X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/81aa58e7ca0118fbb6e1b7f53e47f01d260cdbff..3fe434189b99daf3d8cc075186c4ed4ebdd43b8f:/IkiWiki/Plugin/comments.pm diff --git a/IkiWiki/Plugin/comments.pm b/IkiWiki/Plugin/comments.pm index a0ca9f32e..ad813d19d 100644 --- a/IkiWiki/Plugin/comments.pm +++ b/IkiWiki/Plugin/comments.pm @@ -198,7 +198,6 @@ sub preprocess { $commentuser = $params{username}; my $oiduser = eval { IkiWiki::openiduser($commentuser) }; - if (defined $oiduser) { # looks like an OpenID $commentauthorurl = $commentuser; @@ -206,10 +205,17 @@ sub preprocess { $commentopenid = $commentuser; } else { - $commentauthorurl = IkiWiki::cgiurl( - do => 'goto', - page => IkiWiki::userpage($commentuser) - ); + my $emailuser = IkiWiki::emailuser($commentuser); + if (defined $emailuser) { + $commentuser=$emailuser; + } + + if (length $config{cgiurl}) { + $commentauthorurl = IkiWiki::cgiurl( + do => 'goto', + page => IkiWiki::userpage($commentuser) + ); + } $commentauthor = $commentuser; } @@ -221,22 +227,9 @@ sub preprocess { $commentauthor = gettext("Anonymous"); } - $commentstate{$page}{commentuser} = $commentuser; - $commentstate{$page}{commentopenid} = $commentopenid; - $commentstate{$page}{commentip} = $commentip; - $commentstate{$page}{commentauthor} = $commentauthor; - $commentstate{$page}{commentauthorurl} = $commentauthorurl; - $commentstate{$page}{commentauthoravatar} = $params{avatar}; - if (! defined $pagestate{$page}{meta}{author}) { - $pagestate{$page}{meta}{author} = $commentauthor; - } - if (! defined $pagestate{$page}{meta}{authorurl}) { - $pagestate{$page}{meta}{authorurl} = $commentauthorurl; - } - if ($config{comments_allowauthor}) { if (defined $params{claimedauthor}) { - $pagestate{$page}{meta}{author} = $params{claimedauthor}; + $commentauthor = $params{claimedauthor}; } if (defined $params{url}) { @@ -248,12 +241,21 @@ sub preprocess { } if (safeurl($url)) { - $pagestate{$page}{meta}{authorurl} = $url; + $commentauthorurl = $url; } } } - else { + + $commentstate{$page}{commentuser} = $commentuser; + $commentstate{$page}{commentopenid} = $commentopenid; + $commentstate{$page}{commentip} = $commentip; + $commentstate{$page}{commentauthor} = $commentauthor; + $commentstate{$page}{commentauthorurl} = $commentauthorurl; + $commentstate{$page}{commentauthoravatar} = $params{avatar}; + if (! defined $pagestate{$page}{meta}{author}) { $pagestate{$page}{meta}{author} = $commentauthor; + } + if (! defined $pagestate{$page}{meta}{authorurl}) { $pagestate{$page}{meta}{authorurl} = $commentauthorurl; } @@ -438,6 +440,16 @@ sub editcomment ($$) { $page)); } + # There's no UI to get here, but someone might construct the URL, + # leading to a comment that exists in the repository but isn't + # shown + if (!pagespec_match($page, $config{comments_pagespec}, + location => $page)) { + error(sprintf(gettext( + "comments on page '%s' are not allowed"), + $page)); + } + if (pagespec_match($page, $config{comments_closed_pagespec}, location => $page)) { error(sprintf(gettext( @@ -454,17 +466,20 @@ sub editcomment ($$) { my $content = "[[!comment format=$type\n"; if (defined $session->param('name')) { - my $username = $session->param('name'); + my $username = IkiWiki::cloak($session->param('name')); $username =~ s/"/"/g; $content .= " username=\"$username\"\n"; } + if (defined $session->param('nickname')) { my $nickname = $session->param('nickname'); $nickname =~ s/"/"/g; $content .= " nickname=\"$nickname\"\n"; } - elsif (defined $session->remote_addr()) { - $content .= " ip=\"".$session->remote_addr()."\"\n"; + + if (!(defined $session->param('name') || defined $session->param('nickname')) && + defined $session->remote_addr()) { + $content .= " ip=\"".IkiWiki::cloak($session->remote_addr())."\"\n"; } if ($config{comments_allowauthor}) { @@ -494,8 +509,7 @@ sub editcomment ($$) { $subject = "comment ".(num_comments($page, $config{srcdir}) + 1); } $content .= " subject=\"$subject\"\n"; - - $content .= " date=\"" . strftime_utf8('%Y-%m-%dT%H:%M:%SZ', gmtime) . "\"\n"; + $content .= " date=\"" . commentdate() . "\"\n"; my $editcontent = $form->field('editcontent'); $editcontent="" if ! defined $editcontent; @@ -623,6 +637,10 @@ sub editcomment ($$) { exit; } +sub commentdate () { + strftime_utf8('%Y-%m-%dT%H:%M:%SZ', gmtime); +} + sub getavatar ($) { my $user=shift; return undef unless defined $user; @@ -999,7 +1017,7 @@ sub num_comments ($$) { return int @comments; } -sub unique_comment_location ($$$$) { +sub unique_comment_location ($$$;$) { my $page=shift; eval q{use Digest::MD5 'md5_hex'}; error($@) if $@;