Software Garden wikiCalc® Program:
Details About Live View
This page explains how to set up and use the Live View functionality.

wikiCalc flying bird logo
INTRODUCTION

Live Viewing is a feature through which you can recalculate and view the most recently published version of a page in a browser with optional wikiCalc-provided access control. Unlike static HTML pages which the server just returns as they were when created at publish time, this "live" rendering is done with the server executing wikiCalc to read the published page's source data file, doing the recalculation, and then converting the result to HTML and returning it to the browser. Because the page is recalculated anew in response to each browser request, cell formulas with references to values on other pages or that contain functions like NOW() that can return different values each time they are called can result in different values than at the time the page was last published. It is even possible to temporarily set new values for specific cells to be used in the recalculation and display without modifying the underlying wikiCalc data file.

This facility is how you get "up to date" pages at all times. It is also how you can control who can read different pages without needing to resort to server facilities like .htaccess files.

Note that references in the "live" page to values on other published pages do not cause those other pages to be recalculated, but rather pick up their last static, published values. The "live" recalculating does not propagate through to the formulas on pages the live-viewed page references. Because it recalculates the one page being viewed, the live viewing facility lets you immediately reflect updates to detail pages on any live viewed pages that directly depend upon them for values. Updates just doesn't propagate to more than one level of detail.

USING LIVE VIEW

A live view of a page is accessed by using special URLs that refer to the wikiCalc program running on a server rather than URLs that refer to the static HTML pages themselves. It is designed mainly for remote-server use of wikiCalc.

You access a page for live viewing by accessing the URL For Editing with appropriate arguments. The URL For Editing is a Site setting. You can set it by going to the Page tab, clicking the Manage Sites button, and then clicking the Edit button next to the appropriate site information. This URL is the one used for invoking the editing code for wikiCalc on your system. It is set in the site settings to allow an "Edit This Page" link to appear on published web pages as well as for part of the live view functionality. If you are editing using a remote server, this URL will refer to the Perl program on the server. This is similar to the URL you see in the browser when doing normal wikiCalc editing, i.e., something like http://www.domain.com/cgi-bin/wikicalccgi.pl. (If you are editing locally, this URL can be on the client computer, such as "http://127.0.0.1:6556", though live viewing is mainly designed for remote-served use of wikiCalc.)

The browser accessing the page must be logged in as a user with read or read/write privileges to the page's site or the page must have been published with Allow Live View Without Login checked.

The general form for requesting a live view page is something like:

http://www.domain.com/cgi-bin/wikicalccgi.pl?view=sitename/pagename

There are five types of output that can be obtained through the live view functionality:

page
A normal HTML page, including the template HTML
html
Just the HTML of the sheet rendered as a table
js
Javascript to embed the HTML of the table within another page
cdata
The table HTML as cdata within XML for use by Ajax, to be updated in the page DOM using innerHTML, etc.
source
The same page source produced by "Publish Source" without change (i.e., without the additional recalculation)

You specify the type with a "type" argument:

?view=sitename/pagename&type=outputtype

The "page" type is the default if no type argument is present. If not logged in and requesting type "page", a login page will be displayed if needed. Type "source" is only provided if "Publish Source" was checked for this page for the most recent publish.

The saved page is recalculated before display unless there is a "&recalc=no" argument. The saved page is not modified by viewing it, even if a recalculation is done.

The values of cells may be temporarily changed before recalculation by using a "cell" argument:

&cell:coord:type=value

"coord" is a cell coordinate, such as B7; "type" is "n" (numeric), "t" (text), or "e:na" (error: NA value); and "value" is the value. There may only be one cell argument for each coordinate. There may be more than one cell argument to change more than one cell. The cell being modified must have "Live View Modifiable" set to "yes" (one of the Format Misc settings). The modifications are not saved in the data file.

The logged in user may be logged out using the following argument:

?view=logout

SECURITY CONSIDERATIONS

The live viewing facility makes use of the normal wikiCalc program running with full ability to access its files. By giving people the live view URL of a page, you are also giving them the URL for running wikiCalc. Make sure you are aware of the security implications of this.

Normally you can "hide" the use of wikiCalc by not using a common URL for the program (e.g., put the system in a directory under cgi-bin that is not easily guessed and renaming wikicalc.pl to something else) or using other access control (such as .htaccess), and by not allowing "Edit This Page" links on the HTML pages. When you have live viewing these techniques may not work.

You may need to depend upon the wikiCalc access control system to provide the security you desire. It is very simple and may not be up to the task depending upon your needs. Make sure you don't give Admin access (or perhaps any access) to untrusted users. Read Only or "Live View Without Login" access may be best in many cases.

Also, be careful about giving access to the WKCcallableUtilities.pl program. If you are not using it, do not put it on the server or do not give it execute permission. It is a powerful program that can make HTTP access to other websites.

Periodically check the bug list and do web searches to see if any wikiCalc vulnerabilities have been reported here or elsewhere.


(c) Copyright 2007 Software Garden, Inc.
All Rights Reserved.

wikiCalc, Software Garden, and Garden are registered trademarks of Software Garden, Inc.
Dan Bricklin's is a registered trademark of Daniel S. Bricklin.