XMLpen design overview


XMLpen allows your Intra- and Internet users to change information on web documents without any special software installed on their machines.
XMLpen runs on various platforms, even in completely heterogeneous environments. Even if your platform is not yet supported this may be no bigger problem since the development favored highly portable code from the scratch on.
XMLpen brings its own independent user database but it could be linked to your company`s database as well.
The users can only display or edit the files they are entitled to, so even restricted areas of your site can be edited. To ensure the security of your system, special attention was paid on data passing over the web interface as in code stability, thus eliminating potential intrusion points.


After logging in the user will see a list of all files he or she may edit, after every file he will see the current publishing status of the file and a button to edit it. Since not every user may be allowed to publish changed files to your official Web-Site XMLpen incorporates a bi-level release policy which allows special assigned users to list files pending release, controlling and releasing them.
When the user displays a file for editing, he will be presented with an "edit view" of the file, resembling a close to normal display of the file enriched with little pens which when clicked on will lead to an edit page allowing to change this same text portion as well as a great number of attributes for the section.
To ensure your CI you can specify which attributes may be changed. You can even define different sections within a file with different restrictions, so giving you the option to make only a part of the page editable.
Pages further may contain special symbols allowing the user to perform more complex tasks like adding elements from templates or new table lines.
Attributes contain standard attributes like Bold, Italics, Underline, as well as sizes, colors, alignment or links within or without the site. So you can e.g. define who is allowed to link external pages and who only may link to internal files.


The communication between the users browser and the server may use SSL encoding so information is secure while passing through your Network or even the Internet.
CGIEdit uses ordinary Web-forms (No activeX, Javascript, etc.) so it can even be used in areas where executable code is blocked, filtered or disabled. To make sure logins can not be stolen, as happened with several free mail services, all forms contain a random code which links them to a machine and user identity. The users rights are checked for every part of the work to make sure that no user may execute functions he is not entitled to by modifying forms or use of scripts. All serious hacker activity is logged and special scripts can be started upon detection e.g. informing your sysop or closing out the hackers computer form your routers or firewalls.
For higher security it is possible to set up XMLpen to run on one (internal) server (e.g. behind a firewall) and transmit the changed pages to an other (external) server, the systems can even use completely different platforms as long as there is a way to transmit a file with a script started form a secure account of the server running CGIEdit.
Even though XMLpen allows its administrators to specify any file as a editable file XMLpen does not circumvent security since XMLpen itself runs with pretty limited rights. Even in environments where the scripts to transmit edited files have to use a privileged account, these are pretty much not exploitable because of there limited functions and restrictions you may apply to the paths they use.


XMLpen is routinely tested on Linux and Windows NT & 2000.
Its basic library was also tested in detail and optimized on HP UX and the program should perform well on this system.
Even though it is not constantly tested on other platforms as Windows 95, 98 or Windows ME, XP , AIX, Solaris, BSD,... it should run on them as well.
The standard development platform is currently SuSE Linux 7.3 (Kernel 2.4.10) so all immediate releases will be only tested on this environment. However the Linux version will run on most systems without any changes now.
Reaching out further XMLpen should as well run on any source-compatible OS for which the gcc/gpp in a recent version is available with the standard ANSI C/C++(97) and POSIX(v1.2) libraries.
All "Unix"-like platform tests were done with apache webserver, Windows Platforms were tested only with Microsoft IIS. It is possible that other webservers will require some adjustments. However XMLpen honors the pending RFC release of the 1.2 CGI specification. Even though most optimizations in XMLpen were of conceptory nature some were made for specific platforms. Most of the OS dependent
code will be found in the basic libraries which were specially developed for this project. The Libraries are also a common access point for other calling types like ISAPI or apache-modules which are soon to come.


[Philosophy] [Products] [Services] [Company] [Support] [KnowHow] [Contact] [Specials] [Links]

(c) 2001-2004 Explido Software USA Inc. NEW Phone number 1 (863) 248 1195 or 1 (800) 348 5129
Explido Software USA Inc. is a small private owned IT Service company in central Florida. From our location in Lakeland, Polk County we service the whole Tampa and Orlando area. Our main areas of business are IT Counseling, Software Development, Linux Server Systems and Web Marketing.
This Web Site is brought to you by Explido Software USA Inc. We hope the Information on our Site is helpful for you however we give no guarantees for the Information on our Web Site If you want to process, store or republish the Information on this Web Site in any way not associated with the normal use of the Internet, as in search-engines, browser caches, proxy servers, etc., you need our written consent.