X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/d4a0732752e79b57509cee33001ab757132366c5..2e15a490067991448c3b65323ad9ecdc774dbfe4:/IkiWiki/Plugin/attachment.pm diff --git a/IkiWiki/Plugin/attachment.pm b/IkiWiki/Plugin/attachment.pm index 4af9ac92b..428b363b6 100644 --- a/IkiWiki/Plugin/attachment.pm +++ b/IkiWiki/Plugin/attachment.pm @@ -116,9 +116,10 @@ sub formbuilder_setup (@) { $form->tmpl_param("attachments-class" => "toggleable-open"); } - # Save attachments in holding area before previewing so - # they can be seen in the preview. - if ($form->submitted eq "Preview") { + # Save attachments in holding area before previewing and + # saving. + if ($form->submitted eq "Preview" || + $form->submitted eq "Save Page") { attachments_save($form, $params{session}); } } @@ -131,9 +132,11 @@ sub formbuilder (@) { return if ! defined $form->field("do") || ($form->field("do") ne "edit" && $form->field("do") ne "create") ; - my $filename=Encode::decode_utf8($q->param('attachment')); + my $filename=Encode::decode_utf8(scalar $q->param('attachment')); + my $handle=$q->upload('attachment'); + if (defined $filename && length $filename) { - attachment_store($filename, $form, $q, $params{session}); + attachment_store($filename, $handle, $form, $q, $params{session}); } if ($form->submitted eq "Save Page") { @@ -141,13 +144,13 @@ sub formbuilder (@) { } if ($form->submitted eq "Insert Links") { - my $page=quotemeta(Encode::decode_utf8($q->param("page"))); + my $page=quotemeta(Encode::decode_utf8(scalar $q->param("page"))); my $add=""; - foreach my $f ($q->param("attachment_select")) { + foreach my $f (@{$q->param_fetch("attachment_select")}) { $f=Encode::decode_utf8($f); $f=~s/^$page\///; if (IkiWiki::isinlinableimage($f) && - UNIVERSAL::can("IkiWiki::Plugin::img", "import")) { + IkiWiki::Plugin::img->can("import")) { $add.='[[!img '.$f.' align="right" size="" alt=""]]'; } else { @@ -162,7 +165,7 @@ sub formbuilder (@) { # Generate the attachment list only after having added any new # attachments. - $form->tmpl_param("attachment_list" => [attachment_list($form->field('page'))]); + $form->tmpl_param("attachment_list" => [attachment_list(scalar $form->field('page'))]); } sub attachment_holding_location { @@ -189,13 +192,20 @@ sub is_held_attachment { # Stores the attachment in a holding area, not yet in the wiki proper. sub attachment_store { my $filename=shift; + my $handle=shift; my $form=shift; my $q=shift; my $session=shift; - - # This is an (apparently undocumented) way to get the name - # of the temp file that CGI writes the upload to. - my $tempfile=$q->tmpFileName($filename); + + my $tempfile; + if (defined $handle) { + # This is what works in CGI.pm 4.09+: $q->tmpFileName($q->upload('attachment')) + $tempfile=$q->tmpFileName($handle); + } + if (! defined $tempfile || ! length $tempfile) { + # This is what is *documented* in CGI.pm 4.09: $q->tmpFileName($q->param('attachment')) + $tempfile=$q->tmpFileName($filename); + } if (! defined $tempfile || ! length $tempfile) { # perl 5.8 needs an alternative, awful method if ($q =~ /HASH/ && exists $q->{'.tmpfiles'}) { @@ -204,30 +214,38 @@ sub attachment_store { last if defined $tempfile && length $tempfile; } } - if (! defined $tempfile || ! length $tempfile) { - error("CGI::tmpFileName failed to return the uploaded file name"); - } + } + if (! defined $tempfile || ! length $tempfile) { + error("CGI::tmpFileName failed to return the uploaded file name"); } $filename=IkiWiki::basename($filename); $filename=~s/.*\\+(.