Commit Graph

1892 Commits (012300404e86578e24ab3f07ded9f1ba89c39b2a)

Author SHA1 Message Date
Joey Hess 492c61f825 page.tmpl: Add a div around the sidebar, page content, and comments, to aide in styling.
http://bzed.de/posts/2010/05/new_css_for_bzed.de/

smcv: [10:59:01] is the logical thing you want a <div> whose meaning is "the bits the sidebar is allowed to accompany"?
bzed: [10:59:14] yeah
bzed: [10:59:58] then you could just ensure that this part is as high as the sidebar
smcv: [11:02:44] wrapping a <div> around the sidebar, content and comments seems like the way forward, then
2010-06-10 13:16:35 -04:00
Joey Hess 24b59b3a9e editpage: Avoid storing accidental state changes when previewing pages.
This is a slow, safe, stupid approach. Could make deep copies of the data
structures as backups instead of re-loading the index from disk.
2010-06-09 17:44:40 -04:00
Joey Hess e93cee3378 Fix display of sidebar when previewing page edit. (Thanks, privat)
On second thought, only display a page's personal sidebar when previewing
it, not when editing normally.
2010-06-09 16:59:17 -04:00
Joey Hess 95b45864de relativedate: Fix problem with localised dates not working. 2010-06-09 16:16:48 -04:00
Joey Hess e96cf38ecc When editing a page, show that page's sidebar. (Thanks, privat) 2010-06-09 16:00:12 -04:00
Joey Hess 3638657f75 closing; cannot reproduce and no followup for 1 year 9 months 2010-06-09 15:15:18 -04:00
Joey Hess cdf4292846 Fix support for globbing in tagged() pagespecs.
The linktype check was being done on the relativised link target,
but %typedlinks uses the same link targets as %links, so that didn't work.

I think the bug only appeared when tagbase was not set.

This bugfix also let me factor out the common typedlink checking code.
2010-06-09 14:39:17 -04:00
Joey Hess ba9b808c89 remove example blog tag pages
Autotag will create them as needed. Avoids some complexity.
2010-06-09 14:24:38 -04:00
Joey Hess 0ccf21daaf img: Fill in missing height or width when scaling image. 2010-06-08 21:13:46 -04:00
Joey Hess 1b6aa2276e creation_day() etc use local time, not gmtime.
To match calendars, which use local time. Particularly important at
the end of the month.

I checked the history, and there seemed no good rationalle for the
pagespecs to use gmtime.
2010-05-31 20:46:12 -04:00
Joey Hess 8b7fb8d396 releasing version 3.20100518.2 2010-05-18 14:21:52 -04:00
Joey Hess 14de1d87ef Fix a typo in the last release. 2010-05-18 14:16:58 -04:00
Joey Hess bf579ca8ef releasing version 3.20100518 2010-05-18 13:42:04 -04:00
Joey Hess 7aa209f1ce Fix a bug that prevented matching deleted comments, and so did not update pages that had contained them.
Problem is that by the time rendering calls render_dependent, %pagesources
has had deleted files removed from it. So match_comment's lookup of
files in there to see if they had the _comment extension failed.

I had to introduce a hash that temporarily holds filenames of deleted pages
to fix this.

