X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/3d4aa065d6a689a017c98e7ea8b80da0b65ae361..985b229be632126f376aaad7bd354d0d7d014464:/IkiWiki/Plugin/comments.pm diff --git a/IkiWiki/Plugin/comments.pm b/IkiWiki/Plugin/comments.pm index b57735545..b8748a1d6 100644 --- a/IkiWiki/Plugin/comments.pm +++ b/IkiWiki/Plugin/comments.pm @@ -8,105 +8,243 @@ package IkiWiki::Plugin::comments; use warnings; use strict; use IkiWiki 2.00; +use Encode; +use POSIX qw(strftime); use constant PREVIEW => "Preview"; use constant POST_COMMENT => "Post comment"; use constant CANCEL => "Cancel"; +my $postcomment; + sub import { #{{{ + hook(type => "checkconfig", id => 'comments', call => \&checkconfig); hook(type => "getsetup", id => 'comments', call => \&getsetup); - hook(type => "preprocess", id => 'comments', call => \&preprocess); + hook(type => "preprocess", id => '_comment', call => \&preprocess); hook(type => "sessioncgi", id => 'comment', call => \&sessioncgi); - hook(type => "htmlize", id => "_comment", - call => \&IkiWiki::Plugin::mdwn::htmlize); + hook(type => "htmlize", id => "_comment", call => \&htmlize); + hook(type => "pagetemplate", id => "comments", call => \&pagetemplate); + hook(type => "cgi", id => "comments", call => \&linkcgi); IkiWiki::loadplugin("inline"); - IkiWiki::loadplugin("mdwn"); -} # }}} - -sub htmlize { # {{{ - eval { use IkiWiki::Plugin::mdwn; }; - error($@) if ($@); - return IkiWiki::Plugin::mdwn::htmlize(@_) } # }}} sub getsetup () { #{{{ return plugin => { safe => 1, + rebuild => 1, + }, + # Pages where comments are shown, but new comments are not + # allowed, will show "Comments are closed". + comments_shown_pagespec => { + type => 'pagespec', + example => 'blog/*', + default => '', + description => 'PageSpec for pages where comments will be shown inline', + link => 'ikiwiki/PageSpec', + safe => 1, + rebuild => 1, + }, + comments_open_pagespec => { + type => 'pagespec', + example => 'blog/* and created_after(close_old_comments)', + default => '', + description => 'PageSpec for pages where new comments can be posted', + link => 'ikiwiki/PageSpec', + safe => 1, + rebuild => 1, + }, + comments_pagename => { + type => 'string', + example => 'comment_', + default => 'comment_', + description => 'Base name for comments, e.g. "comment_" for pages like "sandbox/comment_12"', + safe => 0, # manual page moving required rebuild => undef, }, + comments_allowdirectives => { + type => 'boolean', + default => 0, + example => 0, + description => 'Interpret directives in comments?', + safe => 1, + rebuild => 0, + }, + comments_allowauthor => { + type => 'boolean', + default => 0, + example => 0, + description => 'Allow anonymous commenters to set an author name?', + safe => 1, + rebuild => 0, + }, + comments_commit => { + type => 'boolean', + example => 1, + default => 1, + description => 'commit comments to the VCS', + # old uncommitted comments are likely to cause + # confusion if this is changed + safe => 0, + rebuild => 0, + }, } #}}} -# Somewhat based on IkiWiki::Plugin::inline blog posting support -sub preprocess (@) { #{{{ - my %params=@_; +sub htmlize { # {{{ + my %params = @_; + return $params{content}; +} # }}} - unless (length $config{cgiurl}) { - error(gettext("[[!comments plugin requires CGI enabled]]")); +# FIXME: copied verbatim from meta +sub safeurl ($) { #{{{ + my $url=shift; + if (exists $IkiWiki::Plugin::htmlscrubber::{safe_url_regexp} && + defined $IkiWiki::Plugin::htmlscrubber::safe_url_regexp) { + return $url=~/$IkiWiki::Plugin::htmlscrubber::safe_url_regexp/; } + else { + return 1; + } +} #}}} +sub preprocess { # {{{ + my %params = @_; my $page = $params{page}; - $pagestate{$page}{comments}{comments} = defined $params{closed} - ? (not IkiWiki::yesno($params{closed})) - : 1; - $pagestate{$page}{comments}{allowhtml} = IkiWiki::yesno($params{allowhtml}); - $pagestate{$page}{comments}{allowdirectives} = IkiWiki::yesno($params{allowdirectives}); - $pagestate{$page}{comments}{commit} = defined $params{commit} - ? IkiWiki::yesno($params{commit}) - : 1; - - my $formtemplate = IkiWiki::template("comments_embed.tmpl", - blind_cache => 1); - $formtemplate->param(cgiurl => $config{cgiurl}); - $formtemplate->param(page => $params{page}); - - if (not $pagestate{$page}{comments}{comments}) { - $formtemplate->param("disabled" => - gettext('comments are closed')); - } - elsif ($params{preview}) { - $formtemplate->param("disabled" => - gettext('not available during Preview')); - } - - debug("page $params{page} => destpage $params{destpage}"); - - my $posts = ''; - unless (defined $params{inline} && !IkiWiki::yesno($params{inline})) { - eval { use IkiWiki::Plugin::inline; }; - error($@) if ($@); - my @args = ( - pages => "internal($params{page}/_comment_*)", - template => "comments_display", - show => 0, - reverse => "yes", - # special stuff passed through - page => $params{page}, + + my $format = $params{format}; + if (defined $format && ! exists $IkiWiki::hooks{htmlize}{$format}) { + error(sprintf(gettext("unsupported page format %s"), $format)); + } + + my $content = $params{content}; + if (! defined $content) { + error(gettext("comment must have content")); + } + $content =~ s/\\"/"/g; + + $content = IkiWiki::filter($page, $params{destpage}, $content); + + if ($config{comments_allowdirectives}) { + $content = IkiWiki::preprocess($page, $params{destpage}, + $content); + } + + # no need to bother with htmlize if it's just HTML + $content = IkiWiki::htmlize($page, $params{destpage}, $format, + $content) if defined $format; + + IkiWiki::run_hooks(sanitize => sub { + $content = shift->( + page => $page, destpage => $params{destpage}, - preview => $params{preview}, + content => $content, ); - push @args, atom => $params{atom} if defined $params{atom}; - push @args, rss => $params{rss} if defined $params{rss}; - push @args, feeds => $params{feeds} if defined $params{feeds}; - push @args, feedshow => $params{feedshow} if defined $params{feedshow}; - push @args, timeformat => $params{timeformat} if defined $params{timeformat}; - push @args, feedonly => $params{feedonly} if defined $params{feedonly}; - $posts = "\n" . IkiWiki::preprocess_inline(@args); + }); + + # set metadata, possibly overriding [[!meta]] directives from the + # comment itself + + my $commentuser; + my $commentip; + my $commentauthor; + my $commentauthorurl; + + if (defined $params{username}) { + $commentuser = $params{username}; + ($commentauthorurl, $commentauthor) = + linkuser($params{username}); + } + else { + if (defined $params{ip}) { + $commentip = $params{ip}; + } + $commentauthor = gettext("Anonymous"); } - return $formtemplate->output . $posts; -} # }}} + $pagestate{$page}{comments}{commentuser} = $commentuser; + $pagestate{$page}{comments}{commentip} = $commentip; + $pagestate{$page}{comments}{commentauthor} = $commentauthor; + $pagestate{$page}{comments}{commentauthorurl} = $commentauthorurl; + if (! defined $pagestate{$page}{meta}{author}) { + $pagestate{$page}{meta}{author} = $commentauthor; + } + if (! defined $pagestate{$page}{meta}{authorurl}) { + $pagestate{$page}{meta}{authorurl} = $commentauthorurl; + } + + if ($config{comments_allowauthor}) { + if (defined $params{claimedauthor}) { + $pagestate{$page}{meta}{author} = $params{claimedauthor}; + } + + if (defined $params{url} and safeurl($params{url})) { + $pagestate{$page}{meta}{authorurl} = $params{url}; + } + } + else { + $pagestate{$page}{meta}{author} = $commentauthor; + $pagestate{$page}{meta}{authorurl} = $commentauthorurl; + } + + if (defined $params{subject}) { + $pagestate{$page}{meta}{title} = $params{subject}; + } + + my $baseurl = urlto($params{destpage}, undef, 1); + my $anchor = ""; + if ($params{page} =~ m/\/(\Q$config{comments_pagename}\E\d+)$/) { + $anchor = $1; + } + $pagestate{$page}{meta}{permalink} = "${baseurl}#${anchor}"; -# FIXME: logic taken from editpage, should be common code? -sub getcgiuser ($) { # {{{ - my $session = shift; - my $user = $session->param('name'); - $user = $ENV{REMOTE_ADDR} unless defined $user; - debug("getcgiuser() -> $user"); - return $user; + eval q{use Date::Parse}; + if (! $@) { + my $time = str2time($params{date}); + $IkiWiki::pagectime{$page} = $time if defined $time; + } + + # FIXME: hard-coded HTML (although it's just to set an ID) + return "
$content
" if $anchor; + return $content; } # }}} -# FIXME: logic adapted from recentchanges, should be common code? +sub checkconfig () { #{{{ + $config{comments_commit} = 1 unless defined $config{comments_commit}; + $config{comments_pagename} = 'comment_' + unless defined $config{comments_pagename}; +} #}}} + +# This is exactly the same as recentchanges_link :-( +sub linkcgi ($) { #{{{ + my $cgi=shift; + if (defined $cgi->param('do') && $cgi->param('do') eq "commenter") { + + my $page=decode_utf8($cgi->param("page")); + if (! defined $page) { + error("missing page parameter"); + } + + IkiWiki::loadindex(); + + my $link=bestlink("", $page); + if (! length $link) { + print "Content-type: text/html\n\n"; + print IkiWiki::misctemplate(gettext(gettext("missing page")), + "

". + sprintf(gettext("The page %s does not exist."), + htmllink("", "", $page)). + "

"); + } + else { + IkiWiki::redirect($cgi, urlto($link, undef, 1)); + } + + exit; + } +} + +# FIXME: basically the same logic as recentchanges +# returns (author URL, pretty-printed version) sub linkuser ($) { # {{{ my $user = shift; my $oiduser = eval { IkiWiki::openiduser($user) }; @@ -114,23 +252,15 @@ sub linkuser ($) { # {{{ if (defined $oiduser) { return ($user, $oiduser); } + # FIXME: it'd be good to avoid having such a link for anonymous + # posts else { - my $page = bestlink('', (length $config{userdir} - ? "$config{userdir}/" - : "").$user); - return (urlto($page, undef, 1), $user); - } -} # }}} - -# FIXME: taken from IkiWiki::Plugin::editpage, should be common? -sub checksessionexpiry ($$) { # {{{ - my $session = shift; - my $sid = shift; - - if (defined $session->param("name")) { - if (! defined $sid || $sid ne $session->id) { - error(gettext("Your login session has expired.")); - } + return (IkiWiki::cgiurl( + do => 'commenter', + page => (length $config{userdir} + ? "$config{userdir}/$user" + : "$user") + ), $user); } } # }}} @@ -149,10 +279,10 @@ sub sessioncgi ($$) { #{{{ my @buttons = (POST_COMMENT, PREVIEW, CANCEL); my $form = CGI::FormBuilder->new( - fields => [qw{do sid page subject body}], + fields => [qw{do sid page subject editcontent type author url}], charset => 'utf-8', method => 'POST', - required => [qw{body}], + required => [qw{editcontent}], javascript => 0, params => $cgi, action => $config{cgiurl}, @@ -170,29 +300,52 @@ sub sessioncgi ($$) { #{{{ }); IkiWiki::decode_form_utf8($form); + my $type = $form->param('type'); + if (defined $type && length $type && $IkiWiki::hooks{htmlize}{$type}) { + $type = IkiWiki::possibly_foolish_untaint($type); + } + else { + $type = $config{default_pageext}; + } + my @page_types; + if (exists $IkiWiki::hooks{htmlize}) { + @page_types = grep { ! /^_/ } keys %{$IkiWiki::hooks{htmlize}}; + } + $form->field(name => 'do', type => 'hidden'); $form->field(name => 'sid', type => 'hidden', value => $session->id, force => 1); $form->field(name => 'page', type => 'hidden'); $form->field(name => 'subject', type => 'text', size => 72); - $form->field(name => 'body', type => 'textarea', rows => 5, - cols => 80); + $form->field(name => 'editcontent', type => 'textarea', rows => 10); + $form->field(name => "type", value => $type, force => 1, + type => 'select', options => \@page_types); + + $form->tmpl_param(username => $session->param('name')); + + if ($config{comments_allowauthor} and + ! defined $session->param('name')) { + $form->tmpl_param(allowauthor => 1); + $form->field(name => 'author', type => 'text', size => '40'); + $form->field(name => 'url', type => 'text', size => '40'); + } + else { + $form->tmpl_param(allowauthor => 0); + $form->field(name => 'author', type => 'hidden', value => '', + force => 1); + $form->field(name => 'url', type => 'hidden', value => '', + force => 1); + } # The untaint is OK (as in editpage) because we're about to pass # it to file_pruned anyway my $page = $form->field('page'); $page = IkiWiki::possibly_foolish_untaint($page); - if (!defined $page || !length $page || + if (! defined $page || ! length $page || IkiWiki::file_pruned($page, $config{srcdir})) { error(gettext("bad page name")); } - my $allow_directives = $pagestate{$page}{comments}{allowdirectives}; - my $allow_html = $pagestate{$page}{comments}{allowdirectives}; - my $commit_comments = defined $pagestate{$page}{comments}{commit} - ? $pagestate{$page}{comments}{commit} - : 1; - # FIXME: is this right? Or should we be using the candidate subpage # (whatever that might mean) as the base URL? my $baseurl = urlto($page, undef, 1); @@ -204,62 +357,84 @@ sub sessioncgi ($$) { #{{{ htmllink($page, $page, 'ikiwiki/formatting', noimageinline => 1, linktext => 'FormattingHelp'), - allowhtml => $allow_html, - allowdirectives => $allow_directives); + allowdirectives => $config{allow_directives}); + + if ($form->submitted eq CANCEL) { + # bounce back to the page they wanted to comment on, and exit. + # CANCEL need not be considered in future + IkiWiki::redirect($cgi, urlto($page, undef, 1)); + exit; + } if (not exists $pagesources{$page}) { error(sprintf(gettext( "page '%s' doesn't exist, so you can't comment"), $page)); } - if (not $pagestate{$page}{comments}{comments}) { + + if (not pagespec_match($page, $config{comments_open_pagespec}, + location => $page)) { error(sprintf(gettext( - "comments are not enabled on page '%s'"), + "comments on page '%s' are closed"), $page)); } - if ($form->submitted eq CANCEL) { - # bounce back to the page they wanted to comment on, and exit. - # CANCEL need not be considered in future - IkiWiki::redirect($cgi, urlto($page, undef, 1)); - exit; + # Set a flag to indicate that we're posting a comment, + # so that postcomment() can tell it should match. + $postcomment=1; + IkiWiki::check_canedit($page, $cgi, $session); + $postcomment=0; + + # FIXME: rather a simplistic way to make the comments... + my $i = 0; + my $file; + my $location; + do { + $i++; + $location = "$page/$config{comments_pagename}$i"; + } while (-e "$config{srcdir}/$location._comment"); + + my $content = "[[!