* The underscore escaping support exposed a bug in edit links: Such links
were titlepage escaped in the urls, and then doubly escaped by the CGI when editing. To fix this, I removed the titlepage escaping in the edit urls. * That means that *every edit link* on the wiki is potentially changed. Rebuilding wikis on upgrade to this version therefore necessary; enabled that in postinst.master
parent
8430ee09e5
commit
c1b698e418
10
IkiWiki.pm
10
IkiWiki.pm
|
@ -5,6 +5,7 @@ use warnings;
|
||||||
use strict;
|
use strict;
|
||||||
use Encode;
|
use Encode;
|
||||||
use HTML::Entities;
|
use HTML::Entities;
|
||||||
|
use URI::Escape;
|
||||||
use open qw{:utf8 :std};
|
use open qw{:utf8 :std};
|
||||||
|
|
||||||
use vars qw{%config %links %oldlinks %oldpagemtime %pagectime %pagecase
|
use vars qw{%config %links %oldlinks %oldpagemtime %pagectime %pagecase
|
||||||
|
@ -385,7 +386,8 @@ sub linkpage ($) { #{{{
|
||||||
sub cgiurl (@) { #{{{
|
sub cgiurl (@) { #{{{
|
||||||
my %params=@_;
|
my %params=@_;
|
||||||
|
|
||||||
return $config{cgiurl}."?".join("&", map "$_=$params{$_}", keys %params);
|
return $config{cgiurl}."?".
|
||||||
|
join("&", map $_."=".uri_escape($params{$_}), keys %params);
|
||||||
} #}}}
|
} #}}}
|
||||||
|
|
||||||
sub baseurl (;$) { #{{{
|
sub baseurl (;$) { #{{{
|
||||||
|
@ -453,7 +455,11 @@ sub htmllink ($$$;@) { #{{{
|
||||||
if (! grep { $_ eq $bestlink } map { @{$_} } values %renderedfiles) {
|
if (! grep { $_ eq $bestlink } map { @{$_} } values %renderedfiles) {
|
||||||
return $linktext unless length $config{cgiurl};
|
return $linktext unless length $config{cgiurl};
|
||||||
return "<span><a href=\"".
|
return "<span><a href=\"".
|
||||||
cgiurl(do => "create", page => lc($link), from => $page).
|
cgiurl(
|
||||||
|
do => "create",
|
||||||
|
page => pagetitle(lc($link), 1),
|
||||||
|
from => $page
|
||||||
|
).
|
||||||
"\">?</a>$linktext</span>"
|
"\">?</a>$linktext</span>"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -286,10 +286,9 @@ sub cgi_prefs ($$) { #{{{
|
||||||
}
|
}
|
||||||
} #}}}
|
} #}}}
|
||||||
|
|
||||||
sub cgi_editpage ($$;$) { #{{{
|
sub cgi_editpage ($$) { #{{{
|
||||||
my $q=shift;
|
my $q=shift;
|
||||||
my $session=shift;
|
my $session=shift;
|
||||||
my $blogpost=shift;
|
|
||||||
|
|
||||||
my @fields=qw(do rcsinfo subpage from page type editcontent comments
|
my @fields=qw(do rcsinfo subpage from page type editcontent comments
|
||||||
newfile);
|
newfile);
