X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/7c388ceeb1233d2dec6c69299fdbf060ba6a0c09..325d5c791fc50dc3868b2f1938d052d39b676248:/ikiwiki diff --git a/ikiwiki b/ikiwiki index 9e22d1dbc..aec52ca86 100755 --- a/ikiwiki +++ b/ikiwiki @@ -1,77 +1,123 @@ #!/usr/bin/perl -T +eval 'exec /usr/bin/perl -T -S $0 ${1+"$@"}' + if 0; # not running under some shell +$ENV{PATH}="/usr/local/bin:/usr/bin:/bin"; + use warnings; use strict; -use File::Find; use Memoize; use File::Spec; - -$ENV{PATH}="/usr/local/bin:/usr/bin:/bin"; - -BEGIN { - $blosxom::version="is a proper perl module too much to ask?"; - do "/usr/bin/markdown"; +use HTML::Template; +use Getopt::Long; + +my (%links, %oldlinks, %oldpagemtime, %renderedfiles, %pagesources); + +# Holds global config settings, also used by some modules. +our %config=( #{{{ + wiki_file_prune_regexp => qr{((^|/).svn/|\.\.|^\.|\/\.|\.html?$)}, + wiki_link_regexp => qr/\[\[([^\s\]]+)\]\]/, + wiki_file_regexp => qr/(^[-A-Za-z0-9_.:\/+]+$)/, + verbose => 0, + wikiname => "wiki", + default_pageext => ".mdwn", + cgi => 0, + svn => 1, + url => '', + cgiurl => '', + historyurl => '', + diffurl => '', + anonok => 0, + rebuild => 0, + wrapper => undef, + wrappermode => undef, + srcdir => undef, + destdir => undef, + templatedir => undef, + setup => undef, + adminuser => undef, +); #}}} + +GetOptions( #{{{ + "setup=s" => \$config{setup}, + "wikiname=s" => \$config{wikiname}, + "verbose|v!" => \$config{verbose}, + "rebuild!" => \$config{rebuild}, + "wrapper=s" => sub { $config{wrapper}=$_[1] ? $_[1] : "ikiwiki-wrap" }, + "wrappermode=i" => \$config{wrappermode}, + "svn!" => \$config{svn}, + "anonok!" => \$config{anonok}, + "cgi!" => \$config{cgi}, + "url=s" => \$config{url}, + "cgiurl=s" => \$config{cgiurl}, + "historyurl=s" => \$config{historyurl}, + "diffurl=s" => \$config{diffurl}, + "exclude=s@" => sub { + $config{wiki_file_prune_regexp}=qr/$config{wiki_file_prune_regexp}|$_[1]/; + }, + "adminuser=s@" => sub { push @{$config{adminuser}}, $_[1] }, +) || usage(); + +if (! $config{setup}) { + usage() unless @ARGV == 3; + $config{srcdir} = possibly_foolish_untaint(shift); + $config{templatedir} = possibly_foolish_untaint(shift); + $config{destdir} = possibly_foolish_untaint(shift); + if ($config{cgi} && ! length $config{url}) { + error("Must specify url to wiki with --url when using --cgi"); + } } +#}}} -my ($srcdir, $destdir, %links, %oldlinks, %oldpagemtime, %renderedfiles, - %pagesources); -my $wiki_link_regexp=qr/\[\[([^\s]+)\]\]/; -my $wiki_file_regexp=qr/(^[-A-Za-z0-9_.:\/+]+$)/; -my $wiki_file_prune_regexp=qr!((^|/).svn/|\.\.|^\.|\/\.|\.html?$)!; -my $verbose=0; -my $wikiname="wiki"; -my $default_pagetype=".mdwn"; -my $cgi=0; -my $url=""; -my $cgiurl=""; -my $svn=1; - -sub usage { - die "usage: ikiwiki [options] source dest\n"; -} +sub usage { #{{{ + die "usage: ikiwiki [options] source templates dest\n"; +} #}}} -sub error ($) { - if ($cgi) { +sub error { #{{{ + if ($config{cgi}) { print "Content-type: text/html\n\n"; - print "Error: @_\n"; - exit 1; + print misctemplate("Error", "

Error: @_

"); + } + die @_; +} #}}} + +sub debug ($) { #{{{ + return unless $config{verbose}; + if (! $config{cgi}) { + print "@_\n"; } else { - die @_; + print STDERR "@_\n"; } -} - -sub debug ($) { - print "@_\n" if $verbose; -} +} #}}} -sub mtime ($) { +sub mtime ($) { #{{{ my $page=shift; return (stat($page))[9]; -} +} #}}} -sub possibly_foolish_untaint ($) { +sub possibly_foolish_untaint { #{{{ my $tainted=shift; my ($untainted)=$tainted=~/(.*)/; return $untainted; -} +} #}}} -sub basename { +sub basename ($) { #{{{ my $file=shift; $file=~s!.*/!!; return $file; -} +} #}}} -sub dirname { +sub dirname ($) { #{{{ my $file=shift; $file=~s!/?[^/]+$!!; return $file; -} +} #}}} -sub pagetype ($) { +sub pagetype ($) { #{{{ my $page=shift; if ($page =~ /\.mdwn$/) { @@ -80,24 +126,24 @@ sub pagetype ($) { else { return "unknown"; } -} +} #}}} -sub pagename ($) { +sub pagename ($) { #{{{ my $file=shift; my $type=pagetype($file); my $page=$file; $page=~s/\Q$type\E*$// unless $type eq 'unknown'; return $page; -} +} #}}} -sub htmlpage ($) { +sub htmlpage ($) { #{{{ my $page=shift; return $page.".html"; -} +} #}}} -sub readfile ($) { +sub readfile ($) { #{{{ my $file=shift; local $/=undef; @@ -105,9 +151,9 @@ sub readfile ($) { my $ret=; close IN; return $ret; -} +} #}}} -sub writefile ($$) { +sub writefile ($$) { #{{{ my $file=shift; my $content=shift; @@ -125,23 +171,27 @@ sub writefile ($$) { open (OUT, ">$file") || error("failed to write $file: $!"); print OUT $content; close OUT; -} +} #}}} -sub findlinks { +sub findlinks ($$) { #{{{ my $content=shift; + my $page=shift; my @links; - while ($content =~ /$wiki_link_regexp/g) { + while ($content =~ /(??$link" + return "?$link" } $bestlink=File::Spec->abs2rel($bestlink, dirname($page)); - if (isinlinableimage($bestlink)) { + if (! $noimageinline && isinlinableimage($bestlink)) { return ""; } return "$link"; -} +} #}}} -sub linkify ($$) { +sub linkify ($$) { #{{{ my $content=shift; - my $file=shift; + my $page=shift; - $content =~ s/$wiki_link_regexp/htmllink(pagename($file), $1)/eg; + $content =~ s{(\\?)