_comment format=$type\n"; + + # FIXME: handling of double quotes probably wrong? + if (defined $session->param('name')) { + my $username = $session->param('name'); + $username =~ s/"/"/g; + $content .= " username=\"$username\"\n"; + } + elsif (defined $ENV{REMOTE_ADDR}) { + my $ip = $ENV{REMOTE_ADDR}; + if ($ip =~ m/^([.0-9]+)$/) { + $content .= " ip=\"$1\"\n"; + } } - IkiWiki::check_canedit($page . "[postcomment]", $cgi, $session); - - my ($authorurl, $author) = linkuser(getcgiuser($session)); - - my $body = $form->field('body') || ''; - $body =~ s/\r\n/\n/g; - $body =~ s/\r/\n/g; - $body = "\n" if $body !~ /\n$/; - - unless ($allow_directives) { - # don't allow new-style directives at all - $body =~ s/(^|[^\\])\[\[!/$1\\[[!/g; - - # don't allow [[ unless it begins an old-style - # wikilink, if prefix_directives is off - $body =~ s/(^|[^\\])\[\[(?![^\n\s\]+]\]\])/$1\\[[!/g - unless $config{prefix_directives}; + if ($config{comments_allowauthor}) { + my $author = $form->field('author'); + if (length $author) { + $author =~ s/"/"/g; + $content .= " claimedauthor=\"$author\"\n"; + } + my $url = $form->field('url'); + if (length $url) { + $url =~ s/"/"/g; + $content .= " url=\"$url\"\n"; + } } - unless ($allow_html) { - $body =~ s/&(\w|#)/&$1/g; - $body =~ s//>/g; + my $subject = $form->field('subject'); + if (length $subject) { + $subject =~ s/"/"/g; + $content .= " subject=\"$subject\"\n"; } - # In this template, the [[!meta]] directives should stay at the end, - # so that they will override anything the user specifies. (For - # instance, [[!meta author="I can fake the author"]]...) - my $content_tmpl = template('comments_comment.tmpl'); - $content_tmpl->param(author => $author); - $content_tmpl->param(authorurl => $authorurl); - $content_tmpl->param(subject => $form->field('subject')); - $content_tmpl->param(body => $body); + $content .= " date=\"" . decode_utf8(strftime('%Y-%m-%dT%H:%M:%SZ', gmtime)) . "\"\n"; - my $content = $content_tmpl->output; + my $editcontent = $form->field('editcontent') || ''; + $editcontent =~ s/\r\n/\n/g; + $editcontent =~ s/\r/\n/g; + $editcontent =~ s/"/\\"/g; + $content .= " content=\"\"\"\n$editcontent\n\"\"\"]]\n"; # This is essentially a simplified version of editpage: # - the user does not control the page that's created, only the parent @@ -268,14 +443,11 @@ sub sessioncgi ($$) { #{{{ # - this means that if they do, rocks fall and everyone dies if ($form->submitted eq PREVIEW) { - # $fake is a location that has the same number of slashes - # as the eventual location of this comment. - my $fake = "$page/_comments_hypothetical"; - my $preview = IkiWiki::htmlize($fake, $page, 'mdwn', + my $preview = IkiWiki::htmlize($location, $page, '_comment', IkiWiki::linkify($page, $page, IkiWiki::preprocess($page, $page, - IkiWiki::filter($fake, $page, - $content), + IkiWiki::filter($location, + $page, $content), 0, 1))); IkiWiki::run_hooks(format => sub { $preview = shift->(page => $page, @@ -286,8 +458,6 @@ sub sessioncgi ($$) { #{{{ $template->param(content => $preview); $template->param(title => $form->field('subject')); $template->param(ctime => displaytime(time)); - $template->param(author => $author); - $template->param(authorurl => $authorurl); $form->tmpl_param(page_preview => $template->output); } @@ -296,33 +466,23 @@ sub sessioncgi ($$) { #{{{ } if ($form->submitted eq POST_COMMENT && $form->validate) { - # Let's get posting. We don't check_canedit here because - # that somewhat defeats the point of this plugin. - - checksessionexpiry($session, $cgi->param('sid')); + my $file = "$location._comment"; - # FIXME: check that the wiki is locked right now, because - # if it's not, there are mad race conditions! - - # FIXME: rather a simplistic way to make the comments... - my $i = 0; - my $file; - do { - $i++; - $file = "$page/_comment_${i}._comment"; - } while (-e "$config{srcdir}/$file"); + IkiWiki::checksessionexpiry($cgi, $session); # FIXME: could probably do some sort of graceful retry - # if I could be bothered + # on error? Would require significant unwinding though writefile($file, $config{srcdir}, $content); my $conflict; - if ($config{rcs} and $commit_comments) { + if ($config{rcs} and $config{comments_commit}) { my $message = gettext("Added a comment"); if (defined $form->field('subject') && length $form->field('subject')) { - $message .= ": ".$form->field('subject'); + $message = sprintf( + gettext("Added a comment: %s"), + $form->field('subject')); } IkiWiki::rcs_add($file); @@ -343,7 +503,7 @@ sub sessioncgi ($$) { #{{{ error($conflict) if defined $conflict; # Bounce back to where we were, but defeat broken caches - my $anticache = "?updated=$page/_comment_$i"; + my $anticache = "?updated=$page/$config{comments_pagename}$i"; IkiWiki::redirect($cgi, urlto($page, undef, 1).$anticache); } else { @@ -354,13 +514,84 @@ sub sessioncgi ($$) { #{{{ exit; } #}}} +sub pagetemplate (@) { #{{{ + my %params = @_; + + my $page = $params{page}; + my $template = $params{template}; + + if ($template->query(name => 'comments')) { + my $comments = undef; + + my $open = 0; + my $shown = pagespec_match($page, + $config{comments_shown_pagespec}, + location => $page); + + if (pagespec_match($page, "*/$config{comments_pagename}*", + location => $page)) { + $shown = 0; + $open = 0; + } + + if (length $config{cgiurl}) { + $open = pagespec_match($page, + $config{comments_open_pagespec}, + location => $page); + } + + if ($shown) { + $comments = IkiWiki::preprocess_inline( + pages => "internal($page/$config{comments_pagename}*)", + template => 'comments_display', + show => 0, + reverse => 'yes', + page => $page, + destpage => $params{destpage}, + feedfile => 'comments', + emptyfeeds => 'no', + ); + } + + if (defined $comments && length $comments) { + $template->param(comments => $comments); + } + + if ($open) { + my $commenturl = IkiWiki::cgiurl(do => 'comment', + page => $page); + $template->param(commenturl => $commenturl); + } + } + + if ($template->query(name => 'commentuser')) { + $template->param(commentuser => + $pagestate{$page}{comments}{commentuser}); + } + + if ($template->query(name => 'commentip')) { + $template->param(commentip => + $pagestate{$page}{comments}{commentip}); + } + + if ($template->query(name => 'commentauthor')) { + $template->param(commentauthor => + $pagestate{$page}{comments}{commentauthor}); + } + + if ($template->query(name => 'commentauthorurl')) { + $template->param(commentauthorurl => + $pagestate{$page}{comments}{commentauthorurl}); + } +} # }}} + package IkiWiki::PageSpec; sub match_postcomment ($$;@) { my $page = shift; my $glob = shift; - unless ($page =~ s/\[postcomment\]$//) { + if (! $postcomment) { return IkiWiki::FailReason->new("not posting a comment"); } return match_glob($page, $glob);