From 82281d1aef347080ff235ad18e92613012093f49 Mon Sep 17 00:00:00 2001 From: chrysn Date: Tue, 24 Mar 2009 08:21:22 +0100 Subject: [PATCH 1/1] wishlist, patch: inline autotitles --- doc/todo/inline_autotitles.mdwn | 45 +++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 doc/todo/inline_autotitles.mdwn diff --git a/doc/todo/inline_autotitles.mdwn b/doc/todo/inline_autotitles.mdwn new file mode 100644 index 000000000..9846687e9 --- /dev/null +++ b/doc/todo/inline_autotitles.mdwn @@ -0,0 +1,45 @@ +[[!tag wishlist]] +[[!tag patch]] + +for inlines of pages which follow a certain scheme, it might not be required to +set the title for each individual post, but to automatically set the title. +this can either be based on timestamp formatting, or use the already existing +munging mechanism, which appends numbers to page titles in case that page +already exists. + +two [patches][1] set inline up for that, adding an additional `autotitle` +parameter. if that is given, the regular input of the inline postform will be +replaced with a hidden input of that text. in addition, the empty title is +permitted (both for autotitle and regular titles, as they go in the same GET +parameter, `title`). as the empty page title is illegal, munging is used, +resulting in ascending numeric page titles to be created. + +the second patch is actually a one-liner, filtering the title through sprintf. + +### potential user interaction issues + +this has two side effects which have to be considered: first, the empty page +title is accepted also in normal postforms (previously, this resulted in a "bad +page name" error); second, entering a percent sign in that field might result +in unexpexted sprintf substitution (sprintf might not even substitute for +common uses of percent as in "reach 10% market share", but might in others as +in "the 10%-rule"). + +both can be circumvented by using another GET parameter for autotexts, for +which i could provide a patch. (as of writing this, i think i'll do that.) + +### potential security issues + +* the autotitle's value is directly output through the template (but that's + done in other places as well, so i assume it's safe) +* i don't know if anything bad can happen if unfiltered content is passed to + POSIX::strftime. + +### further extension + +having a pre-filled input field instead of an unchangable hidden input might be +cool (eg for creating an entry with yesterday's date), but would be a bit of a +problem with static pages. javascript could help with the date part, but name +munging would be yet another thing. + +[1]: http://... -- 2.44.0