]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Render.pm
meta: Security fix; don't allow alternative stylesheets to be added on pages where...
[git.ikiwiki.info.git] / IkiWiki / Render.pm
index 49d080c161a9c6cc93250b3c6a8dc204a5ee209a..a653ab2da02e542828349c3d9f3ac200340608f4 100644 (file)
@@ -62,8 +62,8 @@ sub genpage ($$) {
        my $page=shift;
        my $content=shift;
        
        my $page=shift;
        my $content=shift;
        
-       run_hooks(postscan => sub {
-               shift->(page => $page, content => $content);
+       run_hooks(indexhtml => sub {
+               shift->(page => $page, destpage => $page, content => $content);
        });
 
        my $templatefile;
        });
 
        my $templatefile;
@@ -74,20 +74,24 @@ sub genpage ($$) {
                        $templatefile=$file;
                }
        });
                        $templatefile=$file;
                }
        });
-       my $template=template(defined $templatefile ? $templatefile : 'page.tmpl', blind_cache => 1);
-       my $actions=0;
+       my $template;
+       if (defined $templatefile) {
+               $template=template_depends($templatefile, $page,
+                       blind_cache => 1);
+       }
+       else {
+               # no explicit depends as special case
+               $template=template('page.tmpl', 
+                       blind_cache => 1);
+       }
 
 
+       my $actions=0;
        if (length $config{cgiurl}) {
                if (IkiWiki->can("cgi_editpage")) {
                        $template->param(editurl => cgiurl(do => "edit", page => $page));
                        $actions++;
                }
        if (length $config{cgiurl}) {
                if (IkiWiki->can("cgi_editpage")) {
                        $template->param(editurl => cgiurl(do => "edit", page => $page));
                        $actions++;
                }
-               if (exists $hooks{auth}) {
-                       $template->param(prefsurl => cgiurl(do => "prefs"));
-                       $actions++;
-               }
        }
        }
-               
        if (defined $config{historyurl} && length $config{historyurl}) {
                my $u=$config{historyurl};
                $u=~s/\[\[file\]\]/$pagesources{$page}/g;
        if (defined $config{historyurl} && length $config{historyurl}) {
                my $u=$config{historyurl};
                $u=~s/\[\[file\]\]/$pagesources{$page}/g;
@@ -102,10 +106,10 @@ sub genpage ($$) {
                        $actions++;
                }
        }
                        $actions++;
                }
        }
-
        if ($actions) {
                $template->param(have_actions => 1);
        }
        if ($actions) {
                $template->param(have_actions => 1);
        }
+       templateactions($template, $page);
 
        my @backlinks=sort { $a->{page} cmp $b->{page} } backlinks($page);
        my ($backlinks, $more_backlinks);
 
        my @backlinks=sort { $a->{page} cmp $b->{page} } backlinks($page);
        my ($backlinks, $more_backlinks);
@@ -127,8 +131,9 @@ sub genpage ($$) {
                backlinks => $backlinks,
                more_backlinks => $more_backlinks,
                mtime => displaytime($pagemtime{$page}),
                backlinks => $backlinks,
                more_backlinks => $more_backlinks,
                mtime => displaytime($pagemtime{$page}),
-               ctime => displaytime($pagectime{$page}),
+               ctime => displaytime($pagectime{$page}, undef, 1),
                baseurl => baseurl($page),
                baseurl => baseurl($page),
+               html5 => $config{html5},
        );
 
        run_hooks(pagetemplate => sub {
        );
 
        run_hooks(pagetemplate => sub {
@@ -287,12 +292,17 @@ sub find_src_files () {
        eval q{use File::Find};
        error($@) if $@;
 
        eval q{use File::Find};
        error($@) if $@;
 
-       my ($page, $dir, $underlay);
+       eval q{use Cwd};
+       die $@ if $@;
+       my $origdir=getcwd();
+       my $abssrcdir=Cwd::abs_path($config{srcdir});
+
+       my ($page, $underlay);
        my $helper=sub {
                my $file=decode_utf8($_);
 
                return if -l $file || -d _;
        my $helper=sub {
                my $file=decode_utf8($_);
 
