]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/comments.pm
projects / git.ikiwiki.info.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'master' of ssh://git.ikiwiki.info
[git.ikiwiki.info.git] / IkiWiki / Plugin / comments.pm
diff --git a/IkiWiki/Plugin/comments.pm b/IkiWiki/Plugin/comments.pm
index 1c10417c389cf4aedc11d0f9d510eaa134ff8b32..c00bf52752e9326a3ffc40855ed8b130dced74ce 100644 (file)
--- a/IkiWiki/Plugin/comments.pm
+++ b/IkiWiki/Plugin/comments.pm
@@ -9,7 +9,6 @@ use warnings;
 use strict;
 use IkiWiki 3.00;
 use Encode;
 use strict;
 use IkiWiki 3.00;
 use Encode;
-use POSIX qw(strftime);
 
 use constant PREVIEW => "Preview";
 use constant POST_COMMENT => "Post comment";
 
 use constant PREVIEW => "Preview";
 use constant POST_COMMENT => "Post comment";
@@ -21,11 +20,20 @@ my %commentstate;
 sub import {
        hook(type => "checkconfig", id => 'comments',  call => \&checkconfig);
        hook(type => "getsetup", id => 'comments',  call => \&getsetup);
 sub import {
        hook(type => "checkconfig", id => 'comments',  call => \&checkconfig);
        hook(type => "getsetup", id => 'comments',  call => \&getsetup);
+       hook(type => "preprocess", id => 'comment', call => \&preprocess,
+               scan => 1);
+       hook(type => "preprocess", id => 'commentmoderation', call => \&preprocess_moderation);
+       # here for backwards compatability with old comments
        hook(type => "preprocess", id => '_comment', call => \&preprocess);
        hook(type => "sessioncgi", id => 'comment', call => \&sessioncgi);
        hook(type => "htmlize", id => "_comment", call => \&htmlize);
        hook(type => "preprocess", id => '_comment', call => \&preprocess);
        hook(type => "sessioncgi", id => 'comment', call => \&sessioncgi);
        hook(type => "htmlize", id => "_comment", call => \&htmlize);
+       hook(type => "htmlize", id => "_comment_pending",
+               call => \&htmlize_pending);
        hook(type => "pagetemplate", id => "comments", call => \&pagetemplate);
        hook(type => "pagetemplate", id => "comments", call => \&pagetemplate);
-       hook(type => "cgi", id => "comments", call => \&linkcgi);
+       hook(type => "formbuilder_setup", id => "comments",
+               call => \&formbuilder_setup);
+       # Load goto to fix up user page links for logged-in commenters
+       IkiWiki::loadplugin("goto");
        IkiWiki::loadplugin("inline");
 }
 
        IkiWiki::loadplugin("inline");
 }
 
@@ -34,6 +42,7 @@ sub getsetup () {
                plugin => {
                        safe => 1,
                        rebuild => 1,
                plugin => {
                        safe => 1,
                        rebuild => 1,
+                       section => "web",
                },
                comments_pagespec => {
                        type => 'pagespec',
                },
                comments_pagespec => {
                        type => 'pagespec',
@@ -99,6 +108,14 @@ sub htmlize {
        return $params{content};
 }
 
        return $params{content};
 }
 
+sub htmlize_pending {
+       my %params = @_;
+       return sprintf(gettext("this comment needs %s"),
+               '<a href="'.
+               IkiWiki::cgiurl(do => "commentmoderation").'">'.
+               gettext("moderation").'</a>');
+}
+
 # FIXME: copied verbatim from meta
 sub safeurl ($) {
        my $url=shift;
 # FIXME: copied verbatim from meta
 sub safeurl ($) {
        my $url=shift;
@@ -126,24 +143,27 @@ sub preprocess {
        }
        $content =~ s/\\"/"/g;
 
        }
        $content =~ s/\\"/"/g;
 
-       $content = IkiWiki::filter($page, $params{destpage}, $content);
-
-       if ($config{comments_allowdirectives}) {
-               $content = IkiWiki::preprocess($page, $params{destpage},
-                       $content);
-       }
+       if (defined wantarray) {
+               if ($config{comments_allowdirectives}) {
+                       $content = IkiWiki::preprocess($page, $params{destpage},
+                               $content);
+               }
 
 
-       # no need to bother with htmlize if it's just HTML
-       $content = IkiWiki::htmlize($page, $params{destpage}, $format,
-               $content) if defined $format;
+               # no need to bother with htmlize if it's just HTML
+               $content = IkiWiki::htmlize($page, $params{destpage}, $format, $content)
+                       if defined $format;
 
 
-       IkiWiki::run_hooks(sanitize => sub {
-               $content = shift->(
-                       page => $page,
-                       destpage => $params{destpage},
-                       content => $content,
-               );
-       });
+               IkiWiki::run_hooks(sanitize => sub {
+                       $content = shift->(
+                               page => $page,
+                               destpage => $params{destpage},
+                               content => $content,
+                       );
+               });
+       }
+       else {
+               IkiWiki::preprocess($page, $params{destpage}, $content, 1);
+       }
 
