Synchronet v3.19b-Win32 (install) has been released (Jan-2022).

You can donate to the Synchronet project using PayPal.

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
server:web [2021/01/27 20:37] – Removed (now broken) webv4 documentation links. ecbbsserver:web [2023/12/23 02:14] (current) – [Configure] Update SCFG screenshot digital man
Line 7: Line 7:
 The Synchronet Web Server is a mostly HTTP 1.1 compliant web server capable of The Synchronet Web Server is a mostly HTTP 1.1 compliant web server capable of
 handing basic web servicing tasks.  It has most of the basic features of a handing basic web servicing tasks.  It has most of the basic features of a
-general-purpose web server one would come to expect (including CGI).+general-purpose web server one would come to expectincluding (Fast)CGI.
  
 It also, through Server-Side JavaScript (SSJS), allows dynamic pages to be It also, through Server-Side JavaScript (SSJS), allows dynamic pages to be
Line 13: Line 13:
  
  
-===== Configuration =====+===== Configure =====
  
-==== Startup INI [Web] Section Keys ====+The Synchronet Web Server can be configured via [[util:SCFG]]:Servers->Web Server:
  
-The ''[Web]'' section of your [[config:sbbs.ini]] file contains the following settings (keys):+<file> 
 +╔══════════════════════════════════════════════════════════════════╗ 
 +║                            Web Server                            ║ 
 +╠══════════════════════════════════════════════════════════════════╣ 
 +║ │Enabled                       Yes                               ║ 
 +║ │Log Level                     Informational                     ║ 
 +║ │HTTP Interfaces               0.0.0.0, ::                       ║ 
 +║ │HTTP Port                     80                                ║ 
 +║ │HTTPS Support                 Yes                               ║ 
 +║ │HTTPS Interfaces              0.0.0.0, ::                       ║ 
 +║ │HTTPS Port                    443                               ║ 
 +║ │SSJS File Extension           .ssjs                             ║ 
 +║ │Index Filenames               index.html, index.ssjs, index.xjs ║ 
 +║ │Content Root Directory        ../webv4/root                     ║ 
 +║ │Error Sub-directory           error                             ║ 
 +║ │Strict Transport Security     No                                ║ 
 +║ │Virtual Host Support          No                                ║ 
 +║ │Access Logging                <disabled>                        ║ 
 +║ │Max Clients                   100                               ║ 
 +║ │Max Inactivity                2 minutes                         ║ 
 +║ │Filebase Index Script         webfileindex.ssjs                 ║ 
 +║ │Filebase VPath Prefix         /files/                           ║ 
 +║ │Filebase VPath for VHosts     No                                ║ 
 +║ │Authentication Methods        Basic,Digest,TLS-PSK              ║ 
 +║ │Output Buffer Drain Timeout   10 ms                             ║ 
 +║ │Lookup Client Hostname        No                                ║ 
 +║ │CGI Support                   No                                ║ 
 +║ │CGI Directory                 cgi-bin                           ║ 
 +║ │CGI File Extensions           .cgi                              ║ 
 +║ │CGI Default Content-Type      text/plain                        ║ 
 +║ │CGI Max Inactivity            2 minutes                         ║ 
 +║ │JavaScript Settings...                                          ║ 
 +║ │Failed Login Attempts...                                        ║ 
 +╚══════════════════════════════════════════════════════════════════╝
  
