heitml Configuration Reference

This is the reference for heitml

Configuration Files

Naming conventions and location

Platformglobal configurationlocal configuration
file namelocationfile name
Apachehttpd.confusually the conf directory under the Apache installation dir.htaccess
UNIX/CGI.heitmldirectory of heitml program.heitml
Windowsheitml.inidirectory of heitml programheitml.ini


This paragraph applies for the heitml configuration files of the Windows and UNIX/CGI versions of heitml. The heitml Apache versions uses the normal syntax of Apache directives.

Each line of the configuration file should contain one option of the form

    optionname = value
Optionname must be one of the options described below. The value can be a string, T/yes/on/1 for true, F/no/off/0 for false, or an integer. A string is any character sequence containing no white space, or any character sequence enclosed in double quotes.

In the global configuration file you can specify directory-specific options by specifying a section with the file path of the directory:


All configuration options following this section apply to the directory denoted by directory. All configuration options before the first section are common configuration options and apply to every heitml directory. Furthermore, if directory1 is a parent directory of directory2 (directory2=directory1+sub-path) and there is a section [directory1], all configuration options of this section apply to directory2.

For example, with the global configuration file being




the effective configuration for heitml directory /home/customers/customer1 would be:

Configuration Options

heitml configuration options can be used inside the heitml configuration files described above. For the Apache Web server all the options names must be preceded by heitml, e.g. heitmluser, heitmlpasswd ... (except for access which is named just heitml in Apache). The exact meaning of the user, dbname, passwd, dbhost and dbport parameters differs with the database system used and is described there.

access Can be T/on or F/off. T/on allows Web server access. Default is T. For Apache, this option is called heitml.
heitml Can be T/on or F/off. T/on allows the usage of heitml. Apache equivalent for the access option, but default is F.
db Can be T/on or F/off. T/on to use the database. If database is not used (F), queries return an empty result set and updates do nothing. Default is T.
user User name for database login. It is required only for databases with user authentication.
passwd Password for database login. It is required only for databases with user authentication.
dbhost Host where database server is running. Ignored with ODBC. Default is the local host.
dbport Port on host where database server is running. Ignored with ODBC.
dbname Database name, necessary for database systems that support multiple databases. Ignored with ODBC. Otherwise, if set to '-', no database access is allowed. If set to '*', the heitml application is allowed to specify a database with the dbdatabase tag.
datasource Name of the ODBC system data source. This parameter should not be empty. Ignored with non-ODBC database systems.
connpool Only ODBC. Can be T/on or F/off. T/on to enable ODBC connection pooling. In addition, you have to enable Connection Pooling in the ODBC Data Source Administrator. Default is F.
write Can be T/on or F/off. T/on allows write access to the database. Default is F.
optconn Can be T/on or F/off. T/on to enable database connection caching which keeps connections to the database open and reuses them. Default is F. Not supported for ODBC.
dbserialize Only Windows. T/on to serialize all connections to the database. Default is F. Necessary in multi-threaded applications like an ISAPI-compliant Web server where ODBC drivers are used that are not thread-safe.
isolationdatabase transaction isolation level; valid values are:
Default is DEFAULT.
staticcursor Can be T/on or F/off. T uses static cursor for queries if supported by ODBC driver. Ignored except for ODBC. Default is T.
include Include path. If not Apache, this is a list of directory names separated by semicolons (Windows) or colons (UNIX). Include paths of a local configuration are inserted before include paths of the global configuration.

For Apache, this directive adds a directory to the include path. All the directories in the include path are searched for a file to be included by the include tag. In case of a .htaccess file a relative path starts from the directory containing the .htaccess file.

The heitmlinclude command may be used several times. Within a configuration file subsequent include directories are always added at the end of the path. An include path given in a .htaccess file is always added at the beginning of the path, so that include tags in subdirectories can take precedence.

Note: The include path is a security relevant option. If you have switched on heitmlincludeall, all files contained in include directories (with the extensions .hei, .hei, or .heitml) are in danger of being included and therefore shown to the Web, as well as all files linked from include directories. Include files are read as the user given in the user specification in the httpd.conf file (which is another reason to never use root here).

If you have switched on heitmlincludeall, DO NOT make a directory which you don't trust an include directory, because someone could create a link to a file you do not want to be displayed or he could replace the directory itself by a symbolic link.