        # set metadata, possibly overriding [[!meta]] directives from the
        # comment itself
 
        # set metadata, possibly overriding [[!meta]] directives from the
        # comment itself
@@ -161,15 +181,14 @@ sub preprocess {
                if (defined $oiduser) {
                        # looks like an OpenID
                        $commentauthorurl = $commentuser;
                if (defined $oiduser) {
                        # looks like an OpenID
                        $commentauthorurl = $commentuser;
-                       $commentauthor = $oiduser;
+                       $commentauthor = (defined $params{nickname} && length $params{nickname}) ? $params{nickname} : $oiduser;
                        $commentopenid = $commentuser;
                }
                else {
                        $commentauthorurl = IkiWiki::cgiurl(
                        $commentopenid = $commentuser;
                }
                else {
                        $commentauthorurl = IkiWiki::cgiurl(
-                               do => 'commenter',
-                               page => (length $config{userdir}
-                                       ? "$config{userdir}/$commentuser"
-                                       : "$commentuser"));
+                               do => 'goto',
+                               page => IkiWiki::userpage($commentuser)
+                       );
 
                        $commentauthor = $commentuser;
                }
 
                        $commentauthor = $commentuser;
                }
@@ -186,6 +205,7 @@ sub preprocess {
        $commentstate{$page}{commentip} = $commentip;
        $commentstate{$page}{commentauthor} = $commentauthor;
        $commentstate{$page}{commentauthorurl} = $commentauthorurl;
        $commentstate{$page}{commentip} = $commentip;
        $commentstate{$page}{commentauthor} = $commentauthor;
        $commentstate{$page}{commentauthorurl} = $commentauthorurl;
+       $commentstate{$page}{commentauthoravatar} = $params{avatar};
        if (! defined $pagestate{$page}{meta}{author}) {
                $pagestate{$page}{meta}{author} = $commentauthor;
        }
        if (! defined $pagestate{$page}{meta}{author}) {
                $pagestate{$page}{meta}{author} = $commentauthor;
        }
@@ -202,7 +222,7 @@ sub preprocess {
                        my $url=$params{url};
 
                        eval q{use URI::Heuristic}; 
                        my $url=$params{url};
 
                        eval q{use URI::Heuristic}; 
-                       if (! $@) {
+                       if (! $@) {
                                $url=URI::Heuristic::uf_uristr($url);
                        }
 
                                $url=URI::Heuristic::uf_uristr($url);
                        }
 
@@ -217,12 +237,14 @@ sub preprocess {
        }
 
        if (defined $params{subject}) {
        }
 
        if (defined $params{subject}) {
-               $pagestate{$page}{meta}{title} = $params{subject};
+               # decode title the same way meta does
+               eval q{use HTML::Entities};
+               $pagestate{$page}{meta}{title} = decode_entities($params{subject});
        }
 
        }
 
-       if ($params{page} =~ m/\/(\Q$config{comments_pagename}\E\d+)$/) {
-               $pagestate{$page}{meta}{permalink} = urlto(IkiWiki::dirname($params{page}), undef, 1).
-                       "#".$params{page};
+       if ($params{page} =~ m/\/\Q$config{comments_pagename}\E\d+_/) {
+               $pagestate{$page}{meta}{permalink} = urlto(IkiWiki::dirname($params{page})).
+                       "#".page_to_id($params{page});
        }
 
        eval q{use Date::Parse};
        }
 
        eval q{use Date::Parse};
@@ -234,43 +256,44 @@ sub preprocess {
        return $content;
 }
 
        return $content;
 }
 
-# This is exactly the same as recentchanges_link :-(
-sub linkcgi ($) {
-       my $cgi=shift;
-       if (defined $cgi->param('do') && $cgi->param('do') eq "commenter") {
+sub preprocess_moderation {
+       my %params = @_;
 
 
-               my $page=decode_utf8($cgi->param("page"));
-               if (! defined $page) {
-                       error("missing page parameter");
-               }
+       $params{desc}=gettext("Comment Moderation")
+               unless defined $params{desc};
 
 
-               IkiWiki::loadindex();
+       if (length $config{cgiurl}) {
+               return '<a href="'.
+                       IkiWiki::cgiurl(do => 'commentmoderation').
+                       '">'.$params{desc}.'</a>';
+       }
+       else {
+               return $params{desc};
+       }
+}
 
 
-               my $link=bestlink("", $page);
-               if (! length $link) {
-                       print "Content-type: text/html\n\n";
-                       print IkiWiki::misctemplate(gettext(gettext("missing page")),
-                               "<p>".
-                               sprintf(gettext("The page %s does not exist."),
-                                       htmllink("", "", $page)).
-                               "</p>");
-               }
-               else {
-                       IkiWiki::redirect($cgi, urlto($link, undef, 1));
-               }
+sub sessioncgi ($$) {
+       my $cgi=shift;
+       my $session=shift;
 
 
+       my $do = $cgi->param('do');
+       if ($do eq 'comment') {
+               editcomment($cgi, $session);
+       }
+       elsif ($do eq 'commentmoderation') {
+               commentmoderation($cgi, $session);
+       }
+       elsif ($do eq 'commentsignin') {
+               IkiWiki::cgi_signin($cgi, $session);
                exit;
        }
 }
 
 # Mostly cargo-culted from IkiWiki::plugin::editpage
                exit;
        }
 }
 
 # Mostly cargo-culted from IkiWiki::plugin::editpage
-sub sessioncgi ($$) {
+sub editcomment ($$) {
        my $cgi=shift;
        my $session=shift;
 
        my $cgi=shift;
        my $session=shift;
 