 +</file>
 +
 +... or via [[monitor:SBBSCTRL]]:Web->Configure:
 +
 +{{:server:sbbsctrl.3.20.web.config.png|}}
 +
 +... or via manual edit of the ''[Web]'' section of the ''[[dir:ctrl]]/[[config:sbbs.ini]]'' file.
 +
 +==== sbbs.ini ====
 +
 +The ''[Web]'' section of your [[config:sbbs.ini]] file supports the following configuration settings (keys):
 +
 +^ Key                      ^ Default          ^ Description ^
 +| AutoStart                | ''true''         | Automatically start-up the server when Synchronet is started |
 +| HostName            | //none//         | Override system hostname |
 +| LogLevel            | Informational    | Default minimum severity of log messages to view or log-to-disk |
 +| TLSErrorLevel            | Emergency       | Maximum severity of TLS-related log messages |
 +| Interface                | ''0.0.0.0,::''   | Comma-separated list of IPv4 and IPv6 addresses of network interfaces and optional port numbers to listen for incoming HTTP/TCP connections |
 +| TLSInterface             | //Interface//    | ... for incoming HTTPS/TLS connections |
 +| Port                     | ''80''           | Default TCP port to listen for incoming HTTP connections |
 +| TLSPort                  | ''443''          | Default TCP port to listen for incoming HTTPS/TLS connections |
 +| BindRetryCount    | 2               | Default number of network interface/port bind retry attempts |
 +| BindRetryDelay    | 15               | Default number of seconds to wait between bind attempts |
 +| MaxClients               | 100              | Maximum number of simultaneous connections supported (0 = unlimited) |
 +| MaxInactivity            | ''2m''           | Maximum duration of client inactivity before disconnection |
 +| MaxCgiInactivity         | ''2m''           | Maximum duration of CGI application inactivity |
 +| SemFileCheckFrequency    | //global// (2)   | Seconds between semaphore file checks |
 +| IndexFileNames           | ''index.html,index.ssjs''    | Index filenames to search for and serve up (when no file name was requested) |
 +| RootDirectory            | ''../web/root''  | Files are served out of this directory tree |
 +| ErrorDirectory           | ''error''        | Sub-directory of //RootDirectory// where error files are served from |
 +| CGIDirectory             | ''cgi-bin''      | Sub-directory of //RootDirectory// where CGI applications are served from |
 +| DefaultCGIContent        | ''text/plain''   | Default MIME-type of CGI content |
 +| CGIExtensions            | ''.cgi''         | Comma-separate list of file extensions (suffixes) used to recognize CGI application files |
 +| JavaScriptExtension      | ''.ssjs''        | File extension used to recognize Server-side JavaScript content files |
 +| Authentication           | ''Basic,Digest,TLS-PSK ''    | Authentication methods supported |
 +| HttpLogFile              | ''[[dir:data]]/logs/http-''  | Path prefix for HTTP access log files |
 +| FileIndexScript          | ""               | Server-side JavaScript to execute to provide HTML/CSS library and directory listings of virtual file paths (e.g. ''webfileindex.ssjs'') |
 +| FileVPathPrefix          | ""               | Virtual path for HTTP file base access, suggested value: ''/files/'' |
 +| FileVPathForVHosts       | ''false''        | If you'd like your virtual hosts to provide HTTP access to your file bases (using virtual file paths), set this to ''true'' |
 +| OutbufDrainTimeout       | ''10''           | Number of milliseconds to wait for output buffer to drain |
 +| TempDirectory            | ''../temp/''     | Override default temporary file directory |
 +| Options                  |                  | See below for details |
 +
 +=== Options ===
 +
 +The ''Options'' key is set to a ''|'' separated list of options to enable.  
 +
 +Default value: **''NO_HOST_LOOKUP | HTTP_LOGGING | NO_CGI''**
 +
 +In addition to the [[config:sbbs.ini|standard options]], the web server also supports the following:
 +
 +== DEBUG_RX ==
 +
 +Log all received data to the console log, as well as various
 +extra bits related to receiving data.
 +
 +== DEBUG_TX ==
 +
 +Log all transmitted data except the reply body itself, as well
 +as various extra bits of information related to transmitted
 +data.
 +
 +== DEBUG_SSJS ==
 +
 +Log server-side JavaScript execution details.
 +
 +== VIRTUAL_HOSTS ==
 +
 +Supports name-based virtual hosts.  If your system has multiple
 +host names, you can have each host name return unique content
 +depending on which hostname is used.  ie: if
 +''freebsd.synchro.net'' and ''nix.synchro.net'' both resolved to your
 +system, you could have FreeBSD-specific pages on one, and 
 +general *nix stuff on the other.
 +
 +A virtual host is added by simply putting the desired content
 +into a sub-directory of [[#RootDirectory]] with the desired hostname
 +ie: ''web/root/freebsd.synchro.net/'' if the browser doesn't send
 +the request host name (very old browsers, or some automated
 +tools) they will be served out of document root.
 +It is therefore a good idea to put links to your various
 +virtual hosts in an ''index.html'' page in [[#RootDirectory]] something
 +like this:
 +<code html>
 +<html>
 +  <head>
 +    <title>Old Browser</title>
 +  </head>
 +  <body>
 +    Your browser is either too old to support
 +    name-based virtual hosts, or you have visited a
 +    virtual hosts that is not yet configured.  The
 +    following are hosted here:<br>
 +    <a href="freebsd.synchro.net">freebsd.synchro.net</a><br>
 +    <a href="nix.synchro.net">nix.synchro.net</a><br>
 +  </body>
 +</html>
 +</code>
 +
 +== NO_CGI ==
 +
 +Disable CGI/FastCGI script execution.
 +
 +== HTTP_LOGGING ==
 +
 +Enable logging to a Common Logfile Format log as described in
 +the HttpLogFile section.  Usefull for running log analysis
 +programs (like Webalizer: http://www.mrunix.net/webalizer/)
 +
 +== NO_JAVASCRIPT ==
 +
 +Disable SSJS execution.
 +
 +== ALLOW_TLS ==
 +
 +Enable TLS/SSL support.
 +
 +== HSTS_SAFE ==
 +
 +Indicates that all URLs available via http are also available via https and redirects clients who want a TLS session to the https location.
 +
 +==== Reference ====
 +
 +Web Server configuration settings reference:
 + 
 === RootDirectory === === RootDirectory ===
  