+)/$1/; # hello, windows $filename=IkiWiki::possibly_foolish_untaint(linkpage($filename)); + my $dest=attachment_holding_location($form->field('page')); # Check that the user is allowed to edit the attachment. my $final_filename= linkpage(IkiWiki::possibly_foolish_untaint( attachment_location($form->field('page')))). $filename; - if (IkiWiki::file_pruned($final_filename)) { - error(gettext("bad attachment filename")); + eval { + if (IkiWiki::file_pruned($final_filename)) { + error(gettext("bad attachment filename")); + } + IkiWiki::check_canedit($final_filename, $q, $session); + # And that the attachment itself is acceptable. + check_canattach($session, $final_filename, $tempfile); + }; + if ($@) { + # save error in case called functions clobber $@ + my $error = $@; + json_response($q, $form, $dest."/".$filename, $error); + error $error; } - IkiWiki::check_canedit($final_filename, $q, $session); - # And that the attachment itself is acceptable. - check_canattach($session, $final_filename, $tempfile); # Move the attachment into holding directory. # Try to use a fast rename; fall back to copying. - my $dest=attachment_holding_location($form->field('page')); IkiWiki::prep_writefile($filename, $dest); unlink($dest."/".$filename); if (rename($tempfile, $dest."/".$filename)) { @@ -253,24 +271,7 @@ sub attachment_store { }); } - # Return JSON response for the jquery file upload widget. - if ($q->Accept("application/json") >= 1.0 && - grep { /application\/json/i } $q->Accept) { - eval q{use JSON}; - error $@ if $@; - print "Content-type: application/json\n\n"; - my $size=-s $dest."/".$filename; - print to_json([ - { - name => $filename, - size => $size, - humansize => IkiWiki::Plugin::filecheck::humansize($size), - stored_msg => stored_msg(), - - } - ]); - exit 0; - } + json_response($q, $form, $dest."/".$filename, stored_msg()); } # Save all stored attachments for a page. @@ -282,18 +283,21 @@ sub attachments_save { my @attachments; my $dir=attachment_holding_location($form->field('page')); foreach my $filename (glob("$dir/*")) { + $filename=Encode::decode_utf8($filename); next unless -f $filename; - my $dest=$config{srcdir}."/". - linkpage(IkiWiki::possibly_foolish_untaint( - attachment_location($form->field('page')))). - IkiWiki::basename($filename); + my $destdir=linkpage(IkiWiki::possibly_foolish_untaint( + attachment_location($form->field('page')))); + my $absdestdir=$config{srcdir}."/".$destdir; + my $destfile=IkiWiki::basename($filename); + my $dest=$absdestdir.$destfile; unlink($dest); + IkiWiki::prep_writefile($destfile, $absdestdir); rename($filename, $dest); - push @attachments, $dest; + push @attachments, $destdir.$destfile; } return unless @attachments; require IkiWiki::Render; - IkiWiki::prune($dir); + IkiWiki::prune($dir, $config{wikistatedir}."/attachments"); # Check the attachments in and trigger a wiki refresh. if ($config{rcs}) { @@ -314,8 +318,8 @@ sub attachment_location ($) { my $page=shift; # Put the attachment in a subdir of the page it's attached - # to, unless that page is an "index" page. - $page=~s/(^|\/)index//; + # to, unless that page is the "index" page. + return "" if $page eq 'index'; $page.="/" if length $page; return $page; @@ -353,6 +357,7 @@ sub attachment_list ($) { my $dir=attachment_holding_location($page); my $heldmsg=gettext("this attachment is not yet saved"); foreach my $file (glob("$dir/*")) { + $file=Encode::decode_utf8($file); next unless -f $file; my $base=IkiWiki::basename($file); my $f=$loc.$base; @@ -371,4 +376,29 @@ sub stored_msg { gettext("just uploaded"); } +sub json_response ($$$$) { + my $q=shift; + my $form=shift; + my $filename=shift; + my $stored_msg=shift; + + if (! defined $form->submitted || + $form->submitted ne "Upload Attachment") { + eval q{use JSON}; + error $@ if $@; + print "Content-type: text/html\n\n"; + my $size=-s $filename; + print to_json([ + { + name => IkiWiki::basename($filename), + size => $size, + humansize => IkiWiki::Plugin::filecheck::humansize($size), + stored_msg => $stored_msg, + + } + ]); + exit 0; + } +} + 1