Commit Graph

313 Commits (1b8d2ce36b5d6098b318c5b2f75b0e2752b51ac6)

Author SHA1 Message Date
Joey Hess d1b22b2524 lockwiki changes
* Stop busy-waiting in lockwiki, as this could delay ikiwiki from waking up
  for up to one second. The bailout code is no longer needed.
* Remove support for unused optional wait parameter from lockwiki.
2008-11-11 15:54:52 -05:00
Joey Hess fb89bfd26b document wikistatedir, though it's still internal 2008-11-07 12:23:30 -05:00
Joey Hess 11d377af81 txt: Do not encode quotes when filtering the txt, as that broke later parsing of any directives on the page. 2008-11-06 20:49:18 -05:00
Joey Hess 2e00af6096 releasing version 2.68 2008-11-03 16:42:06 -05:00
Joey Hess bb841f94f4 format: New plugin, allows embedding differntly formatted text inside a page (ie, otl inside a mdwn page, or syntax highlighted code inside a page). 2008-10-31 16:42:20 -04:00
Joey Hess 3b8740ebee response 2008-10-29 18:06:00 -04:00
Joey Hess 8530e827b0 git: Allow [[sha1_commit]] to be used in the diffurl, to support cgit. 2008-10-27 14:45:54 -04:00
Joey Hess d3d3999410 do no-op post_commit test in wrapper
This speeds up web commits by 1/4th of a second or so, since perl does
not have to start up for the post commit hook.

perl's locking is completly FuBar, since it's impossible to tell what perl
flock() really does, and thus difficult to write code in other languages
that interoperates with perl's locking. (Let alone interoperating with
existing fcntl locking from perl...)

In this particular case, I think I was able to find a way to avoid the
insanity, mostly. The C code does a true flock(2), and if perl is using an
incompatable lock method that does not use the same locking primative at
the kernel level, then the C code's test will fail, and it will go ahead
and run the perl code. Then the perl code's test will test the right thing.

On Debian, at least lately, perl's flock() does a true flock(2), so the
optimisation does work.
2008-10-26 15:13:04 -04:00
Joey Hess e75818572f function injection overhaul
Add an inject function, that can be used by plugins that want to replace
one of ikiwiki's functions with their own version. (This is a scary thing
that grubs through the symbol table, and replaces all exported occurances
of a function with the injected version.)

external: RPC functions can be injected to replace exported functions.

Removed the stupid displaytime hook, and use injection instead.
2008-10-21 17:57:19 -04:00
Joey Hess fd9393ef85 add displaytime hook
Need to use a hook because an exported function cannot be reliably
overridden. The replacement verstion was actually only affecting plugins
loaded after it.

formattime doesn't need a hook, since there's no reason to export it.
2008-10-19 20:12:37 -04:00
Joey Hess 2b569f99d9 fix relativedate timezone inclusion
The machine parseable date needs to include a timezone.

Also, simplified the interface for date display.
2008-10-19 19:21:44 -04:00
Joey Hess 594243d615 update 2008-10-17 21:59:27 -04:00
Joey Hess 1a86717284 response 2008-10-17 21:02:12 -04:00
Joey Hess 7390a7a072 relativedate: New javascript-alicious plugin that makes all dates display relative, in a very nice way, if I say so myself. 2008-10-17 20:47:32 -04:00
Joey Hess 79b376f991 Add an underlay for javascript, and add ikiwiki.js containing some utility code.
* Add an underlay for javascript, and add ikiwiki.js containing some utility
  code.
* toggle: Stop embedding the full toggle code on each page using it, and
  move it to toggle.js in the javascript underlay.
2008-10-17 20:28:18 -04:00
Joey Hess de65a62501 releasing version 2.67 2008-10-17 13:17:31 -04:00
Joey Hess d3ca495e61 lockedit: Support specifying which users (and IP addresses) a page is locked for. This supports most of the ACL type things users have been wanting to be done. Closes: #443346 (It does not control who can read a page, but that's out of scope for ikiwiki.) 2008-10-08 17:47:38 -04:00
Joey Hess 836a522c81 releasing version 2.66 2008-10-05 19:24:38 -04:00
Joey Hess b5bc0e812d don't say rebuilding wiki when refreshing
If run w/o --refresh, it should still say "refreshing wiki", if there's no
setup file specifed.
2008-09-30 15:40:08 -04:00
Joey Hess 0ca14589f3 close 2008-09-30 12:58:17 -04:00
Joey Hess bb4211e326 avoid unnecessarily rebuilding pages with complex conditionals
I noticed that ikiwiki/formatting was beilg rebuilt when any page changed.
This turned out to be because it contained a complex conditional
"enabled(foo) or enabled(bar)", and the conditional plugin did not notice
that this consisted only of enabled() tests, and copied it unchanged into
add_depends. Thus, the page's dependencies were satisfied by any page
change.