Line 109: Line 267:
 (if enabled, see next item), date, and ''.log'' are appended to this (e.g.''http-2005-03-12.log''). (if enabled, see next item), date, and ''.log'' are appended to this (e.g.''http-2005-03-12.log'').
  
-=== Options ===+=== FileVPathPrefix === 
 +Default value: ""
  
-Default value: ''NO_HOST_LOOKUP''+Suggested value: ''/files/''
  
-The ''Options'' key is set to a ''|'' separated list of options to enable.  In addition to the [[config:sbbs.ini|standard options]]the web server also supports the following:+A virtual sub-directory of your web root to provide direct HTTP[S] access to your file basesHTTP-AUTH is used for conditional access/restrictionswhen necessary. The trailing slash is important.
  
-''DEBUG_RX'' +=== FileVPathForVHosts === 
- +Default value: ''false''
-Log all received data to the console log, as well as various +
-extra bits related to receiving data. +
- +
-''DEBUG_TX'' +
- +
-Log all transmitted data except the reply body itself, as well +
-as various extra bits of information related to transmitted +
-data. +
- +
-''VIRTUAL_HOSTS'' +
- +
-Supports name-based virtual hosts.  If your system has multiple +
-host names, you can have each host name return unique content +
-depending on which hostname is used.  ie: if +
-''freebsd.synchro.net'' and ''nix.synchro.net'' both resolved to your +
-system, you could have FreeBSD-specific pages on one, and  +
-general *nix stuff on the other. +
- +
-A virtual host is added by simply putting the desired content +
-into a sub-directory of [[#RootDirectory]] with the desired hostname +
-ie: ''web/root/freebsd.synchro.net/'' if the browser doesn't send +
-the request host name (very old browsers, or some automated +
-tools) they will be served out of document root. +
-It is therefore a good idea to put links to your various +
-virtual hosts in an ''index.html'' page in [[#RootDirectory]] something +
-like this: +
-<code html> +
-<html> +
-  <head> +
-    <title>Old Browser</title> +
-  </head> +
-  <body> +
-    Your browser is either too old to support +
-    name-based virtual hosts, or you have visited a +
-    virtual hosts that is not yet configured.  The +
-    following are hosted here:<br> +
-    <a href="freebsd.synchro.net">freebsd.synchro.net</a><br> +
-    <a href="nix.synchro.net">nix.synchro.net</a><br> +
-  </body> +
-</html> +
-</code> +
- +
-''NO_CGI'' +
- +
-Disable CGI script execution. +
- +
-''HTTP_LOGGING'' +
- +
-Enable logging to a Common Logfile Format log as described in +
-the HttpLogFile section.  Usefull for running log analysis +
-programs (like Webalizerhttp://www.mrunix.net/webalizer/+
- +
-''NO_JAVASCRIPT'' +
- +
-Disable SSJS execution.+
  
