}
} #}}}
-sub cgi_editpage ($$;$) { #{{{
+sub cgi_editpage ($$) { #{{{
my $q=shift;
my $session=shift;
- my $blogpost=shift;
my @fields=qw(do rcsinfo subpage from page type editcontent comments
newfile);
# characters.
my ($page)=$form->field('page');
$page=titlepage(possibly_foolish_untaint($page));
- if ($blogpost) {
- $page=~s/(\/)/"__".ord($1)."__"/eg;
- }
if (! defined $page || ! length $page || file_pruned($page, $config{srcdir}) || $page=~/^\//) {
error("bad page name");
}
$form->field(name => "from", type => 'hidden');
$form->field(name => "rcsinfo", type => 'hidden');
$form->field(name => "subpage", type => 'hidden');
- $form->field(name => "page", value => $page, force => 1);
+ $form->field(name => "page", value => pagetitle($page, 1), force => 1);
$form->field(name => "type", value => $type, force => 1);
$form->field(name => "comments", type => "text", size => 80);
$form->field(name => "editcontent", type => "textarea", rows => 20,
}
elsif ($do eq 'blog') {
my $page=decode_utf8($q->param('title'));
+ $page=~s/\///g; # no slashes in blog posts
# if the page already exists, munge it to be unique
my $from=$q->param('from');
my $add="";
- while (exists $pagecase{lc "$from/$page$add"}) {
+ while (exists $pagecase{lc($from."/".titlepage($page).$add)}) {
$add=1 unless length $add;
$add++;
}
$q->param('page', $page.$add);
- # now run same as create, except escape slashes too
+ # now run same as create
$q->param('do', 'create');
- cgi_editpage($q, $session, 1);
+ cgi_editpage($q, $session);
}
elsif ($do eq 'postsignin') {
error(gettext("login failed, perhaps you need to turn on cookies?"));
sipb-www / ikiwiki.git / blobdiff