X-Git-Url: https://sipb.mit.edu/gitweb.cgi/ikiwiki.git/blobdiff_plain/7351d545d96df3c1359312b1a5b79530fa6ab4fd..24b59b3a9edb350ef0dc064b0a3f3cdee01f81be:/IkiWiki/Plugin/editpage.pm

diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm
index 687ebf51e..3d731d399 100644
--- a/IkiWiki/Plugin/editpage.pm
+++ b/IkiWiki/Plugin/editpage.pm
@@ -6,52 +6,56 @@ use strict;
 use IkiWiki;
 use open qw{:utf8 :std};
 
-sub import { #{{{
+sub import {
 	hook(type => "getsetup", id => "editpage", call => \&getsetup);
+	hook(type => "refresh", id => "editpage", call => \&refresh);
         hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage);
-} # }}}
+}
 
-sub getsetup () { #{{{
+sub getsetup () {
 	return
 		plugin => {
 			safe => 1,
 			rebuild => 1,
+			section => "core",
 		},
-} #}}}
+}
 
-# Back to ikiwiki namespace for the rest, this code is very much
-# internal to ikiwiki even though it's separated into a plugin,
-# and other plugins use the functions below.
-package IkiWiki;
+sub refresh () {
+	if (exists $wikistate{editpage} && exists $wikistate{editpage}{previews}) {
+		# Expire old preview files after one hour.
+		my $expire=time - (60 * 60);
 
-sub check_canedit ($$$;$) { #{{{
-	my $page=shift;
-	my $q=shift;
-	my $session=shift;
-	my $nonfatal=shift;
-	
-	my $canedit;
-	run_hooks(canedit => sub {
-		return if defined $canedit;
-		my $ret=shift->($page, $q, $session);
-		if (defined $ret) {
-			if ($ret eq "") {
-				$canedit=1;
-			}
-			elsif (ref $ret eq 'CODE') {
-				$ret->() unless $nonfatal;
-				$canedit=0;
+		my @previews;
+		foreach my $file (@{$wikistate{editpage}{previews}}) {
+			my $mtime=(stat("$config{destdir}/$file"))[9];
+			if (defined $mtime && $mtime <= $expire) {
+				# Avoid deleting a preview that was later saved.
+				my $delete=1;
+				foreach my $page (keys %renderedfiles) {
+					if (grep { $_ eq $file } @{$renderedfiles{$page}}) {
+						$delete=0;
+					}
+				}
+				if ($delete) {
+					debug(sprintf(gettext("removing old preview %s"), $file));
+					IkiWiki::prune("$config{destdir}/$file");
+				}
 			}
-			elsif (defined $ret) {
-				error($ret) unless $nonfatal;
-				$canedit=0;
+			elsif (defined $mtime) {
+				push @previews, $file;
 			}
 		}
-	});
-	return $canedit;
-} #}}}
+		$wikistate{editpage}{previews}=\@previews;
+	}
+}
+
+# Back to ikiwiki namespace for the rest, this code is very much
+# internal to ikiwiki even though it's separated into a plugin,
+# and other plugins use the function below.
+package IkiWiki;
 
-sub cgi_editpage ($$) { #{{{
+sub cgi_editpage ($$) {
 	my $q=shift;
 	my $session=shift;
 	
@@ -74,8 +78,7 @@ sub cgi_editpage ($$) { #{{{
 		action => $config{cgiurl},
 		header => 0,
 		table => 0,
-		template => scalar template_params("editpage.tmpl"),
-		wikiname => $config{wikiname},
+		template => { template("editpage.tmpl") },
 	);
 	
 	decode_form_utf8($form);
@@ -89,10 +92,10 @@ sub cgi_editpage ($$) { #{{{
 	# wiki_file_regexp.
 	my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/;
 	$page=possibly_foolish_untaint($page);
-	my $absolute=($page =~ s#^/+##);
+	my $absolute=($page =~ s#^/+##); # absolute name used to force location
 	if (! defined $page || ! length $page ||
-	    file_pruned($page, $config{srcdir})) {
-		error("bad page name");
+	    file_pruned($page)) {
+		error(gettext("bad page name"));
 	}
 
