUERY", can be used to access any dynamicXport application by its option name. A URL with parameters such as http://server/dx/cgi-bin/dxserver.cgi?action=dxquery&option=& id=&password=&=&...&= will log into dynamicXport, execute the option application, return the result page/document, and log off. In the example, is the option name (case sensitive) is the dynamicXport user name is the user password is a value name to pass to the option application is the value of is a value name to pass to the option application is the value of If the option application uses the "ACTION" value, the required "ACTION" value can be passed to the application by setting "DXQACTION" to that value. Users, passwords, and options for DXQUERY are defined using the same dynamicXport administrative utilities used for interactive users. Please note that when using tools such as "curl", command line parameters such as passwords will be visible to other users. For this reason, the URL should not be passed on the command line (see the -K option in curl). The default format for dynamicXport output is "text/html". This can be changed to JSON or XML by changing the content out values in cgi-bin/dxserver.txt as described in the dynamicXport documentation. If a DXQUERY option cannot be executed or if the option is not defined for the specified user, an error message will be returned using the form defined in dxstd/dxqmsg.html on the web server. Aug 19, 2021 (Maintenance Release 3.2.7) o A new option, "DELAYHEADER=1", is now supported in dxserver.txt to prevent a blank page from being display on the client browser while waiting for the dynamicXport application to return the result page. This problem does not occur on all web server and browser combinations. To enable this option, add the following line to cgi-bin/dxserver.txt on the web server: DelayHeader=1 Jul 8, 2021 (Maintenance Release 3.2.6) o A new option, "DXCHARSET=UTF-8-ASCII", is now supported in dxserver.txt to convert Unicode input characters to similar ASCII characters where possible. For example, a Unicode hyphen character is converted to an ASCII minus sign ("-"). This option is useful for applications that do not support non-ASCII characters. Users often enter Unicode characters by accident when performing a copy/paste from a document. To enable this option, add the following line to cgi-bin/dxserver.txt on the web server: DXCHARSET=UTF-8-ASCII May 12, 2021 (Maintenance Release 3.2.5) o The following new platforms are supported: 37 - Red Hat Enterprise 7 compiled as a 32 bit application. 67 - Red Hat Enterprise 7 compiled as a 64 bit application. 38 - Red Hat Enterprise 8 compiled as a 32 bit application. 68 - Red Hat Enterprise 8 compiled as a 64 bit application. o Instructions have been added to this document for configuring "systemd" for the dynamicXport application server. o Bug fixed: placing large amounts (greater than 32000 characters) of data in the output table with CALL DXSET() caused "Arithmetic overflow" errors to be reported in the dynamicXport audit log file. Nov 5, 2020 (Maintenance Release 3.2.4) o Install C runtime libraries when installed on a Windows system. Aug 27, 2020 (Maintenance Release 3.2.3) o Upload filenames and paths can now be longer than 60 characters. May 20, 2019 (Release 3.2.2) o Passwords are no longer restricted to alphanumeric characters. o Bug fixed: dxpurge deleted only 1 expired session per "cron" interval which sometimes caused the session file to grow too large. o Bug fixed: the failed logins counter was not reset when needed which prevented future logins. o Bug fixed: setting the buffer size above the limit will now cause the maximum size to be used instead of 128 kb (which is much smaller). Nov 22, 2016 (Release 3.2.1) o Behavior change: if dxserver is started without any command line arguments, the configuration file dxserver.txt will be loaded from the current directory (Unix/Linux) or the program directory (Windows). Previous versions of dxserver displayed a usage message if no arguments were supplied. This change has been made to support web servers that cannot pass command line arguments to CGI programs. Dec 1, 2015 (Release 3.2) o TLS/SSL encrypted communication is now supported between the web server and the application server. This can be used instead of a hardware or software VPN to provide security when a dynamicXport web server is located remotely from the application server. o Platform 6D, a 32-bit Linux platform, is now compiled and linked on a Red Hat Enterprise 5 system rather than on Red Hat Enterprise 3. Red Hat Enterprise 5 is the oldest version of Linux supported by Red Hat. Systems using older versions of Linux may need to be upgraded before using dynamicXport 3.2. Oct 17, 2012 (Release 3.1.1) o Support platforms 36 (Red Hat ES6 32-bit x86) and 66 (Red Hat ES6 64-bit x86). o Bug fixed: file uploads could