X-Git-Url: https://sipb.mit.edu/gitweb.cgi/ikiwiki.git/blobdiff_plain/0d9539d577886549b51d2bf70167db05f3f2514c..ac7b1c32b1356dab71fd13d303d58d4bdb212941:/IkiWiki/CGI.pm

diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm
index 08d796142..d9c9fe828 100644
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -2,6 +2,9 @@
 
 use warnings;
 use strict;
+use IkiWiki;
+use IkiWiki::UserInfo;
+use encoding 'utf8'; # force use of utf8 for io layer
 
 package IkiWiki;
 
@@ -11,14 +14,14 @@ sub page_locked ($$;$) { #{{{
 	my $nonfatal=shift;
 	
 	my $user=$session->param("name");
-	return if length $user && is_admin($user);
+	return if defined $user && is_admin($user);
 
 	foreach my $admin (@{$config{adminuser}}) {
 		my $locked_pages=userinfo_get($admin, "locked_pages");
 		if (globlist_match($page, userinfo_get($admin, "locked_pages"))) {
 			return 1 if $nonfatal;
-			error(htmllink("", $page, 1)." is locked by ".
-			      htmllink("", $admin, 1)." and cannot be edited.");
+			error(htmllink("", "", $page, 1)." is locked by ".
+			      htmllink("", "", $admin, 1)." and cannot be edited.");
 		}
 	}
 
@@ -30,6 +33,11 @@ sub cgi_recentchanges ($) { #{{{
 	
 	unlockwiki();
 
+	# Force reading the template as utf-8, necessary if
+	# rcs_recentchanges returns true utf-8 strings.
+	open(TMPL, "<:utf8", "$config{templatedir}/recentchanges.tmpl");
+	my $template=HTML::Template->new(filehandle => *TMPL);
+	close(TMPL);
 	my $template=HTML::Template->new(
 		filename => "$config{templatedir}/recentchanges.tmpl"
 	);
@@ -39,8 +47,9 @@ sub cgi_recentchanges ($) { #{{{
 		wikiname => $config{wikiname},
 		changelog => [rcs_recentchanges(100)],
 		styleurl => styleurl(),
+		baseurl => "$config{url}/",
 	);
-	print $q->header, $template->output;
+	print $q->header(-charset=>'utf-8'), $template->output;
 } #}}}
 
 sub cgi_signin ($$) { #{{{
@@ -52,6 +61,7 @@ sub cgi_signin ($$) { #{{{
 		title => "signin",
 		fields => [qw(do title page subpage from name password confirm_password email)],
 		header => 1,
+		charset => "utf-8",
 		method => 'POST',
 		validate => {
 			confirm_password => {
@@ -62,7 +72,7 @@ sub cgi_signin ($$) { #{{{
 		required => 'NONE',
 		javascript => 0,
 		params => $q,
-		action => $q->request_uri,
+		action => $config{cgiurl},
 		header => 0,
 		template => (-e "$config{templatedir}/signin.tmpl" ?
 		              "$config{templatedir}/signin.tmpl" : ""),
@@ -116,6 +126,7 @@ sub cgi_signin ($$) { #{{{
 				validate => sub {
 					my $name=shift;
 					length $name &&
+					$name=~/$config{wiki_file_regexp}/ &&
 					! userinfo_get($name, "regdate");
 				},
 			);
@@ -168,7 +179,7 @@ sub cgi_signin ($$) { #{{{
 				$form->field(name => "confirm_password", type => "hidden");
 				$form->field(name => "email", type => "hidden");
 				$form->text("Registration successful. Now you can Login.");
-				print $session->header();
+				print $session->header(-charset=>'utf-8');
 				print misctemplate($form->title, $form->render(submit => ["Login"]));
 			}
 			else {
@@ -189,22 +200,21 @@ sub cgi_signin ($$) { #{{{
 			);
 			
 			eval q{use Mail::Sendmail};
-			my ($fromhost) = $config{cgiurl} =~ m!/([^/]+)!;
 			sendmail(
 				To => userinfo_get($user_name, "email"),
-				From => "$config{wikiname} admin <".(getpwuid($>))[0]."@".$fromhost.">",
+				From => "$config{wikiname} admin <$config{adminemail}>",
 				Subject => "$config{wikiname} information",
 				Message => $template->output,
 			) or error("Failed to send mail");
 			