 	my $baseurl = urlto($page, undef, 1);
@@ -126,7 +129,7 @@ sub cgi_editpage ($$) { #{{{
 			$type=pagetype($pagesources{$from});
 		}
 		$type=$config{default_pageext} unless defined $type;
-		$file=$page.".".$type;
+		$file=newpagefile($page, $type);
 		if (! $form->submitted) {
 			$form->field(name => "rcsinfo", value => "", force => 1);
 		}
@@ -145,12 +148,12 @@ sub cgi_editpage ($$) { #{{{
 	$form->field(name => "editcontent", type => "textarea", rows => 20,
 		cols => 80);
 	$form->tmpl_param("can_commit", $config{rcs});
-	$form->tmpl_param("indexlink", indexlink());
 	$form->tmpl_param("helponformattinglink",
 		htmllink($page, $page, "ikiwiki/formatting",
 			noimageinline => 1,
 			linktext => "FormattingHelp"));
 	
+	my $previewing=0;
 	if ($form->submitted eq "Cancel") {
 		if ($form->field("do") eq "create" && defined $from) {
 			redirect($q, urlto($from, undef, 1));
@@ -164,11 +167,12 @@ sub cgi_editpage ($$) { #{{{
 		exit;
 	}
 	elsif ($form->submitted eq "Preview") {
+		$previewing=1;
+
 		my $new=not exists $pagesources{$page};
-		if ($new) {
-			# temporarily record its type
-			$pagesources{$page}=$page.".".$type;
-		}
+		# temporarily record its type
+		$pagesources{$page}=$page.".".$type if $new;
+		my %wasrendered=map { $_ => 1 } @{$renderedfiles{$page}};
 
 		my $content=$form->field('editcontent');
 
@@ -191,11 +195,18 @@ sub cgi_editpage ($$) { #{{{
 			);
 		});
 		$form->tmpl_param("page_preview", $preview);
-	
-		if ($new) {
-			delete $pagesources{$page};
+		
+		# Previewing may have created files on disk.
+		# Keep a list of these to be deleted later.
+		my %previews = map { $_ => 1 } @{$wikistate{editpage}{previews}};
+		foreach my $f (@{$renderedfiles{$page}}) {
+			$previews{$f}=1 unless $wasrendered{$f};
 		}
-		# previewing may have created files on disk
+
+		# Throw out any other state changes made during previewing,
+		# and save the previews list.
+		loadindex();
+		@{$wikistate{editpage}{previews}} = keys %previews;
 		saveindex();
 	}
 	elsif ($form->submitted eq "Save Page") {
@@ -208,18 +219,18 @@ sub cgi_editpage ($$) { #{{{
 			my $best_loc;
 			if (! defined $from || ! length $from ||
 			    $from ne $form->field('from') ||
-			    file_pruned($from, $config{srcdir}) ||
-			    $from=~/^\// || 
+			    file_pruned($from) ||
 			    $absolute ||
-			    $form->submitted eq "Preview") {
+			    $form->submitted) {
 				@page_locs=$best_loc=$page;
 			}
 			else {
 				my $dir=$from."/";
 				$dir=~s![^/]+/+$!!;
 				
-				if ((defined $form->field('subpage') && length $form->field('subpage')) ||
-				    $page eq gettext('discussion')) {
+				if ((defined $form->field('subpage') &&
+				     length $form->field('subpage')) ||
+				    $page eq lc($config{discussionpage})) {
 					$best_loc="$from/$page";
 				}
 				else {
@@ -233,8 +244,9 @@ sub cgi_editpage ($$) { #{{{
 					push @page_locs, $dir.$page;
 				}
 			
-				push @page_locs, "$config{userdir}/$page"
-					if length $config{userdir};
+				my $userpage=IkiWiki::userpage($page);
+				push @page_locs, $userpage
+					if ! grep { $_ eq $userpage } @page_locs;
 			}
 
