X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/3e593eb9c0edd3f5cce7381ca145c0889441d719..284ddd0d0ad93cdbc2b3b751ed8eae33bd47a7a1:/IkiWiki/CGI.pm?ds=sidebyside

diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm
index e1cb83b49..a41349be5 100644
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -46,7 +46,7 @@ sub page_locked ($$;$) { #{{{
 		if (pagespec_match($page, userinfo_get($admin, "locked_pages"))) {
 			return 1 if $nonfatal;
 			error(htmllink("", "", $page, 1)." is locked by ".
-			      htmllink("", "", $admin, 1)." and cannot be edited.");
+			      userlink($admin)." and cannot be edited.");
 		}
 	}
 
@@ -77,22 +77,12 @@ sub cgi_recentchanges ($) { #{{{
 
 	eval q{use Time::Duration};
 	error($@) if $@;
-	eval q{use CGI 'escapeHTML'};
-	error($@) if $@;
 
 	my $changelog=[rcs_recentchanges(100)];
 	foreach my $change (@$changelog) {
 		$change->{when} = concise(ago($change->{when}));
 
-		if ($change->{user} =~ m!^https?://! &&
-		    eval q{use Net::OpenID::VerifiedIdentity; 1} && !$@) {
-			# Munge user-urls, as used by eg, OpenID.
-			my $oid=Net::OpenID::VerifiedIdentity->new(identity => $change->{user});
-			$change->{user} = "<a href=\"".$change->{user}."\">".escapeHTML($oid->display)."</a>";
-		}
-		else {
-			$change->{user} = htmllink("", "", escapeHTML($change->{user}), 1);
-		}
+		$change->{user} = userlink($change->{user});
 
 		my $is_excess = exists $change->{pages}[10]; # limit pages to first 10
 		delete @{$change->{pages}}[10 .. @{$change->{pages}}] if $is_excess;
@@ -178,6 +168,7 @@ sub cgi_postsignin ($$) { #{{{
 		my $postsignin=CGI->new($session->param("postsignin"));
 		$session->clear("postsignin");
 		cgi($postsignin, $session);
+		cgi_savesession($session);
 		exit;
 	}
 	else {
@@ -283,15 +274,8 @@ sub cgi_editpage ($$) { #{{{
 	my @fields=qw(do rcsinfo subpage from page type editcontent comments);
 	my @buttons=("Save Page", "Preview", "Cancel");
 	
-	eval q{use CGI::FormBuilder; use CGI::FormBuilder::Template::HTML};
+	eval q{use CGI::FormBuilder};
 	error($@) if $@;
-	my $renderer=CGI::FormBuilder::Template::HTML->new(
-		fields => \@fields,
-		template_params("editpage.tmpl"),
-	);
-	run_hooks(pagetemplate => sub {
-		shift->(page => "", destpage => "", template => $renderer->engine);
-	});
 	my $form = CGI::FormBuilder->new(
 		fields => \@fields,
 		header => 1,
@@ -305,7 +289,8 @@ sub cgi_editpage ($$) { #{{{
 		params => $q,
 		action => $config{cgiurl},
 		table => 0,
-		template => $renderer,
+		template => (-e "$config{templatedir}/editpage.tmpl" ?
+				{template_params("editpage.tmpl")} : ""),
 	);
 	
 	run_hooks(formbuilder_setup => sub {
@@ -318,8 +303,7 @@ sub cgi_editpage ($$) { #{{{
 	# characters.
 	my ($page)=$form->field('page');
 	$page=titlepage(possibly_foolish_untaint($page));
-	if (! defined $page || ! length $page ||
-	    $page=~/$config{wiki_file_prune_regexp}/ || $page=~/^\//) {
+	if (! defined $page || ! length $page || file_pruned($page, $config{srcdir}) || $page=~/^\//) {
 		error("bad page name");
 	}
 	
@@ -409,7 +393,7 @@ sub cgi_editpage ($$) { #{{{
 			my $best_loc;
 			if (! defined $from || ! length $from ||
 			    $from ne $form->field('from') ||
-			    $from=~/$config{wiki_file_prune_regexp}/ ||
+			    file_pruned($from, $config{srcdir}) ||
 			    $from=~/^\// ||
 			    $form->submitted eq "Preview") {
 				@page_locs=$best_loc=$page;
@@ -488,20 +472,13 @@ sub cgi_editpage ($$) { #{{{
 		$content=~s/\r/\n/g;
 		writefile($file, $config{srcdir}, $content);
 		
