X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/d23786cb6c5b3320d4b0c45df3424acea51e90ad..79a2bb59e92a7ee820a0b5f7cb7bed61d1a54794:/IkiWiki/Plugin/attachment.pm diff --git a/IkiWiki/Plugin/attachment.pm b/IkiWiki/Plugin/attachment.pm index fd4096edf..852769f60 100644 --- a/IkiWiki/Plugin/attachment.pm +++ b/IkiWiki/Plugin/attachment.pm @@ -132,9 +132,11 @@ sub formbuilder (@) { return if ! defined $form->field("do") || ($form->field("do") ne "edit" && $form->field("do") ne "create") ; - my $filename=Encode::decode_utf8($q->param('attachment')); + my $filename=Encode::decode_utf8(scalar $q->param('attachment')); + my $handle=$q->upload('attachment'); + if (defined $filename && length $filename) { - attachment_store($filename, $form, $q, $params{session}); + attachment_store($filename, $handle, $form, $q, $params{session}); } if ($form->submitted eq "Save Page") { @@ -142,13 +144,13 @@ sub formbuilder (@) { } if ($form->submitted eq "Insert Links") { - my $page=quotemeta(Encode::decode_utf8($q->param("page"))); + my $page=quotemeta(Encode::decode_utf8(scalar $q->param("page"))); my $add=""; - foreach my $f ($q->param("attachment_select")) { + foreach my $f (@{$q->param_fetch("attachment_select")}) { $f=Encode::decode_utf8($f); $f=~s/^$page\///; if (IkiWiki::isinlinableimage($f) && - UNIVERSAL::can("IkiWiki::Plugin::img", "import")) { + IkiWiki::Plugin::img->can("import")) { $add.='[[!img '.$f.' align="right" size="" alt=""]]'; } else { @@ -156,14 +158,15 @@ sub formbuilder (@) { } $add.="\n"; } + my $content = $form->field('editcontent'); $form->field(name => 'editcontent', - value => $form->field('editcontent')."\n\n".$add, + value => $content."\n\n".$add, force => 1) if length $add; } # Generate the attachment list only after having added any new # attachments. - $form->tmpl_param("attachment_list" => [attachment_list($form->field('page'))]); + $form->tmpl_param("attachment_list" => [attachment_list(scalar $form->field('page'))]); } sub attachment_holding_location { @@ -190,13 +193,20 @@ sub is_held_attachment { # Stores the attachment in a holding area, not yet in the wiki proper. sub attachment_store { my $filename=shift; + my $handle=shift; my $form=shift; my $q=shift; my $session=shift; - - # This is an (apparently undocumented) way to get the name - # of the temp file that CGI writes the upload to. - my $tempfile=$q->tmpFileName($filename); + + my $tempfile; + if (defined $handle) { + # This is what works in CGI.pm 4.09+: $q->tmpFileName($q->upload('attachment')) + $tempfile=$q->tmpFileName($handle); + } + if (! defined $tempfile || ! length $tempfile) { + # This is what is *documented* in CGI.pm 4.09: $q->tmpFileName($q->param('attachment')) + $tempfile=$q->tmpFileName($filename); + } if (! defined $tempfile || ! length $tempfile) { # perl 5.8 needs an alternative, awful method if ($q =~ /HASH/ && exists $q->{'.tmpfiles'}) { @@ -205,20 +215,20 @@ sub attachment_store { last if defined $tempfile && length $tempfile; } } - if (! defined $tempfile || ! length $tempfile) { - error("CGI::tmpFileName failed to return the uploaded file name"); - } + } + if (! defined $tempfile || ! length $tempfile) { + error("CGI::tmpFileName failed to return the uploaded file name"); } $filename=IkiWiki::basename($filename); $filename=~s/.*\\+(.+)/$1/; # hello, windows $filename=IkiWiki::possibly_foolish_untaint(linkpage($filename)); - my $dest=attachment_holding_location($form->field('page')); + my $dest=attachment_holding_location(scalar $form->field('page')); # Check that the user is allowed to edit the attachment. my $final_filename= linkpage(IkiWiki::possibly_foolish_untaint( - attachment_location($form->field('page')))). + attachment_location(scalar $form->field('page')))). $filename; eval { if (IkiWiki::file_pruned($final_filename)) { @@ -229,8 +239,10 @@ sub attachment_store { check_canattach($session, $final_filename, $tempfile); }; if ($@) { - json_response($q, $form, $dest."/".$filename, $@); - error $@; + # save error in case called functions clobber $@ + my $error = $@; + json_response($q, $form, $dest."/".$filename, $error); + error $error; } # Move the attachment into holding directory. @@ -270,22 +282,23 @@ sub attachments_save { # Move attachments out of holding directory. my @attachments; - my $dir=attachment_holding_location($form->field('page')); + my $dir=attachment_holding_location(scalar $form->field('page')); foreach my $filename (glob("$dir/*")) { + $filename=Encode::decode_utf8($filename); next unless -f $filename; - my $destdir=$config{srcdir}."/". - linkpage(IkiWiki::possibly_foolish_untaint( - attachment_location($form->field('page')))); + my $destdir=linkpage(IkiWiki::possibly_foolish_untaint( + attachment_location(scalar $form->field('page')))); + my $absdestdir=$config{srcdir}."/".$destdir; my $destfile=IkiWiki::basename($filename); - my $dest=$destdir.$destfile; + my $dest=$absdestdir.$destfile; unlink($dest); - IkiWiki::prep_writefile($destfile, $destdir); + IkiWiki::prep_writefile($destfile, $absdestdir); rename($filename, $dest); - push @attachments, $dest; + push @attachments, $destdir.$destfile; } return unless @attachments; require IkiWiki::Render; - IkiWiki::prune($dir); + IkiWiki::prune($dir, $config{wikistatedir}."/attachments"); # Check the attachments in and trigger a wiki refresh. if ($config{rcs}) { @@ -345,6 +358,7 @@ sub attachment_list ($) { my $dir=attachment_holding_location($page); my $heldmsg=gettext("this attachment is not yet saved"); foreach my $file (glob("$dir/*")) { + $file=Encode::decode_utf8($file); next unless -f $file; my $base=IkiWiki::basename($file); my $f=$loc.$base;