X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/d9c118dbf1753abcbf081f532aecfe8cb6ce7de7..6a2abf8352a7a1516345f408b6356bd1ace68f19:/IkiWiki/CGI.pm diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm index 7360ca998..eb89752ec 100644 --- a/IkiWiki/CGI.pm +++ b/IkiWiki/CGI.pm @@ -9,6 +9,18 @@ use Encode; package IkiWiki; +sub printheader ($) { #{{{ + my $session=shift; + + if ($config{sslcookie}) { + print $session->header(-charset => 'utf-8', + -cookie => $session->cookie(-secure => 1)); + } else { + print $session->header(-charset => 'utf-8'); + } + +} #}}} + sub redirect ($$) { #{{{ my $q=shift; my $url=shift; @@ -31,7 +43,7 @@ sub page_locked ($$;$) { #{{{ foreach my $admin (@{$config{adminuser}}) { my $locked_pages=userinfo_get($admin, "locked_pages"); - if (globlist_match($page, userinfo_get($admin, "locked_pages"))) { + if (pagespec_match($page, userinfo_get($admin, "locked_pages"))) { return 1 if $nonfatal; error(htmllink("", "", $page, 1)." is locked by ". htmllink("", "", $admin, 1)." and cannot be edited."); @@ -64,16 +76,30 @@ sub cgi_recentchanges ($) { #{{{ eval q{use Memoize}; memoize("htmllink"); + eval q{use Time::Duration}; + eval q{use CGI 'escapeHTML'}; + + my $changelog=[rcs_recentchanges(100)]; + foreach my $change (@$changelog) { + $change->{when} = concise(ago($change->{when})); + $change->{user} = htmllink("", "", escapeHTML($change->{user}), 1); + $change->{pages} = [ + map { + $_->{link} = htmllink("", "", $_->{page}, 1); + $_; + } @{$change->{pages}} + ]; + } + my $template=template("recentchanges.tmpl"); $template->param( title => "RecentChanges", indexlink => indexlink(), wikiname => $config{wikiname}, - changelog => [rcs_recentchanges(100)], - styleurl => styleurl(), - baseurl => "$config{url}/", + changelog => $changelog, + baseurl => baseurl(), ); - print $q->header(-charset=>'utf-8'), $template->output; + print $q->header(-charset => 'utf-8'), $template->output; } #}}} sub cgi_signin ($$) { #{{{ @@ -100,7 +126,7 @@ sub cgi_signin ($$) { #{{{ header => 0, template => (-e "$config{templatedir}/signin.tmpl" ? {template_params("signin.tmpl")} : ""), - stylesheet => styleurl(), + stylesheet => baseurl()."style.css", ); decode_form_utf8($form); @@ -114,7 +140,7 @@ sub cgi_signin ($$) { #{{{ $form->field(name => "password", type => "password", required => 0); $form->field(name => "confirm_password", type => "password", required => 0); $form->field(name => "email", required => 0); - if ($q->param("do") ne "signin") { + if ($q->param("do") ne "signin" && !$form->submitted) { $form->text("You need to log in first."); } @@ -205,7 +231,7 @@ sub cgi_signin ($$) { #{{{ $form->field(name => "confirm_password", type => "hidden"); $form->field(name => "email", type => "hidden"); $form->text("Registration successful. Now you can Login."); - print $session->header(-charset=>'utf-8'); + printheader($session); print misctemplate($form->title, $form->render(submit => ["Login"])); } else { @@ -233,12 +259,12 @@ sub cgi_signin ($$) { #{{{ $form->text("Your password has been emailed to you."); $form->field(name => "name", required => 0); - print $session->header(-charset=>'utf-8'); + printheader($session); print misctemplate($form->title, $form->render(submit => ["Login", "Register", "Mail Password"])); } } else { - print $session->header(-charset=>'utf-8'); + printheader($session); print misctemplate($form->title, $form->render(submit => ["Login", "Register", "Mail Password"])); } } #}}} @@ -267,7 +293,7 @@ sub cgi_prefs ($$) { #{{{ action => $config{cgiurl}, template => (-e "$config{templatedir}/prefs.tmpl" ? {template_params("prefs.tmpl")} : ""), - stylesheet => styleurl(), + stylesheet => baseurl()."style.css", ); my @buttons=("Save Preferences", "Logout", "Cancel"); @@ -278,9 +304,9 @@ sub cgi_prefs ($$) { #{{{ $form->field(name => "password", type => "password"); $form->field(name => "confirm_password", type => "password"); $form->field(name => "subscriptions", size => 50, - comment => "(".htmllink("", "", "GlobList", 1).")"); + comment => "(".htmllink("", "", "PageSpec", 1).")"); $form->field(name => "locked_pages", size => 50, - comment => "(".htmllink("", "", "GlobList", 1).")"); + comment => "(".htmllink("", "", "PageSpec", 1).")"); if (! is_admin($user_name)) { $form->field(name => "locked_pages", type => "hidden"); @@ -315,7 +341,7 @@ sub cgi_prefs ($$) { #{{{ $form->text("Preferences saved."); } - print $session->header(-charset=>'utf-8'); + printheader($session); print misctemplate($form->title, $form->render(submit => \@buttons)); } #}}} @@ -346,12 +372,11 @@ sub cgi_editpage ($$) { #{{{ # This untaint is safe because titlepage removes any problematic # characters. my ($page)=$form->field('page'); - $page=titlepage(possibly_foolish_untaint(lc($page))); + $page=titlepage(possibly_foolish_untaint($page)); if (! defined $page || ! length $page || $page=~/$config{wiki_file_prune_regexp}/ || $page=~/^\//) { error("bad page name"); } - $page=lc($page); my $from; if (defined $form->field('from')) { @@ -359,7 +384,7 @@ sub cgi_editpage ($$) { #{{{ } my $file; - my $type; + my $type; if (exists $pagesources{$page}) { $file=$pagesources{$page}; $type=pagetype($file); @@ -373,9 +398,7 @@ sub cgi_editpage ($$) { #{{{ # favor the type of linking page $type=pagetype($pagesources{$from}); } - else { - $type=$config{default_pageext}; - } + $type=$config{default_pageext} unless defined $type; $file=$page.".".$type; } @@ -397,8 +420,7 @@ sub cgi_editpage ($$) { #{{{ $form->tmpl_param("indexlink", indexlink()); $form->tmpl_param("helponformattinglink", htmllink("", "", "HelpOnFormatting", 1)); - $form->tmpl_param("styleurl", styleurl()); - $form->tmpl_param("baseurl", "$config{url}/"); + $form->tmpl_param("baseurl", baseurl()); if (! $form->submitted) { $form->field(name => "rcsinfo", value => rcs_prepedit($file), force => 1); @@ -416,8 +438,12 @@ sub cgi_editpage ($$) { #{{{ value => $content, force => 1); $form->field(name => "comments", value => $comments, force => 1); + $config{rss}=0; # avoid preview writing an rss feed! $form->tmpl_param("page_preview", - htmlize($type, linkify($page, $page, filter($page, $content)))); + htmlize($page, $type, + linkify($page, "", + preprocess($page, $page, + filter($page, $content))))); } else { $form->tmpl_param("page_preview", ""); @@ -457,7 +483,7 @@ sub cgi_editpage ($$) { #{{{ } @page_locs = grep { - ! exists $pagesources{lc($_)} && + ! exists $pagecase{lc $_} && ! page_locked($_, $session, 1) } @page_locs; @@ -485,8 +511,8 @@ sub cgi_editpage ($$) { #{{{ if (! defined $form->field('editcontent') || ! length $form->field('editcontent')) { my $content=""; - if (exists $pagesources{lc($page)}) { - $content=readfile(srcfile($pagesources{lc($page)})); + if (exists $pagesources{$page}) { + $content=readfile(srcfile($pagesources{$page})); $content=~s/\n/\r\n/g; } $form->field(name => "editcontent", value => $content, @@ -567,11 +593,7 @@ sub cgi () { #{{{ my $q=CGI->new; - if (exists $hooks{cgi}) { - foreach my $id (keys %{$hooks{cgi}}) { - $hooks{cgi}{$id}{call}->($q); - } - } + run_hooks(cgi => sub { shift->($q) }); my $do=$q->param('do'); if (! defined $do || ! length $do) { @@ -601,7 +623,7 @@ sub cgi () { #{{{ umask($oldmask); # Everything below this point needs the user to be signed in. - if ((! $config{anonok} && + if (((! $config{anonok} || $do eq 'prefs') && (! defined $session->param("name") || ! userinfo_get($session->param("name"), "regdate"))) || $do eq 'signin') { cgi_signin($q, $session); @@ -621,11 +643,11 @@ sub cgi () { #{{{ cgi_prefs($q, $session); } elsif ($do eq 'blog') { - my $page=titlepage(lc($q->param('title'))); + my $page=titlepage(decode_utf8($q->param('title'))); # if the page already exists, munge it to be unique my $from=$q->param('from'); my $add=""; - while (exists $oldpagemtime{"$from/$page$add"}) { + while (exists $pagecase{lc "$from/$page$add"}) { $add=1 unless length $add; $add++; }