-''ALLOW_TLS''+By default, virtual hosts will not have the virtual file path (if enabled). Set this to ''true'' if you would like your virtual hosts to support the virtual file paths as well.
  
-Enable TLS support.+=== FileIndexScript === 
 +Default value: ""
  
-''HSTS_SAFE''+Suggested value: ''webfileindex.ssjs''
  
-Indicates that all URLs availabe via http are also available via https and redirects clients who want a TLS session to the https location.+A Server-side JavaScript (SSJS) file to execute and provide HTML/CSS indexes to file libraries and directories accessed via virtual file paths.
  
 ==== Other configuration files ==== ==== Other configuration files ====
Line 220: Line 325:
  
  
-==== webctrl.ini per-directory configuration file ====+==== webctrl.ini ==== 
 Each directory under the [[#RootDirectory]] may have a ''webctrl.ini'' file which overrides certain settings for Each directory under the [[#RootDirectory]] may have a ''webctrl.ini'' file which overrides certain settings for
 the directory it's in and all child directories.  Configuration keys may be set the directory it's in and all child directories.  Configuration keys may be set
Line 227: Line 333:
  
 === AccessRequirements === === AccessRequirements ===
-Specifices an ARS string which all users must match to be able to access+Specifies an ARS string which all users must match to be able to access
 files in this directory.  Will force an HTTP login. files in this directory.  Will force an HTTP login.
  
Line 267: Line 373:
  
 === FastCGISocket === === FastCGISocket ===
-Specifies the socket and port of a FastCGI listener in the <Address>:<Port> format (ie: 127.0.0.1:9000).  Should be used with wildcard sections like this:+Specifies the socket address of a FastCGI listener in either <Address>:<Port> format (e.g. ''127.0.0.1:9000''or ''unix:/path/to/unix/socket'' format.  Should be used with wildcard sections like this:
 <file webctrl.ini> <file webctrl.ini>
 [*.php] [*.php]
 FastCGISocket=127.0.0.1:9000 FastCGISocket=127.0.0.1:9000
 </file> </file>
- 
-Added on November 1st, 2015 to CVS (in 3.17a). 
  
 See [[howto:php]] for details on using with PHP. See [[howto:php]] for details on using with PHP.
Line 280: Line 384:
 Specifies a Javascript snippet which can modify the http_request.request_string.  This allows internal redirects like the RewriteRule feature in Apache .htaccess files.  The key must *begin* with the string "Rewrite" which may be followed by any legal INI key characters.  The order of execution is not guaranteed. Specifies a Javascript snippet which can modify the http_request.request_string.  This allows internal redirects like the RewriteRule feature in Apache .htaccess files.  The key must *begin* with the string "Rewrite" which may be followed by any legal INI key characters.  The order of execution is not guaranteed.
  
