* Add an editcontent hook.
[ikiwiki.git] / IkiWiki / CGI.pm
1 #!/usr/bin/perl
2
3 use warnings;
4 use strict;
5 use IkiWiki;
6 use IkiWiki::UserInfo;
7 use open qw{:utf8 :std};
8 use Encode;
9
10 package IkiWiki;
11
12 sub printheader ($) { #{{{
13         my $session=shift;
14         
15         if ($config{sslcookie}) {
16                 print $session->header(-charset => 'utf-8',
17                         -cookie => $session->cookie(-secure => 1));
18         } else {
19                 print $session->header(-charset => 'utf-8');
20         }
21
22 } #}}}
23         
24 sub showform ($$$$) { #{{{
25         my $form=shift;
26         my $buttons=shift;
27         my $session=shift;
28         my $cgi=shift;
29
30         if (exists $hooks{formbuilder}) {
31                 run_hooks(formbuilder => sub {
32                         shift->(form => $form, cgi => $cgi, session => $session,
33                                 buttons => $buttons);
34                 });
35         }
36         else {
37                 printheader($session);
38                 print misctemplate($form->title, $form->render(submit => $buttons));
39         }
40 }
41
42 sub redirect ($$) { #{{{
43         my $q=shift;
44         my $url=shift;
45         if (! $config{w3mmode}) {
46                 print $q->redirect($url);
47         }
48         else {
49                 print "Content-type: text/plain\n";
50                 print "W3m-control: GOTO $url\n\n";
51         }
52 } #}}}
53
54 sub check_canedit ($$$;$) { #{{{
55         my $page=shift;
56         my $q=shift;
57         my $session=shift;
58         my $nonfatal=shift;
59         
60         my $canedit;
61         run_hooks(canedit => sub {
62                 return if defined $canedit;
63                 my $ret=shift->($page, $q, $session);
64                 if (defined $ret && $ret eq "") {
65                         $canedit=1;
66                 }
67                 elsif (defined $ret) {
68                         $canedit=0;
69                         error($ret) unless $nonfatal;
70                 }
71         });
72         return $canedit;
73 } #}}}
74
75 sub decode_form_utf8 ($) { #{{{
76         my $form = shift;
77         foreach my $f ($form->field) {
78                 next if Encode::is_utf8(scalar $form->field($f));
79                 $form->field(name  => $f,
80                              value => decode_utf8($form->field($f)),
81                              force => 1,
82                             );
83         }
84 } #}}}
85
86 sub cgi_recentchanges ($) { #{{{
87         my $q=shift;
88         
89         # Optimisation: building recentchanges means calculating lots of
90         # links. Memoizing htmllink speeds it up a lot (can't be memoized
91         # during page builds as the return values may change, but they
92         # won't here.)
93         eval q{use Memoize};
94         error($@) if $@;
95         memoize("htmllink");
96
97         eval q{use Time::Duration};
98         error($@) if $@;
99
100         my $changelog=[rcs_recentchanges(100)];
101         foreach my $change (@$changelog) {
102                 $change->{when} = concise(ago($change->{when}));
103
104                 $change->{user} = userlink($change->{user});
105
106                 my $is_excess = exists $change->{pages}[10]; # limit pages to first 10
107                 delete @{$change->{pages}}[10 .. @{$change->{pages}}] if $is_excess;
108                 $change->{pages} = [
109                         map {
110                                 $_->{link} = htmllink("", "", $_->{page},
111                                         noimageinline => 1,
112                                         linktext => pagetitle($_->{page}));
113                                 $_;
114                         } @{$change->{pages}}
115                 ];
116                 push @{$change->{pages}}, { link => '...' } if $is_excess;
117         }
118
119         my $template=template("recentchanges.tmpl"); 
120         $template->param(
121                 title => "RecentChanges",
122                 indexlink => indexlink(),
123                 wikiname => $config{wikiname},
124                 changelog => $changelog,
125                 baseurl => baseurl(),
126         );
127         run_hooks(pagetemplate => sub {
128                 shift->(page => "", destpage => "", template => $template);
129         });
130         print $q->header(-charset => 'utf-8'), $template->output;
131 } #}}}
132
133 # Check if the user is signed in. If not, redirect to the signin form and
134 # save their place to return to later.