The fix is to beef up the parser so that it can handle that and more
complex conditionals, and detect if they consist only of such tests.
2008-09-29 18:05:39 -04:00
Joey Hess 1f1867a6fc update 2008-09-29 17:26:39 -04:00
Joey Hess 2ff3c8aee7 editpage: Be more aggressive (and less buggy) about cleaning up temporary files rendered during page preview. 2008-09-27 18:02:33 -04:00
Joey Hess a5d3acd37c Add %wikistate, which is like %pagestate except not specific to a given page, and is preserved across rebuilds. 2008-09-27 16:45:27 -04:00
Joey Hess 61426a7186 Reorganize index file, add a format version field.
Upgrades to the new index format should be transparent.

The version field is 3, because 1 was the old textual index, 2 was the
pre-versioned format.

This also includes some efficiency improvements to index loading, by
not copying a hash and using a reference.
2008-09-27 16:35:56 -04:00
Joey Hess 9ec9d6901d Export pagetitle, titlepage, linkpage. 2008-09-27 14:27:42 -04:00
Joey Hess b127e86b35 releasing version 2.65 2008-09-24 18:14:09 -04:00
Joey Hess 89c965e79e already present 2008-09-19 12:59:21 -04:00
Joey Hess 51f19ca4c8 releasing version 2.64 2008-09-14 17:15:38 -04:00
Joey Hess e62e735277 update 2008-09-11 18:56:22 -04:00
Joey Hess 6f46cc3b31 progress: New plugin to generate progress bars (willu) 2008-09-09 14:44:58 -04:00
Joey Hess 0f67e7d969 editpage: New core plugin factoring out page editing to allow disabling it if desired. 2008-09-05 13:57:25 -04:00
Joey Hess d2679de965 For fine control over what characters are allowed, unescaped in source filenames, the wiki_file_chars setting is added. For example, set to "-[:alnum:]+/._" to disable colons from being used in source files (which can cause trouble om Windows). 2008-09-04 14:13:10 -04:00
Joey Hess dfea7fa1ac releasing version 2.62.1 2008-08-28 13:08:20 -04:00
Joey Hess 90b8535b57 releasing version 2.62 2008-08-27 15:40:42 -04:00
Joey Hess 69e35d3c51 willu's teximg changes
* teximg: The prefix is configurable, and has changed to not include the
  nonstandard mhchem by default. (willu)
* teximg: dvipng is used if available to render images. Its output is
  antialiased and better than dvips. If not available, the old dvips+convert
  chain will be used. (willu)
* Drop suggests on texlive-science, add suggests on dvipng.
2008-08-24 15:21:51 -04:00
Joey Hess e910acfbc9 i10n auto.setup 2008-08-21 22:49:50 -04:00
Joey Hess 0ab3ed872b releasing version 2.61 2008-08-14 21:11:45 -04:00
Joey Hess b39b92c0a6 releasing version 2.60 2008-08-12 14:28:13 -04:00
Joey Hess adc2eb3d8c Options set in the setup file are now immediatly loaded by ikiwiki -setup. This allows later switches to override them. Previously, setup file options overrode most command line options. 2008-08-06 01:58:04 -04:00
Joey Hess 11a4ad8a4d add a guard against multiple cgi or rcs wrappers 2008-08-05 21:02:18 -04:00
Joey Hess 4405cebd0a add advanced and basic modes 2008-08-03 14:57:24 -04:00
Joey Hess 4708aeceb3 websetup form display done 2008-08-02 16:41:37 -04:00
Joey Hess 25c35b6e90 banned_users move to setup file, stage 1 2008-08-01 17:39:17 -04:00
Joey Hess bb394fdae8 admin prefs move to setup file, stage 1
The locked pages configuration is moving to a locked_pages option in the
