X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/18b1c7f01256ec7761263fb699aa51ae9d92bc0b..bb7877707ef730c7fdab01509ac6a9cc9eb252d1:/IkiWiki/Plugin/editpage.pm?ds=sidebyside
diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm
index 794548c6d..670eedfd9 100644
--- a/IkiWiki/Plugin/editpage.pm
+++ b/IkiWiki/Plugin/editpage.pm
@@ -6,19 +6,20 @@ use strict;
use IkiWiki;
use open qw{:utf8 :std};
-sub import { #{{{
+sub import {
hook(type => "getsetup", id => "editpage", call => \&getsetup);
hook(type => "refresh", id => "editpage", call => \&refresh);
hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage);
-} # }}}
+}
-sub getsetup () { #{{{
+sub getsetup () {
return
plugin => {
safe => 1,
rebuild => 1,
+ section => "core",
},
-} #}}}
+}
sub refresh () {
if (exists $wikistate{editpage} && exists $wikistate{editpage}{previews}) {
@@ -51,37 +52,10 @@ sub refresh () {
# Back to ikiwiki namespace for the rest, this code is very much
# internal to ikiwiki even though it's separated into a plugin,
-# and other plugins use the functions below.
+# and other plugins use the function below.
package IkiWiki;
-sub check_canedit ($$$;$) { #{{{
- my $page=shift;
- my $q=shift;
- my $session=shift;
- my $nonfatal=shift;
-
- my $canedit;
- run_hooks(canedit => sub {
- return if defined $canedit;
- my $ret=shift->($page, $q, $session);
- if (defined $ret) {
- if ($ret eq "") {
- $canedit=1;
- }
- elsif (ref $ret eq 'CODE') {
- $ret->() unless $nonfatal;
- $canedit=0;
- }
- elsif (defined $ret) {
- error($ret) unless $nonfatal;
- $canedit=0;
- }
- }
- });
- return $canedit;
-} #}}}
-
-sub cgi_editpage ($$) { #{{{
+sub cgi_editpage ($$) {
my $q=shift;
my $session=shift;
@@ -104,8 +78,7 @@ sub cgi_editpage ($$) { #{{{
action => $config{cgiurl},
header => 0,
table => 0,
- template => scalar template_params("editpage.tmpl"),
- wikiname => $config{wikiname},
+ template => { template("editpage.tmpl") },
);
decode_form_utf8($form);
@@ -119,10 +92,10 @@ sub cgi_editpage ($$) { #{{{
# wiki_file_regexp.
my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/;
$page=possibly_foolish_untaint($page);
- my $absolute=($page =~ s#^/+##);
+ my $absolute=($page =~ s#^/+##); # absolute name used to force location
if (! defined $page || ! length $page ||
- file_pruned($page, $config{srcdir})) {
- error("bad page name");
+ file_pruned($page)) {
+ error(gettext("bad page name"));
}
my $baseurl = urlto($page, undef, 1);
@@ -175,7 +148,6 @@ sub cgi_editpage ($$) { #{{{
$form->field(name => "editcontent", type => "textarea", rows => 20,
cols => 80);
$form->tmpl_param("can_commit", $config{rcs});
- $form->tmpl_param("indexlink", indexlink());
$form->tmpl_param("helponformattinglink",
htmllink($page, $page, "ikiwiki/formatting",
noimageinline => 1,
@@ -247,18 +219,18 @@ sub cgi_editpage ($$) { #{{{
my $best_loc;
if (! defined $from || ! length $from ||
$from ne $form->field('from') ||
- file_pruned($from, $config{srcdir}) ||
- $from=~/^\// ||
+ file_pruned($from) ||
$absolute ||
- $form->submitted eq "Preview") {
+ $form->submitted) {
@page_locs=$best_loc=$page;
}
else {
my $dir=$from."/";
$dir=~s![^/]+/+$!!;
- if ((defined $form->field('subpage') && length $form->field('subpage')) ||
- $page eq gettext('discussion')) {
+ if ((defined $form->field('subpage') &&
+ length $form->field('subpage')) ||
+ $page eq lc($config{discussionpage})) {
$best_loc="$from/$page";
}
else {
@@ -272,8 +244,9 @@ sub cgi_editpage ($$) { #{{{
push @page_locs, $dir.$page;
}
- push @page_locs, "$config{userdir}/$page"
- if length $config{userdir};
+ my $userpage=IkiWiki::userpage($page);
+ push @page_locs, $userpage
+ if ! grep { $_ eq $userpage } @page_locs;
}
@page_locs = grep {
@@ -298,15 +271,19 @@ sub cgi_editpage ($$) { #{{{
check_canedit($_, $q, $session, 1)
} @page_locs;
if (! @editable_locs) {
- # let it throw an error this time
- map { check_canedit($_, $q, $session) } @page_locs;
+ # now let it throw an error, or prompt for
+ # login
+ map { check_canedit($_, $q, $session) }
+ ($best_loc, @page_locs);
}
my @page_types;
if (exists $hooks{htmlize}) {
- @page_types=grep { !/^_/ }
- keys %{$hooks{htmlize}};
+ foreach my $key (grep { !/^_/ } keys %{$hooks{htmlize}}) {
+ push @page_types, [$key, $hooks{htmlize}{$key}{longname} || $key];
+ }
}
+ @page_types=sort @page_types;
$form->tmpl_param("page_select", 1);
$form->field(name => "page", type => 'select',
@@ -340,16 +317,7 @@ sub cgi_editpage ($$) { #{{{
else {
# save page
check_canedit($page, $q, $session);
-
- # The session id is stored on the form and checked to
- # guard against CSRF. But only if the user is logged in,
- # as anonok can allow anonymous edits.
- if (defined $session->param("name")) {
- my $sid=$q->param('sid');
- if (! defined $sid || $sid ne $session->id) {
- error(gettext("Your login session has expired."));
- }
- }
+ checksessionexpiry($q, $session, $q->param('sid'));
my $exists=-e "$config{srcdir}/$file";
@@ -378,8 +346,17 @@ sub cgi_editpage ($$) { #{{{
showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
exit;
}
+
+ my $message="";
+ if (defined $form->field('comments') &&
+ length $form->field('comments')) {
+ $message=$form->field('comments');
+ }
my $content=$form->field('editcontent');
+ check_content(content => $content, page => $page,
+ cgi => $q, session => $session,
+ subject => $message);
run_hooks(editcontent => sub {
$content=shift->(
content => $content,
@@ -413,12 +390,6 @@ sub cgi_editpage ($$) { #{{{
my $conflict;
if ($config{rcs}) {
- my $message="";
- if (defined $form->field('comments') &&
- length $form->field('comments')) {
- $message=$form->field('comments');
- }
-
if (! $exists) {
rcs_add($file);
}
@@ -462,6 +433,6 @@ sub cgi_editpage ($$) { #{{{
}
exit;
-} #}}}
+}
1