]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/CGI.pm
projects / git.ikiwiki.info.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
mention prefix_directives
[git.ikiwiki.info.git] / IkiWiki / CGI.pm
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm
index 33e670eacbd7291b6cd1a30092b33f9b80e6bd93..65a1d7fa08c00c36c08cbda7ec0e82b5f323222e 100644 (file)
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -20,7 +20,7 @@ sub printheader ($) { #{{{
        }
 
 } #}}}
-       
+
 sub showform ($$$$) { #{{{
        my $form=shift;
        my $buttons=shift;
@@ -60,25 +60,27 @@ sub check_canedit ($$$;$) { #{{{
        run_hooks(canedit => sub {
                return if defined $canedit;
                my $ret=shift->($page, $q, $session);
-               if (defined $ret && $ret eq "") {
-                       $canedit=1;
-               }
-               elsif (defined $ret) {
-                       $canedit=0;
-                       error($ret) unless $nonfatal;
+               if (defined $ret) {
+                       if ($ret eq "") {
+                               $canedit=1;
+                       }
+                       elsif (ref $ret eq 'CODE') {
+                               $ret->() unless $nonfatal;
+                               $canedit=0;
+                       }
+                       elsif (defined $ret) {
+                               error($ret) unless $nonfatal;
+                               $canedit=0;
+                       }
                }
        });
        return $canedit;
 } #}}}
 
-sub decode_form_utf8 ($) { #{{{
-       my $form = shift;
-       foreach my $f ($form->field) {
-               next if Encode::is_utf8(scalar $form->field($f));
-               $form->field(name  => $f,
-                            value => decode_utf8($form->field($f)),
-                            force => 1,
-                           );
+sub decode_cgi_utf8 ($) { #{{{
+       my $cgi = shift;
+       foreach my $f ($cgi->param) {
+               $cgi->param($f, map { decode_utf8 $_ } $cgi->param($f));
        }
 } #}}}
 
@@ -137,9 +139,7 @@ sub needsignin ($$) { #{{{
 
        if (! defined $session->param("name") ||
            ! userinfo_get($session->param("name"), "regdate")) {
-               if (! defined $session->param("postsignin")) {
-                       $session->param(postsignin => $ENV{QUERY_STRING});
-               }
+               $session->param(postsignin => $ENV{QUERY_STRING});
                cgi_signin($q, $session);
                cgi_savesession($session);
                exit;
@@ -150,6 +150,7 @@ sub cgi_signin ($$) { #{{{
        my $q=shift;
        my $session=shift;
 
+       decode_cgi_utf8($q);
        eval q{use CGI::FormBuilder};
        error($@) if $@;
        my $form = CGI::FormBuilder->new(
@@ -173,8 +174,6 @@ sub cgi_signin ($$) { #{{{
        $form->field(name => "do", type => "hidden", value => "signin",
                force => 1);
        
-       decode_form_utf8($form);
-       
        run_hooks(formbuilder_setup => sub {
                shift->(form => $form, cgi => $q, session => $session,
                        buttons => $buttons);
@@ -200,9 +199,7 @@ sub cgi_postsignin ($$) { #{{{
                exit;
        }
        else {
-               # This can occur, for example, if a user went to the signin
-               # url via a bookmark.
-               redirect($q, $config{url});
+               error(gettext("login failed, perhaps you need to turn on cookies?"));
        }
 } #}}}
 
@@ -212,6 +209,7 @@ sub cgi_prefs ($$) { #{{{
 
        needsignin($q, $session);
 
+       decode_cgi_utf8($q);
        eval q{use CGI::FormBuilder};
        error($@) if $@;
        my $form = CGI::FormBuilder->new(
@@ -237,8 +235,6 @@ sub cgi_prefs ($$) { #{{{
        );
        my $buttons=["Save Preferences", "Logout", "Cancel"];
 
-       decode_form_utf8($form);
-
        run_hooks(formbuilder_setup => sub {
                shift->(form => $form, cgi => $q, session => $session,
                        buttons => $buttons);
@@ -279,7 +275,7 @@ sub cgi_prefs ($$) { #{{{
        }
        elsif ($form->submitted eq 'Save Preferences' && $form->validate) {
                foreach my $field (qw(email subscriptions)) {
-                       if (defined $form->field($field) && length $form->field($field)) {
+                       if (defined $form->field($field)) {
                                userinfo_set($user_name, $field, $form->field($field)) ||
                                        error("failed to set $field");
                        }
@@ -303,6 +299,7 @@ sub cgi_editpage ($$) { #{{{
        my @fields=qw(do rcsinfo subpage from page type editcontent comments);
        my @buttons=("Save Page", "Preview", "Cancel");
        
+       decode_cgi_utf8($q);
        eval q{use CGI::FormBuilder};
        error($@) if $@;
        my $form = CGI::FormBuilder->new(
@@ -310,9 +307,6 @@ sub cgi_editpage ($$) { #{{{
                fields => \@fields,
                charset => "utf-8",
                method => 'POST',
-               validate => {
-                       editcontent => '/.+/',
-               },
                required => [qw{editcontent}],
                javascript => 0,
                params => $q,
@@ -323,8 +317,6 @@ sub cgi_editpage ($$) { #{{{
                wikiname => $config{wikiname},
        );
        
-       decode_form_utf8($form);
-       
        run_hooks(formbuilder_setup => sub {
                shift->(form => $form, cgi => $q, session => $session,
                        buttons => \@buttons);
@@ -356,13 +348,14 @@ sub cgi_editpage ($$) { #{{{
                        $form->field(name => "rcsinfo",
                                value => rcs_prepedit($file), force => 1);
                }
+               $form->field(name => "editcontent", validate => '/.*/');
        }
        else {
                $type=$form->param('type');
                if (defined $type && length $type && $hooks{htmlize}{$type}) {
                        $type=possibly_foolish_untaint($type);
                }
-               elsif (defined $from) {
+               elsif (defined $from && exists $pagesources{$from}) {
                        # favor the type of linking page
                        $type=pagetype($pagesources{$from});
                }
@@ -371,6 +364,7 @@ sub cgi_editpage ($$) { #{{{
                if (! $form->submitted) {
                        $form->field(name => "rcsinfo", value => "", force => 1);
                }
+               $form->field(name => "editcontent", validate => '/.+/');
        }
 
        $form->field(name => "do", type => 'hidden');
@@ -718,17 +712,14 @@ sub cgi (;$$) { #{{{
                cgi_signin($q, $session);
                cgi_savesession($session);
        }
-       elsif (defined $session->param("postsignin")) {
-               cgi_postsignin($q, $session);
-       }
        elsif ($do eq 'prefs') {
                cgi_prefs($q, $session);
        }
        elsif ($do eq 'create' || $do eq 'edit') {
                cgi_editpage($q, $session);
        }
-       elsif ($do eq 'postsignin') {
-               error(gettext("login failed, perhaps you need to turn on cookies?"));
+       elsif (defined $session->param("postsignin") || $do eq 'postsignin') {
+               cgi_postsignin($q, $session);
        }
        else {
                error("unknown do parameter");
Unnamed repository; edit this file 'description' to name the repository.