-Added on November 3rd, 2015 to CVS (in 3.17a).+<file webctrl.ini> 
 +RewriteDetail=var n=http_request.request_string.replace(/_detail\/(.*)/,"lib/exe/detail.php?media=$1"); if(n != http_request.request_string) { http_request.request_string=n; true } 
 +</file> 
 + 
 +If the expression returns "true", reparses http_request.request_string as 
 +an internal redirect. 
 + 
 +Added on November 3rd, 2015 to CVS (in 3.17a). ([[https://gitlab.synchro.net/main/sbbs/-/commit/370cb673ce644a77bb94f9375cbe3463390e485a|Commit]])
  
 === JSPreExec === === JSPreExec ===
Line 360: Line 471:
 is the remote hostname. is the remote hostname.
  
 +=== scheme ===
  
 +"https" if TLS is in use, "http" otherwise.
 ==== http_reply object ==== ==== http_reply object ====
  
Line 401: Line 514:
  
 See also: the RootDirectory key under [Web] in [[config:sbbs.ini]]. See also: the RootDirectory key under [Web] in [[config:sbbs.ini]].
- 
- 
-===== The SSJS Template System ===== 
-The default web pages use a SSJS Template engine which also allows for Theme  
-support. 
- 
-[Note:  With this latest implementation of SSJS, @@ codes no longer can be nested.] 
- 
- 
-==== The SSJS Template Scheme ==== 
- 
-Each page consists of four parts: 
- 
-=== The Header  === 
-  ../web/templates/default/header.inc   
- 
-This file contains the basic requirements for the HTML page. 
-The opening HTML, doctype, title, CSS file link, etc.  The 
-header file includes the open body, System Name, and User  
-greeting plus the initial page layout table start.  The rest 
-of the layout is continued in the next files. 
- 
-=== Top Navigation === 
- 
-  ../web/templates/default/topnav.inc 
-  ../web/lib/topnav_html.ssjs 
- 
-The ''topnav.inc'' file contains the basic design of the "breadcrumbs" 
-The links are dynamically generated by ''topnav_html.ssjs'' so both 
-files need to be addressed when modifying or creating themes. 
-In the case of the default layout, ''topnav.inc'' has a left and right  
-graphic and a middle section that the dynamic content goes.  The 
-background image is handled by CSS.  You can change this to anything 
-you like. 
- 
-The ''topnav_html.ssjs'' file may seem daunting at first, but it is  
-pretty straight forward.  It has a series of if statements that 
-check the current page location and sets up the breadcrumbs based 
-on what you want it to say. 
- 
-For example: 
-You want to add a Links page called links.html in the main  
-directory.  You would add a check for the path to links.html 
-as: 
- 
-<code javascript> 
-if(http_request.virtual_path=="/links.html") 
-    template.topnav.push({html: '<span class="tlink">Some Links</span>'}); 
-</code>    
-   
-=== Left Side Navigation === 
- 
-  ../web/templates/default/leftnav.inc 
-  ../web/lib/leftnav_nodelist.ssjs 
-  ../web/lib/leftnav_html.ssjs 
- 
-This starts the main table layout in the default layout and also 
-provides two other things -- the main navigation links and a brief 
-nodelisting that displays when users are online via telnet. 
-The links are dynamically created as in the Top Navigation example 
-above with the exception of the two static links. 
- 
-=== Main Content (various files) === 
- 
-This is where the layout of the main content is created.  It is best 
-to look at the various files in ''../web/templates/default'' 
-''../web/templates/default/msgs'' to see how the code is displayed for the 
-various functions of the Web side of Synchronet.  Some details on what 
-each of the special codes contained in those files do will follow. 
- 
-=== Footer === 
-   
-  ../web/templates/default/footer.inc 
-   
-This file contains the closing HTML and whatever bottom information 
-you would like. In the case of the default layout, the 
