checkcontent: New hook, can be used to implement arbitrary content filters, including spam filters.
Joey Hess
parent
362a329556
commit
f7b2cfcf50
|
|
@ -467,9 +467,18 @@ sub sessioncgi ($$) {
|
|||
}
|
||||
|
||||
if ($form->submitted eq POST_COMMENT && $form->validate) {
|
||||
my $file = "$location._comment";
|
||||
|
||||
IkiWiki::checksessionexpiry($cgi, $session);
|
||||
|
||||
IkiWiki::check_content(content => $form->field('editcontent'),
|
||||
subject => $form->field('subject'),
|
||||
$config{comments_allowauthor} ? (
|
||||
author => $form->field('author'),
|
||||
url => $form->field('url'),
|
||||
) : (),
|
||||
page => $location,
|
||||
cgi => $cgi, session => $session);
|
||||
|
||||
my $file = "$location._comment";
|
||||
|
||||
# FIXME: could probably do some sort of graceful retry
|
||||
# on error? Would require significant unwinding though
|
||||
|
|
|
|||
|
|
@ -78,7 +78,43 @@ sub check_canedit ($$$;$) {
|
|||
}
|
||||
}
|
||||
});
|
||||
return $canedit;
|
||||
return defined $canedit ? $canedit : 1;
|
||||
}
|
||||
|
||||
sub check_content (@) {
|
||||
my %params=@_;
|
||||
|
||||
return 1 if ! exists $hooks{checkcontent}; # optimisation
|
||||
|
||||
if (exists $pagesources{$params{page}}) {
|
||||
my @diff;
|
||||
my %old=map { $_ => 1 }
|
||||
split("\n", readfile(srcfile($pagesources{$params{page}})));
|
||||
foreach my $line (split("\n", $params{content})) {
|
||||
push @diff, $line if ! exists $old{$_};
|
||||
}
|
||||
$params{content}=join("\n", @diff);
|
||||
}
|
||||
|
||||
my $ok;
|
||||
run_hooks(checkcontent => sub {
|
||||
return if defined $ok;
|
||||
my $ret=shift->(%params);
|
||||
if (defined $ret) {
|
||||
if ($ret eq "") {
|
||||
$ok=1;
|
||||
}
|
||||
elsif (ref $ret eq 'CODE') {
|
||||
$ret->();
|
||||
$ok=0;
|
||||
}
|
||||
elsif (defined $ret) {
|
||||
error($ret);
|
||||
}
|
||||
}
|
||||
|
||||
});
|
||||
return defined $ok ? $ok : 1;
|
||||
}
|
||||
|
||||
sub cgi_editpage ($$) {
|
||||
|
|
@ -368,8 +404,17 @@ sub cgi_editpage ($$) {
|
|||
showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
|
||||
exit;
|
||||
}
|
||||
|
||||
my $message="";
|
||||
if (defined $form->field('comments') &&
|
||||
length $form->field('comments')) {
|
||||
$message=$form->field('comments');
|
||||
}
|
||||
|
||||
my $content=$form->field('editcontent');
|
||||
check_content(content => $content, page => $page,
|
||||
cgi => $q, session => $session,
|
||||
subject => $message);
|
||||
run_hooks(editcontent => sub {
|
||||
$content=shift->(
|
||||
content => $content,
|
||||
|
|
@ -403,12 +448,6 @@ sub cgi_editpage ($$) {
|
|||
|
||||
my $conflict;
|
||||
if ($config{rcs}) {
|
||||
my $message="";
|
||||
if (defined $form->field('comments') &&
|
||||
length $form->field('comments')) {
|
||||
$message=$form->field('comments');
|
||||
}
|
||||
|
||||
if (! $exists) {
|
||||
rcs_add($file);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,6 +18,8 @@ ikiwiki (3.02) UNRELEASED; urgency=low
|
|||
behave better.
|
||||
* Add auto-blog.setup, which will set up an ikiwiki instance tuned for use
|
||||
in blogging.
|
||||
* checkcontent: New hook, can be used to implement arbitrary content
|
||||
filters, including spam filters.
|
||||
|
||||
-- Joey Hess <joeyh@debian.org> Tue, 06 Jan 2009 15:02:52 -0500
|
||||
|
||||
|
|
|
|||
|
|
@ -303,7 +303,7 @@ can check if the session object has a "name" parameter set.
|
|||
|
||||
### canedit
|
||||
|
||||
hook(type => "canedit", id => "foo", call => \&pagelocked);
|
||||
hook(type => "canedit", id => "foo", call => \&canedit);
|
||||
|
||||
This hook can be used to implement arbitrary access methods to control when
|
||||
a page can be edited using the web interface (commits from revision control
|
||||
|
|
@ -321,6 +321,26 @@ This hook should avoid directly redirecting the user to a signin page,
|
|||
since it's sometimes used to test to see which pages in a set of pages a
|
||||
user can edit.
|
||||
|
||||
### checkcontent
|
||||
|
||||
hook(type => "checkcontent", id => "foo", call => \&checkcontent);
|
||||
|
||||
This hook is called to check the content a user has entered on a page,
|
||||
before it is saved, and decide if it should be allowed.
|
||||
|
||||
It is passed named parameters: `content`, `page`, `cgi`, and `session`. If
|
||||
the content the user has entered is a comment, it may also be passed some
|
||||
additional parameters: `author`, `url`, and `subject`. The `subject`
|
||||
parameter may also be filled with the user's comment about the change.
|
||||
|
||||
Note: When the user edits an existing wiki page, the passed `content` will
|
||||
include only the lines that they added to the page, or modified.
|
||||
|
||||
The hook should return `undef` on success. If the content is disallowed, it
|
||||
should return a message stating what the problem is, or a function
|
||||
that can be run to perform whatever action is necessary to allow the user
|
||||
to post the content.
|
||||
|
||||
### editcontent
|
||||
|
||||
hook(type => "editcontent", id => "foo", call => \&editcontent);
|
||||
|
|
|
|||
Loading…
Reference in New Issue