$config{wiki_link_regexp}}{ + $1 ? "[[$2]]" : htmllink($page, $2) + }eg; return $content; -} +} #}}} -sub htmlize ($$) { +sub htmlize ($$) { #{{{ my $type=shift; my $content=shift; + if (! $INC{"/usr/bin/markdown"}) { + no warnings 'once'; + $blosxom::version="is a proper perl module too much to ask?"; + use warnings 'all'; + do "/usr/bin/markdown"; + } + if ($type eq '.mdwn') { return Markdown::Markdown($content); } else { error("htmlization of $type not supported"); } -} +} #}}} -sub linkbacks ($$) { - my $content=shift; +sub backlinks ($) { #{{{ my $page=shift; my @links; @@ -234,79 +300,143 @@ sub linkbacks ($$) { $p_trimmed=~s/^\Q$dir\E// && $page_trimmed=~s/^\Q$dir\E//; - push @links, "$p_trimmed"; + push @links, { url => $href, page => $p_trimmed }; } } - $content.="

Links: ".join(" ", sort @links)."

\n" if @links; - return $content; -} - -sub finalize ($$) { - my $content=shift; + return sort { $a->{page} cmp $b->{page} } @links; +} #}}} + +sub parentlinks ($) { #{{{ my $page=shift; - - my $title=basename($page); - $title=~s/_/ /g; + my @ret; my $pagelink=""; my $path=""; + my $skip=1; foreach my $dir (reverse split("/", $page)) { - if (length($pagelink)) { - $pagelink="$dir/ $pagelink"; + if (! $skip) { + $path.="../"; + unshift @ret, { url => "$path$dir.html", page => $dir }; } else { - $pagelink=$dir; + $skip=0; } - $path.="../"; } - $path=~s/\.\.\/$/index.html/; - $pagelink="$wikiname/ $pagelink"; + unshift @ret, { url => length $path ? $path : ".", page => $config{wikiname} }; + return @ret; +} #}}} + +sub indexlink () { #{{{ + return "$config{wikiname}"; +} #}}} + +sub finalize ($$$) { #{{{ + my $content=shift; + my $page=shift; + my $mtime=shift; + + my $title=basename($page); + $title=~s/_/ /g; + + my $template=HTML::Template->new(blind_cache => 1, + filename => "$config{templatedir}/page.tmpl"); - my @actions; - if (length $cgiurl) { - push @actions, "Edit"; - push @actions, "RecentChanges"; + if (length $config{cgiurl}) { + $template->param(editurl => "$config{cgiurl}?do=edit&page=$page"); + $template->param(prefsurl => "$config{cgiurl}?do=prefs"); + if ($config{svn}) { + $template->param(recentchangesurl => "$config{cgiurl}?do=recentchanges"); + } + } + + if (length $config{historyurl}) { + my $u=$config{historyurl}; + $u=~s/\[\[file\]\]/$pagesources{$page}/g; + $template->param(historyurl => $u); } - $content="\n$title\n\n". - "

$pagelink

\n". - "@actions\n
\n". - $content. - "\n\n"; + $template->param( + title => $title, + wikiname => $config{wikiname}, + parentlinks => [parentlinks($page)], + content => $content, + backlinks => [backlinks($page)], + discussionlink => htmllink($page, "Discussion", 1, 1), + mtime => scalar(gmtime($mtime)), + ); - return $content; -} + return $template->output; +} #}}} + +sub check_overwrite ($$) { #{{{ + # Important security check. Make sure to call this before saving + # any files to the source directory. + my $dest=shift; + my $src=shift; + + if (! exists $renderedfiles{$src} && -e $dest && ! $config{rebuild}) { + error("$dest already exists and was rendered from ". + join(" ",(grep { $renderedfiles{$_} eq $dest } keys + %renderedfiles)). + ", before, so not rendering from $src"); + } +} #}}} -sub render ($) { +sub render ($) { #{{{ my $file=shift; my $type=pagetype($file); - my $content=readfile("$srcdir/$file"); + my $content=readfile("$config{srcdir}/$file"); if ($type ne 'unknown') { my $page=pagename($file); - $links{$page}=[findlinks($content)]; + $links{$page}=[findlinks($content, $page)]; - $content=linkify($content, $file); + $content=linkify($content, $page); $content=htmlize($type, $content); - $content=linkbacks($content, $page); - $content=finalize($content, $page); + $content=finalize($content, $page, + mtime("$config{srcdir}/$file")); - writefile("$destdir/".htmlpage($page), $content); + check_overwrite("$config{destdir}/".htmlpage($page), $page); + writefile("$config{destdir}/".htmlpage($page), $content); $oldpagemtime{$page}=time; $renderedfiles{$page}=htmlpage($page); } else { $links{$file}=[]; - writefile("$destdir/$file", $content); + check_overwrite("$config{destdir}/$file", $file); + writefile("$config{destdir}/$file", $content); $oldpagemtime{$file}=time; $renderedfiles{$file}=$file; } -} +} #}}} + +sub lockwiki () { #{{{ + # Take an exclusive lock on the wiki to prevent multiple concurrent + # run issues. The lock will be dropped on program exit. + if (! -d "$config{srcdir}/.ikiwiki") { + mkdir("$config{srcdir}/.ikiwiki"); + } + open(WIKILOCK, ">$config{srcdir}/.ikiwiki/lockfile") || error ("cannot write to lockfile: $!"); + if (! flock(WIKILOCK, 2 | 4)) { + debug("wiki seems to be locked, waiting for lock"); + my $wait=600; # arbitrary, but don't hang forever to + # prevent process pileup + for (1..600) { + return if flock(WIKILOCK, 2 | 4); + sleep 1; + } + error("wiki is locked; waited $wait seconds without lock being freed (possible stuck process or stale lock?)"); + } +} #}}} + +sub unlockwiki () { #{{{ + close WIKILOCK; +} #}}} -sub loadindex () { - open (IN, "$srcdir/.index") || return; +sub loadindex () { #{{{ + open (IN, "$config{srcdir}/.ikiwiki/index") || return; while () { $_=possibly_foolish_untaint($_); chomp; @@ -319,48 +449,182 @@ sub loadindex () { $renderedfiles{$page}=$rendered; } close IN; -} +} #}}} -sub saveindex () { - open (OUT, ">$srcdir/.index") || error("cannot write to .index: $!"); +sub saveindex () { #{{{ + if (! -d "$config{srcdir}/.ikiwiki") { + mkdir("$config{srcdir}/.ikiwiki"); + } + open (OUT, ">$config{srcdir}/.ikiwiki/index") || error("cannot write to index: $!"); foreach my $page (keys %oldpagemtime) { - print OUT "$oldpagemtime{$page} $pagesources{$page} $renderedfiles{$page} ". - join(" ", @{$links{$page}})."