override Can be T/on or F/off. Allows local configuration options to override global configuration options. Default is T.
includeall Can be T/on or F/off. Allow symbolic links and .. in include files and allow .. and absolute paths in include parameters of local configurations. Also allows RADpage and heitml file access to follow links. Default is F/off for Apache, otherwise T/on. Note: If you give any other user write permission to an include directory you need to switch this option to off. Otherwise someone could create a link in the include directory to a file you do not want to be displayed !
keyRegistration Key(s). For Apache, this option contains one and only one key. On Windows and UNIX/CGI, multiple keys are separated by semicolons, and whitespace surrounding a key is not allowed. On Windows and UNIX/CGI, the registration keys in the serial.key file are checked, if this option is not given or if none of the registration keys given are valid for the server's domain (host) name.
memlimit Must be an integer value. Places a limit on the amount of memory an executing heitml page is allowed to consume. This is useful to prevent heitml pages from running on (e.g. due to infinite recursion) and from slowing down your system (or causing other tasks to crash due to insufficient memory). The limit is specified in Kilobytes. The default is no memory limit.
timelimitOnly Apache. Must be an integer value. Places a time limit on the maximum execution time of a heitml page. If a page contains an endless loop it will eventually time-out, so you don't have to worry about your system's stability. Time limits are specified in seconds and count down in real time. You should allow a rather high value, because slow connections might need more time to download a page. The default is no time limit, but this is risky in development environments. In production environments, where code has been tested, this may or may not be an important consideration.
memexit Only Apache. Must be an integer value. If an Apache child process exceeds this memory limit after processing a heitml page and no redirect has occurred, it is exited to free memory. The limit is specified in Kilobytes. The default is no memory limit.
sessiondir Directory to store the session files in. Default is C:\temp on Windows, /tmp on UNIX. This directory should not be accessible by users for security reasons.
sessionipcheck Can be T/on or F/off. If set to T/on, automatically verifies that all page requests within one session originate from the same IP address. Take care if you are using Proxies. Default is F.
debugip List of IP addresses separated by semicolons. All requests from these IP addresses are executed in debugging mode. If 'localhost' is specified instead of an IP address the debugging is allowed if the IP address of the browser is the same as the IP address of the Web server.
debuguser List of users separated by semicolons. All requests from these users are executed in debugging mode.
debugdir Directory where debugging files containing error messages are written to if heitml executes a request in production mode and encounters errors. In order to view the debugging files with a browser, this directory should be located under the document root with the name 'debug'. The default is not to write debugging information.
admin An email address of the administrator responsible for the Web site which will be included into error messages. The default is not to include this email address into error messages.
secure Can be T/on or F/off. T/on to disallow shell and file access and to enforce checks on include files. When switched off, the shell tag works and no restrictions are enforced on include files. Default is T/on.
errorlog File where heitml errors are logged. The default is not to log heitml errors. Supported in the CGI, ISAPI and Developer version, not supported in the Apache version.
errorrc HTTP Response code to be sent in case of syntax errors. Other directives of the Web server can then be used to further configure the action taken. Supported in the Apache, CGI and ISAPI version, not supported in the Developer version.
mailusemapi Only Windows. Can be T/on or F/off. T to use MAPI (Messaging Application Programming Interface), SMTP (Simple Mail Transfer Protocol) otherwise. Default is T. Note that MAPI cannot run within Windows NT services (e.g. MS IIS), so you should use SMTP on Windows NT and set this option to F. If you are using MAPI and if you are using Netscape Communicator on the machine running heitml, you should also clear the checkbox 'Use Netscape Messenger from MAPI-based applications' in the Preferences of Netscape Communicator.
mailservice Only Windows. Service for MAPI logon or hostname of SMTP server; used by mail tag. For MAPI, the default is logon to a service provider that does not require a service name. For SMTP, this parameter is mandatory. The port used on the SMTP server is port 25.
mailprofile Only Windows. Profile for MAPI logon or default value of the mail tag's from parameter. For MAPI, the default is logon to a service provider that does not require a user (profile) name. For SMTP, this parameter is mandatory.
mailpassword Only Windows. Password for MAPI logon; used by mail tag. The default is logon to a service provider that does not require a password.
sendmailprog Only UNIX. Path of sendmail program; used my mail tag. Default is /usr/lib/sendmail.
germanchar Can be T/on or F/off. T to convert German umlauts. Default is F. This configuration option is deprecated and should not be used.
shelltemp Temporary directory for output of shell command; used by shell tag. Default is C:\temp on Windows, /tmp on UNIX.
autocommit Can be T/on or F/off. T for auto-commit mode to commit every SQL statement immediately after execution; F for manual commit mode to let heitml commit or rollback all transactions at the end of request. Default is F.
debugwindow Can be T/on or F/off. Errors are put in separate (T) or same (F) browser window. Default is F.
messageCan be T/on or F/off. Switch on (T) or off (F) 'Generated by' message at the beginning of response body. Default is T.
compatMust be an integer value. heitml compatibility mode for a former heitml version (e.g. 1 for heitml 1.x).
secretsecret for signing cookies. Default is "insecure default secret".
compeditdirmust denote the directory where RADpage is installed in (usually heitml2.1/control).
compeditpathmust denote the include path that is used by RADpage itself.
compeditpermUNIX file permissions set by the RADpage Component Editor. For example use g+w to make files written by the RADpage Component Editor group writable.
compeditpasswdThis introduces an alternative authorisation mechanism for starting RADpage. Normally access to RADpage is controlled by setting access control of the web server for the heitml.hei file (see RADpage Config) or by setting DebugIp. This is definitively the preferred way of authorization, however sometimes (especially in a CGI context) it is difficult to configure the web server the right way. If compeditpasswd is specified and heitml.hei is accessed without DebugIP authorization and without being a protected page, RADpage sends an HTML form asking for the password. If the password matches this parameter RADpage will start up.
editpermission Must be an integer value. A period of time measured in seconds after a page has been accessed by RADpage in which WYSIWYG/HTML editors are allowed to retrieve the page source without authorization. This is required since various editors do not support cookie authorization. Default is no edit permission. Use with care.
codepathPath prefix for heitml code files. Code files are preprocessed source files. The Web server should have permissions to create directories under this path. If this option is not given or explicitly set to off, heitml code files are put next to the heitml source files.
libPath to a heitml source file which includes several heitml files to build a code library of the included files. Then, if a heitml file x.hei includes a file y.hei which is contained in the code library (see include), the preprocessed code for y.hei is taken from the code library. If this option is not given or explicitly set to off, y.hei is preprocessed on the fly and its code goes in the code file of x.hei.

This page was dynamically generated by the web application development tool RADpage of H.E.I.
© 1996-2017 H.E.I. All Rights Reserved.

Component Guide
User Guide
  Supported Platforms
    Local & Intranet
    Internet Servers
    Service Providers
    Config Ref.
  Migrating heitml 1
Discussion Group