my $dest=shift; # where it's going to be put, under the srcdir
my $file=shift; # the path to the attachment currently
+ # Don't allow an attachment to be uploaded with the same name as an
+ # existing page.
+ if (exists $pagesources{$dest} && $pagesources{$dest} ne $dest) {
+ error(sprintf(gettext("there is already a page named %s"), $dest));
+ }
+
# Use a special pagespec to test that the attachment is valid.
my $allowed=1;
foreach my $admin (@{$config{adminuser}}) {
}
}
if (! $allowed) {
- error(gettext("attachment rejected")." ($allowed)");
+ error(gettext("prohibited by allowed_attachments")." ($allowed)");
}
else {
return 1;
}
}
- $filename=IkiWiki::titlepage(
+ $filename=IkiWiki::linkpage(
IkiWiki::possibly_foolish_untaint(
attachment_location($form->field('page')).
IkiWiki::basename($filename)));
if (defined $params{user} && lc $params{user} eq lc $user) {
return IkiWiki::SuccessReason->new("user is $user");
}
+ elsif (! defined $params{user}) {
+ return IkiWiki::FailReason->new("not logged in");
+ }
else {
return IkiWiki::FailReason->new("user is $params{user}, not $user");
}