From: joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>
Date: Thu, 8 Mar 2007 06:03:59 +0000 (+0000)
Subject: * The underscore escaping support exposed a bug in edit links: Such links
X-Git-Tag: 1.45~15
X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/commitdiff_plain/c1b698e4181002eeecdb5988ea767cae67a83a49?ds=sidebyside
* The underscore escaping support exposed a bug in edit links: Such links
were titlepage escaped in the urls, and then doubly escaped by the CGI
when editing. To fix this, I removed the titlepage escaping in the edit
urls.
* That means that *every edit link* on the wiki is potentially changed.
Rebuilding wikis on upgrade to this version therefore necessary; enabled
that in postinst.
---
diff --git a/IkiWiki.pm b/IkiWiki.pm
index 0ed52aeae..85710c5ff 100644
--- a/IkiWiki.pm
+++ b/IkiWiki.pm
@@ -5,6 +5,7 @@ use warnings;
use strict;
use Encode;
use HTML::Entities;
+use URI::Escape;
use open qw{:utf8 :std};
use vars qw{%config %links %oldlinks %oldpagemtime %pagectime %pagecase
@@ -385,7 +386,8 @@ sub linkpage ($) { #{{{
sub cgiurl (@) { #{{{
my %params=@_;
- return $config{cgiurl}."?".join("&", map "$_=$params{$_}", keys %params);
+ return $config{cgiurl}."?".
+ join("&", map $_."=".uri_escape($params{$_}), keys %params);
} #}}}
sub baseurl (;$) { #{{{
@@ -453,7 +455,11 @@ sub htmllink ($$$;@) { #{{{
if (! grep { $_ eq $bestlink } map { @{$_} } values %renderedfiles) {
return $linktext unless length $config{cgiurl};
return "<span><a href=\"".
- cgiurl(do => "create", page => lc($link), from => $page).
+ cgiurl(
+ do => "create",
+ page => pagetitle(lc($link), 1),
+ from => $page
+ ).
"\">?</a>$linktext</span>"
}
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm
index aeccd31ac..05f4c6e0f 100644
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -286,10 +286,9 @@ sub cgi_prefs ($$) { #{{{
}
} #}}}
-sub cgi_editpage ($$;$) { #{{{
+sub cgi_editpage ($$) { #{{{
my $q=shift;
my $session=shift;
- my $blogpost=shift;
my @fields=qw(do rcsinfo subpage from page type editcontent comments
newfile);
@@ -323,9 +322,6 @@ sub cgi_editpage ($$;$) { #{{{
# characters.
my ($page)=$form->field('page');
$page=titlepage(possibly_foolish_untaint($page));
- if ($blogpost) {
- $page=~s/(\/)/"__".ord($1)."__"/eg;
- }
if (! defined $page || ! length $page || file_pruned($page, $config{srcdir}) || $page=~/^\//) {
error("bad page name");
}
@@ -362,7 +358,7 @@ sub cgi_editpage ($$;$) { #{{{
$form->field(name => "from", type => 'hidden');
$form->field(name => "rcsinfo", type => 'hidden');
$form->field(name => "subpage", type => 'hidden');
- $form->field(name => "page", value => $page, force => 1);
+ $form->field(name => "page", value => pagetitle($page, 1), force => 1);
$form->field(name => "type", value => $type, force => 1);
$form->field(name => "comments", type => "text", size => 80);
$form->field(name => "editcontent", type => "textarea", rows => 20,
@@ -686,6 +682,7 @@ sub cgi (;$$) { #{{{
}
elsif ($do eq 'blog') {
my $page=decode_utf8($q->param('title'));
+ $page=~s/\///g; # no slashes in blog posts
# if the page already exists, munge it to be unique
my $from=$q->param('from');
my $add="";
@@ -694,9 +691,9 @@ sub cgi (;$$) { #{{{
$add++;
}
$q->param('page', $page.$add);
- # now run same as create, except escape slashes too
+ # now run same as create