-       my $do = $cgi->param('do');
-       return unless $do eq 'comment';
-
        IkiWiki::decode_cgi_utf8($cgi);
 
        eval q{use CGI::FormBuilder};
        IkiWiki::decode_cgi_utf8($cgi);
 
        eval q{use CGI::FormBuilder};
@@ -278,16 +301,17 @@ sub sessioncgi ($$) {
 
        my @buttons = (POST_COMMENT, PREVIEW, CANCEL);
        my $form = CGI::FormBuilder->new(
 
        my @buttons = (POST_COMMENT, PREVIEW, CANCEL);
        my $form = CGI::FormBuilder->new(
-               fields => [qw{do sid page subject editcontent type author url}],
+               fields => [qw{do sid page subject editcontent type author
+                       email url subscribe anonsubscribe}],
                charset => 'utf-8',
                method => 'POST',
                required => [qw{editcontent}],
                javascript => 0,
                params => $cgi,
                charset => 'utf-8',
                method => 'POST',
                required => [qw{editcontent}],
                javascript => 0,
                params => $cgi,
-               action => $config{cgiurl},
+               action => IkiWiki::cgiurl(),
                header => 0,
                table => 0,
                header => 0,
                table => 0,
-               template => scalar IkiWiki::template_params('editcomment.tmpl'),
+               template => { template('editcomment.tmpl') },
        );
 
        IkiWiki::decode_form_utf8($form);
        );
 
        IkiWiki::decode_form_utf8($form);
@@ -304,10 +328,15 @@ sub sessioncgi ($$) {
        else {
                $type = $config{default_pageext};
        }
        else {
                $type = $config{default_pageext};
        }
+
+
        my @page_types;
        if (exists $IkiWiki::hooks{htmlize}) {
        my @page_types;
        if (exists $IkiWiki::hooks{htmlize}) {
-               @page_types = grep { ! /^_/ } keys %{$IkiWiki::hooks{htmlize}};
+               foreach my $key (grep { !/^_/ } keys %{$IkiWiki::hooks{htmlize}}) {
+                       push @page_types, [$key, $IkiWiki::hooks{htmlize}{$key}{longname} || $key];
+               }
        }
        }
+       @page_types=sort @page_types;
 
        $form->field(name => 'do', type => 'hidden');
        $form->field(name => 'sid', type => 'hidden', value => $session->id,
 
        $form->field(name => 'do', type => 'hidden');
        $form->field(name => 'sid', type => 'hidden', value => $session->id,
@@ -318,37 +347,57 @@ sub sessioncgi ($$) {
        $form->field(name => "type", value => $type, force => 1,
                type => 'select', options => \@page_types);
 
        $form->field(name => "type", value => $type, force => 1,
                type => 'select', options => \@page_types);
 
-       $form->tmpl_param(username => $session->param('name'));
+       my $username=$session->param('name');
+       $form->tmpl_param(username => $username);
+               
+       $form->field(name => "subscribe", type => 'hidden');
+       $form->field(name => "anonsubscribe", type => 'hidden');
+       if (IkiWiki::Plugin::notifyemail->can("subscribe")) {
+               if (defined $username) {
+                       $form->field(name => "subscribe", type => "checkbox",
+                               options => [gettext("email replies to me")]);
+               }
+               elsif (IkiWiki::Plugin::passwordauth->can("anonuser")) {
+                       $form->field(name => "anonsubscribe", type => "checkbox",
+                               options => [gettext("email replies to me")]);
+               }
+       }
 
        if ($config{comments_allowauthor} and
            ! defined $session->param('name')) {
                $form->tmpl_param(allowauthor => 1);
                $form->field(name => 'author', type => 'text', size => '40');
 
        if ($config{comments_allowauthor} and
            ! defined $session->param('name')) {
                $form->tmpl_param(allowauthor => 1);
                $form->field(name => 'author', type => 'text', size => '40');
+               $form->field(name => 'email', type => 'text', size => '40');
                $form->field(name => 'url', type => 'text', size => '40');
        }
        else {
                $form->tmpl_param(allowauthor => 0);
                $form->field(name => 'author', type => 'hidden', value => '',
                        force => 1);
                $form->field(name => 'url', type => 'text', size => '40');
        }
        else {
                $form->tmpl_param(allowauthor => 0);
                $form->field(name => 'author', type => 'hidden', value => '',
                        force => 1);
+               $form->field(name => 'email', type => 'hidden', value => '',
+                       force => 1);
                $form->field(name => 'url', type => 'hidden', value => '',
                        force => 1);
        }
 
                $form->field(name => 'url', type => 'hidden', value => '',
                        force => 1);
        }
 
