web commit from 75.175.27.127: poll vote (Accept only OpenID for logins)

[ikiwiki.git] / IkiWiki / CGI.pm

diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm
index 35c62ce3ea1900b728b742c0ab7c7c011fef0684..65a1d7fa08c00c36c08cbda7ec0e82b5f323222e 100644 (file)
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -20,7 +20,7 @@ sub printheader ($) { #{{{
        }
 
 } #}}}
-       
+
 sub showform ($$$$) { #{{{
        my $form=shift;
        my $buttons=shift;
@@ -60,12 +60,18 @@ sub check_canedit ($$$;$) { #{{{
        run_hooks(canedit => sub {
                return if defined $canedit;
                my $ret=shift->($page, $q, $session);
-               if (defined $ret && $ret eq "") {
-                       $canedit=1;
-               }
-               elsif (defined $ret) {
-                       $canedit=0;
-                       error($ret) unless $nonfatal;
+               if (defined $ret) {
+                       if ($ret eq "") {
+                               $canedit=1;
+                       }
+                       elsif (ref $ret eq 'CODE') {
+                               $ret->() unless $nonfatal;
+                               $canedit=0;
+                       }
+                       elsif (defined $ret) {
+                               error($ret) unless $nonfatal;
+                               $canedit=0;
+                       }
                }
        });
        return $canedit;
@@ -133,9 +139,7 @@ sub needsignin ($$) { #{{{
 
        if (! defined $session->param("name") ||
            ! userinfo_get($session->param("name"), "regdate")) {
-               if (! defined $session->param("postsignin")) {
-                       $session->param(postsignin => $ENV{QUERY_STRING});
-               }
+               $session->param(postsignin => $ENV{QUERY_STRING});
                cgi_signin($q, $session);
                cgi_savesession($session);
                exit;
@@ -195,9 +199,7 @@ sub cgi_postsignin ($$) { #{{{
                exit;
        }
        else {
-               # This can occur, for example, if a user went to the signin
-               # url via a bookmark.
-               redirect($q, $config{url});
+               error(gettext("login failed, perhaps you need to turn on cookies?"));
        }
 } #}}}
 
@@ -273,7 +275,7 @@ sub cgi_prefs ($$) { #{{{
        }
        elsif ($form->submitted eq 'Save Preferences' && $form->validate) {
                foreach my $field (qw(email subscriptions)) {
-                       if (defined $form->field($field) && length $form->field($field)) {
+                       if (defined $form->field($field)) {
                                userinfo_set($user_name, $field, $form->field($field)) ||
                                        error("failed to set $field");
                        }
@@ -353,7 +355,7 @@ sub cgi_editpage ($$) { #{{{
                if (defined $type && length $type && $hooks{htmlize}{$type}) {
                        $type=possibly_foolish_untaint($type);
                }
-               elsif (defined $from) {
+               elsif (defined $from && exists $pagesources{$from}) {
                        # favor the type of linking page
                        $type=pagetype($pagesources{$from});
                }
@@ -710,17 +712,14 @@ sub cgi (;$$) { #{{{
                cgi_signin($q, $session);
                cgi_savesession($session);
        }
-       elsif (defined $session->param("postsignin")) {
-               cgi_postsignin($q, $session);
-       }
        elsif ($do eq 'prefs') {
                cgi_prefs($q, $session);
        }
        elsif ($do eq 'create' || $do eq 'edit') {
                cgi_editpage($q, $session);
        }
-       elsif ($do eq 'postsignin') {
-               error(gettext("login failed, perhaps you need to turn on cookies?"));
+       elsif (defined $session->param("postsignin") || $do eq 'postsignin') {
+               cgi_postsignin($q, $session);
        }
        else {
                error("unknown do parameter");