]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/comments.pm
projects / git.ikiwiki.info.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge remote-tracking branch 'spalax/calendar-autocreate'
[git.ikiwiki.info.git] / IkiWiki / Plugin / comments.pm
diff --git a/IkiWiki/Plugin/comments.pm b/IkiWiki/Plugin/comments.pm
index a0ca9f32e484090969fbfa605875268cd112e9d8..d7666c8526f831b4f147a1aa880e53d4ee7a1906 100644 (file)
--- a/IkiWiki/Plugin/comments.pm
+++ b/IkiWiki/Plugin/comments.pm
@@ -438,6 +438,16 @@ sub editcomment ($$) {
                        $page));
        }
 
+       # There's no UI to get here, but someone might construct the URL,
+       # leading to a comment that exists in the repository but isn't
+       # shown
+       if (!pagespec_match($page, $config{comments_pagespec},
+               location => $page)) {
+               error(sprintf(gettext(
+                       "comments on page '%s' are not allowed"),
+                       $page));
+       }
+
        if (pagespec_match($page, $config{comments_closed_pagespec},
                location => $page)) {
                error(sprintf(gettext(
@@ -458,12 +468,15 @@ sub editcomment ($$) {
                $username =~ s/"/"/g;
                $content .= " username=\"$username\"\n";
        }
+
        if (defined $session->param('nickname')) {
                my $nickname = $session->param('nickname');
                $nickname =~ s/"/"/g;
                $content .= " nickname=\"$nickname\"\n";
        }
-       elsif (defined $session->remote_addr()) {
+
+       if (!(defined $session->param('name') || defined $session->param('nickname')) &&
+               defined $session->remote_addr()) {
                $content .= " ip=\"".$session->remote_addr()."\"\n";
        }
 
@@ -494,8 +507,7 @@ sub editcomment ($$) {
                $subject = "comment ".(num_comments($page, $config{srcdir}) + 1);
        }
        $content .= " subject=\"$subject\"\n";
-
-       $content .= " date=\"" . strftime_utf8('%Y-%m-%dT%H:%M:%SZ', gmtime) . "\"\n";
+       $content .= " " . commentdate() . "\n";
 
        my $editcontent = $form->field('editcontent');
        $editcontent="" if ! defined $editcontent;
@@ -623,6 +635,10 @@ sub editcomment ($$) {
        exit;
 }
 
+sub commentdate () {
+       "date=\"" . strftime_utf8('%Y-%m-%dT%H:%M:%SZ', gmtime) . "\"";
+}
+
 sub getavatar ($) {
        my $user=shift;
        return undef unless defined $user;
@@ -999,7 +1015,7 @@ sub num_comments ($$) {
        return int @comments;
 }
 
-sub unique_comment_location ($$$$) {
+sub unique_comment_location ($$$;$) {
        my $page=shift;
        eval q{use Digest::MD5 'md5_hex'};
        error($@) if $@;
Unnamed repository; edit this file 'description' to name the repository.