135 sub needsignin ($$) { #{{{
136         my $q=shift;
137         my $session=shift;
138
139         if (! defined $session->param("name") ||
140             ! userinfo_get($session->param("name"), "regdate")) {
141                 if (! defined $session->param("postsignin")) {
142                         $session->param(postsignin => $ENV{QUERY_STRING});
143                 }
144                 cgi_signin($q, $session);
145                 cgi_savesession($session);
146                 exit;
147         }
148 } #}}}  
149
150 sub cgi_signin ($$) { #{{{
151         my $q=shift;
152         my $session=shift;
153
154         eval q{use CGI::FormBuilder};
155         error($@) if $@;
156         my $form = CGI::FormBuilder->new(
157                 title => "signin",
158                 name => "signin",
159                 charset => "utf-8",
160                 method => 'POST',
161                 required => 'NONE',
162                 javascript => 0,
163                 params => $q,
164                 action => $config{cgiurl},
165                 header => 0,
166                 template => {type => 'div'},
167                 stylesheet => baseurl()."style.css",
168         );
169         my $buttons=["Login"];
170         
171         if ($q->param("do") ne "signin" && !$form->submitted) {
172                 $form->text(gettext("You need to log in first."));
173         }
174         $form->field(name => "do", type => "hidden", value => "signin",
175                 force => 1);
176         
177         decode_form_utf8($form);
178         
179         run_hooks(formbuilder_setup => sub {
180                 shift->(form => $form, cgi => $q, session => $session,
181                         buttons => $buttons);
182         });
183
184         if ($form->submitted) {
185                 $form->validate;
186         }
187
188         showform($form, $buttons, $session, $q);
189 } #}}}
190
191 sub cgi_postsignin ($$) { #{{{
192         my $q=shift;
193         my $session=shift;
194         
195         # Continue with whatever was being done before the signin process.
196         if (defined $session->param("postsignin")) {
197                 my $postsignin=CGI->new($session->param("postsignin"));
198                 $session->clear("postsignin");
199                 cgi($postsignin, $session);
200                 cgi_savesession($session);
201                 exit;
202         }
203         else {
204                 # This can occur, for example, if a user went to the signin
205                 # url via a bookmark.
206                 redirect($q, $config{url});
207         }
208 } #}}}
209
210 sub cgi_prefs ($$) { #{{{
211         my $q=shift;
212         my $session=shift;
213
214         needsignin($q, $session);
215
216         eval q{use CGI::FormBuilder};
217         error($@) if $@;
218         my $form = CGI::FormBuilder->new(
219                 title => "preferences",
220                 name => "preferences",
221                 header => 0,
222                 charset => "utf-8",
223                 method => 'POST',
224                 validate => {
225                         email => 'EMAIL',
226                 },
227                 required => 'NONE',
228                 javascript => 0,
229                 params => $q,
230                 action => $config{cgiurl},
231                 template => {type => 'div'},
232                 stylesheet => baseurl()."style.css",
233                 fieldsets => [
234                         [login => gettext("Login")],
235                         [preferences => gettext("Preferences")],
236                         [admin => gettext("Admin")]
237                 ],
238         );
239         my $buttons=["Save Preferences", "Logout", "Cancel"];
240
241         decode_form_utf8($form);
242
243         run_hooks(formbuilder_setup => sub {
244                 shift->(form => $form, cgi => $q, session => $session,
245                         buttons => $buttons);
246         });
247         
248         $form->field(name => "do", type => "hidden");
249         $form->field(name => "email", size => 50, fieldset => "preferences");
250         $form->field(name => "subscriptions", size => 50,
251                 fieldset => "preferences",
252                 comment => "(".htmllink("", "", "PageSpec", noimageinline => 1).")");
253         $form->field(name => "banned_users", size => 50,
254                 fieldset => "admin");
255         
256         my $user_name=$session->param("name");
257         if (! is_admin($user_name)) {
258                 $form->field(name => "banned_users", type => "hidden");
259         }
260
261         if (! $form->submitted) {
262                 $form->field(name => "email", force => 1,
263                         value => userinfo_get($user_name, "email"));
264                 $form->field(name => "subscriptions", force => 1,
265                         value => userinfo_get($user_name, "subscriptions"));
266                 if (is_admin($user_name)) {
267                         $form->field(name => "banned_users", force => 1,
268                                 value => join(" ", get_banned_users()));
269                 }
270         }
271         
272         if ($form->submitted eq 'Logout') {
273                 $session->delete();
274                 redirect($q, $config{url});
275                 return;
276         }
277         elsif ($form->submitted eq 'Cancel') {
278                 redirect($q, $config{url});
279                 return;
280         }
281         elsif ($form->submitted eq 'Save Preferences' && $form->validate) {
282                 foreach my $field (qw(email subscriptions)) {
283                         if (defined $form->field($field) && length $form->field($field)) {
284                                 userinfo_set($user_name, $field, $form->field($field)) ||
285                                         error("failed to set $field");
286                         }
287                 }
288                 if (is_admin($user_name)) {
289                         set_banned_users(grep { ! is_admin($_) }