-Web Server/Synchronet versions and the XHTML 1.0 logo.  Links to 
-privacy statements or anything else can be placed here and they will  
-be displayed at the bottom of each page. 
- 
- 
-==== SSJS Theme Support ==== 
- 
-Theme Layouts can be added to Synchronet by creating them and placing the 
-*.inc files in their own directory under ../web/templates/ 
- 
-Themes are activated by editing the ../web/templates/html_themes.ssjs file. 
-This file contains: 
-<code javascript> 
-/* Set default theme name */ 
-var DefaultTheme="Default"; 
- 
-/* Edit this bit to add/remove/modify theme descriptions and dirs */ 
-Themes["Default"]=new Object; 
-Themes["Default"].desc="Default Synchronet Theme"; 
-Themes["Default"].dir="default"; 
-Themes["Default"].css="/synchronet.css";  
-</code> 
- 
-Themes are added by editing below the Default Theme such as: 
-<code javascript> 
-Themes["CoolTheme"]=new Object; 
-Themes["CoolTheme"].desc="My Cool Theme"; 
-Themes["CoolTheme"].dir="cooltheme"; 
-Themes["CoolTheme"].css="/cooltheme.css"; 
-</code> 
-To change the Default Theme, change: 
- 
-<code javascript> 
-var DefaultTheme="Default"; 
-</code>  
-to: 
-<code javascript> 
-var DefaultTheme="CoolTheme"; 
-</code> 
- 
-==== Special Codes Used in the SSJS Template System ==== 
- 
-By looking at at the message related files located in templates/default/msgs, 
-it can be seen that some special codes are used to display dynamically created 
-content. It is very important to maintain the information EXACTLY as seen in 
-each file or else the messaging system will fail.  While how it is displayed 
-can be changed, the correct information will only be dispayed by following the 
-format in the *.inc files. 
- 
-For example the groups.inc: 
-<code html> 
-<!-- Main Content -->   
-     
-<td class="main" valign="top"><br /> 
- 
-<table class="grouplist" border="0" cellpadding="2" cellspacing="2"> 
-<tr> 
-<th class="grouplist">Message Group</th><th class="grouplist">Subs</th> 
-</tr> 
-<<REPEAT groups>> 
-<tr> 
-  <td class="grouplist"> 
-      <a class="grouplist" href="subs.ssjs?msg_grp=^^groups:name^^"> 
-          %%groups:description%%</a></td> 
-  <td class="grouplist" align="right"> 
-      @@JS:msg_area.grp_list[RepeatObj.index].sub_list.length@@</td> 
-</tr> 
-<<END REPEAT groups>> 
-</table> 
-<br /> 
- 
-<!-- end Main Content --> 
-</code> 
- 
-While the table layout can be changed or even eliminated, the information 
-within the <<REPEAT groups>> and <<END REPEAT groups>> must remain intact. 
-To remove the table yet keep the correct infomation, the resulting groups.inc 
-would be changed to (while maintaining the main table layout in this case) to: 
-<code html> 
-<!-- Main Content -->   
-     
-    <td class="main" valign="top"><br /> 
- 
-  <<REPEAT groups>> 
-    <a class="grouplist" href="subs.ssjs?msg_grp=^^groups:name^^"> 
-        %%groups:description%%</a> 
-    @@JS:msg_area.grp_list[RepeatObj.index].sub_list.length@@<br /> 
-  <<END REPEAT groups>> 
- 
-  <br /> 
- 
-  <!-- end Main Content --> 
-</code> 
- 
-This principle applies to all the .inc files in msgs respectively. 
- 
-==== The SSJS Template Library ==== 
- 
-''%%name%%'' is replaced with the HTML encoded value of template.name 
- 
-i.e.; Spaces are replaced with: ''this&nbsp;is&nbsp;html'' 
- 
-''^^name^^'' is replaced with the URI encoded value of template.name 
- 
-i.e.; Spaces are replaced with:  ''this%20is%20URI'' 
-           
-''@@name@@'' is replaced with the value if ''template.name'' 
- 
-No changes or encoding is performed. 
- 
-''@@name:sname@@'' is replaced with the value of ''template.name.sname'' 
-(^^ and %% are also supported) 
- 
-''@@JS:js_expression@@'' is replaced with the return value of ''js_expression'' 