\n" - if $oldpagemtime{$page}; + print OUT "$oldpagemtime{$page} $pagesources{$page} $renderedfiles{$page} ". + join(" ", @{$links{$page}})."\n" + if $oldpagemtime{$page}; } close OUT; -} +} #}}} -sub rcs_update () { - if (-d "$srcdir/.svn") { - if (system("svn", "update", "--quiet", $srcdir) != 0) { +sub rcs_update () { #{{{ + if (-d "$config{srcdir}/.svn") { + if (system("svn", "update", "--quiet", $config{srcdir}) != 0) { warn("svn update failed\n"); } } -} +} #}}} -sub rcs_commit ($) { +sub rcs_prepedit ($) { #{{{ + # Prepares to edit a file under revision control. Returns a token + # that must be passed into rcs_commit when the file is ready + # for committing. + # The file is relative to the srcdir. + my $file=shift; + + if (-d "$config{srcdir}/.svn") { + # For subversion, return the revision of the file when + # editing begins. + my $rev=svn_info("Revision", "$config{srcdir}/$file"); + return defined $rev ? $rev : ""; + } +} #}}} + +sub rcs_commit ($$$) { #{{{ + # Tries to commit the page; returns undef on _success_ and + # a version of the page with the rcs's conflict markers on failure. + # The file is relative to the srcdir. + my $file=shift; my $message=shift; + my $rcstoken=shift; + + if (-d "$config{srcdir}/.svn") { + # Check to see if the page has been changed by someone + # else since rcs_prepedit was called. + my ($oldrev)=$rcstoken=~/^([0-9]+)$/; # untaint + my $rev=svn_info("Revision", "$config{srcdir}/$file"); + if (defined $rev && defined $oldrev && $rev != $oldrev) { + # Merge their changes into the file that we've + # changed. + chdir($config{srcdir}); # svn merge wants to be here + if (system("svn", "merge", "--quiet", "-r$oldrev:$rev", + "$config{srcdir}/$file") != 0) { + warn("svn merge -r$oldrev:$rev failed\n"); + } + } - if (-d "$srcdir/.svn") { if (system("svn", "commit", "--quiet", "-m", - possibly_foolish_untaint($message), $srcdir) != 0) { - warn("svn commit failed\n"); + possibly_foolish_untaint($message), + "$config{srcdir}") != 0) { + my $conflict=readfile("$config{srcdir}/$file"); + if (system("svn", "revert", "--quiet", "$config{srcdir}/$file") != 0) { + warn("svn revert failed\n"); + } + return $conflict; } } -} + return undef # success +} #}}} -sub rcs_ad ($) { +sub rcs_add ($) { #{{{ + # filename is relative to the root of the srcdir my $file=shift; - if (-d "$srcdir/.svn") { - if (system("svn", "add", "--quiet", $file) != 0) { + if (-d "$config{srcdir}/.svn") { + my $parent=dirname($file); + while (! -d "$config{srcdir}/$parent/.svn") { + $file=$parent; + $parent=dirname($file); + } + + if (system("svn", "add", "--quiet", "$config{srcdir}/$file") != 0) { warn("svn add failed\n"); } } -} +} #}}} + +sub svn_info ($$) { #{{{ + my $field=shift; + my $file=shift; + + my $info=`LANG=C svn info $file`; + my ($ret)=$info=~/^$field: (.*)$/m; + return $ret; +} #}}} + +sub rcs_recentchanges ($) { #{{{ + my $num=shift; + my @ret; + + eval q{use CGI 'escapeHTML'}; + eval q{use Date::Parse}; + eval q{use Time::Duration}; + + if (-d "$config{srcdir}/.svn") { + my $svn_url=svn_info("URL", $config{srcdir}); + + # FIXME: currently assumes that the wiki is somewhere + # under trunk in svn, doesn't support other layouts. + my ($svn_base)=$svn_url=~m!(/trunk(?:/.*)?)$!; + + my $div=qr/^--------------------+$/; + my $infoline=qr/^r(\d+)\s+\|\s+([^\s]+)\s+\|\s+(\d+-\d+-\d+\s+\d+:\d+:\d+\s+[-+]?\d+).*/; + my $state='start'; + my ($rev, $user, $when, @pages, @message); + foreach (`LANG=C svn log --limit $num -v '$svn_url'`) { + chomp; + if ($state eq 'start' && /$div/) { + $state='header'; + } + elsif ($state eq 'header' && /$infoline/) { + $rev=$1; + $user=$2; + $when=concise(ago(time - str2time($3))); + } + elsif ($state eq 'header' && /^\s+[A-Z]\s+\Q$svn_base\E\/([^ ]+)(?:$|\s)/) { + my $file=$1; + my $diffurl=$config{diffurl}; + $diffurl=~s/\[\[file\]\]/$file/g; + $diffurl=~s/\[\[r1\]\]/$rev - 1/eg; + $diffurl=~s/\[\[r2\]\]/$rev/g; + push @pages, { + link => htmllink("", pagename($file), 1), + diffurl => $diffurl, + } if length $file; + } + elsif ($state eq 'header' && /^$/) { + $state='body'; + } + elsif ($state eq 'body' && /$div/) { + my $committype="web"; + if (defined $message[0] && + $message[0]->{line}=~/^web commit by (\w+):?(.