X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/94eab28a86d518c39d8a71accee7b25818e38e63..4796acdae76a294199e8d8152c3c9ed53db808a2:/ikiwiki?ds=sidebyside diff --git a/ikiwiki b/ikiwiki index 2815a8e1d..4e64e4031 100755 --- a/ikiwiki +++ b/ikiwiki @@ -1,40 +1,74 @@ #!/usr/bin/perl -T +$ENV{PATH}="/usr/local/bin:/usr/bin:/bin"; use warnings; use strict; -use File::Find; use Memoize; use File::Spec; use HTML::Template; - -BEGIN { - $blosxom::version="is a proper perl module too much to ask?"; - do "/usr/bin/markdown"; +use Getopt::Long; + +my (%links, %oldlinks, %oldpagemtime, %renderedfiles, %pagesources); + +my %config=( #{{{ + wiki_file_prune_regexp => qr{((^|/).svn/|\.\.|^\.|\/\.|\.html?$)}, + wiki_link_regexp => qr/\[\[([^\s]+)\]\]/, + wiki_file_regexp => qr/(^[-A-Za-z0-9_.:\/+]+$)/, + verbose => 0, + wikiname => "wiki", + default_pageext => ".mdwn", + cgi => 0, + svn => 1, + url => '', + cgiurl => '', + historyurl => '', + anonok => 0, + rebuild => 0, + wrapper => undef, + wrappermode => undef, + srcdir => undef, + destdir => undef, + templatedir => undef, + setup => undef, +); #}}} + +GetOptions( #{{{ + "setup=s" => \$config{setup}, + "wikiname=s" => \$config{wikiname}, + "verbose|v!" => \$config{verbose}, + "rebuild!" => \$config{rebuild}, + "wrapper=s" => sub { $config{wrapper}=$_[1] ? $_[1] : "ikiwiki-wrap" }, + "wrappermode=i" => \$config{wrappermode}, + "svn!" => \$config{svn}, + "anonok!" => \$config{anonok}, + "cgi!" => \$config{cgi}, + "url=s" => \$config{url}, + "cgiurl=s" => \$config{cgiurl}, + "historyurl=s" => \$config{historyurl}, + "exclude=s@" => sub { + $config{wiki_file_prune_regexp}=qr/$config{wiki_file_prune_regexp}|$_[1]/; + }, +) || usage(); + +if (! $config{setup}) { + usage() unless @ARGV == 3; + $config{srcdir} = possibly_foolish_untaint(shift); + $config{templatedir} = possibly_foolish_untaint(shift); + $config{destdir} = possibly_foolish_untaint(shift); + if ($config{cgi} && ! length $config{url}) { + error("Must specify url to wiki with --url when using --cgi"); + } } - -$ENV{PATH}="/usr/local/bin:/usr/bin:/bin"; -my ($srcdir, $templatedir, $destdir, %links, %oldlinks, %oldpagemtime, - %renderedfiles, %pagesources); -my $wiki_link_regexp=qr/\[\[([^\s]+)\]\]/; -my $wiki_file_regexp=qr/(^[-A-Za-z0-9_.:\/+]+$)/; -my $wiki_file_prune_regexp=qr!((^|/).svn/|\.\.|^\.|\/\.|\.html?$)!; -my $verbose=0; -my $wikiname="wiki"; -my $default_pagetype=".mdwn"; -my $cgi=0; -my $url=""; -my $cgiurl=""; -my $historyurl=""; -my $svn=1; +#}}} sub usage { #{{{ die "usage: ikiwiki [options] source templates dest\n"; } #}}} -sub error ($) { #{{{ - if ($cgi) { +sub error { #{{{ + if ($config{cgi}) { print "Content-type: text/html\n\n"; - print "Error: @_\n"; + print misctemplate("Error", "

Error: @_

"); exit 1; } else { @@ -43,7 +77,13 @@ sub error ($) { #{{{ } #}}} sub debug ($) { #{{{ - print "@_\n" if $verbose; + return unless $config{verbose}; + if (! $config{cgi}) { + print "@_\n"; + } + else { + print STDERR "@_\n"; + } } #}}} sub mtime ($) { #{{{ @@ -52,7 +92,7 @@ sub mtime ($) { #{{{ return (stat($page))[9]; } #}}} -sub possibly_foolish_untaint ($) { #{{{ +sub possibly_foolish_untaint { #{{{ my $tainted=shift; my ($untainted)=$tainted=~/(.*)/; return $untainted; @@ -132,17 +172,18 @@ sub findlinks ($) { #{{{ my $content=shift; my @links; - while ($content =~ /$wiki_link_regexp/g) { + while ($content =~ /$config{wiki_link_regexp}/g) { push @links, lc($1); } return @links; } #}}} -# Given a page and the text of a link on the page, determine which existing -# page that link best points to. Prefers pages under a subdirectory with -# the same name as the source page, failing that goes down the directory tree -# to the base looking for matching pages. sub bestlink ($$) { #{{{ + # Given a page and the text of a link on the page, determine which + # existing page that link best points