]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/sparkline.pm
More about security
[git.ikiwiki.info.git] / IkiWiki / Plugin / sparkline.pm
index 06036867970eb5656a3b23cc44ef4683b95e221f..e28d2605a2c1802e6afe798cab14548529d55936 100644 (file)
@@ -3,7 +3,7 @@ package IkiWiki::Plugin::sparkline;
 
 use warnings;
 use strict;
 
 use warnings;
 use strict;
-use IkiWiki;
+use IkiWiki 3.00;
 use IPC::Open2;
 
 my $match_num=qr/[-+]?[0-9]+(?:\.[0-9]+)?/;
 use IPC::Open2;
 
 my $match_num=qr/[-+]?[0-9]+(?:\.[0-9]+)?/;
@@ -14,11 +14,21 @@ my %locmap=(
        left => 'TEXT_LEFT',
 );
 
        left => 'TEXT_LEFT',
 );
 
-sub import { #{{{
+sub import {
+       hook(type => "getsetup", id => "sparkline", call => \&getsetup);
        hook(type => "preprocess", id => "sparkline", call => \&preprocess);
        hook(type => "preprocess", id => "sparkline", call => \&preprocess);
-} # }}}
-
-sub preprocess (@) { #{{{
+}
+
+sub getsetup () {
+       return
+               plugin => {
+                       safe => 1,
+                       rebuild => undef,
+                       section => "widget",
+               },
+}
+
+sub preprocess (@) {
        my %params=@_;
 
        my $php;
        my %params=@_;
 
        my $php;
@@ -60,13 +70,13 @@ sub preprocess (@) { #{{{
                        }
                }
                elsif (! length $value) {
                        }
                }
                elsif (! length $value) {
-                       return "[[sparkline ".gettext("parse error")." \"$key\"]]";
+                       error gettext("parse error")." \"$key\"";
                }
                elsif ($key eq 'featurepoint') {
                        my ($x, $y, $color, $diameter, $text, $location)=
                                split(/\s*,\s*/, $value);
                        if (! defined $diameter || $diameter < 0) {
                }
                elsif ($key eq 'featurepoint') {
                        my ($x, $y, $color, $diameter, $text, $location)=
                                split(/\s*,\s*/, $value);
                        if (! defined $diameter || $diameter < 0) {
-                               return "[[sparkline ".gettext("bad featurepoint diameter")."]]";
+                               error gettext("invalid featurepoint diameter");
                        }
                        $x=int($x);
                        $y=int($y);
                        }
                        $x=int($x);
                        $y=int($y);
@@ -76,7 +86,7 @@ sub preprocess (@) { #{{{
                        if (defined $location) {
                                $location=$locmap{$location};
                                if (! defined $location) {
                        if (defined $location) {
                                $location=$locmap{$location};
                                if (! defined $location) {
-                                       return "[[sparkline ".gettext("bad featurepoint location")."]]";
+                                       error gettext("invalid featurepoint location");
                                }
                        }
                        $php.=qq{\$sparkline->SetFeaturePoint($x, $y, '$color', $diameter};
                                }
                        }
                        $php.=qq{\$sparkline->SetFeaturePoint($x, $y, '$color', $diameter};
@@ -87,23 +97,23 @@ sub preprocess (@) { #{{{
        }
 
        if ($c eq 0) {
        }
 
        if ($c eq 0) {
-               return "[[sparkline ".gettext("missing values")."]]";
+               error gettext("missing values");
        }
 
        my $height=int($params{height} || 20);
        if ($height < 2 || $height > 100) {
        }
 
        my $height=int($params{height} || 20);
        if ($height < 2 || $height > 100) {
-               return "[[sparkline ".gettext("bad height value")."]]";
+               error gettext("invalid height value");
        }
        if ($style eq "Bar") {
                $php.=qq{\$sparkline->Render($height);\n};
        }
        else {
                if (! exists $params{width}) {
        }
        if ($style eq "Bar") {
                $php.=qq{\$sparkline->Render($height);\n};
        }
        else {
                if (! exists $params{width}) {
-                       return "[[sparkline ".gettext("missing width parameter")."]]";
+                       error gettext("missing width parameter");
                }
                my $width=int($params{width});
                if ($width < 2 || $width > 1024) {
                }
                my $width=int($params{width});
                if ($width < 2 || $width > 1024) {
-                       return "[[sparkline ".gettext("bad width value")."]]";
+                       error gettext("invalid width value");
                }
                $php.=qq{\$sparkline->RenderResampled($width, $height);\n};
        }
                }
                $php.=qq{\$sparkline->RenderResampled($width, $height);\n};
        }
@@ -112,16 +122,16 @@ sub preprocess (@) { #{{{
 
        # Use the sha1 of the php code that generates the sparkline as
        # the base for its filename.
 
        # Use the sha1 of the php code that generates the sparkline as
        # the base for its filename.
-       eval q{use Digest::SHA1};
+       eval q{use Digest::SHA};
         error($@) if $@;
        my $fn=$params{page}."/sparkline-".
         error($@) if $@;
        my $fn=$params{page}."/sparkline-".
-               IkiWiki::possibly_foolish_untaint(Digest::SHA1::sha1_hex($php)).
+               IkiWiki::possibly_foolish_untaint(Digest::SHA::sha1_hex($php)).
                ".png";
        will_render($params{page}, $fn);
 
        if (! -e "$config{destdir}/$fn") {
                my $pid;
                ".png";
        will_render($params{page}, $fn);
 
        if (! -e "$config{destdir}/$fn") {
                my $pid;
-               my $sigpipe=0;;
+               my $sigpipe=0;
                $SIG{PIPE}=sub { $sigpipe=1 };
                $pid=open2(*IN, *OUT, "php");
 
                $SIG{PIPE}=sub { $sigpipe=1 };
                $pid=open2(*IN, *OUT, "php");
 
@@ -140,15 +150,16 @@ sub preprocess (@) { #{{{
 
                waitpid $pid, 0;
                $SIG{PIPE}="DEFAULT";
 
                waitpid $pid, 0;
                $SIG{PIPE}="DEFAULT";
-               if ($sigpipe) {
-                       return  "[[sparkline ".gettext("failed to run php")."]]";
+               if ($sigpipe || ! defined $png) {
+                       error gettext("failed to run php");
                }
 
                if (! $params{preview}) {
                        writefile($fn, $config{destdir}, $png, 1);
                }
                else {
                }
 
                if (! $params{preview}) {
                        writefile($fn, $config{destdir}, $png, 1);
                }
                else {
-                       # can't write the file, so embed it in a data uri
+                       # in preview mode, embed the image in a data uri
+                       # to avoid temp file clutter
                        eval q{use MIME::Base64};
                        error($@) if $@;
                        return "<img src=\"data:image/png;base64,".
                        eval q{use MIME::Base64};
                        error($@) if $@;
                        return "<img src=\"data:image/png;base64,".
@@ -157,6 +168,6 @@ sub preprocess (@) { #{{{
        }
 
        return '<img src="'.urlto($fn, $params{destpage}).'" alt="graph" />';
        }
 
        return '<img src="'.urlto($fn, $params{destpage}).'" alt="graph" />';
-} # }}}
+}
 
 1
 
 1