X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/2ff3c8aee78114974b6930c18247f050d35f2012..68869d664b978b063c9181d024edb34a63306c33:/IkiWiki/Plugin/editpage.pm diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm index d12c6732d..480e82804 100644 --- a/IkiWiki/Plugin/editpage.pm +++ b/IkiWiki/Plugin/editpage.pm @@ -6,19 +6,19 @@ use strict; use IkiWiki; use open qw{:utf8 :std}; -sub import { #{{{ +sub import { hook(type => "getsetup", id => "editpage", call => \&getsetup); hook(type => "refresh", id => "editpage", call => \&refresh); hook(type => "sessioncgi", id => "editpage", call => \&IkiWiki::cgi_editpage); -} # }}} +} -sub getsetup () { #{{{ +sub getsetup () { return plugin => { safe => 1, rebuild => 1, }, -} #}}} +} sub refresh () { if (exists $wikistate{editpage} && exists $wikistate{editpage}{previews}) { @@ -29,8 +29,17 @@ sub refresh () { foreach my $file (@{$wikistate{editpage}{previews}}) { my $mtime=(stat("$config{destdir}/$file"))[9]; if (defined $mtime && $mtime <= $expire) { - debug(sprintf(gettext("removing old preview %s"), $file)); - IkiWiki::prune("$config{destdir}/$file"); + # Avoid deleting a preview that was later saved. + my $delete=1; + foreach my $page (keys %renderedfiles) { + if (grep { $_ eq $file } @{$renderedfiles{$page}}) { + $delete=0; + } + } + if ($delete) { + debug(sprintf(gettext("removing old preview %s"), $file)); + IkiWiki::prune("$config{destdir}/$file"); + } } elsif (defined $mtime) { push @previews, $file; @@ -45,7 +54,7 @@ sub refresh () { # and other plugins use the functions below. package IkiWiki; -sub check_canedit ($$$;$) { #{{{ +sub check_canedit ($$$;$) { my $page=shift; my $q=shift; my $session=shift; @@ -69,10 +78,47 @@ sub check_canedit ($$$;$) { #{{{ } } }); - return $canedit; -} #}}} + return defined $canedit ? $canedit : 1; +} + +sub check_content (@) { + my %params=@_; + + return 1 if ! exists $hooks{checkcontent}; # optimisation + + if (exists $pagesources{$params{page}}) { + my @diff; + my %old=map { $_ => 1 } + split("\n", readfile(srcfile($pagesources{$params{page}}))); + foreach my $line (split("\n", $params{content})) { + push @diff, $line if ! exists $old{$_}; + } + $params{diff}=join("\n", @diff); + } + + my $ok; + run_hooks(checkcontent => sub { + return if defined $ok; + my $ret=shift->(%params); + if (defined $ret) { + if ($ret eq "") { + $ok=1; + } + elsif (ref $ret eq 'CODE') { + $ret->() unless $params{nonfatal}; + $ok=0; + } + elsif (defined $ret) { + error($ret) unless $params{nonfatal}; + $ok=0; + } + } + + }); + return defined $ok ? $ok : 1; +} -sub cgi_editpage ($$) { #{{{ +sub cgi_editpage ($$) { my $q=shift; my $session=shift; @@ -96,7 +142,6 @@ sub cgi_editpage ($$) { #{{{ header => 0, table => 0, template => scalar template_params("editpage.tmpl"), - wikiname => $config{wikiname}, ); decode_form_utf8($form); @@ -113,7 +158,7 @@ sub cgi_editpage ($$) { #{{{ my $absolute=($page =~ s#^/+##); if (! defined $page || ! length $page || file_pruned($page, $config{srcdir})) { - error("bad page name"); + error(gettext("bad page name")); } my $baseurl = urlto($page, undef, 1); @@ -147,7 +192,7 @@ sub cgi_editpage ($$) { #{{{ $type=pagetype($pagesources{$from}); } $type=$config{default_pageext} unless defined $type; - $file=$page.".".$type; + $file=newpagefile($page, $type); if (! $form->submitted) { $form->field(name => "rcsinfo", value => "", force => 1); } @@ -221,10 +266,11 @@ sub cgi_editpage ($$) { #{{{ # Previewing may have created files on disk. # Keep a list of these to be deleted later. my %previews = map { $_ => 1 } @{$wikistate{editpage}{previews}}; - foreach my $file (@{$renderedfiles{$page}}) { - $previews{$file}=1 unless $wasrendered{$file}; + foreach my $f (@{$renderedfiles{$page}}) { + $previews{$f}=1 unless $wasrendered{$f}; } @{$wikistate{editpage}{previews}} = keys %previews; + $renderedfiles{$page}=[keys %wasrendered]; saveindex(); } elsif ($form->submitted eq "Save Page") { @@ -240,7 +286,7 @@ sub cgi_editpage ($$) { #{{{ file_pruned($from, $config{srcdir}) || $from=~/^\// || $absolute || - $form->submitted eq "Preview") { + $form->submitted) { @page_locs=$best_loc=$page; } else { @@ -330,16 +376,7 @@ sub cgi_editpage ($$) { #{{{ else { # save page check_canedit($page, $q, $session); - - # The session id is stored on the form and checked to - # guard against CSRF. But only if the user is logged in, - # as anonok can allow anonymous edits. - if (defined $session->param("name")) { - my $sid=$q->param('sid'); - if (! defined $sid || $sid ne $session->id) { - error(gettext("Your login session has expired.")); - } - } + checksessionexpiry($q, $session, $q->param('sid')); my $exists=-e "$config{srcdir}/$file"; @@ -368,8 +405,17 @@ sub cgi_editpage ($$) { #{{{ showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl); exit; } + + my $message=""; + if (defined $form->field('comments') && + length $form->field('comments')) { + $message=$form->field('comments'); + } my $content=$form->field('editcontent'); + check_content(content => $content, page => $page, + cgi => $q, session => $session, + subject => $message); run_hooks(editcontent => sub { $content=shift->( content => $content, @@ -403,12 +449,6 @@ sub cgi_editpage ($$) { #{{{ my $conflict; if ($config{rcs}) { - my $message=""; - if (defined $form->field('comments') && - length $form->field('comments')) { - $message=$form->field('comments'); - } - if (! $exists) { rcs_add($file); } @@ -452,6 +492,6 @@ sub cgi_editpage ($$) { #{{{ } exit; -} #}}} +} 1