fail under unusual conditions. Apr 4, 2011 (Release 3.1) o UTF-8 web pages and Unicode input values are now supported. To use this feature, the following changes are required: 1. the web server and/or the web pages must be configured to use the UTF-8 character set. Web pages should include the line meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 2. the cgi-bin/dxserver.txt file must be changed to include the line DXCHARSET=UTF-8 3. applications must use "CALL DXOpenUTF8()" instead of "CALL DXOpen()". o Browser based file definitions and dL4 file handling library code generation module. File definitions can be used to access data in Indexed-Contiguous files for display, print or export. The generated libraries can be used to log all file changes into an historical audit log file. o DynamicPage module consisting of Page Block Definitions used to design DynamicXport dynamically generated html pages for user prompts, file tables and file maintenance. o DynamicPaper archiving, DynamicNotice, and DynamicPage modules are unprotected to allow customization. o DynamicPaper now supports document scanning when using Internet Explorer. o DynamicPaper now supports subtypes within folders. o Various minor problems have been corrected in DynamicPaper. o Paypal Payflow Pro interface updated to version 4.3+. Jul 9, 2007 (Release 2.5.3) o New functionality: options may now be hidden from the menu. Mar 19, 2007 (Release 2.5.2) o Behavior change: users of low security options are no longer denied access if their IP address changes. o Bug fixed: demo SSNs that expired on July 1, 2007 or October 1, 2007 were treated as if they had already expired if they were used prior to July 1, 2007. The current Passport release must be installed to fully correct this problem. o Bug fixed: time out errors were sometimes reported incorrectly on AIX systems. May 2, 2006 (Release 2.5.1) o Dxadmin supports up to 5,000 options. o Option prelink defaults can be from either the "user" or "option" organization. Nov 30, 2005 (Release 2.5) o Support DynamicPaper 1.3. o Behavior change: the maximum download file path length has been increased from 60 characters to 512 characters. o Bug fixed: some browsers did not correctly display download filenames. o Bug fixed: files with spaces in the file name could not be downloaded. o Bug fixed: the data portion of an indexed-contiguous file could not be uploaded. Apr 6, 2005 (Release 2.4) o dynamicXport now provides document management services for the archiving features of DynamicPaper. o DynamicNotice and DynamicPaper options can now be configured during installation. o A new utility, dxeditoption.dl4, has been added to automate defining options. o URL links can now use the dl4v() function to merge values, such as the session identifier, into the link. This makes it possible to link to non-dynamicXport web applications and then return to dynamicXport. o Behavior change: when dl4v() is used to merge a list value, the final line separator will not be merged. o Bug fixed: menu options could be deleted when the option still had child options thus orphaning the child options; in addition, menu options without child options could not be deleted. o Bug fixed: various minor bugs in DynamicNotice have been corrected. Jan 24, 2005 (Release 2.3) o An optional feature, dynamicNotice, has been added to dynamicXport. DynamicNotice is a general information posting and distribution system implemented with dynamicXport to provide an Internet accessible messaging system. It supports the posting of messages with both text and images. DynamicNotice supports scheduling when an article will become available to users, when it will be removed, and which users will be able to view the new article when they check for news. o Behavior change: if multiple logins are disabled in an organization, then any attempt by a user to login while the user has another session in progress will provide the option of ending the previous session and starting a new session. o Bug fixed: changing a user attributes zeroed the number of logins recorded for that user. o Bug fixed: if the EmailAddress option was set in dxsystem.txt and an error occurred when an error audit message was sent, an incorrect error message was displayed to the user. For example, attempting to login with an incorrect password might display a "File not found" error. o Bug fixed: dxpurge did not purge records on some platforms. Dec 15, 2004 (Release 2.2.4) o Support new platform A4 for Apple Mac OS X. o Bug fixed: the "View Audit" administrative option did not work in 2.2.3. Sep 29, 2004 (Release 2.2.3) o Behavior change: null ("") or undefined macro values in S_UPLOADFILE will be replaced by "" and will not be reported as errors. o Bug fixed: some timeout values were treated as being in tenth seconds rather than seconds. o Bug fixed: the automatically generated