use IkiWiki;
use open qw{:utf8 :std};
-sub import { #{{{
+sub import {
hook(type => "getsetup", id => "editpage", call => \&getsetup);
+ hook(type => "refresh", id => "editpage", call => \&refresh);
hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage);
-} # }}}
+}
-sub getsetup () { #{{{
+sub getsetup () {
return
plugin => {
safe => 1,
rebuild => 1,
},
-} #}}}
+}
+
+sub refresh () {
+ if (exists $wikistate{editpage} && exists $wikistate{editpage}{previews}) {
+ # Expire old preview files after one hour.
+ my $expire=time - (60 * 60);
+
+ my @previews;
+ foreach my $file (@{$wikistate{editpage}{previews}}) {
+ my $mtime=(stat("$config{destdir}/$file"))[9];
+ if (defined $mtime && $mtime <= $expire) {
+ # Avoid deleting a preview that was later saved.
+ my $delete=1;
+ foreach my $page (keys %renderedfiles) {
+ if (grep { $_ eq $file } @{$renderedfiles{$page}}) {
+ $delete=0;
+ }
+ }
+ if ($delete) {
+ debug(sprintf(gettext("removing old preview %s"), $file));
+ IkiWiki::prune("$config{destdir}/$file");
+ }
+ }
+ elsif (defined $mtime) {
+ push @previews, $file;
+ }
+ }
+ $wikistate{editpage}{previews}=\@previews;
+ }
+}
# Back to ikiwiki namespace for the rest, this code is very much
# internal to ikiwiki even though it's separated into a plugin,
# and other plugins use the functions below.
package IkiWiki;
-sub check_canedit ($$$;$) { #{{{
+sub check_canedit ($$$;$) {
my $page=shift;
my $q=shift;
my $session=shift;
}
});
return $canedit;
-} #}}}
+}
-sub cgi_editpage ($$) { #{{{
+sub check_cansave ($$$$) {
+ my $page=shift;
+ my $content=shift;
+ my $q=shift;
+ my $session=shift;
+
+ my $cansave;
+ run_hooks(cansave => sub {
+ return if defined $cansave;
+ my $ret=shift->($page, $content, $q, $session);
+ if (defined $ret) {
+ if ($ret eq "") {
+ $cansave=1;
+ }
+ elsif (ref $ret eq 'CODE') {
+ $ret->();
+ $cansave=0;
+ }
+ else {
+ error($ret);
+ $cansave=0;
+ }
+ }
+ });
+ return $cansave;
+}
+
+sub cgi_editpage ($$) {
my $q=shift;
my $session=shift;
header => 0,
table => 0,
template => scalar template_params("editpage.tmpl"),
- wikiname => $config{wikiname},
);
decode_form_utf8($form);
});
decode_form_utf8($form);
- # This untaint is safe because we check file_pruned.
- my $page=$form->field('page');
+ # This untaint is safe because we check file_pruned and
+ # wiki_file_regexp.
+ my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/;
$page=possibly_foolish_untaint($page);
my $absolute=($page =~ s#^/+##);
if (! defined $page || ! length $page ||
file_pruned($page, $config{srcdir})) {
- error("bad page name");
+ error(gettext("bad page name"));
}
- my $baseurl=$config{url}."/".htmlpage($page);
-
+ my $baseurl = urlto($page, undef, 1);
+
my $from;
if (defined $form->field('from')) {
($from)=$form->field('from')=~/$config{wiki_file_regexp}/;
$type=pagetype($pagesources{$from});
}
$type=$config{default_pageext} unless defined $type;
- $file=$page.".".$type;
+ $file=newpagefile($page, $type);
if (! $form->submitted) {
$form->field(name => "rcsinfo", value => "", force => 1);
}
if ($form->submitted eq "Cancel") {
if ($form->field("do") eq "create" && defined $from) {
- redirect($q, "$config{url}/".htmlpage($from));
+ redirect($q, urlto($from, undef, 1));
}
elsif ($form->field("do") eq "create") {
redirect($q, $config{url});
}
else {
- redirect($q, "$config{url}/".htmlpage($page));
+ redirect($q, urlto($page, undef, 1));
}
exit;
}
# temporarily record its type
$pagesources{$page}=$page.".".$type;
}
+ my %wasrendered=map { $_ => 1 } @{$renderedfiles{$page}};
my $content=$form->field('editcontent');
);
});
$form->tmpl_param("page_preview", $preview);
-
+
if ($new) {
delete $pagesources{$page};
}
- # previewing may have created files on disk
+
+ # Previewing may have created files on disk.
+ # Keep a list of these to be deleted later.
+ my %previews = map { $_ => 1 } @{$wikistate{editpage}{previews}};
+ foreach my $f (@{$renderedfiles{$page}}) {
+ $previews{$f}=1 unless $wasrendered{$f};
+ }
+ @{$wikistate{editpage}{previews}} = keys %previews;
+ $renderedfiles{$page}=[keys %wasrendered];
saveindex();
}
elsif ($form->submitted eq "Save Page") {
file_pruned($from, $config{srcdir}) ||
$from=~/^\// ||
$absolute ||
- $form->submitted eq "Preview") {
+ $form->submitted) {
@page_locs=$best_loc=$page;
}
else {
@page_locs=$page;
}
else {
- redirect($q, "$config{url}/".htmlpage($page));
+ redirect($q, urlto($page, undef, 1));
exit;
}
}
else {
# save page
check_canedit($page, $q, $session);
-
- # The session id is stored on the form and checked to
- # guard against CSRF. But only if the user is logged in,
- # as anonok can allow anonymous edits.
- if (defined $session->param("name")) {
- my $sid=$q->param('sid');
- if (! defined $sid || $sid ne $session->id) {
- error(gettext("Your login session has expired."));
- }
- }
+ checksessionexpiry($q, $session, $q->param('sid'));
my $exists=-e "$config{srcdir}/$file";
}
my $content=$form->field('editcontent');
+ check_cansave($page, $content, $q, $session);
run_hooks(editcontent => sub {
$content=shift->(
content => $content,
else {
# The trailing question mark tries to avoid broken
# caches and get the most recent version of the page.
- redirect($q, "$config{url}/".htmlpage($page)."?updated");
+ redirect($q, urlto($page, undef, 1)."?updated");
}
}
exit;
-} #}}}
+}
1