* The underscore escaping support exposed a bug in edit links: Such links

were titlepage escaped in the urls, and then doubly escaped by the CGI
  when editing. To fix this, I removed the titlepage escaping in the edit
  urls.
* That means that *every edit link* on the wiki is potentially changed.
  Rebuilding wikis on upgrade to this version therefore necessary; enabled
  that in postinst.

IkiWiki.pm

@@ -5,6 +5,7 @@ use warnings;
 use strict;
 use Encode;
 use HTML::Entities;
+use URI::Escape;
 use open qw{:utf8 :std};
 
 use vars qw{%config %links %oldlinks %oldpagemtime %pagectime %pagecase
@@ -385,7 +386,8 @@ sub linkpage ($) { #{{{
 sub cgiurl (@) { #{{{
 	my %params=@_;
 
-	return $config{cgiurl}."?".join("&", map "$_=$params{$_}", keys %params);
+	return $config{cgiurl}."?".
+		join("&", map $_."=".uri_escape($params{$_}), keys %params);
 } #}}}
 
 sub baseurl (;$) { #{{{
@@ -453,7 +455,11 @@ sub htmllink ($$$;@) { #{{{
 	if (! grep { $_ eq $bestlink } map { @{$_} } values %renderedfiles) {
 		return $linktext unless length $config{cgiurl};
 		return "<span><a href=\"".
-			cgiurl(do => "create", page => lc($link), from => $page).
+			cgiurl(
+				do => "create",
+				page => pagetitle(lc($link), 1),
+				from => $page
+			).
 			"\">?</a>$linktext</span>"
 	}
 	

IkiWiki/CGI.pm

@@ -286,10 +286,9 @@ sub cgi_prefs ($$) { #{{{
 	}
 } #}}}
 
-sub cgi_editpage ($$;$) { #{{{
+sub cgi_editpage ($$) { #{{{
 	my $q=shift;
 	my $session=shift;
-	my $blogpost=shift;
 
 	my @fields=qw(do rcsinfo subpage from page type editcontent comments
 	              newfile);
@@ -323,9 +322,6 @@ sub cgi_editpage ($$;$) { #{{{
 	# characters.
 	my ($page)=$form->field('page');
 	$page=titlepage(possibly_foolish_untaint($page));
-	if ($blogpost) {
-		$page=~s/(\/)/"__".ord($1)."__"/eg;
-	}
 	if (! defined $page || ! length $page || file_pruned($page, $config{srcdir}) || $page=~/^\//) {
 		error("bad page name");
 	}
@@ -362,7 +358,7 @@ sub cgi_editpage ($$;$) { #{{{
 	$form->field(name => "from", type => 'hidden');
 	$form->field(name => "rcsinfo", type => 'hidden');
 	$form->field(name => "subpage", type => 'hidden');
-	$form->field(name => "page", value => $page, force => 1);
+	$form->field(name => "page", value => pagetitle($page, 1), force => 1);
 	$form->field(name => "type", value => $type, force => 1);
 	$form->field(name => "comments", type => "text", size => 80);
 	$form->field(name => "editcontent", type => "textarea", rows => 20,
@@ -686,6 +682,7 @@ sub cgi (;$$) { #{{{
 	}
 	elsif ($do eq 'blog') {
 		my $page=decode_utf8($q->param('title'));
+		$page=~s/\///g; # no slashes in blog posts
 		# if the page already exists, munge it to be unique
 		my $from=$q->param('from');
 		my $add="";
@@ -694,9 +691,9 @@ sub cgi (;$$) { #{{{
 			$add++;
 		}
 		$q->param('page', $page.$add);
-		# now run same as create, except escape slashes too
+		# now run same as create
 		$q->param('do', 'create');
-		cgi_editpage($q, $session, 1);
+		cgi_editpage($q, $session);
 	}
 	elsif ($do eq 'postsignin') {
 		error(gettext("login failed, perhaps you need to turn on cookies?"));

IkiWiki/Plugin/inline.pm

@@ -184,7 +184,7 @@ sub preprocess_inline (@) { #{{{
 				}
 				if (length $config{cgiurl} && defined $type) {
 					$template->param(have_actions => 1);
-					$template->param(editurl => cgiurl(do => "edit", page => $page));
+					$template->param(editurl => cgiurl(do => "edit", page => pagetitle($page, 1)));
 				}
 			}
 

IkiWiki/Render.pm

@@ -79,7 +79,7 @@ sub genpage ($$$) { #{{{
 	my $actions=0;
 
 	if (length $config{cgiurl}) {
-		$template->param(editurl => cgiurl(do => "edit", page => $page));
+		$template->param(editurl => cgiurl(do => "edit", page => pagetitle($page, 1)));
 		$template->param(prefsurl => cgiurl(do => "prefs"));
 		if ($config{rcs}) {
 			$template->param(recentchangesurl => cgiurl(do => "recentchanges"));

debian/NEWS

@@ -1,11 +1,19 @@
+ikiwiki (1.45) unstable; urgency=low
+
+  Wikis need to be rebuilt on upgrade to this version. If you listed your wiki
+  in /etc/ikiwiki/wikilist this will be done automatically when the Debian
+  package is upgraded. Or use ikiwiki-mass-rebuild to force a rebuild.
+
+ -- Joey Hess <joeyh@debian.org>  Wed,  7 Mar 2007 23:02:52 -0500
+
 ikiwiki (1.44) unstable; urgency=low
 
-   The htmllink() function has changed slightly and plugins that use it may
-   need to change how they call it. This function's first three parameters
-   are unchanged, but additional options are now passed using named
-   parameters. If you used htmllink with more than 3 parameters, you will
-   need to change it. The plugin interface version has been increased to 1.02
-   to reflect this change.
+  The htmllink() function has changed slightly and plugins that use it may
+  need to change how they call it. This function's first three parameters
+  are unchanged, but additional options are now passed using named
+  parameters. If you used htmllink with more than 3 parameters, you will
+  need to change it. The plugin interface version has been increased to 1.02
+  to reflect this change.
 