user id option did not work. Apr 4, 2004 (Release 2.2.2) o The new S_DOWNLOADDELETE value pair variable can be set to "Y" (or "y") to select automatic deletion of the file specified by S_DOWNLOAD after the download is complete. This feature is intended to be used with dynamically generated download files such as reports. o Bug fixed: if login revalidation was required on a download request, the download did not occur even if revalidation was successful. o Bug fixed: a channel was left open if an error occurred while dxbridge.dl4 was processing a request. Calling dxbridge.dl4 repeatedly caused the system to fill the channel table and report a "too many channels in use" error. o Bug fixed: a configuration file without an extension sometimes caused a memory violation in dxserver. Feb 3, 2004 (Release 2.2.1) o This release is identical to 2.2 except that dynamicXport for platform 6D (Linux x86) is compiled and linked using RedHat 7.3. This change improves compatibility with RedHat 9 and similar Linux distributions. Systems using RedHat 6.x must use dynamicXport 2.2 or earlier. Jan 26, 2004 (Release 2.2) o An application can now copy files from the application server to the web server by setting the S_COPYTOWEBSERVER value pair list variable. One typical use of this feature would be to allow selected users to update a web site by uploading HTML files which are then copied to the web server. Security is maintained because file copying is controlled by an application program and, as with any dynamicXport application, a user cannot invoke or even see an application unless the administrator has enabled that application for that user. Each file to be copied is specified as a set of three consecutive values in the S_COPYTOWEBSERVER list. The first value of a triplet is the path of the file to be copied, the second value is the destination path of the file on the web server, and the third value is the file type ("Raw" or "Text"). The destination path must begin with a logical directory name ("directory/filename"). The logical directory must be defined in COPYMAP in dxserver.txt (see below). The destination path can be prefixed with a permissions option using the format "" where "xxxx" is a Unix style octal permissions value (such as "600") or any dL4 permissions value acceptable on the web server. If the file is to copied over any existing file, a trailing exclamation mark should be added to the destination path ("directory/filename!"). If the file type is specified as "Raw", the file will copied to the web server without any changes or conversions. If a file is specified as "Text", the file will be read as a text file and converted on the web server to the text file format needed by the web server. The following example shows how a dL4 application can copy the files "example1.html" and "example2.html" to the web server by setting S_COPYTOWEBSERVER: Dim Files$[6,64] Files$[0] = "/home/dxport/newfiles/example1.html" Files$[1] = "html/example1.html!" Files$[2] = "Text" Files$[3] = "/home/dxport/newfiles/example2.html" Files$[4] = "html/example2.html!" Files$[5] = "Text" Call DXSet("S_COPYTOWEBSERVER",Files$[],"L") Additional files could be copied by making the string array larger and setting additional source, destination, and type values. Please note that the actual copying of the files does not occur until after the application calls DXCLOSE. The destination directory "html" used in the destination path in the example is not an actual directory on the web server. Instead, it is a logical directory defined in the COPYMAP list value in the dxserver.txt configuration file on the web server. For the example above, the dxserver.txt file might contain the following definition to define the logical directories "html" and "data": L:COPYMAP=html=/usr/internet/ns_httpd/httpd-80/htdocs/htdocs data=/usr/internet/ns_httpd/httpd-80/htdocs/data This translation of logical to actual directories makes it unnecessary to update applications whenever the web server directories are changed or if the web server is completed replaced. Each line of the COPYMAP definition in the dxserver.txt file has the following form: "logical-directory=actual-directory-path" Each directory definition can include a permissions option "" to specify default permissions. If the permissions option is not used, the copied file will use the system default permissions. Copying files to the web server may fail due to incorrect file paths or permissions. Since the copying occurs after the application calls DXCLOSE, the application has no way to determine if the copy succeeded or not. Errors can, however, be reported to the user by displaying the S_COPYERROR and S_COPYERRORNAMES values in the output page. The S_COPYERROR value is the number of files that were NOT copied to the web server. The S_COPYERRORNAMES value is a list of the destination filenames