to. Prefers pages under a + # subdirectory with the same name as the source page, failing that + # goes down the directory tree to the base looking for matching + # pages. my $page=shift; my $link=lc(shift); @@ -171,11 +212,12 @@ sub isinlinableimage ($) { #{{{ sub htmllink { #{{{ my $page=shift; my $link=shift; - my $noimagelink=shift; + my $noimageinline=shift; # don't turn links into inline html images + my $createsubpage=shift; # force creation of a subpage if page DNE my $bestlink=bestlink($page, $link); - return $link if $page eq $bestlink; + return $link if length $bestlink && $page eq $bestlink; # TODO BUG: %renderedfiles may not have it, if the linked to page # was also added and isn't yet rendered! Note that this bug is @@ -185,12 +227,17 @@ sub htmllink { #{{{ $bestlink=htmlpage($bestlink); } if (! grep { $_ eq $bestlink } values %renderedfiles) { - return "?$link" + if (! $createsubpage) { + return "?$link" + } + else { + return "?$link" + } } $bestlink=File::Spec->abs2rel($bestlink, dirname($page)); - if (! $noimagelink && isinlinableimage($bestlink)) { + if (! $noimageinline && isinlinableimage($bestlink)) { return ""; } return "$link"; @@ -200,7 +247,7 @@ sub linkify ($$) { #{{{ my $content=shift; my $file=shift; - $content =~ s/$wiki_link_regexp/htmllink(pagename($file), $1)/eg; + $content =~ s/$config{wiki_link_regexp}/htmllink(pagename($file), $1)/eg; return $content; } #}}} @@ -209,6 +256,13 @@ sub htmlize ($$) { #{{{ my $type=shift; my $content=shift; + if (! $INC{"/usr/bin/markdown"}) { + no warnings 'once'; + $blosxom::version="is a proper perl module too much to ask?"; + use warnings 'all'; + do "/usr/bin/markdown"; + } + if ($type eq '.mdwn') { return Markdown::Markdown($content); } @@ -239,10 +293,10 @@ sub backlinks ($) { #{{{ } } - return @links; + return sort { $a->{page} cmp $b->{page} } @links; } #}}} -sub parentlinks ($) { +sub parentlinks ($) { #{{{ my $page=shift; my @ret; @@ -258,13 +312,14 @@ sub parentlinks ($) { } $path.="../"; } + unshift @ret, { url => $path , page => $config{wikiname} }; return @ret; -} +} #}}} sub indexlink () { #{{{ - return "$wikiname/ "; + return "$config{wikiname}"; } #}}} - + sub finalize ($$) { #{{{ my $content=shift; my $page=shift; @@ -273,36 +328,52 @@ sub finalize ($$) { #{{{ $title=~s/_/ /g; my $template=HTML::Template->new(blind_cache => 1, - filename => "$templatedir/page.tmpl"); + filename => "$config{templatedir}/page.tmpl"); - if (length $cgiurl) { - $template->param(editurl => "$cgiurl?do=edit&page=$page"); - $template->param(recentchangesurl => "$cgiurl?do=recentchanges"); + if (length $config{cgiurl}) { + $template->param(editurl => "$config{cgiurl}?do=edit&page=$page"); + if ($config{svn}) { + $template->param(recentchangesurl => "$config{cgiurl}?do=recentchanges"); + } } - if (length $historyurl) { - my $u=$historyurl; + if (length $config{historyurl}) { + my $u=$config{historyurl}; $u=~s/\[\[\]\]/$pagesources{$page}/g; $template->param(historyurl => $u); } $template->param( title => $title, - indexlink => $url, - wikiname => $wikiname, + wikiname => $config{wikiname}, parentlinks => [parentlinks($page)], content => $content, backlinks => [backlinks($page)], + discussionlink => htmllink($page, "Discussion", 1, 1), ); return $template->output; } #}}} +sub check_overwrite ($$) { #{{{ + # Important security check. Make sure to call this before saving + # any files to the source directory. + my $dest=shift; + my $src=shift; + + if (! exists $renderedfiles{$src} && -e $dest && ! $config{rebuild}) { + error("$dest exists and was rendered from ". + join(" ",(grep { $renderedfiles{$_} eq $dest } keys + %renderedfiles)). + ", not from $src before not overwriting"); + } +} #}}} + sub render ($) { #{{{ my $file=shift; my $type=pagetype($file); - my $content=readfile("$srcdir/$file"); + my $content=readfile("$config{srcdir}/$file"); if ($type ne 'unknown') { my $page=pagename($file); @@ -312,20 +383,22 @@ sub render ($) { #{{{ $content=htmlize($type, $content); $content=finalize($content, $page); - writefile("$destdir/".htmlpage($page), $content); + check_overwrite("$config{destdir}/".htmlpage($page), $page); + writefile("$config{destdir}/".htmlpage($page), $content); $oldpagemtime{$page}=time; $renderedfiles{$page}=htmlpage($page); } else { $links{$file}=[]; - writefile("$destdir/$file", $content); + check_overwrite("$config{destdir}/$file", $file); + writefile("$config{destdir}/$file", $content); $oldpagemtime{$file}=time; $renderedfiles{$file}=$file; } } #}}} sub loadindex () { #{{{ - open (IN, "$srcdir/.ikiwiki/index") || return; + open (IN, "$config{srcdir}/.ikiwiki/index") || return; while () { $_=possibly_foolish_untaint($_); chomp; @@ -341,10 +414,10 @@ sub loadindex () { #{{{ } #}}} sub saveindex () { #{{{ - if (! -d "$srcdir/.ikiwiki") { - mkdir("$srcdir/.ikiwiki"); + if (! -d "$config{srcdir}/.ikiwiki") { + mkdir("$config{srcdir}/.ikiwiki"); } - open (OUT, ">$srcdir/.ikiwiki/index") || error("cannot write to index: $!"); + open (OUT, ">$config{srcdir}/.ikiwiki/index") || error("cannot write to index: $!"); foreach my $page (keys %oldpagemtime) { print OUT "$oldpagemtime{$page} $pagesources{$page} $renderedfiles{$page} ". join(" ", @{$links{$page}})."\n" @@ -354,8 +427,8 @@ sub saveindex () { #{{{ } #}}} sub rcs_update () { #{{{ - if (-d "$srcdir/.svn") { - if (system("svn", "update", "--quiet", $srcdir) != 0) { + if (-d "$config{srcdir}/.svn") { + if (system("svn", "update", "--quiet", $config{srcdir}) != 0) { warn("svn update failed\n"); } } @@ -364,9 +437,10 @@ sub rcs_update () { #{{{ sub rcs_commit ($) { #{{{ my $message=shift; - if (-d "$srcdir/.svn") { + if (-d "$config{srcdir}/.svn") { if (system("svn", "commit", "--quiet", "-m", - possibly_foolish_untaint($message), $srcdir) != 0) { + possibly_foolish_untaint($message), + $config{srcdir}) != 0) { warn("svn commit failed\n"); } } @@ -375,14 +449,14 @@ sub rcs_commit ($) { #{{{ sub rcs_add ($) { #{{{ my $file=shift; - if (-d "$srcdir/.svn") { + if (-d "$config{srcdir}/.svn") { my $parent=dirname($file); - while (! -d "$srcdir/$parent/.svn") { + while (! -d "$config{srcdir}/$parent/.svn") { $file=$parent; $parent=dirname($file); } - if (system("svn", "add", "--quiet", "$srcdir/$file") != 0) { + if (system("svn", "add", "--quiet", "$config{srcdir}/$file") != 0) { warn("svn add failed\n"); } } @@ -395,8 +469,8 @@ sub rcs_recentchanges ($) { #{{{ eval q{use Date::Parse}; eval q{use Time::Duration}; - if (-d "$srcdir/.svn") { - my $info=`LANG=C svn info $srcdir`; + if (-d "$config{srcdir}/.svn") { + my $info=`LANG=C svn info $config{srcdir}`; my ($svn_url)=$info=~/^URL: (.*)$/m; # FIXME: currently assumes that the wiki is somewhere @@ -406,7 +480,7 @@ sub rcs_recentchanges ($) { #{{{ my $div=qr/^--------------------+$/; my $infoline=qr/^r(\d+)\s+\|\s+([^\s]+)\s+\|\s+(\d+-\d+-\d+\s+\d+:\d+:\d+\s+[-+]?\d+).*/; my $state='start'; - my ($rev, $user, $when, @pages, $message); + my ($rev, $user, $when, @pages, @message); foreach (`LANG=C svn log -v '$svn_url'`) { chomp; if ($state eq 'start' && /$div/) { @@ -418,23 +492,36 @@ sub rcs_recentchanges ($) { #{{{ $when=concise(ago(time - str2time($3))); } elsif ($state eq 'header' && /^\s+[A-Z]\s+\Q$svn_base\E\/(.+)$/) { - push @pages, pagename($1) if length $1; + push @pages, { link => htmllink("", pagename($1), 1) } + if length $1; } elsif ($state eq 'header' && /^$/) { $state='body'; } elsif ($state eq 'body' && /$div/) { - push @ret, { rev => $rev, user => $user, - when => $when, message => $message, + my $committype="web"; + if (defined $message[0] && + $message[0]->{line}=~/^web commit by (\w+):?(.*)/) { + $user="$1"; + $message[0]->{line}=$2; + } + else { + $committype="svn"; + } + + push @ret, { rev => $rev, + user => htmllink("", $user, 1), + committype => $committype, + when => $when, message => [@message], pages => [@pages] } if @pages; return @ret if @ret >= $num; $state='header'; - $message=$rev=$user=$when=undef; - @pages=(); + $rev=$user=$when=undef; + @pages=@message=(); } elsif ($state eq 'body') { - $message.="$_
