X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/c65658eeb5cd83417f3ec1c69eff2ebcd6a481db..c321f5406b29e29b6ff61ab9e291a24d68e9d824:/IkiWiki/Plugin/attachment.pm diff --git a/IkiWiki/Plugin/attachment.pm b/IkiWiki/Plugin/attachment.pm index 9c774557f..bd93d3718 100644 --- a/IkiWiki/Plugin/attachment.pm +++ b/IkiWiki/Plugin/attachment.pm @@ -58,7 +58,7 @@ sub check_canattach ($$;$) { $config{allowed_attachments}, file => $file, user => $session->param("name"), - ip => $ENV{REMOTE_ADDR}, + ip => $session->remote_addr(), ); } @@ -134,16 +134,19 @@ sub formbuilder (@) { } } + $filename=IkiWiki::basename($filename); + $filename=~s/.*\\+(.+)/$1/; # hello, windows + $filename=linkpage(IkiWiki::possibly_foolish_untaint( attachment_location($form->field('page')). - IkiWiki::basename($filename))); + $filename)); if (IkiWiki::file_pruned($filename)) { error(gettext("bad attachment filename")); } # Check that the user is allowed to edit a page with the # name of the attachment. - IkiWiki::check_canedit($filename, $q, $session, 1); + IkiWiki::check_canedit($filename, $q, $session); # And that the attachment itself is acceptable. check_canattach($session, $filename, $tempfile); @@ -180,9 +183,12 @@ sub formbuilder (@) { if ($config{rcs}) { IkiWiki::rcs_add($filename); IkiWiki::disable_commit_hook(); - IkiWiki::rcs_commit($filename, gettext("attachment upload"), - IkiWiki::rcs_prepedit($filename), - $session->param("name"), $ENV{REMOTE_ADDR}); + IkiWiki::rcs_commit( + file => $filename, + message => gettext("attachment upload"), + token => IkiWiki::rcs_prepedit($filename), + session => $session, + ); IkiWiki::enable_commit_hook(); IkiWiki::rcs_update(); } @@ -236,7 +242,7 @@ sub attachment_list ($) { push @ret, { "field-select" => '', link => htmllink($page, $page, $f, noimageinline => 1), - size => IkiWiki::Plugin::filecheck::humansize((stat(_))[7]), + size => IkiWiki::Plugin::filecheck::humansize((stat($f))[7]), mtime => displaytime($IkiWiki::pagemtime{$f}), mtime_raw => $IkiWiki::pagemtime{$f}, };