checkcontent: New hook, can be used to implement arbitrary content filters, including spam filters.
parent
362a329556
commit
f7b2cfcf50
|
@ -467,9 +467,18 @@ sub sessioncgi ($$) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($form->submitted eq POST_COMMENT && $form->validate) {
|
if ($form->submitted eq POST_COMMENT && $form->validate) {
|
||||||
my $file = "$location._comment";
|
|
||||||
|
|
||||||
IkiWiki::checksessionexpiry($cgi, $session);
|
IkiWiki::checksessionexpiry($cgi, $session);
|
||||||
|
|
||||||
|
IkiWiki::check_content(content => $form->field('editcontent'),
|
||||||
|
subject => $form->field('subject'),
|
||||||
|
$config{comments_allowauthor} ? (
|
||||||
|
author => $form->field('author'),
|
||||||
|
url => $form->field('url'),
|
||||||
|
) : (),
|
||||||
|
page => $location,
|
||||||
|
cgi => $cgi, session => $session);
|
||||||
|
|
||||||
|
my $file = "$location._comment";
|
||||||
|
|
||||||
# FIXME: could probably do some sort of graceful retry
|
# FIXME: could probably do some sort of graceful retry
|
||||||
# on error? Would require significant unwinding though
|
# on error? Would require significant unwinding though
|
||||||
|
|
|
@ -78,7 +78,43 @@ sub check_canedit ($$$;$) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
return $canedit;
|
return defined $canedit ? $canedit : 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
sub check_content (@) {
|
||||||
|
my %params=@_;
|
||||||
|
|
||||||
|
return 1 if ! exists $hooks{checkcontent}; # optimisation
|
||||||
|
|
||||||
|
if (exists $pagesources{$params{page}}) {
|
||||||
|
my @diff;
|
||||||
|
my %old=map { $_ => 1 }
|
||||||
|
split("\n", readfile(srcfile($pagesources{$params{page}})));
|
||||||
|
foreach my $line (split("\n", $params{content})) {
|
||||||
|
push @diff, $line if ! exists $old{$_};
|
||||||
|
}
|
||||||
|
$params{content}=join("\n", @diff);
|
||||||
|
}
|
||||||
|
|
||||||
|
my $ok;
|
||||||
|
run_hooks(checkcontent => sub {
|
||||||
|
return if defined $ok;
|
||||||
|
my $ret=shift->(%params);
|
||||||
|
if (defined $ret) {
|
||||||
|
if ($ret eq "") {
|
||||||
|
$ok=1;
|
||||||
|
}
|
||||||
|
elsif (ref $ret eq 'CODE') {
|
||||||
|
$ret->();
|
||||||
|
$ok=0;
|
||||||
|
}
|
||||||
|
elsif (defined $ret) {
|
||||||
|
error($ret);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
});
|
||||||
|
return defined $ok ? $ok : 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
sub cgi_editpage ($$) {
|
sub cgi_editpage ($$) {
|
||||||
|
@ -368,8 +404,17 @@ sub cgi_editpage ($$) {
|
||||||
showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
|
showform($form, \@buttons, $session, $q, forcebaseurl => $baseurl);
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
my $message="";
|
||||||
|
if (defined $form->field('comments') &&
|
||||||
|
length $form->field('comments')) {
|
||||||
|
$message=$form->field('comments');
|
||||||
|
}
|
||||||
|
|
||||||
my $content=$form->field('editcontent');
|
my $content=$form->field('editcontent');
|
||||||
|
check_content(content => $content, page => $page,
|
||||||
|
cgi => $q, session => $session,
|
||||||
|
subject => $message);
|
||||||
run_hooks(editcontent => sub {
|
run_hooks(editcontent => sub {
|
||||||
$content=shift->(
|
$content=shift->(
|
||||||
content => $content,
|
content => $content,
|
||||||
|
@ -403,12 +448,6 @@ sub cgi_editpage ($$) {
|
||||||
|
|
||||||
my $conflict;
|
my $conflict;
|
||||||
if ($config{rcs}) {
|
if ($config{rcs}) {
|
||||||
my $message="";
|
|
||||||
if (defined $form->field('comments') &&
|
|
||||||
length $form->field('comments')) {
|
|
||||||
$message=$form->field('comments');
|
|
||||||
}
|
|
||||||
|
|
||||||
if (! $exists) {
|
if (! $exists) {
|
||||||
rcs_add($file);
|
rcs_add($file);
|
||||||
}
|
}
|
||||||
|
|
|
@ -18,6 +18,8 @@ ikiwiki (3.02) UNRELEASED; urgency=low
|
||||||
behave better.
|
behave better.
|
||||||
* Add auto-blog.setup, which will set up an ikiwiki instance tuned for use
|
* Add auto-blog.setup, which will set up an ikiwiki instance tuned for use
|
||||||
in blogging.
|
in blogging.
|
||||||
|
* checkcontent: New hook, can be used to implement arbitrary content
|
||||||
|
filters, including spam filters.
|
||||||
|
|
||||||
-- Joey Hess <joeyh@debian.org> Tue, 06 Jan 2009 15:02:52 -0500
|
-- Joey Hess <joeyh@debian.org> Tue, 06 Jan 2009 15:02:52 -0500
|
||||||
|
|
||||||
|
|
|
@ -303,7 +303,7 @@ can check if the session object has a "name" parameter set.
|
||||||
|
|
||||||
### canedit
|
### canedit
|
||||||
|
|
||||||
hook(type => "canedit", id => "foo", call => \&pagelocked);
|
hook(type => "canedit", id => "foo", call => \&canedit);
|
||||||
|
|
||||||
This hook can be used to implement arbitrary access methods to control when
|
This hook can be used to implement arbitrary access methods to control when
|
||||||
a page can be edited using the web interface (commits from revision control
|
a page can be edited using the web interface (commits from revision control
|
||||||
|
@ -321,6 +321,26 @@ This hook should avoid directly redirecting the user to a signin page,
|
||||||
since it's sometimes used to test to see which pages in a set of pages a
|
since it's sometimes used to test to see which pages in a set of pages a
|
||||||
user can edit.
|
user can edit.
|
||||||
|
|
||||||
|
### checkcontent
|
||||||
|
|
||||||
|
hook(type => "checkcontent", id => "foo", call => \&checkcontent);
|
||||||
|
|
||||||
|
This hook is called to check the content a user has entered on a page,
|
||||||
|
before it is saved, and decide if it should be allowed.
|
||||||
|
|
||||||
|
It is passed named parameters: `content`, `page`, `cgi`, and `session`. If
|
||||||
|
the content the user has entered is a comment, it may also be passed some
|
||||||
|
additional parameters: `author`, `url`, and `subject`. The `subject`
|
||||||
|
parameter may also be filled with the user's comment about the change.
|
||||||
|
|
||||||
|
Note: When the user edits an existing wiki page, the passed `content` will
|
||||||
|
include only the lines that they added to the page, or modified.
|
||||||
|
|
||||||
|
The hook should return `undef` on success. If the content is disallowed, it
|
||||||
|
should return a message stating what the problem is, or a function
|
||||||
|
that can be run to perform whatever action is necessary to allow the user
|
||||||
|
to post the content.
|
||||||
|
|
||||||
### editcontent
|
### editcontent
|
||||||
|
|
||||||
hook(type => "editcontent", id => "foo", call => \&editcontent);
|
hook(type => "editcontent", id => "foo", call => \&editcontent);
|
||||||
|
|
Loading…
Reference in New Issue