\n"; + push @message, {line => $_}, } } } @@ -456,25 +543,29 @@ sub refresh () { #{{{ # Find existing pages. my %exists; my @files; + + eval q{use File::Find}; find({ no_chdir => 1, wanted => sub { - if (/$wiki_file_prune_regexp/) { + if (/$config{wiki_file_prune_regexp}/) { + no warnings 'once'; $File::Find::prune=1; + use warnings "all"; } elsif (! -d $_) { - my ($f)=/$wiki_file_regexp/; # untaint + my ($f)=/$config{wiki_file_regexp}/; # untaint if (! defined $f) { warn("skipping bad filename $_\n"); } else { - $f=~s/^\Q$srcdir\E\/?//; + $f=~s/^\Q$config{srcdir}\E\/?//; push @files, $f; $exists{pagename($f)}=1; } } }, - }, $srcdir); + }, $config{srcdir}); my %rendered; @@ -494,7 +585,7 @@ sub refresh () { #{{{ if (! $exists{$page}) { debug("removing old page $page"); push @del, $renderedfiles{$page}; - prune($destdir."/".$renderedfiles{$page}); + prune($config{destdir}."/".$renderedfiles{$page}); delete $renderedfiles{$page}; $oldpagemtime{$page}=0; delete $pagesources{$page}; @@ -506,7 +597,7 @@ sub refresh () { #{{{ my $page=pagename($file); if (! exists $oldpagemtime{$page} || - mtime("$srcdir/$file") > $oldpagemtime{$page}) { + mtime("$config{srcdir}/$file") > $oldpagemtime{$page}) { debug("rendering changed file $file"); render($file); $rendered{$file}=1; @@ -575,28 +666,31 @@ FILE: foreach my $file (@files) { } } #}}} -# Generates a C wrapper program for running ikiwiki in a specific way. -# The wrapper may be safely made suid. -sub gen_wrapper ($$) { #{{{ - my ($svn, $rebuild)=@_; - +sub gen_wrapper (@) { #{{{ + my %config=(@_); eval q{use Cwd 'abs_path'}; - $srcdir=abs_path($srcdir); - $destdir=abs_path($destdir); + $config{srcdir}=abs_path($config{srcdir}); + $config{destdir}=abs_path($config{destdir}); my $this=abs_path($0); if (! -x $this) { error("$this doesn't seem to be executable"); } - my @params=($srcdir, $destdir, "--wikiname=$wikiname"); - push @params, "--verbose" if $verbose; - push @params, "--rebuild" if $rebuild; - push @params, "--nosvn" if !$svn; - push @params, "--cgi" if $cgi; - push @params, "--url=$url" if $url; - push @params, "--cgiurl=$cgiurl" if $cgiurl; - push @params, "--historyurl=$historyurl" if $historyurl; - my $params=join(" ", @params); + if ($config{setup}) { + error("cannot create a wrapper that uses a setup file"); + } + + my @params=($config{srcdir}, $config{templatedir}, $config{destdir}, + "--wikiname=$config{wikiname}"); + push @params, "--verbose" if $config{verbose}; + push @params, "--rebuild" if $config{rebuild}; + push @params, "--nosvn" if !$config{svn}; + push @params, "--cgi" if $config{cgi}; + push @params, "--url=$config{url}" if length $config{url}; + push @params, "--cgiurl=$config{cgiurl}" if length $config{cgiurl}; + push @params, "--historyurl=$config{historyurl}" if length $config{historyurl}; + push @params, "--anonok" if $config{anonok}; + my $params=join(" ", map { "\'$_\'" } @params); my $call=''; foreach my $p ($this, $this, @params) { $call.=qq{"$p", }; @@ -606,7 +700,7 @@ sub gen_wrapper ($$) { #{{{ my @envsave; push @envsave, qw{REMOTE_ADDR QUERY_STRING REQUEST_METHOD REQUEST_URI CONTENT_TYPE CONTENT_LENGTH GATEWAY_INTERFACE - HTTP_COOKIE} if $cgi; + HTTP_COOKIE} if $config{cgi}; my $envsave=""; foreach my $var (@envsave) { $envsave.