                return if -l $file || -d _;
-               $file=~s/^\Q$dir\E\/?//;
+               $file=~s/^\.\///;
                return if ! length $file;
                $page = pagename($file);
                if (! exists $pagesources{$page} &&
                return if ! length $file;
                $page = pagename($file);
                if (! exists $pagesources{$page} &&
@@ -304,11 +314,12 @@ sub find_src_files () {
                my ($f) = $file =~ /$config{wiki_file_regexp}/; # untaint
                if (! defined $f) {
                        warn(sprintf(gettext("skipping bad filename %s"), $file)."\n");
                my ($f) = $file =~ /$config{wiki_file_regexp}/; # untaint
                if (! defined $f) {
                        warn(sprintf(gettext("skipping bad filename %s"), $file)."\n");
+                       return;
                }
        
                if ($underlay) {
                        # avoid underlaydir override attacks; see security.mdwn
                }
        
                if ($underlay) {
                        # avoid underlaydir override attacks; see security.mdwn
-                       if (! -l "$config{srcdir}/$f" && ! -e _) {
+                       if (! -l "$abssrcdir/$f" && ! -e _) {
                                if (! $pages{$page}) {
                                        push @files, $f;
                                        $pages{$page}=1;
                                if (! $pages{$page}) {
                                        push @files, $f;
                                        $pages{$page}=1;
@@ -324,17 +335,24 @@ sub find_src_files () {
                }
        };
 
                }
        };
 
+       chdir($config{srcdir}) || die "chdir $config{srcdir}: $!";
        find({
                no_chdir => 1,
                wanted => $helper,
        find({
                no_chdir => 1,
                wanted => $helper,
-       }, $dir=$config{srcdir});
+       }, '.');
+       chdir($origdir) || die "chdir $origdir: $!";
+
        $underlay=1;
        foreach (@{$config{underlaydirs}}, $config{underlaydir}) {
        $underlay=1;
        foreach (@{$config{underlaydirs}}, $config{underlaydir}) {
-               find({
-                       no_chdir => 1,
-                       wanted => $helper,
-               }, $dir=$_);
+               if (chdir($_)) {
+                       find({
+                               no_chdir => 1,
+                               wanted => $helper,
+                       }, '.');
+                       chdir($origdir) || die "chdir: $!";
+               }
        };
        };
+
        return \@files, \%pages;
 }
 
        return \@files, \%pages;
 }
 
@@ -347,6 +365,35 @@ sub find_new_files ($) {
 
        foreach my $file (@$files) {
                my $page=pagename($file);
 
        foreach my $file (@$files) {
                my $page=pagename($file);
+
+               if ($config{rcs} && $config{gettime} &&
+                   -e "$config{srcdir}/$file") {
+                       if (! $times_noted) {
+                               debug(sprintf(gettext("querying %s for file creation and modification times.."), $config{rcs}));
+                               $times_noted=1;
+                       }
+
+                       eval {
+                               my $ctime=rcs_getctime($file);
+                               if ($ctime > 0) {
+                                       $pagectime{$page}=$ctime;
+                               }
+                       };
+                       if ($@) {
+                               print STDERR $@;
+                       }
+                       my $mtime;
+                       eval {
+                               $mtime=rcs_getmtime($file);
+                       };
+                       if ($@) {
+                               print STDERR $@;
+                       }
+                       elsif ($mtime > 0) {
+                               utime($mtime, $mtime, "$config{srcdir}/$file");
+                       }
+               }
+
                if (exists $pagesources{$page} && $pagesources{$page} ne $file) {
                        # the page has changed its type
                        $forcerebuild{$page}=1;
                if (exists $pagesources{$page} && $pagesources{$page} ne $file) {
                        # the page has changed its type
                        $forcerebuild{$page}=1;
@@ -356,34 +403,8 @@ sub find_new_files ($) {
                        if (isinternal($page)) {
                                push @internal_new, $file;
                        }
                        if (isinternal($page)) {
                                push @internal_new, $file;
                        }
-                       elsif ($config{rcs}) {
+                       else {
                                push @new, $file;
                                push @new, $file;
-                               if ($config{gettime} && -e "$config{srcdir}/$file") {
-                                       if (! $times_noted) {
-                                               debug(sprintf(gettext("querying %s for file creation and modification times.."), $config{rcs}));
-                                               $times_noted=1;
-                                       }
-
-                                       eval {
-                                               my $ctime=rcs_getctime("$config{srcdir}/$file");
-                                               if ($ctime > 0) {
-                                                       $pagectime{$page}=$ctime;
-                                               }
-                                       };
-                                       if ($@) {
-                                               print STDERR $@;
-                                       }
-                                       my $mtime;
-                                       eval {
-                                               $mtime=rcs_getmtime("$config{srcdir}/$file");
-                                       };
-                                       if ($@) {
-                                               print STDERR $@;
-                                       }
-                                       elsif ($mtime > 0) {
-                                               utime($mtime, $mtime, "$config{srcdir}/$file");
-                                       }
-                               }
                        }
                        $pagecase{lc $page}=$page;
                        if (! exists $pagectime{$page}) {
                        }
                        $pagecase{lc $page}=$page;
                        if (! exists $pagectime{$page}) {
@@ -400,7 +421,7 @@ sub find_del_files ($) {
        my @del;
        my @internal_del;
 
        my @del;
        my @internal_del;
 
