Simon McVittie
3560460eb6
comments: don't interpolate IP into anonymous user's "name"
...
If an admin wants the IP in the comment display template they can still
get it (the default template shows it).
2008-12-11 21:14:05 +00:00
Simon McVittie
c038734986
comments_display.tmpl: use less nice formatting to avoid whitespace in output
2008-12-11 21:14:05 +00:00
Simon McVittie
370c1b87c9
comments_display.tmpl: preferentially use confirmed username, but fall back to claimed author if unauthenticated
...
This still isn't quite right (it displays the IP address twice if the user
doesn't specify a name).
2008-12-11 21:14:05 +00:00
Simon McVittie
1698364da0
comments: fix invocation of possibly_foolish_untaint
2008-12-11 21:14:05 +00:00
Simon McVittie
f29a607025
comments_form.tmpl: show labels for name, website
2008-12-11 21:14:05 +00:00
Simon McVittie
fbf145ca3f
comments: avoid warning if there's no subject
2008-12-11 21:14:05 +00:00
Simon McVittie
a5889912b3
comments: Optionally allow anonymous commenters to set their name/URL.
...
Also provide a way for the comment template to pick up the verified
username/IP.
2008-12-11 21:14:05 +00:00
Simon McVittie
0a69c7ed56
comments: Remove some dead code
2008-12-11 21:14:05 +00:00
Simon McVittie
44a7d77a30
comments: rename main field to "editcontent" consistent with editpage
...
This has the side-effect that Ikiwiki's default style.css gives the text
box 100% width.
2008-12-11 21:14:05 +00:00
Simon McVittie
edb69335f2
comments: instead of hard-coding mdwn, allow any supported page format
2008-12-11 21:14:05 +00:00
Simon McVittie
9af0f04df3
comments: Save comments as a file with one big [[!comment]] directive.
...
This delays all comment formatting until the last possible time, allows
us to set metadata without worrying that commenters may be able to evade
it, and means that changes to how a comment is saved can be handled
gracefully. It also gives us somewhere to put the commenter's username
or IP address for later reference.
2008-12-11 21:14:05 +00:00
Simon McVittie
6a986a8a0b
Remove dead code for preprocessing [[!comments]]
2008-12-11 21:14:05 +00:00
Simon McVittie
1d696aef2c
comments: Duplicate logic and CGI hook from recentchanges to link user pages correctly
2008-12-11 21:14:05 +00:00
Simon McVittie
f88870f102
Qualify name of formattime() correctly
2008-12-11 21:14:04 +00:00
Simon McVittie
80e84e32bf
Delay checking for session expiry til we actually post a comment
2008-12-11 21:14:04 +00:00
Simon McVittie
24bfc3fdc5
comments: record the time at which each comment was posted
2008-12-11 21:14:04 +00:00
Simon McVittie
e66e2c2a7e
comments: Use a checkconfig hook to get the default value of comments_pagename
2008-12-11 21:14:04 +00:00
Simon McVittie
8ead8ac857
Remove comments_embed.tmpl (no longer needed)
2008-12-11 21:14:04 +00:00
Simon McVittie
4ff161ba0b
comments: render comments/commenturl in page.tmpl
2008-12-11 21:14:04 +00:00
Simon McVittie
49eabc676a
comments: use global config to decide whether commenting is allowed, and for name of page
...
Also:
* decide comment page name sooner
* set permalink on it
2008-12-11 21:14:04 +00:00
Simon McVittie
a9b0b3da5f
comments: use global configuration for allow_directives, commit, and pagename
2008-12-11 21:14:04 +00:00
Simon McVittie
d35a2bd2de
comments: Add some global configuration
2008-12-11 21:14:04 +00:00
Simon McVittie
4972baac4d
comments: make preprocess a no-op
2008-12-11 21:14:04 +00:00
Simon McVittie
1c1437995c
page.tmpl: optionally include "add comment" link
2008-12-11 21:14:04 +00:00
Simon McVittie
8776c76e32
comments_comment.tmpl: allow permalink, anchor to be passed in
2008-12-11 21:14:04 +00:00
Simon McVittie
c9bb8b03a4
comments: document what linkuser does
2008-12-11 21:14:03 +00:00
Simon McVittie
404792c618
comments: add a stub pagetemplate hook to show the comments
2008-12-11 21:14:03 +00:00
Simon McVittie
3abfc1d71c
comments: Use HTML entities to escape directives
2008-12-11 21:14:03 +00:00
Simon McVittie
430ac61f21
Embed comments into comments_embed.tmpl rather than concatenating in perl
2008-12-11 21:14:03 +00:00
Simon McVittie
3a46e7c7f1
comments_embed.tmpl: include the inlined comments if present
2008-12-11 21:14:03 +00:00
Simon McVittie
286dbb0541
comments: use CGI module's checksessionexpiry
2008-12-11 21:14:03 +00:00
Simon McVittie
9a6005a212
editpage: factor out checksessionexpiry into IkiWiki::CGI
2008-12-11 21:14:03 +00:00
Simon McVittie
0df983c5a7
Add comments to page.tmpl
2008-12-11 21:14:03 +00:00
Simon McVittie
cb5aaa3cee
htmlbalance: don't compact whitespace, and set misc other options
...