 			$form->text("Your password has been emailed to you.");
 			$form->field(name => "name", required => 0);
-			print $session->header();
+			print $session->header(-charset=>'utf-8');
 			print misctemplate($form->title, $form->render(submit => ["Login", "Register", "Mail Password"]));
 		}
 	}
 	else {
-		print $session->header();
+		print $session->header(-charset=>'utf-8');
 		print misctemplate($form->title, $form->render(submit => ["Login", "Register", "Mail Password"]));
 	}
 } #}}}
@@ -216,8 +226,10 @@ sub cgi_prefs ($$) { #{{{
 	eval q{use CGI::FormBuilder};
 	my $form = CGI::FormBuilder->new(
 		title => "preferences",
-		fields => [qw(do name password confirm_password email locked_pages)],
+		fields => [qw(do name password confirm_password email 
+		              subscriptions locked_pages)],
 		header => 0,
+		charset => "utf-8",
 		method => 'POST',
 		validate => {
 			confirm_password => {
@@ -228,7 +240,7 @@ sub cgi_prefs ($$) { #{{{
 		required => 'NONE',
 		javascript => 0,
 		params => $q,
-		action => $q->request_uri,
+		action => $config{cgiurl},
 		template => (-e "$config{templatedir}/prefs.tmpl" ?
 		              "$config{templatedir}/prefs.tmpl" : ""),
 		stylesheet => styleurl(),
@@ -241,8 +253,10 @@ sub cgi_prefs ($$) { #{{{
 		value => $user_name, force => 1);
 	$form->field(name => "password", type => "password");
 	$form->field(name => "confirm_password", type => "password");
+	$form->field(name => "subscriptions", size => 50,
+		comment => "(".htmllink("", "", "GlobList", 1).")");
 	$form->field(name => "locked_pages", size => 50,
-		comment => "(".htmllink("", "GlobList", 1).")");
+		comment => "(".htmllink("", "", "GlobList", 1).")");
 	
 	if (! is_admin($user_name)) {
 		$form->field(name => "locked_pages", type => "hidden");
@@ -251,6 +265,8 @@ sub cgi_prefs ($$) { #{{{
 	if (! $form->submitted) {
 		$form->field(name => "email", force => 1,
 			value => userinfo_get($user_name, "email"));
+		$form->field(name => "subscriptions", force => 1,
+			value => userinfo_get($user_name, "subscriptions"));
 		$form->field(name => "locked_pages", force => 1,
 			value => userinfo_get($user_name, "locked_pages"));
 	}
@@ -265,7 +281,7 @@ sub cgi_prefs ($$) { #{{{
 		return;
 	}
 	elsif ($form->submitted eq "Save Preferences" && $form->validate) {
-		foreach my $field (qw(password email locked_pages)) {
+		foreach my $field (qw(password email subscriptions locked_pages)) {
 			if (length $form->field($field)) {
 				userinfo_set($user_name, $field, $form->field($field)) || error("failed to set $field");
 			}
@@ -273,7 +289,7 @@ sub cgi_prefs ($$) { #{{{
 		$form->text("Preferences saved.");
 	}
 	
-	print $session->header();
+	print $session->header(-charset=>'utf-8');
 	print misctemplate($form->title, $form->render(submit => \@buttons));
 } #}}}
 