+       if (! defined $session->param('name')) {
+               # Make signinurl work and return here.
+               $form->tmpl_param(signinurl => IkiWiki::cgiurl(do => 'commentsignin'));
+               $session->param(postsignin => $ENV{QUERY_STRING});
+               IkiWiki::cgi_savesession($session);
+       }
+
        # The untaint is OK (as in editpage) because we're about to pass
        # The untaint is OK (as in editpage) because we're about to pass
-       # it to file_pruned anyway
-       my $page = $form->field('page');
+       # it to file_pruned and wiki_file_regexp anyway.
+       my ($page) = $form->field('page')=~/$config{wiki_file_regexp}/;
        $page = IkiWiki::possibly_foolish_untaint($page);
        if (! defined $page || ! length $page ||
        $page = IkiWiki::possibly_foolish_untaint($page);
        if (! defined $page || ! length $page ||
-               IkiWiki::file_pruned($page, $config{srcdir})) {
+               IkiWiki::file_pruned($page)) {
                error(gettext("bad page name"));
        }
 
                error(gettext("bad page name"));
        }
 
-       # FIXME: is this right? Or should we be using the candidate subpage
-       # (whatever that might mean) as the base URL?
-       my $baseurl = urlto($page, undef, 1);
-
        $form->title(sprintf(gettext("commenting on %s"),
        $form->title(sprintf(gettext("commenting on %s"),
-                       IkiWiki::pagetitle($page)));
+                       IkiWiki::pagetitle(IkiWiki::basename($page))));
 
        $form->tmpl_param('helponformattinglink',
                htmllink($page, $page, 'ikiwiki/formatting',
 
        $form->tmpl_param('helponformattinglink',
                htmllink($page, $page, 'ikiwiki/formatting',
@@ -358,8 +407,7 @@ sub sessioncgi ($$) {
 
        if ($form->submitted eq CANCEL) {
                # bounce back to the page they wanted to comment on, and exit.
 
        if ($form->submitted eq CANCEL) {
                # bounce back to the page they wanted to comment on, and exit.
-               # CANCEL need not be considered in future
-               IkiWiki::redirect($cgi, urlto($page, undef, 1));
+               IkiWiki::redirect($cgi, urlto($page));
                exit;
        }
 
                exit;
        }
 
@@ -382,57 +430,61 @@ sub sessioncgi ($$) {
        IkiWiki::check_canedit($page, $cgi, $session);
        $postcomment=0;
 
        IkiWiki::check_canedit($page, $cgi, $session);
        $postcomment=0;
 
-       # FIXME: rather a simplistic way to make the comments...
-       my $i = 0;
-       my $file;
-       my $location;
-       do {
-               $i++;
-               $location = "$page/$config{comments_pagename}$i";
-       } while (-e "$config{srcdir}/$location._comment");
-
-       my $content = "[[!_comment format=$type\n";
+       my $content = "[[!comment format=$type\n";
 
 
-       # FIXME: handling of double quotes probably wrong?
        if (defined $session->param('name')) {
                my $username = $session->param('name');
                $username =~ s/"/&quot;/g;
                $content .= " username=\"$username\"\n";
        }
        if (defined $session->param('name')) {
                my $username = $session->param('name');
                $username =~ s/"/&quot;/g;
                $content .= " username=\"$username\"\n";
        }
-       elsif (defined $ENV{REMOTE_ADDR}) {
-               my $ip = $ENV{REMOTE_ADDR};
-               if ($ip =~ m/^([.0-9]+)$/) {
-                       $content .= " ip=\"$1\"\n";
-               }
+       if (defined $session->param('nickname')) {
+               my $nickname = $session->param('nickname');
+               $nickname =~ s/"/&quot;/g;
+               $content .= " nickname=\"$nickname\"\n";
+       }
+       elsif (defined $session->remote_addr()) {
+               $content .= " ip=\"".$session->remote_addr()."\"\n";
        }
 
        if ($config{comments_allowauthor}) {
                my $author = $form->field('author');
        }
 
        if ($config{comments_allowauthor}) {
                my $author = $form->field('author');
-               if (length $author) {
+               if (defined $author && length $author) {
                        $author =~ s/"/&quot;/g;
                        $content .= " claimedauthor=\"$author\"\n";
                }
                my $url = $form->field('url');
                        $author =~ s/"/&quot;/g;
                        $content .= " claimedauthor=\"$author\"\n";
                }
                my $url = $form->field('url');
-               if (length $url) {
+               if (defined $url && length $url) {
                        $url =~ s/"/&quot;/g;
                        $content .= " url=\"$url\"\n";
                }
        }
 
                        $url =~ s/"/&quot;/g;
                        $content .= " url=\"$url\"\n";
                }
        }
 
+       my $avatar=getavatar($session->param('name'));
+       if (defined $avatar && length $avatar) {
+               $avatar =~ s/"/&quot;/g;
+               $content .= " avatar=\"$avatar\"\n";
+       }
+
        my $subject = $form->field('subject');
        my $subject = $form->field('subject');
-       if (length $subject) {
+       if (defined $subject && length $subject) {
                $subject =~ s/"/&quot;/g;
                $subject =~ s/"/&quot;/g;
-               $content .= " subject=\"$subject\"\n";
        }
        }
+       else {
+               $subject = "comment ".(num_comments($page, $config{srcdir}) + 1);
+       }
+       $content .= " subject=\"$subject\"\n";
 
 
-       $content .= " date=\"" . decode_utf8(strftime('%Y-%m-%dT%H:%M:%SZ', gmtime)) . "\"\n";
+       $content .= " date=\"" . strftime_utf8('%Y-%m-%dT%H:%M:%SZ', gmtime) . "\"\n";
 
 
-       my $editcontent = $form->field('editcontent') || '';
+       my $editcontent = $form->field('editcontent');
+       $editcontent="" if ! defined $editcontent;
        $editcontent =~ s/\r\n/\n/g;
        $editcontent =~ s/\r/\n/g;
        $editcontent =~ s/"/\\"/g;
        $content .= " content=\"\"\"\n$editcontent\n\"\"\"]]\n";
 