setup file, and the allowed attachments configuration to
allowed_attachments. The admin prefs page can still be used for these, but
that's depreacted and will only be shown if there's currently a value.
2008-08-01 16:45:04 -04:00
Joey Hess 0f312d152e releasing version 2.56 2008-07-31 19:29:29 -04:00
Joey Hess a71b9a1cf1 fix feed urls
The fix for colons involved adding "./" to some urls. Due to the weird way
inline called urlto, these snuck into feed urls and permalinks. Fix it by
adding an optional third parameter to urlto.
2008-07-25 16:16:44 -04:00
Joey Hess af5299677e comments 2008-07-25 15:53:46 -04:00
Joey Hess 7befc6deb3 link fixup on rename working 2008-07-23 19:12:05 -04:00
Joey Hess d76c10cba2 Split out error messages from editpage.tmpl into several separate templates. 2008-07-22 19:58:34 -04:00
Joey Hess fede380a89 releasing version 2.54 2008-07-21 11:19:01 -04:00
Joey Hess ffc99f5904 switch preprocess hooks to use error function 2008-07-13 15:05:34 -04:00
Joey Hess e3c0e49774 only htmlize errors when cgi is actually running 2008-07-12 23:23:25 -04:00
Joey Hess 8b00c9523d whitespace 2008-07-11 06:09:34 -04:00
Joey Hess e798633159 releasing version 2.53 2008-07-09 16:59:53 -04:00
Joey Hess 06709cdf31 improve error message if virus checker fails w/o output 2008-07-09 16:53:03 -04:00
Joey Hess 3e8abb8b53 response 2008-07-08 18:35:48 -04:00
Joey Hess d1a42616c5 releasing version 2.52 2008-07-06 19:24:09 -04:00
Joey Hess 05124f9a86 editpage escaping fixes
* The editpage form now uses the raw page name, not the page title, in its
  'page' cgi parameter. Using the title was ambiguous and made it
  impossible to tell between some pages, like "foo/bar" and "foo__47__bar",
  sometimes causing the wrong page to be edited.
* This change means that some edit links need to be updated.
  Force a rebuild on upgrade to this version.
* Above change also allowed really fixing escaped slashes from the blogpost
  form.
2008-07-06 15:52:04 -04:00
Joey Hess 8d3f65c293 typo 2008-07-02 18:22:49 -04:00
Joey Hess b66f9a1981 call format hooks when generating page previews
* toc: Revert change in 2.45 that made it run at sanitize time. This breaks
  use of toc in a sidebar.
* Call format hooks when generating page previews, thus fixing toc display
  there, as well as fixing inlins to again display in page previews, since
  it's started using format hooks. This also allows several other things,
  like embed, that use format hooks, to work during page preview time.
* Format hooks should not rely on getting an entire html document, as they
  will only get the body during page preview.
* toggle: Deal with preview mode when adding javascript.
2008-06-28 23:08:24 -04:00
Joey Hess 00ca6f042e releasing version 2.50 2008-06-13 15:22:56 -04:00
Joey Hess f6b47b0d1c img: Support captions. 2008-06-07 23:45:40 -04:00
Joey Hess 3215b5a982 finishing touches on the new search plugin
- Add a Help link.
- If the pageterm is too long, hash it.
2008-06-04 15:24:28 -04:00
Joey Hess 27376abb3c also decode html entities in the title 2008-06-04 01:50:51 -04:00
Joey Hess 1dddec0ba9 Pass a destpage parameter to the sanitize hook.
Because the search plugin needed it, also because it's one of the few
plugins that didn't already have it.