-		my $message="web commit ";
-		if (defined $session->param("name") && 
-		    length $session->param("name")) {
-			$message.="by ".$session->param("name");
-		}
-		else {
-			$message.="from $ENV{REMOTE_ADDR}";
-		}
-		if (defined $form->field('comments') &&
-		    length $form->field('comments')) {
-			$message.=": ".$form->field('comments');
-		}
-		
 		if ($config{rcs}) {
+			my $message="";
+			if (defined $form->field('comments') &&
+			    length $form->field('comments')) {
+				$message=$form->field('comments');
+			}
+			
 			if ($newfile) {
 				rcs_add($file);
 			}
@@ -510,7 +487,8 @@ sub cgi_editpage ($$) { #{{{
 			# presumably the commit will trigger an update
 			# of the wiki
 			my $conflict=rcs_commit($file, $message,
-				$form->field("rcsinfo"));
+				$form->field("rcsinfo"),
+				$session->param("name"), $ENV{REMOTE_ADDR});
 		
 			if (defined $conflict) {
 				$form->field(name => "rcsinfo", value => rcs_prepedit($file),
@@ -539,12 +517,35 @@ sub cgi_editpage ($$) { #{{{
 	}
 } #}}}
 
+sub cgi_getsession ($) { #{{{
+	my $q=shift;
+
+	eval q{use CGI::Session};
+	CGI::Session->name("ikiwiki_session_".encode_utf8($config{wikiname}));
+	
+	my $oldmask=umask(077);
+	my $session = CGI::Session->new("driver:DB_File", $q,
+		{ FileName => "$config{wikistatedir}/sessions.db" });
+	umask($oldmask);
+
+	return $session;
+} #}}}
+
+sub cgi_savesession ($) { #{{{
+	my $session=shift;
+
+	# Force session flush with safe umask.
+	my $oldmask=umask(077);
+	$session->flush;
+	umask($oldmask);
+}
+
 sub cgi (;$$) { #{{{
 	my $q=shift;
 	my $session=shift;
 
 	if (! $q) {
-		eval q{use CGI; use CGI::Session};
+		eval q{use CGI};
 		error($@) if $@;
 	
 		$q=CGI->new;
@@ -576,12 +577,7 @@ sub cgi (;$$) { #{{{
 	lockwiki();
 	
 	if (! $session) {
-		CGI::Session->name("ikiwiki_session_".encode_utf8($config{wikiname}));
-	
-		my $oldmask=umask(077);
-		$session = CGI::Session->new("driver:DB_File", $q,
-			{ FileName => "$config{wikistatedir}/sessions.db" });
-		umask($oldmask);
+		$session=cgi_getsession($q);
 	}
 	
 	# Auth hooks can sign a user in.
@@ -611,12 +607,7 @@ sub cgi (;$$) { #{{{
 			$session->param(postsignin => $ENV{QUERY_STRING});
 		}
 		cgi_signin($q, $session);
-	
-		# Force session flush with safe umask.
-		my $oldmask=umask(077);
-		$session->flush;
-		umask($oldmask);
-		
+		cgi_savesession($session);
 		return;
 	}
 	elsif (defined $session->param("postsignin")) {
@@ -627,6 +618,7 @@ sub cgi (;$$) { #{{{
 		print $q->header(-status => "403 Forbidden");
 		$session->delete();
 		print "You are banned.";
+		cgi_savesession($session);
 		exit;
 	}
 	
@@ -655,4 +647,28 @@ sub cgi (;$$) { #{{{
 	}
 } #}}}
 
+sub userlink ($) { #{{{
+	my $user=shift;
+
+	eval q{use CGI 'escapeHTML'};
+	error($@) if $@;
+	if ($user =~ m!^https?://! &&
+	    eval q{use Net::OpenID::VerifiedIdentity; 1} && !$@) {
+		# Munge user-urls, as used by eg, OpenID.
+		my $oid=Net::OpenID::VerifiedIdentity->new(identity => $user);
+		my $display=$oid->display;
+		# Convert "user.somehost.com" to "user [somehost.com]".
+		if ($display !~ /\[/) {
+			$display=~s/^(.*?)\.([^.]+\.[a-z]+)$/$1 [$2]/;
+		}
+		$display=~s!^https?://!!; # make sure this is removed
+		return "<a href=\"$user\">".escapeHTML($display)."</a>";
+	}
+	else {
+		return htmllink("", "", escapeHTML(
+			length $config{userdir} ? $config{userdir}."/".$user : $user
+		), 1);
+	}
+} #}}}
+
 1