*)/) { + $user="$1"; + $message[0]->{line}=$2; + } + else { + $committype="svn"; + } + + push @ret, { rev => $rev, + user => htmllink("", $user, 1), + committype => $committype, + when => $when, message => [@message], + pages => [@pages], + } if @pages; + return @ret if @ret >= $num; + + $state='header'; + $rev=$user=$when=undef; + @pages=@message=(); + } + elsif ($state eq 'body') { + push @message, {line => escapeHTML($_)}, + } + } + } -sub prune ($) { + return @ret; +} #}}} + +sub prune ($) { #{{{ my $file=shift; unlink($file); @@ -368,31 +632,34 @@ sub prune ($) { while (rmdir($dir)) { $dir=dirname($dir); } -} +} #}}} -sub refresh () { - # Find existing pages. +sub refresh () { #{{{ + # find existing pages my %exists; my @files; + eval q{use File::Find}; find({ no_chdir => 1, wanted => sub { - if (/$wiki_file_prune_regexp/) { + if (/$config{wiki_file_prune_regexp}/) { + no warnings 'once'; $File::Find::prune=1; + use warnings "all"; } - elsif (! -d $_) { - my ($f)=/$wiki_file_regexp/; # untaint + elsif (! -d $_ && ! -l $_) { + my ($f)=/$config{wiki_file_regexp}/; # untaint if (! defined $f) { warn("skipping bad filename $_\n"); } else { - $f=~s/^\Q$srcdir\E\/?//; + $f=~s/^\Q$config{srcdir}\E\/?//; push @files, $f; $exists{pagename($f)}=1; } } }, - }, $srcdir); + }, $config{srcdir}); my %rendered; @@ -411,8 +678,8 @@ sub refresh () { foreach my $page (keys %oldpagemtime) { if (! $exists{$page}) { debug("removing old page $page"); - push @del, $renderedfiles{$page}; - prune($destdir."/".$renderedfiles{$page}); + push @del, $pagesources{$page}; + prune($config{destdir}."/".$renderedfiles{$page}); delete $renderedfiles{$page}; $oldpagemtime{$page}=0; delete $pagesources{$page}; @@ -424,7 +691,7 @@ sub refresh () { my $page=pagename($file); if (! exists $oldpagemtime{$page} || - mtime("$srcdir/$file") > $oldpagemtime{$page}) { + mtime("$config{srcdir}/$file") > $oldpagemtime{$page}) { debug("rendering changed file $file"); render($file); $rendered{$file}=1; @@ -453,18 +720,17 @@ FILE: foreach my $file (@files) { } } - # handle linkbacks; if a page has added/removed links, update the + # handle backlinks; if a page has added/removed links, update the # pages it links to # TODO: inefficient; pages may get rendered above and again here; - # problem is the linkbacks could be wrong in the first pass render + # problem is the backlinks could be wrong in the first pass render # above if (%rendered) { my %linkchanged; foreach my $file (keys %rendered, @del) { my $page=pagename($file); if (exists $links{$page}) { - foreach my $link (@{$links{$page}}) { - $link=bestlink($page, $link); + foreach my $link (map { bestlink($page, $_) } @{$links{$page}}) { if (length $link && ! exists $oldlinks{$page} || ! grep { $_ eq $link } @{$oldlinks{$page}}) { @@ -473,8 +739,7 @@ FILE: foreach my $file (@files) { } } if (exists $oldlinks{$page}) { - foreach my $link (@{$oldlinks{$page}}) { - $link=bestlink($page, $link); + foreach my $link (map { bestlink($page, $_) } @{$oldlinks{$page}}) { if (length $link && ! exists $links{$page} || ! grep { $_ eq $link } @{$links{$page}}) { @@ -486,33 +751,39 @@ FILE: foreach my $file (@files) { foreach my $link (keys %linkchanged) { my $linkfile=$pagesources{$link}; if (defined $linkfile) { - debug("rendering $linkfile, to update its linkbacks"); + debug("rendering $linkfile, to update its backlinks"); render($linkfile); } } } -} - -# Generates a C wrapper program for running ikiwiki in a specific way. -# The wrapper may be safely made suid. -sub gen_wrapper ($$) { - my ($svn, $rebuild)=@_; +} #}}} - eval {use Cwd 'abs_path'}; - $srcdir=abs_path($srcdir); - $destdir=abs_path($destdir); +sub gen_wrapper (@) { #{{{ + my %config=(@_); + eval q{use Cwd 'abs_path'}; + $config{srcdir}=abs_path($config{srcdir}); + $config{destdir}=abs_path($config{destdir}); my $this=abs_path($0); if (! -x $this) { error("$this doesn't seem to be executable"); } - my @params=($srcdir, $destdir, "--wikiname=$wikiname"); - push @params, "--verbose" if $verbose; - push @params, "--rebuild" if $rebuild; - push @params, "--nosvn" if !$svn; - push @params, "--cgi" if $cgi; - push @params, "--url=$url" if $url; - push @params, "--cgiurl=$cgiurl" if $cgiurl; + if ($config{setup}) { + error("cannot create a wrapper that uses a setup file"); + } + + my @params=($config{srcdir}, $config{templatedir}, $config{destdir}, + "--wikiname=$config{wikiname}"); + push @params, "--verbose" if $config{verbose}; + push @params, "--rebuild" if $config{rebuild}; + push @params, "--nosvn" if !$config{svn}; + push @params, "--cgi" if $config{cgi}; + push @params, "--url=$config{url}" if length $config{url}; + push @params, "--cgiurl=$config{cgiurl}" if length $config{cgiurl}; + push @params, "--historyurl=$config{historyurl}" if length $config{historyurl}; + push @params, "--diffurl=$config{diffurl}" if length $config{diffurl}; + push @params, "--anonok" if $config{anonok}; + push @params, "--adminuser=$_" foreach @{$config{adminuser}}; my $params=join(" ", @params); my $call=''; foreach my $p ($this, $this, @params) { @@ -522,7 +793,8 @@ sub gen_wrapper ($$) { my @envsave; push @envsave, qw{REMOTE_ADDR QUERY_STRING REQUEST_METHOD REQUEST_URI - CONTENT_TYPE CONTENT_LENGTH GATEWAY_INTERFACE} if $cgi; + CONTENT_TYPE CONTENT_LENGTH GATEWAY_INTERFACE + HTTP_COOKIE} if $config{cgi}; my $envsave=""; foreach my $var (@envsave) { $envsave.