|
||||||
|
@ -323,9 +322,6 @@ sub cgi_editpage ($$;$) { #{{{
|
||||||
# characters.
|
# characters.
|
||||||
my ($page)=$form->field('page');
|
my ($page)=$form->field('page');
|
||||||
$page=titlepage(possibly_foolish_untaint($page));
|
$page=titlepage(possibly_foolish_untaint($page));
|
||||||
if ($blogpost) {
|
|
||||||
$page=~s/(\/)/"__".ord($1)."__"/eg;
|
|
||||||
}
|
|
||||||
if (! defined $page || ! length $page || file_pruned($page, $config{srcdir}) || $page=~/^\//) {
|
if (! defined $page || ! length $page || file_pruned($page, $config{srcdir}) || $page=~/^\//) {
|
||||||
error("bad page name");
|
error("bad page name");
|
||||||
}
|
}
|
||||||
|
@ -362,7 +358,7 @@ sub cgi_editpage ($$;$) { #{{{
|
||||||
$form->field(name => "from", type => 'hidden');
|
$form->field(name => "from", type => 'hidden');
|
||||||
$form->field(name => "rcsinfo", type => 'hidden');
|
$form->field(name => "rcsinfo", type => 'hidden');
|
||||||
$form->field(name => "subpage", type => 'hidden');
|
$form->field(name => "subpage", type => 'hidden');
|
||||||
$form->field(name => "page", value => $page, force => 1);
|
$form->field(name => "page", value => pagetitle($page, 1), force => 1);
|
||||||
$form->field(name => "type", value => $type, force => 1);
|
$form->field(name => "type", value => $type, force => 1);
|
||||||
$form->field(name => "comments", type => "text", size => 80);
|
$form->field(name => "comments", type => "text", size => 80);
|
||||||
$form->field(name => "editcontent", type => "textarea", rows => 20,
|
$form->field(name => "editcontent", type => "textarea", rows => 20,
|
||||||
|
@ -686,6 +682,7 @@ sub cgi (;$$) { #{{{
|
||||||
}
|
}
|
||||||
elsif ($do eq 'blog') {
|
elsif ($do eq 'blog') {
|
||||||
my $page=decode_utf8($q->param('title'));
|
my $page=decode_utf8($q->param('title'));
|
||||||
|
$page=~s/\///g; # no slashes in blog posts
|
||||||
# if the page already exists, munge it to be unique
|
# if the page already exists, munge it to be unique
|
||||||
my $from=$q->param('from');
|
my $from=$q->param('from');
|
||||||
my $add="";
|
my $add="";
|
||||||
|
@ -694,9 +691,9 @@ sub cgi (;$$) { #{{{
|
||||||
$add++;
|
$add++;
|
||||||
}
|
}
|
||||||
$q->param('page', $page.$add);
|
$q->param('page', $page.$add);
|
||||||
# now run same as create, except escape slashes too
|
# now run same as create
|
||||||
$q->param('do', 'create');
|
$q->param('do', 'create');
|
||||||
cgi_editpage($q, $session, 1);
|
cgi_editpage($q, $session);
|
||||||
}
|
}
|
||||||
elsif ($do eq 'postsignin') {
|
elsif ($do eq 'postsignin') {
|
||||||
error(gettext("login failed, perhaps you need to turn on cookies?"));
|
error(gettext("login failed, perhaps you need to turn on cookies?"));
|
||||||
|
|
|
@ -184,7 +184,7 @@ sub preprocess_inline (@) { #{{{
|
||||||
}
|
}
|
||||||
if (length $config{cgiurl} && defined $type) {
|
if (length $config{cgiurl} && defined $type) {
|
||||||
$template->param(have_actions => 1);
|
$template->param(have_actions => 1);
|
||||||
$template->param(editurl => cgiurl(do => "edit", page => $page));
|
$template->param(editurl => cgiurl(do => "edit", page => pagetitle($page, 1)));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -79,7 +79,7 @@ sub genpage ($$$) { #{{{
|
||||||
my $actions=0;
|
my $actions=0;
|
||||||
|
|
||||||
if (length $config{cgiurl}) {
|
if (length $config{cgiurl}) {
|
||||||
$template->param(editurl => cgiurl(do => "edit", page => $page));
|
$template->param(editurl => cgiurl(do => "edit", page => pagetitle($page, 1)));
|
||||||
$template->param(prefsurl => cgiurl(do => "prefs"));
|
$template->param(prefsurl => cgiurl(do => "prefs"));
|
||||||
if ($config{rcs}) {
|
if ($config{rcs}) {
|
||||||
$template->param(recentchangesurl => cgiurl(do => "recentchanges"));
|
$template->param(recentchangesurl => cgiurl(do => "recentchanges"));
|
||||||
|
|
|
@ -1,11 +1,19 @@
|
||||||
|
ikiwiki (1.45) unstable; urgency=low
|
||||||
|
|
||||||
|
Wikis need to be rebuilt on upgrade to this version. If you listed your wiki
|
||||||
|
in /etc/ikiwiki/wikilist this will be done automatically when the Debian
|
||||||
|
package is upgraded. Or use ikiwiki-mass-rebuild to force a rebuild.