290                                         split(' ',
291                                                 $form->field("banned_users"))) ||
292                                 error("failed saving changes");
293                 }
294                 $form->text(gettext("Preferences saved."));
295         }
296         
297         showform($form, $buttons, $session, $q);
298 } #}}}
299
300 sub cgi_editpage ($$) { #{{{
301         my $q=shift;
302         my $session=shift;
303
304         my @fields=qw(do rcsinfo subpage from page type editcontent comments);
305         my @buttons=("Save Page", "Preview", "Cancel");
306         
307         eval q{use CGI::FormBuilder};
308         error($@) if $@;
309         my $form = CGI::FormBuilder->new(
310                 title => "editpage",
311                 fields => \@fields,
312                 charset => "utf-8",
313                 method => 'POST',
314                 validate => {
315                         editcontent => '/.+/',
316                 },
317                 required => [qw{editcontent}],
318                 javascript => 0,
319                 params => $q,
320                 action => $config{cgiurl},
321                 header => 0,
322                 table => 0,
323                 template => scalar template_params("editpage.tmpl"),
324                 wikiname => $config{wikiname},
325         );
326         
327         decode_form_utf8($form);
328         
329         run_hooks(formbuilder_setup => sub {
330                 shift->(form => $form, cgi => $q, session => $session,
331                         buttons => \@buttons);
332         });
333         
334         # This untaint is safe because titlepage removes any problematic
335         # characters.
336         my ($page)=$form->field('page');
337         $page=titlepage(possibly_foolish_untaint($page));
338         if (! defined $page || ! length $page || file_pruned($page, $config{srcdir}) || $page=~/^\//) {
339                 error("bad page name");
340         }
341         
342         my $from;
343         if (defined $form->field('from')) {
344                 ($from)=$form->field('from')=~/$config{wiki_file_regexp}/;
345         }
346         
347         my $file;
348         my $type;
349         if (exists $pagesources{$page} && $form->field("do") ne "create") {
350                 $file=$pagesources{$page};
351                 $type=pagetype($file);
352                 if (! defined $type) {
353                         error(sprintf(gettext("%s is not an editable page"), $page));
354                 }
355                 if (! $form->submitted) {
356                         $form->field(name => "rcsinfo",
357                                 value => rcs_prepedit($file), force => 1);
358                 }
359         }
360         else {
361                 $type=$form->param('type');
362                 if (defined $type && length $type && $hooks{htmlize}{$type}) {
363                         $type=possibly_foolish_untaint($type);
364                 }
365                 elsif (defined $from) {
366                         # favor the type of linking page
367                         $type=pagetype($pagesources{$from});
368                 }
369                 $type=$config{default_pageext} unless defined $type;
370                 $file=$page.".".$type;
371                 if (! $form->submitted) {
372                         $form->field(name => "rcsinfo", value => "", force => 1);
373                 }
374         }
375
376         $form->field(name => "do", type => 'hidden');
377         $form->field(name => "from", type => 'hidden');
378         $form->field(name => "rcsinfo", type => 'hidden');
379         $form->field(name => "subpage", type => 'hidden');
380         $form->field(name => "page", value => pagetitle($page, 1), force => 1);
381         $form->field(name => "type", value => $type, force => 1);
382         $form->field(name => "comments", type => "text", size => 80);
383         $form->field(name => "editcontent", type => "textarea", rows => 20,
384                 cols => 80);
385         $form->tmpl_param("can_commit", $config{rcs});
386         $form->tmpl_param("indexlink", indexlink());
387         $form->tmpl_param("helponformattinglink",
388                 htmllink("", "", "HelpOnFormatting", noimageinline => 1));
389         $form->tmpl_param("baseurl", baseurl());
390         
391         if ($form->submitted eq "Cancel") {
392                 if ($form->field("do") eq "create" && defined $from) {
393                         redirect($q, "$config{url}/".htmlpage($from));
394                 }
395                 elsif ($form->field("do") eq "create") {
396                         redirect($q, $config{url});
397                 }
398                 else {
399                         redirect($q, "$config{url}/".htmlpage($page));
400                 }
401                 return;
402         }
403         elsif ($form->submitted eq "Preview") {
404                 my $content=$form->field('editcontent');
405                 run_hooks(editcontent => sub {
406                         $content=shift->(
407                                 content => $content,
408                                 page => $page,
409                                 cgi => $q,
410                                 session => $session,
411                         );
412                 });
413                 $form->tmpl_param("page_preview",
414                         htmlize($page, $type,
415                         linkify($page, "",
416                         preprocess($page, $page,
417                         filter($page, $page, $content), 0, 1))));
418         }
419         elsif ($form->submitted eq "Save Page") {
420                 $form->tmpl_param("page_preview", "");
421         }
422         $form->tmpl_param("page_conflict", "");
423         
424         if ($form->submitted ne "Save Page" || ! $form->validate) {
425                 if ($form->field("do") eq "create") {
426                         my @page_locs;