=<<"EOF" @@ -647,37 +741,75 @@ $envsave } EOF close OUT; - if (system("gcc", "ikiwiki-wrap.c", "-o", "ikiwiki-wrap") != 0) { + if (system("gcc", "ikiwiki-wrap.c", "-o", possibly_foolish_untaint($config{wrapper})) != 0) { error("failed to compile ikiwiki-wrap.c"); } unlink("ikiwiki-wrap.c"); - print "successfully generated ikiwiki-wrap\n"; - exit 0; + if (defined $config{wrappermode} && + ! chmod(oct($config{wrappermode}), possibly_foolish_untaint($config{wrapper}))) { + error("chmod $config{wrapper}: $!"); + } + print "successfully generated $config{wrapper}\n"; } #}}} + +sub misctemplate ($$) { #{{{ + my $title=shift; + my $pagebody=shift; + + my $template=HTML::Template->new( + filename => "$config{templatedir}/misc.tmpl" + ); + $template->param( + title => $title, + indexlink => indexlink(), + wikiname => $config{wikiname}, + pagebody => $pagebody, + ); + return $template->output; +}#}}} sub cgi_recentchanges ($) { #{{{ my $q=shift; + my $template=HTML::Template->new( + filename => "$config{templatedir}/recentchanges.tmpl" + ); + $template->param( + title => "RecentChanges", + indexlink => indexlink(), + wikiname => $config{wikiname}, + changelog => [rcs_recentchanges(100)], + ); + print $q->header, $template->output; +} #}}} + +sub userinfo_get ($$) { #{{{ + my $user=shift; + my $field=shift; + + eval q{use Storable}; + my $userdata=eval{ Storable::lock_retrieve("$config{srcdir}/.ikiwiki/userdb") }; + if (! defined $userdata || ! ref $userdata || + ! exists $userdata->{$user} || ! ref $userdata->{$user}) { + return ""; + } + return $userdata->{$user}->{$field}; +} #}}} + +sub userinfo_set ($$) { #{{{ + my $user=shift; + my $info=shift; - - my $list="\n"; - - print $q->header, - $q->start_html("RecentChanges"), - $q->h1(indexlink()." RecentChanges"), - $list, - $q->end_form, - $q->end_html; + $userdata->{$user}=$info; + my $oldmask=umask(077); + my $ret=Storable::lock_store($userdata, "$config{srcdir}/.ikiwiki/userdb"); + umask($oldmask); + return $ret; } #}}} sub cgi_signin ($$) { #{{{ @@ -686,12 +818,11 @@ sub cgi_signin ($$) { #{{{ eval q{use CGI::FormBuilder}; my $form = CGI::FormBuilder->new( - title => "$wikiname signin", - fields => [qw(do page name password confirm_password email)], + title => "$config{wikiname} signin", + fields => [qw(do page from name password confirm_password email)], header => 1, method => 'POST', validate => { - name => '/^\w+$/', confirm_password => { perl => q{eq $form->field("password")}, }, @@ -701,18 +832,18 @@ sub cgi_signin ($$) { #{{{ javascript => 0, params => $q, action => $q->request_uri, + header => 0, + template => (-e "$config{templatedir}/signin.tmpl" ? + "$config{templatedir}/signin.tmpl" : "") ); - $form->sessionid($session->id); $form->field(name => "name", required => 0); $form->field(name => "do", type => "hidden"); $form->field(name => "page", type => "hidden"); + $form->field(name => "from", type => "hidden"); $form->field(name => "password", type => "password", required => 0); $form->field(name => "confirm_password", type => "password", required => 0); $form->field(name => "email", required => 0); - if ($session->param("name")) { - $form->field(name => "name", value => $session->param("name")); - } if ($q->param("do") ne "signin") { $form->text("You need to log in before you can edit pages."); } @@ -728,185 +859,233 @@ sub cgi_signin ($$) { #{{{ $form->field(name => $opt, required => 1); } - # Validate password differently depending on how form was - # submitted. + # Validate password differently depending on how + # form was submitted. if ($form->submitted eq 'Login') { $form->field( name => "password", validate => sub { - # TODO get real user password - shift eq "foo"; + length $form->field("name") && + shift eq userinfo_get($form->field("name"), 'password'); }, ); + $form->field(name => "name", validate => '/^\w+$/'); } else { $form->field(name => "password", validate => 'VALUE'); } + # And make sure the entered name exists when logging + # in or sending email, and does not when registering. + if ($form->submitted eq 'Register') { + $form->field( + name => "name", + validate => sub { + my $name=shift; + length $name && + ! userinfo_get($name, "regdate"); + }, + ); + } + else { + $form->field( + name => "name", + validate => sub { + my $name=shift; + length $name && + userinfo_get($name, "regdate"); + }, + ); + } } else { - # Comments only shown first time. + # First time settings. $form->field(name => "name", comment => "use FirstnameLastName"); $form->field(name => "confirm_password", comment => "(only needed"); $form->field(name => "email", comment => "for registration)"); + if ($session->param("name")) { + $form->field(name => "name", value => $session->param("name")); + } } if ($form->submitted && $form->validate) { if ($form->submitted eq 'Login') { $session->param("name", $form->field("name")); - if (defined $form->field("do")) { - $q->redirect( - "$cgiurl?do=".$form->field("do"). - "&page=".$form->field("page")); + if (defined $form->field("do") && + $form->field("do") ne 'signin') { + print $q->redirect( + "$config{cgiurl}?do=".$form->field("do"). + "&page=".$form->field("page"). + "&from=".$form->field("from"));; } else { - $q->redirect($url); + print $q->redirect($config{url}); } } elsif ($form->submitted eq 'Register') { - # TODO: save registration info - $form->field(name => "confirm_password", type => "hidden"); - $form->field(name => "email", type => "hidden"); - $form->text("Registration successful. Now you can Login."); - print $form->render(submit => ["Login"]);; + my $user_name=$form->field('name'); + if (userinfo_set($user_name, { + 'email' => $form->field('email'), + 'password' => $form->field('password'), + 'regdate' => time + })) { + $form->field(name => "confirm_password", type => "hidden"); + $form->field(name => "email", type => "hidden"); + $form->text("Registration successful. Now you can Login."); + print $session->header(); + print misctemplate($form->title, $form->render(submit => ["Login"])); + } + else { + error("Error saving registration."); + } } elsif ($form->submitted eq 'Mail Password') { - # TODO mail password + my $user_name=$form->field("name"); + my $template=HTML::Template->new( + filename => "$config{templatedir}/passwordmail.tmpl" + ); + $template->param( + user_name => $user_name, + user_password => userinfo_get($user_name, "password"), + wikiurl => $config{url}, + wikiname => $config{wikiname}, + REMOTE_ADDR => $ENV{REMOTE_ADDR}, + ); + + eval q{use Mail::Sendmail}; + my ($fromhost) = $config{cgiurl} =~ m!/([^/]+)!; + sendmail( + To => userinfo_get($user_name, "email"), + From => "$config{wikiname} admin <".(getpwuid($>))[0]."@".$fromhost.">", + Subject => "$config{wikiname} information", + Message => $template->output, + ) or error("Failed to send mail"); + $form->text("Your password has been emailed to you."); - print $form->render(submit => ["Login", "Register", "Mail Password"]);; + $form->field(name => "name", required => 0); + print $session->header(); + print misctemplate($form->title, $form->render(submit => ["Login", "Register", "Mail Password"])); } } else { - print $form->render(submit => ["Login", "Register", "Mail Password"]);; + print $session->header(); + print misctemplate($form->title, $form->render(submit => ["Login", "Register", "Mail Password"])); } } #}}} -sub cgi () { #{{{ - eval q{use CGI}; - eval q{use CGI::Session}; - - my $q=CGI->new; - # session id has to be _sessionid for CGI::FormBuilder to work. - # TODO: stop having the formbuilder emit cookies and change session - # id to something else. - CGI::Session->name("_sessionid"); - my $session = CGI::Session->new(undef, $q, - { Directory=> "$srcdir/.ikiwiki/sessions" }); - - my $do=$q->param('do'); - if (! defined $do || ! length $do) { - error("\"do\" parameter missing"); - } - - if ($do eq 'recentchanges') { - cgi_recentchanges($q); - return; - } - - if (! defined $session->param("name") || $do eq 'signin') { - cgi_signin($q, $session); - return; - } +sub cgi_editpage ($$) { #{{{ + my $q=shift; + my $session=shift; + + eval q{use CGI::FormBuilder}; + my $form = CGI::FormBuilder->new( + fields => [qw(do from page content comments)], + header => 1, + method => 'POST', + validate => { + content => '/.