        $editcontent =~ s/\r\n/\n/g;
        $editcontent =~ s/\r/\n/g;
        $editcontent =~ s/"/\\"/g;
        $content .= " content=\"\"\"\n$editcontent\n\"\"\"]]\n";
 
+       my $location=unique_comment_location($page, $content, $config{srcdir});
+
        # This is essentially a simplified version of editpage:
        # - the user does not control the page that's created, only the parent
        # - it's always a create operation, never an edit
        # This is essentially a simplified version of editpage:
        # - the user does not control the page that's created, only the parent
        # - it's always a create operation, never an edit
@@ -440,41 +492,69 @@ sub sessioncgi ($$) {
        # - this means that if they do, rocks fall and everyone dies
 
        if ($form->submitted eq PREVIEW) {
        # - this means that if they do, rocks fall and everyone dies
 
        if ($form->submitted eq PREVIEW) {
-               my $preview = IkiWiki::htmlize($location, $page, '_comment',
-                               IkiWiki::linkify($location, $page,
-                                       IkiWiki::preprocess($location, $page,
-                                               IkiWiki::filter($location,
-                                                       $page, $content),
-                                               0, 1)));
+               my $preview=previewcomment($content, $location, $page, time);
                IkiWiki::run_hooks(format => sub {
                IkiWiki::run_hooks(format => sub {
-                               $preview = shift->(page => $page,
-                                       content => $preview);
-                       });
-
-               my $template = template("comment.tmpl");
-               $template->param(content => $preview);
-               $template->param(title => $form->field('subject'));
-               $template->param(ctime => displaytime(time));
-
-               IkiWiki::run_hooks(pagetemplate => sub {
-                       shift->(page => $location,
-                               destpage => $page,
-                               template => $template);
+                       $preview = shift->(page => $page,
+                               content => $preview);
                });
                });
-
-               $form->tmpl_param(page_preview => $template->output);
+               $form->tmpl_param(page_preview => $preview);
        }
        else {
                $form->tmpl_param(page_preview => "");
        }
 
        if ($form->submitted eq POST_COMMENT && $form->validate) {
        }
        else {
                $form->tmpl_param(page_preview => "");
        }
 
        if ($form->submitted eq POST_COMMENT && $form->validate) {
-               my $file = "$location._comment";
-
                IkiWiki::checksessionexpiry($cgi, $session);
 
                IkiWiki::checksessionexpiry($cgi, $session);
 
+               if (IkiWiki::Plugin::notifyemail->can("subscribe")) {
+                       my $subspec="comment($page)";
+                       if (defined $username &&
+                           length $form->field("subscribe")) {
+                               IkiWiki::Plugin::notifyemail::subscribe(
+                                       $username, $subspec);
+                       }
+                       elsif (length $form->field("email") &&
+                              length $form->field("anonsubscribe")) {
+                               IkiWiki::Plugin::notifyemail::anonsubscribe(
+                                       $form->field("email"), $subspec);
+                       }
+               }
+               
+               $postcomment=1;
+               my $ok=IkiWiki::check_content(content => $form->field('editcontent'),
+                       subject => $form->field('subject'),
+                       $config{comments_allowauthor} ? (
+                               author => $form->field('author'),
+                               url => $form->field('url'),
+                       ) : (),
+                       page => $location,
+                       cgi => $cgi,
+                       session => $session,
+                       nonfatal => 1,
+               );
+               $postcomment=0;
+
+               if (! $ok) {
+                       $location=unique_comment_location($page, $content, $config{srcdir}, "._comment_pending");
+                       writefile("$location._comment_pending", $config{srcdir}, $content);
+
+                       # Refresh so anything that deals with pending
+                       # comments can be updated.
+                       require IkiWiki::Render;
+                       IkiWiki::refresh();
+                       IkiWiki::saveindex();
+
+                       IkiWiki::printheader($session);
+                       print IkiWiki::cgitemplate($cgi, gettext(gettext("comment stored for moderation")),
+                               "<p>".
+                               gettext("Your comment will be posted after moderator review").
+                               "</p>");
+                       exit;
+               }
+
                # FIXME: could probably do some sort of graceful retry
                # on error? Would require significant unwinding though
                # FIXME: could probably do some sort of graceful retry
                # on error? Would require significant unwinding though
+               my $file = "$location._comment";
                writefile($file, $config{srcdir}, $content);
 
                my $conflict;
                writefile($file, $config{srcdir}, $content);
 
                my $conflict;
@@ -490,8 +570,10 @@ sub sessioncgi ($$) {
 
                        IkiWiki::rcs_add($file);
                        IkiWiki::disable_commit_hook();
 
                        IkiWiki::rcs_add($file);
                        IkiWiki::disable_commit_hook();
-                       $conflict = IkiWiki::rcs_commit_staged($message,
-                               $session->param('name'), $ENV{REMOTE_ADDR});
+                       $conflict = IkiWiki::rcs_commit_staged(
+                               message => $message,
+                               session => $session,
+                       );
                        IkiWiki::enable_commit_hook();
                        IkiWiki::rcs_update();
                }
                        IkiWiki::enable_commit_hook();
                        IkiWiki::rcs_update();
                }
@@ -508,24 +590,242 @@ sub sessioncgi ($$) {
                # Jump to the new comment on the page.
                # The trailing question mark tries to avoid broken
                # caches and get the most recent version of the page.
                # Jump to the new comment on the page.
                # The trailing question mark tries to avoid broken
                # caches and get the most recent version of the page.
-               IkiWiki::redirect($cgi, urlto($page, undef, 1)."#$location?updated");
+               IkiWiki::redirect($cgi, urlto($page).
+                       "?updated#".page_to_id($location));
 