=<<"EOF" @@ -563,173 +835,644 @@ $envsave } EOF close OUT; - if (system("gcc", "ikiwiki-wrap.c", "-o", "ikiwiki-wrap") != 0) { + if (system("gcc", "ikiwiki-wrap.c", "-o", possibly_foolish_untaint($config{wrapper})) != 0) { error("failed to compile ikiwiki-wrap.c"); } unlink("ikiwiki-wrap.c"); - print "successfully generated ikiwiki-wrap\n"; - exit 0; -} + if (defined $config{wrappermode} && + ! chmod(oct($config{wrappermode}), possibly_foolish_untaint($config{wrapper}))) { + error("chmod $config{wrapper}: $!"); + } + print "successfully generated $config{wrapper}\n"; +} #}}} + +sub misctemplate ($$) { #{{{ + my $title=shift; + my $pagebody=shift; + + my $template=HTML::Template->new( + filename => "$config{templatedir}/misc.tmpl" + ); + $template->param( + title => $title, + indexlink => indexlink(), + wikiname => $config{wikiname}, + pagebody => $pagebody, + ); + return $template->output; +}#}}} + +sub cgi_recentchanges ($) { #{{{ + my $q=shift; + + my $template=HTML::Template->new( + filename => "$config{templatedir}/recentchanges.tmpl" + ); + $template->param( + title => "RecentChanges", + indexlink => indexlink(), + wikiname => $config{wikiname}, + changelog => [rcs_recentchanges(100)], + ); + print $q->header, $template->output; +} #}}} + +sub userinfo_get ($$) { #{{{ + my $user=shift; + my $field=shift; + + eval q{use Storable}; + my $userdata=eval{ Storable::lock_retrieve("$config{srcdir}/.ikiwiki/userdb") }; + if (! defined $userdata || ! ref $userdata || + ! exists $userdata->{$user} || ! ref $userdata->{$user} || + ! exists $userdata->{$user}->{$field}) { + return ""; + } + return $userdata->{$user}->{$field}; +} #}}} -sub cgi () { - eval q{use CGI}; - my $q=CGI->new; +sub userinfo_set ($$$) { #{{{ + my $user=shift; + my $field=shift; + my $value=shift; + + eval q{use Storable}; + my $userdata=eval{ Storable::lock_retrieve("$config{srcdir}/.ikiwiki/userdb") }; + if (! defined $userdata || ! ref $userdata || + ! exists $userdata->{$user} || ! ref $userdata->{$user}) { + return ""; + } + + $userdata->{$user}->{$field}=$value; + my $oldmask=umask(077); + my $ret=Storable::lock_store($userdata, "$config{srcdir}/.ikiwiki/userdb"); + umask($oldmask); + return $ret; +} #}}} - my $do=$q->param('do'); - if (! defined $do || ! length $do) { - error("\"do\" parameter missing"); +sub userinfo_setall ($$) { #{{{ + my $user=shift; + my $info=shift; + + eval q{use Storable}; + my $userdata=eval{ Storable::lock_retrieve("$config{srcdir}/.ikiwiki/userdb") }; + if (! defined $userdata || ! ref $userdata) { + $userdata={}; + } + $userdata->{$user}=$info; + my $oldmask=umask(077); + my $ret=Storable::lock_store($userdata, "$config{srcdir}/.ikiwiki/userdb"); + umask($oldmask); + return $ret; +} #}}} + +sub cgi_signin ($$) { #{{{ + my $q=shift; + my $session=shift; + + eval q{use CGI::FormBuilder}; + my $form = CGI::FormBuilder->new( + title => "signin", + fields => [qw(do page from name password confirm_password email)], + header => 1, + method => 'POST', + validate => { + confirm_password => { + perl => q{eq $form->field("password")}, + }, + email => 'EMAIL', + }, + required => 'NONE', + javascript => 0, + params => $q, + action => $q->request_uri, + header => 0, + template => (-e "$config{templatedir}/signin.tmpl" ? + "$config{templatedir}/signin.tmpl" : "") + ); + + $form->field(name => "name", required => 0); + $form->field(name => "do", type => "hidden"); + $form->field(name => "page", type => "hidden"); + $form->field(name => "from", type => "hidden"); + $form->field(name => "password", type => "password", required => 0); + $form->field(name => "confirm_password", type => "password", required => 0); + $form->field(name => "email", required => 0); + if ($q->param("do") ne "signin") { + $form->text("You need to log in first."); + } + + if ($form->submitted) { + # Set required fields based on how form was submitted. + my %required=( + "Login" => [qw(name password)], + "Register" => [qw(name password confirm_password email)], + "Mail Password" => [qw(name)], + ); + foreach my $opt (@{$required{$form->submitted}}) { + $form->field(name => $opt, required => 1); + } + + # Validate password differently depending on how + # form was submitted. + if ($form->submitted eq 'Login') { + $form->field( + name => "password", + validate => sub { + length $form->field("name") && + shift eq userinfo_get($form->field("name"), 'password'); + }, + ); + $form->field(name => "name", validate => '/^\w+$/'); + } + else { + $form->field(name => "password", validate => 'VALUE'); + } + # And make sure the entered name exists when logging + # in or sending email, and does not when registering. + if ($form->submitted eq 'Register') { + $form->field( + name => "name", + validate => sub { + my $name=shift; + length $name && + ! userinfo_get($name, "regdate"); + }, + ); + } + else { + $form->field( + name => "name", + validate => sub { + my $name=shift; + length $name && + userinfo_get($name, "regdate"); + }, + ); + } + } + else { + # First time settings. + $form->field(name => "name", comment => "use FirstnameLastName"); + $form->field(name => "confirm_password", comment => "(only needed"); + $form->field(name => "email", comment => "for registration)"); + if ($session->param("name")) { + $form->field(name => "name", value => $session->param("name")); + } + } + + if ($form->submitted && $form->validate) { + if ($form->submitted eq 'Login') { + $session->param("name", $form->field("name")); + if (defined $form->field("do") && + $form->field("do") ne 'signin') { + print $q->redirect( + "$config{cgiurl}?do=".