-       foreach my $page (keys %pagemtime) {
+       foreach my $page (keys %pagesources) {
                if (! $pages->{$page}) {
                        if (isinternal($page)) {
                                push @internal_del, $pagesources{$page};
                if (! $pages->{$page}) {
                        if (isinternal($page)) {
                                push @internal_del, $pagesources{$page};
@@ -436,6 +457,7 @@ sub remove_del (@) {
                }
        
                delete $pagecase{lc $page};
                }
        
                delete $pagecase{lc $page};
+               $delpagesources{$page}=$pagesources{$page};
                delete $pagesources{$page};
        }
 }
                delete $pagesources{$page};
        }
 }
@@ -582,13 +604,23 @@ sub render_dependent ($$$$$$$) {
        
        my %lc_changed = map { lc(pagename($_)) => 1 } @changed;
        my %lc_exists_changed = map { lc(pagename($_)) => 1 } @exists_changed;
        
        my %lc_changed = map { lc(pagename($_)) => 1 } @changed;
        my %lc_exists_changed = map { lc(pagename($_)) => 1 } @exists_changed;
+
+       foreach my $p ("templates/page.tmpl", keys %{$depends_simple{""}}) {
+               if ($rendered{$p} || grep { $_ eq $p } @$del) {
+                       foreach my $f (@$files) {
+                               next if $rendered{$f};
+                               render($f, sprintf(gettext("building %s, which depends on %s"), $f, $p));
+                       }
+                       return 0;
+               }
+       }
         
        foreach my $f (@$files) {
                next if $rendered{$f};
                my $p=pagename($f);
                my $reason = undef;
         
        foreach my $f (@$files) {
                next if $rendered{$f};
                my $p=pagename($f);
                my $reason = undef;
-       
-               if (exists $depends_simple{$p}) {
+
+               if (exists $depends_simple{$p} && ! defined $reason) {
                        foreach my $d (keys %{$depends_simple{$p}}) {
                                if (($depends_simple{$p}{$d} & $IkiWiki::DEPEND_CONTENT &&
                                     $lc_changed{$d})
                        foreach my $d (keys %{$depends_simple{$p}}) {
                                if (($depends_simple{$p}{$d} & $IkiWiki::DEPEND_CONTENT &&
                                     $lc_changed{$d})
@@ -613,7 +645,7 @@ sub render_dependent ($$$$$$$) {
                                # only consider internal files
                                # if the page explicitly depends
                                # on such files
                                # only consider internal files
                                # if the page explicitly depends
                                # on such files
-                               my $internal_dep=$dep =~ /internal\(/;
+                               my $internal_dep=$dep =~ /(?:internal|comment|comment_pending)\(/;
 
                                my $in=sub {
                                        my $list=shift;
 
                                my $in=sub {
                                        my $list=shift;
@@ -761,7 +793,7 @@ sub refresh () {
        foreach my $file (@$new, @$del) {
                render_linkers($file);
        }
        foreach my $file (@$new, @$del) {
                render_linkers($file);
        }
-       
+
        if (@$changed || @$internal_changed ||
            @$del || @$internal_del || @$internal_new) {
                1 while render_dependent($files, $new, $internal_new,
        if (@$changed || @$internal_changed ||
            @$del || @$internal_del || @$internal_new) {
                1 while render_dependent($files, $new, $internal_new,
@@ -772,8 +804,8 @@ sub refresh () {
        render_backlinks($backlinkchanged);
        remove_unrendered();
 
        render_backlinks($backlinkchanged);
        remove_unrendered();
 
-       if (@$del) {
-               run_hooks(delete => sub { shift->(@$del) });
+       if (@$del || @$internal_del) {
+               run_hooks(delete => sub { shift->(@$del, @$internal_del) });
        }
        if (%rendered) {
                run_hooks(change => sub { shift->(keys %rendered) });
        }
        if (%rendered) {
                run_hooks(change => sub { shift->(keys %rendered) });