427                         my $best_loc;
428                         if (! defined $from || ! length $from ||
429                             $from ne $form->field('from') ||
430                             file_pruned($from, $config{srcdir}) ||
431                             $from=~/^\// ||
432                             $form->submitted eq "Preview") {
433                                 @page_locs=$best_loc=$page;
434                         }
435                         else {
436                                 my $dir=$from."/";
437                                 $dir=~s![^/]+/+$!!;
438                                 
439                                 if ((defined $form->field('subpage') && length $form->field('subpage')) ||
440                                     $page eq gettext('discussion')) {
441                                         $best_loc="$from/$page";
442                                 }
443                                 else {
444                                         $best_loc=$dir.$page;
445                                 }
446                                 
447                                 push @page_locs, $dir.$page;
448                                 push @page_locs, "$from/$page";
449                                 while (length $dir) {
450                                         $dir=~s![^/]+/+$!!;
451                                         push @page_locs, $dir.$page;
452                                 }
453                         }
454                         push @page_locs, "$config{userdir}/$page"
455                                 if length $config{userdir};
456
457                         @page_locs = grep {
458                                 ! exists $pagecase{lc $_}
459                         } @page_locs;
460                         if (! @page_locs) {
461                                 # hmm, someone else made the page in the
462                                 # meantime?
463                                 redirect($q, "$config{url}/".htmlpage($page));
464                                 return;
465                         }
466
467                         my @editable_locs = grep {
468                                 check_canedit($_, $q, $session, 1)
469                         } @page_locs;
470                         if (! @editable_locs) {
471                                 # let it throw an error this time
472                                 map { check_canedit($_, $q, $session) } @page_locs;
473                         }
474                         
475                         my @page_types;
476                         if (exists $hooks{htmlize}) {
477                                 @page_types=keys %{$hooks{htmlize}};
478                         }
479                         
480                         $form->tmpl_param("page_select", 1);
481                         $form->field(name => "page", type => 'select',
482                                 options => [ map { pagetitle($_, 1) } @editable_locs ],
483                                 value => pagetitle($best_loc, 1));
484                         $form->field(name => "type", type => 'select',
485                                 options => \@page_types);
486                         $form->title(sprintf(gettext("creating %s"), pagetitle($page)));
487                         
488                 }
489                 elsif ($form->field("do") eq "edit") {
490                         check_canedit($page, $q, $session);
491                         if (! defined $form->field('editcontent') || 
492                             ! length $form->field('editcontent')) {
493                                 my $content="";
494                                 if (exists $pagesources{$page}) {
495                                         $content=readfile(srcfile($pagesources{$page}));
496                                         $content=~s/\n/\r\n/g;
497                                 }
498                                 $form->field(name => "editcontent", value => $content,
499                                         force => 1);
500                         }
501                         $form->tmpl_param("page_select", 0);
502                         $form->field(name => "page", type => 'hidden');
503                         $form->field(name => "type", type => 'hidden');
504                         $form->title(sprintf(gettext("editing %s"), pagetitle($page)));
505                 }
506                 
507                 showform($form, \@buttons, $session, $q);
508         }
509         else {
510                 # save page
511                 check_canedit($page, $q, $session);
512
513                 my $exists=-e "$config{srcdir}/$file";
514
515                 if ($form->field("do") ne "create" &&
516                     ! $exists && ! -e "$config{underlaydir}/$file") {
517                         $form->tmpl_param("page_gone", 1);
518                         $form->field(name => "do", value => "create", force => 1);
519                         $form->tmpl_param("page_select", 0);
520                         $form->field(name => "page", type => 'hidden');
521                         $form->field(name => "type", type => 'hidden');
522                         $form->title(sprintf(gettext("editing %s"), $page));
523                         showform($form, \@buttons, $session, $q);
524                         return;
525                 }
526                 elsif ($form->field("do") eq "create" && $exists) {
527                         $form->tmpl_param("creation_conflict", 1);
528                         $form->field(name => "do", value => "edit", force => 1);
529                         $form->tmpl_param("page_select", 0);
530                         $form->field(name => "page", type => 'hidden');
531                         $form->field(name => "type", type => 'hidden');
532                         $form->title(sprintf(gettext("editing %s"), $page));
533                         $form->field("editcontent", 
534                                 value => readfile("$config{srcdir}/$file").
