]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/template.pm
cherry-pick uri security fix
[git.ikiwiki.info.git] / IkiWiki / Plugin / template.pm
index 09570560420e649a5e1a1e3f588f146f28aa5579..416762fe1fc8153205b8dd7bec7f06090a9e22ed 100644 (file)
@@ -4,7 +4,7 @@ package IkiWiki::Plugin::template;
 
 use warnings;
 use strict;
-use IkiWiki;
+use IkiWiki 2.00;
 use HTML::Template;
 use Encode;
 
@@ -16,17 +16,16 @@ sub preprocess (@) { #{{{
        my %params=@_;
 
        if (! exists $params{id}) {
-               return "[[template missing id parameter]]"
+               return "[[template ".gettext("missing id parameter")."]]";
        }
 
        my $template_page="templates/$params{id}";
        add_depends($params{page}, $template_page);
 
        my $template_file=$pagesources{$template_page};
-       return "[[template ".
-              htmllink($params{page}, $params{destpage}, $template_page).
-              " not found]]"
-               unless defined $template_file;
+       return sprintf(gettext("template %s not found"),
+               htmllink($params{page}, $params{destpage}, $template_page))
+                       unless defined $template_file;
 
        my $template;
        eval {
@@ -43,15 +42,24 @@ sub preprocess (@) { #{{{
                );
        };
        if ($@) {
-               return "[[template failed to process: $@]]";
+               return "[[template ".gettext("failed to process:")." $@]]";
        }
 
        foreach my $param (keys %params) {
-               $template->param($param => $params{$param});
+               if ($template->query(name => $param)) {
+                       $template->param($param =>
+                               IkiWiki::htmlize($params{page},
+                                       pagetype($pagesources{$params{page}}),
+                                       $params{$param}));
+               }
+               if ($template->query(name => "raw_$param")) {
+                       $template->param("raw_$param" => $params{$param});
+               }
        }
 
        return IkiWiki::preprocess($params{page}, $params{destpage},
-               $template->output);
+               IkiWiki::filter($params{page}, $params{destpage},
+               $template->output));
 } # }}}
 
 1