Note that unlike comment(), internal() had avoided this pitfall by being
defined to match both internal and non-internal pages.
2010-05-18 13:32:28 -04:00
Joey Hess 19360c3c49 typo 2010-05-16 16:58:32 -04:00
Joey Hess ffcd2da827 page.tmpl: Accidentially broke po plugin's otherlanguages list styling when modifying for html5; now fixed. 2010-05-16 00:03:35 -04:00
Joey Hess e02c1bcf3d document needing to wrap footer in dynamic test 2010-05-15 22:41:37 -04:00
Joey Hess e2ad879932 reword 2010-05-15 22:32:24 -04:00
Joey Hess 083e491262 add missing closing tmpl_if 2010-05-15 22:21:17 -04:00
Joey Hess 8c05fcde9e relase finalised 2010-05-15 21:09:38 -04:00
Joey Hess 8ff761afa2 remove, rename: Add guards against XSRF attacks. 2010-05-14 14:21:45 -04:00
Joey Hess bc0aa4d40e Use xhtml friendly pubdate setting. 2010-05-08 19:45:02 -04:00
Joey Hess 10a1c0feca update 2010-05-08 16:04:18 -04:00
Joey Hess f735e2d1b3 fixups 2010-05-08 14:03:20 -04:00
Joey Hess d0c17a4a46 calendar: Display year name in title of month calendar.
Also, fix relative month calculations.
2010-05-08 13:51:05 -04:00
Joey Hess 0f778849c6 calendar: Allow negative month to be specified. -1 is last month, etc. (And also negaitve years.) 2010-05-08 12:45:21 -04:00
Joey Hess 937b24e0cf Merge branch 'master' into commentreorg 2010-05-07 22:30:42 -04:00
Joey Hess e2a76696dd advice 2010-05-07 21:39:42 -04:00
Joey Hess bb7877707e mention style.css changes 2010-05-07 21:35:47 -04:00
Joey Hess 8f6cfbfade Removed the openidsignup option. 2010-05-07 21:33:27 -04:00
Joey Hess f8c2a67b3c pretty openid login
* openid: Incorporated a fancy openid-selector signin form.
  (http://code.google.com/p/openid-selector/)
* openid: Use "openid_identifier" as the form field, as required
  by OpenID Authentication v2.0 spec.
2010-05-07 20:14:25 -04:00
Joey Hess 378c647768 patch hidden field setting code
Fixes http://code.google.com/p/openid-selector/issues/detail?id=11#c3
2010-05-07 19:10:50 -04:00
Joey Hess b50b549cab fix comment matching pagespecs
test isinternal first, because match_glob with internal => 1 also returns
non-internal pages that match. This order should also be faster.

Remove test to see if pagesources is set. isinternal will not succeed if it
is not.
2010-05-07 14:02:30 -04:00
Joey Hess db5cee6cb6 reorder 2010-05-07 12:55:24 -04:00
Joey Hess 3adb47ec4f Merge branch 'master' into commentreorg
Conflicts:
	debian/changelog
2010-05-07 12:42:38 -04:00
Joey Hess 14826ad927 Delete hooks are passed deleted internal pages.
Necessary so search can remove its indexes for internal pages.
But also, it seems it was an omission not to pass the deleted
pages before.
2010-05-06 23:25:27 -04:00
Joey Hess ea4967f184 inline: Call indexhtml when inlining internal pages, so their text can be indexed for searching. 2010-05-06 23:20:48 -04:00
Joey Hess 121e2ffc2f Renamed postscan hook to indexhtml, to reflect its changed position.
Probably only the search plugin uses it, so this seemed safe.
2010-05-06 23:14:36 -04:00
Joey Hess 931045301a Gave comment and page editing forms some CSS and accessability love.
In particular, added <label> tags.

