X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/0f67e7d96953535e98d9ec26c30a25b8aaad782c..dcb52530910306891622bbaff9e039b52e83b0fc:/IkiWiki/Plugin/editpage.pm?ds=sidebyside diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm index bb21ed2be..480e82804 100644 --- a/IkiWiki/Plugin/editpage.pm +++ b/IkiWiki/Plugin/editpage.pm @@ -6,25 +6,55 @@ use strict; use IkiWiki; use open qw{:utf8 :std}; -sub import { #{{{ +sub import { hook(type => "getsetup", id => "editpage", call => \&getsetup); + hook(type => "refresh", id => "editpage", call => \&refresh); hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage); -} # }}} +} -sub getsetup () { #{{{ +sub getsetup () { return plugin => { safe => 1, rebuild => 1, }, -} #}}} +} + +sub refresh () { + if (exists $wikistate{editpage} && exists $wikistate{editpage}{previews}) { + # Expire old preview files after one hour. + my $expire=time - (60 * 60); + + my @previews; + foreach my $file (@{$wikistate{editpage}{previews}}) { + my $mtime=(stat("$config{destdir}/$file"))[9]; + if (defined $mtime && $mtime <= $expire) { + # Avoid deleting a preview that was later saved. + my $delete=1; + foreach my $page (keys %renderedfiles) { + if (grep { $_ eq $file } @{$renderedfiles{$page}}) { + $delete=0; + } + } + if ($delete) { + debug(sprintf(gettext("removing old preview %s"), $file)); + IkiWiki::prune("$config{destdir}/$file"); + } + } + elsif (defined $mtime) { + push @previews, $file; + } + } + $wikistate{editpage}{previews}=\@previews; + } +} # Back to ikiwiki namespace for the rest, this code is very much # internal to ikiwiki even though it's separated into a plugin, # and other plugins use the functions below. package IkiWiki; -sub check_canedit ($$$;$) { #{{{ +sub check_canedit ($$$;$) { my $page=shift; my $q=shift; my $session=shift; @@ -48,10 +78,47 @@ sub check_canedit ($$$;$) { #{{{ } } }); - return $canedit; -} #}}} + return defined $canedit ? $canedit : 1; +} + +sub check_content (@) { + my %params=@_; + + return 1 if ! exists $hooks{checkcontent}; # optimisation -sub cgi_editpage ($$) { #{{{ + if (exists $pagesources{$params{page}}) { + my @diff; + my %old=map { $_ => 1 } + split("\n", readfile(srcfile($pagesources{$params{page}}))); + foreach my $line (split("\n", $params{content})) { + push @diff, $line if ! exists $old{$_}; + } + $params{diff}=join("\n", @diff); + } + + my $ok; + run_hooks(checkcontent => sub { + return if defined $ok; + my $ret=shift->(%params); + if (defined $ret) { + if ($ret eq "") { + $ok=1; + } + elsif (ref $ret eq 'CODE') { + $ret->() unless $params{nonfatal}; + $ok=0; + } + elsif (defined $ret) { + error($ret) unless $params{nonfatal}; + $ok=0; + } + } + + }); + return defined $ok ? $ok : 1; +} + +sub cgi_editpage ($$) { my $q=shift; my $session=shift; @@ -75,7 +142,6 @@ sub cgi_editpage ($$) { #{{{ header => 0, table => 0, template => scalar template_params("editpage.tmpl"), - wikiname => $config{wikiname}, ); decode_form_utf8($form); @@ -85,17 +151,18 @@ sub cgi_editpage ($$) { #{{{ }); decode_form_utf8($form); - # This untaint is safe because we check file_pruned. - my $page=$form->field('page'); + # This untaint is safe because we check file_pruned and + # wiki_file_regexp. + my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/; $page=possibly_foolish_untaint($page); my $absolute=($page =~ s#^/+##); if (! defined $page || ! length $page || file_pruned($page, $config{srcdir})) { - error("bad page name"); + error(gettext("bad page name")); } - my $baseurl=$config{url}."