]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/editpage.pm
googlecalendar: Add runtime deprecation warning.
[git.ikiwiki.info.git] / IkiWiki / Plugin / editpage.pm
index e0705249709dbe17f62ee102b1e225f182e00f6e..ed994306f55251b561acf61459fcdc06fef8b994 100644 (file)
@@ -6,25 +6,55 @@ use strict;
 use IkiWiki;
 use open qw{:utf8 :std};
 
 use IkiWiki;
 use open qw{:utf8 :std};
 
-sub import { #{{{
+sub import {
        hook(type => "getsetup", id => "editpage", call => \&getsetup);
        hook(type => "getsetup", id => "editpage", call => \&getsetup);
+       hook(type => "refresh", id => "editpage", call => \&refresh);
         hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage);
         hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage);
-} # }}}
+}
 
 
-sub getsetup () { #{{{
+sub getsetup () {
        return
                plugin => {
                        safe => 1,
                        rebuild => 1,
                },
        return
                plugin => {
                        safe => 1,
                        rebuild => 1,
                },
-} #}}}
+}
+
+sub refresh () {
+       if (exists $wikistate{editpage} && exists $wikistate{editpage}{previews}) {
+               # Expire old preview files after one hour.
+               my $expire=time - (60 * 60);
+
+               my @previews;
+               foreach my $file (@{$wikistate{editpage}{previews}}) {
+                       my $mtime=(stat("$config{destdir}/$file"))[9];
+                       if (defined $mtime && $mtime <= $expire) {
+                               # Avoid deleting a preview that was later saved.
+                               my $delete=1;
+                               foreach my $page (keys %renderedfiles) {
+                                       if (grep { $_ eq $file } @{$renderedfiles{$page}}) {
+                                               $delete=0;
+                                       }
+                               }
+                               if ($delete) {
+                                       debug(sprintf(gettext("removing old preview %s"), $file));
+                                       IkiWiki::prune("$config{destdir}/$file");
+                               }
+                       }
+                       elsif (defined $mtime) {
+                               push @previews, $file;
+                       }
+               }
+               $wikistate{editpage}{previews}=\@previews;
+       }
+}
 
 # Back to ikiwiki namespace for the rest, this code is very much
 # internal to ikiwiki even though it's separated into a plugin,
 # and other plugins use the functions below.
 package IkiWiki;
 
 
 # Back to ikiwiki namespace for the rest, this code is very much
 # internal to ikiwiki even though it's separated into a plugin,
 # and other plugins use the functions below.
 package IkiWiki;
 
-sub check_canedit ($$$;$) { #{{{
+sub check_canedit ($$$;$) {
        my $page=shift;
        my $q=shift;
        my $session=shift;
        my $page=shift;
        my $q=shift;
        my $session=shift;
@@ -49,9 +79,9 @@ sub check_canedit ($$$;$) { #{{{
                }
        });
        return $canedit;
                }
        });
        return $canedit;
-} #}}}
+}
 
 
-sub cgi_editpage ($$) { #{{{
+sub cgi_editpage ($$) {
        my $q=shift;
        my $session=shift;
        
        my $q=shift;
        my $session=shift;
        
@@ -75,7 +105,6 @@ sub cgi_editpage ($$) { #{{{
                header => 0,
                table => 0,
                template => scalar template_params("editpage.tmpl"),
                header => 0,
                table => 0,
                template => scalar template_params("editpage.tmpl"),
-               wikiname => $config{wikiname},
        );
        
        decode_form_utf8($form);
        );
        
        decode_form_utf8($form);
@@ -85,13 +114,14 @@ sub cgi_editpage ($$) { #{{{
        });
        decode_form_utf8($form);
        
        });
        decode_form_utf8($form);
        
