From 45dfdcb2571953be6815342510b9bb2a73ce59e7 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 11 Mar 2010 16:10:04 -0500 Subject: [PATCH] search: Avoid '$' in the wikiname appearing unescaped on omega's query template, where it might crash omega. Really, a more general fix, this deals with any $ that might appear on the misctemplate. --- IkiWiki/Plugin/search.pm | 15 +++++++++++++-- debian/changelog | 2 ++ ...ption:_Unknown_function___96__this__39___.mdwn | 6 ++++++ 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/IkiWiki/Plugin/search.pm b/IkiWiki/Plugin/search.pm index fb68396a1..c0e8703d8 100644 --- a/IkiWiki/Plugin/search.pm +++ b/IkiWiki/Plugin/search.pm @@ -110,6 +110,7 @@ sub index (@) { # data used by omega # Decode html entities in it, since omega re-encodes them. eval q{use HTML::Entities}; + error $@ if $@; $doc->set_data( "url=".urlto($params{page}, "")."\n". "sample=".decode_entities($sample)."\n". @@ -214,9 +215,19 @@ sub setupfiles () { writefile("omega.conf", $config{wikistatedir}."/xapian", "database_dir .\n". "template_dir ./templates\n"); + + # Avoid omega interpreting anything in the misctemplate + # as an omegascript command. + my $misctemplate=IkiWiki::misctemplate(gettext("search"), "\0"); + eval q{use HTML::Entities}; + error $@ if $@; + $misctemplate=encode_entities($misctemplate, '\$'); + + my $querytemplate=readfile(IkiWiki::template_file("searchquery.tmpl")); + $misctemplate=~s/\0/$querytemplate/; + writefile("query", $config{wikistatedir}."/xapian/templates", - IkiWiki::misctemplate(gettext("search"), - readfile(IkiWiki::template_file("searchquery.tmpl")))); + $misctemplate); $setup=1; } } diff --git a/debian/changelog b/debian/changelog index 6b5671e3e..6828e6b3f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -10,6 +10,8 @@ ikiwiki (3.20100303) UNRELEASED; urgency=low * moderatedcomments: The moderate_users setting is deprecated. Instead, set moderate_pagespec to "!admin()" or "user(*)" instead. * Fix missing span on recentchanges page template. + * search: Avoid '$' in the wikiname appearing unescaped on omega's + query template, where it might crash omega. -- Joey Hess Tue, 09 Mar 2010 19:46:35 -0500 diff --git a/doc/forum/Exception:_Unknown_function___96__this__39___.mdwn b/doc/forum/Exception:_Unknown_function___96__this__39___.mdwn index 4f94b77bd..035247100 100644 --- a/doc/forum/Exception:_Unknown_function___96__this__39___.mdwn +++ b/doc/forum/Exception:_Unknown_function___96__this__39___.mdwn @@ -50,3 +50,9 @@ What might be causing this exception and how I might go about debugging exceptio } >>>>>> So `$foobar` clashes with Omega's template tags. Does this help? + +>>>>>>> Ahh. I had somehow gotten it into my head that you were talking +>>>>>>> about the title of a single page, not of the whole wiki. But +>>>>>>> you were clear all along it was the wiki title. Sorry for +>>>>>>> misunderstanding. I've put in a complete fix for this problem. +>>>>>>> if this was in [[bugs]], I'd close it. :) --[[Joey]]