]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/websetup.pm
passwordauth: avoid userinfo forgery via repeated email parameter
[git.ikiwiki.info.git] / IkiWiki / Plugin / websetup.pm
index cb6a7e412b601a1dfefc8b0403d7b3f658da1da5..f95017c90d71a6408dbd81028fcb15b32c7a3265 100644 (file)
@@ -151,7 +151,10 @@ sub showfields ($$$@) {
                my %info=%{shift @show};
 
                my $description=$info{description};
                my %info=%{shift @show};
 
                my $description=$info{description};
-               if (exists $info{link} && length $info{link}) {
+               if (exists $info{htmldescription}) {
+                       $description=$info{htmldescription};
+               }
+               elsif (exists $info{link} && length $info{link}) {
                        if ($info{link} =~ /^\w+:\/\//) {
                                $description="<a href=\"$info{link}\">$description</a>";
                        }
                        if ($info{link} =~ /^\w+:\/\//) {
                                $description="<a href=\"$info{link}\">$description</a>";
                        }
@@ -219,7 +222,8 @@ sub showfields ($$$@) {
                                options => [ [ 1 => $description ] ],
                                fieldset => $section,
                        );
                                options => [ [ 1 => $description ] ],
                                fieldset => $section,
                        );
-                       if (! $form->submitted) {
+                       if (! $form->submitted ||
+                           ($info{advanced} && $form->submitted eq 'Advanced Mode')) {
                                $form->field(name => $name, value => $value);
                        }
                }
                                $form->field(name => $name, value => $value);
                        }
                }
@@ -253,12 +257,8 @@ sub enable_plugin ($) {
 sub disable_plugin ($) {
        my $plugin=shift;
 
 sub disable_plugin ($) {
        my $plugin=shift;
 
-       if (grep { $_ eq $plugin } @{$config{add_plugins}}) {
-               $config{add_plugins}=[grep { $_ ne $plugin } @{$config{add_plugins}}];
-       }
-       else {
-               push @{$config{disable_plugins}}, $plugin;
-       }
+       $config{add_plugins}=[grep { $_ ne $plugin } @{$config{add_plugins}}];
+       push @{$config{disable_plugins}}, $plugin;
 }
 
 sub showform ($$) {
 }
 
 sub showform ($$) {
@@ -291,14 +291,15 @@ sub showform ($$) {
                fieldsets => [
                        [main => gettext("main")], 
                ],
                fieldsets => [
                        [main => gettext("main")], 
                ],
-               action => $config{cgiurl},
+               action => IkiWiki::cgiurl(),
                template => {type => 'div'},
                template => {type => 'div'},
-               stylesheet => IkiWiki::baseurl()."style.css",
+               stylesheet => 1,
        );
        
        $form->field(name => "do", type => "hidden", value => "setup",
                force => 1);
        $form->field(name => "rebuild_asked", type => "hidden");
        );
        
        $form->field(name => "do", type => "hidden", value => "setup",
                force => 1);
        $form->field(name => "rebuild_asked", type => "hidden");
+       $form->field(name => "showadvanced", type => "hidden");
 
        if ($form->submitted eq 'Basic Mode') {
                $form->field(name => "showadvanced", type => "hidden", 
 
        if ($form->submitted eq 'Basic Mode') {
                $form->field(name => "showadvanced", type => "hidden", 
@@ -346,7 +347,7 @@ sub showform ($$) {
        IkiWiki::decode_form_utf8($form);
        
        if ($form->submitted eq "Cancel") {
        IkiWiki::decode_form_utf8($form);
        
        if ($form->submitted eq "Cancel") {
-               IkiWiki::redirect($cgi, $config{url});
+               IkiWiki::redirect($cgi, IkiWiki::baseurl(undef));
                return;
        }
        elsif (($form->submitted eq 'Save Setup' || $form->submitted eq 'Rebuild Wiki') && $form->validate) {
                return;
        }
        elsif (($form->submitted eq 'Save Setup' || $form->submitted eq 'Rebuild Wiki') && $form->validate) {
@@ -449,10 +450,10 @@ sub showform ($$) {
                        IkiWiki::saveindex();
                        IkiWiki::unlockwiki();
 
                        IkiWiki::saveindex();
                        IkiWiki::unlockwiki();
 
-                       # Print the top part of a standard misctemplate,
-                       # then show the rebuild or refresh.
-                       my $divider="xxx";
-                       my $html=IkiWiki::misctemplate("setup", $divider);
+                       # Print the top part of a standard cgitemplate,
+                       # then show the rebuild or refresh, live.
+                       my $divider="\0";
+                       my $html=IkiWiki::cgitemplate($cgi, "setup", $divider);
                        IkiWiki::printheader($session);
                        my ($head, $tail)=split($divider, $html, 2);
                        print $head."<pre>\n";
                        IkiWiki::printheader($session);
                        my ($head, $tail)=split($divider, $html, 2);
                        print $head."<pre>\n";
@@ -477,7 +478,7 @@ sub showform ($$) {
                                                join(" ", @command), $ret).
                                        '</p>';
                                open(OUT, ">", $config{setupfile}) || error("$config{setupfile}: $!");
                                                join(" ", @command), $ret).
                                        '</p>';
                                open(OUT, ">", $config{setupfile}) || error("$config{setupfile}: $!");
-                               print OUT $oldsetup;
+                               print OUT Encode::encode_utf8($oldsetup);
                                close OUT;
                        }
 
                                close OUT;
                        }
 
@@ -503,9 +504,10 @@ sub formbuilder_setup (@) {
        my %params=@_;
 
        my $form=$params{form};
        my %params=@_;
 
        my $form=$params{form};
-       if ($form->title eq "preferences") {
-               push @{$params{buttons}}, "Wiki Setup";
-               if ($form->submitted && $form->submitted eq "Wiki Setup") {
+       if ($form->title eq "preferences" &&
+           IkiWiki::is_admin($params{session}->param("name"))) {
+               push @{$params{buttons}}, "Setup";
+               if ($form->submitted && $form->submitted eq "Setup") {
                        showform($params{cgi}, $params{session});
                        exit;
                }
                        showform($params{cgi}, $params{session});
                        exit;
                }