(no commit message)

[git.ikiwiki.info.git] / IkiWiki / Plugin / editpage.pm

diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm
index 8c78e853cfc188927a4c1c225dca7a1267fdc7b4..df29bcc98d5ba95663b57a6c252fd6a2432e0627 100644 (file)
--- a/IkiWiki/Plugin/editpage.pm
+++ b/IkiWiki/Plugin/editpage.pm
@@ -91,12 +91,12 @@ sub cgi_editpage ($$) {
        # This untaint is safe because we check file_pruned and
        # wiki_file_regexp.
        my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/;
        # This untaint is safe because we check file_pruned and
        # wiki_file_regexp.
        my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/;

+       $page=possibly_foolish_untaint($page);
+       my $absolute=($page =~ s#^/+##); # absolute name used to force location

        if (! defined $page || ! length $page ||
            file_pruned($page)) {
                error(gettext("bad page name"));
        }
        if (! defined $page || ! length $page ||
            file_pruned($page)) {
                error(gettext("bad page name"));
        }

-       $page=possibly_foolish_untaint($page);
-       my $absolute=($page =~ s#^/+##); # absolute name used to force location

 
        my $baseurl = urlto($page);
 
 
        my $baseurl = urlto($page);