-(^^ and %% are also supported) 
- 
-<code javascript> 
-<<REPEAT name>> 
-  @@name:sname@@ 
-<<END REPEAT name>> 
-</code> 
- 
-Iterates over the array/object ''template.name'' and replaces ''name:sname'' with  
-the value of ''template.name.sname''. 
-(^^ and %% are also supported) 
- 
- 
-==== SSJS Message Configuration ==== 
- 
-Configuration settings for the SSJS Messaging system is located in the 
-''../web/lib/msgsconfig.ssjs'' file: 
-<code javascript> 
-max_messages=20; 
-max_pages=30; 
-next_msg_html="Next Message"; 
-prev_msg_html="Previous Message"; 
-next_page_html="NEXT"; 
-prev_page_html="PREV"; 
-showall_subs_enable_html="Show all subs"; 
-showall_subs_disable_html="Show subs in new scan only"; 
-show_messages_all_html="Show all messages"; 
-show_messages_yours_html="Show messages to you only"; 
-show_messages_your_unread_html="Show unread messages to you only"; 
-show_messages_spacer_html="&nbsp;<b>|</b>&nbsp;"; 
-anon_only_message="Message will be posted anonymously"; 
-anon_allowed_message='<input type="checkbox" name="anonymous" value="Yes" /> Post message anonymously'; 
-anon_reply_message='<input type="checkbox" name="anonymous" value="Yes" checked /> Post message anonymously'; 
-private_only_message="Message will be marked private"; 
-private_allowed_message='<input type="checkbox" name="private" value="Yes" /> Mark message as private'; 
-private_reply_message='<input type="checkbox" name="private" value="Yes" checked /> Mark message as private'; 
-</code> 
- 
-Each of these are configurable. 
- 
-See the actual file for the defaults currently in use. 
- 
-==== Embedded Javascript ==== 
- 
-The ''*.inc'' files can (and do in the default layout) have embedded JavaScript 
-which is parsed by the JavaScript engine.  Care should be taken as a large 
-number of embedded JavaScript in the *.inc files slow down overall processing 
-of pages. 
- 
-Anything contained within ''@@JS: @@'' is processed by the Server-side JavaScript 
-engine. 
- 
-For example, it can check if the user is Guest or an actual user with this line: 
- 
-<code javascript> 
-@@JS:if(user.number==0 || user.security.restrictions&UFLAG_G) '<html code for Guest>'; \ 
-else '<html code for registered user>';@@ 
-</code> 
-         
-What this does is display links specific for Registered Users only to them 
-and not Guest.  There are many things that can be done with ''@@JS: @@'' code. 
-Note, it also can be used to display HTML based on location as in the 
-node listing stuff. In this case, it checks for whether or not a user is 
-online, or if the user is anywhere but the Who's Online page before displaying 
-the Left side node listing. 
- 
-IMPORTANT!  Anything contained within ''@@JS: @@ MUST'' be on one line or there 
-will be errors in parsing. 
- 
-==== global_defs.ssjs ==== 
- 
-This version of the Web Layout now includes a new file called 
-''global_defs.ssjs'' It is located in the ''../web/lib'' directory.  This file can 
-be used for creating global definitions that span all pages of a site. 
-For example: 
- 
-<code javascript> 
-template.user_alias=user.alias; 
-</code> 
- 
-Now ''@@user_alias@@'' can be in any ''*.inc'' template files and it will display the 
-user's alias. 
- 
-Care should be exercised when using this file as loading it up with hundreds 
-of predefined definitions may slow down overall page rendering as the file is 
-loaded on every page.  It would be better to just put a few popular  
-definitions that are truly global rather many definitions.  It would be 
-inefficient to have thirty of forty message definitions being loaded when a 
-user is looking at the statistics page. 
- 
  
 ===== XJS files ===== ===== XJS files =====