$form->field("do"). + "&page=".$form->field("page"). + "&from=".$form->field("from"));; + } + else { + print $q->redirect($config{url}); + } + } + elsif ($form->submitted eq 'Register') { + my $user_name=$form->field('name'); + if (userinfo_setall($user_name, { + 'email' => $form->field('email'), + 'password' => $form->field('password'), + 'regdate' => time + })) { + $form->field(name => "confirm_password", type => "hidden"); + $form->field(name => "email", type => "hidden"); + $form->text("Registration successful. Now you can Login."); + print $session->header(); + print misctemplate($form->title, $form->render(submit => ["Login"])); + } + else { + error("Error saving registration."); + } + } + elsif ($form->submitted eq 'Mail Password') { + my $user_name=$form->field("name"); + my $template=HTML::Template->new( + filename => "$config{templatedir}/passwordmail.tmpl" + ); + $template->param( + user_name => $user_name, + user_password => userinfo_get($user_name, "password"), + wikiurl => $config{url}, + wikiname => $config{wikiname}, + REMOTE_ADDR => $ENV{REMOTE_ADDR}, + ); + + eval q{use Mail::Sendmail}; + my ($fromhost) = $config{cgiurl} =~ m!/([^/]+)!; + sendmail( + To => userinfo_get($user_name, "email"), + From => "$config{wikiname} admin <".(getpwuid($>))[0]."@".$fromhost.">", + Subject => "$config{wikiname} information", + Message => $template->output, + ) or error("Failed to send mail"); + + $form->text("Your password has been emailed to you."); + $form->field(name => "name", required => 0); + print $session->header(); + print misctemplate($form->title, $form->render(submit => ["Login", "Register", "Mail Password"])); + } + } + else { + print $session->header(); + print misctemplate($form->title, $form->render(submit => ["Login", "Register", "Mail Password"])); + } +} #}}} + +sub is_admin ($) { #{{{ + my $user_name=shift; + + return grep { $_ eq $user_name } @{$config{adminuser}}; +} #}}} + +sub glob_match ($$) { #{{{ + my $page=shift; + my $glob=shift; + + # turn glob into safe regexp + $glob=quotemeta($glob); + $glob=~s/\\\*/.*/g; + $glob=~s/\\\?/./g; + $glob=~s!\\/!/!g; + + $page=~/^$glob$/i; +} #}}} + +sub globlist_match ($$) { #{{{ + my $page=shift; + my @globlist=split(" ", shift); + + # check any negated globs first + foreach my $glob (@globlist) { + return 0 if $glob=~/^!(.*)/ && glob_match($page, $1); + } + + foreach my $glob (@globlist) { + return 1 if glob_match($page, $glob); + } + + return 0; +} #}}} + +sub page_locked ($$;$) { #{{{ + my $page=shift; + my $session=shift; + my $nonfatal=shift; + + my $user=$session->param("name"); + return if length $user && is_admin($user); + + foreach my $admin (@{$config{adminuser}}) { + my $locked_pages=userinfo_get($admin, "locked_pages"); + if (globlist_match($page, userinfo_get($admin, "locked_pages"))) { + return 1 if $nonfatal; + error(htmllink("", $page, 1)." is locked by ". + htmllink("", $admin, 1)." and cannot be edited."); + } + } +} #}}} + +sub cgi_prefs ($$) { #{{{ + my $q=shift; + my $session=shift; + + eval q{use CGI::FormBuilder}; + my $form = CGI::FormBuilder->new( + title => "preferences", + fields => [qw(do name password confirm_password email locked_pages)], + header => 0, + method => 'POST', + validate => { + confirm_password => { + perl => q{eq $form->field("password")}, + }, + email => 'EMAIL', + }, + required => 'NONE', + javascript => 0, + params => $q, + action => $q->request_uri, + template => (-e "$config{templatedir}/prefs.tmpl" ? + "$config{templatedir}/prefs.tmpl" : "") + ); + my @buttons=("Save Preferences", "Logout", "Cancel"); + + my $user_name=$session->param("name"); + $form->field(name => "do", type => "hidden"); + $form->field(name => "name", disabled => 1, + value => $user_name, force => 1); + $form->field(name => "password", type => "password"); + $form->field(name => "confirm_password", type => "password"); + $form->field(name => "locked_pages", size => 50, + comment => "(".htmllink("", "GlobList", 1).")"); + + if (! is_admin($user_name)) { + $form->field(name => "locked_pages", type => "hidden"); + } + + if (! $form->submitted) { + $form->field(name => "email", force => 1, + value => userinfo_get($user_name, "email")); + $form->field(name => "locked_pages", force => 1, + value => userinfo_get($user_name, "locked_pages")); + } + + if ($form->submitted eq 'Logout') { + $session->delete(); + print $q->redirect($config{url}); + return; + } + elsif ($form->submitted eq 'Cancel') { + print $q->redirect($config{url}); + return; } + elsif ($form->submitted eq "Save Preferences" && $form->validate) { + foreach my $field (qw(password email locked_pages)) { + if (length $form->field($field)) { + userinfo_set($user_name, $field, $form->field($field)) || error("failed to set $field"); + } + } + $form->text("Preferences saved."); + } + + print $session->header(); + print misctemplate($form->title, $form->render(submit => \@buttons)); +} #}}} + +sub cgi_editpage ($$) { #{{{ + my $q=shift; + my $session=shift; + + eval q{use CGI::FormBuilder}; + my $form = CGI::FormBuilder->new( + fields => [qw(do rcsinfo from page content comments)], + header => 1, + method => 'POST', + validate => { + content => '/.+/', + }, + required => [qw{content}], + javascript => 0, + params => $q, + action => $q->request_uri, + table => 0, + template => "$config{templatedir}/editpage.tmpl" + ); + my @buttons=("Save Page", "Preview", "Cancel"); - my ($page)=$q->param('page')=~/$wiki_file_regexp/; + my ($page)=$form->param('page')=~/$config{wiki_file_regexp}/; if (! defined $page || ! length $page || $page ne $q->param('page') || - $page=~/$wiki_file_prune_regexp/ || $page=~/^\//) { + $page=~/$config{wiki_file_prune_regexp}/ || $page=~/^\//) { error("bad page name"); } $page=lc($page); - my $action=$q->request_uri; - $action=~s/\?.*//; + my $file=$page.$config{default_pageext}; + my $newfile=1; + if (exists $pagesources{lc($page)}) { + $file=$pagesources{lc($page)}; + $newfile=0; + } + + $form->field(name => "do", type => 'hidden'); + $form->field(name => "from", type => 'hidden'); + $form->field(name => "rcsinfo", type => 'hidden'); + $form->field(name => "page", value => "$page", force => 1); + $form->field(name => "comments", type => "text", size => 80); + $form->field(name => "content", type => "textarea", rows => 20, + cols => 80); + $form->tmpl_param("can_commit", $config{svn}); + $form->tmpl_param("indexlink", indexlink()); + $form->tmpl_param("helponformattinglink", + htmllink("", "HelpOnFormatting", 1)); + if (! $form->submitted) { + $form->field(name => "rcsinfo", value => rcs_prepedit($file), + force => 1); + } - if ($do eq 'create') { - if (exists $pagesources{lc($page)}) { - # hmm, someone else made the page in the meantime? - print $q->redirect("$url/".htmlpage($page)); - } + if ($form->submitted eq "Cancel") { + print $q->redirect("$config{url}/".htmlpage($page)); + return; + } + elsif ($form->submitted eq "Preview") { + $form->tmpl_param("page_preview", + htmlize($config{default_pageext}, + linkify($form->field('content'), $page))); + } + else { + $form->tmpl_param("page_preview", ""); + } + $form->tmpl_param("page_conflict", ""); + + if (! $form->submitted || $form->submitted eq "Preview" || + ! $form->validate) { + if ($form->field("do") eq "create") { + if (exists $pagesources{lc($page)}) { + # hmm, someone else made the page in the + # meantime? + print $q->redirect("$config{url}/".htmlpage($page)); + return; + } + + my @page_locs; + my $best_loc; + my ($from)=$form->param('from')=~/$config{wiki_file_regexp}/; + if (! defined $from || ! length $from || + $from ne $form->param('from') || + $from=~/$config{wiki_file_prune_regexp}/ || $from=~/^\//) { + @page_locs=$best_loc=$page; + } + else { + my $dir=$from."/"; + $dir=~s![^/]+/$!!; + + if ($page eq 'discussion') { + $best_loc="$from/$page"; + } + else { + $best_loc=$dir.$page; + } + + push @page_locs, $dir.$page; + push @page_locs, "$from/$page"; + while (length $dir) { + $dir=~s![^/]+/$!!; + push @page_locs, $dir.$page; + } - my @page_locs; - my ($from)=$q->param('from')=~/$wiki_file_regexp/; - if (! defined $from || ! length $from || - $from ne $q->param('from') || - $from=~/$wiki_file_prune_regexp/ || $from=~/^\//) { - @page_locs=$page; + @page_locs = grep { + ! exists $pagesources{lc($_)} && + ! page_locked($_, $session, 1) + } @page_locs; + } + + $form->tmpl_param("page_select", 1); + $form->field(name => "page", type => 'select', + options => \@page_locs, value => $best_loc); + $form->title("creating $page"); } - else { - my $dir=$from."/"; - $dir=~s/[^/]+\/$//; - push @page_locs, $dir.$page; - push @page_locs, "$from/$page"; - while (length $dir) { - $dir=~s/[^/]+\/$//; - push @page_locs, $dir.$page; + elsif ($form->field("do") eq "edit") { + page_locked($page, $session); + if (! defined $form->field('content') || + ! length $form->field('content')) { + my $content=""; + if (exists $pagesources{lc($page)}) { + $content=readfile("$config{srcdir}/$pagesources{lc($page)}"); + $content=~s/\n/\r\n/g; + } + $form->field(name => "content", value => $content, + force => 1); } + $form->tmpl_param("page_select", 0); + $form->field(name => "page", type => 'hidden'); + $form->title("editing $page"); } - $q->param("do", "save"); - print $q->header, - $q->start_html("$wikiname: Creating $page"), - $q->h1("$wikiname: Creating $page"), - $q->start_form(-action => $action), - $q->hidden('do'), - "Select page location:", - $q->popup_menu('page', \@page_locs), - $q->textarea(-name => 