        }
        else {
 
        }
        else {
-               IkiWiki::showform ($form, \@buttons, $session, $cgi,
-                       forcebaseurl => $baseurl);
+               IkiWiki::showform($form, \@buttons, $session, $cgi,
+                       page => $page);
+       }
+
+       exit;
+}
+
+sub getavatar ($) {
+       my $user=shift;
+       return undef unless defined $user;
+
+       my $avatar;
+       eval q{use Libravatar::URL};
+       if (! $@) {
+               my $oiduser = eval { IkiWiki::openiduser($user) };
+               my $https=defined $config{url} && $config{url}=~/^https:/;
+
+               if (defined $oiduser) {
+                       eval {
+                               $avatar = libravatar_url(openid => $user, https => $https);
+                       }
+               }
+               if (! defined $avatar &&
+                   (my $email = IkiWiki::userinfo_get($user, 'email'))) {
+                       eval {
+                               $avatar = libravatar_url(email => $email, https => $https);
+                       }
+               }
+       }
+       return $avatar;
+}
+
+
+sub commentmoderation ($$) {
+       my $cgi=shift;
+       my $session=shift;
+
+       IkiWiki::needsignin($cgi, $session);
+       if (! IkiWiki::is_admin($session->param("name"))) {
+               error(gettext("you are not logged in as an admin"));
+       }
+
+       IkiWiki::decode_cgi_utf8($cgi);
+       
+       if (defined $cgi->param('sid')) {
+               IkiWiki::checksessionexpiry($cgi, $session);
+
+               my $rejectalldefer=$cgi->param('rejectalldefer');
+
+               my %vars=$cgi->Vars;
+               my $added=0;
+               foreach my $id (keys %vars) {
+                       if ($id =~ /(.*)\._comment(?:_pending)?$/) {
+                               $id=decode_utf8($id);
+                               my $action=$cgi->param($id);
+                               next if $action eq 'Defer' && ! $rejectalldefer;
+
+                               # Make sure that the id is of a legal
+                               # pending comment.
+                               my ($f) = $id =~ /$config{wiki_file_regexp}/;
+                               if (! defined $f || ! length $f ||
+                                   IkiWiki::file_pruned($f)) {
+                                       error("illegal file");
+                               }
+
+                               my $page=IkiWiki::dirname($f);
+                               my $file="$config{srcdir}/$f";
+                               my $filedir=$config{srcdir};
+                               if (! -e $file) {
+                                       # old location
+                                       $file="$config{wikistatedir}/comments_pending/".$f;
+                                       $filedir="$config{wikistatedir}/comments_pending";
+                               }
+
+                               if ($action eq 'Accept') {
+                                       my $content=eval { readfile($file) };
+                                       next if $@; # file vanished since form was displayed
+                                       my $dest=unique_comment_location($page, $content, $config{srcdir})."._comment";
+                                       writefile($dest, $config{srcdir}, $content);
+                                       if ($config{rcs} and $config{comments_commit}) {
+                                               IkiWiki::rcs_add($dest);
+                                       }
+                                       $added++;
+                               }
+
+                               require IkiWiki::Render;
+                               IkiWiki::prune($file, $filedir);
+                       }
+               }
+
+               if ($added) {
+                       my $conflict;
+                       if ($config{rcs} and $config{comments_commit}) {
+                               my $message = gettext("Comment moderation");
+                               IkiWiki::disable_commit_hook();
+                               $conflict=IkiWiki::rcs_commit_staged(
+                                       message => $message,
+                                       session => $session,
+                               );
+                               IkiWiki::enable_commit_hook();
+                               IkiWiki::rcs_update();
+                       }
+               
+                       # Now we need a refresh
+                       require IkiWiki::Render;
+                       IkiWiki::refresh();
+                       IkiWiki::saveindex();
+               
+                       error($conflict) if defined $conflict;
+               }
        }
 
        }
 
+       my @comments=map {
+               my ($id, $dir, $ctime)=@{$_};
+               my $content=readfile("$dir/$id");
+               my $preview=previewcomment($content, $id,
+                       $id, $ctime);
+               {
+                       id => $id,
+                       view => $preview,
+               }
+       } sort { $b->[2] <=> $a->[2] } comments_pending();
+
+       my $template=template("commentmoderation.tmpl");
+       $template->param(
+               sid => $session->id,
+               comments => \@comments,
+               cgiurl => IkiWiki::cgiurl(),
+       );
+       IkiWiki::printheader($session);
+       my $out=$template->output;
+       IkiWiki::run_hooks(format => sub {
+               $out = shift->(page => "", content => $out);
+       });
+       print IkiWiki::cgitemplate($cgi, gettext("comment moderation"), $out);
        exit;
 }
 