Not compacting whitespace is the most important one: now that we run
sanitize hooks on individual posted comments in the comments plugin,
whitespace that is significant to Markdown (but not HTML) is lost.
2008-12-11 21:14:03 +00:00
Simon McVittie
249ea2ed75
comments: remove allowhtml option, just switch it on all the time
...
Now that posts are individually sanitized, that should be safe.
2008-12-11 21:14:03 +00:00
Simon McVittie
4663f364bb
comments: load inline and mdwn lazily
2008-12-11 21:14:03 +00:00
Simon McVittie
9d92fd5eb0
comments: don't rely on mdwn getting loaded first
2008-12-11 21:14:03 +00:00
Simon McVittie
ebe140201e
comments: sanitize the body of each comment before posting it
...
This should ensure that users can't "break out" from the enclosing
<div>, making it impossible to forge comments (assuming htmlscrubber
is enabled, and so is either htmlbalance or htmltidy).
2008-12-11 21:14:03 +00:00
Simon McVittie
57e40b9ce5
Fix typo that led to comments being blanked
2008-12-11 21:14:02 +00:00
Simon McVittie
3d4aa065d6
postcomment: Rename plugin to comments, use *._comment files
...
The PageSpec is still called "postcomment" since that's what it means.
2008-12-11 21:14:02 +00:00
Simon McVittie
3c9ccb406b
Rename smcvpostcomment plugin to postcomment to propose for inclusion
2008-12-11 21:14:02 +00:00
Simon McVittie
b7db3444a5
smcvpostcomment: allow commenting to be closed
2008-12-11 21:14:02 +00:00
Simon McVittie
f49603bf86
smcvpostcomment: import other plugins lazily and remove unnecessary use of CGI
2008-12-11 21:14:02 +00:00
Simon McVittie
2857b301e7
smcvpostcomment_*.tmpl: make class names match template names
...
Also put "posting comments disabled" in [], and change "Page preview"
to "Comment preview".
2008-12-11 21:14:02 +00:00
Simon McVittie
442e4e7e12
smcvpostcomment: allow inlining to be disabled, and pass through atom etc. better
2008-12-11 21:14:02 +00:00
Simon McVittie
bb4eb07bdd
smcvpostcomment: make allowhtml etc. configurable, and don't allow commenting on pages where comments have never been allowed
2008-12-11 21:14:02 +00:00
Simon McVittie
d18adfb1ad
smcvpostcomment: indicate in form whether HTML and directives are allowed
2008-12-11 21:14:02 +00:00
Simon McVittie
1bd1b03766
smcvpostcomment: remove HTML if not allowed
2008-12-11 21:14:02 +00:00
Simon McVittie
660a4ef151
smcvpostcomment: always allow wikilinks, and do access control
...
wikilinks are harmless, so we might as well allow them.
Access control for this plugin is a bit odd, since we specifically
don't want to allow comments to be edited - so the check is whether the
user is allowed to edit a deliberately invalid page name,
page/commented/on[smcvpostcomment]. You can put smcvpostcomment(*)
or smcvpostcomment(some/subdir/*) in $config{anonok_pagespec}
or the opposite in $config{locked_pages} to allow "editing" (really
just posting) comments.
2008-12-11 21:14:02 +00:00
Simon McVittie
798dea2033
smcvpostcomment: reduce length of subject field
2008-12-11 21:14:02 +00:00