@@ -283,16 +299,17 @@ sub cgi_editpage ($$) { #{{{
 
 	eval q{use CGI::FormBuilder};
 	my $form = CGI::FormBuilder->new(
-		fields => [qw(do rcsinfo subpage from page content comments)],
+		fields => [qw(do rcsinfo subpage from page editcontent comments)],
 		header => 1,
+		charset => "utf-8",
 		method => 'POST',
 		validate => {
-			content => '/.+/',
+			editcontent => '/.+/',
 		},
-		required => [qw{content}],
+		required => [qw{editcontent}],
 		javascript => 0,
 		params => $q,
-		action => $q->request_uri,
+		action => $config{cgiurl},
 		table => 0,
 		template => "$config{templatedir}/editpage.tmpl"
 	);
@@ -322,13 +339,14 @@ sub cgi_editpage ($$) { #{{{
 	$form->field(name => "subpage", type => 'hidden');
 	$form->field(name => "page", value => "$page", force => 1);
 	$form->field(name => "comments", type => "text", size => 80);
-	$form->field(name => "content", type => "textarea", rows => 20,
+	$form->field(name => "editcontent", type => "textarea", rows => 20,
 		cols => 80);
 	$form->tmpl_param("can_commit", $config{rcs});
 	$form->tmpl_param("indexlink", indexlink());
 	$form->tmpl_param("helponformattinglink",
-		htmllink("", "HelpOnFormatting", 1));
+		htmllink("", "", "HelpOnFormatting", 1));
 	$form->tmpl_param("styleurl", styleurl());
+	$form->tmpl_param("baseurl", "$config{url}/");
 	if (! $form->submitted) {
 		$form->field(name => "rcsinfo", value => rcs_prepedit($file),
 			force => 1);
@@ -340,9 +358,17 @@ sub cgi_editpage ($$) { #{{{
 	}
 	elsif ($form->submitted eq "Preview") {
 		require IkiWiki::Render;
+		# Apparently FormBuilder doesn't not treat input as
+		# utf-8, so decode from it.
+		require Encode;
+		my $content = Encode::decode_utf8($form->field('editcontent'));
+		$form->field(name => "editcontent",
+				value => $content, force => 1);
+		$form->field(name => "comments",
+				value => Encode::decode_utf8($form->field('comments')), force => 1);
 		$form->tmpl_param("page_preview",
 			htmlize($config{default_pageext},
-				linkify($form->field('content'), $page)));
+				linkify($page, $page, $content)));
 	}
 	else {
 		$form->tmpl_param("page_preview", "");
@@ -352,13 +378,6 @@ sub cgi_editpage ($$) { #{{{
 	if (! $form->submitted || $form->submitted eq "Preview" || 
 	    ! $form->validate) {
 		if ($form->field("do") eq "create") {
-			if (exists $pagesources{lc($page)}) {
-				# hmm, someone else made the page in the
-				# meantime?
-				print $q->redirect("$config{url}/".htmlpage($page));
-				return;
-			}
-			
 			my @page_locs;
 			my $best_loc;
 			my ($from)=$form->param('from')=~/$config{wiki_file_regexp}/;
@@ -371,7 +390,7 @@ sub cgi_editpage ($$) { #{{{
 			}
 			else {
 				my $dir=$from."/";
-				$dir=~s![^/]+/$!!;
+				$dir=~s![^/]+/+$!!;
 				
 				if ((defined $form->param('subpage') && length $form->param('subpage')) ||
 				    $page eq 'discussion') {
@@ -384,16 +403,23 @@ sub cgi_editpage ($$) { #{{{
 				push @page_locs, $dir.$page;
 				push @page_locs, "$from/$page";
 				while (length $dir) {
-					$dir=~s![^/]+/$!!;
+					$dir=~s![^/]+/+$!!;
 					push @page_locs, $dir.$page;
 				}
-
-				@page_locs = grep {
-					! exists $pagesources{lc($_)} &&
-					! page_locked($_, $session, 1)
-				} @page_locs;
 			}
 