I also considered adding it to htmlize, but I really cannot imagine caring
what the destpage is when htmlizing. (I'll probably be poven wrong later.)
2008-06-04 01:24:23 -04:00
Joey Hess 1546b48b97 move indexing to sanitize hook
I think this will give better results overall.

I made %IkiWiki::preprocessing accessible and used it to avoid indexing
at unnecessary points.
2008-06-04 00:58:46 -04:00
Joey Hess ce826411b2 more search improvements 2008-06-04 00:38:40 -04:00
Joey Hess 1715c0399e updated French translation 2008-05-30 18:17:50 -04:00
Joey Hess e943812dc9 hashed password support, and empty password security fix
This implements the previously documented hashed password support.

While implementing that, I noticed a security hole, which this commit
also fixes..
2008-05-30 17:35:34 -04:00
Joey Hess 6b68c6ff72 releasing version 2.47 2008-05-25 14:28:33 -04:00
Joey Hess 344b50d783 releasing version 2.46 2008-05-12 20:57:28 -04:00
Joey Hess b144831e46 pinger/pingee now tested and working 2008-05-06 19:06:53 -04:00
Joey Hess 1f88cad3a2 aggregate: Add support for web-based triggering of aggregation for people stuck on shared hosting without cron. (Sheesh.) Enabled via the `aggregate_webtrigger` configuration optiom. 2008-05-05 20:20:45 -04:00
Joey Hess 545054c356 releasing version 2.45 2008-05-05 15:17:44 -04:00
Joey Hess 3a9dfb8361 enhancesments for shared hosting
* Add a Bundle::Ikiwiki to the source for use with CPAN to install *all*
  the modules ikiwiki can use.
* Add a cpan directory containing a CPAN::MyConfig that can ease use of
  CPAN to install in a home directory on shared hosting providers.
* With these changes, it's pretty easy to install onto nearlyfreespeech.net
  and probably other shared hosting providers like dreamhost. Added
  a tip page documentng the process for nearlyfreespeech.
2008-05-05 14:51:26 -04:00
Joey Hess b2dea99417 Fix ugly display when editing a page that has vanished.
srcfile now has an optional second parameter to avoid it throwing an error
if the source file does not exist.
2008-05-02 13:02:07 -04:00
Joey Hess 41ee809bf7 releasing version 2.44 2008-04-24 13:52:32 -04:00
Joey Hess 18cb252e74 releasing version 2.43 2008-04-16 18:44:58 -04:00
Joey Hess 72b5ef2c5f Fix CSRF attacks against the preferences and edit forms. Closes: #475445
The fix involved embedding the session id in the forms, and not allowing the
forms to be submitted if the embedded id does not match the session id.

In the case of the preferences form, if the session id is not embedded,
then the CGI parameters are cleared. This avoids a secondary attack where the
link to the preferences form prefills password or other fields, and
the user hits "submit" without noticing these prefilled values.

In the case of the editpage form, the anonok plugin can allow anyone to edit,
and so I chose not to guard against CSRF attacks against users who are not
logged in. Otherwise, it also embeds the session id and checks it.

For page editing, I assume that the user will notice if content or commit
message is changed because of CGI parameters, and won't blndly hit save page.
So I didn't block those CGI paramters. (It's even possible to use those CGI
parameters, for good, not for evil, I guess..)

