]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/inline.pm
More about security
[git.ikiwiki.info.git] / IkiWiki / Plugin / inline.pm
index 455ac3ad55f4d468c80e5234816ba599f3527a33..19dd684dda4bebd8635d18309139fec2ab4fa795 100644 (file)
@@ -119,7 +119,7 @@ sub sessioncgi ($$) {
        my $session=shift;
 
        if ($q->param('do') eq 'blog') {
-               my $page=titlepage(decode_utf8($q->param('title')));
+               my $page=titlepage(decode_utf8(scalar $q->param('title')));
                $page=~s/(\/)/"__".ord($1)."__"/eg; # don't create subdirs
                # if the page already exists, munge it to be unique
                my $from=$q->param('from');
@@ -160,16 +160,17 @@ sub preprocess_inline (@) {
                # Running in scan mode: only do the essentials
 
                if (yesno($params{trail}) && IkiWiki::Plugin::trail->can("preprocess_trailitems")) {
-                       # default to sorting age, the same as inline itself,
-                       # but let the params override that
-                       IkiWiki::Plugin::trail::preprocess_trailitems(sort => 'age', %params);
+                       # default to sorting by age with fallback to title,
+                       # the same as inline itself, but let the params
+                       # override that
+                       IkiWiki::Plugin::trail::preprocess_trailitems(sort => 'age title', %params);
                }
 
                return;
        }
 
        if (yesno($params{trail}) && IkiWiki::Plugin::trail->can("preprocess_trailitems")) {
-               scalar IkiWiki::Plugin::trail::preprocess_trailitems(sort => 'age', %params);
+               scalar IkiWiki::Plugin::trail::preprocess_trailitems(sort => 'age title', %params);
        }
 
        my $raw=yesno($params{raw});
@@ -180,11 +181,29 @@ sub preprocess_inline (@) {
        my $feeds=exists $params{feeds} ? yesno($params{feeds}) : !$quick && ! $raw;
        my $emptyfeeds=exists $params{emptyfeeds} ? yesno($params{emptyfeeds}) : 1;
        my $feedonly=yesno($params{feedonly});
-       if (! exists $params{show} && ! $archive) {
-               $params{show}=10;
+
+       # Backwards compatibility
+       if (defined $params{show} && $params{show} =~ m/^-?\d+$/) {
+               $params{limit} = $params{show};
+               delete $params{show};
+       }
+       if (defined $params{feedshow} && $params{feedshow} =~ m/^\d+$/) {
+               $params{feedlimit} = $params{feedshow};
+               delete $params{feedshow};
+       }
+
+       if (! exists $params{limit} && ! $archive) {
+               $params{limit}=10;
+       }
+       if (! exists $params{feedlimit} && exists $params{limit}) {
+               $params{feedlimit}=$params{limit};
        }
-       if (! exists $params{feedshow} && exists $params{show}) {
-               $params{feedshow}=$params{show};
+       my $title;
+       if (exists $params{title}) {
+               $title = $params{title};
+       }
+       else {
+               $title = $params{page} ne "index" ? pagetitle($params{page}) : $config{wikiname};
        }
        my $desc;
        if (exists $params{description}) {
@@ -225,11 +244,11 @@ sub preprocess_inline (@) {
        }
        else {
                my $num=0;
-               if ($params{show}) {
-                       $num=$params{show};
+               if ($params{limit}) {
+                       $num=$params{limit};
                }
-               if ($params{feedshow} && $num < $params{feedshow} && $num > 0) {
-                       $num=$params{feedshow};
+               if ($params{feedlimit} && $num < $params{feedlimit} && $num > 0) {
+                       $num=$params{feedlimit};
                }
                if ($params{skip} && $num) {
                        $num+=$params{skip};
@@ -238,7 +257,7 @@ sub preprocess_inline (@) {
                @list = pagespec_match_list($params{page}, $params{pages},
                        deptype => deptype($quick ? "presence" : "content"),
                        filter => sub { $_[0] eq $params{page} },
-                       sort => exists $params{sort} ? $params{sort} : "age",
+                       sort => exists $params{sort} ? $params{sort} : "age title",
                        reverse => yesno($params{reverse}),
                        ($num ? (num => $num) : ()),
                );
@@ -250,17 +269,17 @@ sub preprocess_inline (@) {
        
        my @feedlist;
        if ($feeds) {
-               if (exists $params{feedshow} &&
-                   $params{feedshow} && @list > $params{feedshow}) {
-                       @feedlist=@list[0..$params{feedshow} - 1];
+               if (exists $params{feedlimit} &&
+                   $params{feedlimit} && @list > $params{feedlimit}) {
+                       @feedlist=@list[0..$params{feedlimit} - 1];
                }
                else {
                        @feedlist=@list;
                }
        }
        