of the file that were not copied. These values can be displayed in an output HTML page using the normal "dl4v()", "dl4t()", and "dl4l()" merge functions. o Example options and programs have been added for downloading files to and uploading files from the client system. The new options, EXDOWN and EXUPLOAD, are created if the demonstration options are installed. The upload example program, exupload.dl4, also contains an example of the copy file to web server feature described above (S_COPYTOWEBSERVER). o Behavior change: when "Allowed=N" is set in dxsystem.txt, the message "Application is currently unavailable" will be displayed instead of "Application Server Not Configured". o Bug fixed: a "download file not found" error caused a "Missing Session ID" message to be displayed instead of "Download file not found". o Bug fixed: the "View Audit" option displayed audit records using local time, but the start and end date selection was performed using GMT time. This prevented a full display of records from midnight of the start date to midnight of the end date. o Bug fixed: the "exnewuser" example programs have been changed to set the "S_USERPASSWORD" value instead of "USERPASSWORD". o Bug fixed: "OPTION=REVISION" failed on some platforms. o Bug fixed: file uploads failed with long filenames, filenames with spaces, and some forms of S_UPLOADFILE in dxsystem.txt. Dec 3, 2003 (Release 2.1.7) o Bug fixed: if a session user defined field ("U_name") was a list value, the value of the field and other fields could be corrupted on a Windows application server. o Bug fixed: low security options could not be used with a Windows application server unless the user was logged in. o Bug fixed: if the audit file type was set to text ("AuditFileType=T" in the dxsystem.txt file), dynamicXport would not work on a Windows application server. Nov 10, 2003 (Release 2.1.6) o Bug fixed: if an application output to standard output after calling DXCLOSE, a "NO DATA FROM APPLICATION PROGRAM" error occurred. Oct 22, 2003 (Release 2.1.5) o Changes in the client (browser) IP address are now ignored for low security options unless an SSL (https:) connection is used. This change improves compatibility with some ISPs, such as AOL, that provide a different client IP address for each browser transaction. o Optional TCP port number and application directory parameters have been added to instsrvr.bat. The command line syntax for instsrvr.bat is now: instsrvr [ [ ] "filename_macro[!]" AS "destination_file_type" option := [CASE = U | L | A] [, ACCEPT_EXT = ALL | space separated list of extensions, e.g. .gif, .txt] [, APPEND = Y | N][, EXTENSION = add this extension if the source file lacks this extension] CASE = U convert destination filename to uppercase CASE = L convert destination filename to lowercase CASE = A accept destination filename as is ACCEPT_EXT = ALL allow files with any extension to be uploaded ACCEPT_EXT = .gif .exe .txt a list of space separated file extensions that may be uploaded. Files without these extensions may not be uploaded. Please note that file uploading capability is disabled if ACCEPT_EXT is undefined. APPEND = Y append to destination file APPEND = N do not append to destination file EXTENSION = xxx add the extension, xxx to the destination filename if the destination filename lacks such an extension destination file protection, e.g. <666> filename_macro := must begin with an absolute path and may contain one or more of the following %NAME% use source filename %MMDDYY% current date %MMDDYYYY% current date %DDMMYY% current date %DDMMYYYY% current date %YYDDMM% current date %YYYYDDMM% current date %YYMMDD% current date %YYYYMMDD% current date %DDDYY% current date %DDDYYYY% current date %TIME24% current time (24 hour format) %TIME12% current time (12 hour format) %TIMEPM% current time (am or pm) %FIELDNAME% dynamicXport field name %% percent sign (%) %# ... #% use a sequence number using # as a mask value %& ... &% use a sequence number using & as a mask value destination_file_type := RAW | TEXT | DOS TEXT | ANSI TEXT | UNIBASIC TEXT | UNIX TEXT | MACINTOSH TEXT The S_UPLOADFILE global setting may be overwritten by setting the S_FILEUPLOAD_form_field_name field. The S_FILEUPLOAD_form_field_name contains the name of the destination filename. Sample syntax : S_UPLOADFILE=(ACCEPT_EXT = ALL) "/home/dxport/%NAME%" As "TEXT" o dynamicXport users may now download files directly from the application server to their client system. Both binary and text files may be downloaded. Only a single file at a time may be downloaded. A file download HTML page must contain S_DOWNLOAD=1 in its parameter list. The S_CONTENTTYPE and S_CONTENTDISPOSITION settings in the dxsystem.txt file controls file download. The default values are: Content-Type: application/octet-stream Content-Disposition: attachment; filename=filename_to_download