From: Joey Hess <joey@gnu.kitenet.net>
Date: Sat, 17 Jan 2009 01:46:55 +0000 (-0500)
Subject: checkcontent: New hook, can be used to implement arbitrary content filters, including... 
X-Git-Url: https://sipb.mit.edu/gitweb.cgi/ikiwiki.git/commitdiff_plain/f7b2cfcf50f12ad6ce7358f74e8db9d6083aa284?ds=sidebyside

checkcontent: New hook, can be used to implement arbitrary content filters, including spam filters.
---

diff --git a/IkiWiki/Plugin/comments.pm b/IkiWiki/Plugin/comments.pm
index 16f9a873f..14e785c8f 100644
--- a/IkiWiki/Plugin/comments.pm
+++ b/IkiWiki/Plugin/comments.pm
@@ -467,9 +467,18 @@ sub sessioncgi ($$) {
 	}
 
 	if ($form->submitted eq POST_COMMENT && $form->validate) {
-		my $file = "$location._comment";
-
 		IkiWiki::checksessionexpiry($cgi, $session);
+		
+		IkiWiki::check_content(content => $form->field('editcontent'),
+			subject => $form->field('subject'),
+			$config{comments_allowauthor} ? (
+				author => $form->field('author'),
+				url => $form->field('url'),
+			) : (),
+			page => $location,
+			cgi => $cgi, session => $session);
+		
+		my $file = "$location._comment";
 
 		# FIXME: could probably do some sort of graceful retry
 		# on error? Would require significant unwinding though
diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm
index ed994306f..bba52e4fd 100644
--- a/IkiWiki/Plugin/editpage.pm
+++ b/IkiWiki/Plugin/editpage.pm
@@ -78,7 +78,43 @@ sub check_canedit ($$$;$) {
 			}
 		}
 	});
-	return $canedit;
+	return defined $canedit ? $canedit : 1;
+}
+
+sub check_content (@) {
+	my %params=@_;
+	
+	return 1 if ! exists $hooks{checkcontent}; # optimisation
+
+	if (exists $pagesources{$params{page}}) {
+		my @diff;
+		my %old=map { $_ => 1 }
+		        split("\n", readfile(srcfile($pagesources{$params{page}})));
+		foreach my $line (split("\n", $params{content})) {
+			push @diff, $line if ! exists $old{$_};
+		}
+		$params{content}=join("\n", @diff);
+	}
+
+	my $ok;
+	run_hooks(checkcontent => sub {
+		return if defined $ok;
+		my $ret=shift->(%params);
+		if (defined $ret) {
+			if ($ret eq "") {
+				$ok=1;
+			}
+			elsif (ref $ret eq 'CODE') {
+				$ret->();
+				$ok=0;
+			}
+			elsif (defined $ret) {
+				error($ret);
+			}
+		}
+
+	});
+	return defined $ok ? $ok : 1;
 }
 
 sub cgi_editpage ($$) {
@@ -368,8 +404,17 @@ sub cgi_editpage ($$) {
 			showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
 			exit;
 		}
+			
+		my $message="";
+		if (defined $form->field('comments') &&
+		    length $form->field('comments')) {
+			$message=$form->field('comments');
+		}
 		
 		my $content=$form->field('editcontent');
+		check_content(content => $content, page => $page,
+			cgi => $q, session => $session,
+			subject => $message);
 		run_hooks(editcontent => sub {
 			$content=shift->(
 				content => $content,
@@ -403,12 +448,6 @@ sub cgi_editpage ($$) {
 		
 		my $conflict;
 		if ($config{rcs}) {
-			my $message="";
-			if (defined $form->field('comments') &&
-			    length $form->field('comments')) {
-				$message=$form->field('comments');
-			}
-			
 			if (! $exists) {
 				rcs_add($file);
 			}
diff --git a/debian/changelog b/debian/changelog
index f35606148..b75fe6afc 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -18,6 +18,8 @@ ikiwiki (3.02) UNRELEASED; urgency=low
     behave better.
   * Add auto-blog.setup, which will set up an ikiwiki instance tuned for use
     in blogging.
+  * checkcontent: New hook, can be used to implement arbitrary content
+    filters, including spam filters.
 
  -- Joey Hess <joeyh@debian.org>  Tue, 06 Jan 2009 15:02:52 -0500
 
diff --git a/doc/plugins/write.mdwn b/doc/plugins/write.mdwn
index 405876d58..99eea3d16 100644
--- a/doc/plugins/write.mdwn
+++ b/doc/plugins/write.mdwn
@@ -303,7 +303,7 @@ can check if the session object has a "name" parameter set.
 
 ### canedit
 
-	hook(type => "canedit", id => "foo", call => \&pagelocked);
+	hook(type => "canedit", id => "foo", call => \&canedit);
 
 This hook can be used to implement arbitrary access methods to control when
 a page can be edited using the web interface (commits from revision control
@@ -321,6 +321,26 @@ This hook should avoid directly redirecting the user to a signin page,
 since it's sometimes used to test to see which pages in a set of pages a
 user can edit.
 
+### checkcontent
+	
+	hook(type => "checkcontent", id => "foo", call => \&checkcontent);
+
+This hook is called to check the content a user has entered on a page,
+before it is saved, and decide if it should be allowed.
+
+It is passed named parameters: `content`, `page`, `cgi`, and `session`. If
+the content the user has entered is a comment, it may also be passed some
+additional parameters: `author`, `url`, and `subject`. The `subject`
+parameter may also be filled with the user's comment about the change.
+
+Note: When the user edits an existing wiki page, the passed `content` will
+include only the lines that they added to the page, or modified.
+
+The hook should return `undef` on success. If the content is disallowed, it
+should return a message stating what the problem is, or a function
+that can be run to perform whatever action is necessary to allow the user
+to post the content.
+
 ### editcontent
 
 	hook(type => "editcontent", id => "foo", call => \&editcontent);