'content', - -default => "", - -rows => 20, - -columns => 80), - $q->br, - "Optional comment about this change:", - $q->br, - $q->textfield(-name => "comments", -size => 80), - $q->br, - $q->submit("Save Page"), - $q->end_form, - $q->end_html; - } - elsif ($do eq 'edit') { - my $content=""; - if (exists $pagesources{lc($page)}) { - $content=readfile("$srcdir/$pagesources{lc($page)}"); - $content=~s/\n/\r\n/g; - } - $q->param("do", "save"); - print $q->header, - $q->start_html("$wikiname: Editing $page"), - $q->h1("$wikiname: Editing $page"), - $q->start_form(-action => $action), - $q->hidden('do'), - $q->hidden('page'), - $q->textarea(-name => 'content', - -default => $content, - -rows => 20, - -columns => 80), - $q->br, - "Optional comment about this change:", - $q->br, - $q->textfield(-name => "comments", -size => 80), - $q->br, - $q->submit("Save Page"), - $q->end_form, - $q->end_html; - } - elsif ($do eq 'save') { - my $file=$page.$default_pagetype; - my $newfile=1; - if (exists $pagesources{lc($page)}) { - $file=$pagesources{lc($page)}; - $newfile=0; - } + print $form->render(submit => \@buttons); + } + else { + # save page + page_locked($page, $session); - my $content=$q->param('content'); + my $content=$form->field('content'); $content=~s/\r\n/\n/g; $content=~s/\r/\n/g; - writefile("$srcdir/$file", $content); + writefile("$config{srcdir}/$file", $content); - my $message="web commit from $ENV{REMOTE_ADDR}"; - if (defined $q->param('comments')) { - $message.=": ".$q->param('comments'); + my $message="web commit "; + if (length $session->param("name")) { + $message.="by ".$session->param("name"); + } + else { + $message.="from $ENV{REMOTE_ADDR}"; + } + if (defined $form->field('comments') && + length $form->field('comments')) { + $message.=": ".$form->field('comments'); } - if ($svn) { + if ($config{svn}) { if ($newfile) { rcs_add($file); } + # prevent deadlock with post-commit hook + unlockwiki(); # presumably the commit will trigger an update # of the wiki - rcs_commit($message); + my $conflict=rcs_commit($file, $message, + $form->field("rcsinfo")); + + if (defined $conflict) { + $form->field(name => "rcsinfo", value => rcs_prepedit($file), + force => 1); + $form->tmpl_param("page_conflict", 1); + $form->field("content", value => $conflict, force => 1); + $form->field("do", "edit)"); + $form->tmpl_param("page_select", 0); + $form->field(name => "page", type => 'hidden'); + $form->title("editing $page"); + print $form->render(submit => \@buttons); + return; + } } else { + loadindex(); refresh(); + saveindex(); } - print $q->redirect("$url/".htmlpage($page)); + # The trailing question mark tries to avoid broken + # caches and get the most recent version of the page. + print $q->redirect("$config{url}/".htmlpage($page)."?updated"); + } +} #}}} + +sub cgi () { #{{{ + eval q{use CGI}; + eval q{use CGI::Session}; + + my $q=CGI->new; + + my $do=$q->param('do'); + if (! defined $do || ! length $do) { + error("\"do\" parameter missing"); + } + + # This does not need a session. + if ($do eq 'recentchanges') { + cgi_recentchanges($q); + return; + } + + CGI::Session->name("ikiwiki_session"); + + my $oldmask=umask(077); + my $session = CGI::Session->new("driver:db_file", $q, + { FileName => "$config{srcdir}/.ikiwiki/sessions.db" }); + umask($oldmask); + + # Everything below this point needs the user to be signed in. + if ((! $config{anonok} && ! defined $session->param("name") || + ! defined $session->param("name") || + ! userinfo_get($session->param("name"), "regdate")) || $do eq 'signin') { + cgi_signin($q, $session); + + # Force session flush with safe umask. + my $oldmask=umask(077); + $session->flush; + umask($oldmask); + + return; + } + + if ($do eq 'create' || $do eq 'edit') { + cgi_editpage($q, $session); + } + elsif ($do eq 'prefs') { + cgi_prefs($q, $session); } else { error("unknown do parameter"); } -} +} #}}} -my $rebuild=0; -my $wrapper=0; -if (grep /^-/, @ARGV) { - eval {use Getopt::Long}; - GetOptions( - "wikiname=s" => \$wikiname, - "verbose|v" => \$verbose, - "rebuild" => \$rebuild, - "wrapper" => \$wrapper, - "svn!" => \$svn, - "cgi" => \$cgi, - "url=s" => \$url, - "cgiurl=s" => \$cgiurl, - ) || usage(); -} -usage() unless @ARGV == 2; -($srcdir) = possibly_foolish_untaint(shift); -($destdir) = possibly_foolish_untaint(shift); +sub setup () { # {{{ + my $setup=possibly_foolish_untaint($config{setup}); + delete $config{setup}; + open (IN, $setup) || error("read $setup: $!\n"); + local $/=undef; + my $code=; + ($code)=$code=~/(.*)/s; + close IN; -if ($cgi && ! length $url) { - error("Must specify url to wiki with --url when using --cgi"); + eval $code; + error($@) if $@; + exit; +} #}}} + +# main {{{ +setup() if $config{setup}; +lockwiki(); +if ($config{wrapper}) { + gen_wrapper(%config); + exit; } - -gen_wrapper($svn, $rebuild) if $wrapper; memoize('pagename'); memoize('bestlink'); -loadindex() unless $rebuild; -if ($cgi) { +loadindex() unless $config{rebuild}; +if ($config{cgi}) { cgi(); } else { - rcs_update() if $svn; + rcs_update() if $config{svn}; refresh(); saveindex(); } +#}}}