o An application program must provide the name of the file to download, including path, in the S_DOWNLOAD name/value pair variable. If an application program includes S_DOWNLOAD, then S_CONTENTDISPOSITION is sent. Othewise, S_CONTENTTYPE is sent. o A new dl4o option allows one HTML page to include another HTML page. If the included filename is not in the current directory, dynamicXport will traverse its parent directory, up to the document root directory, to locate the included filename. The dl4o option appears in an HTML page. Here are two examples. o For ease of installation, a copy of Passport for Windows is also included in the Windows platform product file. Dec 16, 2002 (Release 1.5.2) o A logged on user can now run a low security option, even when the option is not in the user's option list. o dynamicXport now reports "Output page not specified" if an application does not provide the name of an output page and the option does not have a default output page. This message text may be customized in the dxmsg.txt file. o Bug fix: version 1.5.1 did not allow adding a new user with a specific user id. o Bug fix: multiple copies of dxpurge were invoked if the dxpurge lock file lacked proper permissions. Nov 25, 2002 (Release 1.5.1) o dynamicXport will generate a new user ID starting with 00000001 and incrementing it by one if a user ID is not specified during the add a new user option. o dynamicXport now uses the recipient's name as the sender's name if email is sent on error. o It is now possible to search for a user using the user's email and the user's userdef1 value. o The optiondir/msg.html page is used to return the password change message. o A new error message, "I/O Error" was added to the dxmsg.txt file. o A new error message, "No Data from Application Program" was added to the dxmsg.txt file. o A new option, SMTPServer in the dxsystem.txt has been added for SMTP email server name. o "Record has changed since last access" is now displayed instead of "Record is locked" to reflect the true nature of the error. o An "Application died unexpectedly" message is now stored in the dxaudit file. o Bug fix: The validation page now works with Netscape Navigator versions 6 and 7. o Bug fix: "Device not accessible" was reported on Linux if the email error option was enabled and login failed. Jul 18, 2002 (Release 1.5) o dynamicXport version 1.5, which requires dL4 version 5.1.1, now supports the dynamicXport Application server on a Windows NT/2000 server. o See the section, "NT Application Server Installation " in this document. The application server runs on TCP/IP port 9632 in C:\dxapp directory. The installation process requires that dL4 version 5.1.1 or greater is in C:\Program Files\dl4 directory. Jun 28, 2002 (Release 1.4.1) o A new option in the dxsystem.txt file allows configuration of the minimum and maximum lengths of dynamicXport user passwords. These options are PwdMinLength and PwdMaxLength. The default values for minimum and maximum are 5 and 20, respectively. It can also operate with minimum password length set to zero, provided that the appropriate HTML pages accept a zero length password. dynamicXport accepts only the first 32 characters in a password and discards any additional characters. o The view audit page now shows organization ID. It is now possible to display the username and organization name by placing mouse cursors over User ID and Organization ID values, respectively. o dynamicXport can be used with Verisign Payflow Pro to accept credit card payments. o A new test program, dxbridgetest.dl4, may be used to test a dynamicXport Application server on IP address 127.0.0.1 and TCP/IP port number 9632. Type, "run dxbridgetest.dl4", from the Application server's home directory, and it will display the dynamicXport revision number if the Application server is configured correctly. o Bug Fix: It is possible to use a dynamicXport low security option requiring a secure SSL. o Bug Fix: It was possible to grant user options from a higher level organization. May 2, 2002 (Release 1.4) o A new configuration option in the dxsystem.txt file allows dynamicXport errors to be e-mailed. Set the "EmailAddress" to the person who should be notified in the event of a dynamicXport error. The "AuditFileType" must also be set to either a "T" or an "F" to enable this new emailing feature. The content of the email message is identical to the log file. o A separate process is automatically started for house-keeping. A single process is invoked the first time the application server is accessed. This process, dxpurge.dl4, runs continuously waking up every 15 minutes to check the dxsystem.txt file to determine if it should purge dead sessions and the audit records. o A new configuration option in the dxsystem.txt file controls the frequency of purging dead sessions and audit records. Set the "CRONFREQUENCY" to