/".htmlpage($page); - + my $baseurl = urlto($page, undef, 1); + my $from; if (defined $form->field('from')) { ($from)=$form->field('from')=~/$config{wiki_file_regexp}/; @@ -125,7 +192,7 @@ sub cgi_editpage ($$) { #{{{ $type=pagetype($pagesources{$from}); } $type=$config{default_pageext} unless defined $type; - $file=$page.".".$type; + $file=newpagefile($page, $type); if (! $form->submitted) { $form->field(name => "rcsinfo", value => "", force => 1); } @@ -152,13 +219,13 @@ sub cgi_editpage ($$) { #{{{ if ($form->submitted eq "Cancel") { if ($form->field("do") eq "create" && defined $from) { - redirect($q, "$config{url}/".htmlpage($from)); + redirect($q, urlto($from, undef, 1)); } elsif ($form->field("do") eq "create") { redirect($q, $config{url}); } else { - redirect($q, "$config{url}/".htmlpage($page)); + redirect($q, urlto($page, undef, 1)); } exit; } @@ -168,6 +235,7 @@ sub cgi_editpage ($$) { #{{{ # temporarily record its type $pagesources{$page}=$page.".".$type; } + my %wasrendered=map { $_ => 1 } @{$renderedfiles{$page}}; my $content=$form->field('editcontent'); @@ -190,11 +258,19 @@ sub cgi_editpage ($$) { #{{{ ); }); $form->tmpl_param("page_preview", $preview); - + if ($new) { delete $pagesources{$page}; } - # previewing may have created files on disk + + # Previewing may have created files on disk. + # Keep a list of these to be deleted later. + my %previews = map { $_ => 1 } @{$wikistate{editpage}{previews}}; + foreach my $f (@{$renderedfiles{$page}}) { + $previews{$f}=1 unless $wasrendered{$f}; + } + @{$wikistate{editpage}{previews}} = keys %previews; + $renderedfiles{$page}=[keys %wasrendered]; saveindex(); } elsif ($form->submitted eq "Save Page") { @@ -210,7 +286,7 @@ sub cgi_editpage ($$) { #{{{ file_pruned($from, $config{srcdir}) || $from=~/^\// || $absolute || - $form->submitted eq "Preview") { + $form->submitted) { @page_locs=$best_loc=$page; } else { @@ -249,7 +325,7 @@ sub cgi_editpage ($$) { #{{{ @page_locs=$page; } else { - redirect($q, "$config{url}/".htmlpage($page)); + redirect($q, urlto($page, undef, 1)); exit; } } @@ -300,16 +376,7 @@ sub cgi_editpage ($$) { #{{{ else { # save page check_canedit($page, $q, $session); - - # The session id is stored on the form and checked to - # guard against CSRF. But only if the user is logged in, - # as anonok can allow anonymous edits. - if (defined $session->param("name")) { - my $sid=$q->param('sid'); - if (! defined $sid || $sid ne $session->id) { - error(gettext("Your login session has expired.")); - } - } + checksessionexpiry($q, $session, $q->param('sid')); my $exists=-e "$config{srcdir}/$file"; @@ -338,8 +405,17 @@ sub cgi_editpage ($$) { #{{{ showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl); exit; } + + my $message=""; + if (defined $form->field('comments') && + length $form->field('comments')) { + $message=$form->field('comments'); + } my $content=$form->field('editcontent'); + check_content(content => $content, page => $page, + cgi => $q, session => $session, + subject => $message); run_hooks(editcontent => sub { $content=shift->( content => $content, @@ -373,12 +449,6 @@ sub cgi_editpage ($$) { #{{{ my $conflict; if ($config{rcs}) { - my $message=""; - if (defined $form->field('comments') && - length $form->field('comments')) { - $message=$form->field('comments'); - } - if (! $exists) { rcs_add($file); } @@ -417,11 +487,11 @@ sub cgi_editpage ($$) { #{{{ else { # The trailing question mark tries to avoid broken # caches and get the most recent version of the page. - redirect($q, "$config{url}/".htmlpage($page)."?updated"); + redirect($q, urlto($page, undef, 1)."?updated"); } } exit; -} #}}} +} 1