(However, could not find a good way to add a label tag for the main
page edit textarea.)
2010-05-06 21:45:17 -04:00
Joey Hess d9d910f676 moved comments pending moderation
* comments: Comments pending moderation are now stored in the srcdir
  alongside accepted comments, but with a `._comment_pending` extension.
* This allows easier byhand moderation, as the "_pending" need
  only be stripped off and the comment be committed to version control.
* The `comment_pending()` pagespec can be used to match such unmoderated
  comments, which makes it easy to add a feed of them, or a counter
  indicating how many there are.
* Belatedly added a `comment()` pagespec.
2010-05-06 20:05:53 -04:00
Joey Hess f69026667b typo 2010-05-06 13:55:37 -04:00
Joey Hess ee9a4e06fc rename ispage variable 2010-05-05 22:36:50 -04:00
Joey Hess fa2918f13f add NEWS about template change 2010-05-05 21:51:03 -04:00
Joey Hess 83b907c35e remove misc.tmpl checking
Turns out that users with a modified page.tmpl need to modify it on
upgrade, at least to add the FORCEBASEURL (so edit preview works),
so there is no point in trying to retain compatability.
2010-05-05 18:46:35 -04:00
Joey Hess 66cc23a591 no more misc.tmpl
* Removed misc.tmpl. Now to theme ikiwiki, you only need to customise
  a single template, page.tmpl.
* misc.tmpl will, however, still be read if a locally modified version
  exists. This is to avoid forcing users to update page.tmpl right now.
2010-05-05 18:22:47 -04:00
Joey Hess 953c28a702 releasing version 3.20100504 2010-05-04 20:35:34 -04:00
Joey Hess d0a5945000 Fixes a bug in skipping of illegal source files introduced in 3.20100427. 2010-05-04 20:26:17 -04:00
Joey Hess ab575a4b69 graphviz: Fix display of preexisting images in preview mode. 2010-05-04 16:54:58 -04:00
Joey Hess 9699f16b51 websetup: Only display Setup button on admins' preferences page.
Renamed it from "Wiki Setup" to just "Setup" for good measure.
2010-05-03 13:59:43 -04:00
Joey Hess 2f22ee85e5 Add ACTIONS variable to page.tmpl, which allows plugins to add arbitrary links to the action bar without modifying the template further.
(COMMENTSLINK and DISCUSSIONLINK could be folded into this, but are kept
separate for now to avoid breaking modified templates.)
2010-05-03 12:46:52 -04:00
Joey Hess d69f6057d1 use html5 semantic markup in page.tmpl
This is a first pass, it avoids needing to change style.css
except where it refers to tag types.

This goes a bit off the rails at the pageheader with its nested header.
Semantically, there should be an article around the whole page
header, content, and footer. Just as there will be an article around a
whole comment or inlined page header, content, and footer.

But that will mean changing the css that currently refers to pageheader to
refer to the enclosing article instead.
2010-05-02 15:09:33 -04:00
Joey Hess b21df5029b Add placeholder text in search form (in html5 mode only). 2010-05-02 13:49:56 -04:00
Joey Hess 970373548f Add parameter to displaytime to specify that it is a pubdate, and in html5 mode, use time tag. 2010-05-02 13:44:13 -04:00
Joey Hess d9e22adb66 releasing version 3.20100501 2010-05-01 21:42:13 -04:00
Joey Hess a547d26858 html5 option
* Ikiwiki can be configured to generate html5 instead of the default xhtml
  1.0. The html5 output mode is experimental, not yet fully standards
  compliant, and will be subject to rapid change.
2010-05-01 20:49:18 -04:00
Joey Hess ccafb10007 enable hidden attribute 2010-05-01 19:59:16 -04:00
Joey Hess 790a339db1 htmlscrubber: Also allow some other html5 tags: canvas, progress, meter, ruby, rt, rp, details, summary. 2010-05-01 19:28:28 -04:00
Joey Hess f1e2d0af12 more html5 attributes 2010-05-01 19:11:03 -04:00
Joey Hess 78cee5140a add rest of html5 form attributes
It's easy to imagine pattern being used to freeze or crash browsers, if
they implement it stupidly. Let's hope not..
2010-05-01 18:44:37 -04:00
Joey Hess 80f9a2a087 add figure and figcaption 2010-05-01 18:31:33 -04:00
Joey Hess 0a139aba82 htmlscrubber: Allow the html5 form attributes: placeholder autofocus, min, max, step. 2010-05-01 18:27:53 -04:00
Joey Hess 442bc59a15 htmlscrubber: Allow the placeholder attribute. 2010-05-01 18:14:50 -04:00
Joey Hess 73c8209484 more html5
* htmlscrubber: Also allow html5 canvas tags.
* htmlscrubber: Round out html5 video support with the preload
  attribute and the source tag.
2010-05-01 17:56:35 -04:00
Joey Hess 80f2042464 htmlscrubber: Allow html5 semantic tags: section nav article aside hgroup header footer time mark 2010-05-01 16:34:47 -04:00
Joey Hess 8ce5c77738 Version dependency on liburi-perl to >= 1.36; previous versions did not support building urls from utf-8 strings. Closes: #579713 2010-04-30 13:06:52 -04:00
Joey Hess b61dc50dab remove obsolete NEWS 2010-04-28 12:42:14 -04:00
Joey Hess a6e6f604bd TMPL_INCLUDE re-enabled for templates read from the templatedir. (But not in-wiki templates.) 2010-04-28 12:39:13 -04:00
Joey Hess 0e7a3640ae template: Fix typo. 2010-04-27 12:10:58 -04:00
Joey Hess a9cf5810a6 releasing version 3.20100427 2010-04-27 00:00:09 -04:00
Joey Hess 3ac2ae1f14 Add page() PageSpec, which is like glob() but matches only pages, not other files. 2010-04-26 18:47:17 -04:00
Joey Hess 97b0c6e455 Fix removal of rendered files in rebuild mode.
Needed to handle the move of the .js files into ikiwiki/, but also this is
a longstanding bug.