|
||||||
|
|
||||||
|
-- Joey Hess <joeyh@debian.org> Wed, 7 Mar 2007 23:02:52 -0500
|
||||||
|
|
||||||
ikiwiki (1.44) unstable; urgency=low
|
ikiwiki (1.44) unstable; urgency=low
|
||||||
|
|
||||||
The htmllink() function has changed slightly and plugins that use it may
|
The htmllink() function has changed slightly and plugins that use it may
|
||||||
need to change how they call it. This function's first three parameters
|
need to change how they call it. This function's first three parameters
|
||||||
are unchanged, but additional options are now passed using named
|
are unchanged, but additional options are now passed using named
|
||||||
parameters. If you used htmllink with more than 3 parameters, you will
|
parameters. If you used htmllink with more than 3 parameters, you will
|
||||||
need to change it. The plugin interface version has been increased to 1.02
|
need to change it. The plugin interface version has been increased to 1.02
|
||||||
to reflect this change.
|
to reflect this change.
|
||||||
|
|
||||||
-- Joey Hess <joeyh@debian.org> Mon, 19 Feb 2007 21:10:12 -0500
|
-- Joey Hess <joeyh@debian.org> Mon, 19 Feb 2007 21:10:12 -0500
|
||||||
|
|
||||||
|
|
|
@ -18,8 +18,15 @@ ikiwiki (1.45) UNRELEASED; urgency=low
|
||||||
* Fix some nasty issues with page name escaping during previewing
|
* Fix some nasty issues with page name escaping during previewing
|
||||||
(introduced in 1.44).
|
(introduced in 1.44).
|
||||||
* Add a table plugin, derived from the one written by Victor Moral.
|
* Add a table plugin, derived from the one written by Victor Moral.
|
||||||
|
* The underscore escaping support exposed a bug in edit links: Such links
|
||||||
|
were titlepage escaped in the urls, and then doubly escaped by the CGI
|
||||||
|
when editing. To fix this, I removed the titlepage escaping in the edit
|
||||||
|
urls.
|
||||||
|
* That means that *every edit link* on the wiki is potentially changed.
|
||||||
|
Rebuilding wikis on upgrade to this version therefore necessary; enabled
|
||||||
|
that in postinst.
|
||||||
|
|
||||||
-- Joey Hess <joeyh@debian.org> Wed, 7 Mar 2007 06:26:51 -0500
|
-- Joey Hess <joeyh@debian.org> Wed, 7 Mar 2007 22:58:52 -0500
|
||||||
|
|
||||||
ikiwiki (1.44) unstable; urgency=low
|
ikiwiki (1.44) unstable; urgency=low
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@ set -e
|
||||||
|
|
||||||
# Change this when some incompatible change is made that requires
|
# Change this when some incompatible change is made that requires
|
||||||
# rebuilding all wikis.
|
# rebuilding all wikis.
|
||||||
firstcompat=1.29
|
firstcompat=1.45
|
||||||
|
|
||||||
if [ "$1" = configure ] && \
|
if [ "$1" = configure ] && \
|
||||||
dpkg --compare-versions "$2" lt "$firstcompat"; then
|
dpkg --compare-versions "$2" lt "$firstcompat"; then
|
||||||
|
|
|
@ -8,7 +8,7 @@ msgid ""
|
||||||
msgstr ""
|
msgstr ""
|
||||||
"Project-Id-Version: PACKAGE VERSION\n"
|
"Project-Id-Version: PACKAGE VERSION\n"
|
||||||
"Report-Msgid-Bugs-To: \n"
|
"Report-Msgid-Bugs-To: \n"
|
||||||
"POT-Creation-Date: 2007-03-07 07:04-0500\n"
|
"POT-Creation-Date: 2007-03-08 00:56-0500\n"
|
||||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||||
|
@ -24,33 +24,33 @@ msgstr ""
|
||||||
msgid "Preferences saved."
