#!/usr/bin/perl
+package IkiWiki;
+
use warnings;
use strict;
use IkiWiki;
use open qw{:utf8 :std};
use Encode;
-package IkiWiki;
-
sub printheader ($) { #{{{
my $session=shift;
# This untaint is safe because we check file_pruned.
my $page=$form->field('page');
$page=possibly_foolish_untaint($page);
+ my $absolute=($page =~ s#^/+##);
if (! defined $page || ! length $page ||
- file_pruned($page, $config{srcdir}) || $page=~/^\//) {
+ file_pruned($page, $config{srcdir})) {
error("bad page name");
}
elsif ($form->submitted eq "Save Page") {
$form->tmpl_param("page_preview", "");
}
- $form->tmpl_param("page_conflict", "");
if ($form->submitted ne "Save Page" || ! $form->validate) {
if ($form->field("do") eq "create") {
if (! defined $from || ! length $from ||
$from ne $form->field('from') ||
file_pruned($from, $config{srcdir}) ||
- $from=~/^\// ||
+ $from=~/^\// ||
+ $absolute ||
$form->submitted eq "Preview") {
@page_locs=$best_loc=$page;
}
if ($form->field("do") ne "create" && ! $exists &&
! defined srcfile($file, 1)) {
- $form->tmpl_param("page_gone", 1);
+ $form->tmpl_param("message", template("editpagegone.tmpl")->output);
$form->field(name => "do", value => "create", force => 1);
$form->tmpl_param("page_select", 0);
$form->field(name => "page", type => 'hidden');
return;
}
elsif ($form->field("do") eq "create" && $exists) {
- $form->tmpl_param("creation_conflict", 1);
+ $form->tmpl_param("message", template("editcreationconflict.tmpl")->output);
$form->field(name => "do", value => "edit", force => 1);
$form->tmpl_param("page_select", 0);
$form->field(name => "page", type => 'hidden');
if ($@) {
$form->field(name => "rcsinfo", value => rcs_prepedit($file),
force => 1);
- $form->tmpl_param("failed_save", 1);
- $form->tmpl_param("error_message", $@);
+ my $mtemplate=template("editfailedsave.tmpl");
+ $mtemplate->param(error_message => $@);
+ $form->tmpl_param("message", $mtemplate->output);
$form->field("editcontent", value => $content, force => 1);
$form->tmpl_param("page_select", 0);
$form->field(name => "page", type => 'hidden');
if (defined $conflict) {
$form->field(name => "rcsinfo", value => rcs_prepedit($file),
force => 1);
- $form->tmpl_param("page_conflict", 1);
+ $form->tmpl_param("message", template("editconflict.tmpl")->output);
$form->field("editcontent", value => $conflict, force => 1);
$form->field("do", "edit", force => 1);
$form->tmpl_param("page_select", 0);
CGI::Session->name("ikiwiki_session_".encode_utf8($config{wikiname}));
my $oldmask=umask(077);
- my $session = CGI::Session->new("driver:DB_File", $q,
- { FileName => "$config{wikistatedir}/sessions.db" });
+ my $session = eval {
+ CGI::Session->new("driver:DB_File", $q,
+ { FileName => "$config{wikistatedir}/sessions.db" })
+ };
+ if (! $session || $@) {
+ error($@." ".CGI::Session->errstr());
+ }
+
umask($oldmask);
return $session;
}
} #}}}
+# Does not need tobe called directly; all errors will go through here.
+sub cgierror ($) { #{{{
+ my $message=shift;
+
+ print "Content-type: text/html\n\n";
+ print misctemplate(gettext("Error"),
+ "<p class=\"error\">".gettext("Error").": $message</p>");
+ die $@;
+} #}}}
+
1