Old pagemtime is not remembered in rebuild mode, and changing that would
need a lot of changes. So instead, loop on pagectime, which is remembered.

Change to remembering old pagesources info in rebuild mode. This seems safe
enough.
2010-04-26 17:14:03 -04:00
Joey Hess 998f47ed13 Merge branch 'master' into templatemove 2010-04-24 00:55:09 -04:00
Joey Hess e90d67d3c9 Moved javascript files under the ikiwiki/ directory, to avoid cluttering the top of the web root. This is another things that requires a wiki rebuild on upgrade to this version. 2010-04-24 00:54:59 -04:00
Joey Hess 9976abe63c typo 2010-04-23 17:43:29 -04:00
Joey Hess 5fc6e56eb8 changelog/NEWS update for template changes 2010-04-23 17:41:24 -04:00
Joey Hess 6c64ce0336 update news for template change 2010-04-23 17:01:22 -04:00
Joey Hess e779098796 update copyright years 2010-04-23 12:35:23 -04:00
Joey Hess 56bb1b48e4 format 2010-04-22 00:36:13 -04:00
Joey Hess 3ee571390e Merge branch 'autotag' 2010-04-22 00:34:03 -04:00
Joey Hess 0db4d920aa force rebuild from pre 20100422
to ensure those wrong massive depends_simple don't linger on systems that
rebuilt for the other reasons already
2010-04-22 00:28:58 -04:00
Joey Hess 738bd2fa1f note that the new version will have some optimisation fixes 2010-04-22 00:28:21 -04:00
Joey Hess d048e9c64a turn on tag_autocreate by default if tagbase is set 2010-04-21 20:39:20 -04:00
Joey Hess 318134174f Merge branch 'master' into autotag 2010-04-21 20:32:30 -04:00
Joey Hess 0bc76be8a7 reword news 2010-04-21 20:32:19 -04:00
Joey Hess 9951060f62 Merge branch 'master' into autotag 2010-04-21 15:53:59 -04:00
Joey Hess 204c0a63f3 document tag_autocreate 2010-04-21 15:22:52 -04:00
Joey Hess c4afb13fa5 spelling 2010-04-21 15:19:47 -04:00
Joey Hess 2f9504a10d bzr: changelog and refactor 2010-04-17 13:55:38 -04:00
Joey Hess 7834989d86 typo 2010-04-17 12:24:58 -04:00
Joey Hess c769a33392 autoindex: Switch to using %wikistate instead of abusing $pagestate{index}. 2010-04-17 12:20:50 -04:00
Joey Hess 64bc7d60a2 update changelog 2010-04-16 19:22:13 -04:00
Joey Hess b13bb0c83c implement rcs_getmtime for svn
This is a slow implementation; it runs svn log once per file
still, rather than running svn log once on the whole srcdir.