the desired value in hours:minutes. The default value (every 15 minutes) is used if the "CRONFREQUENCY" setting is undefined or if it contains an invalid entry. o If the web server cannot open an html output file, then a new configuration option in the dxserver.txt file determines if the name of the missing file should be displayed. Set the "SHOWOUTPUTFILE" to a "Y" if the name of a missing html file should be displayed. Do not set it to a "Y" if the name of a missing html file should not be displayed. o A low security session is not authenticated. o A low security session remains active beyond the "TimeOut" value, meaning it is not authenticated. A low security session is removed if it exceeds the "Elapsed" or "Expired" settings in the dxsystem.txt file and an activation error is reported. o The CyberCash interface program is no longer part of dynamicXport as Verisign, the owners of CyberCash, no longer issues merchant ids to new customers. Please call Dynamic Concepts for alternatives to CyberCash or if you are interested in on-line credit card payments. o Bug fix: It is now possible to create a session if a user from the same IP address attempts to login in less than a second. o Bug fix: An unexpected or subscript error occurred if an application program returned a very large buffer. Jan 4, 2002 (Release 1.3) o It is now possible to login using any of the fields in the user file. This alternate login method, i.e. other than User ID and password usage, requires defining a LOGINFIELDS in the dxsystem.txt file. The syntax for LOGINFIELDS is: LOGINFIELDS=a field in the user file AND/OR another field Please note that the & symbol is the AND operator, and the | symbol is the OR operator. The AND operator has a higher precedence than the OR operator. The expression is evaluated from left to right, but the precedence order may be modified by using parentheses. You may add as many fields as you require, provided that the fieldname is a valid fieldname in the user file (dxuser). However, the total size of LOGINFIELDS is limited to 254 characters. The first defined field in LOGINFIELDS is used to index into the user file. The fieldnames begin with L_USER followed by the actual fieldname in the files/dxuser.dbf file (with the exception of password, which is simply password and User ID which is simply ID). The alternate login method also requires customizing the login and the verification html page. Example: LOGINFIELDS=L_username & (password | L_useremail) LOGINFIELDS=L_UserUserdef1 & password o CyberCash may be accessed by calling (running) the dxccbridge.dl4 program. You must, however, first obtain your CyberCash ID from CyberCash. Please visit register.cybercash.com to sign up for CyberCash. o You can get a total session count by checking "Show Session Count" checkbox option on "View Sessions" page. o You may now evict another session from the "View Sessions" page. o It is now possible to run an SSL option from dxbridge.dl4. o It is now possible to view ascending and descending detail audit logs. o It is now possible to get summary by option, summary by user, or summary by user and option from the "View Audit" page. o Increased size of a message in the file dxmsg.txt, to 1900 characters. o The demo options may be added anytime by running the dxcreatedemo.dl4 program from the 'dxport' account. o The demo example files may be created by running docreate.dl4 o The "Prelink" field must be set to blank for the MASTER organization. o Bug fixed: Pressing the "login" icon repeatedly on the login page resulted in a login session error. o Bug fixed: Attempting to add a new option with a runtime only license reported an "Option not in file" error message. o Bug fixed: Users with non-MASTER organization IDs were unable to login. o Bug fixed: It was possible to remove the "admin" user using the dxbridge.dl4 program. o Bug fixed: S_ViewOptionType and session id fields were not returned while attempting to run non-securely an option that requires an SSL connection. o Bug fixed: It was possible to have non-alphanumeric characters in a password using the bridge program. o Bug fixed: S_VIEWOPTIONTYPE was not returned on Validate page. Jul 16, 2001 (Release 1.2.2) o It is now possible to output a user defined value for "Content-Type". dynamicXport automatically adds the two required 'CR's following the content-type value. o The dxbridge.dl4 program is now accessible to all users with a permission setting of 644. o The session ID is provided as an encrypted session id to an application program. o Bug fixed: A non-administrative user was able to add a new user using the dxbridge.dl4 program. o Bug fixed: A non-administrative user was able to change an existing user using the dxbridge.dl4 program. o Bug fixed: The Parent ID must be set to Null for a menu option type. o Bug fixed: Only audit records with proper