  -- Joey Hess <joeyh@debian.org>  Mon, 19 Feb 2007 21:10:12 -0500
 

debian/changelog

@@ -18,8 +18,15 @@ ikiwiki (1.45) UNRELEASED; urgency=low
   * Fix some nasty issues with page name escaping during previewing
     (introduced in 1.44).
   * Add a table plugin, derived from the one written by Victor Moral.
+  * The underscore escaping support exposed a bug in edit links: Such links
+    were titlepage escaped in the urls, and then doubly escaped by the CGI
+    when editing. To fix this, I removed the titlepage escaping in the edit
+    urls.
+  * That means that *every edit link* on the wiki is potentially changed.
+    Rebuilding wikis on upgrade to this version therefore necessary; enabled
+    that in postinst.
 
- -- Joey Hess <joeyh@debian.org>  Wed,  7 Mar 2007 06:26:51 -0500
+ -- Joey Hess <joeyh@debian.org>  Wed,  7 Mar 2007 22:58:52 -0500
 
 ikiwiki (1.44) unstable; urgency=low
 

debian/postinst

@@ -4,7 +4,7 @@ set -e
 
 # Change this when some incompatible change is made that requires
 # rebuilding all wikis.
-firstcompat=1.29
+firstcompat=1.45
 
 if [ "$1" = configure ] && \
    dpkg --compare-versions "$2" lt "$firstcompat"; then

po/ikiwiki.pot

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2007-03-07 07:04-0500\n"
+"POT-Creation-Date: 2007-03-08 00:56-0500\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -24,33 +24,33 @@ msgstr ""
 msgid "Preferences saved."
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:344
+#: ../IkiWiki/CGI.pm:340
 #, perl-format
 msgid "%s is not an editable page"
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:431 ../IkiWiki/Plugin/brokenlinks.pm:24
+#: ../IkiWiki/CGI.pm:427 ../IkiWiki/Plugin/brokenlinks.pm:24
 #: ../IkiWiki/Plugin/inline.pm:172 ../IkiWiki/Plugin/opendiscussion.pm:17
 #: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:97
 #: ../IkiWiki/Render.pm:165
 msgid "discussion"
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:477
+#: ../IkiWiki/CGI.pm:473
 #, perl-format
 msgid "creating %s"
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:494 ../IkiWiki/CGI.pm:530 ../IkiWiki/CGI.pm:574
+#: ../IkiWiki/CGI.pm:490 ../IkiWiki/CGI.pm:526 ../IkiWiki/CGI.pm:570
 #, perl-format
 msgid "editing %s"
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:671
+#: ../IkiWiki/CGI.pm:667
 msgid "You are banned."
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:702
+#: ../IkiWiki/CGI.pm:699
 msgid "login failed, perhaps you need to turn on cookies?"
 msgstr ""
 
@@ -363,23 +363,23 @@ msgstr ""
 msgid "failed to run php"
 msgstr ""
 
-#: ../IkiWiki/Plugin/table.pm:34
+#: ../IkiWiki/Plugin/table.pm:22
 msgid "cannot find file"
 msgstr ""
 
-#: ../IkiWiki/Plugin/table.pm:59
+#: ../IkiWiki/Plugin/table.pm:45
 msgid "unknown data format"
 msgstr ""
 
-#: ../IkiWiki/Plugin/table.pm:67
+#: ../IkiWiki/Plugin/table.pm:53
 msgid "empty data"
 msgstr ""
 
-#: ../IkiWiki/Plugin/table.pm:77
+#: ../IkiWiki/Plugin/table.pm:73
 msgid "Direct data download"
 msgstr ""
 
-#: ../IkiWiki/Plugin/table.pm:124
+#: ../IkiWiki/Plugin/table.pm:106
 #, perl-format
 msgid "parse fail at line %d: %s"
 msgstr ""
@@ -520,11 +520,11 @@ msgstr ""
 msgid "usage: ikiwiki [options] source dest"
 msgstr ""
 
-#: ../IkiWiki.pm:102
+#: ../IkiWiki.pm:103
 msgid "Must specify url to wiki with --url when using --cgi"
 msgstr ""
 
-#: ../IkiWiki.pm:149 ../IkiWiki.pm:150
+#: ../IkiWiki.pm:150 ../IkiWiki.pm:151
 msgid "Error"
 msgstr ""
 
@@ -532,7 +532,7 @@ msgstr ""
 #. translators: preprocessor directive name,
 #. translators: the second a page name, the
 #. translators: third a number.
-#: ../IkiWiki.pm:567
+#: ../IkiWiki.pm:573
 #, perl-format
 msgid "%s preprocessing loop detected on %s at depth %i"
 msgstr ""