The only other CSRF attack I can think of in ikiwiki involves the poll plugin.
It's certianly possible to set up a link that causes the user to unknowingly
vote in a poll. However, the poll plugin is not intended to be used for things
that people would want to attack, since anyone can after all edit the poll page
and fill in any values they like. So this "attack" is ignorable.
2008-04-10 16:35:30 -04:00
Joey Hess f6bd81db15 Added a hardlink option in the setup file, useful if the source and dest are on the same filesystem and the wiki includes large media files, which would normally be copied, wasting time and space. 2008-03-29 21:02:47 -04:00
Joey Hess 862ca19eb1 truncate recentchangesdiffs after 200 lines
This works around a perl crasher bug, and also avoids bloating pages
with enormous diffs.

rcs_recentchanges modified to return a list in an array context.
2008-03-12 15:45:10 -04:00
Joey Hess f7bdc2385d * Use forcebaseurl to make page previews be displayed with the html base
set to the destination page. This avoids need for hacks to munge the urls
  in preview mode, which fixes several bugs.
* Several destpage fixes in plugins.
2008-03-12 14:21:48 -04:00
Joey Hess c9df38fe33 response 2008-03-03 16:01:16 -05:00
Joey Hess d93aaed791 * Add recentchangesdiff plugin that adds diffs to the recentchanges feeds.
* rcs_diff is a new function that rcs modules should implement.
* Implemented rcs_diff for git, svn, and tla (tla version untested).
  Mercurial and monotone still todo.
2008-03-03 15:53:34 -05:00
Joey Hess bd55d276b3 Fix links generated by preprocessor directives when previewing.
As was already done for linkfication, links generated in a prevew page
are relative to the top of the wiki, so it has to be told that the destpage
is there.

I was using "" to indicate this, but that may confuse some preprocessor
plugins, which treat parameters with an empry value specially (sparkline is one
such). Instead, use "/", which is more accurate anyway and works just as well.
2008-02-24 16:37:11 -05:00
Joey Hess d14bde197e * Disable taint checking for all builds as people keep complaining about it,
and since all versions of perl seem to be hopelessly broken.
2008-02-24 15:42:43 -05:00
Joey Hess 1de1fb15a0 * camelcase: Convert to use new linkify and scan hooks rather than the old
hack.
2008-02-11 23:04:19 -05:00
Joey Hess 4763514861 * Add the linkify and scan hooks. These hooks can be used to implement
custom, first-class types of wikilinks.
* Move standard wikilink implementation to a new wikilink plugin, which
  will of course be enabled by default.
2008-02-11 22:48:27 -05:00
Joey Hess 1eeb683f1a releasing version 2.31 2008-02-10 01:11:48 -05:00
Joey Hess 9d54cc4659 implement aggregate_locking design
Now aggregation will not lock the wiki. Any changes made during aggregaton are
merged in with the changed state accumulated while aggregating. A separate
lock file prevents multiple concurrent aggregators. Garbage collection
of orphaned guids is much improved. loadstate() is only called once
per process, so tricky support for reloading wiki state is not needed.

(Tested fairly thuroughly.)
2008-02-03 16:48:26 -05:00
Joey Hess ac58aa804e update po files 2008-02-03 15:02:34 -05:00
Joey Hess b3290c64ca announce no more mail notifications on this wiki 2008-01-29 18:48:01 -05:00
Joey Hess 3803266b8f merged the recentchanges branch
misc fixes
2008-01-29 17:50:11 -05:00
Joey Hess 64a8c828b8 * meta: Add pagespec functions to match against title, author, authorurl,
license, and copyright. This can be used to create custom RecentChanges.
* meta: To support the pagespec functions, metadata about pages has to be
  retained as pagestate.
* Fix encoding bug when pagestate values contained spaces.
2008-01-29 17:16:51 -05:00
Joey Hess 8b31c53366 added configuration for recentchanges
I kept it to a simple global configuration, rather than using the
preprocessor directive for recentchanges, because that had chicken and egg
problems and seemed overcomplicated. This should work reasonably well,
though it would be good to add some more metadata so that more customised
recentchanges pages can be made.
2008-01-29 15:51:32 -05:00
Joey Hess cabd5140c4 add code to delete old change pages 2008-01-29 15:22:23 -05:00
Joey Hess 85eb1abc61 typo 2008-01-29 04:45:54 -05:00
Joey Hess 01461d3537 releasing version 2.20 2008-01-10 14:58:47 -05:00
Joey Hess 141d363888 In preferences, allow the subscriptions and email fields to be cleared 2008-01-09 17:59:56 -05:00