I did it this way because in my experience, svn log, run on a directory,
does not always list every change to files inside that directory.
I don't know why, and I use svn as little as possible these days.
2010-04-16 18:46:20 -04:00
Joey Hess dee2940c0b automatically run --gettime, and optimise it for git
* Automatically run --gettime the first time ikiwiki is run on
  a given srcdir.
* Optimise --gettime for git, so it's appropriatly screamingly
  fast. (This could be done for other backends too.)
* However, --gettime for git no longer follows renames.
* Use above to fix up timestamps on docwiki, as well as ensure that
  timestamps on basewiki files shipped in the deb are sane.
2010-04-16 18:30:56 -04:00
Joey Hess b14f84c4ac --gettime revamp
* Rename --getctime to --gettime. (The old name still works for
  backwards compatability.)
* --gettime now also looks up last modification time.
* Add rcs_getmtime to plugin API; currently only implemented
  for git.
2010-04-16 17:02:29 -04:00
Joey Hess 142e025ae4 calendar: Improved display of arrows. 2010-04-15 20:12:03 -04:00
Joey Hess 034594fcb9 update name of libsparkline-php 2010-04-15 19:14:10 -04:00
Joey Hess c0a2eaf796 calendarmonth.tmpl: The month calendar is now put in a sidebar. 2010-04-15 18:51:50 -04:00
Joey Hess 50d08bc2ae conditional: Fix bug that forced "all" mode off by default.
Commit b7351daacd introduced the bug.
2010-04-15 18:18:48 -04:00
Joey Hess 1f7175e891 sidebar: Add global_sidebars setting. 2010-04-15 17:31:50 -04:00
Joey Hess adbbd014dc Enable calendar and sidebar in auto-blog.setup. 2010-04-15 16:52:41 -04:00
Joey Hess 358fa953e1 sidebar: Now a sidebar directive can be used to override the sidebar shown on a page. 2010-04-15 16:51:27 -04:00
Joey Hess baaa848f6c CSS and templates for sidebar changed to use a class, not an id.
Multiple sidebars should be possible; also, I want to add a sidebar
template.
2010-04-15 15:04:17 -04:00
Joey Hess fe733e2a42 enhance pagestats and rework example blog front page
* pagestats: Class parameter can be used to override default class for
  custom styling.
* pagestats: Use style=list to get a list of tags, scaled by use like
  in a tag cloud. This is useful to put in a sidebar.
* Rework example blog front page.
2010-04-15 14:29:14 -04:00
Joey Hess 3131433f64 calendar: Add archive_pagespec, which is used by ikiwiki-calendar to specify which pages to include on the calendar archive pages. (The pagespec can still also be specified on the ikiwiki-calendar command line.) 2010-04-15 13:40:53 -04:00
Joey Hess 1be3227583 formatting 2010-04-10 22:04:48 -04:00
Joey Hess d5eb540149 po: Configuring the same language as master and slave confuses processing; so filter out such a misconfiguration. 2010-04-10 18:28:15 -04:00
Joey Hess 61cbcb049f update changelog, update rebuild version 2010-04-10 14:35:45 -04:00
Joey Hess d1a616df2e po: Check that translated underlay directories exist before using them for master language. 2010-04-09 18:43:25 -04:00
Joey Hess a4a63cb7f9 Update dependency for git-core to git transition. 2010-04-08 16:07:43 -04:00
Joey Hess 196851d4e2 typo 2010-04-06 23:37:46 -04:00
Joey Hess 425ffc34f7 update for sort changes 2010-04-06 23:35:14 -04:00
Joey Hess bab8fec524 Merge remote branch 'smcv/ready/sort-package'
Conflicts:
	debian/NEWS
2010-04-06 23:15:33 -04:00
Joey Hess 25f3dd8818 add note about minor back compat issue 2010-04-06 23:02:18 -04:00
Joey Hess c0ca196758 tweak wording and versions and add changelog entry 2010-04-06 22:58:22 -04:00
Joey Hess f6fd7639da Merge remote branch 'smcv/ready/link-types' 2010-04-06 22:50:19 -04:00
Simon McVittie 48178c48ed Auto-rebuild wikis on upgrade due to the taglink change
debian/NEWS and debian/postinst should be edited before release to have
an appropriate version number.
2010-04-06 20:59:45 +01:00
Joey Hess a01028ae81 txt: Add a special case for robots.txt. 2010-04-05 17:02:10 -04:00
Joey Hess 09d4e9d6bb comments: Fix missing entity encoding in title.
The meta title data set by comments needs to be encoded the same way that
meta encodes it. (NB The security implications of the missing encoding
are small.)

