X-Git-Url: https://sipb.mit.edu/gitweb.cgi/ikiwiki.git/blobdiff_plain/c4be16703fa571e8922b43446b24cf1c4f90a371..81eae1a531ab6e538985a8531b39ef3c5f865bdc:/IkiWiki/Plugin/editpage.pm diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm index 8ab02cabc..26e38abc1 100644 --- a/IkiWiki/Plugin/editpage.pm +++ b/IkiWiki/Plugin/editpage.pm @@ -6,19 +6,20 @@ use strict; use IkiWiki; use open qw{:utf8 :std}; -sub import { #{{{ +sub import { hook(type => "getsetup", id => "editpage", call => \&getsetup); hook(type => "refresh", id => "editpage", call => \&refresh); hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage); -} # }}} +} -sub getsetup () { #{{{ +sub getsetup () { return plugin => { safe => 1, rebuild => 1, + section => "core", }, -} #}}} +} sub refresh () { if (exists $wikistate{editpage} && exists $wikistate{editpage}{previews}) { @@ -51,37 +52,10 @@ sub refresh () { # Back to ikiwiki namespace for the rest, this code is very much # internal to ikiwiki even though it's separated into a plugin, -# and other plugins use the functions below. +# and other plugins use the function below. package IkiWiki; -sub check_canedit ($$$;$) { #{{{ - my $page=shift; - my $q=shift; - my $session=shift; - my $nonfatal=shift; - - my $canedit; - run_hooks(canedit => sub { - return if defined $canedit; - my $ret=shift->($page, $q, $session); - if (defined $ret) { - if ($ret eq "") { - $canedit=1; - } - elsif (ref $ret eq 'CODE') { - $ret->() unless $nonfatal; - $canedit=0; - } - elsif (defined $ret) { - error($ret) unless $nonfatal; - $canedit=0; - } - } - }); - return $canedit; -} #}}} - -sub cgi_editpage ($$) { #{{{ +sub cgi_editpage ($$) { my $q=shift; my $session=shift; @@ -105,7 +79,6 @@ sub cgi_editpage ($$) { #{{{ header => 0, table => 0, template => scalar template_params("editpage.tmpl"), - wikiname => $config{wikiname}, ); decode_form_utf8($form); @@ -119,10 +92,10 @@ sub cgi_editpage ($$) { #{{{ # wiki_file_regexp. my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/; $page=possibly_foolish_untaint($page); - my $absolute=($page =~ s#^/+##); + my $absolute=($page =~ s#^/+##); # absolute name used to force location if (! defined $page || ! length $page || - file_pruned($page, $config{srcdir})) { - error("bad page name"); + file_pruned($page)) { + error(gettext("bad page name")); } my $baseurl = urlto($page, undef, 1); @@ -156,7 +129,7 @@ sub cgi_editpage ($$) { #{{{ $type=pagetype($pagesources{$from}); } $type=$config{default_pageext} unless defined $type; - $file=$page.".".$type; + $file=newpagefile($page, $type); if (! $form->submitted) { $form->field(name => "rcsinfo", value => "", force => 1); } @@ -230,8 +203,8 @@ sub cgi_editpage ($$) { #{{{ # Previewing may have created files on disk. # Keep a list of these to be deleted later. my %previews = map { $_ => 1 } @{$wikistate{editpage}{previews}}; - foreach my $file (@{$renderedfiles{$page}}) { - $previews{$file}=1 unless $wasrendered{$file}; + foreach my $f (@{$renderedfiles{$page}}) { + $previews{$f}=1 unless $wasrendered{$f}; } @{$wikistate{editpage}{previews}} = keys %previews; $renderedfiles{$page}=[keys %wasrendered]; @@ -247,18 +220,18 @@ sub cgi_editpage ($$) { #{{{ my $best_loc; if (! defined $from || ! length $from || $from ne $form->field('from') || - file_pruned($from, $config{srcdir}) || - $from=~/^\// || + file_pruned($from) || $absolute || - $form->submitted eq "Preview") { + $form->submitted) { @page_locs=$best_loc=$page; } else { my $dir=$from."/"; $dir=~s![^/]+/+$!!; - if ((defined $form->field('subpage') && length $form->field('subpage')) || - $page eq gettext('discussion')) { + if ((defined $form->field('subpage') && + length $form->field('subpage')) || + $page eq lc($config{discussionpage})) { $best_loc="$from/$page"; } else { @@ -272,8 +245,9 @@ sub cgi_editpage ($$) { #{{{ push @page_locs, $dir.$page; } - push @page_locs, "$config{userdir}/$page" - if length $config{userdir}; + my $userpage=IkiWiki::userpage($page); + push @page_locs, $userpage + if ! grep { $_ eq $userpage } @page_locs; } @page_locs = grep { @@ -298,15 +272,19 @@ sub cgi_editpage ($$) { #{{{ check_canedit($_, $q, $session, 1) } @page_locs; if (! @editable_locs) { - # let it throw an error this time - map { check_canedit($_, $q, $session) } @page_locs; + # now let it throw an error, or prompt for + # login + map { check_canedit($_, $q, $session) } + ($best_loc, @page_locs); } my @page_types; if (exists $hooks{htmlize}) { - @page_types=grep { !/^_/ } - keys %{$hooks{htmlize}}; + foreach my $key (grep { !/^_/ } keys %{$hooks{htmlize}}) { + push @page_types, [$key, $hooks{htmlize}{$key}{longname} || $key]; + } } + @page_types=sort @page_types; $form->tmpl_param("page_select", 1); $form->field(name => "page", type => 'select', @@ -340,16 +318,7 @@ sub cgi_editpage ($$) { #{{{ else { # save page check_canedit($page, $q, $session); - - # The session id is stored on the form and checked to - # guard against CSRF. But only if the user is logged in, - # as anonok can allow anonymous edits. - if (defined $session->param("name")) { - my $sid=$q->param('sid'); - if (! defined $sid || $sid ne $session->id) { - error(gettext("Your login session has expired.")); - } - } + checksessionexpiry($q, $session, $q->param('sid')); my $exists=-e "$config{srcdir}/$file"; @@ -378,8 +347,17 @@ sub cgi_editpage ($$) { #{{{ showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl); exit; } + + my $message=""; + if (defined $form->field('comments') && + length $form->field('comments')) { + $message=$form->field('comments'); + } my $content=$form->field('editcontent'); + check_content(content => $content, page => $page, + cgi => $q, session => $session, + subject => $message); run_hooks(editcontent => sub { $content=shift->( content => $content, @@ -413,12 +391,6 @@ sub cgi_editpage ($$) { #{{{ my $conflict; if ($config{rcs}) { - my $message=""; - if (defined $form->field('comments') && - length $form->field('comments')) { - $message=$form->field('comments'); - } - if (! $exists) { rcs_add($file); } @@ -462,6 +434,6 @@ sub cgi_editpage ($$) { #{{{ } exit; -} #}}} +} 1