535                                          "\n\n\n".$form->field("editcontent"),
536                                 force => 1);
537                         showform($form, \@buttons, $session, $q);
538                         return;
539                 }
540                 
541                 my $content=$form->field('editcontent');
542                 run_hooks(editcontent => sub {
543                         $content=shift->(
544                                 content => $content,
545                                 page => $page,
546                                 cgi => $q,
547                                 session => $session,
548                         );
549                 });
550                 $content=~s/\r\n/\n/g;
551                 $content=~s/\r/\n/g;
552
553                 $config{cgi}=0; # avoid cgi error message
554                 eval { writefile($file, $config{srcdir}, $content) };
555                 $config{cgi}=1;
556                 if ($@) {
557                         $form->field(name => "rcsinfo", value => rcs_prepedit($file),
558                                 force => 1);
559                         $form->tmpl_param("failed_save", 1);
560                         $form->tmpl_param("error_message", $@);
561                         $form->field("editcontent", value => $content, force => 1);
562                         $form->tmpl_param("page_select", 0);
563                         $form->field(name => "page", type => 'hidden');
564                         $form->field(name => "type", type => 'hidden');
565                         $form->title(sprintf(gettext("editing %s"), $page));
566                         showform($form, \@buttons, $session, $q);
567                         return;
568                 }
569                 
570                 my $conflict;
571                 if ($config{rcs}) {
572                         my $message="";
573                         if (defined $form->field('comments') &&
574                             length $form->field('comments')) {
575                                 $message=$form->field('comments');
576                         }
577                         
578                         if (! $exists) {
579                                 rcs_add($file);
580                         }
581
582                         # Prevent deadlock with post-commit hook by
583                         # signaling to it that it should not try to
584                         # do anything (except send commit mails).
585                         disable_commit_hook();
586                         $conflict=rcs_commit($file, $message,
587                                 $form->field("rcsinfo"),
588                                 $session->param("name"), $ENV{REMOTE_ADDR});
589                         enable_commit_hook();
590                         rcs_update();
591                 }
592                 
593                 # Refresh even if there was a conflict, since other changes
594                 # may have been committed while the post-commit hook was
595                 # disabled.
596                 require IkiWiki::Render;
597                 refresh();
598                 saveindex();
599
600                 if (defined $conflict) {
601                         $form->field(name => "rcsinfo", value => rcs_prepedit($file),
602                                 force => 1);
603                         $form->tmpl_param("page_conflict", 1);
604                         $form->field("editcontent", value => $conflict, force => 1);
605                         $form->field("do", "edit", force => 1);
606                         $form->tmpl_param("page_select", 0);
607                         $form->field(name => "page", type => 'hidden');
608                         $form->field(name => "type", type => 'hidden');
609                         $form->title(sprintf(gettext("editing %s"), $page));
610                         showform($form, \@buttons, $session, $q);
611                         return;
612                 }
613                 else {
614                         # The trailing question mark tries to avoid broken
615                         # caches and get the most recent version of the page.
