X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/fc0b70e700ca9d029e5aedd013b00de0cf793993..277a868b2b2ccb7fe6ac77ce26a3946c08a14d53:/IkiWiki/CGI.pm diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm index 54c526c2c..3e324ae1c 100644 --- a/IkiWiki/CGI.pm +++ b/IkiWiki/CGI.pm @@ -168,6 +168,7 @@ sub cgi_postsignin ($$) { #{{{ my $postsignin=CGI->new($session->param("postsignin")); $session->clear("postsignin"); cgi($postsignin, $session); + cgi_savesession($session); exit; } else { @@ -478,20 +479,13 @@ sub cgi_editpage ($$) { #{{{ $content=~s/\r/\n/g; writefile($file, $config{srcdir}, $content); - my $message="web commit "; - if (defined $session->param("name") && - length $session->param("name")) { - $message.="by ".$session->param("name"); - } - else { - $message.="from $ENV{REMOTE_ADDR}"; - } - if (defined $form->field('comments') && - length $form->field('comments')) { - $message.=": ".$form->field('comments'); - } - if ($config{rcs}) { + my $message=""; + if (defined $form->field('comments') && + length $form->field('comments')) { + $message=$form->field('comments'); + } + if ($newfile) { rcs_add($file); } @@ -500,7 +494,8 @@ sub cgi_editpage ($$) { #{{{ # presumably the commit will trigger an update # of the wiki my $conflict=rcs_commit($file, $message, - $form->field("rcsinfo")); + $form->field("rcsinfo"), + $session->param("name"), $ENV{REMOTE_ADDR}); if (defined $conflict) { $form->field(name => "rcsinfo", value => rcs_prepedit($file), @@ -529,12 +524,35 @@ sub cgi_editpage ($$) { #{{{ } } #}}} +sub cgi_getsession ($) { #{{{ + my $q=shift; + + eval q{use CGI::Session}; + CGI::Session->name("ikiwiki_session_".encode_utf8($config{wikiname})); + + my $oldmask=umask(077); + my $session = CGI::Session->new("driver:DB_File", $q, + { FileName => "$config{wikistatedir}/sessions.db" }); + umask($oldmask); + + return $session; +} #}}} + +sub cgi_savesession ($) { #{{{ + my $session=shift; + + # Force session flush with safe umask. + my $oldmask=umask(077); + $session->flush; + umask($oldmask); +} + sub cgi (;$$) { #{{{ my $q=shift; my $session=shift; if (! $q) { - eval q{use CGI; use CGI::Session}; + eval q{use CGI}; error($@) if $@; $q=CGI->new; @@ -566,12 +584,7 @@ sub cgi (;$$) { #{{{ lockwiki(); if (! $session) { - CGI::Session->name("ikiwiki_session_".encode_utf8($config{wikiname})); - - my $oldmask=umask(077); - $session = CGI::Session->new("driver:DB_File", $q, - { FileName => "$config{wikistatedir}/sessions.db" }); - umask($oldmask); + $session=cgi_getsession($q); } # Auth hooks can sign a user in. @@ -601,12 +614,7 @@ sub cgi (;$$) { #{{{ $session->param(postsignin => $ENV{QUERY_STRING}); } cgi_signin($q, $session); - - # Force session flush with safe umask. - my $oldmask=umask(077); - $session->flush; - umask($oldmask); - + cgi_savesession($session); return; } elsif (defined $session->param("postsignin")) { @@ -617,6 +625,7 @@ sub cgi (;$$) { #{{{ print $q->header(-status => "403 Forbidden"); $session->delete(); print "You are banned."; + cgi_savesession($session); exit; } @@ -657,8 +666,9 @@ sub userlink ($) { #{{{ my $display=$oid->display; # Convert "user.somehost.com" to "user [somehost.com]". if ($display !~ /\[/) { - $display=~s/^(.*?)\.([^.]+.[^.]+)$/$1 [$2]/; + $display=~s/^(.*?)\.([^.]+\.[a-z]+)$/$1 [$2]/; } + $display=~s!^https?://!!; # make sure this is removed return "".escapeHTML($display).""; } else {