 			@page_locs = grep {
@@ -243,7 +255,7 @@ sub cgi_editpage ($$) { #{{{
 			if (! @page_locs) {
 				# hmm, someone else made the page in the
 				# meantime?
-				if ($form->submitted eq "Preview") {
+				if ($previewing) {
 					# let them go ahead with the edit
 					# and resolve the conflict at save
 					# time
@@ -259,15 +271,19 @@ sub cgi_editpage ($$) { #{{{
 				check_canedit($_, $q, $session, 1)
 			} @page_locs;
 			if (! @editable_locs) {
-				# let it throw an error this time
-				map { check_canedit($_, $q, $session) } @page_locs;
+				# now let it throw an error, or prompt for
+				# login
+				map { check_canedit($_, $q, $session) }
+					($best_loc, @page_locs);
 			}
 			
 			my @page_types;
 			if (exists $hooks{htmlize}) {
-				@page_types=grep { !/^_/ }
-					keys %{$hooks{htmlize}};
+				foreach my $key (grep { !/^_/ } keys %{$hooks{htmlize}}) {
+					push @page_types, [$key, $hooks{htmlize}{$key}{longname} || $key];
+				}
 			}
+			@page_types=sort @page_types;
 			
 			$form->tmpl_param("page_select", 1);
 			$form->field(name => "page", type => 'select',
@@ -296,21 +312,15 @@ sub cgi_editpage ($$) { #{{{
 			$form->title(sprintf(gettext("editing %s"), pagetitle($page)));
 		}
 		
-		showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
+		showform($form, \@buttons, $session, $q,
+			forcebaseurl => $baseurl,
+			($previewing ? (page => $page) : ()),
+		);
 	}
 	else {
 		# save page
 		check_canedit($page, $q, $session);
-	
-		# The session id is stored on the form and checked to
-		# guard against CSRF. But only if the user is logged in,
-		# as anonok can allow anonymous edits.
-		if (defined $session->param("name")) {
-			my $sid=$q->param('sid');
-			if (! defined $sid || $sid ne $session->id) {
-				error(gettext("Your login session has expired."));
-			}
-		}
+		checksessionexpiry($q, $session, $q->param('sid'));
 
 		my $exists=-e "$config{srcdir}/$file";
 
@@ -322,7 +332,8 @@ sub cgi_editpage ($$) { #{{{
 			$form->field(name => "page", type => 'hidden');
 			$form->field(name => "type", type => 'hidden');
 			$form->title(sprintf(gettext("editing %s"), $page));
-			showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
+			showform($form, \@buttons, $session, $q,
+				forcebaseurl => $baseurl);
 			exit;
 		}
 		elsif ($form->field("do") eq "create" && $exists) {
@@ -336,11 +347,21 @@ sub cgi_editpage ($$) { #{{{
 				value => readfile("$config{srcdir}/$file").
 				         "\n\n\n".$form->field("editcontent"),
 				force => 1);
-			showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
+			showform($form, \@buttons, $session, $q,
+				forcebaseurl => $baseurl);
 			exit;
 		}
+			
+		my $message="";
+		if (defined $form->field('comments') &&
+		    length $form->field('comments')) {
+			$message=$form->field('comments');
+		}
 		
 		my $content=$form->field('editcontent');
+		check_content(content => $content, page => $page,
+			cgi => $q, session => $session,
+			subject => $message);
 		run_hooks(editcontent => sub {
 			$content=shift->(
 				content => $content,
@@ -374,12 +395,6 @@ sub cgi_editpage ($$) { #{{{
 		
 		my $conflict;
 		if ($config{rcs}) {
-			my $message="";
-			if (defined $form->field('comments') &&
-			    length $form->field('comments')) {
-				$message=$form->field('comments');
-			}
-			
 			if (! $exists) {
 				rcs_add($file);
 			}
@@ -423,6 +438,6 @@ sub cgi_editpage ($$) { #{{{
 	}
 
 	exit;
-} #}}}
+}
 
 1