Note that meta's encoding of title, description, and guid data, and not
other data, is probably a special case that should be removed. Instead,
these values should be encoded when used. I have avoided doing so here
because that would mean forcing a wiki rebuild on upgrade to have the data
consitently encoded.
2010-04-05 16:34:49 -04:00
Joey Hess 992c2c6bca changelog 2010-04-04 12:17:36 -04:00
Joey Hess 195943e588 slightly more consistent capitalisation of ikiwiki
For a while, I was avoiding capitalizing ikiwiki at the beginning of a
sentence. I now think that's a bad idea (unless explicitly referring to
the `ikiwiki` command). Still, I don't go all the way and always cap it,
as a proper noun. That would make the logo look bad. ;)

I also tend to avoid capping it as IkiWiki, except when referring to the
perl internals, which do use that capitalization. (Too late to change
that.) However, it's also reasonable to do so in a WikiLink, as a nod to
historical camelcase wikis.
2010-04-03 16:07:32 -04:00
Joey Hess 0f82fe5225 releasing version 3.20100403 2010-04-03 15:15:04 -04:00
Simon McVittie a875ee8be7 Split out sortnaturally into a plugin 2010-04-03 14:28:21 +01:00
Joey Hess 59ba938822 template: Search for templates in the templatedir, if they are not found as pages in the wiki. 2010-04-02 16:54:06 -04:00
Joey Hess 104919ee07 htmlscrubber: Allow colons in url fragments after '?'
Colons are not allowed at the start of urls, because it can be interpreted
as a protocol, and allowing arbitrary protocols can be unsafe
(CVE-2008-0809). However, this check was too restrictive, not allowing
use of eg, "video.ogv?t=0:03:00/0:04:00" to seek to a given place in a
video, or "somecgi?foo=bar:baz" to pass parameters with colons.

It's still not allowed to have a filename with a colon in it (ie
"foo:bar.png") -- to link to such a file, a fully qualified url must be
used.
2010-04-02 16:05:14 -04:00
Joey Hess 4dcea6207d page.tmpl: Add Cache-Control must-revalidate to ensure that users (especially of Firefox) see fresh page content.
Since Firefox version 3, it's done aggressive caching of visited pages, and
does not, by default, check if the cached content is still valid when
reloading or revisiting a page. By default, Firefox seems to not re-contact
the web server at all. Compare with eg, Epiphany and Chromium, which appear
to always check, and get back a 304 when the page is unchanged.