permissions are displayed. Earlier releases displayed all audit records. o Bug fixed: Input and output of an extended audit log record is from the application's perspective, meaning input to and output from an application program. o Bug fixed: An existing U_ field is now updated with new values between sessions. o Bug fixed: Updated U_ fields' values are now logged in the extended log file. o Bug fixed: A user is now permitted to have more than 10 menu options. o Bug fixed: Those options that require SSL connections now run as https connections. o Bug fixed: Users were unable to login using browser settings for a proxy server such as a Microsoft Proxy server. May 16, 2001 (Release 1.2.1) o The dxinstall script will _NOT_ install the product unless an SSN authorized for dynamicXport has already been installed. o The dxinstall script will _NOT_ install from the super-user (root) account as the dynamicXport files must be owned by the Application server account (default dxport). o Provides improved Wireless Access Protocol (WAP) support. o The CheckBrowser option in the dxserver.txt file _must_ be set to WML to enable WAP support. o The CopyUser field is returned with Change user option with the dxbridge.dl4 program. o The dxbridge.dl4 program may add or modify a user's CopyUser field. o dynamicXport will run with a demo SSN and dL4 version 4.4 or greater. o Supports both Microsoft Internet Explorer browser versions 4 and 5. o Bug fixed: It was not possible to run an option without first logging in. o Bug fixed: The dxbridge.dl4 program received an "illegal subscript" error. o Bug fixed: The "View Audit" option did not display more than one page. o Bug fixed: The "Begin HTML Test Page" option was unable to find the HTML page filename. May 7, 2001 (Release 1.2) o OutsideIP, SecondaryServer, and AllowLocalHost options have been removed from the dxsystem.txt file. o The dxtestapp.dl4 program is no longer distributed. The dxbridge.dl4 program may be used to test dynamicXport application programs. o The product now uses a new option, REVISION, as 1.2 for this release in the dxsystem.txt file. o A new option, WebServerXIP, in the dxsystem.txt file controls the valid IP address of the webserver. The X in WebServerXIP is a sequential number for each webserver, starting with one (1) as the first webserver. o A new option, BridgeXIP, in the dxsystem.txt file controls the valid IP address of the local webserver. The X in BridgeXIP is a sequential number for each server, starting with one (1) as the first server. o A new option, AuditFileType, in the dxsystem.txt file enables connection logging. Connection logging may be enabled by setting the AuditFileType value to "T" for non-extended logging, and "F" for extended logging. Connection logging may be disabled by setting the AuditFileType value to nothing. o A new option, PurgeAuditAge, in the dxsystem.txt file specifies the number of days audit records are archived. All audit records older than the PurgeAuditAge are purged. o A new option, BufSize, in the dxsystem.txt file specifies the dynamicXport buffer size in characters for efficient memory management. Although it is restricted to 1024 as its minimum value, the maximum value is limited to free memory availability. The default value is 128K characters. o A new option, GlobalExtendedLog, may be used to log additional information. The extended log filename is audit.ext and must be purged by the developer as needed. These extended logging capabilities may be used as a debugging aid during program development. o A new program, dxpurge.dl4, may be run on the application server to remove old audit and session records. o The dxbuildfiles script builds dynamicXport support files. This script may be run anytime after installation to re-build support files. It keeps a backup copy of the original files directory as oldfiles directory. o dynamicXport auto-configures the value for S_Root if it is undefined in the dxserver.txt file. The REVISION option (open domain/dx/cgi-bin/dxserver?OPTION=REVISION from a browser) displays the recommended value for S_Root, if it is undefined in the dxserver.txt file. The S_Root should be set in the dxserver.txt file to improve performance. o A new option, ConnectRetryCount in the dxserver.txt file controls the number of connection attempts with the Application server before an error is reported. o A new option, DXBUFSIZE, in the dxserver.txt file specifies dynamicXport buffer size in characters for efficient memory management. Although its value is restricted to 1024 as its minimum value, the maximum value is limited to free memory availability. The default value for is 128K characters. o dynamicXport now supports WAP (Wireless Access Protocol) enabled browsers. o A new option, CheckBrowser in the dxserver.txt file enables WML (Wireless Markup Language) if WML is supported by the user's