-       if ($params{show} && @list > $params{show}) {
-               @list=@list[0..$params{show} - 1];
+       if ($params{limit} && @list > $params{limit}) {
+               @list=@list[0..$params{limit} - 1];
        }
 
        if ($feeds && exists $params{feedpages}) {
@@ -322,8 +341,12 @@ sub preprocess_inline (@) {
 
        my $ret="";
 
-       if (length $config{cgiurl} && ! $params{preview} && (exists $params{rootpage} ||
-           (exists $params{postform} && yesno($params{postform}))) &&
+       my $postform = (exists $params{rootpage});
+       if (exists $params{postform}) {
+               $postform = yesno($params{postform});
+       }
+
+       if (length $config{cgiurl} && ! $params{preview} && $postform &&
            IkiWiki->can("cgi_editpage")) {
                # Add a blog post form, with feed buttons.
                my $formtemplate=template_depends("blogpost.tmpl", $params{page}, blind_cache => 1);
@@ -384,7 +407,9 @@ sub preprocess_inline (@) {
                                        blind_cache => 1);
                        };
                        if ($@) {
-                               error sprintf(gettext("failed to process template %s"), $params{template}.".tmpl").": $@";
+                               # gettext can clobber $@
+                               my $error = $@;
+                               error sprintf(gettext("failed to process template %s"), $params{template}.".tmpl").": $error";
                        }
                }
                my $needcontent=$raw || (!($archive && $quick) && $template->query(name => 'content'));
@@ -465,7 +490,7 @@ sub preprocess_inline (@) {
                        if (! $params{preview}) {
                                writefile($rssp, $config{destdir},
                                        genfeed("rss",
-                                               $config{url}."/".$rssp, $desc, $params{guid}, $params{page}, @feedlist));
+                                               $config{url}."/".$rssp, $title, $desc, $params{guid}, $params{page}, @feedlist));
                                $toping{$params{destpage}}=1 unless $config{rebuild};
                                $feedlinks{$params{destpage}}.=qq{<link rel="alternate" type="application/rss+xml" title="$rssdesc" href="$rssurl" />};
                        }
@@ -475,7 +500,7 @@ sub preprocess_inline (@) {
                        will_render($params{destpage}, $atomp);
                        if (! $params{preview}) {
                                writefile($atomp, $config{destdir},
-                                       genfeed("atom", $config{url}."/".$atomp, $desc, $params{guid}, $params{page}, @feedlist));
+                                       genfeed("atom", $config{url}."/".$atomp, $title, $desc, $params{guid}, $params{page}, @feedlist));
                                $toping{$params{destpage}}=1 unless $config{rebuild};
                                $feedlinks{$params{destpage}}.=qq{<link rel="alternate" type="application/atom+xml" title="$atomdesc" href="$atomurl" />};
                        }
@@ -588,7 +613,7 @@ sub absolute_urls ($$) {
                                        $v=$baseurl.$v; # anchor
                                }
                                elsif ($dv=~/^(?!\w+:)[^\/]/) {
-                                       $v=$url.$v; # relative url
+                                       $v=URI->new_abs($v, $url)->canonical; # relative url
                                }
                                elsif ($dv=~/^\//) {
                                        if (! defined $urltop) {
@@ -634,6 +659,7 @@ sub genenclosure {
 sub genfeed ($$$$$@) {
        my $feedtype=shift;
        my $feedurl=shift;
+        my $feedtitle=shift;
        my $feeddesc=shift;
        my $guid=shift;
        my $page=shift;
@@ -699,7 +725,8 @@ sub genfeed ($$$$$@) {
 
        my $template=template_depends($feedtype."page.tmpl", $page, blind_cache => 1);
        $template->param(
-               title => $page ne "index" ? pagetitle($page) : $config{wikiname},
+               wants_absolute_urls => 1,
+               title => $feedtitle,
                wikiname => $config{wikiname},
                pageurl => $url,
                content => $content,