        exit;
 }
 
+sub formbuilder_setup (@) {
+       my %params=@_;
+
+       my $form=$params{form};
+       if ($form->title eq "preferences" &&
+           IkiWiki::is_admin($params{session}->param("name"))) {
+               push @{$params{buttons}}, "Comment Moderation";
+               if ($form->submitted && $form->submitted eq "Comment Moderation") {
+                       commentmoderation($params{cgi}, $params{session});
+               }
+       }
+}
+
+sub comments_pending () {
+       my @ret;
+
+       eval q{use File::Find};
+       error($@) if $@;
+       eval q{use Cwd};
+       error($@) if $@;
+       my $origdir=getcwd();
+
+       my $find_comments=sub {
+               my $dir=shift;
+               my $extension=shift;
+               return unless -d $dir;
+
+               chdir($dir) || die "chdir $dir: $!";
+
+               find({
+                       no_chdir => 1,
+                       wanted => sub {
+                               my $file=decode_utf8($_);
+                               $file=~s/^\.\///;
+                               return if ! length $file || IkiWiki::file_pruned($file)
+                                       || -l $_ || -d _ || $file !~ /\Q$extension\E$/;
+                               my ($f) = $file =~ /$config{wiki_file_regexp}/; # untaint
+                               if (defined $f) {
+                                       my $ctime=(stat($_))[10];
+                                       push @ret, [$f, $dir, $ctime];
+                               }
+                       }
+               }, ".");
+
+               chdir($origdir) || die "chdir $origdir: $!";
+       };
+       
+       $find_comments->($config{srcdir}, "._comment_pending");
+       # old location
+       $find_comments->("$config{wikistatedir}/comments_pending/",
+               "._comment");
+
+       return @ret;
+}
+
+sub previewcomment ($$$) {
+       my $content=shift;
+       my $location=shift;
+       my $page=shift;
+       my $time=shift;
+
+       # Previewing a comment should implicitly enable comment posting mode.
+       my $oldpostcomment=$postcomment;
+       $postcomment=1;
+
+       my $preview = IkiWiki::htmlize($location, $page, '_comment',
+                       IkiWiki::linkify($location, $page,
+                       IkiWiki::preprocess($location, $page,
+                       IkiWiki::filter($location, $page, $content), 0, 1)));
+
+       my $template = template("comment.tmpl");
+       $template->param(content => $preview);
+       $template->param(ctime => displaytime($time, undef, 1));
+       $template->param(html5 => $config{html5});
+
+       IkiWiki::run_hooks(pagetemplate => sub {
+               shift->(page => $location,
+                       destpage => $page,
+                       template => $template);
+       });
+
+       $template->param(have_actions => 0);
+
+       $postcomment=$oldpostcomment;
+
+       return $template->output;
+}
+
 sub commentsshown ($) {
        my $page=shift;
 
 sub commentsshown ($) {
        my $page=shift;
 
-       return ! pagespec_match($page, "*/$config{comments_pagename}*",
-                               location => $page) &&
-              pagespec_match($page, $config{comments_pagespec},
-                             location => $page);
+       return pagespec_match($page, $config{comments_pagespec},
+               location => $page);
 }
 
 sub commentsopen ($) {
 }
 
 sub commentsopen ($) {
@@ -552,7 +852,7 @@ sub pagetemplate (@) {
                my $comments = undef;
                if ($shown) {
                        $comments = IkiWiki::preprocess_inline(
                my $comments = undef;
                if ($shown) {
                        $comments = IkiWiki::preprocess_inline(
-                               pages => "internal($page/$config{comments_pagename}*)",
+                               pages => "comment($page) and !comment($page/*)",
                                template => 'comment',
                                show => 0,
                                reverse => 'yes',
                                template => 'comment',
                                show => 0,
                                reverse => 'yes',
@@ -568,42 +868,56 @@ sub pagetemplate (@) {
                }
 
                if ($shown && commentsopen($page)) {
                }
 
                if ($shown && commentsopen($page)) {
-                       my $addcommenturl = IkiWiki::cgiurl(do => 'comment',
-                               page => $page);
-                       $template->param(addcommenturl => $addcommenturl);
+                       $template->param(addcommenturl => addcommenturl($page));
                }
        }
 
                }
        }
 
-       if ($template->query(name => 'commentsurl')) {
-               if ($shown) {
+       if ($shown) {
+               if ($template->query(name => 'commentsurl')) {
                        $template->param(commentsurl =>
                        $template->param(commentsurl =>
-                               urlto($page, undef, 1).'#comments');
+                               urlto($page).'#comments');
                }
                }
-       }
 
 
-       if ($template->query(name => 'atomcommentsurl') && $config{usedirs}) {
-               if ($shown) {
+               if ($template->query(name => 'atomcommentsurl') && $config{usedirs}) {
                        # This will 404 until there are some comments, but I
                        # think that's probably OK...
                        $template->param(atomcommentsurl =>
                        # This will 404 until there are some comments, but I
                        # think that's probably OK...
                        $template->param(atomcommentsurl =>
-                               urlto($page, undef, 1).'comments.atom');
+                               urlto($page).'comments.atom');
                }
                }
-       }
 