616                         redirect($q, "$config{url}/".htmlpage($page)."?updated");
617                 }
618         }
619 } #}}}
620
621 sub cgi_getsession ($) { #{{{
622         my $q=shift;
623
624         eval q{use CGI::Session};
625         CGI::Session->name("ikiwiki_session_".encode_utf8($config{wikiname}));
626         
627         my $oldmask=umask(077);
628         my $session = CGI::Session->new("driver:DB_File", $q,
629                 { FileName => "$config{wikistatedir}/sessions.db" });
630         umask($oldmask);
631
632         return $session;
633 } #}}}
634
635 sub cgi_savesession ($) { #{{{
636         my $session=shift;
637
638         # Force session flush with safe umask.
639         my $oldmask=umask(077);
640         $session->flush;
641         umask($oldmask);
642 } #}}}
643
644 sub cgi (;$$) { #{{{
645         my $q=shift;
646         my $session=shift;
647
648         if (! $q) {
649                 eval q{use CGI};
650                 error($@) if $@;
651         
652                 $q=CGI->new;
653         
654                 run_hooks(cgi => sub { shift->($q) });
655         }
656
657         my $do=$q->param('do');
658         if (! defined $do || ! length $do) {
659                 my $error = $q->cgi_error;
660                 if ($error) {
661                         error("Request not processed: $error");
662                 }
663                 else {
664                         error("\"do\" parameter missing");
665                 }
666         }
667         
668         # Things that do not need a session.
669         if ($do eq 'recentchanges') {
670                 cgi_recentchanges($q);
671                 return;
672         }
673
674         # Need to lock the wiki before getting a session.
675         lockwiki();
676         
677         if (! $session) {
678                 $session=cgi_getsession($q);
679         }
680         
681         # Auth hooks can sign a user in.
682         if ($do ne 'signin' && ! defined $session->param("name")) {
683                 run_hooks(auth => sub {
684                         shift->($q, $session)
685                 });
686                 if (defined $session->param("name")) {
687                         # Make sure whatever user was authed is in the
688                         # userinfo db.
689                         if (! userinfo_get($session->param("name"), "regdate")) {
690                                 userinfo_setall($session->param("name"), {
691                                         email => "",
692                                         password => "",
693                                         regdate => time,
694                                 }) || error("failed adding user");
695                         }
696                 }
697         }
698         
699         if (defined $session->param("name") &&
700             userinfo_get($session->param("name"), "banned")) {
701                 print $q->header(-status => "403 Forbidden");
702                 $session->delete();
703                 print gettext("You are banned.");
704                 cgi_savesession($session);
705         }
706
707         run_hooks(sessioncgi => sub { shift->($q, $session) });
708
709         if ($do eq 'signin') {
710                 cgi_signin($q, $session);
711                 cgi_savesession($session);
712         }
713         elsif (defined $session->param("postsignin")) {
714                 cgi_postsignin($q, $session);
715         }
716         elsif ($do eq 'prefs') {
717                 cgi_prefs($q, $session);
718         }
719         elsif ($do eq 'create' || $do eq 'edit') {
720                 cgi_editpage($q, $session);
721         }
722         elsif ($do eq 'postsignin') {
723                 error(gettext("login failed, perhaps you need to turn on cookies?"));
724         }
725         else {
726                 error("unknown do parameter");
727         }
728 } #}}}
729
730 sub userlink ($) { #{{{
731         my $user=shift;
732
733         eval q{use CGI 'escapeHTML'};
734         error($@) if $@;
735         if ($user =~ m!^https?://! &&
736             eval q{use Net::OpenID::VerifiedIdentity; 1} && !$@) {
737                 # Munge user-urls, as used by eg, OpenID.
738                 my $oid=Net::OpenID::VerifiedIdentity->new(identity => $user);
739                 my $display=$oid->display;
740                 # Convert "user.somehost.com" to "user [somehost.com]".
741                 if ($display !~ /\[/) {
742                         $display=~s/^(.*?)\.([^.]+\.[a-z]+)$/$1 [$2]/;
743                 }
744                 # Convert "http://somehost.com/user" to "user [somehost.com]".
745                 if ($display !~ /\[/) {
746                         $display=~s/^https?:\/\/(.+)\/([^\/]+)$/$2 [$1]/;
747                 }
748                 $display=~s!^https?://!!; # make sure this is removed
749                 return "<a href=\"$user\">".escapeHTML($display)."</a>";
750         }
751         else {
752                 return htmllink("", "", escapeHTML(
753                         length $config{userdir} ? $config{userdir}."/".$user : $user
754                 ), noimageinline => 1);
755         }
756 } #}}}
757
758 1