$q->param('do', 'create');
- cgi_editpage($q, $session, 1);
+ cgi_editpage($q, $session);
}
elsif ($do eq 'postsignin') {
error(gettext("login failed, perhaps you need to turn on cookies?"));
diff --git a/IkiWiki/Plugin/inline.pm b/IkiWiki/Plugin/inline.pm
index 6656a821c..4dbf9f159 100644
--- a/IkiWiki/Plugin/inline.pm
+++ b/IkiWiki/Plugin/inline.pm
@@ -184,7 +184,7 @@ sub preprocess_inline (@) { #{{{
}
if (length $config{cgiurl} && defined $type) {
$template->param(have_actions => 1);
- $template->param(editurl => cgiurl(do => "edit", page => $page));
+ $template->param(editurl => cgiurl(do => "edit", page => pagetitle($page, 1)));
}
}
diff --git a/IkiWiki/Render.pm b/IkiWiki/Render.pm
index 80c99e430..990b803de 100644
--- a/IkiWiki/Render.pm
+++ b/IkiWiki/Render.pm
@@ -79,7 +79,7 @@ sub genpage ($$$) { #{{{
my $actions=0;
if (length $config{cgiurl}) {
- $template->param(editurl => cgiurl(do => "edit", page => $page));
+ $template->param(editurl => cgiurl(do => "edit", page => pagetitle($page, 1)));
$template->param(prefsurl => cgiurl(do => "prefs"));
if ($config{rcs}) {
$template->param(recentchangesurl => cgiurl(do => "recentchanges"));
diff --git a/debian/NEWS b/debian/NEWS
index 94f88c769..69cbbbd88 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -1,11 +1,19 @@
+ikiwiki (1.45) unstable; urgency=low
+
+ Wikis need to be rebuilt on upgrade to this version. If you listed your wiki
+ in /etc/ikiwiki/wikilist this will be done automatically when the Debian
+ package is upgraded. Or use ikiwiki-mass-rebuild to force a rebuild.
+
+ -- Joey Hess <joeyh@debian.org> Wed, 7 Mar 2007 23:02:52 -0500
+
ikiwiki (1.44) unstable; urgency=low
- The htmllink() function has changed slightly and plugins that use it may
- need to change how they call it. This function's first three parameters
- are unchanged, but additional options are now passed using named
- parameters. If you used htmllink with more than 3 parameters, you will
- need to change it. The plugin interface version has been increased to 1.02
- to reflect this change.
+ The htmllink() function has changed slightly and plugins that use it may
+ need to change how they call it. This function's first three parameters
+ are unchanged, but additional options are now passed using named
+ parameters. If you used htmllink with more than 3 parameters, you will
+ need to change it. The plugin interface version has been increased to 1.02
+ to reflect this change.
-- Joey Hess <joeyh@debian.org> Mon, 19 Feb 2007 21:10:12 -0500
diff --git a/debian/changelog b/debian/changelog
index 6a9972952..47a1a9423 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -18,8 +18,15 @@ ikiwiki (1.45) UNRELEASED; urgency=low
* Fix some nasty issues with page name escaping during previewing
(introduced in 1.44).
* Add a table plugin, derived from the one written by Victor Moral.
-
- -- Joey Hess <joeyh@debian.org> Wed, 7 Mar 2007 06:26:51 -0500
+ * The underscore escaping support exposed a bug in edit links: Such links
+ were titlepage escaped in the urls, and then doubly escaped by the CGI
+ when editing. To fix this, I removed the titlepage escaping in the edit
+ urls.
+ * That means that *every edit link* on the wiki is potentially changed.
+ Rebuilding wikis on upgrade to this version therefore necessary; enabled
+ that in postinst.