|
msgid "Preferences saved."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: ../IkiWiki/CGI.pm:344
|
#: ../IkiWiki/CGI.pm:340
|
||||||
#, perl-format
|
#, perl-format
|
||||||
msgid "%s is not an editable page"
|
msgid "%s is not an editable page"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: ../IkiWiki/CGI.pm:431 ../IkiWiki/Plugin/brokenlinks.pm:24
|
#: ../IkiWiki/CGI.pm:427 ../IkiWiki/Plugin/brokenlinks.pm:24
|
||||||
#: ../IkiWiki/Plugin/inline.pm:172 ../IkiWiki/Plugin/opendiscussion.pm:17
|
#: ../IkiWiki/Plugin/inline.pm:172 ../IkiWiki/Plugin/opendiscussion.pm:17
|
||||||
#: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:97
|
#: ../IkiWiki/Plugin/orphans.pm:28 ../IkiWiki/Render.pm:97
|
||||||
#: ../IkiWiki/Render.pm:165
|
#: ../IkiWiki/Render.pm:165
|
||||||
msgid "discussion"
|
msgid "discussion"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: ../IkiWiki/CGI.pm:477
|
#: ../IkiWiki/CGI.pm:473
|
||||||
#, perl-format
|
#, perl-format
|
||||||
msgid "creating %s"
|
msgid "creating %s"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: ../IkiWiki/CGI.pm:494 ../IkiWiki/CGI.pm:530 ../IkiWiki/CGI.pm:574
|
#: ../IkiWiki/CGI.pm:490 ../IkiWiki/CGI.pm:526 ../IkiWiki/CGI.pm:570
|
||||||
#, perl-format
|
#, perl-format
|
||||||
msgid "editing %s"
|
msgid "editing %s"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: ../IkiWiki/CGI.pm:671
|
#: ../IkiWiki/CGI.pm:667
|
||||||
msgid "You are banned."
|
msgid "You are banned."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: ../IkiWiki/CGI.pm:702
|
#: ../IkiWiki/CGI.pm:699
|
||||||
msgid "login failed, perhaps you need to turn on cookies?"
|
msgid "login failed, perhaps you need to turn on cookies?"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -363,23 +363,23 @@ msgstr ""
|
||||||
msgid "failed to run php"
|
msgid "failed to run php"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: ../IkiWiki/Plugin/table.pm:34
|
#: ../IkiWiki/Plugin/table.pm:22
|
||||||
msgid "cannot find file"
|
msgid "cannot find file"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: ../IkiWiki/Plugin/table.pm:59
|
#: ../IkiWiki/Plugin/table.pm:45
|
||||||
msgid "unknown data format"
|
msgid "unknown data format"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: ../IkiWiki/Plugin/table.pm:67
|
#: ../IkiWiki/Plugin/table.pm:53
|
||||||
msgid "empty data"
|
msgid "empty data"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: ../IkiWiki/Plugin/table.pm:77
|
#: ../IkiWiki/Plugin/table.pm:73
|
||||||
msgid "Direct data download"
|
msgid "Direct data download"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: ../IkiWiki/Plugin/table.pm:124
|
#: ../IkiWiki/Plugin/table.pm:106
|
||||||
#, perl-format
|
#, perl-format
|
||||||
msgid "parse fail at line %d: %s"
|
msgid "parse fail at line %d: %s"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -520,11 +520,11 @@ msgstr ""
|
||||||
msgid "usage: ikiwiki [options] source dest"
|
msgid "usage: ikiwiki [options] source dest"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: ../IkiWiki.pm:102
|
#: ../IkiWiki.pm:103
|
||||||
msgid "Must specify url to wiki with --url when using --cgi"
|
msgid "Must specify url to wiki with --url when using --cgi"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: ../IkiWiki.pm:149 ../IkiWiki.pm:150
|
#: ../IkiWiki.pm:150 ../IkiWiki.pm:151
|
||||||
msgid "Error"
|
msgid "Error"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -532,7 +532,7 @@ msgstr ""
|
||||||
#. translators: preprocessor directive name,
|
#. translators: preprocessor directive name,
|
||||||
#. translators: the second a page name, the
|
#. translators: the second a page name, the
|
||||||
#. translators: third a number.
|
#. translators: third a number.
|
||||||
#: ../IkiWiki.pm:567
|
#: ../IkiWiki.pm:573
|
||||||
#, perl-format
|
#, perl-format
|
||||||
msgid "%s preprocessing loop detected on %s at depth %i"
|
msgid "%s preprocessing loop detected on %s at depth %i"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
Loading…
Reference in New Issue