]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/attachment.pm
emails in wikilinks are always email addresses
[git.ikiwiki.info.git] / IkiWiki / Plugin / attachment.pm
index 4af9ac92bc2caf5b0c52002d83602dc46d1657ad..4d6dee23e75a2fe4e1f76889b53b19e68483c001 100644 (file)
@@ -212,22 +212,28 @@ sub attachment_store {
        $filename=IkiWiki::basename($filename);
        $filename=~s/.*\\+(.+)/$1/; # hello, windows
        $filename=IkiWiki::possibly_foolish_untaint(linkpage($filename));
        $filename=IkiWiki::basename($filename);
        $filename=~s/.*\\+(.+)/$1/; # hello, windows
        $filename=IkiWiki::possibly_foolish_untaint(linkpage($filename));
+       my $dest=attachment_holding_location($form->field('page'));
        
        # Check that the user is allowed to edit the attachment.
        my $final_filename=
                linkpage(IkiWiki::possibly_foolish_untaint(
                        attachment_location($form->field('page')))).
                $filename;
        
        # Check that the user is allowed to edit the attachment.
        my $final_filename=
                linkpage(IkiWiki::possibly_foolish_untaint(
                        attachment_location($form->field('page')))).
                $filename;
-       if (IkiWiki::file_pruned($final_filename)) {
-               error(gettext("bad attachment filename"));
+       eval {
+               if (IkiWiki::file_pruned($final_filename)) {
+                       error(gettext("bad attachment filename"));
+               }
+               IkiWiki::check_canedit($final_filename, $q, $session);
+               # And that the attachment itself is acceptable.
+               check_canattach($session, $final_filename, $tempfile);
+       };
+       if ($@) {
+               json_response($q, $form, $dest."/".$filename, $@);
+               error $@;
        }
        }
-       IkiWiki::check_canedit($final_filename, $q, $session);
-       # And that the attachment itself is acceptable.
-       check_canattach($session, $final_filename, $tempfile);
 
        # Move the attachment into holding directory.
        # Try to use a fast rename; fall back to copying.
 
        # Move the attachment into holding directory.
        # Try to use a fast rename; fall back to copying.
-       my $dest=attachment_holding_location($form->field('page'));
        IkiWiki::prep_writefile($filename, $dest);
        unlink($dest."/".$filename);
        if (rename($tempfile, $dest."/".$filename)) {
        IkiWiki::prep_writefile($filename, $dest);
        unlink($dest."/".$filename);
        if (rename($tempfile, $dest."/".$filename)) {
@@ -253,24 +259,7 @@ sub attachment_store {
                });
        }
 
                });
        }
 
-       # Return JSON response for the jquery file upload widget.
-       if ($q->Accept("application/json") >= 1.0 &&
-           grep { /application\/json/i } $q->Accept) {
-               eval q{use JSON};
-               error $@ if $@;
-               print "Content-type: application/json\n\n";
-               my $size=-s $dest."/".$filename;
-               print to_json([
-                       {
-                               name => $filename,
-                               size => $size,
-                               humansize => IkiWiki::Plugin::filecheck::humansize($size),
-                               stored_msg => stored_msg(),
-                               
-                       }
-               ]);
-               exit 0;
-       }
+       json_response($q, $form, $dest."/".$filename, stored_msg());
 }
 
 # Save all stored attachments for a page.
 }
 
 # Save all stored attachments for a page.
@@ -371,4 +360,29 @@ sub stored_msg {
        gettext("just uploaded");
 }
 
        gettext("just uploaded");
 }
 
+sub json_response ($$$$) {
+       my $q=shift;
+       my $form=shift;
+       my $filename=shift;
+       my $stored_msg=shift;
+
+       if (! defined $form->submitted ||
+           $form->submitted ne "Upload Attachment") {
+               eval q{use JSON};
+               error $@ if $@;
+               print "Content-type: text/html\n\n";
+               my $size=-s $filename;
+               print to_json([
+                       {
+                               name => IkiWiki::basename($filename),
+                               size => $size,
+                               humansize => IkiWiki::Plugin::filecheck::humansize($size),
+                               stored_msg => $stored_msg,
+                               
+                       }
+               ]);
+               exit 0;
+       }
+}
+
 1
 1