+
+ -- Joey Hess <joeyh@debian.org> Wed, 7 Mar 2007 22:58:52 -0500
ikiwiki (1.44) unstable; urgency=low
diff --git a/debian/postinst b/debian/postinst
index 96572ea62..0096762cf 100755
--- a/debian/postinst
+++ b/debian/postinst
@@ -4,7 +4,7 @@ set -e
# Change this when some incompatible change is made that requires
# rebuilding all wikis.
-firstcompat=1.29
+firstcompat=1.45
if [ "$1" = configure ] && \
dpkg --compare-versions "$2" lt "$firstcompat"; then
diff --git a/po/ikiwiki.pot b/po/ikiwiki.pot
index ab6e7cd4c..d6069cb6e 100644
--- a/po/ikiwiki.pot
+++ b/po/ikiwiki.pot
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2007-03-07 07:04-0500\n"
+"POT-Creation-Date: 2007-03-08 00:56-0500\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -24,33 +24,33 @@ msgstr ""
msgid "Preferences saved."
msgstr ""
-#: ../IkiWiki/CGI.pm:344
+#: ../IkiWiki/CGI.pm:340
#, perl-format
msgid "%s is not an editable page"
msgstr ""
-#: ../IkiWiki/CGI.pm:431 ../IkiWiki/Plugin/brokenlinks.pm:24
+#: ../IkiWiki/CGI.pm:427 ../IkiWiki/Plugin/brokenlinks.pm:24
#: ../IkiWiki/Plugin/inline.pm:172 ../IkiWiki/Plugin/opendiscussion.pm:17
#: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:97
#: ../IkiWiki/Render.pm:165
msgid "discussion"
msgstr ""
-#: ../IkiWiki/CGI.pm:477
+#: ../IkiWiki/CGI.pm:473
#, perl-format
msgid "creating %s"
msgstr ""
-#: ../IkiWiki/CGI.pm:494 ../IkiWiki/CGI.pm:530 ../IkiWiki/CGI.pm:574
+#: ../IkiWiki/CGI.pm:490 ../IkiWiki/CGI.pm:526 ../IkiWiki/CGI.pm:570
#, perl-format
msgid "editing %s"
msgstr ""
-#: ../IkiWiki/CGI.pm:671
+#: ../IkiWiki/CGI.pm:667
msgid "You are banned."
msgstr ""
-#: ../IkiWiki/CGI.pm:702
+#: ../IkiWiki/CGI.pm:699
msgid "login failed, perhaps you need to turn on cookies?"
msgstr ""
@@ -363,23 +363,23 @@ msgstr ""
msgid "failed to run php"
msgstr ""
-#: ../IkiWiki/Plugin/table.pm:34
+#: ../IkiWiki/Plugin/table.pm:22
msgid "cannot find file"
msgstr ""
-#: ../IkiWiki/Plugin/table.pm:59
+#: ../IkiWiki/Plugin/table.pm:45
msgid "unknown data format"
msgstr ""
-#: ../IkiWiki/Plugin/table.pm:67
+#: ../IkiWiki/Plugin/table.pm:53
msgid "empty data"
msgstr ""
-#: ../IkiWiki/Plugin/table.pm:77
+#: ../IkiWiki/Plugin/table.pm:73
msgid "Direct data download"
msgstr ""
-#: ../IkiWiki/Plugin/table.pm:124
+#: ../IkiWiki/Plugin/table.pm:106
#, perl-format
msgid "parse fail at line %d: %s"
msgstr ""
@@ -520,11 +520,11 @@ msgstr ""
msgid "usage: ikiwiki [options] source dest"
msgstr ""
-#: ../IkiWiki.pm:102
+#: ../IkiWiki.pm:103
msgid "Must specify url to wiki with --url when using --cgi"
msgstr ""
-#: ../IkiWiki.pm:149 ../IkiWiki.pm:150
+#: ../IkiWiki.pm:150 ../IkiWiki.pm:151
msgid "Error"
msgstr ""
@@ -532,7 +532,7 @@ msgstr ""
#. translators: preprocessor directive name,
#. translators: the second a page name, the
#. translators: third a number.
-#: ../IkiWiki.pm:567
+#: ../IkiWiki.pm:573
#, perl-format
msgid "%s preprocessing loop detected on %s at depth %i"
msgstr ""