X-Git-Url: https://sipb.mit.edu/gitweb.cgi/ikiwiki.git/blobdiff_plain/52e16d4ec9aa0ec896dd8f0d8651bc5f7fb71531..4da54999de859c505c26ff2a0a23772939caeffa:/IkiWiki/CGI.pm

diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm
index 470677088..8a294e887 100644
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -78,9 +78,24 @@ sub check_canedit ($$$;$) { #{{{
 } #}}}
 
 sub decode_cgi_utf8 ($) { #{{{
-	my $cgi = shift;
-	foreach my $f ($cgi->param) {
-		$cgi->param($f, map { decode_utf8 $_ } $cgi->param($f));
+	# decode_form_utf8 method is needed for 5.10
+	if ($] < 5.01) {
+		my $cgi = shift;
+		foreach my $f ($cgi->param) {
+			$cgi->param($f, map { decode_utf8 $_ } $cgi->param($f));
+		}
+	}
+} #}}}
+
+sub decode_form_utf8 ($) { #{{{
+	if ($] >= 5.01) {
+		my $form = shift;
+		foreach my $f ($form->field) {
+			$form->field(name  => $f,
+			             value => decode_utf8($form->field($f)),
+		                     force => 1,
+			);
+		}
 	}
 } #}}}
 
@@ -127,10 +142,12 @@ sub cgi_signin ($$) { #{{{
 	$form->field(name => "do", type => "hidden", value => "signin",
 		force => 1);
 	
+	decode_form_utf8($form);
 	run_hooks(formbuilder_setup => sub {
 		shift->(form => $form, cgi => $q, session => $session,
 		        buttons => $buttons);
 	});
+	decode_form_utf8($form);
 
 	if ($form->submitted) {
 		$form->validate;
@@ -161,8 +178,18 @@ sub cgi_prefs ($$) { #{{{
 	my $session=shift;
 
 	needsignin($q, $session);
-
 	decode_cgi_utf8($q);
+	
+	# The session id is stored on the form and checked to
+	# guard against CSRF.
+	my $sid=$q->param('sid');
+	if (! defined $sid) {
+		$q->delete_all;
+	}
+	elsif ($sid ne $session->id) {
+		error(gettext("Your login session has expired."));
+	}
+
 	eval q{use CGI::FormBuilder};
 	error($@) if $@;
 	my $form = CGI::FormBuilder->new(
@@ -187,13 +214,18 @@ sub cgi_prefs ($$) { #{{{
 		],
 	);
 	my $buttons=["Save Preferences", "Logout", "Cancel"];
-
+	
+	decode_form_utf8($form);
 	run_hooks(formbuilder_setup => sub {
 		shift->(form => $form, cgi => $q, session => $session,
 		        buttons => $buttons);
 	});
+	decode_form_utf8($form);
 	
-	$form->field(name => "do", type => "hidden");
+	$form->field(name => "do", type => "hidden", value => "prefs",
+		force => 1);
+	$form->field(name => "sid", type => "hidden", value => $session->id,
+		force => 1);
 	$form->field(name => "email", size => 50, fieldset => "preferences");
 	$form->field(name => "banned_users", size => 50,
 		fieldset => "admin");
@@ -241,11 +273,11 @@ sub cgi_prefs ($$) { #{{{
 sub cgi_editpage ($$) { #{{{
 	my $q=shift;
 	my $session=shift;
+	
+	decode_cgi_utf8($q);
 
 	my @fields=qw(do rcsinfo subpage from page type editcontent comments);
 	my @buttons=("Save Page", "Preview", "Cancel");
-	
-	decode_cgi_utf8($q);
 	eval q{use CGI::FormBuilder};
 	error($@) if $@;
 	my $form = CGI::FormBuilder->new(
@@ -263,10 +295,12 @@ sub cgi_editpage ($$) { #{{{
 		wikiname => $config{wikiname},
 	);
 	
+	decode_form_utf8($form);
 	run_hooks(formbuilder_setup => sub {
 		shift->(form => $form, cgi => $q, session => $session,
 			buttons => \@buttons);
 	});
+	decode_form_utf8($form);
 	
 	# This untaint is safe because titlepage removes any problematic
 	# characters.
@@ -316,6 +350,8 @@ sub cgi_editpage ($$) { #{{{
 	}
 
 	$form->field(name => "do", type => 'hidden');
+	$form->field(name => "sid", type => "hidden", value => $session->id,
+		force => 1);
 	$form->field(name => "from", type => 'hidden');
 	$form->field(name => "rcsinfo", type => 'hidden');
 	$form->field(name => "subpage", type => 'hidden');
@@ -351,6 +387,7 @@ sub cgi_editpage ($$) { #{{{
 		}
 
 		my $content=$form->field('editcontent');
+
 		run_hooks(editcontent => sub {
 			$content=shift->(
 				content => $content,
@@ -360,11 +397,11 @@ sub cgi_editpage ($$) { #{{{
 			);
 		});
 		$form->tmpl_param("page_preview",
-			htmlize($page, $type,
+			htmlize($page, $page, $type,
 			linkify($page, $page,
 			preprocess($page, $page,
 			filter($page, $page, $content), 0, 1))));
-		
+	
 		if ($new) {
 			delete $pagesources{$page};
 		}
@@ -474,11 +511,21 @@ sub cgi_editpage ($$) { #{{{
 	else {
 		# save page
 		check_canedit($page, $q, $session);
+	
+		# The session id is stored on the form and checked to
+		# guard against CSRF. But only if the user is logged in,
+		# as anonok can allow anonymous edits.
+		if (defined $session->param("name")) {
+			my $sid=$q->param('sid');
+			if (! defined $sid || $sid ne $session->id) {
+				error(gettext("Your login session has expired."));
+			}
+		}
 
 		my $exists=-e "$config{srcdir}/$file";
 
 		if ($form->field("do") ne "create" && ! $exists &&
-		    ! eval { srcfile($file) }) {
+		    ! defined srcfile($file, 1)) {
 			$form->tmpl_param("page_gone", 1);
 			$form->field(name => "do", value => "create", force => 1);
 			$form->tmpl_param("page_select", 0);
@@ -590,6 +637,7 @@ sub cgi_getsession ($) { #{{{
 	my $q=shift;
 
 	eval q{use CGI::Session};
+	error($@) if $@;
 	CGI::Session->name("ikiwiki_session_".encode_utf8($config{wikiname}));
 	
 	my $oldmask=umask(077);
@@ -617,7 +665,9 @@ sub cgi (;$$) { #{{{
 		eval q{use CGI};
 		error($@) if $@;
 	
+		binmode(STDIN);
 		$q=CGI->new;
+		binmode(STDIN, ":utf8");
 	
 		run_hooks(cgi => sub { shift->($q) });
 	}