-       # This untaint is safe because we check file_pruned.
-       my $page=$form->field('page');
+       # This untaint is safe because we check file_pruned and
+       # wiki_file_regexp.
+       my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/;
        $page=possibly_foolish_untaint($page);
        my $absolute=($page =~ s#^/+##);
        if (! defined $page || ! length $page ||
            file_pruned($page, $config{srcdir})) {
        $page=possibly_foolish_untaint($page);
        my $absolute=($page =~ s#^/+##);
        if (! defined $page || ! length $page ||
            file_pruned($page, $config{srcdir})) {
-               error("bad page name");
+               error(gettext("bad page name"));
        }
 
        my $baseurl = urlto($page, undef, 1);
        }
 
        my $baseurl = urlto($page, undef, 1);
@@ -125,7 +155,7 @@ sub cgi_editpage ($$) { #{{{
                        $type=pagetype($pagesources{$from});
                }
                $type=$config{default_pageext} unless defined $type;
                        $type=pagetype($pagesources{$from});
                }
                $type=$config{default_pageext} unless defined $type;
-               $file=$page.".".$type;
+               $file=newpagefile($page, $type);
                if (! $form->submitted) {
                        $form->field(name => "rcsinfo", value => "", force => 1);
                }
                if (! $form->submitted) {
                        $form->field(name => "rcsinfo", value => "", force => 1);
                }
@@ -168,6 +198,7 @@ sub cgi_editpage ($$) { #{{{
                        # temporarily record its type
                        $pagesources{$page}=$page.".".$type;
                }
                        # temporarily record its type
                        $pagesources{$page}=$page.".".$type;
                }
+               my %wasrendered=map { $_ => 1 } @{$renderedfiles{$page}};
 
                my $content=$form->field('editcontent');
 
 
                my $content=$form->field('editcontent');
 
@@ -190,11 +221,19 @@ sub cgi_editpage ($$) { #{{{
                        );
                });
                $form->tmpl_param("page_preview", $preview);
                        );
                });
                $form->tmpl_param("page_preview", $preview);
-       
+               
                if ($new) {
                        delete $pagesources{$page};
                }
                if ($new) {
                        delete $pagesources{$page};
                }
-               # previewing may have created files on disk
+
+               # Previewing may have created files on disk.
+               # Keep a list of these to be deleted later.
+               my %previews = map { $_ => 1 } @{$wikistate{editpage}{previews}};
+               foreach my $f (@{$renderedfiles{$page}}) {
+                       $previews{$f}=1 unless $wasrendered{$f};
+               }
+               @{$wikistate{editpage}{previews}} = keys %previews;
+               $renderedfiles{$page}=[keys %wasrendered];
                saveindex();
        }
        elsif ($form->submitted eq "Save Page") {
                saveindex();
        }
        elsif ($form->submitted eq "Save Page") {
@@ -210,7 +249,7 @@ sub cgi_editpage ($$) { #{{{
                            file_pruned($from, $config{srcdir}) ||
                            $from=~/^\// || 
                            $absolute ||
                            file_pruned($from, $config{srcdir}) ||
                            $from=~/^\// || 
                            $absolute ||
-                           $form->submitted eq "Preview") {
+                           $form->submitted) {
                                @page_locs=$best_loc=$page;
                        }
                        else {
                                @page_locs=$best_loc=$page;
                        }
                        else {
@@ -300,16 +339,7 @@ sub cgi_editpage ($$) { #{{{
        else {
                # save page
                check_canedit($page, $q, $session);
        else {
                # save page
                check_canedit($page, $q, $session);
-       
-               # The session id is stored on the form and checked to
-               # guard against CSRF. But only if the user is logged in,
-               # as anonok can allow anonymous edits.
-               if (defined $session->param("name")) {
-                       my $sid=$q->param('sid');
-                       if (! defined $sid || $sid ne $session->id) {
-                               error(gettext("Your login session has expired."));
-                       }
-               }
+               checksessionexpiry($q, $session, $q->param('sid'));
 
                my $exists=-e "$config{srcdir}/$file";
 
 
                my $exists=-e "$config{srcdir}/$file";
 
@@ -422,6 +452,6 @@ sub cgi_editpage ($$) { #{{{
        }
 
        exit;
        }
 
        exit;
-} #}}}
+}
 
 1
 
 1