+/', + }, + required => [qw{content}], + javascript => 0, + params => $q, + action => $q->request_uri, + table => 0, + template => "$config{templatedir}/editpage.tmpl" + ); - my ($page)=$q->param('page')=~/$wiki_file_regexp/; + my ($page)=$form->param('page')=~/$config{wiki_file_regexp}/; if (! defined $page || ! length $page || $page ne $q->param('page') || - $page=~/$wiki_file_prune_regexp/ || $page=~/^\//) { + $page=~/$config{wiki_file_prune_regexp}/ || $page=~/^\//) { error("bad page name"); } $page=lc($page); - - my $action=$q->request_uri; - $action=~s/\?.*//; - - if ($do eq 'create') { - if (exists $pagesources{lc($page)}) { - # hmm, someone else made the page in the meantime? - print $q->redirect("$url/".htmlpage($page)); - } - my @page_locs; - my ($from)=$q->param('from')=~/$wiki_file_regexp/; - if (! defined $from || ! length $from || - $from ne $q->param('from') || - $from=~/$wiki_file_prune_regexp/ || $from=~/^\//) { - @page_locs=$page; - } - else { - my $dir=$from."/"; - $dir=~s![^/]+/$!!; - push @page_locs, $dir.$page; - push @page_locs, "$from/$page"; - while (length $dir) { + $form->field(name => "do", type => 'hidden'); + $form->field(name => "from", type => 'hidden'); + $form->field(name => "page", value => "$page", force => 1); + $form->field(name => "comments", type => "text", size => 80); + $form->field(name => "content", type => "textarea", rows => 20, + cols => 80); + + if ($form->submitted eq "Cancel") { + print $q->redirect("$config{url}/".htmlpage($page)); + return; + } + if (! $form->submitted || ! $form->validate) { + if ($form->field("do") eq "create") { + if (exists $pagesources{lc($page)}) { + # hmm, someone else made the page in the + # meantime? + print $q->redirect("$config{url}/".htmlpage($page)); + return; + } + + my @page_locs; + my ($from)=$form->param('from')=~/$config{wiki_file_regexp}/; + if (! defined $from || ! length $from || + $from ne $form->param('from') || + $from=~/$config{wiki_file_prune_regexp}/ || $from=~/^\//) { + @page_locs=$page; + } + else { + my $dir=$from."/"; $dir=~s![^/]+/$!!; push @page_locs, $dir.$page; + push @page_locs, "$from/$page"; + while (length $dir) { + $dir=~s![^/]+/$!!; + push @page_locs, $dir.$page; + } + } + + $form->tmpl_param("page_select", 1); + $form->field(name => "page", type => 'select', + options => \@page_locs); + $form->title("creating $page"); + } + elsif ($form->field("do") eq "edit") { + my $content=""; + if (exists $pagesources{lc($page)}) { + $content=readfile("$config{srcdir}/$pagesources{lc($page)}"); + $content=~s/\n/\r\n/g; } + $form->tmpl_param("page_select", 0); + $form->field(name => "content", value => $content, + force => 1); + $form->field(name => "page", type => 'hidden'); + $form->title("editing $page"); } - $q->param("do", "save"); - print $q->header, - $q->start_html("Creating $page"), - $q->h1(indexlink()." Creating $page"), - $q->start_form(-action => $action), - $q->hidden('do'), - "Select page location:", - $q->popup_menu('page', \@page_locs), - $q->textarea(-name => 'content', - -default => "", - -rows => 20, - -columns => 80), - $q->br, - "Optional comment about this change:", - $q->br, - $q->textfield(-name => "comments", -size => 80), - $q->br, - $q->submit("Save Page"), - $q->end_form, - $q->end_html; - } - elsif ($do eq 'edit') { - my $content=""; - if (exists $pagesources{lc($page)}) { - $content=readfile("$srcdir/$pagesources{lc($page)}"); - $content=~s/\n/\r\n/g; - } - $q->param("do", "save"); - print $q->header, - $q->start_html("Editing $page"), - $q->h1(indexlink()." Editing $page"), - $q->start_form(-action => $action), - $q->hidden('do'), - $q->hidden('page'), - $q->textarea(-name => 'content', - -default => $content, - -rows => 20, - -columns => 80), - $q->br, - "Optional comment about this change:", - $q->br, - $q->textfield(-name => "comments", -size => 80), - $q->br, - $q->submit("Save Page"), - $q->end_form, - $q->end_html; - } - elsif ($do eq 'save') { - my $file=$page.