This header makes Firefox do the right thing, at least for html files. It
still over-caches if css, javascript, images, etc, are changed.
2010-03-31 17:52:58 -04:00
Joey Hess aa116d67ab update 2010-03-29 13:37:16 -04:00
Joey Hess 6e7bfbe7bb auto-blog.setup: Set tagbase by default, since most bloggers will want it.
Also modified first_post page to use a tag format that will work whether
or not tagbase is set.
2010-03-28 19:23:34 -04:00
Joey Hess 1273f1de52 Add preprocessed 'use lib' line to ikiwiki-transition and ikiwiki-calendar if necessary for unusual install. 2010-03-26 13:11:02 -04:00
Joey Hess 0d524ad672 Fix incorrect influence info returned by a failing link() pagespec, that could lead to bad dependency handling in certian situations. 2010-03-26 01:38:53 -04:00
Joey Hess 243b0dd082 fix the other half of the filecheck filename bug 2010-03-26 00:16:21 -04:00
Joey Hess 3d671ea8c1 filecheck: Fix bug that prevented the pagespecs from matching when not called by attachment plugin. 2010-03-25 14:39:09 -04:00
Joey Hess eb06a01355 use perl YAML for dumping
Only it understands $YAML::UseHeader
2010-03-24 16:12:35 -04:00
Joey Hess c64c4b9962 Add --set-yaml switch for setting more complex config file options. 2010-03-24 14:39:50 -04:00
Joey Hess 4415686d05 add YAML suggests 2010-03-24 14:30:54 -04:00
Joey Hess 440e18bc15 reset setuptype first, actually
so setup file can override default
2010-03-21 14:59:21 -04:00
Joey Hess bba513a3e5 Add support for setup files written in YAML.
Not the default. (Yet?)
2010-03-19 15:52:53 -04:00
Joey Hess dddd6aa990 Allow wrappers to be built using tcc. 2010-03-18 17:44:46 -04:00
Joey Hess 823ec815d4 Add a include setting, which can be used to make ikiwiki process wiki source files, such as .htaccess, that would normally be skipped for security or other reasons. Closes: #447267 (Thanks to Aaron Wilson for the original patch.) 2010-03-14 14:58:13 -04:00
Joey Hess 30c30a0cdd Add complete German basewiki and directives translation done by Sebastian Kuhnert. 2010-03-14 13:15:55 -04:00
Joey Hess c0ad4929de Improve openid url munging; do not display anchors and cgi parameters, as used by yahoo and google urls. 2010-03-13 20:10:50 -05:00
Joey Hess a01e0679f4 openid: Use Openid Simple Registration or OpenID Attribute Exchange to get the user's email address and username.
The info is stored in the session database, not the user database.
There should be no reason to need it when a user is not logged in.

Also, hide the email field in the preferences page for openid users.

Note that the email and username are not yet actually used for anything.
The email will be useful for gravatar, while the username might be used
for a more pretty display of the openid.
2010-03-13 19:08:15 -05:00
Joey Hess e56ec7a96c websetup: Add websetup_unsafe to allow marking other settings as unsafe. 2010-03-13 15:08:00 -05:00
Joey Hess 2ad3e60ee8 htmlscrubber: Security fix: In data:image/* uris, only allow a few whitelisted image types. No svg. 2010-03-12 14:50:26 -05:00
Joey Hess 9c274a001a formatting 2010-03-11 16:29:00 -05:00
Joey Hess d1ebdcd0a2 redundancy 2010-03-11 16:28:32 -05:00
Joey Hess 45dfdcb257 search: Avoid '$' in the wikiname appearing unescaped on omega's query template, where it might crash omega.
Really, a more general fix, this deals with any $ that might appear on the
misctemplate.
2010-03-11 16:10:04 -05:00
Joey Hess f259f33a0a Fix missing span on recentchanges page template. 2010-03-11 15:49:48 -05:00
Joey Hess ac3aac560f moderatedcomments: Added moderate_pagespec
* moderatedcomments: Added moderate_pagespec that can be used
  to control which users or comment locations are moderated.
  This can be used, just for example, to moderate http://myopenid.com/*
  if you're getting a lot of spammers from one particular openid
  provider (who should perhaps answer your emails about them),
  while not moderating other users.
* moderatedcomments: The moderate_users setting is deprecated. Instead,
  set moderate_pagespec to "!admin()" or "user(*)" instead.
2010-03-11 15:44:10 -05:00
Joey Hess 6d27bbd026 Fix utf8 issues in calls to md5_hex.
This prevented comments containing some utf-8, including euro sign, from
being submitted. Since md5_hex is a C implementation, the string has to be
converted from perl's internal encoding to utf-8 when it is called. Some
utf-8 happened to work before, apparently by accident.

Note that this will change the checksums returned.

unique_comment_location is only used when posting comments, so the checksum
does not need to be stable there.

I only changed page_to_id for completeness; it is passed a comment page
name, and they can currently never contain utf-8.

In teximg, the bug could perhaps be triggered if the tex source contained
utf-8. If that happens, the checksum will change, and some extra work might
be performed on upgrade to rebuild the image.
2010-03-09 19:55:19 -05:00
Joey Hess 0385e4080d releasing version 3.20100302 2010-03-02 22:23:07 -05:00