 
-       if ($template->query(name => 'commentslink')) {
-               # XXX Would be nice to say how many comments there are in
-               # the link. But, to update the number, blog pages
-               # would have to update whenever comments of any inlines
-               # page are added, which is not currently done.
-               if ($shown) {
-                       $template->param(commentslink =>
-                               htmllink($page, $params{destpage}, $page,
-                                       linktext => gettext("Comments"),
+               if ($template->query(name => 'commentslink')) {
+                       my $num=num_comments($page, $config{srcdir});
+                       my $link;
+                       if ($num > 0) {
+                               $link = htmllink($page, $params{destpage}, $page,
+                                       linktext => sprintf(ngettext("%i comment", "%i comments", $num), $num),
                                        anchor => "comments",
                                        anchor => "comments",
-                                       noimageinline => 1));
+                                       noimageinline => 1
+                               );
+                       }
+                       elsif (commentsopen($page)) {
+                               $link = "<a href=\"".addcommenturl($page)."\">".
+                                       #translators: Here "Comment" is a verb;
+                                       #translators: the user clicks on it to
+                                       #translators: post a comment.
+                                       gettext("Comment").
+                                       "</a>";
+                       }
+                       $template->param(commentslink => $link)
+                               if defined $link;
                }
        }
 
                }
        }
 
+       # everything below this point is only relevant to the comments
+       # themselves
+       if (!exists $commentstate{$page}) {
+               return;
+       }
+       
+       if ($template->query(name => 'commentid')) {
+               $template->param(commentid => page_to_id($page));
+       }
+
        if ($template->query(name => 'commentuser')) {
                $template->param(commentuser =>
                        $commentstate{$page}{commentuser});
        if ($template->query(name => 'commentuser')) {
                $template->param(commentuser =>
                        $commentstate{$page}{commentuser});
@@ -628,8 +942,65 @@ sub pagetemplate (@) {
                $template->param(commentauthorurl =>
                        $commentstate{$page}{commentauthorurl});
        }
                $template->param(commentauthorurl =>
                        $commentstate{$page}{commentauthorurl});
        }
+
+       if ($template->query(name => 'commentauthoravatar')) {
+               $template->param(commentauthoravatar =>
+                       $commentstate{$page}{commentauthoravatar});
+       }
+
+       if ($template->query(name => 'removeurl') &&
+           IkiWiki::Plugin::remove->can("check_canremove") &&
+           length $config{cgiurl}) {
+               $template->param(removeurl => IkiWiki::cgiurl(do => 'remove',
+                       page => $page));
+               $template->param(have_actions => 1);
+       }
+}
+
+sub addcommenturl ($) {
+       my $page=shift;
+
+       return IkiWiki::cgiurl(do => 'comment', page => $page);
+}
+
+sub num_comments ($$) {
+       my $page=shift;
+       my $dir=shift;
+
+       my @comments=glob("$dir/$page/$config{comments_pagename}*._comment");
+       return int @comments;
+}
+
+sub unique_comment_location ($$$$) {
+       my $page=shift;
+       eval q{use Digest::MD5 'md5_hex'};
+       error($@) if $@;
+       my $content_md5=md5_hex(Encode::encode_utf8(shift));
+       my $dir=shift;
+       my $ext=shift || "._comment";
+
+       my $location;
+       my $i = num_comments($page, $dir);
+       do {
+               $i++;
+               $location = "$page/$config{comments_pagename}${i}_${content_md5}";
+       } while (-e "$dir/$location$ext");
+
+       return $location;
 }
 
 }
 
+sub page_to_id ($) {
+       # Converts a comment page name into a unique, legal html id
+       # attribute value, that can be used as an anchor to link to the
+       # comment.
+       my $page=shift;
+
+       eval q{use Digest::MD5 'md5_hex'};
+       error($@) if $@;
+
+       return "comment-".md5_hex(Encode::encode_utf8(($page)));
+}
+       
 package IkiWiki::PageSpec;
 
 sub match_postcomment ($$;@) {
 package IkiWiki::PageSpec;
 
 sub match_postcomment ($$;@) {
@@ -639,7 +1010,41 @@ sub match_postcomment ($$;@) {
        if (! $postcomment) {
                return IkiWiki::FailReason->new("not posting a comment");
        }
        if (! $postcomment) {
                return IkiWiki::FailReason->new("not posting a comment");
        }
-       return match_glob($page, $glob);
+       return match_glob($page, $glob, @_);
+}
+
+sub match_comment ($$;@) {
+       my $page = shift;
+       my $glob = shift;
+
+       if (! $postcomment) {
+               # To see if it's a comment, check the source file type.
+               # Deal with comments that were just deleted.
+               my $source=exists $IkiWiki::pagesources{$page} ?
+                       $IkiWiki::pagesources{$page} :
+                       $IkiWiki::delpagesources{$page};
+               my $type=defined $source ? IkiWiki::pagetype($source) : undef;
+               if (! defined $type || $type ne "_comment") {
+                       return IkiWiki::FailReason->new("$page is not a comment");
+               }
+       }
+
+       return match_glob($page, "$glob/*", internal => 1, @_);
+}
+
+sub match_comment_pending ($$;@) {
+       my $page = shift;
+       my $glob = shift;
+       
+       my $source=exists $IkiWiki::pagesources{$page} ?
+               $IkiWiki::pagesources{$page} :
+               $IkiWiki::delpagesources{$page};
+       my $type=defined $source ? IkiWiki::pagetype($source) : undef;
+       if (! defined $type || $type ne "_comment_pending") {
+               return IkiWiki::FailReason->new("$page is not a pending comment");
+       }
+
+       return match_glob($page, "$glob/*", internal => 1, @_);
 }
 
 1
 }
 
 1
Unnamed repository; edit this file 'description' to name the repository.