$default_pagetype; + $form->tmpl_param("can_commit", $config{svn}); + $form->tmpl_param("indexlink", indexlink()); + print $form->render(submit => ["Save Page", "Cancel"]); + } + else { + # save page + my $file=$page.$config{default_pageext}; my $newfile=1; if (exists $pagesources{lc($page)}) { $file=$pagesources{lc($page)}; $newfile=0; } - my $content=$q->param('content'); + my $content=$form->field('content'); $content=~s/\r\n/\n/g; $content=~s/\r/\n/g; - writefile("$srcdir/$file", $content); + writefile("$config{srcdir}/$file", $content); - my $message="web commit from $ENV{REMOTE_ADDR}"; - if (defined $q->param('comments')) { - $message.=": ".$q->param('comments'); + my $message="web commit "; + if ($session->param("name")) { + $message.="by ".$session->param("name"); + } + else { + $message.="from $ENV{REMOTE_ADDR}"; + } + if (defined $form->field('comments') && + length $form->field('comments')) { + $message.=": ".$form->field('comments'); } - if ($svn) { + if ($config{svn}) { if ($newfile) { rcs_add($file); } @@ -918,48 +1097,84 @@ sub cgi () { #{{{ refresh(); } - print $q->redirect("$url/".htmlpage($page)); + # The trailing question mark tries to avoid broken + # caches and get the most recent version of the page. + print $q->redirect("$config{url}/".htmlpage($page)."?updated"); + } +} #}}} + +sub cgi () { #{{{ + eval q{use CGI}; + eval q{use CGI::Session}; + + my $q=CGI->new; + + my $do=$q->param('do'); + if (! defined $do || ! length $do) { + error("\"do\" parameter missing"); + } + + # This does not need a session. + if ($do eq 'recentchanges') { + cgi_recentchanges($q); + return; + } + + CGI::Session->name("ikiwiki_session"); + + my $oldmask=umask(077); + my $session = CGI::Session->new("driver:db_file", $q, + { FileName => "$config{srcdir}/.ikiwiki/sessions.db" }); + umask($oldmask); + + # Everything below this point needs the user to be signed in. + if ((! $config{anonok} && ! defined $session->param("name") || + ! userinfo_get($session->param("name"), "regdate")) || $do eq 'signin') { + cgi_signin($q, $session); + + # Force session flush with safe umask. + my $oldmask=umask(077); + $session->flush; + umask($oldmask); + + return; + } + + if ($do eq 'create' || $do eq 'edit') { + cgi_editpage($q, $session); } else { error("unknown do parameter"); } } #}}} -# main {{{ -my $rebuild=0; -my $wrapper=0; -if (grep /^-/, @ARGV) { - eval {use Getopt::Long}; - GetOptions( - "wikiname=s" => \$wikiname, - "verbose|v" => \$verbose, - "rebuild" => \$rebuild, - "wrapper" => \$wrapper, - "svn!" => \$svn, - "cgi" => \$cgi, - "url=s" => \$url, - "cgiurl=s" => \$cgiurl, - "historyurl=s" => \$historyurl, - ) || usage(); -} -usage() unless @ARGV == 3; -($srcdir) = possibly_foolish_untaint(shift); -($templatedir) = possibly_foolish_untaint(shift); -($destdir) = possibly_foolish_untaint(shift); +sub setup () { # {{{ + my $setup=possibly_foolish_untaint($config{setup}); + open (IN, $setup) || error("read $setup: $!\n"); + local $/=undef; + my $code=; + ($code)=$code=~/(.*)/s; + close IN; + eval $code; + error($@) if $@; + print "ikiwiki setup complete\n"; + exit; +} #}}} -if ($cgi && ! length $url) { - error("Must specify url to wiki with --url when using --cgi"); +# main {{{ +setup() if $config{setup}; +if ($config{wrapper}) { + gen_wrapper(%config); + exit; } - -gen_wrapper($svn, $rebuild) if $wrapper; memoize('pagename'); memoize('bestlink'); -loadindex() unless $rebuild; -if ($cgi) { +loadindex() unless $config{rebuild}; +if ($config{cgi}) { cgi(); } else { - rcs_update() if $svn; + rcs_update() if $config{svn}; refresh(); saveindex(); }