+			@page_locs = grep {
+				! exists $pagesources{lc($_)} &&
+				! page_locked($_, $session, 1)
+			} @page_locs;
+			
+			if (! @page_locs) {
+				# hmm, someone else made the page in the
+				# meantime?
+				print $q->redirect("$config{url}/".htmlpage($page));
+				return;
+			}
+				
 			$form->tmpl_param("page_select", 1);
 			$form->field(name => "page", type => 'select',
 				options => \@page_locs, value => $best_loc);
@@ -401,14 +427,14 @@ sub cgi_editpage ($$) { #{{{
 		}
 		elsif ($form->field("do") eq "edit") {
 			page_locked($page, $session);
-			if (! defined $form->field('content') || 
-			    ! length $form->field('content')) {
+			if (! defined $form->field('editcontent') || 
+			    ! length $form->field('editcontent')) {
 				my $content="";
 				if (exists $pagesources{lc($page)}) {
 					$content=readfile(srcfile($pagesources{lc($page)}));
 					$content=~s/\n/\r\n/g;
 				}
-				$form->field(name => "content", value => $content,
+				$form->field(name => "editcontent", value => $content,
 					force => 1);
 			}
 			$form->tmpl_param("page_select", 0);
@@ -422,13 +448,17 @@ sub cgi_editpage ($$) { #{{{
 		# save page
 		page_locked($page, $session);
 		
-		my $content=$form->field('content');
+		# Decode utf-8 since FormBuilder does not
+		require Encode;
+		my $content=Encode::decode_utf8($form->field('editcontent'));
+
 		$content=~s/\r\n/\n/g;
 		$content=~s/\r/\n/g;
 		writefile($file, $config{srcdir}, $content);
 		
 		my $message="web commit ";
-		if (length $session->param("name")) {
+		if (defined $session->param("name") && 
+		    length $session->param("name")) {
 			$message.="by ".$session->param("name");
 		}
 		else {
@@ -436,7 +466,7 @@ sub cgi_editpage ($$) { #{{{
 		}
 		if (defined $form->field('comments') &&
 		    length $form->field('comments')) {
-			$message.=": ".$form->field('comments');
+			$message.=Encode::decode_utf8(": ".$form->field('comments'));
 		}
 		
 		if ($config{rcs}) {
@@ -454,7 +484,8 @@ sub cgi_editpage ($$) { #{{{
 				$form->field(name => "rcsinfo", value => rcs_prepedit($file),
 					force => 1);
 				$form->tmpl_param("page_conflict", 1);
-				$form->field("content", value => $conflict, force => 1);
+				$form->field("editcontent", value => $conflict, force => 1);
+				$form->field(name => "comments", value => Encode::decode_utf8($form->field('comments')), force => 1);
 				$form->field("do", "edit)");
 				$form->tmpl_param("page_select", 0);
 				$form->field(name => "page", type => 'hidden');
@@ -475,20 +506,16 @@ sub cgi_editpage ($$) { #{{{
 	}
 } #}}}
 
-sub cgi_hyperestraier () { #{{{
-	# only works for GET requests
-	chdir("$config{wikistatedir}/hyperestraier") || error("chdir: $!");
-	exec("./".basename($config{cgiurl})) || error("estseek.cgi failed");
-} #}}}
-
 sub cgi () { #{{{
 	eval q{use CGI};
 	eval q{use CGI::Session};
 	
 	my $q=CGI->new;
 	
-	if (defined $q->param('phrase')) {
-		cgi_hyperestraier();
+	if (exists $hooks{cgi}) {
+		foreach my $id (keys %{$hooks{cgi}}) {
+			$hooks{cgi}{$id}{call}->($q);
+		}
 	}
 	
 	my $do=$q->param('do');
@@ -508,14 +535,14 @@ sub cgi () { #{{{
 	CGI::Session->name("ikiwiki_session_$config{wikiname}");
 	
 	my $oldmask=umask(077);
-	my $session = CGI::Session->new("driver:db_file", $q,
+	my $session = CGI::Session->new("driver:DB_File", $q,
 		{ FileName => "$config{wikistatedir}/sessions.db" });
 	umask($oldmask);
 	
 	# Everything below this point needs the user to be signed in.
-	if ((! $config{anonok} && ! defined $session->param("name") ||
-	     ! defined $session->param("name") ||
-	     ! userinfo_get($session->param("name"), "regdate")) || $do eq 'signin') {
+	if ((! $config{anonok} &&
+	     (! defined $session->param("name") ||
+	     ! userinfo_get($session->param("name"), "regdate"))) || $do eq 'signin') {
 		cgi_signin($q, $session);
 	
 		# Force session flush with safe umask.