web browser. The syntax for CheckBrowser in the dxserver.txt file is CheckBrowser=WML. o The DXContent option in the dxserver.txt file controls the type of webserver URL encoding. This release of dynamicXport supports only HTML. o A new option, S_ContentOut in the dxserver.txt file controls the browser output header. The value is changed to WML if the browser supports WML and the CheckBrowser is set for WML. It is always set to the same value as the DXContent if the S_ContentOut is undefined in the dxserver.txt file. o A new option, S_ContentOut in the dxserver.txt file controls the browser output header. The value is set to WML if the browser supports WML and the CheckBrowser specifies WML. It is always set to the same value as DXContent if the S_ContentOut is undefined in the dxserver.txt file. o A new option, E_EnvironmentVariableName in the dxserver.txt file specifies which environment variables as seen by the web server are provided to the application programs. The syntax does not require a value for these fields. For example, setting E_HTTP_ACCESS as E_HTTP_ACCESS= in the dxserver.txt file allows an application program access to the HTTP_ACCESS environment variable as seen by the web server. o For Linux Apache and Microsoft IIS web servers, set the S_URL option in the dxserver.txt file to your domain name (e.g. http://www.dynamic.com). o For Linux Apache and Microsoft IIS web servers, set the S_SECUREURL option in the dxserver.txt file to your domain name (e.g. https://www.dynamic.com). o Times displayed on all browser pages reflect local time on the application server. o The example file contains a single customer record with DCI as its Customer ID. o The example file contains a single customer record with DCI as its Customer ID Acknowledgements ========================== This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). The OpenSSL license file and copyright notice is included in the file credits.txt. File List ========= dxinstall Installation script dxupdatecore Minimal update script dxbuildfiles Builds dynamicXport support files license.txt dynamicXport product license file credits.txt OpenSSL license and copyright information readme.txt dynamicXport product readme file ApplicationServer dynamicXport files for Application Server adddx System "listening" configuration script dxadmin.dl4 dynamicXport administrative program dxbridge.dl4 dynamicXport bridge program dxbridgetest.dl4 dynamicXport bridge test program dxchecklicense.dl4 part of dynamicXport installation script dxcreatecontacts.dl4 Creates dynamicXport dxcontacts support file dxcreatedemo.dl4 Creates dynamicXport example demo dxcreateoption.dl4 Creates dynamicXport dxoption support file dxcreateorg.dl4 Creates dynamicXport dxorg support file dxcreatesession.dl4 Creates dynamicXport dxsession support file dxcreateuser.dl4 Creates dynamicXport dxuser support file dxcreateuseroptions.dl4 Creates dynamicXport dxuseroptions support file dxcreateview.dl4 Creates dynamicXport dxview support file dxerror.lib dynamicXport library module dxfullisamio.lib dynamicXport library module dxgeneral.lib dynamicXport library module dxgetplatformno.dl4 gets dynamicXport platform ID dxio.lib dynamicXport library module dxlistener.dl4 dynamicXport Application server runtime module dxmakecert Linux/Unix script to create self-signed SSL certificates. dxmsg.txt dynamicXport message file dxpurge.dl4 Purges old audit and session records dxrebuild.dl4 Rebuilds dynamicXport system files dxsocket.lib dynamicXport library module dxsystem.txt dynamicXport Application server file dxverisignpayflow.dl4 Supports Verisign Payflow Pro. examples/ dynamicXport example programs instlapp.bat batch file to install Windows application server instdemo.bat batch file to install demo on Windows instsrvr.bat batch file to install Windows application server rmvdx Script to remove system "listening" WebServer dynamicXport files for Web Server admin/ Contains HTML files admin/images/ Contains graphics (gif) files cgi-bin Contains CGI programs and libraries cgi-bin/dxserver.txt dynamicXport web services configuration file cgi-bin/dxserver.cgi cgi script invoked by a web page cgi-bin/dxserver dynamicXport Web server runtime module (UNIX) cgi-bin/dxserver.exe dynamicXport Web server runtime module (Windows) dl4fldrv.dll dll for Windows dl4rt.dll dll for Windows dl4sockt.dll dll for Windows dl4stdrv.dll dll for Windows dxstd/ Contains HTML files dxstd/icons/ Contains graphics (gif) files dxstd/images/ Contains graphics (gif) files examples/ Contains HTML files includes/ Contains JavaScript and HTML files login/ Contains subdirectories login/dxstd/ Contains gif files and HTML file styles/ Contains cascading style sheets (css) files Copyright ========= CyberCash CashRegister is a trademark or registered trademark of CyberCash, Inc. in the United States and other countries.