eval q{use CGI::FormBuilder};
error($@) if $@;
my $form = CGI::FormBuilder->new(
- title => "editpage",
fields => \@fields,
charset => "utf-8",
method => 'POST',
# This untaint is safe because titlepage removes any problematic
# characters.
- my ($page)=$form->field('page');
+ my $page=$form->field('page');
$page=titlepage(possibly_foolish_untaint($page));
if (! defined $page || ! length $page ||
file_pruned($page, $config{srcdir}) || $page=~/^\//) {
session => $session,
);
});
- $form->tmpl_param("page_preview",
- htmlize($page, $page, $type,
+ my $preview=htmlize($page, $page, $type,
linkify($page, $page,
preprocess($page, $page,
- filter($page, $page, $content), 0, 1))));
+ filter($page, $page, $content), 0, 1)));
+ run_hooks(format => sub {
+ $preview=shift->(
+ page => $page,
+ content => $preview,
+ );
+ });
+ $form->tmpl_param("page_preview", $preview);
if ($new) {
delete $pagesources{$page};
my $q=shift;
my $session=shift;
+ eval q{use CGI};
+ error($@) if $@;
+ $CGI::DISABLE_UPLOADS=$config{cgi_disable_uploads};
+
if (! $q) {
- eval q{use CGI};
- error($@) if $@;
-
binmode(STDIN);
$q=CGI->new;
binmode(STDIN, ":utf8");